GitLab CE - 15.4.0
Security
(2022-09-21)
Added (162 changes)
- Add git tags from last deployment to environment detail page (merge request)
- Background worker for suggested reviewers (merge request)
- Maven request forwarding (merge request)
- Add edited by information to GraphQL WorkItem type (merge request)
- RPM initial upload and package creation (merge request)
- Add codeOwnerReviewRequired to EE (merge request) GitLab Enterprise Edition
- Added REST APIs to fetch latest release and download release assets by @zillemarco (merge request)
- Add iterations cadences to Gitlab Migration (merge request) GitLab Enterprise Edition
- Expose user and group for branch protection access levels in EE (merge request) GitLab Enterprise Edition
- Add cluster_agent_id and image to GraphQL vulnerabilitySeveritiesCount (merge request) GitLab Enterprise Edition
- Add unique index to ci_builds_metadata (merge request)
- Add job field to ProjectType (merge request)
- Enable search option for environments (merge request)
- Added markdown support for solution (merge request) GitLab Enterprise Edition
- Support delivery of emails using Microsoft Graph API (merge request)
- Expose CI variable limits through GraphQL (merge request)
- Add checkbox supported by Autosave and autosave confidential in Issuable form by @ali_o_kan (merge request)
- Backfill namespace_id on issues table (merge request)
- Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
- Enabling feature flag immediate_delete_subgroup_api by default (merge request)
- Add harbor registry tags page by @orozot (merge request)
- Add the resource state events REST API endpoint for epics (merge request) GitLab Enterprise Edition
- Add last_downloaded_at to packages (merge request)
- Documentation of Move to start/end of list actions (merge request)
- Add monthly count_user_auth metric (merge request)
- Add auth_type to jwt controller tokens (merge request)
- Add column to store over user limit notification status (merge request)
- Domain Verification MVC (merge request) GitLab Enterprise Edition
- Add default project for epics (merge request) GitLab Enterprise Edition
- Extend packages project policy to consider access level by @wwwjon (merge request)
- Add system note service for resource links (merge request)
- Add group shares in group transfer locations API (merge request)
- Removes group_ip_restrictions_allow_global feature_flag (merge request)
- GraphQL query for last and upcoming deployment (merge request)
- Add clear status after dropdown to profile set status form (merge request)
- Migrate merge request review_requested/removed events (merge request)
- Memoize search_environments finder (merge request)
- Add state field to environments varchar name index (merge request)
- Add version sort to tags API (merge request)
- Show better errors from GraphQL on Releases (merge request)
- Debian Acquire-By-Hash (to avoid Hash Sum Mismatch errors) by @sathieu (merge request)
- Add cube proxy API request (merge request)
- Adds endpoints for MLFlow client Run entity (merge request)
- Optimize the pending todos check query (merge request)
- Load more for task assignees when user scrolls (merge request)
- Add pushAccessLevels to graphql endpoint (merge request)
- Add mergeAccessLevels to graphql endpoint (merge request)
- Support variable expansion on environment auto_stop_in (merge request)
- Add dismissal_reason to StateTransitions (merge request)
- Add branchProtection under project.branchRules in graphql endpoint (merge request)
- Updates container registry project settings (merge request)
- Add support for semantic versioning tags sort (merge request)
- New GraphQL mutation for dismiss security finding (merge request) GitLab Enterprise Edition
- Add rpm package type (merge request)
- Update groups api to accept parameter for ip_restriction_range (merge request) GitLab Enterprise Edition
- Allow users to filter issues by health status (merge request)
- Moved assignees to work_items feature flag (merge request)
- Add support for Google CDN (merge request)
- Use ListCommits rpc to fetch context commits by @akumar1503 (merge request)
- Create international phone input component in Vue (merge request) GitLab Enterprise Edition
- Create ultimate feature removal banner (merge request)
- Add basic DORA configuration model (merge request)
- Autosave due_date in Issuable form by @ali_o_kan (merge request)
- Remove not allowed epics properties from issue CSV export (merge request) GitLab Enterprise Edition
- Add View entire blame button (merge request)
- Support $…$ and $$…$$ syntax math in markdown (merge request)
- Add integration status area to the agent details (merge request) GitLab Enterprise Edition
- Add support for sorting project and group members Graphql resolvers (merge request)
- Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
- Add count field to the GraphQL EpicConnection type (merge request) GitLab Enterprise Edition
- Add instrumentation for MAU visiting environments pages (merge request)
- Add edit confirmation popover in sidebar dropdown widget (merge request) GitLab Enterprise Edition
- Adding graphQL parameters for move to start and end for boards (merge request)
- Autosave weight in Issuable form by @ali_o_kan (merge request) GitLab Enterprise Edition
- Move embedded Zoom calls to Linked Resources (merge request) GitLab Enterprise Edition
- Allow the creation of scan result policies (merge request) GitLab Enterprise Edition
- Add ArtifactDestroy GraphQL mutation by @leetickett (merge request)
- Introduce backend updates for toggle of diff preview by @joe-snyder (merge request)
- Add a search bar to the list of assigned projects (merge request)
- GraphQL: Add resolver to runner projects (merge request)
- Add partition_id column to selected CI database tables (merge request)
- Adds first endpoints for MLFlow Integration (merge request)
- Add index to todos the improve query performance (merge request)
- Graphql query for environment information (merge request)
- Allow admins to merge topics [API] by @wwwjon (merge request)
- Add autosave on design notes (merge request)
- Add new Katalon ci/cd template for partnership program by @philip.becker (merge request)
- Add JobArtifactsDestroy GraphQL mutation by @leetickett (merge request)
- Default-enable Pipeline Wizard for pages (merge request)
- Add a work item widget for iteration (merge request) GitLab Enterprise Edition
- Expose dates where DORA data is missing (merge request) GitLab Enterprise Edition
- Rollout shimo integration by @icbd (merge request)
- Add streaming audit event for work item and MR deletion (merge request)
- Add mutation to move to start / end of board lists (merge request)
- Migration for creating ghost_user_migrations table (merge request)
- Add pipelined Redis commands to performance bar (merge request)
- Add hasEpic to issue type (merge request) GitLab Enterprise Edition
- Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
- Make Short Sha in Deployments Page a Link (merge request)
- Add harbor registry list page by @orozot (merge request)
- Monitor memory growth in memory-watchdog (merge request)
- Enable
escape_gitaly_refs
by default (merge request) - Add Debian endpoints for Sources by @sathieu (merge request)
- Add Debian endpoints for D-I Packages by @sathieu (merge request)
- Add support for task item status tooltip (merge request)
- Support Group Avatar Removal in REST API by @tuxtimo (merge request)
- Align namespace of DeployAccessLevel model (merge request)
- Show epics blocking info on list & boards (merge request) GitLab Enterprise Edition
- Create API endpoint to update a protected environment (merge request) GitLab Enterprise Edition
- Add work item weight widget subscription (merge request)
- Add security finding dismiss service (merge request) GitLab Enterprise Edition
- Add branchRules to project in graphql endpoint (merge request)
- Introduce etag caching for diff batches endpoint (merge request)
- Set forked source cost factor to .008 (merge request) GitLab Enterprise Edition
- Add auto_ban_user_on_excessive_projects_download to group settings (merge request)
- Support GraphQL subscription for weight update (merge request) GitLab Enterprise Edition
- Utilize dormant user period in application settings by @joe-snyder (merge request)
- Extend deployments graphql query for index page (merge request)
- Add resource events to Import/Export (merge request) GitLab Enterprise Edition
- Add sorting/filtering/paging to CRM organizations by @leetickett (merge request)
- Add helper method to prevent default action on submit in feature specs by @mehulsharma (merge request)
- Backfill values for cluster_agents.has_vulnerabilities (merge request)
- Display health status on issue board cards (merge request)
- Adds a Cleanup class for unused still-active Personal Access Tokens (merge request)
- Relate
BroadcastMessage
andNamespace
models (merge request) - Adds CiConfigVariableType to ProjectType (merge request)
- Update Import/Export for iterations cadences (merge request) GitLab Enterprise Edition
- Record cache data about api/web cache helpers (merge request)
- Add clusterAgent.vulnerabilityImages to GraphQL API (merge request) GitLab Enterprise Edition
- Allow to specify the fields to search for when querying work items (merge request) GitLab Enterprise Edition
- Support lowercase query string status (merge request)
- Add new instance setting to UI and controller (merge request)
- Support Project Avatar removal in REST API by @tuxtimo (merge request)
- Add external_url field to Environment GraphQL Type by @Taucher2003 (merge request)
- Introduce REST API for group transfer locations (merge request)
- Show alert for email exposure for service desk (merge request)
- Add work type icon to boards and color gray for icons (merge request)
- Implement Vuln Scanner reportTypeHumanized for easier frontend use (merge request) GitLab Enterprise Edition
- REST API for project transfer locations (merge request)
- Re-introduce manual iteration management (merge request) GitLab Enterprise Edition
- Add GraphQL query for deployment details (merge request)
- Add auto_ban_user_on_excessive_projects_download to application settings (merge request)
- Add support for snippet spam (merge request)
- Added loading state to "Commit changes" button in the single file editor by @payal-jain (merge request)
- Allow admins to merge topics [frontend] by @wwwjon (merge request)
- Fetch child epics with colour when FF is enabled (merge request) GitLab Enterprise Edition
- Thread Google Chat messages by topic by @csarva (merge request)
- Add query string filtering (merge request)
- Add Vulnerabilities Finding Create Issue mutation (merge request) GitLab Enterprise Edition
- Add selected state for ellipsis button in last commit (merge request)
- Set public open source cost factor to .5 (merge request) GitLab Enterprise Edition
- Add GraphQL query for deployments (merge request)
- Support line chart for DORA charts (merge request) GitLab Enterprise Edition
- Add GraphQL custom emoji schema, flagged (merge request)
- Provide ability to move a board card to the top/bottom of the list (merge request)
- Enables track_work_items_activity feature flag by default (merge request)
- Add GraphQL sort/filter/page crm organizations by @leetickett (merge request)
- Track CI/CD Tunnel usage (merge request)
- Add present on default branch to project_id_and_id_active_cis index (merge request)
- Log JWT authentication failures (merge request)
- Show tooltip on hover on work item icons (merge request)
- Add Iteration Cadences to Group Import/Export (merge request) GitLab Enterprise Edition
Fixed (163 changes)
- Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
- Fix default date timezone for VSA (merge request)
- Fixing Deduplication of ProcessSyncEventsWorkers (merge request)
- List groups from group shares on project transfer (merge request)
- Remove extra padding on every 8th participant in sidebar (merge request)
- Handle large offset more gracefully (merge request)
- Show add button when user has sufficient permissions (merge request) GitLab Enterprise Edition
- Don't show View entire blame button for a single blame page (merge request)
- Resolve web hook edit page timeout (merge request)
- Fix selective code owner removals by @leetickett (merge request)
- Fix gitaly ref replication on project fork (merge request)
- Add a new ability for reading billable members (merge request) GitLab Enterprise Edition
- Fill missing dates on VSA duration chart (merge request) GitLab Enterprise Edition
- Resetting form doesn't affect submit button (merge request)
- Fix group IP allowlist update bug (merge request) GitLab Enterprise Edition
- Fix 500 error sorting merge requests with approvers by milestone (merge request)
- Show test reports immediately on pipeline tests tab (merge request)
- Improve fast-forward merge service reliability (merge request)
- Fixes spacing for issue widgets (merge request) GitLab Enterprise Edition
- Fix feature flag link in related feature flags (merge request) GitLab Enterprise Edition
- Fixes spacing for design management (merge request)
- Fix json payload for external status check feature (merge request) GitLab Enterprise Edition
- Fix group name in memberships export email (merge request) GitLab Enterprise Edition
- Prevent error when user has approved the merge request by @batu (merge request)
- Fix: locale issues on repository settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Create authroizations record for personal projects (merge request)
- Remove search bar from project/group hook log pages (merge request)
- Fix: milestones sidebar locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Geo: Avoid runaway queue growth (merge request) GitLab Enterprise Edition
- Use distinct location fingerprints for manually created vulnerabilities (merge request) GitLab Enterprise Edition
- Add flex wrap tp prevent aws logo from overflowing by @beverett (merge request)
- Add db fixtures for providers (merge request) GitLab Enterprise Edition
- CI npm template: Fix comparison of pre-release versions by @the_s (merge request)
- Update the Changes tab with the real file count when it loads (merge request)
- Override ancestor icon background for dark mode (merge request)
- Use first day of week in roadmap (merge request) GitLab Enterprise Edition
- Prevent outdated manual deployment jobs from being ran (merge request)
- Remove unintended "#" from push_to_merge_request_email (merge request)
- Fix trial applying bug in .com (merge request) GitLab Enterprise Edition
- Fix paste markdown feature in Content Editor (merge request)
- Improve VSA edit modal responsiveness (merge request) GitLab Enterprise Edition
- Give blob header buttons correct spacing (merge request)
- Fix GitHub import un/assigned events (merge request)
- Fix deploy freezes when period overlaps with itself (merge request)
- Hide Auto DevOps button on the project page (merge request)
- Show visibility level when creating subgroup (merge request)
- Remove hidden checkboxes when not needed (merge request)
- Ensure the VSA duration chart renders all dates (merge request) GitLab Enterprise Edition
- Fix: pipeline reports missing secret detection report by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Fix: repository analytics time rendering locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Geo: Realign concurrency limits (merge request) GitLab Enterprise Edition
- This MR fixes bug with missing banner (merge request)
- Fix environment auto stop in assignment when former value present (merge request)
- Fix: locale on reviewer sidebar by @JeremyWuuuuu (merge request)
- Fix sha argument passing of ProjectType.ci_config_variables (merge request)
- Sort timeline events by occurred_at then by id (merge request)
- Return 0 when credit_card_validation.holder_name is nil (merge request)
- Fix: locale on assignee sidebar by @JeremyWuuuuu (merge request)
- Fix padding for text editors (merge request) GitLab Enterprise Edition
- Switch 'b' shortcut to not ever focus or click an in-page element (merge request)
- Fix boards switcher for unauthorized user (merge request)
- Fix subgroup support for approval rules (merge request) GitLab Enterprise Edition
- Handling Database Timeouts in gitlab:db:truncate_legacy_tables:* (merge request)
- Fix: new compare merge request locale issues by @JeremyWuuuuu (merge request)
- Removed detached prefix from mr pipelines by @leetickett (merge request)
- Prevent race condition when jobs acquire resource groups (merge request)
- Invalidate the merge request cache when assignee/reviewer changes (merge request)
- Fix stage name escaping in pipeline views by @fabsrc (merge request)
- Fix wrapping in source files (merge request)
- Call .length rather than .size so another query isn't executed (merge request)
- Trigger hooks when updating assignees via GraphQL (merge request)
- Multiline blockquote leading/trailing newline (merge request)
- Update region codes on gtag analytics (merge request)
- Fix oauth password to not be forced to be lowercase by @mtan-gitlab (merge request)
- Update squash commit SHA outside of merge method (merge request)
- Fix visual regression in top toolbar (merge request)
- Improve toolbar performance (merge request)
- Clean up orphaned invited members
- Fix parsing commit trailers without specified email (merge request)
- Fix link bubble menu bug (merge request)
- Remove any broken symlink before creating it for .gitlab_shell_secret (merge request)
- Use FIFO as pending builds strategy for group runners by @wwwjon (merge request)
- Fix 500 error for Commits API (merge request)
- Fixed note buttons spacing on issues by @zillemarco (merge request)
- Fix markdown tabs alignment on issue/MR create pages (merge request)
- Geo: Fix redirects of LFS transfer downloads (merge request) GitLab Enterprise Edition
- Fixes todo button in sticky header not working (merge request)
- Fix start_line/end_line link values (merge request) GitLab Enterprise Edition
- Fix page javascript after a deploy token got created (merge request)
- Fix for broken tag/branch switcher (merge request)
- Use dynamic select dropdown on forks form (merge request)
- Fix/Add css selector by @TrueKalix (merge request)
- Fix/Add css selector by @TrueKalix (merge request)
- Enable geo_batch_count feature flag (merge request) GitLab Enterprise Edition
- Save repository size limit set in admin group page correctly (merge request) GitLab Enterprise Edition
- Fix incorrect job artifacts expire_at (merge request)
- Fix language mapping in the Source Viewer (merge request)
- Fix SVGs not rendering in issuables (merge request)
- Do not prefill new form again with successfully created deploy token (merge request)
- Fix custody report CSV for projects inside subgroup (merge request) GitLab Enterprise Edition
- Fix not showing "job dependencies" view when all jobs are bridges (merge request)
- Fix 'Assign yourself' visibility for users without permissions by @zillemarco (merge request)
- Fix missing metadata for system notes (merge request)
- Fix: issue list assignees label translation by @JeremyWuuuuu (merge request)
- Board card location row breaks incorrectly fix (merge request)
- Add screen reader only text to content editor dropdowns (merge request)
- Handle the exception in case of large yml (merge request) GitLab Enterprise Edition
- Fix empty state MR pipeline run (merge request)
- Fix: merge request editing page wrong translations by @JeremyWuuuuu (merge request)
- Update 2FA requirements async for group members (merge request)
- Add missing runner variables to predefined list by @bbodenmiller (merge request)
- Fix search_files_by_name escaping names twice (merge request)
- Automatically remove leading spaces in project names (merge request)
- Fix clear icon alignment (merge request)
- Prevent invalid characters from causing diffs to error out (merge request)
- Removing mixin from mr widget pipeline (merge request)
- Alter when to send releasedAt when release created (merge request)
- Fix broken UI text in selector in dashboard milestones by @tnir (merge request)
- Ensure the VSA form loading state is rendered (merge request) GitLab Enterprise Edition
- Fix hash order issue test in DORA reducer (merge request) GitLab Enterprise Edition
- Improve the performance of bubble menus (merge request)
- Fix missing project for included remote file including with rules:exists (merge request)
- Fix NoMethodError in IssueResolverArguments (merge request)
- Include reserved report_approvers rule names as (merge request) GitLab Enterprise Edition
- Fix board sidebar links color (merge request)
- Fix hardcode text on new branch page by @icbd (merge request)
- Fix nested ordered task list styling in issue description (merge request)
- Add gray color on component icon to fix all use cases (merge request)
- Fix fetching epics when changing sort option (merge request)
- Fix timelog type policy check by @leetickett (merge request)
- Remove extra space after dismissing free cap alert (merge request) GitLab Enterprise Edition
- Localize dateformat text (merge request)
- Improve blame link feature (merge request)
- Skip file removal if GitLab managed replication is disabled (merge request) GitLab Enterprise Edition
- Fixed fullPath for assignees and labels (merge request)
- Open task in new window when doing ctrl/cmd+click (merge request)
- Upgrade three.js dependency (merge request)
- Fix issue searches using Russian characters (merge request)
- Fix: untranslated merge request consent box by @JeremyWuuuuu (merge request)
- Remove redundant class name from group template by @tnir (merge request)
- Added lowercase to the actual con-reg api call (merge request)
- Fixed alignment of MR activity dropdowns on mobile by @zillemarco (merge request)
- Handle all uploads instead of a hardcoded list (merge request)
- Bypass earliest date validation in importing of iteration cadences (merge request) GitLab Enterprise Edition
- Fix Geo removing uploads on object storage (merge request) GitLab Enterprise Edition
- Set all attachments to Content-Type application/octet-stream (merge request)
- Do not update approval rules for merge request (merge request) GitLab Enterprise Edition
- Rake Task gitlab:db:lock_writes more efficient (merge request)
- Update subscription service for new hashed OAuth tokens (merge request) GitLab Enterprise Edition
- Ignore accents in search term when searcing issues (merge request)
- Update Oj to v3.13.21 (merge request)
- Make compliance report email
html_safe
(merge request) - Quick fix for the move to position (merge request)
- Fix Redis pipeline/multi-exec deprecation errors (merge request)
- Geo: Fix registry backfilling (merge request) GitLab Enterprise Edition
- Fix user recent activity links for work item actions (merge request)
- Restore transaction block while extracting sync (merge request) GitLab Enterprise Edition
- Fix issue description list item reordering indentation (merge request)
- Fix boards alignment and dark mode issues (merge request)
- Fix visual bugs from !95073 (merge request)
- Fix CI/CD legacy variables fetching group projects (merge request)
- Hide copy failed tests button when endpoint returns null files (merge request)
- Fix detection of URLs in markdown selection (merge request)
Changed (167 changes)
- Rename last_run_date to next_run_date (merge request)
- Update pg_query to v2.1.4 (merge request)
- Convert issues analytics table to graphql by @ali_o_kan (merge request) GitLab Enterprise Edition
- Hash Oauth application secrets (merge request)
- Fix: notify locale on new user email by @qt-gith (merge request)
- Cleanup attention request related system notes (merge request)
- Remove temp index group membership namespace id (merge request)
- Add graphql feature flag for job_app (merge request)
- Account for inherited runners in RunnerPolicy (merge request)
- Allow job token configuration while disabled by @ali_o_kan (merge request)
- Use a stacked layout for runners list (merge request)
- Adjust codequality inline severity icon (merge request) GitLab Enterprise Edition
- Add project harbor registry feature flag by @orozot (merge request)
- Fix: notify locale on pipeline fixed email by @qt-gith (merge request)
- Hide information for blocked user in popover (merge request)
- Add new MR environment auto-stop logic (merge request)
- Add epoch column to rpm metadata (merge request)
- Merge branch '359067-rename-package-files-to-assets' into 'master' (merge request)
- Add bot badge in user list for admins (merge request)
- Issuable title updates no longer update last_edited values (merge request)
- Move Google IP fetch into a separate service with rate limiting (merge request)
- Fix: notify locale on remote mirror update failed email by @qt-gith (merge request)
- Enable restyle_login_page by default (merge request)
- Changed draft text by @mehulsharma (merge request)
- Use default project for epic issue creation (merge request) GitLab Enterprise Edition
- Add bot badge in project and group member lists (merge request)
- Feat(Subscripion activation): add error handling (merge request) GitLab Enterprise Edition
- Adds redirection when cleanup policy is saved (merge request)
- GraphQL Max Call field extension (merge request)
- Update SubscriptionUpgradeInfoCard title when group is in a trial (merge request) GitLab Enterprise Edition
- Move file editor CSS to its own page bundle (merge request)
- Remove the markdown_corrected_blockquote (merge request)
- Unlock CI pipeline artifacts when pipeline is unlocked (merge request)
- Updated show work item page title (merge request)
- Remove exess buttons (merge request)
- Update default initializer value for Sidekiq routing_rules (merge request)
- Update Service Desk settings help text (merge request)
- Update Service Desk settings help text (merge request)
- Mass update legacy Slack integrations (merge request)
- Update third party login styles (merge request)
- Narrow the definition of an OSS contribution (merge request)
- Allow to sort tags by semantic version (merge request)
- Splits feature flag for removing note attributes (merge request) GitLab Enterprise Edition
- Rename last_used_before scope to last_used_before_or_unused by @TrueKalix (merge request)
- Add prefix comment on note in backend (merge request)
- Update license compliance docs (merge request) GitLab Enterprise Edition
- Add setting for max pages custom domains per project (merge request)
- This MR enables feature flag (merge request) GitLab Enterprise Edition
- Simplify primary navigation bar and align global search to the left (merge request)
- Simplify primary navigation by removing infrequently used options (merge request)
- Removed vuln training message (merge request) GitLab Enterprise Edition
- Removed and-Separators with comma-separators by @anshulriyal (merge request)
- Cleanup «New tag» page (merge request)
- Pipeline job pill alignment (merge request)
- Update controller update to allow clean MD render (merge request)
- Lower the default Rails.cache ttl to 8 hours (merge request)
- Improve account limit settings text (merge request)
- Update dependency auto-deploy-image to v2.37.0 (merge request)
- Improve UI text of FloC setting (merge request)
- Fix: notify locale on push to merge request email by @qt-gith (merge request)
- Remove extra whitespace in buildkite.rb (merge request)
- Update group runners Edit page look and feel (merge request)
- Update removal date in clusters deprecation alert (merge request)
- Replace the term homepage with dashboard (merge request)
- Dropzone: Change border-radius to default radius (merge request)
- Call update_web_hook! for buildkite when ensuring ssl validation (merge request)
- Update copy text for self metrics toggle (merge request)
- Add locked column to Ci::PipelineArtifact (merge request)
- Advanced Search: Index label_ids for issues (merge request) GitLab Enterprise Edition
- Remove after_save callback to create integration webhooks (merge request)
- Replace Wiki service find_page RPC by normal repository RPCs (merge request)
- Add column 'branch_filter_strategy' to 'web_hooks' by @luzhiyuan.deer (merge request)
- First pass legacy license compliance widget removal (merge request) GitLab Enterprise Edition
- Remove file edit actions from blame view (merge request)
- Fix: notify locale on resolved all discussions email by @qt-gith (merge request)
- Handle 429 response for the integration testing (merge request)
- Improve bulk issue creation on epics (merge request) GitLab Enterprise Edition
- Limit number of branches/tags loaded from Gitaly (merge request)
- EE Group Settings General headers expand on click by @quatauta (merge request) GitLab Enterprise Edition
- Fix case of DAST UI text (merge request) GitLab Enterprise Edition
- Fix migration type (merge request)
- Update packages registries menu as sentence case by @parkourkarthik (merge request)
- Allow tokens with any scope to use the self-revocation API by @fabsrc (merge request)
- Update Runner UI badges (merge request)
- Add days as unit to VSA duration chart (merge request) GitLab Enterprise Edition
- Do not show revoke button if revoke_path is absent (merge request)
- Change code block border-radius to default (merge request)
- Hide mirror repos list when not available by @parkourkarthik (merge request)
- Modify scope to avoid table join (merge request)
- Conclude the combined registration experiment (merge request) GitLab Enterprise Edition
- Cleans up the edit form for issuables (merge request)
- This MR adds warning modal for unsaved changes (merge request) GitLab Enterprise Edition
- Destroy invalid project members (merge request)
- Update successful plan purchase message and variant (merge request) GitLab Enterprise Edition
- Remove s3_omit_multipart_urls feature flag (merge request)
- Feat: Increase stats margin on the project home page by @nadia_sotnikova (merge request)
- Add vulnerability_advisories and vulnerable_component_versions tables (merge request)
- Update blocking issues system note text (merge request) GitLab Enterprise Edition
- Refactored time tracking widget to be more reactive by @zillemarco (merge request)
- Use the standard dynamic segment for Debian packages by @sathieu (merge request)
- Add similar credit cards counts to external PVS payload (merge request)
- Edit profile tooltip for style compliance (merge request) GitLab Enterprise Edition
- Reset access token form selectively (merge request)
- Show an additional warning text on SaaS for removing license (merge request) GitLab Enterprise Edition
- Change text Elasticsearch to OpenSearch in AWS search service config (merge request) GitLab Enterprise Edition
- Update stackprof to v0.2.21 (merge request)
- Hide Register Runner button when user is not permitted to do the action (merge request)
- Update case for Manually added text (merge request) GitLab Enterprise Edition
- Show deployment approval options for read access (merge request)
- Always show deployment approval options (merge request) GitLab Enterprise Edition
- Updates UI for package duplicate settings (merge request)
- Clarify lifetime setting that affects all tokens (merge request) GitLab Enterprise Edition
- Add environment tier to allowed agents API response (merge request)
- Removes spacing from system note (merge request)
- Hide create project tile for some users (merge request)
- Remove FF for seat count usage alerts (merge request) GitLab Enterprise Edition
- Adds skeleton loader to Usage Quotas Seats page (merge request) GitLab Enterprise Edition
- Expose ci_job_token_scope_enabled in job API by @paulbry (merge request)
- Remove the Show Details button for Deployments (merge request)
- Changes column width on package side by side settings (merge request)
- Update tabs line-height to match Pajamas (merge request)
- Event type information in saml auth audit event stream (merge request) GitLab Enterprise Edition
- Extend approvers_select component to group level (merge request) GitLab Enterprise Edition
- Updated copy around tasks (merge request)
- Move Slack Events code to EE (merge request) GitLab Enterprise Edition
- Add description_html to SecurityReportFindingType (merge request) GitLab Enterprise Edition
- Update Puma to v5.6.5 (merge request)
- Disallow the rebase without pipeline on certain settings (merge request)
- Rename existing task system notes (merge request)
- Dont generate pipeline reports if the base pipeline is not complete (merge request)
- Add generic cost factor logging (merge request) GitLab Enterprise Edition
- Update error message (merge request) GitLab Enterprise Edition
- Update breadcrumbs of packages and registries under settings by @parkourkarthik (merge request)
- Add prefix to trigger tokens (merge request)
- Remove execute_build_hooks_inline feature flag (merge request)
- Autocomplete dropdown optimization (merge request)
- Fix canary badge styling (merge request)
- Enable async_after_approval feature flag (merge request)
- Combine sort and filter into one dropdown (merge request)
- Use static terraform-images version in Terraform template (merge request)
- Don't create
EE::Member
audit events when there is no change (merge request) GitLab Enterprise Edition - Update haml-lint to v0.40.1 (merge request)
- Highlight runner name and move locked icon (merge request)
- Update thrift to v0.16.0 (merge request)
- Use ProtectedBranch service to destroy the branch (merge request)
- Extract 'read_package' rule into separate policy by @wwwjon (merge request)
- Remove self managed wiki notes (merge request)
- This MR adds schedule rule component (merge request) GitLab Enterprise Edition
- Change the way autoclosing issues is checked (merge request)
- Reduce header and footer height of comments (merge request)
- Update redis gem to v4.7.1 (merge request)
- Update Cluster Managed project template (merge request)
- Redesign runners stats (merge request)
- Allow verification token when creation external audit event destination (merge request) GitLab Enterprise Edition
- Replace native date input field to
GlDatePicker
(merge request) - Geo Replicables - Enhaced Empty States (merge request) GitLab Enterprise Edition
- Consolidate pipeline mini graph code (merge request) GitLab Enterprise Edition
- Move Group Push Rules to Settings/Repository (merge request) GitLab Enterprise Edition
- Query group descendants using comparison operators (merge request)
- Disable DAST profile name field when configured (merge request) GitLab Enterprise Edition
- Add job logs collection to Datadog Integration by @AdrianLC (merge request)
- Reorganize runner tags in runners table (merge request)
- Add support for MulanPSL-2.0 in license detection by @tnir (merge request)
- Destroy invalid group membership records (merge request)
- Allow Invite button to be enabled by default (merge request)
- Add skip_users as param for members rest api (merge request) GitLab Enterprise Edition
- Rename web_hooks service_id to integration_id (merge request)
Deprecated (5 changes)
- Deprecate draft quick action toggle (merge request)
- Add feature flag for /draft toggle (merge request)
- GraphQL: Deprecate RunnerMembershipFilter (merge request)
- Document CS environment variable deprecations (merge request)
- Deprecate security related
confidence
fields (merge request) GitLab Enterprise Edition
Removed (17 changes)
- Remove unused VSA aggregation DB columns (merge request)
- Analyzer consolidation in SAST CI template (merge request) GitLab Enterprise Edition
- Remove free user cap awaiting user logic (merge request)
- Remove nonexistent index from schema (merge request)
- Remove awaiting members from billable user finder (merge request) GitLab Enterprise Edition
- Put DAST Basic-auth option behind feature flag (merge request) GitLab Enterprise Edition
- Weekend migration for dropping an empty index (merge request)
- Remove pipeline insights experiment (merge request)
- Remove mr_attention_requests feature flag (merge request)
- Remove temporary todos index for attention request (merge request)
- Remove unused /scan_execution_policies internal API (merge request) GitLab Enterprise Edition
- Drop Project#build_coverage_regex (merge request)
- Remove other_role column from user_details (merge request)
- chore: Cleanup report_artifact_build_completed FF (merge request)
- Remove the use_vsa_aggregated_tables FF (merge request) GitLab Enterprise Edition
- Deprecations in SAST template (merge request)
- Remove tmp_index_merge_requests_draft_and_status (merge request)
Security (19 changes)
- No overriding methods for Sawyer class
- Optimize handling repositories with huge trees
- HTML escape the label background color
- Fix unauthorized GFM references in Incident Timeline
- Sandbox jupyter notebook HTML output
- Prevent long loops when generating suggested branch name
- Validate description length for snippets
- Prevent brute force vuln for Git over HTTP(S) requests
- Replaced smooshpack to fix the vulnerability in LivePreview
- Check for pathological markdown input
- Update package auth for group IP allowlist
- IDOR in Zentao integration issue show page
- Patch VULNDB-255039 (potential Rack cache poisoning)
- Don't show pipeline status
- Parse commit trailers without using regexp
- Sanitize img attributes in Banzai::Filter::ImageLinkFilter
- Validate if values to be saved in Redis can be converted to string
- Enable SSL certification verification by default with Fog access (merge request)
- Update diffy to v3.4.2 (merge request)
Performance (19 changes)
- Optimize GraphQL next page check (merge request)
- Introduce rate-limiting for namespace exists API (merge request)
- Optimize contribution analytics queries (merge request) GitLab Enterprise Edition
- Broadly restrict downstream pipeline tree size (merge request)
- Remove ci_namespace_mirrors sync_children_namespaces (merge request)
- Remove Workhorse pubsub feature flags (merge request)
- Place trial creation on user registration in background (merge request) GitLab Enterprise Edition
- Speed up environments search (merge request)
- Refactor diff_view to include diff_line (merge request)
- Enable async project authroizations by default (merge request)
- Remove the feature flag remove_branch_caching_feature_flag (merge request)
- Add performance optimization for Insights queries (merge request)
- Introduce rate-limiting for namespace exists API (merge request)
- Place learn gitlab creation into background and measure (merge request) GitLab Enterprise Edition
- Prevent CounterJobWorker from exceeding 300 seconds (merge request)
- Fix N+1 in runner jobs API (merge request)
- Update container repositories migration index (merge request)
- Drop database_async_index_creation feature flag (merge request)
- Skip repository disconnect if project is pending delete (merge request)
Other (54 changes)
- RPM initial upload and package creation (merge request)
- Remove feature flags for tracking jetbeans and cli api requests (merge request)
- Helper to convert a table to its first partition (merge request)
- Workhorse: Bump gitaly version (merge request)
- RuboCop: Enable previously disabled Style/BarePercentLiterals by @edith007 (merge request)
- Enable FF ci_stop_expanding_file_vars_for_runners (merge request)
- Add internal column to notes (merge request)
- Clean up attention_requested states (merge request)
- Reschedule work_item_type backfill on issues (merge request)
- Disable ultimate for projects less than 1 MB in size (merge request)
- Remove duplicated % in sprintf (merge request)
- Update the Harbor registry doc by @zhaoqi01 (merge request)
- Remove FF group_level_protected_environment_settings_permission (merge request)
- Cleanup rebalance_issues feature flag (merge request)
- Quarantine flaky test in redis_interceptor_spec.rb (merge request)
- Remove find_epics_performance_improvement feature flag (merge request) GitLab Enterprise Edition
- Add menu headers in primary navigation dropdown (merge request)
- Remove redis caching for diff_batches endpoint (merge request)
- Update the Harbor registry doc by @zhaoqi01 (merge request)
- Remove unnecessary gl-alert-dismiss class (merge request)
- Add the Harbor registry doc by @zhaoqi01 (merge request)
- Remove GITLAB_LEGACY_BACKGROUND_UPLOADS (merge request)
- Remove user callouts that are related to attention request (merge request)
- Add not null constraint for board recent visits columns (merge request)
- Remove feature flag
inactive_projects_deletion
(merge request) - Remove reads from ci_builds.stage (merge request)
- Improve error message while validating config/database.yml (merge request)
- Delete the FF ci_variable_for_group_gitlab_deploy_token (merge request)
- Geo: Remove geo_file_transfer_validation FF (merge request) GitLab Enterprise Edition
- Create partitioned
security_findings
table (merge request) - Prevent updating requirement deprecated attributes (merge request) GitLab Enterprise Edition
- Finalize removal of incorrect issue indexes (merge request)
- Refactor Groups Rest API to use workhorse for avatar upload by @tuxtimo (merge request)
- Fix flaky tests in ee/spec/models/ee/group_spec.rb (merge request) GitLab Enterprise Edition
- Change copy on issues empty state for logged users by @pjjakubowska (merge request) GitLab Enterprise Edition
- Remove not null constraint for confidence columns (merge request)
- Add extended open issues index (merge request)
- Use the new mergeability check framework (merge request)
- Migrate cadence start date to automation start date (merge request)
- Cleanup old work item type id backfill on issues table (merge request)
- Vertically align the revoke button (merge request)
- Remove registry deploy_token feature flag (merge request)
- Remove code to limit inviting groups in hierarchy for free user cap (merge request)
- Use keyset pagination for Tags API (merge request)
- Rake Task to truncate Legacy tables on Main and CI Database (merge request)
- Remove the feature flag ci_docker_image_pull_policy (merge request)
- Move data-reference-type attribute into a constant (merge request)
- Improve how fields can bre preloaded for WidgetInterface (merge request)
- Avoid using group's web_url in issue_analytics QA by @tnir (merge request)
- Update trial alert to follow design system (merge request) GitLab Enterprise Edition
- Fix group authorization when searching epics (merge request) GitLab Enterprise Edition
- Drop unused security findings index (merge request)
- Improve specs with shared examples (merge request) GitLab Enterprise Edition
- Fix Style/Next offenses (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Sept. 21, 2022, midnight
name
15.4.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!