GitLab CE - 15.3.0
Security
(2022-08-19)
Added (147 changes)
- Added delete release audit event by @patnaikshekhar (merge request)
- Adds data models for ML Experiment Tracking (merge request)
- Allow access to project-level packages API with CI job token by @nejc (merge request)
- Add tooltip on task item confidential badge (merge request)
- Add recent events to group hooks (merge request) GitLab Enterprise Edition
- Add parent_full_path to GraphQL WorkItemType (merge request)
- Enable job log search (merge request)
- Update task item status icon & add tooltip support (merge request)
- Expose work item timestamps in GraphQL (merge request)
- Add sorting/filtering/paging to CRM contacts by @leetickett (merge request)
- Make fork targets searchable (merge request)
- Add MR Approvals to Project Import/Export (merge request)
- Add alpha detailed_mergeability_status attribute to graphql (merge request)
- Add documentation link for project and group insights (merge request) GitLab Enterprise Edition
- Add GraphQL epic list metadata weight (Alpha) (merge request) GitLab Enterprise Edition
- Add GraphQL timelog categories Alpha schema (merge request)
- Display SCIM identities in the identity table (merge request) GitLab Enterprise Edition
- Provide GraphQL API for select in fork form (merge request)
- Add Fortify on Demand (FoD) SAST template (merge request)
- Add GraphQL sort/filter/page crm contacts by @leetickett (merge request)
- Add support for owasp (merge request) GitLab Enterprise Edition
- Surface work item type in popovers, work item detail view, issue lists (merge request) GitLab Enterprise Edition
- Update task children icon and display count (merge request)
- Track CI build failures with Snowplow (merge request)
- Rollout Datadog logs collection (merge request)
- Update Web IDE tooltip (merge request)
- Add pause logic to Jira imports (merge request)
- Support conversion to and from manual cadence via API (merge request) GitLab Enterprise Edition
- Add support for updating task confidentiality (merge request)
- Add variables to RetryJob mutation (merge request)
- Add MR reviewers to Project Import/Export (merge request)
- Hash OAuth access tokens (merge request)
- Add Pumble integration by @vojko.pribudic (merge request)
- Add support for toggling contact/org states by @leetickett (merge request)
- Add internal API to fetch policies_configuration for agent (merge request) GitLab Enterprise Edition
- Implement mergeRequestSetReviewers mutation (merge request)
- Allow to merge topics [backend] by @wwwjon (merge request)
- Add cyclonedx to job validation schema (merge request)
- Pause batched migrations when WAL pending archive above a threshold (merge request)
- Add
id_tokens
field toci_builds_metadata
(merge request) - Show inherited permission in protected environment (merge request)
- Add merge request assignees to Import/Export (merge request)
- Add async index on ci job artifacts (merge request)
- Add present on default branch to project_id, id index (merge request)
- Add CI_TEMPLATE_REGISTRY_HOST to predefined CI variables by @zhzhang93 (merge request)
- Add state transition entry (merge request) GitLab Enterprise Edition
- Create banner and tool tip (merge request) GitLab Enterprise Edition
- Add timestamp fields to project_statistics table (merge request)
- Add database migration to update deletion adjourned period (merge request)
- Add CI/CD setting for Run pipelines in the parent project (merge request)
- Add dormant user period setting to application settings by @joe-snyder (merge request)
- Add extra information to issue popover (merge request)
- Allow Linked items widget to be collapsible (merge request)
- Add comment to vulnerability_state_transitions (merge request)
- Merge branch 'feat/mr_webhooks' into 'master' (merge request)
- feat: Update SAST-IaC.lates template to support MR pipelines (merge request)
- Enable FF ci_rules_changes_compare (merge request)
- api: Expose merge request reviewers (merge request)
- Allow SE Vue component to install exts (merge request)
- Support updatable automatic scheduling start date (merge request) GitLab Enterprise Edition
- Add CreateFromFindings Service (merge request) GitLab Enterprise Edition
- Support the DORA data source from Insights (merge request) GitLab Enterprise Edition
- Add "Scroll to first failure" button (merge request)
- Allow deletion of deployments via the API (merge request)
- Add search box to artifacts dropdown (merge request)
- Add release link to the tag show page (merge request)
- Add author_id column to vulnerability_state_transitions table by @svdj (merge request)
- Add upgrade status filter for group runners (merge request) GitLab Enterprise Edition
- Replaced local mutation with real mutation (merge request)
- Remove the custom_headers_streaming_audit_events_ui feature flag (merge request) GitLab Enterprise Edition
- Display table of contents in content editor (merge request)
- Allow omniauth username claim to be configurable (merge request)
- Add Authentication options (merge request) GitLab Enterprise Edition
- Add the environment keyword CI/CD template (merge request)
- Enables mr_review_submit_comment by default (merge request)
- GraphQL: Add bulkRunnerDelete mutation (merge request)
- Add support for selective code owner resets by @leetickett (merge request)
- Add all protected branches option to project-level MR approval rules (merge request) GitLab Enterprise Edition
- Add
without_projects
parameter to Topics API by @wwwjon (merge request) - Bulk delete package files (merge request)
- Add tracking of unique CI Tunnel interactions from KAS (merge request)
- Allow users to manage Owners via UI (merge request)
- Enable Changelog API commit limitation by default (merge request)
- Support filtering registries by verification status via GraphQL (merge request) GitLab Enterprise Edition
- Introduce project setting for enforcing auth check on image uploads (merge request)
- Add index for PAT filter by @TrueKalix (merge request)
- Exposed timelog categories through GraphQL by @zillemarco (merge request)
- Add cyclonedx report type (merge request) GitLab Enterprise Edition
- Backup/Restore Rake Tasks to support Decomposed Database (merge request)
- Create service to delete runners in bulk (merge request)
- GraphQL docs: Show descriptions for
:alpha
items (merge request) - Support filtering registries by replication status via GraphQL (merge request) GitLab Enterprise Edition
- Add RedisCommands::Recorder to detect N+1 commmands in Redis (merge request)
- Event type info in group deploy token audit events (merge request) GitLab Enterprise Edition
- Clean up simulate_pipeline feature flag (merge request)
- Show warning when sharing public project with internal group (merge request)
- Added support for links to markdown file code lines by @zillemarco (merge request)
- Better Vuln Feedback pagination implementation per review (merge request) GitLab Enterprise Edition
- Add
ProtectedBranches::CacheService
for efficient caching (merge request) - Index vulnerability reads on filter columns for group-level queries (merge request)
- Show runner projects description and ownership (merge request)
- Upgrade Pages to v1.62.0 (merge request)
- Allow to create tables with JSON (merge request)
- Add unique_project_download_limit_allowlist to namespace_settings (merge request)
- Add Snowplow database changes tracking (merge request)
- Add graphql mutation for deleting file uploads (merge request)
- Vuln Feedback optional pagination review suggestions (merge request) GitLab Enterprise Edition
- Add memory killer running jobs to prometheus (merge request)
- Warn before closing the Diffs if there's a pending batch review (merge request)
- Add models for customizable roles (merge request)
- Add project-link to vulnerability details (merge request) GitLab Enterprise Edition
- Added service to create timelogs by @zillemarco (merge request)
- Implement API to get details of pipelines within a schedule (merge request)
- Make query nesting for the insights YAML (merge request) GitLab Enterprise Edition
- Arrange the indices and PK of security_findings table (merge request)
- Create and edit releases for tags with new form (merge request)
- Add validation to Default Branch Image when parsing CS vulnerability (merge request) GitLab Enterprise Edition
- Add account age to MR experience survey (merge request)
- DOMPurify: Allow links
target
attribute securely (merge request) - Initial add of indeterminate checkboxes to GLFM (merge request)
- Add ability to delete deployments via the API (merge request)
- Add ability for group owner to unban banned users in a group (merge request) GitLab Enterprise Edition
- Implement Vuln Feedback count route to enable intelligent pagination (merge request) GitLab Enterprise Edition
- Enable non-default pagination for vulnerability feedback index (merge request) GitLab Enterprise Edition
- Add labels support to incident timeline events (merge request)
- New Audit Event for custom HTTP header changes (merge request) GitLab Enterprise Edition
- Introduce an onboarding view for GitLab Pages (merge request)
- Add a service to turn a security finding into a vulnerability (merge request) GitLab Enterprise Edition
- Add
namespace_id
tovulnerability_reads
table (merge request) - Create annotated tags in CI using the release:tag_message keyword (merge request)
- Show deployment approval comments (merge request) GitLab Enterprise Edition
- Enable performant artifact expiration by default (merge request)
- Add benchmark timing to search api (merge request)
- Add async index destruction (merge request)
- Import github 'un/assigned' issue events (merge request)
- Add mem_total_bytes gauge to Prometheus (merge request)
- Add background migration to backfill casted_cluster_agent_id (merge request)
- Move agent GitOps access check to core (merge request)
- Add access token information to API log (merge request)
- Expose verification timestamps (merge request) GitLab Enterprise Edition
- Show pipeline parsing error in the Vulnerability Report (merge request) GitLab Enterprise Edition
- Event type information in deploy key audit event (merge request) GitLab Enterprise Edition
- Import github 'de/milestoned' issue events (merge request)
- Show a badge that a release is historical (merge request)
- Support variables in the project property of triggers (merge request)
- Allow last issue board to be deleted via API by @tuxtimo (merge request)
- Enable linear queries (merge request)
Fixed (128 changes)
- Prevent errors saving alerts with non-string inputs for string fields (merge request)
- Unify Personal Access Token expiration behavior (merge request)
- Fix the Consistency Check Maximum Function (merge request)
- Add blame link to the file blob view (merge request)
- Fix JS error and UI for manual vulnerabilities (merge request) GitLab Enterprise Edition
- Refresh task list on parent confidentiality change (merge request)
- Fix board sidebars enter animation (merge request)
- Fix spelling of "address" in several places (merge request)
- Restore label on the email field (merge request)
- Fix stale user highest role stats on dormant user deactivation (merge request)
- Exclude vulnerable dependencies from go.mod (merge request)
- Show failure message when task list fails to load (merge request)
- Fix 500 error when Commit action is missing (merge request)
- Show work items correctly on activity feed (merge request)
- Expire protected branches cache after branch cache expiration (merge request)
- Shifting blank line right should add spaces (merge request)
- docs: Add notice for libravatar in FIPS mode by @tnir (merge request)
- Accept pending invitations for SSO signups (merge request)
- Set correct default for ApplicationSetting#personal_access_token_prefix (merge request)
- Fix global search code search results (merge request)
- Ensure errors deleting a deployment are always returned as bad request (merge request)
- Use Gitlab::Utils::UsageData to count replicables (merge request) GitLab Enterprise Edition
- Fix namespace icon for images with transparent background (merge request)
- Truncate long issue title in tasks (merge request)
- Fix productivity analytics not filters (merge request) GitLab Enterprise Edition
- Fix passing of dry_run to pipeline simulation (merge request)
- Fix overflow in second navbar in group detail top by @tnir (merge request)
- Remove extra space in create MR diff (merge request)
- Geo: Ensure one MetricsUpdateWorker runs at a time (merge request) GitLab Enterprise Edition
- Update commits entry point in Discussions API documentation by @ivan23kor1 (merge request)
- Fix 500 from
ci_variables
field (merge request) - Move admin_protected_environment policy to owners alone (merge request) GitLab Enterprise Edition
- Ignore key modifiers except meta for shifting text (merge request)
- Fix VSA consistency worker cursor generator (merge request) GitLab Enterprise Edition
- Add merge_status to merge request cache key (merge request)
- Clarify Description for SSO enforcement for Git activity in groups (merge request) GitLab Enterprise Edition
- Sanitize sort params in Roadmap (merge request) GitLab Enterprise Edition
- Fix issue description list item reordering indentation (merge request)
- Update pull mirror interval wording by @orozot (merge request) GitLab Enterprise Edition
- Disable toggle editing mode while content editor loads (merge request)
- Update scoped labels template to fix tooltips (merge request)
- Bump Oj to v3.13.20 to fix illegal instruction errors (merge request)
- Handle timeout in Gitlab::Ci::RunnerReleases (merge request)
- Redirect back after rejecting a pending user (merge request)
- Fix the merged at dates being used by the compliance report (merge request) GitLab Enterprise Edition
- Fix VersionInfo.parse when receiving VersionInfo (merge request)
- Follow redirects when doing network requests with
BulkImports::Http
(merge request) - Fix rename_column_concurrently to work with decomposed DB (merge request)
- Fixed return value when token not found by @TrueKalix (merge request)
- This adds a dependency condition to the base auto merge service (merge request) GitLab Enterprise Edition
- Add present on default branch to common_finder_query index (merge request) GitLab Enterprise Edition
- Fix missing file upload progress in GFM footer (merge request)
- Update api endpoint for approval rules (merge request) GitLab Enterprise Edition
- Handle race condition in creating alerts (merge request)
- Restrict to upgrade status filters to Ultimate (merge request) GitLab Enterprise Edition
- Better format MR failed to merge error message in mr widget failed vue (merge request)
- Fix OpenAPI viewer for dark mode by @fabsrc (merge request)
- Reverts the datadog fields DSL refactor (merge request)
- Fix spacing for pipeline editor header buttons by @Anna_pds31 (merge request)
- Change the order of search autocomplete items (merge request)
- Fix paginatable namespace search where users can create projects (merge request)
- Use updated docs link for the Validate tab popover (merge request)
- Upgrade Oj to v3.13.19 to fix a seg fault (merge request)
- Do not group env and folders that share a name on the project env page (merge request)
- Gracefully handle nil created_at values in CI pipelines (merge request)
- Fix emoji autocomplete when leading with a space (merge request)
- Don't allow negative values for pagination (merge request)
- Fix
publish_event
rspec helper (merge request) - Ensures we fetch the stage events when there are no value streams (merge request) GitLab Enterprise Edition
- Fix CI artifact sizes not logged for some runner endpoints (merge request)
- Remove inaccessible artifacts from release evidence (merge request) GitLab Enterprise Edition
- Hide ip address label when ip address is missing (merge request)
- Use
unnested_in_filters
for Group-level vulnerability reads finder (merge request) GitLab Enterprise Edition - Clean build directory before
gitlab:gitaly:install
Rake task (merge request) - Ensures we show the count of selected projects (merge request) GitLab Enterprise Edition
- Add auditor access for group runners (merge request) GitLab Enterprise Edition
- Fix: notify locale on merge request unmergeable by @JeremyWuuuuu (merge request)
- Fix pipeline cancellation not cascading to children (merge request)
- Check group last owner before assigning default membership role (merge request) GitLab Enterprise Edition
- Fix CI_ENVIRONMENT_TIER if tier is updated (merge request)
- Fix issues board list movements (merge request)
- Expose DAST artifact directory (merge request) GitLab Enterprise Edition
- Add present on default branch to project id and id index (merge request) GitLab Enterprise Edition
- Do not show user popover when user is not signed in (merge request)
- Attempting to delete last package file directs user to delete package (merge request)
- Tags search does not work with Gitaly pagination (merge request)
- Fix ActiveRecord::StaleObjectError where pipeline is updated twice (merge request)
- Fixed link on Pages page (merge request)
- Fix URLs in
user_auto_banned_email
(merge request) GitLab Enterprise Edition - Prevent new line insertion while attaching a file (merge request)
- Gracefully handle missing project feature row in API (merge request)
- Make repository analytics graphs responsive (merge request)
- Add two more classes allowed for YAML deserialization (merge request)
- Fix RescheduleBackfillImportedIssueSearchData migration (merge request)
- Show mr pipeline tab when pipelines are enabled (merge request)
- Add tracking event for rendering the error details page content (merge request)
- Prevent guests from assigning issues from notes by @zillemarco (merge request)
- Update vulnerabilities Finder to filter on present on default branch (merge request)
- Upgrade oj to v3.3.18 to fix illegal instruction errors (merge request)
- Fix: notify locale on member invite accepted email by @JeremyWuuuuu (merge request)
- Fix atwho keypress cancel Issue (merge request)
- Fix pipeline cancel to also cancel child pipelines (merge request)
- Replace magic string to constant by @orozot (merge request) GitLab Enterprise Edition
- Disable rate limiting when transferring epics (merge request) GitLab Enterprise Edition
- Remove duplicated false positives alert (merge request) GitLab Enterprise Edition
- Use GitLab UI Tooltip for Environment Metrics Link (merge request)
- Fix workflow rules changes when not using paths (merge request)
- Enable read on demand permission for auditor (merge request) GitLab Enterprise Edition
- Prevent default template from overwriting autosave (merge request)
- The rake task gitlab:db:lock_writes should not lock shared databases (merge request)
- Fix extra leading space in task title created from checklist (merge request)
- GraphQL: Return latest job in Pipeline.job by @roblabla (merge request)
- Fix missing relative_url_root settings update (merge request)
- Fix timestamp of "cloned from" system note (merge request)
- Use
CREATE OR REPLACE FUNCTION
to define vulnerability reads triggers (merge request) - Handle ldap blocking when no servers exist (merge request) GitLab Enterprise Edition
- Select upstream project by default when creating MR from fork (merge request)
- Fixes time in container registry partial cleanup tooltip (merge request)
- Fix epic transfer when transfering a project (merge request) GitLab Enterprise Edition
- Return an error if merge request fails to merge (merge request)
- Fix graphql double fetch (merge request)
- Do not copy awarded emoji when cloning issues (merge request)
- Fixes alignment of package details files action column (merge request)
- Prohibit maintainers from starting trial subscription (merge request) GitLab Enterprise Edition
- Fix incorrect Runner#with_upgrade_status scope (merge request)
- Take lease in UpdateProjectStatisticsWorker (merge request)
- Fix system note timestamp for moved issue (merge request)
- List groups from group shares on project transfer (merge request)
Changed (182 changes)
- Escaping the header search bar closes dropdown (merge request)
- Support owasp security training (merge request)
- Updated incorrect UI link (merge request)
- Fixed outdated runners link (merge request)
- Set skip_rugged_auto_detect to default to true (merge request)
- Render failed job item pills with different background in Pipeline view (merge request)
- Add background to internal notes (merge request)
- Disabled related items expand button when no items (merge request)
- Add collapsing for many invite modal errors (merge request)
- Disable Rugged auto-detection by default (merge request)
- Enable rebase without ci (merge request)
- Avoid usage of toBeTruthy/toBeFalsy in iterations_spec.js by @anshulriyal (merge request)
- Default enable group level protected environment settings (merge request)
- Remove duplicated help link in top bar (merge request)
- Rename methods and variables for clarity and legibility (merge request)
- Simplify project_statistics test for column size (merge request)
- Improvements to the audit events streaming UI (merge request) GitLab Enterprise Edition
- Generate chain of custody CSV reports asyncronously (merge request) GitLab Enterprise Edition
- Dart.gitlab-ci.yml: Switch to new docker image for Dart by @mcmahonjohn (merge request)
- Add tooltip to Tanuki logo (merge request)
- Validate with latest vendored patch schema version (merge request) GitLab Enterprise Edition
- Migrate project branches cards to use pajamas (merge request)
- Show project homepage only in group page package registry view by @parkourkarthik (merge request)
- Release changes for CI Secure Files Geo Replication (merge request) GitLab Enterprise Edition
- Increase animation speed of sticky issue header (merge request)
- Docs: Remove Debian 9 from supported os list (merge request)
- Refactor runner pagination (merge request)
- Enable update_vuln_identifiers_flag by default (merge request)
- Preload and cache child work items (merge request)
- Rename service_id to integration_id (merge request)
- Update linked items widget header (merge request)
- Rename service_id to integration_id (merge request)
- Find superset of descendant scope queries (merge request)
- Adds user callouts dismissed by Project (merge request)
- Update linked item buttons to match tasks (merge request)
- Speed up sidebar transition (merge request)
- Geo Replicables - Add margin to pagination (merge request) GitLab Enterprise Edition
- Fixed outdated text (merge request)
- Event type for squash commit template is updated by @abhi_arora (merge request) GitLab Enterprise Edition
- Rename IssueTrackerData service to integration (merge request)
- Rename IssueTrackerData service to integration (merge request)
- Mark pull mirroring for projects without the license as hard-failed (merge request) GitLab Enterprise Edition
- Geo Replicables - True Up Projects Statuses (merge request) GitLab Enterprise Edition
- Change cost factor for open source (merge request) GitLab Enterprise Edition
- Reformat the user identity table (merge request) GitLab Enterprise Edition
- Remove backend code for attention request notifications (merge request)
- Frontend changes from task to checklist item (merge request)
- Add missing skip_ci param (merge request)
- Remove description html text limit (merge request)
- Remove temp index on project membership namespace id (merge request)
- Remove temp index on project membership namespace id (merge request)
- Remove attention request related API references (merge request) GitLab Enterprise Edition
- Moved
View in admin area
button tooltip placement to top by @PaarthAgarwal (merge request) - Auditor for FOSS edition (merge request) GitLab Enterprise Edition
- Use branches bulk creation for Pull Mirroring (merge request)
- Update custom card to Pajamas compliant alert (merge request)
- Update Users API call was not updating auditor flag for user (merge request) GitLab Enterprise Edition
- Change response of the api PUT /merge when branch unmergable (merge request)
- Get highest level member on members all API call (merge request)
- Add a tooltip to merge requests shortcut (merge request)
- Enable MR discussions HTTP caching by default (merge request)
- Remove description field from new blank project creation (merge request)
- Fixed backfill code to burst root_namespace cache (merge request)
- Update project pages usage card to be pajamas compliant (merge request)
- Remove settings_ci_cd.scss file (merge request)
- Migrate pages domains card to use pajamas compliant version (merge request)
- Event type for framework is deleted (merge request) GitLab Enterprise Edition
- Event type for allow merge on skipped pipeline (merge request) GitLab Enterprise Edition
- Event type for squash option updated (merge request) GitLab Enterprise Edition
- Add checkbox ViewComponent that can be use outside of form builder (merge request)
- Change task list item system note from task to checklist item (merge request)
- Order security_findings by scan_id (merge request) GitLab Enterprise Edition
- Updated retry pipeline jobs button tooltip by @zillemarco (merge request)
- Create a preflight check for MigrationWorker (merge request) GitLab Enterprise Edition
- Create NamespaceDetails table (merge request)
- Update QR code helper to gl-card utility by @yo (merge request)
- Create ci_runner_versions record on demand (merge request)
- Moved the package tags to the sub-header by @zillemarco (merge request)
- Updates package project settings to use side-by-side layout (merge request)
- Remove duplicate association in has_web_hook_shared_examples (merge request)
- Update gitlab-license gem to the latest version (merge request)
- Update plan widgets grey backgrounds (merge request)
- Use primary btn variant for finish review dropdown (merge request)
- Remove service_hook link from SlackMattermostNotifier (merge request)
- Move webhook association from Integration model (merge request)
- Improve false positive alert UX (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.33.0 (merge request)
- Changes styling of timeline icons (merge request)
- Add invite token indications for partial failure (merge request)
- Rename ReplicableStateEnum to ReplicationStateEnum (merge request) GitLab Enterprise Edition
- Replace remove with close on operations dashboard (merge request)
- Move topics location on project overview (merge request)
- Added gl-flex-basis-third style to the cluster creation page by @NIKU-SINGH (merge request)
- Use GlSegmentedControl to switch between Rich/Source text editor by @shamvi050801 (merge request)
- Update preview assets for copy and terminology consistency (merge request)
- Repositioned the insert suggestion button for better visibility by @zillemarco (merge request)
- Add Google Authenticator to 2FA page (merge request)
- Geo Replication - Last verified data (merge request) GitLab Enterprise Edition
- Geo Replicables - Unboxing the UI (merge request) GitLab Enterprise Edition
- Migrate
form_errors
in saml_providers (merge request) GitLab Enterprise Edition - Use refreshed look and feel in group runner view (merge request)
- Refactor description for the IP allow list field (merge request)
- Improve ancestor scope queries (merge request)
- Clean up audit_event_streaming_git_operations_deploy_key flag (merge request)
- Refactor hook log index view (merge request)
- Fix warning when user is unable to create project (merge request)
- Add cloud-based 2FA apps to documentation (merge request)
- Add MigrateSharedVulnerabilityScanners batched migration job (merge request)
- Fix approval visible groups detection (merge request)
- Update PyPI package page with access token docs link by @brianjaustin (merge request)
- Migrate project nothing to compare card to be pajamas compliant (merge request)
- Add info message to Operations Dashboard (merge request) GitLab Enterprise Edition
- Do not display 'Clear cache' dropdown when user isn't permitted to do it (merge request)
- Verify LFS OID (merge request)
- Make ssh_signatures.key_id nullable (merge request)
- Forbid calls with potential to take long sleeps (merge request)
- Sync approvals required after syncing rules (merge request) GitLab Enterprise Edition
- Update metrics settings alert to pajamas (merge request)
- Enable paginated_mr_discussions feature by default (merge request)
- Removed incorrect spacing used by btn-margin-5 variable (merge request)
- Allow Sbom::Occurence.component_version to be nullable (merge request)
- This MR adds header with status of DAST scan (merge request) GitLab Enterprise Edition
- Update alerts to pajamas design system (merge request)
- Move and rename SAML troubleshooting page (merge request)
- GraphQL: Rename CiRunnerUpgradeStatusType (merge request)
- Move feedback issue (merge request)
- This MR allows user to see saved profiles (merge request) GitLab Enterprise Edition
- Add upgrade status badges in runners (merge request) GitLab Enterprise Edition
- This MR adds pipeline rule component (merge request) GitLab Enterprise Edition
- Migrate pages no domains card to be pajamas compliant (merge request)
- Migrate commit list card to be pajamas compliant (merge request)
- Migrate admin notes view partial card to use pajamas compliant version (merge request)
- Migrate pages access card to use pajamas compliant version (merge request)
- Apply secure defaults for access tokens (merge request)
- Update design of security approvals in mr approval settings (merge request) GitLab Enterprise Edition
- Align runner details when viewing runner (merge request)
- Change how ownership works in pipeline schedules (merge request)
- Order list of latest users by descending signup date by @axel-loewe (merge request)
- Convert email badges to a list (merge request)
- Update subgroup creation page (merge request)
- Validate timeline event note on update (merge request)
- Change runner cron job to run daily (merge request)
- Clean up soft_validation_on_external_url feature flag (merge request)
- Collect metrics from all pull mirrors (merge request) GitLab Enterprise Edition
- Create folder for Logs to prepare for nesting of other pages (merge request)
- Update docker logo path (merge request)
- Set required nullable for weight argument (merge request) GitLab Enterprise Edition
- Update UX for attaching files in GFM input fields (merge request)
- Do not disable cadence start date field (merge request) GitLab Enterprise Edition
- Fix ES client for nil password (merge request) GitLab Enterprise Edition
- Imported and used the monaco API explicitly (merge request)
- Modifies storage email notifications delivery (merge request) GitLab Enterprise Edition
- Update google-protobuf to v3.21.3 (merge request)
- Adding Geo support of Project-level Secure Files (merge request) GitLab Enterprise Edition
- Update new list on boards page to match Pajamas specs (merge request)
- Move deployment approval from popover to modal (merge request) GitLab Enterprise Edition
- Trigger KeepAroundRefsCreatedEvent event only if SHAs are passed (merge request) GitLab Enterprise Edition
- Update Salesforce logo for OAuth (merge request)
- Add loading icon to audit event pages (merge request) GitLab Enterprise Edition
- Generate links for escaped content (merge request)
- Update External wiki to use sections (merge request)
- Update JWT OAuth logo (merge request)
- Use #use_open_file for Packages::Debian::ExtractDebMetadataService by @sathieu (merge request)
- Adjust buckets for Pull Mirroring metrics (merge request) GitLab Enterprise Edition
- Bump Gitlab Shell to 14.10.0 (merge request)
- Update database migration helper (merge request)
- Drop /api/v4 suffix in GitLab OmniAuth documentation (merge request)
- Add Gitlab Contribution Cost Factor (merge request) GitLab Enterprise Edition
- Update Discord notifications to use sections (merge request)
- Updated Linked issues to Linked items (merge request)
- Synchronize vulnerability findings temporary index (merge request)
- Allow pagination=none for recursive tree API (merge request)
- Remove log messages (merge request)
- Default enable linear root ancestor query (merge request)
- Add new move to project modal (merge request)
- Migrate card class to Pajamas::CardComponent (merge request)
- Updates puma to 5.6.4 (merge request)
- Remove
personal_access_tokens_scoped_to_projects
feature flag (merge request) - Enable feature flag
approval_rules_pagination
(merge request) - Bump to major version 3 for kics (merge request)
- Use the latest pipeline for a branch instead of (merge request) GitLab Enterprise Edition
- Add allowlisted users to Abuse::ExcessiveProjectsDownloadBanService (merge request) GitLab Enterprise Edition
Deprecated (3 changes)
- Deprecate confidential attribute for notes (merge request)
- Add deprecation warning for Redis 5 by @tnir (merge request)
- Remove build_coverage_regex from project (merge request)
Removed (15 changes)
- Disable support for delayed project deletion for personal projects (merge request) GitLab Enterprise Edition
- Removed unused graphql field issuesCount (merge request) GitLab Enterprise Edition
- Remove shared runner usage tab (merge request)
- Remove clients column (merge request)
- Remove sorting vulnerabilities by report_type (merge request) GitLab Enterprise Edition
- Remove
additional_amount_available
column (merge request) - Removes ci_retry_downstream_pipeline feature flag (merge request)
- Remove the use_keyset_aware_user_search_query FF (merge request)
- Remove uncached_mr_attention_requests_count feature flag (merge request)
- Remove the new_graphql_keyset_pagination FF (merge request)
- Remove pat and ssh enforcement database columns (merge request)
- Remove sorting vulnerabilities by state (merge request) GitLab Enterprise Edition
- Remove unused semver column on ci_runners (merge request)
- Drop migrated_to_new_structure column (merge request)
- Remove streaming_audit_event_headers feature flag (merge request) GitLab Enterprise Edition
Security (22 changes)
- Drop soft enforcement of restricted YAML deserialization classes (merge request)
- Add additional condition to accept invitation
- Prevent users who cannot admin a public project from viewing deploy keys
- Protect Grafana and Sentry integrations
- Check permissions when filtering by contact or organization
- Maintainer can change the visibility of Project and Group
- Protect integration secrets
- Fix IDOR in Jira issue show action
- Do not link unverified secondary emails with any users
- Update gitaly version
- Update Rails to v6.1.6.1 (merge request)
- Update version of Gitaly
- Remove group_bot_user and group_access_token after group delete
- Security datadog integration leaking
- Add html_escape to build_details_entity
- Remove todos from confidential notes when user loses access
- Remove feature flag
ci_yaml_limit_size
- Forbid exchanging access token for ROP flow to users required 2FA setup
- Use author to run subscribed pipeline
- Update GITLAB_PAGES_VERSION
- Remove prohibited branches after project import
- Limit proxied requests to Grafana API
Performance (12 changes)
- Prevent n+1s when fetching epics on big group hierarchies (merge request) GitLab Enterprise Edition
- Move transfer project namespace dropdown to GraphQL (merge request)
- Cleaup import_relation_object_persistence feature flag (merge request)
- Expire branch cache for bulk creation only once (merge request)
- Add index to fix integration metrics performance (merge request)
- Improve loading of blobs from paginated diffs (merge request)
- Skip extra VSA requests when theres no value stream (merge request) GitLab Enterprise Edition
- Increase rendered elements while loading large files (merge request)
- Improve participants loading performance (merge request)
- Improve blob rendering time (merge request)
- Generate links to dependencies in gemspec files (merge request)
- Refresh smaller TTL for highlighting diffs cache (merge request)
Other (70 changes)
- Track pipeline simulation in the pipeline editor (merge request)
- Create Imageable concern for CI Image and Service config by @ali_o_kan (merge request)
- Remove feature flag lfk_automatic_partition_dropping (merge request)
- Clean up attention request related todos (merge request)
- Update google-cloud-env from 1.5.0 to 1.6.0 in /qa by @tnir (merge request)
- Cleanup feature flags and env vars for cross_database_modification (merge request)
- Backfill project import level on namespace settings (merge request)
- Improve Import/Export logs (merge request)
- RuboCop: Enable previously disabled Style/IfInsideElse by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/PercentLiteralDelimiters by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/FormatString by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/EmptyElse by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/GuardClause by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/RedundantInterpolation by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/IfUnlessModifier by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/RedundantRegexpEscape by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/RedundantSelf by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/StringConcatenation by @edith007 (merge request)
- Add links to instance fingerprints by @TrueKalix (merge request)
- RuboCop: Enable previously disabled Style/HashAsLastArrayItem by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/HashEachMethods by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/SymbolProc by @edith007 (merge request)
- Add yml definitions for metric (merge request)
- Update "working with uploads" dev docs (merge request)
- Schedule index removal for security findings (merge request)
- Switch back to license_finder and update to 7.0.1 by @tnir (merge request)
- No-op migrations to backfill namespace/project mirror tables (merge request)
- RuboCop: Enable previously disabled Style/Next by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/MissingRespondToMissing by @edith007 (merge request)
- Remove feature flag incremental_repository_backup (merge request)
- Exclude gin and bluemonday package from dependencies (merge request)
- Update octokit from 4.21.0 to 4.25.1 in /qa by @tnir (merge request)
- Update signet from 0.14.0 to 0.17.0 by @tnir (merge request)
- Update google-cloud-env from 1.5.0 to 1.6.0 by @tnir (merge request)
- Update acme-client from 2.0.9 to 2.0.11 by @tnir (merge request)
- Disable ultimate features for public projects with 1 member and no repo (merge request)
- Rollout use_redis_hll_instrumentation_classes ff (merge request)
- Update Jira Deployment Type by @lenikadali (merge request)
- Remove RequirementsManagement::CreateRequirementService (merge request) GitLab Enterprise Edition
- Improve gravatar service administration docs by @tnir (merge request)
- Use update_work_item mutation for removing WI (merge request)
- Remove enforce_security_report_validation flag (merge request)
- Add partial GIN indexes for issues table (merge request)
- Convert final angle icons to chevrons (merge request)
- Removing the FF remove-fix_sliding_list_partitioning (merge request)
- Remove highlight_diffs_optimize_memory_usage feature flag (merge request)
- Reschedule migration to remove ultimate license from non-public projects (merge request)
- Decrease the urgency of unleash endpoint (merge request)
- Delete FF ci_fix_rules_if_comparison_with_regexp_variable (merge request)
- Bump yajl-ruby gem version (merge request)
- Remove analytics_devops_adoption_codeowners feature flag (merge request) GitLab Enterprise Edition
- Reference forked, FIPS-compatible NGINX (merge request)
- Revert "Merge branch 'mmj-async-all-project-auth-refreshes' into 'master'" (merge request)
- Update cluster details alert to pajamas (merge request)
- Remove pending builds covering index (merge request)
- Disable ultimate features for public projects with no issues and no repo (merge request)
- No-op old migration disable_job_token_scope_when_unused (merge request)
- No-op old migration associate_existing_dast_builds_with_variables (merge request)
- No-op old migration copy_ci_builds_columns_to_security_scans2 (merge request)
- Backfill the
namespace_id
of existingvulnerability_reads
records (merge request) - Delete FF ci_expand_environment_name_and_url (merge request)
- Add start_date to issues table (merge request)
- Use utility classes in test report (merge request)
- Prepare partial issue trigram indexes (merge request)
- Remove FF batch_load_environment_last_deployment_group (merge request)
- Update user API docs to better indicate SaaS availability by @zillemarco (merge request)
- Remove token column from ci_builds table (merge request)
- Drop unused index on ci_builds (merge request)
- Remove FF import_release_authors_from_github (merge request)
- Remove unused feature (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Aug. 19, 2022, midnight
name
15.3.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!