debian-mirror-gitlab/CHANGELOG.md

Note: This file is automatically generated. Please see the developer documentation for instructions on adding your own entry.

16.0.7 (2023-07-04)

Security (1 change)

• Add authorization to the subscriptions group controller (merge request)

16.0.6 (2023-06-28)

Security (12 changes)

• Revert 'security-leaked-ci-job-token-permission-16-0' from '16-0'" (merge request)
• Use fully qualified ref when loading code owner file (merge request)
• Maintainer can leak masked webhook secrets by manipulating URL masking (merge request)
• Remove approvals when the only commit gets amended (merge request)
• Add authorization validation to GithubController#failures action (merge request)
• Fix for fork permissions check in compare controller (merge request)
• Webhook token leaked in Sidekiq logs if log format is 'default' (merge request)
• Mitigate epic reference filter ReDOS (merge request)
• Increasing security for CI_JOB_TOKEN on public and internal projects (merge request)
• Adjust access to value stream create, edit and destroy actions (merge request)
• Sanitize user email addresses in admin confirm user dialog (merge request)
• Obfuscate email of service desk issue creator in issue REST API (merge request)

16.0.5 (2023-06-16)

Fixed (1 change)

• Update gitlab-elasticsearch-indexer version (merge request)

Changed (1 change)

• Make MigrateSharedVulnerabilityIdentifiers use slow iteration (merge request) GitLab Enterprise Edition

16.0.4 (2023-06-08)

Fixed (1 change)

• Fix LDAP tls_options not working (merge request)

16.0.3 (2023-06-06)

Fixed (3 changes)

• Fix memory leak in CI config includes entry (merge request)
• Fix MR approval rules sync when disabling scan result policy (merge request) GitLab Enterprise Edition
• Fix serialization of pull requests in BitbucketServer Import (merge request)

Performance (1 change)

• LFS: Serve pre-signed URLs in /lfs/objects/batch (merge request)

16.0.2 (2023-06-05)

Fixed (1 change)

• Fix Sidekiq crash when gitlab.yml contains UTF-8 characters

Changed (1 change)

• Introduce parallelised BitBucket Server Importer

Security (16 changes)

• Fix DoS on test report artifacts (merge request)
• Fix XSS in Abuse Reports form action (merge request)
• Escape the source branch link correctly (merge request)
• Import source owners with maintainer access if importer is a maintainer (merge request)
• Filter inaccessible issuable notes when exporting project (merge request)
• Block tag names that are prepended with refs/tags/, due to conflicts (merge request)
• Set IP in ActionContoller filter before IP enforcement is evaluated (merge request)
• Prevent primary email returned as verified on unsaved change (merge request)
• Use UntrustedRegexp to protect FrontMatter filter (merge request)
• Improve ambiguous_ref? logic to include heads and tags (merge request)
• Use UntrustedRegexp to protect InlineDiff filter (merge request)
• Ignore user-defined diff paths in diff notes (merge request)
• Reject NPM metadata requests with invalid package_name (merge request)
• Use UntrustedRegexp to protect MathFilter regex (merge request)
• Resolve Overall Project Vulnerability Disclosure (merge request)
• Validate description length in labels (merge request)

16.0.1 (2023-05-22)

Security (1 change)

• Fix arbitary file read via filename param (merge request)

16.0.0 (2023-05-18)

Added (168 changes)

• Add X-GitLab-ConfidentialIssue: header boolean by @micah (merge request)
• Adds CI information to candidate detail (merge request)
• Added pipelines shortcut by @AlexNewson (merge request)
• Add user deactivate service (merge request) GitLab Enterprise Edition
• Updated code based on suggestion (merge request)
• feat: Add lock_version to milestone by @gerardo-navarro (merge request)
• Enable import_details_page ff by default (merge request)
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add specs for ApprovalProjectRule creation (merge request)
• Add environment tier to deployment webhooks (merge request)
• Add keyword to allow multiple cache fallback keys by @renehernandez (merge request)
• Add emoji awards for work item (merge request) GitLab Enterprise Edition
• GraphQL project fields for refs containing a commit (merge request)
• Make group-level git protocol control available (merge request)
• [Audit Events] Asynchronous database index addition (merge request) GitLab Enterprise Edition
• Show alert about any configured deploy freezes (merge request)
• Model and table for google cloud logging integration (merge request)
• Add to do widget for work items (merge request) GitLab Enterprise Edition
• Add Zola template for .gitlab-ci.yml by @homersimpsons (merge request)
• Allow sending secret detection vulnerabilities to the AI API (merge request) GitLab Enterprise Edition
• Enable realtime approval updates by default (merge request)
• Add coverage fuzzing to registration features (merge request) GitLab Enterprise Edition
• Add update_design permission to check user rights to edit description (merge request)
• Add blocked_by and blocks quick actions for issues (merge request) GitLab Enterprise Edition
• Implement YAML config file for the Value stream dashboard (merge request) GitLab Enterprise Edition
• Add branches to the initial Jira data sync (merge request)
• Adds PAT based auth (merge request)
• Add model for storing ai ci editor conversations (merge request)
• Add dismissal reason and comment to vulnerability bulk updates (merge request) GitLab Enterprise Edition
• Add a Breach and Attack Simulation CI template (merge request) GitLab Enterprise Edition
• Add support for npm group level endpoints in compressed json middleware (merge request)
• Add RTL support in content editor (merge request)
• Add support for basic auth on Maven registry download endpoints (merge request)
• Add health_status to webhook payload data (merge request) GitLab Enterprise Edition
• Add update action and update service for Abuse Reports (merge request)
• Resource access token rotation API (merge request)
• Add model for storing ai ci editor conversations (merge request)
• Add ability to read_vulnerability to custom roles (merge request)
• Extend VertexAi::Client to add text/code/message_chat methods (merge request) GitLab Enterprise Edition
• Add documentation for Compliance Framework CSV Export (merge request) GitLab Enterprise Edition
• Enable feature flags for new runner creation (merge request)
• Add SecureFlag training provider by @bruce.lay (merge request)
• Support + and +s reference expansion for work items (merge request)
• Shows link to jobs on the list of Ml::Candidate (merge request)
• Create a service to build npm metadata cache record (merge request)
• Enable the feature flag ci_include_components (merge request)
• Add HLL counter for projects that initialize product analytics (merge request) GitLab Enterprise Edition
• Add merged merge request delete audit event (merge request) GitLab Enterprise Edition
• PAT rotation API (merge request)
• Enable work item conversion (merge request)
• Add GraphQL query for inherited CI variables (merge request)
• Allow remember me to be set in Admin area general settings (merge request)
• Add truncated text component (merge request)
• Show services on Environments index page (merge request)
• Backend to allow remember me to be disabled (merge request)
• Remote Development feature behind a feature flag (merge request)
• Add vulnerabilities counts to VSD (merge request) GitLab Enterprise Edition
• Add GraphQL support for visibility_pipeline_id (merge request)
• Add type quick action for work items (merge request)
• Expose reference and createNoteEmail fields (merge request)
• Add runner field to job_type by @TrueKalix (merge request)
• Create routing table for ci_builds (merge request)
• Geo Sites - Add primary last event id (merge request) GitLab Enterprise Edition
• Add data migration for human user type (merge request)
• Implement Gitlab::Llm::Anthropic::Client (merge request)
• Skip copy job artifacts uploaded to final location (merge request)
• Implement runner backoff for migrations (merge request)
• Expose Issues Completed under GraphQL flow metrics (merge request) GitLab Enterprise Edition
• Preload SamlProvider for cross child epics groups (merge request) GitLab Enterprise Edition
• Only allow user to be remembered if application setting enabled (merge request)
• Enable vsa_group_and_project_parity FF by default (merge request) GitLab Enterprise Edition
• Add RedisHLL counter for creating dashboards (merge request) GitLab Enterprise Edition
• Add redis counter for viewing dashboard (merge request) GitLab Enterprise Edition
• Geo Sites - Read Help Icon to Secondary Site (merge request) GitLab Enterprise Edition
• Add new properties to GET /users/:user_id/projects (merge request)
• Add export button for framework report (merge request) GitLab Enterprise Edition
• Add support for cancelling drag on Esc key press (merge request) GitLab Enterprise Edition
• Add ability to filter github repositories by relation type (merge request)
• Enable GlFilteredSearch terms-as-tokens prop on Plan pages (merge request)
• Add output moderation to OpenAI::Client (merge request) GitLab Enterprise Edition
• Add ability to add/edit compliance frameworks directly from report (merge request) GitLab Enterprise Edition
• Add Value Stream Dashboard tracking table (merge request)
• Skip phone verification when TeleSign is down (merge request) GitLab Enterprise Edition
• Disallow runner registration if allow_runner_registration_token disabled (merge request)
• Add new table to store note metadata (merge request)
• Allow all users to opt-in to the navigation redesign beta (merge request)
• Adding create API for instance audit external destinations (merge request) GitLab Enterprise Edition
• Adds link to settings from dependency proxy (merge request)
• Reflect state transition comments in system notes (merge request) GitLab Enterprise Edition
• Associate Ml::Candidate to Ci::Build (merge request)
• Create the Organization model (merge request)
• Adds digest label & copy button for dependency proxy UI (merge request)
• Add support for new vulnerability status filtering (merge request) GitLab Enterprise Edition
• Enable sync_approval_rules_from_findings by default (merge request)
• Add option to keep quick actions in text (merge request)
• Add Abuse Reports Detail View (merge request)
• Add moderation to OpenAI::Client (merge request) GitLab Enterprise Edition
• Add settings to database (merge request)
• Add runners to job/pipeline seed data by @TrueKalix (merge request)
• Create Abuse Report Events table (merge request)
• Add project cell admin jobs vue by @TrueKalix (merge request)
• Add Remember Me Enabled to Application Settings (merge request)
• Create a new table to hold diff summaries (merge request)
• Create bot user when security policy is linked (merge request)
• Autofocus link URL when editing link (merge request)
• Add geo_sites API endpoint (merge request) GitLab Enterprise Edition
• Add PA configuration to project level settings (merge request)
• Add ref_path to CI job JWTs (merge request)
• Allow uploading more image types (merge request)
• Add maximum length validation for ci_builds columns (merge request)
• Add cost tracking to OpenAi::Client (merge request) GitLab Enterprise Edition
• Create partitioned table for VSD counts (merge request)
• Feature Flag: Add FF for Rust metrics marshaling (merge request)
• Add registry table to track replication and verification state (merge request)
• Add column visibility_pipeline_id (merge request)
• Enable feedback deprecation by default (merge request)
• Improve the performance of the "vulnerability report" page (merge request) GitLab Enterprise Edition
• Add maintenance mode to registration features (merge request) GitLab Enterprise Edition
• Adds link to settings on container registry image list page (merge request)
• Add first assigned to Issue and MR events to VSA (merge request) GitLab Enterprise Edition
• Add the tanuki_bot migration/model (merge request) GitLab Enterprise Edition
• Enable mr widget V2 by default (merge request)
• Improve error messages by @TrueKalix (merge request)
• Enable use_merge_base_for_security_widget by default (merge request)
• Add support for TOFA AI API (merge request)
• Add private endpoint to show github import errors (merge request)
• Track spam scores for users (merge request)
• Add ci_max_includes to application settings (merge request)
• Add tooltips to Value Stream Dashboard sparkline charts (merge request) GitLab Enterprise Edition
• Add jobs count admin jobs vue by @TrueKalix (merge request)
• Add geo sites fixtures schemas (merge request) GitLab Enterprise Edition
• Add Tanuki Bot backend service and API (merge request) GitLab Enterprise Edition
• Add artifacts management page (merge request)
• Show services on Environments index page (merge request)
• Add ciPipelineStage to QueryType (merge request)
• Add the tanuki_bot migration/model (merge request) GitLab Enterprise Edition
• Introduce "update filters" popover after assigning framework (merge request) GitLab Enterprise Edition
• Enable dismissal_reason feature flag by default (merge request) GitLab Enterprise Edition
• Report abuse to admin for WI notes (merge request)
• Enable Fetching upstream to the fork (merge request)
• Add ability to add/remove compliance framework from single item (merge request) GitLab Enterprise Edition
• Add backend for setWorkItemMetadata (merge request)
• Add display_color to epic_boards (merge request)
• Add ability to disable social feature (following) (merge request)
• Add job filter admin jobs vue by @TrueKalix (merge request)
• Add user feedback (merge request) GitLab Enterprise Edition
• Add intersection observer admin jobs vue by @TrueKalix (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Set minimum role for importing projects to Maintainer (merge request)
• feat: New REST api endpoint to fetch CI_JOB_TOKEN access settings by @gerardo-navarro (merge request)
• Store MR and issue assignment events (merge request)
• Index for namespaces by root namespace lookup (merge request)
• Add skeleton loader to admin jobs vue by @TrueKalix (merge request)
• Show work item id in breadcrumb (merge request)
• Admins can edit arkose_risk_band (merge request) GitLab Enterprise Edition
• Introduce circuit breaker for OpenAI client (merge request)
• Switch status tabs by @TrueKalix (merge request)
• Promote Key Result to Objective (merge request)
• Add Environments::Stop mutation (merge request)
• Add branch filtering for compliance violations report (merge request) GitLab Enterprise Edition
• Add Sidekiq execution SLI as apdex (merge request)
• Add API to toggle pass_user_identities_to_ci_jwt by @joe-snyder (merge request)
• Add sync index security_scans_on_pipeline_id_and_scan_type (merge request)
• Adds request forwarding warning to package details modal (merge request)
• Adds confirmation prompt to container image repository delete modal (merge request)
• Prepare todos for bigint migration (merge request)
• Change fetch policy for work item detail (merge request)
• Populate missing dismissal info (merge request)

Fixed (163 changes)

• Add top margin to admin email alert (merge request) GitLab Enterprise Edition
• Update by_parent filter in EpicsFinder (merge request) GitLab Enterprise Edition
• View projects pending deletion from subgroup (merge request) GitLab Enterprise Edition
• Fixes roadmap timeline bar alignment (merge request) GitLab Enterprise Edition
• Fix no_proxy not working when DNS rebinding protection enabled (merge request)
• Handle String response in ResponseLogger (merge request)
• Fix case sensitive GraphQL username argument (merge request)
• Fix bridge status not inheriting canceled (merge request)
• Fixed how series render and legend in VSA Overview "Total time" chart (merge request) GitLab Enterprise Edition
• Updating PipelineJobResolver for type filter (merge request)
• Make new jira_auth_type Jira API argument optional (merge request)
• Fix pending status when SecureFlag has no content (merge request) GitLab Enterprise Edition
• Fix auditing of merged merge request when metrics are nil (merge request) GitLab Enterprise Edition
• Skip to main content interactive when super sidebar is inert (merge request)
• Remove extra top padding on collapsible discussion (merge request)
• Fix the query when migration add_suffix_project_in_wiki_rid not finished (merge request) GitLab Enterprise Edition
• Fix event location detection for the branch list (merge request)
• Add a boolean field hidden in the MergeRequest ES mapping (merge request) GitLab Enterprise Edition
• Removing Ci:Bridge jobs from ProjectJob#show (merge request)
• Replace stable Terraform CI templates with latest templates (merge request)
• Status checks widget: Remove double bottom border (merge request)
• Fix border on description box (merge request)
• Fix syntax highlighting on Wiki Diff pages (merge request)
• Update GraphQl spec to include SHARED_INTO_ANCESTORS (merge request)
• Fix height calculations with roadmap to prevent extra scrollers (merge request) GitLab Enterprise Edition
• Fix comments template dropdown being hidden (merge request)
• Include shared from groups members in the projects members (merge request)
• Fix container scanning via group level policy (merge request)
• Append bubble menus to body (merge request)
• Fix MR activity filtering (merge request)
• Do not autofocus the description field (merge request)
• Remove epic date fields authorization (merge request) GitLab Enterprise Edition
• Namespace the Gitlab constant to avoid NameError (merge request)
• Fixes missing background in tasks (merge request)
• Alter installation_creation_date metric logic (merge request)
• Move feature-flag to outside pipelined block (merge request)
• Return the error when failed to register runner (merge request)
• Fix avatar when commit email is an empty string (merge request)
• Allow merge when rules are invalid for security policy project (merge request) GitLab Enterprise Edition
• Fix redirect for work items notes for diffPath and deletePath (merge request)
• Lock tables before dropping the LFK trigger (merge request)
• Update new navigation nav item badge positon and hover styles (merge request)
• Do not limit batch_size in migration (merge request) GitLab Enterprise Edition
• Clicking task item doesn’t when using “1)” (merge request)
• Prevent logged in user from blocking themselves in abuse reports (merge request)
• Fix incorrect handler location for list of branches (merge request)
• Show detected licenses with their URLs (merge request) GitLab Enterprise Edition
• Fix active state overlay in content editor (merge request)
• Add missing license check for project approval rules endpoints (merge request) GitLab Enterprise Edition
• Fixes Content-Type for Service Desk emails with attachments (merge request)
• Fix DORA deployment frequency calculation (merge request) GitLab Enterprise Edition
• Resolve "Immediately preview when editing a broadcast message" (merge request)
• Fix group blobs search permission when migration is not complete (merge request) GitLab Enterprise Edition
• Fix arguments in container replication event (merge request) GitLab Enterprise Edition
• Fixes NoMethod when tags are empty (merge request)
• Fixing a misspelling of "absence" (merge request)
• Fixed issue description editor keeping autosaved data after save by @zillemarco (merge request)
• Do not show issuable email address when FF is on (merge request)
• SSO enforcement shouldn't require SSO for non-members and public groups (merge request) GitLab Enterprise Edition
• Fallback to highlighting HAML with Rouge (merge request)
• Hide Add button in issue if user has Guest role (merge request)
• Fix TypeError exceptions in UpdateMergeRequestWorker (merge request)
• Fixes shortcut not working without focus (merge request)
• Fixes rich text editor not wrapping on mobile (merge request)
• Fix loading Web IDE Beta outside gitlab_url (merge request)
• Follow k6's rename of ex/sample folder (merge request)
• Fixes registry search alignment (merge request)
• Fix tab count admin jobs vue by @TrueKalix (merge request)
• Enable "inherit_approval_rules_on_creation" feature flag (merge request)
• SSO enforcement should respect Admin Mode for groups access (merge request) GitLab Enterprise Edition
• Remove counter_attribute_db_lease_for_update FF (merge request)
• Fix empty attachments 500 error in NPM package PUT request (merge request)
• Fix conan search to not find instance-wide packages on project-level (merge request)
• Fix Stop Environment Diaglog shows wrong text (merge request)
• Use trueup_period_seat_count for true-up check (merge request) GitLab Enterprise Edition
• Make sure /api/v4/geo_nodes/current/failures works with the unified URL (merge request)
• Inject apollo for pipelines table (merge request)
• Checks loaded visualisation for tree traversal (merge request) GitLab Enterprise Edition
• Cleanup leftovers in packages_dependencies table (merge request)
• Globally enable ff filter_vulnerability_findings_dismissed_on_default (merge request) GitLab Enterprise Edition
• Fix root_ancestor undefined method error (merge request) GitLab Enterprise Edition
• Fix custom template import permission (merge request)
• Set static page size for fetching notes (merge request)
• Put actual default branch in readme on project creation (merge request)
• Change API endpoint used when inviting a group to a project (merge request)
• Fix N+1 issue for GraphQL VulnerabilityType (merge request) GitLab Enterprise Edition
• Enable remove_scan_result_policy_transaction by default (merge request) GitLab Enterprise Edition
• Search without project namespaces (merge request)
• View projects pending deletion from subgroup (merge request) GitLab Enterprise Edition
• Crop long texts in the MR Security Reports widget (merge request) GitLab Enterprise Edition
• Fix: display correct duration for pipeline >24 hour runtime by @endera_ (merge request)
• Use fallback when avatar fails to load (merge request)
• Fix vue3 spec violation in environments_folder_view_spec.js (merge request)
• Update chat prompt to move references to the end (merge request) GitLab Enterprise Edition
• Fix installation activation bug (merge request) GitLab Enterprise Edition
• Fix for the rebase merge request state being shown incorrectly (merge request)
• Prevent errors when focusing platform button (merge request)
• Do not touch last_downloaded_at when on a geo secondary (merge request) GitLab Enterprise Edition
• Make it possible to run Puma v6 (merge request)
• Fix signing-up page renders by @lyb124553153 (merge request)
• Fix extra social dot divider (merge request)
• Make propmpt_location dynamic, fix spacing in chat (merge request)
• Allow individual pages to set super sidebar open on page load (merge request)
• Fix member source determination in group members report (merge request) GitLab Enterprise Edition
• Fix Merge request tabs page bundle loading (merge request)
• Fixes random questions being answered by Tanuki Bot (merge request) GitLab Enterprise Edition
• Fix vue3 spec violations for tree_content_spec.js (merge request)
• Fix sidekiq_remove_jobs not to run in transaction (merge request)
• Reject invalid repository archive request formats (merge request)
• Update groups header (merge request)
• Remove global audit events stream page refreshes on edits (merge request) GitLab Enterprise Edition
• Fix compliance framework creation error on GitLab premium plans (merge request) GitLab Enterprise Edition
• Fix expanded avatars list display in the MR widget (merge request)
• Work item tree tooltip fix (merge request)
• User profile fix bg for fixed with layout (merge request)
• Fix cadence description box width (merge request) GitLab Enterprise Edition
• Fix search cron worker when indexing is disabled (merge request) GitLab Enterprise Edition
• Fix invite project members modal closing on error (merge request)
• Vertically align epic colors in dropdown (merge request)
• Create unique digests for email verification tokens (merge request)
• Fix encoding error for commits endpoint (merge request)
• Fix data in import_sources column of application_settings (merge request)
• Fix burnup chart line going backwards (merge request) GitLab Enterprise Edition
• Spread sidekiq jobs on reschedule during github import (merge request)
• Remove transaction in ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Fail transfer only with namespaced npm packages (merge request)
• Removes hardcoded path to svg (merge request)
• Fix use of the bootstrap form group with label (merge request)
• Bugfix invite members modal (merge request)
• Putting CI/CD settings behind appropriate permission levels (merge request)
• Fix Web IDE Beta icons not loading in Safari by @gitlab-dependency-update-bot (merge request)
• Provide a single line of vulnerable code (merge request) GitLab Enterprise Edition
• Improve Vale's ElementDescriptors rule to catch previous false negatives by @JonstonChan (merge request)
• Fix GraphQL timelog Int overflow bug (merge request)
• Fix bug in UpdateApprovalsService when target pipeline is empty (merge request) GitLab Enterprise Edition
• Fix broken mermaid markdown rendering of milestone detail views by @gerardo-navarro (merge request)
• Use consistent orange color for low severity (merge request)
• Get rid of infinite work item calls in work item modal (merge request)
• Improve Vale's CIConfigFile rule to catch previous false negatives by @JonstonChan (merge request)
• Do not block project overview when wiki repository fails (merge request)
• Remove operations_access_level REST API field (merge request)
• Fix error when scan result policy is missing actions or rules (merge request) GitLab Enterprise Edition
• Fix layout of mr widget checkboxes (merge request)
• Scroll to job line from hash (merge request)
• Fix work item children order by relative position (merge request)
• Revert "Merge branch 'revert-allow-dots-ff' into 'master'" (merge request)
• Fix assignee avatars alignment on issues list (merge request)
• Renders indexes for Jupyter Notebooks (merge request)
• Set retry limit 2 for Zoekt::IndexerWorker (merge request) GitLab Enterprise Edition
• Don't index empty or missing repositories in Zoekt::IndexerWorker (merge request) GitLab Enterprise Edition
• Add max-width and min-width to the chat component (merge request) GitLab Enterprise Edition
• Exclude any_approver rule from being marked as invalid (merge request) GitLab Enterprise Edition
• Do not require email verification for oAuth users (merge request)
• Include forks in github repository list (merge request)
• Fix docs (merge request)
• Hide New project button if visibility is restricted (merge request)
• Ensure wiki errors are bubbled up to its form (merge request)
• Add correct widget list styles to MR dependencies (merge request)
• Fix namespace async index creation (merge request)
• Fix groups appearing for project create/import (merge request)
• Fix comments rendering in content editor (merge request)
• Fix Ci::CommitWithPipeline batch loader key (merge request)
• Do not use snapshots on single database instances (merge request)

Changed (250 changes)

• Merge request sticky header height and border bottom (merge request)
• Add default organization (merge request)
• Update external status check url visiblity (merge request) GitLab Enterprise Edition
• Upgrade DAST to version 4 (merge request) GitLab Enterprise Edition
• Added reveal/hide password input to login page (merge request)
• Enables the auto_merge_labels_mr_widget feature flag (merge request)
• Refactors ml_candidate_show (merge request)
• Move collaborators import to Advanced import setting (merge request)
• Update POST approvals endpoint (merge request) GitLab Enterprise Edition
• Update package license json schema (merge request) GitLab Enterprise Edition
• Remove namespace storage limit dates (merge request) GitLab Enterprise Edition
• Add worker behind a feature flag to check missing repositories (merge request)
• Disable Compliance pipeline field for Premium licenses (merge request) GitLab Enterprise Edition
• Update expires_at column value to 365 days from now when its nil (merge request)
• Move code suggestions beta feature to free (merge request) GitLab Enterprise Edition
• Add password complexity to registration features (merge request)
• Update environments empty state by @catinbag (merge request)
• Update new entity pages crumbs by @catinbag (merge request)
• Add description_diffs to Registration Features (merge request)
• Expose link to runner if admin (merge request)
• Stores job exceptions into sampling artifacts (merge request)
• Two column format in sign in/up page (merge request)
• Move external issue trackers and wikis from Uncategorized to Plan (merge request)
• Remove formatting bubble menu (merge request)
• Add a warning about a db requirement (merge request)
• Gitlab Chat guarded by AI toggle (merge request) GitLab Enterprise Edition
• Designs: add widget styles (merge request)
• Extend dependencies finder to group level (merge request) GitLab Enterprise Edition
• Set PostgreSQL 13 as the minimum supported version (merge request)
• Lower ProcessSyncEventsWorker dedupe TTL to 1 minute (merge request)
• Return HTTP 410 Gone status code from POST /runners endpoint (merge request)
• Upgrade to doorkeeper-openid_connect v1.8.6 (merge request)
• Disable invalid_scan_result_policy_prevents_merge by default (merge request) GitLab Enterprise Edition
• Remove "merged" icon for merge train in activity (merge request)
• Add feature flag and show new tab (merge request) GitLab Enterprise Edition
• Rename widgets to panels to align with pajamas guidelines (merge request) GitLab Enterprise Edition
• Add admin access option to protected branches and tags (merge request)
• Adds backfill migration for secure file metadata fix (merge request)
• Updates keep rules text for container cleanup policies (merge request)
• Remove stickyness from Diff Stats Header (merge request)
• Update Scan Result Policy documentation (merge request)
• Remove broadcast messages for sign in/sign up flows (merge request) GitLab Enterprise Edition
• Change cancel running button (merge request)
• Refactor group level runner registration setting by @markus.ferrell (merge request)
• Reschedule evidences migration from raw_metadata (merge request) GitLab Enterprise Edition
• Use correct migration finalisation method (merge request)
• Add Admin Mode to new navigation (merge request) GitLab Enterprise Edition
• Improve file upload experience in content editor (merge request)
• Removed autofocus from fields throughout the registration flow (merge request) GitLab Enterprise Edition
• Disable rule mode when vulnerability_states are invalid (merge request) GitLab Enterprise Edition
• UI polish: Spacing in runner list (merge request)
• Cleanup disallow_environment_name_update feature flag (merge request)
• Clarify iteration rollover depends on timezone (merge request) GitLab Enterprise Edition
• Remove user legacy Web IDE toggle (merge request)
• Schedule database index on members (merge request)
• Ignore temp schema objects (merge request)
• Notify KAS on git push events (merge request)
• Refactor compliance framework create/edit to modals (merge request) GitLab Enterprise Edition
• Upgrade to Gemnasium v4 (merge request) GitLab Enterprise Edition
• Disable importers by default in new self-manages instances (merge request)
• Add tooltips to jobs table actions (merge request)
• Add extra instructions for self-managed setup (merge request)
• Enable New Environment Details Page (merge request)
• Update layout of admin labels page (merge request)
• Fixes incorrect expiration date in secure files metadata (merge request)
• Add metrics to GCP banner by @asadath1395 (merge request)
• Add filter by package_name for dependencies (merge request) GitLab Enterprise Edition
• Updated hide/reveal password input to be reuseable (merge request)
• Unlink achievement visibility from namespace visibility by @Taucher2003 (merge request)
• Hide banner when subscription is already on cloud licensing (merge request) GitLab Enterprise Edition
• Removed autofocus on fields throughout the registration flow (merge request) GitLab Enterprise Edition
• Update status and policy drawer tab titles (merge request) GitLab Enterprise Edition
• Reorganize Analytics tab in general settings (merge request) GitLab Enterprise Edition
• Migrate all daily aggregated RedisHLL events to weekly (merge request)
• Adapt status filtering to support new values (merge request) GitLab Enterprise Edition
• Enable mirror only branches match regex feature flag by default by @lyb124553153 (merge request) GitLab Enterprise Edition
• Increment the major version of DAST API and API Fuzzing (merge request) GitLab Enterprise Edition
• Clarify message about no analytics data to show (merge request)
• Rescue errors when dropping pg_stat_statements view (merge request)
• Support deduplicated package licenses (merge request) GitLab Enterprise Edition
• Mark environment URLs as unsafe (merge request)
• Fix runtime check for Puma v6 (merge request)
• Allow just one parallel job by @mcfedr (merge request)
• Remove IncubationAlert from ml_experiments_show (merge request)
• Update Settings/Pages layout by @catinbag (merge request)
• Remove Incubation Alert from ml_experiments_index (merge request)
• Delayed deletion, enabled by default (merge request)
• Removes Incubation alert from ml_candidate_show (merge request)
• Cleanup environment_search_api_min_chars feature flag (merge request)
• Updates mermaid to 10.0.2 (merge request)
• Mark project_fingerprint as experiment (merge request) GitLab Enterprise Edition
• Enable restrict_merge_status_recheck feature flag (merge request)
• Remove feature flag ci_builds_columns_size_validation (merge request)
• Used GlBroadcastMessage for table preview by @catinbag (merge request)
• Default to two database connections for source install (merge request)
• Remove sub-nav transition animation in new sidebar (merge request)
• Update tags list (merge request)
• Remove draft_quick_action_non_toggle feature flag (merge request)
• Remove Blame page streaming feature flag (merge request)
• Enable password check on registration trial page (merge request)
• Upgrade kas-grpc gem to 0.1.0 (merge request)
• Linear groups finder queries (merge request)
• Update gitlab pages (merge request)
• Disable automatic Todo creation for approvers (merge request) GitLab Enterprise Edition
• Update commits list UI (merge request)
• Ensure all CI config loading uses correct loader (merge request)
• New layout for editors (merge request)
• Note actions: Dropdown migration to use Disclousre dropdown (merge request)
• Fix inconsistencies in new file form (merge request)
• Add empty state for jobs tab in runner details (merge request)
• Preselect trial on namespace if started inside namespace (merge request) GitLab Enterprise Edition
• Capture GRPC::ResourceExhausted error (merge request)
• Extract subscriptions comparison url to saas.rb by @orozot (merge request) GitLab Enterprise Edition
• Make operators prop required for NumberRangeSelect (merge request) GitLab Enterprise Edition
• Record first_contribution for all contributors (merge request)
• Add empty state for jobs tab in runner details by @glauciellesa (merge request)
• Enable invalid_scan_result_policy_prevents_merge by default (merge request) GitLab Enterprise Edition
• Add issue description to thank you email in SD (merge request)
• Branches list: move delete branches button into dropdown (merge request)
• Disallow negative integers for vulnerabilities_allowed (merge request) GitLab Enterprise Edition
• Disable rule mode when vulnerabilities_allowed is invalid (merge request) GitLab Enterprise Edition
• Initialize the migration to convert pk for ci_pipeline_variables (merge request)
• Set jira_dvcs_end_of_life_amnesty to default false (merge request)
• Confirm before disabling group shared runners (merge request)
• Update snippet form (merge request)
• Displays latest pipeline on package list page (merge request)
• Streamline notification style for deleting release by @catinbag (merge request)
• Restyle integrated error details info (merge request)
• Branches list: Improve list styling (merge request)
• Add backend for exporting compliance frameworks (merge request) GitLab Enterprise Edition
• Removed DORA metrics tiles from VSA Overview page (merge request)
• Add screen reader title to broadcast message (merge request)
• Reaction: Remove toast (merge request)
• Show alert when shared runners setting is disabled (merge request)
• Add first_contribution field to MR metrics (merge request)
• Remove route_hll_to_snowplow_phase3 FF (merge request)
• Add advisories to package metadata (merge request) GitLab Enterprise Edition
• Hides users from protected branch setting dropdown (merge request) GitLab Enterprise Edition
• Use native number input for weight on "New issue" form (merge request) GitLab Enterprise Edition
• Success alert when runner is assigned to project (merge request)
• Bump major version of secrets (merge request)
• Renamed View Merged YAML to Full configuration by @catinbag (merge request)
• Update dependency auto-deploy-image to v2.48.2 (merge request)
• Update edit issuables button to bulk edit (merge request)
• Avoid redundant job refetching by @TrueKalix (merge request)
• Disable Role-based Approvals for Guests/Reporters (merge request) GitLab Enterprise Edition
• Change color function to check for relative luminance (merge request)
• Initialize the migration to convert pk to bigint for ci_pipelines (merge request)
• Add info popover to status checks (merge request) GitLab Enterprise Edition
• Swap system_note_metadata.note_id to bigint (merge request)
• Add allowed vulnerabilities number information to policy drawer (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.23.0 (merge request)
• Update sast analyzer major versions (merge request)
• Use new priority label illustration in empty state (merge request)
• Release reading fingerprints from UploadedFile instance in maven upload (merge request)
• Remove package icon from package row by @catinbag (merge request)
• This MR adds preserving state of selected filters (merge request) GitLab Enterprise Edition
• Splits mlflow.rb into multiple files (merge request)
• Remove admin override for ProtectedRef Access (merge request)
• Remove unnecessary attributes for filters in vulnerability_filters.vue (merge request) GitLab Enterprise Edition
• Update stackprof to v0.0.25 (merge request)
• Remove strict_ip_enforcement feature flag for universal enablement (merge request)
• Update labels page design (merge request)
• Fetch traces only when on tab (merge request)
• Add a note to about Azure Database for PostgreSQL Flexible Server (merge request)
• Enable GraphQL subscription load balancing (merge request)
• Retain selection in content editor on blur (merge request)
• Change warning text when adding a related issue as a Guest by @LXY1226 (merge request)
• Add sorting for the dependencies_resolver (merge request) GitLab Enterprise Edition
• Never show security configuration upgrade banner in CE (merge request)
• Select range for allowed vulnerabilities using dropdown (merge request) GitLab Enterprise Edition
• Pass namespace in the params (merge request) GitLab Enterprise Edition
• Add rake task to maintain Geo SSF metric schema (merge request) GitLab Enterprise Edition
• Restrict cleanup migrations only for GitLab.com (merge request)
• Remove group_analytics_dashboards_page feature flag (merge request)
• Add buttons to access docs and copy Terraform init command by @glauciellesa (merge request)
• Upgrade Container Scanning analyzer to version 6 (merge request) GitLab Enterprise Edition
• Combine import, export, and subscribe options into dropdown (merge request)
• Cleanup legacy_merge_request_state_check_for_merged_pipelines flag (merge request)
• Update cluster management project template to latest revision (merge request)
• Remove redundant alert message for CI/CD variables setting (merge request)
• Add support for separate wiki index (merge request) GitLab Enterprise Edition
• Update docs and Rake task to require Redis 6 (merge request)
• Sign ansi2json state by default (merge request)
• Update user admin header (merge request)
• Hide borders when entering admin mode - 2 (merge request)
• Group import/export requirements button into dropdown (merge request)
• Improve TeleSign logging (merge request) GitLab Enterprise Edition
• Support custom format in getTimeago (merge request)
• Make name in ScanExecutionPolicyCommit mutation mandatory (merge request) GitLab Enterprise Edition
• Move edit compliance form into modal (merge request) GitLab Enterprise Edition
• Remove margin class from related item component (merge request)
• Remove border on merge request sticky header (merge request)
• Remove "hash form" support in alert management router by @ali_o_kan (merge request)
• Implement timeout for the blockquote banzai filter (merge request)
• Remove unused shortcuts (merge request)
• Add runner_id, runner_environment and sha claims to CI JWT V2 (merge request)
• Activity sort filter dropdown migration (merge request)
• Add running Scan Execution Policies for merge_request_event pipelines (merge request)
• This MR adds empty state selector (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in HAML files by @JonstonChan (merge request)
• Improve job fixutre by @TrueKalix (merge request)
• GraphQL: Change runner.projects default sort (merge request)
• Action Cable metrics: add labels to transmit (merge request)
• Add data to Code Quality MR diff json (merge request)
• FOSS VSA spec reflects component dir structure by @catinbag (merge request)
• Rename include:with to include:inputs (merge request)
• Update parsing of *_DISABLED variables (merge request)
• Refactor/Clean up users specs by @TrueKalix (merge request)
• Disallow NO_ACCESS for UnprotectAccessLevel#access_level (merge request) GitLab Enterprise Edition
• Clean up soft_email_confirmation ff (merge request)
• Move edit label action into dropdown (merge request)
• Preinstall prettier for gitpod (merge request)
• Hide borders when entering admin mode (merge request)
• Replaced Feature flag to reduce aggregation schedule lease (merge request)
• Adapt MR widget to support fail-closed approval rules (merge request) GitLab Enterprise Edition
• Update vendored Express project to match project template by @JonstonChan (merge request)
• Improve repo forking layout by @catinbag (merge request)
• Simplify this_desctructuring in components by @catinbag (merge request)
• Set approval rule as invalid if there are not enough approvers (merge request) GitLab Enterprise Edition
• Make new label form pajamas-compliant (merge request)
• Update admin labels page (merge request)
• Update Value Streams Dashboard title and description (merge request) GitLab Enterprise Edition
• Create a utils helper to generate date ranges by @catinbag (merge request) GitLab Enterprise Edition
• Update label styling (merge request)
• Rename 'Terraform menu' to 'Terraform states' (merge request)
• Rate limit API deletion of member (merge request)
• Improve audit streams display (merge request) GitLab Enterprise Edition
• This MR creates new filtering layout (merge request) GitLab Enterprise Edition
• Geo: Reduce exclusive lease log noise (merge request) GitLab Enterprise Edition
• Update issuable list design (merge request)
• This MR migrates Dropdown to RefSelector (merge request)
• Add small animation to "Finish review" button (merge request)
• Move code suggestions feature to Premium (merge request) GitLab Enterprise Edition
• Use merge_base_pipeline for security report comparison MR widget by @jimmy-outschool (merge request) GitLab Enterprise Edition
• Auto-selects labels created in dropdown (merge request)
• Move streaming frontend bundle to separate action (merge request)
• Reschedule migration for (merge request) GitLab Enterprise Edition
• Expose valid_runner_registrars in Application Settings API by @tomsiewert (merge request)
• Always show target url on note email (merge request)
• Use textarea instead of text field for label description (merge request)
• Restyle color chips in label selector (merge request)
• Update issuable lists (merge request)
• Remove futile colon in userfacing Error Message util (merge request)
• Combine RSS and calendar options into dropdown on dashboard issues (merge request)
• Fix right padding on LDAP radio buttons (merge request) GitLab Enterprise Edition
• Adjusts param handling in namespace API (merge request) GitLab Enterprise Edition
• Update openssl gem to v3.1.0 (merge request)
• Update dependency auto-build-image to v1.32.0 (merge request)
• Update dependency auto-deploy-image to v2.48.1 (merge request)

Deprecated (15 changes)

• Add Metrics Dashboard GraphQL API to FF (merge request)
• Move merged_by under pull_request namespace (merge request)
• Announce deprecation of omnibus packaged Grafana (merge request)
• Return an empty pipelines in the package REST API payload (merge request)
• Deprecate backfill traversal ids to blobs and wiki blobs (merge request) GitLab Enterprise Edition
• Analyzer consolidation for 16.0 (merge request)
• Deprecate obsolete migrations (merge request) GitLab Enterprise Edition
• Move reviews under to pull_request namespace (merge request)
• GraphQL: Rename RunnerMembershipFilter to CiRunnerMembershipFilter (merge request)
• Remove CreateCrossProjectPipelineWorker (merge request)
• Deprecate add hidden to issues migration (merge request) GitLab Enterprise Edition
• GraphQL: Rename CiRunnerUpgradeStatusType to CiRunnerUpgradeStatus (merge request)
• Deprecate CiRunner.projects default sort order value for removal in 17.0 (merge request)
• Deprecate user index migrations (merge request) GitLab Enterprise Edition
• Remove CreateCrossProjectPipelineWorker (merge request)

Removed (73 changes)

• Remove legacy project routes (merge request)
• Remove depricated Monitor Metrics feature (merge request)
• Remove unused ci_triggers.ref column (merge request)
• Geo Sites - Remove Full Details button (merge request) GitLab Enterprise Edition
• Set default PAT expiration to 365 days from now (merge request)
• Remove the opt_in_jwt feature (merge request)
• Announce removal of Redis localhost ports (merge request)
• Add 16.0 Grafana Helm Chart removal notice (merge request)
• Revert "Merge branch 'suppress-schema-deprecation-warning' into 'master'" (merge request) GitLab Enterprise Edition
• Add 16.0 breaking change removal notice for PG12 (merge request)
• Remove deprecated security schemas (merge request) GitLab Enterprise Edition
• Remove deprecated 'started' state for iteration (merge request)
• Remove DS support for Java 13 to 16 (merge request) GitLab Enterprise Edition
• Remove POST /ci/lint (merge request)
• Remove deprecated environment_tier param (merge request) GitLab Enterprise Edition
• Remove License-Check feature (merge request) GitLab Enterprise Edition
• Remove unused sequence from VSD table (merge request)
• GH-style Jira OAuth endpoints default return 404 (merge request)
• Set ci_remove_legacy_predefined_variables default ON (merge request)
• Remove legacyMode for runner status in graphql (merge request)
• Remove obsolete npm packages tags shared example (merge request)
• Migration remove gitlab as import_source (merge request)
• Remove jira_connect/users page (merge request)
• Remove setting Redis config file path via env (merge request)
• Drop clusters_applications_prometheus table (merge request)
• Remove deprecated gitlab.com importer (merge request)
• Add migration to drop crossplane (merge request)
• Remove SoftwareLicensePolicies without ScanResultPolicy (merge request) GitLab Enterprise Edition
• Remove special Redis fallback URLs (merge request)
• Remove toggle for limiting JWT token access (merge request)
• Drop clusters_applications_jupyter table (merge request)
• Remove setting Redis config file path via env var (merge request)
• Drop clusters_applications_cert_managers table (merge request)
• Remove POST approvals endpoint (merge request) GitLab Enterprise Edition
• Remove pql_three_cta_test (merge request) GitLab Enterprise Edition
• GH-style Jira DVCS endpoints return 404 by default (merge request)
• GraphQL: Remove CiCdSettingsUpdate (merge request)
• Remove redundant index from container_repositories (merge request)
• Enable frozen outbound job tokens by default (merge request)
• Add changelog item for redis 5 removal (merge request)
• Remove PipelineSecurityReportFinding.name GraphQL field (merge request) GitLab Enterprise Edition
• Remove preload_max_access_levels_for_labels_... FF (merge request)
• Remove the apiFuzzingCiConfigurationCreate GraphQL mutation (merge request) GitLab Enterprise Edition
• Remove revoked agent tokens from API (merge request)
• Remove Redownload button (merge request) GitLab Enterprise Edition
• Remove feature flag for ci_fix_for_runner_cache_prefix (merge request)
• Remove vulnerabilityFindingDismiss GraphQL mutation (merge request) GitLab Enterprise Edition
• Remove confidence field from PipelineSecurityReportFinding type (merge request) GitLab Enterprise Edition
• Drop U2F foreign key from WebauthnRegistrations (merge request)
• Remove legacy Sidekiq Daemon Memory Killer (merge request)
• Remove 'external' field in ReleaseAssetLink type by @missy-davies (merge request)
• Remove external field from Releases and Release Links APIs by @missy-davies (merge request)
• Remove column application_settings clickhouse_connection_string (merge request)
• Remove Bare repository import rake task (merge request)
• Remove the feature flag npm_obtain_lease_to_create_package (merge request)
• Remove refactor_vulnerability_filters feature flag (merge request) GitLab Enterprise Edition
• Remove the legacy Contribution App and feature flag (merge request) GitLab Enterprise Edition
• Stop using file_md5 from debian component files by @sathieu (merge request)
• Revert "Merge branch 'issue_370251_remove_namespace_agg_scheduler_lease' into 'master'" (merge request)
• Migration to remove phabricator (merge request)
• Clean up role_targeted_broadcast_messages (merge request)
• Remove RT issue weight feature flag (merge request)
• Removes the feature flag use_sub_repositories_api (merge request)
• Remove index_security_scans_on_pipeline_id concurrently (merge request)
• Remove phabricator code, docs and metrics (merge request)
• Remove job_age from jobs/request API endpoint (merge request)
• Unset POSTGRES_ENABLED in Auto DevOps template (merge request)
• Removing Pipeline Activity Limit in 16.0 as the feature is deprecated (merge request)
• Cleanup the detect_android_projects (merge request)
• Remove exit_registration_verification feature (merge request)
• Remove temporary index tmp_idx_package_files_on_non_zero_size (merge request)
• Remove GitHub import deprecated workers (merge request)
• Remove gitbook project template (merge request)

Security (10 changes)

• Bump gitaly version (merge request)
• Only maintainers of projects should be able to assign runners to them
• Relay state to check for only allowing sub paths (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Add specs for external users flag (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)

Performance (11 changes)

• Drop partial_index_deployments_for_project_id_and_tag (merge request)
• Use linear query to refresh the project authorizations (merge request)
• Enable Deployments API error on updated_at filter by default (merge request)
• Remove the ci_enforce_rate_limits_jobs_api feature flag (merge request)
• Set rate limit by default (merge request)
• Add code for the new permutation migration (merge request) GitLab Enterprise Edition
• Fix usage of enqueue_delete_todos (merge request)
• Optimise deployments table by removing an unused index (merge request)
• Allow using db replicas for GraphQL subs (merge request)
• Process limited number of refs in commit (merge request)
• Performance: Preload pipeline in PipelinesController to fix N+1 (merge request)

Other (56 changes)

• Add states and registry table to add SSF support for designs (merge request)
• Rate limits for unauthenticated Projects API use (merge request)
• Synchronously removing merge_request_mentions_temp_index (merge request)
• Add store labels to gitlab_cache_read_multikey_count metric (merge request)
• Update Gitlab Shell version to 14.20.0 (merge request)
• Logs all Exception errors from DB LB service discovery (merge request)
• Revert "Merge branch '388156-read-vuln-custom-role' into 'master'" (merge request)
• Use listbox in image_filter (merge request) GitLab Enterprise Edition
• Remove DropOlderDeploymentsWorker (merge request)
• Prepare async index for system_note_metadata (merge request)
• Remove recursive_approach_for_all_projects feature flag (merge request)
• Remove feature flag sign_and_verify_ansi2json_state (merge request)
• Update PipelineProcessWorker dedup strategy (merge request)
• Add a new worker for wiki indexing (merge request) GitLab Enterprise Edition
• Disable optional runner token encryption for groups and projects (merge request)
• Use clean_gitlab_redis_rate_limiting in search specs to avoid rate limit by @asadath1395 (merge request)
• Remove application_settings_tokens_optional_encryption feature flag (merge request)
• Update restore docs to reflect changes in restore process (merge request)
• Refactored project creation updation events (merge request) GitLab Enterprise Edition
• Add a migration to add prefix project in wiki rid (merge request) GitLab Enterprise Edition
• Record VSD total visits weekly and monthly (merge request) GitLab Enterprise Edition
• Prepare indexes for converting notes.id to bigint (merge request)
• Use invoice preview API to calculate plan pricing for SaaS purchase (merge request) GitLab Enterprise Edition
• Extract token masking code into a separate class by @asadath1395 (merge request)
• Clean up FF remove_job_age_from_jobs_api (merge request)
• Remove use_replica_for_mailers feature flag (merge request)
• Drop cycle analytics unused tables (merge request)
• Make DesignManagement::Repository a container for GitRepository (merge request)
• Update OpenAI::Client cost tracking to include feature category (merge request) GitLab Enterprise Edition
• Remove use_merge_base_for_security_widget feature flag (merge request)
• Refactored audit events for projects (merge request) GitLab Enterprise Edition
• Swap todos.note_id to bigint (merge request)
• Replace legacy variable CI_BUILD_TAG with CI_COMMIT_TAG (merge request)
• Remove 24h time setting (merge request)
• Fix existing incidents issue_type/work_item column out of sync (merge request)
• Add bulk_imports_batched_import_export feature flag (merge request)
• Use database replica for active jobs (merge request)
• Remove jira_connect_oauth FF (merge request)
• Refactored Contribution Analytics Jest test data to GraphQL Fixtures (merge request) GitLab Enterprise Edition
• Add tooltip to feature flag descriptions by @JonstonChan (merge request)
• Delete vue_issues_dashboard feature flag (merge request)
• Modify rubocop to allow revert (merge request)
• Remove dynamic_image_resizing feature flag (merge request)
• Remove ClusterRateLimiting and related feature flags (merge request)
• Fix Style/EmptyElse Cop by @JonstonChan (merge request)
• Adds more info in BBM health status logger (merge request)
• Updating partitioning docs to reflect BBM changes (merge request)
• Backfill design_management_repositories table (merge request) GitLab Enterprise Edition
• Swap award_emoji.awardable_id to bigint (merge request)
• Change Service Desk setting text (merge request)
• Change convert type to work item MVC feature flag (merge request)
• Clean up FF ci_fix_max_includes (merge request)
• Prepare async index creation. Temp issue_type for incidents index (merge request)
• Purges legacy bg migration helpers from partitioning helpers (merge request)
• Add index to group_group_links table (merge request)
• Validate the projects.creator_id foregin key synchronously (merge request)

15.11.3 (2023-05-10)

Fixed (2 changes)

• Fix issue description keeping autosave after save
• Backport MR 119319 changes to 15-11-stable-ee

Changed (1 change)

• Restrict cleanup migrations only for GitLab.com

15.11.2 (2023-05-03)

Security (2 changes)

• Only maintainers of projects should be able to assign runners to them (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver

15.11.1 (2023-05-01)

Fixed (2 changes)

• Fix search cron worker when indexing is disabled GitLab Enterprise Edition
• Fix Web IDE Beta icons not loading in Safari

Security (9 changes)

• Set minimum role for importing projects to Maintainer (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Add specs for external users flag (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.11.0 (2023-04-21)

Added (175 changes)

• Add error logic for admin jobs vue by @TrueKalix (merge request)
• Added migration and models for instance external audit events (merge request) GitLab Enterprise Edition
• Add "explain this vulnerability" feature to vuln details page (merge request) GitLab Enterprise Edition
• Add empty state to admins jobs vue by @TrueKalix (merge request)
• Add support for snowplow PA configurator (merge request)
• GraphQL project fields to get refs tipping at a commit (merge request)
• Add vulnerabilityIssueLinkCreate GraphQL mutation (merge request) GitLab Enterprise Edition
• Add milestone reference to removed milestone note (merge request)
• Add user_identities field to JWTv2 by @joe-snyder (merge request)
• Create GraphQL endpoint for Explain Vulnerability (merge request) GitLab Enterprise Edition
• Automatically index projects in Zoekt when namespace is enabled (merge request) GitLab Enterprise Edition
• Add AwardEmoji widget update (merge request)
• Add runner's creator to runner admin and group (merge request)
• Include Jira issue keys for related MRs (merge request)
• Adds service desk verification result email (merge request)
• Enable pages unique domain feature flag by default (merge request)
• Add "explain this vulnerability" feature to vuln details page (merge request) GitLab Enterprise Edition
• Prepare job artifacts file_final_path column (merge request)
• Add awardEmoji field to merge request graphql type by @Taucher2003 (merge request)
• Event tracking for Debian packages by @sathieu (merge request)
• Show pods on Environment index page (merge request)
• Add table and data to view by @TrueKalix (merge request)
• Add llm_bot for LLM-generated content attribution (merge request)
• Allow pasting raw content in content editor (merge request)
• Add frontend testing guidelines for apollo mock queries/mutations (merge request)
• Add pnpm to Dependency API (merge request) GitLab Enterprise Edition
• Add link to feedback issue (merge request) GitLab Enterprise Edition
• Project specific runner registration control for admins by @markus.ferrell (merge request)
• Adds navigation menu for Model experiments (merge request)
• Enable CI Interpolation feature flag (merge request)
• Add ability to filter compliance violations by target branch (merge request) GitLab Enterprise Edition
• Enable multi-doc YAML parsing by default (merge request)
• Add index for namespaces by root namespace lookup (merge request)
• Add issue/merge_request_assignment_events tables (merge request)
• Add PNPM support (merge request)
• Adds package forwarding warning to delete modal (merge request)
• Add /admin/search/zoekt APIs for controlling Zoekt rollout (merge request) GitLab Enterprise Edition
• Record work item linking events (merge request)
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Add worker to sync approval rules from security_findings (merge request) GitLab Enterprise Edition
• Expose unified approvals via GraphQL (merge request) GitLab Enterprise Edition
• Add abuse_trust_scores table (merge request)
• Allow project migrations in GitLab Direct Transfer (merge request)
• Add admin setting to sync license db (merge request)
• Add REST endpoint to create runner associated to a user (merge request)
• Groups - Remove show_group_readme FF (merge request)
• Notification widget for work items (merge request) GitLab Enterprise Edition
• Download candidate data as csv (merge request)
• Add missing approval rule settings to group project templates (merge request)
• Backfill the missing wiki permissions in the main index (merge request) GitLab Enterprise Edition
• Add UI to summarize notes (merge request) GitLab Enterprise Edition
• Update runner manager records when runner managers poll for jobs (merge request)
• Enable creation of runner manager records for active runner managers (merge request)
• Prepare system_note_metadata for bigint migration (merge request)
• Expose GitLab Maintenance Mode to internal metrics (merge request)
• Change order for issue_user_mentions PK swap (merge request)
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Add Silent mode application setting (merge request)
• Added the AiGenie component (merge request) GitLab Enterprise Edition
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Swap issue_user_mentions.note_id to bigint (merge request)
• Implement GraphQL mutation/subscription for AI (merge request) GitLab Enterprise Edition
• Roll out Import remote file from AWS S3 (merge request)
• Allow users to delete experiments (merge request)
• Feat(Subscription Purchase): error_attribute_map (merge request) GitLab Enterprise Edition
• Track npm dist tags routes via snowplow (merge request)
• Add User Identities toggle to User Preferences by @joe-snyder (merge request)
• Add AwardEmoji widget to work items (merge request)
• Add audit event for code suggestions (merge request) GitLab Enterprise Edition
• Instrument database mode in service ping report (merge request)
• Work item comment reply changes (merge request)
• Add shared examples to ci, issues und pages tests by @TrueKalix (merge request)
• Add code suggestions UI (merge request) GitLab Enterprise Edition
• Add reveal-conceal password option (merge request) GitLab Enterprise Edition
• Add create mr button (merge request)
• Add service for syncing approval rules from security_findings (merge request) GitLab Enterprise Edition
• Adds service desk custom email verification email (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• feat: Bump Code-Quality image to 0.94.0 (merge request)
• Send e-mail when achievements are awarded (merge request)
• Audit unban action (merge request) GitLab Enterprise Edition
• Add support for project wiki repositories in the Geo SSF (merge request) GitLab Enterprise Edition
• Add ability to cycle around with keyboard in the header search (merge request)
• Allows for fetching candidate data as csv (merge request)
• Add link to branch rules from codeowners block (merge request)
• Enable Web IDE Beta by default (merge request)
• Create ResourceLinkEvent model and table (merge request)
• Add parent_oid and is_valid to postgres_foreign_keys (merge request)
• Add global time tracking report by @zillemarco (merge request)
• Add API endpoint for retrieving limit exclusions (merge request) GitLab Enterprise Edition
• Adds mutation to create a catalog resource (merge request)
• Added the FE support to Experimental API (merge request) GitLab Enterprise Edition
• Add API for deleting limit exclusion records (merge request) GitLab Enterprise Edition
• Add project group link delete cascade fk (merge request)
• Add API for creating limit exclusions (merge request) GitLab Enterprise Edition
• Include Jira issue keys for related MRs (merge request)
• Adds adjacentWorkItemId and relativePosition fields to Work Item Update by @pkor-ext (merge request)
• Show which CI job currently uses the resource group (merge request)
• Check if user has exceeded git rate limits before forking project (merge request) GitLab Enterprise Edition
• Add CurrentUserTodos widget to add and mark todos (merge request)
• Adds Projects::Ml::CandidatesController.detroy (merge request)
• Expose server SSH host and port in predefined CI variables by @nejc (merge request)
• Exclude namespace-banned users from being counted as billable members (merge request) GitLab Enterprise Edition
• Add a "root_directory" to the pages deployment (merge request)
• Prepare issue_user_mentions for bigint migration (merge request)
• Add audit events schema definition (merge request) GitLab Enterprise Edition
• Remove flag: multiple environment approval rules (merge request)
• Display how far a fork is behind/ahead of its upstream by default (merge request)
• Add forks storage size columns to root storage statistics table (merge request)
• Adds link to settings from package registry list page (merge request)
• Show promotional blurb when applicable (merge request) GitLab Enterprise Edition
• Assign/Unassign WI note to commentator (merge request)
• Make menu items in new navigation sidebar pinnable (merge request)
• Add secret detection in Issue description (merge request)
• Enable parallel execution for batched migrations (merge request)
• Add batched migrations parallel limit setting (merge request)
• Add filtering to compliance framework report (merge request) GitLab Enterprise Edition
• Add user toggle for achievements (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Add achievement update GraphQL mutation (merge request)
• Introduce a model for npm metadata (merge request)
• Add CurrentUserTodos widget (merge request)
• Cleanup Debian incoming files daily by @sathieu
• Rolls out incident_event_tags feature
• Add sync index vulnerability_finding_signatures_on_signature_sha
• Enable Value Stream Dashboard FF (merge request) GitLab Enterprise Edition
• Rolls out incident_event_tags feature (merge request)
• Initialize conversion of events.target_id (merge request)
• Add workItemConvert mutation (merge request)
• Audit ban action (merge request) GitLab Enterprise Edition
• Cleanup Debian incoming files daily by @sathieu (merge request)
• Add a "publish" instruction to the pages job (merge request)
• Pause batched migration when patroni apdex drop below SLO (merge request)
• Make frequent projects/groups list editable (merge request)
• Expose Agent ID in agent view page (merge request)
• Implement bulk applying compliance framework (merge request) GitLab Enterprise Edition
• Add plan limits of access tokens (merge request)
• Add screenshot field to report abuse form (merge request)
• Prepare async index security_scans_on_pipeline_id_and_scan_type (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Update group-level branch selector to a dropdown (merge request) GitLab Enterprise Edition
• Release CODEOWNERS default owners (merge request)
• Adds UI sorting by total storage size column (merge request) GitLab Enterprise Edition
• Removes ci_recreate_downstream_pipeline feature flag (merge request)
• Adds internal_id and project_id to Ml::Candidate (merge request)
• Initialize conversion of awardable_id to bigint (merge request)
• Add sync index vulnerability_finding_signatures_on_signature_sha (merge request)
• Add rails endpoint for work item import (merge request)
• Add DoraPerformanceScore model (merge request)
• Validate ci_builds partitioning constraint (merge request)
• User unblock audit event (merge request) GitLab Enterprise Edition
• Add secret detection for replies (merge request)
• Add approved filter to merge requests api by @Taucher2003 (merge request)
• Index vulnerability findings on uuid including vuln id (merge request)
• Support quick actions for new work item comments (merge request)
• Prepare note_diff_files for bigint migration (merge request)
• Added support for CODEOWNERS syntax highlighting (merge request)
• Add updated_after and updated_before to projects REST API (merge request)
• Add role_approvers to scan result policy (merge request) GitLab Enterprise Edition
• Add index to package files on package_id and created_at DESC (merge request)
• Add a table for design repo and a class for the corresponding git repo (merge request)
• Finalize issues iids scoping to namespace_id (merge request)
• Allow WIT changes and fix issue types changes (merge request)
• Perform asynchronous index creation (merge request)
• Add role_approvers to graphql response (merge request) GitLab Enterprise Edition
• Warn users about tokens in the comments (merge request)
• Log slowest HTTP requests (merge request)
• Enable Slack slash command to declare incidents (merge request)
• Add bulk publish endpoint to Draft Notes API (merge request)
• Adds check for release service (merge request)
• Add delete achievement mutation and service (merge request)
• Add tracking to language filter component (merge request)
• Clean-up feature-flag git_abuse_rate_limit_feature_flag & keep code (merge request)
• Update issue epic links in real-time (merge request) GitLab Enterprise Edition
• Set email confirmation setting from ff (merge request)

Fixed (197 changes)

• GraphQL: Fix sort order of CiRunner.projects (merge request)
• Use proxied_site for geo proxied clone urls (merge request) GitLab Enterprise Edition
• Add migration to re-sync scan result policies for namepsaces (merge request) GitLab Enterprise Edition
• Fix "Something went wrong. Please try again" error after merging (merge request)
• Update gitlab-net-dns to v0.9.2 (merge request)
• Fix Todo Dashboard SAML reauth for projects in user namespaces (merge request) GitLab Enterprise Edition
• Fix divergence counts for tags and commits (merge request)
• Fix subscribe to label dropdown (merge request)
• Allow to select project value stream using URL parameter (merge request) GitLab Enterprise Edition
• Change copy for conflicts modal (merge request)
• Remove max width restriction from state loader (merge request)
• Fix for notification toggle not working on modal (merge request)
• Remove allow_dots_on_tf_state_names FF (merge request)
• Place dependency proxy skeleton loader underneath the images list header by @glauciellesa (merge request)
• Fix User missing attribute error during audit (merge request) GitLab Enterprise Edition
• Fallback to start commit when merge base is missing (merge request)
• Fix merge request Jira sync problems due to branch (merge request)
• Fixed explain code button background color (merge request) GitLab Enterprise Edition
• Skip DNS rebinding checks if HTTP_PROXY present (merge request)
• Change from path to to_param (merge request)
• Fix bug in SyncFindingsToApprovalRulesWorker (merge request) GitLab Enterprise Edition
• Show groups from group shares in fork targets (merge request)
• Reschedule migration to add admin_mode scope for PATs (merge request)
• Use primary ssh_url_to_repo for geo proxied ssh clone url (merge request) GitLab Enterprise Edition
• Use root ancestor path for filtering in frameworks table (merge request) GitLab Enterprise Edition
• Use root ancestor for listing compliance frameworks (merge request) GitLab Enterprise Edition
• Fix vulnerability status bulk updates (merge request) GitLab Enterprise Edition
• Patch doorkeeper-openid_connect to use RFC7638 thumbprint (merge request)
• Send password reset email to approved users when user caps are enabled (merge request)
• Diff header: Fix checkbox alignment (merge request)
• Fix NoMethodError for empty repositories (merge request)
• Fix duplicate name validation in ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Changes order of text style in Content Editor (merge request)
• Fix milestone_id=0 not clearing milestone (merge request)
• This MR fixes growing width of preview panel (merge request) GitLab Enterprise Edition
• Requeue the BackfillProjectWikiRepositories migration (merge request)
• Show error message from API if any while adding Epic (merge request) GitLab Enterprise Edition
• Fix NoMethodError for BlameController (merge request)
• Fix gitlab_username_claim by reading also extra.raw_info by @bufferoverflow (merge request)
• Calculate correct access level of shared group member (merge request)
• Patch mail gem to handle TLS settings properly (merge request)
• Fixing pipeline minutes calculations (merge request) GitLab Enterprise Edition
• Remove unnecessary write tab for content editor (merge request)
• Fix invite a group on project wording and link (merge request)
• Make ProcessScanResultPolicyWorker idempotent and add deduplication (merge request) GitLab Enterprise Edition
• Add admin_parent_link permission to hide Add button in issue (merge request)
• Sign and verify ansi2json state (merge request)
• Approvals widget: Fix approvers table cell width (merge request)
• Force nowrap on tree body container (merge request)
• Show reference in root Work Item breadcrumb (merge request)
• Fix harbor registry menu item active status by @orozot (merge request)
• Do not display security widget when pipeline is active (merge request) GitLab Enterprise Edition
• Use dummy email address for Ghost gitea users (merge request)
• Apply correct background for dark mode (merge request) GitLab Enterprise Edition
• Update codeowners default owner regex (merge request) GitLab Enterprise Edition
• Convert some regex to use Gitlab::UntrustedRegexp (merge request)
• Remove cascading delete of scan_result_policy_reads (merge request) GitLab Enterprise Edition
• Only enqueue Sbom::IngestReportsWorker on default branches (merge request) GitLab Enterprise Edition
• Replace find with find_by_id in SyncScanPoliciesWorker (merge request) GitLab Enterprise Edition
• Fix NoMethodError for WebHook (merge request)
• Fix job filtering after token clear (merge request)
• Fix minor bug with checkboxes in a table (merge request)
• Fix bugs in Groups::AcceptingProjectSharesFinder (merge request)
• Fix SD blob path when scan is run in "no git" mode (merge request) GitLab Enterprise Edition
• Generate system notes for same state dismissals (merge request) GitLab Enterprise Edition
• Fix: mr approvers alignment (merge request)
• Remove extra space above mermaid sequence diagrams (merge request)
• Fix awardEmoji authorization in epic type by @Taucher2003 (merge request) GitLab Enterprise Edition
• Merge request: fix status icon color (merge request)
• Approvals table: Fix overflow issue (merge request)
• Resolve setWorkItemMetadata in apollo client (merge request)
• Enable FF pages_deploy_upload_file_outside_transaction by default (merge request)
• Merge request: Fixes a console error (merge request)
• Allow CI job to need an undefined, optional job (merge request)
• Disallow field licenseText for npm (merge request)
• Replace message by name for vulnerabilities (merge request) GitLab Enterprise Edition
• Verify deploy keys settings for protected tags (merge request)
• Resolve ambiguous references for archive metadata (merge request)
• Fix Authorize user page for Mattermost (merge request)
• Fix poor performing groups list API query (merge request)
• Updates foreign_keys for Ml::Candidate relations (merge request)
• Fix unreadable text in dark-themed editor tooltips (merge request)
• Dont show Security::Findings dismissed on the default branch (merge request) GitLab Enterprise Edition
• FIx markdown toolbar button actions in MRs (merge request)
• Fix collapse button alignment (merge request)
• Update bulk_imports entity validation for destination_name (merge request)
• Always update compliance report filtered projects list (merge request) GitLab Enterprise Edition
• Fix user reference styles in content editor (merge request)
• Fix border radius of clear filter button (merge request)
• Use admin_bot for adding the default compliance framework (merge request) GitLab Enterprise Edition
• Fix duplication of thread comments on commit page (merge request)
• Fix invite redirect for use of relative root (merge request)
• Changes path for ML::Candidate artifacts (merge request)
• Don't enforce SSO for public groups (merge request) GitLab Enterprise Edition
• Fix a replica latency bug on the Maven package registry upload endpoint (merge request)
• Increase padding for dropdown in content editor (merge request)
• Fix JS error for dropdown widget on issue board (merge request)
• Vue 3 spec violations fixed (merge request)
• Work item copy link fixed for modals (merge request)
• Fix markdown toolbar button actions (merge request)
• Start pipeline in after_commit callback when retrying jobs (merge request)
• When replying comments, the text box isn't focused (merge request)
• Fix demoting of the admin with OIDC enabled (merge request) GitLab Enterprise Edition
• Fix alignment of file tree search icon (merge request)
• Deletes compliance framework setting when transferring project (merge request) GitLab Enterprise Edition
• Fix spacing of referenced commands in comment preview (merge request)
• Use read_code to authorize GET protected_branches (merge request) GitLab Enterprise Edition
• Refetch container image tags list after deletion (merge request)
• [Geo] Fix token timeout for container registry sync (merge request)
• Remove subtransaction in Security::ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Fix incorrectly added VSA FF check (merge request) GitLab Enterprise Edition
• Enhance license dependency equality (merge request) GitLab Enterprise Edition
• Fix commits ref switcher (merge request)
• Fix broken trait specs - package by @sathieu (merge request)
• Fix reconcile needed message for offline license (merge request) GitLab Enterprise Edition
• Diff: Fix border radius of thread
• Skip epic cache update if epic can not be saved (merge request) GitLab Enterprise Edition
• Fix date issue for broadcast message edit on firefox (merge request)
• Fix licensed VSA page without parity FF (merge request) GitLab Enterprise Edition
• Diff: Fix border radius of thread (merge request)
• Fix bug in scope Group.project_creation_allowed (merge request)
• Ensure backup restore clears storages before restoring (merge request)
• User with custom role + read_code can view MD link (merge request) GitLab Enterprise Edition
• Append tag notes when creating a new tag too (merge request)
• Fix N+1 query for max access level in project lists (merge request)
• Fix item height in wiki sidebar by @qk44077907 (merge request)
• Add a loading indicator for suggestions (merge request)
• Fix autofocus on work item description (merge request)
• Hide pipeline links tip in Stage view by @homersimpsons (merge request)
• Fix assignee avatars alignment on issues list (merge request)
• Fix missing caller_id for GraphQL subscriptions (merge request)
• Security Finding: fix note link to project (merge request) GitLab Enterprise Edition
• Fix loading multi-doc YAMLs for CI configurations (merge request)
• Do not change object reference when body is nil (merge request)
• Fix reference styles in content editor (merge request)
• Add relative root to broadcast messages (merge request)
• Fix board_list_spec.js vue3 test violations (merge request)
• Adds relation package_id to ml_candidates (merge request)
• Enforce merge request approval settings (merge request) GitLab Enterprise Edition
• Display fallback emoji images with correct aspect ratio (merge request)
• Use UUID to match findings with issue feedback records (merge request) GitLab Enterprise Edition
• Cells: Fix loose foreign key trigger validation routine (merge request)
• Hide achievements on private profiles by @Taucher2003 (merge request)
• Fix unlocking of job artifacts on pipeline state transitions (merge request)
• Hide inactive approvers (merge request) GitLab Enterprise Edition
• Correctly compute blob URL for Secret Detection (merge request) GitLab Enterprise Edition
• Add top margin to merge request description (merge request)
• Allow HEAD ref when viewing blob, commits and compare page (merge request)
• Do not serialize data image urls (merge request)
• Update mail gem to v2.8.1 (merge request)
• Don't generate invalid SQL checking foreign keys (merge request)
• Fix agent version comparison with KAS rc (merge request)
• Improves dataframe rendering in Python Notebooks (merge request)
• Jobs list: remove double bottom border (merge request)
• Fix(Purchase): handle email taken error (merge request) GitLab Enterprise Edition
• Fixes the ref switcher encoding (merge request)
• Child issues and epics: fix closed state (merge request) GitLab Enterprise Edition
• Add sync_name check to Gitlab::Auth::Ldap::Access by @zhzhang93 (merge request) GitLab Enterprise Edition
• Unstuck VSA background aggregations (merge request)
• Fix trial creation action reload with select (merge request) GitLab Enterprise Edition
• Improve paste markdown behavior in Content Editor (merge request)
• Fixing CI mirrored tables mermaid chart (merge request)
• Remove temporary workaround for DeployAccessLevel (merge request)
• Show Projects menu as active while on Starred or Trending projects pages (merge request)
• Add constraint for deploy_access_level (merge request)
• Fix alignment of commit changes block (merge request)
• Fix invalid protected environment access levels (merge request) GitLab Enterprise Edition
• Fix Debian doc for direct upload with older curl by @sathieu (merge request)
• Validate DeployAccessLevel options (merge request) GitLab Enterprise Edition
• Use method to resolve access_level_description field (merge request)
• Fix dropdown closing prematurely when clicking inside (merge request)
• Fix alignment of user readme breadcrumb chevron (merge request)
• Fix inconsistent behaviour in work items comments (merge request)
• Remove long-running transaction while deduplicating the findings (merge request) GitLab Enterprise Edition
• Fix issue dashboard returning issues from archived projects (merge request)
• Fix command-only note not clearing commment form (merge request)
• Widget item: fix status :focus (merge request)
• Canonicalize dependency list names (merge request) GitLab Enterprise Edition
• Fix branch rules details breadcrumbs (merge request)
• Merge request widget: Fix alignment of cancel button (merge request)
• Prevent updating a comment with empty text (deprecated_notes.js) (merge request)
• Search only descendant groups when applicable (merge request) GitLab Enterprise Edition
• Sync security policy rule schedules that may have been deleted by bug (merge request)
• Fix clipping of review bar component when system footer exists (merge request)
• Fixing database backup rake task in single-db-two-connections mode (merge request)
• Fix 500 error for diff_files endpoint (merge request)
• Fix LDAP sync_name option bug by @zhzhang93 (merge request)
• Fix license available of group-protected branches by @songhuangcn (merge request) GitLab Enterprise Edition
• Decrease indent for profile page bio (merge request)
• This MR fixes radio button overlay (merge request) GitLab Enterprise Edition
• Fix openapi viewer for relative url instances (merge request)
• Avoid duplicate key error messages when inserting state record (merge request)
• Fix Google CDN not encoding UTF-8 characters (merge request)
• Linked items fixes (merge request) GitLab Enterprise Edition
• Fix caching to cover whole Service Ping payload (merge request)
• Update wiki repository size after migration (merge request)
• Fix TypeError when json file is an array (merge request)

Changed (275 changes)

• Add support for npm deprecate (merge request)
• Extend issue type change note (merge request)
• Update new label form (merge request)
• Visual tweaks for new sidebar nav search menu (merge request)
• Backfill code suggestions to true for all namespaces (merge request)
• Removing FF lazy_load_pipeline_dropdown_actions (merge request)
• Leave candidate as default code path (merge request) GitLab Enterprise Edition
• Extend approvals UI with fail-closed rules (merge request) GitLab Enterprise Edition
• Guard legacy runner status in graphql by feature flag (merge request)
• Change code suggestions namespace setting default to true (merge request)
• Format explain vulnerability responses with markdown format headers (merge request) GitLab Enterprise Edition
• Animate approval icon in merge request sidebar (merge request)
• Remove top border to prevent overlap (merge request)
• Add "fork" to word list and remove docs link from UI (merge request)
• Replace Deployment Icon with Release Icon on Project Home by @glauciellesa (merge request)
• Update scheduled Scan Execution Policy for secret_detection (merge request)
• Allow logging of all IssuableExportCsvWorker parameters (merge request)
• Adds frontend for candidate deletion (merge request) GitLab Enterprise Edition
• Enable geo_project_wiki_repository_replication feature flag (merge request) GitLab Enterprise Edition
• Add reviewed but not approved state in MR sidebar (merge request)
• Better error message when branch name does not match push rules settings (merge request) GitLab Enterprise Edition
• Update status check documentation (merge request)
• Add extra information to the github identifiers of importer failures (merge request)
• Replace namespace_id with group_id and project_id for POST /user/runners (merge request)
• Apply changes to order of secure nav items (merge request)
• Add tables and columns support to database schema validations (merge request)
• Add experiment label to ai chat header (merge request)
• Use badge component for "busy" status (merge request)
• Replaced VSA Overview "Total time" line chart with stacked area chart (merge request) GitLab Enterprise Edition
• Extend GraphQL approval rules with indication of invalid rules (merge request) GitLab Enterprise Edition
• Fix spacing in content editor code blocks (merge request)
• Convert admin menu from haml to panel (merge request) GitLab Enterprise Edition
• Log warnings on invalid ansi2json state inputs (merge request)
• Clean up runners_availability_section experiment (merge request)
• Sets the default 'Documentation pages URL' to https://docs.gitlab.com (merge request)
• Remove tooltip from merge request actions dropdown (merge request)
• Enable license scanning feature again (merge request) GitLab Enterprise Edition
• Fix insert link in content editor (merge request)
• Only allow developers or higher to trigger merge_status_recheck (merge request)
• Synchronize temporary index (merge request)
• Experiment Cleanup: removed the cart_abandonment_modal experiment (merge request) GitLab Enterprise Edition
• It casts EXTRACT as double precision (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Update security policies docs after fixing concurrent execution bug (merge request)
• Add 'broadcasting' label to Action Cable counter (merge request)
• Left align emoji picker on descriptions and notes (merge request)
• Finalize EncryptCiTriggerToken background migration (merge request)
• Allow immediate deletion of projects using API (merge request) GitLab Enterprise Edition
• Add table validators to schema validation framework (merge request)
• Merge request header: add icon to indicate fork (merge request)
• Enable strict_ip_enforcement by default (merge request) GitLab Enterprise Edition
• Improve rendering of HTML-only emails in issue responses (merge request)
• Add basic implementation of loading only a single diff file (merge request)
• Update wiki diagram editor to be fullscreen (merge request)
• Skip setting base path for GitLab.com (merge request)
• Introduce Breach and Attack Simulation features (merge request)
• Stop flashing issue description on details toggle (merge request)
• Feat(Subscription Purchase): update CDot link (merge request) GitLab Enterprise Edition
• Disable Net::HTTP monkey patch for Ruby 3.1 (merge request)
• This MR creates new filtering layout (merge request) GitLab Enterprise Edition
• Drop retry_job_start_pipeline_after_commit feature flag (merge request)
• Autofills create label form (merge request)
• Rename "Infrastructure Registry" menu to "Terraform modules" (merge request)
• Users list: change user actions (merge request)
• Change dashboard to homepage (merge request)
• Refactor compliance frameworks create/edit to modals (merge request) GitLab Enterprise Edition
• Related branches: add widget styles (merge request)
• Cache inexistence of the GitHub username (merge request)
• Change viewing to editing for editor switcher (merge request)
• Upgrade bundler to v2.4.11 (merge request)
• Add reviewed but not approved state in MR sidebar (merge request)
• Migration to backfill hashed_root_namespace_id to commit index (merge request) GitLab Enterprise Edition
• Update excon to v0.99.0 (merge request)
• Update ruby_parser to v3.20 (merge request)
• Remove the move_year_dropdown_usage_charts feature flag (merge request)
• Removing google_play_integration feature flag (merge request)
• Use YAML.safe_load_file for import/export config (merge request)
• Use YAML.safe_load_file for mail_room config loading (merge request)
• Rename CodeOwners::File#entries_for_path method (merge request) GitLab Enterprise Edition
• Add unlimited members during trial alert on all Project/Group pages (merge request) GitLab Enterprise Edition
• Update gitlab-pages version (merge request)
• Update output of backup timestamps by @quatauta (merge request)
• Remove option to create new issue to resolve all threads in widget (merge request)
• Ensure terraform artifacts are not public (merge request)
• added: Creating marketing cookie to log active user sessions (merge request)
• Adds a unique index for storage limit exclusions (merge request)
• Remove help icon on code review summary comment (merge request)
• Refactor default framework assignments (merge request) GitLab Enterprise Edition
• New/edit MR: Migrate merge options checkbox (merge request)
• Moves container registry to the far right on Usage Quotas (merge request) GitLab Enterprise Edition
• New merge request: change empty state (merge request)
• Approvals table: Update styling (merge request)
• Help icon refactor (merge request)
• Filtered search bar: Fix height & focus state (merge request)
• Issuable widgets: more improvements (merge request)
• Avoid double submission on app secret renewal (merge request)
• Allow NULL file_md5 to Debian component files by @sathieu (merge request)
• Update UI text on create issue to resolve all threads option (merge request)
• Allow updates to mail_room in Gemfile again (merge request)
• This MR adds base layout for security result policy (merge request) GitLab Enterprise Edition
• Reschedule async temp index on finding report types (merge request)
• Move admin jobs files by @TrueKalix (merge request)
• Add root level breadcrumb to "Your work" EE pages (merge request) GitLab Enterprise Edition
• Omit OpenGraph/Twitter tags in redirected sign-in page by @aubiyko (merge request)
• Cleanup of old help icons (merge request)
• Add toasts for variable actions (merge request)
• Add note that confirmation requires primary email (merge request)
• Updating UI text by @sselhorn1 (merge request)
• Add root level breadcrumb to "Your work" pages (merge request)
• Change the order of vulnerability creation (merge request) GitLab Enterprise Edition
• Update BBM best practices section (merge request)
• Add laravel project template (merge request)
• Use YAML.safe_load_file for Bullet exclusions (merge request)
• Swap id columns on sent_notifications (merge request)
• Shows container registry image created time (merge request)
• Capitalize participants in sidebar (merge request)
• Debian package uniqueness by @sathieu (merge request)
• Add alert when project missing pipeline file (merge request) GitLab Enterprise Edition
• Remove the security_reports_mr_widget_prompt experiment (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Reschedule migration for links (merge request)
• Update copy of "Partial import" label (merge request)
• Splits up articats fields for Usage Quotas (merge request) GitLab Enterprise Edition
• Defer loading of other versions tab on package details page (merge request)
• Send queries to fetch schema cache to replicas (merge request)
• Update gitlab-mail_room to v0.0.23 (merge request)
• Cleaned up experiment cross_stage_fdm (merge request) GitLab Enterprise Edition
• Rename "Deployments > Feature Flags" to "Deployments > Feature flags" (merge request)
• Cells: Move appearances into clusterwide (merge request)
• Adjust spacing of merge request widgets (merge request)
• Add hashed_root_namespace_id to commits index mapping (merge request) GitLab Enterprise Edition
• Refactor api admin mode shared example by @TrueKalix (merge request)
• Fixed unnecessary relayout if width is not changed (merge request)
• Remove limit-container-width from more pages (merge request)
• Update MR security widget to read from new properties (merge request) GitLab Enterprise Edition
• Approvals widget: improve styling (merge request) GitLab Enterprise Edition
• Update styling of pending comment (merge request) GitLab Enterprise Edition
• Update Issue's Due Date field real-time (merge request)
• Linked resources widget: change help icon (merge request)
• Diff: toggle file contents with keyboard (merge request)
• Changes the comments help icon (merge request)
• Approvals widget: change vertical alignment of approvals icon (merge request)
• Change container registry copy expiration policy to cleanup policies (merge request)
• Lock writes during gitlab:setup task (merge request)
• Add database migration (merge request)
• Prepare to drop unused jira indexes on projects (merge request)
• Right-align note actions dropdown (merge request)
• Add a throttle to sync service db usage GitLab Enterprise Edition
• Increase vertical spacing on MR header
• Fix add/edit/delete dismissal comment for pipeline security tab
• Migrate the existing RedisHLL keys to default slot (merge request)
• Add empty state for customizable dashboard panels (merge request) GitLab Enterprise Edition
• Add Drawer from CodeQuality Inline-diff findings (merge request) GitLab Enterprise Edition
• Merge blocked: change spacing of merge details (merge request)
• Reschedule the migration of evidences (merge request)
• Enable branch rules feature flag by default (merge request)
• Admin area: change help icons on dashboard (merge request)
• Add a throttle to sync service db usage (merge request) GitLab Enterprise Edition
• Merge request: unify help icons (merge request)
• Load commit diffs async by default (merge request)
• Fix add/edit/delete dismissal comment for pipeline security tab (merge request)
• Epic tree: item spacing improvement (merge request)
• Add a expiry date option for deploy tokens by @ChevronTango (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Python.gitlab-ci.yml: Suggest using the current version of Python by @cclauss (merge request)
• Increase vertical spacing on MR header (merge request)
• Add GraphQL mutation to create a merge request (merge request) GitLab Enterprise Edition
• Improve layout and text of "too many changes" alert (merge request)
• Google cloud pages: Remove container limited class (merge request)
• Issues list: change status to use badge component (merge request)
• MR widgets: Unify loading icon size (merge request)
• Add new application form: form cleanup (merge request)
• Diff: add file permission tooltip (merge request)
• Ensure visualizations have default values (merge request) GitLab Enterprise Edition
• Migrate checkbox to GlFormCheckbox (merge request)
• MR list: change alignment of labels (merge request)
• Merge request: Rename Email patches to Patches (merge request)
• Disallow NONE and ANY filter values for OR operator (merge request)
• Add data transfer graphql queries under feature flag (merge request) GitLab Enterprise Edition
• Hide upgrade billing for ramped subscriptions (merge request) GitLab Enterprise Edition
• Update parsing of *_DISABLED variables (merge request)
• Fix small UI inconsistencies in MR view (merge request)
• Update the breadcrumbs and pagetitles by @Mughees_ (merge request)
• Update vulnerability state change notes to include dismissal reasons (merge request) GitLab Enterprise Edition
• Update validation in order to allow (merge request)
• Remove real_time_issue_epic_links feature flag (merge request)
• Search::Index creates an Elasticsearch index on create (merge request)
• Consolidated product analytics feature flags (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Show "-" when the size of the MR diffs is 0 (merge request)
• Project: Remove container limited class (merge request) GitLab Enterprise Edition
• Enhance safe-html usage on SAST configuration (merge request) GitLab Enterprise Edition
• Replace bootstrap dropdown for issuable type (merge request)
• Remove extra settings content in CI/CD settings (merge request)
• Extended the syntax highlighting for CODEOWNERS (merge request)
• Update user_type value for humans (merge request)
• Change SVN migration link (merge request)
• Update dependency auto-build-image to v1.31.0 (merge request)
• Left align new branch form (merge request)
• Renames ml_candidates.iid to eid (merge request)
• Remove connecting lines between MR widgets (merge request)
• Format personal access token name in email (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Application: Remove container limited class (merge request)
• Cluster: Remove container limited class (merge request)
• Post-process leaked credentials on all branches (merge request) GitLab Enterprise Edition
• Improve error message for Security Features with alias usage in ci file (merge request)
• Create search index assignments for notes (merge request)
• User settings: remove container limited class (merge request)
• Restore breadcrumb border for all pages (merge request)
• Profile page: change border bottom color of personal projects (merge request)
• Merge request, Issue list: remove darker border from closed items (merge request)
• Issuable detail page: restore limited-container-width class (merge request)
• Environment variable UNSTRUCTURED_RAILS_LOG removed from codebase (merge request)
• Update dependency auto-deploy-image to v2.48.0 (merge request)
• Broadcast Messages: form cleanup (merge request)
• Removes all uploads from usage_quotas storage pages (merge request) GitLab Enterprise Edition
• Update parsing of *_DISABLED variables (merge request)
• Update saved reply form layout (merge request)
• Move description templates help text below description title (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Remove .integration-settings-form CSS (merge request)
• Adds hashed_root_namespace_id to issue index (merge request) GitLab Enterprise Edition
• Pipeline editor improvements (merge request)
• Use YAML.safe_load_file for backup/restore (merge request)
• Add keyset pagination to Instance level audit events api (merge request) GitLab Enterprise Edition
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Adding Package Name to Google Play Integration (merge request)
• Update UI action button when loading empty VSA (merge request) GitLab Enterprise Edition
• Remove elasticsearch_use_traversal_id_optimization flag (merge request) GitLab Enterprise Edition
• Remove tertiary category from collapse button (merge request)
• Update ipaddr to v1.2.5 (merge request)
• Add index for free_user_cap_over_limit_notified_at (merge request)
• Add prefix and custom match options for custom Jira issue matching by @jackorp (merge request)
• Add workers to clear notified at flags (merge request) GitLab Enterprise Edition
• Work items: Improve styling of child items (merge request)
• Show a loading spinner while searching (merge request)
• Not use the word retry to refer to webhook executions by @alexkalderimis (merge request)
• Includes namespace when searching for projects in autocomplete bar (merge request)
• Limit invitations to trial groups and projects (merge request)
• Project overview: remove container-limited class (merge request)
• Repository: Remove container limited class (merge request)
• Geo settings page cleanup (merge request) GitLab Enterprise Edition
• Merge request list: Change status to use badge component styles (merge request)
• Issuable list: change meta font-size (merge request)
• Improves the styling of Child issues and epcics (merge request) GitLab Enterprise Edition
• This MR extracts Runner Tags Dropdown (merge request) GitLab Enterprise Edition
• Clean up route_hll_to_snowplow_phase4 feature flag (merge request)
• Move issue checklist item counts to below description (merge request)
• Update gitlab-experiment gem to v0.8.0 (merge request)
• Refactor scan_pipeline_service_spec job list fetching (merge request)
• Cells: Move broadcast_messages into clusterwide (merge request)
• Remove the new_header_search FF (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Use page_level_alert content_for on free user cap alerts (merge request) GitLab Enterprise Edition
• Default enable linear_group_descendants_finder_upto (merge request)
• Update UI warning when loading VSA (merge request)
• Move milestone actions into dropdown (merge request)
• Fixes broken docs link for Apple App Store integration (merge request)
• Projects list: style improvements (merge request)
• Removes the old UpdateMaxSeatsUsedForGitlabComSubscriptionsWorker (merge request) GitLab Enterprise Edition
• Revamp of the searchbox events handling (merge request)
• Clear button events (merge request)
• Pipeline list: style improvements (merge request)
• Added ff and flow to skip Namespace Aggregation Lease (merge request)
• Remove caller_id from Redis metrics (merge request)
• Right sidebar: change left-border width to match left sidebar (merge request)
• Admin Area: remove container limited class (merge request)
• Group: Remove limited container class (merge request)
• Group settings: Remove limited container class (merge request)
• Remove group_owners_to_disable_two_factor FF (merge request)
• Add MigrateSharedVulnerabilityIdentifiers background migration (merge request) GitLab Enterprise Edition
• Project settings: remove limited width class (merge request)
• Refactor: Card component to Pajamas comliant by @imrishabh18 (merge request)
• Convert admin system info cards to pajamas (merge request)

Deprecated (1 change)

• Deprecate Project.ci_config_variables sha arg; add ref arg (merge request)

Removed (27 changes)

• Add openSUSE 15.3 removal for GitLab 15.11 (merge request)
• Remove unnecessary admin mode shared examples by @TrueKalix (merge request)
• Hide some tracing instrumentations behind environment variables (merge request)
• Cleanup migration of sent_notifications to bigint (merge request)
• Remove project_export_as_ndjson feature flag (merge request) GitLab Enterprise Edition
• Remove require_verification_for_namespace_creation (merge request)
• Remove disable_vulnerability_feedback_controller FF (merge request) GitLab Enterprise Edition
• Async remove 'merge_request_mentions_temp_index' index (merge request)
• Async remove 'merge_requests_state_id_temp_index' index (merge request)
• Remove ProjectType.ci_config_variables arg (merge request)
• Delete gitbook.tar.gz template (merge request)
• Synchronously remove unused Jira indexes (merge request)
• Remove temporary index on vulnerability_occurrences (merge request)
• Remove release description in tag page (merge request)
• Remove temporary index for licenses cleanup
• Removed PipelinesController#config_variables endpoint (merge request)
• Drop runner_machine_id column from ci_builds_metadata (merge request)
• docs: Remove mentions of gitaly-ruby (merge request)
• Remove temporary index for licenses cleanup (merge request)
• Removing FF refactor_ci_minutes_consumption (merge request)
• Perform final removal of the learn gitlab creation worker (merge request)
• Stop writing v1 ActiveSession keys (merge request)
• Remove unused alert_metrics component (merge request)
• Drop packages_events table (merge request)
• Remove collect_package_events feature flag with relevant code (merge request)
• Remove duplicate metrics for group "editor" (merge request)
• Removes create_table_with_constraints (merge request)

Security (21 changes)

• Revert 'security-find_tag_before_send_git_archive'
• Fix security report authorization
• Check access to parent when creating and updating epics
• Revert security-383776-track-sha-of-last-approval
• Normalize some spaces in snapshot spec
• Check access to target project before looking for branch
• Verify that users have access to the parent of the fork
• Check access to reorder issues in epic tree
• Redirect to tree from project root on ref collision
• Fixes soft email confirmation alert vulnerability
• Record sha of approval
• Use UntrustedRegexp to limit scan of HTML comments
• Replace Unicode space chars with spaces
• Improve Gitlab::UrlSanitizer regex to match more URIs
• Restrict Prometheus API access on public projects
• Filter namespace environments by feature visibility
• Fix the potential leak of internal notes
• Update globalid gem to v1.1.0 (merge request)
• Prevent XSS attack in "Maximum page reached" page
• Protect webhook secrets by resetting url_variables
• Check for tag before send_git_archive

Performance (13 changes)

• Add migration for backfilling project permissions in blob documents (merge request) GitLab Enterprise Edition
• Remove sync index idx_merge_requests_on_state_id_and_merge_status (merge request)
• Remove index on events.action (merge request)
• Apply patch by @terrichu (merge request)
• Contribution analytics: Limit request time range to one week (merge request) GitLab Enterprise Edition
• Return error when updated_at filtering used without sorting (merge request)
• Use optimistic locking when updating Terraform state (merge request)
• Improve the performance of the labels queries
• Make Action Cable subscriptions use DB replicas (merge request)
• Improve the performance of the labels queries (merge request)
• Update ComplianceViolationsFinder to use InOperatorOptimization (merge request)
• Remove index idx_merge_requests_on_state_id_and_merge_status async (merge request)
• Add batch_counter to verifiable_replicator counters (merge request) GitLab Enterprise Edition

Other (80 changes)

• Refactoring audit events for projects (merge request) GitLab Enterprise Edition
• Remaining CTRT edits to Service Desk doc (merge request)
• Make the code suggestions default to be false (merge request)
• Revert the update to code suggestions (merge request)
• Remove refactor_code_quality_inline_findings feature-flag (merge request)
• Remove FF ci_simplify_dag_status_calculation_for_processing (merge request)
• Improves documentation for Model Experiments (merge request)
• Make DesignManagement::Repository a container for GitRepository (merge request)
• Delete webauthn feature flag (merge request)
• Introduce User Access Project/Group Authorizations (merge request)
• Use a mockApolloClient to test Design comments (merge request)
• Remove partition_id default for p_ci_builds_metadata (merge request)
• Track roadmap tab on epics detail page (merge request) GitLab Enterprise Edition
• Update compliance framework pipeline docs (merge request)
• Removes grace period for BackgroundMigration/MissingDictionaryFile (merge request)
• Blame controller refactoring (step 3) (merge request)
• Removes reduce_sub_batch_size_on_timeouts feature flag (merge request)
• Add migrations to truncate error_tracking tables on PostgresSQL (merge request)
• Blame controller refactoring (step 2) (merge request)
• Validate the projects.creator_id foregin key asynchronously (merge request)
• Add code suggestions to namespace settings (merge request)
• Remove FF github_import_gists (merge request)
• Update import workers to set memory resource boundary (merge request)
• Using BBM in TableManagementHelpers#enqueue_partitioning_data_migration (merge request)
• Simplify isEditing for Policy Editor Component (merge request) GitLab Enterprise Edition
• Rename variables used for project counts (merge request)
• Add index to vulnerability_occurrences table for override uuids logic (merge request)
• Remove unused index asynchronously (merge request)
• Swap note_diff_file.diff_note_id to bigint (merge request)
• Prepare async index for vulnerability_occurrences table (merge request)
• Blame controller refactoring (merge request)
• Clean up old redirect route (merge request) GitLab Enterprise Edition
• Update handling of project names in bulk import (merge request)
• Reorder primary key columns for ci_runner_machine_builds (merge request)
• Remove unused index synchronously (merge request)
• Remove db_load_balance_audit_event_streaming_worker feature flag (merge request) GitLab Enterprise Edition
• Swap epic_user_mentions.note_id to bigint (merge request)
• Swap suggestions.note_id to bigint (merge request)
• Update Admin::GroupsController#reset_runners_minutes feature_category (merge request)
• Documenting testing for multiple databases (merge request)
• Make CI config fetch timeout configurable (merge request)
• Backfill Migrations for ML::Candidate.internal_id (merge request)
• Filter out BEGIN/COMMIT correctly in metrics (merge request)
• Set data_consistency to delayed for AuditEventStreamingWorker (merge request) GitLab Enterprise Edition
• Refactors Ml::Candidate.eid usages to internal_id (merge request)
• Remove use_traversal_ids_for_root_ancestor FF (merge request)
• Migrate button group to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
• Update omniauth-auth0 rubygem to 3.1 by @pravi (merge request)
• Add new CI Variable CI_API_GRAPHQL_URL by @homersimpsons (merge request)
• Remove partition_id default from ci_builds (merge request)
• Exposing Finalizing BBMs in Admin portal (merge request)
• Moves Service Desk custom email credentials to own table (merge request)
• Cleanup BigInt conversion for ci_build_needs (merge request)
• Backfill application_settings product_analytics_data_collector_host (merge request)
• Improve error message for application_settings#archive_builds_in_seconds (merge request)
• Remove download_code column from member_roles (merge request)
• Single database testing documentation (merge request)
• Fixing specs for single-db-two-connections (merge request)
• Validate direct transfer enabled on source (merge request)
• Removing 'dropped' from deduplication_type while logging (merge request)
• FileLineBlame feature flag cleanup (merge request)
• Query members via namespaces (merge request)
• Cleanup extend reactivate trial feature (merge request) GitLab Enterprise Edition
• Fix spec violation - spying on methods (merge request)
• Validate direct transfer enabled on source (merge request)
• Upgrade to Vue 2.7 (merge request)
• Handle invalid filter for compliance filters (merge request) GitLab Enterprise Edition
• Remove the legacy_open_source_license_worker feature flag (merge request)
• Swap snippet_user_mentions.note_id to bigint (merge request)
• Reorder primary key columns for ci_runner_machine_builds (merge request)
• Remove partition_id default from ci_builds (merge request)
• Add partitioning check constraint to ci_builds (merge request)
• Consistent naming in for CodeQuality Pipelines (merge request) GitLab Enterprise Edition
• Swap design_user_mentions.note_id to bigint (merge request)
• Swap vulnerability_user_mentions.note_id to bigint (merge request)
• Swap commit_user_mentions.note_id to bigint (merge request)
• Documenting Docker install method switching to two connections (merge request)
• Remove full_path_project_search feature flag (merge request)
• Update header section (merge request) GitLab Enterprise Edition
• Swap merge_request_user_mentions.note_id to bigint (merge request)

15.10.7 (2023-05-10)

Fixed (1 change)

• Backport MR 119319 changes to 15-10-stable-ee GitLab Enterprise Edition

15.10.6 (2023-05-03)

Security (1 change)

• Only maintainers of projects should be able to assign runners to them (merge request)

15.10.5 (2023-05-01)

Security (9 changes)

• Set minimum role for importing projects to Maintainer (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Add specs for external users flag (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.10.4 (2023-04-21)

Fixed (1 change)

• Patch mail gem to handle TLS settings properly (merge request)

15.10.3 (2023-04-14)

Fixed (3 changes)

• Backport fixes for broadcast messages (merge request)
• Fix automatically-retried jobs stuck in pending state (merge request)
• Verify deploy keys settings for protected tags (backport) (merge request)

Changed (1 change)

• Change the order of vulnerability creation (merge request) GitLab Enterprise Edition

15.10.2 (2023-04-05)

Fixed (3 changes)

• Fix openapi viewer for relative url instances (merge request)
• Update mail gem to v2.8.1 (merge request)
• Move ldap option sync_name to ldap server and fix bugs by @zhzhang93 (merge request) GitLab Enterprise Edition

Changed (1 change)

• Migrate the existing RedisHLL keys to default slot (merge request)

15.10.1 (2023-03-30)

Fixed (2 changes)

• Sync security policy rule schedules that may have been deleted by bug
• Fix issue dashboard returning issues from archived projects

Security (15 changes)

• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Use UntrustedRegexp to limit scan of HTML comments (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.10.0 (2023-03-21)

Added (155 changes)

• Add wiki_access_level to group API (merge request) GitLab Enterprise Edition
• Add filter for approved status by @Taucher2003 (merge request)
• Show achievements on user profile (merge request)
• Run package metadata conditionally in dev (merge request) GitLab Enterprise Edition
• Add revoke achievement mutation and service (merge request)
• Add documentation for protected tags creation with deploy keys (merge request)
• Define ci_builds primary key as partitioned (merge request)
• Compliance frameworks report (merge request) GitLab Enterprise Edition
• feat: Enable auto-resolution of removed SAST rules by default (merge request)
• Filter projects by compliance framework presence (merge request) GitLab Enterprise Edition
• Add Squash TM integration by @pckerneis (merge request)
• Enable duo 2FA authentication support (merge request)
• Move work item notes out of FF and docs (merge request)
• Add documentations for Praefect DNS service discovery (merge request)
• Add github repo counts endpoint (merge request)
• Enable License Scanning Policies as new type for Scan Result Policies (merge request) GitLab Enterprise Edition
• repository: Remove license_from_gitaly feature flag (merge request)
• Introduce Kubernetes integration feature (merge request)
• Prepare MR user mentions for bigint migration (merge request)
• Apply auto-disabling failed hooks to group hooks (merge request) GitLab Enterprise Edition
• Consume seat when Guest's permissions are elevated using custom roles (merge request) GitLab Enterprise Edition
• Enable license scanning of CycloneDX files (merge request) GitLab Enterprise Edition
• Native attachments for Service Desk emails (merge request)
• Allows filtering of projects by negated compliance framework id (merge request) GitLab Enterprise Edition
• Support admin/external/required groups for OIDC (merge request) GitLab Enterprise Edition
• Added refresh_billable_member api (merge request) GitLab Enterprise Edition
• Update AbuseReportsFinder to allow filtering by reporter (merge request)
• Release Block all requests feature (merge request)
• Allow self-managed to prevent auto disabling hooks (merge request)
• Add search by author name to Commits API (merge request)
• Add merge requests compliance violations consistency worker (merge request) GitLab Enterprise Edition
• Document new redis settings start_down and set_replicaof (merge request)
• [385117] GitHub import: status of import for each relation-type tab (merge request)
• Add gitlab_dedicated_instance application setting (merge request)
• Adds AddResourceService & ValidateResourceService (merge request)
• Add table and model for container registry data repair details (merge request)
• Expose cycle and lead time metrics via GraphQL (merge request) GitLab Enterprise Edition
• Save github_identifiers to the DB on the last object import worker retry (merge request)
• feat: Added the breadcrumbs for slack page by @imrishabh18 (merge request) GitLab Enterprise Edition
• Allow filtering group members by user type (merge request)
• Merge trains POST API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Adds custom email verification model changes (merge request)
• Allow updating user subscriptions on a work item (merge request)
• Added truncation of the search term (merge request)
• Recreate user_type migration index (merge request)
• Allow comment on GQL vulnerabilityResolve mutation (merge request) GitLab Enterprise Edition
• Add update endpoint to draft note API (merge request)
• Display total weight of epic lists on boards (merge request) GitLab Enterprise Edition
• Backfill project_wiki_repositories table (merge request)
• Clean up child_epics_from_different_hierarchies FF (merge request)
• Add reference from p_ci_runner_machine_builds to ci_runner_machines (merge request)
• GraphQL: Add machines field to CiRunner type (merge request)
• Adjust VulnerabilityConfirm GraphQL mutation to accept comment (merge request) GitLab Enterprise Edition
• Add reordering to search language filter component (merge request)
• This MR introduces alert component (merge request) GitLab Enterprise Edition
• Enable creation of ci_runner_machines records for active ci_runners (merge request)
• Add product_analytics_data_collector_host column (merge request)
• GraphQL: Add CiRunner.createdBy field (merge request)
• Add coupon code terms to success alert and simplify associated logic (merge request) GitLab Enterprise Edition
• Integrate diagrams.net with the Content Editor (merge request)
• Add Notifications Widget to WorkItems (merge request)
• Audit event for event type filter deletion (merge request) GitLab Enterprise Edition
• [388716] Github importer: collaborators (members) (merge request)
• Support quick actions through new note (merge request)
• Admin only project edit page by @markus.ferrell (merge request)
• Allow to export work items with GraphQL mutation (merge request)
• Add dismissal reason to vulnerability details status (merge request) GitLab Enterprise Edition
• Blame page streaming (merge request)
• Add CLI regex for upcoming CLI UserAgent change (merge request)
• Introduce JobArtifact::BulkDestroy mutation (merge request)
• Add the deployment count to the GraphQL API (merge request) GitLab Enterprise Edition
• Allow to set design description in GraphQL API (merge request)
• Add visualization designer button (merge request)
• Add new event serializer to return JSON only response based on FF (merge request)
• Allow filtering of projects by compliance filters (merge request) GitLab Enterprise Edition
• Add value streams dashboard link component (merge request) GitLab Enterprise Edition
• Add language aggregation to code search (merge request) GitLab Enterprise Edition
• Add block all requests to admin/network settings (merge request)
• Add temporary indexes for user_type (merge request)
• Add design description column (merge request)
• Enable by default incident event tags (merge request)
• Adds audit event for audit event filter creation (merge request) GitLab Enterprise Edition
• Add index to oauth_access_grants.application_id (merge request)
• Accept comment in VulnerabilityRevertToDetected GraphQL mutation (merge request) GitLab Enterprise Edition
• Improve Purchase Errors mapping (merge request) GitLab Enterprise Edition
• Warning when branch name from issue contains a white space (merge request)
• Instrument Enterprise Users adoption (merge request) GitLab Enterprise Edition
• Add updated_before and updated_after filters to iterations API (merge request) GitLab Enterprise Edition
• Adds copy to clarify work-in-progress is excluded from VSA stages (merge request)
• Add user_has_committed and committers_can_approve to approvals API (merge request)
• Add requiredApprovalCount to ProtectedEnvironmentType (merge request)
• Add group web-hooks failed notifications by @alexkalderimis (merge request)
• Enable rule mode SEP UI for SAST IaC (merge request) GitLab Enterprise Edition
• Add types to async constraint validations (merge request)
• Validate and replace FK for ci_sources_pipelines and ci_builds (merge request)
• Validate and replace FK for ci_job_variables and ci_builds (merge request)
• Validate and replace FK for ci_build_trace_metadata and ci_builds (merge request)
• Add SAST IaC to scan execution policies (merge request) GitLab Enterprise Edition
• Create a wrapper for Rails.cache with metrics support (merge request)
• Enable CI hooks:pre_get_sources_script syntax (merge request)
• Add sync index for merge_request_diffs external_diff column (merge request)
• Finalize migration and add NOT VALID Foreign Key (merge request)
• Create award achievement GraphQL mutation (merge request)
• Add pipeline reference in state transition (merge request)
• Added updated_after and updated_before params to milestones API (merge request)
• Add markdown soft break on Shift+Enter (merge request)
• Add cost settings which belongs to a runner (merge request)
• Pre-create initial partition for ci_runner_machine_builds (merge request)
• Introduce ErrorAlert Component to Purchase flows (merge request) GitLab Enterprise Edition
• Schedule FK async validations for p_ci_builds_metadata partitions (merge request)
• Add rate limits for access of Projects API (merge request)
• Add inbound access control to projects (merge request)
• Add Create Runner mutation (merge request)
• Add code step (merge request)
• Add Create Runner mutation by @tschmitke (merge request)
• Cleanup add_refresh_pull_mirror_worker feature flag (merge request)
• Release GitLab for Slack notifications (merge request) GitLab Enterprise Edition
• Display parent and work item ID on detail page (merge request)
• Add audit even for agent token creation (merge request) GitLab Enterprise Edition
• Added deprecation warning for Slack on self-hosted (merge request)
• Frontend implementation of work item notes subscription (merge request)
• Expose issue count flow metric via GraphQL (merge request) GitLab Enterprise Edition
• Skip License#check_trueup when converting to cloud (merge request) GitLab Enterprise Edition
• Added the deprecation alert to Slack notifications (merge request)
• Refactor tests for admin mode by @TrueKalix (merge request)
• Add add_concurrent_index migration for index_namespaces_on_updated_at (merge request)
• Add add_concurrent_index migration for index_users_on_updated_at (merge request)
• Summary quick view of issuables using markdown (+s) (merge request)
• API Discovery analyzer for java spring-boot (merge request) GitLab Enterprise Edition
• Add pre scan verification create-update service (merge request)
• BG migration to add issue links to existing findings (merge request)
• Validate and replace FK for ci_build_report_results and ci_builds (merge request)
• SSO-provisioned users are redirected to SSO login after confirmation (merge request) GitLab Enterprise Edition
• Expose total weight for epic board list API (merge request) GitLab Enterprise Edition
• Add bulk_import_export_batches & bulk_import_batch_trackers db tables (merge request)
• Update FKs between p_ci_builds_metadata partitions and ci_builds (merge request)
• Adds delete action on package other versions tab (merge request)
• Validate and replace FK for ci_job_artifacts and ci_builds (merge request)
• Add frontend validation for discord id (merge request)
• Create namespace_ldap_settings table to move columns from namespaces (merge request)
• Add key_fingerprint_sha256 to SshSignatureType (merge request)
• Validate and replace FK for ci_build_needs and ci_builds (merge request)
• Add deployment approver settings to API by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add status and resolved_at columns to abuse_reports (merge request)
• Add ci_runner_machine_builds join table (merge request)
• Backend for Service Account MVC (merge request)
• Add logs for ci resource groups (merge request)
• Allow abuse reports from epic notes (merge request) GitLab Enterprise Edition
• Add sync index for lfs_objects file column (merge request)
• Add has_failures column to bulk_import_* db tables (merge request)
• Add add_provisioned_by_group_at to user_details (merge request)
• Add sync index for package_files file_name column (merge request)
• Index sbom_occurrences on project_id and id (merge request)
• Add Query.project.dependencies to graphql (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)

Fixed (173 changes)

• Fix URL base of API endpoint (merge request) GitLab Enterprise Edition
• Run in batches uuids count (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.19.1 (merge request)
• Work item add comment bug fix (merge request)
• Use only the valid report findings in PipelineVulnerabilitiesFinder (merge request) GitLab Enterprise Edition
• Fix to prevent unlimited CI includes (merge request)
• Fix duplication of thread comments on snippet and commit page (merge request)
• Different fixes for cleanup policies for container images (merge request)
• Fix NoMethodError: undefined method `sha' (merge request)
• Remove calendar icon from epic list item if no date exists (merge request) GitLab Enterprise Edition
• Address polling edge cases in runner registration (merge request)
• Fix Debian generate for group distributions by @sathieu (merge request)
• Put runner machine heartbet under a feature flag (merge request)
• Fix Debian tarball extensions by @sathieu (merge request)
• Fix work items links for relative url instance (merge request)
• Fix webhook failure callout sticky from some pages (merge request)
• Hide bulk deletion UI of container tags for users without permission (merge request)
• Fix alignment of diff system note icons (merge request)
• Check license for package metadata sync (merge request) GitLab Enterprise Edition
• Rebuild MR report approval rules on group access changes (merge request)
• Render broadcast messages preview in markdown (merge request)
• Expire Etag cache for Environemnt when deployment approved (merge request)
• Fix no author shown when changing state of vulnerability (merge request) GitLab Enterprise Edition
• Rebuild MR report approval rules on project access changes (merge request) GitLab Enterprise Edition
• Require disable_ddl_transaction on bbm finalization (merge request)
• Fix border radius on merge request filter (merge request)
• Run override UUID logic for the added and fixed findings (merge request) GitLab Enterprise Edition
• Fix bug causing only the last schedule type policy to run (merge request) GitLab Enterprise Edition
• Exclude archived projects from total and starred counts (merge request)
• Fix TypeError for empty blob.path (merge request) GitLab Enterprise Edition
• Support Maven artifact classifiers when checking for duplicates (merge request)
• Add support for OCI image indexes in Dependency Proxy (merge request)
• Enforce regex in security orchestration schema (merge request)
• Fix project-level VSA license check (merge request) GitLab Enterprise Edition
• Change occurrences column type to join feedback table (merge request) GitLab Enterprise Edition
• Fix styling of add issuable form input wrapper (merge request)
• Fix yaml load compatible issue by @chaomao (merge request)
• Fix border radius on pending comments (merge request)
• Prevent multiple package metadata sync jobs (merge request) GitLab Enterprise Edition
• Use access exclusive lock for FKs on partitioned tables (merge request)
• Fix license approval policies to consider non-default branches (merge request) GitLab Enterprise Edition
• Fix incorrect has_issues on vulnerability_reads (merge request)
• Fix Profile GPG key timeago tooltip (merge request)
• Improve Scan Details alignment and UI issues (merge request) GitLab Enterprise Edition
• Fix finding details header by @jschafer-gitlab (merge request) GitLab Enterprise Edition
• Fix gitlab cleanup tags service default status (merge request)
• Fix artifacts:public accessiblity parameter (merge request)
• Reduce the chances of deadlocks for builds migrations (merge request)
• Fix 500 error for Instance level SCIM identities (merge request) GitLab Enterprise Edition
• Fix spacing on summary comment tabs (merge request)
• Fix double focus outline in content editor (merge request)
• Fix markdown anchor icon in dark mode (merge request)
• Handle InvalidForeignKey errors when indexing deleted projects (merge request) GitLab Enterprise Edition
• Seperate out jobs count query (merge request)
• Fix bug where adding other approver type is added (merge request) GitLab Enterprise Edition
• Fix namespace null bug (merge request)
• Fix border radius on collapsed replies in diffs (merge request)
• Don't show checklist item dropdown within tables (merge request)
• Label dropdown: fix color swatches :focus (merge request)
• Fix dollar replacements in sprintf (merge request)
• Modifies contribution analytics GraphQL query to be recursive (merge request) GitLab Enterprise Edition
• Removed debounce from issues query (merge request)
• Fixed root_ancestor inside transaction (merge request)
• Avoid 404 on empty Debian component file by @sathieu (merge request)
• Standardize related items counters (merge request)
• Add order_by: 'similarity' to invite group API request (merge request)
• Fix N+1 for search notes (merge request) GitLab Enterprise Edition
• Fix task widget border radius (merge request)
• Process packages with not all details (merge request) GitLab Enterprise Edition
• Fix whitespace after author name in note header (merge request)
• Disallow terraform state management if config is disabled (merge request)
• Fix(Subscription Sync): hide button legacy/offline (merge request) GitLab Enterprise Edition
• Remove non-user links from todos (merge request)
• Adds display for errors in Jupyter Notebooks (merge request)
• Require reCAPTCHA for trial registrations (merge request) GitLab Enterprise Edition
• This MR adds handling yaml parsing errors (merge request) GitLab Enterprise Edition
• Prevent validating an invalid promo code once invalid (merge request) GitLab Enterprise Edition
• Fix UI consistencies in bulk update sidebar (merge request)
• Fix unintended changes in db dictionary after db:migrate (merge request)
• Fix icon and textfield in incident timeline by @Mughees_ (merge request)
• Do not include hidden issues in the ES result (merge request) GitLab Enterprise Edition
• Restore style after leaving fullscreen / zen mode by @winniehell (merge request)
• Splat attributes in update_issue call (merge request)
• Remove special handling of trace in DestroyBatchService (merge request)
• Fixes the border-radius of the tasks widget (merge request)
• Fix finding details header (merge request) GitLab Enterprise Edition
• Add guards for issue instance proxy (merge request) GitLab Enterprise Edition
• Fix typo in Terraform template docs example by @artpropp (merge request)
• Fix ignored task that falls between HTML comments (merge request)
• Use proxy base url for http_url_to_repo (merge request) GitLab Enterprise Edition
• Fix foreign_key_exists? migration helper (merge request)
• Increases size limit for Jupyter Notebook diffs (merge request)
• Do not parse git-notes commits during git access checks (merge request)
• Fix alignment of participants in issuable sidebar (merge request)
• Fix contribution calendar not respecting "First day of the week" (merge request)
• Fix unselectable group webhooks (merge request) GitLab Enterprise Edition
• Fix timeout error while deleting approval rules from scan result policy (merge request) GitLab Enterprise Edition
• Ensure corpus management has active nav (merge request) GitLab Enterprise Edition
• Resolve vulnerabilities for each scanner found in the scan report (merge request) GitLab Enterprise Edition
• Fix notebook viewer switching (merge request)
• Reset subscription max_seats_used on trial upgrade (merge request) GitLab Enterprise Edition
• Issuables author :focus fix (merge request)
• Use min and max date to prevent setting end dates before start dates (merge request) GitLab Enterprise Edition
• Fixing tests for single-db-two-connection (merge request)
• Hide scan details when no report summary scans are available (merge request) GitLab Enterprise Edition
• Fix comment links on work items (merge request)
• Allow blank scope for aggregations endpoint (merge request) GitLab Enterprise Edition
• Provide default path for protected environments (merge request)
• Fix inconsistent behaviour in design comments (merge request)
• Fix :focus on participants (merge request)
• Fix protected environment user list title (merge request)
• Add a boolean field hidden in the Issue ES mapping (merge request) GitLab Enterprise Edition
• Breadcrumb: fix :focus (merge request)
• Fix ArgumentError, use default sort by name (merge request)
• Draft: Use epicsCount from metadata instead of from the list (merge request) GitLab Enterprise Edition
• Fix regex for destination namespace path (merge request)
• Allow searching by full path (merge request)
• Enable Geo::RepositoryRegistrySyncWorker on Geo secondary site (merge request) GitLab Enterprise Edition
• Guard against dropped columns when finalizing user details migration (merge request)
• Replace old image with SVG for empty MR state (merge request)
• Fix ArgumentError for Integrations::Campfire (merge request)
• Open vulnerability history comment editor on focus (merge request) GitLab Enterprise Edition
• Work item: fix title :focus (merge request)
• Change order of CSS imports to fix search icon UI (merge request)
• Update yml validation to be more clear (merge request)
• Add response caching for aggregations (merge request) GitLab Enterprise Edition
• Fix null exception for approvals_before_merge (merge request) GitLab Enterprise Edition
• Fix edge case when parent set to nil (merge request)
• Avoid overwriting runner cached values on job API calls (merge request)
• Include memberships from groups shares in preloader (merge request)
• Fix merge checks group name fetching issue (merge request) GitLab Enterprise Edition
• Deduplicate Group & Project destroy workers (merge request)
• Fix note edited i18n issue (merge request)
• Remove spy on component methods (merge request)
• Fix object deletion not working with Azure Blob Storage (merge request)
• [383842] GitHub importer: fix note attachments (merge request)
• Fix typo in the error message rendering (merge request)
• Update createBranch path with a new value (merge request)
• Fix helpPagePath for import table by @Taucher2003 (merge request)
• Sync pipeline commit message for Jira keys (merge request)
• Modify creating resource access token to create email with random part (merge request)
• Fix NotNullViolation in issues API (merge request)
• Add word-break to generic-sec-report tables (merge request) GitLab Enterprise Edition
• Restore original tooltip after copying (merge request)
• Fix #retry_lock overriding .current_scope (merge request)
• Removing FF deduplicate_archive_traces_cron_worker (merge request)
• Fix page navigation alignment on dependencies / licenses pages (merge request) GitLab Enterprise Edition
• Fix invalid return when malformed data (merge request) GitLab Enterprise Edition
• Fixes logic for when we reset subscription seats (merge request) GitLab Enterprise Edition
• Fix date parsing issue on firefox for datetime on bcast msg (merge request)
• Fix Code Quality text contrast (merge request)
• Abstract count from query (merge request)
• Don't allow nil value for allow_force_push (merge request)
• Fix dependency check in license approval policies (merge request) GitLab Enterprise Edition
• GitLab Direct Transfer - update invalid source GitLab URL error message (merge request)
• Remove valid? check when rendering link (merge request)
• Hide Infra::Google Cloud menu if Google OAuth2 disabled (merge request)
• Fix epic roadmap focus states (merge request) GitLab Enterprise Edition
• Fix imported project labels having a group_id (merge request)
• Remove html comment from text/plain variant "new_review_email" by @xdavidwu (merge request)
• Use spec_helper where required (merge request)
• Fix 500 error for calls without JWT token to Git http (merge request)
• Fix caching headers, drop HTTP/1.0 support (merge request)
• Hide merged date sort option for open/closed MRs page (merge request)
• Fix months dropdown for the usage quotas feature (merge request) GitLab Enterprise Edition
• Updates dashboard design closer to designs and fixes navigation bug (merge request)
• Add services:variables to CI schema (merge request)
• Allow pipeline schedule owner to call take_ownership API (merge request)
• Use declarative enum on external issue link type by @przbadu (merge request) GitLab Enterprise Edition
• Fix S3 backups not working on FIPS systems (merge request)
• Handle rendering errors from reStructuredText (merge request)
• Fix cascading attr ability to set value back to same as ancestor (merge request)
• Fix OAuth application creation through API (merge request)

Changed (249 changes)

• Add polling for pending external status checks (merge request) GitLab Enterprise Edition
• Add ops feature flag to stop pruning old events (merge request)
• This MR changes variant of alert (merge request) GitLab Enterprise Edition
• Allow public runner releases to be disabled (merge request)
• Enhance Security & Compliance Error Handlings (merge request) GitLab Enterprise Edition
• Improve help text for compliance framework configuration UI (merge request) GitLab Enterprise Edition
• Run Gemnasium on file matches in all directories (merge request)
• Adds repository sorting by total storage size (merge request) GitLab Enterprise Edition
• Add default owner for CODEOWNERS section (merge request) GitLab Enterprise Edition
• Remove 'redis_key' from known_events (merge request)
• Fix spec violations in dashboard_spec.js (merge request) GitLab Enterprise Edition
• Add column chart visualization (merge request) GitLab Enterprise Edition
• Fixed spec violations in table_spec.js (merge request) GitLab Enterprise Edition
• Application settings: Remove container limited class (merge request)
• Related merge requests: Enhance styling (merge request)
• Highlight possibility of conflict between branch names settings (merge request)
• Unbox work items (merge request)
• Add complexity and gitaly flag against suggest_approvers field (merge request) GitLab Enterprise Edition
• Changed source of current source data (merge request)
• Use linear ancestors_upto namespace queries (merge request)
• Use linear queries for namespace roots (merge request)
• This MR replaces profiles input fields (merge request) GitLab Enterprise Edition
• Added ability to hide issues in default dropdown (merge request)
• Added response body, changed status (merge request) GitLab Enterprise Edition
• Clean up project and group milestone pages (merge request)
• Add topics help text on the project settings page by @Cryptopone (merge request)
• Reschedule migration for remediation (merge request)
• Removing apple_app_store_integration feature flag (merge request)
• Detail page header: remove borders (merge request)
• Add keyset pagination to project audit events api (merge request) GitLab Enterprise Edition
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Hide upgrade billing for ramped subscriptions (merge request) GitLab Enterprise Edition
• Update license scanning widget with license approval policies (merge request) GitLab Enterprise Edition
• Update ruby-magic to v0.6.0 (merge request)
• Unbox widgets (merge request) GitLab Enterprise Edition
• Remove feature flag cache_client_with_metrics (merge request)
• Improve shared examples with status code by @TrueKalix (merge request)
• Set DS_SCHEMA_MODEL to 15 in Container Scanning CI template (merge request)
• Make switching between editors seamless (merge request)
• Issue: related merge request information (merge request)
• Add check that the Gitlab API is supported (merge request)
• Removes feature flags for refresh seats worker (merge request) GitLab Enterprise Edition
• Streamline from input height (merge request)
• Issues: consolidate buttons (merge request) GitLab Enterprise Edition
• Use linear self_and_hierarchy namespace queries (merge request)
• Add event_types for FeatureFlag audit events (merge request)
• Migrate the commit filtering report to include all commits (merge request) GitLab Enterprise Edition
• Replace admin group, project, and topic avatars with pajamas component (merge request)
• Remove customizable_roles feature flag (merge request) GitLab Enterprise Edition
• Add spacing and migrate card for user usage quotas (merge request)
• Remove extra padding from abuse report actions (merge request)
• Change pipeline stats (merge request) GitLab Enterprise Edition
• Remove 'transparent_sso_enforcement` feature flag (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• refactor: Buton migrated to Pajamas compliant by @imrishabh18 (merge request)
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Add redis counter for manifest delete events (merge request)
• Use project's usage_quotas instead of direct URL (merge request) GitLab Enterprise Edition
• Updated copy on free and trial registration pages (merge request)
• Legacy dropdown improvements (merge request)
• Update free user limit alert copy for non-owner roles (merge request) GitLab Enterprise Edition
• Improve revert/cherry-pick error messages (merge request)
• Fix deprecated interface for YAML.safe_load (merge request)
• Remove tag icon in container registry by @parkourkarthik (merge request)
• Update ruby-magic to v0.5.5 (merge request)
• Wiki directory follow page when they have been combined by @zhyhchg (merge request)
• refactor: Changed the card to pajamas compliant by @imrishabh18 (merge request)
• Migrate start and end date button on burndown chart (merge request)
• Migrate restore group button to pajamas component (merge request)
• Reduce sub-batch size for failed Batched Background Migration Jobs (merge request)
• Migrate edit merge request button to pajamas component (merge request)
• Adds triggers to Database Schema validations (merge request)
• Scope issue model iid to namespace (merge request)
• Use small variant for pending comment badge (merge request)
• Add audit events for sharing a group membership to another group (merge request) GitLab Enterprise Edition
• Removes prefixed asterisk for path filters (merge request) GitLab Enterprise Edition
• Migrate projects auto devops card to pajamas (merge request)
• Delete orphaned packages dependencies (merge request)
• Group overview: changes recent activity bold text to content (merge request) GitLab Enterprise Edition
• Migrated Read more button to Pajamas on project env page (merge request)
• This MR replaces tooltip with popover (merge request) GitLab Enterprise Edition
• Set 'send_user_confirmation_email' application (merge request)
• Create label: add color picker (merge request)
• Update card component in Project mirror settings (merge request)
• Migrate 2fa cards to Pajamas components (merge request)
• Update cards component in project starrer page (merge request)
• Remove dynamic_nonce feature flag (merge request)
• Make Security Sidebar part of "Your Work" (merge request) GitLab Enterprise Edition
• Remove disabled_mr_discussions_redis_cache feature flag (merge request)
• Update installation command for maven package (merge request)
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Remove enforce_max_attachment_size_upload_api feature flag (merge request)
• Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
• Remove bottom border from page titles (merge request)
• Added unlimited members alert to members pages (merge request) GitLab Enterprise Edition
• Timeline: tidy up system notes (merge request)
• Migrate evidences from raw_metadata (merge request)
• Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
• Add cache for Software Licenses table (merge request) GitLab Enterprise Edition
• Fixes the alignment of the bio on the user profile page (merge request)
• Add cicd config button when missing yaml (merge request)
• Update Slack authorization page UI (merge request)
• Remove linear_user_manageable_groups feature flag (merge request)
• Remove linear_project_ancestors feature flag (merge request)
• Remove use_iid_in_work_items_path feature flag from backend (merge request)
• Use icon button for subscribe to rss feed/calendar (merge request)
• Add tooltip to pending badge (merge request)
• Translate error messages when creating security policy projects (merge request) GitLab Enterprise Edition
• Update table header (merge request)
• Update gitlab pages (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Renames fk_rails_f601258b28 FK to fk_rails_0434b48643 on events table (merge request)
• Removed CTA from Free Plan on billings page (merge request) GitLab Enterprise Edition
• This MR adds switch mode for runner tags (merge request) GitLab Enterprise Edition
• Update css_parser gem to v1.14.0 (merge request)
• Rename "CI / CD > Test Cases" to "CI / CD > Test cases" (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Keep author and timiestamp visible when editing comment (merge request)
• Remove enforced_sso_expiry feature flag (merge request) GitLab Enterprise Edition
• Add breadcrumb linking to dashboard page to project#new (merge request)
• Add breadcrumb linking to dashboard page to group#new (merge request)
• Clean up invite_members_in_side_nav experiment (merge request)
• Hide access token related instructions for public pypi package (merge request)
• Add colors to user tokens on escalation view (merge request) GitLab Enterprise Edition
• Removes feature flag user_search_simple_query_string (merge request) GitLab Enterprise Edition
• Hanlde issue model to reference through the namespace (merge request)
• Add status check id to MR status check widget (merge request) GitLab Enterprise Edition
• Unconcatenate errors for personal access tokens (merge request)
• Database migration for new deny all app setting (merge request)
• Update dependency auto-build-image to v1.30.0 (merge request)
• Enable full_path_project_search feature flag by default (merge request)
• Expose max_seats_used_changed_at in namespace API (merge request) GitLab Enterprise Edition
• Sync Security Policies only for project with updated protected branches (merge request) GitLab Enterprise Edition
• Fix combine page directory case sensitivity bug (merge request)
• Distinguish authentication errors in commits API (merge request)
• Use Gitlab.com? to check if a container has been migrated (merge request)
• User profile page header tidy (merge request)
• Remove the feature flag bulk_cron_worker_auto_requeue (merge request) GitLab Enterprise Edition
• Rename "Configuration" to "Security configuration" (merge request)
• Rename "Repository > Locked Files" to "Repository > Locked files" (merge request)
• Rename "Repository > Contributors" to "Contributor statistics" (merge request)
• Support Ubuntu ddeb by @sathieu (merge request)
• Remove integration_id column from chat_names (merge request)
• User avatar link: fix spacing (merge request)
• Make catalog_resources.project_id to be unique (merge request)
• Update parsing of *_DISABLED variables (merge request)
• Your Work: Environments and Operations Dashboard (merge request) GitLab Enterprise Edition
• Change widget empty state of work items & linked issues/epics (merge request)
• Removes advanced_user_search feature flag (merge request) GitLab Enterprise Edition
• Merged message: change alignment of revert and cherry-pick buttons (merge request)
• Validates db/structure.sql changes without migrations (merge request)
• Rename "Discover" to "Security capabilities" (merge request) GitLab Enterprise Edition
• Prevent Ruby sessions from serializing arbitrary objects (merge request)
• Update super-sidebar styles and add overlay (merge request)
• This MR introduces tags parsing error handling (merge request) GitLab Enterprise Edition
• Update merge strategy labels for Mr. Widget (merge request)
• Move follower counts on profile page (merge request)
• Add check_type enum to PreScanVerificationStep (merge request) GitLab Enterprise Edition
• New section to disable all 2FA (merge request)
• Rename "Repository > Compare" to "Repository > Compare revisions" (merge request)
• Add link to redirect back to sign-up page (merge request)
• Improve visibility of SAST Analyzers banner (merge request) GitLab Enterprise Edition
• Remove the parallel_bulk_cron_worker feature flag (merge request) GitLab Enterprise Edition
• Schedule async temp index on finding report types (merge request)
• Remove use_response_url_for_chat_responder FF (merge request)
• Migrate links for vulnerability findings from (merge request)
• Suppress routing error log messages with POST /jwt/auth route (merge request)
• Standardize note edited presentation (merge request)
• Expand invite modal buttons (merge request)
• Send email when exporting work items as CSV (merge request)
• Implement partially cached MR security reports paths (merge request) GitLab Enterprise Edition
• Improve shared examples for api admin mode by @TrueKalix (merge request)
• Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
• Remove the feature_flag code_basic_search_files_by_regexp (merge request)
• Drop unnecessary storing of WebAuthn credential options in session (merge request)
• Updated Security Compliance SideNav text to sentence case by @parkourkarthik (merge request)
• Fix(Subscr.): success notification + loading icon (merge request) GitLab Enterprise Edition
• This MR updates tags field to be a dropdown (merge request) GitLab Enterprise Edition
• Security warning when rebasing (merge request)
• Log an activity event when an agent token is revoked (merge request)
• Change default public cost factor (merge request)
• Migrate the remediation data into their own (merge request)
• Streamline appearance of widgets (merge request)
• Add styles for line sticky headers (merge request) GitLab Enterprise Edition
• Change private method default values (merge request) GitLab Enterprise Edition
• Adds fuzzy to the list of advanced search syntax options (merge request) GitLab Enterprise Edition
• Add sync creation of next_over_limit_check_at index (merge request)
• Use linear ancestor queries (merge request)
• Use linear queries for namespace ancestor queries (merge request)
• Add specific DORA metric fields to Graphql type (merge request) GitLab Enterprise Edition
• Update webauthn gem to v3.0 (merge request)
• Improves the consistency of the dropdowns (merge request)
• Update scan policies text (merge request)
• Adds project_id to the Note API entity (merge request)
• Update vulnerability_reads trigger to set has_issues (merge request)
• Cleanup 'rely_on_protected_branches_cache' feature flag (merge request)
• Add Search::ReindexingService (merge request) GitLab Enterprise Edition
• Updates advanced user search to use simple query string and fuzzy match (merge request) GitLab Enterprise Edition
• Load partitioned index name if enabled (merge request) GitLab Enterprise Edition
• Launch invite modal from invite members in top nav (merge request)
• Add expand/collapse button on list in wiki sidebar by @qk44077907 (merge request)
• Decrease maximum runtime for VSA aggregations (merge request) GitLab Enterprise Edition
• Add same ssh ports check for geo::check rake task (merge request) GitLab Enterprise Edition
• Renaming the rules label to conditions (merge request) GitLab Enterprise Edition
• Switch package metadata sync to run hourly (merge request) GitLab Enterprise Edition
• Geo: Verification of container repositories (merge request)
• Introduce registry_size_estimated to namespace_root_storage_statistics (merge request)
• Improve issuable locked warning styling (merge request)
• Create index on approval_rules for scan_result_policy_id (merge request)
• Raise CI variables limits on gitlab.com (merge request)
• Validate oauth_access_tokens#expires_in not null (merge request)
• Truncate commits that exceeds the new commits note display limit (merge request)
• Update delete icon in manual var form (merge request)
• Cleanup 'delayed_repository_update_mirror_worker' feature flag (merge request)
• Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
• Update activation error handling (merge request) GitLab Enterprise Edition
• Set GITALY_SERVERS for gitaly-backup (merge request)
• Update component to use GraphQL jobPlay (merge request)
• Update dependency auto-deploy-image to v2.47.0 (merge request)
• Fetch and display report data (merge request) GitLab Enterprise Edition
• Refactors component ml_experiments_show.vue (merge request)
• Clean up invite_for_help_continuous_onboarding (merge request)
• Group issue-board controls into ellipsis dropdown (merge request)
• Prepare async foreign key validation for ci_build_trace_metadata (merge request)
• Prepare async foreign key validation for ci_job_variables (merge request)
• Prepare async foreign key validation for ci_sources_pipelines (merge request)
• Add default_color_scheme to Gitlab settings by @colin969 (merge request)
• Remove N+1 when loading finding link relations in serialization (merge request) GitLab Enterprise Edition
• Show group sidebar while creating a new subgroup or project (merge request)
• Scope FK name uniqueness to the table name (merge request)
• Add runner registration page (merge request)
• Remove feature flag ci_use_downstream_pipeline_duration_for_calculation (merge request)
• Allow new Slack integrations created on GitLab.com (merge request)
• Lock timelogs when project is archived by @Taucher2003 (merge request)
• Ask for recovery code if WebAuthn is the only 2FA (merge request)
• Improve devise error_message by @ali_o_kan (merge request)
• Swap the order of pin and password fields (merge request)
• Wording changes related to webauthn_without_totp (merge request)
• Show numeric keyboard on mobile for 2fa codes (merge request)
• Cleaned up successful experiment trial_email_validation (merge request)
• Cache search#autocomplete on the frontend (merge request)
• [Feature flag] Clean Up all_commits_compliance_report feature flag (merge request) GitLab Enterprise Edition
• Remove NO_ACCESS option from unprotect_access_level (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.29.0 (merge request)
• Resolve vulnerabilities from successful scans (merge request) GitLab Enterprise Edition
• Hide software license policies created through scan result policy (merge request) GitLab Enterprise Edition
• Add index on vulnerability_reads (merge request)
• Add index for next_over_limit_check_at (merge request)
• Remove ignore for dropped user profile fields by @brianjaustin (merge request)

Deprecated (2 changes)

• Remove default_value_for gem (merge request)
• UNSTRUCTURED_RAILS_LOG disabled by default (merge request)

Removed (26 changes)

• Cleaned up video_tutorials_continuous_onboarding experiment (merge request) GitLab Enterprise Edition
• Add cleanup migration for orphan Software Licenses (merge request)
• Remove bulk_import_projects from frontend (merge request)
• Remove group_administration_nav_item feature flag (merge request) GitLab Enterprise Edition
• Remove exponential increase experiment (merge request)
• Remove audit log group level feature (merge request) GitLab Enterprise Edition
• Remove learn gitlab project creation (merge request) GitLab Enterprise Edition
• Remove issue templates promotion pop up (merge request) GitLab Enterprise Edition
• Clean up environments search logging feature flag (merge request)
• Drop revokable from achievements by @Taucher2003 (merge request)
• Remove incorrectly onboarded namespaces from onboarding table (merge request)
• [385649] Rollout FF github_client_fetch_repos_via_graphql (merge request)
• git: Remove unused root tree object ID from Git::Tree (merge request)
• Removed cube_api_proxy flag (merge request)
• Remove backup upload drivers Openstack Swift and Rackspace (merge request)
• Remove reactivate/extend trial button (merge request)
• Remove dast_site_validation_drawer feature flag (merge request) GitLab Enterprise Edition
• Remove deprecated path (merge request)
• Remove the send_user_confirmation_email column (merge request)
• Remove concurrent index for index_ci_builds_on_token_encrypted (merge request)
• Prepare async index removal of token for ci_builds (merge request)
• Remove Jira Connect public key storage config (merge request)
• Remove revoke_ssh_signatures feature flag (merge request)
• Remove action_monthly_active_users_web_ide_edit metric (merge request)
• Remove feature flag improved_spread_parallel_import (merge request)
• Remove errantly onboarded namespaces (merge request)

Security (24 changes)

• Protect Datadog API key by changing Datadog site
• Stop Group Transfer Service if SAML Provider or SCIM token is present
• Disallow maintainer to create an owner access token
• Verify Kroki diagram type
• Fix pagination limits for Commits API
• Using builds metadata to determine debug_mode
• Check read_release permission before showing releases in Tags API
• Mask Google IAP account details in Prometheus integration
• Block private personal snippet from unauthorized users
• Protect integrations' sensitive information exposed via API
• Paste only text content in work items title
• Jira DVCS OAuth Open Redirect Vulnerability
• Protect Datadog API key by changing Datadog site
• Stop Group Transfer Service if SAML Provider or SCIM token is present
• Disallow maintainer to create an owner access token
• Verify Kroki diagram type
• Fix pagination limits for Commits API
• Using builds metadata to determine debug_mode
• Check read_release permission before showing releases in Tags API
• Mask Google IAP account details in Prometheus integration
• Block private personal snippet from unauthorized users
• Protect integrations' sensitive information exposed via API
• Paste only text content in work items title
• Jira DVCS OAuth Open Redirect Vulnerability

Performance (10 changes)

• Remove index on events.actions async (merge request)
• Remove notes id while initializing notes component (merge request)
• Use replica to fetch package licenses (merge request) GitLab Enterprise Edition
• Swap explore/groups performance fix to .com only (merge request)
• Use custom Redis backend for Rack::Attack (merge request)
• Increase request timeout in bulk imports (merge request)
• Remove FF for token removal (merge request)
• Add etag caching for epic changes (merge request) GitLab Enterprise Edition
• Remove redundant project selection (merge request)
• Improve performance while exporting CI pipelines (merge request)

Other (55 changes)

• Add worker to wait for project export relations to finished (merge request)
• Edit or remove links to deleted docs (merge request)
• Add BulkImports::ExportBatch & BulkImports::BatchTracker models (merge request)
• Remove repack_after_shard_migration feature flag (merge request)
• Add test cases for work items title and milestone (merge request)
• Handle design notes error logic in single component (merge request)
• Delete security_policy_bot user records (merge request)
• Provide :debug_permission_checks flag for specs (merge request)
• Backfill the prepared_at column for older merge requests (merge request)
• Extend redis hll metrics for github import (merge request)
• Cop to ensure BBM has the associated dictionary file (merge request)
• Creates migration to swap columns (merge request)
• Change VSD url (merge request) GitLab Enterprise Edition
• Update Import failures to include subrelation errors (merge request)
• Remove bulk_import_projects feature flag (merge request)
• Lock net-protocol version to match the monkey patch (merge request)
• Fix rake/require offence in following files: by @przbadu (merge request)
• Clean up p_ci_builds_metadata schema (merge request)
• Remove EnumWithNil helper (merge request)
• Finalize conversion of timelogs.note_id to bigint (merge request)
• Remove hash_oauth_secrets feature flag (merge request)
• Update gitlab-qa gem version (merge request)
• Add migrations_should_finish on elastic_index_dependant_association (merge request) GitLab Enterprise Edition
• Update Codeowners after Certify change (merge request)
• Update Gitlab Shell version to 14.18.0 (merge request)
• Validate and replace FK for p_ci_builds_metadata and ci_builds (merge request)
• Creates a dictionary file on generating the BBM (merge request)
• Remove invalid deprecation notice about maintainer_note (merge request)
• Schedule temporary partitioning indexes removal (merge request)
• Prepare async index on expire_at for unlocked non-trace job artifacts (merge request)
• Remove ci_destroy_unlocked_job_artifact feature flag (merge request)
• Backfill merge request compliance violations table (merge request)
• Add metrics for Redis Cluster redirection (merge request)
• Patch ActiveRecord Preloader to imiatate Rails 7 interface (merge request)
• Remove notes_create_service_tracking feature flag (merge request)
• Adds CIComponentRepositories table (merge request)
• Update CI includes counting structure to include duplicates (merge request)
• Suggest refreshing LDAP group sync page (merge request) GitLab Enterprise Edition
• Remove span to fix button sizing (merge request)
• Make WIP limits button use sentence case (merge request)
• Updating BBM docs to include generators info (merge request)
• Drop non-partitioned FK for ci_running_builds and ci_builds (merge request)
• Drop non-partitioned FK for ci_pending_builds and ci_builds (merge request)
• Make delete action danger variant (merge request)
• Update release version info for direct transfer group relations (merge request)
• Default enable vue_issues_dashboard feature flag (merge request)
• Set traversal_ids on save (merge request)
• Rake task gitlab:db:lock_writes should include table partitions (merge request)
• Add alternative Redis backend for Rack::Attack (merge request)
• Update BulkImport#has_failures attribute when a new failure is created (merge request)
• Creates migration for finalizing ciBuildNeeds BigInt conversion (merge request)
• Remove fallback reads for MultiStore (merge request)
• Remove route_hll_to_snowplow_phase2 feature flag (merge request)
• Add Snowplow instrumentation for secrets usage (merge request) GitLab Enterprise Edition
• Refactor root sha access code (merge request)

change (1 change)

• Update submit buttons to use Pajamas component (merge request)

15.9.8 (2023-05-10)

No changes.

15.9.7 (2023-05-03)

Security (1 change)

• Only maintainers of projects should be able to assign runners to them (merge request)

15.9.6 (2023-05-01)

Security (8 changes)

• Resolve ambiguous references for archive metadata (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.9.5 (2023-04-21)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.9.4 (2023-03-30)

Security (16 changes)

• Add checks to remove open redirects from Observability URL (merge request)
• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Use UntrustedRegexp to limit scan of HTML comments (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.9.3 (2023-03-09)

Fixed (4 changes)

• Fix foreign_key_exists? migration helper (merge request)
• Enable Geo::RepositoryRegistrySyncWorker on Geo secondary site (merge request) GitLab Enterprise Edition
• Guard against dropped columns when finalizing user details migration (merge request)
• Fix object deletion not working with Azure Blob Storage (merge request)

15.9.2 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.9.1 (2023-02-23)

Fixed (2 changes)

• Fix Broadcast messages not showing in admin console (merge request)
• Fix dependency check in license approval policies (merge request) GitLab Enterprise Edition

15.9.0 (2023-02-21)

Added (223 changes)

• Initialize conversion of notes.id to bigint (merge request)
• Add top-level groups GraphQL query (merge request)
• Add aditional arguments to IssuesBulkUpdate mutation (merge request)
• Expose project visibleForks in GraphQL (merge request)
• Add MR settings support for group (EE frontend) by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add EE only metrics for license compliance MR widget (merge request)
• Add widget definitions table (merge request)
• Board - Move epic at top or bottom of list (merge request) GitLab Enterprise Edition
• Add package metadata ingestion service (merge request)
• Initialize the conversion of todos.note_id to bigint (merge request)
• Allow users to stop stale environments via the UI (merge request)
• Process webhook notification to send HLLRedis metrics (merge request) GitLab Enterprise Edition
• Add ability to re-import projects for project importers (merge request)
• Migration to re-enqueue epic cache counts update (merge request)
• Add metric for integrations with Jira (merge request)
• Add GraphQL mutation to approve or reject deployment (merge request) GitLab Enterprise Edition
• Extend Scan Result Policies to process License Approval Policies (merge request) GitLab Enterprise Edition
• Adds bulk delete UI for other versions of package (merge request)
• Add inbound access control to projects (merge request)
• Display revoke-ssh-key button by default (merge request)
• Add more placeholders to service desk custom templates (merge request)
• Show access as "Custom" in UI when custom role (merge request) GitLab Enterprise Edition
• Adds menu to open Model experiments (merge request)
• Add mirror branch setting radio and regex input by @qk44077907 (merge request) GitLab Enterprise Edition
• Allow user to toggle labels on Roadmap (merge request) GitLab Enterprise Edition
• Create a new table for storing automation rules (merge request)
• Initialize conversion of suggestions.note_id to bigint (merge request)
• Initialize conversion of vulnerability_user_mentions.note_id to bigint (merge request)
• Initialize conversion of merge_request_user_mentions.note_id to bigint (merge request)
• Allow to export work items as CSV (merge request)
• Introduce migration for emails_enabled column by @joe-snyder (merge request)
• Add sync service (merge request) GitLab Enterprise Edition
• API to create gitlab ci yml merge request (merge request) GitLab Enterprise Edition
• Add scan result policy relation to approval rules (merge request)
• Display package errors on Other versions tab of package registry (merge request)
• Add partitioned index and FK for ci_job_artifacts and ci_builds (merge request)
• Add partitioned index and FK for ci_build_trace_metadata and ci_builds (merge request)
• Add scheduled job to start package metadata sync (merge request) GitLab Enterprise Edition
• Allow releases to be downloaded by sessionless users (merge request)
• Rebalance partition_id for ci_builds (merge request)
• Add API::MemberRoles endpoints to OpenApiV2 documentation (merge request) GitLab Enterprise Edition
• Allow milestones to be specified by ID on the release API (merge request)
• Initialize conversion of timelogs.note_id to bigint (merge request)
• Initialize conversion of system_note_metadata.note_id to bigint (merge request)
• Add shared example for testing admin mode by @TrueKalix (merge request)
• Add Jira Connect public key store setting (merge request)
• Add Gitaly dns scheme support (merge request)
• Add warning about native attachments in Service Desk comments section (merge request)
• Initialize conversion of note_diff_files.diff_note_id to bigint (merge request)
• Initialize conversion of issue_user_mentions.note_id to bigint (merge request)
• Reschedule Feedback -> StateTransition background migration, attempt 3 (merge request)
• Add README for groups (merge request)
• Add Issue.relatedMergeRequests to GraphQL API by @Taucher2003 (merge request)
• Enable cross-group child epics (merge request) GitLab Enterprise Edition
• Implemented deleting WI notes (merge request)
• Support quick auctions for work item via description editing (merge request)
• PUT /[groups|projects]/:id/members/:user_id accepts member_role_id (merge request) GitLab Enterprise Edition
• Fix unique index on ci_build_pending_states (merge request)
• Add related_epic_links API for groups (merge request) GitLab Enterprise Edition
• Update GraphQL API for work item quick actions (merge request)
• Add created and updated dates to work items (merge request)
• Add fields for appearance pwa attributes by @TrueKalix (merge request)
• Support filtering merge request diffs by keyword via GraphQL (merge request)
• Support filtering uploads registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add more fields to OAuthID tokens (merge request)
• Remove project_language_search feature flag (merge request)
• Initialize conversion of snippet_user_mentions.note_id to bigint (merge request)
• Initialize conversion of design_user_mentions.note_id to bigint (merge request)
• Initialize conversion of commit_user_mentions.note_id to bigint (merge request)
• Limit the initialized metrics by service (merge request)
• Database and API for Git abuse rate limiting alerted users (merge request)
• Add API endpoint for epic boards lists (merge request) GitLab Enterprise Edition
• Rebalance partition_id for ci_pipelines (merge request)
• Add engine_name to CQ violations response (merge request)
• Add logic to create ci_runner_machine on job request (merge request)
• Add async foreign key validation model (merge request)
• Load pwa logo dynamicly to manifest.json by @TrueKalix (merge request)
• Add new cancel_all github imports endpoint (merge request)
• Expose group runners toggle in Projects API by @nejc (merge request)
• Expose Discord ID to API by @ideclon (merge request)
• Add dismissal data to SecurityReportFinding (merge request) GitLab Enterprise Edition
• Add include:component syntax to fetch CI components (merge request)
• Add elastic backfill migration for internal notes (merge request) GitLab Enterprise Edition
• Add subscription for user notes on work items (merge request)
• [388273] GitHub importer: respond with fail exception message (merge request)
• Support image attributes for videos (merge request)
• Add environments anchor to project home (merge request)
• Allowed users to update time estimate via GraphQL mutations by @zillemarco (merge request)
• Adds initial metrics for Ml Experiment Tracking (merge request)
• Allow users to filter epics by sub group (merge request) GitLab Enterprise Edition
• Support filtering LFS objects registries by keyword via GraphQL (merge request)
• Adds OR filtering by author for epics (merge request) GitLab Enterprise Edition
• Add support for alternative internal issue reference prefix "GL-" by @svoop (merge request)
• Email worker for abandoned trials (merge request)
• Update ci_resources FK to include partition_id (merge request)
• Add partitioned index and FK for ci_job_variables and ci_builds (merge request)
• Support filtering terraform registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Introduce ::Zoekt::Logger and log search errors (merge request) GitLab Enterprise Edition
• Add new Terraform-Module.gitlab-ci.yml CI/CD template (merge request)
• Add DELETE draft note endpoint to api (merge request)
• Adds API endpoint for getting a single draft note (merge request)
• Initialize migration of sent_notifications.id to bigint (merge request)
• Instrument Adoption for Custom Roles MVC (merge request) GitLab Enterprise Edition
• Add discord to user profile social networks (merge request)
• Enable ci_register_job_temporary_lock by default (merge request)
• Reschedule Feedback -> StateTransition background migration (merge request)
• Add help link for opt in JWT setting (merge request)
• Adds OR filters for epic boards (merge request) GitLab Enterprise Edition
• Extend encrypted secrets support to incoming and service desk email (merge request)
• Initialize conversion of epic_user_mentions.note_id to bigint (merge request)
• Support quick action autocompletion and preview for work items (merge request)
• Add FK including partition_id to ci_build_report_results (merge request)
• Add Language aggregation components to the sidebar (merge request)
• Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
• Added documentation for new language filter for projects by @zillemarco (merge request)
• Remove mr_compare_dropdowns feature flag (merge request)
• Support filtering snippet repositories registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Support filtering pages deployment registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Default enable customizable_roles feature flag (merge request) GitLab Enterprise Edition
• Debian direct deb and udeb upload by @sathieu (merge request)
• Add position_in_list for epicMoveList mutation (merge request) GitLab Enterprise Edition
• Implement notification for created release (merge request)
• Schedule index for ci_build_needs (merge request)
• Add FK including partition_id to ci_build_needs (merge request)
• Add group epic boards API endpoint (merge request) GitLab Enterprise Edition
• GraphQL: Add ephemeral_authentication_token field to CiRunner (merge request)
• Schedule partial index for ci_build_report_results (merge request)
• Add count projects with monitor enabled metric (merge request)
• Add migration to nullify projects.creator_id (merge request)
• Support filtering container repositories by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add gcp connector for importing package metadata (merge request)
• Adds basic docs for new Draft Notes API (merge request)
• Add securityFindingRevertToDetected mutation (merge request) GitLab Enterprise Edition
• Support filtering package files registries by keyword via GraphQL (merge request)
• feat: Auto-revoke leaked GitLab PATs on default branch detection (merge request) GitLab Enterprise Edition
• Allow to filter work items by author on GraphQL (merge request)
• Add Analytics Dashboards pointer for projects (merge request)
• Add index to installable npm packages (merge request)
• Add partitioned index and FK for ci_sources_pipelines and ci_builds (merge request)
• Navigate across dashboard pages with a new "Your work" sidebar (merge request)
• Add deploy_key associations and validations to protected tags (merge request)
• Add GraphQL support of 'CodeQualityReportSummary' by @luzhiyuan.deer (merge request)
• Add author to GraphQL WorkItem Type (merge request)
• Changes candidate table to Keyset Pagination (merge request)
• Support filtering secure files registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add index to gitlab subscriptions (merge request)
• Adds candidate count to Ml::Experiment (merge request)
• Add MR meta to merge_request_compliance_violations table (merge request)
• Adds search timeout rescue support (merge request)
• Add Geo::WikiRepositoryState model (merge request)
• Show comment threads in work items (merge request)
• Add confirmation modal when retrying a bridge (merge request)
• Add deploy_key_id field to protected_tag_create_access_levels
• Add initial implementation of CI templates interpolation (merge request)
• Add zoekt code search integration (merge request)
• Add deploy_key_id field to protected_tag_create_access_levels (merge request)
• Expose squash_on_merge field in merge request REST API (merge request)
• Add help message and link for protecting existing environments (merge request) GitLab Enterprise Edition
• Show tags for upcoming deployments in deployment detail (merge request)
• Create test reports widget (merge request) GitLab Enterprise Edition
• Add background migration to fix packages_sizes in project statistics (merge request)
• Add Language aggregation state to the sidebar component (merge request)
• Expose :admin_work_item permission on GraphQL (merge request)
• Drop old FKs on ci_builds (merge request)
• Add sort option to GraphQL ci variables (merge request)
• Reschedule Feedback -> StateTransition background migration (merge request)
• Add GraphQL fields needed for approval widget (merge request) GitLab Enterprise Edition
• Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
• Add report abuse category to comments on issues & MRs (merge request)
• Trigger merge status subscription when blocking MR gets added/removed (merge request) GitLab Enterprise Edition
• Add new tags for incident timeline events (merge request)
• Add ability for top-level group owners to ban members from the group (merge request) GitLab Enterprise Edition
• Allow filtering by legacy requirement IID in Work Items API (merge request) GitLab Enterprise Edition
• Add FK to ci_running_builds (merge request)
• Add deactivation_email_additional_text database setting by @KyleFromKitware (merge request)
• Assign ArkoseLabs risk band to users that signed up with OAuth (merge request) GitLab Enterprise Edition
• Add matched_lines_count in the Gitlab::Search::FoundBlob (merge request) GitLab Enterprise Edition
• Update ci_builds_runner_session FK to include partition_id (merge request)
• Add cronjob to clean up stale runner machines (merge request)
• Redefine FK update statement (merge request)
• Add FK to ci_pending_builds (merge request)
• Allow revoking signing SSH keys (merge request)
• Add link to spam input in abuse report form (merge request)
• Add documentation for RedisCommands::Recorder tool (merge request)
• Add snowplow event and redis counters to track design comment removal (merge request)
• Add Service Desk custom email foundation (merge request)
• Adds Candidate Search to Experiment page (merge request)
• Return job erase date in GraphQL by @X_Sheep (merge request)
• Add timestamp columns to bulk_import_trackers table (merge request)
• Add report abuse category to comments on issues & MRs (merge request)
• Add index to p_ci_builds_metadata partition metadata table (merge request)
• Add class for fetching package licenses (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Return job erase date in API responses by @X_Sheep (merge request)
• Support on update in postgres_foreign_keys (merge request)
• Attempts to restore plan_limits.web_hook_calls (merge request)
• Add specs for new API endpoint, update docs (merge request)
• Add dast_profiles_tags table (merge request)
• Add docs for authenticating with ID tokens (merge request) GitLab Enterprise Edition
• Create encrypted application setting for product analytics clickhouse (merge request)
• Toggle JWT access from CI/CD settings (merge request)
• Implement Admin Mode for API by @wwwjon (merge request)
• Add Airflow DAGs data model (merge request)
• Add tmp indexes for CI partitioning - 3 (merge request)
• Add pipelineScheduleUpdate mutation (merge request)
• Create table project_data_transfers to store egress data per project (merge request)
• Allow releases to be downloaded by sessionless users (merge request)
• Limit the number of reviewers to maximum 200 (merge request)
• Add a button to toggle issues sections (merge request) GitLab Enterprise Edition
• Trigger merge status subscription when blocking MR gets merged (merge request) GitLab Enterprise Edition
• Add root level issues GraphQL query (merge request)
• Add tmp indexes for CI partitioning - 2 (merge request)
• Run SAST and Dependency Scanning jobs in same pipeline for scan policies (merge request) GitLab Enterprise Edition
• Send fork ahead/behind links to frontend (merge request)
• Add GQL endpoint for toggling JWT access (merge request)
• Add internal Note field for Elastic and sync (merge request) GitLab Enterprise Edition
• Remove allow_possible_spam feature flag (merge request)
• Adds a jobs tab in group runner details (merge request)
• Introduce ExcludedNamespace model/table (merge request)
• Remove mr_review_submit_comment feature flag (merge request)
• Add partitioning temp indexes to CI tables (merge request)
• Support filtering pipeline artifacts registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Remove double-up of clear icons from search inputs (merge request)

Fixed (177 changes)

• Consider namespaces with dots in existence check by @winniehell (merge request)
• Fix partition ids for ci_sources_pipelines records (merge request)
• Fix caching of search counters (merge request)
• Fix Rake/Require offence in dependency_proxy/migrate rake task (merge request)
• Add spec_helper for failing f-flag specs (merge request)
• Pass content disposition in query when no cdn used (merge request)
• Fix missing data in merge request note on vulnerability details page (merge request) GitLab Enterprise Edition
• Filter duplicated downstreams in mini pipeline graph using REST (merge request)
• Encrypt trigger tokens in DB (merge request)
• Fix card button overflow on boards (merge request)
• Fix partition_id for p_ci_build_metadata (merge request)
• Fix partition_id for ci_job_artifacts (merge request)
• Fix partition_id for ci_build_report_results (merge request)
• Fix partition_id for ci_pipeline_variables (merge request)
• Fix partition_id for ci_build_trace_metadata (merge request)
• Pass the correct container object for DORA metrics (merge request) GitLab Enterprise Edition
• Remove spying on component methods (merge request)
• Migrates LabelsSelect to LabelsSelectWidget and fixes bug (merge request) GitLab Enterprise Edition
• Rescue JSON::ParserError in BulkImports::Clients::Graphql (merge request)
• Fix failing spec (merge request)
• Deduplicate Ci::ArchiveTracesCronWorker Jobs (merge request)
• Refactor component to improve reactivity (merge request) GitLab Enterprise Edition
• Allow triggered pipelines to have compliance pipeline (merge request) GitLab Enterprise Edition
• Add support for SVG rendering in design management (merge request)
• Allow null pipeline for pre scan verification (merge request)
• Remove feature flag ci_use_run_pipeline_schedule_worker (merge request)
• Geo: Fix sync race condition for mutable types (merge request) GitLab Enterprise Edition
• Revert kerrizor/add-additional-check-to-rescue-search-timeouts (merge request)
• Fix pagination of resource label events (merge request)
• Fix padding in the Ready to Merge MR widget (merge request)
• Make detecting HTML block comments stricter (merge request)
• Fix partition_id for ci_stage (merge request)
• Hide edit on system generated events (merge request)
• Refresh md cache of system notes (merge request)
• Only show applicable overridden rules after merging (merge request)
• Deduplicate ProjectImportSchedule until it's executed (merge request) GitLab Enterprise Edition
• Change PgBouncer documentation page to Free (merge request)
• [378267] Skip DNS rebinding checks if HTTP_PROXY present (merge request)
• Fix: changed column list header styles (merge request)
• Do not send custom confirmation instructions unless user is persisted (merge request) GitLab Enterprise Edition
• [388869] GitHub import: fix merge requests creation (merge request)
• Fix error when modal is unmounted during delete (merge request)
• Drop unused column web_hook_calls_high (merge request)
• Ensure proper stacking context for alert timeline icons (merge request)
• Fix: show "List Settings" when no projects (merge request)
• Skip ArkoseLabs for trial registrations (merge request) GitLab Enterprise Edition
• Reconfigure DAST profile conflict banner (merge request) GitLab Enterprise Edition
• Remove invalid deploy access level entries from the database (merge request)
• Fix depth check when adding existing epics (merge request) GitLab Enterprise Edition
• Hide New project button if visibility level is restricted (merge request)
• Keep order when updating work item labels (merge request)
• Fix bug where page is not reset (merge request)
• Ensure job log keeps scrolled to bottom (merge request)
• Fix group issue bulk update unsetting assignees (merge request) GitLab Enterprise Edition
• Bring back BulkImports::PipelineWorker 90 minutes job timeout (merge request)
• Read schema file from correct path if a PATCH version mismatch occurs (merge request)
• Fix links of avatars in approval widget (merge request)
• Fix notification trigger labels to be accurate (merge request)
• Remove duplicated confirmation button (merge request) GitLab Enterprise Edition
• Remove check for import from S3 feature flag (merge request)
• Remove escaped spans when absolutely not needed (merge request)
• Fix loading state for split button (merge request) GitLab Enterprise Edition
• Fix Exporting members on a LDAP group sync enabled group given 403 (merge request) GitLab Enterprise Edition
• Allow admins to manage approval rules when disallowed instance-wide (merge request) GitLab Enterprise Edition
• Propogate mathStyle for largge math blocks (merge request)
• Filter out duplicated downstreams in pipeline graph (merge request)
• Prevent from creating invalid scan_finding Approval Rules (merge request) GitLab Enterprise Edition
• Fix ActionController::UrlGenerationError for branches (merge request)
• Ignore case in project/group paths when refreshing agent CI access (merge request)
• Support /latest pipelines route (merge request)
• Fixes N+1 queries when users are indexed into elasticsearch (merge request) GitLab Enterprise Edition
• Add regex validation to entity model (merge request)
• Fix cardinality error while upserting the identifiers (merge request) GitLab Enterprise Edition
• Clear existing release on tag name change (merge request)
• User cannot create rotation with negative length (merge request) GitLab Enterprise Edition
• LDAP duration metric should be milliseconds (merge request)
• Update BitBucket Importer logic (merge request)
• Filter duplicated downstreams in mini pipeline graph for commit box (merge request)
• Ensure Debian repositories don't server Packages.gz as plain files by @sathieu (merge request)
• Fix tilde/backslash/star in codeblock incorrectly escaped by rich editor by @xfyuan (merge request)
• Add Confidential badge to incident sticky header by @alichur (merge request)
• Always convert dotenv files to UTF-8 (merge request)
• Add no results found message to transfer group dropdown (merge request)
• Ensures we don't create duplicate records (merge request)
• Hide clone button for users, who can't download project (merge request)
• Roadmap filter by child epic renders child epic (merge request) GitLab Enterprise Edition
• Close Web IDE popup when clicking Try it out button (merge request)
• Adding rollout issue to "mr_experience_survey" feature flag (merge request)
• Add rollout issue and introduction MR to "moved_mr_sidebar" feature flag (merge request)
• Don't fail while fetching remediations from a removed artifact (merge request) GitLab Enterprise Edition
• Add new column to MR for when it has been prepared (merge request)
• Update protected branches push & merge access levels import (merge request)
• Quick fix to Global Search page status bar (merge request)
• Ignore BUNDLER_SETUP as it can pollute execution (merge request)
• Fix broken set status form in Safari (merge request)
• Fix package versions scope (merge request)
• Fix safari redirection bug for trial sign ups (merge request) GitLab Enterprise Edition
• Do not send non-pseudonymized group/project names to snowplow by @mikegreiling (merge request)
• Use approved_by_user instead of approvers (merge request) GitLab Enterprise Edition
• Fix styling of expiring subscription alert (merge request)
• Split ee and ce querries for branch rules details (merge request)
• Fixing SharedModel.connection_db_config when connection is changed (merge request)
• Fix swagger-ui for relative path instances (merge request)
• Show "unavailable" instead of "never" when SSH usage tracking disabled (merge request)
• Drop invalid index from postgres_async_indexes (merge request)
• Fix error thrown in "Mark as ready" in MR widget (merge request)
• Search within the commit-sha if you are searcing from a commit show page (merge request)
• Validate releases author_id only during creation (merge request)
• Indexes emails with an email tokenizer (merge request) GitLab Enterprise Edition
• Fix pipeline triggers missing reveal values button (merge request)
• Fix work information in user popover by @Taucher2003 (merge request)
• Fix relative URL links to groups for DevOps Adoption (merge request) GitLab Enterprise Edition
• Bugfix: Admin can re-enable setting for group/project access token creation (merge request)
• Change transfer group confirmation to use full path instead of name (merge request)
• Render Jira app views based on key storage enabled (merge request)
• Fixed some layout and functional issues with language project filter by @zillemarco (merge request)
• Fix tooltip blocking pointer issue (merge request)
• Fix Deployments::Hooksworker params for Sidekiq (merge request)
• Fix DastProfile Update mutation (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira self-managed view text
• Fix method missing error for ChainOfCustodyReportWorker (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira App - load subscriptions error (merge request)
• Allow nil value in QuickActions::TargetService type argument (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira self-managed view text (merge request)
• Toggle button class only if element exists (merge request)
• Upgrade fugit to 1.8.1 (merge request)
• Fix terms page in dark mode (merge request)
• Fix copy in GitLab for Slack app home tab (merge request) GitLab Enterprise Edition
• Refetch predefined variables if API cache is empty (merge request)
• Fix different cases for slash commands (merge request)
• Migrate geo alerts to Pajamas::AlertComponent (merge request) GitLab Enterprise Edition
• Add is_blocked_by option for issue links API (merge request) GitLab Enterprise Edition
• Sync scan result policies when project assigned to a group (merge request) GitLab Enterprise Edition
• Splat arguments when starting trial (merge request) GitLab Enterprise Edition
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition
• Include LFS object store URL in CSP connect-src (merge request)
• Use result of destroying container repositories when destroying projects (merge request)
• Use randomized suffix when finding path (merge request)
• Fix Ruby 3 kwargs error in CI instrumentation (merge request)
• Prevent Groups Sync Service from removing top level members (merge request) GitLab Enterprise Edition
• Fix search results with very long project name (merge request)
• Obfuscate issue email participants email (merge request)
• Fix forever-disabled analytics aggregations (merge request) GitLab Enterprise Edition
• Remove title from codeowner link (merge request) GitLab Enterprise Edition
• Invalidate personal projects count correctly (merge request)
• Fix Ci::Bridge to have deployment_job? method (merge request)
• Ensure Group hooks are never disabled (merge request)
• Remove strict parameters for registry notification endpoint (merge request)
• Add modify_security_policy permission (merge request) GitLab Enterprise Edition
• Fix border for fork sort dropdown (merge request)
• Calculate and use sha for CI config variables cache (merge request)
• Clear DuplicateJobs cookies from post-deployment migration (merge request)
• Hide forks count if user has not acceess to public project's repository (merge request)
• It fixes Migration/AddLimitToTextColumns for regular migrations (merge request)
• Fix setting a longer max-age for permalink blobs (merge request)
• Fix Jira app can only load public namespaces (merge request)
• Fix dismissal not showing for dismissed findings on MR security widget (merge request)
• Geo Projects - Fix legacy filter nav (merge request) GitLab Enterprise Edition
• Fix [nil] arrays (merge request) GitLab Enterprise Edition
• Fix identifier collision while creating vulnerabilities from findings (merge request) GitLab Enterprise Edition
• Fixed Project dropdown when cherry-picking commits (merge request)
• Fix :focus and border appearance of search field (merge request)
• StatusPages::ProjectSetting<->Project relationship (merge request) GitLab Enterprise Edition
• Remove column ignore rule to mitigate incident (merge request)
• Fix project filter not filtering vulnerability list on page load (merge request) GitLab Enterprise Edition
• Resize component on alert dismiss (merge request)
• Load images in work item description in modals (merge request)
• Fix text alignment issue in celebrate invite modal (merge request)
• [387601] GitHub import: prevent reviewer index violation (merge request)
• Propagate instrumentation params for etag-hits (merge request)
• Fix button alignment by using CSS transform (merge request)
• Apply CSP for Zuora across the application (merge request) GitLab Enterprise Edition
• Remove title case (merge request)
• Update pipeline sec report when dismissing a finding via modal (merge request) GitLab Enterprise Edition
• Fix matching license policy names when contains whitespaces (merge request) GitLab Enterprise Edition
• Fix GitLab Migration groups & projects visibility levels to be preserved (merge request)
• Fix Python indentation in the diffs colors preview (merge request)

Changed (187 changes)

• Prepare async foreign key validation for ci_job_artifacts (merge request)
• Don't create namespaces when importing project using GH import Rake task (merge request)
• Remove image_url requirement on ReleaseHighlights (merge request)
• Adds field public_package to package details graphql (merge request)
• Add Limitable to project and group CI variables (merge request)
• Allow deploy tokens and deploy keys with the external authorization (merge request)
• Add pipeline schedule finder by id (merge request)
• Remove flag epic cache counts flag (merge request)
• Hide retry button when no permissions (merge request) GitLab Enterprise Edition
• Return token and ID information from /runners/verify REST endpoint (merge request)
• Remove unlimited members alert (merge request) GitLab Enterprise Edition
• Account for setting when syncing approval rules (merge request) GitLab Enterprise Edition
• Prepare async foreign key validation for ci_build_report_results (merge request)
• Prepare async foreign key validation for ci_build_needs (merge request)
• Add retry button to status checks in mobile view (merge request)
• Add tracking to tier-badge experiment (merge request) GitLab Enterprise Edition
• Update to docutils 0.19 and python 3.9.6 (merge request)
• Default enable FF validate environment tier presence (merge request)
• Update font weight of all blocked MR messages (merge request) GitLab Enterprise Edition
• Increase KaTeX expansion limit (merge request)
• Show only "Your activity" as default tab in the Activity dashboard (merge request)
• Redirect to success page when all verification steps are completed (merge request) GitLab Enterprise Edition
• Refresh DORA metrics on incident reopen (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)
• Apply fix width to dropdown (merge request)
• Display workItemIid in requirements' list and detail views (merge request) GitLab Enterprise Edition
• Update milestone where runner registration token is disabled (merge request)
• Migrate Ref selector to Listbox (merge request)
• Remove OTP from being required for Webauthn (merge request)
• Updates the ux on Experiments List (merge request)
• Small tweaks to custom roles REST endpoints (merge request) GitLab Enterprise Edition
• Prepare index for vulnerability_reads (merge request)
• Update assign epic quick command permissions (merge request) GitLab Enterprise Edition
• Updated Taiwan country name (merge request) GitLab Enterprise Edition
• Validate notification integrations channel limit (merge request)
• Return "Unknown" when license cannot be found (merge request) GitLab Enterprise Edition
• Move read_internal_note to project and group policies (merge request)
• Improve re-import experience for GitLab direct transfer (merge request)
• Datahelpers for Git abuse rate limiting alerted users (merge request) GitLab Enterprise Edition
• Removes ci_remove_character_limitation_raw_masked_var feature flag (merge request)
• changed: Replace ref_switcher in projects/graphs/charts.html.haml (merge request)
• Add migration to rename ci_runner_machines.machine_xid (merge request)
• This MR removes spying on component method (merge request) GitLab Enterprise Edition
• Update copy on manual variables form (merge request)
• Migrates branches_dropdown.vue to GlCollapsibleListbox (merge request)
• Clean up record_projects_target_platforms feature flag (merge request)
• Migrate confidential MR dropdown to listbox (merge request)
• Add max-width and wrapping to dropdown breadcrumb (merge request)
• Change default value for :inbound_job_token_scope_enabled to true (merge request)
• Move namespace onboarding to only be during registration (merge request) GitLab Enterprise Edition
• Fix registry-list deselecting items after select all (merge request)
• Remove feature flag only_allow_merge_if_all_status_checks_passed (merge request) GitLab Enterprise Edition
• Add Email to Audit Event APIs (merge request) GitLab Enterprise Edition
• Cleanup MultiStore FF used by RepositoryCache (merge request)
• Stores Batched Background Migration info to artifacts (merge request)
• Advanced Search migration to backfill traversal_ids on projects (merge request) GitLab Enterprise Edition
• Update project naming guidelines help text (merge request)
• Add validation to License Approval Policy JSON Schema (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Add help text to Restricted visibility levels checkboxes (merge request)
• Upgrade Alert - Add proper API support (merge request)
• Disable Feedback use in Finding serializer when deprecated (merge request) GitLab Enterprise Edition
• Move CancelPendingPipelines step to run async (merge request)
• Update Jira integration form microcopy (merge request)
• Remove the ENV UPDATE_INDEX (merge request) GitLab Enterprise Edition
• Change icon size to small in Importer status badge (merge request)
• Enable dast_site_validation_drawer flag by default (merge request) GitLab Enterprise Edition
• Add proper display for rate limits on GitLab migration (merge request)
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Avoid polling if in an update variables state (merge request)
• Add unlimited members alert (merge request) GitLab Enterprise Edition
• Update tooltip for DAST site profile field (merge request) GitLab Enterprise Edition
• Add Email to Audit Event CSV report (merge request)
• Ignore task items in html block comments (merge request)
• Document PKCE support in OmniAuth OpenID Connect client (merge request)
• Change learn gitlab ci/cd link to pipelines page (merge request)
• Store GitHub Import stats in DB (merge request)
• Split Sign-in/Register buttons & update the copy on SaaS logged-out nav (merge request)
• Fixes header wrapping on comments (merge request)
• Restyle Analytics metric popover (merge request)
• gitaly_client: Always enable eager housekeeping for manual jobs (merge request)
• Display time until the next package cleanup (merge request)
• Include namespace from source when preloading users for indexing (merge request) GitLab Enterprise Edition
• Check out to gitlab-development-kit/gitlab (merge request)
• Default enable project_members_index_by_project_namespace (merge request)
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Update icon reference to grip (merge request)
• Update runner maintenance note field (merge request)
• Changes method for spreading jobs in GitHub Import (merge request)
• Align read_freeze_period permissions with read_environment by @nfason (merge request)
• This MR adds disabled state for runner tags (merge request) GitLab Enterprise Edition
• Add JetBrains Mono as WebIDE editor font (merge request)
• Change PipelineFinder to perform exact comparison of name (merge request)
• Adds sort order by relative_position to Work Item Hierarchy Widget (merge request)
• Add pointing_at_oids and peel_tags to ListRefs RPC (merge request)
• Update breadcrumbs at Admin Area > Messages > Edit by @quatauta (merge request)
• Set refactor_vulnerability_filters to true (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.46.0 (merge request)
• Update dependency auto-build-image to v1.28.0 (merge request)
• Change retry to run again jobs (merge request)
• Handle page-level errors from the parent component (merge request) GitLab Enterprise Edition
• Hide On-Demand scan actions from auditor (merge request) GitLab Enterprise Edition
• Order groups by id when searching for approvers (merge request) GitLab Enterprise Edition
• Uses Watchdog instead of Sidekiq Memory killer (merge request)
• Add popovers to runner upgrade stat items (merge request) GitLab Enterprise Edition
• Raise default CI variable limits (merge request)
• Rollout preferred_language_switcher by @icbd (merge request)
• Handle mulitline blockquotes in lists (merge request)
• Ref Switch dropdown migration (merge request)
• Add software_license_policies.security_orchestration_policy_configuration_id column (merge request) GitLab Enterprise Edition
• Add group releases resolver to create GraphQL endpoint by @missy-davies (merge request)
• Remove access level default for protected environments table (merge request)
• Improve wiki sidebar (merge request)
• Change releases empty state design (merge request)
• Add schema_version to main index mapping (merge request) GitLab Enterprise Edition
• Read GraphQL PackageLinks to render link on package versions page (merge request)
• Move job status badge to runner status column (merge request)
• Add url_hash column to web_hook_logs (merge request)
• Use invoice preview API to calculate plan pricing for SaaS purchase (merge request) GitLab Enterprise Edition
• Restructure CI variables modal help links (merge request)
• Migrate project combo selects away from select2 (merge request)
• Ensures plpgsql extension is installed (merge request)
• Update Rugged to v1.5.1 (merge request)
• Marks migrations as complete when creating a new index (merge request) GitLab Enterprise Edition
• Add state validation in addon purchase flow (merge request) GitLab Enterprise Edition
• Add new line if cursor in prefix area of list item (merge request)
• Update PackageLicenses.fetch to use batched query (merge request) GitLab Enterprise Edition
• Truncates package version in packages list page (merge request)
• Correct semantic version to conform with SemVer by @lusitania (merge request)
• Include namespaces in project searches when query contains '/' (merge request)
• Transition todos#index to use Pajamas::ButtonComponent (merge request)
• Cleanup css for header styles (merge request)
• Update status checks docs and remove incorrect text in settings (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)
• Expose issues and merge request links in Releases API by @nfason (merge request)
• Remove AWS runner deployment modal (merge request)
• Refactor migration to process more data (merge request) GitLab Enterprise Edition
• Allow GITLAB_SIMULATE_SAAS outside development (merge request)
• Deprecate API to generate guidance on runner setup (merge request)
• Use GraphQL to load the Group Contribution Analytics page (merge request) GitLab Enterprise Edition
• Remove rules to disable job when enforced by security policies (merge request) GitLab Enterprise Edition
• Removes char limitation for Ci::Maskable (merge request)
• Migrates projects_dropdown.vue to GlCollapsibleListbox (merge request)
• Revert reusing processable in Seed::Build evaluation (merge request)
• Migrate indexing restrictions away from select2 (merge request) GitLab Enterprise Edition
• Change contributors page to use Vue RefSwitcher (merge request)
• Open Release Evidence JSON in a new tab instead of downloading (merge request)
• Change runner registration text copy (merge request)
• Add filters and sorting options to projects finders (merge request)
• Migrate group template setting away from select2 (merge request) GitLab Enterprise Edition
• This MR adds selector for runners tags (merge request) GitLab Enterprise Edition
• Update group's projects buttons (merge request)
• Update 2fa register buttons (merge request)
• Treat all release asset links as external (merge request)
• Adds GraphQL data attributes to contribution analytics (merge request) GitLab Enterprise Edition
• Fix the offences introduced by Gitlab/DelegatePredicateMethods by @edith007 (merge request)
• Remove graphql_code_quality_full_report flag (merge request)
• Update buttons to pajamas (merge request)
• Update import buttons to pajamas (merge request)
• Update Support/get-help link in ? nav menu (merge request)
• Drop user details fields from users table by @brianjaustin (merge request)
• Switch to upstream omniauth_openid_connect gem (merge request)
• Add Search Curation Settings to ApplicationSettings (merge request)
• ServiceDesk: Added footer and header messages to outgoing emails (merge request)
• Migrate admin namespace dropdown to listbox (merge request)
• This MR migrates Dropdown to GlDisclosureDropdown (merge request)
• Add project field to ci job type (merge request)
• Change usages of "specific" runner to "project" (merge request)
• Update todo done-reversable styles (merge request)
• Update background migration buttons (merge request)
• Track registraion of all users in snowplow (merge request)
• Change Application destroy button to danger (merge request)
• Update all Slack installations for workspace (merge request) GitLab Enterprise Edition
• refactor: Add flags --to-sha and --from-sha to command by @Ashvith (merge request) GitLab Enterprise Edition
• Switch draft state toggle to use a checkbox (merge request)
• Fix tree root alignment on the right side (merge request) GitLab Enterprise Edition
• Expand chain-of-custody report from merge commits to all commits (merge request) GitLab Enterprise Edition
• Show coupon code input for small breakpoints (merge request) GitLab Enterprise Edition
• Add Remediation type for Security Report Findings (merge request) GitLab Enterprise Edition
• Update incident timeline typography (merge request)
• Enable Code Quality Inline Findings feature flag by default (merge request) GitLab Enterprise Edition
• Rename web_hook_calls column to _high (merge request)
• Fix GraphQL descriptions for markdown fields (merge request)
• Adjust the GroupsProjectController urgency (merge request) GitLab Enterprise Edition
• Pods: Make Application Settings to be part of gitlab_main_cluster (merge request)
• Clean up package_registry_access_level feature flag by @wwwjon (merge request)
• Remove skip_ensure_merge_request_diff FF (merge request)

Deprecated (5 changes)

• Announce deprecation of queue selector (merge request)
• Deprecate Projects::ServiceType interface (merge request)
• Deprecate external field in Releases and Release Links APIs (merge request)
• Deprecate external field in GraphQL ReleaseAssetLink type (merge request)
• Change runner registration token reset removal milestone to 17.0 (merge request)

Removed (10 changes)

• Revert addition of model experiments navbar item (merge request)
• Drop revokable from achievements by @Taucher2003 (merge request)
• Experiment cleanup promote_premium_billing_page (merge request)
• gitaly_client: Remove unused embedded errors for trivial cases (merge request)
• Ignore application_settings.clickhouse_connection_string column (merge request)
• Contact sales experiment cleanup (merge request)
• Remove scan_execution_tags feature flag (merge request)
• Remove live preview
• Remove live preview (merge request)
• Remove cluster image scanning from Security Configuration page (merge request)

Security (8 changes)

• Update Gitaly version
• Add prevent rule on locked MRs to policy (merge request) GitLab Enterprise Edition
• Prevent default branches from storing paths
• Security fix dynamic child pipeline zip extraction
• Validate Issuable description max length on update
• Add size validation for Chart.yaml during file extraction
• Update Rails to 6.1.7.1 to address security vulnerabilities (merge request)
• Prevent new invalid oauth_access_token records (merge request)

Performance (17 changes)

• Release improved cache headers for archive and raw blobs (merge request)
• Only load terraform banner js on project overview (merge request)
• Improve the loading of packages tags (merge request)
• Improve performance of artifacts management page (merge request)
• Preload missing resources while exporting projects in Import/Export (merge request)
• Enable batching for local and project includes for CI (merge request)
• Enable bulk_cron_worker_auto_requeue by default (merge request) GitLab Enterprise Edition
• Performance optimization for Projects API (merge request)
• Enable parallel bulk worker by default (merge request) GitLab Enterprise Edition
• Fix N+1 queries in the root level issues query (merge request)
• Optimize CSV issue export to use find_each (merge request)
• Remove ci_limit_complete_hierarchy_size feature flag (merge request)
• Migrate legacy dropdown on admin emails page (merge request)
• Removing FF jobs_api_keyset_pagination as it is enabled on production (merge request)
• Add migration for backfilling traversal_ids in a single project (merge request) GitLab Enterprise Edition
• Removing move_create_deployments_to_worker FF (merge request)
• Add GitLab Migration rate limits (merge request)

Other (70 changes)

• Remove unused original_filename column (merge request)
• Fix partition ids for ci_job_variables records (merge request)
• Copy over code from on-call schedules (merge request)
• Support expect-old-oid for ff_merge and merge methods (merge request)
• Extracts incubation page creation (merge request)
• Track events coming from the Web IDE (merge request)
• Upgrade gitlab-styles to 10.0.0 (merge request)
• Remove searchable_fork_targets feature flag (merge request)
• Update the gitaly gem to 15.9.0-rc3 (merge request)
• Use the delete branch worker (merge request)
• Allows wrapping for diff notes (merge request)
• Add Snowplow instrumentation for id_tokens usage (merge request)
• Refactor async index creation (merge request)
• Schedule ci_builds FK indexes for async creation (merge request)
• Adds bigint conversion to start migrating existing data (merge request)
• Revert changes from structure.sql and init_structure.sql (merge request)
• Replace authorization check on TestReportType (merge request) GitLab Enterprise Edition
• Including disable_ddl_transaction! in migrating int PKs to bigint docs (merge request)
• Add MainClusterwide::ApplicationRecord and new connection (merge request)
• Remove qurantined spec (merge request)
• Remove projects_preloader_fix feature flag (merge request)
• Track usage of g_runner_fleet_read_jobs_statistics (merge request)
• Finalize backfill migration for environment tier (merge request)
• Use help_page_url in HAML to resolve Gitlab/DocUrl cop rule by @sato11 (merge request)
• Remove route_hll_to_snowplow feature flag (merge request)
• Clarify BatchedBackgroundMigrations documentation examples (merge request)
• Remove FF validate-release-with-author (merge request)
• Throttle number of concurrent started entities during GitLab Migration (merge request)
• Skip trueup check if license does not contain (merge request) GitLab Enterprise Edition
• Remove dependency_list_exporter feature flag (merge request)
• Fix flaky spec in Debian distribution signatures (merge request)
• Refactor CSV importer classes (merge request)
• Update Gitlab Shell to v14.16.0 (merge request)
• Upgrade rails to 6.1.7.2 (merge request)
• Remove customizable_roles_per_user feature flag (merge request) GitLab Enterprise Edition
• Fixed overlapping line, button style (merge request)
• Remove search_page_vertical_nav feature flag (merge request)
• Remove highlight paid features during active trial experiment (merge request)
• Removing feature flag gitlab_metrics_error_rate_sli (merge request)
• Fix Style/RedundantSelf offenses by @mhdasm3 (merge request)
• Revert "Merge branch 'sc1-rate-limiting-migrator' into 'master'" (merge request)
• Change issue task list item dropdown feature flag (merge request)
• Refactor CSV exporter classes (merge request)
• Documenting upgrading database migration version (merge request)
• Remove experimental code for 'readme_from_gitaly' FF (merge request)
• Update rspec-rails gem to 6.0.1 version (merge request)
• Validate uniqueness of entity full path (merge request)
• Update link to point to correct doc (merge request)
• Remove skip_notes_diff_include flag (merge request)
• Remove FE logic (merge request)
• Clarify which users are added from a group to a project by @zillemarco (merge request)
• Add instrumentation for CI id_tokens usage (merge request)
• Remove PREVENT_LOAD_BALANCER_RETRIES_IN_TRANSACTION ENV variable usages (merge request)
• Remove the ignore rules for container_repository_updated_event_id (merge request)
• Remove feature flag 'commit_search_trailing_spaces' (merge request)
• Remove jira_connect_oauth_self_managed FF (merge request)
• Remove disable_anonymous_search feature flag (merge request)
• Removing the grace period for BackgroundMigration/FeatureCategory cop (merge request)
• Add snowplow tracking to report abuse form (merge request)
• Add Rubocop rule to raise when docs url is used directly in strings by @sato11 (merge request)
• Update to latest json gem version (merge request)
• Removing immediate_delete_subgroup_api feature flag (merge request) GitLab Enterprise Edition
• Move time calculation to logging method, add specs (merge request)
• Remove rate_limit_issuable_searches feature flag (merge request)
• Default enable hash_oauth_secrets (merge request)
• Remove utilize_finding_data feature flag (merge request) GitLab Enterprise Edition
• Clear the merge error on a Merge Request when transitioning to Merged (merge request)
• Enforcing Gitlab::Database::Migration[2.1] as new DB migration version (merge request)
• Remove Gitlab::Redis::DuplicateJobs (merge request)
• Clean-up feature flag hash_based_cache_for_protected_branches (merge request)

15.8.6 (2023-04-18)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.8.5 (2023-03-30)

Security (16 changes)

• Fix rubocop offenses in lib/gitlab/url_sanitizer.rb (merge request)
• Add checks to remove open redirects from Observability URL (merge request)
• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.8.4 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.8.3 (2023-02-15)

Fixed (3 changes)

• Attempt reading schema file instead of a file named #{report_version} (merge request)
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition

Changed (1 change)

• Upgrade Alert - Add proper API support (merge request)

15.8.2 (2023-02-10)

No changes.

15.8.1 (2023-01-30)

Security (5 changes)

• Remove parameter validation for registry notification request [15.8] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.8.0 (2023-01-20)

Added (120 changes)

• Expose user emails via GraphQL (merge request)
• Describe possible solutions for curl 92 HTTP/2 error (merge request)
• Add report abuse category to merge requests (merge request)
• Add storage admin control columns to plan limits table (merge request)
• Add unique index to ci_builds (merge request)
• Add partitioning tmp indexes to ci_sources_pipelines table (merge request)
• Add SCIM Token section to Admin Area for instance-level SCIM (merge request) GitLab Enterprise Edition
• Drop unused index in ci_builds (merge request)
• Use healthStatusUpdated subscription in frontend (merge request) GitLab Enterprise Edition
• Expose ability to import groups without projects (merge request)
• Add an option to select 180 days of data (merge request) GitLab Enterprise Edition
• Add tmp indexes for CI partitioning (merge request)
• Add GraphQL subscription for health status updates (merge request) GitLab Enterprise Edition
• Add dast_pre_scan_verification field to ProfileType (merge request) GitLab Enterprise Edition
• Add index on created_at and id to ci_runner_machines (merge request)
• Finalize todo sanitization (merge request)
• Expose legacy requirement IID in Work Items GraphQL API (merge request) GitLab Enterprise Edition
• Import 'Allow specified actors to bypass required pull requests' rule (merge request) GitLab Enterprise Edition
• Add report abuse category to issue & incident (merge request)
• Count approval project rule created monthly (merge request) GitLab Enterprise Edition
• Add 'migrate_projects' bool flag for group bulk imports' (merge request)
• Add user and fingerprint to ssh signature (merge request)
• Add create achievement GraphQL mutation (merge request)
• Make frequently projects/groups list editable (merge request)
• Add updatedAt field to Vulnerabilities (merge request) GitLab Enterprise Edition
• Support … and $$… syntax math in markdown (merge request)
• feat: Bump Code-Quality image to 0.89.0 (merge request)
• Default enable jira_connect_oauth_self_managed (merge request)
• Expose uses legacy iid flag in test report GraphQL type (merge request) GitLab Enterprise Edition
• Add create/update/delete endpoints for instance SCIM (merge request) GitLab Enterprise Edition
• Open Web IDE in new tab in all contexts (merge request)
• Add uses legacy iid flag to test reports table (merge request)
• No-op migration for pm package partitioning (merge request)
• Push language aggregation feature flag to front-end (merge request)
• Refresh pipelines when target branch changes (merge request)
• Extend API spec helper for new admin_mode PAT scope by @wwwjon (merge request)
• Improve the performance of PipelineScheduleWorker (merge request)
• Add 'migrate_projects' column to bulk_import_entities table (merge request)
• Add work_item_iid to requirement update mutation (merge request) GitLab Enterprise Edition
• Add new github import stats elements (merge request)
• Add partitioning for package metadata (merge request)
• Add work_item_iid to requirement update mutation (merge request) GitLab Enterprise Edition
• Add API to stop stale environments (merge request)
• Adds Singlestatistic Option to Visualization Designer (merge request) GitLab Enterprise Edition
• Display error message in BulkImport initial page (merge request)
• Add admin_mode scope for PATs (merge request)
• Adds Candidate Show page (merge request)
• Add Runner performance insights modal (merge request) GitLab Enterprise Edition
• Add reported from URL field to the report abuse form (merge request)
• Add OR filter support for labels (merge request)
• Support rate limiting by user on GitLab shell (merge request)
• mail_room: Make it possible to configure delete after delivery behavior (merge request)
• Add GET endpoints for instance-level SCIM (merge request) GitLab Enterprise Edition
• Add runner_machine_id column to ci_builds_metadata (merge request)
• Migrations to clean up vulnerabilities with overlong html titles (merge request)
• Add customer_health_score performance indicator type (merge request)
• Create logic to find branch rules without protected branches (merge request) GitLab Enterprise Edition
• Add admin role to access level enum in graphql (merge request) GitLab Enterprise Edition
• Add UI to retry failed external MR status checks (merge request) GitLab Enterprise Edition
• Intercept repository archive hotlinking (merge request)
• Support rate limiting by IP on GitLab shell (merge request)
• Support automatic approve deployment by @luzhiyuan.deer (merge request)
• Adding todos on project request access (merge request)
• Store approving user for access requests by @Taucher2003 (merge request)
• Add config column to ci_runner_machines (merge request)
• Add pwa icon to appearance / api by @TrueKalix (merge request)
• Adds support for passing :allow_duplicate option (merge request)
• Work Item activity widget - sorting and pagination (merge request)
• Adds pagination to candidates (merge request)
• Group recent activity metrics are now clickable (merge request) GitLab Enterprise Edition
• Adds section for metadata on CandidateDetails (merge request)
• [385087] GitHub repos fetch by relation type (merge request)
• Add param regex to api branches by @lyb124553153 (merge request)
• Add incident attribute to slack notif settings (merge request)
• Add tag_list to DastScannerProfileType (merge request)
• Remove use_api_for_payment_validation (merge request) GitLab Enterprise Edition
• Add ApplicationSetting for private profile (merge request)
• Add allow_runner_registration_token namespace setting (merge request)
• Add username in the OIDC preferred_username claim by @janLo (merge request)
• Add mirror_branch_regex to api by @lyb124553153 (merge request) GitLab Enterprise Edition
• Trigger merge status subscription when a new discussion is created (merge request)
• GraphQL: Add RunnersJobsStatisticsResolver (merge request) GitLab Enterprise Edition
• Add PATCH method for /user/status REST API (merge request)
• Expose milestone ID in the milestone page (merge request)
• Includes batch-details.json to database sampling artifacts (merge request)
• Remove Feature Flag from Runners Finder (merge request)
• Add incident hooks col to integrations (merge request)
• Create Ci::RunnerMachine model (merge request)
• Add worker to sync repository data types in SSF (merge request) GitLab Enterprise Edition
• Add AnalyticsDashboardPointer model (merge request)
• Send GraphQL triggers on discussion un/resolution (merge request)
• Add allow_runner_registration_token application setting (merge request)
• GraphQL: Add CI jobs statistics types (merge request) GitLab Enterprise Edition
• Add fk details to postgres_foreign_keys view (merge request)
• Show new "Your work" sidebar on Projects dashboard (merge request)
• Add noteable commenters GraphQL field (merge request)
• Added timelogs pagination and total time spent retrieval by @zillemarco (merge request)
• Add noteable commenters GraphQL field (merge request)
• Enable promote to incident quick action for issue creation (merge request)
• Allow TeleSign credentials to be configure via ApplicationSetting API (merge request) GitLab Enterprise Edition
• Index members member_namespace_id and other columns (merge request)
• Allow aggregating CE events with EE events (merge request)
• Add SkipDelete option to the direct upload authorize response (merge request)
• Schedule async index on ci_builds (merge request)
• Add member_namespace async indexes (merge request)
• Added sorting option to timelogs GraphQL resolver by @zillemarco (merge request)
• Create UserAchievement model by @Taucher2003 (merge request)
• Add system notes metadata to GraphQL NoteType (merge request) GitLab Enterprise Edition
• Adds keyword to opt-out of cache isolation (merge request)
• Add import all gists to snippets endpoint (merge request)
• Adds run_name to mlflow/runs/create (merge request)
• Respect bulk_import_enabled application setting when using BulkImports (merge request)
• Add management of streamed audit event filtering (merge request)
• Add index and foreign_keys including partition_id (merge request)
• Issue event filter also includes WorkItem events (merge request)
• Add mindmap support to Mermaid diagrams by @auke- (merge request)
• Add abuse category selector when reporting a user for abuse (merge request)
• Support filtering job_artifacts replicables by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Health status not filter (merge request) GitLab Enterprise Edition
• Reschedule epic cache count migration (merge request)

Fixed (108 changes)

• Add missing incident trigger label (merge request) GitLab Enterprise Edition
• Do not show CI/CD button when user has no permissions (merge request)
• Update styling in admin jobs page (merge request)
• Fix "triggered by" link for pipeline job by @winniehell (merge request)
• Group Owner to remove shared project (merge request)
• Fix missing VueApollo in project importers (merge request)
• Move tilde into inline code by @PeterTillema (merge request)
• Check time before starting reindex action (merge request)
• Display loading icon when destination is unknown (merge request)
• Fix expose of readme_url and forks_count in API (merge request)
• Prevent repository storage move workers from running simultaneously (merge request)
• Fixes Candidate name not being set (merge request)
• Remove CodeQuality Widget duplication in copy text (merge request)
• Fixed the broadcast message text color by @zillemarco (merge request)
• Update NuGet group level permissions requirements (merge request)
• Add migration to rename column (merge request)
• Removes collapsible sections that don't render correctly (merge request) GitLab Enterprise Edition
• Fix 404 when clicking 'Cancel' from fork project page (merge request)
• Add regex validation to bulk import post params (merge request)
• Search API should respect the global search feature_flag (merge request)
• Exclude trailing spaces from commit message search queries (merge request)
• [385860] Fix ProjectImportWorker record not-found (merge request)
• Fix double validation error for project deploy keys (merge request) GitLab Enterprise Edition
• Fix relative repository file link with percent sign (merge request)
• Allow DAST profiles to be modified/removed when not referenced (merge request) GitLab Enterprise Edition
• Fix cache-miss bug in MultiStore (merge request)
• Batch migration to set OauthAccessToken#expires_in (merge request)
• Add regex validation to bulk import post params (merge request)
• Fix when coverage_report is set to null (merge request)
• Handling locked partitions when truncating legacy tables (merge request)
• Fix jira_connect_proxy_url blank setting bug (merge request)
• Fix work item comments not loading by iid (merge request)
• Adapt helpers to use policy instead of admin? (merge request)
• Fix richtext editor buttons in work item modal (merge request)
• Don't open help link in new tab (merge request) GitLab Enterprise Edition
• Do not check for signup info on pwa controller (merge request)
• Fix manual variable inputs width (merge request)
• Group-level project templates do not import various settings (merge request)
• Changing ActiveRecord to ApplicationRecord in spec (merge request)
• Fix amount_used column precision (merge request)
• Geo Sites - Fix invalid href prop (merge request) GitLab Enterprise Edition
• Fix error when validating SBoMs with licenses (merge request)
• Fix Container Repository Geo replication when media type is absent (merge request)
• Fix Import/Export protected branch access levels associated with user (merge request) GitLab Enterprise Edition
• Eliminate certain instances of NoMethodError (merge request)
• Fix time formatting on Container Registry by @giggsey (merge request)
• Fix repoPushed field in contributions GraphQL API (merge request) GitLab Enterprise Edition
• Add CSP Concern to CI/CD Settings (merge request) GitLab Enterprise Edition
• Update vulnerability report when bulk-dismissing (merge request) GitLab Enterprise Edition
• Fix cache-miss bug in MultiStore (merge request)
• Deduplicate increments during a refresh (merge request)
• Cleans-up extra attributes set in clipboard_button helper by @afzal442 (merge request)
• Fix :unknown executor_type (merge request)
• Fixed the URL generation for new MR from IDE (merge request)
• Don't prepend commit SHA with # in registries (merge request)
• Prevent nav text clipping (merge request) GitLab Enterprise Edition
• Fix NoMethodErrors when there is no slack_application (merge request) GitLab Enterprise Edition
• Truncate long vulnerability flag description while ingesting (merge request) GitLab Enterprise Edition
• Fix review summary tabs in dark mode (merge request)
• Fix days used on first day of trial display (merge request) GitLab Enterprise Edition
• Reset Container Repository Sync status on secondary (merge request)
• Update CodeQuality MR Widget Message with no findings (merge request)
• Update classes for CI status icons in deployments (merge request)
• Enforce memory-watchdog by default (merge request)
• Prevent erroring when time is somehow nil (merge request)
• Use the same exclusive lease key name for all indexing actions (merge request)
• Update epic tree count on add and remove epic (merge request) GitLab Enterprise Edition
• Fix typo for environments edit path (merge request)
• Sobelow support for nested Elixir projects (merge request)
• Geo Sites - Update Container Repo Data Type (merge request) GitLab Enterprise Edition
• Drop justify-content-center class in favor of align prop (merge request)
• Supplementary logic for inherit_group_setting by @luzhiyuan.deer (merge request)
• Fix --extra-index-url usage by @usdResponsibleDisclosure (merge request)
• Drop injects' default values (merge request)
• Fix LocalJumpError when an MR has no diff (merge request)
• Fix undefined method error (merge request)
• Fix undefined method error for CI::Pipeline (merge request)
• Clean up prevent_outdated_deployment_jobs feature flag (merge request)
• Geo: Container Repository push events don't work (merge request)
• Fix create epic REST endpoints (merge request) GitLab Enterprise Edition
• Skip rendering of empty admin notes on group page (merge request)
• Fix ContainerRepository graphql in admin area (merge request)
• Fix maintain member for Advanced Search (merge request) GitLab Enterprise Edition
• Change sign in button to use isGitlabCom (merge request)
• Workhorse: Fix code nav relative path calculation (merge request)
• Relax FIPS constraints on PyPi packages (merge request)
• Workaround a segfault due to array GC bug (merge request)
• Fix Maven packages not working on FIPS kernels (merge request)
• Set default OauthAccessToken#expires_in (merge request)
• Rescue BulkImports::NetworkError on bulk import creation (merge request)
• Highlight Python syntax with Rouge (merge request)
• Allow member creator service to handle existing access requests (merge request)
• Fix creating JIRA issue URL for security findings (merge request) GitLab Enterprise Edition
• Fix remove parent epic quick command (merge request) GitLab Enterprise Edition
• Move vulnerability creation out of transaction (merge request) GitLab Enterprise Edition
• Add notebook viewer (merge request)
• Fix the Container Registry tag filter (merge request)
• Return bare hostname for importing a project (merge request)
• Remove breadcrumb border on repository > files view (merge request)
• Fix regression on cyclic definition in GraphQL GroupType by @zillemarco (merge request)
• Only render GFM when the element exists (merge request)
• Fix repository ref encoding issue (merge request)
• Fix WorkItem URL when listing user activity from contributions graph (merge request)
• Remove Geo Replication sidebar nav link (merge request) GitLab Enterprise Edition
• Handle Net::HTTPBadResponse in Gitlab::HTTP (merge request)
• Fix 500 error when artifact file is missing (merge request)
• Fix error in API due to locking mechanism (merge request)
• Use BigInt for Graphql Blob type to cover huge files (merge request)

Changed (141 changes)

• Add clarification for source of username and email info (merge request)
• Adds namespace filtering for group and project searches (merge request) GitLab Enterprise Edition
• Provide an existing namespace when importing project from GitHub (merge request)
• Update UI for image repositories scheduled for deletion (merge request)
• Update permissions for Epic add dropdown action (merge request) GitLab Enterprise Edition
• Converting commit branches dropdown to GlCollapsibleListbox (merge request)
• Move project storage app to core codebase (merge request)
• Improve partial github import display (merge request)
• Add tooltip to epic actions dropdown (merge request) GitLab Enterprise Edition
• Remove the vue_broadcast_messages feature flag (merge request)
• Use RetryError for DeleteBranchWorker (merge request)
• Removed the template type selector (merge request)
• Switch draft state toggle to use a checkbox (merge request)
• Remove Code-quality counter badge when report is not loaded (merge request) GitLab Enterprise Edition
• Improve spacing for DAST profile summary (merge request) GitLab Enterprise Edition
• Order children within Work Items Hierarchy Widget by created_at (merge request)
• Improve escalation policies experience in the add/edit form help text by @daelmo (merge request) GitLab Enterprise Edition
• Migrate runner buttons to pajamas (merge request)
• Block outgoing Chrome connections in Capybara tests (merge request)
• Move dollar math handling to markdown pipeline (merge request)
• Add Gitlab::Redis::RepositoryCache Redis instance (merge request)
• Update permissions to add child issue (merge request) GitLab Enterprise Edition
• Experiment to add tier badge (merge request) GitLab Enterprise Edition
• Rename filepath in Releases APIs to direct_asset_path (merge request)
• Set context header height to auto (merge request) GitLab Enterprise Edition
• DAST path to display on vulnerabilities list (merge request) GitLab Enterprise Edition
• Adapt Debian distributions API to consider package registry access level (merge request)
• Remove solved issues from Package Registry docs by @wwwjon (merge request)
• Raise a BadRequest error when escaping invalid URL (merge request)
• Updates installation docs about plpgsql extension (merge request)
• Remove compatibility_alert from Jira connect app (merge request)
• Add mergeRequest to PipelineSecurityReporyFinding (merge request) GitLab Enterprise Edition
• Fix toggle button in MR collapsible extension (merge request)
• Adds documentation for migration helpers (merge request) GitLab Enterprise Edition
• Version Check - Add feature flag (merge request)
• Display neutral Icon when CodeQuality report did not change (merge request)
• Remove ci_pipeline_triggers_settings_vue_ui feature flag (merge request)
• Default enable validate release with author ff (merge request)
• Add preview alert on invite members modal (merge request)
• Limit abuse reports to one per reporter per category (merge request)
• Globally enable dependency_list_exporter FF (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.45.0 (merge request)
• Remove two_line_mention_enabled feature flag (merge request)
• Update branch rules according to changes in API (merge request) GitLab Enterprise Edition
• Use TimezoneDropdown in oncall schedule create (merge request) GitLab Enterprise Edition
• Set up modal navigating on work items (merge request)
• Migrate ToolbarTextStyle to GlListbox (merge request)
• Align CodeQuality MR Widget wording (merge request)
• Migrate application delete button to Pajamas component (merge request)
• Update approvers_select to use gl-listbox (merge request) GitLab Enterprise Edition
• Limiting Apple App Store Integration to the project level (merge request)
• Cleanup update_oauth_registration_flow feature flag (merge request)
• Add empty state to the pipeline schedules page (merge request)
• Migrate user settings away from select2 (merge request)
• Escape snowplow js asset url (merge request)
• Update contributions GraphQL API date validation (merge request) GitLab Enterprise Edition
• Updates copy for namespace storage enforcement locking banner (merge request) GitLab Enterprise Edition
• Allow multiple users to report a user for abuse (merge request)
• Update notifications.md to be accurate (merge request)
• Closed and expired milestone should show as closed (merge request)
• Made document title descriptive for Web IDE by @mehulsharma (merge request)
• chore: Limit MarkDroppedAsResolved lookup to primary_ids only (merge request)
• Simplify signature badge popover (merge request)
• Remove send_traversal_ids_to_indexer flag (merge request) GitLab Enterprise Edition
• Update 422 page styling (merge request)
• Add audit events for protected environments (merge request) GitLab Enterprise Edition
• Update permissions to relate epics (merge request) GitLab Enterprise Edition
• Add validation for State in purchase flow (merge request) GitLab Enterprise Edition
• Add message to modal explaining that sole owners can't be removed (merge request)
• Enable cyclonedx_sbom_ingestion by default (merge request) GitLab Enterprise Edition
• Migrate error tracking settings dropdown to Listbox (merge request)
• Add system check for pending advanced search migrations (merge request) GitLab Enterprise Edition
• Improve security report schema deprecation message (merge request) GitLab Enterprise Edition
• Remove the vue_group_select feature flag (merge request) GitLab Enterprise Edition
• Simplifies the design for todo mentions (merge request)
• Add spec and refactor null check by @daelmo (merge request)
• Update SYNTAX_OPTIONS_DOCUMENT path for the drawer document (merge request)
• Improve contrast of secondary text in dark mode (merge request)
• Update edit policy page titles (merge request)
• Adding Apple App Store Integration (merge request)
• Add content for retried manual builds (merge request)
• Update link ot TYPO3 distribution template (merge request)
• Set filename when the file is not stored locally (merge request) GitLab Enterprise Edition
• Rename sidebar component to drawer (merge request) GitLab Enterprise Edition
• Use GlCollapsibleListbox in ci_environments_dropdown (merge request)
• Add pipeline name to job webhook event payload (merge request)
• Remove association between ChatName and Integration (merge request)
• Rename short_title to pwa_short_name by @TrueKalix (merge request)
• Exposing BatchedMigration feature_category to metrics (merge request)
• Improve UX of Clear status after field (merge request)
• Migrate deploy token settings button (merge request)
• Add data to shouldCollapse method of MR Widget Extension (merge request)
• Remove update_vuln_identifiers_flag (merge request)
• Add variables argument to PlayJob (merge request)
• Removed the references to schema_linting flag (merge request)
• Add frontend code for dependency list export (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request)
• Unify response from UI and API for rebase operation (merge request)
• Move outdated deployment warning to FOSS (merge request)
• feat: Suppress deprecation warning if ingesting GitLab-vendored reports (merge request) GitLab Enterprise Edition
• Swap button for dropdowns (merge request) GitLab Enterprise Edition
• Add event type information for email address confirmation after sign in by @daelmo (merge request) GitLab Enterprise Edition
• Remove deprecation notice in POST /runners (merge request)
• Add index_status for groups (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Update indexes on ChatNames (merge request)
• Remove optimized-housekeeping feature flag (merge request)
• Add text input field to trigger_field.vue (merge request)
• Move admin menu jobs under CI/CD section by @Taucher2003 (merge request)
• Update internal notes policy names (merge request) GitLab Enterprise Edition
• Enable utilize_finding_data feature flag by default (merge request) GitLab Enterprise Edition
• Remove package registry migration survey banner by @ali_o_kan (merge request)
• Delegate profile fields to user details by @brianjaustin (merge request)
• Update default preferred_language value of user by @icbd (merge request)
• Add event name for merge method (merge request)
• Refactor user type scopes (merge request)
• Update occurrences rather than appending new ones (merge request)
• Move admin runners menu (merge request)
• Update user documents in elasticsearch when certain fields change (merge request) GitLab Enterprise Edition
• Turn gzip errors into structured log events (merge request)
• Add Gitlab::Redis::RepositoryCache Redis instance (merge request)
• Fix(Subscription Card): add disabled state to sync (merge request) GitLab Enterprise Edition
• Persist artifacts:public to Ci::JobArtifact table (merge request)
• Add custom error for gitaly unavailable (merge request)
• Update rails-html-sanitizer to v1.4.4 (merge request)
• Update CI error message when pipeline has no jobs to run (merge request)
• Cleanup members table layout and buttons (merge request)
• Open api users (merge request)
• Replace gl-dropdown with gl-collapsible-list-box for pipelines List (merge request)
• Make todos where you are mentioned two lined (merge request)
• Allow null only/except keywords to be combined with rules (merge request)
• Migrate to GlCollapsibleListbox in jira-connect page (merge request)
• ci: Build Workhorse with FIPS Go compiler (merge request)
• Move richtext editor switcher to toolbar (merge request)
• Update spam log buttons to pajamas (merge request)
• Add issueLinks to PipelineSecurityReportFinding (merge request) GitLab Enterprise Edition
• Update sign-up registration buttons to pajamas (merge request)
• Add synch' portion of multi-step index creation (merge request)
• Migrate status badge to Pajamas (merge request)
• Adapt Debian API to consider package registry access level by @wwwjon (merge request)
• Adapt Ruby gems API to consider package registry access level by @wwwjon (merge request)

Deprecated (4 changes)

• Projects API: Mark operations_access_level as deprecated (merge request)
• Announce planned removal of openSUSE 15.3 packages (merge request)
• Deprecate approvers and approval_group fields (merge request)
• Deprecate security report schemas versions 14.. (merge request) GitLab Enterprise Edition

Removed (8 changes)

• Remove tmp index for vulnerabilities with cluster image scanning (merge request) GitLab Enterprise Edition
• Delete scheduled jobs for Vulnerabilities::Feedback migration (merge request)
• Remove group_export_ndjson, group_import_ndjson FFs (merge request) GitLab Enterprise Edition
• Remove unused VSA use_aggregated_backend endpoint (merge request) GitLab Enterprise Edition
• Replace housekeeping setting with a single one in API (merge request)
• Deduplicate lock-retries helpers in migration modules (merge request)
• Remove phabricator_import feature flag (merge request)
• Remove temp index on project_statistics (merge request)

Security (12 changes)

• Update Gitaly version
• Limit the size of user agent to reduce ReDos attack
• Avoid regex with potential for poorly performing backtracking
• Protect Sentry auth-token after changing URL
• Fix "Race condition enables verified email forgery"
• Validate token scopes in bulk_import service (merge request)
• Policy change to read and destroy token without license for .com
• Pages version bump SHA for 15.8
• Restrict Grafana API access on public projects
• Delete project specific licenses when license policy is deleted
• Protect web-hook url variables after changing URL
• Restrict user avatar availability based on visibility restrictions

Performance (8 changes)

• Add index for environments on project_id and id (merge request)
• Expand compound index on members to include member_role (merge request)
• Add partial index in namespaces (merge request)
• Replace index_ci_runners_on_runner_type to include id (merge request)
• Remove vulnerability state migration (merge request)
• Improve the performance of count queries for replicator class (merge request) GitLab Enterprise Edition
• Remove cache_project_integrations feature flag (merge request)
• Optimize code owners file section regex (merge request) GitLab Enterprise Edition

Other (41 changes)

• Remove obsolete Redis test helper (merge request)
• Adding feature_category to pods related specs (merge request)
• Add sync database indexes to events table (merge request)
• Remove cyclonedx_sbom_ingestion feature flag (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to 14.15.0 (merge request)
• Fix Style/FormatString offenses (merge request)
• Remove pipeline_name feature flag (merge request)
• Log pipelines that exceed includes maximum (merge request)
• Refactor Gitaly client stub to reduce the number of connections (merge request)
• Move disabled message to LearnGitlabHelper, set default in Vue (merge request) GitLab Enterprise Edition
• Update users stat making billable users consistent (merge request) GitLab Enterprise Edition
• Sets feature_category as :database for existing bg migrations (merge request)
• Update when storage banner can be dismissed (merge request) GitLab Enterprise Edition
• Remove the FF ci_raw_variables_in_yaml_config (merge request)
• Remove unused code from UpdateAllMirrorWorker (merge request) GitLab Enterprise Edition
• Bump default partition_id value for CI tables to 101 (merge request)
• Raise an exception when fail to delete a branch (merge request)
• Remove feature flag limit_assigned_issues_count (merge request)
• Remove paginated_mr_discussions feature flag (merge request)
• Remove hide notification feature flag for free user cap (merge request)
• Remove feature flag 'delay_for_repository_update_mirror' (merge request)
• Fixing Database/MultipleDatabases offenses in specs (merge request)
• Add Gitaly grpc client-side load-balancing configs (merge request)
• Remove dispensable_render feature flag (merge request)
• Backfil migration for releases with empty author_id (merge request)
• Remove bulk_update_membership_roles feature flag (merge request)
• Remove display_merge_conflicts_in_diff feature flag (merge request)
• Fix Graphql/Descriptions offenses in 'app/graphql/mutations/' by @Ashvith (merge request)
• Fix Style/SymbolProc offenses by @mhdasm3 (merge request)
• Remove container_repository_updated_event_id from geo_event_log (merge request)
• Remove the log file_variable_is_referenced_in_another_variable (merge request)
• Remove has_many :sourced_pipelines from Ci::Bridge (merge request)
• Unify namespace storage limits view (merge request) GitLab Enterprise Edition
• Cleans up ssh commit sign by @afzal442 (merge request)
• Remove the FF ci_refactoring_external_mapper (merge request)
• Remove ci_build_partition_id_token_prefix feature flag (merge request)
• Fix Rspec/AnyInstanceOf offenses by @mhdasm3 (merge request)
• Remove _test from objectstore tests (merge request)
• Factor out S3 API types (merge request)
• Do not use _test when not necessary (merge request)
• Add config/redis.yml unified config file (merge request)

15.7.9 (2023-04-20)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.7.8 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.7.7 (2023-02-10)

No changes.

15.7.6 (2023-01-30)

Security (5 changes)

• Remove parameter validation for registry notification request [15.7] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.7.5 (2023-01-12)

No changes.

15.7.4 (2023-01-12)

No changes.

15.7.3 (2023-01-11)

Fixed (3 changes)

• Reset Container Repository Sync status on secondary (merge request)
• Enforce memory-watchdog by default (merge request)
• Geo: Container Repository push events don't work (merge request)

15.7.2 (2023-01-09)

Security (9 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.7.1 (2023-01-05)

Fixed (2 changes)

• Relax FIPS constraints on PyPi packages (merge request)
• Workaround a segfault due to array GC bug (merge request)

Performance (1 change)

• Remove vulnerability state migration (merge request)

15.7.0 (2022-12-21)

Added (182 changes)

• Get timeline event tag and display on list (merge request)
• Add tag_list to dast_profiles (merge request)
• Serialize image attributes for content editor (merge request)
• Add CI_PROJECT_NAMESPACE_ID to predefined variables by @vadrin (merge request)
• Add project language search/filter (merge request)
• Creating tasks counts towards user contribution graph (merge request)
• Process requirements_v2 artifacts on CI Jobs (merge request) GitLab Enterprise Edition
• Add health status selection widget for work items (merge request) GitLab Enterprise Edition
• Add metrics for number of created merge requests (merge request)
• Remove feature flag allow audit event type filtering (merge request) GitLab Enterprise Edition
• Create StateTransitions for dismissed Vulnerabilities (merge request)
• Count approval project rules metrics (merge request) GitLab Enterprise Edition
• Add meaningful names for project feature updates (merge request) GitLab Enterprise Edition
• Add class for retrieving SBOM Components (merge request) GitLab Enterprise Edition
• Add forkDetails GraphQL field to ProjectType (merge request)
• Add possibility to import all gists (merge request)
• Add api endpoints for dependency list exports (merge request) GitLab Enterprise Edition
• Add Sidekiq worker to re-enable pull mirror configuration (merge request) GitLab Enterprise Edition
• Add ability to cancel github project improt (merge request)
• Expose Alert (global) ID in GraphQL queries (merge request)
• Add semgrep as a supported analyzer for Scala (merge request)
• Update feature flag to be enabled by default (merge request)
• Add GraphQL mutation to unlink alert from incident (merge request)
• Allow pipelines to have custom names (merge request)
• Add pipeline_hierarchy_size (merge request)
• Counter merged merge requests using approval rules (merge request) GitLab Enterprise Edition
• Add dast_pre_scan_verifications_steps table (merge request)
• Add Package registry visibility toggle (merge request)
• Retry api for failed status checks (merge request) GitLab Enterprise Edition
• Add mutation to update progress (merge request) GitLab Enterprise Edition
• Work Item widget notes (merge request)
• Allow filtering requirements by work_item IID (merge request) GitLab Enterprise Edition
• Filtering TODOs by Issue type includes tasks (merge request)
• Add pipelineScheduleCreate mutation by @batu (merge request)
• Remove the markdown_image_attributes feature flag (merge request)
• Embed observability in GitLab (merge request)
• Add short_title attribute to appearance by @TrueKalix (merge request)
• Require approvals in case of pre-existing vulnerabilities (merge request) GitLab Enterprise Edition
• Exclude uploads_size from project_statisitcs#storage_size (merge request)
• Enable optimized housekeeping by default (merge request)
• Remove require_approval_on_scan_removal feature flag (merge request)
• GraphQL approveDeployment permission (merge request)
• Update importers group select dropdowns to use GraphQL (merge request)
• Add Terraform state size limit to admin UI (merge request)
• Add pipelineSchedulePlay mutation (merge request) GitLab Enterprise Edition
• Global alert when reach the dashboard limit (merge request)
• Allow filtering work items by key result type (merge request)
• Add token sub-keyword to CI config (merge request) GitLab Enterprise Edition
• Add gists importer to schedule each gist import (merge request)
• Add unique index to ci_builds (merge request)
• Add new ci job artifact requirement_work_items (merge request) GitLab Enterprise Edition
• Get tag signature via Tags API (merge request)
• Disable Gitlab migration form when it is disabled (merge request)
• Migrate incident_management to events (merge request)
• Add ability to add read_code to custom roles (merge request)
• Create achievements model and database table (merge request)
• Add PATCH /groups/:id/members/:user_id/member_role (merge request) GitLab Enterprise Edition
• Update import group dropdown to use graphql (merge request)
• Enable hash_based_cache_for_protected_branches FF by default (merge request)
• Added documentation about adding time entries using the UI by @zillemarco (merge request)
• Add bulk_import_enabled to application_settings db table (merge request)
• Add Packages::Debian::ProcessPackageFileWorker by @sathieu (merge request)
• Add admin settings for default preferred language by @icbd (merge request)
• Add GraphQL mutation to link alerts to incidents (merge request)
• Add expanded attribute to variables settings (merge request)
• Allow provisioning group to view member email addresses via API (merge request) GitLab Enterprise Edition
• Add edit_path to pipeline_schedules_type (merge request)
• Add support for CI_ENVIRONMENT_NAME var to be used in job:rules (merge request)
• Add instrumentation for LDAP requests (merge request)
• Added a UI to create timelogs by @zillemarco (merge request)
• Expose Alert (global) ID in GraphQL queries (merge request)
• Commit committer name check with the commit author_name by @zhzhang93 (merge request) GitLab Enterprise Edition
• Extend environment field in GraphQL to expose deploy freezes (merge request)
• Cascade partition_id to Ci::Sources::Pipeline (merge request)
• Add negated health status filtering in GraphQL API (merge request) GitLab Enterprise Edition
• Add hasChildren field to work items hierarchy widget (merge request)
• Add unique index to ci_builds (merge request)
• Add index for author_id and created_at on merge_requests (merge request)
• Add a Search Within token to issues list search (merge request)
• Expose work item iid on requirement type for GraphQL (merge request) GitLab Enterprise Edition
• Migration: add column to project_settings by @luzhiyuan.deer (merge request)
• Add switch to toggle between current and new nav (merge request)
• Link to jobs tab from runner list (merge request)
• Add unit tests for redirection (merge request)
• Add worker to import gist to snippet (merge request)
• Adds execution status badge (merge request)
• Add behavior for self-assigning to reviewers in the sidebar (merge request)
• Add last_seat_refresh_at to gitlab subscriptions (merge request)
• Extend Actions in Scan Execution Policy to include Runner Tags (merge request) GitLab Enterprise Edition
• Document how to specify Git ref in agentk config (merge request)
• Allows user to navigate directly to the jobs tab (merge request)
• Add specific state name URI requirements (merge request)
• Update project GraphQL query to support nested environments (merge request)
• Add support for merge request template variables by @davebarr (merge request)
• Admin toggle individual group runner registration by @markus.ferrell (merge request)
• Add dependency_list_exports table (merge request) GitLab Enterprise Edition
• Remove webhook_form_mask_url feature flag (merge request)
• Ensure new signups complete steps using DB field (merge request)
• Enable the FF ci_raw_variables_in_yaml_config by default (merge request)
• Allow creating SSH keys with usage types via API (merge request)
• Expose Issue.relatedVulnerabilities on GraphQL (merge request) GitLab Enterprise Edition
• Finalize group member namespace id migration (merge request)
• GraphQL Deployment permissions (merge request)
• Manage default compliance frameworks (merge request)
• Implement Git repository housekeeping in SSF (merge request) GitLab Enterprise Edition
• Finalize namespace_id backfilling on issues table (merge request)
• Add $CODE_QUALITY_IMAGE_TAG to Code-Quality template (merge request)
• Adds Candidate Detail page (merge request)
• Add background migration to reset status on container repositories (merge request)
• Check if parent epic is exportable (merge request) GitLab Enterprise Edition
• Display Usage type field for SSH keys (merge request)
• Update email partipants for moved service desk issues (merge request)
• Compare results for scan_finding approval rules from multiple pipelines (merge request) GitLab Enterprise Edition
• Allow commits to be signed with SSH keys (merge request)
• Feat: signin signup locale switcher frontend by @JeremyWuuuuu (merge request)
• Verify user's phone number using TeleSign (merge request) GitLab Enterprise Edition
• Add support for rendering comments in content editor (merge request)
• Allow img size attributes to be specified (merge request)
• Record timestamp of status updates for container repositories by @Ashvith (merge request)
• Add health status sort option to group/project issues list (merge request)
• Update deployment data builder with relevant environment information by @rick.nu (merge request)
• Add HealthStatus Widget to WorkItems (merge request) GitLab Enterprise Edition
• Add key to visible_attributes by @icbd (merge request)
• Filter runners by project (merge request)
• Add warning to invite group modal (merge request)
• Stores MLFlow tags for experiments and runs (merge request)
• Add GRAPQHL option to ScanMethodTypeEnum (merge request) GitLab Enterprise Edition
• Audit Group SAML extern_uid changes (merge request) GitLab Enterprise Edition
• Add default hierarchy restrictions (merge request)
• Add index for vulnerability_feedback.comment processing (merge request)
• Rollout feature: webhook support regex by @luzhiyuan.deer (merge request)
• Add application limits to CI Variables settings (merge request)
• Mirror web_ide_commits metric to Snowplow (merge request)
• Send phone verification SMS to user via TeleSign (merge request) GitLab Enterprise Edition
• Implement new diffs REST API endpoint (merge request)
• Adds count badge for package other versions tab (merge request)
• Add readEnvironment field to GraphQL API (merge request)
• GraphQL Environment permissions (merge request)
• Use the routing table by default for Ci::BuildMetadata (merge request)
• Add async index for MRs on author_id and created_at (merge request)
• Overwrite header of blob viewer for JH-only feature by @LXY1226 (merge request)
• Add index for approval_merge_request_rules with MR ID and Created At (merge request)
• Add jitsu_key to EE::ProjectType (merge request) GitLab Enterprise Edition
• Add length limit to comment attribute (merge request) GitLab Enterprise Edition
• Initialized from Pages/Bridgetown project template (merge request)
• Geo: Replicate Dependency Proxy Manifests (merge request)
• Add dashboard status to namespace details and record (merge request)
• Add merge_requests to OpenAPI documentation (merge request)
• GraphQL: Add job_execution_status to CiRunner (merge request)
• Add SSH signature to GraphQL (merge request)
• Add job retry dropdown for manual jobs (merge request)
• Add filtering option to vulnerabilityGrades field (merge request) GitLab Enterprise Edition
• Add Usage Type to SSH keys (merge request)
• Add wildcard search for Branches and Tags (merge request)
• Add instance audit event for enabling admin mode (merge request) GitLab Enterprise Edition
• Add /license/:id REST API endpoint (merge request) GitLab Enterprise Edition
• Add work item notes widget (merge request)
• Add id_tokens CI keyword (merge request)
• Redis counter for streaming audit event types (merge request) GitLab Enterprise Edition
• Add query parameter to query environments by environment_type (merge request)
• Add work items hierarchy restrictions table (merge request)
• Capture suggested reviewers accepted (merge request)
• Add GraphQL Scan method to DastSiteProfile (merge request) GitLab Enterprise Edition
• Add /labels alias to /label quick action (merge request)
• Add a new reviewed_by variable for commit messages (merge request)
• Show divergence counts for a fork on project page (merge request)
• Add partition_id to ci_resources (merge request)
• Tooltip for description edit button on tasks (merge request)
• Add skeleton loader to Product analytics dashboard (merge request) GitLab Enterprise Edition
• Add JSONB data type with indifferent access (merge request)
• Add dast_pre_scan_verifications table (merge request)
• Add Packages::Debian::ProcessPackageFileService by @sathieu (merge request)
• Query change to include sub-folders in search (merge request)
• Add package metadata tables and models (merge request)
• Add a "reopen" tertiary action to the MR Closed Widget (merge request)
• Track and display all types of invalid approval rules (merge request) GitLab Enterprise Edition
• Add index for namespaces (merge request)
• Merge trains GET merge request API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Add source_enterprise column to BulkImports table (merge request)
• Add partition_id to ci models referenced by fk (merge request)
• Update project iterations query to accept sort (merge request) GitLab Enterprise Edition
• Release Jira Connect application settings (merge request)

Fixed (173 changes)

• Add string validation to trigger:project (merge request)
• Show dismissed finding for query (merge request) GitLab Enterprise Edition
• Fix max width for milestone widget for work items (merge request)
• Deduplicate geo:geo_project_sync jobs (merge request) GitLab Enterprise Edition
• Fix update templates Rake task for development environment (merge request)
• Only verify signatures which use the git namespace (merge request)
• GraphQL: Fix off-by-1 JOB_COUNT_LIMIT limit (merge request)
• Fixes list view of group merge request (merge request)
• Fix GitHub PR comments are out of order after import (merge request)
• Fix serialized import_sources on application_settings (merge request)
• Increase max limit on url_variables token length (merge request)
• Fix board sidebar in focus mode (merge request)
• Add migration to fix approval_project_rules without protected branches (merge request)
• Fix race condition when syncing mutable data types in SSF (merge request) GitLab Enterprise Edition
• Add transparent sso override feature flag (merge request) GitLab Enterprise Edition
• Add QA selector to all vulnerablity filters (merge request) GitLab Enterprise Edition
• Pluralize the entire sentence of "thanks alert" by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add export_path in order to make export api (merge request) GitLab Enterprise Edition
• Adapt specs to not use admin unnecessarily by @wwwjon (merge request)
• Removed pre-set branch in revert modal (merge request)
• Fix empty vendor header for tool filter (merge request) GitLab Enterprise Edition
• Only refresh indexes that exist (merge request) GitLab Enterprise Edition
• [332123] Fetch GitHub repos via GraphQL API (frontend) (merge request)
• [332123] Fetch GitHub repos via GraphQL API (backend) (merge request)
• Update BulkImports models to failed state on exception (merge request)
• Urlencode TF state name in init cmd modal (merge request)
• Show only active milestones in the dropdown (merge request)
• Markdow-drawer top position fix (merge request)
• Fixed output of error msg when editing a blob (merge request)
• Fix update servie desck with project_key by @lyb124553153 (merge request)
• GraphQL: Fix N+1 issue in jobCount (merge request)
• Prevent reload of pipelines table on job run (merge request)
• Allow support_bot assigning issues to epics (merge request) GitLab Enterprise Edition
• GraphQL: Fix N+1 issues with RunnerGroupsResolver (merge request)
• Ensure deploy tokens expires_at does not accept invalid dates (merge request)
• Rescue connection refused error (merge request)
• Raising error response for invalid identity (merge request) GitLab Enterprise Edition
• Improve query to fetch pipelines with given sha in scope of the project (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.17.0 (merge request)
• GraphQL: Fix N+1 queries in RunnerJobsResolver (merge request)
• Change relative position assigns for epic boards (merge request) GitLab Enterprise Edition
• Use finding_data to generate response (merge request) GitLab Enterprise Edition
• Ensure Gitlab::Metrics::Subscribers::Ldap is loaded (merge request)
• Show locked icon only for project runner (merge request)
• Display an error when repository has an ambiguous head branch (merge request)
• The packages_size metric is now handled by a counter attribute (merge request)
• Remove feature flag ci_run_bridge_for_pipeline_duration_calculation (merge request)
• GraphQL: Fix N+1 issue in RunnerOwnerProjectResolver (merge request)
• GraphQL: Fix N+1 issue in RunnerProjectsResolver (merge request)
• Do not reset fork visibility to private when possible by @KyleFromKitware (merge request)
• Fix NPE when no DB replicas available (merge request)
• Fix help link not being used in storage card (merge request) GitLab Enterprise Edition
• Fix excessive page updates at GitLab migration (merge request)
• Fix projects API preloader (merge request)
• Fix markdown import attachments in GitHub Import (merge request)
• Filter group_approvers in scan result policies by full_path (merge request)
• Return HTTP 400 for multipart header without boundary (merge request)
• Remove disable_pagination_counts_on_jobs_api feature flag (merge request)
• Revert "Merge branch 'sc1-track-allowed-crossslot-ops' into 'master'" (merge request)
• Fix vulnerability counts height changing when loading new data (merge request) GitLab Enterprise Edition
• Fix link to downstreams in MR (merge request)
• Prevent errors for conflicting pending escalations (merge request) GitLab Enterprise Edition
• Avoid preview request if quantity is not valid (merge request) GitLab Enterprise Edition
• Update check on purchase quantity for add-ons (merge request) GitLab Enterprise Edition
• Ensure TooManyIps exception returns 403 forbidden for GraphQL (merge request)
• Fixed a very small typo in GraphQL style guide by @zillemarco (merge request)
• Use sentence casing for Full report button in merge request widgets (merge request) GitLab Enterprise Edition
• Allow downloading files tracked with Git LFS via API (merge request)
• Add dependent: :destroy to associations in project (merge request)
• Switch from GlBadge to StrategyLabel for FeatureFlags (merge request)
• Fix long strings in incident timeline to break into multiple lines (merge request)
• Fix redirect when cancel GitHub OAuth (merge request)
• Fix integration tests to display extra test data (merge request)
• Fix scan approval when user does not have edit approval rule permission (merge request) GitLab Enterprise Edition
• Version Check - Properly handle bad API response (merge request)
• Adapt APIs to use policy instead of admin? by @wwwjon (merge request)
• Consider Feedback type when creating Vulnerabilities from pipeline (merge request) GitLab Enterprise Edition
• Fixes removal of "paused" parameter in URL (merge request)
• Fix corrupted security_scans statuses (merge request)
• Added correct call for setAssignees on FOSS (merge request)
• Make admin bot confirmed (merge request)
• Fixed wiki condition (merge request)
• Use pagination to limit the number of users returned (merge request)
• Margin between commit widget and colors of programming language (merge request)
• Fix padding (merge request)
• Validate variable key (merge request)
• Include detached partition tables in truncate_legacy_tables (merge request)
• Ensure SSO enforcement is only active when SAML is enabled (merge request) GitLab Enterprise Edition
• Fix empty password submitting failure on admin editing user page by @qk44077907 (merge request) GitLab Enterprise Edition
• Fix auditor users to use filters in the audit event search bar (merge request) GitLab Enterprise Edition
• Update parsing to support v3 pagerduty (merge request)
• Use run_after_commit when triggering GraphQL subscription (merge request)
• Fix filtering by release_tag when ordering by milestone (merge request)
• Indicate that DAG limit can't be disabled by @Taucher2003 (merge request)
• Hide marketing-related entries (merge request)
• Fix agent unique user count (merge request)
• Fix inclusion validation for CI entries (merge request)
• Adapt PAT Finder to use policy instead of admin? by @wwwjon (merge request)
• Reflect the selected insights page in the dropdown (merge request) GitLab Enterprise Edition
• Adapt Ci::JobsFinder to use policy instead of admin? by @wwwjon (merge request)
• Conditionally disable fastupdate on GIN indexes (issues, merge_requests) (merge request)
• Fix Todo GraphQL type which always had null project and group fields by @zillemarco (merge request)
• Update pmg dropdown ci icon size (merge request)
• Lowercase package paths before generating links (merge request)
• Fixed the misalignment of the dropdown item (merge request)
• Show 100% complete if 0 expected documents (merge request) GitLab Enterprise Edition
• Split ee and ce queries, uncomment specs (merge request)
• Hide card actions on boards when user does not have edit permission (merge request)
• Remove dast_api_scanner feature flag (merge request)
• Fix pages internal cache to not use app settings in the cache key (merge request)
• Project cannot belong to bot user namespace (merge request)
• Adapt RoutesFinder to use policy instead of admin? by @wwwjon (merge request)
• Make Work Items breadcrumb icon and URL dynamic (merge request)
• Improve Dast site profile creation error message (merge request) GitLab Enterprise Edition
• Prevent service hooks from being disabled (merge request)
• Migrate away from select2 in User Preferences (merge request)
• Fix securityReportFinding when no pipeline finding (merge request) GitLab Enterprise Edition
• [217925] LFS import in batches (merge request)
• Allow authorization submit from Swagger UI documentations by @W_S (merge request)
• Fix VulnerabilityScannerType to resolve scanners (merge request) GitLab Enterprise Edition
• Remove custom CORS controller for JiraConnect (merge request)
• Fix NoMethodError when showing X.509 signature users (merge request)
• Ignore scan_finding rule for MR against unprotected branches (merge request) GitLab Enterprise Edition
• Fix default value for pipeline logger observations (merge request)
• On user delete associate releases to ghost user (merge request)
• Use pajamas for SSH key delete button (merge request)
• Fix purging scans by build_id (merge request) GitLab Enterprise Edition
• Fixing quick action styling for draft notes (merge request) GitLab Enterprise Edition
• Automatically locking newly created tables on the database (merge request)
• Fix query timeout issues on Security::Scans::PurgeWorker (merge request)
• Adapt UsersFinder to use policy instead of admin? by @wwwjon (merge request)
• Rapture source enterprise info & skip EE data when importing from CE (merge request)
• Paginate group runners in CI/CD settings (merge request)
• Fixed skip option (merge request)
• Fix non menu-item button styles in dropdowns (merge request)
• Sync scan result policies on link/unlink of policy project (merge request) GitLab Enterprise Edition
• Memoize Pages::LookupPath fields to prevent heavy recalculations (merge request)
• Fix: taskable item status locale issue by @JeremyWuuuuu (merge request)
• In 53fb7663 (Support structured error for UserCommitFiles, (merge request)
• Fix localization for Outbound Requests Settings by @Taucher2003 (merge request)
• Fix memory limit for RssMemoryLimit monitor (merge request)
• Fix group deploy token access for Git LFS by @MariusSchiffer (merge request)
• Add rescue to gracefully handle missing namespaces (merge request) GitLab Enterprise Edition
• Use indifferent_keys for WAL locations (merge request)
• Update colors in the user activity calendar (merge request)
• Fix group transfer not transfering groups (merge request) GitLab Enterprise Edition
• Database saved audit events now stream with primary key id (merge request) GitLab Enterprise Edition
• Fix scroll to line number range (merge request)
• Limit project download limit to group namespaces (merge request)
• Fix Sidekiq::Worker::EnqueueFromTransactionError in audit event stream (merge request) GitLab Enterprise Edition
• Fix Group SAML mismatched extern_uid redirect loop (merge request) GitLab Enterprise Edition
• Added classes to hide HR on mobile (merge request)
• Handle ambiguous reference error (merge request)
• Use ind_jsonb type class directly for ApplicationSetting (merge request) GitLab Enterprise Edition
• Register custom Active Record types earlier during boot (merge request)
• Add security_policy_bot user for scan execution policies (merge request) GitLab Enterprise Edition
• Fix Chat Integrations TEST endpoint (merge request)
• GitLab Migration - fail early if export status on source is empty for 5m (merge request)
• Fix deleting protected branch (merge request)
• Fix: kroki settings locale issue by @JeremyWuuuuu (merge request)
• Fix: spam locale issue by @JeremyWuuuuu (merge request)
• Always hide the loader spinner when clicking a tab (merge request)
• Validate UserDetail#website_url only on update (merge request)
• Properly change the URL when changing MR tabs (merge request)
• Fix invite members shared examples (merge request)
• Show how many commits behind an MR is when merge controls are visible (merge request)
• Document how to fix PDF views with LFS and proxy_download disabled (merge request)
• Fix: todos due date locale issue by @JeremyWuuuuu (merge request)
• Highligh classes tweak (merge request)
• Fix: jobs table header locale issue by @JeremyWuuuuu (merge request)
• Fix: locale on admin dashboard by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fixing misspelled stories file name (merge request)
• Remove feature flag ci_retry_job_fix for retry job fix (merge request)

Changed (261 changes)

• Adjusting the default attachment size on self hosted instances (merge request)
• Doc changes for housekeeping documentation (merge request)
• Add vulnerability in PipelineSecurityReportFinding (merge request) GitLab Enterprise Edition
• Make repository snapshotting configurable per replicable (merge request) GitLab Enterprise Edition
• Associate iteration to a work item during creation (merge request)
• Filter out insights charts based on settings (merge request) GitLab Enterprise Edition
• Refresh Slack app home with notifications (merge request) GitLab Enterprise Edition
• Allow Define Tags for Scan Execution Policies (merge request)
• Switch to use a button click to start a new thread (merge request)
• Update user preference Web IDE terminology (merge request)
• Update dotnetcore project template (merge request)
• Sidebar - remove legacy code and feature flag refs (merge request)
• Show add activation code for all subscriptions (merge request) GitLab Enterprise Edition
• Update site_profile to accept file path for graphql scans (merge request)
• Update enabled default value from false to true (merge request)
• Set GOGC for gitlab-metrics-exporter (merge request)
• Run SAST and Dependency Scanning from enforced policies in same pipeline (merge request) GitLab Enterprise Edition
• Migrate to ref_selector.vue (merge request)
• Replace bootstrap dropdown (merge request)
• Change help page path for job timeouts by @Taucher2003 (merge request)
• Add event type information for name attribute by @daelmo (merge request) GitLab Enterprise Edition
• Remove markup_rendering_timeout feature flag (merge request)
• Store slack authorized scopes (merge request)
• Update permissions for epic quick actions (merge request) GitLab Enterprise Edition
• Restrict access to a CI/CD tunnel to specific environments (merge request)
• Restrict changing of issue type (merge request)
• Apply suggested documentation change (merge request)
• Remove feature flag ci_reuse_build_in_seed_context (merge request)
• Cascade partition_id to Ci::Resource (merge request)
• Add event name information for external status check changes by @daelmo (merge request) GitLab Enterprise Edition
• Squash housekeeping period options into a single one (merge request)
• Improve system note for alert resolution from incidents closing (merge request)
• Remove manage subscription button (merge request) GitLab Enterprise Edition
• Remove stage-cell class (merge request)
• Flipped the editable flag on the form for Slack (merge request)
• Improve CI config timeout error message and Update error title (merge request)
• Increase contrast ratio of buttons (merge request)
• Migrate trial's namespace selector away from select2 (merge request) GitLab Enterprise Edition
• Moves done button for to-dos on small devices (merge request)
• Remove gl-card related styles (merge request)
• Move title for todo to beginning of line (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Do not enable advanced user search if the level is group or project (merge request) GitLab Enterprise Edition
• Refactor group overview tabs empty state (merge request)
• Skip create project push rule by @lyb124553153 (merge request) GitLab Enterprise Edition
• Enable pipeline_tabs_vue by default (merge request)
• Update permissions to add child epics (merge request) GitLab Enterprise Edition
• Removed hierarchy_db_restrictions flag (merge request)
• Support just one node version for from-source install (merge request)
• Add resolved Indicator to CodeQuality MR Widget (merge request)
• Improve NTP check converting to multi_check (merge request) GitLab Enterprise Edition
• Exclude Bots from Billable Members on SaaS (merge request)
• Update send_user_confirmation_email usage (merge request)
• Update UI text for push events (merge request)
• Migrate pajamas buttons in invitation template (merge request)
• Coupon code input for new SaaS purchase (merge request) GitLab Enterprise Edition
• Remove quotes from hash keys by @daelmo (merge request) GitLab Enterprise Edition
• Apply rubocop, lint and team suggestions by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for branch_name_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for commit_message_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for commit_message_negative_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for author_email_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for file_name_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for max_file_size attribute by @daelmo (merge request) GitLab Enterprise Edition
• Migrate GlDropdown in source_branch_dropdown.vue to GlCollapsibleListbox (merge request)
• Add new project features to API (merge request)
• Implement max limit for assigned issues count (merge request)
• Include max_terraform_state_size_bytes in the Application Settings API (merge request)
• Add syntax options drawer to topBar component (merge request)
• Increase partition size of security_findings table (merge request) GitLab Enterprise Edition
• Ignore tags for child pipeline in scan execution policy (merge request) GitLab Enterprise Edition
• Simplify getFormattedScanners logic for vulnerability report tool filter (merge request) GitLab Enterprise Edition
• Add disable personal access tokens to ApplicationSettings (merge request)
• Bump kas version to v15.7.0 (merge request)
• Output gitaly addresses instead of gitaly storage directories (merge request)
• Cleanup run_pipeline_graphql feature flag (merge request)
• Update storage purchase messages (merge request) GitLab Enterprise Edition
• Remove sync button in subscription details footer (merge request) GitLab Enterprise Edition
• Only run sampling for batched background migrations for the current MR (merge request)
• Add Remember me in the SAML workflow (merge request) GitLab Enterprise Edition
• Remove skip trial links for trials/new (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in HAML files by @JonstonChan (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Add services and workers related to (merge request) GitLab Enterprise Edition
• Add api scope validation for access token (merge request)
• Move todo state to beginning (merge request)
• Fix the delete container repositories background job (merge request)
• Removed milestone widget completely out of FF (merge request)
• Show runner stats only when some runners are found (merge request)
• GitLab Upgrade Alert - Security Upgrade Alert Modal (merge request)
• Update global alert for notification read-only namespace (merge request) GitLab Enterprise Edition
• Add smaller thresholds for development environment (merge request) GitLab Enterprise Edition
• Remove GitHub Import rule from Danger (merge request)
• Use ALL_PROTECTED_BRANCHES text in rule editor for scan result policies (merge request) GitLab Enterprise Edition
• Improves layout of to do items (merge request) GitLab Enterprise Edition
• Remove adding Redis metrics from known_events (merge request)
• Remove ci_secure_files feature flag (merge request)
• Add max_terraform_state_size_bytes column to application_settings (merge request)
• Add index curator debug improvements (merge request) GitLab Enterprise Edition
• Set deduplication strategy :until_executed (merge request) GitLab Enterprise Edition
• This MR migrates button to pajamas component (merge request)
• Disable vulnerability feedback preloading when deprecated (merge request) GitLab Enterprise Edition
• Improve UX of Clear status after field (merge request)
• Fix image filter tooltip and remove tooltip show delay (merge request) GitLab Enterprise Edition
• Clean up image filter and cluster filter isLoading and error message (merge request) GitLab Enterprise Edition
• Add Limitable to project and group CI variables (merge request)
• Use CleanupTagsService in ContainerRepository::ContainerRepository (merge request)
• Create work item with iteration (merge request) GitLab Enterprise Edition
• Add filtering of pipelines by name to PipelinesFinder (merge request)
• Shows "No description" when description is missing (merge request)
• Move settings.scss to page_bundles (merge request) GitLab Enterprise Edition
• Run model validations when importing from GitHub (merge request)
• Update button component in the security banner (merge request)
• Ensure vulnerability issues are marked confidential (merge request) GitLab Enterprise Edition
• Add Snowplow context to ecosystem_total_unique_counts_monthly events (merge request)
• Adds feature_category attribute to BatchedMigrationJob (merge request)
• Add a popover to uploads row in storage usage (merge request) GitLab Enterprise Edition
• Update parser gem to 3.1.3.0 (merge request)
• Enable display_merge_conflicts_in_diff feature flag by default (merge request)
• Add index for health status ordering (merge request)
• Replace the rocket icon with the deployments icon by @dabian.versalle (merge request)
• Manual migration of createFlash to createAlert (merge request)
• Move issuable.scss into page_bundles (merge request) GitLab Enterprise Edition
• Add Helm version policy to agent instructions (merge request)
• Diagnostic reports: compress files (merge request)
• Update button on _todo partial to Pajamas component (merge request)
• Present all GitLab for Slack triggers as unchecked (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request)
• Add correct event type information for user update service by @daelmo (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in Ruby files by @JonstonChan (merge request)
• Make existing scope use outbound (merge request)
• Exit with failure code when sidekiq-cluster child process fails (merge request)
• Update the button component in the page domains (merge request)
• Add dependency_list_export model (merge request) GitLab Enterprise Edition
• Convert invalid AR scope to class method (merge request)
• Delete repo immediately (merge request)
• Display createdAt in releases overview page when sorting by release date by @n0rdlicht (merge request)
• Move pipeline_editor to ~/ci/ by @ali_o_kan (merge request)
• Replace 'pipeline' with 'quota' icon in user profile (merge request)
• Add migration for unique scope links (merge request)
• Scope i18n strings that are incorrectly unscoped by @JonstonChan (merge request)
• Update vendored .NET Core project to match project template by @JonstonChan (merge request)
• Update vendored Rails project to match project template by @JonstonChan (merge request)
• Update vendored Middleman project to match project template by @JonstonChan (merge request)
• Update GitLab Pages to v1.64.0 (merge request)
• This MR adds GRAPHQL option (merge request) GitLab Enterprise Edition
• Remove the new prefix in all gl-new-dropdown- instances by @gitlab-dependency-update-bot (merge request)
• Disable pagination counts for Jobs API (merge request)
• Batched bg migrations to pick feature-category from calling context (merge request)
• Adapt Conan API to consider the package registry access level by @wwwjon (merge request)
• Set Sidekiq default max concurrency to 20 (merge request)
• Refactor CodeQuality Finding Detail List (merge request)
• Add context to PostReceive and MergeRequestActivity Snowplow events (merge request)
• Fix webhook redirects (merge request)
• Bump doorkeeper-openid_connect to v1.8.3 (merge request)
• Update gitlab-shell to 14.14.0 (merge request)
• Update remove to use Pajamas button component (merge request)
• Introduce progress widget for work items (merge request)
• Remove feature_flags/form.scss and .rollout-percentage classes (merge request)
• Adjust alignment of Codequality inline Icons (merge request)
• Adds index as a key to the cache key (merge request)
• This MR request fix stuck validation (merge request) GitLab Enterprise Edition
• Remove orphans for approval project and (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request)
• Redesign Package Registry project setting by @wwwjon (merge request)
• Block weak passwords by default and remove the feature flag (merge request)
• Support finished before and after in Deployments API (merge request)
• Enable dependency proxy blob replication by default (merge request) GitLab Enterprise Edition
• Improve help-text for Monitor visibility setting by @ali_o_kan (merge request)
• Highlight go.sum files on client, add links (merge request)
• This MR adds functionality to toggle sidebars (merge request) GitLab Enterprise Edition
• Remove th classes in job/sidebar/trigger table (merge request)
• Add last login to billable members sorting options (merge request) GitLab Enterprise Edition
• Renamed haml vars (merge request)
• Move ee/reports/ to ee/ci/reports/ by @ali_o_kan (merge request) GitLab Enterprise Edition
• Add data to the search context (merge request)
• Add last login date to billable members table (merge request) GitLab Enterprise Edition
• Move ~/ci_lint to ~/ci/ci_lint by @ali_o_kan (merge request)
• Add documentation for Advanced Search and AWS permissions (merge request)
• Remove default value for agent in policy editor (merge request) GitLab Enterprise Edition
• Update copy in sign up enabled alert (merge request)
• Rename GitLab for Slack app in integration copy (merge request) GitLab Enterprise Edition
• Increase limit on State Transitions comment column (merge request)
• Revised headings to be more consistent (merge request)
• Default enable FF for environments search within folders (merge request)
• Put Users category after Projects category (merge request)
• Install two versions of Sentry Client SDK (merge request)
• This MR adjusts padding for a sidebar content (merge request) GitLab Enterprise Edition
• Improve hint for repository access (merge request)
• Update agent installation command (merge request)
• Open api members (merge request)
• Open api groups (merge request)
• Remove the webhooks_failed_callout feature-flag (merge request)
• Update doorkeeper and doorkeeper-openid_connect gems (merge request)
• GitLab Upgrade Alert - Security Upgrade Alert (merge request)
• Remove secure_files_metadata_parsers feature flag (merge request)
• Add index for group paths (merge request)
• Install two versions of Sentry (merge request)
• This MR migrates submit buttons to pajamas component (merge request)
• Fix error when pushing to a contributor's branch on a fork (merge request)
• Enhance load-error event handling for ZuoraSimple Component (merge request) GitLab Enterprise Edition
• Add mirror_branch_regex to projects and remote_mirrors by @lyb124553153 (merge request) GitLab Enterprise Edition
• Event type for framework is updated (merge request) GitLab Enterprise Edition
• Add limit to recent group activity numbers (merge request) GitLab Enterprise Edition
• Inactive project deletion now uses admin bot user account (merge request)
• Limit group activity metrics value to 999 (merge request) GitLab Enterprise Edition
• Vertical Navigation counter over limit mark (merge request)
• This MR adds pre-scan verification sidebar (merge request) GitLab Enterprise Edition
• Enable require_approval_on_scan_removal by default (merge request) GitLab Enterprise Edition
• Add user autocompletion to search bar (merge request)
• Advanced search for the users scope (merge request) GitLab Enterprise Edition
• Avoid collisions of ids for stream only audit events (merge request) GitLab Enterprise Edition
• Enabled locally hosted schema by default (merge request)
• Open API events (merge request)
• Rename integration to GitLab for Slack app (merge request)
• Enable usage_quotas_pipelines_vue by default (merge request) GitLab Enterprise Edition
• Allow pipeline logger to instrument observations once (merge request)
• Add debug_trace to ci_builds_metadata (merge request)
• Show masked aws secret key if set for Advaced Search (merge request) GitLab Enterprise Edition
• Index users as part of indexing rake task (merge request) GitLab Enterprise Edition
• Show more details in branch rules (merge request)
• Upgrade VersionSorter to 2.3.0 (merge request)
• Switch the order of info and navigation block on project detail page (merge request)
• Improve stale runners cleanup toggle help text (merge request) GitLab Enterprise Edition
• Adapt Composer API to consider the package registry access level by @wwwjon (merge request)
• Add Gon variables when rendering devise two factor by @icbd (merge request)
• Set migration when when dismissing Findings (merge request) GitLab Enterprise Edition
• Allow agents to authorize projects in the same user namespace (merge request)
• Right align expand MR sidebar button on small-medium screens (merge request)
• Remove web_hooks_disable_failed feature-flag (merge request)
• Add runtime warning for group and sub-group scan result policies (merge request) GitLab Enterprise Edition
• Skip auto-cancelation when child pipeline is created (merge request)
• Add Codequality multiple findings indicator (merge request)
• Make merger_requests documentation more consistent (merge request)
• Switched Web IDE to local schema for CI config (merge request)
• Do not display package details if package's status is not default (merge request)
• Move the logic for determining which groups user search is performed on (merge request)
• Remove flag exemption for webhook rate limits (merge request)
• Read GraphQL PackageLinks to render link to package details page (merge request)
• Move from one-to-one to one-to-many for issue alert (merge request)
• Paginate shared runners in CI/CD settings (merge request)
• Make createAlert clears all previous alerts (merge request)
• Remove temp index from vulnerability_occurrences on id and scanner_id (merge request)
• Add branch name to BranchCheck error message (merge request) GitLab Enterprise Edition
• Remove use_introspect_parser feature flag (merge request)
• Creates stages for fixtures 14_pipelines (merge request)
• Test cases: Update empty state copy (merge request) GitLab Enterprise Edition
• Add arm64 URL for MacOS runner to Runner settings (merge request)
• Fix LockedWarning error message when epic by @ali_o_kan (merge request)
• Add default value to the scanner column within (merge request)
• Adapt NuGet API to consider the package registry access level by @wwwjon (merge request)
• Improved project and group home page header by @zillemarco (merge request) GitLab Enterprise Edition
• Move container scanning template to Jobs folder (merge request) GitLab Enterprise Edition
• Add search curation to :elastic trait (merge request) GitLab Enterprise Edition
• Introduce timeout for SyntaxHighlight filter (merge request)
• Sync UI content with tab label (merge request)
• Schedules: Remove card from empty state (merge request)
• Add index for sorting issues by health status (merge request)
• Add inclusion parameter for Search::IndexCurator (merge request) GitLab Enterprise Edition
• Move location of binary for coverage fuzzing (merge request) GitLab Enterprise Edition
• Remove Sidekiq standalone references from systemd examples (merge request)

Deprecated (4 changes)

• Update deprecation documents (merge request)
• Deprecation announcement for registration token reset (merge request)
• Remove add_column_with_default (merge request)
• Remove Timecop (merge request)

Removed (35 changes)

• Remove project_list_filter_bar (merge request)
• Revert - multi_pipeline_scan_result_policies feature (merge request) GitLab Enterprise Edition
• Remove google code as an import source (merge request)
• Removed metrics_dashboard_exhaustive_validations feature flag by @mhdasm3 (merge request)
• Do not show "No license. All rights reserved" on repository pages by @zehkira (merge request)
• Remove upgrade status badge in runner list (merge request) GitLab Enterprise Edition
• Remove Measurable feaure flags (merge request)
• Removes usage_data_diff_searches flag definition (merge request)
• Remove Profile CI minutes usage old app (merge request) GitLab Enterprise Edition
• Remove broken metric for unique authors (merge request)
• Remove Group CI minutes usage old app (merge request) GitLab Enterprise Edition
• Remove remaining old ruby code for usage quotas - pipelines (merge request) GitLab Enterprise Edition
• Remove vulnerability management survey (merge request) GitLab Enterprise Edition
• Remove usage_quotas_pipelines_vue feature flag (merge request) GitLab Enterprise Edition
• Remove an old scope (merge request)
• Removed prometheus_computed_alerts feature flag by @mhdasm3 (merge request)
• Remove Flowdock integration (merge request)
• Removed introductory tasks message (merge request)
• Drop deprecated experiment tables (merge request)
• Removed feature flag for coverage_report (merge request)
• Remove disable_metric_dashboard_refresh_rate feature flag & feature by @ali_o_kan (merge request)
• Drop job_artifact_registry.success column (merge request)
• Remove Flowdock integration records (merge request)
• Remove legacy ContainerRepository replication (merge request)
• Remove vulnerability report export button popover (merge request) GitLab Enterprise Edition
• Remove banner that links Group Runners page (merge request)
• Remove another unused index on vulnerabilities (merge request)
• Remove unused index on vulnerabilities table (merge request)
• Remove global_search_error_rate_sli feature flag (merge request)
• Remove unnecessary index for Feedback migration (merge request)
• Revert "Merge branch 'mk/geo-fix-saml-redirect-after-sign-in' into 'master'" (merge request) GitLab Enterprise Edition
• Remove pagination_without_next_page_query FF (merge request)
• Remove namespaces.tmp_project_id column (merge request)
• Remove jira_raise_timeouts feature flag (merge request)
• Remove feature flag root_statistics_worker_read_replica (merge request)

Security (17 changes)

• HTML content injection in README file
• Send resolved_address param to gitaly during repository import
• Redact user emails from project webhook data
• Sync canonical into security
• Deny all package permissions when group access is restricted by IP
• Update security with canonical changes
• Cross-site scripting in Jira Integration
• Brings canonical changes into security master
• Resolve merge confict of !103570
• Prevent deploy token bypass for external authentication
• Redact secret tokens from web-hook logs
• Protect web-hook secret tokens after changing URL
• Add defense in depth escape calls (merge request)
• Update after_import to expire cache before removing prohibited branches
• Add size validation during nuspec file extraction
• Prevent unauthorized users from seeing Release information on tag pages
• Disallow local URls for build_runner_session if dictated by app setting

Performance (17 changes)

• GraphQL: Preload merge_mequest if needed (merge request)
• Improve billable users query (merge request)
• Remove two unnecessary queries from Unleash endpoint (merge request)
• Add worker to prune old export jobs (merge request)
• Cache project integration records for hooks (merge request)
• Cleanup ci_assign_job_token_on_scheduling feature flag (merge request)
• Fix preload_associations for projects (merge request) GitLab Enterprise Edition
• Use single request for runners list (merge request)
• Improve performance of CounterUserAuth metric (merge request)
• Allow IssuePolicy.can_read_confidential to be preloaded (merge request)
• Use EventedFileUpdateChecker as file_watcher (merge request)
• Remove conditional from line loop (merge request)
• Remove additional loop from highlighter rendering (merge request)
• Faster feature flag readout (merge request)
• Preload access levels and nested fields using lookahead (merge request) GitLab Enterprise Edition
• Remove lazy_load_commits feature flag (merge request)
• Limit Project.environments field call count (merge request)

Other (94 changes)

• Remove the automated_email_provision feature flag (merge request) GitLab Enterprise Edition
• Clean up split_operations_visibility_permissions feature flag (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Improve license text on subscription page (merge request) GitLab Enterprise Edition
• Fix Style/ClassAndModuleChildren offenses by @mhdasm3 (merge request)
• Refactor Workhorse failed request handling (merge request)
• Update /duplicate action description (merge request)
• Remove feature flag ci_update_unlocked_job_artifacts (merge request)
• Fix Style/StringConcatenation offenses by @mhdasm3 (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Making Gitlab::Database::Migration[2.1] the default migration version (merge request)
• Background migration for environment tiers (merge request)
• Fix Rails/TimeZone offenses by @mhdasm3 (merge request) GitLab Enterprise Edition
• Fix Rails/ActiveRecordCallbacksOrder offenses by @mhdasm3 (merge request)
• Change copy of all report abuse links to 'Report abuse to administrator' (merge request)
• Use list_refs to implement find_all_branch_names and find_all_tag_names (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Add popover to uploads cell in namespace storage (merge request) GitLab Enterprise Edition
• Fix Style/RedundantRegexpEscape offenses by @mhdasm3 (merge request)
• Fix Style/EmptyMethod offenses by @mhdasm3 (merge request)
• Fix Rspec/ExampleWording offenses by @mhdasm3 (merge request)
• Add back index_issues_on_work_item_type_id issues index (merge request)
• Changes Gitlab::UrlBlocker to make schemes a required field (merge request)
• Fixing Database/MultipleDatabases offenses in specs (merge request)
• Remove purge_stale_security_findings feature flag (merge request) GitLab Enterprise Edition
• Fix Style/IfUnlessModifier offenses by @mhdasm3 (merge request)
• Remove HeaderClone helper (merge request)
• Use request.Clone for CI long polling (merge request)
• Use director for reverse proxy headers (merge request)
• Fix Style/GuardClause offenses by @mhdasm3 (merge request)
• Enable & Fix Layout/SpaceInsideParens by @mhdasm3 (merge request)
• Fix Rspec/ScatteredLet offenses by @mhdasm3 (merge request)
• Log when Gitlab::URLBlocker.validate! is used with blank scheme (merge request)
• Fix Gitlab/StrongMemoizeAttr offenses by @mhdasm3 (merge request)
• Fix Style/KeywordParametersOrder offenses by @hayanaaz.n (merge request)
• Fix Style/KeywordParametersOrder offenses by @mhdasm3 (merge request)
• Fix Style/ExplicitBlockArgument offenses by @mhdasm3 (merge request)
• Fix Style/PercentLiteralDelimiters offenses by @mhdasm3 (merge request)
• Fix Layout/FirstHashElementIndentation offenses by @mhdasm3 (merge request)
• Fix Rspec/ExpectChange offenses by @mhdasm3 (merge request)
• Fix Layout/SpaceInLambdaLiteral offenses by @mhdasm3 (merge request)
• Fix Rspec/ReturnFromStub offenses by @mhdasm3 (merge request)
• Added delay for touch drag on board (merge request)
• Remove background_upload config setting (merge request)
• Fix Rspec/DescribedClass offenses by @mhdasm3 (merge request)
• Remove actors_aware_gitaly_calls flag (merge request)
• Fix Rspec/LetBeforeExamples offenses by @mhdasm3 (merge request)
• Fix Rspec/HooksBeforeExamples offenses by @mhdasm3 (merge request)
• Fix Performance/BindCall offenses by @mhdasm3 (merge request)
• Fix Style/IfInsideElse offenses by @mhdasm3 (merge request)
• Fix Style/RedundantInterpolation offenses in app & ee by @mhdasm3 (merge request)
• Remove stub for obsolete config setting (merge request)
• Remove stub for obsolete feature flag (merge request)
• Cleanup work_item_type_id issues table backfill (merge request)
• Remove feature flag "approval_rules_pagination" (merge request)
• Remove duplicate Workhorse logging code (merge request)
• Add batched background mg to prune export jobs (merge request)
• Remove ObjectStorage::BackgroundMove concern (merge request)
• Add service and worker to export projects in parallel (merge request)
• Add migration for jobs, update schema_migrations (merge request)
• Add more logs into config_compose to track CI slowness (merge request)
• Adding API::Admin::BatchedBackgroundMigratioins to OpenApiV2 docs (merge request)
• Remove unused issue trigram indexes (merge request)
• Enforce HTTP/HTTPS schemes in RestClient (merge request)
• Enforce URL schemes in mirror services (merge request) GitLab Enterprise Edition
• Enforce HTTP/HTTPS schemes in HTTPConnectionAdapter (merge request)
• Cleanup all Rubocop todo files that do not exist (merge request)
• Workhorse: simplify gRPC call metadata propagation (merge request)
• Remove jira_connect_oauth_self_managed_setting flag (merge request)
• Validate NOT NULL constraint on issues.work_item_type_id column (merge request)
• Workhorse: add call_metadata to GitalyServer (merge request)
• Remove feature flag "subgroups_approval_rules" (merge request)
• Verify method name in MailScheduler::NotificationServiceWorker (merge request)
• Enable the feature flag by default (merge request)
• Add job artifacts api to OpenAPI (merge request)
• Remove Repositories::TreeFinder inheritance (merge request)
• Add link to PA docs on admin settings section (merge request) GitLab Enterprise Edition
• RuboCop: Enable previously disabled Rails/Pluck by @edith007 (merge request)
• Create a GitAbuse::BaseThrottleService (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Run migrations for index (merge request)
• Remove ObjectStorage::BackgroundMoveWorker (merge request)
• Update the language of the storage alerts copy (merge request) GitLab Enterprise Edition
• Remove background_upload documentation (merge request)
• Remove background_upload from Package uploaders (merge request)
• Mark background_upload metrics as broken (merge request)
• Adding partial index on project settings (merge request)
• Move the Etags check before writing the diff cache (merge request)
• Documenting DELETED_TABLES (merge request)
• Update docs for predefined CI/CD variables (merge request)
• Enforces HTTP/HTTPS schemes in KubeClient (merge request)
• Propagate RemoteIP to Gitaly via Workhorse (merge request)
• Documentation to reflect 100MB upload limit (merge request)

15.6.8 (2023-02-10)

No changes.

15.6.7 (2023-01-30)

Fixed (2 changes)

• Clear DuplicateJobs cookies from post-deployment migration
• Geo: Container Repository push events don't work

Security (5 changes)

• Quarantine features/users/login_spec line 292 [15.6] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.6.6 (2023-01-12)

No changes.

15.6.5 (2023-01-12)

No changes.

15.6.4 (2023-01-09)

Security (9 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.6.3 (2022-12-21)

No changes.

15.6.2 (2022-12-05)

Added (1 change)

• Finalize group member namespace id migration (merge request)

Fixed (4 changes)

• Conditionally disable fastupdate on GIN indexes (issues, merge_requests) (merge request)
• Hide marketing-related entries (merge request)
• Fix memory limit for RssMemoryLimit monitor (merge request)
• Fix deleting protected branch (merge request)

15.6.1 (2022-11-30)

Fixed (1 change)

• Do not save PipelineMetadata if name is blank [15.6] (merge request)

Security (12 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• HTML content injection in README file (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.6.0 (2022-11-21)

Added (150 changes)

• Migration to backfill users into elastic index (merge request) GitLab Enterprise Edition
• Enable Group-level Scan Result Policies feature by default (merge request) GitLab Enterprise Edition
• Create the first dynamic partition for builds metadata (merge request)
• Allows cascading package forward settings from admin to group (merge request)
• Add enterprise information to Metadata API (merge request)
• Introduce a limit of 200 assignees to issues/MRs (merge request)
• Add a rake task to sanitize internal note todos (merge request)
• Create Telesign services for phone verification (merge request)
• Add trend indicators to the Exec dashboard comparative table (merge request)
• Add database migrations for dependency proxy blobs in SSF (merge request) GitLab Enterprise Edition
• Bulk delete packages for package list (merge request)
• Add global alert for non-owners read-only namespace (merge request) GitLab Enterprise Edition
• [355137] Migrate MR review requests (merge request)
• Merge trains GET API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Add issue health status sorting to GraphQL (merge request) GitLab Enterprise Edition
• Support for highlighting text in content editor (merge request)
• Add UserCounts to the OpenAPI documentation (merge request)
• Removes ci_variable_expansion_in_rules_exists (merge request)
• Add supporting index for Feedback migration (merge request)
• Add Projects::WikiRepository model (merge request)
• Support creation of Objective via work-items (merge request) GitLab Enterprise Edition
• Add index to vulnerability reads to account for no status filtering (merge request)
• Add matchingBranchesCount to branch rules endpoint (merge request)
• Add keyboard shortcut for review requests page (merge request)
• Add a service to create a merge request from a security finding (merge request) GitLab Enterprise Edition
• Add repository actor support to Feature api (merge request) GitLab Enterprise Edition
• Add API::Wikis to OpenAPI V2 (merge request)
• Add top level securityReportFinding query (merge request) GitLab Enterprise Edition
• Upgrade Pages to v1.63.0 (merge request)
• Log CI artifact size when downloaded via UI (merge request)
• Branch rules status check integration (merge request)
• Audit log when a merge request is merged with invalid approval rules (merge request)
• Allow caching of mergeability checks (merge request)
• Allow delete runners in bulk in group runner page (merge request)
• Support Google Cloud CDN for Web UI artifacts downloads (merge request)
• Provide support for multiple approval rules (merge request) GitLab Enterprise Edition
• API annotations for status checks apis (merge request) GitLab Enterprise Edition
• Save vulnerability findings data into security_findings table (merge request) GitLab Enterprise Edition
• Re-enqueue update of epic cached counts (merge request)
• Add temporary column ci_project_monthly_usages.new_amount_used (merge request)
• Fix robocop failures (merge request) GitLab Enterprise Edition
• Readd member namespace id not null (merge request)
• Add querystring sync component for vulnerability report (merge request) GitLab Enterprise Edition
• Add disable_download_button settings for JH-only feature by @LXY1226 (merge request)
• Truncate the title of the issue while creating from vulnerability (merge request)
• Add committer name check to push_rules by @zhzhang93 (merge request) GitLab Enterprise Edition
• Add associations alert to Delete user and contributions modal (merge request)
• Add API::VulnerabilityFindings to OpenApi V2 (merge request) GitLab Enterprise Edition
• Add purl_type to sbom_components (merge request)
• Update deployment tags to only match the current deployment commit (merge request)
• Add OpenApi documentation for CiLint (merge request)
• Add external status checks failed MR widget (merge request) GitLab Enterprise Edition
• Realtime updates for task descriptions (merge request)
• Add API::ProjectSnippets to OpenAPI V2 (merge request)
• Update GroupActivityAnalytics docs for OpenAPI (merge request) GitLab Enterprise Edition
• Background migrations split and retry on ActiveRecord::QueryCanceled (merge request)
• Add externalStatusChecks to graphql endpoint (merge request) GitLab Enterprise Edition
• Include iteration on create issue page by @songhuangcn (merge request) GitLab Enterprise Edition
• Add Rss Memory Growth monitor for Watchdog (merge request)
• Rollout incident_timeline_events_for_severity feature flag (merge request)
• Add AddIndexOnPasswordLastChangedAtToUserDetails migration by @qt-gith (merge request)
• Add API::PersonalAccessToken to OpenAPI V2 (merge request)
• Add OpenAPI documentation for keys (merge request)
• Added pagination to Other Versions packages list by @geriley (merge request)
• Contribution analytics, expose user contributions (merge request) GitLab Enterprise Edition
• Add limited capacity job to destroy container repositories (merge request)
• Add create mutation for timeline event tags (merge request)
• Allow Releases to be published without giving access to source code (merge request)
• Import 'Allow force pushes - everyone' GitHub branch protection rule (merge request)
• Recreate async index for vulnerability reads location image (merge request)
• Add product analytics admin section (merge request) GitLab Enterprise Edition
• Add API::PersonalAccessTokens::SelfInformation to OpenAPI V2 (merge request)
• Added temporary index for uploads_size (merge request)
• Create GroupCommitEmail model and database table (merge request)
• Track users updating milestone for work items (merge request)
• Add GIT_SUBMODULES_DEPTH variable documentation by @bollenn (merge request)
• Add the Geo::ProjectWikiRepositoryRegistry model (merge request) GitLab Enterprise Edition
• Add the registry table to track replication/verification state (merge request) GitLab Enterprise Edition
• Adds search bar to Usage Quotas > Storage tab (merge request) GitLab Enterprise Edition
• Map 'Require review from Code Owners' GitHub rule with GitLab setting (merge request) GitLab Enterprise Edition
• Add error message to insights when query times out (merge request) GitLab Enterprise Edition
• Add OpenAPI documentation for Keys (merge request)
• Add create service, finder for tags (merge request)
• Add findings_data column to security_findings table (merge request)
• Add default_preferred_language to application_settings by @icbd (merge request)
• Prepare for uuid type change (merge request)
• Event type information for group merge request setting updates (merge request) GitLab Enterprise Edition
• Implemented get RPM repository files endpoint by @Mshab (merge request)
• Allow OR params in GraphQL issue resolvers (merge request)
• Add API::Suggestions to OpenAPI V2 (merge request)
• Add API::ResourceAccessToken to OpenAPI V2 (merge request)
• Add project headers to release notifications (merge request)
• Implement Check constraint preventing redundant state transitions (merge request)
• Add status checks must succeed setting to project merge request settings (merge request) GitLab Enterprise Edition
• Add commit_committer_name_check to push_rules by @zhzhang93 (merge request)
• Add 'mirror_branch_regex' to 'project_settings' and 'remote_mirrors' by @lyb124553153 (merge request)
• Allow setting max PG replicas rails process connects to (merge request)
• Add query param to remove deprecated GraphQL schema items by @fabsrc (merge request)
• Adds ml candidate and experiment lists (merge request)
• Add detailed_merge_status to web hooks (merge request)
• Add API annotations for Product Analytics APIs (merge request) GitLab Enterprise Edition
• Add a foreign key on Project#creator_id (merge request)
• Enable dast_api_scanner feature flag (merge request) GitLab Enterprise Edition
• Add detailed_merge_status to REST API (merge request)
• Add anon and file-backed RSS metrics (merge request)
• Add GraphQL subscription for milestone assignment (merge request)
• Add API::MergeRequestDiffs to OpenApi V2 (merge request)
• Add confidential quick command for epics (merge request)
• Add secure schemas version 15.0.4 (merge request)
• Migration and model for audit event type streaming filter (merge request)
• Configure branch name for creating MR from an issue (merge request)
• GraphQL: add commit signature field by @brianjaustin (merge request)
• Add admin OAuth limit setting (merge request)
• Add work item milestone widget (merge request)
• Add take ownership mutation (merge request)
• Expose id field for protected ref API entities (merge request)
• Lock tables for partitioning (merge request)
• Add assignRunner to user permissions (merge request)
• Add index for id on scan finding approval_merge_request_rules (merge request)
• Add languages field to GraphQL Project type by @fabsrc (merge request)
• Add metrics for users creating MRs with applied scan result policies (merge request)
• Update(webhook): support both wildcard & regex by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Improve CRM contacts quick actions suggestions by @zillemarco (merge request)
• Add JC proxy_url application setting (merge request)
• Add instrumentation for cache efficiency metrics (merge request)
• Add info popover MR security report widget (merge request) GitLab Enterprise Edition
• Add descending index for vulnerability reads group filters (merge request)
• Allow epics having child issues from different group hierarchies (merge request) GitLab Enterprise Edition
• Add API::AccessRequests to OpenAPI V2 (merge request)
• New API endpoint to display the user's count of associations (merge request)
• Add Rake task to migrate queued jobs (merge request)
• Cascading settings for package forwarding (merge request)
• Add database and model support for "Group-level Protected Branches" by @songhuangcn (merge request)
• Added the ability to move issues in bulk by @zillemarco (merge request)
• Enables MLFlow artifact storage (merge request)
• Update issue references during GitLab Migration (merge request)
• Add product_analytics_enabled application setting (merge request)
• Allow filtering work items by status widget (merge request) GitLab Enterprise Edition
• Backfill project namespace metadata (merge request)
• Group owners to disable 2FA auth for members (merge request) GitLab Enterprise Edition
• Add GraphQL APIs for updating the group's default compliance framework (merge request) GitLab Enterprise Edition
• Add metrics for user merge request with assigned security policy project (merge request)
• Partition ci_builds_metadata table (merge request)
• Add AI Assist allowed status endpoint (merge request) GitLab Enterprise Edition
• Add duration and queued duration to runner jobs (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR gets approved/unapproved (merge request)
• Add basic JSON helpers (merge request)
• Graphql query for deployment approval summary (merge request)
• Add unprotectAccessLevels to EE graphql endpoint (merge request) GitLab Enterprise Edition
• Pull mirror GET API by @markus.ferrell (merge request) GitLab Enterprise Edition

Fixed (131 changes)

• Improve delete merged branches modal UX (merge request)
• Use project full_path and project iterations query rather than group (merge request)
• Fix: new merge request locale issue by @JeremyWuuuuu (merge request)
• Do not allow forward usage of .strong_memoize_attr() by @KyleFromKitware (merge request)
• Fix: devops adoption locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Don't use redundant validation in ChangedLabel importer (merge request)
• Fix: pipeline minigraph wrong offset issue by @JeremyWuuuuu (merge request)
• Do not allow the last direct owner to leave top-level group (merge request)
• Convert relative repository file link into absolute link by @wwwjon (merge request)
• GitHub integration: use unique context for each pipeline by @KyleFromKitware (merge request) GitLab Enterprise Edition
• Fix sub-language highlighting (merge request)
• Improve statistic calculation for Vulnerabilities (merge request) GitLab Enterprise Edition
• Fix OpenAPI V2 document generation (merge request)
• Ensure Gitlab::Json::RailsEncoder fails the same on invalid UTF-8 (merge request)
• Set max limit to items in suggestions to 15 (merge request)
• Ignores ingress fetch failure for k8s less than 1.19 (merge request)
• Fix tabbing issue on the agents' list (merge request)
• Allow SCIM deprovision when user is not a group member (merge request) GitLab Enterprise Edition
• Dont fail RepositoryImportWorker when ImportService returns an error (merge request) GitLab Enterprise Edition
• Fix Environment Nil error in allowed_agents API (merge request)
• Handle case where selecting a tree entry parent may not have a tree (merge request)
• Keep job expanded while deleting artifact from it (merge request)
• Increase X509 subject attribute column limit by @L11R (merge request)
• Guard On-call Schedule and Escalation Policies URLs if disabled (merge request) GitLab Enterprise Edition
• Update oj-introspect to 0.7.1 (merge request)
• Fix 500 error when tag_name or ref_name are empty (merge request)
• Add auto-scrolling to dropdown during keyboard nav by @kbal11 (merge request)
• Fix a link to incident management configuration docs (merge request) GitLab Enterprise Edition
• Fix undefined method error when merge request is missing (merge request)
• GraphQL: Fix error when bulk deleting runners (merge request)
• Correct text colours on the dark-mode billing page (merge request) GitLab Enterprise Edition
• Revert Sidekiq default routing rules (merge request)
• Allow rollout of older deployment jobs if it's the same SHA (merge request)
• Remove "currently" from some UI text (merge request)
• Prevent impersonation of users with expired passwords (merge request)
• Geo: Fix redirect to secondary after SAML sign in (merge request) GitLab Enterprise Edition
• Show group access tokens in admin cred inventory (merge request) GitLab Enterprise Edition
• Show link to Terms of Use on Sign In only if terms exist by @wwwjon (merge request)
• Associate iteration with work item only when the FF is on (merge request)
• Fix redeploy button behavior (merge request)
• Improve source file syntax highlighting (merge request)
• Update create merge request service to be compatible with transactions (merge request)
• Allow links to be opened from Swagger UI (merge request)
• Update cache keyword for the JSON schema (merge request)
• Fix pipeline state machine when retrying by @qt-gith (merge request)
• Clean up feature flag ajax_new_deploy_token (merge request)
• Fix checkboxes on work item descriptions (merge request)
• Fix TF_STATE_NAME default value in Terraform ci templates (merge request)
• Fix artifacts available for terraform template latest by @benjamincerigo (merge request)
• Allow '..' in resource group keys for use in the API (merge request)
• Avoid streaming audit events when there is no change (merge request) GitLab Enterprise Edition
• Remove the foreign key on Project#creator_id (merge request)
• Update broken heading link (merge request) GitLab Enterprise Edition
• Update verification state in the project_wiki_repository_state (merge request) GitLab Enterprise Edition
• Avoid empty metadata render in container registry (merge request)
• Add partial index for security_scans on id for non-purged records (merge request)
• Fix support for nil values for push rules validations (merge request) GitLab Enterprise Edition
• Update pg_query to v2.2.0 (merge request)
• Allow underscores in full text search query (merge request)
• Add project information to scanner for authorize (merge request) GitLab Enterprise Edition
• Use the same sanitize method for advanced and basic search (merge request) GitLab Enterprise Edition
• Prevent rewriting of joined table in statements to make queries work (merge request)
• Hide delete branch button when user doesn't have permission (merge request)
• Bump the size of elastic query for getting migrations (merge request) GitLab Enterprise Edition
• Fix markdown editor autofocus behavior (merge request)
• Issue: Fix spacing on emoji status in title (merge request)
• Add Hashie::Array to allowed YAML serialization classes (merge request)
• Keep milestone status when a project is transferred (merge request)
• Fix MR notes not showing author badges (merge request)
• Handle events that target vulnerabilities (merge request) GitLab Enterprise Edition
• Iterations bug fixed for task without a parent (merge request)
• Audit security policy project changes (merge request) GitLab Enterprise Edition
• Update loading state styling (merge request)
• Allow all http and https sources for media-src (merge request)
• Prevent search for when under 3 characters (merge request)
• Fix merge request header button alignment (merge request)
• Gracefully ignore non-string search parameters (merge request)
• Ensure additional_params is passed through (merge request)
• Approvers group does not persist after adding it to the approval rules (merge request)
• Container Repository, implement delete event (merge request) GitLab Enterprise Edition
• Test coverage: Extract source path OS-agnostically (merge request)
• Fix Opensearch compatibility check (merge request) GitLab Enterprise Edition
• Support Markdown in Jupyter output (merge request)
• Nullify created_projects relation on User delete (merge request)
• Refetch stage jobs in job log (merge request)
• Hide Tree view button on epics for Premium (merge request) GitLab Enterprise Edition
• Fix to allow empty array of associatedProjects (merge request)
• Correctly position tree view with performance bar (merge request)
• Remove deprecated attribute from cve_value logic (merge request) GitLab Enterprise Edition
• Show play button on environment detail page to deployment-only users (merge request) GitLab Enterprise Edition
• Fix GitHub company name on import page by @Taucher2003 (merge request)
• Adds block to label dropdown (merge request)
• Handle password manager auto-fill-then-submit (merge request) GitLab Enterprise Edition
• Add auditor access for group CI/CD Analytics (merge request) GitLab Enterprise Edition
• Fix comment preview of issuable link+ on epics (merge request) GitLab Enterprise Edition
• Wrap artifact names (merge request)
• Fix Jira namespace subscription bug (merge request)
• Add auditor access for group container registry (merge request) GitLab Enterprise Edition
• Include version suffix in agent install command (merge request)
• Fix audit event date-range inputs responsiveness (merge request) GitLab Enterprise Edition
• Truncate Legacy Tables should error on multiple-shared databases (merge request)
• Fix: locale on commits detail page by @JeremyWuuuuu (merge request)
• Fix header create new button vertical alignment (merge request)
• Add ability for top-level group owners to unban subgroup members (merge request)
• Improve mobile layout of MR widget (merge request)
• Vertically align MR badge and branch info (merge request)
• Fix issues with some scopes not being sent during token creation (merge request)
• Optimize UnestedInFilters query rewriter (merge request)
• GitLab Version - Fix nested links in help dropdown (merge request)
• Fixing cotaining => containing typo (merge request)
• Show re-deploy/rollback button to deployment-only users (merge request) GitLab Enterprise Edition
• Prevent web_hooks.recent_failures overflowing (merge request)
• Fix Ci::RegisterJobService return value (merge request)
• Fix design management styling in MR diff (merge request)
• Updated bulk move issues milestone in the docs by @zillemarco (merge request)
• Disable commenting on lines that will fail to save the comment (merge request)
• Preload indexing records in batches (merge request) GitLab Enterprise Edition
• Show mergedYaml content whenever available (merge request)
• Ensure schemas are up-to-date after migration tests complete (merge request)
• Admin email form - disable submit until required fields are completed (merge request) GitLab Enterprise Edition
• Update scrolling issue (merge request)
• Specify certificates when connecting to KAS using TLS (merge request)
• Fix vertical alignment of system note icon (merge request)
• Fix wrong behavior when CI keyword "when" is an array (merge request)
• Updates the PlayBuildService to use can_enqueue (merge request)
• Add terms disclaimer to Group SAML sign in page (merge request) GitLab Enterprise Edition
• Allow dashes in datadog site (merge request)
• Fix flaky tests for git rate-limiting services (merge request) GitLab Enterprise Edition
• Paths that aren't strings are considered invalid (merge request)
• Fix: locale on create protected tag page by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Delete state transtions with no state change (merge request)

Changed (195 changes)

• Clean up ci_variable_settings_graphql ff (merge request)
• Improve user impersonation button UX by @geriley (merge request)
• Remove unusable feature flag (merge request)
• Remove index_user_callback feature flag (merge request)
• Fix a typo in suggestions REST API doc (merge request)
• Service account list links back to Google Cloud Console (merge request)
• Removed duplicated build package information (merge request)
• Pass search curation flag to elasticsearch indexer (merge request) GitLab Enterprise Edition
• Disable spellcheck on CI variables value field (merge request)
• Change validation for name in scan finding approval rules (merge request)
• Update merge request loading error message (merge request)
• Enable watchdog by default for Puma (merge request)
• This MR transfers method to vue_shared (merge request) GitLab Enterprise Edition
• Add highlight.js plugin to highlight podspec.json files (merge request)
• Add status checks and approval rules to branch details (merge request)
• Remove misleading strong emphasis in MR widget for vulnerabilities (merge request) GitLab Enterprise Edition
• Locked files: Update copy and UI (merge request) GitLab Enterprise Edition
• Update topics open api (merge request)
• Remove project-key-support conditional (merge request)
• Enable split_operations_visibility_permissions by default (merge request)
• Hide env scope field in Admin CI/CD variables (merge request)
• Add updated_at datetime to billable users blocks (merge request) GitLab Enterprise Edition
• Add dry_run parameter to Search::IndexCurator (merge request) GitLab Enterprise Edition
• Add namespace to token access (merge request)
• Implement AccessLevel User and Group types with limited fields (merge request) GitLab Enterprise Edition
• Update suggestions REST API documentation and include batch_apply (merge request)
• Add max_seats_used_changed_at index (merge request)
• Add title to runner delete error alert (merge request)
• Enable use_introspect_parser feature flag by default (merge request) GitLab Enterprise Edition
• Add highlight.js plugin to highlight podspec.json files (merge request)
• Adapt Maven API to consider the package registry access level by @wwwjon (merge request)
• Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/376870 (merge request)
• Adapt npm API to consider the package registry access level by @wwwjon (merge request)
• Refactor vulnerability report status filter (merge request) GitLab Enterprise Edition
• Add pipeline name to Slack pipeline messages (merge request)
• Remove Sidekiq jobs migration in 15.6 (merge request)
• Add new field webUrl to VulnerabilityType (merge request) GitLab Enterprise Edition
• Drop use_cdn_with_job_artifacts_ui_downloads feature flag (merge request)
• Pass column name to mount_file_store_uploader by @sathieu (merge request)
• Support structured error for UserCommitFiles (merge request)
• This MR alert message for pre-scan verification (merge request) GitLab Enterprise Edition
• Update messages for CI include validation errors (merge request)
• Allow using different icons for the help popover (merge request)
• Hide webhook value in chat integrations (merge request)
• Fixed broken links (merge request)
• Update global alert for read-only namespace (merge request)
• Open api invitations (merge request)
• Add new field webUrl to Code Quality Reports API response (merge request) GitLab Enterprise Edition
• Skip create rule for group when creating group by @lyb124553153 (merge request) GitLab Enterprise Edition
• Remove trigger_mr_subscription_on_merge_status_change feature flag (merge request)
• Open api badges (merge request)
• Clean up temporary code that fixed the wrongly backfilled expire_at (merge request)
• Project events open api (merge request)
• Remove temporary index on project_features (merge request)
• Move usage_quotas/pipelines directory (merge request) GitLab Enterprise Edition
• Update CI/CD variable value textarea maxRow to 10 (merge request)
• Require security approval when scans are removed in MR (merge request)
• Fix SSO enforcement for public projects (merge request) GitLab Enterprise Edition
• Remove highlighting from new issues (merge request)
• Add highlight.js plugin to highlight gemfiles (merge request)
• Include database name in Unsupported PostgreSQL warning (merge request)
• Update star_count on hooks and user state transitions by @bufferoverflow (merge request)
• Polish the UI for the projects list (merge request)
• Change job limit message (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request) GitLab Enterprise Edition
• Search Page Vue vertical navigation (merge request)
• Add h1 to user profile page (merge request)
• Add raw to CI variable REST endpoints (merge request)
• Refactor vulnerability report image filter tooltip into image filter (merge request) GitLab Enterprise Edition
• Search Page Vue vertical navigation (merge request)
• Add notes summary into csv export (merge request) GitLab Enterprise Edition
• This MR adds stepped list for pre-scan verification (merge request) GitLab Enterprise Edition
• Migrate email_confirmation_setting value (merge request)
• Move usage_quotas/ci_minutes_usage directory (merge request) GitLab Enterprise Edition
• Bump gitlab-metrics-exporter version (merge request)
• Exclude Sidekiq retry errors from reportable Sentry events (merge request)
• Removes unused feature flag (merge request)
• Improve error handling of runners bulk deletion (merge request)
• Enabled purge_stale_security_findings flag by default (merge request) GitLab Enterprise Edition
• Update toggle description button to pajamas (merge request)
• Update delete milestone button to pajamas (merge request)
• Add tooltip to issue header ellipsis button (merge request)
• Recognize 'time' for time tracking quick actions by @Taucher2003 (merge request)
• Add custom context to active_users_project_repo event (merge request) GitLab Enterprise Edition
• Move API::BroadcastMessages endpoint (merge request)
• Enable new test summary widget (merge request)
• Squelch "Can't verify CSRF token authenticity" messages (merge request)
• Update access levels from protected branch api (merge request) GitLab Enterprise Edition
• Add search index curation (merge request) GitLab Enterprise Edition
• Remove End-of-Support analyzers from SAST config UI (merge request)
• Bump gitlab-metrics-exporter version (merge request)
• Add a keyword mapping for username (merge request) GitLab Enterprise Edition
• Add job to /api/v4/job/allowed_agents context (merge request)
• Email says user was banned only when auto-ban setting is enabled (merge request) GitLab Enterprise Edition
• Move pipeline_schedules directory (merge request)
• Track wiki verification in the project_wiki_repository_registry table (merge request) GitLab Enterprise Edition
• Track wiki replication in the project_wiki_repository_registry table (merge request) GitLab Enterprise Edition
• Add validationStartedAt to DastSiteProfileType (merge request) GitLab Enterprise Edition
• Remove GitHub Import from database codeowners (merge request)
• Drop Go 1.17 support and mandate Go 1.18 (merge request)
• Adapt Go API to consider the package registry access level by @wwwjon (merge request)
• Limit all Sentry responses for Error Tracking (merge request)
• Remove refactor_code_quality_extension feature flag (merge request)
• Rename columns and add tooltip to path column (merge request)
• Add i18n support to default brand title by @icbd (merge request)
• Removed work_items_hierarchy ff (merge request)
• Add token endpoint to the alllowed sources (merge request)
• Highlight Godeps.json on client (merge request)
• Enable lazy_load_commits feature flag by default (merge request)
• Display incident's severity name and label in timeline events (merge request)
• Change timeline event length validation to 280 on user input (merge request)
• Reduce cleanup package registry worker cadence to every hour (merge request)
• Removed work_items_hierarchy definition (merge request)
• Migrate Sidekiq jobs outside of current routing rules (merge request)
• Drop ci_job_artifacts_cdn feature flag (merge request)
• Update related items empty states (merge request)
• Remove stroke from contrib calender (merge request)
• Move ci_minutes_usage directory (merge request) GitLab Enterprise Edition
• Adding metadata to Secure Files API response (merge request)
• Change the wording of retry button for passed jobs (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Updated the placeholder logic for trigger fields (merge request)
• Backward compatible behavior in alert management client side router by @dannyelcf (merge request)
• Add feature flags user lists endpoints to OpenApi v2 docs (merge request)
• Add Objective and Keyresult to work item types (merge request)
• Remove dast_ui_redesign feature flag (merge request)
• Update documentation for troubleshooting limited job pipelines (merge request)
• Mask the "Secret token" input in the webhook form (merge request)
• Add MigrateSharedVulnerabilityScannersV2 background migration (merge request)
• Use full-text search with in param (merge request)
• Add new columns into vulnerability export (merge request) GitLab Enterprise Edition
• Improve UX for release assets screen (merge request)
• Guard for when user index migration has not been completed (merge request) GitLab Enterprise Edition
• Use inline error when adding existing item to linked items (merge request)
• Remove project_id from sprints (merge request)
• Re-linked Preview tab to live-preview on .md files (merge request)
• Move and refactor PATCH endpoint (merge request)
• Moving default branch setting to branch default (merge request)
• Update CI/CD variables table (merge request)
• Add has_many alerts association to issues (merge request)
• Update user cap description (merge request) GitLab Enterprise Edition
• Change order of items in deployment sidebar (merge request)
• Clean up and tie PBKDF2+SHA512 user passwords to FIPS (merge request)
• Create a user elasticsearch index and index users (merge request)
• Update CLI messages when action is rejected due to storage limit (merge request) GitLab Enterprise Edition
• Improve issuable confirm modal by @ali_o_kan (merge request)
• Update gitlab-labkit to v0.26.0 (merge request)
• Display formatted health status in issue sidebar (merge request) GitLab Enterprise Edition
• Backfill existing user_details fields from users table by @brianjaustin (merge request)
• Allow rollback with Prevent Outdated Deployment Job feature (merge request)
• Add details to security finding type (merge request) GitLab Enterprise Edition
• Remvs redundant var temp_deployment_associations by @afzal442 (merge request)
• This MR adds summary component to a drawer (merge request) GitLab Enterprise Edition
• Replace token indices in ci_runners table (merge request)
• Revisit padding in test suite report table (merge request)
• Remove min_access_level check (merge request)
• Add back in migration (merge request)
• Enable masking the newly created access tokens (merge request)
• Update cluster management project template (merge request)
• Remove agent_authorization_include_descendants feature flag (merge request)
• Drop fingerprint column from sbom sources (merge request)
• Update commit note action buttons (merge request)
• Add DeletePackageModal shared component by @ali_o_kan (merge request)
• Display container image shortened path (merge request)
• Update VSA max date range tooltip text (merge request)
• Less padding for sidebar subfolders on diffs (merge request)
• Add DAST_API_EXCLUDE_URLS variable for api scans (merge request) GitLab Enterprise Edition
• Adapt PyPI API to consider the package registry access level by @wwwjon (merge request)
• Allow only project/group reporters to read confidential notes (merge request)
• Update elastic search filter for confidential notes (merge request) GitLab Enterprise Edition
• GitLab Version - Event naming changes (merge request)
• Add environment keyword to deploy jobs in CI/CD templates by @anshulriyal (merge request)
• Add a meaningful event name for path in Project (merge request) GitLab Enterprise Edition
• Improve alert management client-side router usage by @dannyelcf (merge request)
• Add email confirmation setting enum (merge request)
• Update dependency auto-build-image to v1.21.0 (merge request)
• Group SAML Group Sync retains default membership (merge request) GitLab Enterprise Edition
• Stop returning alerts from prometheus alerts endpoint (merge request)
• Update dependency auto-deploy-image to v2.42.1 (merge request)
• Adds package registry migration survey banner (merge request)
• Create merge_request_diff asynchronously (merge request)
• Extract values and add them to constants by @TrueKalix (merge request)
• Remove remove_extra_primary_submenu_options feature flag (merge request)
• Remove new_navbar_layout feature flag (merge request)
• Add support for group level scan result policies (merge request) GitLab Enterprise Edition
• Update various buttons to use pajamas component (merge request)
• Add API_REQUEST_HEADERS variable for api scans (merge request) GitLab Enterprise Edition
• Show only active users on Starrers page of a project by @wwwjon (merge request)
• Cleanup admin/subscription page tables (merge request) GitLab Enterprise Edition
• Change "Self monitoring" to "Self-monitoring" by @scootergrisen (merge request)
• Optimise remediation ingestion with bulk insertion (merge request) GitLab Enterprise Edition
• Rename ci_pipeline_metadata.title to name (merge request)
• Remove unnecessary horizontal lines (merge request)
• Clean up logged_out_marketing_header (merge request)
• Remove without_deleted param (merge request)

Deprecated (2 changes)

• Deprecation notice for merge_status field (merge request)
• Deprecate registration token in Runner Operator (merge request)

Removed (6 changes)

• Remove temp index invalid member (merge request)
• Remove unused method to check if we should re-download data (merge request) GitLab Enterprise Edition
• Remove missing_security_scan_types feature flag (merge request)
• Remove old product analytics features (merge request)
• Remove temp index on approval_merge_request_rules (merge request)
• Remove new layout feedback banner (merge request)

Security (13 changes)

• Handle JSON input correctly for swagger-ui (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Same-site redirect vulnerability (merge request)
• Update Gitaly Version (merge request)
• Resolve users can view audit events from other members (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Path traversal fix for Secure Files (merge request)
• Add length limit to addressable URLs (merge request)

Performance (22 changes)

• Remove group_overview_tabs_vue feature flag (merge request)
• Use efficient in operator query for fetching group & project activities (merge request)
• Add in_product_marketing_emails index (merge request)
• Cleanup cache_unleash_client_api feature flag (merge request)
• Memoize Project#has_group_hooks? check (merge request) GitLab Enterprise Edition
• Only build MR hook data when needed (merge request)
• Fix Projects list API preloaders (merge request)
• Switch transfer group dropdown to API data source (merge request)
• Remove duplicate_jobs_cookie feature flag (merge request)
• Remove user_destroy_with_limited_execution_time_worker feature flag (merge request)
• Use partial GIN index for non-latin issue searches (merge request)
• Improve performance of MR changes count (merge request)
• Improve issue search performance for recent items (merge request)
• Change ActiveSupport::JSON to use Gitlab::Json (merge request)
• Add GhostUserMigration#consume_after column (merge request)
• Render first chunk immediately (merge request)
• Memoize Project#has_active_integrations? check (merge request)
• Replace Sidekiq JSON methods with Gitlab::Json (merge request)
• Optimize source viewer rendering (merge request)
• Add server-side pagination to SearchFilesByName (merge request)
• Optimize source viewer rendering (merge request)
• Disable fastupdate on issues and merge_requests GIN indexes (merge request)

Other (60 changes)

• Fix Style/Next offenses by @mhdasm3 (merge request)
• Propagate feature flag actors in all Gitaly RPC services (merge request)
• Add migration for new index (merge request)
• Enforce HTTP/HTTPS schemes in Octokit Middleware (merge request)
• RuboCop: Enable previously disabled Rails/ContentTag by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/LexicallyScopedActionFilter by @edith007 (merge request)
• Remove ci_job_jwt feature flag (merge request)
• Stop tracking errors when deleting branches (merge request)
• Improve the specs in invitations_spec.rb (merge request)
• Prepare removal of old issue trigram indexes (merge request)
• Propagate user_id to Gitaly via gRPC metadata (merge request)
• Remove experiment_users table (merge request)
• Removed realtime labels FF (merge request)
• Add more logs for CI config external files V2 (merge request)
• Removes truncate_long_blobs_in_search flag by @sd5869 (merge request)
• Deprecate merge_status from api and webhooks (merge request)
• Add post migration for deleting tag data (merge request)
• Propagate feature flag actors in Gitaly RPC calls (merge request) GitLab Enterprise Edition
• Add new job for solely deleting branchs from gitaly (merge request)
• Update invisible_captcha gem from 1.1.0 to 2.0.0 (merge request)
• Updated OAuth example links to https by @zillemarco (merge request)
• Documentation changes for latest release and release asset download API by @zillemarco (merge request)
• RuboCop: Enable Style/Lambda and change to EnforcedStyle: literal by @edith007 (merge request)
• Validate environment_id foreign key on deployments table (merge request)
• RuboCop: Disable Rails/HasManyOrHasOneDependent permanently by @edith007 (merge request)
• Add more logs for CI config external files (merge request)
• Put requirements filter by test reports under feature flag (merge request) GitLab Enterprise Edition
• Removes ipynb_semantic_diffs feature flag (merge request)
• Add rubocop cop Graphql/EnumNames by @fabsrc (merge request)
• Stub license to fix JH integration factory spec by @chaomao (merge request)
• Change DuplicateJobs cookie key (merge request)
• Fix Style/RedundantInterpolation offenses in spec/ by @mhdasm3 (merge request)
• Add index to support filtering issues by last test report state (merge request)
• Remove externally_stored_diffs_caching_export feature flag (merge request)
• Consolidate Wiki model methods (merge request) GitLab Enterprise Edition
• Ensure that requirement belongs to same project of work item (merge request) GitLab Enterprise Edition
• Fix Style/CaseLikeIf offenses by @mhdasm3 (merge request)
• Another attempt to create issue trigram indexes (merge request)
• Update fogbugz gem to 0.3.0 (merge request)
• Edit pipeline-triggers API annotation (merge request)
• Remove FF ci_stop_expanding_file_vars_for_runners (merge request)
• Remove FF ci_requeue_with_dag_object_hierarchy (merge request)
• Remove outdated gocloud.dev backport (merge request)
• Use MessagePack for DuplicateJobs cookies (merge request)
• Improve Upgrade Path tool visibility by @zillemarco (merge request)
• Expose the raw attribute of ci-variables models (merge request)
• Cleanup task system note renaming background migration (merge request)
• Change DuplicateJobs Redis format (merge request)
• Move work item weight counters to CE (merge request)
• Update graph button to pajamas (merge request)
• Remove unused haml file that was moved to Vue (merge request)
• Remove default-enabled hash_oauth_tokens feature flag (merge request)
• Remove 'audit_event_streaming_git_operations' feature flag (merge request)
• Update profile buttons to pajamas (merge request)
• Remove disable_load_entire_blob_for_diff_viewer feature flag (merge request)
• Move the stale etag check before highlighting cache (merge request)
• Add variable name to file-variable logging (merge request)
• Add delay when performing refresh with delay (merge request)
• Update Gitlab Shell to 14.13.0 (merge request)
• Migrate card to Pajamas (merge request) GitLab Enterprise Edition

15.5.9 (2023-01-12)

No changes.

15.5.8 (2023-01-12)

No changes.

15.5.7 (2023-01-09)

Security (10 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Only allow safe params for diff helper (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.5.6 (2022-12-07)

No changes.

15.5.5 (2022-11-30)

Security (11 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.5.4 (2022-11-11)

Fixed (3 changes)

• Allow links to be opened from Swagger UI documentations (merge request)
• Add Hashie::Array to allowed YAML serialization classes (merge request)
• Revert Sidekiq default routing rules (merge request)

15.5.3 (2022-11-07)

Fixed (1 change)

• Fix Opensearch compatibility check (merge request) GitLab Enterprise Edition

15.5.2 (2022-11-02)

Security (11 changes)

• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.5.1 (2022-10-24)

Fixed (2 changes)

• Batch records when preloading for indexing (merge request) GitLab Enterprise Edition
• Specify certificates when connecting to KAS using TLS (merge request)

15.5.0 (2022-10-21)

Added (159 changes)

• Render labels correctly in content editor (merge request)
• Add "use_legacy_web_ide" to "user_preferences" (merge request)
• Set default compliance framework during project creation (merge request) GitLab Enterprise Edition
• Expose created_by in the Users API (merge request)
• Add models for tag and tag links (merge request)
• Adding migration for backfilling namespaces metadata (merge request)
• Add metrics for projects with applied scan result policies (merge request) GitLab Enterprise Edition
• Moved label and date widgets out of FF (merge request)
• Add GraphQL field to preview billable user changes (merge request) GitLab Enterprise Edition
• Additional Gitlab::Json method aliases (merge request)
• Enhance review app modal instructions (merge request)
• [18052] Gitlab import: Issue attachments (merge request)
• Namespace package forward settings in GraphQL (merge request)
• Allow automatic runner authentication token rotation (merge request)
• Add RaspberryPi OS 11 (Bullseye) to the list of supported OS (merge request)
• Add bulk destroy mutation for Packages (merge request)
• Add approvalProjectRules to graphql endpoint (merge request) GitLab Enterprise Edition
• Track work item iteration update (merge request) GitLab Enterprise Edition
• Add environment key to pages jobs by @k0jak (merge request)
• Sync profile fields to user_details and truncate by @brianjaustin (merge request)
• [373705] Configurable optional stages list API (merge request)
• Add scan file path to dast site profile (merge request)
• Removed upload_size from storage_size (merge request) GitLab Enterprise Edition
• Add GIT_SUBMODULE_PATHS documentation by @bollenn (merge request)
• Show edited at for work item descriptions (merge request)
• Add health status filter on issue boards (merge request) GitLab Enterprise Edition
• Autogenerate OpenApi using grape-swagger (merge request)
• Create API to fetch all Github organizations for the user (merge request)
• Only merge when all the status checks have passed (merge request)
• Improved CRM contacts autocomplete service to include state and set by @zillemarco (merge request)
• Add metrics for groups with assigned security policy project (merge request) GitLab Enterprise Edition
• Add metrics for merge requests witj applied scan result policies (merge request) GitLab Enterprise Edition
• Enable JWT authentication for Gitlab Shell (merge request)
• Add new storage type for DSL field (merge request)
• Prepare async index for index on author_id and id in merge_requests (merge request)
• Map 'Require pull request before merging' GitHub rule with access_levels (merge request)
• Add default_compliance_framework_id column to namespace_settings table (merge request)
• Autocomplete support for work items (merge request)
• Feature password expiration migration by @qt-gith (merge request)
• Disable creation of all types of personal tokens with FIPS enabled (merge request) GitLab Enterprise Edition
• After a milestone from the new release form, redirect back (merge request)
• Add cancel projects import from github (merge request)
• Support for suggestions in content editor (merge request)
• Prepare index async for merge requests on author and target project id (merge request)
• Add an owner of a runner to the runners list (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR gets closed (merge request)
• Add support for quick actions in content editor (merge request)
• Allow admins to limit registration of project and group runners (merge request)
• Speed up usage ping count for projects with incident SLAs enabled (merge request)
• Include release ci variables (merge request)
• Map 'Require signed commits' GH rule with project's push_rule attribute (merge request)
• Adding remaining MLFlow endpoints (merge request)
• Add pipelineScheduleDestroy mutation by @batu (merge request)
• Add Push Rule for DCO Signoff (merge request) GitLab Enterprise Edition
• Add jitsu key to project when created (merge request)
• Add metrics for projects with assigned security policy project (merge request) GitLab Enterprise Edition
• Consume Google Cloud Services within GitLab (merge request)
• Update requirement verification status mutation (merge request)
• Filter group runners by tags (merge request)
• [18052] Support img tags in GitHub markdown attachment importers (merge request)
• [18052] Gitlab import: note attachments (merge request)
• Authentication in private registry in code quality (merge request)
• Add user preference to turn off automatically adding a new list item (merge request)
• Add free_user_cap_over_limit_notified_at to NS details (merge request)
• Add Geo::ProjectWikiRepositoryState model (merge request) GitLab Enterprise Edition
• Add project_wiki_repository_states table (merge request)
• Delete orphaned operational vulnerabilities (merge request)
• Add migrated_to_state_transition column (merge request)
• Destroy invalid members (merge request)
• Add advanced settings support to import projects Vue app (merge request)
• Allow admins to delete runners in bulk (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR marked as draft/ready (merge request)
• Create tmp index members on id where namespace id null (merge request)
• Add avatar to user dropdown items (merge request)
• Enable issuable_description_updated subscription in GraphQL (merge request)
• Add project_wiki_repository_states table (merge request)
• Add health filter for board lists (merge request) GitLab Enterprise Edition
• Add labels widget input to work item update mutation (merge request)
• Show empty state for external CI config in pipeline editor (merge request)
• Add inbound_job_token_scope to ci cd settings (merge request)
• Remove FF email_for_two_factor_otp_failure (merge request)
• Add DORA4 charts to Insights by default (merge request) GitLab Enterprise Edition
• Add the ability to sort iterations by due date (merge request) GitLab Enterprise Edition
• feat: Add resolved_on_default_branch index to vuln reads (merge request)
• Add glm values for trials (merge request)
• Add isDefault to BranchRule type objects in GraphQL endpoint (merge request)
• Remove forward_deployment_enabled feature flag (merge request)
• RpmRepositoryFile model with uploader and spec (merge request)
• Add X-Gitlab-Instance header to webhooks (merge request)
• Add support for emojis suggestions (merge request)
• Add Scheduled badge to pipeline detail view by @Taucher2003 (merge request)
• Add migration for direction column of ci scope (merge request)
• Trigger mergeRequestReviewersUpdated when reviewer state change (merge request)
• REST API filter issues by any/none health status (merge request) GitLab Enterprise Edition
• Add mailer with templates (merge request) GitLab Enterprise Edition
• Enable Releases feature toggle (merge request)
• Disable all types of personal access tokens when FIPS enabled (merge request) GitLab Enterprise Edition
• Add resource groups API endpoint to list upcoming jobs (merge request)
• Enable skip_default_scope_for_events FF by default (merge request)
• Add suppport for suggestions in content editor (merge request)
• Trigger mergeRequestReviewersUpdated subscription when reviewers change (merge request)
• Shift can_create_group to ApplicationSetting (merge request)
• Create table and model to store user's phone number validations (merge request)
• Map 'Require conversation resolution' GitHub rule with project setting (merge request)
• Add ci_pipeline_metadata table to hold title strings (merge request)
• Add and fill foreign key for approval rules (merge request) GitLab Enterprise Edition
• Add timing when we use caching in certain api/controller endpoints (merge request)
• Add timing for mergeability checks (merge request)
• Support GraphQL subscription for iteration assignment (merge request) GitLab Enterprise Edition
• Add unprotectAccessLevels to EE graphql endpoint (merge request) GitLab Enterprise Edition
• Jitsu/GitLab Connection PoC (merge request)
• Project setting for suggested Reviewers (merge request)
• Add CI_JOB_NAME_SLUG predefined CI variable by @jdoubleu (merge request)
• Allow users to create annotated tags from release (merge request)
• Allow autosaving wiki content (merge request)
• Send email notification when a personal access token is revoked (merge request)
• GraphQL: Add ALL_AVAILABLE membership value (merge request)
• Include tag specific additional CI variables (merge request)
• Prepares ci_builds_metadata to partitioning (merge request)
• Email user when their 2FA OTP attempt is wrong (merge request)
• Backfill epic cache counts (merge request)
• Adds log-parameter and log-batch MLFlow endpoints (merge request)
• Prepare async index for vulnerability reads location image (merge request)
• Add issuableDescriptionUpdated to the GQL subscription type (merge request)
• Expose if user can mark notes as confidential (merge request)
• Add Any and None options to filter issues by health status (merge request)
• Expose BulkImports::Failure#exception_message in the API (merge request)
• Add real time capability for work item assignees widget (merge request)
• Support secure schemas version 15.0.2 (merge request) GitLab Enterprise Edition
• Add X-Gitlab-Instance header to webhooks (merge request)
• Display blocking items on Roadmap (merge request)
• Fetch Iteration widget as well for work items type task (merge request)
• Add unique indexes to facilitate bulk upserts (merge request)
• Add note when child epic gets moved (merge request) GitLab Enterprise Edition
• Add jobs endpoint by @TrueKalix (merge request)
• Add glm values for trials (merge request)
• Allow epics having child issues from different group hierarchies (merge request) GitLab Enterprise Edition
• Schedule index removal for ci_builds_metadata (merge request)
• Add GET /personal_access_tokens/self endpoint (merge request)
• Add a timeline event preview markdown endpoint (merge request)
• Add indexes to ci_builds_metadata (merge request)
• Metrics for GitLab for Jira App (merge request)
• Display permission alert on epic tree count popovers (merge request) GitLab Enterprise Edition
• Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
• Use Google CDN if enabled for CI job artifacts (merge request)
• Adds LogMetric endpoint to MLFlow (merge request)
• Frontend for Environment Search (merge request)
• Add pipeline_schedule GraphQL type (merge request)
• Added straight mode to compare view by @DracoBlue (merge request)
• Show Slack App Home (merge request)
• Show “Merged date” sort option for dashboard MRs (merge request)
• Extend GraphQL query for protected environments (merge request) GitLab Enterprise Edition
• Add source_id to BulkImports::Entity table (merge request)
• Add filters for PAT by @TrueKalix (merge request)
• Add group shares in group transfer locations API (merge request)
• Add any, none filters for issue health status (merge request)
• Add any, none filters for issue health status (merge request)
• Add REST API filters for issue health status (merge request)
• Add REST API filters for issue health status (merge request)

Fixed (164 changes)

• Fix: locale on sidebar items when collapsed by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Don't fail project export if upload file doesn't exist (merge request)
• Prevent JobArtifactsDestroy whilst refreshing by @leetickett (merge request)
• GitLab Version - Properly track link clicks (merge request)
• Fix naming issue with Test Summary widget (merge request)
• Ensure current user owns table to partition (merge request)
• Check for path traversals in the debian distribution regex by @sathieu (merge request)
• Fix spurious requests when viewing PDF blobs (merge request)
• Pass additional_params to search API logging (merge request)
• Fix scoped label styles in activity feed (merge request)
• Gitlab Migration - retry ExportRequest & RequestStatus network requests (merge request)
• Fix 500 error when namespace path is a negative integer (merge request)
• Prevent outdated deployments from running before execution (merge request)
• Persist page size for group migration (merge request)
• Use configured namespace when generating Kubeconfig (merge request)
• Add the labels to the cache key for merge request api (merge request)
• Don’t append base to links with old wiki path (merge request)
• Ensure schemas are up-to-date after migration tests complete (merge request)
• Fix broken trial registration spec (merge request) GitLab Enterprise Edition
• Fixed commit messages not wrapping when too long by @zillemarco (merge request)
• Hide Reviewers Edit Button when no permissions by @Taucher2003 (merge request)
• Allow grouping more than 1 label of same scope in iteration reports (merge request)
• Fix site profile edit with empty fields (merge request) GitLab Enterprise Edition
• Fix remove epic modal to include children info (merge request) GitLab Enterprise Edition
• Fix: locale on todo filter by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Remove auto_accept_terms from OAuth::User (merge request)
• Fix alignment of internal note header (merge request)
• Fix glm param dropping in the company controller (merge request) GitLab Enterprise Edition
• GitLab Version - Properly import on dashboard (merge request)
• Fix internal note background styling when using dark mode (merge request)
• Fix alignment issues on agent activity list (merge request)
• Add internal_id allocation for GitHub Import (merge request)
• Show error when removing epic or issue from epic (merge request)
• Fix: admin subscription time format locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fix mis-alignment of the action buttons in extensions (merge request)
• Support username in assign push options (merge request)
• Enable read_runner permission for auditors, also for instance runners (merge request) GitLab Enterprise Edition
• Enable read_group_all_available_runners permission for auditors (merge request) GitLab Enterprise Edition
• fix: Improve shell variable quoting in Coverage-Fuzzing templates (merge request)
• Fix grammatical error in exclusive keys validator (merge request)
• Do not show banner if SM subscription is renewed (merge request) GitLab Enterprise Edition
• Remove and add ci_job_variables.raw (merge request)
• Fix feature flag file location (merge request) GitLab Enterprise Edition
• Fix markdown for iteration description (merge request) GitLab Enterprise Edition
• Fix line height on project and group lists (merge request)
• Allocate InternalId for importing issues (merge request)
• Remove outdated migration steps (merge request)
• Add scrolling support for jupyter notebooks (merge request)
• Fix HLJS multi-line-rendering (merge request)
• Fix runner instructions with disabled registration (merge request)
• Fix RunnerPolicy to allow group maintainers to see shared runners (merge request)
• Fix Wiki feature raises exception when titles start with ~ (merge request)
• Fix duplicate key errors during GitHub Import (merge request)
• Fix case where Merge Request change tab shows incorrect number by @hyperhtml (merge request)
• Avoid loading entire blob without limit for displaying diffs (merge request)
• Migrate bulk sidebar subscriptions dropdown to pajamas (merge request)
• Add bottom margin to "Protect a tag" card (merge request)
• Fix epic items not loading for signed out users (merge request) GitLab Enterprise Edition
• fix: Don't fetch environments on Admin variables page (merge request)
• Render markdown for snippets if links contain hash to anchor by @fabsrc (merge request)
• Enable the FF ci_requeue_with_dag_object_hierarchy (merge request)
• Fix closing of external issues (merge request)
• Improve error message when providing an invalid deploy key by @davebarr (merge request)
• Fix indentation of children epics on Roadmap (merge request) GitLab Enterprise Edition
• Use custom logo on sign in page again by @wwwjon (merge request)
• Fix lock retries for the partition helper (merge request)
• Fix alignment issues of resolved with issue system note (merge request)
• This MR fixes cron parsing bug (merge request) GitLab Enterprise Edition
• Don't change escalations if neither status nor policy changed (merge request) GitLab Enterprise Edition
• Hide Analytics features based on project settings (merge request)
• Set default link color to blue-500 (merge request)
• Fix project create service to use known columns (merge request) GitLab Enterprise Edition
• Fix alignment on changed line in multiline suggestion comment (merge request)
• fix: Compare email addresses case insensitively by @DerAstronaut (merge request)
• Deal with multiple filters in query builder (merge request) GitLab Enterprise Edition
• Better memoize BulkImports::ExportStatus#export_status (merge request)
• Fix variables alignment (merge request)
• Add retriable exceptions & dont raise if wiki is disabled (merge request)
• Fix encoding issues with plantuml blocks (merge request)
• Removing single quotes to avoid harbor help text being rendered as math by @orozot (merge request)
• Show notifications toggle when mr merged by @leetickett (merge request)
• Fix 500 errors in Projects::AutocompleteSourcesController (merge request)
• Add missing tooltip for deployment name (merge request)
• Fix ES settings form localization by @Taucher2003 (merge request) GitLab Enterprise Edition
• Add WikiLinkFilter to AsciiDocPipeline (merge request)
• Fix serialization of tables in Content Editor (merge request)
• Prevent creation of duplicate deploy tokens on page refresh (merge request)
• Fix two expand buttons on MR widgets when page width is narrow (merge request)
• Avoid linking CVE IDs as Jira tickets by @kelunik (merge request)
• Hide Contributors menu item by @TrueKalix (merge request)
• Fix ExternalDatabaseChecker tests for geo and PG11 (merge request)
• When getting container repository tags, use a fixed page size (merge request)
• This MR closes drawer when project changed (merge request) GitLab Enterprise Edition
• Fix REST/GRAPHQL APIs handling TODOs WorkItem target (merge request)
• Remove usage of Geo::FileRegistryRemovalWorker worker (merge request) GitLab Enterprise Edition
• Avoid runaway queue growth of Geo::DestroyWorker (merge request) GitLab Enterprise Edition
• Fix initial value set on TimezoneDropdown (merge request)
• Fix the epics search query for displaying roadmap (merge request) GitLab Enterprise Edition
• Allow auditors read-only access to Alerts (merge request) GitLab Enterprise Edition
• Fix flash margin in Web IDE (merge request)
• Discussion: Fix font-size and highlight (merge request)
• Add missing licensed feature flag to frontend (merge request) GitLab Enterprise Edition
• Update project member styles in GFM (merge request)
• ExternalDatabaseChecker to support CI Database (merge request)
• Allow multiple drafts on a single line in MR reviews (merge request)
• Add the diverged commits when displaying the merge controls (merge request)
• Fix DAST profile names for group security policies (merge request) GitLab Enterprise Edition
• Changes how project export tarballs are uploaded to an external website (merge request)
• NuGet case-insensitive version search (merge request)
• Hide add oncall schedule buttons for unauthorized users (merge request)
• Fix CI JSON schema for variables (merge request)
• Fix 500 errors when sorting by merged date with approvers (merge request)
• Apply push rules to squash commit messages (merge request) GitLab Enterprise Edition
• Update GitLab Migration to use source_id when requesting relation export (merge request)
• LockWrites Rake Task to support DRY_RUN mode (merge request)
• Hide harbor registy in menu if uncheck active by @orozot (merge request)
• Fix wrong CLRF rendering by @TrueKalix (merge request)
• Exclude tiers if a protected environment exist from creation form (merge request) GitLab Enterprise Edition
• Hide MR Callout when MRs disabled for project by @Taucher2003 (merge request)
• Use toolbar buttons for indent/outdent (merge request)
• Fix unlocking previous pipeline artifacts (merge request)
• Fix alignment issues on agent activity list (merge request)
• Improve work item detail accessibility (merge request)
• Render form submit button using Pajamas::ButtonComponent (merge request)
• Render form submit button using Pajamas::ButtonComponent (merge request) GitLab Enterprise Edition
• Rescue exception when exporting MR diffs (merge request)
• Set BulkImports::Tracker as skipped if entity is failed (merge request)
• Monkey patch Licensee::License to properly cache (merge request)
• License overview incorrectly shows 'Expired: never' for expired license (merge request) GitLab Enterprise Edition
• Update View latest projects and View latest groups links (merge request)
• Reloading the classes runs the LoadBalancer again (merge request)
• Revert "Merge branch 'toon-no-more-licensee' into 'master'" (merge request)
• Fix escaping for references with special characters (merge request)
• Do not save duplicate notes when importing pipelines (merge request)
• Add shortcuts and permalink updater to vue blob controls (merge request)
• Show tasks in dashboard issue list (merge request)
• Simplify line link (merge request)
• Update custom tag reference in CI schema (merge request)
• Ensure that stage name and record are in sync for page deployments (merge request)
• Fix bugs around file attach button (merge request)
• Keep pipeline editor commit info when changing tabs (merge request)
• Fix wrong inverse_of in vulnerability_state_transitions association (merge request)
• Fix label events being grouped incorrectly (merge request)
• Resolve failure path issue on creating leads (merge request) GitLab Enterprise Edition
• Filter all settings sections and show empty state if no results (merge request)
• Avoid preloading nil root_ancestor in ProjectRootAncestorPreloader (merge request)
• Fix undismissable error alert on contact list by @leetickett (merge request)
• Remove attach file button from toolbar (merge request) GitLab Enterprise Edition
• Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
• Fix N+1 queries when fetching labels of child epics (merge request) GitLab Enterprise Edition
• Add navbar to empty search results (merge request)
• Show emoji in user_popover when status text is empty by @n0rdlicht (merge request)
• Only focus search in dropdown if it has artifacts (merge request)
• Improve specs (merge request)
• Replace visitUrl with Gl-Link in ci-badge-link by @leetickett (merge request)
• Move the index removal migration to a regular migration (merge request)
• Sorted project members by user name (merge request)
• Only mark vulnerabilities on default branch as disappeared (merge request) GitLab Enterprise Edition
• Allow read-only access to escalation policies for auditors (merge request) GitLab Enterprise Edition
• Fix codeowners for sections with the same patterns (merge request)
• Fix: locale on project repo settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Use the MR data to determine if the branch was deleted (merge request)
• Make Wiki operations target default branch instead of HEAD (merge request)
• Fix spacing in commit view of MR (merge request)

Changed (194 changes)

• Update google-protobuf to v3.21.7 (merge request)
• Add validationStartedAt to DastSiteValidationType (merge request) GitLab Enterprise Edition
• Allow specifying document types to reindex (merge request) GitLab Enterprise Edition
• Changes dormant user setting input minimum to 90 days (merge request)
• Fix an issue where the delete button would always delete the fist item (merge request)
• Migrate old sidekiq queues (merge request)
• Update sign in preview page and new label page (merge request)
• Permit to create/update/delete protected branches without repository (merge request)
• Use issue type in user activity for issue or work item events (merge request)
• Track wiki verification in the project_wiki_repository_states table (merge request) GitLab Enterprise Edition
• Fix alert text for rate limiting (merge request)
• Remove RubyProf in favor of StackProf from Gitlab::Profiler (merge request)
• This MR adds agents option for humanized rules (merge request) GitLab Enterprise Edition
• Revert changes to manual actions on environments (merge request)
• Show copy button for unsafe external URLs (merge request)
• Removes experimental feature flag (merge request)
• This MR adds agents option for schedule rule component (merge request) GitLab Enterprise Edition
• Reset form button if error encountered (merge request)
• Remove runners_finder_all_available feature flag (merge request)
• This MR adds new pre-scan verification status (merge request) GitLab Enterprise Edition
• Update pact to v1.63 and rack-test to v2.0.2 (merge request)
• Add pipeline iid to pipeline event webhook by @fabsrc (merge request)
• Make releases_access_level equal repository_access_level when higher (merge request)
• Search Page Layour change (merge request)
• Let go get response http semantic status code by @icbd (merge request)
• Render a dotted line for missing DORA insights data (merge request) GitLab Enterprise Edition
• Add finder for scan result policies and update (merge request) GitLab Enterprise Edition
• Update "last used" date for PATs if used in git operations by @fabsrc (merge request)
• Allow to toggle inbound job token (merge request)
• Extend scan_finding rules to group level (merge request) GitLab Enterprise Edition
• Update IDE pipeline styling (merge request)
• Shows project storage limit notifications only to owners (merge request) GitLab Enterprise Edition
• Exposed current_sign_in_at as last login at for billable members (merge request) GitLab Enterprise Edition
• Correct copy on Project Access Token scope page (merge request)
• Improve SAML SSO wording (merge request)
• Add browseArtifactsPath to GraphQL CiJob (merge request)
• GitLab Version - Badge Tracking (merge request)
• Fix: notify locale on project was not exported email by @qt-gith (merge request)
• Adding .mobileprovision file parser to Project-level Secure Files (merge request)
• Add columns about MR checks to namespace_settings by @luzhiyuan.deer (merge request)
• Convert Octokit response in Github Integration to hash (merge request) GitLab Enterprise Edition
• Adding .p12 file parser to Project-level Secure Files (merge request)
• Updates Config::Entry::Variable value to support array (merge request)
• Update Jitsu authenticator to production endpoint (merge request) GitLab Enterprise Edition
• Remove confusing runners summary text (merge request)
• Replace release notes form in new tag page with a link (merge request)
• Fix issue header alignment (merge request)
• Reduce the size of the initial backoff duration for web-hooks (merge request)
• Store future subscriptions on instance activation (merge request) GitLab Enterprise Edition
• Expose licenses in dependencies API (merge request) GitLab Enterprise Edition
• Allow /page to be used in description on incident creation (merge request)
• Update Work item cannot be accessed (merge request)
• Add localization to markdown actions (merge request)
• Fix padding for draft notes (merge request)
• Moves classes into variables (merge request)
• Improves modal copy when deleting page assets leads to package deletion (merge request)
• Remove container_registry_new_cleanup_service feature flag (merge request)
• Global Search vertical navigation search helper (merge request) GitLab Enterprise Edition
• Add approver for group level scan result policies (merge request) GitLab Enterprise Edition
• Nullify duplicate runner authentication tokens (merge request)
• This MR adds new feature flag for DAST pre-scan verification (merge request) GitLab Enterprise Edition
• Secure Files Metadata Parser (merge request)
• Update alert and incident table styles by @briankabiro (merge request)
• Govern Metric Updates (merge request) GitLab Enterprise Edition
• Productivity Analytics - Migrate url-sync mixin by @ali_o_kan (merge request) GitLab Enterprise Edition
• Update max helm charts to 1000 (merge request)
• Update shared runners summary text (merge request)
• Enable float values in cost factor (merge request) GitLab Enterprise Edition
• Improve MergeService log messages (merge request)
• Update dependency auto-deploy-image to v2.39.0 (merge request)
• Don't pre-fill markdown table with cells in issue (merge request)
• Remove ci_destroy_unlocked_pipeline_artifacts feature flag (merge request)
• Show view-only audit events filter for users with the developer role (merge request) GitLab Enterprise Edition
• Remove participant status from epic participants (merge request)
• Improve copy on delete modale in package by @ali_o_kan (merge request)
• Prevent login using autogenerated passwords (merge request)
• Replace Wiki service list_pages by normal repository RPCs (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.38.1 (merge request)
• Show warning if code search mappings are outdated (merge request) GitLab Enterprise Edition
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Update UI text in insights dropdown list + dropdown sizing (merge request) GitLab Enterprise Edition
• Change design comments cancel confirmation (merge request)
• Debian package API: do not enqueue jobs directly by @sathieu (merge request)
• Fixes top padding for skeleton notes (merge request)
• Remove user attributes from notes (merge request) GitLab Enterprise Edition
• Use inline code for varaiables in harbor text (merge request)
• Deprecate AWS host connection parameter (merge request)
• Migrate card component - user list in admin page (merge request)
• Pull apart emoji and activity controls (merge request) GitLab Enterprise Edition
• Exclude loopback and link local addresses from Google CDN use (merge request)
• Update runner settings styling (merge request)
• Enforce active jobs limit earlier in pipeline creation (merge request)
• Adapt Helm API to consider the package registry access level by @wwwjon (merge request)
• Adapt Generic Packages to consider the package registry access level by @wwwjon (merge request)
• Global Search vertical navigation search helper (merge request)
• Enabled realtime labels FF (merge request)
• Hide Action column when revokePath is missing (merge request)
• Remove use_gitaly_pagination_for_refs feature flag (merge request)
• Upgrade Sourcegraph integration to 0.0.82 by @philipp-spiess (merge request)
• Do not show blocked states (merge request) GitLab Enterprise Edition
• Remove iteration_cadences FF (merge request) GitLab Enterprise Edition
• Update colors in the user activity calendar (merge request)
• Tighten Google CDN URL config requirements (merge request)
• Geo - Update no subscription banner message (merge request) GitLab Enterprise Edition
• Geo - Update URL text to External URL (merge request) GitLab Enterprise Edition
• Update unknown ci_pipeline_artifacts.locked column values (merge request)
• Add codeowners collapse, use vue component instead of haml (merge request) GitLab Enterprise Edition
• Fixes highlighting color for first diff reply (merge request)
• Change Version API to mirror Metadata API (merge request)
• Reduced lease from 1.5hrs to 1 hr (merge request)
• Update extensions in Gitpod configuration by @gtsiolis (merge request)
• Geo: Migrate Container Registry replication to use SSF (merge request) GitLab Enterprise Edition
• Do not user select2 for mirror user id (merge request)
• Don't pre-fill markdown table with cells (merge request)
• Fix invalid runner REST v4 deprecations (merge request)
• Harmonise warning message in Settings < Variables by @ali_o_kan (merge request)
• Update trial status popover title (merge request) GitLab Enterprise Edition
• Harmonise warning message in Settings < Pipeline triggers by @ali_o_kan (merge request)
• Add tmp indx null member namespace id (merge request)
• Default on :operational_vulnerabilities_filters ff (merge request)
• Default on :scan_execution_rule_mode feature flag (merge request)
• Remove dropdown to add members from admin area (merge request)
• Update cards in the milestone view (merge request)
• Ensure PostgreSQL versions are memoized at start of tests (merge request)
• Allow to submit wiki form using ctrl enter (merge request)
• Store dependency scanning SBoMs as reports (merge request)
• ref_service: Clean up find_local_branches_response (merge request)
• Do not restrict epics child issues group structure (merge request) GitLab Enterprise Edition
• This MR stores list of form fields in constant (merge request) GitLab Enterprise Edition
• Use Pajamas alert component for Rails flash (merge request)
• Update code analyzers (merge request) GitLab Enterprise Edition
• Migrate groups' projects settings card to ViewComponent (merge request)
• Harmonise warning in Protected environments by @ali_o_kan (merge request) GitLab Enterprise Edition
• Migrate to GlButton (merge request) GitLab Enterprise Edition
• GraphQL: Rename verification status to status (merge request) GitLab Enterprise Edition
• Hides cleanup policy admin notification while loading (merge request)
• Refetch deployments on user interaction (merge request)
• Migrate groups "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
• Allow updating users.pronouns property in REST API by @drumm (merge request)
• Migrate "Protect a tag" card to ViewComponent (merge request)
• Migrate "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
• Hide delete button when user cannot delete runner (merge request)
• Adding metadata and expires_at to Secure Files (merge request)
• Limit maximum number of child epics (merge request) GitLab Enterprise Edition
• Remove tmp_index_system_note_metadata_on_attention_request_actions (merge request)
• Rename WebHook service_id to integration_id (merge request)
• Migrate issue/MR bulk edit checkboxes to be Pajamas compliant (merge request)
• Migrate LDAP Remember me checkbox to be Pajamas compliant (merge request)
• Migrate OmniAuth Remember me checkbox to be Pajamas compliant (merge request)
• Update dependency auto-deploy-image to v2.38.0 (merge request)
• Migrate card component - admin note in admin area (merge request)
• Migrate pj component - card in the profile SSH page (merge request)
• Allow updating users.commit_email property in REST API by @drumm (merge request)
• Migrate custom attributes card to ViewComponent (merge request)
• Add new alert for creating new top-level group (merge request)
• Autofocus on Markown Editor (merge request)
• Removes spacing from system and discussion notes (merge request) GitLab Enterprise Edition
• Remove temp index that no longer needed (merge request)
• Update deployment rollback buttons (merge request)
• Remove unused db fields from assignees (merge request)
• Remove unused styles on subscription seats table (merge request) GitLab Enterprise Edition
• Drop ci_update_unlocked_job_artifacts feature flag (merge request)
• Update Busy checkbox copy (merge request)
• Update dependency auto-build-image to v1.19.0 (merge request)
• Update successful purchase banner (merge request) GitLab Enterprise Edition
• Remove cleanup_extract_mr_diff_deletions feature flag (merge request)
• Default-enable :hash_oauth_tokens feature flag (merge request)
• GitLab Version - Badge CTA (merge request)
• Backfill internal column on notes (merge request)
• Block userless CI (merge request)
• Remove cache_issue_sums flag (merge request) GitLab Enterprise Edition
• Do not treat warnings as errors (merge request) GitLab Enterprise Edition
• Add warning when Token Access disabled by @ali_o_kan (merge request)
• Add reject_non_dco_commits to push_rules (merge request)
• Added parameter to participants query (merge request)
• Rename timeline event note's validation error message (merge request)
• Remove tmp idx null project namespace id (merge request)
• Hide subgroup milestones on Roadmap when filtered by group (merge request) GitLab Enterprise Edition
• Remove unused updated_state_by_user_id from merge_request_reviewers (merge request)
• Add index on internal notes (merge request)
• Remove multiple iteration cadences license check (merge request) GitLab Enterprise Edition
• Check feature flag in bulk imports API for consistency (merge request)
• Enable auditor access to group runners (merge request)
• GitLab Version - Increase cache life (merge request)
• Adds last downloaded date to package registry UI (merge request)
• Drop tmp_index_user_callouts_on_attention_request_feature_names (merge request)
• Clean up successful experiment promote_mr_approvals_in_free (merge request)
• Add iteration to Issues Analytics table by @ali_o_kan (merge request) GitLab Enterprise Edition
• Finalize member namespace id cleanup (merge request)
• Remove allow non-blocking member refresh feature flag (merge request) GitLab Enterprise Edition
• Ignore fingerprint column on sbom_sources (merge request)
• Clean up read_package_policy_rule feature flag by @wwwjon (merge request)

Removed (18 changes)

• Remove contraint check_508774aac0 (merge request)
• Remove default_scope for the Event model (merge request)
• Drop free user cap columns from namespace settings (merge request)
• Remove FF override_group_level_protected_environment_settings_permission (merge request)
• Remove Feature Flag for artifacts reports junit (merge request)
• Geo Sites - Remove Current Site Badge (merge request) GitLab Enterprise Edition
• Revert "Merge branch 'pages-lets-encrypt-ecdsa' into 'master'" (merge request)
• Remove incident_resource_links_widget feature flag (merge request) GitLab Enterprise Edition
• Delete remove invalid member migrations (merge request)
• Drop index on ci_builds_metadata (merge request)
• Remove unused partial (merge request)
• Remove unused VSA label_ids param (merge request) GitLab Enterprise Edition
• Remove WorkItemUpdateWidgets mutation from GraphQL API (merge request)
• Remove application limits for Jira import (merge request)
• Remove global_search_custom_slis feature flag (merge request)
• Remove contribution_analytics_optimized_base_query (merge request) GitLab Enterprise Edition
• Remove unused experience_level DB column (merge request)
• Remove legacy memory killer (merge request)

Security (19 changes)

• Fix CVE-2022-32149 in workhorse dependency (merge request)
• Validate the scheme of project import URLs (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Fixes XSS in widget extensions (merge request)
• Redact user's private email in group member event webhook (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Manually sync canonical to security (merge request)
• Fix conflict between canonical and security (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Prevent serialization of sensible attributes from JsonCache by @jbobadilla-ext (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Forbid creating a tag using default branch name (merge request)
• Add security protection for Github (merge request)
• Redact secrets from WebHookLogs (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)

Performance (19 changes)

• Avoid query for next page check (merge request)
• Refactor BitBucket importer (merge request)
• Nullify and delete some user associations in batches (merge request)
• Nullify merge request metrics user in batches on user deletion (merge request)
• Nullify merge request and user associations in batches on user deletion (merge request)
• Removing feature flag config files (merge request)
• Fix N+1 when loading labels on issue, epic, mrge_request lists (merge request)
• Fix labels N + 1 query in WorkItemsResolver (merge request)
• Remove n+1 queries for participants policy checks (merge request)
• Fix votes N+1 when loading issues, epics, merge requests lists (merge request)
• Ensure primary key index is used for Geo::Replicable (merge request) GitLab Enterprise Edition
• Remove feature flags related to diff highlight expiration (merge request)
• Destroy unlocked and expired pipeline artifacts (merge request)
• Load all license details from Gitaly (merge request)
• Load all license details from Gitaly (merge request)
• Avoid N+1 in GraphQL WorkItemsResolver (merge request)
• Add delay during project authorizations refresh (merge request)
• Enable background closure of issues from commit messages (merge request)
• Fix Workhorse Redis Sentinel role checks (merge request)

Other (63 changes)

• Add logging for file variable expansion (merge request)
• Remove gitlab_shell_jwt_token feature flag (merge request)
• Deploy tiers named nonprod no longer marked as production (merge request)
• Remove FF gl_listbox_for_sort_dropdowns (merge request)
• Remove duplicated read_confidential_notes policy (merge request)
• Drop index_notes_on_note_gin_trigram index where exists (merge request)
• Add diagnostic reports uploader (merge request)
• Clean up legacy Gitaly Wiki RPCs in Rails (merge request) GitLab Enterprise Edition
• Add message and importer type to logs (merge request)
• Update task system note background migration batch sizes (merge request)
• RuboCop: Enable previously disabled Rails/ActiveRecordCallbacksOrder by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/SoleNestedConditional by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/InverseOf by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/RedundantForeignKey by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/KeywordParametersOrder by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/NumericLiteralPrefix by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/IndexWith by @edith007 (merge request)
• Add bulk_import_id to bulk_import logs (merge request)
• RuboCop: Enable previously disabled Style/SingleArgumentDig by @edith007 (merge request)
• Use bulk_import_entity_id in all logs (merge request)
• Prepare partial non-latin index for issues (merge request)
• Remove incident_timeline feature flag (merge request)
• Enable wiki feature flags by default (merge request)
• Ignore column with typo on NamespaceDetails (merge request)
• Remove the about your company feature flag and commit code (merge request) GitLab Enterprise Edition
• Remove block_emails_with_failures feature flag (merge request)
• Removes the gl_avatar_for_all_user_avatars FF (merge request)
• Remove the non supported google_client_email (merge request)
• Remove background trial application feature flag (merge request)
• Remove the FF ci_project_pipeline_config_refactoring (merge request)
• Add snowplow event tracking to group imports (merge request)
• Add columns for package forward cascade settings (merge request)
• Update profile page buttons to pajamas (merge request)
• Increase branch expiry from 10 minutes to 60 (merge request)
• Revert "Merge branch '371986-introduce-ff' into 'master'" by @kwiebers (merge request)
• Bump Gitlab Shell to v14.12.0 (merge request)
• Remove unused members awaiting index (merge request)
• Change card to Pajamas (merge request)
• RuboCop: Enable previously disabled Style/StringLiteralsInInterpolation by @edith007 (merge request)
• Validate entity type used in Gitlab Migration (merge request)
• Modifications to adding delay logic (merge request)
• Remove unnecessary card component (merge request)
• Remove orphan project bots (merge request)
• Remove FF ci_rules_changes_compare (merge request)
• Remove and add raw of ci-variables tables with new default (merge request)
• Ignore unused columns on requirements (merge request) GitLab Enterprise Edition
• Remove trace column from ci_builds table (merge request)
• Remove unused free user cap data feature flag (merge request) GitLab Enterprise Edition
• Limit the number of active jobs early in the pipeline creation (merge request) GitLab Enterprise Edition
• GraphQL fetch stage by id (merge request)
• RuboCop: Enable previously disabled Style/AccessorGrouping by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/EmptyMethod by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/FilePath by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/ExplicitBlockArgument by @edith007 (merge request)
• Use Gitlab UI empty state in Roadmap by @rajatgitlab (merge request) GitLab Enterprise Edition
• Cleanup task system note renaming background migration (merge request)
• RuboCop: Enable previously disabled Style/CaseLikeIf by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/HelperInstanceVariable by @edith007 (merge request)
• Add dashboard limit to enable free user management (merge request)
• Decommission BatchPopQueueing class (merge request)
• Remove create_approval_todos_on_mr_update FF (merge request)
• Add environment keyword to pages job by @edith007 (merge request)
• Remove feature flag ci_variables_refactoring_to_variable (merge request)

15.4.6 (2022-11-30)

Security (11 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.4.5 (2022-11-15)

Fixed (1 change)

• Revert Sidekiq default routing rules (merge request)

15.4.4 (2022-11-02)

Security (12 changes)

• Datadog API key leak by changing integration URL (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.4.3 (2022-10-19)

Fixed (4 changes)

• Sign in: use custom logo again (merge request)
• Fix closing of external issues (merge request)
• Sign in: use custom logo again (merge request)
• Fix REST/GRAPHQL APIs handling TODOs WorkItem target (merge request)

15.4.2 (2022-10-04)

Fixed (1 change)

• Ensure that stage name and record are in sync for page deployments (merge request)

15.4.1 (2022-09-29)

Security (15 changes)

• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.4.0 (2022-09-21)

Added (162 changes)

• Add git tags from last deployment to environment detail page (merge request)
• Background worker for suggested reviewers (merge request)
• Maven request forwarding (merge request)
• Add edited by information to GraphQL WorkItem type (merge request)
• RPM initial upload and package creation (merge request)
• Add codeOwnerReviewRequired to EE (merge request) GitLab Enterprise Edition
• Added REST APIs to fetch latest release and download release assets by @zillemarco (merge request)
• Add iterations cadences to Gitlab Migration (merge request) GitLab Enterprise Edition
• Expose user and group for branch protection access levels in EE (merge request) GitLab Enterprise Edition
• Add cluster_agent_id and image to GraphQL vulnerabilitySeveritiesCount (merge request) GitLab Enterprise Edition
• Add unique index to ci_builds_metadata (merge request)
• Add job field to ProjectType (merge request)
• Enable search option for environments (merge request)
• Added markdown support for solution (merge request) GitLab Enterprise Edition
• Support delivery of emails using Microsoft Graph API (merge request)
• Expose CI variable limits through GraphQL (merge request)
• Add checkbox supported by Autosave and autosave confidential in Issuable form by @ali_o_kan (merge request)
• Backfill namespace_id on issues table (merge request)
• Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
• Enabling feature flag immediate_delete_subgroup_api by default (merge request)
• Add harbor registry tags page by @orozot (merge request)
• Add the resource state events REST API endpoint for epics (merge request) GitLab Enterprise Edition
• Add last_downloaded_at to packages (merge request)
• Documentation of Move to start/end of list actions (merge request)
• Add monthly count_user_auth metric (merge request)
• Add auth_type to jwt controller tokens (merge request)
• Add column to store over user limit notification status (merge request)
• Domain Verification MVC (merge request) GitLab Enterprise Edition
• Add default project for epics (merge request) GitLab Enterprise Edition
• Extend packages project policy to consider access level by @wwwjon (merge request)
• Add system note service for resource links (merge request)
• Add group shares in group transfer locations API (merge request)
• Removes group_ip_restrictions_allow_global feature_flag (merge request)
• GraphQL query for last and upcoming deployment (merge request)
• Add clear status after dropdown to profile set status form (merge request)
• Migrate merge request review_requested/removed events (merge request)
• Memoize search_environments finder (merge request)
• Add state field to environments varchar name index (merge request)
• Add version sort to tags API (merge request)
• Show better errors from GraphQL on Releases (merge request)
• Debian Acquire-By-Hash (to avoid Hash Sum Mismatch errors) by @sathieu (merge request)
• Add cube proxy API request (merge request)
• Adds endpoints for MLFlow client Run entity (merge request)
• Optimize the pending todos check query (merge request)
• Load more for task assignees when user scrolls (merge request)
• Add pushAccessLevels to graphql endpoint (merge request)
• Add mergeAccessLevels to graphql endpoint (merge request)
• Support variable expansion on environment auto_stop_in (merge request)
• Add dismissal_reason to StateTransitions (merge request)
• Add branchProtection under project.branchRules in graphql endpoint (merge request)
• Updates container registry project settings (merge request)
• Add support for semantic versioning tags sort (merge request)
• New GraphQL mutation for dismiss security finding (merge request) GitLab Enterprise Edition
• Add rpm package type (merge request)
• Update groups api to accept parameter for ip_restriction_range (merge request) GitLab Enterprise Edition
• Allow users to filter issues by health status (merge request)
• Moved assignees to work_items feature flag (merge request)
• Add support for Google CDN (merge request)
• Use ListCommits rpc to fetch context commits by @akumar1503 (merge request)
• Create international phone input component in Vue (merge request) GitLab Enterprise Edition
• Create ultimate feature removal banner (merge request)
• Add basic DORA configuration model (merge request)
• Autosave due_date in Issuable form by @ali_o_kan (merge request)
• Remove not allowed epics properties from issue CSV export (merge request) GitLab Enterprise Edition
• Add View entire blame button (merge request)
• Support … and $$… syntax math in markdown (merge request)
• Add integration status area to the agent details (merge request) GitLab Enterprise Edition
• Add support for sorting project and group members Graphql resolvers (merge request)
• Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
• Add count field to the GraphQL EpicConnection type (merge request) GitLab Enterprise Edition
• Add instrumentation for MAU visiting environments pages (merge request)
• Add edit confirmation popover in sidebar dropdown widget (merge request) GitLab Enterprise Edition
• Adding graphQL parameters for move to start and end for boards (merge request)
• Autosave weight in Issuable form by @ali_o_kan (merge request) GitLab Enterprise Edition
• Move embedded Zoom calls to Linked Resources (merge request) GitLab Enterprise Edition
• Allow the creation of scan result policies (merge request) GitLab Enterprise Edition
• Add ArtifactDestroy GraphQL mutation by @leetickett (merge request)
• Introduce backend updates for toggle of diff preview by @joe-snyder (merge request)
• Add a search bar to the list of assigned projects (merge request)
• GraphQL: Add resolver to runner projects (merge request)
• Add partition_id column to selected CI database tables (merge request)
• Adds first endpoints for MLFlow Integration (merge request)
• Add index to todos the improve query performance (merge request)
• Graphql query for environment information (merge request)
• Allow admins to merge topics [API] by @wwwjon (merge request)
• Add autosave on design notes (merge request)
• Add new Katalon ci/cd template for partnership program by @philip.becker (merge request)
• Add JobArtifactsDestroy GraphQL mutation by @leetickett (merge request)
• Default-enable Pipeline Wizard for pages (merge request)
• Add a work item widget for iteration (merge request) GitLab Enterprise Edition
• Expose dates where DORA data is missing (merge request) GitLab Enterprise Edition
• Rollout shimo integration by @icbd (merge request)
• Add streaming audit event for work item and MR deletion (merge request)
• Add mutation to move to start / end of board lists (merge request)
• Migration for creating ghost_user_migrations table (merge request)
• Add pipelined Redis commands to performance bar (merge request)
• Add hasEpic to issue type (merge request) GitLab Enterprise Edition
• Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
• Make Short Sha in Deployments Page a Link (merge request)
• Add harbor registry list page by @orozot (merge request)
• Monitor memory growth in memory-watchdog (merge request)
• Enable escape_gitaly_refs by default (merge request)
• Add Debian endpoints for Sources by @sathieu (merge request)
• Add Debian endpoints for D-I Packages by @sathieu (merge request)
• Add support for task item status tooltip (merge request)
• Support Group Avatar Removal in REST API by @tuxtimo (merge request)
• Align namespace of DeployAccessLevel model (merge request)
• Show epics blocking info on list & boards (merge request) GitLab Enterprise Edition
• Create API endpoint to update a protected environment (merge request) GitLab Enterprise Edition
• Add work item weight widget subscription (merge request)
• Add security finding dismiss service (merge request) GitLab Enterprise Edition
• Add branchRules to project in graphql endpoint (merge request)
• Introduce etag caching for diff batches endpoint (merge request)
• Set forked source cost factor to .008 (merge request) GitLab Enterprise Edition
• Add auto_ban_user_on_excessive_projects_download to group settings (merge request)
• Support GraphQL subscription for weight update (merge request) GitLab Enterprise Edition
• Utilize dormant user period in application settings by @joe-snyder (merge request)
• Extend deployments graphql query for index page (merge request)
• Add resource events to Import/Export (merge request) GitLab Enterprise Edition
• Add sorting/filtering/paging to CRM organizations by @leetickett (merge request)
• Add helper method to prevent default action on submit in feature specs by @mehulsharma (merge request)
• Backfill values for cluster_agents.has_vulnerabilities (merge request)
• Display health status on issue board cards (merge request)
• Adds a Cleanup class for unused still-active Personal Access Tokens (merge request)
• Relate BroadcastMessage and Namespace models (merge request)
• Adds CiConfigVariableType to ProjectType (merge request)
• Update Import/Export for iterations cadences (merge request) GitLab Enterprise Edition
• Record cache data about api/web cache helpers (merge request)
• Add clusterAgent.vulnerabilityImages to GraphQL API (merge request) GitLab Enterprise Edition
• Allow to specify the fields to search for when querying work items (merge request) GitLab Enterprise Edition
• Support lowercase query string status (merge request)
• Add new instance setting to UI and controller (merge request)
• Support Project Avatar removal in REST API by @tuxtimo (merge request)
• Add external_url field to Environment GraphQL Type by @Taucher2003 (merge request)
• Introduce REST API for group transfer locations (merge request)
• Show alert for email exposure for service desk (merge request)
• Add work type icon to boards and color gray for icons (merge request)
• Implement Vuln Scanner reportTypeHumanized for easier frontend use (merge request) GitLab Enterprise Edition
• REST API for project transfer locations (merge request)
• Re-introduce manual iteration management (merge request) GitLab Enterprise Edition
• Add GraphQL query for deployment details (merge request)
• Add auto_ban_user_on_excessive_projects_download to application settings (merge request)
• Add support for snippet spam (merge request)
• Added loading state to "Commit changes" button in the single file editor by @payal-jain (merge request)
• Allow admins to merge topics [frontend] by @wwwjon (merge request)
• Fetch child epics with colour when FF is enabled (merge request) GitLab Enterprise Edition
• Thread Google Chat messages by topic by @csarva (merge request)
• Add query string filtering (merge request)
• Add Vulnerabilities Finding Create Issue mutation (merge request) GitLab Enterprise Edition
• Add selected state for ellipsis button in last commit (merge request)
• Set public open source cost factor to .5 (merge request) GitLab Enterprise Edition
• Add GraphQL query for deployments (merge request)
• Support line chart for DORA charts (merge request) GitLab Enterprise Edition
• Add GraphQL custom emoji schema, flagged (merge request)
• Provide ability to move a board card to the top/bottom of the list (merge request)
• Enables track_work_items_activity feature flag by default (merge request)
• Add GraphQL sort/filter/page crm organizations by @leetickett (merge request)
• Track CI/CD Tunnel usage (merge request)
• Add present on default branch to project_id_and_id_active_cis index (merge request)
• Log JWT authentication failures (merge request)
• Show tooltip on hover on work item icons (merge request)
• Add Iteration Cadences to Group Import/Export (merge request) GitLab Enterprise Edition

Fixed (163 changes)

• Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
• Fix default date timezone for VSA (merge request)
• Fixing Deduplication of ProcessSyncEventsWorkers (merge request)
• List groups from group shares on project transfer (merge request)
• Remove extra padding on every 8th participant in sidebar (merge request)
• Handle large offset more gracefully (merge request)
• Show add button when user has sufficient permissions (merge request) GitLab Enterprise Edition
• Don't show View entire blame button for a single blame page (merge request)
• Resolve web hook edit page timeout (merge request)
• Fix selective code owner removals by @leetickett (merge request)
• Fix gitaly ref replication on project fork (merge request)
• Add a new ability for reading billable members (merge request) GitLab Enterprise Edition
• Fill missing dates on VSA duration chart (merge request) GitLab Enterprise Edition
• Resetting form doesn't affect submit button (merge request)
• Fix group IP allowlist update bug (merge request) GitLab Enterprise Edition
• Fix 500 error sorting merge requests with approvers by milestone (merge request)
• Show test reports immediately on pipeline tests tab (merge request)
• Improve fast-forward merge service reliability (merge request)
• Fixes spacing for issue widgets (merge request) GitLab Enterprise Edition
• Fix feature flag link in related feature flags (merge request) GitLab Enterprise Edition
• Fixes spacing for design management (merge request)
• Fix json payload for external status check feature (merge request) GitLab Enterprise Edition
• Fix group name in memberships export email (merge request) GitLab Enterprise Edition
• Prevent error when user has approved the merge request by @batu (merge request)
• Fix: locale issues on repository settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Create authroizations record for personal projects (merge request)
• Remove search bar from project/group hook log pages (merge request)
• Fix: milestones sidebar locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Geo: Avoid runaway queue growth (merge request) GitLab Enterprise Edition
• Use distinct location fingerprints for manually created vulnerabilities (merge request) GitLab Enterprise Edition
• Add flex wrap tp prevent aws logo from overflowing by @beverett (merge request)
• Add db fixtures for providers (merge request) GitLab Enterprise Edition
• CI npm template: Fix comparison of pre-release versions by @the_s (merge request)
• Update the Changes tab with the real file count when it loads (merge request)
• Override ancestor icon background for dark mode (merge request)
• Use first day of week in roadmap (merge request) GitLab Enterprise Edition
• Prevent outdated manual deployment jobs from being ran (merge request)
• Remove unintended "#" from push_to_merge_request_email (merge request)
• Fix trial applying bug in .com (merge request) GitLab Enterprise Edition
• Fix paste markdown feature in Content Editor (merge request)
• Improve VSA edit modal responsiveness (merge request) GitLab Enterprise Edition
• Give blob header buttons correct spacing (merge request)
• Fix GitHub import un/assigned events (merge request)
• Fix deploy freezes when period overlaps with itself (merge request)
• Hide Auto DevOps button on the project page (merge request)
• Show visibility level when creating subgroup (merge request)
• Remove hidden checkboxes when not needed (merge request)
• Ensure the VSA duration chart renders all dates (merge request) GitLab Enterprise Edition
• Fix: pipeline reports missing secret detection report by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fix: repository analytics time rendering locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Geo: Realign concurrency limits (merge request) GitLab Enterprise Edition
• This MR fixes bug with missing banner (merge request)
• Fix environment auto stop in assignment when former value present (merge request)
• Fix: locale on reviewer sidebar by @JeremyWuuuuu (merge request)
• Fix sha argument passing of ProjectType.ci_config_variables (merge request)
• Sort timeline events by occurred_at then by id (merge request)
• Return 0 when credit_card_validation.holder_name is nil (merge request)
• Fix: locale on assignee sidebar by @JeremyWuuuuu (merge request)
• Fix padding for text editors (merge request) GitLab Enterprise Edition
• Switch 'b' shortcut to not ever focus or click an in-page element (merge request)
• Fix boards switcher for unauthorized user (merge request)
• Fix subgroup support for approval rules (merge request) GitLab Enterprise Edition
• Handling Database Timeouts in gitlab:db:truncate_legacy_tables:* (merge request)
• Fix: new compare merge request locale issues by @JeremyWuuuuu (merge request)
• Removed detached prefix from mr pipelines by @leetickett (merge request)
• Prevent race condition when jobs acquire resource groups (merge request)
• Invalidate the merge request cache when assignee/reviewer changes (merge request)
• Fix stage name escaping in pipeline views by @fabsrc (merge request)
• Fix wrapping in source files (merge request)
• Call .length rather than .size so another query isn't executed (merge request)
• Trigger hooks when updating assignees via GraphQL (merge request)
• Multiline blockquote leading/trailing newline (merge request)
• Update region codes on gtag analytics (merge request)
• Fix oauth password to not be forced to be lowercase by @mtan-gitlab (merge request)
• Update squash commit SHA outside of merge method (merge request)
• Fix visual regression in top toolbar (merge request)
• Improve toolbar performance (merge request)
• Clean up orphaned invited members
• Fix parsing commit trailers without specified email (merge request)
• Fix link bubble menu bug (merge request)
• Remove any broken symlink before creating it for .gitlab_shell_secret (merge request)
• Use FIFO as pending builds strategy for group runners by @wwwjon (merge request)
• Fix 500 error for Commits API (merge request)
• Fixed note buttons spacing on issues by @zillemarco (merge request)
• Fix markdown tabs alignment on issue/MR create pages (merge request)
• Geo: Fix redirects of LFS transfer downloads (merge request) GitLab Enterprise Edition
• Fixes todo button in sticky header not working (merge request)
• Fix start_line/end_line link values (merge request) GitLab Enterprise Edition
• Fix page javascript after a deploy token got created (merge request)
• Fix for broken tag/branch switcher (merge request)
• Use dynamic select dropdown on forks form (merge request)
• Fix/Add css selector by @TrueKalix (merge request)
• Fix/Add css selector by @TrueKalix (merge request)
• Enable geo_batch_count feature flag (merge request) GitLab Enterprise Edition
• Save repository size limit set in admin group page correctly (merge request) GitLab Enterprise Edition
• Fix incorrect job artifacts expire_at (merge request)
• Fix language mapping in the Source Viewer (merge request)
• Fix SVGs not rendering in issuables (merge request)
• Do not prefill new form again with successfully created deploy token (merge request)
• Fix custody report CSV for projects inside subgroup (merge request) GitLab Enterprise Edition
• Fix not showing "job dependencies" view when all jobs are bridges (merge request)
• Fix 'Assign yourself' visibility for users without permissions by @zillemarco (merge request)
• Fix missing metadata for system notes (merge request)
• Fix: issue list assignees label translation by @JeremyWuuuuu (merge request)
• Board card location row breaks incorrectly fix (merge request)
• Add screen reader only text to content editor dropdowns (merge request)
• Handle the exception in case of large yml (merge request) GitLab Enterprise Edition
• Fix empty state MR pipeline run (merge request)
• Fix: merge request editing page wrong translations by @JeremyWuuuuu (merge request)
• Update 2FA requirements async for group members (merge request)
• Add missing runner variables to predefined list by @bbodenmiller (merge request)
• Fix search_files_by_name escaping names twice (merge request)
• Automatically remove leading spaces in project names (merge request)
• Fix clear icon alignment (merge request)
• Prevent invalid characters from causing diffs to error out (merge request)
• Removing mixin from mr widget pipeline (merge request)
• Alter when to send releasedAt when release created (merge request)
• Fix broken UI text in selector in dashboard milestones by @tnir (merge request)
• Ensure the VSA form loading state is rendered (merge request) GitLab Enterprise Edition
• Fix hash order issue test in DORA reducer (merge request) GitLab Enterprise Edition
• Improve the performance of bubble menus (merge request)
• Fix missing project for included remote file including with rules:exists (merge request)
• Fix NoMethodError in IssueResolverArguments (merge request)
• Include reserved report_approvers rule names as (merge request) GitLab Enterprise Edition
• Fix board sidebar links color (merge request)
• Fix hardcode text on new branch page by @icbd (merge request)
• Fix nested ordered task list styling in issue description (merge request)
• Add gray color on component icon to fix all use cases (merge request)
• Fix fetching epics when changing sort option (merge request)
• Fix timelog type policy check by @leetickett (merge request)
• Remove extra space after dismissing free cap alert (merge request) GitLab Enterprise Edition
• Localize dateformat text (merge request)
• Improve blame link feature (merge request)
• Skip file removal if GitLab managed replication is disabled (merge request) GitLab Enterprise Edition
• Fixed fullPath for assignees and labels (merge request)
• Open task in new window when doing ctrl/cmd+click (merge request)
• Upgrade three.js dependency (merge request)
• Fix issue searches using Russian characters (merge request)
• Fix: untranslated merge request consent box by @JeremyWuuuuu (merge request)
• Remove redundant class name from group template by @tnir (merge request)
• Added lowercase to the actual con-reg api call (merge request)
• Fixed alignment of MR activity dropdowns on mobile by @zillemarco (merge request)
• Handle all uploads instead of a hardcoded list (merge request)
• Bypass earliest date validation in importing of iteration cadences (merge request) GitLab Enterprise Edition
• Fix Geo removing uploads on object storage (merge request) GitLab Enterprise Edition
• Set all attachments to Content-Type application/octet-stream (merge request)
• Do not update approval rules for merge request (merge request) GitLab Enterprise Edition
• Rake Task gitlab:db:lock_writes more efficient (merge request)
• Update subscription service for new hashed OAuth tokens (merge request) GitLab Enterprise Edition
• Ignore accents in search term when searcing issues (merge request)
• Update Oj to v3.13.21 (merge request)
• Make compliance report email html_safe (merge request)
• Quick fix for the move to position (merge request)
• Fix Redis pipeline/multi-exec deprecation errors (merge request)
• Geo: Fix registry backfilling (merge request) GitLab Enterprise Edition
• Fix user recent activity links for work item actions (merge request)
• Restore transaction block while extracting sync (merge request) GitLab Enterprise Edition
• Fix issue description list item reordering indentation (merge request)
• Fix boards alignment and dark mode issues (merge request)
• Fix visual bugs from !95073 (merge request)
• Fix CI/CD legacy variables fetching group projects (merge request)
• Hide copy failed tests button when endpoint returns null files (merge request)
• Fix detection of URLs in markdown selection (merge request)

Changed (167 changes)

• Rename last_run_date to next_run_date (merge request)
• Update pg_query to v2.1.4 (merge request)
• Convert issues analytics table to graphql by @ali_o_kan (merge request) GitLab Enterprise Edition
• Hash Oauth application secrets (merge request)
• Fix: notify locale on new user email by @qt-gith (merge request)
• Cleanup attention request related system notes (merge request)
• Remove temp index group membership namespace id (merge request)
• Add graphql feature flag for job_app (merge request)
• Account for inherited runners in RunnerPolicy (merge request)
• Allow job token configuration while disabled by @ali_o_kan (merge request)
• Use a stacked layout for runners list (merge request)
• Adjust codequality inline severity icon (merge request) GitLab Enterprise Edition
• Add project harbor registry feature flag by @orozot (merge request)
• Fix: notify locale on pipeline fixed email by @qt-gith (merge request)
• Hide information for blocked user in popover (merge request)
• Add new MR environment auto-stop logic (merge request)
• Add epoch column to rpm metadata (merge request)
• Merge branch '359067-rename-package-files-to-assets' into 'master' (merge request)
• Add bot badge in user list for admins (merge request)
• Issuable title updates no longer update last_edited values (merge request)
• Move Google IP fetch into a separate service with rate limiting (merge request)
• Fix: notify locale on remote mirror update failed email by @qt-gith (merge request)
• Enable restyle_login_page by default (merge request)
• Changed draft text by @mehulsharma (merge request)
• Use default project for epic issue creation (merge request) GitLab Enterprise Edition
• Add bot badge in project and group member lists (merge request)
• Feat(Subscripion activation): add error handling (merge request) GitLab Enterprise Edition
• Adds redirection when cleanup policy is saved (merge request)
• GraphQL Max Call field extension (merge request)
• Update SubscriptionUpgradeInfoCard title when group is in a trial (merge request) GitLab Enterprise Edition
• Move file editor CSS to its own page bundle (merge request)
• Remove the markdown_corrected_blockquote (merge request)
• Unlock CI pipeline artifacts when pipeline is unlocked (merge request)
• Updated show work item page title (merge request)
• Remove exess buttons (merge request)
• Update default initializer value for Sidekiq routing_rules (merge request)
• Update Service Desk settings help text (merge request)
• Update Service Desk settings help text (merge request)
• Mass update legacy Slack integrations (merge request)
• Update third party login styles (merge request)
• Narrow the definition of an OSS contribution (merge request)
• Allow to sort tags by semantic version (merge request)
• Splits feature flag for removing note attributes (merge request) GitLab Enterprise Edition
• Rename last_used_before scope to last_used_before_or_unused by @TrueKalix (merge request)
• Add prefix comment on note in backend (merge request)
• Update license compliance docs (merge request) GitLab Enterprise Edition
• Add setting for max pages custom domains per project (merge request)
• This MR enables feature flag (merge request) GitLab Enterprise Edition
• Simplify primary navigation bar and align global search to the left (merge request)
• Simplify primary navigation by removing infrequently used options (merge request)
• Removed vuln training message (merge request) GitLab Enterprise Edition
• Removed and-Separators with comma-separators by @anshulriyal (merge request)
• Cleanup «New tag» page (merge request)
• Pipeline job pill alignment (merge request)
• Update controller update to allow clean MD render (merge request)
• Lower the default Rails.cache ttl to 8 hours (merge request)
• Improve account limit settings text (merge request)
• Update dependency auto-deploy-image to v2.37.0 (merge request)
• Improve UI text of FloC setting (merge request)
• Fix: notify locale on push to merge request email by @qt-gith (merge request)
• Remove extra whitespace in buildkite.rb (merge request)
• Update group runners Edit page look and feel (merge request)
• Update removal date in clusters deprecation alert (merge request)
• Replace the term homepage with dashboard (merge request)
• Dropzone: Change border-radius to default radius (merge request)
• Call update_web_hook! for buildkite when ensuring ssl validation (merge request)
• Update copy text for self metrics toggle (merge request)
• Add locked column to Ci::PipelineArtifact (merge request)
• Advanced Search: Index label_ids for issues (merge request) GitLab Enterprise Edition
• Remove after_save callback to create integration webhooks (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Add column 'branch_filter_strategy' to 'web_hooks' by @luzhiyuan.deer (merge request)
• First pass legacy license compliance widget removal (merge request) GitLab Enterprise Edition
• Remove file edit actions from blame view (merge request)
• Fix: notify locale on resolved all discussions email by @qt-gith (merge request)
• Handle 429 response for the integration testing (merge request)
• Improve bulk issue creation on epics (merge request) GitLab Enterprise Edition
• Limit number of branches/tags loaded from Gitaly (merge request)
• EE Group Settings General headers expand on click by @quatauta (merge request) GitLab Enterprise Edition
• Fix case of DAST UI text (merge request) GitLab Enterprise Edition
• Fix migration type (merge request)
• Update packages registries menu as sentence case by @parkourkarthik (merge request)
• Allow tokens with any scope to use the self-revocation API by @fabsrc (merge request)
• Update Runner UI badges (merge request)
• Add days as unit to VSA duration chart (merge request) GitLab Enterprise Edition
• Do not show revoke button if revoke_path is absent (merge request)
• Change code block border-radius to default (merge request)
• Hide mirror repos list when not available by @parkourkarthik (merge request)
• Modify scope to avoid table join (merge request)
• Conclude the combined registration experiment (merge request) GitLab Enterprise Edition
• Cleans up the edit form for issuables (merge request)
• This MR adds warning modal for unsaved changes (merge request) GitLab Enterprise Edition
• Destroy invalid project members (merge request)
• Update successful plan purchase message and variant (merge request) GitLab Enterprise Edition
• Remove s3_omit_multipart_urls feature flag (merge request)
• Feat: Increase stats margin on the project home page by @nadia_sotnikova (merge request)
• Add vulnerability_advisories and vulnerable_component_versions tables (merge request)
• Update blocking issues system note text (merge request) GitLab Enterprise Edition
• Refactored time tracking widget to be more reactive by @zillemarco (merge request)
• Use the standard dynamic segment for Debian packages by @sathieu (merge request)
• Add similar credit cards counts to external PVS payload (merge request)
• Edit profile tooltip for style compliance (merge request) GitLab Enterprise Edition
• Reset access token form selectively (merge request)
• Show an additional warning text on SaaS for removing license (merge request) GitLab Enterprise Edition
• Change text Elasticsearch to OpenSearch in AWS search service config (merge request) GitLab Enterprise Edition
• Update stackprof to v0.2.21 (merge request)
• Hide Register Runner button when user is not permitted to do the action (merge request)
• Update case for Manually added text (merge request) GitLab Enterprise Edition
• Show deployment approval options for read access (merge request)
• Always show deployment approval options (merge request) GitLab Enterprise Edition
• Updates UI for package duplicate settings (merge request)
• Clarify lifetime setting that affects all tokens (merge request) GitLab Enterprise Edition
• Add environment tier to allowed agents API response (merge request)
• Removes spacing from system note (merge request)
• Hide create project tile for some users (merge request)
• Remove FF for seat count usage alerts (merge request) GitLab Enterprise Edition
• Adds skeleton loader to Usage Quotas Seats page (merge request) GitLab Enterprise Edition
• Expose ci_job_token_scope_enabled in job API by @paulbry (merge request)
• Remove the Show Details button for Deployments (merge request)
• Changes column width on package side by side settings (merge request)
• Update tabs line-height to match Pajamas (merge request)
• Event type information in saml auth audit event stream (merge request) GitLab Enterprise Edition
• Extend approvers_select component to group level (merge request) GitLab Enterprise Edition
• Updated copy around tasks (merge request)
• Move Slack Events code to EE (merge request) GitLab Enterprise Edition
• Add description_html to SecurityReportFindingType (merge request) GitLab Enterprise Edition
• Update Puma to v5.6.5 (merge request)
• Disallow the rebase without pipeline on certain settings (merge request)
• Rename existing task system notes (merge request)
• Dont generate pipeline reports if the base pipeline is not complete (merge request)
• Add generic cost factor logging (merge request) GitLab Enterprise Edition
• Update error message (merge request) GitLab Enterprise Edition
• Update breadcrumbs of packages and registries under settings by @parkourkarthik (merge request)
• Add prefix to trigger tokens (merge request)
• Remove execute_build_hooks_inline feature flag (merge request)
• Autocomplete dropdown optimization (merge request)
• Fix canary badge styling (merge request)
• Enable async_after_approval feature flag (merge request)
• Combine sort and filter into one dropdown (merge request)
• Use static terraform-images version in Terraform template (merge request)
• Don't create EE::Member audit events when there is no change (merge request) GitLab Enterprise Edition
• Update haml-lint to v0.40.1 (merge request)
• Highlight runner name and move locked icon (merge request)
• Update thrift to v0.16.0 (merge request)
• Use ProtectedBranch service to destroy the branch (merge request)
• Extract 'read_package' rule into separate policy by @wwwjon (merge request)
• Remove self managed wiki notes (merge request)
• This MR adds schedule rule component (merge request) GitLab Enterprise Edition
• Change the way autoclosing issues is checked (merge request)
• Reduce header and footer height of comments (merge request)
• Update redis gem to v4.7.1 (merge request)
• Update Cluster Managed project template (merge request)
• Redesign runners stats (merge request)
• Allow verification token when creation external audit event destination (merge request) GitLab Enterprise Edition
• Replace native date input field to GlDatePicker (merge request)
• Geo Replicables - Enhaced Empty States (merge request) GitLab Enterprise Edition
• Consolidate pipeline mini graph code (merge request) GitLab Enterprise Edition
• Move Group Push Rules to Settings/Repository (merge request) GitLab Enterprise Edition
• Query group descendants using comparison operators (merge request)
• Disable DAST profile name field when configured (merge request) GitLab Enterprise Edition
• Add job logs collection to Datadog Integration by @AdrianLC (merge request)
• Reorganize runner tags in runners table (merge request)
• Add support for MulanPSL-2.0 in license detection by @tnir (merge request)
• Destroy invalid group membership records (merge request)
• Allow Invite button to be enabled by default (merge request)
• Add skip_users as param for members rest api (merge request) GitLab Enterprise Edition
• Rename web_hooks service_id to integration_id (merge request)

Deprecated (5 changes)

• Deprecate draft quick action toggle (merge request)
• Add feature flag for /draft toggle (merge request)
• GraphQL: Deprecate RunnerMembershipFilter (merge request)
• Document CS environment variable deprecations (merge request)
• Deprecate security related confidence fields (merge request) GitLab Enterprise Edition

Removed (17 changes)

• Remove unused VSA aggregation DB columns (merge request)
• Analyzer consolidation in SAST CI template (merge request) GitLab Enterprise Edition
• Remove free user cap awaiting user logic (merge request)
• Remove nonexistent index from schema (merge request)
• Remove awaiting members from billable user finder (merge request) GitLab Enterprise Edition
• Put DAST Basic-auth option behind feature flag (merge request) GitLab Enterprise Edition
• Weekend migration for dropping an empty index (merge request)
• Remove pipeline insights experiment (merge request)
• Remove mr_attention_requests feature flag (merge request)
• Remove temporary todos index for attention request (merge request)
• Remove unused /scan_execution_policies internal API (merge request) GitLab Enterprise Edition
• Drop Project#build_coverage_regex (merge request)
• Remove other_role column from user_details (merge request)
• chore: Cleanup report_artifact_build_completed FF (merge request)
• Remove the use_vsa_aggregated_tables FF (merge request) GitLab Enterprise Edition
• Deprecations in SAST template (merge request)
• Remove tmp_index_merge_requests_draft_and_status (merge request)

Security (19 changes)

• No overriding methods for Sawyer class
• Optimize handling repositories with huge trees
• HTML escape the label background color
• Fix unauthorized GFM references in Incident Timeline
• Sandbox jupyter notebook HTML output
• Prevent long loops when generating suggested branch name
• Validate description length for snippets
• Prevent brute force vuln for Git over HTTP(S) requests
• Replaced smooshpack to fix the vulnerability in LivePreview
• Check for pathological markdown input
• Update package auth for group IP allowlist
• IDOR in Zentao integration issue show page
• Patch VULNDB-255039 (potential Rack cache poisoning)
• Don't show pipeline status
• Parse commit trailers without using regexp
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter
• Validate if values to be saved in Redis can be converted to string
• Enable SSL certification verification by default with Fog access (merge request)
• Update diffy to v3.4.2 (merge request)

Performance (19 changes)

• Optimize GraphQL next page check (merge request)
• Introduce rate-limiting for namespace exists API (merge request)
• Optimize contribution analytics queries (merge request) GitLab Enterprise Edition
• Broadly restrict downstream pipeline tree size (merge request)
• Remove ci_namespace_mirrors sync_children_namespaces (merge request)
• Remove Workhorse pubsub feature flags (merge request)
• Place trial creation on user registration in background (merge request) GitLab Enterprise Edition
• Speed up environments search (merge request)
• Refactor diff_view to include diff_line (merge request)
• Enable async project authroizations by default (merge request)
• Remove the feature flag remove_branch_caching_feature_flag (merge request)
• Add performance optimization for Insights queries (merge request)
• Introduce rate-limiting for namespace exists API (merge request)
• Place learn gitlab creation into background and measure (merge request) GitLab Enterprise Edition
• Prevent CounterJobWorker from exceeding 300 seconds (merge request)
• Fix N+1 in runner jobs API (merge request)
• Update container repositories migration index (merge request)
• Drop database_async_index_creation feature flag (merge request)
• Skip repository disconnect if project is pending delete (merge request)

Other (54 changes)

• RPM initial upload and package creation (merge request)
• Remove feature flags for tracking jetbeans and cli api requests (merge request)
• Helper to convert a table to its first partition (merge request)
• Workhorse: Bump gitaly version (merge request)
• RuboCop: Enable previously disabled Style/BarePercentLiterals by @edith007 (merge request)
• Enable FF ci_stop_expanding_file_vars_for_runners (merge request)
• Add internal column to notes (merge request)
• Clean up attention_requested states (merge request)
• Reschedule work_item_type backfill on issues (merge request)
• Disable ultimate for projects less than 1 MB in size (merge request)
• Remove duplicated % in sprintf (merge request)
• Update the Harbor registry doc by @zhaoqi01 (merge request)
• Remove FF group_level_protected_environment_settings_permission (merge request)
• Cleanup rebalance_issues feature flag (merge request)
• Quarantine flaky test in redis_interceptor_spec.rb (merge request)
• Remove find_epics_performance_improvement feature flag (merge request) GitLab Enterprise Edition
• Add menu headers in primary navigation dropdown (merge request)
• Remove redis caching for diff_batches endpoint (merge request)
• Update the Harbor registry doc by @zhaoqi01 (merge request)
• Remove unnecessary gl-alert-dismiss class (merge request)
• Add the Harbor registry doc by @zhaoqi01 (merge request)
• Remove GITLAB_LEGACY_BACKGROUND_UPLOADS (merge request)
• Remove user callouts that are related to attention request (merge request)
• Add not null constraint for board recent visits columns (merge request)
• Remove feature flag inactive_projects_deletion (merge request)
• Remove reads from ci_builds.stage (merge request)
• Improve error message while validating config/database.yml (merge request)
• Delete the FF ci_variable_for_group_gitlab_deploy_token (merge request)
• Geo: Remove geo_file_transfer_validation FF (merge request) GitLab Enterprise Edition
• Create partitioned security_findings table (merge request)
• Prevent updating requirement deprecated attributes (merge request) GitLab Enterprise Edition
• Finalize removal of incorrect issue indexes (merge request)
• Refactor Groups Rest API to use workhorse for avatar upload by @tuxtimo (merge request)
• Fix flaky tests in ee/spec/models/ee/group_spec.rb (merge request) GitLab Enterprise Edition
• Change copy on issues empty state for logged users by @pjjakubowska (merge request) GitLab Enterprise Edition
• Remove not null constraint for confidence columns (merge request)
• Add extended open issues index (merge request)
• Use the new mergeability check framework (merge request)
• Migrate cadence start date to automation start date (merge request)
• Cleanup old work item type id backfill on issues table (merge request)
• Vertically align the revoke button (merge request)
• Remove registry deploy_token feature flag (merge request)
• Remove code to limit inviting groups in hierarchy for free user cap (merge request)
• Use keyset pagination for Tags API (merge request)
• Rake Task to truncate Legacy tables on Main and CI Database (merge request)
• Remove the feature flag ci_docker_image_pull_policy (merge request)
• Move data-reference-type attribute into a constant (merge request)
• Improve how fields can bre preloaded for WidgetInterface (merge request)
• Avoid using group's web_url in issue_analytics QA by @tnir (merge request)
• Update trial alert to follow design system (merge request) GitLab Enterprise Edition
• Fix group authorization when searching epics (merge request) GitLab Enterprise Edition
• Drop unused security findings index (merge request)
• Improve specs with shared examples (merge request) GitLab Enterprise Edition
• Fix Style/Next offenses (merge request)

15.3.5 (2022-11-02)

Security (12 changes)

• Datadog API key leak by changing integration URL (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.3.4 (2022-09-29)

Security (15 changes)

• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.3.3 (2022-09-01)

Fixed (5 changes)

• Skip file removal if GitLab managed replication is disabled (merge request) GitLab Enterprise Edition
• Geo: Fix redirects of LFS transfer downloads (merge request) GitLab Enterprise Edition
• Improve blame link feature (merge request)
• Bypass earliest date validation in importing of iteration cadences (merge request) GitLab Enterprise Edition
• Fix user recent activity links for work item actions (merge request)

15.3.2 (2022-08-30)

Security (17 changes)

• No overriding methods for Sawyer class (merge request)
• Update Oj to v3.13.21 (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.3.1 (2022-08-22)

Security (1 change)

• Validate if values to be saved in Redis can be converted to string (merge request)

15.3.0 (2022-08-19)

Added (147 changes)

• Added delete release audit event by @patnaikshekhar (merge request)
• Adds data models for ML Experiment Tracking (merge request)
• Allow access to project-level packages API with CI job token by @nejc (merge request)
• Add tooltip on task item confidential badge (merge request)
• Add recent events to group hooks (merge request) GitLab Enterprise Edition
• Add parent_full_path to GraphQL WorkItemType (merge request)
• Enable job log search (merge request)
• Update task item status icon & add tooltip support (merge request)
• Expose work item timestamps in GraphQL (merge request)
• Add sorting/filtering/paging to CRM contacts by @leetickett (merge request)
• Make fork targets searchable (merge request)
• Add MR Approvals to Project Import/Export (merge request)
• Add alpha detailed_mergeability_status attribute to graphql (merge request)
• Add documentation link for project and group insights (merge request) GitLab Enterprise Edition
• Add GraphQL epic list metadata weight (Alpha) (merge request) GitLab Enterprise Edition
• Add GraphQL timelog categories Alpha schema (merge request)
• Display SCIM identities in the identity table (merge request) GitLab Enterprise Edition
• Provide GraphQL API for select in fork form (merge request)
• Add Fortify on Demand (FoD) SAST template (merge request)
• Add GraphQL sort/filter/page crm contacts by @leetickett (merge request)
• Add support for owasp (merge request) GitLab Enterprise Edition
• Surface work item type in popovers, work item detail view, issue lists (merge request) GitLab Enterprise Edition
• Update task children icon and display count (merge request)
• Track CI build failures with Snowplow (merge request)
• Rollout Datadog logs collection (merge request)
• Update Web IDE tooltip (merge request)
• Add pause logic to Jira imports (merge request)
• Support conversion to and from manual cadence via API (merge request) GitLab Enterprise Edition
• Add support for updating task confidentiality (merge request)
• Add variables to RetryJob mutation (merge request)
• Add MR reviewers to Project Import/Export (merge request)
• Hash OAuth access tokens (merge request)
• Add Pumble integration by @vojko.pribudic (merge request)
• Add support for toggling contact/org states by @leetickett (merge request)
• Add internal API to fetch policies_configuration for agent (merge request) GitLab Enterprise Edition
• Implement mergeRequestSetReviewers mutation (merge request)
• Allow to merge topics [backend] by @wwwjon (merge request)
• Add cyclonedx to job validation schema (merge request)
• Pause batched migrations when WAL pending archive above a threshold (merge request)
• Add id_tokens field to ci_builds_metadata (merge request)
• Show inherited permission in protected environment (merge request)
• Add merge request assignees to Import/Export (merge request)
• Add async index on ci job artifacts (merge request)
• Add present on default branch to project_id, id index (merge request)
• Add CI_TEMPLATE_REGISTRY_HOST to predefined CI variables by @zhzhang93 (merge request)
• Add state transition entry (merge request) GitLab Enterprise Edition
• Create banner and tool tip (merge request) GitLab Enterprise Edition
• Add timestamp fields to project_statistics table (merge request)
• Add database migration to update deletion adjourned period (merge request)
• Add CI/CD setting for Run pipelines in the parent project (merge request)
• Add dormant user period setting to application settings by @joe-snyder (merge request)
• Add extra information to issue popover (merge request)
• Allow Linked items widget to be collapsible (merge request)
• Add comment to vulnerability_state_transitions (merge request)
• Merge branch 'feat/mr_webhooks' into 'master' (merge request)
• feat: Update SAST-IaC.lates template to support MR pipelines (merge request)
• Enable FF ci_rules_changes_compare (merge request)
• api: Expose merge request reviewers (merge request)
• Allow SE Vue component to install exts (merge request)
• Support updatable automatic scheduling start date (merge request) GitLab Enterprise Edition
• Add CreateFromFindings Service (merge request) GitLab Enterprise Edition
• Support the DORA data source from Insights (merge request) GitLab Enterprise Edition
• Add "Scroll to first failure" button (merge request)
• Allow deletion of deployments via the API (merge request)
• Add search box to artifacts dropdown (merge request)
• Add release link to the tag show page (merge request)
• Add author_id column to vulnerability_state_transitions table by @svdj (merge request)
• Add upgrade status filter for group runners (merge request) GitLab Enterprise Edition
• Replaced local mutation with real mutation (merge request)
• Remove the custom_headers_streaming_audit_events_ui feature flag (merge request) GitLab Enterprise Edition
• Display table of contents in content editor (merge request)
• Allow omniauth username claim to be configurable (merge request)
• Add Authentication options (merge request) GitLab Enterprise Edition
• Add the environment keyword CI/CD template (merge request)
• Enables mr_review_submit_comment by default (merge request)
• GraphQL: Add bulkRunnerDelete mutation (merge request)
• Add support for selective code owner resets by @leetickett (merge request)
• Add all protected branches option to project-level MR approval rules (merge request) GitLab Enterprise Edition
• Add without_projects parameter to Topics API by @wwwjon (merge request)
• Bulk delete package files (merge request)
• Add tracking of unique CI Tunnel interactions from KAS (merge request)
• Allow users to manage Owners via UI (merge request)
• Enable Changelog API commit limitation by default (merge request)
• Support filtering registries by verification status via GraphQL (merge request) GitLab Enterprise Edition
• Introduce project setting for enforcing auth check on image uploads (merge request)
• Add index for PAT filter by @TrueKalix (merge request)
• Exposed timelog categories through GraphQL by @zillemarco (merge request)
• Add cyclonedx report type (merge request) GitLab Enterprise Edition
• Backup/Restore Rake Tasks to support Decomposed Database (merge request)
• Create service to delete runners in bulk (merge request)
• GraphQL docs: Show descriptions for :alpha items (merge request)
• Support filtering registries by replication status via GraphQL (merge request) GitLab Enterprise Edition
• Add RedisCommands::Recorder to detect N+1 commmands in Redis (merge request)
• Event type info in group deploy token audit events (merge request) GitLab Enterprise Edition
• Clean up simulate_pipeline feature flag (merge request)
• Show warning when sharing public project with internal group (merge request)
• Added support for links to markdown file code lines by @zillemarco (merge request)
• Better Vuln Feedback pagination implementation per review (merge request) GitLab Enterprise Edition
• Add ProtectedBranches::CacheService for efficient caching (merge request)
• Index vulnerability reads on filter columns for group-level queries (merge request)
• Show runner projects description and ownership (merge request)
• Upgrade Pages to v1.62.0 (merge request)
• Allow to create tables with JSON (merge request)
• Add unique_project_download_limit_allowlist to namespace_settings (merge request)
• Add Snowplow database changes tracking (merge request)
• Add graphql mutation for deleting file uploads (merge request)
• Vuln Feedback optional pagination review suggestions (merge request) GitLab Enterprise Edition
• Add memory killer running jobs to prometheus (merge request)
• Warn before closing the Diffs if there's a pending batch review (merge request)
• Add models for customizable roles (merge request)
• Add project-link to vulnerability details (merge request) GitLab Enterprise Edition
• Added service to create timelogs by @zillemarco (merge request)
• Implement API to get details of pipelines within a schedule (merge request)
• Make query nesting for the insights YAML (merge request) GitLab Enterprise Edition
• Arrange the indices and PK of security_findings table (merge request)
• Create and edit releases for tags with new form (merge request)
• Add validation to Default Branch Image when parsing CS vulnerability (merge request) GitLab Enterprise Edition
• Add account age to MR experience survey (merge request)
• DOMPurify: Allow links target attribute securely (merge request)
• Initial add of indeterminate checkboxes to GLFM (merge request)
• Add ability to delete deployments via the API (merge request)
• Add ability for group owner to unban banned users in a group (merge request) GitLab Enterprise Edition
• Implement Vuln Feedback count route to enable intelligent pagination (merge request) GitLab Enterprise Edition
• Enable non-default pagination for vulnerability feedback index (merge request) GitLab Enterprise Edition
• Add labels support to incident timeline events (merge request)
• New Audit Event for custom HTTP header changes (merge request) GitLab Enterprise Edition
• Introduce an onboarding view for GitLab Pages (merge request)
• Add a service to turn a security finding into a vulnerability (merge request) GitLab Enterprise Edition
• Add namespace_id to vulnerability_reads table (merge request)
• Create annotated tags in CI using the release:tag_message keyword (merge request)
• Show deployment approval comments (merge request) GitLab Enterprise Edition
• Enable performant artifact expiration by default (merge request)
• Add benchmark timing to search api (merge request)
• Add async index destruction (merge request)
• Import github 'un/assigned' issue events (merge request)
• Add mem_total_bytes gauge to Prometheus (merge request)
• Add background migration to backfill casted_cluster_agent_id (merge request)
• Move agent GitOps access check to core (merge request)
• Add access token information to API log (merge request)
• Expose verification timestamps (merge request) GitLab Enterprise Edition
• Show pipeline parsing error in the Vulnerability Report (merge request) GitLab Enterprise Edition
• Event type information in deploy key audit event (merge request) GitLab Enterprise Edition
• Import github 'de/milestoned' issue events (merge request)
• Show a badge that a release is historical (merge request)
• Support variables in the project property of triggers (merge request)
• Allow last issue board to be deleted via API by @tuxtimo (merge request)
• Enable linear queries (merge request)

Fixed (128 changes)

• Prevent errors saving alerts with non-string inputs for string fields (merge request)
• Unify Personal Access Token expiration behavior (merge request)
• Fix the Consistency Check Maximum Function (merge request)
• Add blame link to the file blob view (merge request)
• Fix JS error and UI for manual vulnerabilities (merge request) GitLab Enterprise Edition
• Refresh task list on parent confidentiality change (merge request)
• Fix board sidebars enter animation (merge request)
• Fix spelling of "address" in several places (merge request)
• Restore label on the email field (merge request)
• Fix stale user highest role stats on dormant user deactivation (merge request)
• Exclude vulnerable dependencies from go.mod (merge request)
• Show failure message when task list fails to load (merge request)
• Fix 500 error when Commit action is missing (merge request)
• Show work items correctly on activity feed (merge request)
• Expire protected branches cache after branch cache expiration (merge request)
• Shifting blank line right should add spaces (merge request)
• docs: Add notice for libravatar in FIPS mode by @tnir (merge request)
• Accept pending invitations for SSO signups (merge request)
• Set correct default for ApplicationSetting#personal_access_token_prefix (merge request)
• Fix global search code search results (merge request)
• Ensure errors deleting a deployment are always returned as bad request (merge request)
• Use Gitlab::Utils::UsageData to count replicables (merge request) GitLab Enterprise Edition
• Fix namespace icon for images with transparent background (merge request)
• Truncate long issue title in tasks (merge request)
• Fix productivity analytics not filters (merge request) GitLab Enterprise Edition
• Fix passing of dry_run to pipeline simulation (merge request)
• Fix overflow in second navbar in group detail top by @tnir (merge request)
• Remove extra space in create MR diff (merge request)
• Geo: Ensure one MetricsUpdateWorker runs at a time (merge request) GitLab Enterprise Edition
• Update commits entry point in Discussions API documentation by @ivan23kor1 (merge request)
• Fix 500 from ci_variables field (merge request)
• Move admin_protected_environment policy to owners alone (merge request) GitLab Enterprise Edition
• Ignore key modifiers except meta for shifting text (merge request)
• Fix VSA consistency worker cursor generator (merge request) GitLab Enterprise Edition
• Add merge_status to merge request cache key (merge request)
• Clarify Description for SSO enforcement for Git activity in groups (merge request) GitLab Enterprise Edition
• Sanitize sort params in Roadmap (merge request) GitLab Enterprise Edition
• Fix issue description list item reordering indentation (merge request)
• Update pull mirror interval wording by @orozot (merge request) GitLab Enterprise Edition
• Disable toggle editing mode while content editor loads (merge request)
• Update scoped labels template to fix tooltips (merge request)
• Bump Oj to v3.13.20 to fix illegal instruction errors (merge request)
• Handle timeout in Gitlab::Ci::RunnerReleases (merge request)
• Redirect back after rejecting a pending user (merge request)
• Fix the merged at dates being used by the compliance report (merge request) GitLab Enterprise Edition
• Fix VersionInfo.parse when receiving VersionInfo (merge request)
• Follow redirects when doing network requests with BulkImports::Http (merge request)
• Fix rename_column_concurrently to work with decomposed DB (merge request)
• Fixed return value when token not found by @TrueKalix (merge request)
• This adds a dependency condition to the base auto merge service (merge request) GitLab Enterprise Edition
• Add present on default branch to common_finder_query index (merge request) GitLab Enterprise Edition
• Fix missing file upload progress in GFM footer (merge request)
• Update api endpoint for approval rules (merge request) GitLab Enterprise Edition
• Handle race condition in creating alerts (merge request)
• Restrict to upgrade status filters to Ultimate (merge request) GitLab Enterprise Edition
• Better format MR failed to merge error message in mr widget failed vue (merge request)
• Fix OpenAPI viewer for dark mode by @fabsrc (merge request)
• Reverts the datadog fields DSL refactor (merge request)
• Fix spacing for pipeline editor header buttons by @Anna_pds31 (merge request)
• Change the order of search autocomplete items (merge request)
• Fix paginatable namespace search where users can create projects (merge request)
• Use updated docs link for the Validate tab popover (merge request)
• Upgrade Oj to v3.13.19 to fix a seg fault (merge request)
• Do not group env and folders that share a name on the project env page (merge request)
• Gracefully handle nil created_at values in CI pipelines (merge request)
• Fix emoji autocomplete when leading with a space (merge request)
• Don't allow negative values for pagination (merge request)
• Fix publish_event rspec helper (merge request)
• Ensures we fetch the stage events when there are no value streams (merge request) GitLab Enterprise Edition
• Fix CI artifact sizes not logged for some runner endpoints (merge request)
• Remove inaccessible artifacts from release evidence (merge request) GitLab Enterprise Edition
• Hide ip address label when ip address is missing (merge request)
• Use unnested_in_filters for Group-level vulnerability reads finder (merge request) GitLab Enterprise Edition
• Clean build directory before gitlab:gitaly:install Rake task (merge request)
• Ensures we show the count of selected projects (merge request) GitLab Enterprise Edition
• Add auditor access for group runners (merge request) GitLab Enterprise Edition
• Fix: notify locale on merge request unmergeable by @JeremyWuuuuu (merge request)
• Fix pipeline cancellation not cascading to children (merge request)
• Check group last owner before assigning default membership role (merge request) GitLab Enterprise Edition
• Fix CI_ENVIRONMENT_TIER if tier is updated (merge request)
• Fix issues board list movements (merge request)
• Expose DAST artifact directory (merge request) GitLab Enterprise Edition
• Add present on default branch to project id and id index (merge request) GitLab Enterprise Edition
• Do not show user popover when user is not signed in (merge request)
• Attempting to delete last package file directs user to delete package (merge request)
• Tags search does not work with Gitaly pagination (merge request)
• Fix ActiveRecord::StaleObjectError where pipeline is updated twice (merge request)
• Fixed link on Pages page (merge request)
• Fix URLs in user_auto_banned_email (merge request) GitLab Enterprise Edition
• Prevent new line insertion while attaching a file (merge request)
• Gracefully handle missing project feature row in API (merge request)
• Make repository analytics graphs responsive (merge request)
• Add two more classes allowed for YAML deserialization (merge request)
• Fix RescheduleBackfillImportedIssueSearchData migration (merge request)
• Show mr pipeline tab when pipelines are enabled (merge request)
• Add tracking event for rendering the error details page content (merge request)
• Prevent guests from assigning issues from notes by @zillemarco (merge request)
• Update vulnerabilities Finder to filter on present on default branch (merge request)
• Upgrade oj to v3.3.18 to fix illegal instruction errors (merge request)
• Fix: notify locale on member invite accepted email by @JeremyWuuuuu (merge request)
• Fix atwho keypress cancel Issue (merge request)
• Fix pipeline cancel to also cancel child pipelines (merge request)
• Replace magic string to constant by @orozot (merge request) GitLab Enterprise Edition
• Disable rate limiting when transferring epics (merge request) GitLab Enterprise Edition
• Remove duplicated false positives alert (merge request) GitLab Enterprise Edition
• Use GitLab UI Tooltip for Environment Metrics Link (merge request)
• Fix workflow rules changes when not using paths (merge request)
• Enable read on demand permission for auditor (merge request) GitLab Enterprise Edition
• Prevent default template from overwriting autosave (merge request)
• The rake task gitlab:db:lock_writes should not lock shared databases (merge request)
• Fix extra leading space in task title created from checklist (merge request)
• GraphQL: Return latest job in Pipeline.job by @roblabla (merge request)
• Fix missing relative_url_root settings update (merge request)
• Fix timestamp of "cloned from" system note (merge request)
• Use CREATE OR REPLACE FUNCTION to define vulnerability reads triggers (merge request)
• Handle ldap blocking when no servers exist (merge request) GitLab Enterprise Edition
• Select upstream project by default when creating MR from fork (merge request)
• Fixes time in container registry partial cleanup tooltip (merge request)
• Fix epic transfer when transfering a project (merge request) GitLab Enterprise Edition
• Return an error if merge request fails to merge (merge request)
• Fix graphql double fetch (merge request)
• Do not copy awarded emoji when cloning issues (merge request)
• Fixes alignment of package details files action column (merge request)
• Prohibit maintainers from starting trial subscription (merge request) GitLab Enterprise Edition
• Fix incorrect Runner#with_upgrade_status scope (merge request)
• Take lease in UpdateProjectStatisticsWorker (merge request)
• Fix system note timestamp for moved issue (merge request)
• List groups from group shares on project transfer (merge request)

Changed (182 changes)

• Escaping the header search bar closes dropdown (merge request)
• Support owasp security training (merge request)
• Updated incorrect UI link (merge request)
• Fixed outdated runners link (merge request)
• Set skip_rugged_auto_detect to default to true (merge request)
• Render failed job item pills with different background in Pipeline view (merge request)
• Add background to internal notes (merge request)
• Disabled related items expand button when no items (merge request)
• Add collapsing for many invite modal errors (merge request)
• Disable Rugged auto-detection by default (merge request)
• Enable rebase without ci (merge request)
• Avoid usage of toBeTruthy/toBeFalsy in iterations_spec.js by @anshulriyal (merge request)
• Default enable group level protected environment settings (merge request)
• Remove duplicated help link in top bar (merge request)
• Rename methods and variables for clarity and legibility (merge request)
• Simplify project_statistics test for column size (merge request)
• Improvements to the audit events streaming UI (merge request) GitLab Enterprise Edition
• Generate chain of custody CSV reports asyncronously (merge request) GitLab Enterprise Edition
• Dart.gitlab-ci.yml: Switch to new docker image for Dart by @mcmahonjohn (merge request)
• Add tooltip to Tanuki logo (merge request)
• Validate with latest vendored patch schema version (merge request) GitLab Enterprise Edition
• Migrate project branches cards to use pajamas (merge request)
• Show project homepage only in group page package registry view by @parkourkarthik (merge request)
• Release changes for CI Secure Files Geo Replication (merge request) GitLab Enterprise Edition
• Increase animation speed of sticky issue header (merge request)
• Docs: Remove Debian 9 from supported os list (merge request)
• Refactor runner pagination (merge request)
• Enable update_vuln_identifiers_flag by default (merge request)
• Preload and cache child work items (merge request)
• Rename service_id to integration_id (merge request)
• Update linked items widget header (merge request)
• Rename service_id to integration_id (merge request)
• Find superset of descendant scope queries (merge request)
• Adds user callouts dismissed by Project (merge request)
• Update linked item buttons to match tasks (merge request)
• Speed up sidebar transition (merge request)
• Geo Replicables - Add margin to pagination (merge request) GitLab Enterprise Edition
• Fixed outdated text (merge request)
• Event type for squash commit template is updated by @abhi_arora (merge request) GitLab Enterprise Edition
• Rename IssueTrackerData service to integration (merge request)
• Rename IssueTrackerData service to integration (merge request)
• Mark pull mirroring for projects without the license as hard-failed (merge request) GitLab Enterprise Edition
• Geo Replicables - True Up Projects Statuses (merge request) GitLab Enterprise Edition
• Change cost factor for open source (merge request) GitLab Enterprise Edition
• Reformat the user identity table (merge request) GitLab Enterprise Edition
• Remove backend code for attention request notifications (merge request)
• Frontend changes from task to checklist item (merge request)
• Add missing skip_ci param (merge request)
• Remove description html text limit (merge request)
• Remove temp index on project membership namespace id (merge request)
• Remove temp index on project membership namespace id (merge request)
• Remove attention request related API references (merge request) GitLab Enterprise Edition
• Moved View in admin area button tooltip placement to top by @PaarthAgarwal (merge request)
• Auditor for FOSS edition (merge request) GitLab Enterprise Edition
• Use branches bulk creation for Pull Mirroring (merge request)
• Update custom card to Pajamas compliant alert (merge request)
• Update Users API call was not updating auditor flag for user (merge request) GitLab Enterprise Edition
• Change response of the api PUT /merge when branch unmergable (merge request)
• Get highest level member on members all API call (merge request)
• Add a tooltip to merge requests shortcut (merge request)
• Enable MR discussions HTTP caching by default (merge request)
• Remove description field from new blank project creation (merge request)
• Fixed backfill code to burst root_namespace cache (merge request)
• Update project pages usage card to be pajamas compliant (merge request)
• Remove settings_ci_cd.scss file (merge request)
• Migrate pages domains card to use pajamas compliant version (merge request)
• Event type for framework is deleted (merge request) GitLab Enterprise Edition
• Event type for allow merge on skipped pipeline (merge request) GitLab Enterprise Edition
• Event type for squash option updated (merge request) GitLab Enterprise Edition
• Add checkbox ViewComponent that can be use outside of form builder (merge request)
• Change task list item system note from task to checklist item (merge request)
• Order security_findings by scan_id (merge request) GitLab Enterprise Edition
• Updated retry pipeline jobs button tooltip by @zillemarco (merge request)
• Create a preflight check for MigrationWorker (merge request) GitLab Enterprise Edition
• Create NamespaceDetails table (merge request)
• Update QR code helper to gl-card utility by @yo (merge request)
• Create ci_runner_versions record on demand (merge request)
• Moved the package tags to the sub-header by @zillemarco (merge request)
• Updates package project settings to use side-by-side layout (merge request)
• Remove duplicate association in has_web_hook_shared_examples (merge request)
• Update gitlab-license gem to the latest version (merge request)
• Update plan widgets grey backgrounds (merge request)
• Use primary btn variant for finish review dropdown (merge request)
• Remove service_hook link from SlackMattermostNotifier (merge request)
• Move webhook association from Integration model (merge request)
• Improve false positive alert UX (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.33.0 (merge request)
• Changes styling of timeline icons (merge request)
• Add invite token indications for partial failure (merge request)
• Rename ReplicableStateEnum to ReplicationStateEnum (merge request) GitLab Enterprise Edition
• Replace remove with close on operations dashboard (merge request)
• Move topics location on project overview (merge request)
• Added gl-flex-basis-third style to the cluster creation page by @NIKU-SINGH (merge request)
• Use GlSegmentedControl to switch between Rich/Source text editor by @shamvi050801 (merge request)
• Update preview assets for copy and terminology consistency (merge request)
• Repositioned the insert suggestion button for better visibility by @zillemarco (merge request)
• Add Google Authenticator to 2FA page (merge request)
• Geo Replication - Last verified data (merge request) GitLab Enterprise Edition
• Geo Replicables - Unboxing the UI (merge request) GitLab Enterprise Edition
• Migrate form_errors in saml_providers (merge request) GitLab Enterprise Edition
• Use refreshed look and feel in group runner view (merge request)
• Refactor description for the IP allow list field (merge request)
• Improve ancestor scope queries (merge request)
• Clean up audit_event_streaming_git_operations_deploy_key flag (merge request)
• Refactor hook log index view (merge request)
• Fix warning when user is unable to create project (merge request)
• Add cloud-based 2FA apps to documentation (merge request)
• Add MigrateSharedVulnerabilityScanners batched migration job (merge request)
• Fix approval visible groups detection (merge request)
• Update PyPI package page with access token docs link by @brianjaustin (merge request)
• Migrate project nothing to compare card to be pajamas compliant (merge request)
• Add info message to Operations Dashboard (merge request) GitLab Enterprise Edition
• Do not display 'Clear cache' dropdown when user isn't permitted to do it (merge request)
• Verify LFS OID (merge request)
• Make ssh_signatures.key_id nullable (merge request)
• Forbid calls with potential to take long sleeps (merge request)
• Sync approvals required after syncing rules (merge request) GitLab Enterprise Edition
• Update metrics settings alert to pajamas (merge request)
• Enable paginated_mr_discussions feature by default (merge request)
• Removed incorrect spacing used by btn-margin-5 variable (merge request)
• Allow Sbom::Occurence.component_version to be nullable (merge request)
• This MR adds header with status of DAST scan (merge request) GitLab Enterprise Edition
• Update alerts to pajamas design system (merge request)
• Move and rename SAML troubleshooting page (merge request)
• GraphQL: Rename CiRunnerUpgradeStatusType (merge request)
• Move feedback issue (merge request)
• This MR allows user to see saved profiles (merge request) GitLab Enterprise Edition
• Add upgrade status badges in runners (merge request) GitLab Enterprise Edition
• This MR adds pipeline rule component (merge request) GitLab Enterprise Edition
• Migrate pages no domains card to be pajamas compliant (merge request)
• Migrate commit list card to be pajamas compliant (merge request)
• Migrate admin notes view partial card to use pajamas compliant version (merge request)
• Migrate pages access card to use pajamas compliant version (merge request)
• Apply secure defaults for access tokens (merge request)
• Update design of security approvals in mr approval settings (merge request) GitLab Enterprise Edition
• Align runner details when viewing runner (merge request)
• Change how ownership works in pipeline schedules (merge request)
• Order list of latest users by descending signup date by @axel-loewe (merge request)
• Convert email badges to a list (merge request)
• Update subgroup creation page (merge request)
• Validate timeline event note on update (merge request)
• Change runner cron job to run daily (merge request)
• Clean up soft_validation_on_external_url feature flag (merge request)
• Collect metrics from all pull mirrors (merge request) GitLab Enterprise Edition
• Create folder for Logs to prepare for nesting of other pages (merge request)
• Update docker logo path (merge request)
• Set required nullable for weight argument (merge request) GitLab Enterprise Edition
• Update UX for attaching files in GFM input fields (merge request)
• Do not disable cadence start date field (merge request) GitLab Enterprise Edition
• Fix ES client for nil password (merge request) GitLab Enterprise Edition
• Imported and used the monaco API explicitly (merge request)
• Modifies storage email notifications delivery (merge request) GitLab Enterprise Edition
• Update google-protobuf to v3.21.3 (merge request)
• Adding Geo support of Project-level Secure Files (merge request) GitLab Enterprise Edition
• Update new list on boards page to match Pajamas specs (merge request)
• Move deployment approval from popover to modal (merge request) GitLab Enterprise Edition
• Trigger KeepAroundRefsCreatedEvent event only if SHAs are passed (merge request) GitLab Enterprise Edition
• Update Salesforce logo for OAuth (merge request)
• Add loading icon to audit event pages (merge request) GitLab Enterprise Edition
• Generate links for escaped content (merge request)
• Update External wiki to use sections (merge request)
• Update JWT OAuth logo (merge request)
• Use #use_open_file for Packages::Debian::ExtractDebMetadataService by @sathieu (merge request)
• Adjust buckets for Pull Mirroring metrics (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to 14.10.0 (merge request)
• Update database migration helper (merge request)
• Drop /api/v4 suffix in GitLab OmniAuth documentation (merge request)
• Add Gitlab Contribution Cost Factor (merge request) GitLab Enterprise Edition
• Update Discord notifications to use sections (merge request)
• Updated Linked issues to Linked items (merge request)
• Synchronize vulnerability findings temporary index (merge request)
• Allow pagination=none for recursive tree API (merge request)
• Remove log messages (merge request)
• Default enable linear root ancestor query (merge request)
• Add new move to project modal (merge request)
• Migrate card class to Pajamas::CardComponent (merge request)
• Updates puma to 5.6.4 (merge request)
• Remove personal_access_tokens_scoped_to_projects feature flag (merge request)
• Enable feature flag approval_rules_pagination (merge request)
• Bump to major version 3 for kics (merge request)
• Use the latest pipeline for a branch instead of (merge request) GitLab Enterprise Edition
• Add allowlisted users to Abuse::ExcessiveProjectsDownloadBanService (merge request) GitLab Enterprise Edition

Deprecated (3 changes)

• Deprecate confidential attribute for notes (merge request)
• Add deprecation warning for Redis 5 by @tnir (merge request)
• Remove build_coverage_regex from project (merge request)

Removed (15 changes)

• Disable support for delayed project deletion for personal projects (merge request) GitLab Enterprise Edition
• Removed unused graphql field issuesCount (merge request) GitLab Enterprise Edition
• Remove shared runner usage tab (merge request)
• Remove clients column (merge request)
• Remove sorting vulnerabilities by report_type (merge request) GitLab Enterprise Edition
• Remove additional_amount_available column (merge request)
• Removes ci_retry_downstream_pipeline feature flag (merge request)
• Remove the use_keyset_aware_user_search_query FF (merge request)
• Remove uncached_mr_attention_requests_count feature flag (merge request)
• Remove the new_graphql_keyset_pagination FF (merge request)
• Remove pat and ssh enforcement database columns (merge request)
• Remove sorting vulnerabilities by state (merge request) GitLab Enterprise Edition
• Remove unused semver column on ci_runners (merge request)
• Drop migrated_to_new_structure column (merge request)
• Remove streaming_audit_event_headers feature flag (merge request) GitLab Enterprise Edition

Security (22 changes)

• Drop soft enforcement of restricted YAML deserialization classes (merge request)
• Add additional condition to accept invitation
• Prevent users who cannot admin a public project from viewing deploy keys
• Protect Grafana and Sentry integrations
• Check permissions when filtering by contact or organization
• Maintainer can change the visibility of Project and Group
• Protect integration secrets
• Fix IDOR in Jira issue show action
• Do not link unverified secondary emails with any users
• Update gitaly version
• Update Rails to v6.1.6.1 (merge request)
• Update version of Gitaly
• Remove group_bot_user and group_access_token after group delete
• Security datadog integration leaking
• Add html_escape to build_details_entity
• Remove todos from confidential notes when user loses access
• Remove feature flag ci_yaml_limit_size
• Forbid exchanging access token for ROP flow to users required 2FA setup
• Use author to run subscribed pipeline
• Update GITLAB_PAGES_VERSION
• Remove prohibited branches after project import
• Limit proxied requests to Grafana API

Performance (12 changes)

• Prevent n+1s when fetching epics on big group hierarchies (merge request) GitLab Enterprise Edition
• Move transfer project namespace dropdown to GraphQL (merge request)
• Cleaup import_relation_object_persistence feature flag (merge request)
• Expire branch cache for bulk creation only once (merge request)
• Add index to fix integration metrics performance (merge request)
• Improve loading of blobs from paginated diffs (merge request)
• Skip extra VSA requests when theres no value stream (merge request) GitLab Enterprise Edition
• Increase rendered elements while loading large files (merge request)
• Improve participants loading performance (merge request)
• Improve blob rendering time (merge request)
• Generate links to dependencies in gemspec files (merge request)
• Refresh smaller TTL for highlighting diffs cache (merge request)

Other (70 changes)

• Track pipeline simulation in the pipeline editor (merge request)
• Create Imageable concern for CI Image and Service config by @ali_o_kan (merge request)
• Remove feature flag lfk_automatic_partition_dropping (merge request)
• Clean up attention request related todos (merge request)
• Update google-cloud-env from 1.5.0 to 1.6.0 in /qa by @tnir (merge request)
• Cleanup feature flags and env vars for cross_database_modification (merge request)
• Backfill project import level on namespace settings (merge request)
• Improve Import/Export logs (merge request)
• RuboCop: Enable previously disabled Style/IfInsideElse by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/PercentLiteralDelimiters by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/FormatString by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/EmptyElse by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/GuardClause by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantInterpolation by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/IfUnlessModifier by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantRegexpEscape by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantSelf by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/StringConcatenation by @edith007 (merge request)
• Add links to instance fingerprints by @TrueKalix (merge request)
• RuboCop: Enable previously disabled Style/HashAsLastArrayItem by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/HashEachMethods by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/SymbolProc by @edith007 (merge request)
• Add yml definitions for metric (merge request)
• Update "working with uploads" dev docs (merge request)
• Schedule index removal for security findings (merge request)
• Switch back to license_finder and update to 7.0.1 by @tnir (merge request)
• No-op migrations to backfill namespace/project mirror tables (merge request)
• RuboCop: Enable previously disabled Style/Next by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/MissingRespondToMissing by @edith007 (merge request)
• Remove feature flag incremental_repository_backup (merge request)
• Exclude gin and bluemonday package from dependencies (merge request)
• Update octokit from 4.21.0 to 4.25.1 in /qa by @tnir (merge request)
• Update signet from 0.14.0 to 0.17.0 by @tnir (merge request)
• Update google-cloud-env from 1.5.0 to 1.6.0 by @tnir (merge request)
• Update acme-client from 2.0.9 to 2.0.11 by @tnir (merge request)
• Disable ultimate features for public projects with 1 member and no repo (merge request)
• Rollout use_redis_hll_instrumentation_classes ff (merge request)
• Update Jira Deployment Type by @lenikadali (merge request)
• Remove RequirementsManagement::CreateRequirementService (merge request) GitLab Enterprise Edition
• Improve gravatar service administration docs by @tnir (merge request)
• Use update_work_item mutation for removing WI (merge request)
• Remove enforce_security_report_validation flag (merge request)
• Add partial GIN indexes for issues table (merge request)
• Convert final angle icons to chevrons (merge request)
• Removing the FF remove-fix_sliding_list_partitioning (merge request)
• Remove highlight_diffs_optimize_memory_usage feature flag (merge request)
• Reschedule migration to remove ultimate license from non-public projects (merge request)
• Decrease the urgency of unleash endpoint (merge request)
• Delete FF ci_fix_rules_if_comparison_with_regexp_variable (merge request)
• Bump yajl-ruby gem version (merge request)
• Remove analytics_devops_adoption_codeowners feature flag (merge request) GitLab Enterprise Edition
• Reference forked, FIPS-compatible NGINX (merge request)
• Revert "Merge branch 'mmj-async-all-project-auth-refreshes' into 'master'" (merge request)
• Update cluster details alert to pajamas (merge request)
• Remove pending builds covering index (merge request)
• Disable ultimate features for public projects with no issues and no repo (merge request)
• No-op old migration disable_job_token_scope_when_unused (merge request)
• No-op old migration associate_existing_dast_builds_with_variables (merge request)
• No-op old migration copy_ci_builds_columns_to_security_scans2 (merge request)
• Backfill the namespace_id of existing vulnerability_reads records (merge request)
• Delete FF ci_expand_environment_name_and_url (merge request)
• Add start_date to issues table (merge request)
• Use utility classes in test report (merge request)
• Prepare partial issue trigram indexes (merge request)
• Remove FF batch_load_environment_last_deployment_group (merge request)
• Update user API docs to better indicate SaaS availability by @zillemarco (merge request)
• Remove token column from ci_builds table (merge request)
• Drop unused index on ci_builds (merge request)
• Remove FF import_release_authors_from_github (merge request)
• Remove unused feature (merge request)

15.2.5 (2022-09-29)

Security (16 changes)

• Geo: Do not delete object stored files when not GitLab managed (merge request)
• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.2.4 (2022-08-30)

Security (18 changes)

• No overriding methods for Sawyer class (merge request)
• Update Oj to v3.13.21 (merge request)
• Bump yajl-ruby gem version (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.2.3 (2022-08-22)

Security (2 changes)

• Validate if values to be saved in Redis can be converted to string (merge request)
• Fix CSS selector used in specs (merge request)

15.2.2 (2022-08-01)

Fixed (6 changes)

• Upgrade Oj to v3.13.19 to fix a seg fault (merge request)
• Gracefully handle nil created_at values in CI pipelines (merge request)
• Fix CI artifact sizes not logged for some runner endpoints (merge request)
• Fix RescheduleBackfillImportedIssueSearchData migration (merge request)
• Upgrade oj to v3.3.18 to fix illegal instruction errors (merge request)
• Use CREATE OR REPLACE FUNCTION to define vulnerability reads triggers (merge request)

Changed (1 change)

• Fix ES client for nil password (merge request) GitLab Enterprise Edition

15.2.1 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Protect integration secrets (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.2.0 (2022-07-21)

Added (171 changes)

• Add user id to profile page by @TrueKalix (merge request)
• [API] Get endpoint for latest TF module version by @renehernandez (merge request)
• Adds package cleanup policy project settings (merge request) GitLab Enterprise Edition
• Display users that have been banned in a namespace (merge request) GitLab Enterprise Edition
• Introduce :gitlab_geo schema for Geo tracking DB (merge request) GitLab Enterprise Edition
• Add request-URL to vulnerability details (merge request) GitLab Enterprise Edition
• Add link to change failure rate chart from tile (merge request)
• Add watchdog to observe memory fragmentation (merge request)
• Add background jobs for cleanup policies for packages (merge request)
• Adds sidekiq_jobs_interrupted counter (merge request)
• Add timeline feature to incidents (merge request)
• Respect parent namespace for gitlab migration (merge request)
• Allow users to delete releases from edit page (merge request)
• Add verification token to audit events streams list (merge request) GitLab Enterprise Edition
• Add index on security_findings(uuid id DESC) (merge request)
• Add environment_scope to VariableType (merge request)
• Add manual_variables field to JobType (merge request)
• Work Items - Tasks First Time Experience (merge request)
• Add unique contraint for parent link work_item_id (merge request)
• Upgrade GitLab Pages to 1.61.0 (merge request)
• Event type information in approval rule audit event streaming (merge request) GitLab Enterprise Edition
• Include epic color widget on epic board sidebar by @espadav8 (merge request) GitLab Enterprise Edition
• Hash passwords with PBKDF2+SHA512 (merge request)
• Add upgrade status filter to runners (merge request) GitLab Enterprise Edition
• Preview free user cap only for specific namespaces (merge request)
• Add frontend form password complexity validation (merge request) GitLab Enterprise Edition
• Pipeline Performance insights (merge request)
• Add partition_number and related indices to security_findings table (merge request)
• Enable the use_unnested_queries by removing the FF globally (merge request) GitLab Enterprise Edition
• Allow passing arrays of labels in Epic GraphQL mutations by @espadav8 (merge request) GitLab Enterprise Edition
• Add GraphQL support for removing namespace bans (merge request) GitLab Enterprise Edition
• Copy failed spec names to clipboard from MR widget (merge request)
• Add 3 dot menu in work item link (merge request)
• Add frontend form password complexity validation (merge request) GitLab Enterprise Edition
• Event type information for ci variable audit event (merge request) GitLab Enterprise Edition
• Limit number of project and group CI variables (merge request)
• Adding search bar to group MR search with no results (merge request)
• Expose CI_MERGE_REQUEST_TARGET_BRANCH_PROTECTED as CI Variable by @Taucher2003 (merge request)
• Add Members page link to Project settings (merge request)
• Add the packages execute cleanup policy service (merge request)
• Consume new id format for security training (merge request) GitLab Enterprise Edition
• Generate package.json links (merge request)
• Introduce new jobs table (merge request)
• Event type information in streaming access token audit events (merge request) GitLab Enterprise Edition
• Enable use_keyset_aware_user_search_query FF (merge request)
• Add Vulnerabilities::MergeRequestLink model (merge request)
• Add vulnerability_merge_request_links table (merge request)
• Add group audit event keyset pagination (merge request) GitLab Enterprise Edition
• Event type information in protected branch audit event stream (merge request) GitLab Enterprise Edition
• Ensure namespace_id is set when issue is saved (merge request)
• Upgrade GitLab Pages to 1.60.0 (merge request)
• Add evidence fields to Vulnerability Issue template (merge request) GitLab Enterprise Edition
• Add error_tracking_access_token to application settings (merge request)
• Include commit message templates when forking project by @nejc (merge request)
• Create new rake task with Advanced Search integration details (merge request) GitLab Enterprise Edition
• Periodically reconcile ci_runner_versions (merge request)
• Cleanup BackfillDraftStatusOnMergeRequests migration (merge request)
• Implement granular access for Protected Tags API (merge request) GitLab Enterprise Edition
• [issue-354239] Import github 'renamed' issue events (merge request)
• Format multiple quick actions with
  for MD preview by @espadav8 (merge request)
• Track when user uses a verify action on an environment (merge request)
• Add sbom_occurrences table and model (merge request)
• Expose historical_release in GraphQL API (merge request)
• GraphQL: Add upgrade_status filter (merge request)
• Add update of the number of required approvals (merge request) GitLab Enterprise Edition
• Add BanFromNamespaceService and policies to prevent read access (merge request) GitLab Enterprise Edition
• Disable legacy OpenSource license for inactive public projects (merge request)
• Enable coverage report from child pipelines (merge request)
• Add praefect list virtual storages subcommand documentation (merge request)
• Show epic colours on epic boards by @espadav8 (merge request) GitLab Enterprise Edition
• Create index on security_findings asynchronously (merge request)
• Add tooltip to Colour label on new epic page by @espadav8 (merge request) GitLab Enterprise Edition
• [issue-354235] Import github 'un/labeled' issue eventsq: (merge request)
• Add vulnerableMethod to vulnerability details (merge request) GitLab Enterprise Edition
• Add metrics for runner authentication success/failure by @KyleFromKitware (merge request)
• Add a service to promote security findings to vulnerability findings (merge request) GitLab Enterprise Edition
• Add deployment tier to CI_JOB_JWT (merge request)
• Stream audit event for project group link create/destroy/update actions by @zhanglinjie (merge request) GitLab Enterprise Edition
• Add import_creation_level to namespace settings (merge request)
• [API] Get endpoint for a specific TF module version by @renehernandez (merge request)
• Add security report ingestion information to dashboard seed data (merge request)
• Add heap fragmentation metric (merge request)
• Add the 'first_contribution' attribute to the MR webhook event (merge request)
• Add GitLab Error Tracking to /admin settings (merge request)
• Add NamespaceBan model (merge request)
• Stream audit event on project fork by @zhanglinjie (merge request) GitLab Enterprise Edition
• Adds change failure rate charts to ci/cd analytics (merge request) GitLab Enterprise Edition
• Add 'never' option to auto_stop_in for an environment (merge request)
• Submit rename/new modal in web IDE on enter by @leetickett (merge request)
• Add namespace_id column to issues table (merge request)
• Add canceled state to import state and stage methods (merge request)
• Add approved_by_usernames param to merge request api (merge request) GitLab Enterprise Edition
• Stream audit event on merge request create by @zhanglinjie (merge request) GitLab Enterprise Edition
• Add topic_id attribute to Projects API by @wwwjon (merge request)
• Add due_date and improve CSV issue import docs by @leetickett (merge request)
• Add page size selector to issues list having options for 20, 50 and 100 (merge request)
• Added BackgroundMigration for ProjectStatistics (merge request)
• Add settings for rate limiting unique project downloads per namespace (merge request)
• Add crashType to vulnerability details (merge request) GitLab Enterprise Edition
• Add security trial actions (merge request)
• GraphQL: lists the groups to where a project can be transferred to (merge request)
• Require email verification (merge request)
• Added Civo logo to the create cluster page (merge request)
• Add super/subscript support in content editor (merge request)
• Add cycle and lead times time series endpoint (merge request)
• Improved search bar tokens for CRM contacts and organizations by @zillemarco (merge request)
• Add ci_runner_versions table (merge request)
• Add sbom_sources table and model (merge request)
• Displays the queued duration of a job (merge request)
• Disable Conan registry in FIPS mode (merge request)
• Allow editing of the released at date for Releases (merge request)
• Query vulnerability_reads by the cartesian product of given filters (merge request) GitLab Enterprise Edition
• Extend the DAST-Default-Branch-Deploy template to support ECS (merge request) GitLab Enterprise Edition
• Add project export relations models to Import/Export (merge request)
• Add false-positive alert to vulnerability details (merge request) GitLab Enterprise Edition
• [epic 354234] Import github closed issue events (merge request)
• Include inherited group links on project members page by @wwwjon (merge request)
• Add crashState to vulnerability details (merge request) GitLab Enterprise Edition
• Add has_vulnerabilities argument to ClusterAgent GraphQL API (merge request) GitLab Enterprise Edition
• Support TLS in dedicated metrics servers (merge request)
• Add "all protected branches" as a project approval (merge request) GitLab Enterprise Edition
• Add instrumentations for average number of approvals required (merge request) GitLab Enterprise Edition
• Add VariableType and variables fields (merge request)
• Enable ci_docker_image_pull_policy (merge request)
• Add member limit banner to usage quota seats page (merge request) GitLab Enterprise Edition
• Add Pages::PageDeployedEvent (merge request)
• Added ability to sort issues by closed date on frontend by @zillemarco (merge request)
• Enable streaming audit event headers by default (merge request) GitLab Enterprise Edition
• Add freeUserCapEnforced field to Group type (merge request) GitLab Enterprise Edition
• Finalise member_namespace_id migration (merge request)
• Provide deletion of project topics in UI by @wwwjon (merge request)
• Add SBoM Component tables and models (merge request)
• Add columns for operations toggle split (merge request)
• Add multiple tiers aggregaion to DORA API (merge request) GitLab Enterprise Edition
• Enable Blame page pagination by default (merge request)
• Return build failure_reason in pipeline's webhooks by @albertvaka (merge request)
• Enable highlight_js by default (merge request)
• Ban user when they exceed projects download limit within a time period (merge request) GitLab Enterprise Edition
• Remove temporary index and validate constraint on routes table (merge request)
• Enable closed_as_duplicate_of in issues API (merge request)
• Add colour widget to epic create form and epic sidebar by @espadav8 (merge request) GitLab Enterprise Edition
• Reject Maven md5 requests in FIPS mode (merge request)
• Add clusterAgents field to Project/Group/Security Dashboard GraphQL API (merge request) GitLab Enterprise Edition
• [API] Endpoint to download latest Terraform module version by @renehernandez (merge request)
• Add schedule delay for RepositoryUpdateMirrorWorker (merge request)
• Finalize cleanup orphaned routes migration (merge request)
• Add GraphQL API to list resource links (merge request) GitLab Enterprise Edition
• Add GraphQL API to delete resource links (merge request) GitLab Enterprise Edition
• Add documentation for CWE 209.2 (merge request)
• Prevent users from using known insecure public key (merge request)
• Add Query.todo(id) to GraphQL API by @Taucher2003 (merge request)
• Link cc from service desk emails to CRM contacts by @leetickett (merge request)
• Add git abuse rate limit settings for admins (merge request)
• Make ECS Review apps work with DAST (merge request) GitLab Enterprise Edition
• Always respect namespace_id for OAuth-based importers (merge request)
• Allow ci_separated_caches to be updated from API by @Taucher2003 (merge request)
• Persist markdown editor type in wikis (merge request)
• Add filtering security policies to return only inherited policies (merge request) GitLab Enterprise Edition
• Add a toggle for opt-in JWT to project settings (merge request)
• Add an overflow button in content editor (merge request)
• Render link-name on vulnerability details (merge request) GitLab Enterprise Edition
• Add state transition entry (merge request) GitLab Enterprise Edition
• Implement /metadata REST API endpoint by @tuxtimo (merge request)
• Added previously prepared indexes for issues to sort on closed_at by @zillemarco (merge request)
• GraphQL: Add lazy load for blocking epics count (merge request) GitLab Enterprise Edition
• Add PATCH /users/:id/disable_two_factor API (merge request)
• Display disabled card state for non ultimate users (merge request)
• Update Rails project template with BUNDLE_FROZEN (merge request)
• Enable rebalance_issues feature flag by default (merge request)
• Make FF default enabled and fix additional N+1 queries (merge request)
• Enable feature flag 'tag_list_keyset_pagination' by default (merge request)

Fixed (149 changes)

• Fix move deploy keys during project imports in FIPS mode (merge request)
• Fixes container registry popover not displaying on all rows (merge request)
• Fixed some alignments on the pipeline page by @zillemarco (merge request)
• Group audit event keyset pagination order (merge request) GitLab Enterprise Edition
• Fix blob binary state detection for preloaded files (merge request)
• Don't allow notes created_at too much in past (merge request)
• Remove full stops from end of checkboxes (merge request) GitLab Enterprise Edition
• Fixed some margins and widths on the issue page by @zillemarco (merge request)
• GraphQL: Fix filtering for INVALID runners (merge request) GitLab Enterprise Edition
• Update approval count options to include 0 (merge request) GitLab Enterprise Edition
• Fix description list item reorder for incidents (merge request)
• Prefer non-expired licenses first (merge request) GitLab Enterprise Edition
• Fix AR scopes to support keyset pagination (merge request)
• Fixed loading spinner misalignment on fork page by @zillemarco (merge request)
• Fixes all visible mentions of work items in UI (merge request)
• Fix gitlab project imports releases having nil authors (merge request)
• Track description change when creating a task from markdown (merge request)
• Add second event handler oninput to help mitigate the issue (merge request)
• Retain checklist item when deleting task (merge request)
• Fix recommendation for unpublished runner release (merge request)
• Change color for inherited classes (merge request)
• Improved layout of the create merge request's contribution section by @zillemarco (merge request)
• Corrected the logic on duplicate package toggles (merge request)
• Corrected the logic on duplicate package toggles (merge request)
• Made paths lowercase for deduplicated_size api (merge request)
• Use current time as created_at when cloning issues (merge request)
• Properly fail LDAP logins if GitLab user not persisted (merge request)
• Fix artifact empty state (merge request)
• Fix attribute validations for the Vulnerabilities::FindingLink model (merge request) GitLab Enterprise Edition
• Don't fail StoreSecurityReportsWorker if the pipeline does not exist (merge request) GitLab Enterprise Edition
• Refactor Header Search bar event handlers out of requestIdleCallback (merge request)
• Delete MR files separately on project deletion (merge request)
• Aligns order of sidebar items in bulk update (merge request)
• Make /merge quick action to work in GraphQL via createDiffNote (merge request)
• Migration to correct vulnerability state (merge request)
• Add blame link to the file blob view (merge request)
• Fix deploy keys breaking protected branch dropdown in FIPS mode (merge request)
• Fix scrolling to anchor tags on wiki pages (merge request)
• Fix double scroll in labels dropdown on MR sidebar (merge request)
• Retrieve pageSize from local storage as soon as possible (merge request) GitLab Enterprise Edition
• Make dark scroll bar in Chromium-based browsers by @rakleed (merge request)
• Fix the sentry URL in the CSP (merge request)
• Fix exception when Group relation is empty (merge request) GitLab Enterprise Edition
• Mark environments as available when restarting a deployment build (merge request)
• Fix streaming audit event for sub group event and project destroy event by @zhanglinjie (merge request) GitLab Enterprise Edition
• Fix the broken member search GraphQL query (merge request)
• Default project path to empty when creating from group template (merge request) GitLab Enterprise Edition
• Fix broken syntax highlight for shell scripts (merge request)
• Parse conflict lines with CRLF endings correctly (merge request)
• Fix broken external links by @leetickett (merge request)
• Load TLS intermediate certificates in metrics exporter (merge request)
• Render 404 when Jira issue not found (merge request) GitLab Enterprise Edition
• Fix: notify locale on changed milestone email by @JeremyWuuuuu (merge request)
• Correcting the spelling of 'receive' (merge request)
• Update diffs export for backwards compatibility (merge request)
• Fix pagniator issue in different timezone by @chaomao (merge request) GitLab Enterprise Edition
• Handle errors fetching GitLab Runner releases (merge request) GitLab Enterprise Edition
• Fix creating epic in scoped epic board (merge request) GitLab Enterprise Edition
• Fixed small misalignment on releases card footer by @zillemarco (merge request)
• Do not allow to override jobs defined by Security Policies (merge request) GitLab Enterprise Edition
• Remove stray gl-mt-2 from Label input on new epic page by @espadav8 (merge request)
• Fix contributing to EE link by @leetickett (merge request)
• Fix scss syntax highlighting (merge request)
• Fix BulkImport pipeline retries (merge request)
• Fix group access dropdown failure if no subgroups are available (merge request) GitLab Enterprise Edition
• License feature availability checks in Auditor (merge request) GitLab Enterprise Edition
• Fix 500 error for Tags API when repository is missing (merge request)
• Fix group name conflict when migrating groups via BulkImport (merge request)
• Fix resolving cluster image scanning vulnerabilities (merge request) GitLab Enterprise Edition
• This MR removes sticky footer from sidebar (merge request) GitLab Enterprise Edition
• Allow job tokens to access internal packages (merge request) GitLab Enterprise Edition
• Collapse Edit lock form when clicked outside sidebar in issues (merge request)
• Error Tracking: Disable show next button when next pagination is empty (merge request)
• Fix SSH mirrors not working in FIPS mode (merge request)
• This MR fixes list of corpuses (merge request) GitLab Enterprise Edition
• Correct padding for change password screen (merge request)
• Only show Changes to free tier open source projects banner to members (merge request) GitLab Enterprise Edition
• Fixes diff case where .ipynb line contains '\n' (merge request)
• Fix deployment approval popup to support multiple approval rules (merge request) GitLab Enterprise Edition
• Fixes Semantic diffs displaying twice (merge request)
• Fix vertical alignment of compliance report rows so they are centred (merge request) GitLab Enterprise Edition
• Query only distinct OAuth access tokens by application ID (merge request)
• Fix duplicates in pages when sorting members by last_activity_on (merge request)
• Remove attention request docs (merge request)
• Fix avatar size for issue and MR placeholder notes (merge request)
• Correct call to computed hasSelectedColor by @espadav8 (merge request)
• Upgrade version of Swagger UI by @mulka (merge request)
• Add spec for buildkit cache image replication (merge request) GitLab Enterprise Edition
• Index vulnerability_reads on casted_cluster_agent_id (merge request)
• Fix GraphQL API to fetch clusterAgents from instanceSecurity Dashboard (merge request) GitLab Enterprise Edition
• Do not show guest users as participants when mentioned on internal note (merge request)
• Require project membership for merge request approvals (merge request)
• Use UTC for trial end date in popover (merge request) GitLab Enterprise Edition
• Does not generate ipynb diff if file is collapsed (merge request)
• Fix avatars displaying as block elements (merge request)
• Allow filtering by multiple negated milestones (merge request)
• Allow 16 character SubjectKeyIdentifier for x509 signed commits feature by @.wolf (merge request)
• Add sanity check for inputs (merge request)
• Update Vulnerabilities::DismissService (merge request) GitLab Enterprise Edition
• Sets vulnerability state properly (merge request) GitLab Enterprise Edition
• Simplify issue policy, allow bots metadata access (merge request)
• Fixes the remove group button to look correct (merge request)
• Fix Integration#boolean_accessor to work with data fields (merge request)
• Update Vulnerabilities Confirm Service (merge request) GitLab Enterprise Edition
• Fix plural name "Failed jobs" for the pipeline failed email (merge request)
• Improve keyboard UX for toggle replies widget (merge request)
• gitaly_client: Fix error handling for structured AlreadyApplied error (merge request)
• Fix env var check for DISABLE_PUMA_WORKER_KILLER (merge request)
• Maintain namespace_id when connection error occurs in fogbugz importer (merge request)
• Fix LDAP sign in button padding (merge request)
• Remove valid epic check (merge request) GitLab Enterprise Edition
• Fix incorrect links when coming to 'Find file' from a file view by @shelld3v (merge request)
• Improve performance of loading OAuth apps and tokens (merge request)
• Patched Rails model generator to use GitLab template by @zillemarco (merge request)
• Allow epic_color_highlight flag to be applied to groups by @espadav8 (merge request) GitLab Enterprise Edition
• Add auditor access for group compliance report (merge request) GitLab Enterprise Edition
• Fix performance regression in issuable lists (merge request)
• Fix bitbucket cloud importer (merge request)
• Update Vulnerabilities::RevertToDetected Service (merge request) GitLab Enterprise Edition
• Fix nil error for last deployment group (merge request)
• Respect namespace_id for bitbucket server importer (merge request)
• Adjust members index flex spacing for longer text (merge request)
• Fix future iterations not being scheduled correctly (merge request)
• Show only top-level epics in roadmap page (merge request) GitLab Enterprise Edition
• Fix querying vulnerability_reads by cluster_agent_id (merge request) GitLab Enterprise Edition
• Poll for linked pipelines (merge request)
• Cancelling a merge request edit does not reset the autosaver (merge request)
• Revert Only send signed upload params from Wkhse (merge request)
• Fix deploy boards for Kubernetes 1.22 (merge request)
• Respect namespace_id in fogbugz importer (merge request)
• Improves css in ipynb mrs (merge request)
• GlTabsBehavior - Support hash updating (merge request)
• Merge details in audit event json log (merge request) GitLab Enterprise Edition
• Use i18n translations on reassigned issueable emails by @JeremyWuuuuu (merge request)
• Fix autocomplete in wikis (merge request)
• Insert job taggings in batches (merge request)
• Allow public access to awardables API (merge request)
• Fix GET /groups/:id to include runners token (merge request)
• Update Vulnerabilities::ResolveService (merge request) GitLab Enterprise Edition
• Fix agent token modal (merge request)
• Fix private contributions missing on the calendar if user leaves project by @eggerd (merge request)
• Pass status explicitly to Deployment Hook Worker (merge request)
• Fix eslint error (merge request)
• Prevent popovers from showing on group references (merge request)
• Queue Terraform state destroy worker outside of transaction (merge request)
• Fix Auth#token_bot_in_resource? check (merge request)
• Expand diff when navigating to pending comment by @JonstonChan (merge request)
• Migrate Group name and Group URL fields to Vue (merge request)
• Update color preview shades to match header color (merge request)

Changed (224 changes)

• Update project stats for container reg deletes (merge request)
• Update triggers creating vulnerability_reads records (merge request)
• Adds project-scoped callouts for failed web-hooks (merge request)
• Added creation time-range filters for Snippets API by @spmarisa (merge request)
• Update runners form error to pajamas (merge request)
• Changed instances of (Any )[Ee]ligible user to All eligible users (merge request) GitLab Enterprise Edition
• Hide expand button for empty simple widgets (merge request)
• Add config file param to repository changelog api by @zhanglinjie (merge request)
• Show reports immediately after job completes by @kdabrowski (merge request)
• Remove commits from the main Advanced Search index (merge request) GitLab Enterprise Edition
• Add warning next to public projects shared with a private group (merge request)
• Remove omniauth_login_minimal_scopes feature flag (merge request)
• Create vulnerability state transitions as a better form of tracking (merge request) GitLab Enterprise Edition
• Disable creation of vulnerability feedback when dismissing vulns (merge request) GitLab Enterprise Edition
• Added snowplow tracking for package assets (merge request)
• Apply the VSA filters to the task by type charts (merge request) GitLab Enterprise Edition
• Give 300k minutes to contributors to spend on GitLab contributions (merge request) GitLab Enterprise Edition
• Use field level validation errors (merge request) GitLab Enterprise Edition
• Move header search events out of main.js (merge request)
• Prevent hidden projects to be downloaded via git actions (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to v14.9.0 (merge request)
• Increase number of includes from 100 to 250 (merge request)
• Migrate mirror repos form errors (merge request)
• Migrate protected tag error form (merge request)
• Allow escalation for all incidents (merge request) GitLab Enterprise Edition
• Migrate CI/CD settings form error (merge request)
• Migrate errors form for autodeops settings (merge request)
• Return if FIPS enabled (merge request)
• Admin App-Settings Network header expand/collapse by @quatauta (merge request) GitLab Enterprise Edition
• Define LDAP omniauth_callbacks routes from GitLab config (merge request)
• Show all errors on invites for invite modal (merge request)
• Improve Admin Area settings UI text (merge request)
• Improve alert UX when updating existing design (merge request)
• Add tmp index for vuln findings with potentially mismatched scanners (merge request)
• Add Rebase without CI button to MR rebase widget by @KevSlashNull (merge request)
• Stop syncing alert and incident statuses (merge request)
• Add indices for protected environments and approval rules on created_at (merge request)
• Removes ci_value_change_for_processable_and_rules_entry ff (merge request)
• Remove standard_context_type_check ff (merge request)
• Remove refactor_blob_viewer FF references (merge request)
• Migrates the spacing for icon of related item (merge request)
• Migrate form_errors in integration settings page (merge request)
• Create Vue form to configure git abuse rate limits (merge request) GitLab Enterprise Edition
• Migrates spacing classes for approval checks (merge request) GitLab Enterprise Edition
• Bump omniauth-oauth version to v1.2.0 (merge request)
• Update admin edit group layout (merge request)
• Migrate form_errors in creations/new_compare form to Pajamas alert (merge request)
• Bump prometheus-client-mmap to v0.16.1 (merge request)
• Remove banner about free project changes (merge request)
• Replace ci_runner_versions indices (merge request)
• Make CI/CD form error to be Pajamas compliant (merge request)
• Update gitlab_omniauth-ldap to v2.2.0 (merge request)
• Promote 'New identity' button as a primary action (merge request)
• Update Node.js from 10 to 14 used in CI by @tnir (merge request)
• Updated Secure Files Settings UI (merge request)
• Disable DS auto-remediate when FIPS mode (merge request) GitLab Enterprise Edition
• Make Application Settings sections headers collapsible (merge request)
• Use approvers information which are available (merge request) GitLab Enterprise Edition
• Add uuid to VulnerabilityFindingDismiss (merge request) GitLab Enterprise Edition
• Disable OAuth access token reuse (merge request)
• Move Title and Format fields in the same row by @ssurbhi560 (merge request)
• Migrate form_errors in two_factor_auths/show form to Pajamas alert (merge request)
• Move link to the last item in formatting toolbar (merge request)
• Allow members invited by email to be re-invited (merge request)
• Application Settings General h4 Expand/Collapse by @quatauta (merge request) GitLab Enterprise Edition
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• Adds package group settings side-by-side layout (merge request)
• Track process commit limit overflow (merge request)
• Application Settings General h4 Expand/Collapse by @quatauta (merge request)
• Migrate error alert in user identity form (merge request)
• Migrate error alert in doorkeeper application form (merge request)
• Admin App-Settings Templates header expand by @quatauta (merge request) GitLab Enterprise Edition
• Refactor user popover to use GlAvatarLabeled (merge request)
• Improve label of delete comment button (merge request)
• Use user_application_theme helper instead of hard-coded theme classes by @dreedy (merge request)
• Simplify scanner logic for security reports (merge request) GitLab Enterprise Edition
• Increase Webauthn credential XID length by @spotlightishere (merge request)
• Use Pajamas alert in milestones form (merge request)
• Add tooltip to shortcut element in navbar search field (merge request)
• Migrate form errors to Pajamas for grafana setting (merge request)
• Add the merge date to the Chain of Custody report (merge request) GitLab Enterprise Edition
• Rename CycloneDX artifact files (merge request) GitLab Enterprise Edition
• Feature search bar scope tokens (merge request)
• Add git_rate_limit_users_allowlist column to application_settings (merge request)
• Update supported browser versions (merge request)
• Warn user of feature flags risks (merge request)
• Migrate errors in new password to Pajamas alert (merge request)
• Send root_namespace_id to the Projects::ProjectDeletedEvent (merge request)
• Disable Geo proxy internal API polling when Geo not enabled (merge request)
• Apply rate limiting for paid plan customer hooks (merge request) GitLab Enterprise Edition
• Use auditor when auditing using audit changes (merge request) GitLab Enterprise Edition
• Omit MD5 fingerprints in deploy key API response (merge request)
• Replace deprecated createFlash, add loading icon and tabs query param (merge request) GitLab Enterprise Edition
• Drop empty fingerprint attribute in Vue access dropdown (merge request)
• Add hover state for button and remove border (merge request)
• Parse GitLab Runner release version suffixes (merge request)
• Add quick action support for group members (merge request)
• Move commit documents to new index (merge request) GitLab Enterprise Edition
• Removes noisy lines from transformed notebook (merge request)
• Support language filter for blob searches (merge request) GitLab Enterprise Edition
• Migrates spacing class for board card loader (merge request)
• Fix status box styling on Jira issue details page (merge request)
• Migrate errors in GPG keys to Pajamas alert (merge request)
• Container registry: stop appending Root image (merge request)
• Use Pajamas alert in repository check form (merge request)
• Consider versions with suffix in runner upgrades (merge request)
• Show more details for testing integration error (merge request)
• Migrate button to delete account (merge request)
• Vendor omniauth-gitlab gem to provide backwards compatibility (merge request)
• Use Pajamas alert in gitpod settings (merge request)
• Migrate buttons to switch stl viewer type (merge request)
• Replace Geo node with Geo site (merge request) GitLab Enterprise Edition
• Add ignore rule for migrated_to_new_structure (merge request) GitLab Enterprise Edition
• Change group recent activity window to 30 days (merge request) GitLab Enterprise Edition
• Add a keyword for default values in the CSP (merge request)
• Fixes the spacing of buttons on the compare page (merge request)
• Remove variable override on related tree item (merge request)
• Have Security Policies Enabled by Default (merge request) GitLab Enterprise Edition
• Hide the 'Resync' button when there are no results by @shelld3v (merge request)
• Hide 'New Epic' button on roadmap for unauthorized users by @shelld3v (merge request) GitLab Enterprise Edition
• Admin App-Settings Preferences header expand/collapse by @quatauta (merge request)
• Allow using pre tag outside of code blocks (merge request)
• Add queued_duration to the job entity (merge request)
• Migrates modal to delete pipeline (merge request)
• Update text for rollback modal (merge request)
• Admin App-Settings Advanced Search header expand by @quatauta (merge request) GitLab Enterprise Edition
• Add new column vulnerability_reads.casted_cluster_agent_id as bigint (merge request)
• Remove feature flag ci_build_finished_worker_namespace_changed (merge request)
• Replace YAML approver info with persisted data (merge request) GitLab Enterprise Edition
• In email footers, explicitly link to the GitLab host by @smokris (merge request)
• Updated agent status icons (merge request)
• Add root_namespace_id to Pages::PageDeletedEvent (merge request)
• Use Pajamas alert in repository mirroring settings (merge request)
• DB additions for CI Secure Files Replicator (merge request)
• Consolidate pipeline mini graph code (merge request) GitLab Enterprise Edition
• Migrates view seat usage button in alert (merge request) GitLab Enterprise Edition
• Migrates button to promote milestone (merge request)
• Remove GraphQL check for feature flag and return null by @espadav8 (merge request) GitLab Enterprise Edition
• Use Pajamas alert in visibility and access settings (merge request)
• Change in wording related to SAML experience (merge request) GitLab Enterprise Edition
• Fix: notify locale on failed builds by @JeremyWuuuuu (merge request)
• Migrates the spacing for icon in user dropdown (merge request)
• This MR enables sticky footer in Drawer (merge request) GitLab Enterprise Edition
• Modifies Package Registry group settings (merge request)
• Migrate LDAP sync buttons on member page (merge request) GitLab Enterprise Edition
• Convert admin users and admin group edit/new to be Pajamas compliant (merge request)
• Add Expand/Collapse to application settings CI/CD h4 by @quatauta (merge request)
• This adds the queued_at field to the job entity (merge request)
• Remove form_errors from the groups settings ci_cd form (merge request)
• Migrates the spacing class for job name (merge request)
• Migrates the spacing for buttons in dashboard (merge request)
• Use Pajamas alert in webhooks form (merge request)
• Replace repeat icon with retry icon for jobs (merge request)
• Migrate form errors (merge request) GitLab Enterprise Edition
• Migrates button to add previously merged commits (merge request)
• Accept runner patch upgrades from newer major releases (merge request)
• More informative timeout message (merge request)
• Replace jQuery in init_details_button.js by @quatauta (merge request)
• Remove callouts_trials_link_url (merge request) GitLab Enterprise Edition
• Update oauth2 gem to v2.0.2 (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrates spacing classes in modal to add commits (merge request)
• Add terminating newline to /:username.keys and /:username.gpg (merge request)
• Take migration state into account for size by @jeffpearce (merge request)
• Rewrote Project settings (merge request)
• Fixes truncation and tooltip on group selection (merge request)
• This MR migrates radio button to pajamas radio component (merge request)
• Change the revoke button to type tertiary (merge request)
• Default on group_level_security_policies (merge request)
• Return :invalid for an invalid runner version (merge request)
• Modifies Dependency Proxy group settings (merge request)
• Use Pajamas alert in new application form (merge request)
• API: Backend support for manipulating web-hook variables (merge request)
• Migrate errors in group settings to Pajamas alert (merge request)
• Add Job ID to RepositoryUpdateMirrorWorker logs (merge request) GitLab Enterprise Edition
• Migrates spacing class on web ide tree (merge request)
• Remove artifacts storage warning (merge request) GitLab Enterprise Edition
• Improve UI text - group Permissions settings (merge request)
• Remove renamed workers and feature flag (merge request)
• Replace the menu icon on mobile (merge request)
• Remove custom override of breadcrumb separator (merge request) GitLab Enterprise Edition
• Migrate errors in password update to Pajamas alert (merge request)
• This MR enables sticky header in Drawer (merge request) GitLab Enterprise Edition
• Remove legacy /-/integrations routes from renamed controller (merge request)
• Rollout prevent_abusive_searches feature flag (merge request)
• Migrates spacing classes for code review analytics (merge request) GitLab Enterprise Edition
• This MR defines behaviour of sidebar view mode (merge request) GitLab Enterprise Edition
• Update asana gem to v0.10.13 to relax oauth2 dependency (merge request)
• Remove usage of MD5 by wikicloth gem for FIPS (merge request)
• Migrates the spacing class for add commits button (merge request)
• Consider the certs specified via SSL_CERT_{DIR,FILE} variables (merge request)
• Backend support for manipulating web-hook variables (merge request)
• Migrates spacing classes to add related issue (merge request)
• Update gitaly_cgroups metric name (merge request)
• Use new cost factor 0.008 for public SaaS projects (merge request) GitLab Enterprise Edition
• Remove migrate_vulnerability_finding_uuids flag (merge request)
• Migrate edit profile errors to use Pajamas compliant alert (merge request)
• Migrates button to unprotect an environment (merge request) GitLab Enterprise Edition
• Admin App-Settings Metrics header expand/collapse by @quatauta (merge request)
• Update omniauth-oauth2 to v1.7.3 (merge request)
• Remove fallback calc of last sec report pipeline (merge request) GitLab Enterprise Edition
• Migrates buttons in warning to apply template (merge request)
• Default enable FF import_release_authors_from_github (merge request)
• Cleanup Project Settings > Repository > Protected branches (merge request)
• Adjust migration update query and refactor specs (merge request) GitLab Enterprise Edition
• Replace runners token indices in projects table (merge request)
• Migrates spacing class for requirements title (merge request) GitLab Enterprise Edition
• Migrates spacing class for commits author search (merge request)
• Migrates spacing on icon for hidden approvers (merge request) GitLab Enterprise Edition
• Admin App-Settings Reporting header expand/collapse by @quatauta (merge request)
• Application Settings Repository h4 Expand/Collapse by @quatauta (merge request)
• EE Application Settings CI/CD h4 Expand/Collapse by @quatauta (merge request) GitLab Enterprise Edition
• Migrate spacing class for reverify button in geo (merge request) GitLab Enterprise Edition
• Migrates spacing for applying suggestions message (merge request)
• Migrates spacing classes on snippets empty state (merge request)
• Migrates spacing class for clone button (merge request)
• Migrates spacing class on performance bar (merge request)
• Migrates the spacing class for discussion filters (merge request)
• Use popover for On-demand scans tooltip (merge request) GitLab Enterprise Edition
• Add upgrade indicators to runner details (merge request) GitLab Enterprise Edition
• Stop creating resolved alerts for self-recovering notifications (merge request)
• Update form to use pajamas_alert in spam application settings (merge request)
• Remove projects_build_artifacts_size_refresh flags (merge request)
• Clean up merge_request_pipelines_in_target_project feature flag (merge request)

Removed (23 changes)

• Remove onboarding experience survey and email from onboarding (merge request)
• Remove tracing ff and delete yml (merge request)
• Delete monitor logging ff (merge request)
• Add migrations to remove fk (merge request)
• Delete frontend code related to logs (merge request)
• Remove code for trigger job show page (merge request)
• Remove design resolved discussions popover (merge request)
• Add migrations for table and fk (merge request)
• Removethe optimized_followed_users_queries FF (merge request)
• Remove unused Projects::JobsController#status (merge request)
• Remove dead code from gitlab_ci settings (merge request)
• Remove old route for DAST profiles (merge request) GitLab Enterprise Edition
• Remove pod logs backend code (merge request)
• Remove pod logs service (merge request)
• Remove semver usage (merge request)
• Remove clusters_integrations_elastic_stack metric (merge request)
• Remove projects_enabled_with_tracing metric (merge request)
• Remove elastic cluster section on UI (merge request)
• Remove the infinitely_collapsible_sections feature flag (merge request)
• Geo Sites Form - Remove Beta Badge (merge request) GitLab Enterprise Edition
• Remove old Sidekiq error logging fields (merge request)
• Remove file_identifier_hash feature flag by @feistel (merge request)
• Remove vsa_reaggregation_worker FF (merge request)

Security (17 changes)

• Allow inviting only groups with subset of allowed domains to groups
• Sanitize ZenTao breadcrumb links
• Gitlab Runner version upgrade
• Update ProjectAttributesTransformer to use fixed number of attributes
• Fix open redirect vulnerability
• Escape deploy key title to prevent XSS
• Fix group IP restrictions not enforced for container registry requests (merge request) GitLab Enterprise Edition
• Filter milestone release by user access
• Adds a filter based on user access to Runner jobs endpoint
• Security fix sentry issue leaks and access level check
• Check permissions before exposing user two factor enabled
• Fix permissions in the project labels API
• Fix the required access level in the Conan packages finder
• Restrict CI lint access to pipeline creators
• Catch endless headers when reading HTTP responses
• Prevent runners from picking IP restricted jobs
• Add rate limit on integration testing feature (merge request)

Performance (22 changes)

• Implement hit ration for diff caching (merge request)
• Do not allow waiting project authorizations refreshes (merge request)
• Improve DependencyLinker sanitization (merge request)
• Reduce queries in revert / cherry pick button (merge request)
• Use paginated tree for the last commit query (merge request)
• Remove unnecessary Redis calls in issue endpoints (merge request)
• Improve performance of related branches finder (merge request)
• Improve logs tree fetching performance (merge request)
• Improve performance of users API under load (merge request)
• Uses OJ Saj Parser to speed up Ipynbdiff (merge request)
• Remove delayed_project_import_schedule_worker flag (merge request)
• Remove sticky_ci_archive_trace_worker feature flag (merge request)
• Do not allow waiting project authorizations refreshes (merge request)
• Reduce queries for adding members (merge request)
• Improve performance of finding related branches (merge request)
• Schedule index to improve performance of contribution analytics (merge request)
• Preload rich viewer (merge request)
• Set expire_in for protected branch cache keys (merge request)
• Remove paginated_issue_discussions FF (merge request)
• Enable full-text search of issues by default (merge request)
• Prevent N+1 queries when rendering pipeline stage (merge request)
• Move incident closing for recovery alerts into a background job (merge request)

Other (49 changes)

• Remove plaintext token index from ci_builds (merge request)
• Disallow any database calls, or connections in routes (merge request)
• Drop unused ci builds index (merge request)
• Revert "Merge branch 'soft-validation-on-environment-external-url' into 'master'" (merge request)
• Drop post migration test table (merge request)
• Clean up confidential_notes feature flag (merge request)
• Add uuid to Service Ping medatada report (merge request)
• Turn Project authorizations refresh on changes in ProjectMember async (merge request)
• Fix usage of distance_of_time_in_words_to_now by @edith007 (merge request)
• Use correct styling for clear user status button (merge request)
• Remove measure_service_ping_metric_collection ff (merge request)
• Move finalize background migration to post-deploy (merge request)
• Update delayed_project_removal to NULL for UserNamespaces (merge request)
• Cache payload for unleash clients (merge request)
• Remove legacy queuing code (merge request)
• Remove group_name_path_vue feature flag (merge request)
• Move integration channel placeholder var into constant by @chaomao (merge request)
• Update docs to mention Epic Colours by @espadav8 (merge request)
• Reschedule batched background migration (merge request)
• Remove the gitlab_sli_new_counters feature flag (merge request)
• Remove not null constraints from requirements columns (merge request)
• Pass License sha256 in usage data (merge request) GitLab Enterprise Edition
• Validate requirements.requirement_issue NOT NULL constraint (merge request)
• Cache external MR diffs on disk for faster Project Export (merge request)
• Put migration on hold when autovacuum is active (merge request)
• Use lazy Workhorse upload preauth for fallback routes (merge request)
• Update multiple admin alerts to pajamas (merge request)
• Add Feishu Integration Foundation by @chaomao (merge request)
• Drop unused ci builds index (merge request)
• Rename queues for finishing and achiving workers (merge request)
• Switch ActiveSupport::HashDigest to SHA256 (merge request)
• Ignore ci_triggers.ref before removal (merge request)
• Moves ipynbdiff to vendor (merge request)
• Setting sliding-list Partition Fix FF to True (merge request)
• Moves ipynbdiff to vendor (merge request)
• Add background migration to backfill missing search_data (merge request)
• Add post-migration test table (merge request)
• Clean up fallbacks in Emails::MergeRequests#push_to_merge_request_email (merge request)
• Hide dependency proxy for personal namespaces (merge request) GitLab Enterprise Edition
• Remove prerecord_service_ping_data feature flag (merge request)
• Add skeleton loader for usage_quota's storage (merge request) GitLab Enterprise Edition
• Backfill runner semver column (merge request)
• Remove contacts_autocomplete feature flag (merge request)
• Only send signed upload params from Workhorse (merge request)
• Revert "Merge branch 'jnnkl-codequality-findings-diff-inline' into 'master'" (merge request)
• Fix display of times in access and deploy token table by @edith007 (merge request)
• Support push options when creating merge request pipelines (merge request) GitLab Enterprise Edition
• Update GitLab Runner Helm Chart to 0.42.0 (merge request)
• Address database documentation Vale warningss by @cgives (merge request)

15.1.6 (2022-08-30)

Security (17 changes)

• No overriding methods for Sawyer class (merge request)
• Bump yajl-ruby gem version (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.1.5 (2022-08-22)

Security (2 changes)

• Validate if values to be saved in Redis can be converted to string (merge request)
• Fix CSS selector used in specs (merge request)

15.1.4 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect integration secrets (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.1.3 (2022-07-19)

Added (1 change)

• Add praefect list virtual storages subcommand documentation (merge request)

Fixed (1 change)

• Fix group access dropdown failure if no subgroups are available (merge request) GitLab Enterprise Edition

15.1.2 (2022-07-05)

Fixed (3 changes)

• Resolve "White screen of death on creating new project" (merge request)
• Fix agent token modal (merge request)
• Resolve "Gitlab doesn't detect the deployment pods after K8s cluster upgrade to v1.22" (merge request)

Changed (2 changes)

• Update gitaly_cgroups metric name in docs (merge request)
• Refactor add populate commit permission migration (merge request) GitLab Enterprise Edition

Removed (1 change)

• Geo Sites Form - Remove Beta Badge (merge request) GitLab Enterprise Edition

15.1.1 (2022-06-30)

Security (16 changes)

• Fix group IP restrictions not enforced for container registry requests (merge request)
• Gitlab Runner version upgrade (merge request)
• Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
• Escape deploy key title to prevent XSS (merge request)
• Sanitize ZenTao breadcrumb links (merge request)
• Fix permissions in the project labels API (merge request)
• Security fix sentry issue leaks and access level check (merge request)
• Check permissions before exposing user two factor enabled (merge request)
• Filter milestone release by user access (merge request)
• Fix the required access level in the Conan packages finder (merge request)
• Allow inviting only groups with subset of allowed domains to groups (merge request)
• Fix open redirect vulnerability (merge request)
• Adds a filter based on user access to Runner jobs endpoint (merge request)
• Prevent runners from picking IP restricted jobs (merge request)
• Restrict CI lint access to pipeline creators (merge request)
• Catch endless headers when reading HTTP responses (merge request)

15.1.0 (2022-06-21)

Added (147 changes)

• Add GraphQL API to create resource links (merge request) GitLab Enterprise Edition
• Add support for collecting jemalloc stats (merge request)
• Add audit event for disabling 2FA (merge request) GitLab Enterprise Edition
• Add auditEventsStreamingHeadersDestroy Mutation (merge request) GitLab Enterprise Edition
• Add backend changes to sort issues by closed at by @zillemarco (merge request)
• Display invalid approvals on merge request widget (merge request)
• Add ownerProject field to RunnerType (merge request)
• Mutation to delete multiple package files (merge request)
• GraphQL: Add lazy load for blocking epics count (merge request) GitLab Enterprise Edition
• Add git protocol configuration to groups (merge request)
• Prevent users from using known insecure public key (merge request)
• Preview plantuml/kroki diagrams in content editor (merge request)
• Add scan_execution_policies endpoint to the Kubernetes internal API (merge request) GitLab Enterprise Edition
• Add opened/closed epic issue weights (merge request)
• Added possibility to search CRM contacts and organizations by ids by @zillemarco (merge request)
• Adds timestamps to compliance frameworks (merge request)
• Clean up group_level_protected_environment feature flag (merge request)
• Remove downstream_retry_action ff (merge request)
• Audit event for group level merge request settings (merge request) GitLab Enterprise Edition
• Added token-selector to WI assignees (merge request)
• Introduce database metric batch average operation (merge request)
• Add counts.saml_group_links metric (merge request) GitLab Enterprise Edition
• Remove customer_relations feature flag by @leetickett (merge request)
• Provide HooksExecution task to ensure Slack integrations are called (merge request) GitLab Enterprise Edition
• Introduce gitlab_internal for Rails and pg tables (merge request)
• Add sortable description list items on epic page (merge request)
• Add support for delayed project deletion for personal projects (merge request) GitLab Enterprise Edition
• Create audit stream HTTP header model (merge request)
• Prevent users from adding known, weak keys by @kyrie.31415926535 (merge request)
• Add password complexity checkbox in application settings pages (merge request)
• List children in hierarchy widget (merge request)
• Added remove button to time tracking report entries by @zillemarco (merge request)
• PyPI simple repository API PEP 503 (merge request)
• Create Geo replication events for Terraform state deletions (merge request) GitLab Enterprise Edition
• Add metric for unique MRs with invalid approvers (merge request) GitLab Enterprise Edition
• Add empty state to branch selection when creating an MR (merge request)
• Added a waning alert to the project (merge request)
• Add confidential notes index (merge request)
• Update documentation to reflect current project migration status (merge request)
• Upgrade GitLab Pages to 1.59.0 (merge request)
• Create merged result pipelines when MR is git mergeable (merge request)
• Switch legacy_open_source_license_available for non-public projects (merge request)
• Add upgrade status badge to runners (merge request) GitLab Enterprise Edition
• Internal error tracking check endpoint (merge request)
• User api endpoint for project deploy keys (merge request)
• Added intents.json to act as a multiplier to the emojis score (merge request)
• Add password complexity to application settings API by @mtan-gitlab (merge request) GitLab Enterprise Edition
• Add time to restore service chart to CI/CD analytics (merge request) GitLab Enterprise Edition
• Add new empty state to group overview (merge request)
• Add container_images to Project/Group GraphQL API (merge request)
• Event type information in streaming audit event for deploy token (merge request) GitLab Enterprise Edition
• Create Button ViewComponent (merge request)
• Introduce new Colour Select Widget by @espadav8 (merge request)
• Create release evidence post GitLab Migration (merge request)
• Prepare confidential notes index on .com (merge request)
• Add metric to count number of requirements that require approval (merge request) GitLab Enterprise Edition
• Skip sending pipeline hooks and notifications for blocked users (merge request)
• Add not null constraint on routes#namespace_id column (merge request)
• Add submit license usage data banner (merge request) GitLab Enterprise Edition
• Add version part columns to ci_runners table (merge request)
• Add seat count usage alerts to group pages (merge request) GitLab Enterprise Edition
• Show Terraform state deleted status in UI (merge request)
• Add event type information in merge request approval audit event (merge request) GitLab Enterprise Edition
• Add logic to reset submit license usage data banner data (merge request) GitLab Enterprise Edition
• Removes container_registry_project_statistics FF (merge request)
• Remove updated_diff_expansion_buttons feature flag (merge request)
• Add GraphQL support to manage the Packages Cleanup policy (merge request)
• WIP add filename arguement to allow filtering by file language (merge request) GitLab Enterprise Edition
• Added contacts and organizations resolvers by @zillemarco (merge request)
• graphql: Add merge_request_event_type field to pipeline_type (merge request)
• Add container registry to Namespace usage quotas page (merge request) GitLab Enterprise Edition
• Log GitHub Commit Status API responses by @hchouraria (merge request) GitLab Enterprise Edition
• Add GraphQL operation name to performance bar (merge request)
• Add Note to Todo GraphQL Type by @Taucher2003 (merge request)
• Add maintenance notes in runner view (merge request) GitLab Enterprise Edition
• Log sql query in Sidekiq error logs (merge request)
• Displays embedded images on ipynb diffs (merge request)
• Adds the end event column to the VSA stage table (merge request)
• Add drop_sequence migration helper (merge request)
• Cleanup orphaned routes (merge request)
• Log email delivery failures (merge request)
• Enable escalations of incidents created manually (merge request)
• Add option to backup specified groups (merge request)
• Add a index for vulnerability_state_transitions table (merge request) GitLab Enterprise Edition
• Add tooltip to the downstream expand btn (merge request)
• Adds raw column to all ci variable tables (merge request)
• Add Pages::PageDeletedEvent (merge request)
• Expose epic links properties on GraphQL (merge request) GitLab Enterprise Edition
• Add documentation for CWE 319.1 (merge request)
• Introduce execute_background_migrations feature flag (merge request)
• Add runner status to external pipeline validation payload (merge request)
• Add validation for epic issue group hieararchy (merge request) GitLab Enterprise Edition
• Implement GET API to fetch single issue link by @tuxtimo (merge request)
• Add seat count usage alerts to group pages (merge request) GitLab Enterprise Edition
• Add totalWeight to epic board list (merge request) GitLab Enterprise Edition
• Link service desk issues to CRM contacts by @leetickett (merge request)
• Add event type in audit event streaming (merge request) GitLab Enterprise Edition
• Improve group issues list empty state (merge request)
• Allow creation of annotated tags with the Release API (merge request)
• Add resource links db table migration (merge request) GitLab Enterprise Edition
• Add Pages/Pelican project template (merge request)
• Add and expose Jira app OAuth application ID (merge request)
• Add Developer Documentation for the Pipeline Wizard (merge request)
• Add 'Package registry' visibility setting to project settings by @wwwjon (merge request)
• Allow custom language type in code blocks (merge request)
• Add Milestone.releases GraphQL field (merge request)
• Add index to ci_job_artifacts (merge request)
• Add closed_as_duplicate_of to issues Graphql type (merge request)
• Introduce source versions for BulkImport trackers configuration (merge request)
• Add VulnerabilityStateTransition model (merge request)
• Implement new PAT API endpoint 'id' by @TrueKalix (merge request)
• GraphQL: Allow filtering epics by top level only (merge request) GitLab Enterprise Edition
• Remove updated_mr_header feature flag (merge request)
• Add registry migration Guard dynamic pre import timeout (merge request)
• Add CRM filtered search tokens on group/project issues page (merge request)
• Added mocked assignees to work item (merge request)
• Prepare async index to for Ci::JobArtifact (merge request)
• GraphQL: Add maintenance_note_html field (merge request)
• Prepare new Slack events processing API (merge request)
• Add backup option to filter for specific projects (merge request)
• Add designs migration to GitLab Project Migration (merge request)
• Uplift limit on Math diagrams on wiki pages (merge request)
• Add email to send to admin when a user is auto banned (merge request)
• Work item Hierarchy widget - Empty state (merge request)
• Add models for SSH signed commits (merge request)
• Finalize routes backfilling for projects (merge request)
• Add parent-child work item table (merge request)
• Add designs repository export to relations export API (merge request)
• Display artifact expired page for TestSuite (merge request)
• Update Gitlab Shell to 14.6.1 (merge request)
• Add new inactive project deletion section to admin settings (merge request)
• Add container registry storage type to project storage list (merge request) GitLab Enterprise Edition
• Added timelog categories table and model by @zillemarco (merge request)
• TLS support for metrics endpoints (pprof, prometheus) (merge request)
• Added method to perform api call to get container_registry_size (merge request)
• Default audit_event_streaming_git_operations to true (merge request) GitLab Enterprise Edition
• Self-managed SAML Group Sync (merge request) GitLab Enterprise Edition
• Add epic board list resolver (merge request) GitLab Enterprise Edition
• Add PWA manifest.json (merge request)
• The batched migrations should enforce requirements (merge request)
• Support multi-actor args in the feature API (merge request)
• Feature: dingtalk integration by @chaomao (merge request)
• Cache namespace traversal path in traversal_ids (merge request)
• Allow creation of annotated tags with the GraphQL Release API (merge request)
• Create notes confidential index synchronously (merge request)
• Clean up pipeline_editor_file_tree feature flag (merge request)
• Removes feature flag :rendered_diffs_viewer (merge request)

Fixed (212 changes)

• Enable FF ci_variable_for_group_gitlab_deploy_token (merge request)
• Fix scoped labels bug on group/project issues list (merge request)
• Allowlist OAuth application redirect URI in CSP (merge request)
• Update MergeRequestDiffFile#utf8_diff to not call #diff multiple times (merge request)
• Validation for author during release creation (merge request)
• Bump Gitlab Shell version to v14.7.4 (merge request)
• Send only group namespace with Owner role (merge request) GitLab Enterprise Edition
• Do not double escape release tags with slashes in release URL (merge request)
• Fix code block language related issues (merge request)
• Move "Create an MR" test to different line (merge request) GitLab Enterprise Edition
• Add PipelineReplicator and handle pipeline ref created event (merge request) GitLab Enterprise Edition
• OCI image fix: UI representation and Geo replication (merge request) GitLab Enterprise Edition
• Stop Wiki clone when Wiki is disabled (merge request)
• Make sure there is a separator between commits (merge request)
• Fix sticky position in project compare and commits (merge request)
• Disable project_key validation for inactive Jira integrations (merge request)
• Move checks from mergeable to mergeable_state? (merge request)
• Fixes line mapping for ipynb diffs (merge request)
• Do not mark generic vulnerabilities as "resolved on default branch" (merge request) GitLab Enterprise Edition
• Group Projects settings width does not respect fixed width (merge request)
• Group Repository Settings does not respect fixed with setting (merge request)
• Override HLJS selectors from Sourcegraph (merge request)
• Adding with_lock_retries to the gitlab:db:lock_writes rake task (merge request)
• Fix middle click on todos (merge request)
• Fix static translations in integrations (merge request)
• Improve scrolling tabs (merge request)
• Translate quick action's messages (merge request)
• Add missing padding to confirmation email login box (merge request)
• Fix themes in code blocks in content editor (merge request)
• Preserve language when retrieving cached security training urls (merge request) GitLab Enterprise Edition
• Prevent frozen modification in email encoding patch (merge request)
• Include release authors during Github imports (merge request)
• Refetch subscription after removing a user (merge request) GitLab Enterprise Edition
• Display sec training configu with license helper (merge request)
• Update workhorse local path for Issuable metrics (merge request)
• Take into account for the default merge request template (merge request)
• Fix alignment of action button icons in mini pipelines (merge request)
• Always pass current_user to project search results (merge request) GitLab Enterprise Edition
• Forward invalid feedback prop on EE invite modal (merge request) GitLab Enterprise Edition
• Geo: Fix JobArtifact verification when object storage is used (merge request)
• Fix alignment of delete button on linked items (merge request)
• Remove captcha check GET endpoint (merge request) GitLab Enterprise Edition
• Fix UTF-8 conversion in reply parser (merge request)
• Improve design loading state by @leetickett (merge request)
• Fix a bug in MergeRequests::UpdateService (merge request)
• Remove unused ci_job_artifact_states_job_artifact_id_seq (merge request)
• Fix iteration reports with cadence rollover (merge request) GitLab Enterprise Edition
• Propagate scan result rules related attributes (merge request) GitLab Enterprise Edition
• Use loose foreign key for deployment_clusters.cluster_id (merge request)
• Fixing SlidingListStrategy default value of the partitioning column (merge request)
• Properly handle the PG::ReadOnlySqlTransaction error (merge request)
• Fix API Security registry name in DAST On Demand API template (merge request) GitLab Enterprise Edition
• Fix API Security registry name in Secure Binaries template (merge request) GitLab Enterprise Edition
• Correctly display MR analytics Avg and Max values (merge request) GitLab Enterprise Edition
• Remove unused ci_pipelines_config_pipeline_id_seq (merge request)
• Fix source_project for Ci::Sources::Project (merge request) GitLab Enterprise Edition
• Hide /remove_contacts if issue has no contacts by @leetickett (merge request)
• Do not use custom SVG logo for email header (merge request)
• Fix artifact downloads on Security tab (merge request) GitLab Enterprise Edition
• Add support for sentry request with no content-type by @leetickett (merge request)
• Removed component destroy on mouseout (merge request)
• Respect namespace for phabricator importer (merge request)
• Respect namespace for manifest importer (merge request)
• Use loose foreign key for deployments.cluster_id (merge request)
• Allow OPTIONS method for OAuth2 token endpoints (merge request)
• Update search data when :issues_full_text_search is enabled (merge request)
• Use header logo for merge request emails by @wwwjon (merge request)
• Exclude Requirements & Test Cases from Issues list (merge request) GitLab Enterprise Edition
• Update pipeline mini graph border (merge request)
• Add timestamp columns to VSA aggregated RecordsFetcher (merge request)
• Fix button height on group issues list page (merge request)
• Default to the current group when importing from gitea (merge request)
• Only transition environment to stopped once stop action has succeeded (merge request)
• Update LFS objects export to not fail if file on disk is missing (merge request)
• Fix gitlab:db:validate_config to store db_config_name of a database (merge request)
• Fix namespace_id being lost for github import (merge request)
• Fix rewriting epic in Issues move service (merge request) GitLab Enterprise Edition
• Provide project path to refetched Terraform state GraphQL queries (merge request)
• Use DAST_API_EXCLUDE_URLS with DAST API on-demand scans (merge request) GitLab Enterprise Edition
• Close Epic Label dropdown when clicking on header X by @espadav8 (merge request)
• DeactivateDormantUsersWorker will not deactivate recently created users (merge request)
• Remove unused ci_build_report_results_build_id_seq (merge request)
• Prevented issues designs reordering when on mobile by @zillemarco (merge request)
• Fix MR title link styles (merge request)
• Convert captcha check endpoint to POST request (merge request) GitLab Enterprise Edition
• Retain top level group default membership with SAML Group Sync (merge request) GitLab Enterprise Edition
• Enable FF ci_fix_rules_if_comparison_with_regexp_variable by default (merge request)
• Add auditor access for group wiki (merge request) GitLab Enterprise Edition
• Add GitLab agent image tag to install command (merge request)
• Guard email receiver from empty From and To fields (merge request)
• Allow public terraform modules to anonymous users (merge request)
• Fix error when creating Policy Schedule with invalid cron expression (merge request) GitLab Enterprise Edition
• Show manual actions from matching environments on environment page (merge request)
• Add auditor access for on call schedules (merge request) GitLab Enterprise Edition
• Do not aggregate TestReport when using matrix job (merge request)
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix incorrect open issue count in project sidebar (merge request) GitLab Enterprise Edition
• Update deployment status when a build fails due to data integrity (merge request)
• Do not allow last human owner to leave (merge request)
• Disconnect alternates when unlinking from a repository pool (merge request)
• Clean up Terraform state files on deletion (merge request)
• Fix linked pipeline expand cutoff on focus (merge request)
• Always destroy webhooks synchronously (merge request)
• Fix vulnerability report project filter loading icon (merge request) GitLab Enterprise Edition
• Add Cancel buttons to CSV import and export modals (merge request)
• Fix 500 on issues list page (merge request)
• Add !reference support for workflow keyword (merge request)
• New Issue: Fix description label alignment (merge request)
• Fix deployment chat notifications for tags by @rstxn (merge request)
• Fix merge_request should_remove_source_branch by @guillaume.chauvel (merge request)
• Make Plain diff button downloadable (merge request)
• Improve comemnts discussion header (merge request)
• Fix 500 error for CompareController (merge request)
• Fix vanishing design versions by @leetickett (merge request)
• Upgrade fog-aws to v3.14.0 by @hchouraria (merge request)
• Dismiss file tree popover when clicking outside the element (merge request)
• Hide commit form based on pipeline editor path's tab query param (merge request)
• Prevent project maintainers from approving Owner access requests (merge request)
• Add btn-link class back (merge request)
• Correct project coverage graph dates on x axis (merge request)
• Add support for the !reference tag in CI schema (merge request)
• Address ux quota problems (merge request) GitLab Enterprise Edition
• Change page titles from h3 to h1 to be semantically correct (merge request)
• Fix epics list bulk editing by using intersection (merge request) GitLab Enterprise Edition
• Do not store security scans for already purged pipelines (merge request) GitLab Enterprise Edition
• Update binary button links platform changes (merge request)
• Fixed mis-aligment of expanded header-search-bar (merge request)
• Fix Advanced Search Opensearch detection (merge request) GitLab Enterprise Edition
• Use #persisted_environment for agent impersonation (merge request)
• Do not allow mailers to be enqueued from within a transaction (merge request)
• Use live preview extension no matter the first file opened (merge request)
• Fix NoMethodError in Integrations::Prometheus#test by @moofkit (merge request)
• Fix routing for /info/refs (merge request)
• Resolve issues emoji selector missing focus border (merge request)
• Add JobArtifactCreatedAt to build_artifacts_size_refresh table (merge request)
• Prevent project maintainers from creating Owner access tokens (merge request)
• Separate query params for Members and Groups by @wwwjon (merge request)
• Set timestamps correctly when propagating (merge request)
• Patch ActiveRecord::Generators::Migration#configured_migrated_path (merge request) GitLab Enterprise Edition
• Geo: Mark object stored as verification disabled (merge request) GitLab Enterprise Edition
• Update BulkImports to handle empty relation status responses (merge request)
• Fix mail notifications not being sent when requesting access (merge request)
• Include inherited owners in User#solo_owned_groups (merge request)
• Fixes forgotten base class (merge request)
• Prevent project maintainers from creating or modifying Project Owners (merge request)
• Fix bug on Pipeline#has_expired_test_reports? (merge request)
• Fix project packages and registries menu active state (merge request)
• Lower session expiry when user is unauthenticated (merge request)
• Guard clause for no external destinations (merge request) GitLab Enterprise Edition
• Skip orphaned pool repositories even when there's a fork network (merge request)
• Add spacing between threat monitoring breadcrumb and policy section (merge request) GitLab Enterprise Edition
• Allow references to scoped labels by title (merge request)
• Fix Emoji picker button background in highlighted comment (merge request)
• Merge branch 'fix-last-pipeline-fecth-in-web-ide' into 'master' (merge request)
• Ensure last pipeline is fetched on render of Web IDE status bar (merge request)
• Drop defunct unique namespaces name index (merge request)
• Fix issue description list item styling (merge request)
• Improve design consistency of buttons in some modals (merge request)
• Fix overflow on comments (merge request)
• Don't fail extension API getter (merge request)
• Align DAST Site Token URL validation (merge request) GitLab Enterprise Edition
• Add auditor access for dependency proxy (merge request) GitLab Enterprise Edition
• Sets Gon variables in response to requests with invalid reCAPTCHA (merge request)
• Fix 2-factor QR code on small screens (merge request)
• Fix padding regression for SAML SSO sign in (merge request) GitLab Enterprise Edition
• Fix SFE commit message focus (merge request)
• Fix drag and drop issue description list item bugs (merge request)
• Fix REST runner API status filter documentation (merge request)
• Fix inconsistent focus on comment field (merge request)
• Added check for GraphQL ID on popover (merge request)
• Fix focus ring for linked issues input field (merge request)
• Remove streams tab from subgroups audit events UI (merge request) GitLab Enterprise Edition
• Set MailRoom's postback request content type to text/plain (merge request)
• Update account deletion instructions (merge request)
• Remove superfluous whitespace in link to pipeline by @KevSlashNull (merge request)
• Highlight active CRM page in navigation menu by @leetickett (merge request)
• Fix vertical alignemnt of comment icons (merge request)
• docs: Use clear deprecation/removal as examples by @tnir (merge request)
• Hide a dropdown tooltip when toggling by @petewaitforletters (merge request)
• Fix focus overflow on create new label (merge request)
• Delete the duplicate job even in case of errors (merge request)
• docs: Fix DS_DEFAULT_ANALYZERS variable docs by @tnir (merge request)
• Fix custom notification settings for releases (merge request)
• gitaly_client: Fix handling of custom hook errors in UserMergeBranch (merge request)
• Remove existing repository backups when creating a full backup (merge request)
• Fix multiple modals showing when canceling comment in diff (merge request)
• Fix references in wiki pages (merge request)
• Resolve invite member trigger qa selector ambiguity (merge request)
• Update test case and MR popover status badges (merge request)
• Move LFK scheduling out from EE check (merge request)
• Allow users to reset DAST submit field (merge request) GitLab Enterprise Edition
• Fix LabelToken selecting wrong label (merge request)
• Add support for configuring internal IPs (merge request)
• Fix fogbugz ignoring target name and group change (merge request)
• Fix duplicate results in MR pipelines resolver (merge request)
• Fix UTF-8 handling issue for internal mailroom endpoint (merge request)
• Hide internal note checkbox on unsupported types (merge request) GitLab Enterprise Edition
• Grant auditor role read-access to policies (merge request) GitLab Enterprise Edition
• Fix missing action buttons when editing Requirements (merge request)
• Sanitize user input on the harbor registry list page by @orozot (merge request)
• Cleanup backup staging files on failure (merge request)
• Fix issues list previous page bug (merge request)
• Geo Sites - Unknown WAL bug (merge request) GitLab Enterprise Edition
• Fix button text color in dark mode (merge request)
• Use merge_head_diff for code owners (merge request)
• Disallow guests from updating an issue promoted to incident by @nfason (merge request)
• Add correct Default.md MR template precedence handling (merge request)

Changed (453 changes)

• Extend logging for Mirror jobs (merge request)
• Consider patches for eligible runner releases (merge request)
• Introduced /ready quick action by @stingrayza (merge request)
• Use Labkit for checking and enabling FIPS (merge request)
• Migrates spacing class for edit button on release (merge request)
• Migrates spacing class for authenticating github (merge request)
• Enable Geo proxying for separate URLs by default (merge request) GitLab Enterprise Edition
• Migrate spacing classes for feature flag form (merge request)
• Migrates spacing class for commit sidebar of ide (merge request)
• Update CiJobConnection.count to limited count (merge request)
• Migrate link button to tertiary in design management (merge request)
• Drop permissions column from ci_secure_files table (merge request)
• Change form_errors to be pajamas compliant in admin settings (merge request)
• Migrates spacing classes on release overview page (merge request)
• Removed useCustomErrorHandler and callback options (merge request)
• Migrate spacing classes on search overview page (merge request)
• Apply standard registration flow to single-sign on registrations (merge request)
• Fixes the spacing for the contributors buttons (merge request)
• Migrates custom classes for project search (merge request)
• Migrates the spacing for milestone icon analytics (merge request) GitLab Enterprise Edition
• Migrate errors in create user to Pajamas alert (merge request)
• Adds loading for package details additional metadata (merge request)
• Migrates spacing classes for empty approval rule (merge request) GitLab Enterprise Edition
• Fixes spacing for buttons of broadcast message (merge request)
• Migrates spacing class of assignee of related item (merge request)
• Migrates to gl class for checkbox to select commit (merge request)
• Migrates spacing class in security dashboard (merge request) GitLab Enterprise Edition
• This MR updated CI/CD configuration flow (merge request) GitLab Enterprise Edition
• Add has_vulnerabilities to cluster_agents (merge request)
• Update gray-10 from #fafafa to #f5f5f5 (merge request)
• Improve error messages when fetching Jira user information (merge request)
• Migrate repo storage errors to Pajamas alert (merge request)
• Update docs milestone description for alpha (merge request)
• Decrease spacing between checkbox and button (merge request)
• Conditional dropdown value in invite modals (merge request)
• Migrates the spacing for icon in web ide header (merge request)
• Update group deletion protection settings (merge request) GitLab Enterprise Edition
• Migrates the spacing class for sort dropdown (merge request) GitLab Enterprise Edition
• Disable reading remdiation records (merge request) GitLab Enterprise Edition
• Migrates the spacing classes for label search (merge request)
• Support footnotes in client-side deserializer (merge request)
• Migrate the prioritize button (merge request)
• Updated servicedesk callout to BannerComponent (merge request)
• Migrates the spacing class for error severity (merge request)
• Env Folder component icon migration (merge request)
• Right sidebar improvements for collapsed state (merge request)
• Migrate pipeline_schedules/_form.html.haml to Pajamas::ButtonComponent (merge request)
• Enable dast_ui_redesign feature flag by default (merge request) GitLab Enterprise Edition
• Removes unused code for modal close button (merge request) GitLab Enterprise Edition
• Replace pencil-square icon with pencil icon (merge request)
• Migrates to gl class for right margin (merge request)
• Add approval_required entry to widget endpoing (merge request) GitLab Enterprise Edition
• Use RedHat OpenJDK packages in gemnasium-maven FIPS (merge request) GitLab Enterprise Edition
• Migrate the edit button (merge request)
• Backfill project feature 'package_registry_access_level' by @wwwjon (merge request)
• Improve Insights UI text (merge request) GitLab Enterprise Edition
• Migrates the button to request attention (merge request)
• Use chevron icon in mr_collapsible_extension.vue (merge request)
• Migrates the modal to remove related item (merge request) GitLab Enterprise Edition
• Update MR feature callout to BannerComponent (merge request) GitLab Enterprise Edition
• Enable feature flag for renamed integrations workers (merge request)
• Migrates the modal to discard changes in web ide (merge request)
• Allow CI_JOB_TOKEN auth for release links API by @tuxtimo (merge request)
• Event type information in streaming audit event for project download (merge request) GitLab Enterprise Edition
• Update Coverage-Fuzzing.gitlab-ci.yml (merge request)
• Migrate the deprioritize button (merge request)
• Migrate sidebar buttons for bulk update (merge request) GitLab Enterprise Edition
• Unbox Group audit events (merge request)
• Migrates the modal to reset webhook for pagerduty (merge request)
• Prevent page reload on switch board (merge request)
• Update banner implementation to use Pajamas banner (merge request) GitLab Enterprise Edition
• Migrate buttons to add/remove commits (merge request)
• Adjust empty runners state svg height (merge request)
• Migrates button to open sidebar for bulk updates (merge request) GitLab Enterprise Edition
• Update administrator settings for deletion protection (merge request) GitLab Enterprise Edition
• Removes incorrect gl-padding-50 variable (merge request)
• Update omniauth-dingtalk-oauth2 gem to v1.0.1 (merge request)
• Migrates modal to delete iteration (merge request) GitLab Enterprise Edition
• Enable FIPS mode for digest algorithms (merge request)
• Support autolink serialization in Content Editor (merge request)
• Update WebIDE job chevron icon (merge request)
• Migrate button to search projects on dashboard (merge request)
• Rename the "Dark" and "Light" theme to avoid confusion with "Dark Mode" (merge request)
• Migrates the modal to discard all changes (merge request)
• Migrate button component (merge request) GitLab Enterprise Edition
• Rename discussion comment button title (merge request)
• Update buttons on new project from CI/CD pane (merge request) GitLab Enterprise Edition
• Migrates button to revoke validation for dast (merge request) GitLab Enterprise Edition
• Migrates the button to add rotation for schedule (merge request) GitLab Enterprise Edition
• Migrates the button to expand sidebar (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrates the default value for deleting a design (merge request) GitLab Enterprise Edition
• Project Owners can approve access requests (merge request)
• Migrates modal to download test coverage report (merge request) GitLab Enterprise Edition
• Removed container_registry_namespace_statistics ff (merge request)
• Migrates the button to edit a blob file (merge request)
• Cleanup Child issues and epics (merge request)
• Update specs for integrations API to check all modifiable fields (merge request)
• Move IrkerWorker into Integrations:: namespace and rename queue (merge request)
• This MR migrates bootstrap legacy component to pajamas (merge request)
• Add Slack app installations to Service Ping (merge request) GitLab Enterprise Edition
• This MR migrates bootstrap legacy component to pajamas (merge request)
• Update MS Teams form to use sections (merge request)
• Migrate button to confirm user (merge request)
• Migrates the button to add on call schedule (merge request) GitLab Enterprise Edition
• Migrates the button to add an escalation policy (merge request) GitLab Enterprise Edition
• Migrates close button in details for test case (merge request)
• Migrates button to restart Web IDE terminal (merge request)
• Migrates the button to extend trial (merge request) GitLab Enterprise Edition
• Migrates button to view full dashboard (merge request)
• Migrates button to view documentation (merge request)
• Migrates button to view dashboard documentation (merge request)
• Migrates the guidance in docs for buttons (merge request)
• Migrates button to manage plan for subgroups (merge request) GitLab Enterprise Edition
• Migrates buttons to resync and reverify projects (merge request) GitLab Enterprise Edition
• Migrate access token form errors to be Pajamas compliant (merge request)
• Update admin error alerts to pajamas (merge request)
• Migrate the subscribe dropdown button (merge request)
• Updated icons in the group contributions table (merge request) GitLab Enterprise Edition
• Updated buttons in the project settings (merge request)
• Migrate the ellipsis button (merge request)
• Add url variables to web hooks (merge request)
• Migrate group visibility form errors to be Pajamas compliant (merge request)
• Migrate Admin -> Topic -> New form errors to be Pajamas compliant (merge request)
• Migrate alert in the onboarding flow (merge request) GitLab Enterprise Edition
• Migrate button in sidebar for bulk issues update (merge request)
• Migrate button in the group creation (merge request) GitLab Enterprise Edition
• Migrates buttons in labels nav partial (merge request)
• Migrate alert in the SSH key settings (merge request)
• Use Pajamas::AlertComponent for maintenance message by @ali_o_kan (merge request) GitLab Enterprise Edition
• Migrates 'Stop all jobs' button to Pajamas::ButtonComponent (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrate alert docs icon (merge request)
• Add pattern validation for cadence in Scan Execution Policy Schema (merge request) GitLab Enterprise Edition
• Migrate button to create branch (merge request)
• Add a descriptive empty state for runners (merge request)
• Migrate angle icon to chevron in deploy_board_wrapper.vue (merge request)
• Updated repository callout to BannerComponent (merge request) GitLab Enterprise Edition
• Updated buttons in the Repository mirror settings (merge request) GitLab Enterprise Edition
• Remove separator slot from new project breadcrumb (merge request)
• Remove require_auth_for_graphql_user_resolver feature flag (merge request)
• Disable job log checksums when FIPS enabled (merge request)
• Migrate angle icons to chevron icons in Paginator (merge request)
• Migrate angle icons to chevron icons in GraphGroup (merge request)
• Log worker_id for Puma and Sidekiq (merge request)
• Remove records for removed integrations (merge request)
• Migrate angle icons to chevron icons Kaminari (merge request)
• Bump Auto Deploy Image to v2.30.0 (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrate chevron icon compliance docs (merge request)
• Migrate angle to chevron in responsive header (merge request)
• Migrate chevrons in pagination buttons (merge request)
• Migrate chevrons in breadcrumbs (merge request)
• Update confidential issue permissions docs (merge request)
• Updated buttons in the group settings (merge request) GitLab Enterprise Edition
• Remove language arg (merge request) GitLab Enterprise Edition
• Determine security training feature accessibility (merge request)
• Replace terms angle icon for a chevron one (merge request)
• Change resolved -> detected on subsequent scans (merge request) GitLab Enterprise Edition
• Removes OpenStruct use by @mehulsharma (merge request)
• Rename cluster integration workers and their queues (merge request)
• Migrate chevron DM docs (merge request)
• Migrate web ide icon docs (merge request)
• Autodevops docs chevron icon migration (merge request)
• Unbox & Cleanup Compare merge request (merge request)
• Replaced generic inputs in the Web IDE (merge request)
• Restore md spinner in MR status widget (merge request)
• Make captcha check over POST rather than GET (merge request) GitLab Enterprise Edition
• Update contextual sidebar background and border (merge request)
• Add missing page-title & font-size-h-display classes (merge request)
• Supported 'language' editor instance option (merge request)
• Change what makes migrations completed (merge request) GitLab Enterprise Edition
• Clean up group_member_inherited_group feature flag by @wwwjon (merge request)
• Update h1 to use .gl-font-size-h-display class (merge request)
• Migrates the create commit button in Web IDE (merge request)
• Replace angle icons for chevron in registry breadcrumb (merge request)
• Migrates the learn more about AWS button (merge request)
• Migrates the export requirements modal (merge request) GitLab Enterprise Edition
• Replace angle icons for chevron in groups (merge request)
• Use tertiary button for alert sidebar assignee (merge request)
• Fix attribute inheritance in workers (merge request)
• Revert data consistency to always (merge request)
• Remove branch names from conflict count (merge request)
• Cleanup Schedule a new pipeline form page (merge request)
• Cleanup New environment page (merge request)
• Migrates the skeleton in terraform MR widget (merge request)
• Migrates the modal to delete an integration (merge request)
• Cleanup New Test Case page (merge request)
• Cleanup New/Edit feature flag form (merge request)
• Add limits on number of scheduled security scan pipelines (merge request)
• Migrates the run pipeline modal in commit (merge request)
• Remove async_mr_close_issue feature flag (merge request)
• Remove use_received_header_for_incoming_emails feature flag (merge request)
• Change loading state (merge request)
• Migrates the feature flag modal to not use ok (merge request)
• Update search settings placeholder text (merge request)
• Improve Debian version regexp by @sathieu (merge request)
• Migrates the skeleton loader for requirements (merge request) GitLab Enterprise Edition
• Update group compliance framework labels (merge request) GitLab Enterprise Edition
• Replace angle icons for chevron in package details (merge request)
• Finally get rid of all btn-warning code (merge request)
• Migrates the configure regions button for GCP (merge request)
• Don't delete expired artifacts undergoing refresh (merge request)
• Change awards active item state (merge request)
• Limit the response being logged from the WebhookWorker (merge request)
• Migrates the download test coverage report button (merge request) GitLab Enterprise Edition
• Refactor storage helper date checking (merge request)
• Update to bundler v2.3.15 (merge request)
• Add phone_verification_code_enabled to ApplicationSettings by @zhzhang93 (merge request)
• Change angle icon (merge request)
• Add invalid approvers to be further used by (merge request) GitLab Enterprise Edition
• Graduate update_storage_usage_design feature flag (merge request) GitLab Enterprise Edition
• Replace angle icons to chevron in admin dashboard (merge request)
• Bump Gitlab Shell version (merge request)
• Cleanup New user form (merge request)
• Improve sidebar styling (merge request)
• Expose alert status (merge request)
• Make sidebar in MRs sticky (merge request)
• This MR replaces outdated skeleton-loading (merge request)
• Use agent name in the agent installation command (merge request)
• Bring DAST templates back inline (merge request) GitLab Enterprise Edition
• Improve editing experience of footnotes (merge request)
• Migrate to tertiary buttons in DropdownContentsCreateView (merge request)
• Update premailer gem to v1.16.0 (merge request)
• Add focus ring to all links (merge request)
• Enable route_hll_to_snowplow_phase2 FF by default (merge request)
• Cleanup New/Edit Label pages (merge request)
• Update gitlab-fog-azure-rm for Ruby 3.0 compatibility (merge request)
• Update more in-app checkout CSS utility classes (merge request)
• Unbox Label pages for Group & Projects (merge request)
• Require authentication when enumerating users via GraqhQL (merge request)
• Left align CTAs and remove background color (merge request)
• Added count in project_type (merge request)
• Clean up feature flag for release path fix (merge request)
• Migrate to a tertiary button in DropdownContentsLabelsView (merge request)
• Cache container repositories size on namespace (merge request)
• Remove unwanted title attribute (merge request) GitLab Enterprise Edition
• Migrate push rules edit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Add trigger section definition to form (merge request)
• Enable new issue reference popovers (merge request)
• Report warnings from the timebox resolver (merge request)
• Upgrade re2 gem to v1.4.0 (merge request)
• Update auto-deploy-image to v2.28.2 (merge request)
• Migrates the skeleton in overview discussion notes (merge request)
• Remove integrations.properties column (merge request)
• Migrates the analytics on group overview page (merge request) GitLab Enterprise Edition
• Rename ProjectServiceWorker to Integrations::ExecuteWorker (merge request)
• Migrate to a tertiary button in Dependency List (merge request) GitLab Enterprise Edition
• Run RubySampler and ThreadSampler in Puma primary (merge request)
• Move VSA task by type description into dropdown (merge request) GitLab Enterprise Edition
• Migrate skeleton loader in MR popover (merge request)
• Enable Slack app OauthV2 flow (merge request) GitLab Enterprise Edition
• Migrate skeleton in Web IDE file tree list (merge request)
• Migrate skeleton loader for test coverage summary (merge request) GitLab Enterprise Edition
• Migrates skeleton loader in issuables list (merge request)
• Add text related to policy status (merge request) GitLab Enterprise Edition
• Migrates the buttons when adding a metrics panel (merge request)
• Use the minimal layout for the in-app checkout flows (merge request) GitLab Enterprise Edition
• Improve styling of dropzone (merge request)
• Add reason for unauthorized in jira connect API (merge request)
• Migrate resolve button in error tracking (merge request)
• Migrates more details button in error tracking (merge request)
• Migrates the edit policy button in drawer (merge request) GitLab Enterprise Edition
• Migrates the modal to promote a milestone (merge request)
• Migrates the modal to edit LDAP user (merge request) GitLab Enterprise Edition
• Remove "other role" details during signup (merge request)
• Migrates radio buttons for strategy of auto devops (merge request)
• Migrate issuable form branch chooser alert to Pajamas ViewComponent (merge request)
• Improve focus states of downstream cards (merge request)
• Migrates the save changes button to edit geo site (merge request) GitLab Enterprise Edition
• Improve UI text of group Templates setting (merge request) GitLab Enterprise Edition
• Migrates skeleton loader for projects in runner (merge request)
• Migrates radio buttons in add license form (merge request) GitLab Enterprise Edition
• Migrate path skeleton in value stream analytics (merge request)
• This MR replaces outdated skeleton-loading (merge request)
• Migrates the resolve conflict button in diff view (merge request)
• Migrates the display anyway button for math (merge request)
• Increase margin in Sec. Dashboard cards (merge request) GitLab Enterprise Edition
• Migrates skeleton for cluster details in table (merge request)
• Remove orphaned commits from Advanced Search index (merge request) GitLab Enterprise Edition
• Migrates the skeleton for notes in diffs (merge request)
• Migrates the save changes button to add metric (merge request)
• Migrate button to go to Confluence (merge request)
• Migrates the add button in form for stream (merge request) GitLab Enterprise Edition
• Migrate action buttons in security (merge request) GitLab Enterprise Edition
• Migrates the add stream button in audit events (merge request) GitLab Enterprise Edition
• Migrates the skeleton for system notes (merge request)
• Migrates the create service account button for gcp (merge request)
• Remove failed_jobs_tab_vue feature flag (merge request)
• Migrate skeleton loader in runner jobs list (merge request)
• Migrates the button to archive a test case (merge request) GitLab Enterprise Edition
• Remove minutes quota copy from banner (merge request)
• Remove unnecessary ExecStop from sidekiq service file by @behrmann (merge request)
• Migrates button in modal for hand raise leads (merge request) GitLab Enterprise Edition
• Migrates the skeleton loader in markdown preview (merge request)
• Migrate wiki/issue rebalancing alert to Pajamas ViewComponent (merge request)
• Clean up background migration BackfillIntegrationsEnableSslVerification (merge request)
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• Use CreateOrchestrationPolicyWorker to schedule SyncScanPoliciesWorker (merge request) GitLab Enterprise Edition
• Migrates the submit button to add a new license (merge request) GitLab Enterprise Edition
• Migrates dropdown item in options for error (merge request)
• Change pending text on members page for awaiting members (merge request) GitLab Enterprise Edition
• Allow delete of protected tags if user has authority by @eggerd (merge request)
• Migrates the button in burndown charts (merge request) GitLab Enterprise Edition
• New issue visual cleanup (merge request)
• Migrates skeleton loader in value stream analytics (merge request)
• Remove unused helper method with warning button (merge request) GitLab Enterprise Edition
• Migrates the install button for mattermost teams (merge request)
• Provide can_admin_vulnerability attribute to instance security dash (merge request) GitLab Enterprise Edition
• Migrates the button in the leave group modal (merge request)
• Migrates revoke approval button in merge request (merge request)
• Migrates the dismiss vulnerability button in modal (merge request) GitLab Enterprise Edition
• Sets "Dismiss selected" button variant to default (merge request) GitLab Enterprise Edition
• This MR migrates radio button to pajamas radio component (merge request)
• Migrates the radio to say who is using gitlab (merge request) GitLab Enterprise Edition
• Create index for deployment_approvals on created_at and id (merge request)
• No-op FixMergeRequestDiffCommitUsers background migration (merge request)
• Enable 'automaticLayout' option for Source Editor (merge request)
• Cleanup New merge request selection step (merge request)
• Migrates the clone dropdown (merge request)
• Cleanup New Epic (merge request)
• Remove 'delayed_repository_update_mirror_worker' feature flag (merge request)
• Update empty state of Slack Application page (merge request) GitLab Enterprise Edition
• Migrates the example in docs from success (merge request)
• Migrate angle to chevron in group templates (merge request) GitLab Enterprise Edition
• Migrates the button in the promote label modal (merge request)
• Migrates button to cherry pick commits (merge request)
• Migrate skeleton for unconfigured security rules (merge request) GitLab Enterprise Edition
• Migrates the save changes button for value streams (merge request) GitLab Enterprise Edition
• Migrates the skeleton in usage counts (merge request)
• Migrates the radio mention in cascading settings (merge request)
• Migrates the radio to say who will be using group (merge request)
• Migrates the radio buttons in whats new settings (merge request)
• Align Webhooks settings entry order (merge request) GitLab Enterprise Edition
• Migrate button to view issue for error (merge request)
• Migrates the start web terminal button in web ide (merge request)
• Migrate use template button for custom templates (merge request) GitLab Enterprise Edition
• Migrate pages domain alert to Pajamas ViewComponent (merge request)
• Migrates try out pipeline button in mr widget (merge request)
• Migrates the save changes button for new geo site (merge request) GitLab Enterprise Edition
• Migrate button to confirm users email (merge request)
• Migrate push rules edit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Reject some requests that may conflict with project stats refresh (merge request)
• Migrates button to add approval rule in MR (merge request)
• Migrate project new tag alert to Pajamas ViewComponent (merge request)
• Migrates the revoke oauth button for GCP (merge request)
• Migrates the CLI Commands dropdown for containers (merge request)
• Migrates the button to trigger a manual job (merge request)
• Add script keyword link in tooltip (merge request)
• Migrates the configure button for feature flags (merge request)
• Change order of displayed years in CI minutes app (merge request) GitLab Enterprise Edition
• Rearrange user popover content for better overview (merge request)
• Migrate admin emails to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Enforce Migration[2.0] to make all migrations decomposition supported (merge request)
• Clean up vulnerabilities over time chart and improve tests (merge request) GitLab Enterprise Edition
• Migrate storage limit alert to Pajamas (merge request) GitLab Enterprise Edition
• Migrate remove cluster buttons (merge request)
• Refine mini pipeline graph states (merge request)
• Migrate above size limit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Add upstream pipeline attributes in pipeline hooks by @AdrianLC (merge request)
• Migrates the upload file button for secure files (merge request)
• Migrates the clear cluster cache button (merge request)
• Removes the configure later button (merge request)
• Make ci_owned_runners_* FF on by default (merge request)
• Header add focus ring to more elements (merge request)
• Update MR widget styling (merge request)
• Update Gitlab Shell version to 14.7.1 (merge request)
• Clean up security dashboard layout (merge request) GitLab Enterprise Edition
• Improve error display for Zentao issue by @icbd (merge request) GitLab Enterprise Edition
• Remove execute_batched_migrations_on_schedule_ci_database (merge request)
• Update incident escalation policy when alert status is first synced (merge request)
• Update all versions of n/a or N/A to Not applicable by @ali_o_kan (merge request)
• Migrates the Elasticsearch retry migration button (merge request) GitLab Enterprise Edition
• Migrates the button for updating the username (merge request)
• Contribution Analytics - Deprecate seg control (merge request) GitLab Enterprise Edition
• Add validation for namespace on compliance frameworks (merge request) GitLab Enterprise Edition
• Remote h1 from site logo (merge request)
• Add end_event_timestamp to the stage records JSON response (merge request)
• Unbox Designs on issues (merge request)
• Disable Content-MD5 when FIPS is enabled (merge request)
• Migrate archive button in design (merge request)
• Make improvements to group repo analytics UX (merge request) GitLab Enterprise Edition
• Align note actions to Pajamas icon button styles (merge request)
• Migrates the button to add approval rule (merge request) GitLab Enterprise Edition
• Migrates the unprotect environment button (merge request) GitLab Enterprise Edition
• Geo Sites - Link to replication views (merge request) GitLab Enterprise Edition
• Sort projects by CI minutes usage in Usage Quotas page (merge request) GitLab Enterprise Edition
• Migrates the button to change group URL (merge request)
• Migrate the lock button in the sidebar (merge request)
• Migrate button in inline collapsed files alert (merge request)
• Migrate button in alert for collapsed files (merge request)
• Change next_aborted_repository take to limit(2)[0] (merge request)
• Added trigger for namespace_aggregation_worker (merge request)
• Migrate button in alert for mermaid limit (merge request)
• Migrate add project button in operations dashboard (merge request) GitLab Enterprise Edition
• Container Registry: cleanup expire icon changed by @TrayHard (merge request)
• Rename Projects::ServicesController and change routes (merge request)
• Migrate checkbox for mattermost with new group (merge request)
• Remove unused state and function by @JonstonChan (merge request)
• Migrate confirm user button (merge request)
• Migrate service ping consent button (merge request)
• Migrate trigger cluster reindexing button (merge request) GitLab Enterprise Edition
• Migrate buttons in user count alert (merge request) GitLab Enterprise Edition
• Migrate purchase storage button in alert (merge request) GitLab Enterprise Edition
• Migrate enable Service Desk button in info (merge request)
• Update Gitlab Shell version to 14.6.0 (merge request)
• Use backend to send security training status instead of using GraphQL (merge request)
• Forbid creating streaming destinations for subgroups (merge request) GitLab Enterprise Edition
• Add structured error parsing for user_cherry_pick (merge request)
• Verify group name is valid inside of the purchase flow (merge request) GitLab Enterprise Edition
• Add filters by milestone, author, and assignee to task by type (merge request) GitLab Enterprise Edition
• Change edit profile inputs to be full width on mobile (merge request)
• Add shared runner duration to table (merge request) GitLab Enterprise Edition
• Backfill project member namespace id (merge request)
• In emails, style implicit links too by @smokris (merge request)
• Bump Gitlab Shell version to 14.5.0 (merge request)
• Add focus to old form elements (merge request)
• Adjust placement of DAST profile conflict banner (merge request) GitLab Enterprise Edition
• Allow version conflicts in commits migration (merge request) GitLab Enterprise Edition
• Migrate enable service desk button to confirm (merge request)
• Clarify required permission for GitLab Migration by @qb60 (merge request)
• Ghost-userize Threat Insights models on deletion (merge request) GitLab Enterprise Edition
• Migrate save edited snippets comment to confirm (merge request)
• Rename storage to project storage (merge request)
• Exclude date-range controls from loading state (merge request) GitLab Enterprise Edition
• Change group usage quota ux (merge request)
• Update Slack application settings form labels (merge request) GitLab Enterprise Edition
• Redesign package details history loading experience (merge request)
• Bump Gitlab Shell version to 14.4.0 (merge request)
• Fix the odd spacing in the sidebar between Milestone and Iteration (merge request)
• Adding ordered scope to Project-level Secure Files (merge request)
• Increase size of sidebar nav sidebar (merge request)
• Define states parameter in environments api interface (merge request)
• Update commits migration options (merge request) GitLab Enterprise Edition
• Update report schema selection process description (merge request)
• Add enhanced schema for security policies (merge request) GitLab Enterprise Edition
• Scope batched background migrations to current gitlab_schema (merge request)
• Pipeline quota: Sort projects by CI minutes (merge request) GitLab Enterprise Edition
• Swap FK web_hook_logs to web_hooks for LFK (merge request)
• Bump Gitlab Shell version to 14.3.1 (merge request)
• Migrates start free trial button to confirm (merge request) GitLab Enterprise Edition
• Update expires at field to remove the current date from possible options (merge request)
• Migrate save identity button to confirm variant (merge request)
• Migrate new identity button to confirm variant (merge request)
• Added docs links to the keyword tooltips in the pipeline editor by @shridharbhat1998 (merge request)
• Change logo to use tanuki-only (merge request)
• Change navbar height to 48px (merge request)
• Approvals summary content font-weight fix (merge request)
• Add breadcrumb link to release when editing (merge request)
• Generalize Mailgun webhook endpoints (merge request)
• Update icons and text (merge request)
• Improve container registry image copy tooltips (merge request)

Deprecated (4 changes)

• Deprecate project_fingerprint from finding (merge request) GitLab Enterprise Edition
• PipelineSecurityReportFinding.name deprecated flag (merge request) GitLab Enterprise Edition
• Remove geo_lfs_object_delete_events table and references (merge request)
• Deprecate ApiFuzzingCiConfigurationCreate mutation (merge request) GitLab Enterprise Edition

Removed (24 changes)

• Remove the vsa_consistency_worker FF (merge request)
• Remove remove_diff_header_icons feature flag (merge request)
• Remove already used worker as part of a previous (merge request) GitLab Enterprise Edition
• Remove the manual renewal banner (merge request) GitLab Enterprise Edition
• Remove sandboxed_mermaid feature flag (merge request)
• Revert "Merge branch 'ag/348481-saas-seats-count-alert-member-numbers' into 'master'" (merge request)
• Remove the vsa_incremental_worker feature flag (merge request)
• Remove metrics for SSE feature (merge request)
• Remove old Prometheus::CreateDefaultAlertsWorker (merge request)
• Remove prometheus alert index path and usage (merge request)
• Remove container_security_policy_selection related code (merge request) GitLab Enterprise Edition
• Remove ci_owned_runners_unnest_index feature flag (merge request)
• Remove ci_owned_runners_cross_joins_fix feature flag (merge request)
• Remove Cluters Schedule update service (merge request)
• Remove all SSE references (merge request)
• Drop token column from deploy_tokens table (merge request)
• Merge branch 'feat/remove-project-daily-statistics-worker' into 'master' (merge request)
• Remove 'namespaces_cache_first_auto_devops_config' feature flag (merge request)
• Remove 'group_projects_api_preload_groups' feature flag (merge request)
• Remove compliance_framework_setting from project edit API (merge request) GitLab Enterprise Edition
• Remove ignore_column for security_scan_succeeded by @svdj (merge request)
• Remove Pages legacy storage rake tasks by @feistel (merge request)
• Delete threat_monitoring alerts (merge request)
• Drop compliance frameworks regulated column (merge request) GitLab Enterprise Edition

Security (11 changes)

• Remove access_token_ajax feature flag (merge request)
• Update rack gem to version 2.2.3.1 (merge request)
• Subgroup member can list members of parent group
• Fix content injection in Jira issue title
• Trigger token should respect group IP restrictions
• Do not allow project member import when membership is locked
• Disable changing user attributes when updating SCIM provisioned user
• Escape contact details correctly in quick actions
• Allow only job owner to run interactive terminal
• Remove sha from releases internal API (merge request)
• Fix IP restrictions not applying to deploy tokens

Performance (24 changes)

• Add index to improve open issues count query (merge request)
• Introduce timeout to markup rendering (merge request)
• Replace API order by created_at with order by id (merge request)
• Move Elasticsearch project transfer to async worker (merge request) GitLab Enterprise Edition
• Delete repositories without renaming them first (merge request)
• Reduce response cost of deploy keys autocompleter by @hchouraria (merge request)
• Fix N+1 queries for Changelog generation (merge request)
• Prevent processing markdown when copying notes (merge request)
• Preload avatar_url for CompareController (merge request)
• Preload associations for RepositoryUpdateMirrorWorker (merge request) GitLab Enterprise Edition
• Finalize new index and update schema (merge request)
• Fix SQL statement timeout while fetching inactive projects (merge request)
• Add traversal_ids index when type is group using btree (merge request)
• Fix N+1 issue for CompareController (merge request)
• access_checks: Always enable use of quarantine directory (merge request)
• Preload commits markdown cache for CommitsController (merge request)
• Improve performance of namespace existence lookup (merge request)
• Reduce N+1 queries in deployment_group of environment model (merge request)
• Use request cache for protected tags (merge request)
• Create new index for removing artifacts with unknown locked status (merge request)
• Remove redundant issues list GraphQL queries by @leetickett (merge request)
• Extract ServicePing payload persistance (merge request)
• Optimizations for CommitReferenceFilter (merge request)
• Preload deployment associations to reduce N+1 queries (merge request)

Other (60 changes)

• Only do LSIF processing on artifacts (merge request)
• Use OS tempdir for LSIF parsing (merge request)
• Add yml files for tracking incident timeline actions (merge request)
• Remove omit_epic_subscribed feature flag (merge request) GitLab Enterprise Edition
• Remove ci_jwt_signing_key feature flag (merge request)
• Remove faster_owner_access feature flag (merge request)
• Adding listing feature flags command to documentation (merge request)
• Change destination_name to destination_slug (merge request)
• Remove ignore rule from test reports (merge request) GitLab Enterprise Edition
• Remove stale runner cleanup feature flag (merge request)
• Update hook settings error alert (merge request)
• Removed unused gl-col-padding variable (merge request)
• Add caching for group activity counters (merge request) GitLab Enterprise Edition
• Add CI_PROJECT_DESCRIPTION to predefined variables by @nejc (merge request)
• Remove paginated_notes feature flag (merge request)
• Improve performance of Issuable finder (merge request)
• Skip CSRF protection on Workhorse internal API (merge request)
• Rename confidential refs to internal (merge request) GitLab Enterprise Edition
• Remove usage_data_i_incident_management_oncall_notification_sent FF by @feistel (merge request)
• Add database column and setting logic for license_usage_data_exported (merge request)
• Prepare index to improve counting of open issues (merge request)
• Remove rake task to set up EE specific database functionality (merge request)
• Remove the CI mirror tables consistency checks Feature Flags (merge request)
• Delete invalid epic_issue records migration (merge request)
• Add workhorse internal upload API, observation only (merge request)
• Update manual cadence deprecation message (merge request) GitLab Enterprise Edition
• Finalize issue search data migration (merge request)
• Remove enqueue twice option from EnqueuerWorker (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Rename 'repo by url' to repository by url' by @feistel (merge request)
• Track clicks on the pipeline editor help drawer (merge request)
• Remove gitaly_replace_wiki_create_page flag (merge request)
• Add sketch blob viewer by @mihes3d (merge request)
• Guard worker application setting timeouts (merge request)
• Delete vue_issues_list feature flag (merge request)
• Remove FF ci_trigger_forward_variables (merge request)
• Remove omniauth_initializer_fullhost_proc FF (merge request)
• Delete unused report_not_configured_operational.vue and its test (merge request) GitLab Enterprise Edition
• Drop temporary index not needed anymore (merge request)
• Remove touch_project_repository_state_updated_at FF (merge request)
• Finalize background migration for discussion IDs (merge request)
• Fix callouts test by @chaomao (merge request) GitLab Enterprise Edition
• Support push options when creating merge request pipelines (merge request) GitLab Enterprise Edition
• Rename ci runner migration (merge request)
• Defer database query in favor of cached value check (merge request)
• Use application settings for pipeline creation rate limit (merge request)
• Prepare for lazy upload preauth (merge request)
• Do not vary upload tempfile prefix (merge request)
• Workhorse: fix TestUploadProcessingFile (merge request)
• Create ClusterEnabledGrant model and populates table (merge request)
• Debug batch update (merge request)
• Fix countries controller test by @chaomao (merge request)
• Cleanup phase 4 feature flag and env vars (merge request)
• Remove cross-db modification from destroy_batch_service (merge request) GitLab Enterprise Edition
• Cleanup the database_geo.yml stuff (merge request) GitLab Enterprise Edition
• Mark stale security_scans as purged (merge request) GitLab Enterprise Edition
• Fix confirm email service test by @chaomao (merge request)
• Restructure free user cap under model for better scoping (merge request)
• Fix JH skipped subscription portal spec by @chaomao (merge request)
• Add not null constraint to requirements.issue_id validate:false (merge request)

15.0.5 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect integration secrets (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.0.4 (2022-06-30)

Security (17 changes)

• Fix group IP restrictions not enforced for container registry requests (merge request)
• Update rack gem to version 2.2.3.1 (merge request)
• Gitlab Runner version upgrade (merge request)
• Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
• Escape deploy key title to prevent XSS (merge request)
• Sanitize ZenTao breadcrumb links (merge request)
• Fix permissions in the project labels API (merge request)
• Security fix sentry issue leaks and access level check (merge request)
• Check permissions before exposing user two factor enabled (merge request)
• Filter milestone release by user access (merge request)
• Fix the required access level in the Conan packages finder (merge request)
• Allow inviting only groups with subset of allowed domains to groups (merge request)
• Fix open redirect vulnerability (merge request)
• Adds a filter based on user access to Runner jobs endpoint (merge request)
• Prevent runners from picking IP restricted jobs (merge request)
• Restrict CI lint access to pipeline creators (merge request)
• Catch endless headers when reading HTTP responses (merge request)

15.0.3 (2022-06-16)

Fixed (2 changes)

• Disconnect alternates when unlinking from a repository pool (merge request)
• Add GitLab agent image tag to install command (merge request)

15.0.2 (2022-06-06)

Added (1 change)

• Add event type in audit event streaming (merge request) GitLab Enterprise Edition

Fixed (10 changes)

• Fix Advanced Search Opensearch detection (merge request) GitLab Enterprise Edition
• Fix 500 on issues list page (merge request)
• Include inherited owners when calculating User#solo_owned_groups (merge request)
• Fix issue description list item styling (merge request)
• Fix focus for linked issues input field & IDE cursor (merge request)
• docs: Fix DS_DEFAULT_ANALYZERS variable docs (merge request)
• Remove existing repository backups when creating a full backup (merge request)
• Move LFK scheduling out from EE check (merge request)
• Fix drag and drop list item bugs (merge request)
• Hide internal note checkbox on unsupported issuable types (merge request) GitLab Enterprise Edition

Changed (1 change)

• Update auto-deploy-image to v2.28.2 (merge request)

15.0.1 (2022-06-01)

Security (8 changes)

• Fix IP restrictions not applying to deploy tokens (merge request)
• Trigger token should respect group IP restrictions (merge request)
• Fix content injection in Jira issue title (merge request)
• Escape contact details correctly in quick actions (merge request)
• Subgroup member can list members of parent group (merge request)
• Do not allow project member import when membership is locked (merge request)
• Disable changing user attributes when updating SCIM provisioned user (merge request)
• Allow only job owner to run interactive terminal (merge request)

15.0.0 (2022-05-20)

Added (147 changes)

• Self-managed SAML Group Links and Membership Updater (merge request) GitLab Enterprise Edition
• Show error message in pipeline alert (merge request)
• Upgrade GitLab Pages to 1.58.0 (merge request)
• Drag and drop list items on issue page (merge request)
• Default enable automated_email_provision feature flag (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to 14.3.0 (merge request)
• Add documentation for inactive project deletion feature (merge request)
• Enable confidential_notes FF by default (merge request)
• Add slack_app_signing_secret to settings (merge request)
• Add a 409 error page (merge request)
• Store pipeline creation rate limit into application settings (merge request)
• Add REPOSITORIES_STORAGES option to backups (merge request)
• Add option to disable seperated caches by @Taucher2003 (merge request)
• Merge Agents and Agent Tokens API docs by @tuxtimo (merge request)
• Enable poetry.lock dependency scanning (merge request) GitLab Enterprise Edition
• Add exclude from free user cap to namespace settings (merge request)
• Add infinite scrolling to project dropdown (merge request) GitLab Enterprise Edition
• Enable feature flag iteration_cadences (merge request) GitLab Enterprise Edition
• GraphQL: Add maintenance_note to RunnerType (merge request)
• Use Gemnasium FIPS images automatically (merge request)
• Default CRM feature flags to on by @leetickett (merge request)
• Add link from issue contacts to issues list by @leetickett (merge request)
• Add alert banner to usage quota seats page (merge request) GitLab Enterprise Edition
• Extend /help/instance_configuration with CI/CD limits by @wwwjon (merge request)
• Make group import history page size persistent by @wspwebben (merge request)
• Add registry migration guard timeout settings (merge request)
• Add group push rule changes to audit log (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to 14.2.0 (merge request)
• Add inactive projects deletion feature (merge request)
• GraphQL: Add allowStaleRunnerPruning to Group (merge request) GitLab Enterprise Edition
• Add merge_request.draft to push options by @svdj (merge request)
• Add NamespaceCiCdSettingsUpdate mutation (merge request) GitLab Enterprise Edition
• Add API to set membership state (merge request) GitLab Enterprise Edition
• Add export size limit for projects by @wwwjon (merge request)
• Add API endpoint for repository size recalculation (merge request)
• Convert newline symbols in description push options to actual newlines by @svdj (merge request)
• Support security report schema version 14.1.2 (merge request)
• Add Runner separation by plan PoC (merge request)
• Display a cancel button in policies page (merge request) GitLab Enterprise Edition
• Implement Cluster Agent Tokens REST API by @tuxtimo (merge request)
• Increased the time tracking report modal size by @zillemarco (merge request)
• Allow pruning of stale group runners (merge request) GitLab Enterprise Edition
• Add index to namespace_ci_cd_settings table (merge request)
• Allow linking CRM organizations to contacts by @leetickett (merge request)
• Backfill draft status column using corrected regex (merge request)
• Validate a tag does not have an existing release (merge request)
• Exposed user permissions for each timelog entry by @zillemarco (merge request)
• Bump Gitlab Shell to 14.1.1 (merge request)
• Add 2 last DORA metric tiles to VSA (merge request) GitLab Enterprise Edition
• Add Architecture and Platform to runner details (merge request)
• Add Follow/Unfollow button to user popover (merge request)
• Enable ServicePing timings reporting (merge request)
• Support storage_size_limit in PlanLimits API (merge request)
• Add project's shared_runners_duration to GraphQL (merge request) GitLab Enterprise Edition
• Add group_inheritance_type to deploy access level and approval rule API (merge request) GitLab Enterprise Edition
• Add deployment metadata when firing hooks (merge request)
• CI: update cluster-integration/auto-build-image by @willianpaixao (merge request)
• Enable the querying of security training urls by language (merge request) GitLab Enterprise Edition
• Add namespace_ci_cd_settings table (merge request)
• Update Project stats on Container Registry event (merge request)
• Add PREVIOUS_BACKUP option to backup.rake (merge request)
• Enable aggregated VSA by default (merge request)
• Add CRM argument handling for issue list filters by @leetickett (merge request)
• Enable updated_diff_expansion_buttons by default (merge request)
• Remove related_epics_widget feature flag (merge request)
• GraphQL: Add platform/arch runner fields (merge request)
• Background job to trim namespaces over limit (merge request) GitLab Enterprise Edition
• Adds container_registry_size to namespace_root_storage_statistics (merge request)
• Start storing changed_at in seat statistics worker (merge request)
• Background Migrations - Mutli DB Admin UI (merge request)
• Allow editing media URL and alt in content editor (merge request)
• Add last_cleanup_deleted_tags graphql field (merge request)
• Record blocked epics removed on usage data (merge request) GitLab Enterprise Edition
• Add deletion warning email template for inactive projects (merge request)
• Add page description to pipeline security tab (merge request) GitLab Enterprise Edition
• Enable Group Level Security Policies in GraphQL API (merge request) GitLab Enterprise Edition
• Allow users to enforce auth checks on upload on a project level (merge request)
• Moving approval notifications from EE to FOSS (merge request)
• Add the packages cleanup policy model (merge request)
• Add tracking events to group and project pages (merge request)
• Handle timeout status in GitLab migration (merge request)
• Add GraphQL API to fetch Group Security Policies (merge request) GitLab Enterprise Edition
• Added prefetching for tasks in issue description (merge request)
• Prepare notes confidential index (merge request)
• Expose container_registry_size via GraphQL (merge request)
• Add CRM arguments to GraphQL issue resolver by @leetickett (merge request)
• Fix pipelines field performance in the package GraphQL type (merge request)
• Add support for sticky header on scroll for epics (merge request) GitLab Enterprise Edition
• Allow (un)following someone in the user popover by @KevSlashNull (merge request)
• Add API endpoint for fetching all resource groups for a project (merge request)
• Add last_cleanup_deleted_tag count column (merge request)
• Add access action for environments (merge request)
• Set custom error budgets (merge request)
• Edit environments tier with API (merge request)
• Expose environments tier over API (merge request)
• Audit IP allowlist editing (merge request) GitLab Enterprise Edition
• Send blocked users to Arkose (merge request) GitLab Enterprise Edition
• Add inherited group membership option for protected environment auth (merge request)
• Add active/state to CRM graphql queries/mutations by @leetickett (merge request)
• Extend Plan limits API with CI/CD limits properties by @wwwjon (merge request)
• Scroll to top of vulnerability list when filters changed (merge request) GitLab Enterprise Edition
• Add group wiki visibility toggle to group settings by @fjsanpedro (merge request)
• Add verify action for environments (merge request)
• Add auditing of runner token reset operations (merge request) GitLab Enterprise Edition
• Add BackgroundMigrationRecord cop to avoid ActiveRecord::Base (merge request)
• Expose billable members membership_state (merge request) GitLab Enterprise Edition
• Refactor the usage quotas -> ci/cd minutes page (merge request) GitLab Enterprise Edition
• Added autofocus on 'Search projects' input by @maksimanisimov1 (merge request)
• Log downstream pipeline creation (merge request)
• Show deployment approval on deployments page (merge request) GitLab Enterprise Edition
• Allow editing link URL and title in content editor (merge request)
• Over limit members in namespaces with a free plan (merge request) GitLab Enterprise Edition
• Revoke agent token from the UI (merge request)
• Enable touch_project_repository_state_updated_at FF by default (merge request) GitLab Enterprise Edition
• Enable VSA reggregation worker by default (merge request)
• Add Workhorse support for FIPS encryption (merge request)
• Backfill all ProjectSetting records (merge request)
• Add delete button to runner details page (merge request)
• Make ArkoseLabs namespace configurable (merge request)
• feat: Add SAST.latest and Secret-Detection.latest templates (merge request)
• Add audit events for merge request settings (merge request) GitLab Enterprise Edition
• Ensure max_seats_used_changed_at stays up to date (merge request)
• Start storing change date for max_seats_used (merge request)
• Add documentation link to CI/CD Variables Form (merge request)
• Support for TLS config on Workhorse (merge request)
• Move MigrationRecord into V1_0 (merge request)
• Add RuboCop::Cop::Migration::MigrationRecord rule (merge request)
• Add releases to GitLab Project Migration (merge request) GitLab Enterprise Edition
• Update container registry size in project stats (merge request)
• Add runner executor to runner details page (merge request)
• Add executorName to GraphQL API (merge request)
• Add delayed group deletion application setting (merge request)
• Quickly copy code blocks in the Content Editor (merge request)
• Add option for submit field in DAST Configuration (merge request) GitLab Enterprise Edition
• Add topics title (model, management, API) by @wwwjon (merge request)
• Auto continue markdown lists (merge request)
• Expose _links.cluster_agents field in project REST API by @tuxtimo (merge request)
• GraphQL: filter group members by access level (merge request)
• Add scan_finding rules into project settings (merge request) GitLab Enterprise Edition
• Added the possibility to remove a timelog from an issuable by @zillemarco (merge request)
• Measure metric collection time (merge request)
• Add group attributes pipeline to group bulk import (merge request) GitLab Enterprise Edition
• Add namespace settings attributes pipeline to group bulk imports (merge request) GitLab Enterprise Edition
• Distribute GitHub import jobs by default (merge request)
• Improve Geo project-out-of-date detection mechanism (merge request)
• Add iteration quickaction displays ID format on autocomplete (merge request) GitLab Enterprise Edition
• Draft: Allow a subset of a blame to be requested from the REST API (merge request)

Fixed (133 changes)

• Fix incident sticky header status badge (merge request)
• Ensure present_on_default_branch is set to true when branch is merged (merge request) GitLab Enterprise Edition
• Fix VerificationStateBackfillWorker re-enqueue process (merge request) GitLab Enterprise Edition
• Downgrade auto-deploy-image to v2.25.0 (merge request)
• Added condition for opening modal (merge request)
• Rename Dismiss VulnerabilitiesFinding mutation (merge request) GitLab Enterprise Edition
• Backfill notes that have null discussion_id (merge request)
• Do not try to create issue links without issues while ingesting reports (merge request) GitLab Enterprise Edition
• Fix error on issues list due to restricted visibility level (merge request)
• Fix comment form action button title (merge request) GitLab Enterprise Edition
• Fix state badge icon and link text color (merge request) GitLab Enterprise Edition
• Correct wrapping on PMG (merge request)
• Start the next ConsistencyWorker run from where it left (merge request)
• Add removed Dependency Scanning jobs as dummies (merge request)
• Update upstream/downstream borders (merge request)
• Change confidential comments doc to internal notes by @leetickett (merge request)
• Display SSO link prior to save (merge request) GitLab Enterprise Edition
• Remove unused batch_size in ExpireOAuthTokens (merge request)
• Add top margin to auto fix card on vulnerability report (merge request) GitLab Enterprise Edition
• Fix user popover overflow and follow/unfollow button alignment (merge request)
• Fix file include-type for CI lint Graphql endpoint (merge request)
• Fix haml conditional logic parsing error in master (merge request) GitLab Enterprise Edition
• Compare agent version against KAS version (merge request)
• Fix scroll to hash (merge request)
• Do not export and import max_pages_size from groups (merge request)
• Fix associated release link on tag page (merge request)
• Preserve branch filter state after delete (merge request)
• Ensure base work item types are created where needed (merge request)
• Fix redirect loop when requiring verification and experiment is inactive (merge request)
• Gracefully handle invalid states when filtering environments (merge request)
• Fix awards focus style overflow (merge request)
• Change cancel button variant/color to danger/red by @leetickett (merge request)
• Backfill finished_at when it is nil for successful deployments (merge request)
• Keep fragment identifier when performing an OAuth redirect (merge request)
• Fix error with initializiation of protected environments feature (merge request)
• Fix group path suggestion bug (merge request)
• Fix Create Vulnerability button height on mobile view (merge request) GitLab Enterprise Edition
• Fix operations dashboard card pipeline background by @mrtgncr733 (merge request)
• Fix assignee filtering on group/issues list (merge request)
• Only poll environment folder if expanded (merge request)
• Change prop type inside the cleanup_status component (merge request)
• Added update to epicsCount (merge request) GitLab Enterprise Edition
• Add DeployTokenAuthor as new type of NullAuthor (merge request) GitLab Enterprise Edition
• Fix error when fetching inherited security execution policy in GraphQL (merge request) GitLab Enterprise Edition
• Fix redirect anchor on Web IDE admin settings by @vaiil (merge request)
• Format dates as UTC (merge request) GitLab Enterprise Edition
• Preserve roadmap timeframe type in page URL (merge request) GitLab Enterprise Edition
• Address several edge cases in ProcessSupervisor (merge request)
• Fixes DAST Profile not found issue (merge request) GitLab Enterprise Edition
• Replicate deletion of remote stored files (merge request) GitLab Enterprise Edition
• Update column name for consistency (merge request) GitLab Enterprise Edition
• Make group scope consistent for scan_finding rules (merge request) GitLab Enterprise Edition
• Re-add usage_data_diff_searches flag (merge request)
• Increase read timeout for Jira requests (merge request)
• Fix the button distance on the milestone page (merge request)
• Fix DORA metric Graphql type (merge request) GitLab Enterprise Edition
• Enable admin to see project level MR analytics (merge request) GitLab Enterprise Edition
• Return 404 on Jira issues if integration inactive (merge request) GitLab Enterprise Edition
• Find feedback based on UUID (merge request) GitLab Enterprise Edition
• Set ProjectAttributesPipeline to be a file extraction pipeline (merge request)
• Add deploy token handling in audit event generation (merge request) GitLab Enterprise Edition
• Include only opened epics in issue bulk actions (merge request) GitLab Enterprise Edition
• Add missing restrict_gitlab_migration to migration (merge request)
• Add error handling for sec config license fetch (merge request) GitLab Enterprise Edition
• Keep "No parent" when page is refreshed (merge request)
• Fix bug when reinstalling Slack app (merge request) GitLab Enterprise Edition
• Remove duplicate records to fix PG::CardinalityViolation on ingestion (merge request) GitLab Enterprise Edition
• Skip initializers in the doctor:secrets task for encrypted data (merge request)
• Fix wiki form not rendering on validation error (merge request)
• Show operation id's by default (SwaggerUI) (merge request)
• Fix typo in event destination GQL docs (merge request) GitLab Enterprise Edition
• Update modal token when its resetting (merge request)
• Forbid recursion during Feature.enabled? (merge request)
• Make minute limit banner dismissible (merge request)
• Load group Vulnerability Report when only subgroups have projects (merge request) GitLab Enterprise Edition
• Fix modal backdrop in dark mode (merge request)
• Fix blob header responsiveness (merge request)
• Fix CRM issue search with vue_issues_list by @leetickett (merge request)
• Use initialTitle prop as is for title component (merge request)
• Allow auditor to read project MR analytics (merge request) GitLab Enterprise Edition
• Fix CRM drawer positioning by @leetickett (merge request)
• Fix transparent table header background on vulnerability report (merge request) GitLab Enterprise Edition
• Migrate form to allow render of UI components (merge request) GitLab Enterprise Edition
• Prevent CRM actions when feature disabled by @leetickett (merge request)
• Move CI pipelines migration to a lower stage during Gitlab Migration (merge request)
• Fix next badge margin (merge request)
• Fix quota counting issue on invite quota limits (merge request) GitLab Enterprise Edition
• Fix browser history for group/project issues page (merge request)
• Fix ZenTao integration when api_url is setup by @chaomao (merge request)
• Allow create_merge_request_in when download_code is allowed (merge request)
• Enable the FF ci_expand_environment_name_and_url (merge request)
• Remove outdated loop prevention check by @andreas.kloeckner (merge request)
• Allow admin to edit requirements (merge request) GitLab Enterprise Edition
• More consistent copy to clipboard buttons (merge request)
• Use pathIdSeparator to format linked epic ref (merge request)
• Fix eslint errors and jest snapshot test by @Ffinnis (merge request)
• Parse only the related artifacts (merge request) GitLab Enterprise Edition
• Hide iteration menu from user namespaced project (merge request) GitLab Enterprise Edition
• Fix mermaid copy to clipboard button by @leetickett (merge request)
• Resolve "Reorder HEAD tags for better performance" (merge request)
• Remove create_project_settings feature flag (merge request)
• Use root ancestor group in buy minutes path (merge request) GitLab Enterprise Edition
• Expose url on discussion award emoji (merge request)
• Nullify merge_request_metrics pipeline_id on pipeline deletion (merge request)
• Fix alignment of cannot merge icon in sidebar (merge request)
• Resolve project filter dropdown overflowing on long names (merge request)
• Fix left over resources when unassigning (merge request) GitLab Enterprise Edition
• Fix mappings errors for ES6.8 (merge request) GitLab Enterprise Edition
• Fix ee css bundles not loading (merge request)
• Fix missing DB duration keys for multiple databases (merge request)
• Use the authoritative file sort to order discussions (merge request)
• Prevent orphaned JobArtifacts in SSF (merge request) GitLab Enterprise Edition
• Fix color picker focus when clicking on a label by @FFxSquall (merge request)
• Fix regression in reactive cache implementation for Environment model (merge request)
• Match dotenv variable limits across subscription plans (merge request)
• Fix check in license load rake task (merge request) GitLab Enterprise Edition
• Resolve group_path to full_path when creating compliance frameworks (merge request) GitLab Enterprise Edition
• Disable STI behavior on MigrationRecord (merge request)
• Use execCommand(‘insertText’) to fix undo (merge request)
• Run repository checks if Geo is not enabled (merge request) GitLab Enterprise Edition
• Fix font weight for snippet count (merge request)
• Add newDirectoryPath computed prop (merge request)
• Fix unintended line breaks were inserted using Japanese IME on MacOS by @hiroponz (merge request)
• Set started_at only once by @Taucher2003 (merge request)
• Fix manual pipeline icons in dark mode (merge request)
• Assign commands should be case insensitive (merge request)
• Fix repository analytics ref dropdown (merge request)
• Use primary for internal registry migration API (merge request)
• Fix raising error in reactive cache setter of kubernetes platform (merge request)
• Fix test case by avoiding lazy evaluation (merge request) GitLab Enterprise Edition
• Show Infrastructure menu item for auditors (merge request) GitLab Enterprise Edition
• Wait until ArkoseLabs token is set before resubmitting (merge request)
• Group analytics lookup group by full_path only (merge request) GitLab Enterprise Edition

Changed (239 changes)

• Allow MR approvals API endpoint for auditors (merge request) GitLab Enterprise Edition
• Enable feature and clean up feature flags (merge request)
• Added link to invite users to contribute to translations by @anshulriyal (merge request)
• Reset skipped container repositories (merge request)
• Moves locking of merge request to dropdown (merge request)
• Moves the To Do button down (merge request)
• internal/git: Pass in GL_ID, GL_USERNAME to receive-pack and upload-pack (merge request)
• Project-level Secure Files upload/remove UI (merge request)
• Move backend documentation paths to frontend for vulnerability report (merge request) GitLab Enterprise Edition
• Split text for kbd shortcut (merge request)
• feature_flags: Default-enable use of filtered quarantine commits (merge request)
• Add permissions to pre-existing commit documents (merge request) GitLab Enterprise Edition
• Change way default CSP is loaded from config (merge request)
• Remove logic from Secret Detection script (merge request)
• Remove vertical padding on branch names (merge request)
• Expose RootStorageStatistics#container_registry_size vis GQL (merge request)
• Update ServicePing metric category to Operational (merge request)
• Hides images on ipynb diff (merge request)
• Improve vulnerability report mobile layout (merge request) GitLab Enterprise Edition
• Turn resolved threads badge green when resolved (merge request)
• Update order of MR header buttons (merge request)
• Add shared runner data to usage quota (merge request)
• Update SAST IaC analyzer major version (merge request)
• Changed :deletion_adjourned_period to a number field (merge request) GitLab Enterprise Edition
• Remove unused CSS class by @mehulsharma (merge request)
• Use active sidekiq router's queues for sidekiq/queue_metrics API (merge request)
• Rename confidential notes to internal notes (merge request) GitLab Enterprise Edition
• Change the text is made bold (merge request) GitLab Enterprise Edition
• Migrate create label button (merge request)
• Update MR merge conflict HTML email (merge request)
• Change certificate_based_clusters FF default to false (merge request)
• Add error alert for Elasticsearch version incompatible (merge request) GitLab Enterprise Edition
• Move backend documentation paths to frontend for vulnerability report (merge request) GitLab Enterprise Edition
• Test one remediation solving two vulnerabilities (merge request) GitLab Enterprise Edition
• Improve Security::Validators::SchemaValidator specs (merge request)
• Update issuable state badge style (merge request)
• Change style of trigger job in pipeline graph (merge request)
• Add props for cancel button by @HerrShmulke (merge request)
• Migrate todo button in collapsed sidebar (merge request) GitLab Enterprise Edition
• Background Migrations - Cleanup Margins (merge request)
• Expand navbar search field when focused (merge request)
• Removes status checks add status field feature flag (merge request) GitLab Enterprise Edition
• Persist group name and use path for destination name (merge request)
• Migrate button in service desk settings (merge request)
• Update GITLAB_KAS_VERSION to 15.0.0 (merge request)
• Fix invalid automatic cadence records (merge request)
• API: Runner status can return "stale" (merge request)
• Enable enhanced_notify_css by default (merge request)
• Migrate purchase storage buttons to confirm (merge request)
• Migrate create jira issue button (merge request) GitLab Enterprise Edition
• Use tertiary confirm dropdown for version switcher (merge request)
• Change discussions to threads in mr settings (merge request)
• Update SAST analyzer major versions (merge request)
• git: Parse and display gitaly limit error (merge request)
• Removing permissions attribute from Secure Files model (merge request)
• Enable approval status new names feature (merge request) GitLab Enterprise Edition
• Update stable Terraform and add stable SAST-IaC template (merge request)
• Migrate button in move for test cases (merge request)
• Update lock invite options (merge request)
• Update package namespace settings permissions (merge request)
• Remove head-variant from GlTable (merge request)
• Migrate create iteration button to confirm (merge request)
• Migrate approve with password modal (merge request) GitLab Enterprise Edition
• Migration with access_token for approval project (merge request) GitLab Enterprise Edition
• Replace issuable sort dropdown (merge request)
• Remove sudo runner registration instructions macos (merge request)
• Add GlBadge with link to Jira vulnerabilities (merge request) GitLab Enterprise Edition
• Do not update project stats for incremental repack (merge request)
• Migrate empty state button for needs (merge request)
• Move report not configured components into specific folders (merge request) GitLab Enterprise Edition
• Upgrade DAST templates to version 3 (merge request) GitLab Enterprise Edition
• Bring Container Scanning to Free (merge request)
• Fix(Subscription errors): handle expired + general (merge request) GitLab Enterprise Edition
• Update dependency proxy settings permissions (merge request)
• Migrate button in vulnerability history (merge request)
• Migrate merge button to confirm (merge request)
• Migrate create incident button (merge request)
• Migrate fork button in diff file (merge request)
• Migrate checkbox to require Jira issue (merge request) GitLab Enterprise Edition
• Update container cleanup policy permissions (merge request)
• Migrate cluster buttons to confirm (merge request)
• Update auto-deploy-image to v2.26.0 (merge request)
• Prevent changing out of hierarchy sharing (merge request) GitLab Enterprise Edition
• Changes labels on merge request dropdown (merge request)
• Geo - Remove legacy redirects (merge request) GitLab Enterprise Edition
• Update documentation for environment multiple stop actions (merge request)
• Deprecate GraphQL type for Network Policies (merge request) GitLab Enterprise Edition
• Deprecate threat_monitoring from GraphQL enum for alerts (merge request) GitLab Enterprise Edition
• Migrate checkboxes when editing runners (merge request)
• Reduce frequently visited projects/groups timeout (merge request)
• Migrate view incident button to confirm (merge request)
• Migrate button in increase storage modal (merge request)
• Migrate apply button in date picker (merge request)
• Update prometheus to 15.x in cluster-management template (merge request)
• Migrate checkboxes for deploy tokens (merge request)
• Migrate success button to confirm (merge request)
• Remove directly addressed references (merge request) GitLab Enterprise Edition
• Update documentation for failed status checks (merge request)
• Migrate use template button (merge request) GitLab Enterprise Edition
• Migrates button in vulnerability header (merge request)
• Migrate create label button in sidebar (merge request)
• Migrate add projects button to confirm (merge request)
• Remove security_scan_succeeded column by @svdj (merge request)
• Migrate add framework button to confirm (merge request)
• Migrate add to review button to confirm (merge request)
• Remove FF for environment multiple stop actions (merge request)
• Hides package delete action for users without permission (merge request)
• Change warning message on partial cleanup runs (merge request)
• Add select all option for scanners (merge request) GitLab Enterprise Edition
• Add dependency proxy total size inside usage quotas (merge request)
• Remove new_vulnerability_form feature flag (merge request) GitLab Enterprise Edition
• Update edit profile page form styling (merge request)
• Add awaiting memberhips in billable members API (merge request) GitLab Enterprise Edition
• Remove integrations.type column (merge request)
• Separate Sidekiq metrics and health-checks server (merge request)
• Feat(Legacy License): move to admin/settings page (merge request) GitLab Enterprise Edition
• Update Vulnerability Management database docs (merge request)
• Update text for the existing mr widget (merge request) GitLab Enterprise Edition
• Reset the original color for security rules (merge request) GitLab Enterprise Edition
• Update search SystemCheck to latest versions (merge request) GitLab Enterprise Edition
• This MR adds new empty state (merge request) GitLab Enterprise Edition
• Add updated date to to-do sort options (merge request)
• Update scan result policies related (merge request) GitLab Enterprise Edition
• Allow Slack app to be reinstalled (merge request) GitLab Enterprise Edition
• Clean up error logging in integrations (merge request)
• Display feature flag name in edit page's title (merge request)
• Use field DSL in CI integrations (merge request)
• Replace Pages confirmation modals with GlModal (merge request)
• Initial commit for skipped to created state (merge request)
• Upgrade warnings about deprecated commands (merge request)
• Add margin to year dropdown (merge request)
• Enable omniauth_initializer_fullhost_proc by default for Geo SSO (merge request)
• Improve shared runner toggle interations (merge request)
• Return back to runner view after successful edit (merge request)
• Visually separate DORA metrics from key VSA metrics (merge request)
• Remove use of md5 by @mehulsharma (merge request)
• Boards - Make scope indicator dynamic (merge request)
• Added Don’t filter milestone option to board scope (merge request) GitLab Enterprise Edition
• Lock invite options when reaches user limit (merge request)
• Update GenericCommitStatus badges (merge request)
• Improved title-related warning on test case (merge request)
• Remove redirection of outdated status by @mehulsharma (merge request)
• Updates delete icon button in runner table by @mehulsharma (merge request)
• Remove .thead-white class from GlTables (merge request) GitLab Enterprise Edition
• Update runner status summary upon filtering (merge request)
• Boards: Polish top buttons on mobile (merge request)
• Gitaly: Increase timeout for repository_size to long_timeout (merge request)
• Improve loading for work item detail (merge request)
• Stops hiding dependency proxy image prefix data behind loader (merge request)
• Remove h2 from breadcrumbs by @KevSlashNull (merge request)
• Remove usages of deprecated self_signed_cert option (merge request)
• Migrate checkbox to GitLabUI (merge request) GitLab Enterprise Edition
• Update copy text for self metrics toggle (merge request)
• Boards - Fix click on label adds filter with new filtered search (merge request)
• Fix broken docs UI links (merge request)
• Display loading spinner instead of text (merge request)
• Use gitlab-ui checkbox for signin oauth settings (merge request)
• Decrease priority of run pipeline button (merge request)
• This MR adds new feature flag for DAST redesign (merge request) GitLab Enterprise Edition
• Limit group invites from projects to also use prevent setting (merge request)
• Prevent projects creating group links outside hierarchy (merge request)
• Allow Reporters to admin milestones and iterations (merge request)
• Update issuable confidentiality UI & status text (merge request)
• Refactor On-demand scans page header section (merge request) GitLab Enterprise Edition
• Upgrade Container Scanning analyzer version (merge request) GitLab Enterprise Edition
• Geo Sites Form - Cleanup Learn more links (merge request) GitLab Enterprise Edition
• Geo Sites - Cleanup Learn more links (merge request) GitLab Enterprise Edition
• Refresh vulnerabilities on vulnerability list after bulk select is done (merge request) GitLab Enterprise Edition
• Flip order of packages and monitor in project sidebar (merge request) GitLab Enterprise Edition
• Use topic title instead of name in UI by @wwwjon (merge request)
• Do not disable snippet form submit button to enforce validation (merge request)
• Replace filter field with search-box-by-click on import repositories by @Xubunter (merge request)
• Hide confirmation required error state by @HerrShmulke (merge request)
• Use button-group on vulns-over-time chart (merge request) GitLab Enterprise Edition
• Replace approved with passed in status check api (merge request) GitLab Enterprise Edition
• Adjust sign in columns and padding to accommodate Arkose (merge request) GitLab Enterprise Edition
• Display security training config based on license (merge request)
• Add border radius (merge request)
• This MR changes layout of new/edit DAST scanner configuration (merge request) GitLab Enterprise Edition
• Make status param required (merge request) GitLab Enterprise Edition
• Update Security Policy Configuration to not exclude rules from pipeline (merge request) GitLab Enterprise Edition
• Update avatar counter styles (merge request)
• Move path navigation below filters for VSA (merge request)
• Remove vulnerability_report_pagination feature flag (merge request) GitLab Enterprise Edition
• Change elements order on the import project page by @cheshirecat902 (merge request)
• Correct styles for select project split button (merge request)
• Adds Ci::Bridge to RetryJobService (merge request)
• Allow pages root domain to be used as custom domain by @mlegner (merge request)
• Improve UI text of sign-up restrictions (merge request)
• Move .thead-white to apply to GlTable as well (merge request)
• Unbox issue board lists (merge request)
• Hide security rules for non ultimate licenses (merge request) GitLab Enterprise Edition
• Remove a question that’s irrelevant for invitation (merge request) GitLab Enterprise Edition
• Updated personal access token references (merge request) GitLab Enterprise Edition
• Allow to delete error packages from package registry (merge request)
• Feat(Subcsription): update general error message (merge request) GitLab Enterprise Edition
• This MR changes the order of elements (merge request)
• Remove fixed bar from merge request page (merge request)
• Update the gitlab-pages documentation (merge request)
• Fix GlTable not displaying styles properly (merge request)
• Remove .service-installation class and polish UI (merge request)
• Use tertiary category for content editor bubble menu (merge request)
• Fix function and view for autovacuum activity (merge request)
• Fix misleading error for job dependencies (merge request)
• Updates anchor links UI (merge request)
• Use new serialized started_at on job in the ui (merge request)
• Don't track Jupiter notebook exceptions (merge request)
• Repeat failed migrations with fix (merge request)
• Wrap toolbar, increase size, and remove dividers (merge request)
• Change pipeline editor branch terminology (merge request)
• Deprecate old Advanced Search migrations (merge request) GitLab Enterprise Edition
• Correct mattermost slash commands integration clipboard buttons (merge request)
• Dropped Runner features column by @mehulsharma (merge request)
• Change how cached images set for deletion are displayed (merge request)
• Replace generic checkbox with GitLab UI element (merge request)
• Use tertiary button for file header actions (merge request)
• Make fingerprint nullable for group_deploy_keys table (merge request)
• Remove hover animation from downstream pipelines (merge request)
• Migrate all checkboxes (merge request) GitLab Enterprise Edition
• Reduce padding to match alignment (merge request)
• Improve runner edit form design (merge request)
• Remove job list in runner Edit page (merge request)
• Enable route_hll_to_snowplow by default (merge request)
• Use deferrable constraint to bulk cadence update (merge request)
• Remove secure_vulnerability_training feature flag (merge request)
• Improve trial only CTAs in Learn GitLab (merge request)
• Use systemd notification and watchdog feature for sidekiq service by @behrmann (merge request)
• Update right sidebar design (merge request)
• Fix default job_arguments for batched migrations (merge request)
• Add "ee" type to projectionist config (merge request)
• Migrate DAST profile library links with new route (merge request) GitLab Enterprise Edition
• Limit number of related epics (merge request) GitLab Enterprise Edition
• Praefect docs: update list-untracked-repositories subcommand (merge request)
• Warn if database connections opened in routes file (merge request)
• Globally enable enforce_security_report_validation (merge request) GitLab Enterprise Edition
• Remove history and upload btns from project page (merge request)
• Replace generic checkbox with GitLab UI component (merge request) GitLab Enterprise Edition
• Use pajamas checkbox for admin application form (merge request)
• Migrate unique index from MD5 to SHA256 fingerprints (merge request)

Deprecated (3 changes)

• Create deprecation entry for legacyMode (merge request)
• Remove coverage CI detection at project setting level (merge request)
• Move required pipeline configuration to GitLab Ultimate (merge request) GitLab Enterprise Edition

Removed (64 changes)

• Update post-deploy migration in order to only (merge request) GitLab Enterprise Edition
• Remove temporary traversal_id indexes (merge request)
• Geo: Remove Legacy Job Artifact replication (merge request)
• Remove tracing feature via feature flag (merge request)
• Replace clusters with agents in scan execution policies (merge request) GitLab Enterprise Edition
• Drop sorting by title functionality from the vulnerability report page (merge request) GitLab Enterprise Edition
• Remove sorting vulnerabilities by title functionality (merge request) GitLab Enterprise Edition
• Remove Monitor Logs feature (merge request)
• Remove elastic stack from cluster management template (merge request)
• Remove the pipelines field (merge request)
• Remove deprecated Dependency Scanning analyzers (merge request)
• Remove omniauth-kerberos gem (merge request) GitLab Enterprise Edition
• Add background migration to expiry all OAuth tokens (merge request)
• Remove support for Cluster Image Scanning Analyzer (merge request) GitLab Enterprise Edition
• Remove namespaces partial index (merge request)
• Remove 'not_connected' status value (merge request)
• Remove ability for SSH key expiration to be optional (merge request) GitLab Enterprise Edition
• Remove OAuth 2.0 Implicit grant flow (merge request)
• Drop support for deprecated security report schemas (merge request)
• Remove Vulnerability-Check from the backend (merge request) GitLab Enterprise Edition
• Remove dynamic check for feature flag (merge request)
• Remove namespaces partial index (merge request)
• Remove background migration with potential data loss (merge request)
• Remove container security charts from the Cluster Management template (merge request) GitLab Enterprise Edition
• Removes types and type keyword (merge request)
• Enforce token expiry for OAuth applications (merge request)
• Remove Vulnerability-Check from frontend (merge request) GitLab Enterprise Edition
• Object storage: Remove background_upload configurations (merge request)
• Remove Network Policies from Policies Controller (merge request) GitLab Enterprise Edition
• Remove deprecated DS_DEFAULT_ANALYZERS (merge request)
• Remove epic feature discovery moment on EE (merge request) GitLab Enterprise Edition
• Remove Network Policies routes and controller (merge request) GitLab Enterprise Edition
• Remove Managed-Cluster-Applications.gitlab-ci.yml (merge request)
• Remove vulnerability_reads_table feature flag (merge request) GitLab Enterprise Edition
• Remove network alerts (merge request) GitLab Enterprise Edition
• Remove cobertura from artifacts:reports (merge request)
• Do not allow expired personal access tokens to work (merge request)
• Remove Network Policies metrics (merge request) GitLab Enterprise Edition
• Remove the form-based GKE / EKS creation page (merge request)
• Remove disabled alerts section from settings page (merge request)
• Remove Serverless from GitLab (merge request)
• Remove artifacts:reports:cluster_applications (merge request)
• Remove orphaned route users/pipeline_quota (merge request) GitLab Enterprise Edition
• Remove ignored column for Test Reports (merge request)
• Omit tags when retrieving a list of registry repositories in a group by @feistel (merge request)
• Remove workhorse_use_sidechannel feature flag (merge request)
• Remove Versions on base PackageType by @feistel (merge request)
• Remove deprecated GraphQL query (merge request)
• Remove unused Prometheus Alert crud code (merge request)
• Remove group_releases_finder_inoperator feature flag (merge request)
• Remove lfk_fair_queueing feature flag (merge request)
• Remove all code related to Gitlab::RequestProfile (merge request)
• Remove defaultMergeCommitMessageWithDescription GraphQL field (merge request)
• Remove env_last_deployment_by_finished_at feature flag (merge request)
• Remove repository push audit event feature (merge request) GitLab Enterprise Edition
• Remove job_deployment_count feature flag (merge request)
• Remove all documentation related to Gitlab::RequestProfile (merge request)
• Remove eye icon on package detail page by @Ffinnis (merge request)
• Remove tmp index used for data migration (merge request)
• Remove ability to change type of a shared runner (merge request)
• Remove support for uses_legacy_database_config (merge request)
• Remove deprecated geo:db:* rake tasks (merge request) GitLab Enterprise Edition
• Remove clusterAgentTokenDelete GraphQL mutation (merge request)
• Remove temporary max seats used in subscription indices (merge request)

Security (16 changes)

• Sanitize URL for project selection button (merge request)
• Remove sha from project/releases.json (merge request)
• Sanitize error input to prevent HTML/CSS injection in messages
• Allow rate limiting of deploy tokens
• Prevent maintainers from editing PipelineSchedule
• Invalidate markdown cache to clear up stored XSS
• Verify that mentioned user can read TODO's note
• Update Import/Export merge/push access levels & exclude ci config path
• Add validation to pypi file sha256 values
• [security] Fix markdown API disclosing issue titles of limited projects
• Conan Token uses PAT rather than ID in payload
• Disable wiki access with CI_JOB_TOKEN when improper access level
• Secure debug trace artifact download
• Add suffix to cache name to add isolation
• Use password type for all secret integration properties
• Limit CI job group_name regexp

Performance (11 changes)

• Use efficient in operator query for fetching group & project activities (merge request)
• Restrict unique index for alerts with fingerprints (merge request)
• Add index to vulnerability_feedback.finding_uuid (merge request)
• changes_access: Speed up commit-based access checks for new refs again (merge request)
• Re-use already collected ServicePing data (merge request)
• Remove subscribed key from epic initial data (merge request) GitLab Enterprise Edition
• Improve epics finder authorization performance (merge request) GitLab Enterprise Edition
• Simplify query to find existing alert (merge request)
• Remove extra GraphQL query when loading alert list (merge request)
• Optimize followed users tabs (merge request)
• Preload some associations in EnvironmentSerializer (merge request)

Other (92 changes)

• Add Pages public folder check (merge request)
• Enable geo_use_clone_on_first_sync by default (merge request) GitLab Enterprise Edition
• Fix saas test by @chaomao (merge request)
• Add notes temp index synchronously (merge request)
• Move Rails/HasManyOrHasOneDependent into separate TODO file by @anshulriyal (merge request)
• Move Style/CaseLikeIf into separate TODO file by @anshulriyal (merge request)
• Move Rails/CreateTableWithTimestamps into separate TODO file by @anshulriyal (merge request)
• Move Style/EmptyMethod into separate TODO file by @anshulriyal (merge request)
• Fix sidekiq config test by @chaomao (merge request)
• Log result for ci_runners_stale_group_runners_prune_worker_cron (merge request) GitLab Enterprise Edition
• Move RSpec/RepeatedExampleGroupBody into separate TODO file by @anshulriyal (merge request)
• Move Style/HashAsLastArrayItem into separate TODO file by @anshulriyal (merge request)
• Move Rails/WhereExists into separate TODO file by @anshulriyal (merge request)
• Move Rails/InverseOf into separate TODO file by @anshulriyal (merge request)
• Move Rails/ActiveRecordCallbacksOrder into separate TODO file by @anshulriyal (merge request)
• Move Rails/NegateInclude into separate TODO file by @anshulriyal (merge request)
• Move Style/KeywordParametersOrder into separate TODO file by @anshulriyal (merge request)
• Moved Rails/ApplicationController into separate TODO file by @anshulriyal (merge request)
• Moved Style/Lambda into separate TODO file by @anshulriyal (merge request)
• Move RSpec/PredicateMatcher into separate TODO file by @anshulriyal (merge request)
• Move Rails/ContentTag into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ExpectChange into separate TODO file by @anshulriyal (merge request)
• Move Style/AccessorGrouping into separate TODO file by @anshulriyal (merge request)
• Moved Style/RedundantRegexpEscape into separate TODO file by @anshulriyal (merge request)
• Move Rails/IndexWith into separate TODO file by @anshulriyal (merge request)
• Move Style/BarePercentLiterals into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ScatteredLet into seprate TODO file by @anshulriyal (merge request)
• Move Performance/ConstantRegexp into separate TODO file by @anshulriyal (merge request)
• Move Rails/HelperInstanceVariable into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ReturnFromStub into separate TODO file by @anshulriyal (merge request)
• Move Rails/RakeEnvironment into separate TODO file by @anshulriyal (merge request)
• Move Style/FormatString into separate TODO file by @anshulriyal (merge request)
• Move Performance/CollectionLiteralInLoop into separate TODO file by @anshulriyal (merge request)
• Moved Style/SingleArgumentDig into separate TODO file by @anshulriyal (merge request)
• Cleanup ci_reduce_persistent_ref_writes feature flag (merge request)
• Move Rails/LexicallyScopedActionFilter into separate TODO file by @anshulriyal (merge request)
• Moved Style/NumericLiteralPrefix into separate TODO file by @anshulriyal (merge request)
• Move Rails/FilePath into separate TODO file by @anshulriyal (merge request)
• Move Naming/RescuedExceptionsVariableName into separate TODO file by @anshulriyal (merge request)
• Moved Style/StringConcatenation into separate TODO file by @anshulriyal (merge request)
• Prevent incorrect usage of tracking_attrs helper (merge request)
• Nullify label events in batches when user is deleted (merge request)
• Fix namespaces helper test by @chaomao (merge request)
• Fix trial status widget test by @chaomao (merge request)
• Cap MR diff render tracking events to 24h (merge request)
• Remove gitaly_replace_wiki_update_page flag (merge request)
• Use OS tempdir for artifact metadata (merge request)
• Remove the packages_graphql_pipelines_resolver feature flag (merge request)
• Remove fix_related_environments_for_merge_requests feature flag (merge request)
• Improve snowplow function by returning bool type (merge request)
• Validate work_item_type_id is NOT NULL for new issue records (merge request)
• Move Rails/SquishedSQLHeredocs into separate TODO file by @anshulriyal (merge request)
• Remove gitlab-shell sidechannel feature flag (merge request)
• Remove ci_variables_builder_config_variables feature flag (merge request)
• Remove tabs_normal and use tab_single partial instead (merge request)
• Moved Style/RedundantInterpolation into separate TODO file by @anshulriyal (merge request)
• Move Style/HashEachMethods into separate TODO file by @anshulriyal (merge request)
• Move Rails/RedundantForeignKey into separate TODO file by @anshulriyal (merge request)
• Move Rails/Pick into separate TODO file by @anshulriyal (merge request)
• Add an empty newline test to Ansi2Json (merge request)
• Remove dependency_proxy_for_private_groups feature flags by @feistel (merge request)
• Add temporary index deployments (merge request)
• Clean up after fixing regression (merge request)
• Find projects affected when membership changes are made in group (merge request)
• Remove runner_read_only_admin_view feature flag (merge request)
• Let /page quick action to support case-insensitive escalation policy names (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to v14.0.0 (merge request)
• Remove container_registry_expiration_policies_throttling feature flag by @feistel (merge request)
• Remove ci_pending_builds_table_resiliency feature flag (merge request)
• Fix various kwargs issues (merge request)
• Clean up FixMergeRequestDiffCommitUsers background migration (merge request)
• Add repository push audit event worker (merge request) GitLab Enterprise Edition
• Fix RSpec/TimecopTravel offenses (Part 1/2) by @KevSlashNull (merge request)
• Expose CI include links (merge request)
• Add documentation for merge request setting audit events (merge request)
• Use vulnerability_report.vue for agent and pipeline reports (merge request) GitLab Enterprise Edition
• Clean up deployment_approval_rules feature flag (merge request)
• Remove container_registry_follow_redirects_middleware feature flag by @feistel (merge request)
• Extend reduced cost factor to all public projects (merge request) GitLab Enterprise Edition
• Drop, then create function (merge request)
• Bump Gitlab Shell to v13.25.2 (merge request)
• Add documentation for mr settings audit events part 1 (merge request)
• Backfill SSL verification for integrations with known-good hostnames (merge request)
• Limit to current PG user (merge request)
• Make vulnerability report more reusable (merge request) GitLab Enterprise Edition
• Remove feature flag scan_result_policy (merge request) GitLab Enterprise Edition
• Remove runner_list_group_view_vue_ui feature flag (merge request)
• Add VulnerabilityReportTab component (merge request) GitLab Enterprise Edition
• Add view containing autovacuum information (merge request)
• Clean up selection summary (merge request) GitLab Enterprise Edition
• Move methods to build email unsubscribe link to helper (merge request) GitLab Enterprise Edition
• Deprecate push_rules_supersede_code_owners feature flag (merge request)

14.10.5 through 14.0.0

• See changelogs/archive-14.md

13.12.15 through 13.0.0

• See changelogs/archive-13.md

12.10.14 through 12.0.0

• See changelogs/archive-12.md

11.11.8 through 11.0.0

• See changelogs/archive-11.md

10.8.6 through 10.0.0

• See changelogs/archive-10.md

9.5.10 through 0.8.0

• See changelogs/archive.md