GitLab CE - 15.10.0
Security
(2023-03-21)
Added (155 changes)
- Add wiki_access_level to group API (merge request) GitLab Enterprise Edition
- Add filter for approved status by @Taucher2003 (merge request)
- Show achievements on user profile (merge request)
- Run package metadata conditionally in dev (merge request) GitLab Enterprise Edition
- Add revoke achievement mutation and service (merge request)
- Add documentation for protected tags creation with deploy keys (merge request)
- Define ci_builds primary key as partitioned (merge request)
- Compliance frameworks report (merge request) GitLab Enterprise Edition
- feat: Enable auto-resolution of removed SAST rules by default (merge request)
- Filter projects by compliance framework presence (merge request) GitLab Enterprise Edition
- Add Squash TM integration by @pckerneis (merge request)
- Enable duo 2FA authentication support (merge request)
- Move work item notes out of FF and docs (merge request)
- Add documentations for Praefect DNS service discovery (merge request)
- Add github repo counts endpoint (merge request)
- Enable License Scanning Policies as new type for Scan Result Policies (merge request) GitLab Enterprise Edition
- repository: Remove license_from_gitaly feature flag (merge request)
- Introduce Kubernetes integration feature (merge request)
- Prepare MR user mentions for bigint migration (merge request)
- Apply auto-disabling failed hooks to group hooks (merge request) GitLab Enterprise Edition
- Consume seat when Guest's permissions are elevated using custom roles (merge request) GitLab Enterprise Edition
- Enable license scanning of CycloneDX files (merge request) GitLab Enterprise Edition
- Native attachments for Service Desk emails (merge request)
- Allows filtering of projects by negated compliance framework id (merge request) GitLab Enterprise Edition
- Support admin/external/required groups for OIDC (merge request) GitLab Enterprise Edition
- Added refresh_billable_member api (merge request) GitLab Enterprise Edition
- Update AbuseReportsFinder to allow filtering by reporter (merge request)
- Release Block all requests feature (merge request)
- Allow self-managed to prevent auto disabling hooks (merge request)
- Add search by author name to Commits API (merge request)
- Add merge requests compliance violations consistency worker (merge request) GitLab Enterprise Edition
- Document new redis settings start_down and set_replicaof (merge request)
- [385117] GitHub import: status of import for each relation-type tab (merge request)
- Add gitlab_dedicated_instance application setting (merge request)
- Adds AddResourceService & ValidateResourceService (merge request)
- Add table and model for container registry data repair details (merge request)
- Expose cycle and lead time metrics via GraphQL (merge request) GitLab Enterprise Edition
- Save github_identifiers to the DB on the last object import worker retry (merge request)
- feat: Added the breadcrumbs for slack page by @imrishabh18 (merge request) GitLab Enterprise Edition
- Allow filtering group members by user type (merge request)
- Merge trains POST API by @markus.ferrell (merge request) GitLab Enterprise Edition
- Adds custom email verification model changes (merge request)
- Allow updating user subscriptions on a work item (merge request)
- Added truncation of the search term (merge request)
- Recreate user_type migration index (merge request)
- Allow comment on GQL vulnerabilityResolve mutation (merge request) GitLab Enterprise Edition
- Add update endpoint to draft note API (merge request)
- Display total weight of epic lists on boards (merge request) GitLab Enterprise Edition
- Backfill project_wiki_repositories table (merge request)
- Clean up child_epics_from_different_hierarchies FF (merge request)
- Add reference from p_ci_runner_machine_builds to ci_runner_machines (merge request)
- GraphQL: Add machines field to CiRunner type (merge request)
- Adjust VulnerabilityConfirm GraphQL mutation to accept comment (merge request) GitLab Enterprise Edition
- Add reordering to search language filter component (merge request)
- This MR introduces alert component (merge request) GitLab Enterprise Edition
- Enable creation of ci_runner_machines records for active ci_runners (merge request)
- Add product_analytics_data_collector_host column (merge request)
- GraphQL: Add CiRunner.createdBy field (merge request)
- Add coupon code terms to success alert and simplify associated logic (merge request) GitLab Enterprise Edition
- Integrate diagrams.net with the Content Editor (merge request)
- Add Notifications Widget to WorkItems (merge request)
- Audit event for event type filter deletion (merge request) GitLab Enterprise Edition
- [388716] Github importer: collaborators (members) (merge request)
- Support quick actions through new note (merge request)
- Admin only project edit page by @markus.ferrell (merge request)
- Allow to export work items with GraphQL mutation (merge request)
- Add dismissal reason to vulnerability details status (merge request) GitLab Enterprise Edition
- Blame page streaming (merge request)
- Add CLI regex for upcoming CLI UserAgent change (merge request)
- Introduce JobArtifact::BulkDestroy mutation (merge request)
- Add the deployment count to the GraphQL API (merge request) GitLab Enterprise Edition
- Allow to set design description in GraphQL API (merge request)
- Add visualization designer button (merge request)
- Add new event serializer to return JSON only response based on FF (merge request)
- Allow filtering of projects by compliance filters (merge request) GitLab Enterprise Edition
- Add value streams dashboard link component (merge request) GitLab Enterprise Edition
- Add language aggregation to code search (merge request) GitLab Enterprise Edition
- Add block all requests to admin/network settings (merge request)
- Add temporary indexes for user_type (merge request)
- Add design description column (merge request)
- Enable by default incident event tags (merge request)
- Adds audit event for audit event filter creation (merge request) GitLab Enterprise Edition
- Add index to oauth_access_grants.application_id (merge request)
- Accept comment in VulnerabilityRevertToDetected GraphQL mutation (merge request) GitLab Enterprise Edition
- Improve Purchase Errors mapping (merge request) GitLab Enterprise Edition
- Warning when branch name from issue contains a white space (merge request)
- Instrument Enterprise Users adoption (merge request) GitLab Enterprise Edition
- Add updated_before and updated_after filters to iterations API (merge request) GitLab Enterprise Edition
- Adds copy to clarify work-in-progress is excluded from VSA stages (merge request)
- Add user_has_committed and committers_can_approve to approvals API (merge request)
- Add requiredApprovalCount to ProtectedEnvironmentType (merge request)
- Add group web-hooks failed notifications by @alexkalderimis (merge request)
- Enable rule mode SEP UI for SAST IaC (merge request) GitLab Enterprise Edition
- Add types to async constraint validations (merge request)
- Validate and replace FK for ci_sources_pipelines and ci_builds (merge request)
- Validate and replace FK for ci_job_variables and ci_builds (merge request)
- Validate and replace FK for ci_build_trace_metadata and ci_builds (merge request)
- Add SAST IaC to scan execution policies (merge request) GitLab Enterprise Edition
- Create a wrapper for Rails.cache with metrics support (merge request)
- Enable CI hooks:pre_get_sources_script syntax (merge request)
- Add sync index for merge_request_diffs external_diff column (merge request)
- Finalize migration and add NOT VALID Foreign Key (merge request)
- Create award achievement GraphQL mutation (merge request)
- Add pipeline reference in state transition (merge request)
- Added updated_after and updated_before params to milestones API (merge request)
- Add markdown soft break on Shift+Enter (merge request)
- Add cost settings which belongs to a runner (merge request)
- Pre-create initial partition for ci_runner_machine_builds (merge request)
- Introduce ErrorAlert Component to Purchase flows (merge request) GitLab Enterprise Edition
- Schedule FK async validations for p_ci_builds_metadata partitions (merge request)
- Add rate limits for access of Projects API (merge request)
- Add inbound access control to projects (merge request)
- Add Create Runner mutation (merge request)
- Add code step (merge request)
- Add Create Runner mutation by @tschmitke (merge request)
- Cleanup add_refresh_pull_mirror_worker feature flag (merge request)
- Release GitLab for Slack notifications (merge request) GitLab Enterprise Edition
- Display parent and work item ID on detail page (merge request)
- Add audit even for agent token creation (merge request) GitLab Enterprise Edition
- Added deprecation warning for Slack on self-hosted (merge request)
- Frontend implementation of work item notes subscription (merge request)
- Expose issue count flow metric via GraphQL (merge request) GitLab Enterprise Edition
- Skip License#check_trueup when converting to cloud (merge request) GitLab Enterprise Edition
- Added the deprecation alert to Slack notifications (merge request)
- Refactor tests for admin mode by @TrueKalix (merge request)
- Add add_concurrent_index migration for index_namespaces_on_updated_at (merge request)
- Add add_concurrent_index migration for index_users_on_updated_at (merge request)
- Summary quick view of issuables using markdown (+s) (merge request)
- API Discovery analyzer for java spring-boot (merge request) GitLab Enterprise Edition
- Add pre scan verification create-update service (merge request)
- BG migration to add issue links to existing findings (merge request)
- Validate and replace FK for ci_build_report_results and ci_builds (merge request)
- SSO-provisioned users are redirected to SSO login after confirmation (merge request) GitLab Enterprise Edition
- Expose total weight for epic board list API (merge request) GitLab Enterprise Edition
- Add bulk_import_export_batches & bulk_import_batch_trackers db tables (merge request)
- Update FKs between p_ci_builds_metadata partitions and ci_builds (merge request)
- Adds delete action on package other versions tab (merge request)
- Validate and replace FK for ci_job_artifacts and ci_builds (merge request)
- Add frontend validation for discord id (merge request)
- Create namespace_ldap_settings table to move columns from namespaces (merge request)
- Add key_fingerprint_sha256 to SshSignatureType (merge request)
- Validate and replace FK for ci_build_needs and ci_builds (merge request)
- Add deployment approver settings to API by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
- Add status and resolved_at columns to abuse_reports (merge request)
- Add ci_runner_machine_builds join table (merge request)
- Backend for Service Account MVC (merge request)
- Add logs for ci resource groups (merge request)
- Allow abuse reports from epic notes (merge request) GitLab Enterprise Edition
- Add sync index for lfs_objects file column (merge request)
- Add
has_failures
column tobulk_import_*
db tables (merge request) - Add
add_provisioned_by_group_at
touser_details
(merge request) - Add sync index for package_files file_name column (merge request)
- Index sbom_occurrences on project_id and id (merge request)
- Add Query.project.dependencies to graphql (merge request) GitLab Enterprise Edition
- Add index to web_hook_logs (merge request)
Fixed (173 changes)
- Fix URL base of API endpoint (merge request) GitLab Enterprise Edition
- Run in batches uuids count (merge request) GitLab Enterprise Edition
- Update prometheus-client-mmap to v0.19.1 (merge request)
- Work item add comment bug fix (merge request)
- Use only the valid report findings in PipelineVulnerabilitiesFinder (merge request) GitLab Enterprise Edition
- Fix to prevent unlimited CI includes (merge request)
- Fix duplication of thread comments on snippet and commit page (merge request)
- Different fixes for cleanup policies for container images (merge request)
- Fix NoMethodError: undefined method `sha' (merge request)
- Remove calendar icon from epic list item if no date exists (merge request) GitLab Enterprise Edition
- Address polling edge cases in runner registration (merge request)
- Fix Debian generate for group distributions by @sathieu (merge request)
- Put runner machine heartbet under a feature flag (merge request)
- Fix Debian tarball extensions by @sathieu (merge request)
- Fix work items links for relative url instance (merge request)
- Fix webhook failure callout sticky from some pages (merge request)
- Hide bulk deletion UI of container tags for users without permission (merge request)
- Fix alignment of diff system note icons (merge request)
- Check license for package metadata sync (merge request) GitLab Enterprise Edition
- Rebuild MR report approval rules on group access changes (merge request)
- Render broadcast messages preview in markdown (merge request)
- Expire Etag cache for Environemnt when deployment approved (merge request)
- Fix no author shown when changing state of vulnerability (merge request) GitLab Enterprise Edition
- Rebuild MR report approval rules on project access changes (merge request) GitLab Enterprise Edition
- Require disable_ddl_transaction on bbm finalization (merge request)
- Fix border radius on merge request filter (merge request)
- Run override UUID logic for the added and fixed findings (merge request) GitLab Enterprise Edition
- Fix bug causing only the last schedule type policy to run (merge request) GitLab Enterprise Edition
- Exclude archived projects from total and starred counts (merge request)
- Fix TypeError for empty blob.path (merge request) GitLab Enterprise Edition
- Support Maven artifact classifiers when checking for duplicates (merge request)
- Add support for OCI image indexes in Dependency Proxy (merge request)
- Enforce regex in security orchestration schema (merge request)
- Fix project-level VSA license check (merge request) GitLab Enterprise Edition
- Change occurrences column type to join feedback table (merge request) GitLab Enterprise Edition
- Fix styling of add issuable form input wrapper (merge request)
- Fix yaml load compatible issue by @chaomao (merge request)
- Fix border radius on pending comments (merge request)
- Prevent multiple package metadata sync jobs (merge request) GitLab Enterprise Edition
- Use access exclusive lock for FKs on partitioned tables (merge request)
- Fix license approval policies to consider non-default branches (merge request) GitLab Enterprise Edition
- Fix incorrect
has_issues
onvulnerability_reads
(merge request) - Fix Profile GPG key timeago tooltip (merge request)
- Improve Scan Details alignment and UI issues (merge request) GitLab Enterprise Edition
- Fix finding details header by @jschafer-gitlab (merge request) GitLab Enterprise Edition
- Fix gitlab cleanup tags service default status (merge request)
- Fix artifacts:public accessiblity parameter (merge request)
- Reduce the chances of deadlocks for builds migrations (merge request)
- Fix 500 error for Instance level SCIM identities (merge request) GitLab Enterprise Edition
- Fix spacing on summary comment tabs (merge request)
- Fix double focus outline in content editor (merge request)
- Fix markdown anchor icon in dark mode (merge request)
- Handle InvalidForeignKey errors when indexing deleted projects (merge request) GitLab Enterprise Edition
- Seperate out jobs count query (merge request)
- Fix bug where adding other approver type is added (merge request) GitLab Enterprise Edition
- Fix namespace null bug (merge request)
- Fix border radius on collapsed replies in diffs (merge request)
- Don't show checklist item dropdown within tables (merge request)
- Label dropdown: fix color swatches :focus (merge request)
- Fix dollar replacements in sprintf (merge request)
- Modifies contribution analytics GraphQL query to be recursive (merge request) GitLab Enterprise Edition
- Removed debounce from issues query (merge request)
- Fixed root_ancestor inside transaction (merge request)
- Avoid 404 on empty Debian component file by @sathieu (merge request)
- Standardize related items counters (merge request)
- Add
order_by: 'similarity'
to invite group API request (merge request) - Fix N+1 for search notes (merge request) GitLab Enterprise Edition
- Fix task widget border radius (merge request)
- Process packages with not all details (merge request) GitLab Enterprise Edition
- Fix whitespace after author name in note header (merge request)
- Disallow terraform state management if config is disabled (merge request)
- Fix(Subscription Sync): hide button legacy/offline (merge request) GitLab Enterprise Edition
- Remove non-user links from todos (merge request)
- Adds display for errors in Jupyter Notebooks (merge request)
- Require reCAPTCHA for trial registrations (merge request) GitLab Enterprise Edition
- This MR adds handling yaml parsing errors (merge request) GitLab Enterprise Edition
- Prevent validating an invalid promo code once invalid (merge request) GitLab Enterprise Edition
- Fix UI consistencies in bulk update sidebar (merge request)
- Fix unintended changes in db dictionary after db:migrate (merge request)
- Fix icon and textfield in incident timeline by @Mughees_ (merge request)
- Do not include hidden issues in the ES result (merge request) GitLab Enterprise Edition
- Restore style after leaving fullscreen / zen mode by @winniehell (merge request)
- Splat attributes in update_issue call (merge request)
- Remove special handling of trace in DestroyBatchService (merge request)
- Fixes the border-radius of the tasks widget (merge request)
- Fix finding details header (merge request) GitLab Enterprise Edition
- Add guards for issue instance proxy (merge request) GitLab Enterprise Edition
- Fix typo in Terraform template docs example by @artpropp (merge request)
- Fix ignored task that falls between HTML comments (merge request)
- Use proxy base url for http_url_to_repo (merge request) GitLab Enterprise Edition
- Fix foreign_key_exists? migration helper (merge request)
- Increases size limit for Jupyter Notebook diffs (merge request)
- Do not parse git-notes commits during git access checks (merge request)
- Fix alignment of participants in issuable sidebar (merge request)
- Fix contribution calendar not respecting "First day of the week" (merge request)
- Fix unselectable group webhooks (merge request) GitLab Enterprise Edition
- Fix timeout error while deleting approval rules from scan result policy (merge request) GitLab Enterprise Edition
- Ensure corpus management has active nav (merge request) GitLab Enterprise Edition
- Resolve vulnerabilities for each scanner found in the scan report (merge request) GitLab Enterprise Edition
- Fix notebook viewer switching (merge request)
- Reset subscription max_seats_used on trial upgrade (merge request) GitLab Enterprise Edition
- Issuables author :focus fix (merge request)
- Use min and max date to prevent setting end dates before start dates (merge request) GitLab Enterprise Edition
- Fixing tests for single-db-two-connection (merge request)
- Hide scan details when no report summary scans are available (merge request) GitLab Enterprise Edition
- Fix comment links on work items (merge request)
- Allow blank scope for aggregations endpoint (merge request) GitLab Enterprise Edition
- Provide default path for protected environments (merge request)
- Fix inconsistent behaviour in design comments (merge request)
- Fix :focus on participants (merge request)
- Fix protected environment user list title (merge request)
- Add a boolean field hidden in the Issue ES mapping (merge request) GitLab Enterprise Edition
- Breadcrumb: fix :focus (merge request)
- Fix ArgumentError, use default sort by name (merge request)
- Draft: Use epicsCount from metadata instead of from the list (merge request) GitLab Enterprise Edition
- Fix regex for destination namespace path (merge request)
- Allow searching by full path (merge request)
- Enable Geo::RepositoryRegistrySyncWorker on Geo secondary site (merge request) GitLab Enterprise Edition
- Guard against dropped columns when finalizing user details migration (merge request)
- Replace old image with SVG for empty MR state (merge request)
- Fix ArgumentError for Integrations::Campfire (merge request)
- Open vulnerability history comment editor on focus (merge request) GitLab Enterprise Edition
- Work item: fix title :focus (merge request)
- Change order of CSS imports to fix search icon UI (merge request)
- Update yml validation to be more clear (merge request)
- Add response caching for aggregations (merge request) GitLab Enterprise Edition
- Fix null exception for approvals_before_merge (merge request) GitLab Enterprise Edition
- Fix edge case when parent set to nil (merge request)
- Avoid overwriting runner cached values on job API calls (merge request)
- Include memberships from groups shares in preloader (merge request)
- Fix merge checks group name fetching issue (merge request) GitLab Enterprise Edition
- Deduplicate Group & Project destroy workers (merge request)
- Fix note edited i18n issue (merge request)
- Remove spy on component methods (merge request)
- Fix object deletion not working with Azure Blob Storage (merge request)
- [383842] GitHub importer: fix note attachments (merge request)
- Fix typo in the error message rendering (merge request)
- Update createBranch path with a new value (merge request)
- Fix helpPagePath for import table by @Taucher2003 (merge request)
- Sync pipeline commit message for Jira keys (merge request)
- Modify creating resource access token to create email with random part (merge request)
- Fix NotNullViolation in issues API (merge request)
- Add word-break to generic-sec-report tables (merge request) GitLab Enterprise Edition
- Restore original tooltip after copying (merge request)
- Fix #retry_lock overriding .current_scope (merge request)
- Removing FF deduplicate_archive_traces_cron_worker (merge request)
- Fix page navigation alignment on dependencies / licenses pages (merge request) GitLab Enterprise Edition
- Fix invalid return when malformed data (merge request) GitLab Enterprise Edition
- Fixes logic for when we reset subscription seats (merge request) GitLab Enterprise Edition
- Fix date parsing issue on firefox for datetime on bcast msg (merge request)
- Fix Code Quality text contrast (merge request)
- Abstract count from query (merge request)
- Don't allow nil value for allow_force_push (merge request)
- Fix dependency check in license approval policies (merge request) GitLab Enterprise Edition
- GitLab Direct Transfer - update invalid source GitLab URL error message (merge request)
- Remove valid? check when rendering link (merge request)
- Hide
Infra::Google Cloud
menu if Google OAuth2 disabled (merge request) - Fix epic roadmap focus states (merge request) GitLab Enterprise Edition
- Fix imported project labels having a group_id (merge request)
- Remove html comment from text/plain variant "new_review_email" by @xdavidwu (merge request)
- Use spec_helper where required (merge request)
- Fix 500 error for calls without JWT token to Git http (merge request)
- Fix caching headers, drop HTTP/1.0 support (merge request)
- Hide merged date sort option for open/closed MRs page (merge request)
- Fix months dropdown for the usage quotas feature (merge request) GitLab Enterprise Edition
- Updates dashboard design closer to designs and fixes navigation bug (merge request)
- Add
services:variables
to CI schema (merge request) - Allow pipeline schedule owner to call take_ownership API (merge request)
- Use declarative enum on external issue link type by @przbadu (merge request) GitLab Enterprise Edition
- Fix S3 backups not working on FIPS systems (merge request)
- Handle rendering errors from reStructuredText (merge request)
- Fix cascading attr ability to set value back to same as ancestor (merge request)
- Fix OAuth application creation through API (merge request)
Changed (249 changes)
- Add polling for pending external status checks (merge request) GitLab Enterprise Edition
- Add ops feature flag to stop pruning old events (merge request)
- This MR changes variant of alert (merge request) GitLab Enterprise Edition
- Allow public runner releases to be disabled (merge request)
- Enhance Security & Compliance Error Handlings (merge request) GitLab Enterprise Edition
- Improve help text for compliance framework configuration UI (merge request) GitLab Enterprise Edition
- Run Gemnasium on file matches in all directories (merge request)
- Adds repository sorting by total storage size (merge request) GitLab Enterprise Edition
- Add default owner for CODEOWNERS section (merge request) GitLab Enterprise Edition
- Remove 'redis_key' from known_events (merge request)
- Fix spec violations in dashboard_spec.js (merge request) GitLab Enterprise Edition
- Add column chart visualization (merge request) GitLab Enterprise Edition
- Fixed spec violations in table_spec.js (merge request) GitLab Enterprise Edition
- Application settings: Remove container limited class (merge request)
- Related merge requests: Enhance styling (merge request)
- Highlight possibility of conflict between branch names settings (merge request)
- Unbox work items (merge request)
- Add complexity and gitaly flag against suggest_approvers field (merge request) GitLab Enterprise Edition
- Changed source of current source data (merge request)
- Use linear ancestors_upto namespace queries (merge request)
- Use linear queries for namespace roots (merge request)
- This MR replaces profiles input fields (merge request) GitLab Enterprise Edition
- Added ability to hide issues in default dropdown (merge request)
- Added response body, changed status (merge request) GitLab Enterprise Edition
- Clean up project and group milestone pages (merge request)
- Add topics help text on the project settings page by @Cryptopone (merge request)
- Reschedule migration for remediation (merge request)
- Removing apple_app_store_integration feature flag (merge request)
- Detail page header: remove borders (merge request)
- Add keyset pagination to project audit events api (merge request) GitLab Enterprise Edition
- Adjust tests to api admin mode by @TrueKalix (merge request)
- Hide upgrade billing for ramped subscriptions (merge request) GitLab Enterprise Edition
- Update license scanning widget with license approval policies (merge request) GitLab Enterprise Edition
- Update ruby-magic to v0.6.0 (merge request)
- Unbox widgets (merge request) GitLab Enterprise Edition
- Remove feature flag
cache_client_with_metrics
(merge request) - Improve shared examples with status code by @TrueKalix (merge request)
- Set DS_SCHEMA_MODEL to 15 in Container Scanning CI template (merge request)
- Make switching between editors seamless (merge request)
- Issue: related merge request information (merge request)
- Add check that the Gitlab API is supported (merge request)
- Removes feature flags for refresh seats worker (merge request) GitLab Enterprise Edition
- Streamline from input height (merge request)
- Issues: consolidate buttons (merge request) GitLab Enterprise Edition
- Use linear self_and_hierarchy namespace queries (merge request)
- Add event_types for FeatureFlag audit events (merge request)
- Migrate the commit filtering report to include all commits (merge request) GitLab Enterprise Edition
- Replace admin group, project, and topic avatars with pajamas component (merge request)
- Remove customizable_roles feature flag (merge request) GitLab Enterprise Edition
- Add spacing and migrate card for user usage quotas (merge request)
- Remove extra padding from abuse report actions (merge request)
- Change pipeline stats (merge request) GitLab Enterprise Edition
- Remove 'transparent_sso_enforcement` feature flag (merge request) GitLab Enterprise Edition
- This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
- refactor: Buton migrated to Pajamas compliant by @imrishabh18 (merge request)
- This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
- Add redis counter for manifest delete events (merge request)
- Use project's usage_quotas instead of direct URL (merge request) GitLab Enterprise Edition
- Updated copy on free and trial registration pages (merge request)
- Legacy dropdown improvements (merge request)
- Update free user limit alert copy for non-owner roles (merge request) GitLab Enterprise Edition
- Improve revert/cherry-pick error messages (merge request)
- Fix deprecated interface for YAML.safe_load (merge request)
- Remove tag icon in container registry by @parkourkarthik (merge request)
- Update ruby-magic to v0.5.5 (merge request)
- Wiki directory follow page when they have been combined by @zhyhchg (merge request)
- refactor: Changed the card to pajamas compliant by @imrishabh18 (merge request)
- Migrate start and end date button on burndown chart (merge request)
- Migrate restore group button to pajamas component (merge request)
- Reduce sub-batch size for failed Batched Background Migration Jobs (merge request)
- Migrate edit merge request button to pajamas component (merge request)
- Adds triggers to Database Schema validations (merge request)
- Scope issue model iid to namespace (merge request)
- Use small variant for pending comment badge (merge request)
- Add audit events for sharing a group membership to another group (merge request) GitLab Enterprise Edition
- Removes prefixed asterisk for path filters (merge request) GitLab Enterprise Edition
- Migrate projects auto devops card to pajamas (merge request)
- Delete orphaned packages dependencies (merge request)
- Group overview: changes recent activity bold text to content (merge request) GitLab Enterprise Edition
- Migrated Read more button to Pajamas on project env page (merge request)
- This MR replaces tooltip with popover (merge request) GitLab Enterprise Edition
- Set 'send_user_confirmation_email' application (merge request)
- Create label: add color picker (merge request)
- Update card component in Project mirror settings (merge request)
- Migrate 2fa cards to Pajamas components (merge request)
- Update cards component in project starrer page (merge request)
- Remove
dynamic_nonce
feature flag (merge request) - Make Security Sidebar part of "Your Work" (merge request) GitLab Enterprise Edition
- Remove disabled_mr_discussions_redis_cache feature flag (merge request)
- Update installation command for maven package (merge request)
- This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
- Remove enforce_max_attachment_size_upload_api feature flag (merge request)
- Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
- Remove bottom border from page titles (merge request)
- Added unlimited members alert to members pages (merge request) GitLab Enterprise Edition
- Timeline: tidy up system notes (merge request)
- Migrate evidences from raw_metadata (merge request)
- Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
- Add cache for Software Licenses table (merge request) GitLab Enterprise Edition
- Fixes the alignment of the bio on the user profile page (merge request)
- Add cicd config button when missing yaml (merge request)
- Update Slack authorization page UI (merge request)
- Remove
linear_user_manageable_groups
feature flag (merge request) - Remove
linear_project_ancestors
feature flag (merge request) - Remove use_iid_in_work_items_path feature flag from backend (merge request)
- Use icon button for subscribe to rss feed/calendar (merge request)
- Add tooltip to pending badge (merge request)
- Translate error messages when creating security policy projects (merge request) GitLab Enterprise Edition
- Update table header (merge request)
- Update gitlab pages (merge request)
- Adjust tests to api admin mode by @TrueKalix (merge request)
- Renames fk_rails_f601258b28 FK to fk_rails_0434b48643 on events table (merge request)
- Removed CTA from Free Plan on billings page (merge request) GitLab Enterprise Edition
- This MR adds switch mode for runner tags (merge request) GitLab Enterprise Edition
- Update css_parser gem to v1.14.0 (merge request)
- Rename "CI / CD > Test Cases" to "CI / CD > Test cases" (merge request) GitLab Enterprise Edition
- This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
- Keep author and timiestamp visible when editing comment (merge request)
- Remove enforced_sso_expiry feature flag (merge request) GitLab Enterprise Edition
- Add breadcrumb linking to dashboard page to project#new (merge request)
- Add breadcrumb linking to dashboard page to group#new (merge request)
- Clean up invite_members_in_side_nav experiment (merge request)
- Hide access token related instructions for public pypi package (merge request)
- Add colors to user tokens on escalation view (merge request) GitLab Enterprise Edition
- Removes feature flag user_search_simple_query_string (merge request) GitLab Enterprise Edition
- Hanlde issue model to reference through the namespace (merge request)
- Add status check id to MR status check widget (merge request) GitLab Enterprise Edition
- Unconcatenate errors for personal access tokens (merge request)
- Database migration for new deny all app setting (merge request)
- Update dependency auto-build-image to v1.30.0 (merge request)
- Enable full_path_project_search feature flag by default (merge request)
- Expose max_seats_used_changed_at in namespace API (merge request) GitLab Enterprise Edition
- Sync Security Policies only for project with updated protected branches (merge request) GitLab Enterprise Edition
- Fix combine page directory case sensitivity bug (merge request)
- Distinguish authentication errors in commits API (merge request)
- Use Gitlab.com? to check if a container has been migrated (merge request)
- User profile page header tidy (merge request)
- Remove the feature flag bulk_cron_worker_auto_requeue (merge request) GitLab Enterprise Edition
- Rename "Configuration" to "Security configuration" (merge request)
- Rename "Repository > Locked Files" to "Repository > Locked files" (merge request)
- Rename "Repository > Contributors" to "Contributor statistics" (merge request)
- Support Ubuntu ddeb by @sathieu (merge request)
- Remove integration_id column from chat_names (merge request)
- User avatar link: fix spacing (merge request)
- Make catalog_resources.project_id to be unique (merge request)
- Update parsing of *_DISABLED variables (merge request)
- Your Work: Environments and Operations Dashboard (merge request) GitLab Enterprise Edition
- Change widget empty state of work items & linked issues/epics (merge request)
- Removes advanced_user_search feature flag (merge request) GitLab Enterprise Edition
- Merged message: change alignment of revert and cherry-pick buttons (merge request)
- Validates db/structure.sql changes without migrations (merge request)
- Rename "Discover" to "Security capabilities" (merge request) GitLab Enterprise Edition
- Prevent Ruby sessions from serializing arbitrary objects (merge request)
- Update super-sidebar styles and add overlay (merge request)
- This MR introduces tags parsing error handling (merge request) GitLab Enterprise Edition
- Update merge strategy labels for Mr. Widget (merge request)
- Move follower counts on profile page (merge request)
- Add check_type enum to PreScanVerificationStep (merge request) GitLab Enterprise Edition
- New section to disable all 2FA (merge request)
- Rename "Repository > Compare" to "Repository > Compare revisions" (merge request)
- Add link to redirect back to sign-up page (merge request)
- Improve visibility of SAST Analyzers banner (merge request) GitLab Enterprise Edition
- Remove the parallel_bulk_cron_worker feature flag (merge request) GitLab Enterprise Edition
- Schedule async temp index on finding report types (merge request)
- Remove use_response_url_for_chat_responder FF (merge request)
- Migrate links for vulnerability findings from (merge request)
- Suppress routing error log messages with POST
/jwt/auth
route (merge request) - Standardize note edited presentation (merge request)
- Expand invite modal buttons (merge request)
- Send email when exporting work items as CSV (merge request)
- Implement partially cached MR security reports paths (merge request) GitLab Enterprise Edition
- Improve shared examples for api admin mode by @TrueKalix (merge request)
- Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
- Remove the feature_flag code_basic_search_files_by_regexp (merge request)
- Drop unnecessary storing of WebAuthn credential options in session (merge request)
- Updated Security Compliance SideNav text to sentence case by @parkourkarthik (merge request)
- Fix(Subscr.): success notification + loading icon (merge request) GitLab Enterprise Edition
- This MR updates tags field to be a dropdown (merge request) GitLab Enterprise Edition
- Security warning when rebasing (merge request)
- Log an activity event when an agent token is revoked (merge request)
- Change default public cost factor (merge request)
- Migrate the remediation data into their own (merge request)
- Streamline appearance of widgets (merge request)
- Add styles for line sticky headers (merge request) GitLab Enterprise Edition
- Change private method default values (merge request) GitLab Enterprise Edition
- Adds fuzzy to the list of advanced search syntax options (merge request) GitLab Enterprise Edition
- Add sync creation of next_over_limit_check_at index (merge request)
- Use linear ancestor queries (merge request)
- Use linear queries for namespace ancestor queries (merge request)
- Add specific DORA metric fields to Graphql type (merge request) GitLab Enterprise Edition
- Update webauthn gem to v3.0 (merge request)
- Improves the consistency of the dropdowns (merge request)
- Update scan policies text (merge request)
- Adds project_id to the Note API entity (merge request)
- Update vulnerability_reads trigger to set has_issues (merge request)
- Cleanup 'rely_on_protected_branches_cache' feature flag (merge request)
- Add Search::ReindexingService (merge request) GitLab Enterprise Edition
- Updates advanced user search to use simple query string and fuzzy match (merge request) GitLab Enterprise Edition
- Load partitioned index name if enabled (merge request) GitLab Enterprise Edition
- Launch invite modal from invite members in top nav (merge request)
- Add expand/collapse button on list in wiki sidebar by @qk44077907 (merge request)
- Decrease maximum runtime for VSA aggregations (merge request) GitLab Enterprise Edition
- Add same ssh ports check for geo::check rake task (merge request) GitLab Enterprise Edition
- Renaming the rules label to conditions (merge request) GitLab Enterprise Edition
- Switch package metadata sync to run hourly (merge request) GitLab Enterprise Edition
- Geo: Verification of container repositories (merge request)
- Introduce registry_size_estimated to namespace_root_storage_statistics (merge request)
- Improve issuable locked warning styling (merge request)
- Create index on approval_rules for scan_result_policy_id (merge request)
- Raise CI variables limits on gitlab.com (merge request)
- Validate oauth_access_tokens#expires_in not null (merge request)
- Truncate commits that exceeds the new commits note display limit (merge request)
- Update delete icon in manual var form (merge request)
- Cleanup 'delayed_repository_update_mirror_worker' feature flag (merge request)
- Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
- Update activation error handling (merge request) GitLab Enterprise Edition
- Set GITALY_SERVERS for gitaly-backup (merge request)
- Update component to use GraphQL jobPlay (merge request)
- Update dependency auto-deploy-image to v2.47.0 (merge request)
- Fetch and display report data (merge request) GitLab Enterprise Edition
- Refactors component ml_experiments_show.vue (merge request)
- Clean up invite_for_help_continuous_onboarding (merge request)
- Group issue-board controls into ellipsis dropdown (merge request)
- Prepare async foreign key validation for ci_build_trace_metadata (merge request)
- Prepare async foreign key validation for ci_job_variables (merge request)
- Prepare async foreign key validation for ci_sources_pipelines (merge request)
- Add default_color_scheme to Gitlab settings by @colin969 (merge request)
- Remove N+1 when loading finding link relations in serialization (merge request) GitLab Enterprise Edition
- Show group sidebar while creating a new subgroup or project (merge request)
- Scope FK name uniqueness to the table name (merge request)
- Add runner registration page (merge request)
- Remove feature flag ci_use_downstream_pipeline_duration_for_calculation (merge request)
- Allow new Slack integrations created on GitLab.com (merge request)
- Lock timelogs when project is archived by @Taucher2003 (merge request)
- Ask for recovery code if WebAuthn is the only 2FA (merge request)
- Improve devise error_message by @ali_o_kan (merge request)
- Swap the order of pin and password fields (merge request)
- Wording changes related to
webauthn_without_totp
(merge request) - Show numeric keyboard on mobile for 2fa codes (merge request)
- Cleaned up successful experiment trial_email_validation (merge request)
- Cache search#autocomplete on the frontend (merge request)
- [Feature flag] Clean Up
all_commits_compliance_report
feature flag (merge request) GitLab Enterprise Edition - Remove NO_ACCESS option from unprotect_access_level (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v1.29.0 (merge request)
- Resolve vulnerabilities from successful scans (merge request) GitLab Enterprise Edition
- Hide software license policies created through scan result policy (merge request) GitLab Enterprise Edition
- Add index on vulnerability_reads (merge request)
- Add index for next_over_limit_check_at (merge request)
- Remove ignore for dropped user profile fields by @brianjaustin (merge request)
Deprecated (2 changes)
- Remove default_value_for gem (merge request)
- UNSTRUCTURED_RAILS_LOG disabled by default (merge request)
Removed (26 changes)
- Cleaned up
video_tutorials_continuous_onboarding
experiment (merge request) GitLab Enterprise Edition - Add cleanup migration for orphan Software Licenses (merge request)
- Remove bulk_import_projects from frontend (merge request)
- Remove group_administration_nav_item feature flag (merge request) GitLab Enterprise Edition
- Remove exponential increase experiment (merge request)
- Remove audit log group level feature (merge request) GitLab Enterprise Edition
- Remove learn gitlab project creation (merge request) GitLab Enterprise Edition
- Remove issue templates promotion pop up (merge request) GitLab Enterprise Edition
- Clean up environments search logging feature flag (merge request)
- Drop
revokable
fromachievements
by @Taucher2003 (merge request) - Remove incorrectly onboarded namespaces from onboarding table (merge request)
- [385649] Rollout FF github_client_fetch_repos_via_graphql (merge request)
- git: Remove unused root tree object ID from Git::Tree (merge request)
- Removed cube_api_proxy flag (merge request)
- Remove backup upload drivers Openstack Swift and Rackspace (merge request)
- Remove reactivate/extend trial button (merge request)
- Remove dast_site_validation_drawer feature flag (merge request) GitLab Enterprise Edition
- Remove deprecated path (merge request)
- Remove the send_user_confirmation_email column (merge request)
- Remove concurrent index for index_ci_builds_on_token_encrypted (merge request)
- Prepare async index removal of token for ci_builds (merge request)
- Remove Jira Connect public key storage config (merge request)
- Remove revoke_ssh_signatures feature flag (merge request)
- Remove action_monthly_active_users_web_ide_edit metric (merge request)
- Remove feature flag improved_spread_parallel_import (merge request)
- Remove errantly onboarded namespaces (merge request)
Security (24 changes)
- Protect Datadog API key by changing Datadog site
- Stop Group Transfer Service if SAML Provider or SCIM token is present
- Disallow maintainer to create an owner access token
- Verify Kroki diagram type
- Fix pagination limits for Commits API
- Using builds metadata to determine debug_mode
- Check read_release permission before showing releases in Tags API
- Mask Google IAP account details in Prometheus integration
- Block private personal snippet from unauthorized users
- Protect integrations' sensitive information exposed via API
- Paste only text content in work items title
- Jira DVCS OAuth Open Redirect Vulnerability
- Protect Datadog API key by changing Datadog site
- Stop Group Transfer Service if SAML Provider or SCIM token is present
- Disallow maintainer to create an owner access token
- Verify Kroki diagram type
- Fix pagination limits for Commits API
- Using builds metadata to determine debug_mode
- Check read_release permission before showing releases in Tags API
- Mask Google IAP account details in Prometheus integration
- Block private personal snippet from unauthorized users
- Protect integrations' sensitive information exposed via API
- Paste only text content in work items title
- Jira DVCS OAuth Open Redirect Vulnerability
Performance (10 changes)
- Remove index on events.actions async (merge request)
- Remove notes id while initializing notes component (merge request)
- Use replica to fetch package licenses (merge request) GitLab Enterprise Edition
- Swap explore/groups performance fix to .com only (merge request)
- Use custom Redis backend for Rack::Attack (merge request)
- Increase request timeout in bulk imports (merge request)
- Remove FF for token removal (merge request)
- Add etag caching for epic changes (merge request) GitLab Enterprise Edition
- Remove redundant project selection (merge request)
- Improve performance while exporting CI pipelines (merge request)
Other (55 changes)
- Add worker to wait for project export relations to finished (merge request)
- Edit or remove links to deleted docs (merge request)
- Add BulkImports::ExportBatch & BulkImports::BatchTracker models (merge request)
- Remove repack_after_shard_migration feature flag (merge request)
- Add test cases for work items title and milestone (merge request)
- Handle design notes error logic in single component (merge request)
- Delete security_policy_bot user records (merge request)
- Provide :debug_permission_checks flag for specs (merge request)
- Backfill the prepared_at column for older merge requests (merge request)
- Extend redis hll metrics for github import (merge request)
- Cop to ensure BBM has the associated dictionary file (merge request)
- Creates migration to swap columns (merge request)
- Change VSD url (merge request) GitLab Enterprise Edition
- Update Import failures to include subrelation errors (merge request)
- Remove bulk_import_projects feature flag (merge request)
- Lock net-protocol version to match the monkey patch (merge request)
- Fix rake/require offence in following files: by @przbadu (merge request)
- Clean up p_ci_builds_metadata schema (merge request)
- Remove EnumWithNil helper (merge request)
- Finalize conversion of timelogs.note_id to bigint (merge request)
- Remove hash_oauth_secrets feature flag (merge request)
- Update gitlab-qa gem version (merge request)
- Add migrations_should_finish on elastic_index_dependant_association (merge request) GitLab Enterprise Edition
- Update Codeowners after Certify change (merge request)
- Update Gitlab Shell version to 14.18.0 (merge request)
- Validate and replace FK for p_ci_builds_metadata and ci_builds (merge request)
- Creates a dictionary file on generating the BBM (merge request)
- Remove invalid deprecation notice about maintainer_note (merge request)
- Schedule temporary partitioning indexes removal (merge request)
- Prepare async index on expire_at for unlocked non-trace job artifacts (merge request)
- Remove ci_destroy_unlocked_job_artifact feature flag (merge request)
- Backfill merge request compliance violations table (merge request)
- Add metrics for Redis Cluster redirection (merge request)
- Patch ActiveRecord Preloader to imiatate Rails 7 interface (merge request)
- Remove notes_create_service_tracking feature flag (merge request)
- Adds CIComponentRepositories table (merge request)
- Update CI includes counting structure to include duplicates (merge request)
- Suggest refreshing LDAP group sync page (merge request) GitLab Enterprise Edition
- Remove span to fix button sizing (merge request)
- Make WIP limits button use sentence case (merge request)
- Updating BBM docs to include generators info (merge request)
- Drop non-partitioned FK for ci_running_builds and ci_builds (merge request)
- Drop non-partitioned FK for ci_pending_builds and ci_builds (merge request)
- Make delete action danger variant (merge request)
- Update release version info for direct transfer group relations (merge request)
- Default enable vue_issues_dashboard feature flag (merge request)
- Set traversal_ids on save (merge request)
- Rake task gitlab:db:lock_writes should include table partitions (merge request)
- Add alternative Redis backend for Rack::Attack (merge request)
- Update BulkImport#has_failures attribute when a new failure is created (merge request)
- Creates migration for finalizing ciBuildNeeds BigInt conversion (merge request)
- Remove fallback reads for MultiStore (merge request)
- Remove route_hll_to_snowplow_phase2 feature flag (merge request)
- Add Snowplow instrumentation for secrets usage (merge request) GitLab Enterprise Edition
- Refactor root sha access code (merge request)
change (1 change)
Security
Security wording was detected, but no CVEs were found.
Details
date
March 21, 2023, midnight
name
15.10.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!