987 KiB
987 KiB
14.10.5 (2022-06-30)
Security (17 changes)
- Fix group IP restrictions not enforced for container registry requests (merge request)
- Update rack gem to version 2.2.3.1 (merge request)
- Gitlab Runner version upgrade (merge request)
- Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
- Escape deploy key title to prevent XSS (merge request)
- Sanitize ZenTao breadcrumb links (merge request)
- Fix permissions in the project labels API (merge request)
- Security fix sentry issue leaks and access level check (merge request)
- Check permissions before exposing user two factor enabled (merge request)
- Filter milestone release by user access (merge request)
- Fix the required access level in the Conan packages finder (merge request)
- Allow inviting only groups with subset of allowed domains to groups (merge request)
- Fix open redirect vulnerability (merge request)
- Adds a filter based on user access to Runner jobs endpoint (merge request)
- Prevent runners from picking IP restricted jobs (merge request)
- Restrict CI lint access to pipeline creators (merge request)
- Catch endless headers when reading HTTP responses (merge request)
14.10.4 (2022-06-01)
Security (7 changes)
- Fix IP restrictions not applying to deploy tokens (merge request)
- Trigger token should respect group IP restrictions (merge request)
- Fix content injection in Jira issue title (merge request)
- Subgroup member can list members of parent group (merge request)
- Do not allow project member import when membership is locked (merge request)
- Disable changing user attributes when updating SCIM provisioned user (merge request)
- Allow only job owner to run interactive terminal (merge request)
14.10.3 (2022-05-20)
Added (1 change)
- Add option to disable seperated caches by @Taucher2003 (merge request)
Fixed (1 change)
14.10.2 (2022-05-04)
Fixed (2 changes)
- Resolve "Fork relationship is not respected for certain projects" (merge request)
- Fix mappings errors for ES6.8 (merge request) GitLab Enterprise Edition
Other (1 change)
14.10.1 (2022-04-29)
Security (14 changes)
- Add suffix to cache name to add isolation (merge request)
- Update Import/Export merge/push access levels & exclude ci config path (merge request)
- Prevent maintainers from editing PipelineSchedule (merge request)
- Add validation to pypi file sha256 values (merge request)
- Conan Token uses PAT rather than ID in payload (merge request)
- [security] Fix markdown API disclosing issue titles of limited projects (merge request)
- Verify that mentioned user can read TODO's note (merge request)
- Invalidate markdown cache to clear up stored XSS (merge request)
- Allow rate limiting of deploy tokens (merge request)
- Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
- Sanitize error input to prevent HTML/CSS injection in messages (merge request)
- Secure debug trace artifact download (merge request)
- Use password type for all secret integration properties (merge request)
- Limit CI job group_name regexp (merge request)
14.10.0 (2022-04-21)
Added (141 changes)
- Add a dropdown to switch language in code blocks (merge request)
- Wraps Jupyter Notebook Diff in a feature flag (merge request)
- Track related epics blocked added on usage data (merge request) GitLab Enterprise Edition
- Optimize followed users queries (merge request)
- Enable feature flag by default (merge request)
- Enable policy type selection page by default (merge request) GitLab Enterprise Edition
- Add DS_IMAGE_SUFFIX to enable Gemnasium FIPS (merge request)
- feat: Add SAST/SD template support for FIPS images (merge request)
- Enable FF ci_trigger_forward_variables (merge request)
- Add gitlab-pages http server timeout options documentation (merge request)
- Namespace onboarding action for license scanning (merge request) GitLab Enterprise Edition
- Enable feature flag by default (merge request) GitLab Enterprise Edition
- Default to the current group when importing from GitHub (merge request)
- Add metrics image UI for Alerts (merge request)
- Extend decomposition prometheus metric with information about CI (merge request)
- Introduce a onboarding_complete setting for GitLab Pages (merge request)
- Nullify dependent associations in batches on user deletion (merge request)
- Add option to add DAST_SUBMIT_FIELD (merge request) GitLab Enterprise Edition
- Default group/project issues list page to Vue refactor (merge request)
- Move arkose settings into database (merge request)
- Bump GitLab Pages to 1.57.0 (merge request)
- Update Security Policy to use FIPS images when FIPS Mode is enabled (merge request) GitLab Enterprise Edition
- Add ttl expiration to user otp_secrets (merge request)
- Implement wiki async page load (merge request)
- Allow uploading audio and video in content editor (merge request)
- Add identifer to response (merge request) GitLab Enterprise Edition
- Implement first iteration of the agents REST API by @tuxtimo (merge request)
- Backfill routes namespace_id for projects (merge request)
- Add periodic re-aggregation worker for VSA (merge request)
- Fire a Snowplow events with its definition on FE (merge request)
- Added MATLAB template by @nbhoski (merge request)
- Add new route for DAST profile library (merge request) GitLab Enterprise Edition
- Allow SKIP=remote option to be specified during backup by @kakakikikeke (merge request)
- Add a feature flag to control when we could prevent users to login (merge request) GitLab Enterprise Edition
- Allow bypassing registration when joining project (merge request) GitLab Enterprise Edition
- Track blocking epics removed on usage data (merge request) GitLab Enterprise Edition
- Add application settings to support inactive project deletion feature (merge request)
- Add epics.relative_position column if missing (merge request)
- Include inherited group links on group members page by @wwwjon (merge request)
- Implement wiki page async load (merge request)
- Add omniauth provider AliCloud by @zhanglinjie (merge request)
- Different copy on trial/registration flow (merge request) GitLab Enterprise Edition
- Add support for the deduplicated container repositories size (merge request)
- Fire a Snowplow events with its definition on BE (merge request) GitLab Enterprise Edition
- Adding FIPS support to DAST API/API Fuzzing latest CI template (merge request) GitLab Enterprise Edition
- Repeat the captcha check during the login (merge request) GitLab Enterprise Edition
- Allow Invitations API to receive user_ids (merge request)
- Add groups release API (merge request)
- Adds container_registry_size to project_statistics (merge request)
- Add not null and delete cascade constraints on project_namespace_id (merge request)
- Enable incremental repository backups (merge request)
- Add minute limit banner (merge request)
- Create unique index on projects namespace_id and name (merge request)
- Add resolve thread to permission table (merge request)
- Add audit events for merge request settings (merge request) GitLab Enterprise Edition
- Support security report schema version 14.1.1 (merge request)
- Add ability to query awaiting billable members (merge request)
- Add arkose verify response details to custom attributes (merge request) GitLab Enterprise Edition
- Implement detailed github status reporting (merge request)
- Allow invitation service to receive user_ids (merge request)
- Create status index for batched migrations (merge request)
- Allow to put migrations on hold for some time (merge request)
- Add dast_submit_field to DAST site profile (merge request)
- Add missing authorization (merge request) GitLab Enterprise Edition
- Add Commit Author to Pipeline List Page by @Taucher2003 (merge request)
- Track blocking epics added on usage ping (merge request) GitLab Enterprise Edition
- Add clear cache button to dependency proxy (merge request)
- Track linked epics removed on usage ping (merge request) GitLab Enterprise Edition
- Added deprecation notice to cluster creation pages (merge request)
- Created new feature flags for free and paid users (merge request) GitLab Enterprise Edition
- Add new CI/CD template for Liquibase by @szandany (merge request)
- Added a clipboard button to the "Branches" page in "Repository" by @DavidRotert (merge request)
- Add changed_by field to API members entities by @remyj38 (merge request)
- Support executable flag in repository files API by @tuxtimo (merge request)
- Adds kind field to JobType (merge request)
- Merge branch 'ahmetkaramercan17-master-patch-18116' into 'master' (merge request)
- awardEmoji: Display custom emoji (merge request)
- Enable Value Stream Analytics consistency check (merge request) GitLab Enterprise Edition
- Create index on
security_findings(scan_id,id) (merge request) - Display the tier of the environment on page (merge request)
- Use the remote ip for the captcha check (merge request) GitLab Enterprise Edition
- Add page size selector to vulnerability report (merge request) GitLab Enterprise Edition
- Add a temporary specialized index on project_namespace_id (merge request)
- Support template button focus state by @ahmetkaramercan17 (merge request)
- Remove pipeline_schedules_with_tags feature flag by @KevSlashNull (merge request)
- Introduce new Group Feature model and database structure (merge request)
- Search the user by username or email (merge request) GitLab Enterprise Edition
- Add collapsed comparer for license_scanning (merge request) GitLab Enterprise Edition
- Add harbor registry list page by @orozot (merge request)
- Add commit diff stats (merge request)
- Fix project name duplicates and missing project namespace ids (merge request)
- Add user limit notification for invite members modal (merge request)
- Add Runner releases API URL to ApplicationSetting (merge request)
- Add link to create group in general project settings (merge request)
- Implement sort param for bulk imports API (merge request)
- Add notification_level to namespace_root_storage_statistics table (merge request)
- Detect projects built for Apple iOS platform (merge request)
- feat: Add CI_GITLAB_FIPS_MODE to predefined CI variables (merge request)
- Add a test group cleanup worker to remove test groups on production (merge request)
- Allow administrators to set active pipelines limits (merge request)
- New Group Runners administration view (merge request)
- Allow restore tasks to be skipped using SKIP (merge request)
- Track api usage of the gitlab cli (merge request)
- Add support for the nested repositories container registry access token (merge request)
- Handle auth error for container registry (merge request) GitLab Enterprise Edition
- Introduce API for Change Failure Rate DORA metric (merge request)
- Added a create cluster page for the FF (merge request)
- Ensure project backfilling has finished (merge request)
- Add endpoint to decide if the ArkoseLabs integration should be triggered (merge request)
- Add delete endpoint for related epics (merge request) GitLab Enterprise Edition
- FIPS SSH key configuration settings (merge request)
- Add creator_id to deploy_tokens (merge request)
- Mark Import trackers as timed out with entities (merge request)
- Add ArkoseLabs verify request service (merge request)
- Add DB Grafana config as application settings (merge request)
- When no iterations are present show empty state by @sstern (merge request) GitLab Enterprise Edition
- Add timeout status to bulk importer (merge request)
- Remove improved_emoji_picker feature flag (merge request)
- Expose github stats in realtime_changes private API (merge request)
- Trigger an email when seat overage occurs (merge request) GitLab Enterprise Edition
- Implement GET API for GATs and PATs by @tuxtimo (merge request)
- Implement history for project imports (merge request)
- Expose import url and status in projects API (merge request)
- Render plantuml/kroki diagrams in content editor (merge request)
- Add "Created on" & "Last activity" columns to groups and projects page (merge request)
- Implement API to get single Project Remote Mirror by @tuxtimo (merge request)
- Extend workers and services to support namespace for Security Policies (merge request) GitLab Enterprise Edition
- Graceful degradation for refs endpoint (merge request)
- Add create endpoint for related epics (merge request) GitLab Enterprise Edition
- Expose
namespace_idin users GET API for admins by @tuxtimo (merge request) - Add Project template for Middleman (merge request)
- Implement DELETE API for Remote Mirrors by @tuxtimo (merge request)
- Add target_id option to TodosMarkAllDone mutation (merge request)
- Add ability to enable SAST at project creation (merge request)
- Implement API to get single MR rule by @tuxtimo (merge request) GitLab Enterprise Edition
- Add
Migration[2.0]that enforcesrestrict_gitlab_migration(merge request) - Allow administrators to change plan limits via the UI (merge request)
- Enable service ping for error tracking features (merge request)
- Show expired security report information on "pipeline security tab" (merge request) GitLab Enterprise Edition
- Send a notification email when a new email address is added by @rpadovani (merge request)
- Include code_coverage in presented build for runner (merge request)
Fixed (147 changes)
- Remove geo database from db_config_names (merge request)
- Fixed spacing for the loading icon in time tracker (merge request)
- Increase the visibility of the keyboard shortcut for Global Search (merge request)
- Update stage name to use truncate (merge request)
- banzai: Get Custom Emoji from group as well (merge request)
- Add scope to CustomEmoji to find emoji for resource (merge request)
- AwardEmoji: Don't look up url for built-in emoji (merge request)
- Fix rendering failure for the 'Verified' badge (merge request)
- Update links to CI/CD docs (merge request)
- Add default scan execution policies stage to pipeline (merge request) GitLab Enterprise Edition
- Move VSA aggregation migration to migrate folder (merge request)
- Enable fix_related_environments_for_merge_requests FF by default (merge request)
- Fix the conditions when we scope to gitlab-org (merge request) GitLab Enterprise Edition
- Use lowercase values in user search ordering (merge request)
- Always select an environment's last deployment by deploy date (merge request)
- Fix infinite activities requests on profile (merge request)
- Adds timeout to notebook rendering (merge request)
- Fix query params parsing when NOT operator is used (merge request) GitLab Enterprise Edition
- Fix regression with logic to add user primary email to emails (merge request)
- Updated the terraform empty state (merge request)
- Allow empty future subscriptions on seat link sync (merge request) GitLab Enterprise Edition
- Fix import button width on Issue list page (merge request)
- Fixes infinite loop when rendering Ipynb Diffs (merge request)
- Merged MR notification: Fix sprintf evaluation by @inakimalerba (merge request)
- Guard against Deployment#deployed_by being nil (merge request)
- Search Autocomplete: Review how icons are generated (merge request)
- Switch from respond_with_navigational to redirect_to (merge request)
- Adds timeout for notebook rendering on CustomDiff (merge request)
- Change
Create commitbutton variant to confirm (merge request) - Remove ci_destroy_all_expired_service feature flag (merge request)
- Fix tooltip and truncation on incident list (merge request)
- Fix "sticky" user popovers (merge request)
- Include *.jira.com in Jira Connect CSP frame ancestors (merge request)
- Fix doc link to code suggestions in MR diff tab (merge request)
- Fix impersonation created_at audit event field (merge request) GitLab Enterprise Edition
- Add validation for invalid protected branches for (merge request) GitLab Enterprise Edition
- Keep edited timestamp when reacting to old notes (merge request)
- Remove early exit to allow marking as complete (merge request)
- Fix scroll to line number (merge request)
- Change pipeline status to canceled (merge request)
- Fix Value Stream Analytics doc links (merge request) GitLab Enterprise Edition
- Change button variant to confirm (merge request) GitLab Enterprise Edition
- Add ability to pre/post-date audit events (merge request)
- Fix undefined method error for Compare, Commit controllers (merge request)
- Do not try to update a deleted record (merge request)
- Hide New Epic button on boards for guest users (merge request) GitLab Enterprise Edition
- Fix Licensee::InvalidLicense exception (merge request)
- Revert mergeability check changes (merge request)
- Add the ability to parse CWE-{number} format (merge request) GitLab Enterprise Edition
- Fix required data for referenced commands (merge request)
- Fix missing clear cache text inside the dependency proxy dropdown (merge request)
- Add search keyboard shortcut to docs (merge request)
- Fix for code search bug in Safari when zoomed (merge request)
- Fix the rubygems extraction service to not create subtransactions (merge request)
- Fix package file cleanup worker with PyPI files (merge request)
- Fix stale object error in Environment Stop (merge request)
- Remove Milestone token wildcard values (merge request) GitLab Enterprise Edition
- Fix incorrect empty state for filtered tag list (merge request)
- Reconfigure DB load balancing connection on code reload (merge request)
- Fix URL blocker when object storage enabled but type is disabled (merge request)
- Count nil artifact size as zero when recalculating (merge request)
- Remove FF ci_fix_order_of_subsequent_jobs (merge request)
- Remove pending builds from the queue on conflict (merge request)
- Add polling for commit pipeline status (merge request)
- Include X-Forwarded-Host when proxying and rewriting Host in Workhorse (merge request)
- Fixed UX bug in agent creation modal (merge request)
- Do not use GOPATH in default CI template (merge request)
- Move checks from mergeable to mergeable_state? (merge request)
- Use article tag on embedded snippets by @joshbouganim (merge request)
- Fix iteration dates adding timezone offset (merge request) GitLab Enterprise Edition
- Add polling to commit box graph (merge request)
- Add customers-dot URL to CSP not only in dev (merge request)
- Preserve sibling elements in settings search (merge request)
- Show quick actions link when editing comments (merge request)
- Test scanner creation (merge request) GitLab Enterprise Edition
- Fix null argument handling in background migration Rake task (merge request)
- Quote project key in Jira JQL queries (merge request) GitLab Enterprise Edition
- Handle commit being nil (merge request)
- Check task with no-break space by @tchandelle (merge request)
- Avoid milestone icon shrinking (merge request)
- Update BulkImports::EntityWorker deduplication strategy (merge request)
- Handle nil values in Grape length limit validator (merge request)
- Add SAML default membership asynchronously (merge request)
- Set account string when 2fa creation fails (merge request)
- Fix scope of project export download throttling by @eggerd (merge request)
- Preload group root ancestor for Group Projects API (merge request)
- Update secret detection template to remove fetch on historic scan (merge request)
- Fix bug when decrementing open MR count (merge request)
- Do not schedule project import when migrating using GitLab Migration (merge request)
- Mark token encryption job as completed when there are no users (merge request)
- Allow ConnectionNotEstablished for DB rake tasks using validate_config (merge request)
- Fix link deletion (merge request)
- Allow auditor to view group VSA analytics (merge request) GitLab Enterprise Edition
- Allow auditor to read group contribution analytics (merge request) GitLab Enterprise Edition
- Handle escaped underscores in usernames (merge request)
- Fix 500 error when visiting a non-existing integration (merge request)
- Expire relevant ETag caches for realtime_changes endpoints (merge request)
- Allow auditor to view repository analytics (merge request) GitLab Enterprise Edition
- Fix GraphQL pagination for vulnerabilities (merge request) GitLab Enterprise Edition
- Use cached column list for members union query (merge request)
- Add unique keyField for Blob types (merge request)
- Allow auditor to view devops adoption analytics (merge request) GitLab Enterprise Edition
- Fixed
receiveDashboardValidationWarningsFailureby @gotounix (merge request) - Handle BulkImports::ExportStatus incorrect export status value (merge request)
- Refactor environment empty state to use scope (merge request)
- Remove attempted redirection on non-HTML requests (merge request)
- Fix project permission toggle behavior (merge request)
- Fix project permission toggle behavior
- Fixed crm db seed trying to seed non-root groups by @leetickett (merge request)
- Don't include compliance pipeline definition in scheduled security orchestration pipelines (merge request) GitLab Enterprise Edition
- Fix code quality report display by @nanmu42 (merge request)
- Raise exception when gitaly-backup could not be found (merge request)
- Replace success variant with the confirm (merge request) GitLab Enterprise Edition
- Updated ComplianceViolation merged_at where checks to use DATE() (merge request) GitLab Enterprise Edition
- Fix missing metrics for Sidekiq exporter server (merge request)
- Fix incorrect new group path in import history (merge request)
- Scope Geo replication details progressbar popup target by site ID (merge request) GitLab Enterprise Edition
- Allow auditor to view grop productivity analytics (merge request) GitLab Enterprise Edition
- Fix credentials detection for UrlSanitizer (merge request)
- Revert Protected Environment group access inheritence (merge request)
- Add an example path for gitaly_backup_path setting (merge request)
- Suggestions: use template from target project instead of source project by @trakos (merge request)
- Fix issue with delete project container text (merge request) GitLab Enterprise Edition
- Fix error in table when text is too long (merge request)
- Ensure ci_environment_status always return latest deployment status (merge request)
- Fix create issue in board with weight (merge request) GitLab Enterprise Edition
- Fix GraphQlController not logging sessionless user (merge request)
- Limit audit events controller to 31 days date range (merge request) GitLab Enterprise Edition
- Fix ComplianceViolationResolver pagination with sorting (merge request) GitLab Enterprise Edition
- Fix PA for projects in nested groups (merge request) GitLab Enterprise Edition
- Improve topic avatar copy (merge request)
- Handle CRM objects when moving groups by @leetickett (merge request)
- Always pass data payloads as a hash for hooks (merge request)
- Adding a forced UTF-8 conversion to prevent encoding errors (merge request)
- Allow admins to invite groups they are not a member of for group (merge request)
- Update manual job message for protected jobs (merge request) GitLab Enterprise Edition
- Use last focused markdown field for quoted reply (merge request)
- Retain membership record for a personal project’s owner after transfer (merge request)
- Improve backup logging (merge request)
- Refetch runners list data after runner is updated (merge request)
- Fix markdown header toolbar showing in compact preview view (merge request)
- Fix vulnerability list clearing when already-selected filter is clicked (merge request) GitLab Enterprise Edition
- Upgrade rack-proxy to v0.7.2 (merge request)
- Convert seconds to minutes for the shared runner usage chart (merge request) GitLab Enterprise Edition
- Fix NoMethodError for CommitController (merge request)
- Fix backups not working when feature_flags table does not exist (merge request)
- SAST flawfinder + semgrep: add missing extensions by @blueur (merge request)
Changed (227 changes)
- Geo Sites - Empty Search State (merge request) GitLab Enterprise Edition
- Use GlAvatar in environments dashboard (merge request)
- Reduce size of file header buttons (merge request)
- Remove setting link from branches page (merge request)
- Bump Gitaly to v14.10.0.pre.rc1 by @nick.thomas (merge request)
- Downgrade coverage-check approval rule to premium (merge request) GitLab Enterprise Edition
- Migrate localization checkbox (merge request)
- Remove security_scan_succeeded from code by @svdj (merge request) GitLab Enterprise Edition
- Make OmniAuth initializer return Geo proxied URL when it exists (merge request) GitLab Enterprise Edition
- Replace generic checkbox with GitLab UI component (merge request) GitLab Enterprise Edition
- This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
- Update variant to confirm (merge request)
- Use GlBroadcastMessage in Broadcast Message admin settings page (merge request)
- Change snippet award emoji state from active to selected (merge request)
- Disable image deletion during registry migration (merge request)
- Use Pajamas components for checkboxes in webhook forms (merge request)
- Update GITLAB_KAS_VERSION to 14.10.0 (merge request)
- Update icon to long arrow (merge request)
- Pass hash instead of URI to Elasticsearch client (merge request) GitLab Enterprise Edition
- Port checkboxes in spam settings to pajamas (merge request)
- Add spotbugs to analyzer order (merge request)
- Update variant to confirm (merge request)
- Allow invitations API to handle user invites as well as emails (merge request)
- Use pajamas checkbox for group owners can manage default branch checkbox (merge request)
- Migrate button to GlButton variants (merge request)
- Updates checkboxes in Admin -> Settings -> General (merge request)
- Use Pajamas styled checkbox in Admin help page form (merge request)
- Migrate checkboxes on user preferences page to be Pajamas compliant (merge request)
- Change variant to confirm (merge request) GitLab Enterprise Edition
- Update auto-deploy-image to v2.23.0 (merge request)
- Change delete project confirmation modal to default size (merge request)
- Migrate checkboxes on admin group edit page to be Pajamas compliant (merge request)
- Change subgroups to use official
subgroupicon (merge request) - Prevent global user searches (merge request)
- Move diff overflow warning into component (merge request)
- Add more helpful error when not authorized to update (merge request)
- Hide IP Address label when no space is available (merge request)
- Re-backfill escalation statuses (merge request)
- Update monitor deprecation notices (merge request)
- Update unprotect branch button variant and size (merge request)
- Update checkbox third party offers to be Pajamas compliant (merge request)
- Migrate checkboxes on user notifications page to be Pajamas compliant (merge request)
- Migrate pipeline setting checkbox to Pajamas design system (merge request)
- Use pajamas checkbox for appearance header and footer form (merge request)
- Improve readability for MR review emails (merge request)
- Update brand header logo to match tanuki height (merge request)
- Port admin hooks form to be pajamas compliant (merge request)
- Migrate account limits checkboxes (merge request)
- Update corpus management file size formatting to appear cleaner (merge request) GitLab Enterprise Edition
- Migrate admin pages settings to GitLab UI (merge request)
- Replace generic checkbox with GitLab UI element (merge request)
- Replace generic checkbox with GitLab UI component (merge request)
- Replace generic chackbox with GitLab UI element (merge request)
- Enable vulnerability_reads_table by default (merge request) GitLab Enterprise Edition
- Replace generic checkbox with GitLab UI component (merge request)
- Allow unconfirmed users in non-admin searches (merge request) GitLab Enterprise Edition
- Replace generic checkbox with GitLab UI element (merge request)
- Run all deployment jobs for the common pipeline with same environment (merge request)
- Replace generic checkbox with GitLab UI component (merge request)
- Remove group_import_export feature flag (merge request)
- Migrate checkbox for performance optimization settings (merge request)
- Recommend Helm for installing the GitLab agent (merge request)
- Read encrypted properties (merge request)
- Use Pajamas checkbox for ldap_access_setting.html.haml (merge request) GitLab Enterprise Edition
- Geo status: Explicate item counts (merge request) GitLab Enterprise Edition
- Add GlButton classes to complete button migration (merge request)
- Change button label (merge request)
- Add remaining storage size to namespace storage email notification (merge request)
- Make WebIDE dropdown fullwidth (merge request)
- Modify container-scanning template to automatically apply
FIPSimage (merge request) - This MR adds info badge to DAST configuration card (merge request) GitLab Enterprise Edition
- Move Alerts metric image API to CE (merge request)
- Migrate form checkbox in the Grafana admin settings (merge request)
- This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
- This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
- Add help link for escalation status dropdown (merge request) GitLab Enterprise Edition
- Use GlAvatar in environments dashboard (merge request)
- Enable vulnerability_report_pagination feature flag by default (merge request) GitLab Enterprise Edition
- Replace generic checkbox with GitLab UI component (merge request)
- Use pajamas checkbox for user access level form (merge request)
- Add HTML5 validation to about your company form (merge request) GitLab Enterprise Edition
- Document Kubernetes 1.21 as supported (merge request)
- Migrate snowplow checkbox (merge request)
- Migrate sourcegraph checkboxes (merge request)
- Add more verbose error message if 2FA required (merge request)
- Port app settings checkboxes (merge request)
- Port checkbox in pipeline schedules (merge request)
- Change variant to confirm (merge request)
- Change variant to confirm (merge request)
- Change variant to confirm (merge request)
- Add validation for confidentiality notes (merge request)
- Add status to DependencyProxy::Manifest type in GraphQL (merge request)
- Migrate admin email checkboxes (merge request)
- Migrate group auto devops form to GitLab UI (merge request)
- Change variant to confirm (merge request)
- Change variant to confirm (merge request)
- Update to rails 6.1.4.7 (merge request)
- Change variant to confirm (merge request)
- Adds a project scoped unique file name constraint for Secure Files (merge request)
- Improve accessibility of Admin application settings page (merge request)
- Updated encyption key generation for Secure Files (merge request)
- Find topic by case insensitive name for detail page by @wwwjon (merge request)
- Bump Gitaly server to v14.10.0.pre.rc1 (merge request)
- Update GlButton variant to confirm in test cases (merge request) GitLab Enterprise Edition
- Added educational text about K8s deployments (merge request)
- Polish Jira issue fields UI (merge request) GitLab Enterprise Edition
- Use SHA256 fingerprint instead of MD5 for LFS token secret (merge request)
- Fix: notify service i18n for MR and Issues by @JeremyWuuuuu (merge request)
- Remove the ip check from the captcha challenge check (merge request) GitLab Enterprise Edition
- Polish UI of epic roadmap view (merge request) GitLab Enterprise Edition
- Only admins can search blocked and banned users (merge request) GitLab Enterprise Edition
- Polish jira_connect users UI (merge request)
- Remove support for file checksum to Secure File uploads (merge request)
- Updated Kubernetes clusters UI (merge request)
- Ignore unindexed projects that have no repository (merge request) GitLab Enterprise Edition
- Add repository size to Plan Limits by @zhzhang93 (merge request)
- Refactor DAST Profiles to use GraphQL fragments (merge request) GitLab Enterprise Edition
- Keep labels sorted by title after mutation (merge request)
- Move liquibase template up one directory (merge request)
- Show UsageData buttons only if cache exists (merge request)
- Extend namespace gitlab_subscription API (merge request) GitLab Enterprise Edition
- Serialize and deserialize by default for LocalStorageSync component (merge request)
- Update group overview icons to match sidebar icons (merge request)
- Don't generate MD5 fingerprint in FIPS mode (merge request)
- Log deprecated/unsupported report schema versions (merge request) GitLab Enterprise Edition
- Update DAST site profile mutations to return payload (merge request) GitLab Enterprise Edition
- Update DAST Scanner Profile Mutations to return payload (merge request) GitLab Enterprise Edition
- Replace compliance dashboard with new compliance violations report (merge request) GitLab Enterprise Edition
- Do not allow to change note's confidentiality (merge request)
- Removing the ignored column project_pages_metadata.artifacts_archive_id (merge request)
- Merge topics with same name by @wwwjon (merge request)
- Updated language on vulnerability report page (merge request) GitLab Enterprise Edition
- Remove gray background from milestone page (merge request)
- Replace runners 'active' filters with 'paused' (merge request)
- Merge branch '356485-refactor-detected-licenses' into 'master' (merge request) GitLab Enterprise Edition
- Migrate alert to shared partial in import group (merge request)
- Ensure Workhorse AWS endpoint is only used for S3 (merge request)
- Use GlAvatar in design note (merge request)
- Change license compliance to use warning alert (merge request)
- Migrate alert to shared partial in notifications (merge request)
- Change user popover avatar to supported size (merge request)
- gitlab/setup_helper: Migrate Gitaly to use runtime directory (merge request)
- Feat(License): update license type names (merge request) GitLab Enterprise Edition
- Add binaries folder and remove build flags in Go CI-Template (merge request)
- Roadmap App with Tree View (merge request) GitLab Enterprise Edition
- Remove link to content editor feedback issue (merge request)
- Remove user_email_lookup_limit column (merge request)
- Change container registry policy banner (merge request)
- FIPS support for API keys endpoint (merge request)
- Migrate diff stats view to component (merge request)
- Adds status popover in runners table header (merge request)
- Add labels to the 'Note on MR' webhook payload (merge request)
- Update locked tooltip for project runners (merge request)
- Update the translations (merge request)
- Filter out project bots from user results on invite members (merge request)
- Switch grad hat icon with bulb for learn gitlab (merge request)
- Remove go to profile text from tooltips (merge request)
- Update "locked" tooltips and text (merge request)
- Add index to improve speed of vulnerabilities (merge request)
- Update button text in pipeline editor (merge request)
- Make the shared/groups/_dropdown Pajamas compliant (merge request)
- Update help popover icon (merge request)
- Support attn alias for attention (merge request)
- Issue 323331 - createFlash called twice in search fetchProjects (merge request)
- Update help link in UI to remove 'ee' (merge request)
- Issue 351689 - Prevent autocomplete searches under X characters (merge request)
- Update DAST profile summary to hide empty values (merge request) GitLab Enterprise Edition
- Updated wording for the agent token instructions (merge request)
- Optimise ci_namespace_mirrors_for_group_members to search prefix (merge request)
- Relocate runner IP Address to Runner column (merge request)
- Redirect deprecated SSE to Web IDE (merge request)
- Migrate export group alerts to be Pajamas compliant (merge request)
- Adjust ProjectExportWorker urgency (merge request)
- Specify that the committer email is checked (merge request) GitLab Enterprise Edition
- Use GlAvatar in project_list_item component (merge request)
- Remove the jira_connect_installation_update flag (merge request)
- Add stricter e-mail validation for on push notification by @lenikadali (merge request)
- Geo migrations settings are included by default (merge request) GitLab Enterprise Edition
- Default multi_json to Oj (merge request)
- Update button text for DAST On-demand scans (merge request) GitLab Enterprise Edition
- gitlab/setup_helper: Migrate Gitaly to use runtime directory (merge request)
- Hide "Users in Subscription" card for Ultimate plans (merge request) GitLab Enterprise Edition
- Update copy for DAST Profile library page (merge request) GitLab Enterprise Edition
- Period limit default Insights yaml (merge request) GitLab Enterprise Edition
- Change default search rate limits (merge request)
- Adjust icons and button wording for license compliance (merge request)
- Generalize empty array for all scanners (merge request) GitLab Enterprise Edition
- Update mutation to unassign security policy from a group (merge request) GitLab Enterprise Edition
- Force Host header rewrite in Workhorse for Geo proxying (merge request) GitLab Enterprise Edition
- Order projects by real last update by @wwwjon (merge request)
- Use neutral colours for nav background (merge request)
- Capture user feedback in
FeedbacknotMetafor Google Cloud app (merge request) - Remove unnecessary html respond (merge request)
- Use instrumentation classes for Service Ping metrics (merge request)
- Expose membership_lock on group detail API by @jtymes (merge request) GitLab Enterprise Edition
- Remove block_namespace_serialization feature flag (merge request)
- Update mutation to create and assign security policy to a group (merge request) GitLab Enterprise Edition
- This MR adds new empty state for corpus management (merge request) GitLab Enterprise Edition
- Adding upload checksum to Secure Files API (merge request)
- Update tooltips for runner statuses (merge request)
- Ignore format of unmatched route (merge request)
- Remove feature flag ci_use_new_monthly_minutes (merge request) GitLab Enterprise Edition
- Add overage check for members and groups (merge request) GitLab Enterprise Edition
- Global Search - Enable Header Search Default (merge request)
- More helpful empty states for milestones (merge request)
- Remove omniauth_login_minimal_scopes feature flag (merge request)
- Link to previous path when viewing blame on renamed files by @tchandelle (merge request)
- Use gl-drawer for pipeline editor help drawer (merge request)
- Limit the number of commits in push merge request emails (merge request)
- Remove integration_form_sections feature flag (merge request)
- Enable refactor_blob_viewer by default (merge request)
- Enforce schema validation for security reports (merge request) GitLab Enterprise Edition
- Use GraphQL alias to simplify vulnerability list id property (merge request) GitLab Enterprise Edition
- Ignore search param for autosave on issue new form (merge request)
- Remove reliance on Flash styling (merge request) GitLab Enterprise Edition
- Add BlocksUnsafeSerialization to Namespace (merge request)
- Update mutation to commit security policy to a group (merge request) GitLab Enterprise Edition
- Increase remote import URL character length limit from 512 to 2048 (merge request)
- Migrate alert to gitlab-ui (merge request)
- Add empty state for Instance OAuth app page (merge request)
- Prevent encrypted fields from being serialized by default (merge request)
- Added severity to issues REST API by @stingrayza (merge request)
- Don't trigger a sentry error for Gitaly exceptions (merge request)
- Add index to improve speed of vulnerability_reads (merge request)
- Update the runner page alerts (merge request)
- Alias user_email_lookup_limit to search_rate_limit (merge request)
- Create about your company page for registration flow (merge request) GitLab Enterprise Edition
Deprecated (4 changes)
- Deprecate modifying notes confidentiality on API (merge request)
- Deprecate updating an iteration's attributes via GraphQL (merge request) GitLab Enterprise Edition
- Deprecate manual iteration creation (merge request) GitLab Enterprise Edition
- Deprecate deleting iterations via the GraphQL API (merge request) GitLab Enterprise Edition
Removed (16 changes)
- Remove the "Upgrade {rocket-emoji}" link from the user dropdown menu (merge request) GitLab Enterprise Edition
- Remove runner list in group settings (merge request)
- Remove diff_settings_usage_data flag (merge request)
- Remove bitmap creation housekeeping option (merge request)
- Remove unused MD5 generation logic for InsecureKey (merge request)
- Remove users_expanding_widgets_usage_data feature flag (merge request)
- Remove mrc_api_use_raw_diffs_from_gitaly flag (merge request)
- Remove usage_data_diff_searches feature flag (merge request)
- Remove remove_import_data_on_failure feature flag (merge request)
- Removal notice for rerequest review (merge request)
- Cleanup api_kaminari_count_with_limit feature flag by @jaspreet-3911 (merge request)
- Remove invite_team_email experiment code (merge request)
- Remove new_dir_modal feature flag (merge request)
- Remove feature flag gitaly_backup (merge request)
- Remove Balsamiq File Preview (merge request)
- Revert "Add Sbom Survey Banner" (merge request)
Security (25 changes)
- Add authorization to composer package archive download by @trakos (merge request)
- Remove ci_safe_artifact_content_type feature flag (merge request)
- Fix artifact content-type raw endpoint (merge request)
- Disallow login if password matches a fixed list (merge request)
- Upgrade swagger-ui dependency (merge request)
- Update devise-two-factor to 4.0.2 (merge request)
- Fix kroki exploit (merge request)
- GitLab Pages Security Updates for 14.9 (merge request)
- Revert "JH need more complex passwords" (merge request)
- Escape original content in reference redactor (merge request)
- Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
- Hide features a user shouldn't be able to see in a list of forks (merge request)
- Modify release link format check to avoid regex if string is too long (merge request)
- Project import maps members' created_by_id users based on source user ID (merge request)
- Monkey patch of RDoc to prevent Ruby segfault (merge request)
- Escape user provided string to prevent XSS (merge request)
- Masks variables in error messages (merge request)
- Security fix for CI/CD analytics visibility (merge request)
- Limit the number of tags associated with a CI runner (merge request)
- Latest commit exposed through fork of a private project (merge request)
- Redact InvalidURIError error messages (merge request)
- Fix access for approval rules API (merge request)
- Fix Asana integration restricted branch filter (merge request)
- Add state param validation for Bitbucket OAuth flow (merge request)
- Fix artifacts content-type (merge request)
Performance (19 changes)
- Optimise Security::Finding cleanup by clearing build_id scope (merge request) GitLab Enterprise Edition
- Drop trace-inclusive artifact removal index from ci_job_artifacts (merge request)
- Make
User#ci_owned_runnersto use unnest index instead of GIN (merge request) - Fix remaining N+1 queries in EnvironmentSerializer (merge request)
- Remove ci_artifact_fast_removal_large_loop_limit feature flag (merge request)
- Finalize asynchronously built index (merge request)
- Resolve "ActionView::Template::Error: 4:Deadline Exceeded." (merge request)
- Optimize the query on Environment Detail page (merge request)
- Improve query performance of attention requests count (merge request)
- Fix discussions N+1 queries (merge request)
- Optimize User#ci_owned_runners query V3 (merge request)
- Do not include highlighted_diff_email css for each note (merge request)
- Schedule async index build for ci_job_artifacts (merge request)
- Registry import enqueuer uses migration_plan (merge request) GitLab Enterprise Edition
- Prevent loading wiki content for destroy and diff actions (merge request)
- Make the Invite Modal load conditionally (merge request)
- Load highlight.js languages asynchronously (merge request)
- Move updating statistics logic outside of the transaction (merge request) GitLab Enterprise Edition
- Caches the by email lookup logic for user in member creation (merge request)
Other (66 changes)
- Finalize traversal_ids background migrations (merge request)
- Add tests for vulnerability_report.vue (merge request) GitLab Enterprise Edition
- Use StatisticsCard in usage_quotas/seats (merge request) GitLab Enterprise Edition
- Add new packages build infos finder (merge request)
- Fix usage of distance_of_time_in_words_to_now by @edith007 (merge request)
- Add unique index for work item type names with no namespace (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by using
Structby @edith007 (merge request) - Refactor pipeline schedule variables (merge request)
- Bump Gitlab Shell version (merge request)
- Refactor: Introduce BaseThirdPartyWiki by @chaomao (merge request)
- Update RelationExportService to not export if recently exported (merge request)
- Makes BackfillWorkItemTypeIdOnIssues migration more efficient (merge request)
- Backfill dependency proxy size in namespace stats (merge request)
- Use statistics card in storage app (merge request) GitLab Enterprise Edition
- Set usage_activity_by_stage_monthly.create.merge_requests to removed (merge request)
- Remove obsolete wiki notes (merge request)
- Chore: remove track_editor_edit_actions FF (merge request)
- Removes ci_validate_job_length ff (merge request)
- Update BulkImports::PipelineWorker Ndjson perform delay (merge request)
- Remove import_project_from_remote_file ff (merge request)
- Add temp index for notes without discussion_id (merge request)
- Document how to add a new built-in project template (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Geo: (SSF) State machine refactoring (merge request)
- Run project after import when GitLab Migration is complete (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- When building from source, require nodeJS >= 14.15.0 (merge request)
- Remove switch editing controls feature flag (merge request)
- Simplify third party container repository delete tags services by @edith007 (merge request)
- Remove the unused instance variable from the controller by @edith007 (merge request)
- Expose HTTP code during GitHub importer errors (merge request)
- Workhorse: bump gitaly client (merge request)
- Bump Gitlab Shell version (merge request)
- Remove header_read_timeout_buffered_io featureflag (merge request)
- Move compliance framework auditor to a new class (merge request) GitLab Enterprise Edition
- Cleanup secret variables refactoring in variables builder (merge request)
- Resolve Performance/DeletePrefix rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix typo in milestones empty state (merge request)
- Added read_usage_quotas ability to ProjectPolicy (merge request)
- Update API doc to show correct return type (merge request) GitLab Enterprise Edition
- Clean up after fixing issue when admin changes email (merge request)
- Remove use_model_load_balancing feature flag (merge request)
- Lazy initialization for user popovers by @cyberap (merge request)
- Migrate groups show page to GlTabs (merge request)
- Track related epics added on usage ping (merge request) GitLab Enterprise Edition
- Remove
verify_protected_tags_for_pull_mirrorfeature flag (merge request) - Remove feature flag
spread_parallel_import(merge request) - Resolve Rails/FindById rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove admin_application_settings_service_usage_data_center feature flag (merge request)
- Cleanup draft column data (merge request)
- Resolve Rails/BelongsTo rubocop offenses by @edith007 (merge request)
- Remove bulk_expire_project_artifacts feature flag (merge request)
- Backfill work_item_type_id for all Issues (merge request)
- Remove geo_token_user_authentication feature flag (merge request) GitLab Enterprise Edition
- Modeling for Multi Access Levels in Deployment Approval (merge request)
- Update GitLab Runner Helm Chart to 0.39.0 (merge request)
- Cleanup show_report_validation_warnings flag (merge request)
- Add tests for vulnerability report pagination feature (merge request) GitLab Enterprise Edition
- Remove temp index on id in vulnerability_occurrences (merge request)
- Fix the offences introduced by Performance/OpenStruct by @edith007 (merge request)
- Move BASE_FILTERS from filters/constants to security_dashboard/helpers (merge request) GitLab Enterprise Edition
- Add migration_plan to container_repositories (merge request)
- Bump Gitlab Shell version (merge request)
- Convert ci_builds-runner_id FK to LFK (merge request)
- Fix related epic links and issue links specs fixtures (merge request)
14.9.5 (2022-06-01)
Security (7 changes)
- Fix IP restrictions not applying to deploy tokens (merge request)
- Trigger token should respect group IP restrictions (merge request)
- Fix content injection in Jira issue title (merge request)
- Subgroup member can list members of parent group (merge request)
- Do not allow project member import when membership is locked (merge request)
- Disable changing user attributes when updating SCIM provisioned user (merge request)
- Allow only job owner to run interactive terminal (merge request)
14.9.4 (2022-04-29)
Security (15 changes)
- Fixes infinite loop when rendering Ipynb Diffs (merge request)
- Update Import/Export merge/push access levels & exclude ci config path (merge request)
- Prevent maintainers from editing PipelineSchedule (merge request)
- Add validation to pypi file sha256 values (merge request)
- Conan Token uses PAT rather than ID in payload (merge request)
- [security] Fix markdown API disclosing issue titles of limited projects (merge request)
- Verify that mentioned user can read TODO's note (merge request)
- Invalidate markdown cache to clear up stored XSS (merge request)
- Allow rate limiting of deploy tokens (merge request)
- Add suffix to cache name to add isolation (merge request)
- Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
- Sanitize error input to prevent HTML/CSS injection in messages (merge request)
- Secure debug trace artifact download (merge request)
- Use password type for all secret integration properties (merge request)
- Limit CI job group_name regexp (merge request)
14.9.3 (2022-04-12)
Fixed (4 changes)
- Revert Protected Environment group access inheritence (merge request)
- Fix URL blocker when object storage enabled but type is disabled (merge request)
- Remove pending builds from the queue on conflict (merge request)
- Fix null argument handling in background migration Rake task (merge request)
14.9.2 (2022-03-31)
Security (20 changes)
- Quarantine UsageDataNonSqlMetrics failing test (merge request)
- Disallow login if password matches a fixed list (merge request)
- Update devise-two-factor to 4.0.2 (merge request)
- Limit the number of tags associated with a CI runner (merge request)
- GitLab Pages Security Updates for 14.9 (merge request)
- Upgrade swagger-ui dependency (merge request)
- Modify release link format check to avoid regex if string is too long (merge request)
- Masks variables in error messages (merge request)
- Escape user provided string to prevent XSS (merge request)
- Monkey patch of RDoc to prevent Ruby segfault (merge request)
- Project import maps members' created_by_id users based on source user ID (merge request)
- Redact InvalidURIError error messages (merge request)
- Fix access for approval rules API (merge request)
- Fix kroki exploit (merge request)
- Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
- Escape original content in reference redactor (merge request)
- Security fix for CI/CD analytics visibility (merge request)
- Latest commit exposed through fork of a private project (merge request)
- Fix Asana integration restricted branch filter (merge request)
- Revert "JH need more complex passwords" (merge request)
14.9.1 (2022-03-23)
Fixed (1 change)
Changed (1 change)
14.9.0 (2022-03-21)
Added (119 changes)
- Toggle the related_epics_widge feature flag (merge request) GitLab Enterprise Edition
- Add Time to Restore Service DORA metric (merge request) GitLab Enterprise Edition
- Added possiblity to create new token from the UI (merge request)
- Add param to Wiki REST endpoint to retrieve different page versions (merge request)
- Add Harbor integration by @prajnamas (merge request)
- MR widget: update merge commit message when default changed by @trakos (merge request)
- Support agent registration without config (merge request)
- Add
RestrictGitlabSchemathat enforcesrestrict_gitlab_migration(merge request) - Enable the vsa_incremental_worker FF by default (merge request)
- Add deployment approval comment field (merge request) GitLab Enterprise Edition
- Support iteration property for issues api (merge request) GitLab Enterprise Edition
- Filter archived issues / MRs from GraphQL (merge request)
- Purge
security_findingsrecords periodically (merge request) GitLab Enterprise Edition - Upgrade GitLab Pages to 1.56.0 (merge request)
- Stream audit event on merge request approval (merge request) GitLab Enterprise Edition
- Use batches for pull request import jobs (merge request)
- Verify protected tags permissions for pull mirroring (merge request)
- Document how to use CI
dependenciesandparallel:matrixtogether (merge request) - Add security training urls (merge request) GitLab Enterprise Edition
- Add
Enterprisefilter to members search bar (merge request) GitLab Enterprise Edition - Add VulnerabilityReadsFinder to speed up API responses (merge request) GitLab Enterprise Edition
- Copy metric images from alert to new incident (merge request) GitLab Enterprise Edition
- Expose UserInteractions for participants of a merge request (merge request)
- Remove wiki_front_matter FF (merge request)
- Add default branch to Pipelines page filter if no search term provided (merge request)
- Creates asynchronously index on ci_job_artifacts table (merge request)
- GraphQL: Add notificationEmail to GroupMembers (merge request)
- Add external status checks total to ping (merge request) GitLab Enterprise Edition
- Add CAPTCHA to REST API (merge request)
- Implement GET APIs for Deploy Tokens by @tuxtimo (merge request)
- Add namespace to Security Policy Orchestration Configuration (merge request) GitLab Enterprise Edition
- Add deployment approval UI MVC (merge request) GitLab Enterprise Edition
- Add support for failure status status checks (merge request) GitLab Enterprise Edition
- Allow to list related epics on REST API (merge request) GitLab Enterprise Edition
- Add
coverage_reportkeyword to CI config (merge request) - Add audit logs when unassigning CI runner from a project (merge request) GitLab Enterprise Edition
- Permalink to the latest release (merge request)
- Allow the /merge quick action through graphql create note (merge request)
- Add projects with status checks to ping (merge request) GitLab Enterprise Edition
- Add security training providers (merge request)
- Add OpenSSL FIPS mode detection and env var (merge request)
- Support Vault EE namespaces by @aleksanderzak (merge request)
- Add free user cap feature flag and controls (merge request) GitLab Enterprise Edition
- Add support stackprof in GitLab profiler (merge request)
- Include invited groups into protected environments API (merge request) GitLab Enterprise Edition
- Add wiki page render option to wiki API (merge request)
- Remove rate_limit_user_sign_up_endpoint feature flag (merge request)
- Expose committers on mergeRequest GraphQL type (merge request)
- Add backend interface to look up for security training (merge request) GitLab Enterprise Edition
- Show security report warnings on pipeline security tab (merge request) GitLab Enterprise Edition
- Allow to destroy related epics association on internal API (merge request) GitLab Enterprise Edition
- Add frontend routing to Geo GraphQL specific sites (merge request) GitLab Enterprise Edition
- Add audit logs when assigning CI runner to project (merge request) GitLab Enterprise Edition
- Merge/squash commit templates: add %{all_commits} variable by @trakos (merge request)
- Add size to image details heade (merge request)
- Feat(Licesing): update upload to activate (merge request) GitLab Enterprise Edition
- Send a notification when a new access token is created by @rpadovani (merge request)
- Add audit event for project deploy tokens (merge request) GitLab Enterprise Edition
- Add audit event for group deploy tokens (merge request) GitLab Enterprise Edition
- Add suggestion to use short-living tokens to end-users (merge request)
- Add comment to Deployment Approvals (merge request) GitLab Enterprise Edition
- Parse pasted markdown (merge request)
- Remove rate_limit_user_by_id_endpoint feature flag (merge request)
- Remove rate_limit_username_exists_endpoint feature flag (merge request)
- Remove rate_limit_profile_update_username feature flag (merge request)
- Expose sum of weights for epic board lists on GraphQL endpoint (merge request) GitLab Enterprise Edition
- Add security scan status to GraphQL API (merge request) GitLab Enterprise Edition
- Add saved replies (merge request)
- Backfill all project namespaces (merge request)
- Implement API endpoint to get single SSH key for specific user by @tuxtimo (merge request)
- Add job_variables_attributes to play build API (merge request)
- Use fair queueing for Loose Foreign Keys (merge request)
- Add application setting for cleanup policy caching (merge request)
- Add GraphQL Todoable interface for to-do targets by @KevSlashNull (merge request)
- Add circuit breaker for gitlab experimentation (merge request)
- Add delete endpoint for Alert metric images (merge request) GitLab Enterprise Edition
- Enable Loose Foreign Keys partition rotation (merge request)
- Add scan method to dast site profile GraphQL API (merge request) GitLab Enterprise Edition
- Filter a pipeline by author by @genctys (merge request)
- Allow to pass suggestedColors to ColorPicker by @wwwjon (merge request)
- Add security_and_compliance_access_level to Projects API by @ytans (merge request)
- Add user and system note filters to note_authors association (merge request)
- Add analytics to detect deployment jobs being executed (merge request)
- Add filters and sorting to compliance violations GraphQL type (merge request) GitLab Enterprise Edition
- Add encoding field to wiki API (merge request)
- Add ingestion for Finding Evidence (merge request) GitLab Enterprise Edition
- Feat(Licensing): add Offline cloud type (merge request) GitLab Enterprise Edition
- Add webhook delivery method options to config/mail_room.yml (merge request)
- Improve strikethrough in Markdown editor by @smokris (merge request)
- Created compliance violation GraphQL type and added to Group type (merge request) GitLab Enterprise Edition
- Implement colour attribute for epics by @espadav8 (merge request)
- Add basic FIPS class (merge request)
- Add Dark Mode support to the image_tag helper (merge request)
- Add upload & update endpoints for alert metrics (merge request) GitLab Enterprise Edition
- API: Add endpoint to reset runner token with old token by @KyleFromKitware (merge request)
- Added updated_state_by_user to reviewers and assignees (merge request)
- Swapable cleaner/raw diffs for Notebooks (merge request)
- Upgrade GitLab Pages to 1.55.0 (merge request)
- Enable pending builds table queuing strategy (merge request)
- Add a timeline event pipeline filter to TimelineEvent (merge request) GitLab Enterprise Edition
- Add read API for Alert Metric Images (merge request) GitLab Enterprise Edition
- Support scoped iteration report (merge request) GitLab Enterprise Edition
- Add mutation to promote timeline event from a note (merge request) GitLab Enterprise Edition
- Add active and passive profiles (merge request) GitLab Enterprise Edition
- Support scoping for timebox report via GraphQL (merge request) GitLab Enterprise Edition
- Add aggregated VSA consistency check service (merge request)
- Return runner editUrl via GraphQL API (merge request)
- Add the total time chart to each VSA stage (merge request) GitLab Enterprise Edition
- Workhorse: Allow HTTPS for backends (merge request)
- Adds cross_project_pipeline_available to NamespaceType (merge request)
- Add readme in repo creation for reg flow (merge request) GitLab Enterprise Edition
- Hide markdown preview tab if editing non-markdown formats by @espadav8 (merge request)
- Log CI runner unregistration audit events (merge request) GitLab Enterprise Edition
- Add a consolidated button to edit blobs (merge request)
- Calculate storage statistics for dependency proxy (merge request)
- Latest release badge documentation inclusion (merge request)
- Add slash command to page incident (merge request) GitLab Enterprise Edition
- Expose container repository sizes (merge request)
- Create RelatedEpic table and model (merge request)
Fixed (132 changes)
- Cleaned up clusters_helper and cluster index haml (merge request)
- Update holder name column to 50 limit constraint (merge request)
- Improve wording for vulnerabilities_allowed (merge request) GitLab Enterprise Edition
- Add missing input box for search rate limiting configuration (merge request)
- Handle Jira Connect installation updates (merge request)
- Return a 422 error for Changelog::Error exception (merge request)
- Fix empty state pipelines page (merge request)
- Update attribute indirection (merge request) GitLab Enterprise Edition
- Fixed incorrect minimum number of users on subscription purchase flow (merge request) GitLab Enterprise Edition
- Refactor remove topic avatar (merge request)
- Fix default Ci config path (merge request)
- Fix ci.json: Remove Nesting from Secrets Rule (merge request)
- Fix DevopsAdoption usage metric gathering (merge request) GitLab Enterprise Edition
- Fix Epic and Label != filtered search suggestions not showing (merge request)
- Handle recursion when creating ApplicationSettings (merge request)
- Fall back to avaiable scope if scope is invalid (merge request)
- Fix sourcegraph breaking on projects/:id (merge request)
- Find or initialize Scanners using project_id (merge request) GitLab Enterprise Edition
- Add responsive property to area charts in CI minutes (merge request) GitLab Enterprise Edition
- Additional spec to capture bug in latest release permalink and fix same (merge request)
- Global Search - Fix ref based searches (merge request)
- Remove duplicate new cluster button (merge request)
- Increase token preview length in runner audit logs (merge request) GitLab Enterprise Edition
- Fix unexpected height stretch of CI job duration badge by @nanmu42 (merge request)
- Allow setting push events branch filter for group hooks (merge request) GitLab Enterprise Edition
- Support CRM contacts only in root groups by @leetickett (merge request)
- UI Bug Fix: Expand the early checks when using /merge quick action (merge request) GitLab Enterprise Edition
- Fix an inaccurate help page link (merge request)
- Add validation for rule/yaml modes switch (merge request) GitLab Enterprise Edition
- Fix namespace usage quotas storage pagination (merge request)
- Replace applications destroy alert with GlModal (merge request)
- Don't allow filtering by
inalone on issue/MR dashboard (merge request) - Allow invite group modal to render when membership is locked (merge request) GitLab Enterprise Edition
- Scan MR description when syncing builds with Jira (merge request)
- Set resoure_iteration_events to ghost user (merge request) GitLab Enterprise Edition
- Update BulkImports Export to handle unexpected failure (merge request)
- Fix UsageDataQueries API not returning a query (merge request) GitLab Enterprise Edition
- Fixed user cap evaluation for all OAuth login (merge request) GitLab Enterprise Edition
- Fix retrying of batched background migrations (merge request)
- Allow merge commits for SD (merge request)
- Fix startup crash in Puma single mode (merge request)
- Decouple policy name update from yaml/rule modes (merge request) GitLab Enterprise Edition
- Poll folder for changes in new environments page (merge request)
- Remove empty approvers in regards to (merge request) GitLab Enterprise Edition
- Check authorization to view billableMembersCount (merge request) GitLab Enterprise Edition
- Refactor repo deletion existence checking (merge request)
- Make hr in markdown visible in darkmode by @dianapaula19 (merge request)
- Fix filters presence check to take value into consideration (merge request)
- Param requires_python is optional for pypi (merge request)
- Ensure that the spaces between frontmatter are kept by @tchandelle (merge request)
- Fix sourcemap recovery error in Content Editor (merge request)
- Users who can read group should read group token (merge request)
- Fix bot token name in issues (merge request)
- Allow inherited members of groups to deploy protected environments (merge request)
- Update group bulk edit issues user docs (merge request)
- Fix variable in _prometheus.html.haml so it shows as a code block (merge request)
- Project settings: fix semi-linear merge description by @trakos (merge request)
- Fix rake task to seed Geo tracking database (merge request) GitLab Enterprise Edition
- Fix remove button overlap with other components (merge request) GitLab Enterprise Edition
- Include merge-requests in RESERVED_REFS_NAMES (merge request)
- Pass issue ID to merge request creation form (merge request)
- Apply omniauth defaults when no arguments are given (merge request)
- Fix
Verify SAML Configurationbutton (merge request) GitLab Enterprise Edition - Replace success variant with the confirm (merge request) GitLab Enterprise Edition
- Modify Union sql construction (merge request)
- Restart Action Cable server when Redis disconnects (merge request)
- Cache namespace first Auto DevOps config (merge request)
- Global Search - Header Search Snippets (merge request)
- Fix NoMethodError when visiting repo analytics (merge request) GitLab Enterprise Edition
- Skip navigation modal for cancel button (merge request)
- Handle not existing training ID for securityTrainingUpdate mutation (merge request) GitLab Enterprise Edition
- Fix VSA error with scoped labels (merge request) GitLab Enterprise Edition
- Fix markdown serialization in content editor (merge request)
- Fix the month view on CI usage by minutes bar chart by @parkourkarthik (merge request)
- Hard delete bulk snippets (merge request)
- Allow popups and links within mermaid diagrams (merge request)
- Fixed bug preventing agent creation from agent tab (merge request)
- Prevent database deadlocks when deleting projects (merge request)
- Fix mermaid background in dark mode (merge request)
- Change Edit to Open in Blob view to maintain consistency by @rajanamistry (merge request)
- Fix loading spinner for legacy Filtered search dropdown (merge request)
- Replace RegistrySearch component with PersistedSearch by @orozot (merge request)
- Fix sending BlobContent query with empty variables (merge request)
- Add container to qrtly reconciliation banner (merge request) GitLab Enterprise Edition
- Add container for manual renewal banner (merge request) GitLab Enterprise Edition
- Make loading spinner Pajamas compliant (merge request)
- Reset paging when sort is changed on vulnerability report (merge request) GitLab Enterprise Edition
- Fix job page copy source branch button by @leetickett (merge request)
- Raise error when diff note import fails (merge request)
- Fix group members tooltip label by @ali_o_kan (merge request)
- Fix loading icon in activity calendar (merge request)
- Fix rendering vulnerability markdown description (merge request) GitLab Enterprise Edition
- Filter commented_approvers for user note authors (merge request)
- Remove fix_comment_scroll feature flag (merge request)
- Fix error from invalid sha for
includefiles (merge request) - Fix GRPC 500 from BlobsResolver (merge request)
- Add error for cross pipeline dependencies (merge request)
- Handle received header fallback for missing Delivered-To (merge request)
- Fix erroneous all warning from race condition (merge request)
- Remove unnecessary margin to the right of the Show comment only dropdown by @rajanamistry (merge request)
- Expose merge request flag as boolean in the pipeline entity (merge request)
- Fix pull/push mirror authentication fields (merge request)
- Allow admin to register group runners at all times (merge request)
- Fix cross-database modification when resetting CI minutes (merge request)
- Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
- Enable removing import data on failure by default (merge request)
- Fix flash color when there is an error by @ali_o_kan (merge request)
- Allow assigning users with private profiles (merge request)
- Fix multiple modals showing when canceling note (merge request)
- Allow admin to register project runners at all times (merge request)
- Block execution of cyclical pipelines (merge request)
- Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
- Truncate Jira app key to be no longer than 64 (merge request)
- Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
- Avoid idling in transaction when fetching source for merge requests (merge request)
- Fix response of
securityTrainingUpdatemutation (merge request) GitLab Enterprise Edition - Remove CachingArrayResolver from epic issues (merge request) GitLab Enterprise Edition
- Do not mirror protected tags restricted for a creation (merge request) GitLab Enterprise Edition
- Hide white box at bottom of MR diff page (merge request)
- Stop backup files from requiring directories to exist when skipped (merge request)
- Fix the Content Editor strikethrough shortcut docs by @smokris (merge request)
- Fix TypeError from Tags::Reference (merge request)
- Fix copy button in Enable Review App modal by @aeboyaci (merge request)
- Pass all options from member entity (merge request)
- Automatically adapt the CSP when snowplow is enabled (merge request)
- Fix toolbar buttons in Markdown field (merge request)
- Fix Replace button form path (merge request)
- Allow project admin to read project approvals (merge request) GitLab Enterprise Edition
- Dynamically add AWS URLs to CSP on EKS auth page (merge request)
- Do not count group bot users from shared group towards seat usage (merge request) GitLab Enterprise Edition
- Make contribution graph email grouping ignore case (merge request)
- Don't return 500 error in Commits API when repository is missing (merge request)
Changed (194 changes)
- Add iteration selector to board scope (merge request) GitLab Enterprise Edition
- Block limited broadcast address (255.255.255.255) in UrlBlocker (merge request)
- Migrate to unique indices in projects runners tokens (merge request)
- Track git blame clicks from code search results (merge request)
- Split cluster creation page into two pages (merge request)
- Prevent group owners from deleting certain project runners (merge request)
- Remove unnecessary Edit tab in WebIDE by @Bisht13 (merge request)
- Switch AWS "easy button" icons with radio buttons (merge request)
- Update error message with importing container repository (merge request)
- Update runner Pause/Resume button labels (merge request)
- Update Jira integration form to have sections (merge request)
- Set geo_job_artifact_replication default to true (merge request) GitLab Enterprise Edition
- Use checkboxes to select target roles for broadcast messages (merge request)
- Add frontend validation to avoid duplicate asset link names by @emanuelfarias (merge request)
- Adding Secure Files upload limit (merge request)
- Promote exp: change_continuous_onboarding_link_urls (merge request)
- Move two-factor authentication callout to the todo-list page (merge request)
- Use new vulnerability report for pipeline security tab (merge request) GitLab Enterprise Edition
- Update job page for blocked deployments (merge request) GitLab Enterprise Edition
- Remove block_project_serialization feature flag (merge request)
- Migrate two-factor auth error message to shared HAML partial (merge request)
- Enable the
geo_token_user_authenticationFF by default (merge request) - Do not ensure HEAD is default_branch on snippets (merge request)
- Project authorization is unique per user, project (merge request)
- Change CI lint primary button style by @gtsiolis (merge request)
- Add pipeline editor walkthrough feature permanently (merge request)
- Add error when acccess denied due to credit card (merge request) GitLab Enterprise Edition
- Turn the subscribable banner into an alert (merge request) GitLab Enterprise Edition
- Add configurable search rate limits (merge request)
- Improve email notification styling by @smokris (merge request)
- Enable API kaminari count with limit by @jaspreet-3911 (merge request)
- Bump GITLAB_KAS_VERSION to 14.9.0 (merge request)
- Revise merge-conflict modal text (merge request)
- Rename remove user action (merge request)
- Search presenter is a noop when given empty results (merge request)
- Restyle project deletion and restoration containers (merge request) GitLab Enterprise Edition
- Remove new environments table feature flag (merge request)
- Add link to incident title (merge request)
- Remove type from ruby template (merge request)
- Enable feature flags to resume artifact removal (merge request)
- Validate urls before attempting to download (merge request)
- Parse Snowplow value as Number (merge request)
- Remove placeholder and move error message in the form (merge request)
- Update auto-build-image to v1.9.1 (merge request)
- Remove feature flag to read finding evidence model (merge request) GitLab Enterprise Edition
- Removed compliance_violations_graphql_type feature flag (merge request) GitLab Enterprise Edition
- Enable show_report_validation_warnings by default (merge request)
- Use follow redirects middleware in the Container Registry clients (merge request)
- Use SAX parser for cobertura coverage reports (merge request)
- Migrate spinners in approver suggestion partial (merge request) GitLab Enterprise Edition
- Release chat notification branch filter for deployments (merge request)
- Add no-sort-reset prop to vulnerability list (merge request) GitLab Enterprise Edition
- Update placeholder text in import projects table (merge request)
- Reduce the number of buckets in Sidekiq histograms (merge request)
- Wrap alert in a DIV by @gitlab-dependency-update-bot (merge request) GitLab Enterprise Edition
- Remove vulnerability_finding_replace_metadata flag (merge request) GitLab Enterprise Edition
- Update group-level compliance framework to match project settings (merge request) GitLab Enterprise Edition
- Merge injected KUBECONFIGs for clusters and agents (merge request)
- Fallback to basic search on archived projects (merge request) GitLab Enterprise Edition
- Added cluster Actions menu to group and admin view (merge request)
- Remove feature flags for runner token prefix (merge request)
- Fix RSpec/TimecopTravel offenses (Part 2/2) by @KevSlashNull (merge request)
- Disallow integrated error tracking by default (merge request)
- Improve and internationalize Deployment Approval error messages (merge request) GitLab Enterprise Edition
- Update new issue form to match Pajamas specs (merge request)
- Refactor(Groups SSO): migrate to gl-tabs (merge request) GitLab Enterprise Edition
- Enable cleanup policies throttling by default (merge request)
- Global Search - Support non-js searches (merge request)
- Update icon, remove text, and switch (merge request)
- Allow to hide deployment target on New Project page by @wwwjon (merge request)
- Support GraphQL authentication with project tokens (merge request)
- Migrate Epic Tabs to use Button Group (merge request) GitLab Enterprise Edition
- Extend billable members count to accept requested hosted plan parameter (merge request) GitLab Enterprise Edition
- Bump Auto Deploy Image verion to v2.22.0 (merge request)
- Consider non-default config files for Security UI (merge request)
- Migrate loading spinners (merge request)
- Update project compliance frameworks settings (merge request) GitLab Enterprise Edition
- Issue 349398 - Update search field in Global Search (merge request)
- Header Search Refactor - Handle Errors in the component (merge request)
- Migrate spinners in archived projects partial (merge request)
- Migrate spinners in user's overview (merge request)
- Migrate spinners in explore groups partial (merge request)
- Creates audit event when approval rule is deleted (merge request) GitLab Enterprise Edition
- Creates audit event on approval rule creation (merge request) GitLab Enterprise Edition
- Update Auto DevOps docker versions to 20.x (merge request)
- Remove constraints from sprints table (merge request)
- Move Geo repository updated event creation into a worker (merge request) GitLab Enterprise Edition
- Migrate loading icon to be Pajamas compliant (merge request)
- Migrate loading spinners (merge request)
- Move default branch protection to repository settings (merge request)
- Migrate loading spinners (merge request)
- Update registration enabled callout (merge request)
- Migrate loading spinners (merge request)
- Iteration search uses cadence and iteration titles (merge request) GitLab Enterprise Edition
- Display license ID retrieved from CustomersDot (merge request) GitLab Enterprise Edition
- Re-introduce role-targeted broadcast messages (merge request)
- Use GlAvatar in security dashboard (merge request) GitLab Enterprise Edition
- Remove personal_project_owner_with_owner_access feature flag (merge request)
- Use the environment tier for jira connect deployment environment type by @alanandrade (merge request)
- Add unique index for security training providers (merge request)
- Allow tags as target of pipeline scheduled by @KevSlashNull (merge request)
- Migrate group/project member spinners (merge request)
- Migrate legacy spinner (merge request)
- Disable multi-project viz for free users (merge request)
- Update Import object persistence approach (merge request)
- Correct text of Banner message label (merge request) GitLab Enterprise Edition
- Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
- Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
- Update maximum allowable lifetime message for PAT (merge request) GitLab Enterprise Edition
- Disable the PA commit button when there are no changes (merge request)
- Add the "Support Ukraine" tanuki (merge request)
- Link new issue to original via checkbox by @smokris (merge request)
- Migrate gfm loading spinner (merge request)
- Use report-declared version of the schema (merge request) GitLab Enterprise Edition
- Migrate MAINTAINER access memberships to OWNER (merge request)
- Surface validation errors as warnings (merge request) GitLab Enterprise Edition
- Migrate loading icon (merge request)
- Geo secondary proxying: serve assets locally (merge request) GitLab Enterprise Edition
- Replace n/a with a hyphen in the runners table (merge request)
- Update Secret Detection template (merge request)
- Add alert and disable active checkbox (merge request)
- Improve UI text of sign-in restrictions (merge request)
- Put deprecated serverless features behind feature flag (merge request)
- Add BlocksUnsafeSerialization to Project (merge request)
- Add default_branch to KAS responses (merge request)
- Use GlButtonGroup instead of GlSegmentedControl (merge request) GitLab Enterprise Edition
- Change loading state jobs tab (merge request)
- Increase pipeline editor debounce to 500ms (merge request)
- Set danger variant and label to delete WA Device (merge request)
- Set danger variant and label to destroy oauth app (merge request)
- Set variants and labels to abuse report buttons (merge request)
- Set danger variant to delete artifact button (merge request)
- Set danger variant & labels for appearance buttons (merge request)
- Improve Sourcegraph settings text (merge request)
- Remove pipeline editor button from blob view (merge request)
- Refine copy for Jira integration (merge request)
- Project quality summary: add test runs empty state (merge request)
- Backfill
member_namespace_idforGroupMember(merge request) - Merge branch 'user-validation-failed-message' into 'master' (merge request)
- Improve user validation failed message (merge request)
- Remove releases with NULL tags and add not-NULL constraint (merge request)
- Replace success with confim variant (merge request)
- Suggest backend reviewer for erb and haml files (merge request)
- Add Gitlab.revision to Gitlab::JsonCache cache_key by default (merge request)
- Replace window.confirm with GlModa in environment actions (merge request)
- Use instrumentation classes for Service Ping generation (merge request)
- Remove null constraint from security_scan_succeeded column by @svdj (merge request)
- Improve the labels on Kubernetes Agent UI (merge request)
- Expose created_at when serializing Deployment Approvals (merge request) GitLab Enterprise Edition
- Split rebase action buttons into two separate buttons by @KevSlashNull (merge request)
- Reword 'build' to 'pipeline' in todos by @KevSlashNull (merge request)
- Update pipeline labels (merge request)
- Re-position the erase log button (merge request)
- Adjust incident list column widths and truncation (merge request)
- Replace the gitlab import haml modal with a GlModal (merge request)
- Adds a notification for a future dated license (merge request) GitLab Enterprise Edition
- Use strong params for ProjectsController by default (merge request)
- Update iteration lists (merge request) GitLab Enterprise Edition
- Improve accessibility on empty project page (merge request)
- Use GlAvatar in operations dashboard (merge request) GitLab Enterprise Edition
- Update trial status reminder design (merge request) GitLab Enterprise Edition
- Hide issue header dropdown button if there are no actions by @KevSlashNull (merge request)
- Use groups API for Approvals form by default (merge request) GitLab Enterprise Edition
- Remove the VSA duration chart stage dropdown (merge request) GitLab Enterprise Edition
- Introduce new jobs tab (merge request)
- Rate limit epic create service (merge request) GitLab Enterprise Edition
- Use sentence case for trigger events (merge request)
- Remove GlAlert contained prop (merge request) GitLab Enterprise Edition
- Switched title to h1 on issues (merge request)
- Improve Amazon EKS settings text (merge request)
- Stop using type, and use type_new instead (merge request)
- Drop show_diff_preview_in_email column (merge request)
- Add aria-label and tooltip to the emoji picker (merge request)
- Update cleanup policy parameters (merge request)
- Increase text limit of maintainer_note field (merge request)
- Clear future subscriptions info on license destroy (merge request) GitLab Enterprise Edition
- Change button variant to confirm in Web IDE modals (merge request)
- Allow only topic names that are case insensitive unique by @wwwjon (merge request)
- Return project delete errors (merge request)
- Replace GlSegmentedControl with GlDropdown (merge request)
- Change the order column of topics to non_private_projects_count by @wwwjon (merge request)
- Removed rate_limited_service_issues_create flag (merge request)
- Migrate create protected branch form to GlToggle (merge request)
- Deprecate test reports relationship with requirements (merge request) GitLab Enterprise Edition
- Update registry regex to allow 4 levels (merge request)
- Validate NOT NULL on security_findings.uuid column (merge request)
- Migrate edit protected branch form to GlToggle (merge request)
- Clean up feature flag publish_project_deleted_event to enable by default (merge request)
- Default to delayed deletion for projects not in personal namespace (merge request)
- Enable scan_result_policy by default (merge request) GitLab Enterprise Edition
- Append URL issue description to template by @smokris (merge request)
- Remove fork_project_form feature flag (merge request)
- Add SUPPORTED_VERSIONS and DEPRECATED_VERSIONS to SchemaValidator (merge request)
- Update documentation for Usage quota (merge request)
Deprecated (3 changes)
- Deprecate VALIDATE_SCHEMA configuration variable (merge request)
- Add deprecation notice to NetworkPolicyConnection (merge request) GitLab Enterprise Edition
- feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)
Removed (10 changes)
- Clean up import and other invite members modal rollout pieces (merge request)
- Untrack external_pull_requests row deletions (merge request)
- Remove support for unsafe regular expressions (merge request)
- Drop unused partitioned_foreign_keys table (merge request)
- Cleanup Code Quality Walkthrough experiment (merge request)
- Cleanup Ci Runner Templates experiment (merge request)
- Remove :cluster_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
- Clean up forcibly_show_trial_status_popover experiment (merge request)
- Remove
security_report_ingestion_frameworkfeature flag (merge request) GitLab Enterprise Edition - Remove cache_shared_runners_enabled FF (merge request)
Security (16 changes)
- Set nosniff header on assets requests (merge request)
- Default enable header_read_timeout_buffered_io (merge request)
- Escape branch names in push instructions (merge request)
- Create Error.rb, update ProcessPolicyService by @FacVain (merge request) GitLab Enterprise Edition
- Add Integration.encrypted_properties (merge request)
- Warn when snippet contains unretrievable files
- Change runners_token prefix for Group and Project
- Add runners_token prefix to Group and Project
- Only expose
idandnameattributes when serializing deploy token (merge request) - Prevent DOS when rendering math markdown
- Limit commands_changes to certain keys
- Reset password field on page load
- Check permission when creating members through service
- Check for unsafe characters in email addresses before sending
- Anonymous user can enumerate all users through GraphQL endpoint
- Exif metadata not stripped when uploading image attachments via Emails (merge request)
Performance (10 changes)
- Improve performance of group releases endpoints (merge request)
- Load highlight.js languages asynchronously (merge request)
- Add index on releases table to resolve cicd settings page timeout (merge request)
- Fix slow query for "All" tabs in "Your projects" activity page (merge request)
- Drop old index for security ci builds on name and id parser (merge request)
- Create new index for security ci builds with new features (merge request)
- Recreate index for security builds to include fuzzing jobs (merge request)
- Schedule async weekend build of index for job traces (merge request)
- Decrease the default fast statement timeout (merge request)
- GlTableLite in favor of GlTable for runners list (merge request)
Other (82 changes)
- Adjust NullifyOrphanRunnerIdOnCiBuilds batch parameters (merge request)
- Remove duplicate releases from projects (merge request)
- Pass formats explicitly when rendering .html format by @edith007 (merge request)
- Complete environments
GETAPI docs by @tuxtimo (merge request) - Add statistics seats card (merge request) GitLab Enterprise Edition
- Remove
maxlengthlimit from the project description textarea (merge request) - Add support for relating epics (merge request) GitLab Enterprise Edition
- Revert changes about moving methods to base class (merge request) GitLab Enterprise Edition
- Add list related epic links API documentation (merge request)
- Remove restrict_special_characters_in_project_path feature flag (merge request)
- Update import manifest alert (merge request)
- Update gcp signup offer to alert partial (merge request)
- Update runner edit alert to use partial (merge request)
- Fix GraphQL/FieldMethod offense (Part 1/2) by @KevSlashNull (merge request)
- Remove dependency list usage data from Redis (merge request) GitLab Enterprise Edition
- Remove corpus management feature flags (merge request) GitLab Enterprise Edition
- Fix artifacts with wrong expire_at date (merge request)
- Update data in batches while deleting a user (merge request) GitLab Enterprise Edition
- Document performance implication of the feature flags (merge request)
- Remove real-time feature flags (merge request)
- Move reactive cache methods to base class (merge request) GitLab Enterprise Edition
- This enables the pipeline_schedules_with_tags feature flag (merge request)
- Remove the invite members modal feature flag (merge request) GitLab Enterprise Edition
- Remove feature flag
project_owners_list_project_pending_deletion(merge request) GitLab Enterprise Edition - Update Web IDE copy (merge request)
- Add dispensable_render methods (merge request)
- Remove ci_pipeline_merge_request_presence_check feature flag (merge request)
- Remove default_merge_ref_for_diffs feature fflag (merge request)
- Remove rearrange_pipeline_table feature flag (merge request)
- Add RelatedEpicsLinks::DestroyService (merge request) GitLab Enterprise Edition
- Ignore requirements_management_test_reports.requirement_id column (merge request) GitLab Enterprise Edition
- Add nullify job for orphan runner_id columns of ci_builds (merge request)
- Rerun ConvertStringifiedRawMetadataHashToJson inline (merge request)
- Update GlAlert in security dashboard table (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Remove context_commits feature flag (merge request)
- Remove deprecated package application setting (merge request)
- Remove feature flag for bulk inserting job tags (merge request)
- Cleanup back-filling CI queuing tables migration (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Remove snippets_binary_blob FF (merge request)
- Remove usage_data_i_snippets_show FF (merge request)
- Implement Gitlab mirror scheduling tracker (merge request)
- Add certificate_based_clusters FF to Service Ping (merge request)
- danger: Use changelog rule from gitlab-dangerfiles (merge request)
- Resolve Rails/LinkToBlank rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Resolve Rails/IndexBy rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove feature flag
group_merge_request_approval_settings_feature_flag(merge request) GitLab Enterprise Edition - Move shared code for related epic links (merge request) GitLab Enterprise Edition
- Remove the
container_expiration_policies_historic_entryfeature flag (merge request) - Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
- Support load timings for non-Chromium browsers by @davebarr (merge request)
- Resolve Rails/ShortI18n rubocop offenses by @edith007 (merge request)
- Migrate projects create from template page to GlTabs (merge request)
- Memoize group secret variables on the variables builder (merge request)
- Resolve Performance/Sum rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Resolve Performance/DeleteSuffix rubocop offenses by @edith007 (merge request)
- Remove feature flag for Group Projects API Plan Preloading (merge request) GitLab Enterprise Edition
- Show an IPv6 sample in placeholder text (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedArguments offense (Part 6/6) by @KevSlashNull (merge request)
- Add advanced_search metrics to the dictionary (merge request) GitLab Enterprise Edition
- Rename usage column in storage projects-list (merge request) GitLab Enterprise Edition
- Set worker resource boundary for ImportRequirementsCsvWorker by @edith007 (merge request) GitLab Enterprise Edition
- Clean up roadmap_settings feature flag (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 4/4) by @KevSlashNull (merge request)
- Fix GraphQL/OrderedArguments offense (Part 5/6) by @KevSlashNull (merge request)
- Simplify container repository delete tags services by @edith007 (merge request)
- Make labels sort dropdown pajamas compliant (merge request)
- Fix Style/OpenStructUse offenses in auth provider specs by @edith007 (merge request)
- Remove the generic_packages feature flag (merge request)
- Remove delegate as it's redundant due to SimpleDelegator by @edith007 (merge request)
- Remove unneeded override in Ci::PipelinePresenter by @edith007 (merge request)
- Clean up issue_boards_filtered_search feature flag (merge request)
- Add table for storing issue tsvector (merge request)
14.8.6 (2022-04-29)
Security (14 changes)
- Update Import/Export merge/push access levels & exclude ci config path (merge request)
- Prevent maintainers from editing PipelineSchedule (merge request)
- Add validation to pypi file sha256 values (merge request)
- Conan Token uses PAT rather than ID in payload (merge request)
- [security] Fix markdown API disclosing issue titles of limited projects (merge request)
- Verify that mentioned user can read TODO's note (merge request)
- Invalidate markdown cache to clear up stored XSS (merge request)
- Allow rate limiting of deploy tokens (merge request)
- Add suffix to cache name to add isolation (merge request)
- Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
- Sanitize error input to prevent HTML/CSS injection in messages (merge request)
- Secure debug trace artifact download (merge request)
- Use password type for all secret integration properties (merge request)
- Limit CI job group_name regexp (merge request)
14.8.5 (2022-03-31)
Security (21 changes)
- Update to commonmarker 0.23.4 (merge request)
- Revert merge request approval groups behavior (merge request)
- Disallow login if password matches a fixed list (merge request)
- Update devise-two-factor to 4.0.2 (merge request)
- Limit the number of tags associated with a CI runner (merge request)
- GitLab Pages Security Updates for 14.9 (merge request)
- Upgrade swagger-ui dependency (merge request)
- Modify release link format check to avoid regex if string is too long (merge request)
- Masks variables in error messages (merge request)
- Escape user provided string to prevent XSS (merge request)
- Monkey patch of RDoc to prevent Ruby segfault (merge request)
- Project import maps members' created_by_id users based on source user ID (merge request)
- Redact InvalidURIError error messages (merge request)
- Fix access for approval rules API (merge request)
- Fix kroki exploit (merge request)
- Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
- Escape original content in reference redactor (merge request)
- Security fix for CI/CD analytics visibility (merge request)
- Latest commit exposed through fork of a private project (merge request)
- Fix Asana integration restricted branch filter (merge request)
- Revert "JH need more complex passwords" (merge request)
14.8.4 (2022-03-16)
Added (1 change)
Fixed (1 change)
Changed (1 change)
14.8.3 (2022-03-14)
Fixed (3 changes)
- Fix rake task to setup the Geo tracking database (merge request) GitLab Enterprise Edition
- Fix handling of resource iteration events when deleting a User (merge request) GitLab Enterprise Edition
- Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
Changed (1 change)
14.8.2 (2022-02-25)
Security (8 changes)
- Limit commands_changes to certain keys (merge request)
- Add runners_token prefix to Group and Project (merge request)
- Anonymous user can enumerate all users through GraphQL endpoint (merge request)
- Check for unsafe characters in email addresses before sending (merge request)
- Warn when snippet contains unretrievable files (merge request)
- Prevent DOS when rendering math markdown (merge request)
- Check permission when creating members through service (merge request)
- Reset password field on page load (merge request)
14.8.1 (2022-02-23)
Fixed (3 changes)
- Allow assigning users with private profiles with quick-actions (merge request)
- Stop backup files from requiring directories to exist when skipped (merge request)
- Fix toolbar buttons in Markdown field (merge request)
14.8.0 (2022-02-21)
Added (134 changes)
- Add fields to PipelineSecurityReportFindingType (merge request) GitLab Enterprise Edition
- Add overage confirmation modal (merge request) GitLab Enterprise Edition
- Add custom tags to the Datadog integration by @AdrianLC (merge request)
- Save sort on querystring for vulnerability report (merge request) GitLab Enterprise Edition
- Pipeline and other fixes to community contribution (merge request)
- Allow broadcast messages to be targeted to the current user's role (merge request)
- Provide FF to project edit action (merge request) GitLab Enterprise Edition
- Stream audit events using audit event JSON (merge request) GitLab Enterprise Edition
- Add CI minutes usage charts to group usage quotas (merge request) GitLab Enterprise Edition
- Defaulted roadmap_settings to true (merge request)
- GraphQL: Expose token_expires_at property and sorting by @KyleFromKitware (merge request)
- Add scan method to dast site profile (merge request)
- Enable admin runner read-only runner view (merge request)
- Enable corpus management for self-managed installs (merge request) GitLab Enterprise Edition
- Fix(SM: Subscription): Refresh local state (merge request) GitLab Enterprise Edition
- Enable Service Usage data page by default (merge request)
- Exclude pending memberships from billable members count (merge request) GitLab Enterprise Edition
- Make granting of open-source license to public projects configurable (merge request)
- Enable prohibition of hex branch names (merge request)
- Add dependency_proxy_size to GraphQL type (merge request)
- Removed work_items_hierarchy feature flag (merge request)
- Add the ability to ban users in the Admin Area (merge request)
- Add "Delete" group button to the groups dashboard (merge request)
- Registry import enqueuer (merge request)
- Add crm system notes by @leetickett (merge request)
- Extend the GraphQL interface with
securityTrainingUpdatemutation (merge request) GitLab Enterprise Edition - Add alert metric image table and basic model (merge request)
- Add required approvals to Protected Environment settings (merge request) GitLab Enterprise Edition
- Add GEMNASIUM_LIBRARY_SCAN_ENABLED variable (merge request)
- Allow to list project group ancestors on REST API (merge request)
- Upgrade GitLab Pages to 1.54.0 (merge request)
- Add
public_projects_countcounter to topics by @wwwjon (merge request) - Registry import observer worker (merge request)
- Add support for contacts autocompletion (merge request)
- Add the registry migration guard job (merge request)
- Save audit events for start/stop user impersonation to group level (merge request) GitLab Enterprise Edition
- Add ability to download Service Ping payload (merge request)
- Backfill route namespace_id for namespaces (merge request)
- Support position params in issue creation mutation (merge request)
- Add dependency proxy migrate rake task (merge request)
- Add script to track clicks for RF offer (merge request) GitLab Enterprise Edition
- Add owner_valid to Dast::ProfileScheduleType (merge request) GitLab Enterprise Edition
- Add deprecation notice to the Serverless UI (merge request)
- Add Project Access Tokens to credentials inventory (merge request) GitLab Enterprise Edition
- Copy contacts when moving an issue (merge request)
- Request deployment target info from users (merge request)
- Add utility method to add parameters to a URL (merge request)
- Enable invite member modal by default (merge request)
- Add GraphQL API endpoint access from primary to secondary Geo nodes (merge request) GitLab Enterprise Edition
- Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
- Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
- Add simple multi select for when the number of (merge request) GitLab Enterprise Edition
- Cache shared runners enabled check (merge request)
- Implement fair queueing for LFK (merge request)
- Add max_batch_size to batched migrations table (merge request)
- Add setting to not display code diffs in MR review emails by @joe-snyder (merge request)
- Add attention requests to the MR list view (merge request)
- Add version column to the Agent listing page (merge request)
- Add owners array to webhook data (merge request)
- Enable searching for MRs by updated_at (merge request)
- Support "ecdsa-sk" and "ed25519-sk" SSH keys (merge request)
- Promote the trial_registrations_with_reassurance experiment (merge request) GitLab Enterprise Edition
- Record and publish application boot time (merge request)
- Add GraphQL create API for incident timeline events (merge request) GitLab Enterprise Edition
- Populate data for vulnerability_reads from vulnerabilities (merge request)
- Remove deployment_approvals feature flag (merge request) GitLab Enterprise Edition
- Added Qualys IaC Security template by @mbachhav (merge request)
- CI/CD analytics: Add metric tiles (merge request) GitLab Enterprise Edition
- Show KAS version on admin dashboard (merge request)
- Add validation to check if branches are valid for security policy (merge request) GitLab Enterprise Edition
- Add Container Registry migration notification APIs (merge request)
- Allow group maintainers to list provisioned users for a group (merge request) GitLab Enterprise Edition
- Upgrade GitLab Pages to 1.53.0 (merge request)
- Enable Configure with a MR button for Container Scanning (merge request) GitLab Enterprise Edition
- Enable json_limited_encoder ff by default (merge request)
- Add Blob#symlink? boolean method (merge request)
- Feat(SM: Subscription History): add future subscr (merge request) GitLab Enterprise Edition
- Remove extract_mr_diff_commit_deletions FF (merge request)
- Add enabling container-scanning for project with GraphQL (merge request) GitLab Enterprise Edition
- Add median to CI/CD lead time chart (merge request) GitLab Enterprise Edition
- Feat(SM: Subscription Activation): size + text GitLab Enterprise Edition
- Bump GitLab pages to 1.52.0 (merge request)
- Feat(SM: Subscription Activation): size + text (merge request) GitLab Enterprise Edition
- Remove
vue_epics_listand legacy code (merge request) GitLab Enterprise Edition - Add triggers to sync vulnerability_reads (merge request)
- Add ability to search for an escalation policy by name (merge request) GitLab Enterprise Edition
- Expose language field in GraphQL blob type (merge request)
- Adds mergeRequestInteraction to GraphQL MemberInterface type (merge request)
- Ask for feedback on the Agent listing page (merge request)
- Re-remove foreign keys on GitLab.com (merge request)
- Add Planning Hierarchy page (merge request)
- Enable Gitlab Shell rate limit by default (merge request)
- Enable bulk job tags insertion by default (merge request)
- GraphQL: Add jobs field to CiRunner (merge request)
- Add a GraphQL resolvers to get pipeline counts by scope (merge request)
- Pass custom slots from HelpPopover to GlPopover (merge request)
- Enable project owners to list their projects pending deletion by default (merge request) GitLab Enterprise Edition
- Hide ancestor groups in group invites (merge request)
- Track api usage of the jetbrains plugin (merge request)
- Indicate locked users in Admin Area users list (merge request)
- Add metric tile component (merge request)
- Support iteration search by cadence title (merge request) GitLab Enterprise Edition
- Add badge for invited user (merge request)
- Remove import_redis_increment_by feature flag (merge request)
- Submit ServicePing generation errors to Version app (merge request)
- Add mutation for updating user preferences (merge request)
- Add Graphql mutation to update timeline event (merge request) GitLab Enterprise Edition
- Log project export timings (merge request)
- Re-enable sanboxed mermaid FF with a fix (merge request)
- Redirect in-app trial users to the feature (merge request) GitLab Enterprise Edition
- Add more issue due_date filters to API by @leetickett (merge request)
- Add support for the gitlab container registry API (merge request)
- CI Runners: Support sorting by token_expires_at by @KyleFromKitware (merge request)
- Restrict JWT requests when importing repositories (merge request)
- Show deprecation notification in pipeline page (merge request)
- Allow project owners to list & restore their projects pending deletion (merge request) GitLab Enterprise Edition
- Allow merge requests to be sorted by title (merge request)
- Add everage to CI/CD deployment chart (merge request) GitLab Enterprise Edition
- Add improved readme content for all new projects (merge request)
- Adds dependency_proxy_size to namespace statistics (merge request)
- GraphQL: Add projects property to CiRunner type (merge request)
- Add identifier to VSA summary metrics (merge request)
- GraphQL: Add groups property to Runner type (merge request)
- Add verification header for streamed events (merge request)
- Hide issue contacts and quick actions by @leetickett (merge request)
- Update templates for repository size RF CTA (merge request) GitLab Enterprise Edition
- Adds dependency_proxy_size to root storage stats (merge request)
- CI Runners: Add token expiration field by @KyleFromKitware (merge request)
- Add state/province selector to trials (merge request) GitLab Enterprise Edition
- Add audit logging for runner registration (merge request) GitLab Enterprise Edition
- Support default templates for issues/MRs via .gitlab/ folders by @davebarr (merge request)
- Allow querying recent boards in a group or project (merge request)
- Add url_text column to issuable metric images (merge request)
- Add migration for backfilling project namespaces (merge request)
Fixed (168 changes)
- Allow specifying project name on importing an exported GitLab project by @zhzhang93 (merge request)
- Clean up wrong max_seats_used batch two (merge request)
- Fix Date::Error exception when viewing audit logs for an invalid date (merge request) GitLab Enterprise Edition
- Revert "Merge branch 'if-personal_project_owners' into 'master'" (merge request)
- Fix unit display for VSA charts (merge request) GitLab Enterprise Edition
- Added merge policy for design collection (merge request)
- Fix merge request tabs background leakage (merge request)
- Fix position when creating issue in issue boards (merge request)
- Delete issue contacts if project root changed by @leetickett (merge request)
- Revert user already exists to members API (merge request)
- Avoid exceptions from un-symbolizable job names (merge request)
- Block external fork mirrors (merge request)
- Allow testing of disabled hooks (merge request)
- Fix duplicate draft help text (merge request)
- Stop browser from caching learn gitlab (merge request) GitLab Enterprise Edition
- Add ref param to project level ci/lint by @thadc23 (merge request)
- Apply PJs styling to Pages DNS badge (merge request)
- Fix missing discussion_id in GitHub imports (merge request)
- Allows invite modal to re-invite single users (merge request)
- Add encoding for url params for board filtered search by @sstern (merge request)
- Handle Gitaly error on fetching total-branches for pipeline editor (merge request)
- Fix typo in Pull mirror verification (merge request) GitLab Enterprise Edition
- Allow to toggle requirements_access_level on REST API (merge request) GitLab Enterprise Edition
- Allow GC to run if deduplication service runs into an error (merge request)
- Render submit button only once in Pages settings (merge request)
- Update GitHub PRs Importer to force update repository (merge request)
- Use strong parameters for CompareController (merge request)
- Fix default sort for tags page (merge request)
- Update namespace statistics when project is destroyed (merge request)
- Don't rebase when the branch protected from force push (merge request)
- fix: Reintroduce top-level SAST_ANALYZER_IMAGE_TAG for SCS (merge request)
- Fix typo in Gitlab::Changelog::Release (merge request)
- Merge branch... (merge request)
- Fix corpus delete by updating corpus fetch (merge request) GitLab Enterprise Edition
- Return an error for an invalid ref_name (merge request)
- Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
- Fix layout issues for project tokens in credentials inventory (merge request) GitLab Enterprise Edition
- Use StrongParameters for ExtractsRef (merge request)
- Remove label hover state css override in right sidebars (merge request)
- Change minutes field to shared_runners_duration (merge request) GitLab Enterprise Edition
- Don't record the exception when the repostory already exists (merge request)
- Allow sorting epics by created & updated dates (merge request) GitLab Enterprise Edition
- Use StrongParameters for ProjectsController (merge request)
- Reject reply by email to notification if the from email is not verified (merge request)
- Fix Typo in Protected Tags Settings by @Taucher2003 (merge request)
- Roadmap - Fix today indicator alignment (merge request) GitLab Enterprise Edition
- MacOS remove horizontal scroll in left navigation by @OmerFarukMerey (merge request) GitLab Enterprise Edition
- Remove secondary variant from agent modal cancel button (merge request)
- Add width and alt tag to image in trial flow second step (merge request)
- Fix provisioned_users API endpoint with full_path (merge request) GitLab Enterprise Edition
- Verify project id in API (merge request)
- Fix NoMethodError for calling modified_paths on nil pipeline (merge request)
- Introduce concept of parse errors for quick actions (merge request)
- Test the logical path rather than the real path (merge request)
- Fix merge requests page dark mode (merge request)
- Remove container-image: from location on the Dependency List (merge request) GitLab Enterprise Edition
- Remove dangling running entries from ci running builds table (merge request)
- Reject MIME parts with unsupported encoding (merge request)
- Drop legacy finished at in Deployment (merge request)
- Use strong_parameters for RefsController (merge request)
- Check for group confidential access in EpicsFinder (merge request) GitLab Enterprise Edition
- Allow searching of users using less than 3 chars (merge request)
- Fix label links in MR system notes (merge request)
- Epic boards - Hide toggled off Open column (merge request)
- Fix for rate lmiting test errrors (merge request) GitLab Enterprise Edition
- Catch GitLab::HTTP:ERRORS while streaming auditevents (merge request) GitLab Enterprise Edition
- Fix missing upvote/downvote counts on Epics list (merge request) GitLab Enterprise Edition
- Roadmap - Fix bar width for week layout (merge request) GitLab Enterprise Edition
- Improve dashboard projects blank state code (merge request)
- Fix how busy is displayed in group/project members list (merge request)
- Fix NoMethodError for RefsController (merge request)
- Merge stable Jobs/Deploy.gitlab-ci.yml into latest (merge request)
- Create specific CE display_public_email? user helper (merge request)
- REST: Fix scope of GET /projects/:id/runners endpoint (merge request)
- Validate that reference exists for atom format (merge request)
- Fix reverse tabnabbing vulnerability with improper URL protocol (merge request)
- Allow mergeability check when merge_status is already checking (merge request)
- Validate sort parameter for branches page and branches API (merge request)
- Fix deep linking into settings panels (merge request)
- Deduplicate findings by comparing the UUIDs (merge request) GitLab Enterprise Edition
- Fix Popen not always returning error code (merge request)
- REST: Follow shared runners setting (merge request)
- Fix spacing issue in the packages version details (merge request)
- REST: Fix scope of /groups/:id/runners?type endpoint (merge request)
- Add darkmode variant for black-normal color (merge request)
- Enable Zip64 support (merge request)
- Fix arrow that was overlapping button in Admin -> Users by @orozot (merge request)
- Fix search term case sensitivity for transfer namespace (merge request)
- Show underscores in branch name in merge request by @brcampbell1 (merge request)
- Fix editor browser modal when creating new MR (merge request)
- Fix NoMethodError when commit is missing (merge request)
- Fix incorrect render in JUnit merge UI with null or blank name value (merge request)
- Add id to user of ZentaoSerializers by @icbd GitLab Enterprise Edition
- Remove invalid groups from sharing in invite group modal
- Add id to user of ZentaoSerializers by @icbd (merge request) GitLab Enterprise Edition
- Remove invalid groups from sharing in invite group modal (merge request)
- Revert "Merge branch 'revert-b59c6630' into 'master'" (merge request)
- Geo: Mark object stored files verified (merge request) GitLab Enterprise Edition
- Fix exception when epic has no author (merge request)
- Use finding signatures in deduplication logic (merge request) GitLab Enterprise Edition
- Use strong parameters for CommitsController (merge request)
- Don't return 500 error for tags in atom format (merge request)
- Use strong_parameters for ForksController#index (merge request)
- Fix NoMethodError for empty changelog (merge request)
- Fix typo in RepositoryController#cleanup (merge request)
- Restrict pagination per_page possible values (merge request)
- Fix input parameter validation for tags controller (merge request)
- Fix NoMethodError for UnfoldPresenter (merge request)
- Deprecate and replace MR with approval rules metric (merge request) GitLab Enterprise Edition
- Sign out before redirecting to login page (merge request)
- Restore the lost success event handler for hiding the verification modal (merge request) GitLab Enterprise Edition
- Dedup Ci::RunnerProjects (merge request)
- Allow searching of users using less than 3 chars (merge request)
- Allow all users within a group to view all compliance frameworks (merge request) GitLab Enterprise Edition
- Sort vulnerability identifiers on ingestion to prevent Deadlock errors (merge request) GitLab Enterprise Edition
- Refactor issue move to not require group_id param (merge request)
- Pass URI to elasticsearch client instead of string (merge request) GitLab Enterprise Edition
- Add rouge-ruby Comment.Doc style support by @zsgsdesign (merge request)
- Fix long label overflow in the sidebar by @smortex (merge request)
- Fix hidden notifications dropdown on smaller screens (merge request)
- Change epic list payload variable to uppercase by @orozot (merge request) GitLab Enterprise Edition
- Change trials_link_url name to callouts_trials_link_url by @orozot (merge request) GitLab Enterprise Edition
- Only call the resolved service if we resolve all the active notes (merge request)
- Gracefully handle unexpected severities in code quality report (merge request)
- Ensure mergeability check runs on specific cases (merge request)
- Re-align "Register" and "Cancel" buttons in Agent installation modal (merge request)
- Geo: Fix verification failures of remote stored files (merge request) GitLab Enterprise Edition
- Update project export job status upon failure (merge request)
- GitLab Version - CE Admin Dashboard (merge request)
- Ensure git url validation is always performed (merge request)
- Bump default auto-deploy-image to 2.18.1 (merge request)
- Set class name for the proxy ingestion tasks (merge request) GitLab Enterprise Edition
- Show issuable reference title in milestone description by @wwwjon (merge request)
- Prevent Group API N+1 loading group plans (merge request) GitLab Enterprise Edition
- Fix issue sticky header doesn't align left in fluid layout (merge request)
- Enable ci_order_subsequent_jobs_by_stage by default (merge request)
- Exempt bot users for groups from license seat usage by @fh1ch (merge request) GitLab Enterprise Edition
- Fix incorrect max_seats_used values (merge request)
- Fix the primary button on KAS installation modal (merge request)
- Fix typo in message (merge request)
- Fix broken references when previewing SP payload (merge request)
- Use Bitbucket repo description over project description when importing by @nicosullivan (merge request)
- Guard create issue button in boards against submitting spaces by @sstern (merge request)
- Replace offsetTop with getBoundingClientRect for roadmap_setting panel by @orozot (merge request)
- Fix import/export not checking upload result (merge request)
- Update
resolved_on_default_branchattribute in batches (merge request) GitLab Enterprise Edition - Add missing Git authentication support for group level bot build tokens by @fh1ch (merge request)
- Update
Project.updated_atif other timestamps change by @wwwjon (merge request) - Remove project loads for dast profiles policy checks (merge request) GitLab Enterprise Edition
- Do not require credit card validation when it is present (merge request) GitLab Enterprise Edition
- Fix CI instance variable cache misses (merge request)
- Fix cluster integration HTTP adapter (merge request)
- Clear childrenEpic state when changing roadmap sort order by @espadav8 (merge request) GitLab Enterprise Edition
- Prevent compliance pipelines from overwriting child pipelines (merge request) GitLab Enterprise Edition
- Fix selection summary not showing on vulnerability report (merge request) GitLab Enterprise Edition
- Fix runner count when tabs are used (merge request)
- fix: Fix incorrect il8n referenece for Vulnerability Dismissal (merge request) GitLab Enterprise Edition
- Allow strings and nested arrays of strings for before/after script by @guillaume.chauvel (merge request)
- Extract MergeRequestDiffCommit deletions (merge request)
- Reject MIME parts with unsupported encoding (merge request)
- Add user's preferred language to cache key of MR title partial (merge request)
- Transition abuse_reports_controller spec by @leetickett (merge request)
- Calculate location fingerprint by signature for findings if available (merge request) GitLab Enterprise Edition
- Extend Google Cloud Storage max transfer timeout to 60 minutes (merge request)
- Add spacing for pipeline editor alert close button (merge request)
- Fix check for valid custom pages domains by @mlegner (merge request)
- Add missing tooltip and aria-label for commit description toggle by @nicosullivan (merge request)
- Users who can read project can read bot names (merge request)
Changed (216 changes)
- Use GlAvatar in env dashboard project header (merge request) GitLab Enterprise Edition
- Remove legacy license compliance approval_status (merge request) GitLab Enterprise Edition
- Allow setting feature flag for a single namespace (merge request)
- No-coverage lines more prominent than covered lines by @MMSandal (merge request)
- Global Search - Optimize SearchContext (merge request)
- Geo: Job Artifacts replication using SSF (merge request)
- Update to Puma 5.6.2 (merge request)
- Handle invalid URL for DAST Site Profile (merge request)
- Use
system-errif no failure/error message was given in JUnit output by @jdyl (merge request) - Use pagination for vulnerability report (merge request) GitLab Enterprise Edition
- Handle invalid URL for DAST Site Profile (merge request)
- Handle invalid URL for DAST Site Profile (merge request)
- Updated the docs to include new agent information (merge request)
- Fixed constant wording for clearer understanding (merge request) GitLab Enterprise Edition
- Remove feature flag for the container registry Google CDN feature (merge request)
- Add jobs template for Dependency Scanning and License Scanning (merge request)
- Replicate integrations indices for type_new (merge request)
- Add missing translations (merge request) GitLab Enterprise Edition
- Replace the bitbucket import modal with a GlModal (merge request)
- Update status icons for requirements (merge request) GitLab Enterprise Edition
- Bump cluster management project template for 14.8 (merge request)
- Remove dast_sharded_cloned_ci_builds feature flag (merge request) GitLab Enterprise Edition
- Switch to GlTabs for markdown header component (merge request)
- Link by commit and name for pipeline (merge request)
- Add approvers when editing scan result policies (merge request) GitLab Enterprise Edition
- Move findings deletion into a worker (merge request) GitLab Enterprise Edition
- Replace window.confirm with GlModa in deployment actions (merge request)
- Modify upload license error language (merge request) GitLab Enterprise Edition
- Make integrations type_new trigger null-safe (merge request)
- Default on :cluster_vulnerabilities feature flag (merge request)
- Improve UI message for unfinished pipelines (merge request)
- Drop temporary index on vulnerability_occurrences (merge request)
- Change file input on upload license page to a dropzone (merge request) GitLab Enterprise Edition
- Allow offline cloud license upload (merge request) GitLab Enterprise Edition
- Improve UI text of group settings page (merge request)
- Edit UI text to comply with standards (merge request)
- Show default value in squash and merge commit template textareas by @trakos (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Update KAS to v14.8.1 (merge request)
- Put feature flag for reading from finding_evidence (merge request) GitLab Enterprise Edition
- Remove the border from the signub box on the trial registration page (merge request) GitLab Enterprise Edition
- Upgrade CI images to Debian bullseye (merge request)
- Update confirmation button variant and label (merge request)
- Limit on-demand scans tabs counts (merge request) GitLab Enterprise Edition
- Bump Gitlab Shell version to 13.23.2 (merge request)
- Geo Sites - Filter by Search (merge request) GitLab Enterprise Edition
- Add feature flag toggle for elastic migration worker (merge request) GitLab Enterprise Edition
- Add a memory report link in the Performance Bar (merge request)
- Add vue js fork confirmation modal (merge request)
- Jira create branch: Alert when lacking permissions (merge request)
- Replace window.confirm with GlModa in pipeline manual actions (merge request)
- Exclude guests being billable for ultimate trials (merge request) GitLab Enterprise Edition
- Add message for user count overage (merge request) GitLab Enterprise Edition
- Refactor NamespaceStatistics into CE (merge request)
- Remove limited class from global_alert (merge request)
- Changed the deployment target option (merge request)
- Remove
ci_skip_require_credit_card_for_addon_ci_minutesfeature flag (merge request) - Make rate limiting of /users/:id configurable (merge request)
- Use better colors for activity calendar in darkmode (merge request)
- Convert timestamps to utc in license usage export (merge request) GitLab Enterprise Edition
- Update copy for API Security in DAST (merge request)
- Exclude pending_destruction packages when creating one (merge request)
- Set danger variant and label to leave group (merge request)
- Clean up Create Branch from Jira form (merge request)
- Improve retry tooltip for failed pipeline (merge request)
- Deprecate custom geo:db:* rake tasks in favor of built-in tasks (merge request) GitLab Enterprise Edition
- Make squash/rebase failed messages better (merge request)
- Enable storage purchase via GitLab by default (merge request)
- Remove early_prepare_for_mergeability feature flag (merge request)
- Add tooltip to project variables in CI/CD settings (merge request)
- feat: Bump major security-code-scan sast version for 15.0 (merge request)
- Add link to group pipeline usage quota (merge request)
- Update auto-build-image to v1.5.0 (merge request)
- Update Go to version 1.17.6, workhorse (merge request)
- Simplify CI_DEPLOY_FREEZE conditions in Auto DevOps (merge request)
- Replace window.confirm with GlModal for noteable notes delete and edit (merge request)
- Add severity level to compliance violations table (merge request)
- Move VSA metrics to shared analytics (merge request) GitLab Enterprise Edition
- Remove redundant index_epic_issues_on_epic_id (merge request)
- Remove vue_integration_form feature flag (merge request)
- Remove enable_ci_variable_caching feature flag (merge request)
- Improve the project deletion UI text (merge request)
- Improve copy on Slack app delete project modal (merge request) GitLab Enterprise Edition
- Improve delete webhook modal copy (merge request)
- Change protected branches selector internals (merge request) GitLab Enterprise Edition
- Alias wip* methods to -> draft* (merge request)
- Remove new_route_ci_minutes_purchase feature flag (merge request)
- Remove WIP support from commits (merge request)
- Add tooltips for pipeline icons (merge request)
- Hide
None&Anytoken wildcards (merge request) GitLab Enterprise Edition - Give immediate feedback when awarding an issuable by @KevSlashNull (merge request)
- Remove WIP support from Merge Requests (merge request)
- Undo filter milestones dropdown in boards by state by @sstern (merge request)
- Fix Kubernetes Agent label capitalization (merge request)
- Add quickSuggestions to Pipeline Editor (merge request)
- Update bitbucket logo (merge request)
- Update Atlassian logo (merge request)
- Update Twitter logo (merge request)
- Update Facebook logo (merge request)
- Remove github_importer_use_diff_note_with_suggestions feature flag (merge request)
- Error on delete tag when importing repository (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Enable jobs tab vue by default (merge request)
- Update Auth0 logo (merge request)
- Hide user cap alert if viewing pending members (merge request) GitLab Enterprise Edition
- Geo Sites - Filter By Status (merge request) GitLab Enterprise Edition
- Add indeterminate state to select all checkbox on vulnerability report (merge request) GitLab Enterprise Edition
- Update to ruby-magic v0.5.4 (merge request)
- Add combined registration to trial registration flow (merge request)
- Update rubyzip gem to v2.3.2 (merge request)
- Don't notify Sentry about PreReceiveErrors (merge request)
- Show disabled CI action icon when unauthorized (merge request)
- Enable the pipelines table redesign by default (merge request)
- Change settings copy (merge request)
- Edit UI text of project permissions (merge request)
- Add instrumentation class to by-stage-secure metrics (merge request) GitLab Enterprise Edition
- Return pretty error validation messages for Security Policy (merge request) GitLab Enterprise Edition
- Hide search bar when registry is empty by @KevSlashNull (merge request)
- Bump Gitlab Shell version (merge request)
- Update styling of date range indicator (merge request)
- Show error message for permissions (merge request)
- Show error message for permissions
- Change contact details for support (merge request)
- Skip redundant checks for runners already scoped to a project (merge request)
- Swap FK ci_pipelines to projects for LFK (merge request)
- Reorganize Kubernetes clusters action button menu (merge request)
- feat(badge): Migrate diff LFS badge to glbadge (merge request)
- Enable linear roots in UpdateAllMirrorsWorker (merge request) GitLab Enterprise Edition
- Default enable issue_boards_filtered_search by @sstern (merge request)
- Add confirmation modal for merge (merge request)
- Update navigation badge to pajamas styling (merge request)
- Allow developers to read Kubernetes clusters (merge request)
- Enable
security_report_ingestion_frameworkFF by default (merge request) GitLab Enterprise Edition - Add text for all branches (merge request) GitLab Enterprise Edition
- Swap FK ci_pipeline_schedules to projects for LFK (merge request)
- Content for hand raise leads (merge request) GitLab Enterprise Edition
- Improve UI text for style compliance (merge request)
- Swap FK ci_builds to projects for LFK (merge request)
- Packages list sort by Published and store pref (merge request)
- Remove projects that are marked for deletion from UI (merge request)
- Swap FK ci_sources_projects to projects for LFK (merge request)
- Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
- Add alert after Slack application is installed (merge request) GitLab Enterprise Edition
- Swap FK ci_runner_projects to projects for LFK (merge request)
- Swap FK ci_job_artifacts to projects for LFK (merge request)
- Update UI for MR pipeline rename (merge request)
- Swap FK vulnerability_feedback to ci_pipelines for LFK (merge request)
- Only fetch namespaces if search value changes (merge request)
- Add error code to project export command status log (merge request)
- Swap FK dast_site_profiles_pipelines to ci_pipelines for LFK (merge request)
- Add compatibility alert to Jira Connect App (merge request)
- Swap FK ci_subscriptions_projects to projects for LFK (merge request)
- Replace window.confirm with GlModal for noteable discussions (merge request)
- Replace window.confirm with GlModal for board setting sidebar (merge request)
- Swap FK ci_project_monthly_usages to projects for LFK (merge request)
- Add IDE preview success metrics (merge request)
- Swap FK ci_stages to projects for LFK (merge request)
- Improve UI text for style compliance (merge request) GitLab Enterprise Edition
- Replace window.confirm with GlModal for repository index (merge request)
- Hide subs expiration banner before eligible (merge request) GitLab Enterprise Edition
- Remove export_reduce_relation_batch_size feature flag (merge request)
- Update runner registration token reset modal (merge request)
- Swap FK ci_pipelines to merge_requests for LFK (merge request)
- Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
- Add Cluster Image Scanning to AutoDevOps (merge request)
- Update iteration dropdowns in sidebars/board list (merge request) GitLab Enterprise Edition
- Add unit test for trials_link_url by @orozot (merge request) GitLab Enterprise Edition
- Refactor hello_deferred path to jh_else_ce by @orozot (merge request)
- Extract callout content trails link to variable by @orozot (merge request) GitLab Enterprise Edition
- Boards - Fix top elements alignment (merge request)
- Swap FK ci_refs to projects for LFK (merge request)
- Swap FK ci_sources_pipelines to projects for LFK (merge request)
- Hide user avatar for blocked and unconfirmed users (merge request)
- Swap FK ci_builds_metadata to projects for LFK (merge request)
- Improve OmniAuth sign in description by @scootergrisen (merge request)
- Swap FK ci_variables to projects for LFK (merge request)
- Swap FK ci_subscriptions_projects to projects for LFK (merge request)
- Swap FK ci_triggers to projects for LFK (merge request)
- Swap FK external_pull_requests to projects for LFK (merge request)
- Add Pajamas badge for diverged from upstream (merge request)
- Refactor system notes for alerts and incidents for consistentcy (merge request)
- Improve explanation for Advanced Project settings (merge request)
- Handle path not found without throwing, accept array as path (merge request)
- Add scan result policy into policy editor (merge request) GitLab Enterprise Edition
- Use gl-badge for web IDE activity bar (merge request)
- Geo Sites - NA Verification Help (merge request) GitLab Enterprise Edition
- Disable sync for offline cloud licenses (merge request) GitLab Enterprise Edition
- Geo Sites - Update replication button (merge request) GitLab Enterprise Edition
- Geo Forms - Fix Buttons (merge request) GitLab Enterprise Edition
- VSA metrics: Only render decimal places for floats (merge request)
- Swap FK vulnerability_statistics to ci_pipelines for LFK (merge request)
- Remove instructions to install Agent if KAS is not set up (merge request)
- Update iteration changed notification format (merge request) GitLab Enterprise Edition
- Lowercased runner because it's referring to agent (merge request)
- Keep branch when going to Pipeline Editor through nav (merge request)
- Swap FK vulnerability_occurrence_pipelines to ci_pipelines for LFK (merge request)
- Swap FK dast_profiles_pipelines to ci_pipelines for LFK (merge request)
- Limit the length of generated anchor URL for markdown headers (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Handle members who are existing hierarchy members (merge request) GitLab Enterprise Edition
- Fix empty line to contain two values (merge request) GitLab Enterprise Edition
- Swap FK merge_trains to ci_pipelines for LFK (merge request)
- Add Pajamas complient "whats new" badge (merge request)
- Swap FK ci_triggers to users for LFK (merge request)
- Extract container registry page common component by @orozot (merge request)
- Update secret detection template to be more robust (merge request)
- Remove feature flag for auto-linking LFS objects in forks (merge request)
- Enable ci_skip_require_credit_card_for_addon_ci_minutes by default (merge request)
- Loosen rule to detect cyclical pipelines (merge request)
- Swap FK merge_requests to ci_pipelines for LFK (merge request)
- Swap FK ci_sources_pipelines to projects for LFK (merge request)
- Remove summary from Finding Evidence (merge request)
- Geo UI - Rename Nodes to Sites (merge request) GitLab Enterprise Edition
- Remove FF custom_preloader_for_deployments (merge request)
- Update group#shared_externally to include projects (merge request) GitLab Enterprise Edition
- Improve the labels on Kubernetes Agent UI (merge request)
Deprecated (12 changes)
- Add warning for deprecation notice on logs page (merge request)
- feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)
- Require
auto-deploy use_kube_contextto be present (merge request) - Change merged_by deprecation to breaking change (merge request)
- Deprecate /groups/:id/runners?type=project_type (merge request)
- REST API: Deprecate active/paused values in status filters (merge request)
- GraphQL: Deprecate active field in RunnerUpdateInput (merge request)
- REST API: Deprecate ‘active’ property for Runners (merge request)
- GraphQL: Deprecate active field for RunnerType (merge request)
- GraphQL: Deprecate active filter for Runners resolver (merge request)
- Deprecate Runner API maintainer_note (merge request)
- Deprecate Gitlab Shell's self_signed_cert setting (merge request)
Removed (21 changes)
- Remove deprecated CanMutateSpammable (merge request)
- Remove unused partial remove_approver (merge request)
- git: Stop calling Gitaly's Cleanup RPC (merge request)
- Remove the billing in side nav experiment (merge request) GitLab Enterprise Edition
- Remove unique index (merge request)
- rake/info: Stop reporting Git version (merge request)
- system_check: Remove Git version check (merge request)
- system_check: Remove Git configuration check (merge request)
- Remove unused WIP regex (merge request)
- Remove the loose_foreign_key_cleanup FF (merge request)
- Remove feature flag (merge request)
- Remove security_finding_build_disable_joins feature flag (merge request)
- Remove vulnerability_history feature flag (merge request)
- Remove instance_security_dashboard feature flag (merge request)
- Remove all code related to Gitlab::RequestProfile (merge request)
- Remove duplicate data_category: entry (merge request)
- Remove paid feature callout badge (merge request)
- Disable sandboxed_mermaid feature flag (merge request)
- Remove incident labeled metric (merge request)
- Drop
positioncolumn fromsecurity_findingstable (merge request) - Remove username suggestion for trial registration (merge request) GitLab Enterprise Edition
Security (8 changes)
- Upgrade to Rails v6.1.4.6 (merge request)
- Fixes typo on pipeline model
- Add Gitlab::BufferedIo with header read timeout (merge request)
- Ignore spoofable Reply-To address in Service Desk (merge request)
- Enable Secure attribute for frontend cookies (merge request)
- Block recursive webhooks (merge request)
- Sanitize link markup for vulnerability chat messages (merge request) GitLab Enterprise Edition
- Adding a conditional to prevent an unauthorized route (merge request)
Performance (17 changes)
- Refactor building project secret variables (merge request)
- Enable branches API rate limit cache (merge request)
- Enable caching on tags API (merge request)
- Enable JSON limited encoder (merge request)
- Enable repository API rate limit cache (merge request)
- Enable caching on merge requests API (merge request)
- Enable Grape/Gitlab::Json hook (merge request)
- Add partial index for active Cluster Image Scanning vulnerabilities (merge request)
- Reduce Redis calls for instance level variables (merge request)
- Optimize User#ci_owned_runners query (merge request)
- Add compound index for
vulnerabilitiestable onproject_idandid(merge request) - Cache CI expire_in parsing (merge request)
- Speed up project exports by moving the archive to the cache dir (merge request)
- Fix cross join query for Ci::Runner#projects (merge request)
- Remove ci_preload_runner_tags feature flag (merge request)
- Optimize decryption of CI variables (merge request)
- Improve Sidekiq jobs that use DB load balancing (merge request)
Other (66 changes)
- Revert "Merge branch 'role-targeted-broadcast' into 'master'" (merge request)
- Add foreign key to ci_builds runner_id (merge request)
- Fix Style/OpenStructUse offenses for import service and spec helpers by @edith007 (merge request)
- Remove new_route_storage_purchase feature flag (merge request)
- Fix Style/OpenStructUse offenses in project cluster_controller_spec by @edith007 (merge request)
- Fix Style/OpenStructUse offenses in project clusters_spec by @edith007 (merge request)
- Fix Style/OpenStructUse offenses in group cluster controller specs by @edith007 (merge request)
- Backfill CI queuing tables (merge request)
- Mentioned breaking change label in contribution guide (merge request)
- Migration for deleting service template records by @lenikadali (merge request)
- Make starrers sort dropdown Pajamas-compliant (merge request)
- Remove track_application_boot_time FF (merge request)
- Add statistics card component with tests (merge request) GitLab Enterprise Edition
- Moving gitlab_loose_foreign_key to config/ directory by @edith007 (merge request)
- Remove Geo proxying metrics feature flag (merge request) GitLab Enterprise Edition
- Update comment for ActiveModel::Serializers::JSON in presenter by @edith007 (merge request)
- Truncate before vulnerability link index creation (merge request)
- Remove the FF ci_find_runners_by_ci_mirrors (merge request)
- Remove ::Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
- Remove Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
- Add documentation links to Merge Request settings page (merge request)
- Remove FF ci_order_subsequent_jobs_by_stage (merge request)
- Remove the
packages_installable_package_filesfeature flag (merge request) - Update badge in accessibility issue body (merge request)
- Unify image pin style for diffs/design management (merge request)
- Cleanup after variables builder (merge request)
- Update external authorization docs (merge request)
- Cleanup PopulateTestReportsIssueId background migration jobs (merge request)
- Set type of Web IDE commit button to submit by @tchandelle (merge request)
- Remove redundant index on clusters_kubernetes_namespaces (merge request)
- Fix Rails/SaveBang offenses by @edith007
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Finalize backfilling ci mirror tables (merge request)
- Delete tributejs for autocomplete (merge request)
- Remove feature flags for configuring object store files deletion (merge request)
- Fixes OpenStruct use in design_management specs by @mehulsharma (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Remove FF ci_namespace_project_mirrors (merge request)
- Remove ci_runner_projects_disable_joins feature flag (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Update seat_usage references (merge request) GitLab Enterprise Edition
- Add World.prepend_mod to allow JH override by @chaomao (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Fix OpenStruct use in metadata_extraction_service by @mehulsharma (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Remove feature flag
ff_external_audit_events_namespaceby @davebarr (merge request) GitLab Enterprise Edition - Add gl-pr-3 to top_nav_menu_item to account for chevron (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove ci_decompose_for_namespace_monthly_usage_query feature flag (merge request)
- Fix RSpec/TimecopFreeze offenses (Part 1/2) by @KevSlashNull (merge request)
- Fix display of times in access and deploy token table by @edith007 (merge request)
- Fix GraphQL/OrderedArguments offense (Part 4/6) by @KevSlashNull (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 1/4) by @KevSlashNull (merge request)
- Update missing branch widget text to include branch name (merge request)
- Revert frontend API rate limits change (merge request)
- Separate deployments creation from pipeline job creation (merge request)
- Move the merge train helper icon to near the merge button (merge request)
- Reschedule migration for self-managed (merge request) GitLab Enterprise Edition
- Remove unnecessary index on cluster_agent_tokens (merge request)
- Remove
net-ssh,ed25519, andbcrypt_pbkdfgems from dependencies (merge request) - Update GitLab Runner Helm Chart to 0.37.1 (merge request)
- Update GitLab Runner Helm Chart to 0.37.0 (merge request)
- Use
ssh_datagem instead ofnet-sshandsshkeywhere possible (merge request) - Remove feature flag already default enabled (merge request) GitLab Enterprise Edition
14.7.7 (2022-03-31)
Security (21 changes)
- Update to commonmarker 0.23.4 (merge request)
- Revert merge request approval groups behavior (merge request)
- Disallow login if password matches a fixed list (merge request)
- Update devise-two-factor to 4.0.2 (merge request)
- Limit the number of tags associated with a CI runner (merge request)
- GitLab Pages Security Updates for 14.9 (merge request)
- Upgrade swagger-ui dependency (merge request)
- Modify release link format check to avoid regex if string is too long (merge request)
- Masks variables in error messages (merge request)
- Escape user provided string to prevent XSS (merge request)
- Monkey patch of RDoc to prevent Ruby segfault (merge request)
- Project import maps members' created_by_id users based on source user ID (merge request)
- Redact InvalidURIError error messages (merge request)
- Fix access for approval rules API (merge request)
- Fix kroki exploit (merge request)
- Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
- Escape original content in reference redactor (merge request)
- Security fix for CI/CD analytics visibility (merge request)
- Latest commit exposed through fork of a private project (merge request)
- Fix Asana integration restricted branch filter (merge request)
- Revert "JH need more complex passwords" (merge request)
14.7.6 (2022-03-24)
Added (1 change)
Changed (2 changes)
- Enable feature flags to resume artifact removal on self-managed (merge request)
- Remove runners token prefix feature flags (merge request)
14.7.5 (2022-03-09)
Fixed (1 change)
Other (1 change)
14.7.4 (2022-02-25)
Security (8 changes)
- Limit commands_changes to certain keys (merge request)
- Add runners_token prefix to Group and Project (merge request)
- Anonymous user can enumerate all users through GraphQL endpoint (merge request)
- Check for unsafe characters in email addresses before sending (merge request)
- Warn when snippet contains unretrievable files (merge request)
- Prevent DOS when rendering math markdown (merge request)
- Check permission when creating members through service (merge request)
- Reset password field on page load (merge request)
14.7.3 (2022-02-15)
Fixed (2 changes)
- Update GitHub PRs Importer to force update repository (merge request)
- Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
Changed (1 change)
14.7.2 (2022-02-08)
Added (1 change)
Fixed (4 changes)
- Geo: Fix reverify object stored files (merge request) GitLab Enterprise Edition
- Geo: Fix verification failures of remote stored files (merge request) GitLab Enterprise Edition
- GitLab Version - CE Admin Dashboard [RUN ALL RSPEC] [RUN AS-IF-FOSS] (merge request)
- Fix cluster integration HTTP adapter (merge request)
Changed (1 change)
Removed (1 change)
14.7.1 (2022-02-03)
Security
See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/
14.7.0 (2022-01-21)
Added (84 changes)
- Add verification before namespace creation (merge request)
- Add GraphQL mutation to destroy timeline events (merge request) GitLab Enterprise Edition
- ApplicationSetting: Add runner_token_expiration_interval field by @KyleFromKitware (merge request)
- Rate limit Gitlab Shell operations (merge request)
- Add
Deletebutton to label edit view (merge request) - Enable autocomplete on cadence iteration create/edit pages by @espadav8 (merge request) GitLab Enterprise Edition
- Extend GraphQL API interface with
securityTrainingProvidersfield (merge request) GitLab Enterprise Edition - Hierarchy page to show work items (merge request)
- Add group level access token UI by @fh1ch (merge request)
- Remove ci_archived_build_trace_checksum feature flag (merge request)
- Add scan result policies into the policy (merge request) GitLab Enterprise Edition
- Enable logging when recursive webhook detected (merge request)
- Enable sandboxed_mermaid feature flag (merge request)
- Feat(SM Subscription History): trim table size (merge request) GitLab Enterprise Edition
- Add subsidized cost factor for Open Source plan (merge request) GitLab Enterprise Edition
- Remove expired agent activity events as new events are created (merge request)
- Add docs for pages domain rate-limits (merge request)
- Add a temporary index for Member.state (merge request)
- Adding Secure Files data model and file uploader (merge request)
- Expose internal_url setting for Geo secondaries (merge request) GitLab Enterprise Edition
- Add the
draftargument to GraphQL MergeRequestsResolver (merge request) - Send a rejection email if incoming emails are too large (merge request)
- Clean up escalations after changing incident proj (merge request) GitLab Enterprise Edition
- Support default templates for issues/MRs via .gitlab/ folders by @davebarr (merge request)
- Add link to the self-managed trial flow from SaaS trial signup (merge request) GitLab Enterprise Edition
- feat: Bump Code-Quality image to 0.85.26 (merge request)
- Allow issue contacts from parent groups by @leetickett (merge request)
- Allow to wrap inline code in other marks (merge request)
- Registration features info for ip restriction (merge request) GitLab Enterprise Edition
- Add approve button on pending members table (merge request) GitLab Enterprise Edition
- Upgrade GitLab Pages to 1.51.0 (merge request)
- Indicate locked users in Admin Area (merge request)
- Include the project name VSA stage records (merge request) GitLab Enterprise Edition
- Accept maintainer_note in REST runner registration (merge request)
- Enforce unique contact email for group hierarchy by @leetickett (merge request)
- Add maintainer_note field to CI runners table (merge request)
- GitLab Version - Help Dropdown Version (merge request)
- Add support for backing up Packages (merge request)
- Allow to configure log level of Gitlab:Logger (by env variable) by @wwwjon (merge request)
- REST API: add field merge_user to MR response by @trakos (merge request)
- Add index for selecting active agent tokens (merge request)
- Add vulnerabilityFindingDismiss GraphQL mutation (merge request) GitLab Enterprise Edition
- Enable filtering agent tokens by status (merge request)
- Add customer relations group setting by @leetickett (merge request)
- Add namespace_id reference to routes (merge request)
- Add scan result policy into policy list (merge request) GitLab Enterprise Edition
- Add package managers api paths to details type (merge request)
- Adds API feature configuring default mr target (merge request)
- Enable autocomplete features on iteration forms by @espadav8 (merge request) GitLab Enterprise Edition
- Add editAdminUrl to Runner GraphQL API (merge request)
- Expose iteration ordinal number via APIs (merge request) GitLab Enterprise Edition
- Add enable and disable advanced search rake tasks (merge request) GitLab Enterprise Edition
- Allow to hide personalization questions on New Group page by @wwwjon (merge request)
- Registration features info for sending emails (merge request) GitLab Enterprise Edition
- Add Group Access Token API endpoints by @fh1ch (merge request)
- GraphQL: Add count property to RunnerType’s connection (merge request)
- Add GraphQL mutation to revoke an agent token (merge request)
- Schedule recalculating UUID for all
Vulnerabilities::Findingrecords (merge request) - Add migration to enqueue background worker (merge request)
- Add createdAt to Runner GraphQL API (merge request)
- Add search and sorting to tags (merge request)
- Update gitlab-omniauth-openid-connect gem to support ECSDA keys (merge request)
- Remove dependency proxy feature flag (merge request)
- Upgrade GitLab Pages to 1.50.0 (merge request)
- Add HTTP status to LFS push client error messages (merge request)
- Add group crm settings by @leetickett (merge request)
- Add co_authored_by to merge commit templates by @trakos (merge request)
- Allow filtering epics by author_username and not[author_username] by @espadav8 (merge request) GitLab Enterprise Edition
- Add
ref_pathto PipelineType by @genctys (merge request) - Allow LDAP failover by @sathieu (merge request)
- Add Backup and Restore tasks for Terraform States (merge request)
- Handle syncing alert escalation status to incident (merge request)
- Added possibility to remove agent from UI (merge request)
- Add "Scan library" tab (merge request) GitLab Enterprise Edition
- Enable github_importer_use_diff_note_with_suggestions by default (merge request)
- Rename projects set for delayed deletion (merge request)
- Add unique userid count for Geo proxied requests (merge request) GitLab Enterprise Edition
- Add rate limiting for user email lookup (merge request)
- Export Project LFS Objects as part of GitLab Migration (merge request)
- Add GraphQL query to retrieve timeline events (merge request) GitLab Enterprise Edition
- Limit Sidekiq push_bulk to a maximum of 1000 jobs in one go by default (merge request)
- Add revoked status to cluster agent tokens (merge request)
- Allow passing in an epic parent_id when updating epics by @espadav8 (merge request) GitLab Enterprise Edition
- Add database.flavor to usage data (merge request)
Fixed (98 changes)
- Fix copying/pasting images in the Content Editor (merge request)
- Fix security dashboard showing wrong count for more than 100 projects (merge request) GitLab Enterprise Edition
- Fix default emaildomain when creating RAT users by @cruelsmith (merge request)
- Show blocked status label in deployments view (merge request) GitLab Enterprise Edition
- Dependency proxy settings are built on access (merge request)
- Allow git protocol to be used for repository imports (merge request)
- Show "Issues" menu when Jira issues is enabled (merge request) GitLab Enterprise Edition
- Order child epics in roadmap by configured sort order by @espadav8 (merge request) GitLab Enterprise Edition
- Fix disabled style for mirror settings field (merge request)
- Destroy trace chunks and data when deleting pipelines (merge request)
- Fix authorized_groups to include sub groups as well by @wwwjon (merge request)
- Fix margin for submit button with captcha (merge request)
- Migrate Epics tabs to Vue (merge request) GitLab Enterprise Edition
- Fix N+1 issue when associating DAST profiles and CI Builds (merge request) GitLab Enterprise Edition
- Geo: Fix undefined separate_verification_state_table? (merge request) GitLab Enterprise Edition
- Error Tracking: Fix collecting errors for golang by @bastianccm (merge request)
- Notify admins 15 days prior to license expiration (merge request) GitLab Enterprise Edition
- Fix auditor user able to bulk select vulns on vulnerability report (merge request) GitLab Enterprise Edition
- Fix autoscroll to comments on issues (merge request)
- Strip + reference format from HTML links (merge request)
- Allow developers to fork into group (merge request)
- Use normal font weight and border for 'Subscribe' buttons by @KevSlashNull (merge request)
- Improve visibility radio option text on new project page (merge request)
- Fix schema registration in the pipeline editor (merge request)
- Boards - Fix weight assigned to wrong card (merge request) GitLab Enterprise Edition
- Remove unnecessary CSS in VSA (merge request)
- Fix shift after VSA path load (merge request)
- Fix Incident sidebar on issue boards (merge request)
- Always autofill group slug (merge request)
- Update excon to v0.90.0 (merge request)
- Format issue list counts (merge request)
- Ignore multiple
when syntax highlighting(merge request) - Waive credit card validation if project has paid CI/CD minutes (merge request) GitLab Enterprise Edition
- Fix toggle code block button in Content Editor (merge request)
- Use the same email validation for User and Email (merge request)
- Expose new monthIso8601 GraphQL option to fix CI minutes usage sorting by @davebarr (merge request)
- Improve ReadTotalTimeout to start with reading (merge request)
- Update excon gem to v0.89.0 (merge request)
- Fix infinite loop in Content Editor codeblocks (merge request)
- Only show owners & admins CI minutes purchase notifications (merge request) GitLab Enterprise Edition
- Restric access to crm to reporter+ by @leetickett (merge request)
- Fix destruction of projects with pipelines (merge request)
- Fix invalid raw_metadata being persisted (merge request)
- Disable copy-code button for mermaid diagrams (merge request)
- Return 401 when using invalid tokens in oauth/token/info (merge request)
- Fix the text on Kubenetes Agent modal (merge request)
- Add patch for WikiCloth Lua vulnerability (merge request)
- Notify admins 15 days prior to license expiration (merge request) GitLab Enterprise Edition
- Fix image comment note submission (merge request)
- Fix last update time for project in group page by @orozot (merge request)
- Fix missing autosave support in Epic create form (merge request) GitLab Enterprise Edition
- Remove menu when is not possible to delete (merge request)
- Correctly pass instance in EDITOR_READY_EVENT (merge request)
- Merge/squash commit templates: avoid breaking Git trailers by @trakos (merge request)
- Prevent design discussions without login (merge request)
- Remove cluster image scanning dropdown item from scanner filter (merge request) GitLab Enterprise Edition
- Fix hook log path for service hooks (merge request)
- Fix pipeline schedule resets to UTC on edit by @JonstonChan (merge request)
- Use correct namespace method (merge request)
- Re-add EachBatch include for failed_verification_timeouts (merge request) GitLab Enterprise Edition
- Fix Sidekiq reporting to Sentry outside of job contexts (merge request)
- Fix sticky filters not working on vulnerability report (merge request) GitLab Enterprise Edition
- Fix Kubernetes Agent Link on Project page (merge request)
- Externalize strings for translation in todos (merge request)
- Update Rails to v6.1.4.4 (merge request)
- Fix input group text border color (merge request)
- Match address of host when checking whether to login (merge request) GitLab Enterprise Edition
- Improve LFS client performance and fix compatibility with Azure DevOps (merge request)
- Do not fail report ingestion if there is an invalid finding (merge request) GitLab Enterprise Edition
- Update acme-client to v2.0.9 (merge request)
- Update rouge gem version (merge request)
- Adjust bottom margin for loose markdown lists (merge request)
- Remove running build entries when calling doom on a build (merge request)
- Fix migration for cases with empty strings (merge request)
- Fix 500 errors when renaming projects with underscores (merge request)
- Geo: adapt verification timed out query to use state table (merge request) GitLab Enterprise Edition
- Allow admins to foce confirm emails (merge request)
- Ignore new line differences when deciding whether to squash MR by @trakos (merge request)
- Fix re-use of extensions between instances (merge request)
- Fix nil actor errors in Sentry API handler (merge request)
- Removes the dismiss button from the pipeline header alert (merge request)
- Call dependency proxy cleanup workers in purge (merge request)
- Add Auth0, JWT, and Shibboleth to list of providers with icons (merge request)
- Fix Prometheus endpoint to return created alerts (merge request)
- Make time track help state top margin consistent (merge request)
- Validate against duplicates in job needs (merge request)
- Fix MergeRequest's MergeUser for non-MWPS merges in GraphQL API by @trakos (merge request)
- Align roadmap quarters to calendar quarters by @espadav8 (merge request) GitLab Enterprise Edition
- checks: Fix revalidation of preexisting commits (merge request)
- Fix project import from remote to import from S3 (merge request)
- Mark vulnerabilities as not resolved on default branch on ingestion (merge request) GitLab Enterprise Edition
- Skip updating vulnerability statistics if there are no new records (merge request) GitLab Enterprise Edition
- Remove legacy pages config updates (merge request)
- Do not check SSO session for git operations originating from CI/CD jobs (merge request) GitLab Enterprise Edition
- MR Documentation suggestions by @lzampier (merge request)
- Drop reindexing leftovers only if exclusive lease is granted (merge request)
- Fix import project from gitlab.com error by @orozot (merge request)
- Fix filename overflowing modal when importing by @KevSlashNull (merge request)
Changed (135 changes)
- Change hashing algorithm in webpack (merge request)
- Swap FK ci_pipeline_artifacts to projects for LFK (merge request)
- Remove permitted_attributes_for_import_export feature flag (merge request)
- Do not add a failed build todo before auto-retry (merge request)
- Redesign new policy form (merge request) GitLab Enterprise Edition
- Labels widget - focus first item on search (merge request)
- Add shared runner tab to group CI/CD analytics (merge request) GitLab Enterprise Edition
- Update sort name from Last updated to Updated date (merge request)
- Warn when mention all users in a group (merge request)
- Check for removed external issues before creation (merge request) GitLab Enterprise Edition
- Replace Member created state with active (merge request)
- Polish Slack application edit page UI (merge request) GitLab Enterprise Edition
- Enable feature flag bulk_expire_project_artifacts (merge request)
- Make pipeline badges Pajamas-complient (merge request)
- Format email code blocks and code blocks in emails by @smokris (merge request)
- Geo Sites - Icon Actions (merge request) GitLab Enterprise Edition
- Geo - Rename routes from Nodes to Sites (merge request) GitLab Enterprise Edition
- Cleanup after AddPrimaryEmailToEmailsIfUserConfirmed (merge request)
- Change default shallow clone depth to 20 (merge request)
- Update webhook badges to pajamas (merge request)
- Update button text to expand all files (merge request)
- Ignnore Finding Evidence summary column (merge request) GitLab Enterprise Edition
- Add LFK ci_daily_build_group_report_results to projects (merge request)
- Enable by default the feature flag to track Geo proxy events (merge request) GitLab Enterprise Edition
- Update on-demand scans breadcrumbs (merge request) GitLab Enterprise Edition
- Change pipeline page layout to fluid (merge request)
- Default to fluid layout for the pipeline editor (merge request)
- Skip failed builds (merge request) GitLab Enterprise Edition
- Redirect to on-demand scan form after editing a DAST profile (merge request) GitLab Enterprise Edition
- Conditionally disable group user cap enablement (merge request) GitLab Enterprise Edition
- Use normalized license data in csv export (merge request) GitLab Enterprise Edition
- Enable vue-router in package registry (merge request)
- Replace window.confirm with GlModal for registration token reset (merge request)
- Enable
packages_installable_package_files by default (merge request)
- Labels widget - focus first item on search (merge request)
- Increase exclusive lease timeout (merge request) GitLab Enterprise Edition
- Add offline, stale count to runner admins section (merge request)
- Enable trial onboarding flow for other sources (merge request) GitLab Enterprise Edition
- Add member_namespace_id to members table (merge request)
- Convert trial lead creation form to Vue (merge request) GitLab Enterprise Edition
- Update approval settings to toast on success (merge request) GitLab Enterprise Edition
- Format total count of runners in tabs by locale (merge request)
- Updated Group/Project home panel ID copy-on-click by @stingrayza (merge request)
- Update MR head pipeline when pipeline event is published (merge request)
- Removes FK for ci_pipeline_schedules to users (merge request)
- Removes FK for ci_job_token_project_scope_links to users (merge request)
- Swap FK ci_build_report_results to projects for LFK (merge request)
- Swap FK ci_resource_groups to projects for LFK (merge request)
- Swap FK ci_freeze_periods to projects for LFK (merge request)
- Add LFK ci_unit_tests to projects on project_id (merge request)
- Enable new rich text/source toggle in self-managed (merge request)
- Nullify project_namespace_id reference (merge request)
- Geo Nodes Form - Object Storage Beta Badge (merge request) GitLab Enterprise Edition
- Update total count of runners for each type (merge request)
- Clean up add GitLab to Slack app (merge request) GitLab Enterprise Edition
- Fix help text for checkboxes on integrations form (merge request)
- Encrypt static_object_token_encrypted field via background migration (merge request)
- Migrate enable Gitpod confirmation modal to
GlModal (merge request)
- Allow skipping CI when rebasing in UI by @KevSlashNull (merge request)
- Update Nokogiri to v1.12.5 (merge request)
- Use badges for branches/tags in commit page (merge request)
- Update DAST On-demand scan template (merge request) GitLab Enterprise Edition
- Update secret-detection git log command (merge request)
- Add validation for new_user_signups_cap enabling (merge request) GitLab Enterprise Edition
- Update upload a license file docs (merge request) GitLab Enterprise Edition
- Reposition and restyle integration reset button (merge request)
- Add merge trains copy to ff merge (merge request)
- Remove carat from dropdown button (merge request)
- Convert OAuth2 authorization panel to GitLab UI utility classes (merge request)
- Translate settings string in user preferences (merge request)
- Replaced browser confirm modal with GlModal for lock button (merge request) GitLab Enterprise Edition
- Enable linear versions in GroupDescendantsFinder (merge request)
- Create Deployments in Separate Transaction (merge request)
- Improve UI text of external authentication (merge request)
- Update search badges to pajamas (merge request)
- Switch from confirm to default (merge request)
- Improve UI text of group webhooks page (merge request)
- Refactor admin labels to use shared HAML partial (merge request)
- Update flash alerts of Admin Runner UI (merge request)
- Sort followed users events by id desc (merge request)
- GitLab Version - Update Version Status Indicator (merge request)
- Prevent raising validation errors for SyncDashboardsWorker (merge request)
- Update snippet search badge to use pajamas (merge request)
- Improve outbound requests settings UI text (merge request)
- Remove Geo pages verification feature flag (merge request) GitLab Enterprise Edition
- Geo: Verify LFS objects (merge request) GitLab Enterprise Edition
- Add support for user_id, group_id and group_path (merge request) GitLab Enterprise Edition
- Remove
log_import_export_relation_creation feature flag (merge request)
- Remove feature flag optimize_merge_request_parser (merge request)
- Update look and feel of runner heading (merge request)
- Move the Runner edit page to an
/edit path (merge request)
- User linear version UserGroupNotificationSettingsFinder#execute (merge request)
- Refactored sidebar jobs details container badge (merge request)
- Remove deployments_archive feature flag (merge request)
- Update Coverage-Fuzzing yml and use last package file in corpus (merge request) GitLab Enterprise Edition
- Make strings in user preferences translatable (merge request)
- Deprecate plaintext field static_objects_external_storage_auth_token (merge request)
- Add createAlert as alternative to createFlash (merge request)
- Increase icon size for categories in emoji picker (merge request)
- Update acts-as-taggable-on gem version (merge request)
- Refactored Badges on environment items (merge request)
- Update nuget version regex (merge request)
- Remove commit templates variable placeholders from settings by @trakos (merge request)
- Externalize strings for translation on dashboard (merge request)
- Make strings in top nav translatable (merge request) GitLab Enterprise Edition
- Fail remote mirror if LFS sync fails (merge request)
- Update Azure storage Gem dependencies (merge request)
- Add Pajamas-complient badge for runners (merge request)
- Translate labels in user main settings (merge request)
- Allow hidden pacakge files to be downloaded (merge request)
- Externalize strings for translation user's chat settings (merge request)
- Use "never contacted" wording in runner's frontend (merge request)
- Rename routes for project services (merge request)
- Update button variant and category (merge request)
- Alter phone constraint bigger by @memorycancel (merge request)
- Set feature flag lfs_auto_link_fork_source to true by default (merge request)
- Registration Flow - Don't pre-select role by @tarunvelli (merge request)
- Remove find_tag_via_gitaly feature flag (merge request)
- Adjusts Member awaiting scope to be distinct (merge request) GitLab Enterprise Edition
- Add fail flag to pipeline trigger examples (merge request)
- Release Geo: Treat missing blobs as sync failed (merge request) GitLab Enterprise Edition
- Delete events in batches when project is destroyed (merge request)
- Add limitation warning for permission export (merge request) GitLab Enterprise Edition
- Change texts about credit card verification (merge request) GitLab Enterprise Edition
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Restyle "hints" on appearance settings by @KevSlashNull (merge request)
- Do not show participants invisible to the user (merge request)
- Use connects_to to connect to the Geo tracking DB (merge request) GitLab Enterprise Edition
- Add CI_JOB_JWT_V2 with iss and aud format changes (merge request)
- Migrate the visibility change confirmation to vue (merge request)
- Drop jira_use_first_ref_by_oid feature flag (merge request)
- Update button variant to confirm (merge request)
- Remove OAuth paths from protected paths rate limit (merge request)
- Add vulnerability_states for scan_result_policies (merge request) GitLab Enterprise Edition
- Add toggle method to control use_minimum_char_limit by @orozot (merge request)
Removed (13 changes)
- Remove feedback link in discover security point (merge request) GitLab Enterprise Edition
- Revert "Merge branch 'rajat/work-hierarchy' into 'master'" (merge request)
- Remove cached_mr_widget feature flag (merge request)
- Remove automatic addition of incident label (merge request)
- Delete paginatable_namespace_drop_down_for_project_creation FF (merge request)
- Remove redis MultiStore implementation (merge request)
- Remove "Saved scans" tab from DAST configuration (merge request) GitLab Enterprise Edition
- Remove EXMOD experiment documentation (merge request)
- Remove delete_branch_confirmation_modals feature flag (merge request)
- Remove problematic query from obselete open environment in diff feature (merge request)
- Remove LooseIndexScanDistinctCount class (merge request)
- Delete vue_issuables_list feature flag (merge request)
- Remove vulnerability_location_image_filter feature flag (merge request)
Security (4 changes)
- Upgrade mermaid js library (merge request)
- Rate limit /users/sign_up (merge request)
- Rate limit update username action (merge request)
- Enforce rate limit per IP on /users/:username/exists (merge request)
Performance (12 changes)
- Avoid extra Sidekiq jobs for expiring CI etags (merge request)
- Optimize query for issue neighbors (merge request)
- Improve on-demand scans polling performances (merge request) GitLab Enterprise Edition
- Remove ci_decompose_belonging_to_parent_group feature flag (merge request)
- Optimize protected branches/tags matching (merge request)
- Add index for resolving timeouts on environments page (merge request)
- Inline diff line rendering (merge request)
- Utilize C version of CommonMark renderer (merge request)
- Improve epic swimlanes query performance for group board (merge request) GitLab Enterprise Edition
- Fix slow events query for followed users (merge request)
- Read running builds from denormalized table upon assignment (merge request)
- Introduce an optimized labels query on group transfer (merge request)
Other (68 changes)
- Geo: Verify uploads (merge request) GitLab Enterprise Edition
- Add columns in prep of registry import (merge request)
- Remove ci_running_builds FK to projects (merge request)
- Remove
scim_token_vue feature flag (merge request)
- Remove FK security_scans.build_id as we have LFK (merge request)
- Add backfill migrations for ci namespace/project mirrors (merge request)
- Add package file cleanup jobs (merge request)
- Remove ci_store_trace_outside_transaction feature flag (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove FK dast_scanner_profiles_builds.ci_build_id as we have LFK (merge request)
- Remove FK requirements_management_test_reports.build_id as we have LFK (merge request)
- Remove FK dast_site_profiles_builds.ci_build_id as we have LFK (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 3/4) by @KevSlashNull (merge request)
- Fix GraphQL/ArgumentName offense by @KevSlashNull (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
- Remove alllow database cross join from runner_matchers (merge request)
- Remove opt_in_sidekiq_status feature flag (merge request)
- chore: Mark previous Recalculation background migrations as succeeded (merge request)
- Limit subscription page container to 990px (merge request) GitLab Enterprise Edition
- Improve SSH key format validation (merge request)
- Remove
admin_deploy_keys_vue feature flag (merge request)
- Remove
hide_access_tokens feature flag (merge request)
- Remove show.html.erb as Rails 5 now supports nonce-based CSP headers by @edith007 (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Remove ci_pending_builds FK to projects (merge request)
- Truncate ci_namespace_mirrors and ci_project_mirrors (merge request)
- Remove feature flag multiple_gpg_signatures (merge request)
- Backfill TestReports issue_id column (merge request)
- Fix Style/OpenStructUse offenses for users and package specs by @edith007 (merge request)
- Fix Style/OpenStructUse offense for Gitlab::Database::Migrations::Runner by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Pass formats explicitly when rendering .html file by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Pass formats explicitly when rendering kerberos error by @edith007 (merge request) GitLab Enterprise Edition
- Fix Style/OpenStructUse offenses in gitlab_controller_spec by @edith007 (merge request)
- Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
- Adjust license upload page style (merge request) GitLab Enterprise Edition
- Pass formats explicitly when rendering html by @edith007 (merge request)
- Remove index_merge_requests_on_title index from merge_requests table by @edith007 (merge request)
- Improve 'Add an SSH key' page (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove "show_relevant_approval_rule_approvers" feature flag (merge request)
- Cleanup pipeline logger feature flags (merge request)
- Remove the dast_view_scans feature flag (merge request) GitLab Enterprise Edition
- Refactor all the specs to use
:integration rather than :service by @edith007 (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove foreign key constraint ci_runner_namespaces.namespace_id (merge request)
- Remove foreign key ci_daily_build_group_report_results.group_id (merge request)
- Deprecate agent token deletion mutation (merge request)
- Use an enum for agent token statuses (merge request)
- Remove foreign key ci_pending_builds.namespace_id (merge request)
- Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
- Raise custom errors when backup creation fails (merge request)
- Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
- Use design system badges for project domains (merge request)
- Add package file status attribute (merge request)
- Remove foreign key ci_minutes_additional_packs.namespace_id (merge request)
- Remove foreign key ci_group_variables.group_id as we have loose fK (merge request)
- Remove feature flag
ff_limit_ssh_key_lifetime (merge request)
- Cleanup after DropInvalidSecurityFindings migration (merge request)
- Remove foreign key project_pages_metadata.ci_job_artifacts (merge request)
- Update GitLab Runner Helm Chart to 0.36.0 (merge request)
- Fix GraphQL/OrderedArguments offense (Part 3/6) by @KevSlashNull (merge request)
- Pass formats explicitly when rendering .html format by @edith007 (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
14.6.7 (2022-03-31)
Changed (1 change)
14.6.6 (2022-03-01)
Fixed (3 changes)
- Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
- Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
- Resolve "Imports fail in 14.5.2 fail with HTTParty::UnsupportedURIScheme error" (merge request)
14.6.5 (2022-02-25)
Security (8 changes)
- Limit commands_changes to certain keys (merge request)
- Add runners_token prefix to Group and Project (merge request)
- Anonymous user can enumerate all users through GraphQL endpoint (merge request)
- Check for unsafe characters in email addresses before sending (merge request)
- Warn when snippet contains unretrievable files (merge request)
- Prevent DOS when rendering math markdown (merge request)
- Check permission when creating members through service (merge request)
- Reset password field on page load (merge request)
14.6.4 (2022-02-03)
Security
See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/
14.6.3 (2022-01-18)
Fixed (4 changes)
- Fix destruction of projects with pipelines (merge request)
- Geo: Resolve "undefined method each_batch" (merge request) GitLab Enterprise Edition
- Fix migration for cases with empty strings (merge request)
- Geo: adapt verification timed out query to use state table (merge request) GitLab Enterprise Edition
14.6.2 (2022-01-10)
No changes.
14.6.1 (2022-01-04)
Fixed (2 changes)
- Ignore new line differences when deciding whether to squash MR (merge request)
- Fix re-use of extensions between instances (merge request)
14.6.0 (2021-12-21)
Added (76 changes)
- Create table to store merge request compliance violations (merge request)
- Upgrade GitLab Pages to 1.49.0 (merge request)
- Add create crm organization component by @leetickett (merge request)
- Registration features info for setting repo size (merge request) GitLab Enterprise Edition
- Log structured message when LFS object is auto-linked from parent (merge request)
- Enable display_outdated_line_diff by default (merge request)
- Default enable webauthn feature flag by @kingjan1999 (merge request)
- Update return type for previousStageJobsOrNeeds (merge request)
- Add support for Rel-License microformat (merge request)
- Add error alerts and badge for webhooks (merge request)
- Add alert for rate limited webhooks (merge request)
- Expose iid in pipelines api (merge request)
- Implement separate status for bulk imports (merge request)
- Include parent_iid and parent link in epic responses by @espadav8 (merge request) GitLab Enterprise Edition
- Add
ClusterImageScanningType to VulnerabilitiesResolver (merge request) GitLab Enterprise Edition
- Add ability to retry scans from on-demand scans list (merge request) GitLab Enterprise Edition
- Add ability to cancel on-demand scans (merge request) GitLab Enterprise Edition
- Add Geo proxied/local events service ping (merge request) GitLab Enterprise Edition
- Allow use of
when and rules (merge request)
- Add Workhorse metrics for secondary proxy requests (merge request) GitLab Enterprise Edition
- Delete project events before the project (merge request)
- Capture job executor value in ci_runners table (merge request)
- Add markdown support for Vulnerability Description (merge request) GitLab Enterprise Edition
- ADd deprecation warning for group import/export (merge request)
- Add sticky header to group migration table (merge request)
- Add a total number of jobs run by a runner (merge request)
- GraphQL: Allow filtering runners by active status (merge request)
- Log an activity event when an Agent connects (merge request)
- Added tracking events for the validation errors (merge request)
- Add handling for pending incident escalations (merge request) GitLab Enterprise Edition
- Add future_subscriptions column (merge request)
- Create data model for Deployment Approvals (merge request)
- Add event streaming metrics (merge request) GitLab Enterprise Edition
- Enable bulk delete in tags list (merge request)
- Encrypt plaintext static_objects_external_storage_auth_token (merge request)
- Enable SSH key lifetime settings by default (merge request) GitLab Enterprise Edition
- Adds graphql markdown field for Vulnerability Description (merge request) GitLab Enterprise Edition
- Add first_commit and first_multiline_commit to commit template by @trakos (merge request)
- Add the "Scheduled" tab to the on-demand scans page (merge request) GitLab Enterprise Edition
- Add index snippets on project_id and title (merge request)
- Put vuln finding link ingest behind feature flag (merge request)
- Add stale runners filters and badge (merge request)
- Add feature to limit the lifetime of SSH keys (merge request)
- Add Task work item type to the database (merge request)
- Remove importer usage ping feature flag (merge request)
- Enable FF multiple_gpg_signatures (merge request)
- Fixed sign-in via LDAP when a user cap is set (merge request) GitLab Enterprise Edition
- Support expanded reference formats for URLs (merge request)
- Create vulnerability read model (merge request)
- Execute build hooks on pending status (merge request)
- Include
Last Activity in User Permissions CSV export (merge request) GitLab Enterprise Edition
- Introduce API to transfer groups to a new parent group (merge request)
- Added Snowplow events to the Clusters page (merge request)
- Return job failure reason in API responses by @albertvaka (merge request)
- Add project CI CD tab tracking (merge request)
- Add incident_management_timeline_events table (merge request)
- Set
CS_DEFAULT_BRANCH_IMAGE in Auto DevOps template (merge request)
- Add confidential filter to board list in GraphQL (merge request)
- Add canCurrentUserPushToBranch permission (merge request)
- Use Keyset pagination for Groups API by default (merge request)
- Add GraphQL type and resolver for agent activity events (merge request)
- Create default squash commit message using customizable template by @trakos (merge request)
- Display issue crm contacts in UI by @leetickett (merge request)
- Create a note when replied to the email creating the service desk issue (merge request)
- Update Member entity to expose member state (merge request) GitLab Enterprise Edition
- Remove tag limit feature flag (merge request)
- Migrate remaining U2fRegistrations to WebauthnRegistrations (merge request)
- Create
agent_activity_events table for storing Agent activity (merge request)
- Invite members for tasks (merge request)
- Add issue customer relations contacts quick actions by @leetickett (merge request)
- Allow board issue filtering by iteration cadence ID in GraphQL (merge request) GitLab Enterprise Edition
- Make invite members in quick menu permanent (merge request)
- Partition pruning for the web_hook_logs table (merge request)
- Moved user cap worker logic to User (merge request) GitLab Enterprise Edition
- Validate batched migration jobs (merge request)
- Track created_at on CI minutes records (merge request)
Fixed (93 changes)
- Fix foreign key and index names in
ci_sources_pipelines (merge request)
- Strip leading and trailing whitespace from user's name (merge request)
- Ensure all scanners are translated in alerts (merge request)
- Fixed cache_key ids by @akumar1503 (merge request)
- Fix N+1 problem for system notes metadata association (merge request)
- Fix updating emails for group notifications (merge request)
- Handle nil services error in external pipeline validation (merge request)
- Fix expose status in Runners API (merge request)
- Fix N+1 problem for notes association (merge request)
- Copy auth field objects when serializing values (merge request) GitLab Enterprise Edition
- Update gitlab-markup gem to 1.8.0 (merge request)
- Expose finished_at in job details JSON by @KevSlashNull (merge request)
- Fix OlderDeploymentsDropService drops manual deployments (merge request)
- Unescape and sanitize protected tag name on create and update (merge request)
- Gracefully handle bad dependency scanner input (merge request) GitLab Enterprise Edition
- Fix CI/CD settings available when CI/CD is off by @KevSlashNull (merge request)
- Add new line to code nav popover (merge request)
- Error Tracking: Allow event payload to contain null bytes (merge request)
- Only trigger housekeeping once per push (merge request)
- Link existing LFS objects from parent fork during uploads (merge request)
- Fix SMIME signed email sending, do not overwrite Content-Disposition by @bufferoverflow (merge request)
- GithubImporter: Fallback to LegacyDiffNote when DiffNote fails (merge request)
- Fixed NoMethodError on import from GitHub Enterprise on RFC1918 IP by @colinbarr (merge request)
- Fix issue sidebar keyboard shortcuts (merge request)
- Fix 'Erase job log' button is misleading by @KevSlashNull (merge request)
- Generate human readable message on duplicate dotenv variables (merge request)
- Optimize query for issue neighbors (merge request)
- Fix commit sha being used instead of tag for tagged pipelines (merge request)
- Ensure Jira users and labels have
id attribute (merge request) GitLab Enterprise Edition
- Present pipeline coverage in pipeline API entity as string (merge request)
- Fix user list selection is not in sync with UI by @KevSlashNull (merge request)
- Fix schedule ID is show on schedule edit page by @KevSlashNull (merge request)
- Use additional headers for matching service desk email (merge request)
- Fix vulnerability report tab querystring removed when filters changed (merge request) GitLab Enterprise Edition
- Fix occasional failure when updating labels from sidebar (merge request)
- Fix wrong end date in query for contributions (merge request)
- Copy manual variables when retrying job (merge request)
- Fix some private contributions being hidden on the contribution calendar by @eggerd (merge request)
- Fix permissions for label promotion via API (merge request)
- Fix serverity and alert sidebar edit button style by @orozot (merge request)
- Pass current_user when rendering Markdown in email (merge request)
- Fix infinite loop on saml login of a blocked user (merge request)
- Add ci_status.scss for commit piplines page by @orozot (merge request)
- Fix button variant in maintenance mode settings by @KevSlashNull (merge request)
- Fix epic date changes without user input (merge request)
- Fix cut off focus ring in commit container by @KevSlashNull (merge request)
- Add patch for WikiCloth (merge request)
- Fix pride flag emoji rendering (merge request)
- Fix order in monthly events boundary query (merge request)
- Do not run service discovery for DB load balancing for rake tasks (merge request)
- Ensure current user and variables are updated when playing a job (merge request)
- Allow creating a group access token for a group with SSO enforcement (merge request) GitLab Enterprise Edition
- Fixes pending note avatar size in diff view (merge request)
- Fix link to docs in the "Transfer Group" section by @gizero (merge request)
- Fix Wiki Pipeline network error if wiki does not exist (merge request)
- Fix for hexadecimal branch deletion (merge request)
- Fix column order in jobs tab in the pipelines details page (merge request)
- Fix import from remote object storage documentation (merge request)
- Fix Gitlab Pages deployment wrong if a project has a public folder by @sodepr (merge request)
- Catch YAML errors when parsing security policies (merge request) GitLab Enterprise Edition
- Fix Debian Sources file name by @sathieu (merge request)
- Fix the SSL_CERT_DIR logging on git operations (merge request)
- Fix cross database transaction when blocking users (merge request)
- Support Action Cable on GCP Memorystore (merge request)
- Update dependency proxy copy and help text (merge request)
- Only display user bio for confirmed and active users (merge request)
- Heartbeat runner only for specific job-context requests (merge request)
- Sort months of the CI minutes chart app (merge request) GitLab Enterprise Edition
- Fix broken project creation without import sources (merge request)
- Do not try to auto-complete vulnerabilities if the user is nil (merge request) GitLab Enterprise Edition
- Do not show primary email as secondary email in admin view (merge request) GitLab Enterprise Edition
- Ensure coverage approval rule sync is successful (merge request) GitLab Enterprise Edition
- Fix Sidekiq sleep time for jobs that use replicas (merge request)
- Fix border spacing on multi-line comments (merge request) GitLab Enterprise Edition
- Add retries to github importer on client errors (merge request)
- Update dotNET-Core.gitlab-ci.yml template image by @softis-software (merge request)
- Fix wrong default branch imported with Bitbucket Server (merge request)
- Upgrading ipynbdiff to 0.3.8 (merge request)
- Allow to create issues by email when it contains only quotes (merge request)
- Grant permissions for oauth users based on scopes (merge request)
- Fix security report schema validation logic (merge request) GitLab Enterprise Edition
- Fix docs error in NuGet API by @wwwjon (merge request)
- Allow uploading up to 10 files (merge request)
- Fix issue and MR exports to support NOT filters (merge request)
- Create missing /root/.gnupg dir in Scala.gitlab-ci.yml by @carlosrogue (merge request)
- Don't try to generate url for an finding records (merge request) GitLab Enterprise Edition
- Use gpg --recv-keys instead of curl in Scala.gitlab-ci.yml by @carlosrogue (merge request)
- Error Tracking: Support exceptions from Python's repl (merge request)
- Move VSA stage options to footer (merge request) GitLab Enterprise Edition
- Fix discussions filter not working (merge request)
- Remove deprecated apt-key usage on Scala.gitlab-ci.yml by @carlosrogue (merge request)
- Fix display of times in access and deploy token table by @edith007 (merge request)
- Add emoji aliases for :) and :( (merge request)
Changed (95 changes)
- Use linear version GroupsWithTemplatesFinder#extended_group_search (merge request) GitLab Enterprise Edition
- Add Pajamas badge for pipelines license tab (merge request) GitLab Enterprise Edition
- Add copy issue URL button to vulnerability error message (merge request) GitLab Enterprise Edition
- Make badge in admin/users/_access_levels.html.haml Pajamas compliant (merge request)
- Update badges for ci builds to use helper (merge request)
- Update project runner badges to pajamas (merge request)
- Removes all ci_optimize_project_records_destruction ff (merge request)
- Update user signups cap to allow values greater than licensed user count (merge request) GitLab Enterprise Edition
- Make use of the project data served by Rails (merge request)
- Remove Analytics menu item from unlicensed EE (merge request) GitLab Enterprise Edition
- Geo: Treat missing files as sync failures (merge request) GitLab Enterprise Edition
- Remove FF avoid_cross_joins_environments_in_self_and_descendants (merge request)
- Remove cached_mr_title feature flag (merge request)
- Update cluster badge to pajamas (merge request)
- Hide user avatar for blocked and unconfirmed users (merge request)
- Order jobs returned desc (merge request)
- Enhance the sidebar to use gl-link focus styling (merge request)
- Default improved_container_scan_matching to true (merge request)
- Add Pajamas-complient protected tags badge (merge request)
- Split up yaml and humanized policy previews (merge request) GitLab Enterprise Edition
- Use finding_evidence over raw_metadata (merge request) GitLab Enterprise Edition
- When dependency proxy is disabled remove the menu (merge request)
- Clean up clone_job_variables_at_job_retry (merge request)
- Remove branches_pagination_without_count FF (merge request)
- Enable deployments_archive feature flag by default (merge request)
- Migrate auto-devops setting to GlBadge abstraction (merge request)
- Geo - Use Rails 6 many databases support (merge request) GitLab Enterprise Edition
- Tanuki Emoji: switch fallback emoji to Noto Emoji (merge request)
- Display tag messages with line endings by @KevSlashNull (merge request)
- Migrate badges to be compliant with the Pajamas design system (merge request)
- Merge feature flags related to new CI minutes tracking (merge request) GitLab Enterprise Edition
- Add loose foreign key for Terraform state versions (merge request)
- Remove load_balancing_for_update_all_mirrors_worker FF (merge request)
- Separate CI minutes notification levels between new and legacy (merge request) GitLab Enterprise Edition
- Allow external Spamcheck API key to be blank (merge request)
- Migrate badges in Admin -> Groups -> Show (merge request)
- Migrate badge in Group -> CI/CD -> Auto DevOps (merge request)
- Migrate badge component in the admin -> projects area (merge request)
- Fix: web ide text color in dark theme by @orozot (merge request)
- Make DORA data visible for admins (merge request)
- Improve runner deletion modal (merge request)
- Handle query timeouts better (merge request)
- Add cleanup migration for BackfillUserNamespace (merge request)
- Modify pending member approval endpoint (merge request) GitLab Enterprise Edition
- Use confirm variant for 'New requirement' button by @KevSlashNull (merge request) GitLab Enterprise Edition
- Add title with the file name to file_row component by @ruben.meza (merge request)
- Enable linear version User#membership_groups (merge request)
- UI text updates in new OAuth applications view (merge request)
- Change job duration label to 'Elapsed time' when in progress by @KevSlashNull (merge request)
- Add link for failed pipelines (merge request)
- Pipelines show full job names by @albertvaka (merge request)
- Cleanup unaccessible todos when user leaves public project (merge request)
- Add space between columns in runner table (merge request)
- Fixed an event for focus (merge request)
- Remove feature flag
create_vulnerabilities_via_api (merge request)
- Adapt to size changes when displaying tooltips (merge request)
- Rework markdown footnote processing (merge request)
- Add Helm-chart storage limits to API and UI by @mlegner (merge request)
- Default jira_use_first_ref_by_oid feature flag to true (merge request)
- Remove chevron for menu button (merge request)
- Change icon to review-list (merge request)
- Expose failed import error through API (merge request)
- Remove ci_new_query_for_pending_stuck_jobs feature flag (merge request)
- Enable job trace store outside database transaction by default (merge request)
- Change namespace type default to 'User' (merge request)
- Load only one scan_finding_rule per policy (merge request) GitLab Enterprise Edition
- Add line number and import_type to the import status API (merge request)
- Refine the take-out-of-draft message (merge request)
- Improve copy when no iteration found in sidebar (merge request) GitLab Enterprise Edition
- Update UI message for merge conflicts (merge request)
- Change remediated badge icon from wrench to check-circle-dashed (merge request) GitLab Enterprise Edition
- Do not require startDate when creating a manual iteration cadence (merge request)
- Show disabled fork button for user without enough permissions (merge request)
- Copy variables when retrying job (merge request)
- Relocate online runners count in search bar (merge request)
- Prevent runner list IP and version overflow (merge request)
- Add more merging messages from the community (merge request)
- Remove diff limiting feature flags (merge request)
- Add URL to rejection_message if terms_not_accepted by @jgay (merge request)
- Drop FindingPipelines and Findings in bg migration (merge request)
- Enable preserve_latest_wal_locations_for_idempotent_jobs by default (merge request)
- Enable linear version of
groups_including_descendants_by (merge request)
- Migrate snippets tabs to rails helper (merge request)
- Remove surface_environment_creation_failure feature flag (merge request)
- Improve UI message: creating branch from fork (merge request)
- Add Shimo integration sidebar menu and landing page by @icbd (merge request)
- Enable External MR diff verification by default (merge request) GitLab Enterprise Edition
- Remove support for sticking to old and new keys (merge request)
- Add BaseEdge base class (merge request)
- Split out main, and geo DB out of CI transactions (merge request) GitLab Enterprise Edition
- Migrate button variants (merge request) GitLab Enterprise Edition
- Update gl-modal buttons in user status modal by @yo (merge request)
- Do not select "My company or team" radio box by default (merge request)
- Allow squashing in MRs with single commit by @trakos (merge request)
- Start using v1.x of our IAC analyzer (merge request)
Deprecated (2 changes)
- Ignore position column (merge request) GitLab Enterprise Edition
- Deprecate ApiFuzzingCiConfigurationCreate fields (merge request) GitLab Enterprise Edition
Removed (4 changes)
- Remove
force_company_trial experiment (merge request)
- Remove the configureIacScanningViaMr feature flag (merge request)
- Remove sast_entry_points experiment (merge request)
- Remove reference to lower_relation_max_count_limit (merge request)
Security (5 changes)
- Enable visibility filter on Epics menu pill count (merge request) GitLab Enterprise Edition
- Use Gitlab::Json to serialize sessions (merge request)
- Update Puma to version 5.5.2 (merge request)
- Disallow non-members unlocking project files (merge request) GitLab Enterprise Edition
- Use a more precise Sourcegraph URL in CSP (merge request)
Performance (18 changes)
- Limit the amount of ids loaded when using package build infos (merge request)
- Update dependency proxy API to use cleanup worker (merge request)
- Utilize C version of CommonMark renderer (merge request)
- Add index to projects on marked_for_deletion_at field is null (merge request)
- Only enqueue Jira workers when configured (merge request)
- Add index to improve contribution graph query (merge request)
- Simplify sanitizing emojis from localStorage (merge request)
- Optimize finding environment for BlobController (merge request)
- Improve index for calendar query (merge request)
- Replace Banzai based label rendering in VSA (merge request)
- Bulk insert job tags when creating a CI pipelines (merge request)
- Enable load balancing for update all mirrors by default (merge request)
- Avoid N+1 issue linking DAST profiles and builds (merge request) GitLab Enterprise Edition
- Reduce variables transformations when creating a new pipeline (merge request)
- Replace Ci::Runner with linear scopes (merge request)
- Enable perform FindTag RPC request for a single tag (merge request)
- Use linear version of User#ci_owned_runners (merge request)
- Remove trigram index on notes (merge request)
Other (59 changes)
- Use design system badge in admin project page (merge request)
- Fix GraphQL/OrderedArguments offense (Part 1/6) by @KevSlashNull (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 2/4) by @KevSlashNull (merge request)
- Remove abort_deleted_project_pipelines flag (merge request)
- Remove vulnerability_occurrences_location_temp_index (merge request)
- Snowplow ED first run for data-attributes (merge request) GitLab Enterprise Edition
- Remove additional vulnerability finding links (merge request)
- Merge CI queuing denomalization feature flags into a single one (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
- Delegate Requirement model attributes (merge request) GitLab Enterprise Edition
- Use rails helper to render mark_for_deletion badge (merge request) GitLab Enterprise Edition
- Delete invalid epic_issue records migration (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Make projects storage badge pajamas compliant (merge request)
- Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
- Make milestone page tabs Pajamas-compliant (merge request)
- Implement syncing ci_project_mirrors and ci_namespace_mirrors tables (merge request)
- Convert single tab partial to Pajamas (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove ::VisibleApprovable inclusion as it's duplicate by @edith007 (merge request)
- Pass formats explicitly when rendering .html format by @edith007 (merge request)
- Apply feedback to Snowplow event definitions (merge request) GitLab Enterprise Edition
- Hide search settings component in usage quota page (merge request) GitLab Enterprise Edition
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Merge branch '341849_cleanup_reference_cache_memoization_ff' into 'master' (merge request)
- Cleanup feature flag "reference_cache_memoization" (merge request)
- Prepare projects and namespaces loose foreign keys (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Merge maintain feature flags for new queuing mechanism (merge request)
- Remove decoupling projects-runners feature flags (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Make design note pin compliant with Pajamas (merge request)
- Remove the
validate_namespace_parent_type feature flag (merge request)
- Fill TestReport#issue_id field when creating new objects (merge request) GitLab Enterprise Edition
- Remove ci_predefined_vars_in_builder feature flag (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Make Service Desk Pajamas Design compliant (merge request)
- Improve Blame Page rendering performance by @cyberap (merge request)
- Fix OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
- Update GitLab Runner Helm Chart to 0.35.0 (merge request)
- Improve service desk service settings input tips (merge request)
- Remove PropagateServiceTemplateWorker and queue by @lenikadali (merge request)
- Remove unused CommitsBetween wrapper (merge request)
- Enhance SSO enforcement warning message (merge request) GitLab Enterprise Edition
- Fix offenses introduced by Style/OpenStructUse by @edith007 (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Update Sidekiq to 6.3.1 (merge request)
14.5.4 (2022-02-03)
Security
See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/
14.5.3 (2022-01-11)
No changes.
14.5.2 (2021-12-03)
No changes.
14.5.1 (2021-12-01)
Fixed (4 changes)
- Check validation for license only if new record (merge request) GitLab Enterprise Edition
- Fix for hexadecimal branch deletion (merge request)
- Fix the SSL_CERT_DIR logging on git operations (merge request)
- Support Action Cable on GCP Memorystore (merge request)
14.5.0 (2021-11-19)
Added (113 changes)
- Show warning for markdown structure changes (merge request)
- Implement Pipeline Editor Walkthrough experiment (merge request)
- Add endpoint for activating all pending members (merge request) GitLab Enterprise Edition
- Add Yaml Source Editor Extension (merge request)
- Introduced the Source Editor Instance module (merge request)
- Add total counters in each runner type tab (merge request)
- Add customer relations organizations viewer by @leetickett (merge request)
- Add customer relations contacts viewer by @leetickett (merge request)
- Add endpoint for activating an waiting member (merge request) GitLab Enterprise Edition
- Add keyset pagination for tags API (merge request)
- Enable loose_foreign_key_cleanup FF by default (merge request)
- Allow reporters to see the service desk email address (merge request)
- Upgrade GitLab Pages to 1.48.0 (merge request)
- Implement deep linking for project VSA filters (merge request)
- Feature: Let OmniAuth support DingTalk by @icbd (merge request)
- Add group SAML configuration changes to group audit events (merge request) GitLab Enterprise Edition
- Add migration for backfilling project namespaces (merge request)
- Audit changes to compliance frameworks (merge request) GitLab Enterprise Edition
- Enable dependency_proxy_manifest_workhorse by dflt (merge request)
- Upgrade GitLab Pages to 1.47.0 (merge request)
- Add exists support to includes:rules CI config (merge request)
- Enable configure_iac_scanning_via_mr by default (merge request)
- Allow Minimal Access role for top-level SAML Group Links (merge request) GitLab Enterprise Edition
- Add slash command to promote issue to incident (merge request)
- Add member approval service (merge request) GitLab Enterprise Edition
- Enable linear GroupPlanPreloader ancestors queries (merge request) GitLab Enterprise Edition
- Create default merge commit message using customizable template by @trakos (merge request)
- GithubImporter: Thread diff notes (merge request)
- Query all partitions when loading loose FK records (merge request)
- Remove flag that hides event streaming from graphQL schema (merge request) GitLab Enterprise Edition
- Add opensource plan to database (merge request)
- Add wiki migration to projects and groups (merge request) GitLab Enterprise Edition
- Send invite team email after a root group is created (merge request)
- Render inherited templates from group in service desk (merge request)
- Add indexes to aggregated VSA tables (merge request)
- Add required label to tag name in release form (merge request)
- Add modal to warn group owners the impact of changing user cap (merge request) GitLab Enterprise Edition
- Add issues set crm contacts service and graphql mutation by @leetickett (merge request)
- Add pagination support for FindAllTagsRequest (merge request)
- Enable linear ancestors for groups (merge request)
- Add note regarding topic visibility to admin doc by @wwwjon (merge request)
- Track Shared Runners duration separate from CI minutes consumption (merge request) GitLab Enterprise Edition
- Show blocked icon on epic blocked issues (merge request) GitLab Enterprise Edition
- Add Sentry configs to application settings (merge request)
- Add helpful text to project select modal (merge request)
- Enable linear ApplicationSettings ancestors queries (merge request) GitLab Enterprise Edition
- Enable pipeline_editor_mini_graph feature flag by default (merge request)
- Limit issues one user can quickly create using service desk (merge request)
- Add Helm metadata to GraphQL by @sathieu (merge request)
- Enable linear EE Group ancestors queries (merge request) GitLab Enterprise Edition
- Remove redundant index_events_on_target_type_and_target_id (merge request)
- Rollout user namespace & project tracking (merge request)
- Unblock LDAP blocked user on sign-in with other auth methods (merge request)
- Add queuing mechanic for reindexing (merge request)
- Topic management: add link to topic detail page by @wwwjon (merge request)
- Add jobArtifacts to PipelineType by @genctys (merge request)
- Track processed loose FK records (merge request)
- Update user attributes for Group SAML enterprise users (merge request) GitLab Enterprise Edition
- Add 'show' page for topic by @wwwjon (merge request)
- Record transaction duration during migrations (merge request)
- Add corpus create mutation and service (merge request) GitLab Enterprise Edition
- Update scroll position to synchronize the Jump To Next button (merge request)
- Add created_at to the GraphQL LicenseType (merge request) GitLab Enterprise Edition
- Speed up searching environments by ref deployed (merge request)
- Add customer relations menu item and root apps by @leetickett (merge request)
- Enable linear ParticipantsService ancestors queries (merge request)
- Enable linear MembersFinder ancestors queries (merge request)
- Promote empty_repo_upload experiment (merge request)
- Adding Special diff rendering for .ipynb notebooks (merge request)
- VSA: Add deployment frequency links (merge request) GitLab Enterprise Edition
- Enables the mr_changes_fluid_layout flag by default (merge request)
- Adds vulnerability state to Vulnerability-Check (merge request)
- Enable logging of Sidekiq bulk job insertions (merge request)
- Remove group_authorized_agents feature flag (merge request)
- Add Prometheus metrics for loose foreign keys (merge request)
- Include state_id when gathering VSA data (merge request)
- Loose foreign key definition experiment (merge request)
- Enable real-time issue assignees by default (merge request)
- Feature: add user track script entry point by @orozot (merge request)
- Fix spec to properly support many databases (merge request)
- Enable group-level MR approval settings by default (merge request) GitLab Enterprise Edition
- Enable linear GroupTree ancestors queries (merge request)
- Annotate DAST models strings for localization (merge request) GitLab Enterprise Edition
- Persist credit card network (merge request)
- Adds DB column for merge request assignee state (merge request)
- Add native systemd units by @behrmann (merge request)
- Clean up migration to populate commit users (merge request)
- Enabled variables for CI services by @ST-Apps1 (merge request)
- Add runtime_runner_features column to ci_builds_metadata (merge request)
- Add metric for users associating group milestones to releases (merge request)
- Loose foreign key worker implementation (merge request)
- Added kaniko ci template to build docker images (merge request)
- Invite members for task experiment (merge request)
- Remove FF verification_state_backfill_worker (merge request) GitLab Enterprise Edition
- Add 'tencent_serverless_framework' to built-in project template (merge request)
- Merge branch 'mw/clearup-ff_group_membership_export' into 'master' (merge request) GitLab Enterprise Edition
- Allow custom support email without configuring custom project suffix (merge request)
- Add median lead time for changes to VSA (merge request) GitLab Enterprise Edition
- Remove ff_group_membership_export flag (merge request) GitLab Enterprise Edition
- Move Agent usage metrics to Core (merge request)
- Enable Agent creation in Core (merge request)
- Move Agent KUBECONFIG variable generation to core (merge request)
- Sync creating requirements with requirements issue (merge request) GitLab Enterprise Edition
- Add user caps to group's membership settings (merge request) GitLab Enterprise Edition
- Remove the rails_apdex_counters feature flag (merge request)
- Add CustomerRelations::IssueContact model by @leetickett (merge request)
- Cleanup project_storage_ui feature flag (merge request)
- Add created_at filters to MR resolver (merge request)
- Add integration with ZenTao by @icbd (merge request)
- Move Agent CI tunnel functionality to Core (merge request)
- Add Debian endpoint for distribution key by @sathieu (merge request)
- Filter issues by releaseTag in GraphQL (merge request)
- Add 'Explore topics' page by @wwwjon (merge request)
Fixed (123 changes)
- Fix SAML SSO redirects for pseudonymized URLS (merge request)
- Add suggestion_commit_message length validation by @trakos (merge request)
- GithubImporter: Fix import duration metric (merge request)
- Fix a bug with the metadata during the npm package upload (merge request)
- Fix error when Origin header is null (merge request)
- Fix loading authors in issues list (merge request)
- Fix regression in code blocks in the Content Editor (merge request)
- Fix sysvinit Sidekiq logging (merge request)
- Fix setting block animation issues (merge request)
- Remove presence validator on name on WebauthnRegistration (merge request)
- Fix common errors in AuthorizedProjectsWorker (merge request)
- Fix widget dropdown title overflow (merge request)
- Don't transform empty .ipynb diffs (merge request)
- Allow destruction of records in archived pending_delete projects (merge request)
- Allow to create service desk issues for all quoted emails (merge request)
- Fix bug due to fuzzy matching in Infrastructure Registry (merge request)
- Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
- Fix commit msg color for dark mode graph (merge request)
- Fixes broken trigger layout (merge request)
- Fix agent install page paths (merge request)
- Reduce noise in cluster cleanup workers (merge request)
- Fix scoped board milestone/iteration Timebox global ID (merge request) GitLab Enterprise Edition
- Prevent overflowing of runner tags (merge request)
- Fix manifest workhorse upload (merge request)
- Extend the OverrideUuids service logic (merge request) GitLab Enterprise Edition
- Fix foreign_key of using on data_fields by @icbd (merge request)
- Vulnerability Report: Fix typo in description text (merge request) GitLab Enterprise Edition
- Fix built-in template import creating duplicate audit logs (merge request) GitLab Enterprise Edition
- Fix merge requests not importing for older projects (merge request)
- Add sidebar highlight and fix link by @icbd (merge request)
- Fix 2FA setup for LDAP users (merge request)
- Recalculate project authorizations on group transfer by @vfazio (merge request)
- Clear closure references when issue is reopened (merge request)
- Prevent Git operations from checking replication lag on non-Geo sites (merge request) GitLab Enterprise Edition
- Allow non-group Agent projects to authorize themselves (merge request)
- Vulnerability Modal: Fix issue with long URLs (merge request) GitLab Enterprise Edition
- Fix Type error about namespace through provides on members page (merge request)
- Fix pipeline editor crashing the browser when getting a 500 error (merge request)
- Reset subscription max seats used on new term (merge request) GitLab Enterprise Edition
- Fix issue rebalance banner (merge request)
- Disable query cache when outside Rails executor (merge request)
- Fix todo API when used with Alerts (merge request)
- Add remediation based on cve or id by @ssarka (merge request) GitLab Enterprise Edition
- Wrap Sidekiq scheduler threads in Rails reloader (merge request)
- Fix quick action permissions to match UI (merge request)
- Skip retrying for reads on connection errors if primary only (merge request)
- Fix illustration paths in survey response page (merge request) GitLab Enterprise Edition
- Fix MR commits with missing committers/authors (merge request)
- Fix: update broken pipeline layout (merge request)
- Use the To header when sending pipeline emails (merge request)
- Cleanup sticky_environments_in_job_retry feature flag (merge request)
- Improve tracking of requests in rate limiter (merge request)
- Check correct permissions before showing Release Evidence link (merge request)
- Fix ghost button on payment step for subscriptions (merge request) GitLab Enterprise Edition
- Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition
- Fix error on environment rollback (merge request)
- Fix permission check for confidential quick action (merge request)
- Fix Geo: Secondaries may be orphaning Upload files (merge request) GitLab Enterprise Edition
- Add better error handling to BulkImports::GroupLoader (merge request)
- Ensure that GlSingleStat animates (merge request)
- Fix tasklist header counts in Test Cases (merge request) GitLab Enterprise Edition
- Allow relative WebP image embed in markdown by @KevSlashNull (merge request)
- Fix uninitialized constant STICK_OBJECT by @leetickett (merge request)
- Increase file import size validator timeout (merge request)
- Fix breadcrumb click event handling (merge request)
- Do not update feedback when it is persisted (merge request) GitLab Enterprise Edition
- Increase the deduplication TTL for future jobs (merge request)
- Fix filtering of "Not connected" runners (merge request)
- Exclude project bots from deactivation in DeactivateDormantUsersWorker (merge request)
- Fix 2FA management on Safari (merge request)
- Fix slight scroll bounce when jumping between unresolved discussions (merge request)
- Don't limit number of Gitaly client keepalives (merge request)
- Silence unknown PostgreSQL OIDs warnings (merge request)
- Do not auto-retry unrecoverable job failure (merge request)
- Fix: filename display when copy/paste in comment by @orozot (merge request)
- Do now unescape branch name when deleting branch (merge request)
- Enable surface_environment_creation_failure feature flag by default (merge request)
- Prevent timeouts when updating
share_with_group_lock of a group (merge request)
- Fix epic board scope text (merge request)
- Standardize error message field in structured logs (merge request)
- Make
LoadBalancer to configure pool sizes of all classes (merge request)
- Sort epic ancestors in hierarchical order in graphQL endpoint (merge request) GitLab Enterprise Edition
- Fix cascading settings attr reader behavior by @gizero (merge request)
- Don't fail DeleteStoredFilesWorker if one of the files is missing (merge request)
- Schedule AutoFix background job after ingesting the security reports (merge request) GitLab Enterprise Edition
- Move yaml processor secrets configuration to EE (merge request) GitLab Enterprise Edition
- Remove the pipelines link from Auto DevOps toast (merge request)
- Fix 'private method 'load' called' when posting non-whitelisted webhook by @perlun (merge request)
- Change manage events metric counter method (merge request)
- Fix
canUpdate console error on external issues (merge request) GitLab Enterprise Edition
- Show captcha verification on issue boards (merge request)
- Fix error when archiving requirements (merge request) GitLab Enterprise Edition
- Persist solution, message and description fields (merge request) GitLab Enterprise Edition
- Skip st_diff setting on LegacyDiffNote during import (merge request)
- Use
overridden_uuid as primary lookup for the report finding (merge request) GitLab Enterprise Edition
- Remove duplicate text from create group description (merge request)
- Add reschedule option to Resource Group worker (merge request)
- Fix SMIME signature for emails on push (merge request)
- Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
- Fix file mode changes not always visible in MRs by @hypemc (merge request)
- Allow job token to perform all release REST API operations by @guillaume.chauvel (merge request)
- Fix 2+ discussions on one line not working (merge request)
- Fix issues with frame-src CSP directive (merge request)
- Fix shared runners form injections (merge request)
- Fix deployment merge request link creation (merge request)
- Add latest commit hash to compare cache key (merge request)
- Move DAST CI Job keys to the EE Variant (merge request) GitLab Enterprise Edition
- Fix issue with CSP using Safari in dev mode (merge request)
- Remove compliance framework section for unlicensed EE (merge request) GitLab Enterprise Edition
- Fix unnecessary epics fetch req with empty filters (merge request) GitLab Enterprise Edition
- Fix object deduplication on Geo first sync (merge request) GitLab Enterprise Edition
- Allow newlines in HTTP URLs (merge request)
- Fix
Security::OverrideUuidsService matching logic (merge request) GitLab Enterprise Edition
- Add cloak-startup class and apply to mobile overlay by @leetickett (merge request)
- Stop polling when checking task lists on an issue (merge request)
- Modify error message for clarity (merge request)
- Ensure Azure-related gems are loaded (merge request)
- Ensure commits limit is always positive (merge request)
- Add DEFAULT_CERT_DIR handling to Spamcheck and fix Gitaly GRPC Bug (merge request)
- Fix a join in the postgres_indexes view (merge request)
- Fix spacing around code quality problem icon in diff view by @antonykor.ak (merge request) GitLab Enterprise Edition
- Transaction metrics from workers are not collected (merge request)
- Fix nil value in location column in vulnerability_occurrences (merge request) GitLab Enterprise Edition
Changed (142 changes)
- Update deprecation notice (merge request)
- Increase LFS token entropy for keys/deploy keys (merge request)
- Fixes cross-db modification for Ci::JobArtifacts::DestroyBatchService (merge request)
- Remove query_project_ci_feature_usages_for_coverage flag (merge request) GitLab Enterprise Edition
- Replace
window.confirm with GlModal confirmation (merge request)
- Update audit events to filter by username (merge request) GitLab Enterprise Edition
- Fix OpenStruct use by @mehulsharma (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Move API fuzzing YAML generation to the client (merge request) GitLab Enterprise Edition
- Use after_commit in Vulnerabilities::Feedback (merge request)
- Use allowlist of allowed attributes for imported models (merge request)
- Use image digest for Auto DevOps deployments by @kinolaev (merge request)
- Make capitalization of incident management objects uniform in modal (merge request)
- feat: Update default PAT prefix when not set (merge request)
- Use rectangular avatar on topic detail page by @wwwjon (merge request)
- Fix OpenStruct use by @mehulsharma (merge request)
- Fixed OpenStruct use offense by @mehulsharma (merge request)
- Fix OpenStruct usage by @mehulsharma (merge request)
- Release the NPM metadata abbreviated support (merge request)
- Deprecation of the cert-based K8s integration (merge request)
- Use token authentication in the Debian distribution APIs by @sathieu (merge request)
- Get cluster_id from kubernetes_resource for CIS (merge request) GitLab Enterprise Edition
- Remove Apollo error suppression feature flag (merge request)
- Show validation error for setting project suffix (merge request)
- Update admin deploy keys table to comply with Pajamas design system (merge request)
- Go back denylist for importing project (merge request)
- Add shared_runners_duration field to NamespaceMonthlyUsageType (merge request)
- Update vendored cluster management project template (merge request)
- Move creation of external cross-references into background worker (merge request)
- Enable by default new refactored page (merge request)
- Remove cached_loading_hints feature flag (merge request)
- Restore TagsFinder class interface (merge request)
- Refactor profile authentication log to show relevent events (merge request)
- Redirect to Pipeline Editor from Suggest Pipeline banner CTA (merge request)
- Fixed OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
- Create ProjectNamespace when a Project is created (merge request)
- Source Editor Extension module (merge request)
- Update workflow propeties in CI json schema (merge request)
- Avoid sending send-data headers in API response body (merge request)
- Fixed OpenStruct use by @mehulsharma (merge request)
- Add tooltip and commit title to pipeline editor's status header (merge request)
- Add user popup to CI pipeline header by @KevSlashNull (merge request)
- Redirect to continuous onboarding after trial reg (merge request) GitLab Enterprise Edition
- Add read_at to dependency proxy objects (merge request)
- Add pipeline artifacts size to admin area project statistics by @guillaume.chauvel (merge request)
- Spin reviewer on UX label (merge request)
- Refactor fetching board scope to GraphQL (merge request) GitLab Enterprise Edition
- Use allowlist for importing project attributes (merge request)
- Filter runner type via tabs (merge request)
- Update runner status badges and locked icon (merge request)
- Reorganise Jira Connect UI (merge request)
- Update Rugged to v1.2.0 (merge request)
- Vulnerability Chart: Fix selected state of buttons (merge request) GitLab Enterprise Edition
- Log when primary host for DB load balancing is marked offline (merge request)
- Review Adv Search admin UI text (merge request)
- Load MR widget artifacts on mount (merge request)
- Change API permissions to set epic of an issue (merge request) GitLab Enterprise Edition
- Use path_with_namespace for delete confirmation phrase (merge request)
- Flash a warning when not using index aliases (merge request) GitLab Enterprise Edition
- Toggle file tree bolding based on file "Viewed" status (merge request)
- Change Geo SSH proxy to internal primary URL (merge request) GitLab Enterprise Edition
- Add empty state for CI mintues (merge request) GitLab Enterprise Edition
- Runner status won't return "paused" (merge request)
- Add policy name to ScanExecutionPolicyCommit mutation (merge request) GitLab Enterprise Edition
- Update omniauth-oauth2 and remove error verification monkey-patch (merge request)
- Add optional include_jobs param for CI lint APIs (merge request)
- Shift a user's contribution calendar based on their timezone setting by @davebarr (merge request)
- Updated texts and illustrations on Kubernetes page (merge request)
- Improve run pipeline ux (merge request)
- Add project count and coverage count to tooltip (merge request) GitLab Enterprise Edition
- Remove not_null constraint and default for public_email (merge request)
- Replaced v-html with v-safe-html by @mehulsharma (merge request)
- Refactor manual variables form (merge request)
- Remove jira_connect_asymmetric_jwt feature flag (merge request)
- Revert temporary change for sending expiration email for all ssh keys (merge request)
- Add clarification of repo size limits (merge request)
- Pluralize DevOps Report to DevOps Reports (merge request)
- Add limit-container-width to Jira create branch (merge request)
- Restore namespace requirement for project deletion confirmation (merge request)
- Handle
Errno::ENETUNREACH in Gitlab::HTTP (merge request)
- Enable
terms_of_service_vue feature flag by default (merge request)
- Add links to Jira-related error messages (merge request)
- Update breadcrumb toggle to inline (merge request)
- Use GlAvatar in approval rule selector (merge request) GitLab Enterprise Edition
- Change the active link color in the sidebar (merge request)
- Moved clusters empty state to Vue component (merge request)
- Store trace files outside of a database transaction (merge request)
- Exclude internal API and Geo git_ssh routes from secondary proxying (merge request) GitLab Enterprise Edition
- Remove jQuery from Jira connect app (merge request)
- Add GITLAB_CDN_HOST to frame-src and worker-src (merge request)
- Only delete data from Elasticsearch 30 days after subscription expires (merge request) GitLab Enterprise Edition
- feat: Set PersonalAccessToken default prefix (merge request)
- Turn on Feature Flag of ZenTao by @icbd (merge request)
- Skip already imported merge requests on importer (merge request)
- Say when MR was approved by me by @KevSlashNull (merge request)
- Update clusters index help paths (merge request)
- Change question marks to Learn More in Settings (merge request)
- Enable dependency proxy by default (merge request)
- Re-position merge train help icon (merge request) GitLab Enterprise Edition
- Rename crm related policies and consider feature flag status by @leetickett (merge request)
- Remove skip_legacy_diff_note_callback_on_import feature flag (merge request)
- Use secured analyzer image for cluster image scanning (merge request) GitLab Enterprise Edition
- Edit UI text (merge request)
- Add response in Publish a package file endpoint (merge request)
- Update copy of branches_to_be_notified label (merge request)
- Migrate Terraform template to use rules syntax by @willianpaixao (merge request)
- Link Pipeline Editor button to open in correct branch (merge request)
- Admin: card match can have different holder name (merge request) GitLab Enterprise Edition
- Fix translation of title of ZenTao by @icbd (merge request) GitLab Enterprise Edition
- Add "Load more" button to environment dropdown (merge request) GitLab Enterprise Edition
- Convert dropdowns in Admin / Visiblity and access to radio buttons (merge request)
- Make cosmetic improvements to Geo Admin UI (merge request) GitLab Enterprise Edition
- Remove the left-overs of
use-deprecated-sizes attributes (merge request)
- Remove stage default from CI schema (merge request)
- Enable feature flag default on (merge request)
- Replace registration token in registration modal (merge request)
- Move register runner information to a dropdown (merge request)
- Run GraphQL docs rake task on changes (merge request)
- Removes cross-joins FF in MergeRequest#environements (merge request)
- Redirect Geo HTTP(s) pulls to different path with missing repo (merge request) GitLab Enterprise Edition
- Hide private group name when access request is denied (merge request)
- Improve empty state when artifacts fail to load by @mehulsharma (merge request)
- Change enforcement label to status (merge request) GitLab Enterprise Edition
- Remove retarget_merge_requests feature flag (merge request)
- Handle MissingPersonalAccessTokenError on Go middleware (merge request)
- Add missing labels when password is filled out (merge request)
- UI polish on the webhook log page (merge request)
- Fix ZenTao spelling by @icbd (merge request) GitLab Enterprise Edition
- Update audit events date range filter (merge request) GitLab Enterprise Edition
- Improve merge blocked text (merge request) GitLab Enterprise Edition
- Show CSV and json artifact download on security tab and merge request (merge request)
- Add custom label GitHub status check checkbox (merge request) GitLab Enterprise Edition
- Use default timeouts for Jira calls (merge request)
- Deduplicate http transport creation (merge request)
- Update Terraform.latest.gitlab-ci.yml template by @willianpaixao (merge request)
- Does not update Geo node if running on a primary site (merge request) GitLab Enterprise Edition
- Remove
roadmap_daterange_filter ff & legacy code (merge request) GitLab Enterprise Edition
- Use Gitlab::HTTP in download method (merge request)
- Order Deployments by Finish Time (merge request)
- Enable flag group_authorized_agents by default (merge request)
- Drop Vulnerabilites that would be invalid as well (merge request)
- Rename Import Uploader Extension Allowlist Constant (merge request)
Deprecated (1 change)
Removed (6 changes)
- Remove chat_names -> ci_pipeline_chat_data FK (merge request)
- Remove deprecated WIP from GraphQL (merge request)
- Remove frontend for editing of Jira labels (merge request) GitLab Enterprise Edition
- Remove jobs and projects columns (merge request)
- Remove the DORA DF feature flag in VSA (merge request)
- Remove product analytics tracking (merge request)
Security (15 changes)
- Add reCAPTCHA to password reset and confirmation email forms (merge request)
- Highlight usage of unicode bidi characters
- Fix dompurify.js to prevent path traversal attacks
- Refresh authorizations on transfer of groups having project shares
- Don't allow author to resolve discussions when MR is locked via GraphQL
- Workhorse: Allow uploading only a single file
- Adding a '[redacted]' to mask private email addresses
- Avoid decoding the whole tiff image on isTIFF check
- Respect visibility level settings when updating project via API
- Only include visible groups a project is shared with
- Stop using 'self' in the CSP's frame-src directive (merge request)
- Do not display the root password by default
- Group owners should see SCIM token only once GitLab Enterprise Edition
- Set PipelineSchedules to inactive
- Do not allow Applications API to create apps with blank scopes
Performance (25 changes)
- Enable API v3
branches/:sha partial response (merge request)
- Avoid cross-joins in PipelinesForMergeRequestFinder (merge request)
- Improve ETag caching for issue discussions (merge request)
- GraphQL user.groups node authorization DB query count optimization (merge request)
- Remove unused index index_for_resource_group on ci_builds (merge request)
- Remove startup JS call for issue notes (merge request)
- Use keyset pagination when fixing diff commits (merge request)
- Enable workhorse_use_sidechannel by default (merge request)
- Omit query params for discussions.json (merge request)
- Add index to events table support UMAU metric (merge request)
- Use new worker/service to refresh authorizations of project members (merge request)
- Add an index on vulnerability_occurrence_pipelines (merge request)
- Add index for cluster_id in vulnerability_occurrences location (merge request)
- Default enable new_graphql_keyset_pagination (merge request)
- Omit WHERE clause for NOT labels filter when empty (merge request)
- Remove releases author_id index (merge request)
- Optimize JIRA ref lookup (merge request)
- Recreate broken ci_builds index (merge request)
- Fix N+1 query in VulnerabilitiesResolver (merge request) GitLab Enterprise Edition
- Cleanup update_deployment_after_transaction_commit feature flag (merge request)
- Search for group descendants through a btree (merge request)
- Improve TBT on file source view (merge request)
- Cache CI variables used for rules evaluation (merge request)
- Speed up Sidekiq size limiter middleware (merge request)
- Remove use of Redis multi in Sidekiq client (merge request)
Other (78 changes)
- Fix the offenses introduced by Style/OpenStructUse by @edith007 (merge request)
- Fix OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
- Fix OpenStruct use by @mehulsharma (merge request)
- Set total of Progress bar nil when replication is disabled by @edith007 (merge request) GitLab Enterprise Edition
- Add post deploy migration to remove open_project_data by @lenikadali (merge request)
- Create pipeline trigger application limits (merge request)
- Convert admin users page tabs to Pajamas (merge request)
- Geo: Remove legacy code for upload sync (merge request)
- Cleanup feature flag gitaly_tags_finder (merge request)
- Remove
paginated_tree_graphql_query feature flag (merge request)
- Convert labels page tabs to Pajamas (merge request)
- Set user's highlight theme for the Blame page during SSR by @cyberap (merge request)
- Convert projects dashboard tabs to Pajamas (merge request)
- Convert snippets page tabs to Pajamas (merge request)
- Convert projects explore page tabs to Pajamas (merge request)
- Convert admin users page tabs to Pajamas (merge request)
- Convert pipeline schedules page tabs to Pajamas (merge request)
- Convert commit tabs to pajamas (merge request)
- Decouple group's storage table from feature flag (merge request) GitLab Enterprise Edition
- Add with_highest_role_minimal_access to statistics (merge request)
- Update GlTab helpers (merge request)
- Hide details for invited members in seats usage (merge request) GitLab Enterprise Edition
- Adds margin to billings page (merge request) GitLab Enterprise Edition
- Enabling jupyter_clean_diff by default (merge request)
- Remove report_on_long_redis_durations flag (merge request)
- Replace dotenv constants with application limits (merge request)
- Convert search tabs to pajamas (merge request)
- Convert blob editor tabs to pajamas (merge request)
- Convert markdown field tabs to pajamas (merge request)
- Convert credential inventory tabs to pajamas (merge request) GitLab Enterprise Edition
- Migrate requirement to work items (merge request)
- Convert explore tabs to pajamas (merge request)
- Convert explore tabs to pajamas (merge request)
- Remove rate limiter feature flag (merge request)
- Improve Blame Page rendering performance by @cyberap (merge request)
- Convert product analytics tabs to pajamas (merge request)
- Drop ci_build_trace_sections table and related (merge request)
- Changed the chronological order of Job history sequence on CI Job by @edith007 (merge request)
- Remove FF ci_create_external_pr_pipeline_async (merge request)
- Remove FF ci_new_artifact_file_reader (merge request)
- Fix the Style/OpenStructUse Cop offense for Guardfile by @edith007 (merge request)
- Remove the packages_remove_cross_joins_to_pipelines feature flag (merge request)
- Remove the container_registry_expiration_policies_caching feature flag (merge request)
- Remove include_sti_condition flag (merge request)
- Expose 'blocked' attribute on epic issues endpoint (merge request) GitLab Enterprise Edition
- Removed new_customersdot_staging_url feature flag (merge request)
- Remove variable_inside_variable feature flag (merge request)
- Add spacing at top of project/group blank new forms (merge request)
- Exclude ProjectNamespaces from GraphQL namespace results (merge request)
- Pass formats explicitly when rendering .md.erb by @edith007 (merge request) GitLab Enterprise Edition
- Remove pipeline association from Vulnerabilities::Finding (merge request) GitLab Enterprise Edition
- Remove release_evidence feature flag (merge request)
- Fix the offences introduced by Performance/OpenStruct by @edith007 (merge request)
- Add icons to project's storage table (merge request)
- Cleanup unused tagging records (merge request)
- Backfill default namespace as User namespace (merge request)
- Pass formats explicitly when rendering svg icons by @edith007 (merge request)
- Pass formats explicitly when rendering svg icons by @edith007 (merge request)
- Pass formats explicitly when rendering svg icons by @edith007 (merge request)
- Enable quarantined service ping metrics (merge request) GitLab Enterprise Edition
- Replace v-html with v-safe-html to improve frontend security posture by @edith007 (merge request)
- Improve User Exprience for Blame page by @cyberap (merge request)
- Mark all time events ServicePing metric as broken (merge request)
- Restore MR to populate MR diff commit users (merge request)
- Fixing the deprecation warning as using
. in template has deprecated by @edith007 (merge request)
- Drop redundant broken index (merge request)
- Refactor protected paths UI and documentation (merge request)
- Update GitLab Runner Helm Chart to 0.34.0 (merge request)
- Update gitlab-dangerfiles to 2.3.1 (merge request)
- Remove the dast_on_demand_scans_scheduler feature flag (merge request) GitLab Enterprise Edition
- Fix storage row line height (merge request) GitLab Enterprise Edition
- Remove managed cluster alerts feature flag (merge request)
- Schedule migration to remove duplicate Findings (merge request)
- Show all storage types in project's storage usage (merge request)
- Remove ci_synchronous_artifact_parsing feature flag (merge request)
- Add pipeline artifacts, packages and uploads size to group REST API by @guillaume.chauvel (merge request)
- Add pipeline artifacts and uploads sizes to project REST API by @guillaume.chauvel (merge request)
- Remove not used parameter from epics finder (merge request) GitLab Enterprise Edition
14.4.5 (2022-01-11)
No changes.
14.4.4 (2021-12-03)
No changes.
14.4.3 (2021-12-01)
Fixed (6 changes)
- Check validation only if new record of license (merge request) GitLab Enterprise Edition
- Fix for hexadecimal branch deletion (merge request)
- Geo - Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
- Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
- Allow SSO callbacks through maintenance mode by @dzaporozhets (merge request) GitLab Enterprise Edition
- Fix 2FA setup for LDAP users (merge request)
14.4.2 (2021-11-08)
Fixed (3 changes)
- Skip retrying for reads on connection errors if primary only (merge request)
- Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
- Skip st_diff callback setting on LegacyDiffNote when importing (merge request)
Changed (1 change)
Performance (1 change)
14.4.1 (2021-10-28)
Security (13 changes)
- Highlight usage of unicode bidi characters (merge request)
- Fix dompurify.js to prevent path traversal attacks (merge request)
- Refresh authorizations on transfer of groups having project shares (merge request)
- Adding a '[redacted]' to mask private email addresses (merge request)
- Do not allow Applications API to create apps with blank scopes (merge request)
- Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
- Workhorse: Allow uploading only a single file (merge request)
- Set PipelineSchedules to inactive (merge request)
- Do not display the root password by default (merge request)
- Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
- Respect visibility level settings when updating project via API (merge request)
- Avoid decoding the whole tiff image on isTIFF check (merge request)
- Remove external_webhook_token from exported project (merge request)
14.4.0 (2021-10-21)
Added (79 changes)
- Upgrade GitLab Pages to 1.46.0 (merge request)
- Support math expressions in the Content Editor (merge request)
- Add Reviewer names (merge request)
- Geo: Enable Upload replication using SSF by default (merge request) GitLab Enterprise Edition
- Add username attribute support for GitLab.com Group SAML SSO (merge request) GitLab Enterprise Edition
- Expose issue contacts via GraphQL by @leetickett (merge request)
- Add source instance version validation for project (merge request)
- Add top-level GraphQL query for single board list (merge request)
- Allow to setup Documentation pages URL for help pages redirects (merge request)
- DevOps Adoption: Add "trend over time" graph (merge request) GitLab Enterprise Edition
- Improve data zoom on contribution analytics (merge request) GitLab Enterprise Edition
- Add cluster_image_scanning CI parser to update location data (merge request) GitLab Enterprise Edition
- Enable on-demand scans scheduler (merge request) GitLab Enterprise Edition
- Add EE variant of Resolvers::ProjectPipelinesResolver (merge request) GitLab Enterprise Edition
- Implement PostUploadPackWithSidechannel client in Workhorse (merge request)
- Introduce status column for the security_scans table and populate it (merge request)
- Add contact update mutation to GraphQL by @leetickett (merge request)
- Add support for load balancing multiple databases (merge request)
- Admin: listing matching card details of an user (merge request) GitLab Enterprise Edition
- Import repository with project migration (merge request)
- Graceful degradation for Branches controller (merge request)
- Add ability to set iteration on issue creation via GraphQL API (merge request) GitLab Enterprise Edition
- Avoid cross-joins in PipelinesForMergeRequestFinder (merge request)
- Remove ci_resource_group_process_modes feature flag (merge request)
- Add customer relations contact create mutation by @leetickett (merge request)
- Sync requirement and requirement issues state (merge request) GitLab Enterprise Edition
- Keep credit card non-sensitive info (merge request) GitLab Enterprise Edition
- Subscriptions hand raise lead API client (merge request) GitLab Enterprise Edition
- Add metric for users associating milestones to releases (merge request)
- Add meta data in user_credit_card_validations (merge request)
- Link to a search for feature flag name in project (merge request) GitLab Enterprise Edition
- Add includeSubepics argument to issue filters in GraphQL (merge request) GitLab Enterprise Edition
- Warn users of impacted escalation policies on leave/delete (merge request) GitLab Enterprise Edition
- Add confidential issues filtering for GraphQL API (merge request)
- Measure Sidekiq enqueue latency for scheduled jobs (merge request)
- Add ability to set iteration on issue creation via GraphQL API (merge request) GitLab Enterprise Edition
- Add issue_customer_relations_contacts linking table by @leetickett (merge request)
- Add config field gitlab_kas.external_k8s_proxy_url (merge request)
- Add DependencyProxySettings mutation (merge request)
- Added feature flag to show terraform banner (merge request)
- Promote jobs_to_be_done experiment (merge request)
- Feat(Cloud Activation Form Modal): loading button (merge request) GitLab Enterprise Edition
- Return runner webUrl via GraphQL API (merge request)
- Add option of 60 days to container image expiration policy by @pataar (merge request)
- Add missing keywords to CI schema (merge request)
- BulkImports: Handle network errors (merge request)
- Add sorting to DA overview table (merge request) GitLab Enterprise Edition
- Document how to migrate off Gitaly Cluster (merge request)
- Make it possible to define custom request duration thresholds (merge request)
- Implement rate-limiting for a deprecated API endpoint (merge request)
- Extend EE::Types::Ci::PipelineType with dast_profile (merge request) GitLab Enterprise Edition
- Add
links and message field to VulnerabilityType (merge request) GitLab Enterprise Edition
- Allow relate quick action on issue create (merge request)
- Allow plus character in project names by @lzampier (merge request)
- Render frontmatter codeblock in the Content Editor (merge request)
- Add support for wbr in content editor (merge request)
- Enable live tracking and enforcement of CI minutes (merge request) GitLab Enterprise Edition
- Send "setup for company" in trial form to CustomersDot (merge request)
- Perform validations on the parent of a namespace/group by default (merge request)
- Added support for test coverage badge color configuration by @szaboi (merge request)
- Move cluster agent GraphQL mutations and supporting services to core (merge request)
- Move cluster agent GraphQL types and resolvers to core (merge request)
- Address the PK Overflow risk for the taggins - Step 3 (merge request)
- Remove i_testing_metrics_report_artifact_uploaders feature flag (merge request)
- Remove usage_data_i_testing_test_case_parsed feature flag (merge request)
- Enable FF "paginated_tree_graphql_query" by default (merge request)
- Add user permissions for runners in GraphQL API (merge request)
- Always enable the database load balancer (merge request)
- Add endpoints for project relations exports (merge request)
- Upgrade Pages to 1.45.0 (merge request)
- Support FIFO/LIFO process modes to Resource Group (merge request)
- Add documentation to Files API Rate Limits (merge request)
- Add security_orchestration_policy to pipeline source filter (merge request) GitLab Enterprise Edition
- Add sign-in count to external pipeline validation (merge request)
- Add negated issueType filter to issue resolver (group and project) (merge request)
- Add clone issue to REST API (merge request)
- Add runner_features column to ci_builds_metadata (merge request)
- Extend /help/instance_configuration with Git LFS rate limit by @wwwjon (merge request)
- API: Add endpoint to reset runner authentication token by @KyleFromKitware (merge request)
Fixed (96 changes)
- Fix Analytics Author filters (merge request)
- Allow maintainers to set MR approval settings (merge request) GitLab Enterprise Edition
- Fix: update links in billing page by @orozot (merge request) GitLab Enterprise Edition
- Update onboarding template project (merge request) GitLab Enterprise Edition
- Fix handling Service Ping response DevOps metrics (merge request)
- Add guard clause to ensure incoming params (merge request)
- MR Analytics: Add pipelines sanity check (merge request) GitLab Enterprise Edition
- Replace calls to LoadBalancing with ::Gitlab::Database::LoadBalancing (merge request)
- Change shared runner settings on import on conflict with group (merge request)
- Fix undefined method `use_primary!' error in GDK by @leetickett (merge request)
- Guard against exceptions from unfound DiffNotes (merge request)
- Replace success button in the add linked issue (merge request)
- Ensure correct group for DA chart (merge request) GitLab Enterprise Edition
- Fix cut-off dropdown in board breadcrumbs (merge request)
- Fix non-restarted skipped bridge jobs (merge request)
- Don't run WAL queries when not using replicas (merge request)
- Enable syntax highlighting for new files (merge request)
- Add go, nuget, and sbt to Dependencies API filters (merge request) GitLab Enterprise Edition
- Present sbt, nuget, and go in Dependency List page (merge request) GitLab Enterprise Edition
- Fix detail page of NuGet package with missing metadata by @wwwjon (merge request)
- Remove local form errors flash (merge request)
- Make CI minutes consumption increment idempotently (merge request) GitLab Enterprise Edition
- Boards - Sort closed issues by closedAt date (merge request)
- Gracefully track errors raised by sending CI minutes notifications (merge request) GitLab Enterprise Edition
- Add IssuesFieldExtension to set relative positions (merge request)
- Update strategies used for DB count approximation for read-only DB (merge request)
- Mark the
created_at attribute as read-only to prevent updating it (merge request)
- Disable caching of MergeToRefService call in mergeability check (merge request)
- Return the correct project in job/allowed_agents API response (merge request)
- Use pessimistic locking when accessing Terraform state (merge request)
- Sanitize given scan types before querying the security_scans (merge request)
- Fix auto-renew of LetsEncrypt domains for Pages (merge request)
- Show hint if input value is invalid (merge request) GitLab Enterprise Edition
- Fix inline JavaScript HAML linter not working (merge request)
- Add ON DELETE constraint to security_policy_management_project_id (merge request)
- Fix merge request approvals accordion (merge request) GitLab Enterprise Edition
- Fix undefined method error in validate_remote_git_endpoint service (merge request)
- Hide filters UI in Roadmap within epic page (merge request) GitLab Enterprise Edition
- Fix storing first_mentioned_in_commit_at attribute (merge request)
- Redirect Geo git push operations to primary external URL (merge request) GitLab Enterprise Edition
- Fix spacing between note badges by @TaehyeokKang (merge request)
- Fix project statistics Uploads by @guillaume.chauvel (merge request)
- Move required styles for issue-token to core by @michael.telgkamp (merge request)
- Fix default values for the deprecated API throttle (merge request)
- Fix dependency proxy image prefix (merge request)
- Upgrade mermaid-js to v8.13.2 (merge request)
- Don't retry errors when there are no replicas (merge request)
- Delete issues css (merge request)
- Use GlAlert for external issues list errors (merge request) GitLab Enterprise Edition
- Fix tabs switching between tree and roadmap (merge request) GitLab Enterprise Edition
- Fix: change dropdown background to transparent by @orozot (merge request)
- Use GlAlert for integrations table errors (merge request)
- Removes reporting on non-existant failures for import rake task (merge request)
- Fix compliance framework labels readability (merge request) GitLab Enterprise Edition
- Fix clipped broadcast message on login page when using custom header (merge request)
- Fix issue search optimization in GraphQL (merge request)
- Expand template names when tracking inclusion (merge request)
- Fix incorrect date in type of work chart (merge request) GitLab Enterprise Edition
- Fix: translate upload license tips by @orozot (merge request) GitLab Enterprise Edition
- Reapply table-layout fixed in repository file list (merge request)
- Global Search - Upvote Tooltip Alignment (merge request)
- Prevent group wiki writes on read-only DBs (merge request) GitLab Enterprise Edition
- Fix incorrect trigger of issue/epic autocomplete (merge request) GitLab Enterprise Edition
- Fix Web IDE renaming empty content (merge request)
- Fix milestone references in group context (merge request)
- Value of
lock_memberships_to_ldap should not affect authorizations (merge request)
- Remove file upload type restirction (merge request)
- Fixed post merge ci status bug (merge request)
- Generate startup css as if com_and_canary by @leetickett (merge request)
- Disable form on admin appearance sign-in page preview (merge request)
- Add connection fallback to ActiveRecordProxy (merge request)
- Update GitLab Shell to v13.21.1 (merge request)
- Fix Australian timezone abbreviations in tooltips (merge request)
- Merge branch 'jswain_combined_registration_auto_trial_params' into 'master' (merge request) GitLab Enterprise Edition
- Provide namespace_id default value (merge request)
- Fix CSV issues import max file size message by @JonstonChan (merge request)
- Fix unmet prerequisites help URL (merge request)
- Fix polling on vuln details page (merge request) GitLab Enterprise Edition
- Fix rule all branches not using monospace font (merge request) GitLab Enterprise Edition
- Fix sum of LFS objects size with identical value by @guillaume.chauvel (merge request)
- Fix project group share setting wording (merge request)
- Fix gitaly-backup TLS connections (merge request)
- Fix Content-Disposition header not working in Azure Blob storage (merge request)
- Handle ConnectionNotEstablished in the DB LB (merge request)
- MR Analytics: Add yAxis formatter (merge request) GitLab Enterprise Edition
- Remove unnecessary route (merge request)
- Fix address requires string literal i18n helpers by @elcordova (merge request)
- Fix DB connection check for Geo user routing (merge request) GitLab Enterprise Edition
- Update to commonmarker gem 0.23.2 (merge request)
- Focus on input when dropdown is shown on issue creation page (merge request)
- Replace public_send with send in doctor rake task (merge request)
- Open sidebar after user creates a new item in boards (merge request)
- Geo: Fix maintenance mode causing Unhealthy secondary status (merge request) GitLab Enterprise Edition
- Allow BoardListType.issues to filter by negated issueType in GraphQL (merge request)
- Add additional properties to policy_details helper (merge request) GitLab Enterprise Edition
- Persist feedback alert for SAST Configuration (merge request) GitLab Enterprise Edition
Changed (80 changes)
- Implement Dependency proxy via Workhorse injectors (merge request)
- Added v-scrolling to both editors by @mehulsharma (merge request)
- Update auto-deploy-image to v2.14.0 (merge request)
- Adjust update_runners_registration_token permission (merge request)
- Remove feature flag member_destroy_async_auth_refresh (merge request)
- Disable create list button after clicked once (merge request)
- Preselect all projects in group coverage analytics (merge request) GitLab Enterprise Edition
- Allow longer Helm channel names by @sathieu (merge request)
- Enable create_vulnerabilities_via_api by default (merge request) GitLab Enterprise Edition
- Use allowlist of allowed attributes for imported models (merge request)
- Refactor the usage of Secret Scanning to Secret Detection (merge request)
- Improve Git HTTPS message given when Gitaly unavailable (merge request)
- Remove
performance_roadmap ff and legacy code (merge request) GitLab Enterprise Edition
- Respect security scanner schema (merge request) GitLab Enterprise Edition
- Default enable use_upsert_query_for_mr_metrics FF (merge request)
- Support Jira Connect asymmetric JWTs (merge request)
- Improve translatability of email confirmation page (merge request)
- Remove vulnerability flags feature flag (merge request)
- Styling updates of the protected environments edit access dropdown (merge request) GitLab Enterprise Edition
- Clean up oauth buttons on sign in/up (merge request)
- Improve merge train help text (merge request) GitLab Enterprise Edition
- Update branch name to use monospace (merge request) GitLab Enterprise Edition
- Remove redundant help text from runners (merge request)
- Proxy Geo secondary HTTP pushes + lfs through Workhorse (merge request) GitLab Enterprise Edition
- Update compliance report title and navigation (merge request) GitLab Enterprise Edition
- Change MR draft status notification from flash to tast (merge request)
- Allow minimal access value for UserHighestRole (merge request) GitLab Enterprise Edition
- Add jsonb field for Finding Evidence (merge request)
- Geo: Increase reliability of certain one-time jobs (merge request) GitLab Enterprise Edition
- Geo: Reduce unnecessary resource usage (merge request) GitLab Enterprise Edition
- Geo: Reduce unnecessary resource usage (merge request) GitLab Enterprise Edition
- GithubImporter: Format diff note suggestions to the gitlab format (merge request)
- system_check: Bump minimum required Git version to v2.33.0 (merge request)
- Update SAST config primary action button variant (merge request) GitLab Enterprise Edition
- Add rake task to pause or resume elastic indexing (merge request) GitLab Enterprise Edition
- Changed cluster type badge to gitlab-ui element (merge request)
- Move advanced_search_multi_project_select FF to user actor (merge request) GitLab Enterprise Edition
- Implement Dependency proxy via Workhorse injectors (merge request)
- Replace namespaces unique index on name and parent_id (merge request)
- Remove orchestration policies feature flag (merge request) GitLab Enterprise Edition
- Redirect threat_monitoring policies endpoints (merge request) GitLab Enterprise Edition
- Add tooltips to runners badges (merge request)
- Remove beta badge from GitLab Migration (merge request)
- Show author badge in comments (merge request)
- Toggle banner using suggest_pipeline_enabled application setting (merge request)
- Enable merge requests discussions cache (merge request)
- Edit UI text of Abuse reports settings (merge request)
- Prevent Workhorse panics when Geo proxy URL is unset (merge request) GitLab Enterprise Edition
- Improve deployment information on Jira Cloud app by @rbordignon (merge request)
- Migrate branches nav from Bootstrap tabs to GlTabs (merge request)
- Allow dots in Helm channel, but forbid repeated dots by @sathieu (merge request)
- Remove analyzer_pipeline metrics join to ci_builds (merge request) GitLab Enterprise Edition
- Update cluster management project template with new version of Falco (merge request)
- Update UI text in Group general settings (merge request)
- Allow removal of cloud licenses (merge request) GitLab Enterprise Edition
- Remove default value for time zone user preference (merge request)
- Exclude secret_detection findings from autoresolution (merge request) GitLab Enterprise Edition
- Enable repo size limit and ip restriction (merge request) GitLab Enterprise Edition
- Remove
async_filtering feature flag (merge request)
- Convert ee/geo/db/schema.rb to ee/geo/db/structure.sql (merge request) GitLab Enterprise Edition
- Updated the Cluster Agent Token table heading (merge request) GitLab Enterprise Edition
- Fix DB load balance autoloading/code-reloading (merge request)
- Remove "files" from end of default commit message in Web IDE by @scootergrisen (merge request)
- Ensure merge request header strings are internationalized (merge request)
- Add namespace_ancestry_ids migration (merge request) GitLab Enterprise Edition
- Update Copy on License Compliance CTA (merge request) GitLab Enterprise Edition
- Remove download text from pipeline artifact dropdown items by @fabsrc (merge request)
- Add suggest_pipeline_enabled to application_settings (merge request)
- Update deprecated GlIcon size in IDE preview navigator by @jameschensmith (merge request)
- Block move and clone of requirement issues (merge request) GitLab Enterprise Edition
- Remove owner validation in AdditionalPack transfer (merge request) GitLab Enterprise Edition
- Update Rouge syntax highlighting gem (merge request)
- Check anonymous search access in API endpoints (merge request) GitLab Enterprise Edition
- Merge boards Apollo client (merge request)
- Bump swagger-ui-dist to 3.52.3 by @bufferoverflow (merge request)
- Assign trial to only eligible namespace (merge request) GitLab Enterprise Edition
- Remove cutoff logic for expiration message (merge request) GitLab Enterprise Edition
- Replace "Any branch" with "All branches" (merge request)
- Re-organize Environment Action Buttons (merge request)
- Fix multiple translation strings by @scootergrisen (merge request)
Removed (9 changes)
- Remove shared runners CTE FF (merge request)
- Remove bio-html and cached_markdown_version from user_details (merge request)
- Remove obsolete column for DevOps analytics (merge request)
- Drop Delayed Project Removal column from Namespaces (merge request)
- Remove ignoring framework column for compliance project settings (merge request) GitLab Enterprise Edition
- Remove unused Debian distribution methods by @sathieu (merge request)
- Remove project_level_issues_analytics FF (merge request)
- Removed instance level serverless domains feature (merge request)
- Remove feature flag
ci_parallel_minutes_reset (merge request) GitLab Enterprise Edition
Security (34 changes)
- Add autocomplete attribute to most password fields (merge request)
- Rename profile password fields so password managers understand (merge request)
- Fix reverse tabnabbing issue (merge request)
- Use v-safe-html in project_list_item.vue by @Fall1ngStar (merge request)
- Require password confirmation when user changes their primary email (merge request)
- Fix XSS in Jira link GitLab Enterprise Edition
- Return 404 if model id wasn't passed to UploadsController
- Scrub artifacts signed URL in SendEntry logs
- Prevent double-impersonation and impersonation breakout
- Clear session access tokens when starting/stopping impersonation
- Require password param for 2FA changes
- Prevent users from bypassing 2FA on certain pages
- Use validated URL when sending request to Gitea Importer
- Fix permissions check on project members import
- Fix fogbugz importer DNS Rebind SSRF
- Require group admin access to list pending invites
- Do not export and import repository_size_limit
- Escapes MR approval rule names correctly
- Disable exporting pipeline triggers on project export
- Add pagination to dependencies API GitLab Enterprise Edition
- Filter shared groups autocomplete by permitted GitLab Enterprise Edition
- Apply account locking to password reset page
- Verify state before using errors from OAuth2 OmniAuth providers
- Fix GFM autocomplete xss
- Remove related project access tokens when a project is deleted
- Do not allow status checks to exist with external protected branches GitLab Enterprise Edition
- Permission check issuable template API data GitLab Enterprise Edition
- Require access token for git when 2fa is required
- Prohibit anonymous access for specific user API endpoint
- Respect disabled import sources when initiating import via API
- Prevent showing not allowed subgroup epics GitLab Enterprise Edition
- Prevent moving epic issues to different group hierarchy GitLab Enterprise Edition
- Fix denial-of-service attack in Markdown parser
- Enforce configured scopes for Oauth applications
Performance (27 changes)
- Set X-Requested-With for startup JS requests (merge request)
- Use Group linear ancestor scopes (merge request) GitLab Enterprise Edition
- Skip secure product metrics in service ping (merge request) GitLab Enterprise Edition
- Clean up failed archive when no more attempts left (merge request)
- Render gitaly-unavailable error for Tags page (merge request)
- Enable FF "reference_cache_memoization" by default (merge request)
- Enable FF "tags_finder_gitaly" by default (merge request)
- Quarantine broken security_products_usage metrics (merge request) GitLab Enterprise Edition
- Preload user project access in group API (merge request)
- User ParticipantService linear ancestor scopes (merge request)
- Use GroupPlansPreloader linear ancestor scopes (merge request) GitLab Enterprise Edition
- Use specialized worker to refresh authorizations on group-share update (merge request)
- Disable BatchLoader replace_methods by default (merge request)
- Avoid loading project namespace for id (merge request)
- Use MembersFinder ancestors linear scopes (merge request)
- Use ApplicationSetting ancestors linear scopes (merge request) GitLab Enterprise Edition
- Disable replace_methods in users autocomplete (merge request)
- Remove priority sort from board list issues (merge request)
- Use GroupTree ancestors linear scopes (merge request)
- Replace Group ancestors scope with linear version (merge request)
- Add concurrent index for selecting resource_group from ci_builds (merge request)
- Skip keep_around commit callback if
skip_keep_around_commits is true (merge request)
- Add index for vulnerability_occurrences image location (merge request)
- Improve retrieving default branch of empty repos (merge request)
- Update pending builds namespace traversal ids (merge request)
- Use specialized worker to refresh authorizations on project transfer (merge request)
- Add a
uniq filter to SHAs passed to the keep around service (merge request)
Other (41 changes)
- Remove feature flag for pipeline editor drawer (merge request)
- Improve UX of group two factor grace period input (merge request)
- Remove metrics that keeps count of deleted container images by @edith007 (merge request) GitLab Enterprise Edition
- Remove metric that keeps track of published Debian packages by @edith007 (merge request) GitLab Enterprise Edition
- Remove the FF ci_idempotent_pipeline_process_worker (merge request)
- Remove metric that keeps track of downloaded container images by @edith007 (merge request) GitLab Enterprise Edition
- Add Google Analytics ID to gitlab_standard schema for snowplow (merge request)
- Remove metric that keeps track of published container images by @edith007 (merge request) GitLab Enterprise Edition
- Remove the FF ci_include_rules (merge request)
- Always use rate limiting Redis (merge request)
- Cleanup delete orphaned deployments background migration (merge request)
- Remove feature flag disable_joins_upstream_downstream_projects (merge request)
- Do not append hash to pseudonymized URL (merge request)
- Remove test summary widget usage ping feature flag (merge request)
- Remove sync_namespace_name_with_cdot flag (merge request)
- Set
assumeImmutableResults to true in access tokens Apollo config by @imrishabh18 (merge request)
- Remove unused struct field (merge request)
- Re Reschedule Delete Orphaned Deployments BG migration (merge request)
- Refactor compliance framework UI and documentation (merge request) GitLab Enterprise Edition
- Remove the FF ci_pipeline_add_job_with_lock (merge request)
- Remove project authorizations API FF (merge request)
- Revise UI text for Usage Statistics (merge request)
- Removes
track_epic_boards_activity feature flag (merge request)
- Remove pages_smart_check_outdated_sha feature flag (merge request)
- Additional tests of #work_in_progress? (merge request)
- Use varchar_pattern_ops indexes for labels (merge request)
- Update runner status descriptions (merge request)
- Make build_id param as required when updating CI minutes async (merge request) GitLab Enterprise Edition
- Remove FF ci_remove_update_retried_from_process_pipeline (merge request)
- Filter Welcome to GitLab console message from capybara by @leetickett (merge request)
- Remove redundant index on taggings table (merge request)
- Update additional CI minute docs (merge request)
- Drop old int4 PK column for push_event_payloads (merge request)
- Drop old int4 PK column for events (merge request)
- Remove foreign key from terraform_state_versions to ci_builds (merge request)
- Drop old int4 PK columns for ci_sources_pipelines (merge request)
- Drop old int4 PK columns for ci_job_artifacts (merge request)
- Cleanup bigint conversion for ci_builds_metadata (merge request)
- Remove pipeline foreign keys from package tables (merge request)
- Cleanup bigint conversion for ci_builds (merge request)
- Drop support for data-track-event (merge request)
14.3.6 (2021-12-03)
No changes.
14.3.5 (2021-11-26)
Fixed (6 changes)
- Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition
- Geo - Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
- Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
- Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
- Remove defaultAuthors from MR Analytics and VSA (merge request)
- Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition
14.3.4 (2021-10-28)
Security (13 changes)
- Highlight usage of unicode bidi characters (merge request)
- Fix dompurify.js to prevent path traversal attacks (merge request)
- Refresh authorizations on transfer of groups having project shares (merge request)
- Do not allow Applications API to create apps with blank scopes (merge request)
- Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
- Workhorse: Allow uploading only a single file (merge request)
- Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
- Respect visibility level settings when updating project via API (merge request)
- Avoid decoding the whole tiff image on isTIFF check (merge request)
- Adding a '[redacted]' to mask private email addresses (merge request)
- Do not display the root password by default (merge request)
- Set PipelineSchedules to inactive (merge request)
- Remove external_webhook_token from exported project (merge request)
14.3.3 (2021-10-12)
Fixed (3 changes)
- Disable caching of MergeToRefService call in mergeability check (merge request)
- Fix 2FA setup for users with no password (merge request)
- Fix dependency proxy image prefix (merge request)
14.3.2 (2021-10-01)
Fixed (1 change)
Changed (1 change)
14.3.1 (2021-09-30)
Security (29 changes)
- Fix permissions check on project members import (merge request)
- Require password param for 2FA changes (merge request)
- Respect disabled import sources when initiating import via API (merge request)
- Return 404 if model id wasn't passed to UploadsController (merge request)
- Scrub artifacts signed URL in SendEntry logs (merge request)
- Prevent double-impersonation and impersonation breakout (merge request)
- Clear session access tokens when starting/stopping impersonation (merge request)
- Prevent users from bypassing 2FA on certain pages (merge request)
- Use validated URL when sending request to Gitea Importer (merge request)
- Fix XSS in Jira link (merge request) GitLab Enterprise Edition
- Fix fogbugz importer DNS Rebind SSRF (merge request)
- Remove related project access tokens when a project is deleted (merge request)
- Require group admin access to list pending invites (merge request)
- Do not export and import repository_size_limit (merge request)
- Escapes MR approval rule names correctly (merge request)
- Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
- Require access token for git when 2fa is required (merge request)
- Prohibit anonymous access for specific user API endpoint (merge request)
- Disable exporting pipeline triggers on project export (merge request)
- Add pagination to dependencies API (merge request) GitLab Enterprise Edition
- Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
- Permission check issuable template API data (merge request) GitLab Enterprise Edition
- Apply account locking to password reset page (merge request)
- Enforce configured scopes for Oauth applications (merge request)
- Verify state before using errors from OAuth2 OmniAuth providers (merge request)
- Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
- Fix GFM autocomplete xss (merge request)
- Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
- Fix denial-of-service attack in Markdown parser (merge request)
14.3.0 (2021-09-21)
Added (111 changes)
- Add organizations update mutation to GraphQL by @leetickett (merge request)
- Auto-scope board to iteration cadence (merge request)
- Decouple project runners queuing query from projects table (merge request)
- Add owner validation for project namespaces (merge request)
- Add ProjectNamespace model and DB relationships (merge request)
- Upgrade Pages to 1.44.0 (merge request)
- Add docs on how to use AWS server side encryption for backups (merge request)
- Persist projects configured to use an Agent (merge request)
- Enable Pages replication with Geo by default (merge request) GitLab Enterprise Edition
- Address the PK Overflow risk for the ci_build_needs - Step 3 (merge request)
- Extend
marginalia to provide db_config_name (merge request)
- Enable Roadmap daterange presets (merge request) GitLab Enterprise Edition
- Test project namespace is destroyed with project_namespace.rb (merge request)
- Add DastSiteValidations status filter (disabled) (merge request) GitLab Enterprise Edition
- Allow using inherited description templates on service desk (merge request) GitLab Enterprise Edition
- Gitaly repository tree keyset pagination (merge request)
- Sort scoped labels first in issuable sidebar by @leetickett (merge request)
- Enable surfacing false positives for vulnerabilities (merge request)
- Remove related todos when a design is archived (merge request)
- Updated vendored cluster management project tpl (merge request)
- Configure the sidekiq job limits through settings (merge request)
- GraphQL for dependency proxy ttl policies (merge request)
- Track CI minutes usage on a monthly basis (merge request) GitLab Enterprise Edition
- Added connectivity status to Kubernetes Agents (merge request) GitLab Enterprise Edition
- Display icon for hidden issues on group/project issue boards (merge request)
- Add milestoneWildcardId to board issues graphQL endpoint (merge request)
- Support multiple dbs in MigrationHelpers (merge request)
- Add unauthenticated API throttle settings to admin area (merge request)
- Apply throttling settings for unauthenticated API requests (merge request)
- Add
throttle_unauthenticated_api_* columns to application settings (merge request)
- Track resolving a thread through a new issue action (merge request)
- Reject pending approval users via API (merge request)
- Add connected agents to cluster agents GraphQL response (merge request) GitLab Enterprise Edition
- Introduce max saml message size setting (merge request) GitLab Enterprise Edition
- Add group contacts query to GraphQL by @leetickett (merge request)
- Merge branch '322839-dp-graphql-image-prefix' into 'master' (merge request)
- Enable ci_build_tags_limit by default (merge request)
- Reimplement tree pagination for Rugged (merge request)
- Address the PK Overflow risk for the ci_build_trace_chunks - Step 3 (merge request)
- Address the PK Overflow risk for the ci_builds_runner_session - Step 3 (merge request)
- Apply throttling settings to Files API (merge request)
- Add more details to Protected Branches Audit Events by @adrien.gooris (merge request) GitLab Enterprise Edition
- Allow sorting issues by their title by @espadav8 (merge request)
- Added filter bar to project VSA (merge request)
- Track CI minutes notifications for new monthly tracking (merge request)
- Support refname in external repo CI configuration by @jspricke (merge request)
- Keyset pagination for Groups API (merge request)
- repository: Always use
ListBlobs() to enumerate new blobs (merge request)
- Add
latest column into security_scans table (merge request)
- Add not filters for MR Analytics (merge request) GitLab Enterprise Edition
- Validate user website_url (merge request)
- Adding terraform fmt to the Terraform template by @willianpaixao (merge request)
- Address the PK Overflow risk for the ci_sources_pipelines - Step 3 (merge request)
- Added /unapprove quick-action by @lzampier (merge request) GitLab Enterprise Edition
- Split diff commit migrations into smaller chunks (merge request)
- Add
hidden field to GraphQL Issue type (merge request)
- Add ProjectNamespace model and DB relationships (merge request)
- Add dependency proxy image prefix to group type (merge request)
- Backfill projects with CI coverage usage (merge request)
- Add Mailgun endpoint for receiving permanent failures (merge request)
- Clean up group_level_protected_environments feature flag (merge request)
- Add paginated tree graphQL query (merge request)
- Auto-DevOps: respect deploy freezes (merge request)
- Add new VSA partitioned tables (merge request)
- Readding state column for members table (merge request)
- Address the PK Overflow risk for the ci_job_artifacts - Step 3 (merge request)
- Add organizations to GraphQL by @leetickett (merge request)
- Mark the PostReceive worker as idempotent (merge request)
- Added connectivity status to Kubernetes Agents (merge request) GitLab Enterprise Edition
- Use Gitaly API to sort tags (merge request)
- Promote continuous onboarding A variant (merge request)
- Allow support for description lists in content editor (merge request)
- Support AWS SSE-KMS in backups (merge request)
- Add new methods to support the PK migration - STEP 3 (merge request)
- Add ability to Delete Freeze Periods by @jayaddison (merge request)
- Add DevOps Adoption Overview table (merge request) GitLab Enterprise Edition
- Render video in content editor by @leetickett (merge request)
- Upgrade GitLab Pages to 1.43.0 (merge request)
- Requirement migration: Sync title and description changes (merge request) GitLab Enterprise Edition
- Render audio in content editor by @leetickett (merge request)
- Adds k8s 1.20 to EKS list (merge request)
- API: Add endpoint to reset runner registration token by @KyleFromKitware (merge request)
- Add personalization questions to group creation (merge request)
- Fix unban specs (merge request)
- Log backtrace when SAVEPOINT is discovered (merge request)
- Improve serialization of content editor extensions (merge request)
- Removes load_balancing_for_expire_job_cache_worker FF (merge request)
- Enable the FF ci_include_rules by default (merge request)
- Allow arbitrary html tags in content editor (merge request)
- Expose web_url to Compare API endpoint (merge request)
- Add configure integrations button to project view (merge request)
- Steal pending merge request diff commit user jobs (merge request)
- Database work to support inherited templates on service desk (merge request)
- Add param to allow scoped caching of Repo#merge_to_ref (merge request)
- Allow to create epic from ancestor board (merge request) GitLab Enterprise Edition
- BG migration for populating stage event hash (merge request)
- Add VulnerabilityCreate GraphQL mutation (merge request) GitLab Enterprise Edition
- Add direct group dependency proxy env variable (merge request)
- Persist groups configured to use an Agent (merge request)
- Test case return 404 instead of 500 error (merge request) GitLab Enterprise Edition
- Add approvalRules to MergeRequest GraphQL API (merge request) GitLab Enterprise Edition
- Add Files API throttling to application settings (merge request)
- Add support for fetching merge requests via RSS / Atom by @kingjan1999 (merge request)
- Enable new vulnerability report project filter by default (merge request)
- Allow title attribute in elements in content editor (merge request)
- Allow editing the structure of tables (merge request)
- Adds a button to retry a failed migration (merge request)
- Add system note for issue type changes (merge request)
- Add contacts table and model by @leetickett (merge request)
- Add oncall_users to oncall schedule Graphql type (merge request) GitLab Enterprise Edition
- Add gauge metric on ci queue size (merge request)
Fixed (120 changes)
- Fix AddUpvotesToMergeRequests migration (merge request) GitLab Enterprise Edition
- Add yAxis formatter (merge request)
- Fix composer package version regex by @leopold.jacquot (merge request)
- Use configurable page size for jobs in stages (merge request)
- Fix for approval check popover bug (merge request) GitLab Enterprise Edition
- Shorten session TTL of anonymous blob access (merge request)
- Makes kubectl annotate work in Helm 2to3 migration Jobs by @erik.forsberg (merge request)
- Use the correct project path in generated
KUBECONFIG file (merge request) GitLab Enterprise Edition
- Removes cleanup job from Terraform.latest (merge request)
- Geo Nodes - Fix flex alignment (merge request) GitLab Enterprise Edition
- Do not cache user email from github if email is nil/private (merge request)
- Change non-breaking space to space in email by @scootergrisen (merge request)
- Add metric to service ping if has defintion (merge request)
- Open reply box on resolved design discussions (merge request)
- Add GraphQL type for agent metadata (merge request) GitLab Enterprise Edition
- Include author in commit message from core team community members by @leetickett (merge request)
- Refactor the helm presenter (merge request)
- Prevent vuln table header from cutting off dropdown (merge request) GitLab Enterprise Edition
- Only render "No artifacts found" when not loading (merge request)
- Upgrade fog-aws to v3.12.0 (merge request)
- Fix Geo Pages replication for selective sync (merge request) GitLab Enterprise Edition
- Dynamically read pool sizes for LB configurations (merge request)
- tags: Always enable fix for verification of long tag messages (merge request)
- Fix editing network policies without policy management project (merge request) GitLab Enterprise Edition
- Fix not being able to delete unparseable policies (merge request) GitLab Enterprise Edition
- Check if root ancestor has an active trial (merge request)
- Fix text ellipsis on linked issues/MRs (merge request)
- Fix overlap of error message and sidebar on boards (merge request)
- Use global ids when updating board scope (merge request) GitLab Enterprise Edition
- Fix displaying label text in labels dropdown in dark mode (merge request)
- Don't release primary connections in the DB LB (merge request)
- Add epic board scope to newly created epic (merge request) GitLab Enterprise Edition
- Invalidate ES namespace cache when transferring groups (merge request) GitLab Enterprise Edition
- Use SafeRequestStore in the DB LB (merge request)
- Fix display of relative/absolute time in PAT and deploy token tables (merge request)
- Symbolize load balancer configuration keys (merge request)
- Fix GitHub Importer outdated diff notes not showing (merge request)
- Fix Elastic::MigrationWorker current_migration (merge request) GitLab Enterprise Edition
- Fix comments cutting off the left side of wide characters (merge request)
- Make group and project fields fullPath argument case-insensitive (merge request)
- Prevent opening sidebar when clicking on board card title (merge request)
- Do not cache .terraform.lock.hcl (merge request)
- Prevent creation of too long file name (merge request)
- Ensure Milestones Are Displayed With Few Results (merge request)
- Replace vsa stage slug with id (merge request) GitLab Enterprise Edition
- Load config variables from external project (merge request)
- Fix creating issue in milestone list (merge request) GitLab Enterprise Edition
- Fix header order in CI/CD pipeline's job tab by @JonstonChan (merge request)
- Make RepositoryUpdateMirrorWorker idempotent (merge request)
- Fix selected for User#commit_email input (merge request)
- Allow additional minute transfer for Users (merge request) GitLab Enterprise Edition
- Fix labels applied to a wrong issue (merge request)
- Max width for sidebar dropdown widgets (merge request)
- Fix yaml viewer padding not changing color (merge request) GitLab Enterprise Edition
- Remove paste event listener on destroy (merge request)
- Fix formatting bubble menu in Content Editor (merge request)
- Fix group membership CSV export for invited users (merge request)
- Remove table-layout: fixed style from the tree table of files (merge request)
- Remove the existing duplicates of DastSiteTokens (merge request)
- Update Audit Logging for Feature Flags (merge request)
- Error on newlines in sidekiq-cluster arguments (merge request)
- Reduce DA pagerefresh rate (merge request) GitLab Enterprise Edition
- Fix security report schema validation (merge request) GitLab Enterprise Edition
- Fix disappearing badge in commit image thread edit (merge request)
- Fix - Some users cannot move issues in epic swimlanes (merge request) GitLab Enterprise Edition
- Logged out users can view public group epic boards (merge request) GitLab Enterprise Edition
- Reschedule 'ExtractProjectTopicsIntoSeparateTable' post migration by @wwwjon (merge request)
- Update relative positions on querying board issues (merge request)
- Patch
grape-entity to prevent having NameError loop (merge request)
- Catch Helm invalid versions by @sathieu (merge request)
- Fix broken image for runner templates (merge request)
- Disallow editing the environment name (merge request)
- Fix visibility reference check (merge request)
- Add missing graphQL ids (merge request)
- Don't override setup_for_company in subscription flow (merge request)
- Skip highlighting cache for diffs with unsupported characters (merge request)
- Use the last Helm chart when downloading by @sathieu (merge request)
- Fix OrphanedInviteTokensCleanup migration (merge request)
- Fix downstream counter badge link (merge request) GitLab Enterprise Edition
- Only set User#commit_email with user input (merge request)
- Fix Connection#exists? when using the DB LB (merge request)
- Fix contributors detection in changelog generation (merge request)
- Downgrade grpc from 1.38.0 to 1.30.2 (merge request)
- Let non-members set confidential flag on issue (merge request)
- Fix displaying weight of 0 for issues in epic tree (merge request) GitLab Enterprise Edition
- Fix epic swimlanes list drag drop reordering (merge request) GitLab Enterprise Edition
- Show create-jira on pipeline and MR when enabled (merge request) GitLab Enterprise Edition
- Fix new project page in dark mode (merge request)
- Move service_desk_setting to CE in project import export by @leetickett (merge request)
- Add default option to notification_email input (merge request)
- Fix overflowing text in OmniAuth login buttons (merge request)
- Use
binary property on the file object (merge request)
- Handle errors without causes (merge request)
- Fix bug validating EE project features (merge request)
- Fix Live Markdown Preview in personal and subgroup projects (merge request)
- Send rotation email inline when deleting user (merge request) GitLab Enterprise Edition
- Use type to detect password fields in integrations instead of name (merge request)
- Use dynamic mapping in trigger to sync
integrations.type_new (merge request)
- Fix Epic bulk updates leaking to other epics (merge request) GitLab Enterprise Edition
- Drop un-used db/ci_migrate symlink (merge request)
- Fix getAction is undefined bug in Web IDE markdown files (merge request)
- Remove substransaction from wiki event creation (merge request)
- Fix namespace checks for live quota consumption (merge request) GitLab Enterprise Edition
- Fix project importers pagination issues (merge request)
- Use
binary property on the file object (merge request)
- Fix links to Jira docs (merge request)
- Enable the FF ci_new_artifact_file_reader by default (merge request)
- Remove redundant callbacks, rely instead on validations (merge request)
- Fix tooltip on issue sidebar (merge request)
- Reduce the spacing of list items for Content Editor (merge request)
- Respect namespaces with unlimited minutes (merge request)
- Fix some edge cases with Content Editor serializing (merge request)
- Geo: Replicate wiki and design repository HEAD ref (merge request) GitLab Enterprise Edition
- Fix designCollection object after design is uploaded (merge request)
- Wrap pipeline artifact dropdown item names (merge request)
- Fix SSO SAML redirection not including query string (merge request)
- Add fix for 'old' file type (merge request)
- Fix invite url on invited emails (merge request)
- Track build minutes for disabled shared runners (merge request) GitLab Enterprise Edition
- Validate the uniqueness of pipeline variables (merge request)
Changed (109 changes)
- Reset notification level when CI minutes limit change (merge request) GitLab Enterprise Edition
- Associate successful DAST validations with sites (merge request) GitLab Enterprise Edition
- Use new code quality version 0.85.24-gitlab.1 (merge request)
- Add notice when runner projects are updated (merge request)
- Change DAST url download text to button (merge request) GitLab Enterprise Edition
- Update expired message for namespace (merge request) GitLab Enterprise Edition
- Measure image scaler duration for cached images (merge request)
- Use allowlist of allowed attributes for imported models (merge request)
- Migrate admin projects tabs styles (merge request)
- Rebalance issues relative position without transaction (merge request)
- Show project suffix input as disabled (merge request)
- Update board list settings drawer style (merge request)
- Set different session cookie for Geo secondaries (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
- Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition
- Update Devise sign_in path for Geo secondaries (merge request) GitLab Enterprise Edition
- Fix policy editor performance (merge request) GitLab Enterprise Edition
- Fix DORA deployment frequency in VSA (merge request)
- Clean up settings_block.vue (merge request)
- Don't allow anonymous users to search with text (merge request)
- Add migrations to swap ci_builds.id column (merge request)
- Fix policy preview for non-parseable policies (merge request) GitLab Enterprise Edition
- Add CI/CD variables for Auto Build and Auto Deploy image versions (merge request)
- Update parser gem to 3.0.2.0 (merge request)
- Disable Sendfile interface for serving Sidekiq Web assets (merge request)
- Enable updated delete branch modal styles (merge request)
- Add worker_class argument to Sidekiq queues APIs (merge request)
- Change Ci::Minutes:AdditionalPack text limit (merge request) GitLab Enterprise Edition
- Remove package_details_apollo feature flag (merge request)
- Add migrations to swap ci_builds.id column (merge request)
- Add abuse actions to account lock email text (merge request)
- Security MR-widget: Clarify dismissed state (merge request) GitLab Enterprise Edition
- Default on policies feature flag (merge request) GitLab Enterprise Edition
- Update UI text for artifacts expiration setting (merge request)
- Use GlAlert instead of a custom alert class (merge request) GitLab Enterprise Edition
- Generate iids with implicit locking by default (merge request)
- Update profile conflict message (merge request) GitLab Enterprise Edition
- Add a link to site profiles management (merge request) GitLab Enterprise Edition
- Use similarity sort in search project dropdown (merge request)
- Diff stats dropdown styling update due to migration to GlDropdown (merge request)
- Update CODEOWNERS - Marcia - Configure (merge request)
- Review group general settings (merge request)
- Update UI text and link for variable warning (merge request)
- Retry archive if left in incomplete state (merge request)
- Remove File-By-File preference cookie (merge request)
- Add migration to swap ci_builds.stage_id column (merge request)
- Update Graphql dastProfileUpdate mutation to include Schedule (merge request)
- Support restoring repository backups in parallel (merge request)
- Roll back support for caching encoding detection (merge request)
- Allow to open table editing dropdown from headers (merge request)
- Rename
throttle_unauthenticated_* attributes in application settings (merge request)
- Prepare the DB LB for always being enabled (merge request)
- Move group's "allow request access" to new section (merge request)
- Fix integer columns on new VSA table (merge request)
- Update GitLab User Doc for EKS supported version (merge request)
- Resize Jupyter images to fit within the parent box (merge request)
- Renders images on the repository of .ipynb files (merge request)
- Update help text for API Fuzzing Configuration (merge request) GitLab Enterprise Edition
- Eanble sort_by_project_users_by_project_authorizations_user_id FF (merge request)
- Move CI job token details to new page in CI docs (merge request)
- Improve UI text for maintenance mode (merge request)
- Update security policy editor rule button styling (merge request) GitLab Enterprise Edition
- Show up to 200 jobs per CI stage (merge request)
- Update
project/clusters/ CODEOWNERS (merge request)
- Zoom into design image upto 100% of actual size (merge request)
- Adds DB fixtures to create base work item types (merge request)
- Add configurable maximum YAML file size and depth by @discinaround (merge request)
- Add customized README file when creating new Security Policy Project (merge request) GitLab Enterprise Edition
- Remove ci_job_trace_force_encode feature flag (merge request)
- Add pipeline_artifacts_size to projectSatisticsType (merge request)
- Enable bulk_import feature flag by default (merge request)
- Update Geo node to Geo site (merge request)
- Update to Ruby 2.7.4 (merge request)
- Group Settings CI/CD h4 expand by @quatauta (merge request)
- Catch all errors when processing Debian changes by @sathieu (merge request)
- Externalize messages on EKS settings page by @JonstonChan (merge request)
- Externalize page-title messages by @JonstonChan (merge request)
- Externalize add_to_breadcrumbs messages by @JonstonChan (merge request)
- Add warning to when converting runner to specific (merge request)
- Update incident management limits UI text (merge request) GitLab Enterprise Edition
- Scope i18n strings that are incorrectly unscoped by @JonstonChan (merge request)
- Unscope i18n strings that are incorrectly scoped by @JonstonChan (merge request)
- Externalize breadcrumb_title message by @JonstonChan (merge request)
- Externalize submit "Save changes" message by @JonstonChan (merge request)
- Use Gitlab::Ci::Lint in /ci/lint API endpoint (merge request)
- Require a LoadBalancer for service discovery (merge request)
- Only show tooltip on truncate (merge request)
- Remove scanner_type argument from GraphQL mutation (merge request) GitLab Enterprise Edition
- Remove runner "locked" toggle where not used (merge request)
- Fetch discussions using GraphQL (merge request)
- Prepopulate new issue with link to the parent by @smokris (merge request)
- Group Settings Default initial branch h4 expand by @quatauta (merge request)
- Always use
SetFullPath RPC (merge request)
- Making cross-reference links distinctly visible (merge request)
- Pipeline Security: Rename "scanner" to "tool" (merge request) GitLab Enterprise Edition
- Set blocked Omniauth accounts to blocked_pending_approval by @vfazio (merge request)
- Stringify policy yaml response in scanExecutionPolicies graphql query (merge request) GitLab Enterprise Edition
- Improve error message for TransferService (merge request)
- Geo SSF: fix texting in admin area (merge request) GitLab Enterprise Edition
- Split for_project_paths into two queries (merge request)
- Migrate epic sidebar participants to widget (merge request) GitLab Enterprise Edition
- Remove the usage_data_design_action feature flag (merge request)
- Vulnerabilities CSV: Rename "scanner" to "tool" (merge request) GitLab Enterprise Edition
- Remove feature flags for DAST disable_joins (merge request) GitLab Enterprise Edition
- Migrate epic sidebar ancestors to widget (merge request) GitLab Enterprise Edition
- Disable Vulnerability Finding Link creation (merge request) GitLab Enterprise Edition
- Remove feature flag milestone_reference_pattern (merge request)
Deprecated (1 change)
Removed (16 changes)
- Remove ci_templates_total_unique metrics (merge request)
- Disable method instrumentation initialization (merge request)
- Remove feature flag for env_vars_resource_group (merge request)
- Add migration to remove projects.container_registry_enabled (merge request)
- Update docs regarding pages legacy storage in 14.3 (merge request)
- Remove experience level functionality (merge request)
- Remove Markdown support for bio field (merge request)
- Remove FF load balancing for deployments hooks worker (merge request)
- Remove GitLab Pages legacy storage lease (merge request)
- Stop deploying GitLab Pages to legacy storage (merge request)
- Remove Clair deprecation warning (merge request) GitLab Enterprise Edition
- Remove feature flag gitaly_backup (merge request)
- Remove name parameter from pipeline finder (merge request)
- Remove seat_link_enabled from ApplicationSettings db table (merge request)
- Remove cloud_license_enabled database column (merge request)
- merge_request: Drop checks whether a squash is in progress (merge request)
Security (14 changes)
- OAuth Access Tokens generated by new applications have expiry (merge request)
- Sanitize emojis when reading from LocalStorage (merge request)
- Always include default config for DOMPurify (merge request)
- Deny access for repository coverage info for guests (merge request) GitLab Enterprise Edition
- Prevent non-admins from configuring Jira connect app
- Update apollo_upload_server dependency
- Ensure shared group members lose project access after group deletion
- Update Import/Export to use public email when mapping users GitLab Enterprise Edition
- Update mermaid to 8.11.5 by @bufferoverflow (merge request)
- Escape issue reference and title for Jira issues GitLab Enterprise Edition
- Fix stored XSS vulnerability in Datadog settings form
- Inherit user external status while creating project bots
- Require sign in for .keys endpoint on non-public instances
- Only create jira connect NS subscriptions for admins
Performance (43 changes)
- Add index for selecting resource_group from ci_builds (merge request)
- Perform FindTag RPC request for a single tag (merge request)
- Remove redundant permission checks for GraphQL job type (merge request)
- Avoid a duplicated SQL condition in the NPM metadata endpoint (merge request)
- Remove preload_repo_cache feature flag (merge request)
- Limit updates to Web Hook backoff interval (merge request)
- Fix N+1 in projects API (merge request)
- Remove cache_merge_to_ref_calls feature flag (merge request)
- Limit max pagination count for relations to 1000 (merge request)
- Batch loading of open issues count from Redis (merge request)
- Decrease WebHooks::LogExecutionWorker retries (merge request)
- Use specialized worker to refresh authorizations on group-share removal (merge request)
- Run UserRefreshFromReplicaWorker jobs on the replica db by default (merge request)
- push_rules: Implement bulk-checking of file sizes (merge request)
- Reduce DB queries when loading root_ancestor (merge request)
- Release cached merge_request show.json (merge request)
- Release diffs_batch cached rendering (merge request)
- Fix n+1 for award_emoji field when fetching epics (merge request) GitLab Enterprise Edition
- Remove pipeline variable unique validation (merge request)
- Splits up auto_cancelable_pipelines query, adds limit (merge request)
- Use linear version GroupsWithTemplatesFinder#extended_group_search (merge request) GitLab Enterprise Edition
- Use linear version ApplicationSettings#elasticsearch_limited_namespaces (merge request) GitLab Enterprise Edition
- Use linear version User#groups_with_developer_maintainer_project_access (merge request)
- Move vulnerability statistics update out of transaction (merge request) GitLab Enterprise Edition
- Use linear version of User#manageable_groups (merge request)
- Decrease epics, child epics and child issues max page size (merge request) GitLab Enterprise Edition
- Caching the protected branch check (merge request)
- Enable caching of MergeToRefService responses (merge request)
- Remove the npm_presenter_queries_tuning FF (merge request)
- Use linear version of User#membership_groups (merge request)
- Use linear version of groups_including_descendants_by (merge request)
- Optimize StuckCiJobsWorker running builds query (merge request)
- Use reference cache for iterations (merge request) GitLab Enterprise Edition
- Cache content_sha256 field for Files API (merge request)
- Eliminate N+1 queries for pipeline GraphQL endpoint (merge request)
- Upgrade grape-path-helpers to 1.7.0 (merge request)
- Remove
safe_find_or_create_by! usage (merge request)
- Remove feature flag used to enable subtransactions counter (merge request)
- Remove safe_find_or_create_by! calls (merge request)
- checks: Always enable batched computation of commits (merge request)
- Never fetch more than 101 commits when processing a git push (merge request)
- Reduce Gitaly calls for keeping around refs of published notes (merge request)
- Use the ListCommits RPC, not CommitsBetween, when processing git push (merge request)
Other (56 changes)
- Remove optimized_issuable_label_filter flag (merge request)
- Snowplow event dictionary first run for Vue files (merge request) GitLab Enterprise Edition
- Add Snowplow event dictionary for Vue files (merge request) GitLab Enterprise Edition
- Remove track_all_ci_template_inclusions FF (merge request)
- Plain replace of track-event to track-action (merge request) GitLab Enterprise Edition
- Remove FF ci_daily_limit_for_pipeline_schedules (merge request)
- Remove FF ci_modified_paths_of_external_prs (merge request)
- Update the helm documentation (merge request)
- Finalize conversion to bigint for ci_builds_metadata (merge request)
- Add status columns to dependency proxy tables (merge request)
- Remove load performance widget usage data flag (merge request) GitLab Enterprise Edition
- Finalize conversion to bigint for taggings (merge request)
- Clean up feature flag for pipeline editor branch switcher (merge request)
- Track all CI template inclusions (merge request)
- Revert "Merge branch... (merge request)
- Remove the default enabled feature flag (merge request)
- Fix: update error budget documentation (merge request)
- Cleanup bigint conversion for geo_job_artifact_deleted_events (merge request)
- Cleanup bigint conversion for deployments (merge request)
- Cleanup bigint conversion for ci_stages (merge request)
- Remove use_insert_all_in_internal_id feature flag (merge request)
- Remove metrics report usage data feature flag (merge request) GitLab Enterprise Edition
- Remove the FF ci_fix_commit_status_retried (merge request)
- Remove bigint conversion triggers for events (merge request)
- Move usage_graph component to vue_shared folder (merge request)
- Prepare ci_builds swap indexes for async creation (merge request)
- Bump fast_gettext to the latest (merge request)
- Introduce versioned GitLab migration class (merge request)
- Remove bigint conversion triggers for push_event_payloads (merge request)
- Fix contextual help link and other minor improvements (merge request) GitLab Enterprise Edition
- Clean up :graphql_board_list feature flag (merge request)
- Revert "Merge branch 'stuck-ci-jobs-worker-optimize-running' into 'master'" (merge request)
- Cleanup used membership invites (merge request)
- Remove temp index on approval_project_rules (merge request)
- Add models for dependency proxy ttl policies (merge request)
- Bump prometheus-client-mmap to 14.0 (merge request)
- Update GitLab Shell to v13.21.0 (merge request)
- Remove enabled runner_graphql_query feature flag (merge request)
- Remove upsert_issue_metrics feature flag (merge request)
- Remove optimize_safe_find_or_create_by FF (merge request)
- Remove column from project_settings (merge request)
- Remove the "local file reviews" feature flag (merge request)
- Prepare async indexes for ci table int8 swaps (merge request)
- Remove store_mentions_without_subtransactions FF (merge request)
- Remove unused other_storage_counter (merge request)
- Remove enabled runner_detailed_view_vue_ui flag (merge request)
- Remove web performance widget usage data flag (merge request) GitLab Enterprise Edition
- Finalize conversion to bigint for events (merge request)
- Remove column from project_settings (merge request)
- Fix instrumentation meta method definition (merge request)
- Remove board_new_list feature flag (merge request)
- Prepare indexes on events for bigint column conversions (merge request)
- Remove
track_unique_visits feature flag by @edith007 (merge request)
- Remove deprecated deployment workers by @edith007 (merge request)
- Remove the FF ci_reset_bridge_with_subsequent_jobs (merge request)
- Removes ci_same_stage_job_needs ff (merge request)
14.2.7 (2021-11-26)
Fixed (3 changes)
- Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
- Remove defaultAuthors from MR Analytics and VSA (merge request)
- Let non-members set confidential flag when creating an issue in public project (merge request)
Changed (4 changes)
- Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
- Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition
14.2.6 (2021-10-28)
Security (13 changes)
- Highlight usage of unicode bidi characters (merge request)
- Fix dompurify.js to prevent path traversal attacks (merge request)
- Refresh authorizations on transfer of groups having project shares (merge request)
- Do not allow Applications API to create apps with blank scopes (merge request)
- Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
- Workhorse: Allow uploading only a single file (merge request)
- Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
- Respect visibility level settings when updating project via API (merge request)
- Avoid decoding the whole tiff image on isTIFF check (merge request)
- Adding a '[redacted]' to mask private email addresses (merge request)
- Do not display the root password by default (merge request)
- Set PipelineSchedules to inactive (merge request)
- Remove external_webhook_token from exported project (merge request)
14.2.5 (2021-09-30)
Security (28 changes)
- Require password param for 2FA changes (merge request)
- Fix permissions check on project members import (merge request)
- Respect disabled import sources when initiating import via API (merge request)
- Return 404 if model id wasn't passed to UploadsController (merge request)
- Scrub artifacts signed URL in SendEntry logs (merge request)
- Prevent double-impersonation and impersonation breakout (merge request)
- Clear session access tokens when starting/stopping impersonation (merge request)
- Use validated URL when sending request to Gitea Importer (merge request)
- Fix XSS in Jira link (merge request) GitLab Enterprise Edition
- Fix fogbugz importer DNS Rebind SSRF (merge request)
- Remove related project access tokens when a project is deleted (merge request)
- Require group admin access to list pending invites (merge request)
- Do not export and import repository_size_limit (merge request)
- Escapes MR approval rule names correctly (merge request)
- Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
- Require access token for git when 2fa is required (merge request)
- Disable exporting pipeline triggers on project export (merge request)
- Add pagination to dependencies API (merge request) GitLab Enterprise Edition
- Permission check issuable template API data (merge request) GitLab Enterprise Edition
- Apply account locking to password reset page (merge request)
- Enforce configured scopes for Oauth applications (merge request)
- Verify state before using errors from OAuth2 OmniAuth providers (merge request)
- Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
- Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
- Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
- Fix GFM autocomplete xss (merge request)
- Prohibit anonymous access for specific user API endpoint (merge request)
- Fix denial-of-service attack in Markdown parser (merge request)
14.2.4 (2021-09-17)
Fixed (2 changes)
- Fix Elastic::MigrationWorker current_migration (2nd attempt) (merge request) GitLab Enterprise Edition
- Removes cleanup job from Terraform.latest (merge request)
14.2.3 (2021-09-01)
Fixed (4 changes)
- Fix Live Markdown Preview in personal and subgroup projects (merge request)
- Fix OrphanedInviteTokensCleanup migration (merge request)
- Reset severity_levels default (merge request)
- Geo: Replicate multi-arch containers (merge request) GitLab Enterprise Edition
14.2.2 (2021-08-31)
Security (9 changes)
- Prevent non-admins from configuring Jira connect app (merge request)
- Only create jira connect NS subscriptions for admins (merge request)
- Update apollo_upload_server dependency (merge request)
- Ensure shared group members lose project access after group deletion (merge request)
- Update Import/Export to use public email when mapping users (merge request) GitLab Enterprise Edition
- Require sign in for .keys endpoint on non-public instances (merge request)
- Inherit user external status while creating project bots (merge request)
- Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
- Fix stored XSS vulnerability in Datadog settings form (merge request)
14.2.1 (2021-08-23)
Fixed (1 change)
Changed (2 changes)
- Reorder vuln check criteria (merge request) GitLab Enterprise Edition
- Don't override vulnerability feedback UUID anymore (merge request) GitLab Enterprise Edition
14.2.0 (2021-08-20)
Added (128 changes)
- Add missing Ci::Build graphql mutations (merge request)
- Introduce a table to store job trace metadata (merge request)
- Promote the contact_sales_btn_in_app experiment to product feature (merge request)
- Upgrade GitLab Pages to v1.42.0 (merge request)
- Enable the instance-level overrides feature (merge request)
- Add support for inline diff in content editor (merge request)
- Update security policies pipeline processor to support secret detection (merge request) GitLab Enterprise Edition
- Render references in content editor (merge request)
- Add copy feature to CI job page (merge request)
- Limit number of files per pages site (merge request)
- Added new user callout for the Terraform banner (merge request)
- Markdown Live preview for Source Editor (merge request)
- Create table zentao_tracker_data (merge request)
- Start tracking project ci feature usages (merge request)
- Add support for task list in content editor (merge request)
- Add support for subscript/superscript (merge request)
- Enable agent registration UI (merge request) GitLab Enterprise Edition
- Add support for meta tag DAST site validation (merge request) GitLab Enterprise Edition
- Include reply in email egenrated notes (merge request)
- Allow sorting merge requests by latest closed at (merge request)
- Enable seat usage export (merge request) GitLab Enterprise Edition
- Show artifact downloads for security reports (merge request)
- Expose integrated error tracking to services (merge request)
- Render emojis in the Content Editor (merge request)
- Add dependency link to package type (merge request)
- Enabled diff virtual scrolling by default (merge request)
- Enables ci_same_stage_job_needs by default (merge request)
- Remove agent_kubeconfig_ci_variable feature flag (merge request)
- Prune database partitions older than a retention period (merge request)
- Add vulnerabilities_allowed into rules (merge request) GitLab Enterprise Edition
- Add organizations table and model (merge request)
- Support setting Rails asset host via gitlab.yml (merge request)
- Disable project/group sharing when User Cap set (merge request)
- Expose timelogs in GraphQL query type (merge request)
- Enable ci_daily_limit_for_pipeline_schedules by default (merge request)
- Track changes in merge request approval settings in Audit Events (merge request) GitLab Enterprise Edition
- Store hashcode for VSA stage events (merge request)
- Remove ci_jobs_trace_size_limit feature flag (merge request)
- Index issues on project_id, state_id, created, id (merge request)
- Feat: enable report abuse button for snippets (merge request)
- Add tooltip to No Target text in corpus management (merge request)
- Remove code quality usage feature flag (merge request)
- Add severity_levels validation and usage (merge request) GitLab Enterprise Edition
- Add support for adding attachments in Content Editor (merge request)
- Add expired tokens alert to personal access tokens profile page (merge request) GitLab Enterprise Edition
- Show topics in the project list (merge request)
- Add pipeline iid dropdown (merge request)
- Mark completed jobs as successful (merge request)
- Add namespace field to User type in GraphQL (merge request)
- Add view pipeline button in pipeline editor (merge request)
- Add a bubblemenu for text format to Content Editor (merge request)
- Adds APIs and their specs to projectionist example file (merge request)
- Add rule_index to security_orchestration_policy_rule_schedules (merge request)
- Extend graphql repository with paginated tree field (merge request)
- Add support for security policy project for Projects::CreateService (merge request) GitLab Enterprise Edition
- Expose vulnerabilities_allowed (merge request) GitLab Enterprise Edition
- Deploy token access for the Dependency Proxy (merge request)
- Remove compare_repo_dropdown feature flag (merge request)
- Add mutation to change namespace shared runners setting (merge request)
- Add severity_levels into approval_project_rules (merge request)
- Add admin_verify track to in-product marketing emails (merge request)
- Add instance setting for delayed project deletion (merge request) GitLab Enterprise Edition
- Add Snowplow Tracking to Environment Actions (merge request)
- Finalize converting geo_job_artifact_deleted_events (merge request)
- Remove feature flag search_sort_issues_by_popularity (merge request)
- Cancel pipelines before deleting (merge request)
- Add structured logging to MergeRequestMergeabilityCheckWorker (merge request)
- Allow immediate deletion of groups (merge request) GitLab Enterprise Edition
- Add application and DB layer validations for flag_type uniqueness (merge request) GitLab Enterprise Edition
- Add pronunciation to GitLab profile page (merge request)
- Add trial_short track to in-product marketing emails (merge request)
- Deploy token access for the dependency proxy (merge request)
- Generate Debian component files for udeb and source files (merge request)
- Log deprecations to dedicated log file (merge request)
- Add button for reactivating/extending trial (merge request) GitLab Enterprise Edition
- Add secret_detection to security_orchestration_policy JSON schema (merge request) GitLab Enterprise Edition
- Add assigned issue and pending todo counts to /users_count API (merge request)
- GraphQL: Add sharedRunnersSetting to Group/Namespace (merge request)
- feat: Add environments survey alert (merge request)
- Allow Limitable to use override feature flag (merge request)
- Retain trigger time of alerts (merge request)
- Add mutation to lock/unlock project paths (merge request) GitLab Enterprise Edition
- Use non-predefined variables inside CI include blocks (merge request)
- Allow resetting issue labels (merge request)
- Exposed created_at to billable members API (merge request) GitLab Enterprise Edition
- Add pagination support for get_tree_entries RPC (merge request)
- Introduce AutoDeleteCronWorker for Environments (merge request)
- Enable DAST runner site validation by default (merge request) GitLab Enterprise Edition
- Return signature in InRelease and Release.gpg endpoints (merge request)
- Add pages_file_entries to plan_limits (merge request)
- Add the compliance framework label to group projects listing (merge request) GitLab Enterprise Edition
- Adds ProjectSetComplianceFramework GraphQL Mutation (merge request) GitLab Enterprise Edition
- Add timelog summary to time tracking report (merge request)
- Plug Debian SignDistributionService in GenerateDistributionService (merge request)
- Add team_short track to in-product marketing emails (merge request)
- Add Mailgun endpoint for receiving permanent failures (merge request)
- Render CSV parsing errors (merge request)
- Added state column to members table (merge request)
- Trial onboarding for trial registrations (merge request) GitLab Enterprise Edition
- Display pending user count when modifying user cap (merge request) GitLab Enterprise Edition
- Search for epics by iid if search starts with & (merge request) GitLab Enterprise Edition
- Add PyPI package endpoints for project and group path (escaped) (merge request)
- Add Debian API endpoint for deb, udeb, ... files (merge request)
- Support setting timelog summary via API (merge request)
- Geo: Add verification of snippet repositories (merge request) GitLab Enterprise Edition
- Add support for propagation correlation IDs from trusted CIDRs (merge request)
- Debian CRUD group distribution endpoints (merge request)
- Added error classes for specific backup rake task (merge request)
- Automatically resync verification failures (merge request) GitLab Enterprise Edition
- Add log count of active jobs (merge request)
- Add saml_provider_id query param to Users API (merge request) GitLab Enterprise Edition
- Add vulnerability_amount column (merge request)
- Add error tracking client key (merge request)
- Add a badge for project invite members (merge request) GitLab Enterprise Edition
- Expose security scanners in MR approval rules API (merge request) GitLab Enterprise Edition
- Add overridden_uuid column to security_findings (merge request)
- Add Jira Connect branches controller (merge request)
- Add signed_file to Debian distributions (merge request)
- Add new BulkImports endpoint to start new migration (merge request)
- Add service to sign Debian distribution (merge request)
- Implement Scheduling Logic for DAST On-demand Scheduler (merge request)
- Sync vulnerability rules (merge request) GitLab Enterprise Edition
- Add Fuzz Testing to DevOps Adoption (merge request) GitLab Enterprise Edition
- Removes
mr_collapsed_approval_rules feature flag (merge request)
- Add descendantGroups field to Group type (merge request)
- Added user_cap_reached? to Group (merge request) GitLab Enterprise Edition
- Add security scanners column into (merge request)
- Save visited URL to recent searches and update weight token list (merge request)
Fixed (137 changes)
- Resolve layout issues in notes form (merge request)
- Set db name when creating connection with new pool size (merge request)
- Project reporters can drag cards in group board (merge request)
- Added ability to create assignee list of descendants (merge request)
- Merge branch 'dreedy-fix-application_experiment-publish_to_database' into 'master' (merge request)
- Run serivce discovery on load balancing configuration (merge request)
- Fix intermittent 'branch not found' errors when pushing creates an MR (merge request)
- Fix reference pattern for iterations (merge request) GitLab Enterprise Edition
- Include all available groups as import target (merge request)
- Allow to apply issue inherited templates using URL (merge request) GitLab Enterprise Edition
- Increase spacing between buttons to 8px (merge request)
- Noop migrations containing faulty SQL regex (merge request)
- Add migration to update ultimate trial plan limits (merge request)
- Fix Security::FindingsFinder to return only the latest findings (merge request) GitLab Enterprise Edition
- Reset oncall-schedule form on cancel or close (merge request) GitLab Enterprise Edition
- Do not run refresh_member_authorized_projects callback when importing (merge request)
- Resolve todo when resolve button is clicked (merge request)
- Hide notification warning for private comments (merge request)
- Remove broken "default" storage initialiser (merge request)
- When ordering epics by title, do so case-insensitively (merge request) GitLab Enterprise Edition
- Fix spacing between dropdowns in policy editor (merge request) GitLab Enterprise Edition
- Fix: Container repository geo syncs stuck in started state (merge request) GitLab Enterprise Edition
- Use sub-batches in BackfillIntegrationsTypeNew background migration (merge request)
- Always use the newest commit in a branch for push events (merge request)
- Fix mirror repo table buttons in _mirror_repos.html.haml (merge request)
- Optimize #latest_successful_for_refs method (merge request)
- Github Importer: Ensure to fail and log imports on exceptions (merge request)
- Delete backups/tmp after restore (merge request)
- Enable the feature flag by default (merge request)
- Fix due date tooltip on milestone in sidebar (merge request)
- Add Conan to filters (merge request) GitLab Enterprise Edition
- Move audit events promo illustration and update text (merge request) GitLab Enterprise Edition
- Delete private subgroups todos when removing member (merge request) GitLab Enterprise Edition
- fix: Regenerate locale/gitlab.pot (merge request)
- Remove class to fix dark mode readability (merge request)
- Fix adding or updating vulnerability history comments (merge request)
- checks: Fix combinatorial explosion in
#commits_for() (merge request)
- Fix code block input rules (merge request)
- Fix N+1 database queries in pipeline databuilder (merge request)
- Ensure service discovery runs before results are used (merge request)
- fix: Update locale/gitlab.pot (merge request)
- Fix basic search full count load (merge request)
- Update Pikaday colors for dark mode (merge request)
- copy: Clarify gift card currency in copy (merge request)
- Fix connection search path being reset (merge request)
- Fix policy_editor environment picker (merge request) GitLab Enterprise Edition
- Hide reference path on project board cards (merge request)
- Restrict Runner.locked to project runners (merge request)
- Refactor the nuget package updater service (merge request)
- Fix UI of project topics popover (merge request)
- Handle some WebHookService errors (merge request)
- Fix group runner sort dropdown (merge request)
- Get branches from rules using rule_index for security policy (merge request) GitLab Enterprise Edition
- Fix environments regex for etag restful (merge request)
- Fix feature flag check for security policy project (merge request) GitLab Enterprise Edition
- Fix punctuation on help line (merge request) GitLab Enterprise Edition
- Fix pipeline status layout in pipeline editor (merge request)
- Fix the npm package already taken validator (merge request)
- Ensure SAML Group Sync runs anytime SAML Group Links exist (merge request) GitLab Enterprise Edition
- Delete test cases when migrating project to a free group (merge request) GitLab Enterprise Edition
- Conditionally render create project button (merge request)
- checks: Fix mismatch in
#new_commits() signature (merge request)
- Use correct fingerprint values in recalculate finding UUIDs migration (merge request) GitLab Enterprise Edition
- Fix displaying the actual plan name on the billings page (merge request) GitLab Enterprise Edition
- Refactor stop environments service (merge request)
- Fix
StoreReportService by falling back to find by location approach (merge request) GitLab Enterprise Edition
- Fix preloading unrelated associations for CommitStatus (merge request)
- Accept all 2xx HTTP responses when testing the Datadog integration (merge request)
- Refactor init logic of merge request options on project settings page (merge request)
- Enable the FF ci_modified_paths_of_external_prs (merge request)
- Code-Quality.gitlab-ci.yml: automatically clean-up docker container (merge request)
- Update min selectable number for subscription buy process (merge request) GitLab Enterprise Edition
- Make
DbCleaner and BeforeAllAdapter to support many connections (merge request)
- feat: Add one more i18n translation string (merge request)
- Fix double escaping when clicking WebIDE button (merge request)
- Fix some button border colors in dark mode (merge request)
- Reschedule
latest_pipeline_id population with all artifact types (merge request)
- feat: Fix environments survey i18n strings (merge request)
- Set
latest_pipeline_id and mark project as vulnerable first (merge request) GitLab Enterprise Edition
- Fix assignee avatar tooltip w special char names (merge request)
- Geo Node Form Regression - Realitive URLs broken (merge request) GitLab Enterprise Edition
- Fix Stickiness to Match Unleash API (merge request)
- Use new and old paths instead of just the new path for diff batching (merge request)
- Continue code quality widget polling while parsing (merge request)
- Fix empty recursive query for base_and_ancestors (merge request)
- fix: Atom feed for commit list should point to path (merge request)
- Add missing
Delete user and contributions action in admin user view (merge request)
- Replace the success btn with the confirm button (merge request)
- Run sync BuildFinishedWorker operations always before (merge request) GitLab Enterprise Edition
- Prevent weightSum to be updated on child epic fetch (merge request) GitLab Enterprise Edition
- Fix Review App Multiple Deletion API payload (merge request)
- Fix redirect loop when relative url root is blank (merge request)
- Fix backup.rake from trying to tar non-existent directories (merge request)
- Fix
Ci::Artifactable#selective_sync_scope cross-join DBs (merge request) GitLab Enterprise Edition
- Use parent integration settings when reverting from custom settings (merge request)
- Adjust documentation paths (merge request)
- Rescue stuck resource groups (merge request)
- Decode square brackets with "queryToObject" (merge request)
- Advanced Search should index trials regardless of seats (merge request) GitLab Enterprise Edition
- Validate timezone presence on schedule creation form (merge request) GitLab Enterprise Edition
- Update timeout help page URLs in job sidebar (merge request)
- Fix dates being incorrectly set on epic creation (merge request) GitLab Enterprise Edition
- Fix contribution analytics MR closed count param (merge request) GitLab Enterprise Edition
- Fix alert positioning and content for oncall schedules page (merge request) GitLab Enterprise Edition
- Delete pipeline subscriptions when migrating project to a free group (merge request) GitLab Enterprise Edition
- Remove trial suffix from plan titles that include it (merge request) GitLab Enterprise Edition
- Fix "Remove" button in Slack app integration (merge request)
- Fix :admin_compliance_framework to only be true if the user is an owner (merge request) GitLab Enterprise Edition
- Fix SAML SSO login redirects not working (merge request) GitLab Enterprise Edition
- Fix Error 500 viewing pipelines with invalid UTF-8 data (merge request)
- Map jira users for server version by 'key' attribute (merge request)
- Fix missing CSS variables in Darkmode (merge request)
- Fix whats new top positioning with system-header and performance-bar (merge request)
- GithubImporter: match user by external id only from github.com (merge request)
- Hide edit severity btn for users without permissions (merge request)
- Fix group level vulnerability permissions (merge request) GitLab Enterprise Edition
- Ignore searching in full path in GroupsFinder (merge request)
- Fix 400 errors not being logged in multipart middleware (merge request)
- Fix subgroup epic path on epic boards (merge request) GitLab Enterprise Edition
- Remove extra margin above issue navigation tabs (merge request)
- Activate correct nav item for Admin::LicensesController (merge request) GitLab Enterprise Edition
- Prevent terms from being created if blank (merge request)
- Delete PATs when transfering project to a free group (merge request) GitLab Enterprise Edition
- Fix epic tab dropdown menu overlay on mobile (merge request) GitLab Enterprise Edition
- Use the correct text for tooltip (merge request)
- Fix audit events empty space (merge request) GitLab Enterprise Edition
- Extend basic authentication detection for rate limiting (merge request)
- Fix labels dropdown causing form submission (merge request)
- Fix: Sidekiq workers delete each other's metrics (merge request)
- Drop invalid UTF-8 when displaying in job logs (merge request)
- Fix spam checking to consider updater of issue instead of author (merge request)
- Return error when moving issues between not authorized lists (merge request)
- Look up SSH keys by SHA256 fingerprint, not MD5 fingerprint (merge request)
- Skip already downloaded LFS objects in mirror updates (merge request)
- Bump gitlab-omniauth-openid-connect to v0.8.0 (merge request)
- Better links on the subscription details page (merge request) GitLab Enterprise Edition
- Allow group bot to http authenticate (merge request)
Changed (117 changes)
- Update create merge request button on last push event (merge request)
- Deprecate Secure user scan metrics (merge request) GitLab Enterprise Edition
- Move sast latest template to stable (merge request)
- Migrate epic sidebar todo button to widget (merge request) GitLab Enterprise Edition
- Remove optional languge from Compliance framework label (merge request)
- Add empty artifacts message (merge request)
- Flatten CI config rules (merge request)
- Provide more information in design version selector (merge request)
- Set immutable results to true (merge request)
- Renames the Base terraform template jobs for better scaling (merge request) GitLab Enterprise Edition
- Remove CI builds for test and staging stages in VSA (merge request)
- Update Auto DevOps' auto-deploy-image to v2.12.0 (merge request)
- Remove protocol from Dependency Proxy UI (merge request)
- Replace plain text application secret with copy button (merge request)
- Improve button layout (merge request)
- Open addon purchase in the same window (merge request) GitLab Enterprise Edition
- Remove efficient_counter_attribute flag (merge request)
- Updated message on DevOps Adoption Report (merge request) GitLab Enterprise Edition
- Move issue_type enum to WorkItem::Type base_type (merge request)
- Add group value stream metrics UI to project VSA (merge request)
- Count epics against issue creation rate limit (merge request) GitLab Enterprise Edition
- Migrate Markdown Editor toolbar buttons to GlButton (merge request)
- Change date time formatting for corpus managment (merge request)
- Global Search - Add spacing/border to code results (merge request)
- Standarize board column highlight style (merge request)
- Added linked pipelines to commit (merge request) GitLab Enterprise Edition
- Update nothing-here-block to utilize Pajamas spacing scale (merge request)
- Show due date in gray when issue is closed in issues list (merge request)
- Refactor the Ci::Minutes::Additional pack service (merge request) GitLab Enterprise Edition
- Enable ci_skip_before_parsing_yaml by default (merge request)
- Added cloneDeep to prevent mutating cache (merge request)
- Don't show due date in red on epic related issues if issue is closed (merge request)
- Deprecate build trace sections tables by renaming (merge request)
- Return API error when inviting restricted email (merge request) GitLab Enterprise Edition
- Migrate md header buttons to gl-buttons (merge request)
- Removed dependency on $ from the highlighter (merge request)
- Show tax line even when tax has zero amount (merge request) GitLab Enterprise Edition
- Update design management wording in activity feed (merge request)
- Revert Dependency Proxy permission (merge request)
- Placeholder for "Number of employees" in trial (merge request) GitLab Enterprise Edition
- Allow 10% overage for true-ups when uploading a license (merge request) GitLab Enterprise Edition
- Prepare On-Demand DAST for CI sharding initiative (merge request)
- Move DevOps Score callout to Vue (merge request)
- Change Evidence Supporting Messages to array (merge request) GitLab Enterprise Edition
- Remove feature flag (merge request)
- Make
ci_structure.sql to be equal (merge request)
- Add deployment_id to deployment payloads (merge request)
- Allow downloading archives using PRIVATE-TOKEN (merge request)
- Global Search - Track top nav searches (merge request)
- Allow licenses with a 10% overage of users for renewals (merge request) GitLab Enterprise Edition
- Render base path error based on report status (merge request)
- Backfill
type_new column on integrations (merge request)
- Configure Elasticsearch Ruby client without retry by default (merge request) GitLab Enterprise Edition
- Update copy in account recovery settings global alert (merge request)
- Allow setting of container registry visibility in project settings UI (merge request)
- Add Gitlab::GithubImport::Logger with default values (merge request)
- Expose iid in the pipelines entity (merge request)
- Added a hack to set labels (merge request)
- Update terms of service docs and UI text (merge request)
- Allow usage of severity quickaction on create (merge request)
- Implement JWT for customers-dot proxy (merge request)
- Use 'branch' icon instead of 'fork' (merge request)
- Remove dataBackground property from chart (merge request)
- Update UI help links (merge request) GitLab Enterprise Edition
- Update runner description text (merge request)
- Handle int and bigint namespaces.id column (merge request)
- copy: Update survey callout text (merge request)
- Changed the column order in the jobs table (merge request)
- Add field validations for Finding Evidence models (merge request) GitLab Enterprise Edition
- Use gitaly-backup for repository backups by default (merge request)
- Enhance UX on Environment Form with Loading Icon (merge request)
- Include retried jobs in pipeline payloads for Datadog integration (merge request)
- Expose mergeRequestCounts for Issue GraphQL type (merge request)
- Hide pull mirror update time from guest visitors (merge request)
- Use feature flag for finding links (merge request) GitLab Enterprise Edition
- Unified preloading stylesheets (merge request)
- Promote source activity as the invite email body (merge request)
- Include deployment_tier to pipeline environment hook attributes (merge request)
- Imrpove model validation when adding spent time (merge request)
- Boards sidebar design tweaks (merge request)
- Make experiments API a filter of features API (merge request) GitLab Enterprise Edition
- Add filitering by issue type in issue boards (merge request)
- Fix alt tag on participant avatars (merge request)
- Use popovers for inline code quality (merge request) GitLab Enterprise Edition
- Update UI text for CI/CD settings (merge request) GitLab Enterprise Edition
- Use gitaly-backup for repository backups by default (merge request)
- Add request and response to SupportingMessage (merge request)
- Remove DOMPurify attribute sanitization (merge request)
- Update documentation to use compliance report not compliance dashboard (merge request) GitLab Enterprise Edition
- Make vulnerability-dismissal error more descriptive (merge request) GitLab Enterprise Edition
- Increase contrast for successful pipelines in charts (merge request)
- Add labels as search token in Jira issues list (merge request) GitLab Enterprise Edition
- Add linked pipelines to component (merge request) GitLab Enterprise Edition
- ff: Remove
:list_commits feature flag (merge request)
- flags: Drop
fetch_remote_params feature flag (merge request)
- flags: Drop
update_remote_mirror_inmemory feature flag (merge request)
- Migrate Edit Environments Form to Vue (merge request)
- Sort according to the field in Dependency List (merge request) GitLab Enterprise Edition
- Show minor ellipsis when loading large blobs (merge request)
- Polish tab count and create button in test cases (merge request) GitLab Enterprise Edition
- Edit Grafana UI text in admin area (merge request)
- Add link to GitLab Changelog With Version Check (merge request)
- The readme checkbox for new projects is checked by default (merge request)
- Add linked pipelines to component (merge request)
- Move the compliance framework selector to a new expandable section (merge request) GitLab Enterprise Edition
- Skip in-product marketing emails when on trial (merge request) GitLab Enterprise Edition
- Force user to re-enter integration password (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Remove prevent_retry_of_retried_jobs feature flag (merge request)
- Add dast-runner-validation to Secure-Binaries YAML (merge request) GitLab Enterprise Edition
- Fix missing amount in Contribution Analytics (merge request) GitLab Enterprise Edition
- Migrate New Environments Form to Vue (merge request)
- Allow updating merged results pipelines and merge trains via API (merge request)
- Handle team-managed (next-gen) Jira projects (merge request) GitLab Enterprise Edition
- Remove badge cache (merge request)
- Enable writes to CI builds metadata table by default (merge request)
- Nginx: modernise TLS config (merge request)
Deprecated (2 changes)
- Deprecate sorting vulnerabilities by title in GraphQL API (merge request) GitLab Enterprise Edition
- Deprecate container_registry_enabled in projects public API (merge request)
Removed (11 changes)
- Cleanup group empty state experiment (merge request)
- Remove devops_adoption_feature feature flag (merge request)
- Remove sec_dependency_scanning_ui_enable Feature Flag (merge request)
- Remove scan_execution_policy_ui feature flag (merge request) GitLab Enterprise Edition
- Drop FF load_balancing_for_pipeline_notification_worker (merge request)
- Remove the similarity_search feature flag (merge request)
- Remove unused
Gitlab::Database::MultiThreadedMigration (merge request)
- Remove 'one_megabyte_file_size_limit' feature flag (merge request)
- Remove group invites from new user registration (merge request) GitLab Enterprise Edition
- Remove not_null constraint on project_fingerprint (merge request) GitLab Enterprise Edition
- Remove marketing email opt-in for self-managed (merge request)
Security (19 changes)
- Sanitize default branch name in repo settings (merge request)
- Add project member validation for domain limitation
- Hide project-level CI/CD Analytics for Guests
- Only allow invite to be accepted by user with matching email
- Add html escaping for default branch name
- Filter todos whose target users no longer have access to
- Configure OmniAuth to use GitLab AppLogger
- Add permissions check to pipelines#show action
- Prevent impersonation in gitlab-shell SSH certs
- Do not show email address in error message GitLab Enterprise Edition
- Disallow non-members to set issue metadata on issue create
- Prevent guests from linking issues with errors
- Block impersonation token use if it is not permitted
- Fix Protected Environment Accesses Cleanup GitLab Enterprise Edition
- Updates oauth to 0.5.6
- Remove impersonation token from api response for non-admin user
- Use oauth_app id instead of uid GitLab Enterprise Edition
- Restrict access to instance-level security features for reporters GitLab Enterprise Edition
- Fix XSS in Mermaid Markdown rendering
Performance (23 changes)
- Use common namespace ancestor queries (merge request)
- Do not use subtransactions when updating ci minutes usage (merge request)
- Avoid subtransaction in UserInteractedProject (merge request)
- Reduce N+1 Gitaly queries when publishing multiple draft notes (merge request)
- Memoize namespace monthly usage to reduce SQL queries (merge request)
- Include database load balancing for Deployments HooksWorker (merge request)
- Use default project filter for issue/merge request project searches (merge request)
- Improve raw blobs downloading (merge request)
- Use common namespace ancestor queries (merge request)
- Query multiple group descendants at once (merge request)
- Use new service to refresh authorizations of project members (merge request)
- Cache commit stats for a single commit (merge request)
- Query ActiveRecord::Relation descendants (merge request)
- checks: Speed up retrieving commits via quarantine directory (merge request)
- Reduce Markdown cache updates during deploy (merge request)
- Query ActiveRecord::Relation descendants (merge request)
- Reduce repaints on blame page (merge request)
- geo: Pass authentication header via
#fetch_remote (merge request) GitLab Enterprise Edition
- Disable creating user mentions during import (merge request)
- Remove flag guarding batched computation of changes size (merge request)
- Move merge-request merge_pipeline to cached_widget (merge request)
- Optimize scanning for references process (merge request)
- Move versions icon to CSS (merge request)
Other (87 changes)
- Make commit and design user mention indexes unique (merge request)
- Add index on historical_data (recored_at) to improve queries (merge request)
- Fix and reschedule background migration (merge request)
- Finalize conversion of ci_stages.id to bigint (merge request)
- Reschedules migration for uuid recalculation (merge request)
- Remove pipelineGraphLayersView feature flag (merge request)
- Pass **kwargs to the conn. for LB defined methods (merge request)
- Remove subscribable_subscription_banner flag (merge request) GitLab Enterprise Edition
- Finalize conversion to bigint for ci_sources_pipelines (merge request)
- Remove
ci_skip_before_parsing_yaml FF (merge request)
- Cleanup invalid membership invites (merge request)
- Rename GraphQL query resource from "instanceDashboard" to "instance" (merge request) GitLab Enterprise Edition
- Disable updating the historical vulnerability statistics by default (merge request) GitLab Enterprise Edition
- Rename strip_attributes method (merge request)
- Updating the description for ecosystem metric (merge request)
- Add ResetJobTokenScopeEnabledAgain migration (merge request)
- Remove by default enabled feature flag (merge request)
- Remove docs redirects raketask (merge request)
- Remove pipelineGraphLayersView feature flag (merge request)
- Remove jira_issue_association_on_merge_request feature flag (merge request) GitLab Enterprise Edition
- Finalize ci_job_artifacts conversion to bigint (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Include Puma worker PID in structured log (merge request)
- Denormalize ci_builds into security_scans (merge request) GitLab Enterprise Edition
- Bump factory_bot_rails for Ruby3 support (merge request)
- Additional namespace validation for AdditionalPack (merge request) GitLab Enterprise Edition
- Finalize job_id conversion to bigint for ci_job_artifacts (merge request)
- Use text links in MR approval settings section of UI (merge request) GitLab Enterprise Edition
- Remove jira_connect_create_branch feature flag (merge request)
- Refactor documentation links for SP disabled (merge request) GitLab Enterprise Edition
- Swap multiple_database_metrics FF for env var (merge request)
- Update limitations of members API docs (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" GitLab Enterprise Edition
- Remove runner_list_view_vue_ui feature flag (merge request)
- Update internal API docs (merge request)
- Finalize conversion to bigint for ci_builds_runner_session (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
- Finalize conversion to bigint for push_event_payloads (merge request)
- Finalize conversion to bigint for ci_build_needs (merge request)
- Refine Documentation pages URL UI and documentation (merge request) GitLab Enterprise Edition
- Prepare indexes for bigint column conversions (merge request)
- Revise UI text for PlantUML settings (merge request)
- Follow-up pass for renaming Usage Ping/Data (merge request)
- Finalize converting deployments to bigint (merge request)
- Remove the FF ci_wildcard_file_paths (merge request)
- Revise admin area Pages settings UI (merge request)
- Remove feature flag related to valid hosts list (merge request)
- Refactor timezone UI and documentation (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- For consistency do not use CSS calc for simple calculation of margin-top (merge request)
- Remove unused code (merge request) GitLab Enterprise Edition
- Reschedule Delete Orphaned Deployments BG migration (merge request)
- Finalize conversion to bigint for push_event_payloads (merge request)
- Finalize conversion to bigint for ci_build_trace_chunks (merge request)
- Remove
gitlab_subscription_future_renewal feature flag (merge request) GitLab Enterprise Edition
- Remove dast_configuration_ui feature flag (merge request) GitLab Enterprise Edition
- Fix the offenses introduced by Style/RegexpLiteralMixedPreserve (merge request) GitLab Enterprise Edition
- Removes unused gitorious logos (merge request)
- Revised Package Registry settings text (merge request)
- Revert backfill on ci_build_trace_sections (merge request)
- Clean up evalute_protected_tag_for_release_permissions feature flag (merge request)
- Update service ping metric implementation guidelines (merge request)
- Add tracking events for the dependency proxy (merge request)
- Remove redundant indexes for devops adoption (merge request)
- Add area of focus to members (merge request)
- Fix up the docs warning detected by the vale latin term rule (merge request)
- Update help text in runner update form (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Log when a container repository is selected (merge request)
- Expose init aux viewer (merge request)
- Remove service templates (merge request)
- Remove merge_request_draft_filter feature flag (merge request)
- Remove unused cluster application logos (merge request)
- Update GitLab Runner Helm Chart to 0.31.0 (merge request)
- Revise UI text for Kroki settings (merge request)
- Add Chrome to Jira connect working browsers (merge request)
- Refactor polling interval multiplier configuration UI and docs (merge request)
- Add helpful text to URL group validation and limit text (merge request) GitLab Enterprise Edition
- Refactor external storage admin area configuration UI and docs (merge request)
14.1.8 (2021-11-15)
Fixed (1 change)
- Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
Changed (4 changes)
- Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
- Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition
14.1.7 (2021-09-30)
Security (28 changes)
- Require password param for 2FA changes (merge request)
- Fix permissions check on project members import (merge request)
- Respect disabled import sources when initiating import via API (merge request)
- Return 404 if model id wasn't passed to UploadsController (merge request)
- Scrub artifacts signed URL in SendEntry logs (merge request)
- Prevent double-impersonation and impersonation breakout (merge request)
- Clear session access tokens when starting/stopping impersonation (merge request)
- Use validated URL when sending request to Gitea Importer (merge request)
- Fix XSS in Jira link (merge request) GitLab Enterprise Edition
- Fix fogbugz importer DNS Rebind SSRF (merge request)
- Remove related project access tokens when a project is deleted (merge request)
- Require group admin access to list pending invites (merge request)
- Do not export and import repository_size_limit (merge request)
- Escapes MR approval rule names correctly (merge request)
- Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
- Require access token for git when 2fa is required (merge request)
- Disable exporting pipeline triggers on project export (merge request)
- Add pagination to dependencies API (merge request) GitLab Enterprise Edition
- Permission check issuable template API data (merge request) GitLab Enterprise Edition
- Apply account locking to password reset page (merge request)
- Enforce configured scopes for Oauth applications (merge request)
- Verify state before using errors from OAuth2 OmniAuth providers (merge request)
- Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
- Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
- Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
- Fix GFM autocomplete xss (merge request)
- Prohibit anonymous access for specific user API endpoint (merge request)
- Fix denial-of-service attack in Markdown parser (merge request)
14.1.6 (2021-09-27)
Fixed (1 change)
- Fix Elastic::MigrationWorker current_migration (2nd attempt) (merge request) GitLab Enterprise Edition
14.1.5 (2021-09-02)
Fixed (1 change)
- Geo: Replicate multi-arch containers (merge request) GitLab Enterprise Edition
14.1.4 (2021-08-31)
Security (8 changes)
- Update apollo_upload_server dependency (merge request)
- Ensure shared group members lose project access after group deletion (merge request)
- Fix stored XSS vulnerability in Datadog settings form (merge request)
- Inherit user external status while creating project bots (merge request)
- Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
- Require sign in for .keys endpoint on non-public instances (merge request)
- Only create jira connect NS subscriptions for admins (merge request)
- Prevent non-admins from configuring Jira connect app (merge request)
14.1.3 (2021-08-17)
Fixed (2 changes)
- Geo 2.0 Regression - Add ability to remove primary (merge request) GitLab Enterprise Edition
- [RUN AS-IF-FOSS] AS Fix SAML SSO login redirects not working (merge request) GitLab Enterprise Edition
Changed (1 change)
14.1.2 (2021-08-03)
Security (19 changes)
- Add project member validation for domain limitation (merge request)
- Hide project-level CI/CD Analytics for Guests (merge request)
- Only allow invite to be accepted by user with matching email (merge request)
- Add html escaping for default branch name (merge request)
- Configure OmniAuth to use GitLab AppLogger (merge request)
- Add permissions check to pipelines#show action (merge request)
- Prevent impersonation in gitlab-shell SSH certs (merge request)
- Fix Protected Environment Accesses Cleanup (merge request) GitLab Enterprise Edition
- Use oauth_app id instead of uid (merge request) GitLab Enterprise Edition
- Block impersonation token use if it is not permitted (merge request)
- Fix XSS in Mermaid Markdown rendering (merge request)
- Do not show email address in error message (merge request) GitLab Enterprise Edition
- Updates oauth to 0.5.6 (merge request)
- Fix tag ref detection for pipelines (merge request)
- Disallow non-members to set issue metadata on issue create (merge request)
- Prevent guests from linking issues with errors (merge request)
- Filter todos whose target users no longer have access to (merge request)
- Remove impersonation token from api response for non-admin user (merge request)
- Restrict access to instance-level security features for reporters (merge request) GitLab Enterprise Edition
14.1.1 (2021-07-28)
Added (1 change)
Fixed (3 changes)
- Prevent terms from being created if blank (merge request)
- Fix: Sidekiq workers delete each other's metrics (merge request)
- Resolve "Bulk dismissal checkboxes don't appear on group vulnerability report" (merge request) GitLab Enterprise Edition
Other (1 change)
14.1.0 (2021-07-21)
Added (123 changes)
- Add ability to set
squash_option in the Project API (merge request)
- Add ref to pipeline graphql schema (merge request)
- Upsell the GitLab Managed Terraform state if the repo contains
.tf files (merge request)
- Add mailgun endpoint for receiveing permanent failures (merge request)
- Add error tracking collector (merge request)
- Add Vulnerability Management metric for Devops Adoption API (merge request)
- Allow immediate deletion of projects (merge request) GitLab Enterprise Edition
- Make database changes to persist false_positive information (merge request)
- Added user_cap to setting update service (merge request)
- Audit successful GPG key creation and removal (merge request) GitLab Enterprise Edition
- Enable sidekiq load balancing by default (merge request)
- Add Pipeline Editor branch selector (merge request)
- Introduce multiple oncall schedules feature (merge request) GitLab Enterprise Edition
- Track secure scans (merge request) GitLab Enterprise Edition
- Redirect to the new default branch from a deleted default branch (merge request)
- Add button to insert images in content editor (merge request)
- Add support for rendering tables in content editor (merge request)
- Release the Helm charts registry (merge request)
- Allow configuring Redis trace chunks instance (merge request)
- Add warning when import url does not ends with .git (merge request)
- Adds ID to group, stage, and detailed status (merge request)
- Removed the compliance_dashboard_drawer feature flag (merge request) GitLab Enterprise Edition
- Upgrade GitLab Pages to 1.41.0 (merge request)
- Enable GraphQL Runner API (merge request)
- Add Collected Data Categories Service Ping metric (merge request)
- Show progress of an epic on epic board cards (merge request) GitLab Enterprise Edition
- Add graphql mutation to enable dependency scanning (merge request) GitLab Enterprise Edition
- Enable sec_dependency_scanning_ui_enable by default (merge request) GitLab Enterprise Edition
- Add policy type filter (merge request) GitLab Enterprise Edition
- Adds audit event when compliance framework changed (merge request) GitLab Enterprise Edition
- Allow copying Epic reference from sidebar (merge request) GitLab Enterprise Edition
- Audit successful key destroy action (merge request) GitLab Enterprise Edition
- Add observability to Snowplow tracking (merge request)
- Support providing kind to internal Network Policies edit API (merge request) GitLab Enterprise Edition
- Add Running Container Scanning CI Template (merge request) GitLab Enterprise Edition
- Add pause and resume to background migrations (merge request)
- Display Helm packages in the package registry (merge request)
- Feat(Blob): Add CSV render support for Blob Viewer (merge request)
- Added user_cap column to namespace_settings (merge request)
- Wiki repositories use default branch when creating the repo (merge request)
- Allow sort by popularity for issues via GraphQL (merge request)
- Allow sort by blocking issues via GraphQL (merge request) GitLab Enterprise Edition
- Expose GraphQL query complexity score (merge request)
- Extend NetworkPolicy GraphQL API with
Environments field (merge request) GitLab Enterprise Edition
- Remove ff_external_status_checks feature flag (merge request) GitLab Enterprise Edition
- Accept GitHub source highlight URL argument format (merge request)
- Add emoji name to tooltip (merge request)
- Do not export certain models when using Relations Export API (merge request)
- Add Coverage fuzzing to DevopsAdoption API (merge request)
- Extend Plan limits API with
terraform_module_max_file_size (merge request)
- Add dependency scanning to DevopsAdoption API (merge request)
- Add Bulk Imports API to view user initiated imports (merge request)
- Allow sort and expose expired field for milestones (merge request)
- Add group-level DORA metrics to GraphQL endpoint (merge request) GitLab Enterprise Edition
- Make the variable type for the GitLab CI secret configurable (merge request) GitLab Enterprise Edition
- Add GitLab revision to Prometheus metric (merge request)
- Add project-level DORA metrics to GraphQL endpoint (merge request) GitLab Enterprise Edition
- Remove project from Job Token Scope via GraphQL (merge request)
- Add timezone to web operations (merge request)
- Add CIJobToken project allow list resolver (merge request)
- Add ability to search for cluster image scanning jobs (merge request) GitLab Enterprise Edition
- Add target branch in pipeline editor for blank projects (merge request)
- Add jobCount and projectCount to GraphQL CiRunner (merge request)
- Remove gitlab_experiment_middleware feature flag (merge request)
- Add instance-level audit event when admin status changes (merge request) GitLab Enterprise Edition
- Add link to admin area on project view and group view (merge request)
- Add support for legacy blob viewers (merge request)
- Preserve user authorship during bulk imports (merge request)
- Add usage ping features frontend checkboxes (merge request)
- Remove kubernetes_agent_on_gitlab_com feature flag (merge request)
- Add system note when escalating to users (merge request) GitLab Enterprise Edition
- Remove project_finder_similarity_sort feature flag (merge request)
- Track usage data for Network Policies UI (merge request) GitLab Enterprise Edition
- Add compliance_frameworks_with_pipeline to usage ping (merge request) GitLab Enterprise Edition
- Remove ci_quota_check_on_retries feature flag (merge request) GitLab Enterprise Edition
- Add scan execution policies to the policy list (merge request) GitLab Enterprise Edition
- Allow passing PAT name and scopes via the URL (merge request)
- Add summary to timelogs (merge request)
- Allow specifying an access level for Project Access Tokens (merge request)
- Send purchase source to customers API (merge request) GitLab Enterprise Edition
- Sync destruction between requirements and issues (merge request) GitLab Enterprise Edition
- Add CI/CD templates picker for empty pipelines page (merge request)
- Save last_synced_at on licenses table (merge request)
- Add validate account button on CI/CD shared runners page (merge request) GitLab Enterprise Edition
- Relate issues and requirements (merge request)
- Add present_on_default_branch to Vulnerabilites (merge request)
- Helm charts index API endpoint (merge request)
- Add backup logger class (merge request)
- Add configuration for locating gitaly-backup (merge request)
- Adding raw_plain_data type to snippets (merge request)
- Allow to query discussion design on GraphQL (merge request)
- Converts the diff row component into a functional component (merge request)
- Add
state argument for the PipelineSecurityReportFindingsResolver (merge request) GitLab Enterprise Edition
- Add NOT filtering to epic roadmap filtered search (merge request) GitLab Enterprise Edition
- Show access level of Project Access Token in UI and API (merge request)
- Add CI variable CI_MERGE_REQUEST_APPROVED (merge request) GitLab Enterprise Edition
- Add compliance framework label to compliance dashboard (merge request) GitLab Enterprise Edition
- Display Feature Flags Related to Issues (merge request) GitLab Enterprise Edition
- Update styling on policy editor page (merge request) GitLab Enterprise Edition
- Remove ci_drop_new_builds_when_ci_quota_exceeded feature flag (merge request) GitLab Enterprise Edition
- Adds sha argument to lint (merge request)
- Add Debian API endpoint for Packages files (merge request)
- Add option to order epics by title on list page (merge request) GitLab Enterprise Edition
- Add wal cached counter metric (merge request)
- Accept repository_update_events in SystemHooks API (merge request)
- Added omniauth_user check when verifying user cap GitLab Enterprise Edition
- Add the ability to deep link into group/project member tabs (merge request)
- Allow changing AdditionalPack namespace (merge request) GitLab Enterprise Edition
- BulkImports: Import Group Avatar (merge request)
- Allow admins to limit registration of project and group runners (merge request)
- Populate
latest_pipeline_id values for vulnerability_statistics (merge request) GitLab Enterprise Edition
- Add support for horizontal rule in content editor (merge request)
- Add state of merge request diff to the entity (merge request)
- Associate Build with DAST Site and Scanner profile (merge request)
- Show pronouns in user popover (merge request)
- Create API to update upcoming reconciliations (merge request) GitLab Enterprise Edition
- Add layout for "first mile" (merge request)
- Adds status to StageType in gql (merge request)
- Expose SAST & DAST devops adoption metrics (merge request) GitLab Enterprise Edition
- Allow sorting by title in REST/GraphQL API (merge request) GitLab Enterprise Edition
- Add in-product marketing emails (merge request)
- Commit registration invite page to product (merge request)
- Support specifying a milestone for MR via push options (merge request)
Fixed (150 changes)
- Fix error when creating or deleting a board list (merge request)
- Skip LFS fragment on redirect (merge request)
- Fix scanner comparison error (merge request)
- Fix background color of markdown code in dark mode (merge request)
- Fix transposed rows and cols (merge request)
- Fix wiki repositories with wrong HEAD (merge request)
- Fix public selection of pages permissions (merge request)
- Geo: Replicate the HEAD ref (merge request) GitLab Enterprise Edition
- Remove useless delete button in group settings (merge request) GitLab Enterprise Edition
- Allow cleartext communication with KAS in production (merge request)
- Automatically create integration webhooks when missing (merge request)
- Fix snippet url helper when repository is not present (merge request)
- Adjust Groups API call used in Search Group Projects select (merge request)
- Fix snippets display issues on mobile devices (merge request)
- Fixed the header color in fly-outs for Dark mode (merge request)
- Fixed association between Finding, Finding Links (merge request) GitLab Enterprise Edition
- Correct check for displaying SubEpic counts on boards (merge request) GitLab Enterprise Edition
- Preload correct latest test report for requirements (merge request)
- Fix "Confirm user" button on tabs other than "Account" (merge request)
- Add trigger_source for empty page tracking event (merge request)
- Fix GET requests from graphql client when using relative url (merge request)
- Ensure pages visibility levels are correct (merge request)
- Fix the write permission of the Releases with Protected Tag (merge request)
- Fix labelFilterParam value in issuable_list_root (merge request) GitLab Enterprise Edition
- Fix filePath not being stored in GraphQL log tree cache (merge request)
- Fix user popovers in design management discussions (merge request)
- Update confirmation button text in edit modals (merge request) GitLab Enterprise Edition
- Revert to use merge requests count for group view (merge request)
- Remove transaction when migrating diff commits (merge request)
- Replace
deprecated_project_avatar in create_issue_form.vue (merge request) GitLab Enterprise Edition
- Fix validation method regarding MIME type keys (merge request)
- Replace the success btn to the confirm btn in the preferences page (merge request)
- Use ProjectAvatar in
frequent_items_list_item.vue (merge request)
- Strip whitespace from GraphQL queries using GET (merge request)
- Make job_token_scope_enabled project setting false by default (merge request)
- Use namespaced security report type for Cluster Image Scanning (merge request) GitLab Enterprise Edition
- Fix race condition on container repository create (merge request)
- Fix WebIDE image being base64 (merge request)
- Fix Issue check_for_spam? for bots (merge request)
- Fix scan execution policy selection (merge request) GitLab Enterprise Edition
- Advanced Search: Fix inaccessible ES server error (merge request) GitLab Enterprise Edition
- Migrate drawer titles to title slot (merge request)
- Fix timebox charts events computing (merge request) GitLab Enterprise Edition
- Fix bug in DORA GraphQL endpoint (merge request) GitLab Enterprise Edition
- Correctly positioned the is-above flyouts (merge request)
- Add another guard clause to password_expired_if_applicable (merge request)
- Allow Bulk Import to use relative GitLab URL (merge request)
- Hide Renew button if less than 15 days for term end date (merge request) GitLab Enterprise Edition
- Fix default url for Monitor sidebar menu (merge request)
- Fix vulnerability report filter dropdown button text truncation (merge request) GitLab Enterprise Edition
- Fixed broken ui link (merge request)
- Fix icon size for usage quotas and billing (merge request) GitLab Enterprise Edition
- Fix LFS objects not downloading from Bitbucket (merge request)
- Fix CAPTCHA modal for setting issue non-confidential (merge request)
- Fix typo for dismissible (merge request)
- Display correct label for named-list report types (merge request) GitLab Enterprise Edition
- Handle git exceptions in wiki create and update services (merge request)
- Do not create audit event for failed logins on read-only DB (merge request) GitLab Enterprise Edition
- Fix git clone for projects with a trailing dot over HTTP (merge request)
- Always encode group path for labels API (merge request) GitLab Enterprise Edition
- Return empty strings for Jira links when URL is not set (merge request)
- Fix pipeline count on merge request tab (merge request)
- Define deduplication strategy in Resource Group Worker (merge request)
- Allow users to setup Jenkins without username (merge request)
- Hide group-level DORA charts if not licensed (merge request) GitLab Enterprise Edition
- Fix uninitialized constant Audit::UpdateService (merge request) GitLab Enterprise Edition
- Add prefix to autocomplete path (merge request)
- Fix cache update for schedules and policies (merge request) GitLab Enterprise Edition
- Fix WebIDE dropdown background color (merge request)
- Add option to force notification on expired subscriptions (merge request) GitLab Enterprise Edition
- Fix alignment issues (merge request)
- Reduce noisy code quality diff errors on MR page (merge request) GitLab Enterprise Edition
- Only disable pause indexing when migration running needs indexing paused (merge request) GitLab Enterprise Edition
- Fix caching for pagination headers (merge request)
- Catch Git::CommandError in Branches::CreateService (merge request)
- Bugfix: Disable the ability from the FE to use Approver != in MR search (merge request)
- Raise the error when repository storage move fails (merge request)
- Fix PopulateLatestPipelineIds background migration (merge request) GitLab Enterprise Edition
- Add license check to status checks rendering (merge request) GitLab Enterprise Edition
- Fix create issue dropdown button wrapping (merge request)
- Fix plans cards width on lg screens (merge request) GitLab Enterprise Edition
- Return issue feedback from loader when there is no issue link (merge request) GitLab Enterprise Edition
- Fix deploy keys not working with LFS auth check (merge request)
- Fix review-bar-component height (merge request)
- Use small ellipsis button in DAST saved scans and profiles (merge request) GitLab Enterprise Edition
- Update a user highest role when removed from group (merge request)
- Fix wiki encoding error creating event (merge request)
- Update connect_instance_spec.rb (merge request)
- Default cableBackend to authBackend (merge request)
- Fix double scrollbar in some dropdowns (merge request)
- Wrap Labels and Members menu items with access levels checks (merge request)
- Takes per page setting into account when paginate (merge request)
- Show create-jira-issue when gitlab issues disabled (merge request) GitLab Enterprise Edition
- Guard Compliance CI evaluation against blank path (merge request) GitLab Enterprise Edition
- Skip saving the diffs whitespace setting if the user isn't logged in (merge request)
- Fix Group avatar API endpoint (merge request)
- Allow nil for remaining ci cd settings (merge request)
- Fix 2FA Download codes button (merge request)
- Fix breadcrumbs and page title for 2FA page (merge request)
- Fix return codes for getting an inexisting release (merge request)
- Show the default "default branch" in the API for empty projects (merge request)
- Persist Direct Asset Path on Release Updates (merge request)
- Fix svg logos for empty pipeline templates (merge request)
- Ensure displayNamespaceID is included (merge request) GitLab Enterprise Edition
- Drone hook API endpoint (merge request)
- Fix NuGet installs with symbol packages (merge request)
- Change PHP template for PHP 8 (merge request)
- Update embedded snippet file links to open in new tab (merge request)
- Fix typo with credit card (merge request) GitLab Enterprise Edition
- Fix error when loading incident issue with alert (merge request)
- Fix state value in the lfs_object_registry table (merge request) GitLab Enterprise Edition
- Fix broken Time Tracking Reports on Issuables (merge request)
- Fix frequent items timestamps not updated (merge request)
- Fix bug where Milestone page led to console error (merge request)
- Include hours into elapsed time in jobs (merge request)
- Fix retry-lock problem on pipeline cancel (merge request)
- Fix link for commit-type security report items (merge request) GitLab Enterprise Edition
- Fix submit button not being clickable (merge request) GitLab Enterprise Edition
- Fix top position on board sidebar (merge request)
- Carry line_range info forward on unchanged positions (merge request)
- Force ASCII-8BIT encodings in CI job trace (merge request)
- Fix pages deployment storage migration (merge request)
- Show warning when files are hidden in an MR (merge request)
- Allow ancestor milestones to be set to an MR via push options (merge request)
- Group Avatar API: ensure to send the remote filename (merge request)
- Bump the sys-filesystem version to prevent errors in System Info (merge request)
- Fix missing attributes on token audit events (merge request) GitLab Enterprise Edition
- Fix Zuora frame size after client-side error (merge request) GitLab Enterprise Edition
- Fix infrastructure menu link to the first visible menu item (merge request)
- Upgrade omniauth-azure-activedirectory-v2 to v1.0.0 (merge request)
- GithubImporter: Avoid failing when PullRequest has empty body (merge request)
- Update margin-left on widget attachment to match content start (merge request)
- Allow Projects with Freeze Periods to be Deleted (merge request)
- Fix expiring subscription message on subgroups (merge request) GitLab Enterprise Edition
- Constraint status checks to protected branches (merge request) GitLab Enterprise Edition
- Enable deep linking on environments page for tabs (merge request)
- Fix sidekiq:migrate_jobs tasks in production mode (merge request)
- Fix a bug where the displayNamespaceId (merge request) GitLab Enterprise Edition
- Remove add button from Devops Adoption (merge request) GitLab Enterprise Edition
- Create close issue event on issue move (merge request) GitLab Enterprise Edition
- Fix missing "Clear" button on namespace search (merge request)
- Remove disable_composer_callback feature flag (merge request)
- Fix group avatar API (merge request)
- Fix environment folder broken layout (merge request)
- Fix redirection for DAST Scanner Profile (merge request) GitLab Enterprise Edition
- Fix visibility of issue enforcement setting (merge request) GitLab Enterprise Edition
- Fix too many redirects during Geo check task (merge request) GitLab Enterprise Edition
- Format network policies update time (merge request) GitLab Enterprise Edition
- Use user permissions (merge request)
- Display license start date without special format (merge request) GitLab Enterprise Edition
Changed (137 changes)
- Move admin user actions from cards to a dropdown (merge request)
- Use configured browser locales for date formatting (merge request)
- Update GraphQL project type field container_registry_enabled (merge request)
- Enable load balancing for Jira Connect workers (merge request)
- ContainerRepositoriesFinder now checks container registry visibility (merge request)
- Drop support for Safari 13.0 (merge request)
- Add Finding Evidence Assets (merge request)
- Search epic by title in issues (merge request)
- Migrate Add To Do button to widget (merge request)
- Makes the feature_name field for UserCallout nullable (merge request)
- Add a runner cost factor for new public projects (merge request) GitLab Enterprise Edition
- Create environment column in policies list (merge request) GitLab Enterprise Edition
- Filter service ping payload by category (merge request)
- Schedule MergeRequestCleanupRefsWorker more efficiently (merge request)
- Update urlParams on Jira issues list page (merge request) GitLab Enterprise Edition
- Remove snippet_spam feature flag (merge request)
- Update DevOps Score doc and callout (merge request)
- Add sort by popularity to issues (merge request)
- Rename project / group removal to deletion (merge request) GitLab Enterprise Edition
- Swimlanes - Fetch more epics button (merge request)
- Change style of add button on License Compliance page (merge request) GitLab Enterprise Edition
- Change success color (merge request)
- Optimized blob view loading in repository (merge request)
- Require encryption on builds tokens (merge request)
- GithubImporter: Count fetched/import objects globally and by project (merge request)
- Improve Error Tracking models (merge request)
- Ignore cloud_license_enabled in ApplicationSetting (merge request) GitLab Enterprise Edition
- Extracted Admin E-mail notification code from EE to core (merge request)
- Update Admin Area's Runner Details Page UI (merge request)
- Add upvotes_count to issues (merge request)
- Update Admin Area's Runners Page UI (merge request)
- Increment DAST_VERSION in on-demand DAST template (merge request) GitLab Enterprise Edition
- Update the Discord integration embed (merge request)
- Update UI text for CI token scope setting (merge request)
- Optimised the hash retrieval from URL (merge request)
- Update warnings for ci minute quotas (merge request) GitLab Enterprise Edition
- Update gitlab-labkit to v0.20.0 (merge request)
- Update requirement import modal to show focus (merge request) GitLab Enterprise Edition
- Mask runner registration (merge request)
- Update DAST version for offline environments (merge request) GitLab Enterprise Edition
- Add Finding Evidence Supporting Messages (merge request)
- Update buildkite.rb (merge request)
- Use load balancing for Jira Connect workers (merge request)
- Start reading project_features.container_registry_access_level (merge request)
- Rearrange milestone form (merge request)
- Update license compliance icons (merge request) GitLab Enterprise Edition
- Improve consistency of admin user dropdown actions (merge request)
- Remove cloud_license_enabled application setting (merge request) GitLab Enterprise Edition
- Remove date from Seat Link data fields (merge request) GitLab Enterprise Edition
- Update dot style for DORA lead time graphs (merge request) GitLab Enterprise Edition
- Schedule devops adoption calculation only for pending namespaces (merge request) GitLab Enterprise Edition
- Move "Show latest version" button to the left (merge request)
- Allow wiki pages to be empty (merge request)
- Bump Nokogiri from v1.11.4 to v1.11.5 (merge request)
- Log and advise about push-rule-rejected commit (merge request) GitLab Enterprise Edition
- Update supported browser versions (merge request)
- Merge branch '334976-fix-misleading-upgrade-cta-jira-issues' into 'master' (merge request)
- Update timestamp fields to Standard (merge request)
- Update copy and type for sync subscription banner (merge request)
- Upgraded Monaco to 0.25.2 (merge request) GitLab Enterprise Edition
- Reintroduce lfs_link_existing_object feature flag (merge request)
- Show 'Delete' button to developers in Wiki (merge request)
- Switch back to pg_query (merge request)
- Use Gitaly long timeout for resolving conflicts (merge request)
- Add upvotes field to issues index (merge request) GitLab Enterprise Edition
- Identicon - Align GitLab UI Colors (merge request) GitLab Enterprise Edition
- Update color scheme of createFlash (merge request)
- Fix misleading upgrade CTA in Jira configuration (merge request)
- Sort fork form namespaces alphabetically (merge request)
- Present error when DAST profile not found (merge request)
- Add selected to description (merge request)
- Remove the sec_secret_detection_ui_enable feature flag (merge request) GitLab Enterprise Edition
- Block external pull mirrors for forks (merge request)
- DRY deactivate dormant user worker spec (merge request)
- Fix sorting bug in dependency list (merge request) GitLab Enterprise Edition
- Create or update a cloud license on sync/activate (merge request) GitLab Enterprise Edition
- Truncate body length (merge request) GitLab Enterprise Edition
- Update dictionary renderer to include data category (merge request)
- Add policy type column (merge request) GitLab Enterprise Edition
- Trial CTA source split (merge request) GitLab Enterprise Edition
- Change the number of pipelines per page to 15 (merge request)
- Revise the navbar to use sentence case (merge request)
- Update status column in Threat Monitoring (merge request) GitLab Enterprise Edition
- Bump import job status expiration to 24h (merge request)
- Promote new_repo experiment (merge request)
- Re-named the remaining EditorLite files (merge request)
- Update compliance dashboard empty state (merge request) GitLab Enterprise Edition
- Polish formatted_stage_count for analytics (merge request)
- VSA: Change item count to 1000+ (merge request) GitLab Enterprise Edition
- Move Scan PORO to CE [RUN AS-IF-FOSS] (merge request)
- Enable ci_job_trace_force_encode feature flag by default (merge request)
- Move migration to a pre-deployment migration (merge request) GitLab Enterprise Edition
- Remove access request controls in admin area (merge request)
- Revise UI text for third-party offers (merge request)
- Add documentation for billable member sorting (merge request)
- Add confirmation modal to "Sync now" LDAP button (merge request) GitLab Enterprise Edition
- Add correct extension to dotnet CI template (merge request)
- Rename ci examples readmes to index (merge request)
- Update copy for DAST code snippet modal (merge request) GitLab Enterprise Edition
- Add source version check to Bulk Import (merge request)
- Fix deprecated GlIcon size and property (merge request)
- Rename usage ping to service ping (merge request)
- Use minimal layout in trial flow (merge request)
- Fix admin mode when authenticating with LDAP (merge request)
- Simplify the sign in page after confirmation (merge request)
- Enable FF ci_reset_bridge_with_subsequent_jobs by default (merge request)
- Sort milestones by due date in filtered search (merge request)
- Add searchability to ci template dropdown (merge request) GitLab Enterprise Edition
- Remove deprecated API elements (merge request)
- Remove unncessary type options (merge request)
- Migrate top-centered toasts to bottom-left (merge request) GitLab Enterprise Edition
- Upgrade @gitlab/ui to v30.0.0 (merge request)
- Remove web_hooks_rate_limit feature flag (merge request)
- Default-enable :update_remote_mirror_inmemory feature flag (merge request)
- Default-enable :fetch_remote_params feature flag (merge request)
- Remove the regulated tab from compliance frameworks list (merge request) GitLab Enterprise Edition
- Move Debian regexp to ::Packages::Debian (merge request)
- Add Pending Alert Escalations table (merge request)
- Add parameters to in app purchase links (merge request)
- Search: add ability to sort epics (merge request) GitLab Enterprise Edition
- Support repository moved message with all container types (merge request)
- Allow billable member sorting by last activity (merge request) GitLab Enterprise Edition
- Render confidential icon in epic tree for epics (merge request)
- Sort epic list in issue sidebar by title (merge request) GitLab Enterprise Edition
- GithubImporter: Count and log each object imported (merge request)
- Standardize UI text for protected branches and protected tags (merge request)
- Allow to promote confidential issues into confidential epics (merge request)
- Sort by similarity in Search Group's Project dropdown (merge request)
- Refactor db selection in SidekiqServerMiddleware (merge request)
- Renamed EditorLite to SourceEditor (merge request) GitLab Enterprise Edition
- Remove job dependency for Vulnerability-Check (merge request) GitLab Enterprise Edition
- Reduce horizontal padding in new top nav (merge request)
- Add descriptions for EpicStateEnum (merge request) GitLab Enterprise Edition
- Relabel access token fields (merge request)
- Pajamas-compliant dismiss button for HAML alerts (merge request)
- Add validation to additional pack purchase_xid (merge request) GitLab Enterprise Edition
- Use standard filter for scanner filter on non-project level vuln report (merge request) GitLab Enterprise Edition
Deprecated (1 change)
Removed (24 changes)
- Remove securityScansSucceeded from DevOps Adoption (merge request) GitLab Enterprise Edition
- Remove old license page logic (merge request) GitLab Enterprise Edition
- Remove trace_memory_allocations FF (merge request)
- Undo CTE fix for PG11 (merge request)
- Delete framework column from project_compliance_framework_settings (merge request)
- Removed ff sidebar_refactor from views (merge request)
- Remove productivity_analytics_scatterplot flag (merge request) GitLab Enterprise Edition
- Remove cycle analytics scatterplot ff (merge request) GitLab Enterprise Edition
- Remove the approvals_commented_by feature flag (merge request)
- Remove the use_workhorse_s3_client feature flag (merge request)
- Remove the use_distinct_in_shas_cte FF (merge request)
- Remove un-used Event archived action (merge request)
- Remove Frontend to Edit Legacy Flags (merge request)
- Removes pipeline_filter_jobs feature flag (merge request)
- Remove Clusters Applications Fluentd Table (merge request)
- Drop deprecated Prometheus settings in gitlab.yml (merge request)
- Remove ability to enable/disable seat link from settings (merge request) GitLab Enterprise Edition
- Drop index_ci_builds_on_protected index (merge request)
- Remove Legacy Flags from Feature Flag Table (merge request)
- Enable the new project sidebar (merge request)
- Remove omit_commit_sha feature flag (merge request)
- Drop LB FF for ExpirePipelineCacheWorker (merge request)
- Remove new_release_page feature flag (merge request)
- Drop load-balancing FF in PipelineHooksWorker (merge request)
Security (17 changes)
- Update addressable gem to v2.8.0 (merge request)
- Disable file and network premailer strategies
- Add total http read timeout
- Update rdoc to 6.3.1
- Forbid GET requests with mutations
- Prevent GraphQL API access by deactivated users
- Add sanitizing for name field
- Fix XSS on audit log for feature flag actions
- Copy feature visibility settings to a fork
- Avoid disclosing project in web IDE
- Allow only same-origin URLs for Edit Release Cancel button
- Add new username validation
- Removes security_ci_lint_authorization code (merge request)
- Update Nokogiri to 1.11.4
- Fix deploy key fallback issue in protected branch
- Sanitize input on pasteGFM
- Fix merge request diff display issue with unsupported encoding
Performance (31 changes)
- Update anscestor deduplication in pipeline graph (merge request)
- Enqueue async, non-blocking jobs for group-group share actions (merge request)
- Immediately show parent row (merge request)
- Improve sort by popularity for issues board (merge request)
- Adjustments to compare caching (merge request)
- Move link icon to CSS (merge request)
- Lazy load avatars (merge request)
- Increase page size exponentially (merge request)
- Reduce space needed for merge request diff commits (merge request)
- Preload project user authorizations on REST API (merge request)
- Remove replica selection change FF (merge request)
- Remove redundant call to RenderService (merge request)
- Cache rendered compare entity (merge request)
- Use linear root_ancestor when possible (merge request)
- Schedule requirements processing conditionally (merge request) GitLab Enterprise Edition
- Fix Namespace#all_projects performance (merge request)
- Improve LoadBalancer#all_caught_up? logic (merge request)
- Drop full index on ci_builds.token (merge request)
- Linear traversal query for Namespace#self_and_ancestors (merge request)
- Use async job when creating/updating EpicIssue (merge request) GitLab Enterprise Edition
- Enable milestone reference caching (merge request)
- git_access: Use batched new blobs check (merge request)
- Eliminate some N+1 queries on project-pipeline GraphQL endpoint (merge request)
- Improve the performance of project/users API (merge request)
- Replacement partial index for ci_builds.token (merge request)
- Use materialied CTE to improve builds fair scheduling (merge request)
- Speed up initial page load on Releases page (merge request)
- Remove replica selection change FF for LB (merge request)
- Remove duplicate where condition (merge request)
- Implement pending builds queue builder in a separate class (merge request)
- Utilize load balancing for BuildQueueWorker (merge request)
Other (58 changes)
- Support reindexing unique indexes (merge request)
- Revise group Pages size UI text (merge request) GitLab Enterprise Edition
- First run for events dictionary for backend (merge request) GitLab Enterprise Edition
- Record message size transmitted over action cable (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
- Rename License.usage_ping to License.customer_service_enabled (merge request) GitLab Enterprise Edition
- Remove codequality_mr_diff_annotations flag (merge request) GitLab Enterprise Edition
- Remove temporary feature flags (merge request)
- Remove the codequality_mr_diff feature flag (merge request) GitLab Enterprise Edition
- Add troubleshooting section to batched migrations docs (merge request)
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
- Fix security scan query timeout (merge request)
- Index batched migration jobs by max value (merge request)
- Delete legacy operations feature flags (merge request)
- Avoid splitting strings in repository maintenance UI (merge request)
- Fix GLIcon size property (merge request)
- Only reindex btree and gist indexes (merge request)
- Refactoring string literals used for snowplow tracking in the sidebar (merge request) GitLab Enterprise Edition
- Refactor health status widget to use Apollo (merge request) GitLab Enterprise Edition
- Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
- Improve gradle QA scenario (merge request)
- Update help for renamed documentation index (merge request)
- Improves repository storage-related UI and documentation (merge request)
- Refactor health status widget to use Apollo (merge request) GitLab Enterprise Edition
- Add rel property to help link (merge request)
- Initialize conversion of ci_builds_metadata.id for bigint migration (merge request)
- Remove project_statistics_sync feature flag (merge request)
- Improve repository maintenance UI and documentation (merge request)
- Migrate push_event_payloads.event_id back to integer (GitLab.com only) (merge request)
- Remove cached_markdown_blob feature flag (merge request)
- Remove sort_dependency_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
- Move prometheus service creation to the background job (merge request)
- Add BG migration to delete orphaned deployments (merge request)
- Remove by default enabled feature flag (merge request)
- Enable new Rails connection handling (merge request)
- Review and revise Audit Events UI text (merge request) GitLab Enterprise Edition
- Add service desk project key validation error message (merge request)
- Remove FF ci_fix_pipeline_status_for_dag_needs_manual (merge request)
- Add FK for deployments.environment_id to environments table (merge request)
- Remove ci_artifacts_exclude feature flag (merge request)
- Finalize conversion to bigint for push_event_payloads (merge request)
- Log WaitableWorker inline job executions (merge request)
- Remove default-enabled cascading_namespace_settings feature flag (merge request)
- Track finished_at timestamp for schema migrations (merge request)
- Drop remove_on_close column from labels table in envs where it exists (merge request)
- Toggle codequality diff annotations flag (merge request)
- Remove usage_data_code_review_aggregation feature flag (merge request)
- Remove FF ci_workflow_rules_variables (merge request)
- Cleanup group_devops_adoption feature flag (merge request) GitLab Enterprise Edition
- Remove ci_pipeline_latest feature flag (merge request)
- Remove ci_runners_tokens_optional_encryption ff (merge request)
- Update GitLab Runner Helm Chart to 0.30.0 (merge request)
- Decrease epic issues and child epics page size (merge request) GitLab Enterprise Edition
- Remove invite_signup_page_interaction experiment (merge request)
- Add internal docs for changing CI minute namespace (merge request) GitLab Enterprise Edition
- Add more logging to track encoding errors appending CI traces (merge request)
- Remove diffs gradual load feature flag (merge request)
- Remove partial index for Hashed Storage migration (merge request)
14.0.12 (2021-11-05)
Changed (4 changes)
- Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
- Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
- Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition
14.0.11 (2021-09-23)
Fixed (1 change)
- Fix Elastic::MigrationWorker current_migration (merge request) GitLab Enterprise Edition
14.0.10 (2021-09-02)
No changes.
14.0.9 (2021-08-31)
Security (9 changes)
- Update apollo_upload_server dependency (merge request)
- Ensure shared group members lose project access after group deletion (merge request)
- Fix stored XSS vulnerability in Datadog settings form (merge request)
- Inherit user external status while creating project bots (merge request)
- Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
- Require sign in for .keys endpoint on non-public instances (merge request)
- Update Import/Export to use public email when mapping users (merge request) GitLab Enterprise Edition
- Only create jira connect NS subscriptions for admins (merge request)
- Prevent non-admins from configuring Jira connect app (merge request)
14.0.8 (2021-08-25)
Fixed (1 change)
Changed (1 change)
Other (1 change)
14.0.7 (2021-08-03)
Security (18 changes)
- Add project member validation for domain limitation (merge request)
- Hide project-level CI/CD Analytics for Guests (merge request)
- Only allow invite to be accepted by user with matching email (merge request)
- Add html escaping for default branch name (merge request)
- Configure OmniAuth to use GitLab AppLogger (merge request)
- Add permissions check to pipelines#show action (merge request)
- Prevent impersonation in gitlab-shell SSH certs (merge request)
- Fix Protected Environment Accesses Cleanup (merge request) GitLab Enterprise Edition
- Do not show email address in error message (merge request) GitLab Enterprise Edition
- Disallow non-members to set issue metadata on issue create (merge request)
- Prevent guests from linking issues with errors (merge request)
- Block impersonation token use if it is not permitted (merge request)
- Updates oauth to 0.5.6 (merge request)
- Remove impersonation token from api response for non-admin user (merge request)
- Filter todos whose target users no longer have access to (merge request)
- Fix tag ref detection for pipelines (merge request)
- Restrict access to instance-level security features for reporters (merge request) GitLab Enterprise Edition
- Fix XSS in Mermaid Markdown rendering (merge request)
14.0.6 (2021-07-20)
Fixed (4 changes)
- Fix validation method regarding MIME type keys (merge request)
- Geo: Fix snippet verification by replicating the HEAD ref (merge request) GitLab Enterprise Edition
- Fix LFS objects not downloading with Bitbucket (merge request)
- Replace Excon with Faraday for requesting object storage (merge request)
14.0.5 (2021-07-08)
Fixed (4 changes)
- Return empty strings for Jira links when URL is not set (merge request)
- Add prefix to autocomplete path (merge request)
- Do not create audit event for failed logins on read-only DB (merge request) GitLab Enterprise Edition
- Fix git clone for projects with a trailing dot over HTTP (merge request)
Other (1 change)
14.0.4 (2021-07-07)
Security (1 change)
14.0.3 (2021-07-06)
Fixed (7 changes)
- Fix deploy keys not working with LFS auth check (merge request)
- DevOps Adoption - ensure displayNamespaceId is included (merge request) GitLab Enterprise Edition
- Geo - Fix state value in the lfs_object_registry table (merge request) GitLab Enterprise Edition
- Fix broken Time Tracking Reports on Issuable sidebar (merge request)
- Fix bug where Milestone page led to console error (merge request)
- Fix frequent items timestamps not updated (merge request)
- Fix pages deployment storage migration (merge request)
Changed (2 changes)
- Geo - Move migration to a pre-deployment migration (merge request) GitLab Enterprise Edition
- Reintroduce recursive_approach_for_all_projects default-enabled (merge request)
14.0.2 (2021-07-01)
Added (1 change)
- Added omniauth_user check when verifying user cap (merge request) GitLab Enterprise Edition
Security (14 changes)
- Update rdoc to 6.3.1 (merge request)
- Forbid GET requests with mutations (merge request)
- Prevent GraphQL API access by deactivated users (merge request)
- Add sanitizing for name field (merge request)
- Copy feature visibility settings to a fork (merge request)
- Fix XSS on audit log for feature flag actions (merge request)
- Avoid disclosing project in web IDE (merge request)
- Sanitize input on pasteGFM (merge request)
- Fix merge request diff display issue with unsupported encoding (merge request)
- Fix deploy key fallback issue in protected branch (merge request)
- Add total http read timeout (merge request)
- Allow only same-origin URLs for Edit Release Cancel button (merge request)
- Update Nokogiri to 1.11.4 (merge request)
- Add new username validation (merge request)
14.0.1 (2021-06-24)
Fixed (3 changes)
- Remove add button from Devops Adoption (merge request) GitLab Enterprise Edition
- DevOps Adoption - ensure displayNamespaceId is included (merge request) GitLab Enterprise Edition
- Add Helm-2to3.gitlab-ci.yml to Auto DevOps (merge request)
14.0.0 (2021-06-21)
Added (116 changes)
- Add Packages::Helm::ProcessFileService (merge request)
- Add unique index for Helm packages (merge request)
- Disable policies linked to no container repositories (merge request)
- Allow storing detection_method in vulnerability findings (merge request)
- Expose
humanTimeEstimate & humanTotalTimeSpent (merge request)
- Make max diff files and max diff lines configurable (merge request)
- Add GraphQL endpoint to list agent configurations (via KAS) (merge request) GitLab Enterprise Edition
- Add checkbox in group settings for prevent sharing outside hierarchy (merge request)
- Add "Enterprise" badge to users that are provisioned via SAML/SCIM (merge request) GitLab Enterprise Edition
- Update Bulk Import state more accurately (merge request)
- Enable DB Load-balancer flag USE_NEW_LOAD_BALANCER_QUERY by default (merge request)
- Allow toggle job_token_scope_enabled via GraphQL (merge request)
- Publish package hash on Package Page (merge request)
- Add backend support for Coverage-Check rule (merge request)
- Add project setting to toggle job token scope (merge request)
- Scope JobToken to only authorized projects (merge request)
- Scope JobToken to only authorized projects (merge request)
- Mark pending todo as done when resolving design discussions (merge request)
- Migration for fixing missing traversal ids (merge request)
- Add qrtly reconciliation alert (merge request) GitLab Enterprise Edition
- Enable by default FF sidebar_refactor (merge request)
- Add time_change in Issue, MR and Note webhook (merge request)
- Prepopulates the pipeline editor with a 3 stage template (merge request)
- Add commit type to generic security reports (merge request) GitLab Enterprise Edition
- Adjust indexes for iterations and iteration cadences (merge request)
- Epic Boards (merge request) GitLab Enterprise Edition
- Add order_project_path to package graphql API sort (merge request)
- Add provisioning group to pipeline validation payload (merge request) GitLab Enterprise Edition
- Add index for description in ci_runners table (merge request)
- Show security report scan errors on pipeline view (merge request) GitLab Enterprise Edition
- Upgrade GitLab Pages to 1.40.0 (merge request)
- Check hierarchy sharing settings in GroupLinks::CreateService (merge request)
- Allow user to create epics via epic board list (merge request) GitLab Enterprise Edition
- Create table for tracking ci minute purchases (merge request) GitLab Enterprise Edition
- Add epic's note system_note_meta to import/export (merge request) GitLab Enterprise Edition
- Add Group Avatar endpoint (merge request)
- Add Content Editor support for wikis (merge request)
- Enable CORS headers for OpenID Connect discovery endpoints (merge request)
- Add a GET endpoint to user preferences (merge request)
- Escaped markdown not interpreted as shortcuts (merge request)
- Allow to make test cases confidential (merge request) GitLab Enterprise Edition
- Add is_shared and runner_type to hooks and API responses (merge request)
- Enable reporting of usage data for Jira integration (merge request)
- Create metric events for service desk emails (merge request)
- Add option to disable printing of root password during DB seeding (merge request)
- Allow users to specify their pronouns (merge request)
- Gracefully handle query timeouts for project VSA (merge request)
- Add title and tooltip to diff preferences dropdown (merge request)
- Add group-level lead time charts (merge request) GitLab Enterprise Edition
- Change pipeline url to have underline (merge request)
- Add danger for merge trains (merge request)
- Optionally include trailers in the commits API (merge request)
- Add compliance tab to redesigned Security-Configuration Page (merge request)
- Instrumenting project sidebar menus (merge request)
- Add upcoming_reconciliations table and model (merge request)
- Support graceful shutdown of Workhorse connections (merge request)
- Add Clone with VS Code for SSH (merge request)
- Get ancestors of an Epic using GraphQL (merge request) GitLab Enterprise Edition
- Add wiki page diff url to Slack notification message (merge request)
- Allow administrators to enable automatic deactivation of dormant users (merge request)
- Add pipeline source to custom CI_JOB_JWT claims (merge request)
- Display credit card status in /admin/users/:id page (merge request) GitLab Enterprise Edition
- Allow users to delete items from the package file list (merge request)
- Show generic 'code' type on vuln details (merge request) GitLab Enterprise Edition
- Add ability to search instanceSecurityDashboard.projects GraphQL query (merge request) GitLab Enterprise Edition
- Add
latest_pipeline_id column to vulnerability_statistics table (merge request)
- Import group boards & board lists via ndjson when using Bulk Import (merge request) GitLab Enterprise Edition
- Add an option to expose description_html in Release API (merge request)
- Render table types on generic vulnerability report (merge request) GitLab Enterprise Edition
- Remove Web Application Firewall related frontend files (merge request) GitLab Enterprise Edition
- Add link to navigate to profile settings page (merge request)
- Persist the
page parameter for VSA pagination (merge request) GitLab Enterprise Edition
- Adds block_changes_at to LicenseType in GraphQL (merge request) GitLab Enterprise Edition
- Add .drafts scope to MergeRequests (merge request)
- Add delete branch modals behind feature flag (merge request)
- Add the documentation for sidekiq routing rules (merge request)
- Helm chart download API endpoint (merge request)
- Add custom header text to free personal namespaces billing page (merge request)
- Add delete escalation policy GraphQL mutation (merge request)
- Add file-location component for generic security reports (merge request) GitLab Enterprise Edition
- Store CI runner config data (merge request)
- Expose the state field for vulnerability findings (merge request) GitLab Enterprise Edition
- Add graphql API to list Scan Execution Policies (merge request) GitLab Enterprise Edition
- Support custom messages in the cherry-pick API (merge request)
- Add post migration to cleanup orphaned records (merge request)
- GraphQl: Allow filtering epics by negated parameters (merge request)
- Add finding evidence header (merge request)
- Add module-name component for generic security reports (merge request) GitLab Enterprise Edition
- Use assignee sidebar widget in the alert drawer (merge request) GitLab Enterprise Edition
- Add 'show_whitespace_in_diffs' to the UserPreferences endpoint (merge request)
- Update button variants alignment and spacing (merge request)
- Allow recording of experiment subjects (merge request)
- Set the git default branch to "main" (merge request)
- Add memory view to Performance Bar (merge request)
- Add user IP data to external pipeline validation service (merge request)
- Backfill primary key migration for self-managed instances (merge request)
- Makes the invite button on empty projects permanent (merge request)
- Restrict trial during free signup to company users (merge request)
- Add credit card validation checkbox to admin users panel (merge request)
- Delay worker execution for workers utilizing LB (merge request)
- Optionally start a trial during free signup (merge request)
- Adds content to createCommit mutation (merge request)
- Add dast_runner_site_validation feature flag (merge request)
- Add GraphQL types for escalation policies and rules (merge request)
- Debian Group and Project Distribution Keys schema (merge request)
- Compress oversized Sidekiq job payload before dispatching into Redis (merge request)
- Add metrics to calculate rate of project imports (merge request)
- Enable Kroki on reStructuredText and Textile documents (merge request)
- Add admin page for batched background migrations (merge request)
- Remove threat_monitoring_alerts feature flag (merge request)
- Add GraphQL types for escalation policies and rules (merge request)
- Update button variants and avatar layout (merge request)
- Add admin page for batched background migrations (merge request)
- Add Sidekiq payload compression log fields (merge request)
- Add Sidekiq payload decomression server middleware (merge request)
- Implement Sidekiq job payload compressor (merge request)
Fixed (161 changes)
- Only update required instance CI template when the parameter is present (merge request)
- Bugfix: avoid 500 when resending confirmation (merge request)
- Deal with invalid caches (merge request)
- Fix CI/CD > Pipelines active routes (merge request)
- Fix unreachable ES url exception (merge request) GitLab Enterprise Edition
- Fix problems with ldap users with expired password (merge request)
- Fix DA dropdown alignment (merge request) GitLab Enterprise Edition
- Normalize buttons whitespace to only rely on margins (merge request)
- JS error on continuous onboarding welcome page (merge request) GitLab Enterprise Edition
- Only show coverage fuzzing artifact download when the job exists (merge request)
- Align file line numbers for some Safari users (merge request)
- Use context-aware translation for cloud license (merge request) GitLab Enterprise Edition
- Fix Embedded Snippet CSS to remove unnecessary vertical scroll bar (merge request)
- Rebuild iterations automation index (merge request)
- Fix migration for SSH key expiration enforcement (merge request)
- Fix spacing between deploy buttons in MR widget (merge request)
- Fix blank state styling for welcome screens (merge request)
- Fix sidebar item on Jira issue details page (merge request) GitLab Enterprise Edition
- checks: Fix LFS pointer checks only verifying first reference (merge request)
- Fix NameError Admin::ApplicationSettings::UpdateService (merge request)
- Fix CI editor template not updating on commit (merge request)
- Add select_rows to the list of NON_STICKY_READS (merge request)
- Allow nil on delegated CI/CD settings (merge request)
- Fetch from all parent groups in issue epic select (merge request) GitLab Enterprise Edition
- Prevent CI schema from registering if schema_linting flag is off (merge request)
- Conditionally render create group buttons (merge request)
- Do not trim wiki content by default (merge request)
- Show the bytes when git reports the file as undiffable (merge request)
- Use unstranslated names for telemetry on membership (merge request)
- Hide search icon on larger breakpoints again (merge request)
- Use user config for first day of week in issue datepicker (merge request)
- Fix accessing the errors property of the scan objects (merge request) GitLab Enterprise Edition
- Gracefully handle unknown failure reason in runner CI job (merge request)
- Check Security::Scan resources to identify ran security jobs (merge request) GitLab Enterprise Edition
- Fix bug where disabling usage ping via gitlab.rb did not work (merge request)
- Add default_branch support for Project API (merge request)
- Avoid idling in transaction while saving project export object (merge request)
- Fix timeouts on expiring SSH keys (merge request)
- Only check for modified paths when the branch is updated (merge request) GitLab Enterprise Edition
- Change meta tag theme color to match theme (merge request)
- fix: VulnerabilityFinding equality should exclude other record types (merge request) GitLab Enterprise Edition
- Fix trendline error (merge request) GitLab Enterprise Edition
- Fix unintentional cleanup of Import/Export tmp files (merge request)
- Use issueable reference prefix in basic search results (merge request)
- Calculate mergeability check sync on first widget load (merge request)
- Fix fetch policy in pipeline editor branch switcher (merge request)
- Fix upload-file-experiment-trigger setting incorrect base route (merge request)
- Add guard - diff missing from merge_request_diffs (merge request)
- Resolve Yajl encoding incompatibility (merge request)
- Fix MR approval by reporters (merge request) GitLab Enterprise Edition
- Fix conflict resolve to handle FailedPrecondition error correctly (merge request)
- Repurpose Key.expired_today_and_not_notified scope (merge request)
- Fix escaping characters in authors name for "Pending Comments" dropdown (merge request)
- Fix links in code quality widget (merge request)
- Fix spam detection with Akismet client (merge request)
- Do not display bulk selection when user is auditor (merge request) GitLab Enterprise Edition
- Add guard condition for when cilium (merge request) GitLab Enterprise Edition
- Enable HTML labels in Mermaid (merge request)
- Upgrade gitaly dependency to use proper go modules versioning (merge request)
- Fix MR diff compare with previous version (merge request)
- Use tag helper to generate custom emojis (merge request)
- Allow GraphQL MemberInterface to support null users (merge request)
- Fix blank error message for codequality diff (merge request) GitLab Enterprise Edition
- Fix known issues with the CSP (merge request)
- Whitelist pages in mermaid rendering (merge request)
- Fix pipeline graph visualization lines disappearing (merge request)
- Set CSP back to disabled by default (merge request)
- Fix Advanced Search retry migration button (merge request) GitLab Enterprise Edition
- Permit symbols when loading mail_room.yml (merge request)
- Use
#use_open_file for NuGet metadata extraction (merge request)
- Fix iteration wildcard id filtering for boards (merge request) GitLab Enterprise Edition
- Fix reference to
isSquashReadOnly (merge request)
- Prevent error when accessing optional needs in pipeline graph (merge request)
- Prevent prepending single quote to issue CSV exports (merge request)
- Record impersonation details on Auditor (merge request) GitLab Enterprise Edition
- Set default retries for mailers to 3 (merge request)
- Fix non-custom Total stage in VSA (merge request) GitLab Enterprise Edition
- Do not enforce UTF-8 in any forms (merge request)
- Fix indexer running longer than lock timeout (merge request) GitLab Enterprise Edition
- Fix junit report attachment in tests with error (merge request)
- Force use of UTC in formatting seconds into MM:SS (merge request)
- Fix known issues with the CSP (merge request)
- Fix CSP issues related to captchas (merge request)
- Fix "Security & Compliance" access for auditors (merge request) GitLab Enterprise Edition
- Add the deduplication hash to the job payload (merge request)
- Authorize GraphQL Vulnerabilities::IssueLink type (merge request) GitLab Enterprise Edition
- Fix the
requiring_cleanup scope (merge request)
- Do not remove export when uploading via URL (merge request)
- Set iteration state based on updated dates (merge request)
- Update google-protobuf to v3.17.1 (merge request)
- Fix CSS for MR widget for dark mode (merge request)
- Fix shared runner minutes reset on self-managed (merge request) GitLab Enterprise Edition
- Fix layout, spacing, and style of reaction emoji on issuables (merge request)
- fix: Update StoreReportService to better unique signature violations (merge request) GitLab Enterprise Edition
- Update startup css which fixes login pages (merge request)
- Make arrow on generic report section clickable (merge request) GitLab Enterprise Edition
- Determine Jira deployment_type based on URL (merge request)
- Fix ability for non project member to subscribe to an issue (merge request)
- Fix Releases page/GraphQL pagination (merge request)
- Overhaul CSS in performance bar in Dark mode (merge request)
- Fix
Security::FindingsFinder for multiple report artifacts (merge request) GitLab Enterprise Edition
- Stop using basic auth for GKE cluster creation (merge request)
- Allow error-free deletion of orphaned group members (merge request)
- Fix "Leave this group" button for subgroups listed in group overview (merge request)
- Adds a conditional to not uncheck an unchecked MR (merge request)
- Fix alignment of global alerts (merge request)
- Fix vuln scanner filter not working when report type has no scanner IDs (merge request)
- Call RedisHllUserEvent only when a user is set (merge request)
- Fix Gitpod url in user preferences (merge request)
- Fix Jira issue fields not disabled when inheriting (merge request)
- Handle invalid project ID in reply-by-email (merge request)
- Fix tooltip positioning on job view list (merge request)
- Fix typo showing error message after destroy page (merge request)
- Process emails for projects with not unique service desk keys (merge request)
- Fix JavaScript initialization in readonly mode (merge request)
- Update Gitaly's binary path in init.d scripts (merge request)
- Pin the GKE version to 1.18 for cluster creation (merge request)
- Fix N+1 problem for ForksController#new (merge request)
- Fix missing system notes and system events on create issue (merge request)
- Avoid conflicting workers in
authorized_projects namespace (merge request)
- Fix humanized size numbers for negative values (merge request)
- Fix double render in project's git URL redirect (merge request)
- Fix issue with frames not loading in Safari (merge request)
- Fix timeouts when destroying a project with many notes (merge request)
- Check user permissions for pipeline operations (merge request)
- Include environments from current and descendant pipelines (merge request)
- Render Discover link for
Security & Compliance (merge request) GitLab Enterprise Edition
- Avoid updating Elasticsearch when project is pending_delete (merge request)
- Remove feature flag around policy alert creation (merge request) GitLab Enterprise Edition
- Fix bulk edit vulnerability dropdown layering issue (merge request) GitLab Enterprise Edition
- Bump Cluster Applications version which includes: (merge request)
- Only check index status if modifying Advanced Search form (merge request)
- Preserve epic labels association during Group Import/Export (merge request)
- Hide billing plans with truthy hide_card attribute (merge request)
- Check for credit card when playing manual jobs (merge request)
- Ensure post-update actions are applied when assignees change (merge request)
- Fix errors in instance and group-level integration pages for some integrations (merge request)
- Return 404 from branches API when repository does not exist (merge request)
- Fixed Rails Save Bang offenses in few spec/models/* files (merge request)
- Fix blob preview error (merge request)
- Fix atom feed with push events for multiple tags (merge request)
- Resolve Time tracking report is bugged on GraphQL boards (merge request)
- Fixed Rails Save Bang offenses in few spec/models/* files (merge request)
- Properly process stale ongoing container repository cleanups (merge request)
- Execute member hooks only if an associated user is present (merge request)
- Fix
pry debugging location with pry-byebug and pry-shell by updating the pry-shell gem (merge request)
- Fix permission check when setting issue/merge request subscription in GraphQL API. (merge request)
- Fix pipeline graph undefined needs error (merge request)
- Prevent overflows in WebHook#backoff_count (merge request)
- Prevent overflows in WebHook#backoff_count (merge request)
- Ensure that we always run the update worker (merge request)
- Execute member hooks only if an associated user is present (merge request)
- Check for credit card when playing manual jobs (merge request)
- Added changelogfile (merge request)
- Fixed offenses in spec/models/* part 5 (merge request)
- Fix blob preview error (merge request)
- Return 404 from branches API when repository does not exist (merge request)
- Preserve epic labels association during Group Import/Export (merge request)
- Fix atom feed with push events for multiple tags (merge request)
- Fixed offenses in spec/models/* part 2 (merge request)
- Fix UI bug overflowing the text in TODO list (merge request)
Changed (155 changes)
- Move admin cohorts to separate controller (merge request)
- Improve beta state communication of content editor (merge request)
- DA use dropdown for adding groups (merge request) GitLab Enterprise Edition
- Remove ci_register_job_service_one_by_one feature flag (merge request)
- Use database as SSOT for diffs whitespace (merge request)
- Namespace translations in view switcher for clarity (merge request)
- Show update branch message when MR branch diverged from target branch (merge request) GitLab Enterprise Edition
- Backend support for multi-select project search (merge request) GitLab Enterprise Edition
- Use GraphQL for Time tracking info on Issuables (merge request)
- Bump DAST to use version 2 (merge request) GitLab Enterprise Edition
- Fix Helm version regexp to match unprefixed semver too (merge request)
- Add deprecation notice to Managed-Cluster-Applications.gitlab-ci.yml (merge request)
- Hide tooltips and popovers with escape key (merge request)
- Adds more identifiers to Seat Link (merge request) GitLab Enterprise Edition
- Usage dictionary: update name, Group Overview (merge request) GitLab Enterprise Edition
- Set PostgreSQL 12 as the minimum supported version (merge request)
- Fix: update incident sidebar severity title margin (merge request)
- Add webhook rate-limit threshold for Free plan on gitlab.com (merge request)
- Update instructions how to initialize/clone git repository (merge request)
- Add indices for created_at+id and contacted_at+id on ci_runners (merge request)
- Update Diff UI settings to match style guides (merge request)
- Relate Test Reports and Requirement Issues (merge request)
- Add verification for MR diffs using SSF (merge request) GitLab Enterprise Edition
- Make Alert details table attributes clickable (merge request)
- Add migrations for adding verification for MR diffs (merge request)
- Allow guest user to assign issue metadata on create (merge request)
- Replace plugin.log with file_hook.log (merge request)
- Restore previous month perspective (merge request) GitLab Enterprise Edition
- Update Styling of MR-Widget (merge request)
- Enforce SSH key expiration by default (merge request)
- Tidy up language on access tokens UI page (merge request)
- Move "Appearances" menu item into "Settings" in Admin Area (merge request)
- Geo: Remove feature flag geo_terraform_state_version_verification (merge request) GitLab Enterprise Edition
- Retry pipelines in the background (merge request)
- Remove feature flag
introduce_marker_ranges (merge request)
- Add input rules for creating links (merge request)
- Add new way of encrypting tokens (merge request)
- Remove maven metadata CTE FF (merge request)
- Bump major version of auto-deploy-image in Auto Deploy template (merge request)
- Fix title, value spacing of various sidebar blocks (merge request) GitLab Enterprise Edition
- Expose include_ancestor_groups arg for epics query (merge request) GitLab Enterprise Edition
- Change vulnerability filters All option text to be "All " (merge request) GitLab Enterprise Edition
- Replace work_in_progress with draft (merge request)
- Successful sync should cause verification (merge request) GitLab Enterprise Edition
- Wait until DB is ready to list data on legacy storage (merge request)
- Add level four heading to text style dropdown (merge request)
- Reintroduce DA group max requests (merge request) GitLab Enterprise Edition
- Remove env var restriction for Database load balancing (merge request)
- Hide scanner filter vendor header when there's only the GitLab vendor (merge request) GitLab Enterprise Edition
- Add vulnerability activity filters in GraphQL (merge request) GitLab Enterprise Edition
- Update the vendored cluster management Project Template (merge request)
- Projects API show the project's squash option (merge request)
- Add git push counter to geo node status (merge request) GitLab Enterprise Edition
- Adjust Button Sizes on Secure MR Widget (merge request)
- Apply Slack's UI guide to channel placeholders (merge request)
- Remove DA max requests for groups (merge request) GitLab Enterprise Edition
- Rollout arel_package_scopes feature (merge request)
- Allow iteration cadence argument on iteration creation (merge request)
- Migrate board label select to Vue (merge request)
- Remove old Advanced Search migrations (merge request) GitLab Enterprise Edition
- Added a check for user: null (merge request)
- Enable :disable_service_templates FF by default (merge request)
- Remove load_balancing_atomic_replica feature flag (merge request)
- Replaces Klar by Trivy from the specs (merge request)
- Add vulnerability scanner ID filter in GraphQL (merge request) GitLab Enterprise Edition
- Right align action buttons on jobs index page (merge request)
- Move component and spec to static site editor (merge request)
- Geo Node 2.0 - Remove geo_nodes_beta FF (merge request) GitLab Enterprise Edition
- Remove geo_lfs_object_replication feature flag (merge request) GitLab Enterprise Edition
- Increase max groups fetched for DA (merge request) GitLab Enterprise Edition
- Update breadcrumbs for project imports (merge request)
- Revise UI phrasing around force pushes (merge request) GitLab Enterprise Edition
- Upgrade to Mermaid v8.10.2 (merge request)
- Enable validate_import_decompressed_archive_size feature flag by default (merge request)
- Improve VSM date tooltip (merge request) GitLab Enterprise Edition
- Pass through escaped variable values to Runner (merge request)
- Update deprecated GlIcon size in IDE branch search (merge request)
- Use application/octet-stream as Content-Type for files in CI artifacts (merge request)
- Rename Browser Performance template jobs (merge request)
- Rearrange 'Security & Compliance' menu items (merge request) GitLab Enterprise Edition
- Enable prevent_retry_of_retried_jobs feature flag on by default (merge request)
- Simplify npm.gitlab-ci.yml using new CI variables (merge request)
- Enable cross pipeline artifacts download (merge request)
- Rename read_vulnerability to read_security_resource policy (merge request) GitLab Enterprise Edition
- Remove feature flag usage_data_p_terraform_state_api_unique_users (merge request)
- Remove feature flag create_cloud_run_clusters (merge request)
- Remove ci-trace-read-consistency feature flag (merge request)
- Added path navigation to project VSA (merge request) GitLab Enterprise Edition
- Enable ci_fix_commit_status_retried by default (merge request)
- Change docs link style in group CI settings (merge request)
- Upgrade Sentry gem to 4.4.0 (merge request)
- Refactor performance bar cookie check (merge request)
- Database Load Balancing feature available in GitLab Free (merge request)
- Align titles and icons in Security pages (merge request) GitLab Enterprise Edition
- Prevent projects with same slug from having same project key (merge request)
- Allow reporters to read project statistics (merge request)
- Simplify network policy sidebar (merge request) GitLab Enterprise Edition
- Rename instance_statistics_measurements_table (merge request)
- Converted issuable id to string (merge request)
- Fixed scroll on todos (merge request)
- Replace Flash with GlAlert in Boards (merge request)
- Improve fork error message (merge request)
- Allow
extra parameter for Snowplow events (merge request)
- Import group epics via ndjson when using Bulk Import (merge request) GitLab Enterprise Edition
- What's New content link opens in new tab (merge request)
- No Longer Send Legacy Feature Flags (merge request)
- Strip out junit screenshot path (merge request)
- Remove unused ProcessPrometheusAlertWorker worker (merge request)
- Rename experiment_subjects group_id column (merge request)
- Remove unused ProcessAlertWorker (merge request)
- Update pipeline failed notification emails to refer to jobs (merge request)
- Improve approvers text (merge request) GitLab Enterprise Edition
- Update securityReportSummary to avoid expensive operation (merge request) GitLab Enterprise Edition
- Redesign policy editor page (merge request) GitLab Enterprise Edition
- Enable builds queue on replicas by default (merge request)
- Update Unknown signin email timestamp to use 24 hour time (merge request)
- Move cluster management projects out of alpha (merge request)
- Update group creation UI (merge request)
- Remove group timelog mandatory arguments (merge request)
- Remove include_lfs_blobs_in_archive feature flag (merge request)
- Add BulkImports NdjsonExtractor & update labels pipeline to use it (merge request)
- Remove @service from integrations contollers (merge request)
- Allow url without .git suffix for import (merge request)
- Enforce maximum attachment size in project API uploads by default (merge request)
- Added path navigation to project VSA (merge request) GitLab Enterprise Edition
- Enable builds queue limit by default (merge request)
- Fix spacing for branch switcher in pipeline editor (merge request)
- Updates authorization for lint (merge request)
- Separate adoption segment namespaces (merge request)
- Use :latest image tag in default Ruby CI template (merge request)
- Globally enable better generic metrics comparison (merge request)
- Upgrade CQ for updated Rubocop for Ruby 3 (merge request)
- Remove Links header (merge request)
- Reduce queries when ticking the runner queue by default (merge request)
- Add codeowners to DevOps Adoption (merge request)
- Prevent retried builds from being retried again (merge request)
- Raise job rules without workflow warnings by default (merge request)
- Better errors to users for CustomersDot API calls (merge request)
- Enable live consumption for all paid plans (merge request)
- Remove webhooks_moved user callout (merge request)
- Use new location for container-scanning analyzer (merge request)
- Remove code owner ribbon move announcement from settings (merge request)
- Move gosec to alphabetical order (merge request)
- Update Operations settings forms to be UX consistent (merge request)
- Lock a newly created item card in boards (merge request)
- Simplify error code handling for external pipeline validation (merge request)
- Backfill clusters_integration_prometheus.enabled (merge request)
- Add ease score onboarding in-product marketing email (merge request)
- Allow issue type change for incidents (merge request)
- Observe secondary email addresses when adding a member (merge request)
- Left-align certain application-wide cancel buttons to conform to the GitLab Pajamas style guide (merge request)
- Remove old redirect rule for the usage trends feature (merge request)
- Simplify error code handling for external pipeline validation (merge request)
- Set minimum Redis version to 5.0 (merge request)
- Observe secondary email addresses when adding a member (merge request)
Deprecated (3 changes)
- Depreciate GMA from Logs view in Operations (merge request)
- Deprecate related projects_with_prometheus_alerts metrics (merge request)
- Remove OpenJDK-alpine Dockerfile template (merge request)
Removed (46 changes)
- Remove metrics dashboard alert functionality (merge request)
- Remove load_balancing_for_web_hook_worker FF (merge request)
- Drop license_management artifact (merge request) GitLab Enterprise Edition
- Remove ssh_key_expiration_email_notification feature flag (merge request)
- Remove support for creating/updating release notes via tags API (merge request)
- Drop support of legacy feature flag (merge request)
- Removes SAST_DEFAULT_ANALYZERS variable (merge request)
- Replace 'tag_list' with 'topic_list' attribute on project (merge request)
- Don't take fingerprints for the internal authorized_keys API (merge request)
- Remove redundant key/value pair from the payload of DORA metrics API (merge request)
- Remove canary_ingress_weight_control feature flag (merge request)
- Remove allow_group_deploy_token feature flag (merge request)
- Remove GitLab-managed applications UI (merge request)
- Remove GMAv1 Fluentd (merge request)
- Remove GraphQL deprecated fields (merge request)
- Remove GitLab WAF related models, services and workers (merge request) GitLab Enterprise Edition
- Remove legacy profile routes (merge request)
- Replace 'tags' with 'topics' association on project (merge request)
- Remove deprecated CI workers and arguments (merge request)
- Deprecate global usage of SAST_ANALYZER_IMAGE_TAG (merge request)
- Remove BuildsEmailService records from services (merge request)
- Remove metrics for Web Application Firewall (merge request)
- Remove documentation for GitLab WAF (merge request)
- Remove Unicorn support (merge request)
- Remove projects_with_prometheus_alerts and pod_logs_usages_total metrics (merge request)
- Remove code coverage tracking feature flag (merge request)
- Remove pick_into_project feature flag (merge request)
- Remove postgres hll batch counting ff (merge request)
- Remove
trace parameter from PUT /api/jobs/:id (merge request)
- Remove CI_PROJECT_CONFIG_PATH variable (merge request)
- Remove inherited_issuable_templates feature flag (merge request)
- Remove deprecated
--experimental-queue-selector flag for Sidekiq (merge request)
- Remove unused instance statistics workers (merge request)
- Remove Unicorn references from runtime logic (merge request)
- Remove unicorn-worker-killer gem and relations (merge request)
- Remove Unicorn detection in pid provider (merge request)
- Remove assigned open issue count background worker (merge request)
- Remove start-up scripts for Unicorn web server (merge request)
- Remove UnicornCheck service (merge request)
- Remove support for /wip quick action (merge request)
- Redirect some of deprecated repository routes (merge request)
- Remove some deprecated global routes (merge request)
- Remove Unicorn Sampler (merge request)
- Drop plugins directory support (merge request)
- Remove UnicornCheck service (merge request)
- Remove Unicorn Sampler and its dependencies (merge request)
Security (12 changes)
- Change button type so the form doesn't submit (merge request)
- Bump BinData version
- Use xpath search of Nokogiri instead of css search
- Truncate all non-blob markdown to 1MB by default
- Block access to GitLab for users with expired password
- Adds redirect page to OAuth
- Opt in to Atlassians new context qsh
- Limit oncall projects shown to scope of source GitLab Enterprise Edition
- Merge branch 'id-upgrade-rails-to-6.0.3.7' into 'master' (merge request)
- Update users two factor required from group
- Only verify commit signatures if the user email is verified
- Prevent XSS on notebooks
Performance (45 changes)
- Add post deployment migration for cleanup policies (merge request)
- Enable caching of PG typemap by default (merge request)
- Paginate diffs using Gitaly paths (merge request)
- Prevent refetching commit data (merge request)
- Use title, not full_title for commit mentionables (merge request)
- Add index for project_features.container_registry_access_level (merge request)
- Reduce number of gitaly calls in Snippet REST list Endpoints (merge request)
- Improve cache sharing between cached markdown fields and mentionables (merge request)
- Add protected pending build column and migrate data (merge request)
- Prevent fetching commits for next page (merge request)
- Retry traversal_ids backfill jobs (merge request)
- Enable label reference caching (merge request)
- chore: Drop optimize_sql_query_for_security_report feature flag (merge request) GitLab Enterprise Edition
- Add tracking of running shared runner builds (merge request)
- Use specialized project_authorization workers (merge request)
- Enable 'use_distinct_in_shas_cte' FF by default (merge request)
- Add background migration for unused expiration policies (merge request)
- Fix N+1 problem for fork controller (merge request)
- Preload blobs in repo view (merge request)
- Utilize load balancing capabilities for UserRefreshOverUserRangeWorker (merge request)
- Optimize queries that timeout in StuckCiJobsWorker (merge request)
- Linear traversal query for Namespace#root_ancestor (merge request)
- Cache open epics count in group sidebar (merge request) GitLab Enterprise Edition
- Cache sidebar merge requests count at group level (merge request)
- Moves the pipelines.json endpoint to startup js (merge request)
- Remove unreferenced lfs objects in batches (merge request)
- Remove preloading of forks in projects API (merge request)
- Enable pending builds parity by default (merge request)
- Refine linear queries in Namespace#all_projects (merge request)
- Reinstate branches keyset pagination (merge request)
- Optimize Nokogiri search for post-processing pipeline (merge request)
- Removes unneeded preloading in Markdown rendering (merge request)
- Cache
branch_requires_code_owner_approval? (merge request) GitLab Enterprise Edition
- Switch group member max access to use bulk load (merge request)
- Utilize load balancing capabilities for BuildHooksWorker (merge request)
- Add viewer URL to StartupJS (merge request)
- Advanced Search: Allow indexing workers to use replicas (merge request)
- Reduce memory consumption when an API exception goes to Sentry (merge request)
- Use cache for CI::Build runners check (merge request)
- Optimize query for loading artifacts in pipeline (merge request)
- Accelerate builds queuing using a denormalized accelerated table (merge request)
- Remove the redundant update for API endpoint projects/:id/statuses/:sha (merge request)
- Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/325744 (merge request)
- Optimize query for loading artifacts in pipeline (merge request)
- Remove feature flag for "runners_cached_states" (merge request)
Other (70 changes)
- Update alert markup in runners page (merge request)
- Use a new worker in lieu of UserRefreshWithLowUrgencyWorker as safeguard (merge request)
- Update test_file_finder and Faraday (merge request)
- Remove notification_setting_recipient_refactor feature flag (merge request)
- Add Atlassian referrer to Jira links inside GitLab (merge request)
- Use the parent element to find elements to remove the child (merge request) GitLab Enterprise Edition
- Remove ci_dynamic_child_pipeline feature flag (merge request)
- Add tracking for epic boards (merge request)
- Remove feature flag release_mr_issue_urls (merge request)
- Standardize on roles term in UI (merge request)
- Add unique index on configuration for batched_background_migrations (merge request)
- Drop the web_hook_logs_archived table (merge request)
- Bump gitlab-fog-azure-rm version to 1.1.1 (merge request)
- Remove the nuget new file reader feature flag (merge request)
- Clenup deployments_finder_implicitly_enforce_ordering feature flag (merge request)
- Extract CSS from user calendar JS (merge request)
- Add data migration to update draft on merge_requests (merge request)
- Prepare ci_stages for bigint conversion (merge request)
- Add source tracking to invites (merge request)
- Track the validation error on Environment Update (merge request)
- Enable by default Allow force push option to Protected branches (merge request)
- Update GitLab Shell to v13.19.0 (merge request)
- Add the origin of squash merge feature to the docs (merge request)
- Ensure delay for all UserRefreshOverUserRangeWorker jobs enqueued (merge request)
- Rename DevOpsAdoptionSegment (merge request) GitLab Enterprise Edition
- Prepare geo_job_artifact_deleted_events table (merge request)
- Prepare deployments table for bigint conversion (merge request)
- Remove database_sourced_aggregated_metrics FF (merge request)
- Document and lint that trailers are case-sensitive (merge request)
- Change JiraTrackerData#deployment_type based on URL (merge request)
- Group-level Protected Environment Alpha Version (merge request)
- Upgrade Puma to 5.3.2 (merge request)
- Add subgroups and user namespaces spec examples (merge request)
- Add default value for merge_requests_author_approval (merge request)
- Place multiselect drag drop behind a feature flag (merge request)
- Remove obsolete Segment selections table (merge request)
- Explicitly destroy webhooks and logs before the project deletion (merge request)
- Remove :find_remote_root_refs_inmemory feature flag (merge request)
- Reschedules migration for uuid recalculation (merge request)
- Cleanup container_registry_enabled background migration (merge request)
- Update managed cluster template to avoid hardcoded master (merge request)
- Prepare ci_builds_metadata for int8 migration (merge request)
- Remove the usage of
limit_projects_in_groups_api feature flag (merge request)
- Remove the check_maven_path_first feature flag (merge request)
- Prepare taggings table for bigint conversion (merge request)
- Update ffi from 1.13.1 to 1.15.1 (merge request)
- Remove DAST site profile related feature flags (merge request) GitLab Enterprise Edition
- Remove the FF *_unique_users_pushing_mr_ciconfigfile (merge request)
- Remove the FF ci_needs_optional (merge request)
- Remove the FF usage_data_unique_users_committing_ciconfigfile (merge request)
- Remove delayed_perform_for_build_hooks_worker feature flag (merge request)
- Update GitLab Runner Helm Chart to 0.29.0 (merge request)
- Remove threat_monitoring_alerts feature flag (merge request)
- VSA: Add decimal places to metrics (merge request)
- Prepare ci_build_trace_sections for int8 migration (merge request)
- Update button variants and alignment to align with the Pajamas Design System... (merge request)
- Removed packages_finder_helper_deploy_token feature flag (merge request)
- Update group/project member tabs to comply with Pajamas design system (merge request)
- Merge Request edit: make breadcrumbs consistent (merge request)
- Remove the feature flag for the external validation service (merge request)
- Add options events to Redis HLL metrics for filtering data (merge request)
- Track usage of the resolve conflict UI (merge request)
- Remove the packages_finder_helper_deploy_token feature flag (merge request)
- Prepare ci_build_trace_sections for int8 migration (merge request)
- Use @gitlab/ui color in member badges (merge request)
- Remove the feature flag for the external validation service (merge request)
- Update http-parser from 1.2.1 to 1.2.3 (merge request)
- Track usage of the resolve UI (merge request)
- Add missing metrics information (merge request)
- Track usage of the resolve UI (merge request)