GitLab CE - 16.5.0
Security
(2023-10-20)
Added (140 changes)
- Add branch field to Telegram integration (merge request)
- Add validation for restrictions on work item links (merge request)
- Optimize index for adjourned project deletion (merge request)
- Add parent widget to work items (merge request) GitLab Enterprise Edition
- VSD drill-down links inherit labels from panel filter (merge request) GitLab Enterprise Edition
- Increased the limit of linked items that can be added at the time (merge request)
- feat: Add graphql query for package protection rules by @gerardo-navarro (merge request)
- Hide snippets of banned users (merge request)
- Add counts with no DORA data within scope (merge request) GitLab Enterprise Edition
- Adds notes to abuse reports backend (merge request)
- Enable the print_wiki feature flag by default (merge request)
- Convert user columns in projects to LFKs (merge request)
- Add Cloud Connector service design doc (merge request)
- Add ancestors field to hierarchy widget (merge request)
- Adding GraphQL endpoint for blocking merge requests (merge request) GitLab Enterprise Edition
- Enable Global Search For Epics by @sd5869 (merge request) GitLab Enterprise Edition
- Allow container registry with disabled repository by @Taucher2003 (merge request)
- Boilerplate for /-/ml/models/{model_id} (merge request)
- Remove the server_side_frecent_namespaces feature flag (merge request)
- Add container scanning properties (merge request)
- Add "Manage Project Access Tokens" custom permission (merge request) GitLab Enterprise Edition
- Create notes for new issuable links in async job (merge request)
- Prevent delete protected branches via security policies (merge request) GitLab Enterprise Edition
- Support HTML in merge request review AI summary (merge request)
- Remove the verification_reminder feature flag (merge request) GitLab Enterprise Edition
- Add default related link restrictions (merge request)
- Enable Vulnerability Report Grouping feature flag by default (merge request) GitLab Enterprise Edition
- Trigger webhook on delete release event (merge request)
- Establishes dependency between migrations and BBMs (merge request)
- Add status_message to package graphql payload (merge request)
- Add manage group members as custom permissions (merge request) GitLab Enterprise Edition
- Add option to turn off math rendering limits (merge request)
- Add support for group mention events to Discord integration by @Taucher2003 (merge request)
- Remove api_keyset_pagination_multi_order FF (merge request)
- Adding new scope for_package_name for package protection rule by @gerardo-navarro (merge request)
- Add database indexes for hashed in user_credit_card_validations (merge request)
- Remove batch_delay_jira_branch_sync_worker feature flag (merge request)
- feat: Introducing basics for protecting containers by @gerardo-navarro (merge request)
- GraphQL API for updating audit event streaming amazon_s3_configurations (merge request) GitLab Enterprise Edition
- Enable new Service Desk list by default (merge request)
- Add ambiguous ref modal (merge request)
- Add push/pull token for rename API (merge request)
- Adding update api for instance GCP (merge request) GitLab Enterprise Edition
- Implement mergeabilityChecks GraphQL field (merge request)
- Add a tooltip to include archived filter (merge request)
- Add migration for locking on login attempts settings (merge request)
- Remove declarative policy gem cached attributes patch (merge request)
- Reads mail-key from CC in general email receiver (merge request)
- Add configurable API requests setting (merge request)
- Add rails support for GetFileAttributes RPC (merge request)
- Hide snippets of banned users (merge request)
- Add add_child quick action for work items (merge request)
- Cleanup index_nuget_symbol_files feature flag (merge request)
- Adds pagination to model index (merge request)
- Add remediations filter to finder (merge request) GitLab Enterprise Edition
- Expose
has_failures
attribute in Direct Transfer API (merge request) - Add deployment events as supported by discord integration by @Taucher2003 (merge request)
- Added missing states to GraphQL UserState by @jboeijenga (merge request)
- Enable fast-forward and semi-linear merge trains (merge request)
- feat: Add graphql mutation to create package protection rules by @gerardo-navarro (merge request)
- Update vulnerability_reads after remediation creation (merge request)
- Added possibility to filter notes on the GraphQL resolver by @zillemarco (merge request)
- Disallow reserved domains from being verified (merge request) GitLab Enterprise Edition
- Updates model experiments visibility through API (merge request)
- Add support for pull request reviewers (merge request)
- Add clickhouse logs to production (merge request)
- Add vulnerabilities column to sbom_occurrences (merge request) GitLab Enterprise Edition
- Add export route and worker for CSV (merge request) GitLab Enterprise Edition
- Change value streams project ids filter contraint (merge request)
- Added active param while header creation (merge request) GitLab Enterprise Edition
- Add Enterprise group attributes to admin UI (merge request) GitLab Enterprise Edition
- Index nuget symbol files (merge request)
- Adding feature for activating or deactivating headers (merge request) GitLab Enterprise Edition
- Add scope and service for statistics usage export (merge request) GitLab Enterprise Edition
- Update epic hierarchy restrictions records (merge request)
- Add work items related link restrictions table (merge request)
- Add API for listing audit events amazon_s3_configurations for a group (merge request) GitLab Enterprise Edition
- Add integrations placeholder (merge request)
- Add API for creating amazon_s3_configurations for audit event streaming (merge request) GitLab Enterprise Edition
- Added syntax options drawer document (merge request) GitLab Enterprise Edition
- Expose access_locked? as locked (merge request)
- Add new filters to issues completed count (merge request) GitLab Enterprise Edition
- Add missing has_merge_request argument (merge request) GitLab Enterprise Edition
- Remove linked item from the work item (merge request) GitLab Enterprise Edition
- Add set_parent quick action for work items (merge request)
- Displays ai_features token only when available (merge request) GitLab Enterprise Edition
- Implement REST API to create (limited) PAT with PAT (merge request)
- Schedule CronJob to refresh assigned users (merge request) GitLab Enterprise Edition
- Allow to persist value stream settings (merge request) GitLab Enterprise Edition
- Ingest CVSS vectors if given (merge request) GitLab Enterprise Edition
- Update config_version & force_full_reconciliation for stale workspaces (merge request) GitLab Enterprise Edition
- Reschedule finding_id backfilling (merge request)
- Add feature to stream audit events to Amazon S3 destinations (merge request) GitLab Enterprise Edition
- Introduce new column on approval merge request rules (merge request)
- Force include all resources logic for workspaces (merge request) GitLab Enterprise Edition
- Support NuGet Delete Service (merge request)
- Add regex validation to string CI inputs (merge request)
- Create table and model for value stream settings (merge request) GitLab Enterprise Edition
- Add foreign key for ci_stages.pipeline_id_convert_to_bigint (merge request)
- Add foreign key for ci_sources_pipelines bigint conversion (merge request)
- Allow actor override when Direct Transfer disabled (merge request)
- Set patch_id_sha on record creation (merge request)
- Add foreign key for ci_pipelines.auto_canceled_by_id_convert_to_bigint (merge request)
- Enable group_level_licenses by default (merge request) GitLab Enterprise Edition
- Adding OKR checkin reminder email notifications (merge request) GitLab Enterprise Edition
- Add documentation for locked labels (merge request)
- Broadcast chat messages to all clients (merge request) GitLab Enterprise Edition
- Add container registry DB enabled flag to usage ping (merge request)
- Cleanup after vulnerability_occurrences.uuid type migration (merge request)
- Ability to search and link work item (merge request)
- Release
admin_merge_request
granular permission (merge request) GitLab Enterprise Edition - Populate finding_id in manual Vulnerability creation service objects (merge request) GitLab Enterprise Edition
- Display a ref type icon in the ref selector (merge request)
- Make GraphQL note and user types countable (merge request)
- Add 'latest_released_at' column to catalog_resources table (merge request)
- Limit number of issues that can be linked to an issue (merge request)
- Create p_ci_finished_build_ch_sync_events table (merge request) GitLab Enterprise Edition
- Add cvss column to vulnerabilities table (merge request)
- Sync create indexes for ci_sources_pipelines pipeline_id conversion (merge request)
- Save draft new releases to local storage (merge request)
- Add security policy schema to block unprotecting branches (merge request) GitLab Enterprise Edition
- Add an option to use
unidiff
format for diff API responses (merge request) - Manage achievements order on profile by @Taucher2003 (merge request)
- Typecast both query sides to UUID for safe type migration (merge request)
- Create temporary index on uuid column to support typecasting (merge request)
- Add compare button to tree view page (merge request)
- Add last_assigned_users_refreshed_at column (merge request)
- Add new column to hierarchy restrictions table (merge request)
- Move repository storage to BasicProjectDetails (merge request)
- Add force_include_all_resources field to workspaces (merge request)
- Add support for nuget v2 feed download endpoint (merge request)
- Track weight and sprint_id for VSA issues (merge request)
- Record and display fetched GitHub PR reviewers (merge request)
- Apply filtering of projects by topic for DORA score counts (merge request) GitLab Enterprise Edition
- Geo Replicables - SSF Bulk Actions UI (merge request) GitLab Enterprise Edition
- Add hasParent to issue type (merge request) GitLab Enterprise Edition
- Backfill vulnerabilities.finding_id column (merge request)
- Ensure backfill of default branch protection setting (merge request)
- Sync create indexes for ci_pipelines pipeline_id conversion (merge request)
- Sync creation of i_compliance_violations_for_export (merge request)
Fixed (152 changes)
- Fix combined negated filters for issues (merge request)
- Toggle Auto DevOps extra settings (merge request)
- Fix param names in RelatedLinksCreateWorker (merge request)
- Add work_item_related_link_restrictions to deletion exceptions (merge request)
- Clear AI availability check when members get added (merge request) GitLab Enterprise Edition
- Fix bleeding of page size selector in vulnerability report grouping (merge request) GitLab Enterprise Edition
- Update last_assigned_users_refreshed_at column (merge request) GitLab Enterprise Edition
- Improve create VSA error messaging (merge request) GitLab Enterprise Edition
- Fix missing UI text (merge request)
- Gracefully handle space-delimited scopes in registry /jwt/auth requests (merge request)
- Fix k8s namespaced services list (merge request)
- Do not send empty strings as a chunk (merge request) GitLab Enterprise Edition
- Allow expand/collapse with chevron on vulnerability report grouping (merge request) GitLab Enterprise Edition
- Update mime-types to v3.5.1 and mime-types data to 3.2023.1003 (merge request)
- Catch semver_dialects parse errors (merge request) GitLab Enterprise Edition
- Remove the routing when container exists in wiki cleanup from elastic (merge request) GitLab Enterprise Edition
- Use UntrustedRegexp with inputs regex (merge request)
- Fixed users API docs using a PAT that triggered secret detection by @zillemarco (merge request)
- Fix gitlab_username_claim support for OmniAuth providers (merge request)
- Fix pipeline schedules view when owner is nil (merge request)
- Update migration worker preflight check (merge request) GitLab Enterprise Edition
- Check supported versions when querying compressed package metadata (merge request) GitLab Enterprise Edition
- Switch success to primary variant in split_button (merge request) GitLab Enterprise Edition
- Allow empty email field on LDAP entry (merge request)
- Do not save linked resources if the incident is not persisted (merge request)
- Import missing projects specific CSS on more list pages (merge request)
- Fix regression for breadcrumbs styling after moving projects.scss (merge request)
- Render user menu dropdown list items in
<ul>
(merge request) - Block un-UTF-8-able tag names (merge request)
- Fix work item child items widget overflow (merge request)
- Prevent Meta+K default behaviour in rich text editors by @a.shreya202 (merge request)
- Reindex wikis to fix routing and backfill archived (merge request) GitLab Enterprise Edition
- Remove "Skip to main content" link from navigation when logged out (merge request)
- Fix super sidebar update for learn gitlab when updating percent (merge request) GitLab Enterprise Edition
- Fix text overflow in performance bar in text only zoom mode in FF (merge request)
- Fix Direct Transfer stage incorrect execution order due to failures (merge request)
- Fetch missing commits during Bitbucket server import (merge request)
- Geo: Avoid getting resources stuck in Queued (merge request) GitLab Enterprise Edition
- Fix GraphQL ConnectionFilterExtension for list types by @zzaakiirr (merge request)
- Show task icon instead of status in linked item widget (merge request)
- Do not show runner manager as online when registering (merge request)
- Filter k8s services by namespace (merge request)
- Remove active scope in add-on purchase lookup for SM (merge request) GitLab Enterprise Edition
- Fix dummy email for omniauth integrations (merge request)
- Fix spelling corrections not working in RTE (merge request)
- Return 400 Bad Request if request parameters cannot be decoded (merge request)
- Fix Jira issues with 'Done' status do not appear on vulnerability page by @egor-kh (merge request) GitLab Enterprise Edition
- Fix vulnerability statistics gathering query for A grade projects (merge request) GitLab Enterprise Edition
- Fix jest console error on unit tests (merge request)
- Updates schema validation index query (merge request)
- Hide logo images from accessibility tree (merge request)
- Prevent serialization from failing in RTE (merge request)
- Fixes MLflow run search compatibility (merge request)
- Fix failing migration when commit_message_negative_regex is missing (merge request)
- Fixes error when mail without to header in ServiceDeskHandler (merge request)
- Fix vulnerability statistics calculation query (merge request) GitLab Enterprise Edition
- Fix validation error not shown on first click (merge request)
- Protected environment settings modal overflow fix (merge request) GitLab Enterprise Edition
- New navigation display tooltip on keyboard focus (merge request)
- Gracefully handle exceptions (merge request)
- Maintain elasticsearch for epics on label deletion (merge request) GitLab Enterprise Edition
- Temporarily allow listing cross join (merge request)
- Prevent existing undeleted user access to return true (merge request)
- Remove new repository on failed replication (merge request)
- Add nav element to logged out header (merge request)
- Disable group readme mountpoint when gitlab-profile project is private by @Taucher2003 (merge request)
- MR sidebar toggle button position fix (merge request)
- Code generation: skip trailing white spaces suffix (merge request) GitLab Enterprise Edition
- Fix GitHub Import workers from aborting when rate limit is reached (merge request)
- Keep locking_version when updating partitioned records (merge request)
- Fix Security Policy Bot not created when SAML is enabled (merge request) GitLab Enterprise Edition
- Fix issue creation from pipeline security modal (merge request)
- Front-end support for bigint board weight fields (merge request) GitLab Enterprise Edition
- ChatOps calls should record user activity (merge request)
- Enable k8s cluster when CI/CI is disabled by @abhiandthetruth (merge request)
- Fix update of optional_approvals in bot comment (merge request) GitLab Enterprise Edition
- Prevents note column swap migration to fail (merge request)
- Do no re-enqueue timed-out bulk imports (merge request)
- Disable routing in delete for force wiki reindexing (merge request) GitLab Enterprise Edition
- Fix draft comment files not loading (merge request)
- Fix pages custom domain requests being redirected to unique domain (merge request)
- ToDo: Fix count when not filtered (merge request)
- Set pipeline schedule owner_id to importer user when importing (merge request)
- Attempt to parse Redis cert_file and key_file only if defined (merge request)
- Fix GraphQL API for clearing issue contacts (merge request)
- Update vulnerability_read when vulnerability dismissed (merge request) GitLab Enterprise Edition
- Fix GraphQL userNotesCount when not logged in (merge request)
- Cache database_id before doing other work (merge request)
- Fix dropdown alignment in new navigation (merge request)
- Performance Bar: Fix darkmode link color (merge request)
- Fix ci pipeline reference when pushing duplicate NuGet package (merge request)
- Recover environments that are stuck stopping (merge request)
- Invite project mmembers overlay dropdown overflow fix (merge request) GitLab Enterprise Edition
- Fix security policy bot not created when group does not allow new users (merge request) GitLab Enterprise Edition
- Show work item comments locked only after loading (merge request)
- Fix experiment rollout logic (merge request)
- Fixed VSA multi-select project dropdown (merge request)
- Return 401 token invalid form graphql (merge request)
- ToDo badge: Fix count when list is filtered (merge request)
- Stops log from resetting line in every section (merge request)
- Avoid account lockout when account password automatically set (merge request)
- Fix permissions on :read_pipeline_schedule (merge request)
- Keep branch name in a search input (merge request)
- Fix avatar wrapping in work items child objectives widget (merge request)
- Remove orphaned approval rules for imported project/merge request (merge request)
- Revert auth changes on the Composer registry package endpoint (merge request)
- Update ChatName activity timestamp throttle (merge request)
- Remove extra spacing around epic header actions (merge request)
- Child issues and epics widget: Fix alignment and overflow issue (merge request) GitLab Enterprise Edition
- Fix position of job sidebar with performance bar enabled (merge request)
- Fix "Continue editing" button being retained (merge request)
- Add preload hint for GitLab Sans italic font (merge request)
- Prevent modification of security_policy_bot members (merge request) GitLab Enterprise Edition
- Fixes confidentiality handling of NoteForm component (merge request)
- Fix enum fields data propagation (merge request)
- Fix auto-scrolling to Markdown anchors (merge request)
- Limit GraphQL job trace HTML summary to 16KiB (merge request)
- Remove list marker and href attribute (merge request)
- Ensure TLS is disabled with
dind
service in Code Quality template (merge request) - Ensure consistent behavior when LDAP encryption config missing (merge request)
- Add merged_commit_sha to queries for merge requests (merge request)
- Fix Direct Transfer stages execution order (merge request)
- Fix composer API to work with CI job token by @ar-mali (merge request)
- Ensure empty relation file exists on disk even if nothing was exported (merge request)
- Add redirecting to identity verification success page back (merge request) GitLab Enterprise Edition
- Fix NoMethodError on CreateBotService when authorization is enabled (merge request) GitLab Enterprise Edition
- Fixes overflow of username in note header in the timeline (merge request)
- Use a more robust extraction function to get the file hash (merge request)
- Send notification emails using background worker (merge request)
- Fix WorkItemUpdate mutation permissions (merge request)
- Add missing provider ID field (merge request) GitLab Enterprise Edition
- Resolve tooltip on navigation toggle button staying visible on mobile (merge request)
- Add report abuse button to epic actions (merge request)
- Remove extra margin on members tabs (merge request)
- Fix missing sha default in merge trains API (merge request) GitLab Enterprise Edition
- Support Microsoft Graph pagination (merge request) GitLab Enterprise Edition
- Fix N+1 for indexing epics and milestones (merge request) GitLab Enterprise Edition
- InternalEvents.track_event should be called with objects and not ids (merge request)
- Fix merge request header icons (merge request)
- Super sidebar contextual header restore font-weight (merge request)
- Verify VSD point target_project_id (merge request) GitLab Enterprise Edition
- Improve ci schema to support several forms of scripts by @pm9551 (merge request)
- Fix invalid HTML markup in super sidebar (merge request)
- This MR adds check for namespace (merge request) GitLab Enterprise Edition
- Only add confirmed accounts directly as member (merge request)
- Fix Markdown rendering references inside inline diff (merge request)
- Fix CLI messages for project limits in SM (merge request) GitLab Enterprise Edition
- Fix mobile alignment of MR AI summary (merge request)
- Fixing import list pagination bug (merge request)
- Fix incorrect SystemHook GitLab header (merge request)
- Fixes the .merge-request-tabs-holder background color in darkmode (merge request)
- Don't signal MR rebase if on current fast-forward train (merge request) GitLab Enterprise Edition
Changed (221 changes)
- Remove user dropdown from terms layout (merge request)
- Display name of user that triggered CI on candidate table by @zzaakiirr (merge request)
- Swap the columns for ci_pipeline_variables (merge request)
- Update devise-two-factor to 4.1.1 (merge request)
- Add logo to PivotalTracker integration (merge request)
- Update tanuki image for new user onboarding (merge request) GitLab Enterprise Edition
- Remove loading spinner in feature flagged todo button (merge request)
- Update similar_by_holder_name & similar_records in CreditCardValidation (merge request)
- Migrate cancel button iin shared/notes/form (merge request)
- Migrate group_dropdown to import_target_dropdown (merge request)
- Move epic notifications and todos (merge request)
- Remove unused blob header files (merge request)
- Remove unncessary typecasting in SQL queries (merge request) GitLab Enterprise Edition
- Improve test case action dropdown (merge request) GitLab Enterprise Edition
- Migrate GlDropdown component to use GlCollapsibleListbox (merge request)
- Remove feature flag database_analyze_on_partitioned_tables (merge request)
- Add pipeline name to GraphQL API (merge request)
- Add Confidentiality Checkbox to New Test Case Form (merge request) GitLab Enterprise Edition
- Add system-out and system-err to test parsing by @evigeant (merge request)
- Remove summarize_diff_abstraction_layer feature flag (merge request) GitLab Enterprise Edition
- Added logging to TokensController (merge request)
- Upgrade GitLab Pages to latest version (merge request)
- Update adherence_report_ui ff to default enabled (merge request)
- Dark mode label fix (merge request)
- Update notifications documentation (merge request)
- Geo Sites Form - Migrate Namespace Dropdown (merge request) GitLab Enterprise Edition
- Remove domain verification SSO redirect feature flag (merge request) GitLab Enterprise Edition
- Add contribution analytics to registration features (merge request) GitLab Enterprise Edition
- Add geo_handle_after_create to all replicators (merge request) GitLab Enterprise Edition
- Import LFS objects (merge request)
- Add internal API to receive zoekt heartbeats (merge request)
- Add logo to Jira integration (merge request)
- Add logo to Pushover integration (merge request)
- Update empty state component (merge request)
- Update dependency auto-deploy-image to v2.59.1 (merge request)
- Migrate the epic actions dropdown to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
- Synch index addition for index_vulnerabilities_on_project_id_and_id (merge request) GitLab Enterprise Edition
- Remove dead code in pipeline presenter (merge request)
- Add schedules pagination (merge request)
- Remove search_commits_hide_archived_projects flag (merge request)
- Fixing rubocop testid exceptions No. 3 (merge request) GitLab Enterprise Edition
- Improve order of mention autocomplete results (merge request)
- Remove search_blobs_hide_archived_projects flag (merge request)
- Move notifications and todos on issues (merge request)
- Ci::BuildNeed name limit increase (merge request)
- Activate and deactivate streaming headers (merge request) GitLab Enterprise Edition
- Migrate kerberos copy url button (merge request)
- Record a custom attribute when auto banning users (merge request)
- MR widget: Align environment button with widget expand button (merge request)
- Domain edit page: Migrate clipboard button (merge request)
- MR sidebar: Migrate clipboard buttons (merge request)
- Add project count for namespace API when admin (merge request) GitLab Enterprise Edition
- Clone repo clipboard button migration (merge request)
- Remove deprecated_clipboard_button from user homepage (merge request)
- SSH Key detail page: Migrate clipboard button (merge request)
- Commit SHA align appearance across pipeline, job, mr (merge request)
- Swap the columns for ci_sources_pipelines (merge request)
- Move projects.scss to page_bundles (merge request)
- Remove deprecated_clipboard_button in Slack (merge request)
- Swap the columns for ci_stages (merge request)
- Swap the columns for ci_pipelines (merge request)
- Make sure scoped label remove icon is visible (merge request)
- Change add-on availability to use UserAssignment (merge request) GitLab Enterprise Edition
- Add instance GCP logging streaming destinations (merge request) GitLab Enterprise Edition
- Migrate split_button to button group with Listbox (merge request) GitLab Enterprise Edition
- Remove move_close_into_dropdown feature flag (merge request)
- Add (gpg_key_id, id) index to gpg_signatures (merge request)
- Update dependency auto-deploy-image to v2.59.0 (merge request)
- Pass CVSS to common security report parser (merge request) GitLab Enterprise Edition
- Make impossible to turn on Rugged feature flags (merge request)
- Enable streaming for gitlab duo (merge request) GitLab Enterprise Edition
- Add email custom text to registration features (merge request) GitLab Enterprise Edition
- Update related epic links permissions (merge request) GitLab Enterprise Edition
- Geo: Proxy Git fetch/clone over SSH via Gitlab Shell (merge request) GitLab Enterprise Edition
- Removed MAX_PANELS_LIMIT for Value Streams Dashboard by @tedtran2019 (merge request) GitLab Enterprise Edition
- Change epic daterange dropdown to use listbox (merge request) GitLab Enterprise Edition
- Create deployments for ready-to-run jobs only (merge request)
- Modify ETV Anthropic implementation to remove precanned response text (merge request) GitLab Enterprise Edition
- Swap the columns for ci_pipeline_chat_data (merge request)
- Add issue analytics to registration features (merge request) GitLab Enterprise Edition
- Use font-display: swap for custom fonts (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Clean up the feature flag search_milestones_hide_archived_projects (merge request) GitLab Enterprise Edition
- Remove redundant version in runner details (merge request)
- Extract runner package host to constants.js by @orozot (merge request)
- Update dependency auto-deploy-image to v2.58.1 (merge request)
- Stop showing the explore plans link on the billing page (merge request) GitLab Enterprise Edition
- Use
InOperatorOptimization
for group vulnerabilities (merge request) GitLab Enterprise Edition - Changes props on GlFormInut, GlFormSelect & GlDatepicker (merge request)
- Update tag size in warning alert (merge request)
- Add group wiki to registration features (merge request) GitLab Enterprise Edition
- Database backup script supports overriding individual database settings (merge request)
- Set force_include_all_resources to default true in database (merge request)
- Override project approval settings (merge request) GitLab Enterprise Edition
- Fix complaince in admin mode (merge request) GitLab Enterprise Edition
- Remove redundant details in runner page (merge request)
- Project overview Edit button fix (merge request)
- Remove
group_level_licenses
feature flag (merge request) GitLab Enterprise Edition - Add licenses to group level dependency list export (merge request) GitLab Enterprise Edition
- Update illustrations (merge request)
- Move notifications and todos to buttons at top of page (merge request)
- Clean up automatic_trial_registration experiemnt (merge request) GitLab Enterprise Edition
- Enable semi-linear merge trains (behind feature flag) (merge request) GitLab Enterprise Edition
- Add the readme tab to the CI catalog details (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.58.0 (merge request)
- Fix broken master (merge request)
- Update loading of streaming destinations (merge request) GitLab Enterprise Edition
- Restructure Catalog details page (merge request) GitLab Enterprise Edition
- Improve spacing vulnerability details buttons (merge request) GitLab Enterprise Edition
- Allow restoring a specific backup with server-side backups (merge request)
- Update copy on welcome page during free registration (merge request) GitLab Enterprise Edition
- Remove group_level_dependencies ff (merge request) GitLab Enterprise Edition
- Allow group owner access to ssh certs api (merge request) GitLab Enterprise Edition
- Migrate build_timeout to respect the max (merge request)
- Add logo to Telegram integration (merge request)
- Use attachment_color for embed colors in Discord integration by @Taucher2003 (merge request)
- Pipeline detail: Update CiIcon to CiBadgeLink (merge request)
- Show additional access levels for custom roles (merge request) GitLab Enterprise Edition
- Update Jira links (merge request)
- This MR prevents page refresh (merge request) GitLab Enterprise Edition
- Shows all recorded metrics for a candidate (merge request)
- Save Vertex AI Access Token in database (merge request) GitLab Enterprise Edition
- Add logo to Bamboo integration (merge request)
- Rack::Attack - consider /oauth endpoints as API endpoints (merge request)
- Swap the columns for ci_pipeline_messages (merge request)
- Aligns upgrade badge to the surrounding text (merge request)
- Update mermaid version to 10.5.0 (merge request)
- Child issues and epics widget: Add empty message (merge request) GitLab Enterprise Edition
- Sync validate foreign key for ci_sources_pipelines (merge request)
- Sync validate foreign key for ci_pipelines (merge request)
- Add dev documentation for bitbucket importer (merge request)
- Add Sidebar Confidentiality Widget to Test Cases (merge request) GitLab Enterprise Edition
- Allow terraform reports to be seen with a blocked/incomplete state by @vermainfinite (merge request)
- Remove geo_batch_count feature flag (merge request) GitLab Enterprise Edition
- Use cronjob to delete old pages deployments (merge request)
- Remove references to lfs_batch_direct_downloads (merge request)
- Geo Sites - Migrate GlDropdown (merge request) GitLab Enterprise Edition
- Use CiBadgeLink instead of CiIcon for Pipeline Mini Graph (merge request)
- Add refresh_interval to gitlab:elastic:info (merge request) GitLab Enterprise Edition
- Performance Bar improvements (merge request)
- Remove redundant runner version upgrade alert (merge request) GitLab Enterprise Edition
- Adding OKR checkin reminder todo item (merge request) GitLab Enterprise Edition
- Fix grammar in approval rules docs (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Enable cached_security_policies by default (merge request) GitLab Enterprise Edition
- Create pending status check responses per MR (merge request) GitLab Enterprise Edition
- Update the upgrade badge to contain more details (merge request) GitLab Enterprise Edition
- Sync validate foreign key for ci_stages (merge request)
- Export last activity details (merge request) GitLab Enterprise Edition
- Expand import error message (merge request)
- Update adherence table thWidths (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Allow long group description (backend) by @freznicek (merge request)
- Remove "Add seats" btn from usage quotas for community plans (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.57.0 (merge request)
- Consolidate Puma low-level error handler code (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Swap columns for shared_runners_duration conversion (merge request)
- Truncate time in environments page by @vermainfinite (merge request)
- Update dependency auto-build-image to v1.42.0 (merge request)
- Allow merges in the absence of a pipeline (merge request)
- Improve standards adherence report (merge request) GitLab Enterprise Edition
- When user has 2FA enabled, do not attempt OAuth password auth (merge request)
- Enable
ingest_sbom_licenses
by default (merge request) GitLab Enterprise Edition - feat: Add runner type badge to jobs table in admin job page by @gerardo-navarro (merge request)
- Remove visible_label_selection_on_metadata feature flag (merge request)
- Replace loading icon with destination path as text (merge request)
- Import bitbucket notes (merge request)
- MIgrate chat names to GlTable (merge request)
- Replace feature flag for Code Suggestions tab on Usage Quotas page (merge request) GitLab Enterprise Edition
- Update text in CI status badges (merge request)
- Update docs for status check removal (merge request)
- Cleaning up build_ios_app_guide_email experiment (merge request)
- Update AI architecture documentation (merge request)
- Fix cross database join in fetch_policy_approvers_service (merge request) GitLab Enterprise Edition
- Tidy up jobs list (merge request)
- Remove
maxlength
limit from the group description textarea (merge request) - Handle optional approvals in policy bot comment (merge request) GitLab Enterprise Edition
- Fix RetryJob mutation ID type (merge request)
- Adding index on work_item_progresses.reminder_frequency (merge request)
- Make epic creation dropdown Pajamas compliant (merge request) GitLab Enterprise Edition
- Hide Application Analytics when experiments are disabled (merge request)
- Job page: restructre page (merge request)
- Make pipeline header mobile (merge request)
- Raise MissingAttributeError with explicit message (merge request)
- Find squashed commit if normal commit is not found on import (merge request)
- Respond with 401 instead of 404 on npm unauthenticated requests (merge request)
- Updates CiIcon to CiBadge (merge request)
- Enforce not null constraints for workspace personal_access_token_id (merge request)
- Rename framework folder to projects (merge request) GitLab Enterprise Edition
- Remove deprecated unlock LDAP membership feature (merge request) GitLab Enterprise Edition
- Add pagination to standards adherence table (merge request) GitLab Enterprise Edition
- Add optional SHA parameter to CI lint API by @oula.kuuva (merge request)
- Make boards selector dropdown Pajamas compliant (merge request)
- Move labels.scss to page_bundles from page_specific_bundles (merge request)
- Update artifacts page layout (merge request)
- Removes the mobile_devops_projects_promo feature flag (merge request)
- Redirect product planning hierachy page (merge request)
- Update spacing and classes of user profile controls (merge request)
- feat(web_ide): Added new API for VS Code Settings (merge request)
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Fix for z-index bug for label filter (merge request)
- Upgrade to grpc v1.58.0 (merge request)
- Rename copy of GitHub PR attachments stat (merge request)
- Update Rails to 7.0.8 (merge request)
- Use handRaiseLeadButton in code_suggestions_intro (merge request) GitLab Enterprise Edition
- Updates CSP for Google Analytics 4 (merge request)
- Update URL for work items with type issue (merge request)
- Update job page layout (merge request)
- Remove use of the welcome controller and route in CE (merge request)
- Fix epic header actions when feature flag is off (merge request) GitLab Enterprise Edition
- Import bitbucket issues (merge request)
- Feature flag cleanup: standalone finding modal FE (merge request) GitLab Enterprise Edition
- Add project push rules changes auditor (merge request) GitLab Enterprise Edition
- Enable the ssh access by default in the Composer package registry (merge request)
- Update schedule pipeline layout (merge request)
- Do not save contributors and exports fields in npm metadata (merge request)
- Prevent namespace level banned users from accessing inviting projects (merge request) GitLab Enterprise Edition
- This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
- Sync validate foreign key for ci_pipeline_messages (merge request)
Deprecated (2 changes)
- Deprecate groupApprovers field in ScanResultPolicyType (merge request) GitLab Enterprise Edition
- Add deprecation for openSUSE Leap 15.4 (merge request)
Removed (26 changes)
- Re-remove the member_tasks table (merge request)
- Clean up bigint conversion for notes (self-managed) (merge request)
- Remove gitlab_gtm_datalayer feature flag (merge request) GitLab Enterprise Edition
- Remove remove_legacy_github_client flag (merge request)
- Remove member_tasks table (merge request)
- Remove issuable features moved popover (merge request)
- Remove Gitlab::Shell#mv_repository calls (merge request)
- Remove
user_pat_rest_api
FF (merge request) - Remove feature flag content_editor_on_issues (merge request)
- Remove feature flag enforce_vulnerability_attributes_rules enabled (merge request) GitLab Enterprise Edition
- Remove Pages migration from legacy outdated code (merge request)
- Remove feature flag scan_execution_policy_pipelines enabled by default (merge request) GitLab Enterprise Edition
- Remove legacy replication for project repositories (merge request) GitLab Enterprise Edition
- Remove tasks to be done for members from service and api layer (merge request)
- Drop unused PA cluster settings (merge request)
- Remove k8s_proxy_pat FF (merge request)
- Removed feature flag deactivation_email_additional_text (merge request)
- Remove callout for rich text editor (merge request)
- Remove the deprecated DeleteContainerRepositoryWorker (merge request)
- Remove the arkose_labs_login_challenge feature (merge request) GitLab Enterprise Edition
- Remove unused diff_merge_request_whitespace_link helper (merge request)
- Geo Replicables - Remove RESTful support Vuex (merge request) GitLab Enterprise Edition
- Drop ignored columns from geo_node_statuses (merge request)
- Remove restrict_special_characters_in_namespace_path feature flag (merge request)
- Remove
asana
gem dependency (merge request) - Geo Replicables - Remove RESTful support from UI (merge request) GitLab Enterprise Edition
Security (20 changes)
- Enforce that the policy is executed by the bot user (merge request) GitLab Enterprise Edition
- Fix Maven request forward vulnerability to response splitting (merge request) GitLab Enterprise Edition
- Update URI gem to v0.12.2 (merge request)
- Fix leaking source code of restricted project through a fork
- Allow only one membership for security policy bots
- Delete of member branch protection rules cascadingly
- Revert "Merge branch 'security-415371-block-fifo-file' into 'master'"
- Prevents Ci::Build data from being rendered
- Restrict Project Fork Linking to Owners and Admins
- Prevent collaboration across forks when author cannot push
- Reset all approvals when target branch changes
- Default to using the asset proxy
- Pipelines will have no access to protected vars and may fail with tags
- Destroy group service accounts when removing group
- Fix SSO Enforcement for shared groups and projects
- Prevent math hijacking page elements
- Allow Maintainer+ to list Sentry projects
- Validate typeflag of import archive file
- Prevent leaking CI variables via fork MRs
- Mark any CI builds that are not complete as canceled when imported
Performance (6 changes)
- GitHub attachment importers resume their work (merge request)
- Sync removal of index_events_on_author_id_and_created_at_merge_requests (merge request)
- Drop index_deployments_on_project_id_and_ref concurrently (merge request)
- Remove index_deployments_on_project_id_and_ref async-ly (merge request)
- Async remove
index_events_on_author_id_and_created_at_merge_requests
(merge request) - Query the sum of approvals required instead of calculating it in Rails (merge request) GitLab Enterprise Edition
Other (73 changes)
- Complete rollout of new pipeline unlock mechanism (merge request)
- Async create index for env state updated at (merge request)
- Add auto_canceled_by_partition_id to p_ci_builds (merge request)
- Drops unused index_namespaces_on_ldap_sync_last_update_at (merge request)
- Change the validation to take into account for the new column (merge request)
- refactor: Improve consistency in create_package_service_spec by @gerardo-navarro (merge request)
- Adds initial developer docs for Model Registry (merge request)
- Migrate webhook resend request button (merge request)
- Backfill has_remediations on existing vulnerability_reads records (merge request)
- Removing temporary index used to backfill project stats by @TamsilAmani (merge request)
- refactor: Use BaseProjectService for CreateRuleService by @gerardo-navarro (merge request)
- Default enable inherit_higher_access_levels_no_cross_join flag (merge request)
- This MR removes on_demand_scans_runner_tags FF (merge request) GitLab Enterprise Edition
- refactor: Add enum for push_protected_up_to_access_level by @gerardo-navarro (merge request)
- Dropping unused idx index_namespaces_on_updated_at (merge request)
- Bump Gitlab Shell to 14.29.0 (merge request)
- Remove issues AI related feature flags (merge request) GitLab Enterprise Edition
- Remove the feature_flag use_new_zoekt_indexer (merge request) GitLab Enterprise Edition
- Remove the hardcoding for getting shard (merge request) GitLab Enterprise Edition
- Removing ff advanceStageTimeout (merge request)
- Renamed groupFilters to reportGroupFilters by @tedtran2019 (merge request)
- Update validation message when verifying sha (merge request)
- Remove use_traversal_ids feature flag (merge request)
- Guidelines regarding rolling out percentages Feature Flags (merge request)
- Reindex and remove merge_requests from main index (merge request) GitLab Enterprise Edition
- Update sass npm from 1.49.9 to 1.69.0 by @tnir (merge request)
- Resolve ambiguous references for archive metadata (merge request)
- Cleanup/promote to production gtm_nonce feature flag (merge request)
- Migrate widget action buttons to GlDisclosureDropdown (merge request)
- refactor: Align file location of package protection rule factory by @gerardo-navarro (merge request)
- Add
email_with_layout
in access_token_revoked_email method by @KiranSatyaRaj (merge request) - Send schema_version value flags for blob, commit and wiki (merge request) GitLab Enterprise Edition
- Add documentation related to link work items (merge request)
- Reindex notes from main index (merge request) GitLab Enterprise Edition
- Removing the feature flag loose_foreign_keys_batch_load_using_union (merge request)
- Cleanup FFs for migrating exclusive lease (merge request)
- Remove elastic_file_name_reverse_optimization feature flag (merge request) GitLab Enterprise Edition
- Refactors boolean validation specs using 'validate_inclusion_of' by @harshitprasad (merge request)
- Remove optimize_find_routable feature flag (merge request)
- Drop an unused index on the namespaces table (merge request)
- Remove FF bulk_imports_batched_import_export (merge request)
- Add a migration to remove hashed_root_namespace_id from users index (merge request) GitLab Enterprise Edition
- Use QueuesMetadata for duplicate jobs (merge request)
- Add automated accessibility tests (merge request)
- Externalize strings from viewer_swicher.html.haml by @wwwxx4869 (merge request)
- Write licenses to
sbom_occurrences
table (merge request) GitLab Enterprise Edition - Removing a leftover from previous removal (merge request)
- Cleanup deploy_key_for_protected_tags feature flag (merge request)
- Use a dedicated client for workhorse-redis (merge request)
- Drop an unused index on the namespaces table (merge request)
- Remove ff standard_merge_train_ref_merge_commit (merge request) GitLab Enterprise Edition
- Remove 'gitlab_duo' feature flag (merge request) GitLab Enterprise Edition
- Remove 'ai_related_settings' feature flag (merge request) GitLab Enterprise Edition
- Remove mention of ai_redis_chat (merge request) GitLab Enterprise Edition
- Remove 'tanuki_bot' feature flag (merge request) GitLab Enterprise Edition
- Remove 'explain_code_snippet' feature flag (merge request) GitLab Enterprise Edition
- Remove 'chat_epic_identifier' FF (merge request) GitLab Enterprise Edition
- Remove 'ai_tool_info' feature flag (merge request) GitLab Enterprise Edition
- Drop an unused index on the namespaces table (merge request)
- Feature flags rollout instructions update (merge request)
- Add SaaS guard on onboarding controller (merge request) GitLab Enterprise Edition
- Cleanup
errors_utf_8_encoding
feature flag (merge request) - Cleanup "optimize_group_template_query" feature flag (merge request)
- Remove the
chatops
feature flag since it's enabled by default (merge request) - Added styles to to email by @NIKU-SINGH (merge request)
- Add index on ci_job_artifacts file_final_path (merge request)
- Update documentation regarding deprecated random feature flags (merge request)
- Adds "name" field to provide machine readable status (merge request)
- Remove self_and_hierarchy scope feature flag (merge request)
- Add endpoint_id label to web transaction metrics (merge request)
- Remove FF when canceling redundant pipelines (merge request)
- Alias read_namespace to access_namespace and move usages to new ability by @Taucher2003 (merge request)
- Remove
custom_roles_on_groups
feature flag (merge request) GitLab Enterprise Edition
Security
Security wording was detected, but no CVEs were found.
Details
date
Oct. 20, 2023, midnight
name
16.5.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!