debian-mirror-gitlab/CHANGELOG.md
2020-12-08 15:28:05 +05:30

219 KiB
Raw Blame History

Note: This file is automatically generated. Please see the developer documentation for instructions on adding your own entry.

13.4.7 (2020-12-07)

Security (10 changes)

  • Validate zoom links to start with https only. !1055
  • Require at least 3 characters when searching for project in the Explore page.
  • Do not show emails of users in confirmation page.
  • Forbid setting a gitlabUserList strategy to a list from another project.
  • Fix mermaid resource consumption in GFM fields.
  • Ensure group and project memberships are not leaked via API for users with private profiles.
  • GraphQL User: do not expose email if set to private.
  • Filter search parameter to prevent data leaks.
  • Do not expose starred projects of users with private profile via API.
  • Do not show starred & contributed projects of users with private profile.

13.4.6 (2020-11-03)

Fixed (1 change)

  • Auto Deploy: fixes issues for fetching other charts from stable repo. !46531

Other (1 change)

  • GitLab-managed apps: Use GitLab's repo as replacement for the Helm stable repo. !44875

13.4.5 (2020-11-02)

Security (9 changes)

  • Add CSRF protection to runner pause and resume. !1021
  • Do not expose Terraform state record in API.
  • Path traversal to RCE via LFS upload.
  • Update container_repository_name_regex to prevent catastrophic backtracking.
  • Validate nuget package names.
  • Prevent private repo from being accessed via internal Kubernetes API.
  • Validate each upload param key in multipart.rb.
  • Fix XSS vulnerability for job build dependencies.
  • Fix unauthorized user is able to access schedule pipeline variables and values.

13.4.4 (2020-10-15)

Fixed (2 changes)

  • Fix rollback portion of migration that adds temporary index for container scanning findings. !44593
  • Improve merge error when pre-receive hooks fail in fast-forward merge. !44843

Other (1 change)

  • Revert 42465 and 42343: Expanded collapsed diff files. !43361

13.4.3 (2020-10-06)

Fixed (3 changes)

  • Exclude 2FA from upload#show routes and 404s. !42784
  • use create_wiki method on ensure_wiki_exists in update_service. !42910
  • Fix large backups not working with Azure Blob storage. !44233

13.4.2 (2020-10-01)

Security (14 changes)

  • Do not store session id in Redis.
  • Fix permission checks when updating confidentiality and milestone on issues or merge requests.
  • Purge unaccepted member invitations older than 90 days.
  • Adds feature flags plan limits.
  • Prevent SVG XSS via Web IDE.
  • Ensure user has no solo owned groups before triggering account deletion.
  • Security fix safe params helper.
  • Do not bypass admin mode when authenticated with deploy token.
  • Fixes release asset link filepath ReDoS.
  • Ensure global ID is of Annotation type in GraphQL destroy mutation.
  • Validate that membership expiry dates are not in the past.
  • Rate limit adding new email and re-sending email confirmation.
  • Fix redaction of confidential Todos.
  • Update GitLab Runner Helm Chart to 0.20.2.

13.4.1 (2020-09-24)

Fixed (2 changes)

  • Revert required encryption on CI runner tokens. !42623
  • Allow Unleash clients to request feature flags when repository is private. !43059

Added (1 change)

  • Add missing fontawesome file icon classes. !43091

Other (1 change)

  • Notifications icon: Render empty string for custom setting. !42848

13.4.0 (2020-09-22)

Security (2 changes, 1 of them is from the community)

  • Update lodash to 4.17.20. !41036 (Takuya Noguchi)
  • Update GitLab Runner Helm Chart to 0.20.1.

Removed (6 changes, 1 of them is from the community)

  • Remove secret_detection job from vendored SAST CI template. !40028
  • Remove Docker-in-Docker mode from Dependency Scanning documentation. !40631
  • Removes unused classes on initial Ci::Ref implementation. !41077 (Jacopo Beschi @jacopo-beschi)
  • Drop Docker-in-Docker mode for SAST and Dependency Scanning. !41260
  • Remove application settings for Snowplow iglu registry url. !41556
  • Remove Value Stream Total stage. !42345

Fixed (160 changes, 41 of them are from the community)

  • Conditionally render the packages scopes in deploy token settings. !35334
  • Fix advanced filters in log explorer view for gitlab managed applications. !37926
  • Fix RegExp for dotenv report artifact. !38562
  • Fix composer 404 issues with http auth. !38641
  • Update EKS Kubernetes versions. !38644
  • Fix skipped status of DAG pipelines. !39205
  • Fixes wrong MR pipeline link when FF-merge strategy is used. !39396
  • Include also inherited project members in GraphQL API. !39444
  • Refactor spec/support/shared_examples/services/* and ee/spec/support/shared_examples/services/* to fix Rails/SaveBang Cop. !39538 (Rajendra Kadam)
  • Removes extra spaces on MR/Epic tabs-containers on mobile. !39549 (Takuya Noguchi)
  • Milestone Dashboard: Move Gray Type Badge Next to the Milestone Title. !39617 (Kev @KevSlashNull)
  • Bug fix GraphQL file uploads accepting non-file input. !39763
  • Fix Metrics dashboard embeds when using new URLs. !39876
  • Respect original visibility for instrumented methods. !39951
  • Take relative_url_path into account when building URLs in snippets. !39960
  • Fix non-retrying bridges after retried builds in CI pipelines. !39989
  • Support X-Envelope-To header as a location for Service Desk key. !40001
  • Fix bug where conan does not properly check package channel when returning file download urls. !40029
  • Fix example within file_hooks documentation. !40071 (Roger Meier)
  • Fix missing pipeline e-mails when job logs moved to object storage. !40075
  • Bump gitlab-shell to v13.7.0. !40132
  • Avoid raising errors when moving unpositioned items. !40152
  • Refactor ee/spec/support/shared_examples/requests/* and spec/support/shared_examples/requests/* to fix Rails/SaveBang Cop. !40185 (Rajendra Kadam)
  • Fix Jira importer user mapping limit. !40310
  • Fix design management Archive Selected button label. !40325
  • Allow snippet move action without an existing file name. !40343
  • Resolve Design comments: Text wrapping behavior. !40359
  • Fix incorrect merge request diff file count after deletion. !40384
  • Fix the broken CSS on the pipeline graph. !40386
  • Fix tracking of frequently visited projects and groups. !40415
  • Fix snippets edit not loading JSON values. !40417
  • Fix incorrect project path warning after failed project path rename. !40422
  • Ensure design comment is highlighted when comment is in URL. !40477
  • Fixed merge request review styles not loading in FOSS. !40479
  • Resolve Fix Resolved threads popup link and placement. !40489
  • Fix create & manage label actions in Labels dropdown. !40511
  • Always attempt retry of job trace read when file is missing. !40516
  • Fix delete confirm message not displaying trailing spaces. !40549
  • Fix reading some merge request diffs. !40598
  • Fix snowplow tracking event error for new user invite page. !40628
  • Fix file file input top position cutoff. !40634
  • allow project bot account to clone through http. !40635 (Philippe Vienne @PhilippeVienne)
  • Fix spacing and borders in milestone title and description. !40649
  • Don't send SameSite=None to incompatible browsers. !40667
  • Remove the expiry on user passwords after a user resets their password. !40712
  • Fix fork users cannot create pipelines in a fork project when parent project protects all branches. !40724
  • Create IssueLink for Vulnerabilities that do not have them. !40726
  • Fix auto-deploy-image external chart dependencies. !40730
  • Fix client usage of max line rendering. !40741
  • Fix docker file icon. !40785
  • Fix GitLab file icon in Firefox. !40786
  • Initialise charts when container display property is set. !40787
  • Fix ActiveRecord::IrreversibleOrderError during restore from backup. !40789
  • Fix the filtered search bar to work in the service desk issue list. !40797
  • Validates pypi required_python size to avoid 500 error. !40803
  • Fix wrong caching logic in ProcessRefChangesService. !40821
  • Allow users with expired passwords to sign out. !40830
  • Do not show all public groups in global notification settings page. !40879
  • Flag errors from psql when restoring from backups. !40911
  • Fix report abuse button in issues and mrs. !40918
  • Fix issue causing 'Expand All' button to not work in MR diffs view (Remove autoExpandCollapsedDiffs feature flag). !40960
  • Fix visibility param for ProjectSnippet REST endpoint. !40966
  • Fixed an issue where not all URL query parameters would apply to the filter bar on initial load in the Value Stream Analytics page. !40975
  • Make file upload button on MR edit page tab accessible. !40995
  • Change merge request updated_at when assignees are changed. !41030 (Patrick Herlihy)
  • Fix deadlock in backup repositories rake task. !41042
  • Change the warning message on project transfer to another namespace. !41059 (Takuya Noguchi)
  • Highlight design discussion if any comment in discussion is linked. !41062
  • Update pipeline button SVG to be center aligned. !41066
  • Fix Style/SelfAssignment cop. !41079 (Rajendra Kadam)
  • Multi-project pipelines in Web IDE lead to 404. !41082
  • Fix Layout/ClosingParenthesisIndentation cop. !41084 (Rajendra Kadam)
  • Fix Layout/EmptyLinesAroundArguments cop. !41086 (Rajendra Kadam)
  • Prevent duplicate system notes and events when an issue is moved. !41087
  • MR API: Allow allow_{collaboration,maintainer_to_push} to be updated. !41088
  • Fix Layout/FirstParameterIndentation cop. !41089
  • Fix Layout/RescueEnsureAlignment cop. !41093 (Rajendra Kadam)
  • Move Jobs/Deploy/ECS.gitlab-ci.yml to the top level of AutoDevOps template. !41096
  • Fix Layout/SpaceBeforeFirstArg cop. !41097 (Rajendra Kadam)
  • Fix Lint/NonDeterministicRequireOrder cop. !41098 (Rajendra Kadam)
  • Fix Lint/RaiseException cop. !41099 (Rajendra Kadam)
  • Fix unfinished merge by Merge Train process. !41106
  • Fix Style/RedundantSort cop. !41108 (Rajendra Kadam)
  • Fix Style/EmptyLiteral cop. !41110 (Rajendra Kadam)
  • Fix RSpec/ItBehavesLike cop. !41111 (Rajendra Kadam)
  • Fix Style/MultilineIfModifier cop. !41113 (Rajendra Kadam)
  • Fix Lint/UriRegexp cop. !41117 (Rajendra Kadam)
  • Fix Style/CommentedKeyword cop. !41119 (Rajendra Kadam)
  • Fix todos hover style in dark mode. !41122
  • Handle todos api argument error. !41167 (gaga5lala)
  • Restore doorkeeper generator to hex due to breaking change. !41169
  • Render reference definitions as code blocks. !41186
  • Show default message in branch selection if none selected. !41211 (Jonston Chan)
  • Fix Style/PerlBackrefs cop. !41246 (Rajendra Kadam)
  • Fix Style/SingleLineMethods cop. !41247 (Rajendra Kadam)
  • Fix Style/EmptyLambdaParameter cop. !41248 (Rajendra Kadam)
  • Fix RSpec/LetBeforeExamples cop. !41250 (Rajendra Kadam)
  • Drop one of duplicated limit-container-width classname. !41251 (Takuya Noguchi)
  • Fix Style/AccessModifierDeclarations co cop. !41252 (Rajendra Kadam)
  • Centerize text on Mark all as done button on To-Do List. !41269 (Takuya Noguchi)
  • Fix Rails/SaveBang offenses for spec/serializers/*. !41309 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for spec/services/issues/*. !41312 (Rajendra Kadam)
  • Ensure issue creation is not blocked by positioning. !41313
  • Propagate ENV variables to codequality template. !41318
  • Fix Rails/SaveBang offenses for spec/models/project_services. !41320 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for spec/requests/api/pages/*. !41324
  • Fix Rails/SaveBang offenses for spec/models/cycle_analytics/*. !41326 (Rajendra Kadam)
  • Update the 2FA user update check to account for rounding errors. !41327
  • Fix Rails/SaveBang offenses for ee/spec/services/projects/*. !41332 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for ee/spec/lib/gitlab/geo/*. !41338 (Rajendra Kadam)
  • Correctly preserve LFS objects in design or wiki repositories. !41352
  • Fix Rails/SaveBang offenses for ee/spec/lib/ee/gitlab/background_migration/*. !41357 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for spec/requests/api/*. !41362 (Rajendra Kadam)
  • Fixes Auto DevOps deploy script for multiple additional hosts separated by comma and space. !41404
  • Only create issues if supposed to for Prometheus alerts. !41468
  • Selection Highlight Oversteps Bounds of Actual Selection in Web IDE. !41553
  • Resolve NoMethodError: undefined method invite_email. !41587
  • Fixed repository browser not working with parentheses in branch name. !41591
  • Add incident label for manually created incident issues. !41598
  • Resolve Static Site Editor Flattens Mixed Lists. !41599
  • NotificationsController - Handle mising parent notificationsetting. !41612
  • Fail API Fuzzing CI/CD job when scanner errors. !41616
  • Fix MR diff file counts for some historic data. !41676
  • Fix always visible sidebar TODO button spinner. !41677
  • Fixed image comments not showing on the changes tab. !41683
  • Resolve design discussion bug where a comment is added twice. !41687
  • Remove height limit on environments table. !41688
  • Refuse to perform an LFS clean on projects that are fork roots. !41703
  • Exclude tmp dirs from backups. !41706
  • Fix padding on CI settings tables in mobile version. !41728
  • Fixed note having wrong author after deleting. !41747
  • Remove excess space above milestone titles. !41749
  • Fix merge request chat messages for adding and removing approvals. !41775
  • Use 'read' method to get request body in Conan to fix uploads when using Unicorn. !41801
  • Improve design management not available message. !41818 (Ben Bodenmiller @bbodenmiller)
  • Fix the tier of environment alerts feature. !41855
  • Prevent merge requests from triggering coverage fuzzing jobs. !41906
  • Fix upstream pipeline status when strategy dependent. !41930
  • Remove virtual scroll list from pipeline test report. !41935
  • Resolve Fix validation on External Wiki service template form. !41964
  • Fix button color for merge request settings. !42052 (Mikhail Snetkov)
  • Use the correct start time when polling for updated notes. !42124
  • Fix max seats used not updated in billing summary. !42184
  • Fix error when third level trigger pipeline. !42192
  • Merge Requests are not blocked when their pipelines are waiting for manual actions unless 'Pipeline must succeed' is checked in the settings. !42207
  • Stop applying Ctrl keyboard shortcuts inside Markdown editors on Mac. !42239
  • Stop applying Ctrl+P shortcut on MR page on Mac. !42240
  • Make SSH keys publicly accessible. !42288
  • Fix incident list by restricting query on FOSS. !42301
  • Do not add admins as owners to project authorizations during project creation. !42335
  • Do not raise error when a member is not found by invite token. !42349
  • Fix exception when saving Jira integration info for an instance. !42361
  • Fix text overflow events issue name. !42370
  • Fix error reporting for Web IDE commits. !42383
  • Does not update repository statistics when running housekeeping and repository cleanup on a read-only instance. !42409
  • Remove an extra spacing from Dashboard Issues. !42459 (Takuya Noguchi)
  • Simplify StartupCSS JS Helper and fix autosize issues under StartupCSS. !42462
  • Fix daemon memory killer jobs hash thread safety issue. !42468
  • Resolve Design comments do not render the blockquotes correctly. !42498
  • Resolve On design discussion note, icons are misaligned. !42672

Deprecated (1 change)

  • Remove pipeline_id column from requirements_test_reports. !38924

Changed (153 changes, 30 of them are from the community)

  • Add Service Templates deprecation warning banner. !25587
  • Highlight un-focused/un-viewed file's in file tree. !27937
  • Support JWT params set by Workhorse during uploads. !33277
  • Add timeout support in the delete tags service for the GitLab Registry. !36319
  • Store deployment_type of Jira server in jira_tracker_data table. !37003
  • Split "Test settings" and "Save changes" to separate buttons. !37413
  • Add spacing to design management toolbar buttons. !38889 (George Tsiolis)
  • Migrate environments pin button. !38891 (George Tsiolis)
  • Replace fa-tag(s) icons with GitLab SVG icons. !38979
  • Re-order diff unfold buttons so that “show more lines above” appears first. !39060
  • Replace fa-user(s) icons with GitLab SVG user(s) icon. !39165
  • Update order of the Header Metadata in Package details. !39585
  • Change active toggle on integration settings page to checkbox. !39586
  • Group pipeline warnings and make them collapsible. !39634
  • Adjust format for JUnit report duration times. !39644
  • Use pointer:crosshair when hovering on the design view. !39671
  • Update Prometheus helm chart version to 10.4.1. !39681
  • Update GlDeprecatedButton with GlButton in deployment_action_button. !39700
  • Add Alert Id to Alert list view. !39706
  • Resolve Combine the Overview and Alert Detail sections. !39714
  • Tweak file-by-file display and add file current/total display. !39719
  • Replace fa-circle icon instances with GitLab SVG check icon. !39745
  • Migration of old icon button to component button in Approval Rules (private groups). !39769
  • Move related issues to core. !39779
  • Change show more button to be a table row so to remove manual CSS styling. !39788
  • Improve empty state for Cohorts to match DevOps Score. !39828
  • Remove time tracking from incidents sidebar. !39837
  • Add smtp_server to usage ping data. !39844
  • Replace fa-download icon with GitLab SVG download icon. !39849
  • Replace fa-caret-down with SVG icon in MR widget. !39852
  • Remove redirection when snippet has a binary blob. !39858
  • Search UI Allow issue scope results filtering by state. !39881
  • Use dropdown for embed in snippets. !39885
  • Update Managed Cluster Applications to v0.29.0, including WAF for ingress, a smaller CI template, and version updates to a few applications. !39890
  • Add Flash spacing on merge request show page. !39903
  • Rename DevOps Score to DevOps Report. !39953
  • Prevent MRs to be dropped from Merge Trains for open discussions. !39957
  • Change icon for branch delete button. !39968
  • Replace Unicode Characters with ASCII Equivalent in New Project Slug. !39971 (Kev @KevSlashNull)
  • Prevent form submission in search boxes on New Release and Edit Release pages. !40011
  • Move package usage ping data to core. !40032
  • Hide projects that are pending delete from the project index. !40035
  • Bump swagger-ui-dist. !40077 (Roger Meier)
  • Truncate job title on log page. !40107
  • Add the unique search visits data to the usage ping. !40134
  • Increase default page size for Alert and Incident management to 20 from 10. !40139
  • Disallow awarding emojis to locked Issuables for users that are not member of the project. !40150
  • Add 'kind' to differentiate between NetworkPolicy and CiliumNetworkPolicy Kubernetes network manifests. !40165
  • Adjust badge key text and width limits. !40199 (Fabian Schneider @fabsrc)
  • Improve click surface area of toggle buttons. !40231
  • Track edit by editor action for Usage Ping. !40232
  • Track unique web ide edit action for usage ping. !40246
  • Replace fa-bugs icons with GitLab SVG bug icon. !40273
  • Add Alert Management assignee avatar for list and details view. !40275
  • Track snippet editor actions. !40277
  • Moved Cluster Connect Form to Vue. !40295
  • Update issue edit buttons. !40298
  • Add filter to exclude non internal users in REST API. !40372
  • Include draft merge request into filter response. !40376
  • Update gitlab-puma to 4.3.5-gitlab-3. !40389
  • Automatically create self monitoring project on new GitLab installations. !40404
  • Update default plan limits for maximum package file sizes. !40410
  • Re-name Analytics Workspace as instance-level analytics. !40436
  • Update issue edit button to gl-button. !40438
  • Migrating to gl-button in Environments table. !40444
  • Bump marginalia gem version to 1.9.0. !40481
  • Move Jira Development Panel integration to Core. !40485
  • Update commit toggle description button to gl-button. !40524
  • Render markdown attribute definitions as tooltips. !40541
  • Bump doorkeeper to 5.1.1. !40546
  • Replace fa-trash icons with GitLab SVG remove icon. !40579
  • Replace fa-search-* icons with GitLab SVG icons. !40580
  • Migrate DevOps Score empty state into Vue component. !40595
  • Remove auto close incident feature flag. !40612
  • Change invalid Snippet params status code from 403 to 422. !40619
  • Migrating setup policy button in registry settings. !40668
  • Replace notification icons with Gitlab SVGs. !40709
  • Sort TestCase data by status and execution_time. !40722
  • Remove file_name and content in snippet mutations. !40727
  • GraphQL: Updates PipelineCancel mutation. !40764
  • Retrieve security dashboard URL used on Project Severity status report from backend. !40801 (Kev @KevSlashNull)
  • Track SFE actions in BlobController. !40846
  • Replace fa-exclamation-circle and fa-lightbulb-o with GitLab SVG icons. !40857
  • Remove frontend unit test report test case sorting. !40885
  • Bump doorkeeper to 5.3.0. !40929
  • Add IDE edit actions to Usage Data. !40939
  • Show keep button for locked artifacts. !40962
  • Add type selector dropdown to new issue form. !40981
  • Global Search - Redesign Issue Results Title. !41016
  • Increase Pypi required_version limit to 255. !41018
  • Replace bootstrap alerts in ee/app/views/groups/push_rules/edit.html.haml. !41069 (Jacopo Beschi @jacopo-beschi)
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/projects/services/prometheus'. !41126 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/shared/issuable'. !41132 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/projects/find_file'. !41134 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/assets/javascripts/gpg_badges.js'. !41136 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/assets/javascripts/notes/components/note_header.vue'. !41140 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/assets/javascripts/vue_merge_request_widget/components/deployment/memory_usage.vue'. !41142 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/assets/javascripts/blob/file_template_selector.js'. !41146 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/assets/javascripts/ajax_loading_spinner.js'. !41147 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/projects/tree'. !41148 (Gilang Gumilar)
  • Change logic behind new issues highlight. !41150
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/projects/imports'. !41151 (Gilang Gumilar)
  • Migrate '.fa-spinner' to '.spinner' for 'app/views/imports'. !41153 (Gilang Gumilar)
  • Replace fa-arrow-* with GitLab SVG icons. !41158
  • Remove expired_pat_email_notification feature flag. !41166
  • Display provider name for profile social sign-in connectors. !41198
  • Adjust the Package Registry breadcrumb to match navigation. !41264
  • Replace bootstrap alerts in app/views/projects/forks/error.html.haml. !41292 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/projects/blob/edit.html.haml. !41298 (Gilang Gumilar)
  • Add confirmation dialog when importing multiple projects. !41306
  • Replace bootstrap alerts in app/views/shared/_project_limit.html.haml. !41335 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/projects/_deletion_failed.html.haml. !41344 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/shared/_group_form.html.haml. !41348 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/projects/pages/_access.html.haml. !41360 (Gilang Gumilar)
  • Update Secret-Detection template to use commits file. !41364
  • Change 2FA to verify password hash instead of timestamp. !41366
  • Replace bootstrap alerts in app/views/admin/groups/_form.html.haml. !41375 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/profiles/two_factor_auths/create.html.haml. !41383 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/profiles/two_factor_auths/show.html.haml. !41388 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/shared/issuable/_form.html.haml. !41390 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/shared/_no_password.html.haml. !41397 (Gilang Gumilar)
  • Replace bootstrap alerts in app/views/projects/merge_requests/_mr_title.html.haml. !41399 (Gilang Gumilar)
  • Remove pipeline warnings from pipeline view. !41419
  • Package Registry: Adjust the max width for non-fluid screens to be 990. !41549
  • Add help text to incident type select on new issue form. !41567
  • Corrected some spelling mistakes in the project deletion confirmation modal. !41576
  • Add ability to update only Snippet descriptions via REST endpoint. !41581
  • Place older issues before more recent ones. !41602
  • Change name of GitLab Instance Administrators group to GitLab Instance. !41684
  • Replace fa-info-circle icons with GitLab SVG information-o icon. !41721
  • Improve support for description field on CiliumNetworkPolicy. !41722
  • Replace fa-trash-o icons with GitLab SVG remove icon. !41748
  • Remove designs from incidents. !41757
  • Introduce infinite scrolling to importers. !41789
  • Remove email confirmation field on signup form. !41813
  • Replaced ACE with Editor Lite on CI linting view. !41895
  • Replace fa-question-circle icons with GitLab SVG question-o icon. !41970
  • Migrate MR Deployment Widget to GlDropdown. !42004
  • Filter the values for deployment platform metrics. !42116
  • Present complete alert payload in detail and incident views. !42140
  • Update template warning padding on New Issue form. !42154
  • Updated gitlab:usage_data:dump_sql_in_yaml rake task with redis usage. !42189
  • Update visual styling of container registry metadata. !42202
  • Direct support for HTTP basic authentication in API Fuzzing. !42266
  • Disable Sidekiq Exporter logs by default. !42267
  • Hashed Storage: forced automatic migration of legacy projects via background jobs. !42313
  • Add Missing slash in 'Registry setup' section of npm packages. !42360
  • Remove job logs from notification e-mails. !42395
  • Refactored snippets edit form to Vue. !42412
  • Store object counts periodically for instance statistics. !42433
  • Increase widget polling for closed and merged merge requests. !42458
  • Remove successful signup flash message. !42512
  • Update conan remote instructions snippet to show project-level remote. !42526

Performance (37 changes, 5 of them are from the community)

  • Improve group search users scope performance. !38701
  • Optimize counts.terraform_reports usage ping counter. !39499
  • Fix slow group loading on forking page. !39640
  • GlButton migrations for pipeline security tab. !39651
  • Optimize markdown rendering in search results. !39833
  • Make highlighting limits stricter. !39934
  • Increase poll interval for merged MRs widget. !39961
  • Reduce MergeRequest::RefreshService loops. !40135
  • Improve performance of Gitlab::BacktraceCleaner. !40180
  • Improve performance of Rails backtrace cleaner configuration. !40182
  • Defer (certain) parts of setting up snowplow telemetry. !40299
  • Reduce storage requirements for keeping track of pre-logged-in sessions. !40336
  • Increase performance of rendering large amounts of markdown data. !40448
  • Replace fa-times with GitLab SVG close icon in dropdowns. !40585
  • Replace fa-times with GitLab SVG close icon in promotions. !40586
  • Replace fa-times with GitLab SVG close icon in forms. !40587
  • Reduce Redis usage when viewing repositories with lots of branches and tags. !40615
  • Preload projects to prevent N+1 when populating project name. !40769
  • Fix package API query performance when pipelines and multiple versions are present. !40770
  • Apply GZip compression to discussion diffs. !40778
  • Improve Productivity Analytics and Merge Request Analytics database queries. !40838
  • Replace LoadingButton with GlButton for the comment dismissal modal. !40882
  • Jdb/refactor inline diff table row. !40906
  • Remove the async pages feature flags. !40980
  • Graphql Issues - Fix N+1 for Assignees. !41233
  • Clean up stale merge request HEAD ref. !41555
  • Remove stale merge refs. !41572
  • Jdb/refactor parallel diff table row. !41606
  • Updates CiPlatformMetrics to do bulk insertions. !41617
  • Verify only 1mb of existing LFS object to improve LfsDownloadService performance. !41770
  • Drop one of duplicated classname from Project. !41830 (Takuya Noguchi)
  • Drop one of duplicated classname from Projects. !41831 (Takuya Noguchi)
  • Drop one of duplicated classname from Serverless Function. !41832 (Takuya Noguchi)
  • Drop one of duplicated classname from Serverless Functions. !41833 (Takuya Noguchi)
  • Pass project ID to issue placement worker. !42091
  • Enable coverage_report_view feature flag by default. !42094 (fh1ch)
  • Update MR index to include id. !42222

Added (135 changes, 12 of them are from the community)

  • WebAuthn support (behind feature flag). !26692 (Jan Beckmann)
  • Add ignore_skipped option for pipeline status badge. !28288 (Fabian Schneider @fabsrc)
  • Geo: Add migrations for registry and details tables for external MR diff replication. !34248
  • Display Merge Request's source branch name in sidebar. !34901 (Ethan Reesor (@firelizzard))
  • Add validation to pypi package version. !35080 (Bola Ahmed Buari)
  • Add ability to get an Issue using GraphQL and REST API. !35176
  • Add versioning support to Terraform state backend. !35211
  • Show expired milestones at the bottom of the list within dropdown. !36562
  • Added EWM work item tracker integration. !36662
  • Add user mapping by username when importing projects for Bitbucket Server importer. !36885
  • Surround selected text in markdown fields on certain key presses. !37151
  • Add json api endpoint that provides CI linting. !37344
  • Include max artifact size in authorize response. !37632
  • Add link to compare changes intoduced by a git submodule update. !37740 (Daniel Seemer @Phaiax)
  • Add note to graphql timelog_type. !37748 (Lee Tickett)
  • Add Gitpod integration. !37985 (Cornelius Ludmann @corneliusludmann)
  • Geo: Added DB tables for snippets replication. !38688
  • Add similarity sorting for projects for GraphQL API. !38916
  • Automatically add AJAX API requests to the performance bar. !39069
  • Send notification when merge request is set to merge when pipeline succeeds. !39297 (Ravishankar Gnanaprakasam)
  • Expose group memberships under group via GraphQL. !39331
  • Add alert when editing .gitlab-ci.yml. !39508
  • Allow Conan packages to be scoped to project-level. !39541
  • Add the artifact expiration help url. !39546 (Gilang Gumilar)
  • Send email notification on disabling 2FA. !39572
  • Add package file size limits to plan limits. !39633
  • Add AuthenticationEvent to store sign-in events. !39652
  • Add virtual actions tracker for Usage Ping. !39694
  • GraphQL: Pipeline mutations for retry, cancel, and destroy. !39780
  • Add ability to associate Environment with Alert with gitlab_environment_name payload key. !39785
  • Add Conan lock file support to Dependency Scanning. !39811
  • Add Summary tab for incident issues. !39822
  • Incident severity widget. !39859
  • Add dedicated SAST and DS CI image variables. !39875
  • Add index for expire_at to ci_pipeline_artifacts. !39882
  • Adds auto_close_incident column to project_incident_management_settings. !39980
  • Adds CI Platform Metrics bookkeeping model. !40036
  • Adds package count to usage data. !40039
  • Add / as keyboard shortcut for search. !40057
  • Add new "generic" package type. !40061
  • Surface incident severity and icon in the Incident List table. !40112
  • Add background worker to rebalance issues. !40124
  • Add a system note on Alert creation. !40128
  • Add usage pings for project import using various importers (GitLab, Bitbucket, Gitea, GitHub and more). !40130
  • Sync LFS objects when push mirroring. !40137
  • Add MergeRequest sort options to GraphQL API. !40138
  • Add total count to GraphQL release data. !40147
  • Add Atlassian Identity to store identity/credentials. !40176
  • Add OmniAuth sign-in via Atlassian Cloud. !40178
  • Add alert to Issue type in GraphQL. !40214
  • Add usage ping and index for DAST On-Demand Scans. !40219
  • Filter Merge Requests by author, assignee and milestone in GraphQL. !40265
  • Add IssuableSeverity to store Incident severity level. !40272
  • Paginate profile group notifications. !40326
  • Add keyboard shortcuts for bold, italic, and link in markdown editors. !40328
  • Password changed emails must specify that password was changed by admin. !40342
  • Add merge_request_reviewers table. !40358
  • Add table for storing user settings for board epic swimlanes. !40360
  • Wrap dashboards dropdown items text. !40367
  • Create security_findings table. !40368
  • Add issue importers usage pings (FogBugz, Phabricator, Jira). !40382
  • Add CI_COMMIT_TIMESTAMP CI variable. !40388 (Nasko Vasilev)
  • Add admin UI for adjusting package file size limits. !40423
  • Add pipeline_artifacts_size to root_storage_statistics. !40425
  • Adds monthly package data to usage ping. !40452
  • Show the comment authored time in comment search results. !40472
  • Add incident management analytics events. !40475
  • Make cloud native build logs more resilient. !40506
  • Return builds with coverage in MR widget JSON response. !40533
  • Expose the todos of the current user on relevant objects in GraphQL. !40555
  • Save pages build artifact id in pages metadata. !40592
  • Add issue filters when listing board issues in GraphQL. !40602
  • Create table for storing Instance Statistics object counts. !40605
  • Improve ability to navigate to child pipelines. !40650
  • Support custom Azure Blob Storage domains. !40694
  • Add toml and json front matter language support to Static Site Editor's WYSIWYG mode. !40718
  • Add a warning when any diff files are collapsed. !40752
  • Track downloads of group code coverage CSV in snowplow. !40754
  • GraphQL: Add retryable and cancelable to PipelineType. !40780
  • Format Conan package manager in Dependency List. !40811
  • Allows to update incident severity via GraphQL. !40869
  • Expose Instance Statistics measurements (object counts) via GraphQL. !40871
  • Add job token authentication for the GitLab PyPI package repository. !40888
  • Upgrade pages to v1.23.0. !40915
  • Add GFM reference format for alerts. !40922
  • Destroy issue board via GraphQL. !40930
  • Exposes Incident's severity via GraphQL. !40945
  • Expose a list of projects starred by the user to GraphQL API. !41076 (Pavel Kuznetsov)
  • Parallel matrix jobs show relevant variables in job name. !41080
  • Rake task to generate raw SQLs for usage ping. !41091
  • Make the auto_link_user OmniAuth setting configurable by provider. !41133
  • Add release direct asset link info to GraphQL endpoint. !41170
  • Add "upcomingRelease" field to GraphQL endpoint. !41183
  • Show multiple jobs contributing to code coverage. !41217
  • Add update issue by id in vuex for boards. !41226
  • Record package creator. !41258
  • Make bridge/child pipelines clickable. !41263
  • Optimise index on audit events for CSV export. !41266
  • Search UI - Implement Merge Request scope results filter by state. !41282
  • Migrate live traces before updating build state. !41304
  • Export ActionCable metrics to Prometheus. !41358
  • Display merged commit sha in fast-forward merge mode. !41369 (Mycroft Kang @TaehyeokKang)
  • Add admin setting of Elasticsearch client request timeout. !41470
  • Add support for environment_url.txt to API Fuzzing. !41523
  • Check if usage ping enabled for all tracking using Redis HLL. !41562
  • Introduce build states table / model / migration. !41585
  • Add bottom spacing to static site editor UI to align with overall UI spacing. !41596
  • Migration to cleanup after partitioned audit_events backfill. !41605
  • DAST Site validation - Model Layer. !41639
  • Automatically resolve alert when receiving end time. !41648
  • Show welcome page after sign up. !41662
  • Incident highlight bar widget. !41702
  • Enable unique search users usage ping HLL metric by default. !41739
  • New ActionCable Prometheus metrics added. !41771
  • Upgrade GitLab Pages to 1.24.0. !41782
  • Add pages_deployments table. !41785
  • Surface alert details in a tab on incidents. !41850
  • Add forum link to help menu. !41858
  • Add namespace ID to user pages in the admin area. !41877
  • Track projects using code intelligence. !41881
  • Add a front matter editing UI in WYSIWYG mode of the Static Site Editor. !41920
  • Add issues and merge_requests filtering by state for search API. !41989
  • Log authentication events alongside existing audit events. !42033
  • Validate not null external_diff_store field on merge_request_diffs to maintain data integrity. !42045
  • Create and resolve To-Dos for designs. !42059
  • Set incident severity when it is created from an alert. !42072
  • Make Pipeline ID's always a link for downstream/upstream pipelines. !42107
  • Create placeholder model for Vulnerability to reserve + as a reference prefix. !42147
  • Add deduplicated column to security_findings table along with the compound index on scan_id and deduplicated and remove the index on scan_id. !42270
  • Autocomplete recently viewed issues in the global search bar. !42302
  • Upgrade GitLab Pages to 1.25.0. !42350
  • Query projects by ids with GraphQL. !42372
  • Database changes to support terraform state version replicaiton. !42492
  • Add autocomplete search suggestions for recent merge requests. !42560
  • Implement allowing child pipeline to have child pipeline. !42580

Other (116 changes, 60 of them are from the community)

  • Migrate .fa-spinner to .spinner for app/views/projects/blob/viewers. !25046 (nuwe1)
  • Replace issue-created icon with issues icon. !26409
  • Remove skip_hased_storage_upgrade feature flag. !29364 (Lee Tickett)
  • Add indexes to label_links database table. !34503
  • Add first OpenAPI specification file. !35868 (winniehell)
  • Replace deprecated button with new button. !38940
  • Stricter default timeouts for outgoing HTTP requests. !39188
  • Update dependency vuex to ^3.5.1. !39201
  • Add the Query Apdex Prometheus metric to usage ping. !39256
  • Update spec to glbutton. !39311
  • Update prismjs from 1.6.0 to 1.21.0. !39593 (Takuya Noguchi)
  • Reinstate 60s timeout in Cluster Prometheus. !39595
  • Create a POC for 'immer' library. !39738
  • Remove default column from services table. !39817
  • Implement JSON response for project/pipelines create. !39839
  • Syncronize use of maximize and minimize icons in order to deprecate duplicates with different names. !39889
  • Add emails user_id foreign key with cascade delete. !39899
  • Update GitLab Runner Helm Chart to 0.20.0. !39933
  • Add temporary index for container scanning findings. !39962
  • Replace some fa-trash icons with GitLab SVG remove icon. !39991
  • Replacing deprecated buttons and loading buttons with new buttons. !40163
  • Migrate Bootstrap button to GitLab UI GlButton in mr_widget_failed_to_merge. !40170
  • Remove unused users.bio database column. !40269
  • Remove milestone and iteration feature from Incidents sidebar. !40283
  • Drop code_owner column from approval_merge_request_rules. !40322
  • Add merge request usage to usage data. !40391
  • Migrating buttons and classes to match GitLab UI. !40409
  • Display informative messages when service desk is unsupported. !40454
  • Add seats related columns for easier data analysis. !40470
  • Remove keep latest artifact feature flags. !40478
  • Add index on merge_request_id to approval_merge_request_rules. !40556
  • Add kubernetes_agents usage metric. !40559
  • Adds creator_id field to packages_packages table. !40562
  • Add usage ping for distinct count for kubernetes agents for at least one token. !40563
  • Add kubernetes_agent_gitops_sync usage ping metric. !40568
  • Refactor ee/spec/support/shared_examples/models/* and spec/support/shared_examples/models/* to fix Rails/SaveBang Cop. !40695 (Rajendra Kadam)
  • Change Vulnerabilities Count Data Retention to 1 year. !40766
  • Add warning to stop Puma and Sidekiq when restoring from backup. !40791
  • Add --if-exists to pg_dump command-line in backup creation. !40792
  • Migrate remove description history button to new button. !40806
  • Add NOT NULL constraint to merge_request_metrics.target_project_id. !40836
  • Update empty state behavior for incidents list. !40872
  • Remove attempt_group_search_optimizations feature flag. !40881 (gaga5lala)
  • Add Issue actions to UsageData. !40904
  • Hide the latest version of templates from the template selector. !40937
  • Add target_id column to audit_events table. !40954
  • Update Workhorse to v8.44.0. !40970
  • Internal API for GitLab Kubernetes agent. !41045
  • Use applogger in app/workers/*. !41046 (Rajendra Kadam)
  • Use applogger in config/initializers/*. !41047 (Rajendra Kadam)
  • Use applogger in ee/app/models, helpers and workers. !41048 (Rajendra Kadam)
  • Use applogger in group.rb, access.rb and repo update mirror worker. !41049 (Rajendra Kadam)
  • Use applogger in some files of lib/gitlab/ldap/sync/*. !41051 (Rajendra Kadam)
  • Use applogger in lib/gitlab/. !41052 (Rajendra Kadam)
  • Use applogger in spec/lib/ee/gitlab/. !41053 (Rajendra Kadam)
  • Use applogger. !41055 (Rajendra Kadam)
  • Use applogger in some files of ee/lib/* and spec files. !41056 (Rajendra Kadam)
  • Use applogger in some files in lib/gitlab. !41058 (Rajendra Kadam)
  • Use applogger in some files of auth/ldap dir. !41061 (Rajendra Kadam)
  • Use applogger in lib/gitlab. !41063 (Rajendra Kadam)
  • Use applogger in lib/gitlab/database. !41068 (Rajendra Kadam)
  • Use applogger in lib/gitlab/. !41071 (Rajendra Kadam)
  • Use applogger in lib/gitlab/. !41075 (Rajendra Kadam)
  • Replace v-html with v-safe-html in delete_project_modal.vue. !41130 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in fork_groups_list_item.vue. !41143 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in list.vue. !41145 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in popover.vue. !41197 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in suggestions.vue. !41200 (Kev @KevSlashNull)
  • Replace v-html with GlSprintf in memory_usage.vue. !41204 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in parallel_diff_table_row.vue. !41206 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in registry_breadcrumb.vue. !41207 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in note_signed_out_widget_spec.js. !41219 (Kev @KevSlashNull)
  • Externalize i18n strings from app/views/shared/web_hooks/_form.html.haml. !41234 (Takuya Noguchi)
  • Externalize i18n strings from snippets/_header HAML. !41235 (Takuya Noguchi)
  • Externalize i18n strings from app/views/shared/runners/show.html.haml. !41241 (Takuya Noguchi)
  • Widen TODO list only on mobile to be mobile-friendly. !41244 (Takuya Noguchi)
  • Widen issuable list only on mobile to be mobile-friendly. !41249 (Takuya Noguchi)
  • Use GitLab AppLogger. !41261 (Rajendra Kadam)
  • Add index to resource_iteration_events for add actions. !41280
  • Use GitLab AppLogger. !41290 (Rajendra Kadam)
  • Update Workhorse to v8.45.0. !41293
  • Use GitLab AppLogger in files in lib/gitlab/*. !41302 (Rajendra Kadam)
  • Replace v-html to v-safe-html directive. !41305 (Kazuya Kojima)
  • Fix Rails/SaveBang offenses for /spec/services/merge_requests/. !41315 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for /spec/services/ci/. !41317 (Rajendra Kadam)
  • Adds an alert handler for bootstrap migration. !41323
  • Replace v-html with v-safe-html in delete_user_modal.vue. !41328 (Kev @KevSlashNull)
  • Fix Rails/SaveBang offenses for /spec/models/ci/. !41329 (Rajendra Kadam)
  • Replace v-html with v-safe-html in description.vue. !41336 (Kev @KevSlashNull)
  • Internationalize Admin Abuse Report. !41355 (suzu-1990)
  • Internationalize Admin users new. !41367 (Takuya Noguchi)
  • Externalize i18n strings from admin dashboard. !41387 (Takuya Noguchi)
  • Fix Rails/SaveBang offenses for 3 files. !41392 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for 3 files. !41394 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for 3 files. !41395 (Rajendra Kadam)
  • Fix Rails/SaveBang offenses for 3 files. !41398 (Rajendra Kadam)
  • Replace GlDeprecatedDropdownDivider with GlDropdown in app/assets/javascripts/vue_shared/components/filtered_search_bar/tokens/author_token.vue. !41432 (nuwe1)
  • Replace v-html with the gl-icon component in time_ago.vue. !41457 (Kev @KevSlashNull)
  • Replace v-html with v-safe-html in no_changes.vue. !41471 (Kev @KevSlashNull)
  • Rename job trace to job logs in IDE code. !41522 (Kev @KevSlashNull)
  • Remove attempt_project_search_optimizations feature flag. !41550 (gaga5lala)
  • Update gems to use Faraday v1.0.1. !41623
  • Ensure namespace settings are backfilled via migration. !41679
  • Update design discussions to use GitLab UI components. !41686
  • Convert spec_helper to fast_spec_helper. !41755 (gaga5lala)
  • Migrate Bootstrap button for environment_actions. !41844
  • Make Daemon Memory Killer be the default for Sidekiq. !41847
  • Refactor relative positioning to enable better testing. !41967
  • Lighten header counter badge colors to be more vibrant. !42002
  • Remove duplicated container scanning findings. !42041
  • Remove .pkgr.yml as not used for 4 years. !42156 (tnir)
  • Update deprecated software versions to the latest. !42158 (tnir)
  • Upgrade vendored Dockerfile template to buster. !42169 (Takuya Noguchi)
  • Add instance statistics visits to usage data. !42211
  • Modify DevOps Score UI Text. !42256
  • Expand the visible highlight for collapsed diffs (re: !41393). !42343

13.3.4 (2020-09-02)

Security (1 change)

  • Protect OAuth endpoints from brute force/password stuffing.

13.3.3 (2020-09-02)

Security (23 changes, 1 of them is from the community)

  • Check validity of project's import_url before mirroring repository.
  • Show on two-factor authentication setup page groups that are the cause of this requirement.
  • Prevent interrupted 2FA sign-in from signing-in incorrect user.
  • Create new 2FA code each time user is entering 2FA setup page.
  • Remove all sessions but current while enabling 2FA.
  • Invalidate two factor sign-in when user password changes.
  • Delete members invites created by users being deleted.
  • Prevent OmniAuth from rendering arbitrary error messages.
  • Prevent not-2fa authenticated users that are supposed to use it to consume api via session.
  • Invalidate remember me when an active session is revoked.
  • Add rate limit on webhooks testing feature.
  • Add scope presence validation to OAuth Application creation.
  • Allow only running job tokens for API authentication.
  • Prevent Deploy Tokens to read project resources when repository is disabled.
  • Change conan api to use proper workhorse validation.
  • Ensure global ID is of Snippet type in GraphQL destroy mutation.
  • Fix Improper Access Control on Deploy-Key.
  • Set maximum limit for profile events.
  • Persist EKS External ID before presenting it to the user.
  • Prevent project maintainers from editing group badges.
  • Upgrade jquery to v3.5.
  • Update websocket-extensions gem to 0.1.5. (Vitor Meireles De Sousa)
  • Update GitLab Runner Helm Chart to 0.19.3.

13.3.2 (2020-08-28)

Removed (1 change)

  • Display upcoming database deprecation warning only if current database version minimum is not met. !38225

Fixed (5 changes)

  • Fix race condition in concurrent backups. !39894
  • Prevent accidental group deletion if path rename fails. !40353
  • Fix snippet save button disabled with empty file path. !40412
  • Fix exception handling when a concurrent backup fails. !40451
  • Scope incident issue counts by given project or group. !40700

13.3.1 (2020-08-25)

Fixed (2 changes)

  • Fix bug when promoting an Issue with attachments to an Epic. !39654
  • Avoid creating diff position when line-code is nil. !40089

13.3.0 (2020-08-22)

Security (2 changes)

  • Improve path traversal validation checks. !33114
  • Update GitLab Runner Helm Chart to 0.19.2.

Removed (3 changes)

  • Remove Internet Explorer 11 from babel transpilation. !36840
  • Remove namespace storage limit setting. !38108
  • Geo: Drop tables related to vulnerability export replication. !38299

Fixed (116 changes, 14 of them are from the community)

  • Fix filter by releases at group issues and merge requests search bar. !26740 (Gilang Gumilar)
  • Disable commenting on lines in files that were or are symlinks or replace or are replaced by symlinks. !35371
  • Fix icon alignment on board cards. !35710 (carolcarvalhosa)
  • Make Add metrics button visible on self monitoring dashboard. !36169
  • Keep large spinner while MR file tree is loading. !36446
  • Bug Fix: Child pipelines are not found by API endpoints. !36494
  • Show relevant error messages when failing to match a CI job entry. !36536
  • Dont show close icon on flash warning. !36581
  • Updates to file table in package details UI. !36723 (Adam Alvis (@adamalvis))
  • Add graceful timeout handling for analytics. !36811
  • Resolve Pasting an image into a comment also uploads design. !37171
  • Fix release evidence sometimes not being collected. !37184
  • Fix editing note throws js error. !37216
  • Fix merge request approvals for EE without a license. !37246
  • Fixed ops settings titles. !37259
  • Refactor all factories to fix SaveBang Cop. !37268 (Rajendra Kadam)
  • Resolve Anchor tags to Designs is not working. !37307
  • Fix content validation for existing wiki pages. !37310
  • Alert management list spacing. !37320
  • Fix issue with blank keyset pagination parameters. !37351
  • Remove dashed border on designs hover. !37375
  • Fix CSV downloads for multiple series in the same chart. !37377
  • Fix Pypi and Nuget Storage Statistics. !37386
  • Display files in tab counter same as diff stats. !37390
  • Fix vertical alignment of design management toolbar buttons. !37398
  • Allow LFS to be enabled in project settings even when Repository is disabled. !37401
  • Update closed MRs on push. !37414
  • Remove old export file when requesting new project export using API. !37427
  • Refactor spec/helpers and ee/spec/helpers to fix SaveBang Cop. !37446 (Rajendra Kadam)
  • Fix ambiguous query error when filtering for Any milestone in Value Stream Analytics. !37451
  • Ensure User's preferred_language always has a value. !37464
  • Wiki controller should not crash with non-html format. !37466
  • Fix local Tiller not being default-enabled on the frontend. !37494
  • Fix sizing of pins for new design comments. !37541
  • Remove status dropdown in merged tab. !37544
  • Resolve UX Polish: Fix icon styles. !37546
  • UX Polish: Remove the header Designs on empty state. !37548
  • Fix creating release asset links when using the API. !37557
  • UX Polish: Update top right Upload button from Green to Grey. !37558
  • Fix bio container width on profile page. !37572
  • Fix bug in group runners filtered search. !37626 (Arthur de Lapertosa Lisboa)
  • Move partitioning backfill migration to post-deployment. !37633
  • Fix missing path for avatars of bots. !37671
  • Fix merge ref head comments for removed lines. !37755
  • Query Jira projects by key or name and return all Jira projects in one query. !37799
  • Make file icons extension detection be case-insensitive. !37817
  • Allow anonymous users to view embedded Grafana metrics in public project. !37844
  • Fix dependency proxy not working with object storage. !37878
  • Fix review app links are not shown in MR widgets in public projects. !37923
  • Fix dark mode container registry text. !37940
  • Refactor spec/policies and ee/spec/policies to fix SaveBang Cop. !37956 (Rajendra Kadam)
  • Static Site Editor: Fix ordered list formatting bug and rendering bug in strong and emphasis nodes with softbreaks. !37964
  • Fix overflow issues with monaco file editor. !37984
  • Fix error when blob has no auxiliary viewer. !38018
  • Fix HTML not rendering in last commit widget. !38047
  • Fix 500 error when unconfirmed OAuth2 user with 2FA logs in. !38104
  • Fix console errors due to monaco-yaml's outdated use of monaco.Promise. !38135
  • Refactor spec/finders and ee/spec/finders to fix SaveBang Cop. !38173 (Rajendra Kadam)
  • Align activity dropdown height with other dropdowns. !38208
  • Fix 500 for pipeline charts page. !38226
  • Resolve Pasting an image into a comment still uploades a design. !38280
  • Refactor ee/spec/features/* to fix SaveBang Cop. !38289 (Rajendra Kadam)
  • Add workaround for Chrome 84 SVG bug. !38304
  • Fix a Gradle bug where a package without a version would be created and thus not displayed on the UI. !38338
  • Fixes the history button link URL being encoded incorrectly. !38392
  • Refactor spec/workers/* to fix SaveBang Cop. !38399 (Rajendra Kadam)
  • Use Gitaly protobuf version as DiffStats cache key. !38414
  • Fix highlight commented rows. !38420
  • Fix vertical alignment of some svg icons. !38550
  • Fix Incident and Alert mobile CSS and alignment. !38577
  • Refactor spec/features/merge_requests/* to fix Rails/SaveBang Cop. !38591 (Rajendra Kadam)
  • Add transparent background to remove button in tree item list. !38597
  • Update password change sign-in banner text. !38606
  • Display authored message correctly on public snippets viewed by unauthenticated users. !38614
  • Fix vertical alignment of svg icons on Jobs page. !38656
  • Fix URLs of issues in VSA dashboard. !38703
  • Remove duplicate authorized_projects entries during refresh. !38715
  • Fix multiline comment rendering. !38721
  • Improve rendering of very large files in the Repo File Browser. !38733
  • Optimize click area in design version dropdown. !38747
  • Fix notification setting for group with dot in name. !38773
  • Fix bug where filtering would sometimes display only open issues on different pages listing issues. !38906
  • Refactor spec/views/* and ee/spec/views/* to fix Rails/SaveBang Cop. !38981 (Rajendra Kadam)
  • Refactor spec/support/helpers/* and ee/spec/support/helpers/* to fix Rails/SaveBang Cop. !38995 (Rajendra Kadam)
  • Fix parallel jobs dropdown from cutting off in small pipeline graphs. !39108
  • Add expire_at to PipelineArtifact. !39114
  • Add not null constraint for file to ci_pipeline_artifacts. !39118
  • Fix gitlab-rake gitlab:license:info crashing when no license exists. !39143
  • Fix cancel button on New Release page. !39144
  • Fix submit button tooltips for forms with quick submit behavior. !39225
  • Fix scroll stuck on editor in snippets. !39251
  • Fix: New File page file name field unclickable in mobile view. !39310
  • Fix CI job artifacts metadata not extracting on some S3 providers. !39345
  • Add default value for file_store to ci_pipeline_artifacts. !39349
  • Handle user mapping for Jira server instances. !39362
  • Ignore the sources node from the cobertura XML. !39385
  • Fix Composer installation code snippet to include package name and version. !39400
  • Fix failing bitbucket server import when project slug differs from name. !39433
  • Right-aligned Clone dropdown for snippets. !39446
  • Fix missing scoped label borders for todos. !39459
  • Move gitlab-managed alerts embeds to core as documented. !39509
  • Allow crawler access to api. !39520
  • Fix panel "more actions" button layout. !39534
  • Use history icon on recent search filter tab only on mobile. !39557 (Takuya Noguchi)
  • Conan packages allow for conan_sources.tgz and conan_export.tgz files. !39559
  • Fix horizontal scrolling on blocked/private profile pages. !39568
  • Fixed discussion not expanding when replying to a collapsed discussion. !39571
  • Fix pagination for bitbucket server importer. !39598
  • Fix missing resolve button when replying to notes in MRs. !39614
  • Fix Conan recipe display in the package details page. !39643
  • Fix bug when promoting an Issue with attachments to an Epic. !39654
  • Fix broken date time picker hide button. !39755
  • Fix time zone config not respected in multi-threaded servers. !39778
  • Use correct order when repositioning existing designs. !39826
  • Center align pipeline graph icons. !39848
  • Coerce string object storage options to booleans. !39901

Deprecated (4 changes)

  • Deprecation of ECS template. !36143
  • Remove Jump to next unresolved thread button in merge request threads. !38375
  • Deprecate blob field on GraphQL SnippetType. !39088
  • Deprecate additions and deletions attributes in Repositories API. !39653

Changed (144 changes, 12 of them are from the community)

  • Show full commit message by default in merge request diff. !27981 (Gilang Gumilar)
  • Use fingerprint column on events to ensure event uniqueness. !31021
  • Disable application_settings_tokens_optional_encryption feature flag. !31798 (Gilang Gumilar)
  • Disable ci_runners_tokens_optional_encryption feature flag. !31800 (Gilang Gumilar)
  • Update Buildkite Service for supported events, fields, and always verify SSL. !33697 (Juanito Fatas)
  • Allow OAuth to auto link LDAP users via email address. !33767 (Niko Wenselowski)
  • Pre-fill the email input on sign-in / sign up pages. !33851
  • Store user mentions from merge request title or description in the DB. !34378
  • Allow multiline Prometheus queries in metrics dashboards yaml. !34508
  • Increase contrast between UTC label and input. !34998
  • Increase CI instance variable value limit. !35063
  • Rewrite integration form in Vue. !35453
  • Improved fork page design. !35592
  • Add sign_in_count to /users/:id API for admins. !35726 (Luc Didry)
  • Updates GitLab managed app Ingress version to 1.40.2. !35924
  • Make scoped snippet routing a default one. !36091
  • Show clone button for activity on project page. !36147
  • Replace fa-angle-up icons with GitLab SVG. !36429
  • Migrate '.fa-spinner' to gl-loading-icon within shared boards haml. !36436
  • Package feature moved to core. !36667
  • Replace fa-history icons with GitLab SVG history icon. !36691
  • Add serverless empty state illustration. !36762
  • Allow an issue or MR to be locked and unlocked without page refresh. !36773
  • Exclude todos from general analytics accumulator ping. !36813
  • Migrate license_management artifacts to license_scanning type. !36817
  • When generating markdown for ordered lists, the list marker should not increment. !36851
  • Rename snippet GraphQL files field to blob_actions. !36852
  • Track milestone and state changes in issues / MRs using resource events. !36936
  • Update project remove modal to add additional warnings. !36962
  • Replace fa-plus icons with GitLab SVG plus icon. !36972
  • Limit database deprecation notice window. !37009
  • Changes limit for terraform artifacts to 5MB. !37018
  • Replace fa-ban icons with "cancel" from GitLab SVG. !37067
  • Move service desk usage data to core. !37080
  • Add concurrency support for Git repository backups. !37158
  • Replace some FA icons on groups listing page with GitLab SVG icons. !37162
  • Remove extraneous <br> tags from the source file when using the Static Site Editor. !37223
  • Remove flag and document max artifact size plan limits. !37226
  • Replacing View Full Report button with GitLab UI. !37236
  • Show meaningful message when applying inapplicable suggestion. !37267
  • Return SSH key details in /internal/allowed response. !37289
  • Change PagerDuty webhook URL. !37321
  • Shorten 'enable LFS' manage for design management. !37385
  • Show all snippet files when embedding. !37412
  • Add target_details column to AuditEvent table. !37430
  • Improve the IA and styling of the Success screen in the Static Site Editor. !37475
  • Add Cilium APIs as part of kube_client. !37526
  • Introduce ci_needs_size_limit to fine control needs. !37568
  • Migrate service desk setting button to gl-button. !37612
  • External auth adheres to local request setting. !37622
  • Remove feature flag managed_apps_local_tiller. !37641
  • Bring SAST to Core - bandit, Flawfinder, Gitleaks, Gosec, Kubesec, NodeJsScan, phpcs-security-audit, PMD, Security Code Scan, Sobelow, SpotBugs. !37648
  • Replace fa-bell icons with GitLab SVG notifications icon. !37676
  • Update gitlab-shell to v13.4.0. !37677
  • Move clone button out of blob header. !37696
  • Use normal font weight for Design Management dropzone text. !37787
  • Replace fa-sign-out icons with GitLab SVG leave icon. !37794
  • Add relative positioning on designs. !37835
  • Backfill relative positions on designs. !37837
  • Add search bar for incidents. !37885
  • Add composer tab and package type to package list. !37928
  • Add closed issue icon to incidents list for closed incidents. !37949
  • Update size limits for SCA artifacts. !37975
  • Update label select vue gl button. !37986
  • Update suggest gitlab ci popover to gl-button. !37987
  • Add pagination to the incident list. !37993
  • Rejects duplicated pypi files. !38006
  • Use new badge style for 'archived' project badge. !38013
  • Remove Duplicate Dashboard item from dashboards dropdown. !38053
  • Replace fa-git icons with link svg. !38078
  • Enforce namespace storage limit via app setting. !38094
  • Replace fa-certificate icon with first-contribution svg. !38154
  • Use the uploaded file set by middleware in Repositories::LfsStorageController. !38167
  • Migrate new project item select FA icons. !38177
  • Add sorting by date for incident list. !38178
  • Consistent labels for new/edit group URL. !38180
  • Change date time picker units. !38232
  • Switch manifest importer to new UI. !38268
  • Add incident count badge to the incident list. !38278
  • In metrics view, change default dashboard name to Overview. !38292
  • Hide languages with few translations. !38312
  • Reorganize group member management into tabs. !38344
  • Changed wording for optional approvals. !38393
  • Upgrade to Gitaly v13.3.0-rc3. !38405
  • Re-name "Delete" button to "Archive" in Design Management. !38446 (Getulio Valentin Sánchez @gvso)
  • Allow users with developer access level for given project to view kubernetes pod logs. !38467
  • Set minimum Redis version to 4 and recommended version to 5 in Redis check task. !38475
  • Re-name project remove as project delete. !38489
  • Replace fa-info-circle icons with GitLab SVG information icon. !38505
  • Take DAG view out of beta. !38517
  • Specify Ruby image in FailFast template. !38523
  • Update color and vertical alignment of project feature toggle. !38537
  • Remove repositories from previous storage when storage move succeeds. !38547
  • Add database migrations to prepare for future Geo replication. !38549
  • Added minimum value of 1KB to wiki_page_max_content_bytes. !38554 (Uday Aggarwal (uday.agg97))
  • Stop using priority and weight keys in metrics dashboards. !38572
  • Add copy for Jira issues integration to GitLab issues empty state. !38586
  • Add Mark as done capability to Alert To Do's. !38595
  • Button migration vulnerability charts. !38610
  • Change the job stuck page to use UI library components. !38618
  • Order projects within the project dropdown by relevance in analytics features. !38675
  • Enable New Package details UI, remove feature flag and remove all old code. !38680
  • Update the project deletion confirmation modal to be more specific, the confirmation phrase now includes the project full path. !38700
  • Replace v-popover directive with GlPopover in ./app/assets/javascripts/pipelines/components/pipelines_list/pipeline_url.vue.vue. !38769 (Gilang Gumilar)
  • Add installation instructions for Composer. !38779
  • Track wiki page views in usage data. !38784
  • Update incident_issues usage ping to use issue type column. !38864
  • Migrate custom metric form buttons. !38896 (George Tsiolis)
  • Migrate enable review app button in environments. !38897 (George Tsiolis)
  • Add migration helper index for Vulnerabilities::Finding table. !38898
  • Migrate maintenance mode settings button. !38901
  • Replace with in app/assets/javascripts/pipelines/components/graph/action_component.vue. !38923
  • Add a cache column for the number of changed files in a merge request diff. !38936
  • Change UI and add new actions to monitor dashboard actions menu. !38946
  • Support unitless single stat chart in metrics dashboards. !39067
  • Update preferences for homepage/dashboard wording. !39092
  • Update design mgmt navigation to use gl-button. !39104
  • Enable design management reference filter by default. !39113
  • Deprecated btn migration. !39154
  • Update auto-build-image to v0.4.0 for an updated version of the pack CLI (v0.12.0) for Cloud Native Buildpack builds. !39159
  • Change "gauge-chart" to "gauge" in YML panel configuration for gauge charts. !39184
  • Enable FF ci_variables_api_filter_environment_scope by default. !39209
  • Code navigation displays references when browsing repository. !39214
  • Replace fa-book icon with GitLab SVG book icon. !39247
  • Replace fa-close icons with GitLab SVG close icon. !39267
  • Update auto-deploy-image to v1.0.0, including a locally vendored auto-deploy-app chart instead of charts.gitlab.io. !39272
  • Improve environment dropdowns in operations metrics dashboard and highlight selected environment. !39303
  • Replace Go Back with Collapse button for expanded Metric charts. !39307
  • Replace issues icon with Gitlab SVG. !39313
  • Replace fa-power-off icon with GitLab SVG power icon. !39330
  • Remove transition animation from the Container Registry UI. !39337
  • Replace mis-used CSS class in operations settings. !39338
  • Enable Multiline Comments by default. !39370
  • Enable delete button on Package group level view list. !39430
  • Enabled monaco_blobs FF by default. !39441
  • Import the new queries in common_metrics.yml into database. !39475
  • Make View full report button open link in new tab. !39501
  • Bump CodeQuality templates to version 0.85.10-gitlab.1. !39502
  • Allow query/query_range keys in metrics dashboard to contain numbers. !39530
  • Enable reorder_designs feature by default. !39555
  • Return snippet binary blob content in GraphQL. !39583
  • Add anchors to profile preferences. !39589
  • Expose ID in Event object returned from the public API. !39669 (Killian Brackey @kbrackey)
  • Rename create issue button to create incidents in ALert details. !39684

Performance (25 changes)

  • Add mechanism that efficiently increments ActiveRecord counters using Redis. !35878
  • Add limit for wiki page content size. !36729
  • Reduce 'cached' query calls for Banzai. !36735
  • Fix N+1 issue in Explore Projects controller. !36874
  • Avoid N+1 of issue associations in Search. !36941
  • Replace FontAwesome fa-clock icon with SVG icon. !37123
  • Inverse pipeline for its build associations. !37478
  • Fix N+1 for project/:id/issues API endpoint. !37508
  • Preload build report results for pipeline builds. !37582
  • Always use expanded env name to load persisted environment. !37585
  • Improve performance of test report with summary and test suite endpoints. !37629
  • Preload number of pipeline warnings for commits. !37669
  • Add PipelineArtifact data model. !37969
  • Replace index for service usage data. !38147
  • Serialize fewer pipeline fields for MR widget. !38215
  • Improve performance of Banzai reference filters. !38290
  • Skip subsequent topology Prometheus queries if timeout occur. !38293
  • Remove some unnecessary Redis calls on commit lists. !38343
  • Speed up commit lists and file blob pages on repositories with huge amounts of branches or tags. !38484
  • Add index for compliance merged MRs to events. !38885
  • Swap RepositoryHashCache to UNLINK. !39105
  • Increase sidebar performance by not rendering k8s highlight when not needed. !39228
  • Use more-efficient indexing for the MergeRequestDiff storage migration. !39470
  • Add secure index for coverage fuzzing. !39569
  • Performance and robustness improvements for relative positioning. !39807

Added (138 changes, 6 of them are from the community)

  • Add Rust Dockerfile to GitLab templates. !28167
  • Add mutation to create a label or default backlog list for an issue board. !31233
  • Allow labels argument for merge request create mutation. !32637
  • Add btree_gist PGSQL extension and add DB constraints for Iteration date ranges. !33340
  • Add cilium to Kubernetes apps list. !33703
  • Define matrix builds for more complex pipelines. !33705
  • Support getting a todo for an alert in GraphQL API. !34789
  • Resolve Set a deploy freeze in the UI. !35163
  • Display notes on merge ref head diff. !35422
  • Add note_id to timelogs. !35916 (Lee Tickett)
  • Prompt to resolve unresolved threads on an MR is a button that jumps to the first such thread. !36164
  • Expose board list issues via GraphQL. !36259
  • Add internal api for getting personal access tokens from gitlab-shell. !36302 (Taylan Develioglu @tdevelioglu)
  • Add auto_link_user OmniAuth setting. !36664
  • Add Draft to WIP for work in progress merge requests. !36666
  • Add gauge chart type to the monitoring dashboards. !36674
  • Add Prevent forking outside group feature. !36848
  • Show Security Warning Modal for fork pipelines. !36951
  • Add usage ping for coverage_fuzzing. !36960
  • Use _ character for emphasis and * for strong in Static Site Editor markdown syntax. !36965
  • Add migration for deployment_type of Jira server in jira_tracker_data table. !36992
  • Add system note to alert when corresponding issue is closed. !37039
  • Add locked as an argument to updateIssue. !37105
  • Add PagerDuty incident integration. !37193
  • Add container registry observations to usage ping. !37203
  • Support dry-run cherry-picks and reverts via API. !37240
  • Show full time range in metrics dashboard charts. !37243
  • Geo: Add file store indexes. !37265
  • Add ability to turn off "project moved" notifications. !37269
  • Add basic incidents list. !37314
  • Allow to create merge request pipelines in target project when user has permission. !37322
  • Add external column to custom emoji table. !37346 (Rajendra Kadam)
  • Add issue_type column to issues table. !37402
  • Added webPath and descriptionHtml types to the repository GraphQL entities. !37416
  • Add monthly usage ping data for analytics. !37417
  • Added section names to code owner approvals in merge request form. !37425
  • Add a new K8s Pod health metrics dashboard. !37482
  • Update versions tab to other versions. !37513
  • Add metrics dashboard templates for the standard file blob selector. !37519
  • Add custom metrics dashboard templates supports. !37523
  • Allow optional keyset pagination for branch list API. !37524
  • Add default_membership_role column to saml_providers table. !37552
  • Add NuGet lock files support to Dependency Scanning CI template. !37553
  • Migrate vulnerability statistics historical data to vulnerability historical statistics. !37554
  • Surface timeafo for created date in Incidents List. !37567
  • Add parenthesis support for if: conditions. !37574
  • Show mapped user in Jira import form dropdown. !37575
  • Add GraphQL mutation to re-order designs. !37603
  • Display assignees in Incident List. !37608
  • Add ENV vars that expose source and target repository for CI Pipelines that run on an External Pull Requests. !37616 (Rafael Dohms @rdohms)
  • Add DB table and model to track changes of the iterations on issues. !37617
  • Migrate all 'incident' labelled issues to have issue type 'incident'. !37668
  • Resolve Allow the ability to re-order designs. !37686
  • Add target_project_id to merge_request_metrics table. !37713
  • Allow user to update issue labels via GraphQL. !37728
  • Sets issue type for incident issues to incident. !37781
  • Create incident from the incidents list page. !37802
  • Add personal_access_tokens list to REST API. !37806
  • Allow user to simulate pipeline creation via CI Lint and go beyond syntax checks. !37828
  • Adds clarifying documentation on EKS IAM roles. !37870
  • Add API support for issue and merge request templates. !37890 (Jan Beckmann)
  • Add confidential attribute to graphQL for notes update. !37920
  • Add confidential attribute to public API for notes update. !37932
  • Filter Issues in GraphQL by type of Issue. !38017
  • Allows setting of issue subscribe status in GraphQL API. !38051
  • Add deployment_events flag to web_hooks table. !38080
  • Allow assign/unassign users to issues in GraphQL API. !38081
  • Email notification for expired personal access token. !38086
  • Upgrade CI to Git v2.28.0. !38152
  • Add project milestones to GraphQL API. !38153
  • Make the deploy freeze table responsive. !38213
  • Add option to query a single board list with GraphQL API. !38216
  • Add symlink label text to blob viewer. !38220
  • Add support for runbook url to PrometheusAlert table. !38234
  • Add dashboard_path to PrometheusMetric. !38237
  • Add support for specifying AWS S3 Server Side Encryption (AWS-KMS). !38240
  • Add issue status counts to Projects in GraphQL. !38263
  • Auto expand collapsed diffs when viewing diffs file-by-file. !38296
  • Add hide_backlog_list and hide_closed_list attributes to boards table. !38303
  • GraphQL mutation to move issue within board lists. !38309
  • Redirect to new metrics dashboard page. !38364
  • Add experiments and experiment_users tables for tracking which users are enrolled for which experiments. !38397
  • Save usage data in database. !38457
  • Move old integrations to Settings > General and introduce instance-level integrations. !38488
  • Expose runbook field in alert_management_alert GraphQL API. !38510
  • Add CoverageReportsController#index CSV response. !38520
  • Add support for never keyword in expire_in job artifacts. !38578 (Fabio Huser)
  • Add attributes to filter project merge requests by merged at date in GraphQL. !38584
  • Add resolved_on_default_branch column into vulnerabilities table. !38638
  • Add alert url into incident issue markdown. !38649
  • Return gitaly info in kubernetes internal API. !38654
  • Add GraphQL query for a single milestone. !38682
  • Add milestone_id param to issue update graphQL mutation. !38684
  • Added pre-processing step to the Static Site Editor so code templates (ERB) are interpreted as code not content. !38694
  • Backfill null values to prepare for Geo replication feature. !38719
  • Update gitlab-shell to v13.5.0. !38720
  • UI warning messages for pipeline configurations. !38734
  • Enable state tracking for managed applications installed via the management project. !38759
  • Set Incident issue type when creating issue. !38760
  • Add pre-processing step so inline ERB and HTML syntax are wrapped in codeblocks for code vs. content editing in the static site editor's WYSIWYG mode. !38791
  • Add protected branches count to usage ping. !38797
  • Add include_parent_milestones param to project and group milestones API endpoints. !38800
  • Clean up orphaned LFS file references during GC. !38813
  • Add database migrations to ensure Geo replicates all package files when sync object storage is disabled. !38822
  • Add pre-processing step so preexisting codeblocks are preserved prior to flagging content as code in the static site editor's WYSIWYG mode. !38834
  • Add model for CiliumNetworkPolicy. !38848
  • Expose alert information for environments. !38881
  • Add Azure Blob Storage support. !38882
  • Add webhooks for deployments. !38902
  • Add "New Release" page to allow creation of releases through the interface. !38913
  • Add GraphQL mutation for updating board list position and collapsed/expanded state. !38942
  • Add due_date filter param to Issues REST API. !38973
  • Support adding of API requests to the performance bar. !39057
  • Expose counts (pipeline, commits) and approvers for a merge request in GraphQL. !39086
  • Add total_weight and issues_count fields to the board list graphQL endpoint. !39110
  • Make available new UI for adding a panel to a metrics dashboard. !39124
  • Improve submission behavior of the New/Edit Release page. !39145
  • Allows NuGet to authenticate with Job Token. !39147
  • Upgrade Pages to 1.22.0. !39172
  • Upgrade Workhorse to v8.38.0. !39223
  • JUnit test report on pipeline detail page. !39260
  • Allow GraphQL pipeline to resolve non-CI pipelines and expose configSource field. !39275
  • GraphQL: Issues - Added 'include_subgroup' parameter. !39279
  • Enable :resource_access_token feature flag by default. !39287
  • Add runbook to metric chart dropdown. !39288
  • Add runbooks to metric alerts. !39315
  • Preserve active tab on alert details page reload. !39369
  • GraphQL: Add user to pipeline + status and email to user + StatusType. !39402
  • Add external link icon to list of repositories in importer. !39442
  • Add target_type to audit_events. !39461
  • Enable read SPDX catalogue from local copy. !39463
  • Show runbook for alert in detail view. !39477
  • Link to logs from GitLab-managed alert metrics. !39487
  • Add SECRET_DETECTION_EXCLUDED_PATHS env var. !39523
  • Add pipeline_artifacts_size to project_statistics. !39607
  • Setup basic level telemetry for navigation. !39638
  • Update gitlab-shell to v13.6.0. !39675
  • Empty State for the Incident list. !39718

Other (69 changes, 9 of them are from the community)

  • Remove globe icon from explore projects dropdown. !21659
  • Remove mr_tabs_position feature flag. !29340 (Lee Tickett)
  • Improve Elasticsearch Reindexing documentation. !29788
  • Remove createIssues logic from list model. !32236 (nuwe1)
  • Unify Prometheus metric initialization by always using inline transaction metrics. !32980
  • Adds models and tables for cluster agent and cluster agent tokens. !33228
  • Remove updated_at column on audit_events table. !35690
  • Replace fa-pencil-square-o icons with GitLab SVG icons. !36059
  • Replace fa-rss with GitLab SVG icon. !36553
  • Limit project moved e-mails to maintainers/owners. !36665
  • Backfill personal snippets statistics. !36801
  • Set default bullet char character as - when generating markdown in Static Site Editor. !36820
  • Replace with in app/assets/javascripts/pipelines/components/graph/linked_pipeline.vue. !36968
  • Replace fa-link icons with GitLab SVG link icon. !36973
  • Consolidate issuable_header_warning for both MR and issue. !37043
  • Remove index from chat_names and service_id. !37054
  • Making component diagram click-friendly. !37147 (Arjun Pravin @Sgt.Arjun)
  • Replace fa-pause with pause svg. !37149
  • Replace fa-replace icon with svg. !37228
  • Replace fa-key icon with svg. !37251
  • Remove app_server_type from top level usage ping. !37279
  • Update GitLab Runner Helm Chart to 0.19.0. !37292
  • Use ES6 methods instead of for loops. !37324 (allenlai18)
  • Remove legacy pipeline processing service and FF ci_atomic_processing. !37339
  • Cleanup migration to drop temporary table untracked_files_for_uploads if exists. !37352
  • Fix the MR number in CHANGELOG. !37399
  • Immediately update project statistics when running housekeeping or repository cleanup. !37579
  • Update GitLab Runner Helm Chart to 0.19.1. !37583
  • Add index to resource_milestone_events for add actions. !37636
  • Capitalize CloudFlare in documentation. !37704 (Takuya Noguchi)
  • Use Cloudflare in comments. !37764 (Takuya Noguchi)
  • Update $gray-400 hex and replace instances of $gray-400 with $gray-200. !37813
  • Add link to issue details page from Incident list page. !37814
  • Remove link to Cloudflare cert for Pages. !37876 (Takuya Noguchi)
  • Add incident state columns. !37889
  • Move file store updates and mount_uploader into a concern. !37907
  • Set appropriate timeouts for PrometheusClient. !37924
  • Remove GitlabIssueTrackerService database records. !37931
  • Remove title and description columns from services table. !37936
  • Fix misalignment of download icon on jobs page. !37966
  • Automatically calculate the database connection pool size. !38049
  • Remove per-web-transaction redis metrics. !38101
  • ee Updating $gray-500 hex value and replacing instances with $gray-300. !38229
  • Removes the old UI page. !38277
  • Log raw pre-receive message in fast-forward merge. !38354
  • Replace times-circle with GitLab SVG clear icon. !38409
  • Add telemetry for instance-level and template integrations. !38459
  • Add group_id column to the services table. !38499
  • Replace fa-play/pause icons with svg. !38535
  • Add telemetry for projects inheriting instance settings. !38561
  • Move button in Settings > Webhooks to the right. !38650
  • Replace deprecated button on vulnerability details page. !38679
  • Collect node CPU and memory utilization in usage ping. !38681
  • Improve unfurling support for /search. !38699
  • Add can_push column to group_deploy_keys_groups table. !38714
  • Log raw pre receive error for create branch service. !38749
  • Change to glbutton component in CI variables list. !38757
  • Replace deprecated buttons in dashboard header. !38830
  • Remove :gzip_diff_cache feature flag. !38838
  • Replace some fa-trash icons with GitLab SVG remove icon. !38964
  • Productivity Analytics: Improve error message when query takes too long to calculate. !39074
  • Adds an environment variable override to disable unstructured logs. !39109
  • Remove not-null constraint on type column in audit_events. !39192
  • Set longer Prometheus timeouts in PrometheusService. !39318
  • Use active version of Redis for an example. !39404 (Takuya Noguchi)
  • Remove FF ci_composite_status and related codes. !39498
  • Remove a card-small class from HAML files. !39550 (Takuya Noguchi)
  • Provide versioning support to Sidekiq workers. !39562
  • Replace fa-pencil icon with GitLab SVG. !39648

13.2.8 (2020-09-02)

Security (1 change)

  • Protect OAuth endpoints from brute force/password stuffing.

13.2.7 (2020-09-02)

Security (23 changes, 1 of them is from the community)

  • Check validity of project's import_url before mirroring repository.
  • Show on two-factor authentication setup page groups that are the cause of this requirement.
  • Prevent interrupted 2FA sign-in from signing-in incorrect user.
  • Create new 2FA code each time user is entering 2FA setup page.
  • Remove all sessions but current while enabling 2FA.
  • Invalidate two factor sign-in when user password changes.
  • Delete members invites created by users being deleted.
  • Prevent OmniAuth from rendering arbitrary error messages.
  • Prevent not-2fa authenticated users that are supposed to use it to consume api via session.
  • Invalidate remember me when an active session is revoked.
  • Add rate limit on webhooks testing feature.
  • Add scope presence validation to OAuth Application creation.
  • Allow only running job tokens for API authentication.
  • Prevent Deploy Tokens to read project resources when repository is disabled.
  • Change conan api to use proper workhorse validation.
  • Ensure global ID is of Snippet type in GraphQL destroy mutation.
  • Fix Improper Access Control on Deploy-Key.
  • Set maximum limit for profile events.
  • Persist EKS External ID before presenting it to the user.
  • Prevent project maintainers from editing group badges.
  • Upgrade jquery to v3.5.
  • Update websocket-extensions gem to 0.1.5. (Vitor Meireles De Sousa)
  • Update GitLab Runner Helm Chart to 0.18.3.

13.2.6 (2020-08-18)

  • No changes.

13.2.5 (2020-08-17)

Security (2 changes)

  • Stop deploy token being mis-used as user in ProjectPolicy and GroupPolicy.
  • Project access is checked during deploy token authentication.

13.2.4 (2020-08-11)

Security (1 change)

  • Add decompressed archive size validation on Project/Group Import. !38736

Fixed (1 change)

  • Fix automatic issue creation via Prometheus alerts. !37884

13.2.3 (2020-08-05)

Security (12 changes)

  • Update kramdown gem to version 2.3.0.
  • Enforce 2FA on Doorkeeper controllers.
  • Revoke OAuth grants when a user revokes an application.
  • Refresh project authorizations when transferring groups.
  • Stop excess logs from failure to send invite email when group no longer exists.
  • Verify confirmed email for OAuth Authorize POST endpoint.
  • Fix XSS in Markdown reference tooltips.
  • Fix XSS in milestone tooltips.
  • Fix xss vulnerability on jobs view.
  • Block 40-character hexadecimal branches.
  • Prevent a temporary access escalation before group memberships are recalculated when specialized project share workers are enabled.
  • Update GitLab Runner Helm Chart to 0.18.2.

13.2.2 (2020-07-29)

Fixed (3 changes)

  • Coerce repository_storages_weighted, removes repository_storages. !36376
  • Fix JiraImportUsersInput startAt field. !37492
  • Provide better git error message when the user is unconfirmed. !37944

Changed (1 change)

  • Skip mass unconfirming users when send_user_confirmation_email setting is off. !38024

13.2.0 (2020-07-22)

Security (3 changes)

  • Unconfirm wrongfully verified email addresses and user accounts. !35492
  • Make logrotate run as git user for source installations. !35519
  • Replace misleading text in re-confirmation emails. !36634

Removed (7 changes, 2 of them are from the community)

  • Remove deprecated dashboard & group milestone pages. !13237
  • Removed UltraAuth integration for OmniAuth. !29330 (Kartikey Tanna)
  • Remove all search autocomplete for groups/projects/other. !31187
  • Remove temporary datepicker position fix as it is no longer required. !31836 (Arun Kumar Mohan)
  • Remove the ability to customize the title and description of some integrations (Bugzilla, Custom Issue Tracker, Redmine, and YouTrack). !33298
  • Drop deprecated **_ANALYZER_IMAGE_PREFIX. !34325
  • Remove Internet Explorer 11 specific polyfills. !36830

Fixed (300 changes, 79 of them are from the community)

  • Remove broken hyperlink from close and reopen button. !22220 (Lee Tickett)
  • Fix 'Active' checkbox text in Pipeline Schedule form to be a label. !27054 (Jonston Chan)
  • Fix back button when switching MR tabs. !29862 (Lee Tickett)
  • Remove ability to scroll Issue while in Design View. !29881
  • Fix merge request note label URLs. !30428 (Lee Tickett)
  • Fix default path when creating project from group template. !30597 (Lee Tickett)
  • Fixed issue (#198424) that prevented k8s authentication with intermediate certificates. !31254 (Abdelrahman Mohamed)
  • Fix group transfer service to deny moving group to its subgroup. !31495 (Abhisek Datta)
  • Fix issuable listings with any label filter. !31729
  • Move prepend to last in ee-app-services. !31838 (Rajendra Kadam)
  • Fallback to lowest visibility level in snippet visibility radio. !31847 (Jacopo Beschi @jacopo-beschi)
  • Add class stubs and fix leaky constant alert in query limit helper spec. !31949 (Rajendra Kadam)
  • Remove usage of spam constants in spec. !31959 (Rajendra Kadam)
  • Fix leaky constant issue in uninstall progress service check. !32036 (Rajendra Kadam)
  • Fix leaky constant issue in commit entity spec. !32039 (Rajendra Kadam)
  • Fix leaky constant issue in task completion status spec. !32043 (Rajendra Kadam)
  • Fix leaky constant issue in admin mode migration spec. !32074 (Rajendra Kadam)
  • Fix leaky constant issue in sidekiq middleware server metric spec. !32104 (Rajendra Kadam)
  • Fix leaky constant issue in sidekiq middleware client metric spec. !32108 (Rajendra Kadam)
  • Fix leaky constant issue in path regex spec. !32115 (Rajendra Kadam)
  • Fix leaky constant issue importer and cache headers spec. !32122 (Rajendra Kadam)
  • Fix leaky constant issue in relation factory spec. !32129 (Rajendra Kadam)
  • Fix leaky constant issue in test coverage spec. !32134 (Rajendra Kadam)
  • Prevent emails to user on expiry of impersonation token. !32140
  • Fix leaky constant issue in diff collection spec. !32163 (Rajendra Kadam)
  • Fix leaky constant issue in migration helpers, with lock retries and ignored cols spec. !32170 (Rajendra Kadam)
  • Fix leaky constant issue in factory spec. !32174 (Rajendra Kadam)
  • Fix leaky constant issue in creds factory spec. !32176 (Rajendra Kadam)
  • Use applogger in project import state file. !32182 (Rajendra Kadam)
  • Use applogger in project.rb. !32183 (Rajendra Kadam)
  • Use applogger in chat_team.rb. !32184 (Rajendra Kadam)
  • Use applogger in repository model. !32185 (Rajendra Kadam)
  • Use applogger in build and ssh host key. !32187 (Rajendra Kadam)
  • Use applogger in cache attrs and highest role ruby files. !32189 (Rajendra Kadam)
  • Use applogger in legacy project and namespace. !32190 (Rajendra Kadam)
  • Use applogger in base.rb. !32191 (Rajendra Kadam)
  • Use applogger in usage ping and webhook service. !32192 (Rajendra Kadam)
  • Use applogger in exclusive_lease_guard. !32194 (Rajendra Kadam)
  • Use applogger in groups destroy service and label create service. !32195 (Rajendra Kadam)
  • Use applogger in merge_service.rb. !32196 (Rajendra Kadam)
  • Use applogger in project create service and after import service. !32198 (Rajendra Kadam)
  • Use applogger in update stats service. !32200 (Rajendra Kadam)
  • Use applogger in base attachment service. !32201 (Rajendra Kadam)
  • Use applogger in export service. !32203 (Rajendra Kadam)
  • Use applogger in akismet service. !32205 (Rajendra Kadam)
  • Use applogger in file mover file. !32206 (Rajendra Kadam)
  • Use applogger in commit signature worker. !32207 (Rajendra Kadam)
  • Use applogger in delete user worker. !32209 (Rajendra Kadam)
  • Use applogger in email receiver worker. !32211 (Rajendra Kadam)
  • Use applogger in artifact worker. !32212 (Rajendra Kadam)
  • Use applogger in new note worker. !32213 (Rajendra Kadam)
  • Fix duplicate filename displayed in design todos. !32274 (Arun Kumar Mohan)
  • Add value length validations for instance level variable. !32303
  • Resolve image overflow at releases list panel. !32307
  • Clean up shared/tmp folder after Import/Export. !32326
  • Fix creating release evidence if release is created via UI. !32441
  • GraphQL hasNextPage and hasPreviousPage return correct values. !32476
  • Fix loading and empty state styling for alerts list. !32531
  • Resolve incorrect x-axis padding on the Environments Dashboard. !32533
  • Fix time_tracking help link. !32552
  • Don't display confidential note icon on confidential issue public notes. !32571
  • Update container expiration policy database defaults. !32600
  • Fix rendering of emojis in status tooltips. !32604
  • Remove :prevent_closing_blocked_issues feature flag. !32630 (Lee Tickett)
  • Hid copy contents button when blob has rendering error. !32632
  • Avoid refresh to show endedAt after mutation. !32636
  • Fix for metrics creation when saving MR. !32668
  • Skip the individual JIRA issues if failed to import vs failing the whole batch. !32673
  • Hide "Import from Jira" option from non-entitled users. !32685
  • Allow special characters in dashboard path. !32714
  • Fix broken help link on operations settings page. !32722
  • Allow different in bulk editing issues. !32734
  • Fix whitespace changes overgrowing the diff container. !32774
  • Improve spacing and wrapping of group actions buttons and stats in group list view. !32786
  • Fix "Broadcast Messages" table overflow and button alignment. !32801
  • Fix 404 when downloading a non-archive artifact. !32811
  • Make commits author button confirm to Pajamas specs. !32821
  • Fix filename duplication in design notes in activity feeds. !32823 (Arun Kumar Mohan)
  • Prevent multiple Auto DevOps deployment jobs running concurrently when using manual rollout. !32824
  • Implement displaying downstream pipeline error details. !32844
  • Fix Runner heartbeats that results in considering them offline. !32851
  • Conan package registry support for the conan_export.tgz file. !32866
  • Fix plural message in account deletion section. !32868
  • Fix atomic processing bumping a lock_version. !32914
  • AsciiDoc: Add support for built-in alignment roles. !32928 (mnrvwl)
  • Fix a bug where some Vue apps would be unable to load when DAG tab is disabled. !32966
  • Fix undefined error in Gitlab::Git::Diff. !32967
  • Fix spelling error on Ci::RunnersFinder. !32985 (Arthur de Lapertosa Lisboa)
  • Fix polling for resource events. !33025
  • Fix broken CSS classes inside alert management list. !33038
  • Fix bug in snippet create mutation with non ActiveRecord errors. !33085
  • Fix overflow issue in MR and Issue comments. !33100
  • Fix alignment of button text on the Edit Release page. !33104
  • Deduplicate URL parameters when requesting merge request diffs which causes diffs load to fail. !33117
  • Fix tabbing through form fields in projects/new flow. !33209
  • Fix incorrect commit search results returned when searching with ref. !33216
  • Issue list page shows correct status for moved re-opened issues. !33238
  • Fix NoMethodError by using the correct method to report exceptions to Sentry. !33260
  • Fix KaTeX font paths. !33338
  • Resolve Fix Incomplete Kubernetes Cluster Status List. !33344
  • Fix auto-merge not running after discussions resolved. !33371
  • Fix bug in snippets updating only file_name or content. !33375
  • Resolve "WebIDE displays blank file incorrectly". !33391
  • Fix invisible emoji modal on Set Status form when clicked the second time. !33398
  • vertically center action icon in the CI pipeline. !33427 (Nathanael Weber)
  • Wrap auto merge parameters update in database transaction. !33471
  • Return 404 response when redirecting request with invalid url. !33492
  • Fix ambiguous string concatenation on CleanupProjectsWithMissingNamespace. !33497
  • Fix snippet repository import edge cases. !33506
  • Rust CI template: Replace --all with --workspace on cargo test. !33517 (Markus Becker)
  • Make markdown textarea links tab-accessible. !33518
  • Pass hard delete option to snippets bulk destroy. !33520
  • Fix CI rules for ECS related jobs. !33527
  • Update GitLab Workhorse to v8.34.0. !33543
  • Fix snippet repository import fail with older export files. !33584
  • Web IDE: Create template files in the folder from which new file request was made. !33585 (Ashesh Vidyut)
  • Improve header acccessibility. !33603
  • Remove non migrated snippets from failed imports. !33621
  • Prevent duplicate issues when importing from CSV. !33626
  • Fix sidebar spacing for alert details. !33630
  • Fix linking alerts to created issues for the Generic alerts intergration. !33647
  • Resolve spacing ux debt on Release assets form field. !33684
  • Fix pagination link header. !33714 (Max Wittig)
  • When clicking multiple times to leave a single comment, the input field should remain focused. !33742
  • Allow wiki pages with +<> characters in their title to be saved. !33803
  • Fix force_remove_source_branch not working in API. !33804
  • Fix prometheus alerts not being automatically created. !33806
  • Fix pagination for resource label events. !33821
  • Fix pagination for resource milestone events api. !33845
  • Return code navigation path for nil diff_refs. !33850
  • Record audit event when an admin creates a new SSH Key for a user via the API. !33859 (Rajendra Kadam)
  • Do not create duplicate issues for exising Alert Management alerts. !33860
  • Add link text to collapsed left sidebar links for screen readers. !33866
  • Update text in error tracking list error message. !33872
  • Ensure that alerts are shown when prometheus service is active. !33928
  • Fixed dashboard YAML file validaiton for files which do not contain object as root element. !33935
  • Fix design note scrolling. !33939
  • Updated the Android CI Script. !34007 (s-ayush2903)
  • Update validates_hostname gem with support for more TLDs. !34010
  • Remove default "archived" parameter value from Groups API's projects endpoint. !34018 (Justin Sleep)
  • Fix approval rule type when project rule has users/groups. !34026
  • Update wording of addMultipleToDiscussionWarning. !34088
  • Show all storages in settings. !34093
  • Set author as nullable in snippet GraphQL Type. !34135
  • Fix rendering of very long paths in merge request file tree. !34153
  • Fix 500 errors and false positive warnings during metrics dashboard validation. !34166
  • Remove not null constraint from events tables. !34190
  • Ensure we always generate a valid wiki event URL. !34191
  • Send information about attached files to the GraphQL mutation. !34221
  • Update issue limits template to use minutes. !34254
  • Add route for the lost-and-found group and update the route of orphaned projects. !34285
  • Make markdown textarea buttons tab accessible. !34300
  • GraphQL - properly handle pagination of millisecond-precision timestamps. !34352
  • Fix 500 error in BlobController#delete. !34367
  • Updated Auto DevOps with a fix to delete PostgreSQL PVC on environment cleanup, a fix for multiline K8S_SECRET variables, updated Helm to 2.16.7 and glibc to 2.31. !34399 (verenion)
  • Updates Helm version to 2.16.7, which has some fixes. !34452
  • Align "External" access level row in the user admin form. !34455 (Eduardo Sanz @esanzgar)
  • Fix issues with scroll on iOS / iPad OS. !34486
  • Add environment_scope filter to ci-variables API. !34490
  • Fix order of integrations to be sorted alphabetically. !34501
  • Fix undefined method error. !34522
  • Fix static site editor raw (has front matter) <-> body (lacks front matter) content changes sync. !34523
  • Use Keys::DestroyService for deleting an SSH key when an admin deletes a key via the API. !34535 (Rajendra Kadam)
  • Removed default artifact name for Terraform template. !34557
  • Record audit event when a user creates a new SSH Key for themselves via the API. !34645 (Rajendra Kadam)
  • Restrict alert assignee user search to current project in alert management details. !34649
  • Limit alert assignment to only users who can read alerts. !34681
  • Use Keys::DestroyService for deleting an SSH key when a user deletes a key via the API. !34718 (Rajendra Kadam)
  • Use GpgKeys::CreateService when an admin creates a new GPG key for a user. !34737 (Rajendra Kadam)
  • Sort code coverage graph in ascending order. !34750
  • Fix Issue sticky title URL hash offset. !34764
  • Fix broken todo GraphQL API filtering when filtering by type. !34790
  • Use GpgKeys::CreateService when a user creates GPG keys for themselves via the API. !34817 (Rajendra Kadam)
  • Expand healtchecks 500s when DB is not available. !34844
  • Assign plan_id when building a new plan limit. !34845
  • Fix 500 errors with filenames that contain glob characters. !34864
  • Avoid updating snippet content when snippet_files content is not present. !34865
  • Ensure original repository is archived after a shard move. !34895
  • Fix issue suggestion text color on dark mode. !34899
  • Enclose release-cli steps in an array. !34913
  • Add DestroyService for GPG keys and use for deleting GPG keys via API. !34935 (Rajendra Kadam)
  • Resolve Misleading message displays when MR request is first submitted. !34958
  • Cancel review app deployment when MR is merged. !34960
  • Add RSpecs for Gitlab::Emoji module. !34980 (Rajendra Kadam)
  • Fix directory and last commit not loading for some filenames. !34985
  • Fix confidential warning not showing the issuable type. !34988
  • Fixed mermaid not rendering when switching diff tabs. !35023
  • Use GpgKeys::DestroyService when a user deletes GPG keys for themselves via the API. !35033 (Rajendra Kadam)
  • Fix alignment of navigation theme options. !35041
  • Support fenced code blocks in Atlassian Document Format converter. !35065
  • Fixed size limit for too large snippets. !35076
  • Don't include changes in webhook payload when old associations are empty. !35158
  • Fix release assets for Guest users of private projects. !35166
  • Properly set CI_DEPLOY_FREEZE variable in pipelines. !35226
  • Move 'Delete comment' button to bottom of 'More actions' list. !35237
  • Only run DAST job if Kubernetes active. !35259
  • Add instrumentation to Gitaly streamed responses. !35283
  • Fix pages_url for projects with mixed case path. !35300
  • Ensure .git/config is updated for forks. !35305
  • Defer updating .git/config for imported projects. !35308
  • Redirect wiki edit actions for missing pages. !35350
  • Fix styling bug for disabled merge button. !35365
  • Static Site Editor cant be opened in projects belonging to a subgroup. !35378
  • Resolve timeout in admin/jobs. !35385
  • Fix job log text color in dark mode. !35387
  • Minor UI fixes for Issue page in dark mode. !35395
  • Disable ILM on ELK vendor yaml. !35398
  • Improve alert list spacing. !35400
  • Fix path conflict for Ghost on UpdateRoutesForLostAndFoundGroupAndOrphanedProjects. !35425
  • Add tiller.log to Auto DevOps deployment job artifacts when AUTO_DEVOPS_DEPLOY_DEBUG is set. !35458
  • Resolve [Un]Assign Issue to/from Comment Author Action Visibility. !35459
  • Add email and email_verified claims to OAuth ID token. !35468 (André Hänsel)
  • Make ProjectUpdateRepositoryStorageWorker idempotent. !35483
  • Project bot users should always have their emails confirmed by default. !35498
  • Only show open Merge Requests in Web IDE. !35514
  • Remove Edit dashboard button from self monitoring dashboard. !35521
  • Guard against data integrity issues when canceling review app jobs. !35555
  • Use FLOAT_TYPE for storage limit. !35559
  • Enforce prometheus metric uniqueness across project scope. !35566
  • Use full version instead of short version for Sentry Error Release links. !35623
  • Propagate error on FF pre-receive failure. !35633
  • Support multiple mailboxes incoming email check. !35639
  • Fix Profile Applications page to be shown in correct locale. !35661
  • Fix 404 when importing project with developer permission. !35667
  • Fix incorrect text escaping in the Static Site Editor. !35671
  • Use the user's preferred language as default. !35676
  • Create associated routes when a new bot user is created. !35711
  • Prevent autosave when reply comment via cmd+enter. !35716
  • Fix border-radius-base SCSS value. !35740
  • Fix alert sort styling issues. !35741
  • Change the sort order for alert severity and status. !35774
  • Fix unique case where static site editor's custom renderer for identifier syntax didn't robustly handle inline code. !35775 (Derek Knox)
  • Save show whitespace changes. !35806
  • Fix existing repository_storages_weighted migrations. !35814
  • Fix error 500s creating new projects due to empty weights. !35829
  • Fix rendering alert issue description field. !35862
  • Fixed translation errors on MR Widget. !35888
  • Fix 500 errors with invalid access tokens. !35895
  • Change PrometheusMetrics identifier index. !35912
  • Backfill missing routes for Bot users. !35960
  • Add generic message when no pipeline in MR. !35980
  • Conditionally render Docker row checkbox. !36000 (gfyoung)
  • Fix missing avatar in MR widget. !36034
  • Fix comment loading error in issues and merge requests. !36043
  • Fix routing for paths starting with help and projects. !36048
  • Fix infinite loading spinner for related merge requests on commit pipelines tab. !36077
  • Use error.message instead of error in importer.log. !36104
  • Remove hardcoded reference to gitlab.com in NPM .gitlab-ci.yml template. !36124
  • Remove dashboard panels' tabindex where is not needed. !36168
  • Fix Project#pages_url not to downcase url path. !36183
  • Remove border from related merge requests/issues counter. !36272
  • Fail jobs that fail to render registration response. !36274
  • Sort metrics dashboard panels and groups using a stable sort. !36278
  • Remove HTML link from plain text mail. !36301
  • Fix wrong value of checkbox in integration form. !36329
  • Add a Rake task to fix incorrectly-recorded external diffs. !36353
  • Fix single file editor with long branch name. !36371
  • Allow self monitoring dashboard to be duplicated. !36433
  • Propagate DS_JAVA_VERSION for dependency scanning. !36448
  • Fix to display speech bubble on hover over image on commits page. !36470 (Adam Alvis @adamalvis)
  • Fix to remove speech bubble on hover over image on MR Overview tab. !36474 (Adam Alvis @adamalvis)
  • Add DOCKERFILE_PATH to Auto DevOps workflow:rules. !36475
  • Show symlink icon in repository browser. !36524
  • Snippet comments where any line begins with a slash following an alphabetic character can't be published. !36563
  • Exclude services relation from Project Import/Export. !36569
  • Permanently close Jira import success alert. !36571
  • Fix dashboard schema validation issue. !36577
  • Refactor issues controller spec to fix SaveBang Cop. !36582 (Rajendra Kadam)
  • Fix positioning of mr/issue count. !36621
  • Update to Grape v1.4.0. !36628
  • Fix API errors when null value is given for the bio. !36650
  • Avoid 500 errors with long expiration dates in tokens. !36657
  • Remove CI/CD variable validations on AWS keys. !36679
  • Ensure to run unassign issuables worker when not in a transaction. !36680
  • Mark existing Project Bot Users as confirmed. !36692
  • Fix error message when saving an integration and testing the settings. !36700
  • Do not depend on artifacts from previous stages in Auto DevOps deployments. !36741
  • Delete tracking records on partitioning migration rollback. !36743
  • Updates Helm version to 2.16.9 which has some fixes. !36746
  • Web IDE: Page title should not be .editorconfig when the IDE is first loaded. !36783
  • Removes fixes that broke the pipeline table. !36803
  • Refactor group controllers specs to fix SaveBang Cop. !36853 (Rajendra Kadam)
  • Fix the default metrics dashboard to work on K8s versions 1.12 to 1.16. !36863
  • Fix incorrect marking MR as Draft. !36869
  • Use an array for fetching same_family_pipeline_ids. !36883
  • Remove extra Secret-Detection job on merge requests. !36884
  • Remove Rails Optimistic Locking monkeypatch. !36893
  • Refactor projects controllers specs to fix SaveBang Cop. !36920 (Rajendra Kadam)
  • Fix background overflow when design note is selected. !36931
  • Fix bulk editing labels bug. !36981
  • Fix not being able to add more than one CI variable through the UI. !37001
  • Uses --set-string to avoid Helm confusion over short SHA vs Scientific Notation. !37004 (Bryan H. @galador)
  • Fix displaying import errors from server. !37073
  • Fix failing dashboard schema validation calls. !37108
  • Fix showing MLC form on replies. !37139
  • Set experiementation cookie for GitLab domain only.
  • Prevent duplicate health status text on epics.
  • Add DS detection of build.gradle.kts.
  • Fix for test report link in MR widget.
  • Footer system message fix.

Deprecated (1 change, 1 of them is from the community)

  • Remove the unused worker code and its queue. !32595 (Ravishankar)

Changed (191 changes, 9 of them are from the community)

  • Deduplicate labels with identical title and project. !21384
  • Add a GraphQL endpoint to fetch Jira projects through its REST API. !28190
  • Change legends in monitor dashboards to tabular layout. !30131
  • Move pipelines routing under /-/ scope. !30730
  • Set markdown toolbar to use hyphens for lists. !31426
  • Use sprites for comment icons on Commits. !31696
  • Rate limit project export by user. !31719
  • Reorder diffs compare versions dropdowns. !31770 (Gilang Gumilar)
  • Enable the in this group action in the Search dropdown. !31939
  • Externalize i18n strings from ./app/views/shared/_promo.html.haml. !32109 (Gilang Gumilar)
  • Add Usage Ping count for all searches. !32111
  • Add tags_count to container registry api and controller. !32141
  • Externalize i18n strings from ./app/views/shared/milestones/_sidebar.html.haml. !32150 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_form_dates.html.haml. !32162 (Gilang Gumilar)
  • Improve Container Registry UI header. !32424
  • Added node size to cluster index. !32435
  • Enable display of wiki events in activity streams. !32475
  • Update operations metrics settings title and description to make them general. !32494
  • Track merge_requests_users usage data. !32562
  • Adds cluster CPU and Memory to cluster index. !32601
  • Allow the snippet create service to accept an array of files. !32649
  • Move review related controllers/workers outside EE. !32663
  • Move the Members section from settings to the side nav for projects. !32667
  • Show more context in unresolved jump button. !32737
  • Exclude extra.server fields from exceptions_json.log. !32770
  • Improve new/unknown sign-in email styling. !32808
  • Allow the snippet update service to accept an array of files. !32832
  • Add new issue link to email notification header. !32833
  • Bump cluster-applications to 0.17.0, which updates Runner to 0.17.0 and Cilium to 1.7.4. !32931
  • Update artifacts section to show when an artifact is locked. !32992
  • Show clone button on project page for readme preference. !33023
  • Include tag count in the image repository list. !33027
  • Clean up gitlab-shell install-from-source path. !33057
  • Increase LFS token default time to 2 hours. !33140
  • Add the unique visits data to the usage ping. !33146
  • Add explicit mention of Merge request in Slack message. !33152
  • Expose release_links.type via API. !33154
  • Add link_type column to release_links table. !33156
  • Move broadcast notification dismiss button to the top. !33174
  • Remove null constraint for JID in GroupImportState. !33181
  • Added provider type icon to cluster list. !33196
  • Remove search icon from Project find file button. !33198
  • Refine SAST language detection by frameworks. !33226
  • Render Merge request reference as link. !33248
  • Upgrade to Gitaly v13.1.0-rc1. !33302
  • Render Merge request reference as link in email templates. !33316
  • Show disabled suggestion button with tooltip message. !33357
  • Add update validations to SnippetInputAction. !33379
  • Add snippet DB visibility check in spec. !33388 (Jacopo Beschi @jacopo-beschi)
  • Add Hugo logo to project templates. !33402
  • Add GitBook logo to project templates. !33403
  • Add GoMicro logo to project templates. !33404
  • Add Jekyll logo to project templates. !33405
  • Add Hexo logo to project templates. !33406
  • Add UI to disable Service template when instance-level integration is active. !33490
  • Rename Add Designs button. !33491
  • Add CPU, memory usage charts to self monitoring default dashboard. !33532
  • Add database migrations to design_management_designs.filename to enforce a 255 character limit, and modify any filenames that exceed that limit. !33565
  • Track Sentry error status updates with dedicated actions. !33623
  • Alert Managament: Change sorting order to have newest alerts first. !33642
  • Add blobs field to SnippetType in GraphQL. !33657
  • Move Usage activity by stage for Configure to Core. !33672
  • Format metrics column chart x axis dates. !33681
  • Emit Bitbucket Server Importer metrics. !33700
  • Style ToastUI contextual menus. !33719
  • Update Auto deploy image to v0.16.1, introducing support for AUTO_DEVOPS_DEPLOY_DEBUG. !33799
  • Add whether instance has Auto DevOps enabled to usage ping. !33811
  • Update local IP address and domain name allow list input label. !33812
  • Add date time format to the monitor stacked-column chart. !33814
  • Allow Tf Plan to genrate multiple reports. !33867
  • Report all unique users for Secure scanners. !33881
  • Remove async_merge_request_check_mergeability feature flag. !33917
  • Filter potentially-sensitive Sidekiq arguments from logs and Sentry. !33967
  • Update Static Site Editor toolbar to group inline-code and code-block buttons together. !34006
  • Set default values for SAST_EXCLUDED_PATHS and DS_EXCLUDED_PATHS. !34076
  • Add ability to filter self monitoring resource usage charts by instance name. !34084
  • Add skeleton loader to cluster list. !34090
  • Pick repository storage based on weight. !34095
  • Use IP or cookie in known sign-in check. !34102
  • Prevents editing of non-markdown kramdown content in the Static Site Editor's WYSIWYG mode. !34185
  • Display error for YAML files that are too large. !34199
  • Change copy of webhooks / integration help text. !34301
  • Use CodeQuality 0.85.10 in the CI template. !34329
  • Update board header icons. !34366
  • Show Redis instance in performance bar. !34377
  • Extend members REST API with the option to unassign Issues and Merge Requests when member leaves team. !34388
  • Reorder snippets in lists using updated_at column. !34393 (Dibyadarshi Dash @ddash2)
  • Add files argument to snippet create mutation. !34449
  • Consolidate object storage config in one place. !34460
  • Add secret detection template to Auto DevOps. !34467
  • Add contextual menu to single stat panels. !34497
  • Add allowed actions to snippet input action. !34499
  • Add files argument to snippet update mutation. !34514
  • Change from vendor specific to Gitlab. !34576
  • Enable :ci_release_generation feature flag by default. !34633
  • Update gl-toggles with deprecated attributes. !34660
  • Adjust verbiage on repository storages settings page. !34675
  • Change redirect path after integration save. !34697
  • Refine UI of integration form. !34707
  • Change CI variable font family to monospace. !34788 (Aaron Walker)
  • Rename GraphQL AwardEmoji mutations to follow naming conventions, deprecating the old mutations. !34798
  • Improve error message when unconfirmed user tries to log in. !34818
  • Update LFS setting label. !34829 (George Tsiolis)
  • Display error if metrics dashboard YAML is too large. !34834
  • Add expand/collapse view to Terraform MR widget. !34879
  • Expose storage size limit for namespaces in GraphQL. !34882
  • Resolve Add no graph empty state for DAG. !35053
  • Remove pending and running tabs from pipelines list and remove count from finished tab. !35062
  • Stop removing NaN values from monitoring data series. !35086
  • Multiple Kubernetes clusters now available in GitLab core. !35094
  • Include snippets size in project statistics. !35120
  • Add parallel persistence for author_name on AuditEvent. !35130
  • Convert the Image tag UI from a table to a list view. !35138
  • Add personal and project snippet monthly counters to usage data. !35155
  • Exclude integrations (services) from Project Import/Export. !35249
  • Parameterize PG deprecation notice. !35271
  • Add inapplicable reason in MR suggestion Tooltip. !35276
  • Add snippets_size to namespace_root_storage_statistics. !35311
  • Rename Container Expiration Policies to Cleanup policy for tags. !35315
  • Expose snippets_size in ProjectStatistics Entity. !35316
  • Add snippets_size to ProjectStatistics GraphQL type. !35319
  • Update snippet and project statistics after certain events. !35340
  • Update the static site editor's markdown mode text to monospace to better reflect a code-editing experience. !35347 (Derek Knox)
  • Resolve Remove button row from environments empty state. !35413
  • Track last activity for Personal Access Token. !35471
  • Add GitLab username and name to the import users from Jira mutation response. !35542
  • Use local Tiller by default for GitLab-managed apps. !35562
  • Hide cleanup button for clusters with management project. !35576
  • Update integration form to use GitLab UI components. !35582
  • Add snippets_size to Group entity. !35585
  • Add snippets_size to RootStorageStatisticsType. !35586
  • Move merge_requests_users metric to stage section. !35593
  • Include snippets_size statistic inside RootStorageStatistics. !35601
  • Accept multiple blobs in snippets. !35605
  • Replace FA exchange icon with GitLab SVG. !35634
  • Require namespace path (and username) to be at least 2 chars long. !35649
  • Remove count for pending/running/finished pipelines in tabs. !35693
  • Display commits search in mobile & adjust text. !35702
  • Open source cluster health dashboard and make it available to all users. !35721
  • Update snippet statistics after project import. !35730
  • Remove the second prompt to accept or decline an invitation. !35777
  • Track wiki page views in Snowplow. !35784
  • Use the application's default_branch_name when available when initializing a new repo with a README. !35801
  • Use native Gitaly pagination for Branch list API. !35819
  • Move file link to bottom in Web IDE. !35847
  • Package APIs moved to core. !35919
  • Allow setting extra tags for Sentry exceptions with GITLAB_SENTRY_EXTRA_TAGS. !35965
  • Include personal snippets size in RootStorageStatistics. !35984
  • Change Alert fingerprint index to run when status is not resolved. !36024
  • Update namespace statistics after personal snippet update/removal. !36031
  • Add details rows to Container Registry Tags List. !36036
  • Add raw snippet repository file endpoint to API. !36037
  • Move monitor stage usage activity to CE. !36067
  • Move release stage usage activity to CE. !36083
  • Move create stage usage activity to CE. !36086
  • Move plan stage usage activity to CE. !36087
  • Move manage stage usage activity to CE. !36089
  • Move verify stage usage activity to CE. !36090
  • Move alert integrations setting to Vue. !36110
  • Use new vuex store for code quality MR widget. !36120
  • Remove non-unique index on merge_request_metrics.merge_request_id column. !36170
  • Cleanup policies: display API error messages under form field. !36190
  • Replace fa-comment / fa-comments icons with GitLab SVG. !36206
  • Update rack-timeout to 0.5.2. !36289
  • Bring SAST to Core - eslint. !36392
  • Replace initial dashboard loading state with a loading spinner, show dashboard skeleton earlier with smaller loading indicators. !36399
  • Merge tslint secure analyzer with eslint secure analyzer. !36400
  • Expose issue ID via GraphQL. !36412
  • Add broken tag state to tags list items. !36442
  • Fix UI quirks with pipeline schedule cron options. !36471
  • Update eslint secure analyzer to analyze jsx. !36505
  • Display informative error for status updates on duplicate alerts. !36527
  • Change default value in application_settings.issues_create_limit to be 0. !36558
  • Expose approvals fields for FOSS FE. !36564
  • Move service desk feature to core. !36613
  • Check WIP status after all other possible statuses. !36624
  • Add new models for DAST site profiles as part of DAST on-demand scans. !36659
  • Add date to x-axes timestamps. !36675
  • Make the Design Collection more visible in the Issue UI. !36681
  • Add correlation between trigger job and child pipeline. !36750
  • Static Site Editor: Set default sublist indent spaces to four space characters. !36756
  • Add managed-apps section in log explorer. !36769
  • Use a Confluence icon for the project Confluence integration nav item. !36780
  • Remove file_path validation in snippet create action. !36809
  • Improve animations of design note selection in design management. !36927
  • Add entity_path column to audit_events table. !37041
  • Make DAG annotations stick. !37068
  • Support multiple files when editing snippets. !37079
  • Change loading MR message wording. !37181
  • Assign alerts sidebar base.
  • Improved UX of the code navigation popover.

Performance (50 changes, 1 of them is from the community)

  • Improve performance of commit search by limiting the number of results requested. !32260
  • Add GraphQL lookahead support. !32373
  • Update index_ci_builds_on_commit_id_and_artifacts_expireatandidpartial index for secret_detection. !32584
  • Add index on id and type for Snippets. !32885
  • Use build_stubbed to avoid interacting with the DB in todos helper specs. !32906 (Arun Kumar Mohan)
  • Optimize SQL queries on Milestone index page. !32953
  • Add build report results data model. !32991
  • Improve the performance for loading large diffs on a Merge request. !33037
  • Adjust condition for partial indexes on services table. !33044
  • Add index to issues and epics on last_edited_by_id. !33075
  • Fix preconnect typo in rel link. !33255
  • Add project_id, user_id, status, ref index to ci_pipelines. !33290
  • Move migration related to ci_builds to post_deployment. !33416
  • Remove need to call commit (gitaly call) in ProjectPipelineStatus. !33712
  • Reduce redundant queries for Search API users scope. !33795
  • Speed up boot time in production. !33929
  • Harden CI pipelines usage data queries with an index. !34045
  • Use snapshot transfers for repository shard moves when possible. !34113
  • Add partial index on locked merge requets. !34127
  • Improve pipeline index controller performance by resolving Gitaly N+1 calls. !34160
  • Lazy load commit_date and authored_date on Commit. !34181
  • Optimize container repository for groups query. !34364
  • Further improve the performance for loading large diffs on a Merge request. !34516
  • Paginate the notes incremental fetch endpoint. !34628
  • Optimize rolling 28 days snippets counter. !34918
  • Only load project license if needed. !35068
  • Improve query to retrieve job artifacts with files stored locally. !35084
  • Preload commits markdown cache. !35314
  • Use BatchLoader for Project.forks_count to limit calls to Redis. !35328
  • Rework hardening CI pipelines usage data queries with an index. !35494
  • Performance improvement for job logs. !35504
  • Define a namespace traversal cache. !35713
  • MR diff migration: perform I/O outside of database transaction. !35734
  • Resolve N+1 in Search API projects scope. !35833
  • Optimize deployment counters for last 28 days. !35892
  • Trigger stackprof by sending a SIGUSR2 signal. !35993
  • Improve the search performance for merge requests. !36072
  • Reduce number of scanned commits for code intelligence. !36093
  • Improve snippet finders queries. !36292
  • Swap Grape over to Gitlab::Json. !36472
  • Add oj gem for faster JSON. !36555
  • Replace fa-eyes-slash icons with GitLab SVG eye-slash icon. !36602
  • Avoid N+1 calls for image_path when rendering commits. !36724
  • Enable BulkInsertSafe on Ci::BuildNeed. !36815
  • Remove optimized_count_users_by_group_id feature flag. !36953
  • Remove unindexed condition on label transfer. !37060
  • Speed up project creation for users with many projects. !37070
  • Split query for code-nav path into two queries. !37092
  • Use memoized start/finish for metrics based on issues table. !37155
  • Enable CI Atomic Processing by default.

Added (298 changes, 23 of them are from the community)

  • Release generation via gitlab-ci.yml documentation. !19237
  • Add rake task to verify encrypted data through secrets. !21851
  • User can apply multiple suggestions at the same time. !22439 (Jesse Hall)
  • Resolve Add a button to assign users who have commented on an issue. !23883
  • Add custom emoji model and database table. !24229 (Rajendra Kadam)
  • Resolve Graph code coverage changes over time for a project. !26174
  • Add doc for custom validators in api styleguide. !26734 (Rajendra Kadam)
  • Add Scheduled Job for Monitoring Monitor Group Demo Environments. !27360
  • Add setting to allow merge on skipped pipeline. !27490 (Mathieu Parent)
  • Add dark theme (alpha). !28252
  • Show estimate on issues list. !28271 (Lee Tickett)
  • Make Fixed Email Notification Generally Available. !28338 (jacopo-beschi)
  • Add a link to the renamed viewer to fully expand the renamed file (if it's text). !28448
  • Focus and toggle metrics dashboard panels via keyboard. !28603
  • Remove scoped_approval_rules feature flag. !28864 (Lee Tickett)
  • Create Group import UI for creating new Groups. !29271
  • Add finder for group-level runners. !29283 (Arthur de Lapertosa Lisboa)
  • Allow customization of badge key_text and key_width. !29381 (Fabian Schneider @fabsrc)
  • Support Workhorse directly uploading files to S3. !29389
  • Add frontend support for multiline comments. !29516
  • Support first_name and last_name attributes in LDAP user sync. !29542
  • Link to test reports from MR Widget. !29729
  • Add link to status page detail view for status page published issues. !30249
  • Add metrics dashboard name to document title. !30392
  • Backfill StatusPage::Published incidents and enable a publish quick action for EE. !30906
  • Add missing Merge Request fields. !30935
  • Show build status on branch list. !30948 (Lee Tickett)
  • Add mutation to create commits in GraphQL. !31102
  • Support quick actions when editing issue, merge request, and epic descriptions. !31186
  • Add GraphQL support for authored and assigned Merge Requests. !31227
  • Add usage data metrics for terraform states. !31280
  • Add usage data metrics for terraform reports. !31281
  • Add API endpoint for listing bridge jobs. !31370 (Abhijith Sivarajan)
  • SpamVerdictService can call external spam check endpoint. !31449
  • Move Admin note feature to GitLab Core. !31457 (Rajendra)
  • Add DAG serializer for pipelines controller. !31583
  • Save repository storages in application settings with weights. !31645
  • Add API endpoint for resource milestone events. !31720
  • Show import in progress screen for group imports. !31731
  • Add Verify/FailFast CI template. !31812
  • Improve Add/Remove Issue Labels API. !31864 (Lee Tickett)
  • Add mutation to create a merge request in GraphQL. !31867
  • Add warning popup for Elastic Stack update. !31972
  • Add API support for sharing groups with groups. !32008
  • Add the container expiration policy attribute to the project GraphQL type. !32100
  • Add GraphQL support for project and group labels. !32113
  • Add number of database calls to Prometheus metrics and logs for sidekiq and request. !32131
  • Filter pipelines by status. !32151
  • Filter pipelines based on url query params. !32230
  • Add metrics for Redis usage during Sidekiq job execution. !32265
  • Add filters to merge request fields. !32328
  • Support reading .editorconfig files inside of the Web IDE. !32378
  • [Frontend] Resolvable design discussions. !32399
  • Table index added to metrics_dashboard_annotations for future pruning of stale metrics Annotations for metrics dashboards are now checked for valid start and end dates. !32433
  • Enable GitLab-Flavored Markdown processing for design links. !32446
  • Filter Pipelines by Tag Name. !32470
  • Adds sorting by column to alert management list. !32478
  • Add project specific repository storage API. !32493
  • Adapt Limitable for system-wide features. !32574
  • Add application limits to instance level CI/CD variables. !32575
  • Add model for project level security auto-fix settings. !32577
  • Expose Jira imported issues count in GraphQL. !32580
  • Organize alerts by status tabs. !32582
  • Add note to ECS CI template. !32597
  • Add metrics for Redis usage during web requests. !32605
  • Add database and GraphQL support for alert assignees. !32609
  • Set fingerprints and increment events count for Alert Management alerts. !32613
  • Process stuck jira import jobs. !32643
  • Allow user to add custom links to their metrics dashboard panels. !32646
  • Add tags to experimental queue selector attributes. !32651
  • Allow generic endpoint to receive alerts from external Prometheus. !32676
  • Customize the Cloud Native Buildpack builder used with Auto Build. !32691
  • Add timezone display to alert based issue start time. !32702
  • Display dates on metrics dashboards in UTC time zone. !32746
  • Store Todo resolution method. !32753
  • Add Falco to the managed cluster apps template. !32779
  • Add experience_level to user_preferences. !32784
  • Add keyboard shortcuts to metrics dashboard. !32804
  • Remove metrics dashboard annotations attached to time periods older than two weeks. !32838
  • Monitor:Health metrics instrumenation. !32846
  • Adds PostHog as a CI/CD Managed Application. !32856
  • Groups API has top_level_only option to exclude subgroups. !32870
  • Create operations_feature_flags_issues table. !32876
  • Allow advanced API projects filtering for admins. !32879
  • Add api.js methods to update issues and merge requests. !32893
  • Render user-defined links in dashboard yml file on metrics dashboard. !32895
  • Create group_deploy_keys_groups intermediate table. !32901
  • Add accessibility report MR widget. !32902
  • Add a GraphQL mutation for toggling the resolved state of a Discussion. !32934
  • Added CI template for Dart. !32942 (agilob)
  • Add container expiration policy objects to the GraphQL API. !32944
  • Don't hide Commit tab in Web IDE when there are no changes yet. !32979
  • Add column for alert slack notifications. !33017
  • Add ability to insert an image via SSE. !33029
  • Add user root query to GraphQL API. !33041
  • Adds groupMembership and projectMembership to GraphQL API. !33049
  • Alerts list pagination. !33073
  • Add ApplicationSetting ui changes for repository_storages_weighted. !33096
  • Resolve Feature proposal: API for import from BitBucket Server. !33097
  • Add squash commits options as a project setting. !33099
  • Display confirmation modal when user exits SSE and there are unsaved changes. !33103
  • Add column dashboard_timezone to project_metrics_setting. !33120
  • Allow the assignment of alerts to users from the alert detail view. !33122
  • Add solarized dark for Web IDE. !33148
  • Add support for artifacts/exclude configuration. !33170
  • Add root users query to GraphQL API. !33195
  • Added validation for YAML files with metrics dashboard definitions. !33202
  • Create issue from alert. !33213
  • Add max import file size option. !33215 (Roger Meier)
  • Add system note when assigning user to alert. !33217
  • Add count of alerts from all sources to usage ping. !33220
  • Add button to create an issue from an alert management alert. !33221
  • Add more detail to alert integration settings description. !33244
  • Add Evidence to Releases GraphQL endpoint. !33254
  • Add support for pasting images in the Web IDE. !33256
  • Add ProjectAccessToken table. !33272
  • Automatically resolve alert when associated issue closes. !33278
  • Add Jira Importer user mapping form. !33320
  • Add link_type to ReleaseLink GraphQL type. !33386
  • Add setting to enable and disable shared Runners for a group and its descendants. !33411 (Arthur de Lapertosa Lisboa)
  • Add members to project graphQL endpoint. !33418
  • Update Static Site Editor WYSIWYG mode to hide front matter. !33441
  • Added delete action for Dashboard Annotations in GraphQL. !33468
  • Create graphQL endpoint for Jira users import. !33501
  • Support IAP protected prometheus installations. !33508
  • New instance-level variables UI. !33510
  • Add design activity in event streams. !33534
  • Allow developer role read-only access to Terraform state. !33573
  • Add support for git filter-repo to repository cleanup. !33576
  • Close open reply input fields in the design view sidebar when leaving a new comment. !33587
  • Add dashboard schema validation warnings as metrics dashboard GraphQL field. !33592
  • Add time range to user-defined links in metrics dashboard. !33663
  • Increase events count for Prometheus alerts. !33706
  • Add dashboard validation warning to metrics dashboard. !33769
  • Track pod logs refresh action. !33802
  • Expose all Jira projects endpoint through a GraphQL. !33861
  • Add secret detection template. !33869
  • Add new path to access project metrics dashboard. !33905
  • Add new raw snippet blob endpoint. !33938
  • Add DAG visualization MVC. !33958
  • Introduce a feature flag for Vue-based UI for all import providers. !33980
  • Add sticky title on Issue pages. !33983
  • Allow policies to override parent rules. !33990
  • Allow Release asset links to be associated with a type. !33998
  • Support user-defined Grafana links in metrics dashboard. !34003
  • Adds AWS guidance to CI/CD > Add Variable modal. !34009
  • Show custom attributes within Admin Pages. !34017 (Roger Meier)
  • Enable Slack notifications for alerts. !34038
  • Container expiration policy regular expressions are now validated. !34063
  • Add todo when alert is assigned to a user. !34104
  • Track merge requests submitted by Static Site Editor. !34105
  • Turn off alert issue creation by default. !34107
  • Add detailed logs of each Redis instance usage during job execution and web requests. !34110
  • Support metrics dashboard with file name. !34115
  • Add API to schedule project repository storage moves. !34119
  • Update diff discussion positions on demand. !34148
  • Add ability for user to manually create a todo for an alert. !34175
  • Add validation step on backend for metrics dashboard links. !34204
  • Track when Static Site Editor is initialized. !34215
  • Bring SAST to Core - brakeman. !34217
  • Mask key comments when exposing SSH/Deploy Keys via the API. !34255
  • Convert :release yaml to release-cli commands. !34261
  • Validate regex before sending them to CleanupContainerRepositoryWorker. !34282
  • Create vulnerability_statistics table. !34289
  • Add secret_detection to DOWNLOADABLE_TYPES. !34313
  • Enable ability to assign alerts to users with corresponding system notes and todos. !34360
  • Rolling 28 day time period counters for snippets. !34363
  • Add regex fields to the container expiration policy update mutation. !34389
  • Display Multiple Terraform Reports in MR Widget. !34392
  • Highlight commented rows. !34432
  • Add ci_builds_metadata.secrets column. !34480
  • Enable CI Inheriting Env Variables feature. !34495
  • Show tooltip on error detail page when hovering over dates. !34506
  • Show notification about empty stacktrace. !34517
  • Add native code intelligence. !34542
  • Add global setting to disable/enable email notification on unknown sign-ins. !34562
  • Bump cluster-applications version to v0.20.0. !34569
  • Send fixed pipeline notification by default. !34589
  • Add search argument for AlertStatusCountsResolver. !34596
  • Add clusters_applications_cilium DB table. !34601
  • Fetch metrics dashboard templating variable options using a Prometheus query. !34607
  • Add Jira users mapping to start Jira import mutation. !34609
  • Allow CI_JOB_TOKEN for authenticating to the Terraform state API. !34618
  • Search plain text in alert list frontend. !34631
  • Trigger unsaved changes warning in snippets on navigating away. !34640
  • Add Cilium to the ParseClusterApplicationsArtifactService. !34695
  • Use new icon for api preview. !34700 (Roger Meier)
  • Remove partial clone feature flag. !34703
  • Ability to use an arbitrary YAML blob to create CI pipelines. !34706
  • Upgrade GitLab Pages to 1.19.0. !34730
  • Add CI_PROJECT_ROOT_NAMESPACE predefined environment variable. !34733
  • Add override selector for project-level integrations. !34742
  • Create namespace_limits table with additional purchase columns. !34746
  • Add mutation to update merge requests. !34748
  • Add plan limits for max size per artifact type. !34767
  • Add package scope validation to Node.js template. !34778
  • Expose project deploy keys for autocompletion. !34875
  • Block invalid URLs in metrics dashboard chart links. !34888
  • Add release data to GraphQL endpoint. !34937
  • Add ref, released_at, milestones to release yml. !34943
  • Add option to unassign member from issuables when removing them from a project. !34946
  • Add diff stats fields to merge request type. !34966
  • Bump Gitaly to v13.2.0-rc1. !34977
  • Add prometheus_alert_id and environment_id to Alert management alerts. !34995
  • Add full width to single charts in a row. !34999
  • Support extensibility for Editor Lite. !35008
  • Add snippets_size to ProjectStatistics. !35017
  • Add SnippetStatistics model. !35026
  • Add metrics settings menu to dashboard header. !35028
  • Surface metrics charts on the alert detail page. !35044
  • Add milestone stats to GraphQL endpoint. !35066
  • Add a custom HTML renderer to the Static Site Editor for markdown identifier syntax. !35077
  • Expose ref, milestones, released_at to releaser-cli. !35115
  • Add snippet statistics logic. !35118
  • Allow files with .md.erb extension for the Static Site Editor. !35136
  • Add migration for experimental product analytics table. !35168
  • Extend ECS Deploy template with Fargate jobs. !35173
  • Upgrade Pages to 1.20.0. !35177
  • Automatically close related issue when resolving Alert Management Prometheus Alert. !35208
  • Create API to retrieve resource state events. !35210
  • Allow diffs to be viewed file-by-file. !35223 (rinslow)
  • Add indices for projects with disable_overriding_approvers_per_merge_request. !35224
  • Log name of class that failed to obtain exclusive lease. !35228
  • Render source job info in TriggeredPipelineEntity. !35232
  • Add refresh rate options to dashboard header. !35238
  • Add annotation component for DAG. !35240
  • Add a custom HTML renderer to the Static Site Editor for embedded ruby (ERB) syntax. !35261
  • Display metric label in single stat. !35289
  • Add issue column to alert list. !35291
  • Expose metrics dashboard URL for alert GraphQL query. !35293
  • Allow diffing changes in wiki history. !35330 (gwhyte, Steve Mokris)
  • Added support for reordering issues to the v4 API. !35349 (Joel @jjshoe, Lee Tickett @leetickett)
  • Add 'not' params to MergeRequests API endpoint. !35391
  • Implement GraphQL query to generate JSON for SAST config UI. !35397
  • Add system notes for status updates on alerts. !35467
  • Enable S3 Workhorse client if consolidated object settings used. !35480
  • Rolling 28 day time period counter for deployments. !35493
  • Add log statements to Projects::ContainerRepository::DeleteTagsService. !35539
  • Provide a label for 'Scheduled Pipeline' in the pipelines overview page. !35554
  • Add note about SSH key title being public information. !35574
  • Add todo pill styling for resolved alert. !35579
  • Add support for Markdown in the user's bio. !35604 (Riccardo Padovani)
  • Introduce prepare environment action to annotate non-deployment jobs. !35642
  • Add custom Dockerfile paths to Auto DevOps Build stage with DOCKERFILE_PATH. !35662 (thklein)
  • Add MergeRequest.diffStatsSummary.fileCount to graphql API. !35685
  • Introduces Group Level Delayed Project Removal Setting. !35689
  • Update cluster-applications to 0.23.0. !35691
  • Resolve user's todo when an alert is resolved. !35700
  • Show when alert is new in the Alerts list. !35708
  • Convert Import/Export rate limits to configurable application settings. !35728
  • Add installed state metrics for Cilium cluster application. !35808
  • Add support for linting based on schemas in WebIDE. !35838
  • Add a metrics settings button to the dashboard header. !35848
  • Prevent a project bot from being removed as member. !35899
  • Add background_migration_jobs table to trace background migrations. !35913
  • Allow prefixing with Draft to mark MR as WIP. !35940
  • FindRemoteRepository is storage scoped. !35962
  • Include project and subgroup milestones on Roadmap page. !35973
  • Todo Mutations should return the mutated todos. !35998
  • Add API support for instance-level Kubernetes clusters. !36001
  • Add count to imported Jira issues message. !36075
  • Add temporary storage increase column. !36107
  • Remove generic_alert_fingerprinting feature flag. !36148
  • Upgrade GitLab Pages to 1.21.0. !36214
  • Move approvals endpoints to FOSS version. !36237
  • Add initial custom HTML renderer to the Static Site Editor to prevent editing in WYSIWYG mode. !36250
  • Open new alert when existing alert is resolved. !36261
  • Add custom avatars for Alert and Support Bot. !36269
  • Add PagerDuty integration columns to project_incident_management_settings table. !36277
  • Enable Alerts dropdown in Operations Settings. !36296
  • Add number of approval project rules to usage ping. !36316
  • Add namespace settings table. !36321
  • Add a custom HTML renderer to the Static Site Editor for HTML block syntax. !36330
  • Expose gitlab managed apps logs inside log explorer. !36336
  • Add keyboard shortcut ('b') to copy MR source branch name on MR page. !36338
  • Add a custom HTML renderer to the Static Site Editor for font awesome inline HTML syntax. !36361
  • Add system note for alert when creating issue. !36370
  • Periodically update container registry type settings. !36415
  • Expands Jira integration to allow viewing and searching a list of of Jira issues directly within GitLab. !36435
  • Show Approve button on merge requests in Core. !36449
  • Measure adoption of package registry. !36514
  • If a user does not have write access to repo, but a fork exists, the Web IDE button should take them to the fork. !36548
  • Enable Batch Suggestins feature flag by default. !36561
  • Add default and non-default branch jobs for secret detection. !36570
  • Add a custom HTML renderer to the Static Site Editor for markdown identifier instance syntax. !36574
  • Add docs for Alert trigger test alerts. !36647
  • Support short urls for custom metrics dashboards. !36740
  • Update cluster-applications to 0.24.2. !36768
  • Add new Confluence integration for projects. !36781
  • Add confidential attribute to public API for notes creation. !36793
  • Add confidential attribute to graphQL for notes creation. !36799
  • Prometheus instances behind Google IAP can now be accessed via manual configurations. !36856
  • GraphQL mutation for changing locked status of an issue. !36866
  • Default the feature flag to true to always show the default initial branch name setting. !36889
  • Enable feature flag 'sectional_codeowners' Sections for Code Owners. !36902
  • Add pagination to iterations list. !37052
  • Add Jsonnet template for GitLab. !37058
  • Enable design activity events by default. !37107

Other (137 changes, 45 of them are from the community)

  • Improve fast-forward merge is not possible message. !22834 (Ben Bodenmiller)
  • Add node ci template. !25668
  • Deduplicate merge_request_metrics table. !29566
  • Remove unused WAF indexes from CI variables. !30021
  • Update the visual design of badges in some areas. !31646
  • Extract featurable concern from ProjectFeature. !31700 (Alexander Randa)
  • Remove update function logic from list model. !31900 (nuwe1)
  • Remove nextpage function logic from list model. !31904 (nuwe1)
  • Squash database migrations prior to 2019 into one. !31936
  • Update deprecated slot syntax in app/assets/javascripts/reports/components/grouped_test_reports_app.vue. !31975 (Gilang Gumilar)
  • Replace slot syntax for Vue 3 migration. !31987 (gaslan)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/admin/projects/index/components/delete_project_modal.vue. !31994 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/projects/labels/components/promote_label_modal.vue. !31995 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue. !32010 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/environments/components/environments_app.vue. !32011 (Gilang Gumilar)
  • Remove setLoadingState logic from issue model. !32226 (nuwe1)
  • Remove addAssignee logic from issue model. !32231 (nuwe1)
  • Remove addLabel Logic from issue models. !32233 (nuwe1)
  • Remove addMilestone logic from issue model. !32235 (nuwe1)
  • Remove destroy function logic from list model. !32237 (nuwe1)
  • Remove findAssignee logic from issue model. !32238 (nuwe1)
  • Remove findLabel logic from issue model. !32239 (nuwe1)
  • Remove findIssue logic from list model. !32241 (nuwe1)
  • Remove moveIssue logic from list model. !32242 (nuwe1)
  • Remove moveMultipleIssues logic from issue model. !32243 (nuwe1)
  • Remove newIssue logic from list model. !32244 (nuwe1)
  • Remove onNewIssueResponse logic from list model. !32245 (nuwe1)
  • Remove removeAllAssignees logic from issue model. !32247 (nuwe1)
  • Remove removeAssignee logic from issue model. !32248 (nuwe1)
  • Clarify verbiage for stuck job messages. !32250
  • Remove removeLabel logic from issue model. !32251 (nuwe1)
  • Remove removeLabels logic from issue model. !32252 (nuwe1)
  • Remove removeMilestone logic from issue model. !32253 (nuwe1)
  • Remove removeMultipleIssues logic from list model. !32254 (nuwe1)
  • Remove setFetchingState logic from issue model. !32255 (nuwe1)
  • Remove updateData logic from issue model. !32256 (nuwe1)
  • Update U2F docs for Firefox 67+. !32289 (Takuya Noguchi)
  • Update alert management mobile table alignment. !32295
  • Include available instance memory in usage ping. !32315
  • Moves merge request reviews into Core. !32558
  • Update GitLab Runner Helm Chart to 0.17.0. !32634
  • Add snowplow tracking for logs page. !32704
  • Extend "Remember me" token after each login. !32730
  • Assign alerts sidebar container fix. !32743
  • Add anchor for creating a branch. !32745
  • Tidy. !32759 (Lee Tickett)
  • Less verbose JiraService error logs. !32847
  • Reduced padding and increased emphasis of titles within the epic tree. !32873
  • Add source to resource state events. !32924
  • Remove obsolete users.ghost column. !32957
  • Move NoPrimary table def to last context in spec. !33015 (Rajendra Kadam)
  • Document github rate limit behavior. !33090
  • Added build_id column to requirements_management_test_reports table. !33184
  • Add version history information on U2F support. !33229 (Takuya Noguchi)
  • Convert IP spoofing errors into client errors. !33280
  • Update docs to reflect move web IDE Terminal and file sync to Core. !33419
  • Add hovering icon for sorting columns on alert management list. !33429
  • Upgrade Grape v1.1.0 to v1.3.3. !33450
  • Avoid javascript for omniauth logins. !33459 (Diego Louzán)
  • Add opacity transition to active design discussion pins. !33493
  • Update GitLab Runner Helm Chart to 0.17.1. !33504
  • Store pipeline creation errors and warnings into Ci::PipelineMessage. !33762
  • Make project selector in various dashboard more translatable. !33771
  • Update Workhorse to v8.35.0. !33817
  • Remove FF hide_token_from_runners_api. !33947
  • Bump omniauth_openid_connect to 0.3.5. !34030 (Roger Meier)
  • Specify tiers for SAML SSO at self-hosted plans. !34040 (Takuya Noguchi)
  • Backfill failed imported snippet repositories. !34052
  • Use GitLab SVG icon for file attacher action. !34196
  • Suppress progress on pulling on Performance Test. !34368 (Takuya Noguchi)
  • Update icon associated with attach a file actions. !34401
  • Add GraphQL snippet FileInputType. !34442
  • Move filter code into finder. !34470 (Ravishankar)
  • Update blue hex values to match GitLab UI. !34530
  • Remove legacy job log rendering. !34538
  • Update red hex values to match GitLab UI. !34544
  • Update green hex values to match GitLab UI. !34547
  • Validate the existing not null constraints on columns for ci_job_artifacts, lfs_objects, and uploads tables. !34568
  • Move HasStatus module to the Ci namespace. !34577 (blackst0ne)
  • Update pinned links to use GlButton. !34620
  • Add machine/sysname/release in topology usage ping. !34627
  • Remove build dependencies on code quality and license scanning. !34659
  • Add :section to approval_merge_request_rule unique index. !34680
  • Replace double angle icons with double chevron. !34736
  • Update Workhorse to v8.36.0. !34759
  • Update heart icon from FontAwesome to GitLab SVG. !34777
  • Fix broken CSS for system notes. !34870
  • Fix Gitaly duration tracking of RefService RPCs. !34904
  • Fix Gitaly duration timings of BlobService RPCs. !34906
  • Fix Gitaly duration timings for conflicts and search RPCs. !34909
  • Add validation for move action in SnippetInputAction. !34911
  • Fix Gitaly duration timings for other CommitService RPCs. !34933
  • Add project_key column to jira_tracker_data table. !34949
  • Update GitLab Runner Helm Chart to 0.18.0. !34969
  • Copy snippet route under - scope. !35020
  • Copy project snippet routes under - scope. !35022
  • Removes monkey patch to generate 6.0.3 style token. !35104
  • Create time-space partitions in separate schema gitlab_partitions_dynamic. !35137
  • Edit copy of DAG unsupported data alert. !35170
  • Move configuration for Alerts endpoint from "Settings > Integration" to "Settings > Operations > Alerts". !35187
  • Clean up GitlabIssueTrackerService database records. !35221
  • Throttle ProjectUpdateRepositoryStorageWorker Jobs. !35230
  • Suppress progress on docker pulling in builtin templates. !35253 (Takuya Noguchi)
  • Create schema for static partitions. !35268
  • Add default_branch_name to application_settings. !35282
  • Upgrade Gitaly to 13.2.0-rc2. !35345
  • Drop partitions_dynamic schema if it exists. !35426
  • Avoid grouping statement timeouts in Sentry. !35479
  • Database migration to add project_settings.has_confluence. !35485
  • Update UI links to docs in core features. !35488
  • Update Sidekiq to v5.2.9. !35495
  • Move profiles/keys#get_keys to users#ssh_keys. !35507 (Takuya Noguchi)
  • Add default_branch_name to ApplicationSettings visible attrs. !35681
  • Update GitLab Runner Helm Chart to 0.18.1. !35712
  • Prepare database for WebAuthn. !35797 (Jan Beckmann)
  • Remove dead Elasticsearch indexing code. !35936
  • Add alias expansion to Terraform documentation. !35941 (zmeggyesi)
  • Hide dropdown header on list view. !35954
  • Update GitLab Elasticsearch Indexer. !35966
  • Restore the search autocomplete for groups/project/other. !35983
  • Add issues_enabled column to jira_tracker_data table. !35987
  • Normalize the 'thumb-up', 'thumb-down' icon. !35988
  • Add migration to drop unused daily report results table. !36102
  • Updating $gray-200 hex value and remapping current instances to $gray-100. !36128
  • Removes ci_ensure_scheduling_type feature flag. !36140
  • Update more UI links to docs in core features. !36174
  • Format graphql files with prettier. !36244
  • Replace FA play icon with svg in pipeline schedule and admin runner page. !36379
  • Backfill project snippet statistics. !36444
  • Expose blob mode in GraphQL for repository files. !36488
  • Drop index of ruby objects in details on audit_events table. !36547
  • Expand Operations > Alerts section by default via link follow through. !36649
  • Update snippets housecleaning docs. !36715
  • Update Rouge to v3.21.0. !36942
  • Update GITLAB_WORKHORSE_VERSION to 8.37.0. !36988
  • Track the number of unique users who push, change wikis and change design managerment.
  • Remove removeIssue logic from list model. (nuwe1)

13.1.10 (2020-09-02)

Security (1 change)

  • Protect OAuth endpoints from brute force/password stuffing.

13.1.9 (2020-09-02)

Security (23 changes, 1 of them is from the community)

  • Check validity of project's import_url before mirroring repository.
  • Show on two-factor authentication setup page groups that are the cause of this requirement.
  • Prevent interrupted 2FA sign-in from signing-in incorrect user.
  • Create new 2FA code each time user is entering 2FA setup page.
  • Remove all sessions but current while enabling 2FA.
  • Invalidate two factor sign-in when user password changes.
  • Delete members invites created by users being deleted.
  • Prevent OmniAuth from rendering arbitrary error messages.
  • Prevent not-2fa authenticated users that are supposed to use it to consume api via session.
  • Invalidate remember me when an active session is revoked.
  • Add rate limit on webhooks testing feature.
  • Add scope presence validation to OAuth Application creation.
  • Allow only running job tokens for API authentication.
  • Prevent Deploy Tokens to read project resources when repository is disabled.
  • Change conan api to use proper workhorse validation.
  • Ensure global ID is of Snippet type in GraphQL destroy mutation.
  • Fix Improper Access Control on Deploy-Key.
  • Set maximum limit for profile events.
  • Persist EKS External ID before presenting it to the user.
  • Prevent project maintainers from editing group badges.
  • Upgrade jquery to v3.5.
  • Update websocket-extensions gem to 0.1.5. (Vitor Meireles De Sousa)
  • Update GitLab Runner Helm Chart to 0.18.3.

13.1.8 (2020-08-18)

  • No changes.

13.1.7 (2020-08-17)

Security (2 changes)

  • Stop deploy token being mis-used as user in ProjectPolicy and GroupPolicy.
  • Project access is checked during deploy token authentication.

13.1.6 (2020-08-05)

Security (11 changes)

  • Add decompressed archive size validation on Project/Group Import. !562
  • Enforce 2FA on Doorkeeper controllers.
  • Refresh project authorizations when transferring groups.
  • Stop excess logs from failure to send invite email when group no longer exists.
  • Verify confirmed email for OAuth Authorize POST endpoint.
  • Revoke OAuth grants when a user revokes an application.
  • Fix XSS in Markdown reference tooltips.
  • Fix XSS in milestone tooltips.
  • Fix xss vulnerability on jobs view.
  • Block 40-character hexadecimal branches.
  • Update GitLab Runner Helm Chart to 0.17.2.

13.1.5 (2020-07-23)

  • No changes.

13.1.3 (2020-07-06)

  • No changes.

13.1.2 (2020-07-01)

Security (18 changes)

  • Update xterm js dependency to latest stable 3.x version.
  • Do not show activity for users with private profiles.
  • Fix stored XSS in markdown renderer.
  • Upgrade swagger-ui to solve XSS issues.
  • Fix group deploy token API authorizations.
  • Check access when sending TODOs related to merge requests.
  • Change from hybrid to JSON cookies serializer.
  • Prevent XSS in group name validations.
  • Disable caching for wiki attachments.
  • Disable Github Importer API by settings.
  • Fix null byte error in upload path.
  • Update permissions for time tracking endpoints.
  • Add snippet repository validation after bundle import.
  • Update Kaminari gem.
  • Fix note author name rendering.
  • Sanitize bitbucket repo urls to mitigate XSS.
  • Stored XSS on the Error Tracking page.
  • Fix security issue when rendering issuable.

13.1.1 (2020-06-23)

Fixed (4 changes)

  • Fix missing templating vars set from URL in metrics dashboard. !34668
  • Fix edit status dropdown overflow. !34847
  • Load user before logging git http-requests. !34923
  • Do not mask key comments for DeployKeys. !35014

Added (1 change)

  • Periodically recompute project authorizations. !34071

13.1.0 (2020-06-22)

Removed (4 changes, 2 of them are from the community)

  • Remove deprecated dashboard & group milestone pages. !13237
  • Removed UltraAuth integration for OmniAuth. !29330 (Kartikey Tanna)
  • Remove all search autocomplete for groups/projects/other. !31187
  • Remove temporary datepicker position fix as it is no longer required. !31836 (Arun Kumar Mohan)

Fixed (154 changes, 57 of them are from the community)

  • Fix 'Active' checkbox text in Pipeline Schedule form to be a label. !27054 (Jonston Chan)
  • Fix back button when switching MR tabs. !29862 (Lee Tickett)
  • Remove ability to scroll Issue while in Design View. !29881
  • Fix merge request note label URLs. !30428 (Lee Tickett)
  • Fix default path when creating project from group template. !30597 (Lee Tickett)
  • Group authorization refresh to consider shared groups. !31204
  • Fix group transfer service to deny moving group to its subgroup. !31495 (Abhisek Datta)
  • Fix issuable listings with any label filter. !31729
  • Move prepend to last in ee-app-services. !31838 (Rajendra Kadam)
  • Fallback to lowest visibility level in snippet visibility radio. !31847 (Jacopo Beschi @jacopo-beschi)
  • Add class stubs and fix leaky constant alert in query limit helper spec. !31949 (Rajendra Kadam)
  • Remove usage of spam constants in spec. !31959 (Rajendra Kadam)
  • Fix leaky constant issue in uninstall progress service check. !32036 (Rajendra Kadam)
  • Fix leaky constant issue in commit entity spec. !32039 (Rajendra Kadam)
  • Fix leaky constant issue in task completion status spec. !32043 (Rajendra Kadam)
  • Fix leaky constant issue in admin mode migration spec. !32074 (Rajendra Kadam)
  • Fix leaky constant issue in sidekiq middleware server metric spec. !32104 (Rajendra Kadam)
  • Fix leaky constant issue in sidekiq middleware client metric spec. !32108 (Rajendra Kadam)
  • Fix leaky constant issue in path regex spec. !32115 (Rajendra Kadam)
  • Fix leaky constant issue importer and cache headers spec. !32122 (Rajendra Kadam)
  • Fix leaky constant issue in relation factory spec. !32129 (Rajendra Kadam)
  • Fix leaky constant issue in test coverage spec. !32134 (Rajendra Kadam)
  • Prevent emails to user on expiry of impersonation token. !32140
  • Fix leaky constant issue in diff collection spec. !32163 (Rajendra Kadam)
  • Fix leaky constant issue in migration helpers, with lock retries and ignored cols spec. !32170 (Rajendra Kadam)
  • Fix leaky constant issue in factory spec. !32174 (Rajendra Kadam)
  • Fix leaky constant issue in creds factory spec. !32176 (Rajendra Kadam)
  • Use applogger in project import state file. !32182 (Rajendra Kadam)
  • Use applogger in project.rb. !32183 (Rajendra Kadam)
  • Use applogger in chat_team.rb. !32184 (Rajendra Kadam)
  • Use applogger in repository model. !32185 (Rajendra Kadam)
  • Use applogger in build and ssh host key. !32187 (Rajendra Kadam)
  • Use applogger in cache attrs and highest role ruby files. !32189 (Rajendra Kadam)
  • Use applogger in legacy project and namespace. !32190 (Rajendra Kadam)
  • Use applogger in base.rb. !32191 (Rajendra Kadam)
  • Use applogger in usage ping and webhook service. !32192 (Rajendra Kadam)
  • Use applogger in exclusive_lease_guard. !32194 (Rajendra Kadam)
  • Use applogger in groups destroy service and label create service. !32195 (Rajendra Kadam)
  • Use applogger in merge_service.rb. !32196 (Rajendra Kadam)
  • Use applogger in project create service and after import service. !32198 (Rajendra Kadam)
  • Use applogger in update stats service. !32200 (Rajendra Kadam)
  • Use applogger in base attachment service. !32201 (Rajendra Kadam)
  • Use applogger in export service. !32203 (Rajendra Kadam)
  • Use applogger in akismet service. !32205 (Rajendra Kadam)
  • Use applogger in file mover file. !32206 (Rajendra Kadam)
  • Use applogger in commit signature worker. !32207 (Rajendra Kadam)
  • Use applogger in delete user worker. !32209 (Rajendra Kadam)
  • Use applogger in email receiver worker. !32211 (Rajendra Kadam)
  • Use applogger in artifact worker. !32212 (Rajendra Kadam)
  • Use applogger in new note worker. !32213 (Rajendra Kadam)
  • Fix duplicate filename displayed in design todos. !32274 (Arun Kumar Mohan)
  • Add value length validations for instance level variable. !32303
  • Resolve image overflow at releases list panel. !32307
  • Clean up shared/tmp folder after Import/Export. !32326
  • Fix creating release evidence if release is created via UI. !32441
  • GraphQL hasNextPage and hasPreviousPage return correct values. !32476
  • Fix loading and empty state styling for alerts list. !32531
  • Resolve incorrect x-axis padding on the Environments Dashboard. !32533
  • Fix time_tracking help link. !32552
  • Don't display confidential note icon on confidential issue public notes. !32571
  • Update container expiration policy database defaults. !32600
  • Fix rendering of emojis in status tooltips. !32604
  • Hid copy contents button when blob has rendering error. !32632
  • Avoid refresh to show endedAt after mutation. !32636
  • Fix for metrics creation when saving MR. !32668
  • Skip the individual JIRA issues if failed to import vs failing the whole batch. !32673
  • Hide "Import from Jira" option from non-entitled users. !32685
  • Fix broken help link on operations settings page. !32722
  • Allow different in bulk editing issues. !32734
  • Fix whitespace changes overgrowing the diff container. !32774
  • Improve spacing and wrapping of group actions buttons and stats in group list view. !32786
  • Fix "Broadcast Messages" table overflow and button alignment. !32801
  • Fix 404 when downloading a non-archive artifact. !32811
  • Make commits author button confirm to Pajamas specs. !32821
  • Fix filename duplication in design notes in activity feeds. !32823 (Arun Kumar Mohan)
  • Prevent multiple Auto DevOps deployment jobs running concurrently when using manual rollout. !32824
  • Implement displaying downstream pipeline error details. !32844
  • Fix Runner heartbeats that results in considering them offline. !32851
  • Conan package registry support for the conan_export.tgz file. !32866
  • Fix plural message in account deletion section. !32868
  • Fix atomic processing bumping a lock_version. !32914
  • AsciiDoc: Add support for built-in alignment roles. !32928 (mnrvwl)
  • Fix a bug where some Vue apps would be unable to load when DAG tab is disabled. !32966
  • Fix undefined error in Gitlab::Git::Diff. !32967
  • Fix spelling error on Ci::RunnersFinder. !32985 (Arthur de Lapertosa Lisboa)
  • Fix polling for resource events. !33025
  • Fix broken CSS classes inside alert management list. !33038
  • Fix bug in snippet create mutation with non ActiveRecord errors. !33085
  • Fix overflow issue in MR and Issue comments. !33100
  • Fix alignment of button text on the Edit Release page. !33104
  • Deduplicate URL parameters when requesting merge request diffs which causes diffs load to fail. !33117
  • Fix tabbing through form fields in projects/new flow. !33209
  • Fix incorrect commit search results returned when searching with ref. !33216
  • Fix NoMethodError by using the correct method to report exceptions to Sentry. !33260
  • Fix KaTeX font paths. !33338
  • Resolve Fix Incomplete Kubernetes Cluster Status List. !33344
  • Fix auto-merge not running after discussions resolved. !33371
  • Fix bug in snippets updating only file_name or content. !33375
  • Fix invisible emoji modal on Set Status form when clicked the second time. !33398
  • vertically center action icon in the CI pipeline. !33427 (Nathanael Weber)
  • Wrap auto merge parameters update in database transaction. !33471
  • Return 404 response when redirecting request with invalid url. !33492
  • Fix ambiguous string concatenation on CleanupProjectsWithMissingNamespace. !33497
  • Fix snippet repository import edge cases. !33506
  • Rust CI template: Replace --all with --workspace on cargo test. !33517 (Markus Becker)
  • Make markdown textarea links tab-accessible. !33518
  • Pass hard delete option to snippets bulk destroy. !33520
  • Fix CI rules for ECS related jobs. !33527
  • Update GitLab Workhorse to v8.34.0. !33543
  • Fix snippet repository import fail with older export files. !33584
  • Web IDE: Create template files in the folder from which new file request was made. !33585 (Ashesh Vidyut)
  • Improve header acccessibility. !33603
  • Remove non migrated snippets from failed imports. !33621
  • Prevent duplicate issues when importing from CSV. !33626
  • Fix sidebar spacing for alert details. !33630
  • Fix linking alerts to created issues for the Generic alerts intergration. !33647
  • Resolve spacing ux debt on Release assets form field. !33684
  • Fix pagination link header. !33714 (Max Wittig)
  • Fix Value Stream Analytics summary when using non-english locale. !33717
  • Fix bug with variable substitution in alerts. !33772
  • Allow wiki pages with +<> characters in their title to be saved. !33803
  • Fix force_remove_source_branch not working in API. !33804
  • Fix prometheus alerts not being automatically created. !33806
  • Fix pagination for resource label events. !33821
  • Fix relative URL root in wiki_base_path. !33841
  • Return code navigation path for nil diff_refs. !33850
  • Record audit event when an admin creates a new SSH Key for a user via the API. !33859 (Rajendra Kadam)
  • Do not create duplicate issues for exising Alert Management alerts. !33860
  • Add link text to collapsed left sidebar links for screen readers. !33866
  • Update text in error tracking list error message. !33872
  • Adjust wrong column reference for ResetMergeStatus (background job). !33899
  • Fixed dashboard YAML file validaiton for files which do not contain object as root element. !33935
  • Fix design note scrolling. !33939
  • Update validates_hostname gem with support for more TLDs. !34010
  • Update wording of addMultipleToDiscussionWarning. !34088
  • Show all storages in settings. !34093
  • Set author as nullable in snippet GraphQL Type. !34135
  • Fix rendering of very long paths in merge request file tree. !34153
  • Remove not null constraint from events tables. !34190
  • Ensure we always generate a valid wiki event URL. !34191
  • Send information about attached files to the GraphQL mutation. !34221
  • Update issue limits template to use minutes. !34254
  • Add route for the lost-and-found group and update the route of orphaned projects. !34285
  • GraphQL - properly handle pagination of millisecond-precision timestamps. !34352
  • Fix 500 error in BlobController#delete. !34367
  • Updated Auto DevOps with a fix to delete PostgreSQL PVC on environment cleanup, a fix for multiline K8S_SECRET variables, updated Helm to 2.16.7 and glibc to 2.31. !34399 (verenion)
  • Fix issues with scroll on iOS / iPad OS. !34486
  • Fix order of integrations to be sorted alphabetically. !34501
  • Fix undefined method error. !34522
  • Use Keys::DestroyService for deleting an SSH key when an admin deletes a key via the API. !34535 (Rajendra Kadam)
  • Removed default artifact name for Terraform template. !34557
  • Footer system message fix.
  • Set experiementation cookie for GitLab domain only.
  • Add DS detection of build.gradle.kts.

Changed (76 changes, 5 of them are from the community)

  • Add a GraphQL endpoint to fetch Jira projects through its REST API. !28190
  • Change legends in monitor dashboards to tabular layout. !30131
  • Move pipelines routing under /-/ scope. !30730
  • Set markdown toolbar to use hyphens for lists. !31426
  • Use sprites for comment icons on Commits. !31696
  • Rate limit project export by user. !31719
  • Reorder diffs compare versions dropdowns. !31770 (Gilang Gumilar)
  • Enable the in this group action in the Search dropdown. !31939
  • Externalize i18n strings from ./app/views/shared/_promo.html.haml. !32109 (Gilang Gumilar)
  • Add Usage Ping count for all searches. !32111
  • Add tags_count to container registry api and controller. !32141
  • Externalize i18n strings from ./app/views/shared/milestones/_sidebar.html.haml. !32150 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_form_dates.html.haml. !32162 (Gilang Gumilar)
  • Improve Container Registry UI header. !32424
  • Added node size to cluster index. !32435
  • Update operations metrics settings title and description to make them general. !32494
  • Track merge_requests_users usage data. !32562
  • Adds cluster CPU and Memory to cluster index. !32601
  • Allow the snippet create service to accept an array of files. !32649
  • Move review related controllers/workers outside EE. !32663
  • Move the Members section from settings to the side nav for projects. !32667
  • Show more context in unresolved jump button. !32737
  • Exclude extra.server fields from exceptions_json.log. !32770
  • Improve new/unknown sign-in email styling. !32808
  • Allow the snippet update service to accept an array of files. !32832
  • Add new issue link to email notification header. !32833
  • Bump cluster-applications to 0.17.0, which updates Runner to 0.17.0 and Cilium to 1.7.4. !32931
  • Update artifacts section to show when an artifact is locked. !32992
  • Include tag count in the image repository list. !33027
  • Clean up gitlab-shell install-from-source path. !33057
  • Increase LFS token default time to 2 hours. !33140
  • Add explicit mention of Merge request in Slack message. !33152
  • Expose release_links.type via API. !33154
  • Add link_type column to release_links table. !33156
  • Move broadcast notification dismiss button to the top. !33174
  • Remove null constraint for JID in GroupImportState. !33181
  • Added provider type icon to cluster list. !33196
  • Remove search icon from Project find file button. !33198
  • Refine SAST language detection by frameworks. !33226
  • Render Merge request reference as link. !33248
  • Upgrade to Gitaly v13.1.0-rc1. !33302
  • Show disabled suggestion button with tooltip message. !33357
  • Add update validations to SnippetInputAction. !33379
  • Add snippet DB visibility check in spec. !33388 (Jacopo Beschi @jacopo-beschi)
  • Add Hugo logo to project templates. !33402
  • Add GitBook logo to project templates. !33403
  • Add GoMicro logo to project templates. !33404
  • Add Jekyll logo to project templates. !33405
  • Add Hexo logo to project templates. !33406
  • Rename Add Designs button. !33491
  • Add CPU, memory usage charts to self monitoring default dashboard. !33532
  • Add database migrations to design_management_designs.filename to enforce a 255 character limit, and modify any filenames that exceed that limit. !33565
  • Track Sentry error status updates with dedicated actions. !33623
  • Alert Managament: Change sorting order to have newest alerts first. !33642
  • Add blobs field to SnippetType in GraphQL. !33657
  • Format metrics column chart x axis dates. !33681
  • Style ToastUI contextual menus. !33719
  • Update Auto deploy image to v0.16.1, introducing support for AUTO_DEVOPS_DEPLOY_DEBUG. !33799
  • Add whether instance has Auto DevOps enabled to usage ping. !33811
  • Update local IP address and domain name allow list input label. !33812
  • Add date time format to the monitor stacked-column chart. !33814
  • Allow Tf Plan to genrate multiple reports. !33867
  • Remove async_merge_request_check_mergeability feature flag. !33917
  • Filter potentially-sensitive Sidekiq arguments from logs and Sentry. !33967
  • Update Static Site Editor toolbar to group inline-code and code-block buttons together. !34006
  • Set default values for SAST_EXCLUDED_PATHS and DS_EXCLUDED_PATHS. !34076
  • Add ability to filter self monitoring resource usage charts by instance name. !34084
  • Pick repository storage based on weight. !34095
  • Display error for YAML files that are too large. !34199
  • Change copy of webhooks / integration help text. !34301
  • Update board header icons. !34366
  • Show Redis instance in performance bar. !34377
  • Add secret detection template to Auto DevOps. !34467
  • Add allowed actions to snippet input action. !34499
  • Change from vendor specific to Gitlab. !34576
  • Assign alerts sidebar base.

Performance (19 changes, 1 of them is from the community)

  • Improve performance of commit search by limiting the number of results requested. !32260
  • Add GraphQL lookahead support. !32373
  • Update index_ci_builds_on_commit_id_and_artifacts_expireatandidpartial index for secret_detection. !32584
  • Add index on id and type for Snippets. !32885
  • Use build_stubbed to avoid interacting with the DB in todos helper specs. !32906 (Arun Kumar Mohan)
  • Optimize SQL queries on Milestone index page. !32953
  • Add build report results data model. !32991
  • Adjust condition for partial indexes on services table. !33044
  • Add index to issues and epics on last_edited_by_id. !33075
  • Fix preconnect typo in rel link. !33255
  • Add project_id, user_id, status, ref index to ci_pipelines. !33290
  • Move migration related to ci_builds to post_deployment. !33416
  • Reduce redundant queries for Search API users scope. !33795
  • Speed up boot time in production. !33929
  • Harden CI pipelines usage data queries with an index. !34045
  • Add partial index on locked merge requets. !34127
  • Lazy load commit_date and authored_date on Commit. !34181
  • Optimize container repository for groups query. !34364
  • Enable CI Atomic Processing by default.

Added (149 changes, 14 of them are from the community)

  • Add rake task to verify encrypted data through secrets. !21851
  • User can apply multiple suggestions at the same time. !22439 (Jesse Hall)
  • Resolve Add a button to assign users who have commented on an issue. !23883
  • Resolve Graph code coverage changes over time for a project. !26174
  • Add doc for custom validators in api styleguide. !26734 (Rajendra Kadam)
  • Add Scheduled Job for Monitoring Monitor Group Demo Environments. !27360
  • Add setting to allow merge on skipped pipeline. !27490 (Mathieu Parent)
  • Add dark theme (alpha). !28252
  • Show estimate on issues list. !28271 (Lee Tickett)
  • Make Fixed Email Notification Generally Available. !28338 (jacopo-beschi)
  • Add a link to the renamed viewer to fully expand the renamed file (if it's text). !28448
  • Focus and toggle metrics dashboard panels via keyboard. !28603
  • Remove scoped_approval_rules feature flag. !28864 (Lee Tickett)
  • Create Group import UI for creating new Groups. !29271
  • Add finder for group-level runners. !29283 (Arthur de Lapertosa Lisboa)
  • Allow customization of badge key_text and key_width. !29381 (Fabian Schneider @fabsrc)
  • Support Workhorse directly uploading files to S3. !29389
  • Add frontend support for multiline comments. !29516
  • Support first_name and last_name attributes in LDAP user sync. !29542
  • Add link to status page detail view for status page published issues. !30249
  • Add metrics dashboard name to document title. !30392
  • Backfill StatusPage::Published incidents and enable a publish quick action for EE. !30906
  • Add missing Merge Request fields. !30935
  • Show build status on branch list. !30948 (Lee Tickett)
  • Add mutation to create commits in GraphQL. !31102
  • Add GraphQL support for authored and assigned Merge Requests. !31227
  • Add usage data metrics for terraform states. !31280
  • Add usage data metrics for terraform reports. !31281
  • Add API endpoint for listing bridge jobs. !31370 (Abhijith Sivarajan)
  • SpamVerdictService can call external spam check endpoint. !31449
  • Move Admin note feature to GitLab Core. !31457 (Rajendra)
  • Add DAG serializer for pipelines controller. !31583
  • Save repository storages in application settings with weights. !31645
  • Add API endpoint for resource milestone events. !31720
  • Show import in progress screen for group imports. !31731
  • Add Verify/FailFast CI template. !31812
  • Improve Add/Remove Issue Labels API. !31864 (Lee Tickett)
  • Add mutation to create a merge request in GraphQL. !31867
  • Add warning popup for Elastic Stack update. !31972
  • Add API support for sharing groups with groups. !32008
  • Add the container expiration policy attribute to the project GraphQL type. !32100
  • Add GraphQL support for project and group labels. !32113
  • Add number of database calls to Prometheus metrics and logs for sidekiq and request. !32131
  • Filter pipelines by status. !32151
  • Filter pipelines based on url query params. !32230
  • Add metrics for Redis usage during Sidekiq job execution. !32265
  • Add filters to merge request fields. !32328
  • Support reading .editorconfig files inside of the Web IDE. !32378
  • [Frontend] Resolvable design discussions. !32399
  • Table index added to metrics_dashboard_annotations for future pruning of stale metrics Annotations for metrics dashboards are now checked for valid start and end dates. !32433
  • Enable GitLab-Flavored Markdown processing for design links. !32446
  • Filter Pipelines by Tag Name. !32470
  • Adds sorting by column to alert management list. !32478
  • Add project specific repository storage API. !32493
  • Adapt Limitable for system-wide features. !32574
  • Add application limits to instance level CI/CD variables. !32575
  • Add model for project level security auto-fix settings. !32577
  • Expose Jira imported issues count in GraphQL. !32580
  • Organize alerts by status tabs. !32582
  • Add note to ECS CI template. !32597
  • Add metrics for Redis usage during web requests. !32605
  • Add database and GraphQL support for alert assignees. !32609
  • Set fingerprints and increment events count for Alert Management alerts. !32613
  • Process stuck jira import jobs. !32643
  • Allow user to add custom links to their metrics dashboard panels. !32646
  • Add tags to experimental queue selector attributes. !32651
  • Allow generic endpoint to receive alerts from external Prometheus. !32676
  • Customize the Cloud Native Buildpack builder used with Auto Build. !32691
  • Add timezone display to alert based issue start time. !32702
  • Display dates on metrics dashboards in UTC time zone. !32746
  • Store Todo resolution method. !32753
  • Add experience_level to user_preferences. !32784
  • Remove metrics dashboard annotations attached to time periods older than two weeks. !32838
  • Monitor:Health metrics instrumenation. !32846
  • Adds PostHog as a CI/CD Managed Application. !32856
  • Groups API has top_level_only option to exclude subgroups. !32870
  • Create operations_feature_flags_issues table. !32876
  • Add api.js methods to update issues and merge requests. !32893
  • Render user-defined links in dashboard yml file on metrics dashboard. !32895
  • Add accessibility report MR widget. !32902
  • Add a GraphQL mutation for toggling the resolved state of a Discussion. !32934
  • Add container expiration policy objects to the GraphQL API. !32944
  • Don't hide Commit tab in Web IDE when there are no changes yet. !32979
  • Add column for alert slack notifications. !33017
  • Add ability to insert an image via SSE. !33029
  • Add user root query to GraphQL API. !33041
  • Adds groupMembership and projectMembership to GraphQL API. !33049
  • Alerts list pagination. !33073
  • Add ApplicationSetting ui changes for repository_storages_weighted. !33096
  • Display confirmation modal when user exits SSE and there are unsaved changes. !33103
  • Add column dashboard_timezone to project_metrics_setting. !33120
  • Allow the assignment of alerts to users from the alert detail view. !33122
  • Add solarized dark for Web IDE. !33148
  • Add support for artifacts/exclude configuration. !33170
  • Add root users query to GraphQL API. !33195
  • Added validation for YAML files with metrics dashboard definitions. !33202
  • Create issue from alert. !33213
  • Add max import file size option. !33215 (Roger Meier)
  • Add system note when assigning user to alert. !33217
  • Add count of alerts from all sources to usage ping. !33220
  • Add button to create an issue from an alert management alert. !33221
  • Add more detail to alert integration settings description. !33244
  • Add Evidence to Releases GraphQL endpoint. !33254
  • Add support for pasting images in the Web IDE. !33256
  • Add ProjectAccessToken table. !33272
  • Automatically resolve alert when associated issue closes. !33278
  • Add link_type to ReleaseLink GraphQL type. !33386
  • Add members to project graphQL endpoint. !33418
  • Update Static Site Editor WYSIWYG mode to hide front matter. !33441
  • Added delete action for Dashboard Annotations in GraphQL. !33468
  • Create graphQL endpoint for Jira users import. !33501
  • Support IAP protected prometheus installations. !33508
  • New instance-level variables UI. !33510
  • Provide __range variable for Prometheus queries. !33521
  • Add support for git filter-repo to repository cleanup. !33576
  • Close open reply input fields in the design view sidebar when leaving a new comment. !33587
  • Add dashboard schema validation warnings as metrics dashboard GraphQL field. !33592
  • Add time range to user-defined links in metrics dashboard. !33663
  • Increase events count for Prometheus alerts. !33706
  • Track pod logs refresh action. !33802
  • Add secret detection template. !33869
  • Add DAG visualization MVC. !33958
  • Introduce a feature flag for Vue-based UI for all import providers. !33980
  • Add sticky title on Issue pages. !33983
  • Allow Release asset links to be associated with a type. !33998
  • Support user-defined Grafana links in metrics dashboard. !34003
  • Adds AWS guidance to CI/CD > Add Variable modal. !34009
  • Show custom attributes within Admin Pages. !34017 (Roger Meier)
  • Enable Slack notifications for alerts. !34038
  • Container expiration policy regular expressions are now validated. !34063
  • Add todo when alert is assigned to a user. !34104
  • Track merge requests submitted by Static Site Editor. !34105
  • Turn off alert issue creation by default. !34107
  • Add detailed logs of each Redis instance usage during job execution and web requests. !34110
  • Add API to schedule project repository storage moves. !34119
  • Add validation step on backend for metrics dashboard links. !34204
  • Track when Static Site Editor is initialized. !34215
  • Bring SAST to Core - brakeman. !34217
  • Mask key comments when exposing SSH/Deploy Keys via the API. !34255
  • Convert :release yaml to release-cli commands. !34261
  • Validate regex before sending them to CleanupContainerRepositoryWorker. !34282
  • Add secret_detection to DOWNLOADABLE_TYPES. !34313
  • Enable ability to assign alerts to users with corresponding system notes and todos. !34360
  • Enable CI Inheriting Env Variables feature. !34495
  • Show tooltip on error detail page when hovering over dates. !34506
  • Add native code intelligence. !34542
  • Bump cluster-applications version to v0.20.0. !34569
  • Add search argument for AlertStatusCountsResolver. !34596
  • Allow CI_JOB_TOKEN for authenticating to the Terraform state API. !34618

Other (65 changes, 36 of them are from the community)

  • Improve fast-forward merge is not possible message. !22834 (Ben Bodenmiller)
  • Remove unused WAF indexes from CI variables. !30021
  • Update the visual design of badges in some areas. !31646
  • Extract featurable concern from ProjectFeature. !31700 (Alexander Randa)
  • Remove update function logic from list model. !31900 (nuwe1)
  • Remove nextpage function logic from list model. !31904 (nuwe1)
  • Squash database migrations prior to 2019 into one. !31936
  • Update deprecated slot syntax in app/assets/javascripts/reports/components/grouped_test_reports_app.vue. !31975 (Gilang Gumilar)
  • Replace slot syntax for Vue 3 migration. !31987 (gaslan)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/admin/projects/index/components/delete_project_modal.vue. !31994 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/projects/labels/components/promote_label_modal.vue. !31995 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue. !32010 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/environments/components/environments_app.vue. !32011 (Gilang Gumilar)
  • Remove setLoadingState logic from issue model. !32226 (nuwe1)
  • Remove addAssignee logic from issue model. !32231 (nuwe1)
  • Remove addLabel Logic from issue models. !32233 (nuwe1)
  • Remove addMilestone logic from issue model. !32235 (nuwe1)
  • Remove destroy function logic from list model. !32237 (nuwe1)
  • Remove findAssignee logic from issue model. !32238 (nuwe1)
  • Remove findLabel logic from issue model. !32239 (nuwe1)
  • Remove findIssue logic from list model. !32241 (nuwe1)
  • Remove moveIssue logic from list model. !32242 (nuwe1)
  • Remove newIssue logic from list model. !32244 (nuwe1)
  • Remove removeAllAssignees logic from issue model. !32247 (nuwe1)
  • Remove removeAssignee logic from issue model. !32248 (nuwe1)
  • Clarify verbiage for stuck job messages. !32250
  • Remove removeLabel logic from issue model. !32251 (nuwe1)
  • Remove removeLabels logic from issue model. !32252 (nuwe1)
  • Remove removeMilestone logic from issue model. !32253 (nuwe1)
  • Remove removeMultipleIssues logic from list model. !32254 (nuwe1)
  • Remove setFetchingState logic from issue model. !32255 (nuwe1)
  • Remove updateData logic from issue model. !32256 (nuwe1)
  • Update U2F docs for Firefox 67+. !32289 (Takuya Noguchi)
  • Update alert management mobile table alignment. !32295
  • Include available instance memory in usage ping. !32315
  • Moves merge request reviews into Core. !32558
  • Update GitLab Runner Helm Chart to 0.17.0. !32634
  • Add snowplow tracking for logs page. !32704
  • Extend "Remember me" token after each login. !32730
  • Assign alerts sidebar container fix. !32743
  • Add anchor for creating a branch. !32745
  • Tidy. !32759 (Lee Tickett)
  • Less verbose JiraService error logs. !32847
  • Reduced padding and increased emphasis of titles within the epic tree. !32873
  • Remove obsolete users.ghost column. !32957
  • Move NoPrimary table def to last context in spec. !33015 (Rajendra Kadam)
  • Document github rate limit behavior. !33090
  • Added build_id column to requirements_management_test_reports table. !33184
  • Add version history information on U2F support. !33229 (Takuya Noguchi)
  • Convert IP spoofing errors into client errors. !33280
  • Update docs to reflect move web IDE Terminal and file sync to Core. !33419
  • Add hovering icon for sorting columns on alert management list. !33429
  • Avoid javascript for omniauth logins. !33459 (Diego Louzán)
  • Add opacity transition to active design discussion pins. !33493
  • Update GitLab Runner Helm Chart to 0.17.1. !33504
  • Make project selector in various dashboard more translatable. !33771
  • Update Workhorse to v8.35.0. !33817
  • Remove FF hide_token_from_runners_api. !33947
  • Bump omniauth_openid_connect to 0.3.5. !34030 (Roger Meier)
  • Specify tiers for SAML SSO at self-hosted plans. !34040 (Takuya Noguchi)
  • Backfill failed imported snippet repositories. !34052
  • Use GitLab SVG icon for file attacher action. !34196
  • Add GraphQL snippet FileInputType. !34442
  • Update red hex values to match GitLab UI. !34544
  • Remove removeIssue logic from list model. (nuwe1)

13.0.14 (2020-08-18)

  • No changes.

13.0.13 (2020-08-17)

Security (2 changes)

  • Stop deploy token being mis-used as user in ProjectPolicy and GroupPolicy.
  • Project access is checked during deploy token authentication.

13.0.12 (2020-08-05)

Security (10 changes)

  • Add decompressed archive size validation on Project/Group Import. !562
  • Enforce 2FA on Doorkeeper controllers.
  • Refresh project authorizations when transferring groups.
  • Stop excess logs from failure to send invite email when group no longer exists.
  • Verify confirmed email for OAuth Authorize POST endpoint.
  • Revoke OAuth grants when a user revokes an application.
  • Fix XSS in Markdown reference tooltips.
  • Fix XSS in milestone tooltips.
  • Fix xss vulnerability on jobs view.
  • Block 40-character hexadecimal branches.

13.0.11 (2020-08-05)

This version has been skipped due to packaging problems.

13.0.10 (2020-07-09)

Fixed (1 change)

  • Fix gitlab:*:check Rake tasks. !35944

13.0.9 (2020-07-06)

  • No changes.

13.0.8 (2020-07-01)

Security (18 changes)

  • Update xterm js dependency to latest stable 3.x version.
  • Do not show activity for users with private profiles.
  • Fix stored XSS in markdown renderer.
  • Upgrade swagger-ui to solve XSS issues.
  • Fix group deploy token API authorizations.
  • Check access when sending TODOs related to merge requests.
  • Change from hybrid to JSON cookies serializer.
  • Prevent XSS in group name validations.
  • Disable caching for wiki attachments.
  • Disable Github Importer API by settings.
  • Fix null byte error in upload path.
  • Update permissions for time tracking endpoints.
  • Add snippet repository validation after bundle import.
  • Update Kaminari gem.
  • Fix note author name rendering.
  • Sanitize bitbucket repo urls to mitigate XSS.
  • Stored XSS on the Error Tracking page.
  • Fix security issue when rendering issuable.

13.0.7 (2020-06-25)

Fixed (7 changes)

  • Group authorization refresh to consider shared groups. !31204
  • Fix Value Stream Analytics summary when using non-english locale. !33717
  • Fix bug with variable substitution in alerts. !33772
  • Fix relative URL root in wiki_base_path. !33841
  • Adjust wrong column reference for ResetMergeStatus (background job). !33899
  • Updated Auto DevOps with a fix to delete PostgreSQL PVC on environment cleanup. !34657
  • Load user before logging git http-requests. !34923

Added (2 changes)

  • Provide __range variable for Prometheus queries. !33521
  • Periodically recompute project authorizations. !34071

13.0.6 (2020-06-10)

  • No changes.

13.0.4 (2020-06-03)

Security (1 change)

  • Prevent fetching repository code with unauthorized ci token.

13.0.3 (2020-05-29)

Fixed (8 changes, 1 of them is from the community)

  • Fixed redirection to project snippets. !32530
  • Fix Geo replication for design thumbnails. !32703
  • Fix 404s downloading build artifacts. !32741
  • Fix Auto DevOps manual rollout jobs not being allowed to fail. !32865
  • Update deprecated routes in irker integration. !32923 (Marc Jeanmougin)
  • Change format of variables parameter in Prometheus proxy API for metrics dashboard. !33062
  • Fix issue and MR API performance regression when Markdown cache is stale. !33235
  • Fix close issue when user created the issue. !33294

13.0.1 (2020-05-27)

Security (12 changes)

  • Add an extra validation to Static Site Editor payload.
  • Hide EKS secret key in admin integrations settings.
  • Added data integrity check before updating a deploy key.
  • Display only verified emails on notifications and profile page.
  • Require confirmed email address for GitLab OAuth authentication.
  • Kubernetes cluster details page no longer exposes Service Token.
  • Fix confirming unverified emails with soft email confirmation flow enabled.
  • Disallow user to control PUT request using mermaid markdown in issue description.
  • Check forked project permissions before allowing fork.
  • Limit memory footprint of a command that generates ZIP artifacts metadata.
  • Fix file enuming using Group Import.
  • Prevent XSS in the monitoring dashboard.

13.0.0 (2020-05-22)

Removed (20 changes, 5 of them are from the community)

  • Remove project routes that were deprecated before 12.1. !26808
  • Drop x-y-stable version pinning for Secure templates. !29603
  • Remove logs from the admin pages. !30485
  • Remove deprecated /admin/application_settings redirect. !30532
  • Drop support for License-Management CI template. !30645
  • Remove deprecated InfluxDB. !30786
  • Remove deprecated Release Evidence endpoints. !30975
  • Remove deprecated Release Evidence endpoints documentation. !30978
  • Drop support for license_management artifact. !31247
  • Remove deprecated container scanning report parser. !31294
  • Remove rake task gitlab:track_deployment. !31404
  • Remove token attribute from Runners API. !31448
  • Remove support for Ruby format variable interpolation (%{variable}) in custom dashboards. !31581
  • Remove JenkinsDeprecatedService. !31607 (tnwx)
  • Remove ruby_memory_bytes metric, duplicate of ruby_process_resident_memory_bytes. !31705
  • Remove project_list_show_mr_count feature flag. !31789 (Gilang Gumilar)
  • Remove project_list_show_issue_count feature flag. !31793 (Gilang Gumilar)
  • Remove set_user_last_activity feature flag. !31795 (Gilang Gumilar)
  • Remove registrations_recaptcha feature flag. !31797 (Gilang Gumilar)
  • Remove deprecated Sidekiq rake tasks.

Fixed (171 changes, 54 of them are from the community)

  • Allow public access to pipeline schedules. !20806 (Lee Tickett)
  • Add user last_activity logging in GraphQL. !23063
  • Render TestReport parsing errors back to pipeline test summary. !24188
  • Add user popovers to system notes. !24241
  • Fix missing RSS feed events. !28054
  • Resolve Text for future Release date grammatically incorrect. !28075
  • Fix number of approvals given calculation. !28293 (Steffen Köhler)
  • Always display new subgroup button when permission is granted. !28309 (Mattias Michaux)
  • Correct the permission according to docs. !28657
  • Fix duplicated activity and events on deletion of tag. !28861 (Sashi Kumar)
  • Fix init.d script to correctly set web server PID. !29164
  • Honor per_page in Search API. !29197
  • fix: use the source project to generate commit links for un-persisted merge requests. !29243 (Chieh-Min Wang)
  • Fix display of some overflowing merge request diffs. !29267
  • Move prepend to last line in helper files. !29327 (Rajendra Kadam)
  • Prevent duplicate tooltips when hovering over status emoji in comments. !29356
  • Update Elastic Stack chart to 2.0.0 to support kubernetes 1.16. !29601
  • Fix minor spacing issue at Snippet blob viewer. !29625 (Karthick Venkatesan)
  • Eliminate errors in wiki controller during edit. !29645
  • Fixed copy as GFM not copying upload links. !29683
  • Bump max search depth from 2 to 4 when looking for files SAST analyzers can handle. !29732
  • Move snippet raw_url attribute to base entity. !29776
  • Return content from repo in snippet raw endpoint. !29781
  • Return file name from repo in snippet endpoints. !29785
  • Propagation of service templates also covers services with separate data tables. !29805
  • Fix bug in personal snippets when somebody is mentioned. !29835 (Sashi Kumar)
  • Embed metrics charts for both /metrics and /metrics_dashboard routes. !29838
  • Fix admin mode access on GraphiQL controller. !29845 (Diego Louzán)
  • Exclude html entities from haml lint. !29847 (Lee Tickett)
  • Fixed JS error for anonymous views of a snippet. !29854
  • Destroy Dropzone hidden input when form is destroyed. !29882
  • Move prepend to last line in lib/gitlab files. !29938 (Rajendra)
  • Match Jira keys with trailing characters. !29953
  • Fixed Cancel action on Snippet edit for existing snippets. !29993
  • Warn user before losing wiki content. !30037
  • Move prepend to last line in lib/gitlab files. !30070 (Rajendra Kadam)
  • Fix an issue where the Search dropdown results would not be clickable. !30087 (mbergeron)
  • Capture all errors when updating repository storage. !30119
  • Move alert management behind a feature flag. !30133
  • Fix bug when services appear active even though they are not. !30160
  • Fix moving an issue when there is a group reference. !30185
  • Move prepend to last line in lib/gitlab files. !30194 (Rajendra Kadam)
  • Move prepend to last line in lib/gitlab files. !30289 (Rajendra Kadam)
  • Move prepend to last line in lib/gitlab files. !30291 (Rajendra Kadam)
  • Set NULL lock_version values to 0 for CI objects. !30305
  • Fix errors creating project with active Prometheus service template. !30340
  • Add Activity icons for Wiki updated and destroyed events. !30349
  • Gracefully handle orphaned member invites. !30355
  • Fix incorrect commits number in commits list. !30412
  • Fix second 500 error with NULL restricted visibility levels. !30414
  • Move prepend to last line in ee/services. !30425 (Rajendra Kadam)
  • Add LFS badge feature flag to RefsController#logs_tree. !30442
  • Fix mirror repos docs link. !30443
  • Added right margin to Clone Snippet button. !30471
  • Fix blob link for the code search. !30473
  • Use Jira import owner as the issue author when importing issues from Jira. !30504
  • Correctly count wiki pages in sidebar. !30508
  • Stretch heatmap metrics full column size. !30524
  • Upgrade Unicorn to v5.5.1. !30541
  • Avoid copying diffs as Markdown tables. !30572
  • Fixes overlapping tooltips when clicking copy buttons. !30622
  • Fix 500 error for non-existing snippet on graphql mutations. !30632 (Sashi Kumar)
  • Change validation rules for profile email addresses. !30633
  • Set timeout for Google OAuth to prevent 503 error. !30653
  • Remove extra sleep when obtaining exclusive lease. !30654
  • Fix GitLab CI/CD Scala template. !30667
  • Fix checkmark position on dropdowns. !30685
  • Remove Visibility from terraform widget. !30737
  • Use migration bot user in snippet migration. !30762
  • Fix discard button not showing for new empty files in Web IDE. !30767
  • Disable schema dumping after migrations in production. !30812
  • Fix mapping group membets as Jira issues authors/assignees. !30820
  • Align styling of snippet search results. !30837
  • Move daily create users statistics cronjob to CE. !30843
  • Fixed alignment of Snippet Clone copy buttons. !30897
  • Increase constrast ratio of text in some tables. !30903
  • Ignore .gitattributes if they contain invalid byte sequences. !30922
  • Fix bug in Snippet BlobViewer GraphQL definition. !30927
  • Fix layout in issue view, on large screen some buttons were misaligned. !30947 (Michele (macno) Azzolari)
  • Fix error renaming files using web IDE. !30969
  • Handle Snippet file name errors in backfill. !30981
  • Correctly track the store that external MR diffs are placed on. !31005
  • Fix duplicate index removal on ci_pipelines.project_id. !31043
  • Update recursive-open-struct to 1.1.1 to make it compatible with ruby 2.7. !31047
  • Revert CODEOWNERS validation of Web requests in diff check. !31087
  • Wrap wiki blob search result in its own object. !31155
  • Allow multiple usage of EE extension/inclusion on last lines. !31183 (Rajendra Kadam)
  • Fix 500 error loading environments index. !31184
  • Fix 500 on creating an invalid domains and verification. !31190
  • Fix redirect loop on .com when 2FA is required. !31229
  • Fix regression and allow SCIM to create SAML identity. !31238
  • Fix incorrect number of errors returned when querying sentry errors. !31252
  • Fix RST rendering hanging on large files. !31287
  • Trim whitespace in directory names in the Web IDE. !31305
  • Fix 'not enough data' in Value Stream Analytics when low median values are returned. !31315
  • Add tooltip to container registry tags last update column. !31317
  • Fix Istio broken Istio metrics installation. !31382
  • Link to subgroup milestones correctly from group milestones page. !31383
  • Remove kwargs from storage move worker. !31412
  • Make edit board text sentence case. !31418
  • Katex render and vscode output improvements for markdown. !31433 (Reinhold Gschweicher pyro4hell@gmail.com)
  • Fix overwrite check in GitLab import/export. !31439
  • Fix API requests for branch names ending in .txt. !31446 (Daniel Stone)
  • Avoid repository size checkings in snippet migrations for migration bot. !31473
  • Use iso 8601 timestamp format in metrics dashboard annotations graphql resource to assure multi browser compatibility. !31474
  • In WebIDE get files with relative path instead of web_url. !31478
  • Fix snippet migration when user has invalid info. !31488
  • Add elipsis to container registry tag name. !31584
  • Add instance column to services table if it's missing. !31631
  • Fix issue with broken images in Web IDE markdown. !31638
  • Fixes bug where variables were not protected by default when using the correct CI/CD admin setting. !31655
  • Decode dashboard_path when creating annotations. !31665
  • Fix "how to checkout MR" help link. !31688
  • Fixed redirection when deleting a project snippet. !31709
  • Fix templates API endpoint when project name has dots. !31758
  • Remove detection of file in Dependency Scanning template. !31819
  • Move prepend to last line in app models. !31826 (Rajendra Kadam)
  • Move prepend to last line in app models 2. !31827 (Rajendra Kadam)
  • Move prepend to last line in app models 3. !31829 (Rajendra Kadam)
  • Move include_if_ee to last line in ee/app 1. !31832 (Rajendra Kadam)
  • Restore original sort order of the metrics dashboard select list. !31859
  • Fix Snippet update error bug losing changes. !31873
  • Replace the outdated link. !31874 (Renamoo)
  • Replace let! with let_it_be in user api spec. !31901 (Rajendra Kadam)
  • Replace let! with let_it_be in merge request spec. !31909 (Rajendra Kadam)
  • angelog Replace let! with let_it_be in pipelines spec. !31916 (Rajendra Kadam)
  • Fix public metrics dashboard visibility bug. !31925
  • Add nested file detection for Dependency Scanning. !31932
  • Add class stubs and fix leaky constant cop alert. !31938 (Rajendra Kadam)
  • Add class stubs and fix leaky constant alert in content whitelist spec. !31946 (Rajendra Kadam)
  • Fix broken heading of Vue 3 migration guide doc. !31951 (Gilang Gumilar)
  • Add class stubs and fix leaky constant alert in query recorder spec. !31954 (Rajendra Kadam)
  • Fix no scroll when overflow in IDE right pane. !31961
  • Fix leaky constant cop issue in clone dashboard service spec. !31962 (Rajendra Kadam)
  • Stub class constant in resolve discussion spec. !31965 (Rajendra Kadam)
  • Fix leaky constant issue in upgrade progress service check. !31969 (Rajendra Kadam)
  • Clear merge request error on push to source branch. !32001
  • Allow only users with adminNote permission to edit the design note. !32035
  • Fix leaky constant issue in retry build service check. !32038 (Rajendra Kadam)
  • Fix leaky constant issue in env assignment spec. !32040 (Rajendra Kadam)
  • Fix leaky constant issue in statistics api spec. !32042 (Rajendra Kadam)
  • Fix leaky constant issue in merge request policy spec. !32044 (Rajendra Kadam)
  • Fix leaky constant issue in tree spec. !32045 (Rajendra Kadam)
  • Fix leaky constant issue in mentionable spec. !32049 (Rajendra Kadam)
  • Fix leaky constant issue in json serialization spec. !32051 (Rajendra Kadam)
  • Fix leaky constant issue in cluster spec. !32053 (Rajendra Kadam)
  • Fix bug in Groups API when statistics are requested in an unauthenticated API call. !32057
  • Fix leaky constant issue in nulls pt2 spec. !32058 (Rajendra Kadam)
  • Fix leaky constant issue in application settings encrypt spec. !32066 (Rajendra Kadam)
  • Fix leaky constant issue in system check spec. !32080 (Rajendra Kadam)
  • Fix leaky constant issue in simple executor spec. !32082 (Rajendra Kadam)
  • Fix leaky constant issue in jwt spec. !32093 (Rajendra Kadam)
  • Update android template. !32096
  • Fix leaky constant issue in factory spec. !32099 (Rajendra Kadam)
  • Fix leaky constant issue in sidekiq middleware spec. !32101 (Rajendra Kadam)
  • Fix leaky constant issue connection, master check and attr config spec. !32144 (Rajendra Kadam)
  • Fix updating of Markdown fields when Markdown cache version is incremented. !32219
  • Fix incorrect regex used in FileUploader#extract_dynamic_path. !32271
  • Improve responses in the snippet create/update API endpoints. !32282
  • Send Devise emails triggered from the 'Email' model asynchronously. !32286
  • Re-enable negative filters for Boards. !32348
  • Fix missing space character in alert header. !32395
  • Fix display of embedded snippets. !32411 (Jan Beckmann)
  • Fixed redirection to project snippets. !32530
  • Rake task gitlab:cleanup:orphan_lfs_files should clear the cached value or repository size. !32541
  • Fixed enabled merge button incorrectly showing to users who can't merge.
  • Fixed misaligned avatar in commit discussion form.
  • Fixed cancel reply button not alerting the user.
  • Fixes commit message emojis not rendering in Vue file list.
  • Fix logging of username in /jwt/auth.
  • Fixes branch name not getting escaped correctly on frontend.

Deprecated (2 changes)

  • Deprecate /plugins directory. !29678
  • Implement external database checker in dashboard controller. !30389

Changed (121 changes, 42 of them are from the community)

  • Support limits for offset based pagination. !28460
  • Redirect issues routes under /-/ scope. !28655
  • Add Fluentd into cluster apps page. !28847
  • Disallow developers to delete builds of protected branches. !28881 (Alexander Kutelev)
  • Store status of repository storage moves. !29095
  • Update the example regex in the image expiration policy UI. !29348
  • Add WAF and Cilium Log column for Fluentd table. !29457
  • Update Fluentd model to support multiple logs. !29458
  • Add Cilium to Fluentd UI controls on the Cluster Application page. !29511
  • Use alerts instead of toasts in Image Repository details. !29685
  • Avoid commit when snippet file_name and content are not present. !29761
  • Recreate foreign key in project settings to use nullify instead of cascade. !29767
  • Surface alerts add sidebar link. !29775
  • Make setting alerts on the monitoring dashboard available to GitLab Core users. !29789
  • Keep latest artifact for each ref. !29802
  • Change placeholder in search input for Analytics features. !29858 (Gilang Gumilar)
  • Test Jira connection before running import. !29926
  • Remove snippet file_name from snippet lists. !29937
  • Add new keep regex to expiration policy settings ui. !29940
  • Alert management can user enable. !30024
  • Expose the updated_at attribute in the todos API. !30035
  • Update GitLab-managed helm from 2.16.3 to 2.16.6, improving the reliability of GitLab's Kubernetes integration. !30067
  • Show correct label and count on Jira import form. !30072
  • Copy pipelines routing under - scope. !30159
  • Return validation errors for invalid pod name or container name when viewing pod logs. !30165 (Sashi Kumar)
  • Move global autocomplete routes to /-/ scope. !30173
  • Update the cancel comment note text to a less ambiguous statement. !30189
  • Use stricter regex for broadcast target path. !30210
  • Change wording of merge request threads counter. !30217
  • Indicate topics are optional. !30264 (Ben Bodenmiller)
  • Rename Client Side Evaluation to Live Preview. !30309
  • Decouple partial clone config from max input size. !30354 (Son Luong Ngoc)
  • Update managed jupyter chart to 0.9.0 (stable). !30393
  • Hide broadcast messages until the end of the period. !30432
  • Add severity icons for alert management. !30472
  • Move to supported Elastic helm charts. !30528
  • Updated snippet view to show path instead of name for a blob. !30550
  • Handle possible RSA key exceptions when generating CI_JOB_JWT. !30702
  • Update sidebar packages name. !30712
  • Update cron job schedule to have a random time generated on page load. !30729
  • Migrate Container-Scanning template to rules syntax. !30775
  • Migrate DAST CI template to rules syntax. !30776
  • Migrate License-Scanning CI template to rules syntax. !30784
  • Code review analytics: Change margin between title and description. !30834
  • Productivity Analytics: Remove separator and cleanup title margins. !30839
  • Move Auto DevOps Test.gitlab-ci.yml template to rules syntax instead of only/except. !30876
  • Change Var to Variable text. !30878
  • Move Build.gitlab-ci.yml to rules syntax. !30895
  • Move Code-Quality.gitlab-ci.yml to rules syntax. !30896
  • Migrate Dependency-Scanning CI template to rules syntax. !30907
  • Apply shared integrations view to project level. !30971
  • Exposes description, hosts, details, and timestamps for Alert Management Alert GraphQL. !31091
  • Update the example regex in the image expiration policy UI. !31104
  • Add clear explanation to the MR widget when no CI is available and Pipeline must succeed option is activated. !31112
  • Migrate SAST CI template to rules syntax. !31127
  • Update style of buttons on the Releases page. !31129 (Özgür Adem Işıklı @iozguradem)
  • Changed test success calculation to exclude skipped tests. !31154
  • app:gitlab:check rake task now warns when projects are not in hashed storage. !31172
  • Moves embedded metrics for Prometheus alerts to Core. !31203
  • Move Deploy.gitlab-ci.yml to rules syntax. !31290
  • Modify Snippet git path errors to be more helpful. !31333
  • Move Browser-Perfomance-Testing.gitlab-ci.yml to rules syntax. !31413
  • Use gsub instead of the Liquid gem for variable substitution in the Prometheus proxy API. !31482
  • Changed terminology of security scanner status from configure to enable. !31503
  • Update auto-deploy-image to v0.14.0 with helm 2.16.6, --atomic deployments and improved kubernetes 1.16 support. !31505
  • Add ability to add or remove MR labels via API. !31522 (Lee Tickett)
  • Disable Docker-in-Docker for Dependency Scanning by default. !31588
  • Disable Docker-in-Docker for SAST by default. !31589
  • Add migration to import changes to the system dashboard Prometheus queries into DB. !31618
  • Ensure links generated by the copy link feature contain variables. !31636
  • Migrate from Vue event hub to Mitt in issuables list. !31652 (Arun Kumar Mohan)
  • URL params in the monitoring dashboard update variable values defined in yml file. !31662
  • Migrate from Vue event hub to Mitt. !31666 (Arun Kumar Mohan)
  • Add prefix to template variables in URL in the monitoring dashboard. !31690
  • Add fields to GraphQL snippet blob type. !31710
  • Make protected_ci_variables setting enabled by default. !31715
  • Prepare group import feature to use ndjson. !31741
  • Prepare group export feature to use ndjson. !31742
  • Remove a lonely dot in Batch Comments. !31783 (Gilang Gumilar)
  • Update auto-deploy-image to v0.15.0, with an upgraded PostgreSQL chart used by default for Auto DevOps deployments. !31799
  • Force hashed storage to always be enabled. !31801
  • Add alert counts by status to GraphQL API. !31818
  • Show warning message to user if raw text search is used when filtering pipelines. !31942
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/milestones/shared/components/delete_milestone_modal.vue. !31990 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/confidential_merge_request/components/dropdown.vue. !31999 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/diffs/components/diff_discussions.vue. !32004 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/boards/components/board_form.vue. !32005 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/repository/components/breadcrumbs.vue. !32017 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/users/calendar_activities.html.haml. !32094 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/users/_deletion_guidance.html.haml. !32097 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_ref_dropdown.html.haml. !32102 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_recaptcha_form.html.haml. !32106 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_project_limit.html.haml. !32110 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_personal_access_tokens_table.html.haml. !32116 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_milestones_filter.html.haml. !32120 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_milestone_expired.html.haml. !32121 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_label_row.html.haml. !32124 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_group_tips.html.haml. !32127 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_group_form.html.haml. !32132 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_field.html.haml. !32136 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_delete_label_modal.html.haml. !32138 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/_commit_message_container.html.haml. !32139 (Gilang Gumilar)
  • Externalize i18n aria-label strings from ./app/views/shared/*. !32142 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_top.html.haml. !32148 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_milestone.html.haml. !32154 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_merge_requests_tab.haml. !32158 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_labels_tab.html.haml. !32159 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_issues_tab.html.haml. !32160 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/milestones/_issuable.html.haml. !32161 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/_sidebar.html.haml. !32164 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/_nav.html.haml. !32165 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/label*. !32167 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/_close_reopen_report_toggle.html.haml. !32168 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/_close_reopen_button.html.haml. !32172 (Gilang Gumilar)
  • Externalize i18n strings from ./app/views/shared/issuable/_bulk_update_sidebar.html.haml. !32173 (Gilang Gumilar)
  • Add files param to snippet create mutation. !32309
  • Cluster index refactor: Add missing pagination. !32338
  • Refactored render errors for blob to Vue. !32345
  • Format the alert payload into a table view. !32423
  • Add presence validation to content and title in snippet rest endpoints. !32522
  • Fix jump to definition linking to same file opening a new tab.

Performance (15 changes, 2 of them are from the community)

  • Speed up NOT Issue filters. !27639
  • Add indexes on ingress, enabled clusters and successful deployments. !28331
  • Add clusters index to improve usage data queries. !28626
  • Uses Kubernetes API conventions to create or update a resource leandrogs. !29010 (Leandro Silva)
  • Cache TreeSummary response for logs_tree. !29828
  • Move release notification from model callbacks to service. !29853 (Ravishankar)
  • Delete orphaned rows in application_settings table. !29981
  • Improve cacheability of monaco-editor code. !30032
  • Project import queries are now partially batched. !30057
  • Upgrade json gem to 2.3.0. !30852
  • Use process-wide cache for application settings and performance bar. !31135
  • Record usage ping finish time. !31222
  • Use NOT VALID to enforce a not null constraint on file store columns. !31261
  • Enable ref name caching for merge request diffs. !31530
  • Skip mergeability check when listing MRs in the API. !31890

Added (146 changes, 13 of them are from the community)

  • Graphql query for issues can now be sorted by priority. !18901
  • Add test report API route. !24648
  • Add GraphQL support for querying a board's lists. !24812
  • Define remove_label quick action as alias of unlabel. !24962 (Jacopo Beschi @jacopo-beschi)
  • Create Wiki activity events on pushes to Wiki git repository. !26624
  • Allow users to download a CSV of the recent daily code coverage values per job. !27094
  • Display x509 signed tags. !27211 (Roger Meier)
  • Enabling git versioned snippets. !27705
  • Add option to hide the default "thumbs up" and "thumbs down" buttons on issues, merge requests, and snippets. !27734 (Steve Mokris)
  • Add sorting issues by label priority to graphQL endpoint. !27936
  • Add certification revocation list download and certificate revoke. !28336 (Roger Meier)
  • Add WebIDE Dark Theme Support. !28407
  • Add secure binaries template. !28566
  • LDAP authentication support for admin mode. !28572 (Diego Louzán)
  • Add UI for exporting group data to the group settings. !28573
  • Allow to assign milestones to a release on the "Edit Release page". !28583
  • Add Previous and Next buttons for commit-by-commit navigation. !28596
  • Add the global var SECURE_ANALYZERS_PREFIX. !28617
  • Allow users to retry obtaining Let's Encrypt certificates for GitLab Pages. !28784
  • Add support for cluster applications CI artifact report. !28866
  • Add resource_state_events table. !28926
  • Migration to add partitioned_foreign_keys table that tracks foreign keys for partitioned tables. !29064
  • Collect object store config in usage data. !29149
  • Add freeze period model. !29162
  • Moved issue board focus mode to Core and available for for everyone. !29200
  • Add freeze periods via CI_DEPLOY_FREEZE variable. !29244
  • Add intermediate CAs capability to S/MIME email signature. !29352 (Diego Louzán)
  • Add responding to ChatOps jobs triggered in Mattermost. !29366 (Brian Kintz)
  • Expose Freeze Periods in REST API. !29382
  • Add read/write_package_registry to deploy_tokens. !29383
  • Add public API for feature flag user lists. !29415
  • Create cluster annotations API endpoint. !29502
  • Add ability to change metrics dashboard visibility. !29634
  • Add percentage of actors feature flag rollout. !29698
  • Add metric dashboard public visibility toggle. !29718
  • Route to feature flags based on internal id. !29740
  • Send email notification for unknown sign-ins. !29741
  • Add search by name to registry image repositories. !29763
  • Surface alerts add empty state. !29775
  • Enable uploadpack filters by default. !29787
  • Select the first option if there is only one metric option on alerts dropdown. !29857 (Gilang Gumilar)
  • Add table for Alert Management alerts. !29864
  • Add policies for managing 'default_branch_protection' setting in groups. !29879
  • Add comment_detail column to services. !29891
  • Add option to add custom profile image guidelines. !29894 (Roger Meier)
  • View a details of a panel in 'full screen mode'. !29902
  • Add database relation to preserve users starred metrics dashboard information. !29912
  • Add jira imports to usage data. !29925
  • Add issues_create_limit to settings api. !29960
  • Map labels from Jira to labels in GitLab. !29970
  • Add Deployment to ECS process to AutoDevOps. !29971
  • GraphQL issue queries can now be sorted by milestone due date. !29992
  • Add table for tracking issues published to status page. !29994
  • Create Sprints table and barebones model. !30125
  • When viewing a single panel, return to a full dashboard by pressing the Escape key. !30126
  • Flesh out Sprints relationships and constraints. !30127
  • Add GraphQL type for reading Alert Management Alerts. !30140
  • Add ability to query Projects using GraphQL API. !30146
  • Add web_url to branch API response. !30147
  • Fix Jira importer URLs. !30155
  • Add migrations for global CI variables. !30156
  • Add vue routes support to Static Site Editor. !30163
  • Integrate CI instance variables in the build process. !30186
  • Add raw_blob_request_limit to Application Settings API. !30211
  • Empty state for alerts list. !30215
  • Create operations_strategies_user_lists table. !30243
  • Adds URL parameter for confidential new issue creation. !30250
  • Update Jira comment to include more information. !30258
  • Add scheduled_at field to jira_imports table. !30284
  • Alerts list loading & error state. !30315
  • Deploy token authentication for API with Maven endpoints. !30332
  • Add metrics dashboard annotations feature, which enables marking interesting events over metrics dashboard charts. !30371
  • Add non_archived argument to issues API endpoint. !30381
  • Add admin controller actions for interacting with instance variables. !30385
  • Add mutation to create a new branch in GraphQL. !30388
  • Introduce API for fetching shared projects in a group. !30461
  • Display expanded dashboard from a panel's "Link to chart" URL. !30476
  • Resolve Design Comment: Edit Comment text. !30479
  • Map Jira issue assignee and author. !30498
  • Add email notification on group export complete. !30522
  • Add option to restrict emails that match a configured regular expression. !30548
  • In metrics dashboard use custom variables from URL in queries. !30560
  • Add mutation for AlertManagement's Alert status. !30576
  • Multiple metrics edit navigates to prom edit page. !30666
  • Update metrics dashboard url when a panel is expanded or contracted. !30704
  • Add migration bot user. !30738
  • Issues Analytics: Add title to page. !30836
  • Contribution Analytics: Add title to page. !30842
  • Insights Analytics: Add title to page. !30853
  • Repository Analytics: Add title to page. !30855
  • CI / CD Analytics: Add title to page. !30891
  • Enable Monaco for editing Snippets by default. !30892
  • Disabled Edit button for binary snippets. !30904
  • Monokai and Solarized Dark syntax highlighting theme for Web IDE. !30931
  • Updated deprecated buttons in release page. !30941 (Özgür Adem Işıklı @iozguradem)
  • Add sorting to AlertManagement Alert Graphql. !30964
  • Web IDE: Introduce syntax highlighting for .vue files. !30986
  • Solarized light syntax highlighting theme for the Web IDE. !30989
  • Deploy tokens can be used in the API with Basic Auth Headers enabling NuGet and PyPI to be used with deploy tokens. !31035
  • Skip spam check for GitLab team members on gitlab.com. !31052
  • None syntax highlighting theme for Web IDE. !31056
  • Issues Analytics: Add title to group-level page. !31057
  • Display metrics dashboards starred by user at the top of dashboard select field. !31059
  • Add WYSIWYG editor to the Static Site Editor. !31099
  • Conan registry is accessible using deploy tokens. !31114
  • Add container registry settings to application_settings table. !31125
  • Added provider icon to cluster index display. !31134
  • Add a CI variable CI_KUBERNETES_ACTIVE as an alternative to only:kubernetes/except:kubernetes that works with the rules syntax. !31146
  • Enable Alert Management functionality. !31171
  • Allow monitoring dashboard users to open single panels in a new tab. !31206
  • Create dashboard annotations via Graphql. !31249
  • Enable deploy token authentication for the NPM registry. !31264
  • Add read and write package registry scopes to deploy tokens. !31267
  • Read only storage move API. !31285
  • Add Design Management (via Designs tab on Issues) to GitLab FOSS. !31309
  • Exposes issue IID in Alert Management Alert's GraphQL endpoint. !31313
  • New API endpoint for starring metrics dashboards. !31316
  • Add search bar to container registry image list. !31322
  • Highlight focused Design discussion in image markers. !31323
  • Allow showing merge request diffs compared to current version of target branch. !31325
  • Add alert on project issues page to show Jira import is in progress. !31329
  • Add API CRUD actions for instance-level CI/CD variables. !31342
  • Add alert on project issues page to show Jira import has finished. !31375
  • Filter pipelines by trigger author and branch name. !31386
  • Add incident_labeled_issues to usage ping. !31406
  • Refactored Snippet view to Vue. !31450
  • Make report-type artifacts available for download. !31513
  • Render dropdown and text elements based on variables defined in monitoring dashboard yml file. !31524
  • Add expunge deleted messages option to mailroom. !31531 (Diego Louzán)
  • Log Cloudflare request headers. !31532
  • Allow Web IDE markdown to preview uncommitted images. !31540
  • Add Webex Teams project integration service. !31543 (Sebastian Leuser)
  • Add Rubocop cop to flag keyword arguments usage in Sidekiq workers. !31551 (Arun Kumar Mohan)
  • Allow users to star/unstar dashboards which will appear at the top of their dashboards options. !31597
  • Add ability to create merge request from vulnerability page. !31620
  • Add confidential status support for comment and replies. !31622
  • Add Web IDE pipelines usage counter. !31658
  • Ruby metrics now include USS and PSS memory readings. !31707
  • Add issues_created_gitlab_alerts to usage ping. !31802
  • Add Alert Detail view. !31877
  • New API endpoint for removing stars from metrics dashboards. !31892
  • View raw file of any zip artifacts. !31912
  • Add search to Alert Management Alerts GraphQL query. !32047
  • Add "Keep divergent refs" option for push mirrors. !32381
  • Add fields to Alert Details view. !32392
  • Update GitLab Pages to 1.18.0.

Other (70 changes, 25 of them are from the community)

  • Remove Admin -> Settings -> Geo navigation. !21005 (Lee Tickett)
  • removes store logic from issue board models. !21400 (nuwe1)
  • removes store logic from issue board models. !21408 (nuwe1)
  • Moves updateIssue from issue model to board store. !21414 (nuwe1)
  • Improve error handling of squash and rebase. !23740
  • Remove obsolete bot_type column. !27076
  • Remove obsolete columns from resource_milestone_events. !28536
  • Add index to issue_id and created_at of resource_weight_events. !28930
  • Clean up & Re-arrange the keyboard shortcuts modal. !28992
  • Remove ci_expose_arbitrary_artifacts_in_mr feature flag. !29363 (Lee Tickett)
  • Remove git_archive_path feature flag. !29369 (Lee Tickett)
  • Rename Snippet search results title. !29599
  • Update to Rails 6.0.2.2. !29743
  • Log server responses of API bad requests in api_json.log. !29839
  • Clean up refresh fix for cancel automatic merge. !29844
  • Add snippet repository backfilling migration. !29927
  • Remove the SIDEKIQ_REQUEST_STORE configuration. !29955
  • Increase label list label column width. !29963
  • Refactor count queries to single query on Projects::EnvironmentsController. !30073 (Sashi Kumar)
  • Update text on self-managed sign in page. !30135
  • Remove namespaces.plan_id column. !30351
  • Migrate models and policies specs to consider admin mode. !30430 (Diego Louzán)
  • Upgrade Nokogiri to v1.10.9. !30435
  • Add snippet migration rake tasks. !30489
  • Error tracking target blank empty state. !30525
  • Remove elasticsearch_experimental_indexer column. !30628
  • Update the template for Static Site Editor / Middleman. !30642
  • Remove unused cluster configuration workers. !30695
  • Remove deprecated Snippet code attribute from Project Snippets API. !30739
  • Update merge request widget question mark icons. !30759
  • Value Stream Analytics: Add title and remove separator. !30841
  • Remove mention of github-markup in Wiki clone help. !30962
  • Alert Management mobile styling. !31082
  • Allow Auto DevOps Test stage to start immediately. !31185
  • Enable async_merge_request_check_mergeability by default. !31196
  • Cleanup background migration for populating user_highest_roles table. !31218
  • Add docs for alert management list. !31225
  • Remove extra spaces from markdown toolbar items. !31288
  • Use cookies with metadata to prevent reuse as another cookie. !31311
  • Add inherit_from_id column to services table. !31320
  • Organize package models by package type. !31346 (Sashi Kumar)
  • Apply active class on active link element in HAML pagination. !31396
  • Update GitLab Runner Helm Chart to 0.16.1. !31492
  • Log when container registry permissions are denied. !31536
  • Add epic_id to resource_state_events. !31587
  • Update doorkeeper to latest version 5.0.3. !31673
  • Add Foreign Key on projects.namespaces_id. !31675
  • Fix misalignment of author dropdown on the commits search page. !31686
  • Update css-loader ^1.0.0 -> ^2.1.1. !31743 (Pirate Praveen)
  • Fix database schema inconsistency with not-null checks. !31930
  • Removes create_confidential_merge_request feature flag leandrogs. !31968 (Leandro Silva)
  • Update deprecated slot syntax in ./app/assets/javascripts/issue_show/components/fields/description.vue. !31979 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/milestones/shared/components/promote_milestone_modal.vue. !31980 (Gilang Gumilar)
  • Update group and project export info messages. !31981 (briankabiro)
  • Relocate Nuget presenter helpers to presenters module. !31985 (Sashi Kumar)
  • Update deprecated slot syntax in ./app/assets/javascripts/pages/admin/users/components/delete_user_modal.vue. !31992 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/performance_bar/components/detailed_metric.vue. !32006 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/profile/account/components/delete_account_modal.vue. !32007 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/environments/components/stop_environment_modal.vue. !32012 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/serverless/components/area.vue. !32015 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/releases/components/app_edit.vue. !32018 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/releases/components/evidence_block.vue. !32019 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/ide/components/ide_review.vue. !32025 (Gilang Gumilar)
  • Update deprecated slot syntax in ./app/assets/javascripts/ide/components/pipelines/list.vue. !32027 (Gilang Gumilar)
  • Update alert management table background colour to correct gray. !32068
  • Validate package types in package metadatum models. !32091 (Sashi Kumar)
  • Update error tracking table background colour to correct gray. !32133
  • Update GitLab Elasticsearch Indexer to v2.3.0. !32199
  • Update asciidoctor-plantuml gem to v0.0.12. !32376
  • Use visitUrl in Alert management. !32414

12.10.14 through 12.0.0

11.11.8 through 11.0.0

10.8.6 through 10.0.0

9.5.10 through 0.8.0