GitLab CE - 15.5.0
Security
(2022-10-21)
Added (159 changes)
- Render labels correctly in content editor (merge request)
- Add "use_legacy_web_ide" to "user_preferences" (merge request)
- Set default compliance framework during project creation (merge request) GitLab Enterprise Edition
- Expose
created_by
in the Users API (merge request) - Add models for tag and tag links (merge request)
- Adding migration for backfilling namespaces metadata (merge request)
- Add metrics for projects with applied scan result policies (merge request) GitLab Enterprise Edition
- Moved label and date widgets out of FF (merge request)
- Add GraphQL field to preview billable user changes (merge request) GitLab Enterprise Edition
- Additional Gitlab::Json method aliases (merge request)
- Enhance review app modal instructions (merge request)
- [18052] Gitlab import: Issue attachments (merge request)
- Namespace package forward settings in GraphQL (merge request)
- Allow automatic runner authentication token rotation (merge request)
- Add RaspberryPi OS 11 (Bullseye) to the list of supported OS (merge request)
- Add bulk destroy mutation for Packages (merge request)
- Add approvalProjectRules to graphql endpoint (merge request) GitLab Enterprise Edition
- Track work item iteration update (merge request) GitLab Enterprise Edition
- Add environment key to pages jobs by @k0jak (merge request)
- Sync profile fields to user_details and truncate by @brianjaustin (merge request)
- [373705] Configurable optional stages list API (merge request)
- Add scan file path to dast site profile (merge request)
- Removed upload_size from storage_size (merge request) GitLab Enterprise Edition
- Add GIT_SUBMODULE_PATHS documentation by @bollenn (merge request)
- Show edited at for work item descriptions (merge request)
- Add health status filter on issue boards (merge request) GitLab Enterprise Edition
- Autogenerate OpenApi using grape-swagger (merge request)
- Create API to fetch all Github organizations for the user (merge request)
- Only merge when all the status checks have passed (merge request)
- Improved CRM contacts autocomplete service to include state and set by @zillemarco (merge request)
- Add metrics for groups with assigned security policy project (merge request) GitLab Enterprise Edition
- Add metrics for merge requests witj applied scan result policies (merge request) GitLab Enterprise Edition
- Enable JWT authentication for Gitlab Shell (merge request)
- Add new storage type for DSL field (merge request)
- Prepare async index for index on author_id and id in merge_requests (merge request)
- Map 'Require pull request before merging' GitHub rule with access_levels (merge request)
- Add default_compliance_framework_id column to namespace_settings table (merge request)
- Autocomplete support for work items (merge request)
- Feature password expiration migration by @qt-gith (merge request)
- Disable creation of all types of personal tokens with FIPS enabled (merge request) GitLab Enterprise Edition
- After a milestone from the new release form, redirect back (merge request)
- Add cancel projects import from github (merge request)
- Support for suggestions in content editor (merge request)
- Prepare index async for merge requests on author and target project id (merge request)
- Add an owner of a runner to the runners list (merge request)
- Trigger mergeRequestMergeStatusUpdated when MR gets closed (merge request)
- Add support for quick actions in content editor (merge request)
- Allow admins to limit registration of project and group runners (merge request)
- Speed up usage ping count for projects with incident SLAs enabled (merge request)
- Include release ci variables (merge request)
- Map 'Require signed commits' GH rule with project's push_rule attribute (merge request)
- Adding remaining MLFlow endpoints (merge request)
- Add pipelineScheduleDestroy mutation by @batu (merge request)
- Add Push Rule for DCO Signoff (merge request) GitLab Enterprise Edition
- Add jitsu key to project when created (merge request)
- Add metrics for projects with assigned security policy project (merge request) GitLab Enterprise Edition
- Consume Google Cloud Services within GitLab (merge request)
- Update requirement verification status mutation (merge request)
- Filter group runners by tags (merge request)
- [18052] Support img tags in GitHub markdown attachment importers (merge request)
- [18052] Gitlab import: note attachments (merge request)
- Authentication in private registry in code quality (merge request)
- Add user preference to turn off automatically adding a new list item (merge request)
- Add free_user_cap_over_limit_notified_at to NS details (merge request)
- Add Geo::ProjectWikiRepositoryState model (merge request) GitLab Enterprise Edition
- Add project_wiki_repository_states table (merge request)
- Delete orphaned operational vulnerabilities (merge request)
- Add migrated_to_state_transition column (merge request)
- Destroy invalid members (merge request)
- Add advanced settings support to import projects Vue app (merge request)
- Allow admins to delete runners in bulk (merge request)
- Trigger mergeRequestMergeStatusUpdated when MR marked as draft/ready (merge request)
- Create tmp index members on id where namespace id null (merge request)
- Add avatar to user dropdown items (merge request)
- Enable issuable_description_updated subscription in GraphQL (merge request)
- Add project_wiki_repository_states table (merge request)
- Add health filter for board lists (merge request) GitLab Enterprise Edition
- Add labels widget input to work item update mutation (merge request)
- Show empty state for external CI config in pipeline editor (merge request)
- Add inbound_job_token_scope to ci cd settings (merge request)
- Remove FF email_for_two_factor_otp_failure (merge request)
- Add DORA4 charts to Insights by default (merge request) GitLab Enterprise Edition
- Add the ability to sort iterations by due date (merge request) GitLab Enterprise Edition
- feat: Add resolved_on_default_branch index to vuln reads (merge request)
- Add glm values for trials (merge request)
- Add isDefault to BranchRule type objects in GraphQL endpoint (merge request)
- Remove forward_deployment_enabled feature flag (merge request)
- RpmRepositoryFile model with uploader and spec (merge request)
- Add X-Gitlab-Instance header to webhooks (merge request)
- Add support for emojis suggestions (merge request)
- Add Scheduled badge to pipeline detail view by @Taucher2003 (merge request)
- Add migration for direction column of ci scope (merge request)
- Trigger mergeRequestReviewersUpdated when reviewer state change (merge request)
- REST API filter issues by any/none health status (merge request) GitLab Enterprise Edition
- Add mailer with templates (merge request) GitLab Enterprise Edition
- Enable Releases feature toggle (merge request)
- Disable all types of personal access tokens when FIPS enabled (merge request) GitLab Enterprise Edition
- Add resource groups API endpoint to list upcoming jobs (merge request)
- Enable skip_default_scope_for_events FF by default (merge request)
- Add suppport for suggestions in content editor (merge request)
- Trigger mergeRequestReviewersUpdated subscription when reviewers change (merge request)
- Shift
can_create_group
to ApplicationSetting (merge request) - Create table and model to store user's phone number validations (merge request)
- Map 'Require conversation resolution' GitHub rule with project setting (merge request)
- Add ci_pipeline_metadata table to hold title strings (merge request)
- Add and fill foreign key for approval rules (merge request) GitLab Enterprise Edition
- Add timing when we use caching in certain api/controller endpoints (merge request)
- Add timing for mergeability checks (merge request)
- Support GraphQL subscription for iteration assignment (merge request) GitLab Enterprise Edition
- Add unprotectAccessLevels to EE graphql endpoint (merge request) GitLab Enterprise Edition
- Jitsu/GitLab Connection PoC (merge request)
- Project setting for suggested Reviewers (merge request)
- Add CI_JOB_NAME_SLUG predefined CI variable by @jdoubleu (merge request)
- Allow users to create annotated tags from release (merge request)
- Allow autosaving wiki content (merge request)
- Send email notification when a personal access token is revoked (merge request)
- GraphQL: Add ALL_AVAILABLE membership value (merge request)
- Include tag specific additional CI variables (merge request)
- Prepares ci_builds_metadata to partitioning (merge request)
- Email user when their 2FA OTP attempt is wrong (merge request)
- Backfill epic cache counts (merge request)
- Adds log-parameter and log-batch MLFlow endpoints (merge request)
- Prepare async index for vulnerability reads location image (merge request)
- Add issuableDescriptionUpdated to the GQL subscription type (merge request)
- Expose if user can mark notes as confidential (merge request)
- Add Any and None options to filter issues by health status (merge request)
- Expose BulkImports::Failure#exception_message in the API (merge request)
- Add real time capability for work item assignees widget (merge request)
- Support secure schemas version 15.0.2 (merge request) GitLab Enterprise Edition
- Add X-Gitlab-Instance header to webhooks (merge request)
- Display blocking items on Roadmap (merge request)
- Fetch Iteration widget as well for work items type task (merge request)
- Add unique indexes to facilitate bulk upserts (merge request)
- Add note when child epic gets moved (merge request) GitLab Enterprise Edition
- Add jobs endpoint by @TrueKalix (merge request)
- Add glm values for trials (merge request)
- Allow epics having child issues from different group hierarchies (merge request) GitLab Enterprise Edition
- Schedule index removal for ci_builds_metadata (merge request)
- Add GET /personal_access_tokens/self endpoint (merge request)
- Add a timeline event preview markdown endpoint (merge request)
- Add indexes to ci_builds_metadata (merge request)
- Metrics for GitLab for Jira App (merge request)
- Display permission alert on epic tree count popovers (merge request) GitLab Enterprise Edition
- Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
- Use Google CDN if enabled for CI job artifacts (merge request)
- Adds LogMetric endpoint to MLFlow (merge request)
- Frontend for Environment Search (merge request)
- Add pipeline_schedule GraphQL type (merge request)
- Added straight mode to compare view by @DracoBlue (merge request)
- Show Slack App Home (merge request)
- Show “Merged date” sort option for dashboard MRs (merge request)
- Extend GraphQL query for protected environments (merge request) GitLab Enterprise Edition
- Add source_id to BulkImports::Entity table (merge request)
- Add filters for PAT by @TrueKalix (merge request)
- Add group shares in group transfer locations API (merge request)
- Add any, none filters for issue health status (merge request)
- Add any, none filters for issue health status (merge request)
- Add REST API filters for issue health status (merge request)
- Add REST API filters for issue health status (merge request)
Fixed (164 changes)
- Fix: locale on sidebar items when collapsed by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Don't fail project export if upload file doesn't exist (merge request)
- Prevent JobArtifactsDestroy whilst refreshing by @leetickett (merge request)
- GitLab Version - Properly track link clicks (merge request)
- Fix naming issue with Test Summary widget (merge request)
- Ensure current user owns table to partition (merge request)
- Check for path traversals in the debian distribution regex by @sathieu (merge request)
- Fix spurious requests when viewing PDF blobs (merge request)
- Pass additional_params to search API logging (merge request)
- Fix scoped label styles in activity feed (merge request)
- Gitlab Migration - retry ExportRequest & RequestStatus network requests (merge request)
- Fix 500 error when namespace path is a negative integer (merge request)
- Prevent outdated deployments from running before execution (merge request)
- Persist page size for group migration (merge request)
- Use configured namespace when generating Kubeconfig (merge request)
- Add the labels to the cache key for merge request api (merge request)
- Don’t append base to links with old wiki path (merge request)
- Ensure schemas are up-to-date after migration tests complete (merge request)
- Fix broken trial registration spec (merge request) GitLab Enterprise Edition
- Fixed commit messages not wrapping when too long by @zillemarco (merge request)
- Hide Reviewers Edit Button when no permissions by @Taucher2003 (merge request)
- Allow grouping more than 1 label of same scope in iteration reports (merge request)
- Fix site profile edit with empty fields (merge request) GitLab Enterprise Edition
- Fix remove epic modal to include children info (merge request) GitLab Enterprise Edition
- Fix: locale on todo filter by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Remove auto_accept_terms from OAuth::User (merge request)
- Fix alignment of internal note header (merge request)
- Fix glm param dropping in the company controller (merge request) GitLab Enterprise Edition
- GitLab Version - Properly import on dashboard (merge request)
- Fix internal note background styling when using dark mode (merge request)
- Fix alignment issues on agent activity list (merge request)
- Add internal_id allocation for GitHub Import (merge request)
- Show error when removing epic or issue from epic (merge request)
- Fix: admin subscription time format locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Fix mis-alignment of the action buttons in extensions (merge request)
- Support username in assign push options (merge request)
- Enable read_runner permission for auditors, also for instance runners (merge request) GitLab Enterprise Edition
- Enable read_group_all_available_runners permission for auditors (merge request) GitLab Enterprise Edition
- fix: Improve shell variable quoting in Coverage-Fuzzing templates (merge request)
- Fix grammatical error in exclusive keys validator (merge request)
- Do not show banner if SM subscription is renewed (merge request) GitLab Enterprise Edition
- Remove and add ci_job_variables.raw (merge request)
- Fix feature flag file location (merge request) GitLab Enterprise Edition
- Fix markdown for iteration description (merge request) GitLab Enterprise Edition
- Fix line height on project and group lists (merge request)
- Allocate InternalId for importing issues (merge request)
- Remove outdated migration steps (merge request)
- Add scrolling support for jupyter notebooks (merge request)
- Fix HLJS multi-line-rendering (merge request)
- Fix runner instructions with disabled registration (merge request)
- Fix RunnerPolicy to allow group maintainers to see shared runners (merge request)
- Fix Wiki feature raises exception when titles start with ~ (merge request)
- Fix duplicate key errors during GitHub Import (merge request)
- Fix case where Merge Request change tab shows incorrect number by @hyperhtml (merge request)
- Avoid loading entire blob without limit for displaying diffs (merge request)
- Migrate bulk sidebar subscriptions dropdown to pajamas (merge request)
- Add bottom margin to "Protect a tag" card (merge request)
- Fix epic items not loading for signed out users (merge request) GitLab Enterprise Edition
- fix: Don't fetch environments on Admin variables page (merge request)
- Render markdown for snippets if links contain hash to anchor by @fabsrc (merge request)
- Enable the FF ci_requeue_with_dag_object_hierarchy (merge request)
- Fix closing of external issues (merge request)
- Improve error message when providing an invalid deploy key by @davebarr (merge request)
- Fix indentation of children epics on Roadmap (merge request) GitLab Enterprise Edition
- Use custom logo on sign in page again by @wwwjon (merge request)
- Fix lock retries for the partition helper (merge request)
- Fix alignment issues of resolved with issue system note (merge request)
- This MR fixes cron parsing bug (merge request) GitLab Enterprise Edition
- Don't change escalations if neither status nor policy changed (merge request) GitLab Enterprise Edition
- Hide Analytics features based on project settings (merge request)
- Set default link color to blue-500 (merge request)
- Fix project create service to use known columns (merge request) GitLab Enterprise Edition
- Fix alignment on changed line in multiline suggestion comment (merge request)
- fix: Compare email addresses case insensitively by @DerAstronaut (merge request)
- Deal with multiple filters in query builder (merge request) GitLab Enterprise Edition
- Better memoize BulkImports::ExportStatus#export_status (merge request)
- Fix variables alignment (merge request)
- Add retriable exceptions & dont raise if wiki is disabled (merge request)
- Fix encoding issues with plantuml blocks (merge request)
- Removing single quotes to avoid harbor help text being rendered as math by @orozot (merge request)
- Show notifications toggle when mr merged by @leetickett (merge request)
- Fix 500 errors in Projects::AutocompleteSourcesController (merge request)
- Add missing tooltip for deployment name (merge request)
- Fix ES settings form localization by @Taucher2003 (merge request) GitLab Enterprise Edition
- Add WikiLinkFilter to AsciiDocPipeline (merge request)
- Fix serialization of tables in Content Editor (merge request)
- Prevent creation of duplicate deploy tokens on page refresh (merge request)
- Fix two expand buttons on MR widgets when page width is narrow (merge request)
- Avoid linking CVE IDs as Jira tickets by @kelunik (merge request)
- Hide
Contributors
menu item by @TrueKalix (merge request) - Fix ExternalDatabaseChecker tests for geo and PG11 (merge request)
- When getting container repository tags, use a fixed page size (merge request)
- This MR closes drawer when project changed (merge request) GitLab Enterprise Edition
- Fix REST/GRAPHQL APIs handling TODOs WorkItem target (merge request)
- Remove usage of Geo::FileRegistryRemovalWorker worker (merge request) GitLab Enterprise Edition
- Avoid runaway queue growth of Geo::DestroyWorker (merge request) GitLab Enterprise Edition
- Fix initial value set on TimezoneDropdown (merge request)
- Fix the epics search query for displaying roadmap (merge request) GitLab Enterprise Edition
- Allow auditors read-only access to Alerts (merge request) GitLab Enterprise Edition
- Fix flash margin in Web IDE (merge request)
- Discussion: Fix font-size and highlight (merge request)
- Add missing licensed feature flag to frontend (merge request) GitLab Enterprise Edition
- Update project member styles in GFM (merge request)
- ExternalDatabaseChecker to support CI Database (merge request)
- Allow multiple drafts on a single line in MR reviews (merge request)
- Add the diverged commits when displaying the merge controls (merge request)
- Fix DAST profile names for group security policies (merge request) GitLab Enterprise Edition
- Changes how project export tarballs are uploaded to an external website (merge request)
- NuGet case-insensitive version search (merge request)
- Hide add oncall schedule buttons for unauthorized users (merge request)
- Fix CI JSON schema for variables (merge request)
- Fix 500 errors when sorting by merged date with approvers (merge request)
- Apply push rules to squash commit messages (merge request) GitLab Enterprise Edition
- Update GitLab Migration to use source_id when requesting relation export (merge request)
- LockWrites Rake Task to support DRY_RUN mode (merge request)
- Hide harbor registy in menu if uncheck active by @orozot (merge request)
- Fix wrong CLRF rendering by @TrueKalix (merge request)
- Exclude tiers if a protected environment exist from creation form (merge request) GitLab Enterprise Edition
- Hide MR Callout when MRs disabled for project by @Taucher2003 (merge request)
- Use toolbar buttons for indent/outdent (merge request)
- Fix unlocking previous pipeline artifacts (merge request)
- Fix alignment issues on agent activity list (merge request)
- Improve work item detail accessibility (merge request)
- Render form submit button using Pajamas::ButtonComponent (merge request)
- Render form submit button using Pajamas::ButtonComponent (merge request) GitLab Enterprise Edition
- Rescue exception when exporting MR diffs (merge request)
- Set BulkImports::Tracker as skipped if entity is failed (merge request)
- Monkey patch Licensee::License to properly cache (merge request)
- License overview incorrectly shows 'Expired: never' for expired license (merge request) GitLab Enterprise Edition
- Update
View latest projects
andView latest groups
links (merge request) - Reloading the classes runs the LoadBalancer again (merge request)
- Revert "Merge branch 'toon-no-more-licensee' into 'master'" (merge request)
- Fix escaping for references with special characters (merge request)
- Do not save duplicate notes when importing pipelines (merge request)
- Add shortcuts and permalink updater to vue blob controls (merge request)
- Show tasks in dashboard issue list (merge request)
- Simplify line link (merge request)
- Update custom tag reference in CI schema (merge request)
- Ensure that stage name and record are in sync for page deployments (merge request)
- Fix bugs around file attach button (merge request)
- Keep pipeline editor commit info when changing tabs (merge request)
- Fix wrong
inverse_of
invulnerability_state_transitions
association (merge request) - Fix label events being grouped incorrectly (merge request)
- Resolve failure path issue on creating leads (merge request) GitLab Enterprise Edition
- Filter all settings sections and show empty state if no results (merge request)
- Avoid preloading nil root_ancestor in ProjectRootAncestorPreloader (merge request)
- Fix undismissable error alert on contact list by @leetickett (merge request)
- Remove attach file button from toolbar (merge request) GitLab Enterprise Edition
- Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
- Fix N+1 queries when fetching labels of child epics (merge request) GitLab Enterprise Edition
- Add navbar to empty search results (merge request)
- Show emoji in user_popover when status text is empty by @n0rdlicht (merge request)
- Only focus search in dropdown if it has artifacts (merge request)
- Improve specs (merge request)
- Replace visitUrl with Gl-Link in ci-badge-link by @leetickett (merge request)
- Move the index removal migration to a regular migration (merge request)
- Sorted project members by user name (merge request)
- Only mark vulnerabilities on default branch as disappeared (merge request) GitLab Enterprise Edition
- Allow read-only access to escalation policies for auditors (merge request) GitLab Enterprise Edition
- Fix codeowners for sections with the same patterns (merge request)
- Fix: locale on project repo settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
- Use the MR data to determine if the branch was deleted (merge request)
- Make Wiki operations target default branch instead of HEAD (merge request)
- Fix spacing in commit view of MR (merge request)
Changed (194 changes)
- Update google-protobuf to v3.21.7 (merge request)
- Add validationStartedAt to DastSiteValidationType (merge request) GitLab Enterprise Edition
- Allow specifying document types to reindex (merge request) GitLab Enterprise Edition
- Changes dormant user setting input minimum to 90 days (merge request)
- Fix an issue where the delete button would always delete the fist item (merge request)
- Migrate old sidekiq queues (merge request)
- Update sign in preview page and new label page (merge request)
- Permit to create/update/delete protected branches without repository (merge request)
- Use issue type in user activity for issue or work item events (merge request)
- Track wiki verification in the project_wiki_repository_states table (merge request) GitLab Enterprise Edition
- Fix alert text for rate limiting (merge request)
- Remove RubyProf in favor of StackProf from Gitlab::Profiler (merge request)
- This MR adds agents option for humanized rules (merge request) GitLab Enterprise Edition
- Revert changes to manual actions on environments (merge request)
- Show copy button for unsafe external URLs (merge request)
- Removes experimental feature flag (merge request)
- This MR adds agents option for schedule rule component (merge request) GitLab Enterprise Edition
- Reset form button if error encountered (merge request)
- Remove runners_finder_all_available feature flag (merge request)
- This MR adds new pre-scan verification status (merge request) GitLab Enterprise Edition
- Update pact to v1.63 and rack-test to v2.0.2 (merge request)
- Add pipeline iid to pipeline event webhook by @fabsrc (merge request)
- Make releases_access_level equal repository_access_level when higher (merge request)
- Search Page Layour change (merge request)
- Let go get response http semantic status code by @icbd (merge request)
- Render a dotted line for missing DORA insights data (merge request) GitLab Enterprise Edition
- Add finder for scan result policies and update (merge request) GitLab Enterprise Edition
- Update "last used" date for PATs if used in git operations by @fabsrc (merge request)
- Allow to toggle inbound job token (merge request)
- Extend scan_finding rules to group level (merge request) GitLab Enterprise Edition
- Update IDE pipeline styling (merge request)
- Shows project storage limit notifications only to owners (merge request) GitLab Enterprise Edition
- Exposed current_sign_in_at as last login at for billable members (merge request) GitLab Enterprise Edition
- Correct copy on Project Access Token scope page (merge request)
- Improve SAML SSO wording (merge request)
- Add browseArtifactsPath to GraphQL CiJob (merge request)
- GitLab Version - Badge Tracking (merge request)
- Fix: notify locale on project was not exported email by @qt-gith (merge request)
- Adding .mobileprovision file parser to Project-level Secure Files (merge request)
- Add columns about MR checks to namespace_settings by @luzhiyuan.deer (merge request)
- Convert Octokit response in Github Integration to hash (merge request) GitLab Enterprise Edition
- Adding .p12 file parser to Project-level Secure Files (merge request)
- Updates Config::Entry::Variable value to support array (merge request)
- Update Jitsu authenticator to production endpoint (merge request) GitLab Enterprise Edition
- Remove confusing runners summary text (merge request)
- Replace release notes form in new tag page with a link (merge request)
- Fix issue header alignment (merge request)
- Reduce the size of the initial backoff duration for web-hooks (merge request)
- Store future subscriptions on instance activation (merge request) GitLab Enterprise Edition
- Expose licenses in dependencies API (merge request) GitLab Enterprise Edition
- Allow
/page
to be used in description on incident creation (merge request) - Update Work item cannot be accessed (merge request)
- Add localization to markdown actions (merge request)
- Fix padding for draft notes (merge request)
- Moves classes into variables (merge request)
- Improves modal copy when deleting page assets leads to package deletion (merge request)
- Remove container_registry_new_cleanup_service feature flag (merge request)
- Global Search vertical navigation search helper (merge request) GitLab Enterprise Edition
- Add approver for group level scan result policies (merge request) GitLab Enterprise Edition
- Nullify duplicate runner authentication tokens (merge request)
- This MR adds new feature flag for DAST pre-scan verification (merge request) GitLab Enterprise Edition
- Secure Files Metadata Parser (merge request)
- Update alert and incident table styles by @briankabiro (merge request)
- Govern Metric Updates (merge request) GitLab Enterprise Edition
- Productivity Analytics - Migrate url-sync mixin by @ali_o_kan (merge request) GitLab Enterprise Edition
- Update max helm charts to 1000 (merge request)
- Update shared runners summary text (merge request)
- Enable float values in cost factor (merge request) GitLab Enterprise Edition
- Improve MergeService log messages (merge request)
- Update dependency auto-deploy-image to v2.39.0 (merge request)
- Don't pre-fill markdown table with cells in issue (merge request)
- Remove ci_destroy_unlocked_pipeline_artifacts feature flag (merge request)
- Show view-only audit events filter for users with the developer role (merge request) GitLab Enterprise Edition
- Remove participant status from epic participants (merge request)
- Improve copy on delete modale in package by @ali_o_kan (merge request)
- Prevent login using autogenerated passwords (merge request)
- Replace Wiki service list_pages by normal repository RPCs (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.38.1 (merge request)
- Show warning if code search mappings are outdated (merge request) GitLab Enterprise Edition
- Replace Wiki service find_page RPC by normal repository RPCs (merge request)
- Replace Wiki service find_page RPC by normal repository RPCs (merge request)
- Replace Wiki service find_page RPC by normal repository RPCs (merge request)
- Update UI text in insights dropdown list + dropdown sizing (merge request) GitLab Enterprise Edition
- Change design comments cancel confirmation (merge request)
- Debian package API: do not enqueue jobs directly by @sathieu (merge request)
- Fixes top padding for skeleton notes (merge request)
- Remove user attributes from notes (merge request) GitLab Enterprise Edition
- Use inline code for varaiables in harbor text (merge request)
- Deprecate AWS
host
connection parameter (merge request) - Migrate card component - user list in admin page (merge request)
- Pull apart emoji and activity controls (merge request) GitLab Enterprise Edition
- Exclude loopback and link local addresses from Google CDN use (merge request)
- Update runner settings styling (merge request)
- Enforce active jobs limit earlier in pipeline creation (merge request)
- Adapt Helm API to consider the package registry access level by @wwwjon (merge request)
- Adapt Generic Packages to consider the package registry access level by @wwwjon (merge request)
- Global Search vertical navigation search helper (merge request)
- Enabled realtime labels FF (merge request)
- Hide
Action
column when revokePath is missing (merge request) - Remove use_gitaly_pagination_for_refs feature flag (merge request)
- Upgrade Sourcegraph integration to 0.0.82 by @philipp-spiess (merge request)
- Do not show blocked states (merge request) GitLab Enterprise Edition
- Remove iteration_cadences FF (merge request) GitLab Enterprise Edition
- Update colors in the user activity calendar (merge request)
- Tighten Google CDN URL config requirements (merge request)
- Geo - Update no subscription banner message (merge request) GitLab Enterprise Edition
- Geo - Update URL text to External URL (merge request) GitLab Enterprise Edition
- Update unknown ci_pipeline_artifacts.locked column values (merge request)
- Add codeowners collapse, use vue component instead of haml (merge request) GitLab Enterprise Edition
- Fixes highlighting color for first diff reply (merge request)
- Change Version API to mirror Metadata API (merge request)
- Reduced lease from 1.5hrs to 1 hr (merge request)
- Update extensions in Gitpod configuration by @gtsiolis (merge request)
- Geo: Migrate Container Registry replication to use SSF (merge request) GitLab Enterprise Edition
- Do not user select2 for mirror user id (merge request)
- Don't pre-fill markdown table with cells (merge request)
- Fix invalid runner REST v4 deprecations (merge request)
- Harmonise warning message in Settings < Variables by @ali_o_kan (merge request)
- Update trial status popover title (merge request) GitLab Enterprise Edition
- Harmonise warning message in Settings < Pipeline triggers by @ali_o_kan (merge request)
- Add tmp indx null member namespace id (merge request)
- Default on :operational_vulnerabilities_filters ff (merge request)
- Default on :scan_execution_rule_mode feature flag (merge request)
- Remove dropdown to add members from admin area (merge request)
- Update cards in the milestone view (merge request)
- Ensure PostgreSQL versions are memoized at start of tests (merge request)
- Allow to submit wiki form using ctrl enter (merge request)
- Store dependency scanning SBoMs as reports (merge request)
- ref_service: Clean up find_local_branches_response (merge request)
- Do not restrict epics child issues group structure (merge request) GitLab Enterprise Edition
- This MR stores list of form fields in constant (merge request) GitLab Enterprise Edition
- Use Pajamas alert component for Rails flash (merge request)
- Update code analyzers (merge request) GitLab Enterprise Edition
- Migrate groups' projects settings card to ViewComponent (merge request)
- Harmonise warning in Protected environments by @ali_o_kan (merge request) GitLab Enterprise Edition
- Migrate to GlButton (merge request) GitLab Enterprise Edition
- GraphQL: Rename verification status to status (merge request) GitLab Enterprise Edition
- Hides cleanup policy admin notification while loading (merge request)
- Refetch deployments on user interaction (merge request)
- Migrate groups "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
- Allow updating users.pronouns property in REST API by @drumm (merge request)
- Migrate "Protect a tag" card to ViewComponent (merge request)
- Migrate "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
- Hide delete button when user cannot delete runner (merge request)
- Adding metadata and expires_at to Secure Files (merge request)
- Limit maximum number of child epics (merge request) GitLab Enterprise Edition
- Remove tmp_index_system_note_metadata_on_attention_request_actions (merge request)
- Rename WebHook service_id to integration_id (merge request)
- Migrate issue/MR bulk edit checkboxes to be Pajamas compliant (merge request)
- Migrate LDAP
Remember me
checkbox to be Pajamas compliant (merge request) - Migrate OmniAuth
Remember me
checkbox to be Pajamas compliant (merge request) - Update dependency auto-deploy-image to v2.38.0 (merge request)
- Migrate card component - admin note in admin area (merge request)
- Migrate pj component - card in the profile SSH page (merge request)
- Allow updating users.commit_email property in REST API by @drumm (merge request)
- Migrate custom attributes card to ViewComponent (merge request)
- Add new alert for creating new top-level group (merge request)
- Autofocus on Markown Editor (merge request)
- Removes spacing from system and discussion notes (merge request) GitLab Enterprise Edition
- Remove temp index that no longer needed (merge request)
- Update deployment rollback buttons (merge request)
- Remove unused db fields from assignees (merge request)
- Remove unused styles on subscription seats table (merge request) GitLab Enterprise Edition
- Drop ci_update_unlocked_job_artifacts feature flag (merge request)
- Update
Busy
checkbox copy (merge request) - Update dependency auto-build-image to v1.19.0 (merge request)
- Update successful purchase banner (merge request) GitLab Enterprise Edition
- Remove cleanup_extract_mr_diff_deletions feature flag (merge request)
- Default-enable :hash_oauth_tokens feature flag (merge request)
- GitLab Version - Badge CTA (merge request)
- Backfill internal column on notes (merge request)
- Block userless CI (merge request)
- Remove cache_issue_sums flag (merge request) GitLab Enterprise Edition
- Do not treat warnings as errors (merge request) GitLab Enterprise Edition
- Add warning when Token Access disabled by @ali_o_kan (merge request)
- Add reject_non_dco_commits to push_rules (merge request)
- Added parameter to participants query (merge request)
- Rename timeline event note's validation error message (merge request)
- Remove tmp idx null project namespace id (merge request)
- Hide subgroup milestones on Roadmap when filtered by group (merge request) GitLab Enterprise Edition
- Remove unused updated_state_by_user_id from merge_request_reviewers (merge request)
- Add index on internal notes (merge request)
- Remove multiple iteration cadences license check (merge request) GitLab Enterprise Edition
- Check feature flag in bulk imports API for consistency (merge request)
- Enable auditor access to group runners (merge request)
- GitLab Version - Increase cache life (merge request)
- Adds last downloaded date to package registry UI (merge request)
- Drop tmp_index_user_callouts_on_attention_request_feature_names (merge request)
- Clean up successful experiment promote_mr_approvals_in_free (merge request)
- Add iteration to Issues Analytics table by @ali_o_kan (merge request) GitLab Enterprise Edition
- Finalize member namespace id cleanup (merge request)
- Remove allow non-blocking member refresh feature flag (merge request) GitLab Enterprise Edition
- Ignore fingerprint column on sbom_sources (merge request)
- Clean up
read_package_policy_rule
feature flag by @wwwjon (merge request)
Removed (18 changes)
- Remove contraint check_508774aac0 (merge request)
- Remove default_scope for the Event model (merge request)
- Drop free user cap columns from namespace settings (merge request)
- Remove FF override_group_level_protected_environment_settings_permission (merge request)
- Remove Feature Flag for artifacts reports junit (merge request)
- Geo Sites - Remove Current Site Badge (merge request) GitLab Enterprise Edition
- Revert "Merge branch 'pages-lets-encrypt-ecdsa' into 'master'" (merge request)
- Remove incident_resource_links_widget feature flag (merge request) GitLab Enterprise Edition
- Delete remove invalid member migrations (merge request)
- Drop index on ci_builds_metadata (merge request)
- Remove unused partial (merge request)
- Remove unused VSA label_ids param (merge request) GitLab Enterprise Edition
- Remove WorkItemUpdateWidgets mutation from GraphQL API (merge request)
- Remove application limits for Jira import (merge request)
- Remove global_search_custom_slis feature flag (merge request)
- Remove contribution_analytics_optimized_base_query (merge request) GitLab Enterprise Edition
- Remove unused experience_level DB column (merge request)
- Remove legacy memory killer (merge request)
Security (19 changes)
- Fix CVE-2022-32149 in workhorse dependency (merge request)
- Validate the scheme of project import URLs (merge request)
- Respect instance level rule for editing approval rules (merge request)
- Update TodoPolicy to handle confidential notes (merge request)
- Fixes XSS in widget extensions (merge request)
- Redact user's private email in group member event webhook (merge request)
- Sanitize Url and check for valid numerical errorId in error tracking (merge request)
- Manually sync canonical to security (merge request)
- Fix conflict between canonical and security (merge request)
- Enforce group IP restriction on Dependency Proxy (merge request)
- Prevent serialization of sensible attributes from JsonCache by @jbobadilla-ext (merge request)
- Restrict max duration to 1 year for trace display (merge request)
- Forbid creating a tag using default branch name (merge request)
- Add security protection for Github (merge request)
- Redact secrets from WebHookLogs (merge request)
- Prevent users creating issues in ay project via board/issues controller (merge request)
- Use UntrustedRegexp for upload rewriter (merge request)
- Fix leaking emails in WebHookLogs (merge request)
- Validate httpUrlToRepo to be http or https only (merge request)
Performance (19 changes)
- Avoid query for next page check (merge request)
- Refactor BitBucket importer (merge request)
- Nullify and delete some user associations in batches (merge request)
- Nullify merge request metrics user in batches on user deletion (merge request)
- Nullify merge request and user associations in batches on user deletion (merge request)
- Removing feature flag config files (merge request)
- Fix N+1 when loading labels on issue, epic, mrge_request lists (merge request)
- Fix labels N + 1 query in WorkItemsResolver (merge request)
- Remove n+1 queries for participants policy checks (merge request)
- Fix votes N+1 when loading issues, epics, merge requests lists (merge request)
- Ensure primary key index is used for Geo::Replicable (merge request) GitLab Enterprise Edition
- Remove feature flags related to diff highlight expiration (merge request)
- Destroy unlocked and expired pipeline artifacts (merge request)
- Load all license details from Gitaly (merge request)
- Load all license details from Gitaly (merge request)
- Avoid N+1 in GraphQL WorkItemsResolver (merge request)
- Add delay during project authorizations refresh (merge request)
- Enable background closure of issues from commit messages (merge request)
- Fix Workhorse Redis Sentinel role checks (merge request)
Other (63 changes)
- Add logging for file variable expansion (merge request)
- Remove gitlab_shell_jwt_token feature flag (merge request)
- Deploy tiers named nonprod no longer marked as production (merge request)
- Remove FF
gl_listbox_for_sort_dropdowns
(merge request) - Remove duplicated read_confidential_notes policy (merge request)
- Drop index_notes_on_note_gin_trigram index where exists (merge request)
- Add diagnostic reports uploader (merge request)
- Clean up legacy Gitaly Wiki RPCs in Rails (merge request) GitLab Enterprise Edition
- Add message and importer type to logs (merge request)
- Update task system note background migration batch sizes (merge request)
- RuboCop: Enable previously disabled Rails/ActiveRecordCallbacksOrder by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/SoleNestedConditional by @edith007 (merge request)
- RuboCop: Enable previously disabled Rails/InverseOf by @edith007 (merge request)
- RuboCop: Enable previously disabled Rails/RedundantForeignKey by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/KeywordParametersOrder by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/NumericLiteralPrefix by @edith007 (merge request)
- RuboCop: Enable previously disabled Rails/IndexWith by @edith007 (merge request)
- Add bulk_import_id to bulk_import logs (merge request)
- RuboCop: Enable previously disabled Style/SingleArgumentDig by @edith007 (merge request)
- Use bulk_import_entity_id in all logs (merge request)
- Prepare partial non-latin index for issues (merge request)
- Remove incident_timeline feature flag (merge request)
- Enable wiki feature flags by default (merge request)
- Ignore column with typo on NamespaceDetails (merge request)
- Remove the about your company feature flag and commit code (merge request) GitLab Enterprise Edition
- Remove block_emails_with_failures feature flag (merge request)
- Removes the
gl_avatar_for_all_user_avatars
FF (merge request) - Remove the non supported google_client_email (merge request)
- Remove background trial application feature flag (merge request)
- Remove the FF ci_project_pipeline_config_refactoring (merge request)
- Add snowplow event tracking to group imports (merge request)
- Add columns for package forward cascade settings (merge request)
- Update profile page buttons to pajamas (merge request)
- Increase branch expiry from 10 minutes to 60 (merge request)
- Revert "Merge branch '371986-introduce-ff' into 'master'" by @kwiebers (merge request)
- Bump Gitlab Shell to v14.12.0 (merge request)
- Remove unused members awaiting index (merge request)
- Change card to Pajamas (merge request)
- RuboCop: Enable previously disabled Style/StringLiteralsInInterpolation by @edith007 (merge request)
- Validate entity type used in Gitlab Migration (merge request)
- Modifications to
adding delay
logic (merge request) - Remove unnecessary card component (merge request)
- Remove orphan project bots (merge request)
- Remove FF ci_rules_changes_compare (merge request)
- Remove and add raw of ci-variables tables with new default (merge request)
- Ignore unused columns on requirements (merge request) GitLab Enterprise Edition
- Remove trace column from ci_builds table (merge request)
- Remove unused free user cap data feature flag (merge request) GitLab Enterprise Edition
- Limit the number of active jobs early in the pipeline creation (merge request) GitLab Enterprise Edition
- GraphQL fetch stage by id (merge request)
- RuboCop: Enable previously disabled Style/AccessorGrouping by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/EmptyMethod by @edith007 (merge request)
- RuboCop: Enable previously disabled Rails/FilePath by @edith007 (merge request)
- RuboCop: Enable previously disabled Style/ExplicitBlockArgument by @edith007 (merge request)
- Use Gitlab UI empty state in Roadmap by @rajatgitlab (merge request) GitLab Enterprise Edition
- Cleanup task system note renaming background migration (merge request)
- RuboCop: Enable previously disabled Style/CaseLikeIf by @edith007 (merge request)
- RuboCop: Enable previously disabled Rails/HelperInstanceVariable by @edith007 (merge request)
- Add dashboard limit to enable free user management (merge request)
- Decommission BatchPopQueueing class (merge request)
- Remove create_approval_todos_on_mr_update FF (merge request)
- Add environment keyword to pages job by @edith007 (merge request)
- Remove feature flag ci_variables_refactoring_to_variable (merge request)
Security
Details
date
Oct. 21, 2022, midnight
name
15.5.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!