GitLab CE - 16.4.0
Security
(2023-09-21)
Added (179 changes)
- Create list for standards adherence report (merge request) GitLab Enterprise Edition
- Add keyset pagination support for /users endpoint (merge request)
- Add documentation for Self-Managed Code Suggestions (merge request)
- Added create api for instance level gcp destinations (merge request) GitLab Enterprise Edition
- Support multiline comment for code generation (merge request) GitLab Enterprise Edition
- Expose
vulnerability_events
integrations field (merge request) GitLab Enterprise Edition - Added delete api for instance gcp config (merge request) GitLab Enterprise Edition
- Enable package_metadata_advisory_sync and... (merge request) GitLab Enterprise Edition
- Add /award quick action for work items (merge request)
- Added instance level gcp destination streaming (merge request) GitLab Enterprise Edition
- Graphql endpoint for listing all custom roles (merge request) GitLab Enterprise Edition
- Added archived filter for commits scope (merge request) GitLab Enterprise Edition
- Added archived filter for blobs scope (merge request) GitLab Enterprise Edition
- Add OpenSUSE 15.5 to the support OS page (merge request)
- Update severity count based on dismissal reason (merge request) GitLab Enterprise Edition
- Include the merge commits when checking if appoval is allowed (merge request)
- Support specifying TLS settings in resque.yml (merge request)
- Allow filtering by dismissal reason in vulnerabilitySeveritiesCount (merge request) GitLab Enterprise Edition
- Add snowplow_database_collector_hostname app setting (merge request)
- Create personal access token for workspaces without one (merge request) GitLab Enterprise Edition
- Add experimental info as warning (merge request)
- Added archived filter for notes scope (merge request) GitLab Enterprise Edition
- Add rest endpoints for group CA (merge request) GitLab Enterprise Edition
- Add basic input params restrictions (merge request) GitLab Enterprise Edition
- Enable merge_sbom_api FF (merge request) GitLab Enterprise Edition
- Create list for standards adherence report (merge request) GitLab Enterprise Edition
- Silent Mode - Add experiment badge (merge request)
- Enable UI portion for violation export (merge request) GitLab Enterprise Edition
- Adds duo_api scope for GitLab Duo endpoints (merge request) GitLab Enterprise Edition
- Add graphql mutation for continuous vuln scans (merge request) GitLab Enterprise Edition
- Update milestones search query to filter archived project results (merge request)
- Adds timestamp to sbom report (merge request) GitLab Enterprise Edition
- Updated issuable update mutations allowing null to reset time estimate by @zillemarco (merge request)
- Include has_merge_request field to vulnerabilities graphql (merge request) GitLab Enterprise Edition
- Include has_merge_request filter to vulnerabilities read finder (merge request) GitLab Enterprise Edition
- Allow to list group dashboard visualizations with GraphQL (merge request) GitLab Enterprise Edition
- Add cvs toggle to project security settings (merge request)
- Add refresh assignment worker (merge request) GitLab Enterprise Edition
- Adds Service Desk custom email (merge request)
- Show warning for single database connection (merge request)
- Implement /authorized_certs internal endpoint (merge request)
- Add help popover for dismissal reasons (merge request) GitLab Enterprise Edition
- Add the UserType in create/remove addon response (merge request) GitLab Enterprise Edition
- Create audit_events_amazon_s3_configurations table (merge request) GitLab Enterprise Edition
- Add setting for enabling Continuous Vulnerability Scans (merge request) GitLab Enterprise Edition
- Create index to support uuid typecasting asynchronously (merge request)
- Enable resolvable issue threads by default (merge request)
- GraphQL: Add analytics dashboards listing for groups (merge request) GitLab Enterprise Edition
- Include has_merge_request to vulnerabilities read model (merge request) GitLab Enterprise Edition
- Migration to add root_namespace_id to project_statistics (merge request)
- Silent Mode - Add UI Support (merge request)
- Create background migration to create compliance standards adherence (merge request)
- Call cleanup worker (merge request) GitLab Enterprise Edition
- Peek sidebar when mouse is over the toggle (merge request)
- Add group transfer hook for zoekt (merge request) GitLab Enterprise Edition
- List api for instance level gcl config (merge request) GitLab Enterprise Edition
- Add previousStageJobs field to JobType (merge request)
- Added archived filter to merge_request (merge request) GitLab Enterprise Edition
- Added filters button to search results (merge request)
- Display job external links in sidebar by @KyleFromKitware (merge request)
- Add API endpoint to get license usage data (merge request) GitLab Enterprise Edition
- Basic logic for tracking projects/groups visits in the backend (merge request)
- Release Security Policy branch exceptions (merge request) GitLab Enterprise Edition
- Introducing basics for protecting packages by @gerardo-navarro (merge request)
- Enahnce GraphQL to add fields for lockable labels (merge request)
- Remove hide_deprecated_billing_plans FF (merge request) GitLab Enterprise Edition
- Added archived filter for issues scope (merge request) GitLab Enterprise Edition
- Expose adminWorkItemLink permission in work items (merge request)
- Close similar abuse reports when primary abuse report is closed (merge request)
- Persist approval_settings and any_merge_request rules in policies (merge request) GitLab Enterprise Edition
- Release branch_exceptions feature flag for SaaS (merge request) GitLab Enterprise Edition
- Add Packages::Nuget::Symbol model and corresponding db table (merge request)
- Geo: Add Object Storage verification (filesize check) (merge request) GitLab Enterprise Edition
- Adds Service Desk custom email reply address (merge request)
- Enable on-hover flyout menus in sidebar of new navigation (merge request)
- Chore: add instance and docker-autoscaler executor types by @ar-mali (merge request)
- Adds support for runs/search MLflow API (merge request)
- Support registries to resync all and reverify all via GraphQL (merge request) GitLab Enterprise Edition
- Provide and edit dismissal reason when dismissing finding (merge request) GitLab Enterprise Edition
- Update MATLAB.gitlab-ci.yml to add a new
build
job by @sameagen-MW (merge request) - Add notify_only_broken_pipelines field to Telegram (merge request)
- Added model validation and list active attribute for header (merge request) GitLab Enterprise Edition
- Add license type to dependency type (merge request) GitLab Enterprise Edition
- Add force_full_reconciliation field to workspaces (merge request)
- Add ComponentsFinder (merge request) GitLab Enterprise Edition
- Sessions cookie key to be configurable in development environment (merge request)
- Prepare async index for pipeline_id_convert_to_bigint (merge request)
- Sync create indexes for ci_stages pipeline_id conversion (merge request)
- Add extra attributes to Internal events tracking on frontend (merge request)
- Add validation for legacy epic issue relation (merge request) GitLab Enterprise Edition
- Add actual time that the MR was merged to merged MR list (merge request)
- Audit user password reset failure events (merge request) GitLab Enterprise Edition
- Adds Export Sbom APIs (merge request) GitLab Enterprise Edition
- Adding cached markdown fields to Review LLM Summaries (merge request)
- Support for include:rules:changes (merge request)
- Add state header to notification emails (merge request)
- Add vsd banner (merge request) GitLab Enterprise Edition
- Add foreign key for ci_pipeline_chat_data.pipeline_id_convert_to_bigint (merge request)
- Add foreign key for ci_pipeline_messages.pipeline_id_convert_to_bigint (merge request)
- Add cosign template (merge request)
- Add merged_commit_sha to merge_requests (merge request)
- Update advisory scanning to only scan recent (merge request) GitLab Enterprise Edition
- Release expose_dismissal_reason feature (merge request)
- Add a GraphQL query to get organization users (merge request)
- Create cron job to ensure merge requests are prepared (merge request)
- Table and model for instance level gcp config added (merge request) GitLab Enterprise Edition
- Add cleanup worker (merge request) GitLab Enterprise Edition
- Associate projects with organization (merge request)
- Add support for nuget v2 OData package entity endpoints (merge request)
- Display activity for similar open abuse reports when aggregated (merge request)
- Add
pages_path_prefix
job option (merge request) - Send email when resource access token about to expire (merge request)
- Adds page URL params for packages list pagination (merge request)
- Prepare async index for pipeline_id_convert_to_bigint (merge request)
- Remove scan_execution_group_bot_users feature flag (merge request) GitLab Enterprise Edition
- Migration for service account users be declared as external (merge request) GitLab Enterprise Edition
- Prepare async index for pipeline_id_convert_to_bigint (merge request)
- Enable VSD count aggregation setting (merge request)
- Add BrowserSDK for page view tracking to Gitlab.com (merge request)
- Exclude archived projects from blob search (merge request) GitLab Enterprise Edition
- Add logo to integrations page (merge request)
- Allow verification of files in Object Storage (merge request) GitLab Enterprise Edition
- Remove elevated_guests FF (merge request) GitLab Enterprise Edition
- Add Geo bulk mark verification pending in batches (merge request) GitLab Enterprise Edition
- Add external issue author to graphql for service desk (merge request)
- Implement VSD GraphQL query (merge request) GitLab Enterprise Edition
- Add user_list to feature_flag api by @zhanglinjie (merge request)
- Backfill ProjectStatistics to use recent size (merge request)
- Add patch_id_sha column to approvals (merge request)
- Add filter argument to linkedItems field (merge request)
- Add group merge request approval setting for SAML (merge request)
- Remove the scan_execution_bot_users feature flag (merge request) GitLab Enterprise Edition
- Add scan policies count to security_orchestration_helper (merge request) GitLab Enterprise Edition
- Prepare async index for pipeline_id_convert_to_bigint (merge request)
- Add support for approval_settings and any_merge_request in policy schema (merge request) GitLab Enterprise Edition
- Remove ai_chat_history_context feature flag (merge request) GitLab Enterprise Edition
- Create index for pipeline_id_convert_to_bigint (merge request)
- Adds merge service (merge request) GitLab Enterprise Edition
- Add vulnerability's full path to CSV export (merge request) GitLab Enterprise Edition
- Synchronously create indexes for uuid colum type migration cleanup (merge request)
- Add frontend metrics tracking for Threat Insights (merge request) GitLab Enterprise Edition
- Adds page URL params for dependency proxy pagination (merge request)
- Schedule VSD CountWorker via Cron (merge request)
- Return response from streamed request to Anthropic (merge request) GitLab Enterprise Edition
- Remove namespace_storage_forks_cost_factor feature flag (merge request)
- Add
admin_merge_request
tomember_roles
table (merge request) - Show custom emoji in issuable title in header & list (merge request) GitLab Enterprise Edition
- Add connected agents usage metric (merge request)
- Add usage data on new product analytics features (merge request)
- Add workspace variables table and add PAT to workspaces table (merge request) GitLab Enterprise Edition
- Globally Enable holt winters forecast for deployment frequency (merge request) GitLab Enterprise Edition
- Add lock_on_merge support for scoped labels (merge request)
- Expose uuid on VulnerabilityType (merge request) GitLab Enterprise Edition
- Expose solution on VulnerabilityType (merge request) GitLab Enterprise Edition
- Add a setting for allowing/disallowing duplicate NuGet package uploads (merge request)
- Add pages multiple version toggle (merge request)
- Audit delivery of confirmation emails (merge request) GitLab Enterprise Edition
- Adding decompress_archive_file_timeout to application settings (merge request)
- Add
licenses
column tosbom_occurrences
table (merge request) - Check Arkose's status, bypass captcha on sign-in if there is an outage (merge request) GitLab Enterprise Edition
- Add a background migration to fix the
namespace_id
s read records (merge request) - Add popover to experiment badge (merge request) GitLab Enterprise Edition
- Include the type of work item in related system notes (merge request)
- Show confidential information when in work item notes (merge request)
- Add a GraphQL query to get organization groups (merge request)
- Toggle on/off rollup progress (merge request) GitLab Enterprise Edition
- Display similar abuse reports in detail view of an abuse report (merge request)
- Adding name field to google cloud logging audit destinations (merge request) GitLab Enterprise Edition
- Add GraphQL mutation to unlink items from a work item (merge request)
- Handle code suggestions add-on purchase in licenses (merge request) GitLab Enterprise Edition
- Dismiss card and copy text for AI discussion summary (merge request) GitLab Enterprise Edition
- Update label views to allow setting lock_on_merge (merge request)
- Populate denormalized columns for the sbom_occurrences table (merge request)
- Add Authorizations Changed Event consumer (merge request)
- Add metrics for Vulnerability Management actions (merge request) GitLab Enterprise Edition
- Add patch_id_sha field to REST API (merge request)
- Remove post_import_repository_size_check ff (merge request) GitLab Enterprise Edition
- Expose source branch protected and squash CI vars (merge request)
- Add DeclarativePolicy patch to memoize some attributes (merge request)
Fixed (167 changes)
- Fix GitHub repositories mirror (merge request)
- Fix import of subrelations on items with 1 emoji (merge request)
- Add period for consistency (merge request)
- Change vulnerability state to detected (merge request) GitLab Enterprise Edition
- Fix vulnerability report pagination alignment (merge request) GitLab Enterprise Edition
- Change last event id columns in geo_node_statuses table to bigint (merge request)
- Removing shared_into_ancestors from members query (merge request)
- Fix opt in email option during registration (merge request) GitLab Enterprise Edition
- Add infinite scroll to source branch dropdown (merge request)
- Update merged_commit_sha in MergeRequests::RefreshService (merge request)
- Add repository_size_limit permission checks (merge request) GitLab Enterprise Edition
- Fixed sligthly off text element on CI job sidebar by @zillemarco (merge request)
- Allow auditors/admins to view VSA (merge request) GitLab Enterprise Edition
- Let people make text bigger if they want to (merge request)
- Fix Geo secondary proxying Git pulls unnecessarily (merge request) GitLab Enterprise Edition
- Hide dropdown divider if user is issuable author (merge request)
- Capture gitaly errors in Security Policies to mitigate 500 errors (merge request) GitLab Enterprise Edition
- Fix feature flag check in Routable (merge request)
- Allow Service Account to be added to SSO-enforced group (merge request) GitLab Enterprise Edition
- Change dropdown label for when 'No one' role is selected (merge request)
- Move pin button to be sibling of nav item link in new navigation (merge request)
- Fix bug with MRs now showing diffs after bitbucket importer (merge request)
- Fix icon for submodules in the commit view (merge request)
- Fix checking of parent presence in namespace method (merge request)
- This MR fixes the bug scan execution policy (merge request) GitLab Enterprise Edition
- This MR fixes the bug (merge request) GitLab Enterprise Edition
- Removes empty alert from Insights page (merge request) GitLab Enterprise Edition
- Clear SafeRequestStore often when exporting (merge request)
- Fix PipelineBatchWorker retries (merge request)
- Update horizontal spacing on runner platform options (merge request)
- Fix pipeline editor file tree spacing (merge request)
- Fix Sidekiq NameError for BackfillNotificationJobsWorker (merge request)
- Fix push event description for batches (merge request)
- Fix redirects for 2fa and finish onboarding appropriately (merge request) GitLab Enterprise Edition
- Handle an exception when Git blame is out of range (merge request)
- Fix sidebar toggle tooltip (merge request)
- Support max_byte_size settings for instance SAML (merge request)
- Fix tooltip rendering in user bar (merge request)
- Inline SyncProjectWorker call in RefreshProjectPoliciesWorker (merge request) GitLab Enterprise Edition
- Fix OAuth bug related to openid_connect (merge request)
- Fix mermaid rendering (merge request)
- Fix
admin_merge_request
custom role when the feature is private (merge request) GitLab Enterprise Edition - Remove
update_chronic_duration
feature flag (merge request) - Allow CWE(uppercase) for security training (merge request) GitLab Enterprise Edition
- Update regex and mapped usernames to handle bug (merge request)
- Fix group member invite limit rendering (merge request)
- Combine devise 2FA strategies (merge request)
- Reset required approvals for violated rules (merge request) GitLab Enterprise Edition
- Adding contentHtml to review summary types (merge request) GitLab Enterprise Edition
- Fix notification dropdown hover in work_item_actions (merge request)
- Update calendar icon spacing on environments view (merge request)
- Reindex issues to fix possible wrong values of label_ids (merge request) GitLab Enterprise Edition
- Allow dismissal_reason updates on already dismissed findings (merge request) GitLab Enterprise Edition
- Reindex work_item to fix possible wrong values of label_ids (merge request) GitLab Enterprise Edition
- Handle old usernames that are substrings of new usernames (merge request)
- Make sure active nav item in sidebar is visible (merge request)
- Stop sending user to pages they don't have access to on invites (merge request)
- Update namespace_id in standards adherence when a project is moved (merge request) GitLab Enterprise Edition
- Fix active nav item for Service Desk page (merge request)
- Put exact matches first when searching for groups to transfer (merge request)
- Hide the issue from archived project for basic search (merge request)
- Fix positioning of retry job dropdown (merge request)
- Remove checksum guard on modifying service class (merge request) GitLab Enterprise Edition
- Fix broken
learn more
link (merge request) - Reindex Issue when attached label gets deleted (merge request) GitLab Enterprise Edition
- Pipelines list: Fix focus state (merge request)
- Prevent pipeline creation while import is running (merge request)
- Pipelines list: Actions are pushed out of table (merge request)
- Properly handle
lang
attribute oncode
tags (merge request) - Ensure
include_source_code
is appropriately passed to the template (merge request) GitLab Enterprise Edition - Fix NoMethodError for ActivityPub (merge request)
- Enable sync with package metadata db by default (merge request)
- Jobs list: Fix focus states (merge request)
- Fix handling of locked scoped labels (merge request)
- Email confirmation setting to be considered (merge request) GitLab Enterprise Edition
- Limit the width of alerts on the MR page in fixed-width mode (merge request)
- Fix bug in references pipeline (merge request)
- Gitpod settings description margin bottom fix (Admin area) (merge request)
- Search query hash add filter, fix/refactor (merge request) GitLab Enterprise Edition
- GraphQL: Return error from runners query if permissions missing (merge request)
- Fix bridge policy raises an error when downstream_project is nil (merge request)
- Add background color to new MR tabs (merge request)
- Remove sideborder in incident timeline event by @zarthus (merge request)
- Note form: Normalize button spacing (merge request)
- Fix undefined method `labels' for Jira integration (merge request)
- Indicate user needs to login with primary email (merge request)
- Create iid sequence for ci_pipelines with new projects (merge request)
- Fix undefined method `labels' for Jira integration (merge request)
- Check if SBOM pipeline has ID set (merge request) GitLab Enterprise Edition
- Give dark-mode override higher specifity to fix bg color (merge request)
- Enable offset pagination FF for canceling pipelines (merge request)
- Add user allowlist to bypass Global Search rate limit (merge request)
- Include descendant members in user autocompletes (merge request)
- Fix placement of "Create new..." tooltip in navigation (merge request)
- Fix the date filter on the global time tracking report (merge request)
- Re-raise exceptions that happens during migration sampling (merge request)
- Fix source code range highlighting (merge request)
- Do not render "Create new..." menu when it's empty (merge request)
- Fix nil job JWTs when there are Gitaly connection issues (merge request)
- Fix secret detection ruleset variable suggestion (merge request) GitLab Enterprise Edition
- Refactor checking :enforce_locked_labels_on_merge (merge request)
- Remove redundant 'plan' from order summary details (merge request) GitLab Enterprise Edition
- Fix disappearing filtered search in Issues Analytics (merge request) GitLab Enterprise Edition
- Fix cluster service reindexing params (merge request) GitLab Enterprise Edition
- Add ability to search log header (merge request)
- Add username to users mapper (merge request)
- Change
Vulnerability*Finder
interaction with archived projects (merge request) GitLab Enterprise Edition - Prevents Mail::SMTP monkey patch from overriding defaults (merge request)
- Fix vertical alignment of user status sidebar (merge request)
- GraphQL: Mask CiJob.shortSha when non-authorized (merge request)
- gitaly-test-spawn: Ensure that the gitlab-shell secret exists (merge request)
- Update header-height SCSS variable to CSS custom property (merge request)
- Modify ETV to use anthropic body streaming to fix timeout problems (merge request) GitLab Enterprise Edition
- Fix vertical alignment of emoji in cover status (merge request)
- Fix reference to groupApprovers in security approvals (merge request) GitLab Enterprise Edition
- Remove unused jitsu-related settings (merge request) GitLab Enterprise Edition
- Drop bridge jobs on unknown failures (merge request)
- Fix focus mode behaviour for boards (merge request)
- Fix incorrect feature check for group level of push rules (merge request) GitLab Enterprise Edition
- Fix Job URL shows 404 when it's bridge (merge request)
- Fix discrepancy in documentation (merge request)
- Fix false audit event for non persisted members (merge request) GitLab Enterprise Edition
- Increase DROPDOWN_X_OFFSET_BASE in create menu (merge request)
- Fixes missing "locked" checkbox from project runners form (merge request)
- Read latest ingested sbom pipeline id from redis (merge request) GitLab Enterprise Edition
- This MR fixes error for branch exceptions (merge request) GitLab Enterprise Edition
- Assignees & Participants: Fix show more buttons (merge request)
- Modify query for group.first_owner (merge request)
- Markdown editor: FIx alignment of notification warning (merge request)
- Fixing LooseForeignKeys tests for single-db (merge request)
- Pipeline widget: Fix alignment of elements (merge request)
- Remove
gl-pt-2
class from sidebar search button wrapper (merge request) - Introducing LFK CleanupWorker turbo mode (merge request)
- Backfill nuget normalized version (merge request)
- GraphQL: Mask job fields when requested for a non-owned runner (merge request)
- Prevent analyzers from being excluded in scan execution pipelines (merge request) GitLab Enterprise Edition
- Enable "optimize_group_template_query" FF (merge request)
- Fix timeout on group and instance security dashboards (merge request) GitLab Enterprise Edition
- Fix broken link formatting in Gitlab for Slack App (merge request)
- Fix duplicate license_scanning approval rule in MR approvals (merge request) GitLab Enterprise Edition
- Enable feature flag "errors_utf_8_encoding" by default (merge request)
- Perform scheduled scan execution policy in a separate worker (merge request) GitLab Enterprise Edition
- Label selection dropdown: Fix first item stays selected (merge request)
- Update group path updates with NPM packages (merge request)
- Adjust VulnerabilitiesFinderResolver to accept only dismissal reason (merge request) GitLab Enterprise Edition
- Direct import fails early when 2FA requirements not met (merge request)
- Fix issue url generation for group level issues (merge request)
- Don't send Service Desk emails when it's disabled (merge request)
- Projects list: truncate project name (merge request)
- Fix "Convert to task" item showing in epics (merge request)
- Reduce interference between Duo and discussion summary (merge request) GitLab Enterprise Edition
- gitaly_client: Fix indeterministic cherry-picks and reverts (merge request)
- Fixes comma placement for codeowners (merge request) GitLab Enterprise Edition
- Fix exposing artifacts with dot slash paths (merge request)
- Fixes failed render when job stage data is missing (merge request)
- Only include branch name pipeline editor link by @AaronDewes (merge request)
- Fix deployment webhook for bridge job (merge request)
- Support BigInt in front-end for dependency proxy size (merge request) GitLab Enterprise Edition
- Fix project listbox text not wrapping (merge request)
- Update brand logo accessible name for screen readers (merge request)
- Resync direct upload object stored artifacts (merge request) GitLab Enterprise Edition
- Disable deleting approval rules from scan result policies (merge request) GitLab Enterprise Edition
- Fix page title on Compare revisions (merge request)
- Fix Microsoft Application enablement for SaaS (merge request) GitLab Enterprise Edition
- Show iteration period in collapsed sidebar (merge request) GitLab Enterprise Edition
- Surface error when need name exceeds length (merge request)
- Add support for nuget normalized version (merge request)
Changed (224 changes)
- Imports Bitbucket pull requests (merge request)
- GitLab Pages unique domain feature default enabled (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Prevent deletion of security policy bot members (merge request) GitLab Enterprise Edition
- Work Item Quick Action: Set confidentiality (merge request)
- Create service accounts as external in one query (merge request) GitLab Enterprise Edition
- Rely on disk_path for PoolRepository identification (merge request)
- Remove warning from security_and_compliance page (merge request) GitLab Enterprise Edition
- Update code creation template (merge request) GitLab Enterprise Edition
- Update Confidentiality Sidebar to Support Test Cases (merge request)
- Lower redundant pipelines lookup to 3 days (merge request)
- Tweak active nav item with avatar styling (merge request)
- Add username in Web IDE new branch suggestion (merge request)
- Salesforce login button text change (merge request)
- Make actions optional for scan result policies (merge request) GitLab Enterprise Edition
- Only include sbom_occurrences with CVS enabled (merge request) GitLab Enterprise Edition
- Default prevent_visibility_restriction on and update docs (merge request)
- Default enable custom_roles_ui_[xxx] feature flags (merge request) GitLab Enterprise Edition
- Default enable expiring member notifications (merge request)
- Adds a new Danger check for renamed/dropped columns (merge request)
- Add (un)subscribe quick actions to work items (merge request)
- Add PagesDeployment#deleted_at field (merge request)
- Add username to push and pull mirroring form (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Synchronous index for
finding_id
to thevulnerabilities
table (merge request) GitLab Enterprise Edition - Clean up
write_project_authorizations_is_unique
feature flag (merge request) - Add user preference to disable keyboard shortcuts by @FromTheStackAndBack (merge request)
- Add authorization on GET
project_import
endpoint (merge request) - Enable admin_merge_request by default (merge request) GitLab Enterprise Edition
- Add language picker to trial registration page (merge request) GitLab Enterprise Edition
- Update group and admin runners layout (merge request)
- Update dependency auto-deploy-image to v2.56.0 (merge request)
- Move approval rules sync after security findings injestion (merge request) GitLab Enterprise Edition
- Include grace period for SM add-on expiration (merge request) GitLab Enterprise Edition
- Disable license scanning job (merge request)
- Stop creating summary when MR author submits a review (merge request) GitLab Enterprise Edition
- Move import and export settings to new section (merge request)
- This MR adds grouping to settings (merge request) GitLab Enterprise Edition
- Remove exact_matches_first_group_transfer feature flag (merge request)
- Update gpgme to v2.0.23 (merge request)
- Update job sidebar and layout (merge request)
- Finalize index on merge_requests.merged_commit_sha (merge request)
- Prevent re-testing webhook logs with outdated URLs (merge request)
- Refactor experimental features toggle for non-AI features (merge request) GitLab Enterprise Edition
- Remove the FF npm_optimize_metadata_generation (merge request)
- Add purchased storage available breakdown card (merge request) GitLab Enterprise Edition
- Add export for violation report (merge request) GitLab Enterprise Edition
- Update dependencies action bar design (merge request) GitLab Enterprise Edition
- Add if active for SCIM (merge request)
- Update integrations development guidelines (merge request)
- Update integrations' status types (merge request)
- Release 1.week TTL for importer JobWaiter keys (merge request)
- This MR adds new approval settings (merge request) GitLab Enterprise Edition
- Update spacing on CI variables table (merge request)
- Update trial column (merge request)
- Introduce admin jobs refactor (merge request)
- Ban users when spamcheck returns a BLOCK verdict (merge request)
- Update illustrations (merge request)
- Lock user for 15 mins after 3 failed login attempts (merge request)
- Enable scan result policies to block changes to protected branches (merge request) GitLab Enterprise Edition
- Update Illustrations (merge request)
- Remove available on-demand badge from ODS when FIPS mode is enabled (merge request) GitLab Enterprise Edition
- Add toggle action to award emoji update mutation (merge request)
- Return an unknown license from the JSON serializer (merge request)
- Use standard merge commit for merge trains (merge request)
- Respect rebase and squash settings when creating merge train ref (merge request)
- Add Configurate button to integrations list view (merge request)
- Update ProductAnalyticsDashboard type to CustomizableDashboard (merge request)
- Remove feature flag ci_commit_statuses_api_exclusive_lock (merge request)
- Enable streaming of audit events for protected environments (merge request) GitLab Enterprise Edition
- Adding checkin reminder setting quick action (merge request) GitLab Enterprise Edition
- Update re2 gem to v2.0.0.beta2 (merge request)
- Pipelines: Migrate Artifacts dropdown (merge request)
- This MR adds option to provide custom values (merge request) GitLab Enterprise Edition
- Hide work item meta data text in small screens (merge request)
- Extend width of jobs tabs to 100% (merge request)
- Super sidebar: Lighten theme background color (merge request)
- Migrate protected branch edit dropdowns to vue by @ShaneMaglangit (merge request)
- Migrate protected branch create dropdowns to vue by @ShaneMaglangit (merge request)
- Removing feature flag ff_external_audit_events (merge request) GitLab Enterprise Edition
- Support for marking Gitsign certs as Unverified by @ChevronTango (merge request)
- Update job sidebar UI (merge request)
- Move labels.scss to page_bundles from page_specific_bundles (merge request)
- Remove tooltip from "Apply" button for suggestions (merge request)
- This MR adds human readable strings (merge request) GitLab Enterprise Edition
- Fix highlighted tab on compliance center page (merge request) GitLab Enterprise Edition
- Update SAST auto-resolution comment to include link with more context (merge request) GitLab Enterprise Edition
- Add protected paths for get request by @zhanglinjie (merge request)
- Add
user.id
toexplain_vulnerability
cache key (merge request) GitLab Enterprise Edition - Pipeline Editor cleanup (merge request)
- Make the BitBucket Cloud importer parallel (merge request)
- Add audit event for changed user profile visiblity (merge request) GitLab Enterprise Edition
- Use (merge request)
- Update dependency auto-build-image to v1.41.0 (merge request)
- Update vulnerability_states filter to match default value (merge request) GitLab Enterprise Edition
- Fix scan execution policy CI variables for pipelines (merge request) GitLab Enterprise Edition
- Update pipeline checking pipeline status tooltip (merge request)
- Update adherence_report_ui ff scope (merge request) GitLab Enterprise Edition
- Geo Sites Form - Use namespace full_name (merge request) GitLab Enterprise Edition
- Re-implement language switcher for registrations (merge request)
- This MR adds new rule builder (merge request) GitLab Enterprise Edition
- Update vulnerability_reads trigger to set has_merge_request (merge request)
- Make License.feature_available? check for Registration Features (merge request)
- Initialize the conversion for shared_runners_duration (merge request)
- Remove min_access_level check (merge request) GitLab Enterprise Edition
- Increase the string limits for regex fields in push_rules (merge request) GitLab Enterprise Edition
- Convert members.user_id to LFK (merge request)
- Update show raw log icon button (merge request)
- Migrate to clipboard_button helper in commit box (merge request)
- Standardize language and terminologies across pipelines (merge request)
- Enable group_level_dependencies by default (merge request) GitLab Enterprise Edition
- Disable on demand scans when in FIPS mode (merge request) GitLab Enterprise Edition
- Display Confidential Icon in Project Test Cases List (merge request) GitLab Enterprise Edition
- Add exclusive lock to ensure only one pipeline is created (merge request)
- Ensure note id column swapping has finished for self managed (merge request)
- Updating UI text (merge request)
- Add slot for externalAuthor (merge request)
- Allow group maintainers to see group runner list (merge request)
- Replacing AuditEventService with Gitlab::Audit::Auditor by @TamsilAmani (merge request) GitLab Enterprise Edition
- Fixed user registration bug when no import sources selected (merge request) GitLab Enterprise Edition
- Rename ambiguosly named settings in pinned section (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- UI polish on the webhook log page (merge request)
- Remove the feature flag harbor_registry_integration (merge request)
- Enable fill_in_mr_template by default (merge request)
- Enable automatically_summarize_mr_review by default (merge request) GitLab Enterprise Edition
- Clean up support_ci_environment_variables_in_job_rules feature flag (merge request)
- Adds a single ops feature flag to disable all database feature flags (merge request)
- Add
finding_id
to thevulnerabilities
table (merge request) GitLab Enterprise Edition - Allow personal access token authentication in Kubernetes proxy (merge request)
- Add diagonal tolerance when moving the mouse towards flyout menu (merge request)
- Use Pajamas compliant clipboard btn in doorkeeper (merge request)
- Keep SAML Identity when deprovisioning via SCIM (merge request) GitLab Enterprise Edition
- Update gitlab-elasticsearch-indexer to 4.3.9 (merge request)
- URL parsing and sanitizing logic added for Relay State (merge request) GitLab Enterprise Edition
- Update job log page UI (merge request)
- Update validates_hostname gem (merge request)
- Migrate work_item_actions to GlDisclosureDropdown (merge request)
- Delay display of pinning buttons in sidebar (merge request)
- Migrate to PJ compliant button in merge_requests_helper (merge request)
- Update gitlab-pages (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Backfill prometheus integrations into http_integrations table (merge request)
- Add streaming capabilities for chat (merge request) GitLab Enterprise Edition
- Update job sidebar UI (merge request)
- Add re-deploy button (merge request)
- Migrates dependency proxy header dropdown to disclosure (merge request)
- Update user list component error message (merge request)
- Fix scan policies count to security_orchestration_helper (merge request) GitLab Enterprise Edition
- Migrate test report widget to V2 (merge request)
- Allow guest user seat assignment (merge request) GitLab Enterprise Edition
- Updates component fetching (merge request)
- Migrate work_item_links_menu to GlDisclosureDropdown (merge request)
- Improve Docker-in-Docker troubleshooting documentation (merge request)
- Migrates packages shared cli-commands dropdown to disclosure (merge request)
- Use Pajamas button component for Mattermost (merge request)
- Convert notification_settings.user_id to LFK (merge request)
- Remove seats_in_use_for_free_or_trial flag (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Add name to GCP logging streaming destinations (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request)
- Cached project-based ETAG lookup for GitHub email for a user (merge request)
- Use new ci badge link on last commit section (merge request)
- Add Confidential Attribute to CreateTestCase Mutation (merge request) GitLab Enterprise Edition
- Update button variant to newer options (merge request)
- Use browser language setting for registration flows (merge request)
- Pipeline: Change label for triggerer (merge request)
- Update dependency auto-deploy-image to v2.55.0 (merge request)
- Expose config option to show swagger operationId (merge request)
- Use Pajamas compliant clipboard button (merge request)
- Enable Sidekiq JSON logging by default (merge request)
- feat: Add new filter option
runner_type
to jobs page in admin area by @gerardo-navarro (merge request) - Move job sidebar buttons to header (merge request)
- Use lighter gray for failed jobs toggle (merge request)
- Jobs list: Change created by (merge request)
- Use Action Cable to update notes in real-time (merge request)
- Pipelines Pagination spacing (merge request)
- Convert routes.namespace_id to LFK (merge request)
- Quarantined flaky invite feature spec becuase of broken master (merge request)
- Make search button in navigation more prominent by @deep-swaraj (merge request)
- Enable geo_proxy_lfs_batch_requests by default (merge request) GitLab Enterprise Edition
- Update top-bar on new project/group pages to be fixed to top of viewport (merge request)
- Remove unneeded template options, handle nil prompt situation (merge request) GitLab Enterprise Edition
- Set merge_request_refs_cleanup default_enabled: true (merge request)
- Updates error message and documentation for interpolator (merge request)
- Migrate security_report_download_dropdown to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
- Remove summarize_diff_vertex feature flag (merge request) GitLab Enterprise Edition
- Refactor inline-findings Drawer (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Enable
unbatch_graphql_queries
feature flag globally (merge request) - Update ruby_parser to v3.20.3 (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Add limit for group count within namespaces (merge request) GitLab Enterprise Edition
- Use SSH URL in composer metadata source entry for non-public projects by @nickygerritsen (merge request)
- Add optional client_subscription_id (merge request) GitLab Enterprise Edition
- Enable emoji_webhooks feature flag by default (merge request)
- Respect merge method and squash preferences for merge train ref (merge request)
- Update premium and ultimate titles in plans table (merge request)
- Add protected branch warning (merge request)
- Migrate protected tag dropdowns to vue by @ShaneMaglangit (merge request)
- Migrate pagination bar dropdown to disclosure by @ShaneMaglangit (merge request)
- Update dependency auto-build-image to v1.40.0 (merge request)
- Prevent name collision between migrations (merge request)
- Change default theme to light gray (merge request)
- Migrate to GlCollapsibleListbox in work_item_activity_sort_filter (merge request)
- Sidebar navigation: Change badge background (merge request)
- Introduce schedules refactor (merge request)
- Implement explain vuln anthropic, use vertex by default (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v1.39.0 (merge request)
- Add PagesDomain#certificate_key length validation (merge request)
- Include double colon inside the translation (merge request) GitLab Enterprise Edition
- Remove FF search_projects_hide_archived (merge request)
- Access tokens - show token name in delete copy by @zarthus (merge request)
- Updated feedback URL (merge request) GitLab Enterprise Edition
- Update placeholder in GitLab Duo text input (merge request) GitLab Enterprise Edition
- Set max widths on project repository settings inputs (merge request)
- Disable feature flag using v1 package metadata sync (merge request) GitLab Enterprise Edition
- Add job status badges to runners list (merge request)
- Remove legacy plan reference from plan presenter (merge request) GitLab Enterprise Edition
- Sync validate foreign key for pipeline_id_convert_to_bigint (merge request)
- Update hex values (merge request)
- Update dependency auto-deploy-image to v2.54.0 (merge request)
- Rollout advanced_search_decrease_indexing_timeout (merge request) GitLab Enterprise Edition
Deprecated (4 changes)
- Make BuildSuccessWorker no-op (merge request)
- Redirect legacy /admin/geo/replication/projects route (merge request) GitLab Enterprise Edition
- Mark unused jitsu-related columns as ignored (merge request)
- Deprecate rake gitlab:list_repos (merge request)
Removed (23 changes)
- Remove cache_pages_domain_api feature flag (merge request)
- Drop unused design_registry table (merge request) GitLab Enterprise Edition
- Remove tasks to be done from onboarding and invite emails (merge request)
- Remove module github.com/grpc-ecosystem/go-grpc-middleware (merge request)
- Remove artifacts page feedback banner (merge request)
- Remove feature flag explain_current_blob (merge request)
- Remove legacy BitBucket Server importer (merge request)
- Cleanup feature flag security_policy_approval_notification (merge request) GitLab Enterprise Edition
- Remove :group_mentions feature flag (merge request)
- Remove deprecated wiki status data from Geo Sites Status API (merge request) GitLab Enterprise Edition
- Clean up project callout three (merge request)
- Remove CTE backward compatibility code (merge request)
- Remove unused namespace details columns for free user cap (merge request)
- Remove free user cap email notification workers (merge request) GitLab Enterprise Edition
- Remove dashboard_notification_limit column (merge request)
- Remove tmp_idx_vuln_reads_where_dismissal_reason_null index (merge request)
- Remove summarize_review_vertex feature flag (merge request)
- Remove Ultimate feature removal banner (merge request)
- Remove batched_api_mergeability_checks FF (merge request)
- Remove role required before action (merge request)
- Clean-up registration_verification feature flag (merge request)
- Perform step 2 in removal of unused dashboard columns (merge request)
- Remove code_suggestions_third_party_alert (merge request) GitLab Enterprise Edition
Security (17 changes)
- Enforce that the policy is executed by the bot user
- Bump query number on spec
- Update commonmarker to 0.23.10
- Service account users should be external by default
- Prevent namespace level banned users from accessing API
- Additional permission check when editing label
- Remove DAST secret variables when URL is updated
- Fix ReDOS in bulk_imports endpoint params
- Add authorization checks to import status endpoint
- Maintainer can leak sentry token by changing the configured URL
- Check prohibit_outer_forks in fork relationship api
- Remove channel properties from API when channels are masked by @Taucher2003 (merge request)
- Prevent traversal for
path
parameter in refs/switch endpoint - Requires write_model_experiments on mlflow api
- Remove GCP private key from streaming audit events UI
- Gitaly keyset pager when pagination none only with tree view
- Prefix agent tokens with
glagent-
(merge request)
Performance (10 changes)
- Cache security policy YAML (merge request) GitLab Enterprise Edition
- Fix performance problem with Projects#new page (merge request) GitLab Enterprise Edition
- Optimize regexp matching (merge request) GitLab Enterprise Edition
- Drop index_deployments_on_id_where_cluster_id_present (merge request)
- Fix long sleeps removing load balancing hosts (merge request)
- Drop an index from the deployments table (merge request)
- Improve rich viewer frontend rendering (merge request)
- Remove an index on deployments table async-ly (merge request)
- Drop index_deployments_on_id_where_cluster_id_present async-ly (merge request)
- Remove duplicate empty state check (merge request)
Other (76 changes)
- Restart sent_notifications column swap for self-installed (merge request)
- Skips disconnecting old hosts when there is no need (merge request)
- Use partitioned table on CommitStatus (merge request)
- Set minimum pipeline batch size in RedisCacheStore (merge request)
- Remove .and_call_original as redundant (merge request) GitLab Enterprise Edition
- Create the sync migration of the prepared_at created_at index removal (merge request)
- Create the sync migration of the prepared_at created_at index addition (merge request)
- List related work items in the work item relationship widget (merge request) GitLab Enterprise Edition
- Add sync index on
projects.organization_id
(merge request) - Remove feature flag introduce_ci_max_total_yaml_size_bytes (merge request)
- Backfill has_merge_request on existing vulnerability_reads records (merge request)
- Include the issues in advanced project search on archived project (merge request) GitLab Enterprise Edition
- Include merge requests in advanced project search on archived project (merge request) GitLab Enterprise Edition
- Manually analyze partitioned tables (merge request)
- Remove compressed_package_metadata_query flag (merge request) GitLab Enterprise Edition
- Added --location note to job artifacts api docs by @zillemarco (merge request)
- Prepare async index on file_final_path (merge request)
- Poll dual namespace for sidekiq by default (merge request)
- Remove commits documents from the main index (merge request) GitLab Enterprise Edition
- Simplify gitlab container repository delete tags services by @edith007 (merge request)
- Move Full stop period out of "Learn More" link by @jrachelr1 (merge request) GitLab Enterprise Edition
- Remove search_index_integrity feature flag (merge request) GitLab Enterprise Edition
- Remove command_palette feature flag (merge request)
- Add histogram for Redis pipeline size (merge request)
- Create a Work items relationship widget shell (merge request)
- Add a migration to force commit reindex some projects (merge request) GitLab Enterprise Edition
- Write a migration to backfill archived on milestones (merge request) GitLab Enterprise Edition
- Convert credit card validation data to hashes in database (merge request)
- Use a single flags for AI experimentation endpoint (merge request) GitLab Enterprise Edition
- Clean up
flux_resource_for_environment
feature flag (merge request) - Remove multi_pipeline_scan_result_policies feature flag (merge request) GitLab Enterprise Edition
- Update Gitlab Shell version to 14.27.0 (merge request)
- Add migration to sync ScanResultPolicyRead (merge request)
- Rename Tofa experimentation endpoint to Vertex (merge request) GitLab Enterprise Edition
- Add pipeline trigger tokens finder by @missy-davies (merge request)
- Add archived in MilestoneInstanceProxy (merge request) GitLab Enterprise Edition
- Remove AiProxyHelper and SelfManagedi::ProxyRequest (merge request) GitLab Enterprise Edition
- Remove non-hashtag key fallback in manifest-import metadata (merge request)
- Remove PAT field for Code Suggestions (merge request) GitLab Enterprise Edition
- Add linked items widget to Ticket work item type (merge request)
- MonitorLockedTablesWorker to automatically lock tables (merge request)
- Add schema_version to notes (merge request) GitLab Enterprise Edition
- Add schema_version to snippets (merge request) GitLab Enterprise Edition
- Remove the product_analytics_snowplow_support feature flag (merge request)
- Move
Project#pages_lookup_path
toPages::VirtualDomain
(merge request) - Add migration to backfill archived field for blobs (merge request) GitLab Enterprise Edition
- Request proofreader permission by @zhaoqi01 (merge request)
- Extract token selector input and create a shared component (merge request)
- Add schema_verison to milestones (merge request) GitLab Enterprise Edition
- Cleanup unused code related to old abuse reports list implementation (merge request)
- Sync Prometheus updates from integrations table to http integrations (merge request)
- Add current user todos widget to Epic work item type (merge request)
- Remove refactor_merge_service feature flag (merge request)
- Remove
descendant_security_scans
feature flag (merge request) GitLab Enterprise Edition - Add schema_version to merge_requests (merge request) GitLab Enterprise Edition
- Rescue RecordNotUnique exception silently (merge request) GitLab Enterprise Edition
- Adds class for MlModel packages (merge request)
- Detecting duplicate btree indexes (merge request)
- Switch go go-redis client (merge request)
- Fill null values of user_preferences table with their default values (merge request)
- Fill null values of users table with their default values (merge request)
- Convert merge_request_user_mentions.note_id to bigint for self-managed (merge request)
- Test(Subscription): activating second license (merge request) GitLab Enterprise Edition
- Correcting typos of "existence" (merge request)
- Revert "Add project_runners_vue_ui feature flag" (merge request)
- Tweaked run e2e test message to avoid confusion for non team members by @zillemarco (merge request)
- Convert issue_user_mentions.note_id to bigint for self-managed (merge request)
- Ensure id uniquness across p_ci_builds partitions (merge request)
- Refactor CI External::Rules class to use Entry class (merge request)
- Clean up environment_details_vue feature flag (merge request)
- Convert system_note_metadata.note_id to bigint for self-managed (merge request)
- Remove self_managed_code_suggestions_completion_api FF (merge request)
- Remove code_suggestions_tokens_from_customers_dot FF (merge request)
- Remove completed partition_id migrations (merge request)
- Convert design_user_mentions.note_id to bigint for self-managed (merge request)
- Migrate etag cache store from SharedState to Cache (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Sept. 21, 2023, midnight
name
16.4.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!