GitLab CE - 15.9.0
Security
(2023-02-21)
Added (223 changes)
- Initialize conversion of notes.id to bigint (merge request)
- Add top-level
groups
GraphQL query (merge request) - Add aditional arguments to IssuesBulkUpdate mutation (merge request)
- Expose project visibleForks in GraphQL (merge request)
- Add MR settings support for group (EE frontend) by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
- Add EE only metrics for license compliance MR widget (merge request)
- Add widget definitions table (merge request)
- Board - Move epic at top or bottom of list (merge request) GitLab Enterprise Edition
- Add package metadata ingestion service (merge request)
- Initialize the conversion of todos.note_id to bigint (merge request)
- Allow users to stop stale environments via the UI (merge request)
- Process webhook notification to send HLLRedis metrics (merge request) GitLab Enterprise Edition
- Add ability to re-import projects for project importers (merge request)
- Migration to re-enqueue epic cache counts update (merge request)
- Add metric for integrations with Jira (merge request)
- Add GraphQL mutation to approve or reject deployment (merge request) GitLab Enterprise Edition
- Extend Scan Result Policies to process License Approval Policies (merge request) GitLab Enterprise Edition
- Adds bulk delete UI for other versions of package (merge request)
- Add inbound access control to projects (merge request)
- Display revoke-ssh-key button by default (merge request)
- Add more placeholders to service desk custom templates (merge request)
- Show access as "Custom" in UI when custom role (merge request) GitLab Enterprise Edition
- Adds menu to open Model experiments (merge request)
- Add mirror branch setting radio and regex input by @qk44077907 (merge request) GitLab Enterprise Edition
- Allow user to toggle labels on Roadmap (merge request) GitLab Enterprise Edition
- Create a new table for storing automation rules (merge request)
- Initialize conversion of suggestions.note_id to bigint (merge request)
- Initialize conversion of vulnerability_user_mentions.note_id to bigint (merge request)
- Initialize conversion of merge_request_user_mentions.note_id to bigint (merge request)
- Allow to export work items as CSV (merge request)
- Introduce migration for emails_enabled column by @joe-snyder (merge request)
- Add sync service (merge request) GitLab Enterprise Edition
- API to create gitlab ci yml merge request (merge request) GitLab Enterprise Edition
- Add scan result policy relation to approval rules (merge request)
- Display package errors on Other versions tab of package registry (merge request)
- Add partitioned index and FK for ci_job_artifacts and ci_builds (merge request)
- Add partitioned index and FK for ci_build_trace_metadata and ci_builds (merge request)
- Add scheduled job to start package metadata sync (merge request) GitLab Enterprise Edition
- Allow releases to be downloaded by sessionless users (merge request)
- Rebalance partition_id for ci_builds (merge request)
- Add API::MemberRoles endpoints to OpenApiV2 documentation (merge request) GitLab Enterprise Edition
- Allow milestones to be specified by ID on the release API (merge request)
- Initialize conversion of timelogs.note_id to bigint (merge request)
- Initialize conversion of system_note_metadata.note_id to bigint (merge request)
- Add shared example for testing admin mode by @TrueKalix (merge request)
- Add Jira Connect public key store setting (merge request)
- Add Gitaly dns scheme support (merge request)
- Add warning about native attachments in Service Desk comments section (merge request)
- Initialize conversion of note_diff_files.diff_note_id to bigint (merge request)
- Initialize conversion of issue_user_mentions.note_id to bigint (merge request)
- Reschedule Feedback -> StateTransition background migration, attempt 3 (merge request)
- Add README for groups (merge request)
- Add Issue.relatedMergeRequests to GraphQL API by @Taucher2003 (merge request)
- Enable cross-group child epics (merge request) GitLab Enterprise Edition
- Implemented deleting WI notes (merge request)
- Support quick auctions for work item via description editing (merge request)
- PUT /[groups|projects]/:id/members/:user_id accepts member_role_id (merge request) GitLab Enterprise Edition
- Fix unique index on ci_build_pending_states (merge request)
- Add related_epic_links API for groups (merge request) GitLab Enterprise Edition
- Update GraphQL API for work item quick actions (merge request)
- Add created and updated dates to work items (merge request)
- Add fields for appearance pwa attributes by @TrueKalix (merge request)
- Support filtering merge request diffs by keyword via GraphQL (merge request)
- Support filtering uploads registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Add more fields to OAuthID tokens (merge request)
- Remove project_language_search feature flag (merge request)
- Initialize conversion of snippet_user_mentions.note_id to bigint (merge request)
- Initialize conversion of design_user_mentions.note_id to bigint (merge request)
- Initialize conversion of commit_user_mentions.note_id to bigint (merge request)
- Limit the initialized metrics by service (merge request)
- Database and API for Git abuse rate limiting alerted users (merge request)
- Add API endpoint for epic boards lists (merge request) GitLab Enterprise Edition
- Rebalance partition_id for ci_pipelines (merge request)
- Add engine_name to CQ violations response (merge request)
- Add logic to create ci_runner_machine on job request (merge request)
- Add async foreign key validation model (merge request)
- Load pwa logo dynamicly to manifest.json by @TrueKalix (merge request)
- Add new cancel_all github imports endpoint (merge request)
- Expose group runners toggle in Projects API by @nejc (merge request)
- Expose Discord ID to API by @ideclon (merge request)
- Add dismissal data to SecurityReportFinding (merge request) GitLab Enterprise Edition
- Add
include:component
syntax to fetch CI components (merge request) - Add elastic backfill migration for internal notes (merge request) GitLab Enterprise Edition
- Add subscription for user notes on work items (merge request)
- [388273] GitHub importer: respond with fail exception message (merge request)
- Support image attributes for videos (merge request)
- Add environments anchor to project home (merge request)
- Allowed users to update time estimate via GraphQL mutations by @zillemarco (merge request)
- Adds initial metrics for Ml Experiment Tracking (merge request)
- Allow users to filter epics by sub group (merge request) GitLab Enterprise Edition
- Support filtering LFS objects registries by keyword via GraphQL (merge request)
- Adds OR filtering by author for epics (merge request) GitLab Enterprise Edition
- Add support for alternative internal issue reference prefix "GL-" by @svoop (merge request)
- Email worker for abandoned trials (merge request)
- Update ci_resources FK to include partition_id (merge request)
- Add partitioned index and FK for ci_job_variables and ci_builds (merge request)
- Support filtering terraform registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Introduce ::Zoekt::Logger and log search errors (merge request) GitLab Enterprise Edition
- Add new
Terraform-Module.gitlab-ci.yml
CI/CD template (merge request) - Add DELETE draft note endpoint to api (merge request)
- Adds API endpoint for getting a single draft note (merge request)
- Initialize migration of sent_notifications.id to bigint (merge request)
- Instrument Adoption for Custom Roles MVC (merge request) GitLab Enterprise Edition
- Add discord to user profile social networks (merge request)
- Enable ci_register_job_temporary_lock by default (merge request)
- Reschedule Feedback -> StateTransition background migration (merge request)
- Add help link for opt in JWT setting (merge request)
- Adds OR filters for epic boards (merge request) GitLab Enterprise Edition
- Extend encrypted secrets support to incoming and service desk email (merge request)
- Initialize conversion of epic_user_mentions.note_id to bigint (merge request)
- Support quick action autocompletion and preview for work items (merge request)
- Add FK including partition_id to ci_build_report_results (merge request)
- Add Language aggregation components to the sidebar (merge request)
- Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
- Added documentation for new language filter for projects by @zillemarco (merge request)
- Remove mr_compare_dropdowns feature flag (merge request)
- Support filtering snippet repositories registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Support filtering pages deployment registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Default enable customizable_roles feature flag (merge request) GitLab Enterprise Edition
- Debian direct deb and udeb upload by @sathieu (merge request)
- Add position_in_list for epicMoveList mutation (merge request) GitLab Enterprise Edition
- Implement notification for created release (merge request)
- Schedule index for ci_build_needs (merge request)
- Add FK including partition_id to ci_build_needs (merge request)
- Add group epic boards API endpoint (merge request) GitLab Enterprise Edition
- GraphQL: Add ephemeral_authentication_token field to CiRunner (merge request)
- Schedule partial index for ci_build_report_results (merge request)
- Add count projects with monitor enabled metric (merge request)
- Add migration to nullify
projects.creator_id
(merge request) - Support filtering container repositories by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Add gcp connector for importing package metadata (merge request)
- Adds basic docs for new Draft Notes API (merge request)
- Add securityFindingRevertToDetected mutation (merge request) GitLab Enterprise Edition
- Support filtering package files registries by keyword via GraphQL (merge request)
- feat: Auto-revoke leaked GitLab PATs on default branch detection (merge request) GitLab Enterprise Edition
- Allow to filter work items by author on GraphQL (merge request)
- Add Analytics Dashboards pointer for projects (merge request)
- Add index to installable npm packages (merge request)
- Add partitioned index and FK for ci_sources_pipelines and ci_builds (merge request)
- Navigate across dashboard pages with a new "Your work" sidebar (merge request)
- Add deploy_key associations and validations to protected tags (merge request)
- Add GraphQL support of 'CodeQualityReportSummary' by @luzhiyuan.deer (merge request)
- Add author to GraphQL WorkItem Type (merge request)
- Changes candidate table to Keyset Pagination (merge request)
- Support filtering secure files registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Add index to gitlab subscriptions (merge request)
- Adds candidate count to Ml::Experiment (merge request)
- Add MR meta to merge_request_compliance_violations table (merge request)
- Adds search timeout rescue support (merge request)
- Add Geo::WikiRepositoryState model (merge request)
- Show comment threads in work items (merge request)
- Add confirmation modal when retrying a bridge (merge request)
- Add
deploy_key_id
field toprotected_tag_create_access_levels
- Add initial implementation of CI templates interpolation (merge request)
- Add zoekt code search integration (merge request)
- Add
deploy_key_id
field toprotected_tag_create_access_levels
(merge request) - Expose
squash_on_merge
field in merge request REST API (merge request) - Add help message and link for protecting existing environments (merge request) GitLab Enterprise Edition
- Show tags for upcoming deployments in deployment detail (merge request)
- Create test reports widget (merge request) GitLab Enterprise Edition
- Add background migration to fix packages_sizes in project statistics (merge request)
- Add Language aggregation state to the sidebar component (merge request)
- Expose :admin_work_item permission on GraphQL (merge request)
- Drop old FKs on ci_builds (merge request)
- Add sort option to GraphQL ci variables (merge request)
- Reschedule Feedback -> StateTransition background migration (merge request)
- Add GraphQL fields needed for approval widget (merge request) GitLab Enterprise Edition
- Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
- Add report abuse category to comments on issues & MRs (merge request)
- Trigger merge status subscription when blocking MR gets added/removed (merge request) GitLab Enterprise Edition
- Add new tags for incident timeline events (merge request)
- Add ability for top-level group owners to ban members from the group (merge request) GitLab Enterprise Edition
- Allow filtering by legacy requirement IID in Work Items API (merge request) GitLab Enterprise Edition
- Add FK to ci_running_builds (merge request)
- Add deactivation_email_additional_text database setting by @KyleFromKitware (merge request)
- Assign ArkoseLabs risk band to users that signed up with OAuth (merge request) GitLab Enterprise Edition
- Add matched_lines_count in the Gitlab::Search::FoundBlob (merge request) GitLab Enterprise Edition
- Update ci_builds_runner_session FK to include partition_id (merge request)
- Add cronjob to clean up stale runner machines (merge request)
- Redefine FK update statement (merge request)
- Add FK to ci_pending_builds (merge request)
- Allow revoking signing SSH keys (merge request)
- Add link to spam input in abuse report form (merge request)
- Add documentation for RedisCommands::Recorder tool (merge request)
- Add snowplow event and redis counters to track design comment removal (merge request)
- Add Service Desk custom email foundation (merge request)
- Adds Candidate Search to Experiment page (merge request)
- Return job erase date in GraphQL by @X_Sheep (merge request)
- Add timestamp columns to bulk_import_trackers table (merge request)
- Add report abuse category to comments on issues & MRs (merge request)
- Add index to p_ci_builds_metadata partition metadata table (merge request)
- Add class for fetching package licenses (merge request) GitLab Enterprise Edition
- Remove feature flag (merge request)
- Return job erase date in API responses by @X_Sheep (merge request)
- Support on update in postgres_foreign_keys (merge request)
- Attempts to restore plan_limits.web_hook_calls (merge request)
- Add specs for new API endpoint, update docs (merge request)
- Add dast_profiles_tags table (merge request)
- Add docs for authenticating with ID tokens (merge request) GitLab Enterprise Edition
- Create encrypted application setting for product analytics clickhouse (merge request)
- Toggle JWT access from CI/CD settings (merge request)
- Implement Admin Mode for API by @wwwjon (merge request)
- Add Airflow DAGs data model (merge request)
- Add tmp indexes for CI partitioning - 3 (merge request)
- Add pipelineScheduleUpdate mutation (merge request)
- Create table
project_data_transfers
to store egress data per project (merge request) - Allow releases to be downloaded by sessionless users (merge request)
- Limit the number of reviewers to maximum 200 (merge request)
- Add a button to toggle issues sections (merge request) GitLab Enterprise Edition
- Trigger merge status subscription when blocking MR gets merged (merge request) GitLab Enterprise Edition
- Add root level issues GraphQL query (merge request)
- Add tmp indexes for CI partitioning - 2 (merge request)
- Run SAST and Dependency Scanning jobs in same pipeline for scan policies (merge request) GitLab Enterprise Edition
- Send fork ahead/behind links to frontend (merge request)
- Add GQL endpoint for toggling JWT access (merge request)
- Add internal Note field for Elastic and sync (merge request) GitLab Enterprise Edition
- Remove allow_possible_spam feature flag (merge request)
- Adds a jobs tab in group runner details (merge request)
- Introduce ExcludedNamespace model/table (merge request)
- Remove mr_review_submit_comment feature flag (merge request)
- Add partitioning temp indexes to CI tables (merge request)
- Support filtering pipeline artifacts registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
- Remove double-up of clear icons from search inputs (merge request)
Fixed (177 changes)
- Consider namespaces with dots in existence check by @winniehell (merge request)
- Fix partition ids for ci_sources_pipelines records (merge request)
- Fix caching of search counters (merge request)
- Fix Rake/Require offence in dependency_proxy/migrate rake task (merge request)
- Add spec_helper for failing f-flag specs (merge request)
- Pass content disposition in query when no cdn used (merge request)
- Fix missing data in merge request note on vulnerability details page (merge request) GitLab Enterprise Edition
- Filter duplicated downstreams in mini pipeline graph using REST (merge request)
- Encrypt trigger tokens in DB (merge request)
- Fix card button overflow on boards (merge request)
- Fix partition_id for p_ci_build_metadata (merge request)
- Fix partition_id for ci_job_artifacts (merge request)
- Fix partition_id for ci_build_report_results (merge request)
- Fix partition_id for ci_pipeline_variables (merge request)
- Fix partition_id for ci_build_trace_metadata (merge request)
- Pass the correct container object for DORA metrics (merge request) GitLab Enterprise Edition
- Remove spying on component methods (merge request)
- Migrates LabelsSelect to LabelsSelectWidget and fixes bug (merge request) GitLab Enterprise Edition
- Rescue JSON::ParserError in BulkImports::Clients::Graphql (merge request)
- Fix failing spec (merge request)
- Deduplicate Ci::ArchiveTracesCronWorker Jobs (merge request)
- Refactor component to improve reactivity (merge request) GitLab Enterprise Edition
- Allow triggered pipelines to have compliance pipeline (merge request) GitLab Enterprise Edition
- Add support for SVG rendering in design management (merge request)
- Allow null pipeline for pre scan verification (merge request)
- Remove feature flag ci_use_run_pipeline_schedule_worker (merge request)
- Geo: Fix sync race condition for mutable types (merge request) GitLab Enterprise Edition
- Revert kerrizor/add-additional-check-to-rescue-search-timeouts (merge request)
- Fix pagination of resource label events (merge request)
- Fix padding in the Ready to Merge MR widget (merge request)
- Make detecting HTML block comments stricter (merge request)
- Fix partition_id for ci_stage (merge request)
- Hide edit on system generated events (merge request)
- Refresh md cache of system notes (merge request)
- Only show applicable overridden rules after merging (merge request)
- Deduplicate ProjectImportSchedule until it's executed (merge request) GitLab Enterprise Edition
- Change PgBouncer documentation page to Free (merge request)
- [378267] Skip DNS rebinding checks if HTTP_PROXY present (merge request)
- Fix: changed column list header styles (merge request)
- Do not send custom confirmation instructions unless user is persisted (merge request) GitLab Enterprise Edition
- [388869] GitHub import: fix merge requests creation (merge request)
- Fix error when modal is unmounted during delete (merge request)
- Drop unused column web_hook_calls_high (merge request)
- Ensure proper stacking context for alert timeline icons (merge request)
- Fix: show "List Settings" when no projects (merge request)
- Skip ArkoseLabs for trial registrations (merge request) GitLab Enterprise Edition
- Reconfigure DAST profile conflict banner (merge request) GitLab Enterprise Edition
- Remove invalid deploy access level entries from the database (merge request)
- Fix depth check when adding existing epics (merge request) GitLab Enterprise Edition
- Hide
New project
button if visibility level is restricted (merge request) - Keep order when updating work item labels (merge request)
- Fix bug where page is not reset (merge request)
- Ensure job log keeps scrolled to bottom (merge request)
- Fix group issue bulk update unsetting assignees (merge request) GitLab Enterprise Edition
- Bring back BulkImports::PipelineWorker 90 minutes job timeout (merge request)
- Read schema file from correct path if a PATCH version mismatch occurs (merge request)
- Fix links of avatars in approval widget (merge request)
- Fix notification trigger labels to be accurate (merge request)
- Remove duplicated confirmation button (merge request) GitLab Enterprise Edition
- Remove check for import from S3 feature flag (merge request)
- Remove escaped spans when absolutely not needed (merge request)
- Fix loading state for split button (merge request) GitLab Enterprise Edition
- Fix Exporting members on a LDAP group sync enabled group given 403 (merge request) GitLab Enterprise Edition
- Allow admins to manage approval rules when disallowed instance-wide (merge request) GitLab Enterprise Edition
- Propogate mathStyle for largge math blocks (merge request)
- Filter out duplicated downstreams in pipeline graph (merge request)
- Prevent from creating invalid scan_finding Approval Rules (merge request) GitLab Enterprise Edition
- Fix ActionController::UrlGenerationError for branches (merge request)
- Ignore case in project/group paths when refreshing agent CI access (merge request)
- Support /latest pipelines route (merge request)
- Fixes N+1 queries when users are indexed into elasticsearch (merge request) GitLab Enterprise Edition
- Add regex validation to entity model (merge request)
- Fix cardinality error while upserting the identifiers (merge request) GitLab Enterprise Edition
- Clear existing release on tag name change (merge request)
- User cannot create rotation with negative length (merge request) GitLab Enterprise Edition
- LDAP duration metric should be milliseconds (merge request)
- Update BitBucket Importer logic (merge request)
- Filter duplicated downstreams in mini pipeline graph for commit box (merge request)
- Ensure Debian repositories don't server Packages.gz as plain files by @sathieu (merge request)
- Fix tilde/backslash/star in codeblock incorrectly escaped by rich editor by @xfyuan (merge request)
- Add Confidential badge to incident sticky header by @alichur (merge request)
- Always convert dotenv files to UTF-8 (merge request)
- Add no results found message to transfer group dropdown (merge request)
- Ensures we don't create duplicate records (merge request)
- Hide clone button for users, who can't download project (merge request)
- Roadmap filter by child epic renders child epic (merge request) GitLab Enterprise Edition
- Close Web IDE popup when clicking Try it out button (merge request)
- Adding rollout issue to "mr_experience_survey" feature flag (merge request)
- Add rollout issue and introduction MR to "moved_mr_sidebar" feature flag (merge request)
- Don't fail while fetching remediations from a removed artifact (merge request) GitLab Enterprise Edition
- Add new column to MR for when it has been prepared (merge request)
- Update protected branches push & merge access levels import (merge request)
- Quick fix to Global Search page status bar (merge request)
- Ignore BUNDLER_SETUP as it can pollute execution (merge request)
- Fix broken set status form in Safari (merge request)
- Fix package versions scope (merge request)
- Fix safari redirection bug for trial sign ups (merge request) GitLab Enterprise Edition
- Do not send non-pseudonymized group/project names to snowplow by @mikegreiling (merge request)
- Use approved_by_user instead of approvers (merge request) GitLab Enterprise Edition
- Fix styling of expiring subscription alert (merge request)
- Split ee and ce querries for branch rules details (merge request)
- Fixing SharedModel.connection_db_config when connection is changed (merge request)
- Fix swagger-ui for relative path instances (merge request)
- Show "unavailable" instead of "never" when SSH usage tracking disabled (merge request)
- Drop invalid index from postgres_async_indexes (merge request)
- Fix error thrown in "Mark as ready" in MR widget (merge request)
- Search within the commit-sha if you are searcing from a commit show page (merge request)
- Validate releases author_id only during creation (merge request)
- Indexes emails with an email tokenizer (merge request) GitLab Enterprise Edition
- Fix pipeline triggers missing
reveal values
button (merge request) - Fix work information in user popover by @Taucher2003 (merge request)
- Fix relative URL links to groups for DevOps Adoption (merge request) GitLab Enterprise Edition
- Bugfix: Admin can re-enable setting for group/project access token creation (merge request)
- Change transfer group confirmation to use full path instead of name (merge request)
- Render Jira app views based on key storage enabled (merge request)
- Fixed some layout and functional issues with language project filter by @zillemarco (merge request)
- Fix tooltip blocking pointer issue (merge request)
- Fix Deployments::Hooksworker params for Sidekiq (merge request)
- Fix DastProfile Update mutation (merge request) GitLab Enterprise Edition
- Fix GitLab for Jira self-managed view text
- Fix method missing error for ChainOfCustodyReportWorker (merge request) GitLab Enterprise Edition
- Fix GitLab for Jira App - load subscriptions error (merge request)
- Allow nil value in QuickActions::TargetService type argument (merge request) GitLab Enterprise Edition
- Fix GitLab for Jira self-managed view text (merge request)
- Toggle button class only if element exists (merge request)
- Upgrade fugit to 1.8.1 (merge request)
- Fix terms page in dark mode (merge request)
- Fix copy in GitLab for Slack app home tab (merge request) GitLab Enterprise Edition
- Refetch predefined variables if API cache is empty (merge request)
- Fix different cases for slash commands (merge request)
- Migrate geo alerts to Pajamas::AlertComponent (merge request) GitLab Enterprise Edition
- Add is_blocked_by option for issue links API (merge request) GitLab Enterprise Edition
- Sync scan result policies when project assigned to a group (merge request) GitLab Enterprise Edition
- Splat arguments when starting trial (merge request) GitLab Enterprise Edition
- Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition
- Include LFS object store URL in CSP connect-src (merge request)
- Use result of destroying container repositories when destroying projects (merge request)
- Use randomized suffix when finding path (merge request)
- Fix Ruby 3 kwargs error in CI instrumentation (merge request)
- Prevent Groups Sync Service from removing top level members (merge request) GitLab Enterprise Edition
- Fix search results with very long project name (merge request)
- Obfuscate issue email participants email (merge request)
- Fix forever-disabled analytics aggregations (merge request) GitLab Enterprise Edition
- Remove title from codeowner link (merge request) GitLab Enterprise Edition
- Invalidate personal projects count correctly (merge request)
- Fix Ci::Bridge to have deployment_job? method (merge request)
- Ensure Group hooks are never disabled (merge request)
- Remove strict parameters for registry notification endpoint (merge request)
- Add modify_security_policy permission (merge request) GitLab Enterprise Edition
- Fix border for fork sort dropdown (merge request)
- Calculate and use sha for CI config variables cache (merge request)
- Clear DuplicateJobs cookies from post-deployment migration (merge request)
- Hide forks count if user has not acceess to public project's repository (merge request)
- It fixes Migration/AddLimitToTextColumns for regular migrations (merge request)
- Fix setting a longer max-age for permalink blobs (merge request)
- Fix Jira app can only load public namespaces (merge request)
- Fix dismissal not showing for dismissed findings on MR security widget (merge request)
- Geo Projects - Fix legacy filter nav (merge request) GitLab Enterprise Edition
- Fix
[nil]
arrays (merge request) GitLab Enterprise Edition - Fix identifier collision while creating vulnerabilities from findings (merge request) GitLab Enterprise Edition
- Fixed Project dropdown when cherry-picking commits (merge request)
- Fix :focus and border appearance of search field (merge request)
- StatusPages::ProjectSetting<->Project relationship (merge request) GitLab Enterprise Edition
- Remove column ignore rule to mitigate incident (merge request)
- Fix project filter not filtering vulnerability list on page load (merge request) GitLab Enterprise Edition
- Resize component on alert dismiss (merge request)
- Load images in work item description in modals (merge request)
- Fix text alignment issue in celebrate invite modal (merge request)
- [387601] GitHub import: prevent reviewer index violation (merge request)
- Propagate instrumentation params for etag-hits (merge request)
- Fix button alignment by using CSS transform (merge request)
- Apply CSP for Zuora across the application (merge request) GitLab Enterprise Edition
- Remove title case (merge request)
- Update pipeline sec report when dismissing a finding via modal (merge request) GitLab Enterprise Edition
- Fix matching license policy names when contains whitespaces (merge request) GitLab Enterprise Edition
- Fix GitLab Migration groups & projects visibility levels to be preserved (merge request)
- Fix Python indentation in the diffs colors preview (merge request)
Changed (187 changes)
- Prepare async foreign key validation for ci_job_artifacts (merge request)
- Don't create namespaces when importing project using GH import Rake task (merge request)
- Remove image_url requirement on ReleaseHighlights (merge request)
- Adds field public_package to package details graphql (merge request)
- Add
Limitable
to project and group CI variables (merge request) - Allow deploy tokens and deploy keys with the external authorization (merge request)
- Add pipeline schedule finder by id (merge request)
- Remove flag epic cache counts flag (merge request)
- Hide retry button when no permissions (merge request) GitLab Enterprise Edition
- Return token and ID information from /runners/verify REST endpoint (merge request)
- Remove unlimited members alert (merge request) GitLab Enterprise Edition
- Account for setting when syncing approval rules (merge request) GitLab Enterprise Edition
- Prepare async foreign key validation for ci_build_report_results (merge request)
- Prepare async foreign key validation for ci_build_needs (merge request)
- Add retry button to status checks in mobile view (merge request)
- Add tracking to tier-badge experiment (merge request) GitLab Enterprise Edition
- Update to docutils 0.19 and python 3.9.6 (merge request)
- Default enable FF validate environment tier presence (merge request)
- Update font weight of all blocked MR messages (merge request) GitLab Enterprise Edition
- Increase KaTeX expansion limit (merge request)
- Show only "Your activity" as default tab in the Activity dashboard (merge request)
- Redirect to success page when all verification steps are completed (merge request) GitLab Enterprise Edition
- Refresh DORA metrics on incident reopen (merge request) GitLab Enterprise Edition
- Add index to web_hook_logs (merge request)
- Apply fix width to dropdown (merge request)
- Display workItemIid in requirements' list and detail views (merge request) GitLab Enterprise Edition
- Update milestone where runner registration token is disabled (merge request)
- Migrate Ref selector to Listbox (merge request)
- Remove OTP from being required for Webauthn (merge request)
- Updates the ux on Experiments List (merge request)
- Small tweaks to custom roles REST endpoints (merge request) GitLab Enterprise Edition
- Prepare index for vulnerability_reads (merge request)
- Update assign epic quick command permissions (merge request) GitLab Enterprise Edition
- Updated Taiwan country name (merge request) GitLab Enterprise Edition
- Validate notification integrations channel limit (merge request)
- Return "Unknown" when license cannot be found (merge request) GitLab Enterprise Edition
- Move read_internal_note to project and group policies (merge request)
- Improve re-import experience for GitLab direct transfer (merge request)
- Datahelpers for Git abuse rate limiting alerted users (merge request) GitLab Enterprise Edition
- Removes ci_remove_character_limitation_raw_masked_var feature flag (merge request)
- changed: Replace ref_switcher in projects/graphs/charts.html.haml (merge request)
- Add migration to rename ci_runner_machines.machine_xid (merge request)
- This MR removes spying on component method (merge request) GitLab Enterprise Edition
- Update copy on manual variables form (merge request)
- Migrates branches_dropdown.vue to GlCollapsibleListbox (merge request)
- Clean up record_projects_target_platforms feature flag (merge request)
- Migrate confidential MR dropdown to listbox (merge request)
- Add max-width and wrapping to dropdown breadcrumb (merge request)
- Change default value for :inbound_job_token_scope_enabled to true (merge request)
- Move namespace onboarding to only be during registration (merge request) GitLab Enterprise Edition
- Fix registry-list deselecting items after select all (merge request)
- Remove feature flag only_allow_merge_if_all_status_checks_passed (merge request) GitLab Enterprise Edition
- Add Email to Audit Event APIs (merge request) GitLab Enterprise Edition
- Cleanup MultiStore FF used by RepositoryCache (merge request)
- Stores Batched Background Migration info to artifacts (merge request)
- Advanced Search migration to backfill traversal_ids on projects (merge request) GitLab Enterprise Edition
- Update project naming guidelines help text (merge request)
- Add validation to License Approval Policy JSON Schema (merge request) GitLab Enterprise Edition
- This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
- Add help text to
Restricted visibility levels
checkboxes (merge request) - Upgrade Alert - Add proper API support (merge request)
- Disable Feedback use in Finding serializer when deprecated (merge request) GitLab Enterprise Edition
- Move CancelPendingPipelines step to run async (merge request)
- Update Jira integration form microcopy (merge request)
- Remove the ENV UPDATE_INDEX (merge request) GitLab Enterprise Edition
- Change icon size to small in Importer status badge (merge request)
- Enable dast_site_validation_drawer flag by default (merge request) GitLab Enterprise Edition
- Add proper display for rate limits on GitLab migration (merge request)
- This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
- Avoid polling if in an update variables state (merge request)
- Add unlimited members alert (merge request) GitLab Enterprise Edition
- Update tooltip for DAST site profile field (merge request) GitLab Enterprise Edition
- Add Email to Audit Event CSV report (merge request)
- Ignore task items in html block comments (merge request)
- Document PKCE support in OmniAuth OpenID Connect client (merge request)
- Change learn gitlab ci/cd link to pipelines page (merge request)
- Store GitHub Import stats in DB (merge request)
- Split Sign-in/Register buttons & update the copy on SaaS logged-out nav (merge request)
- Fixes header wrapping on comments (merge request)
- Restyle Analytics metric popover (merge request)
- gitaly_client: Always enable eager housekeeping for manual jobs (merge request)
- Display time until the next package cleanup (merge request)
- Include namespace from source when preloading users for indexing (merge request) GitLab Enterprise Edition
- Check out to gitlab-development-kit/gitlab (merge request)
- Default enable project_members_index_by_project_namespace (merge request)
- This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
- Update icon reference to grip (merge request)
- Update runner maintenance note field (merge request)
- Changes method for spreading jobs in GitHub Import (merge request)
- Align read_freeze_period permissions with read_environment by @nfason (merge request)
- This MR adds disabled state for runner tags (merge request) GitLab Enterprise Edition
- Add JetBrains Mono as WebIDE editor font (merge request)
- Change PipelineFinder to perform exact comparison of name (merge request)
- Adds sort order by relative_position to Work Item Hierarchy Widget (merge request)
- Add pointing_at_oids and peel_tags to ListRefs RPC (merge request)
- Update breadcrumbs at Admin Area > Messages > Edit by @quatauta (merge request)
- Set refactor_vulnerability_filters to true (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.46.0 (merge request)
- Update dependency auto-build-image to v1.28.0 (merge request)
- Change retry to run again jobs (merge request)
- Handle page-level errors from the parent component (merge request) GitLab Enterprise Edition
- Hide On-Demand scan actions from auditor (merge request) GitLab Enterprise Edition
- Order groups by id when searching for approvers (merge request) GitLab Enterprise Edition
- Uses Watchdog instead of Sidekiq Memory killer (merge request)
- Add popovers to runner upgrade stat items (merge request) GitLab Enterprise Edition
- Raise default CI variable limits (merge request)
- Rollout preferred_language_switcher by @icbd (merge request)
- Handle mulitline blockquotes in lists (merge request)
- Ref Switch dropdown migration (merge request)
- Add software_license_policies.security_orchestration_policy_configuration_id column (merge request) GitLab Enterprise Edition
- Add group releases resolver to create GraphQL endpoint by @missy-davies (merge request)
- Remove access level default for protected environments table (merge request)
- Improve wiki sidebar (merge request)
- Change releases empty state design (merge request)
- Add schema_version to main index mapping (merge request) GitLab Enterprise Edition
- Read GraphQL PackageLinks to render link on package versions page (merge request)
- Move job status badge to runner status column (merge request)
- Add url_hash column to web_hook_logs (merge request)
- Use invoice preview API to calculate plan pricing for SaaS purchase (merge request) GitLab Enterprise Edition
- Restructure CI variables modal help links (merge request)
- Migrate project combo selects away from select2 (merge request)
- Ensures plpgsql extension is installed (merge request)
- Update Rugged to v1.5.1 (merge request)
- Marks migrations as complete when creating a new index (merge request) GitLab Enterprise Edition
- Add state validation in addon purchase flow (merge request) GitLab Enterprise Edition
- Add new line if cursor in prefix area of list item (merge request)
- Update PackageLicenses.fetch to use batched query (merge request) GitLab Enterprise Edition
- Truncates package version in packages list page (merge request)
- Correct semantic version to conform with SemVer by @lusitania (merge request)
- Include namespaces in project searches when query contains '/' (merge request)
- Transition todos#index to use Pajamas::ButtonComponent (merge request)
- Cleanup css for header styles (merge request)
- Update status checks docs and remove incorrect text in settings (merge request) GitLab Enterprise Edition
- Add index to web_hook_logs (merge request)
- Expose issues and merge request links in Releases API by @nfason (merge request)
- Remove AWS runner deployment modal (merge request)
- Refactor migration to process more data (merge request) GitLab Enterprise Edition
- Allow GITLAB_SIMULATE_SAAS outside development (merge request)
- Deprecate API to generate guidance on runner setup (merge request)
- Use GraphQL to load the Group Contribution Analytics page (merge request) GitLab Enterprise Edition
- Remove rules to disable job when enforced by security policies (merge request) GitLab Enterprise Edition
- Removes char limitation for Ci::Maskable (merge request)
- Migrates projects_dropdown.vue to GlCollapsibleListbox (merge request)
- Revert reusing processable in Seed::Build evaluation (merge request)
- Migrate indexing restrictions away from select2 (merge request) GitLab Enterprise Edition
- Change contributors page to use Vue RefSwitcher (merge request)
- Open Release Evidence JSON in a new tab instead of downloading (merge request)
- Change runner registration text copy (merge request)
- Add filters and sorting options to projects finders (merge request)
- Migrate group template setting away from select2 (merge request) GitLab Enterprise Edition
- This MR adds selector for runners tags (merge request) GitLab Enterprise Edition
- Update group's projects buttons (merge request)
- Update 2fa register buttons (merge request)
- Treat all release asset links as external (merge request)
- Adds GraphQL data attributes to contribution analytics (merge request) GitLab Enterprise Edition
- Fix the offences introduced by Gitlab/DelegatePredicateMethods by @edith007 (merge request)
- Remove graphql_code_quality_full_report flag (merge request)
- Update buttons to pajamas (merge request)
- Update import buttons to pajamas (merge request)
- Update Support/get-help link in ? nav menu (merge request)
- Drop user details fields from users table by @brianjaustin (merge request)
- Switch to upstream omniauth_openid_connect gem (merge request)
- Add Search Curation Settings to ApplicationSettings (merge request)
- ServiceDesk: Added footer and header messages to outgoing emails (merge request)
- Migrate admin namespace dropdown to listbox (merge request)
- This MR migrates Dropdown to GlDisclosureDropdown (merge request)
- Add project field to ci job type (merge request)
- Change usages of "specific" runner to "project" (merge request)
- Update todo done-reversable styles (merge request)
- Update background migration buttons (merge request)
- Track registraion of all users in snowplow (merge request)
- Change Application destroy button to danger (merge request)
- Update all Slack installations for workspace (merge request) GitLab Enterprise Edition
- refactor: Add flags
--to-sha
and--from-sha
to command by @Ashvith (merge request) GitLab Enterprise Edition - Switch draft state toggle to use a checkbox (merge request)
- Fix tree root alignment on the right side (merge request) GitLab Enterprise Edition
- Expand chain-of-custody report from merge commits to all commits (merge request) GitLab Enterprise Edition
- Show coupon code input for small breakpoints (merge request) GitLab Enterprise Edition
- Add Remediation type for Security Report Findings (merge request) GitLab Enterprise Edition
- Update incident timeline typography (merge request)
- Enable Code Quality Inline Findings feature flag by default (merge request) GitLab Enterprise Edition
- Rename web_hook_calls column to _high (merge request)
- Fix GraphQL descriptions for markdown fields (merge request)
- Adjust the GroupsProjectController urgency (merge request) GitLab Enterprise Edition
- Pods: Make Application Settings to be part of
gitlab_main_cluster
(merge request) - Clean up
package_registry_access_level
feature flag by @wwwjon (merge request) - Remove skip_ensure_merge_request_diff FF (merge request)
Deprecated (5 changes)
- Announce deprecation of queue selector (merge request)
- Deprecate
Projects::ServiceType
interface (merge request) - Deprecate external field in Releases and Release Links APIs (merge request)
- Deprecate external field in GraphQL ReleaseAssetLink type (merge request)
- Change runner registration token reset removal milestone to 17.0 (merge request)
Removed (10 changes)
- Revert addition of model experiments navbar item (merge request)
- Drop
revokable
fromachievements
by @Taucher2003 (merge request) - Experiment cleanup promote_premium_billing_page (merge request)
- gitaly_client: Remove unused embedded errors for trivial cases (merge request)
- Ignore application_settings.clickhouse_connection_string column (merge request)
- Contact sales experiment cleanup (merge request)
- Remove scan_execution_tags feature flag (merge request)
- Remove live preview
- Remove live preview (merge request)
- Remove cluster image scanning from Security Configuration page (merge request)
Security (8 changes)
- Update Gitaly version
- Add prevent rule on locked MRs to policy (merge request) GitLab Enterprise Edition
- Prevent default branches from storing paths
- Security fix dynamic child pipeline zip extraction
- Validate Issuable description max length on update
- Add size validation for Chart.yaml during file extraction
- Update Rails to 6.1.7.1 to address security vulnerabilities (merge request)
- Prevent new invalid oauth_access_token records (merge request)
Performance (17 changes)
- Release improved cache headers for archive and raw blobs (merge request)
- Only load terraform banner js on project overview (merge request)
- Improve the loading of packages tags (merge request)
- Improve performance of artifacts management page (merge request)
- Preload missing resources while exporting projects in Import/Export (merge request)
- Enable batching for local and project includes for CI (merge request)
- Enable bulk_cron_worker_auto_requeue by default (merge request) GitLab Enterprise Edition
- Performance optimization for Projects API (merge request)
- Enable parallel bulk worker by default (merge request) GitLab Enterprise Edition
- Fix N+1 queries in the root level
issues
query (merge request) - Optimize CSV issue export to use find_each (merge request)
- Remove ci_limit_complete_hierarchy_size feature flag (merge request)
- Migrate legacy dropdown on admin emails page (merge request)
- Removing FF jobs_api_keyset_pagination as it is enabled on production (merge request)
- Add migration for backfilling traversal_ids in a single project (merge request) GitLab Enterprise Edition
- Removing move_create_deployments_to_worker FF (merge request)
- Add GitLab Migration rate limits (merge request)
Other (70 changes)
- Remove unused original_filename column (merge request)
- Fix partition ids for ci_job_variables records (merge request)
- Copy over code from on-call schedules (merge request)
- Support expect-old-oid for ff_merge and merge methods (merge request)
- Extracts incubation page creation (merge request)
- Track events coming from the Web IDE (merge request)
- Upgrade gitlab-styles to 10.0.0 (merge request)
- Remove searchable_fork_targets feature flag (merge request)
- Update the gitaly gem to 15.9.0-rc3 (merge request)
- Use the delete branch worker (merge request)
- Allows wrapping for diff notes (merge request)
- Add Snowplow instrumentation for id_tokens usage (merge request)
- Refactor async index creation (merge request)
- Schedule ci_builds FK indexes for async creation (merge request)
- Adds bigint conversion to start migrating existing data (merge request)
- Revert changes from
structure.sql
andinit_structure.sql
(merge request) - Replace authorization check on TestReportType (merge request) GitLab Enterprise Edition
- Including disable_ddl_transaction! in migrating int PKs to bigint docs (merge request)
- Add MainClusterwide::ApplicationRecord and new connection (merge request)
- Remove qurantined spec (merge request)
- Remove projects_preloader_fix feature flag (merge request)
- Track usage of g_runner_fleet_read_jobs_statistics (merge request)
- Finalize backfill migration for environment tier (merge request)
- Use help_page_url in HAML to resolve Gitlab/DocUrl cop rule by @sato11 (merge request)
- Remove route_hll_to_snowplow feature flag (merge request)
- Clarify BatchedBackgroundMigrations documentation examples (merge request)
- Remove FF validate-release-with-author (merge request)
- Throttle number of concurrent started entities during GitLab Migration (merge request)
- Skip trueup check if license does not contain (merge request) GitLab Enterprise Edition
- Remove dependency_list_exporter feature flag (merge request)
- Fix flaky spec in Debian distribution signatures (merge request)
- Refactor CSV importer classes (merge request)
- Update Gitlab Shell to v14.16.0 (merge request)
- Upgrade rails to 6.1.7.2 (merge request)
- Remove
customizable_roles_per_user
feature flag (merge request) GitLab Enterprise Edition - Fixed overlapping line, button style (merge request)
- Remove search_page_vertical_nav feature flag (merge request)
- Remove highlight paid features during active trial experiment (merge request)
- Removing feature flag gitlab_metrics_error_rate_sli (merge request)
- Fix Style/RedundantSelf offenses by @mhdasm3 (merge request)
- Revert "Merge branch 'sc1-rate-limiting-migrator' into 'master'" (merge request)
- Change issue task list item dropdown feature flag (merge request)
- Refactor CSV exporter classes (merge request)
- Documenting upgrading database migration version (merge request)
- Remove experimental code for 'readme_from_gitaly' FF (merge request)
- Update rspec-rails gem to 6.0.1 version (merge request)
- Validate uniqueness of entity full path (merge request)
- Update link to point to correct doc (merge request)
- Remove skip_notes_diff_include flag (merge request)
- Remove FE logic (merge request)
- Clarify which users are added from a group to a project by @zillemarco (merge request)
- Add instrumentation for CI id_tokens usage (merge request)
- Remove PREVENT_LOAD_BALANCER_RETRIES_IN_TRANSACTION ENV variable usages (merge request)
- Remove the ignore rules for container_repository_updated_event_id (merge request)
- Remove feature flag 'commit_search_trailing_spaces' (merge request)
- Remove jira_connect_oauth_self_managed FF (merge request)
- Remove disable_anonymous_search feature flag (merge request)
- Removing the grace period for BackgroundMigration/FeatureCategory cop (merge request)
- Add snowplow tracking to report abuse form (merge request)
- Add Rubocop rule to raise when docs url is used directly in strings by @sato11 (merge request)
- Update to latest json gem version (merge request)
- Removing immediate_delete_subgroup_api feature flag (merge request) GitLab Enterprise Edition
- Move time calculation to logging method, add specs (merge request)
- Remove rate_limit_issuable_searches feature flag (merge request)
- Default enable hash_oauth_secrets (merge request)
- Remove
utilize_finding_data
feature flag (merge request) GitLab Enterprise Edition - Clear the merge error on a Merge Request when transitioning to Merged (merge request)
- Enforcing Gitlab::Database::Migration[2.1] as new DB migration version (merge request)
- Remove Gitlab::Redis::DuplicateJobs (merge request)
- Clean-up feature flag
hash_based_cache_for_protected_branches
(merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Feb. 21, 2023, midnight
name
15.9.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!