GitLab EE - 14.8.0
Security
(2022-02-21)
Added (134 changes)
- Add fields to PipelineSecurityReportFindingType (merge request) GitLab Enterprise Edition
- Add overage confirmation modal (merge request) GitLab Enterprise Edition
- Add custom tags to the Datadog integration by @AdrianLC (merge request)
- Save sort on querystring for vulnerability report (merge request) GitLab Enterprise Edition
- Pipeline and other fixes to community contribution (merge request)
- Allow broadcast messages to be targeted to the current user's role (merge request)
- Provide FF to project edit action (merge request) GitLab Enterprise Edition
- Stream audit events using audit event JSON (merge request) GitLab Enterprise Edition
- Add CI minutes usage charts to group usage quotas (merge request) GitLab Enterprise Edition
- Defaulted roadmap_settings to true (merge request)
- GraphQL: Expose token_expires_at property and sorting by @KyleFromKitware (merge request)
- Add scan method to dast site profile (merge request)
- Enable admin runner read-only runner view (merge request)
- Enable corpus management for self-managed installs (merge request) GitLab Enterprise Edition
- Fix(SM: Subscription): Refresh local state (merge request) GitLab Enterprise Edition
- Enable Service Usage data page by default (merge request)
- Exclude pending memberships from billable members count (merge request) GitLab Enterprise Edition
- Make granting of open-source license to public projects configurable (merge request)
- Enable prohibition of hex branch names (merge request)
- Add dependency_proxy_size to GraphQL type (merge request)
- Removed work_items_hierarchy feature flag (merge request)
- Add the ability to ban users in the Admin Area (merge request)
- Add "Delete" group button to the groups dashboard (merge request)
- Registry import enqueuer (merge request)
- Add crm system notes by @leetickett (merge request)
- Extend the GraphQL interface with
securityTrainingUpdatemutation (merge request) GitLab Enterprise Edition - Add alert metric image table and basic model (merge request)
- Add required approvals to Protected Environment settings (merge request) GitLab Enterprise Edition
- Add GEMNASIUM_LIBRARY_SCAN_ENABLED variable (merge request)
- Allow to list project group ancestors on REST API (merge request)
- Upgrade GitLab Pages to 1.54.0 (merge request)
- Add
public_projects_countcounter to topics by @wwwjon (merge request) - Registry import observer worker (merge request)
- Add support for contacts autocompletion (merge request)
- Add the registry migration guard job (merge request)
- Save audit events for start/stop user impersonation to group level (merge request) GitLab Enterprise Edition
- Add ability to download Service Ping payload (merge request)
- Backfill route namespace_id for namespaces (merge request)
- Support position params in issue creation mutation (merge request)
- Add dependency proxy migrate rake task (merge request)
- Add script to track clicks for RF offer (merge request) GitLab Enterprise Edition
- Add owner_valid to Dast::ProfileScheduleType (merge request) GitLab Enterprise Edition
- Add deprecation notice to the Serverless UI (merge request)
- Add Project Access Tokens to credentials inventory (merge request) GitLab Enterprise Edition
- Copy contacts when moving an issue (merge request)
- Request deployment target info from users (merge request)
- Add utility method to add parameters to a URL (merge request)
- Enable invite member modal by default (merge request)
- Add GraphQL API endpoint access from primary to secondary Geo nodes (merge request) GitLab Enterprise Edition
- Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
- Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
- Add simple multi select for when the number of (merge request) GitLab Enterprise Edition
- Cache shared runners enabled check (merge request)
- Implement fair queueing for LFK (merge request)
- Add max_batch_size to batched migrations table (merge request)
- Add setting to not display code diffs in MR review emails by @joe-snyder (merge request)
- Add attention requests to the MR list view (merge request)
- Add version column to the Agent listing page (merge request)
- Add owners array to webhook data (merge request)
- Enable searching for MRs by updated_at (merge request)
- Support "ecdsa-sk" and "ed25519-sk" SSH keys (merge request)
- Promote the trial_registrations_with_reassurance experiment (merge request) GitLab Enterprise Edition
- Record and publish application boot time (merge request)
- Add GraphQL create API for incident timeline events (merge request) GitLab Enterprise Edition
- Populate data for vulnerability_reads from vulnerabilities (merge request)
- Remove deployment_approvals feature flag (merge request) GitLab Enterprise Edition
- Added Qualys IaC Security template by @mbachhav (merge request)
- CI/CD analytics: Add metric tiles (merge request) GitLab Enterprise Edition
- Show KAS version on admin dashboard (merge request)
- Add validation to check if branches are valid for security policy (merge request) GitLab Enterprise Edition
- Add Container Registry migration notification APIs (merge request)
- Allow group maintainers to list provisioned users for a group (merge request) GitLab Enterprise Edition
- Upgrade GitLab Pages to 1.53.0 (merge request)
- Enable Configure with a MR button for Container Scanning (merge request) GitLab Enterprise Edition
- Enable json_limited_encoder ff by default (merge request)
- Add Blob#symlink? boolean method (merge request)
- Feat(SM: Subscription History): add future subscr (merge request) GitLab Enterprise Edition
- Remove extract_mr_diff_commit_deletions FF (merge request)
- Add enabling container-scanning for project with GraphQL (merge request) GitLab Enterprise Edition
- Add median to CI/CD lead time chart (merge request) GitLab Enterprise Edition
- Feat(SM: Subscription Activation): size + text GitLab Enterprise Edition
- Bump GitLab pages to 1.52.0 (merge request)
- Feat(SM: Subscription Activation): size + text (merge request) GitLab Enterprise Edition
- Remove
vue_epics_listand legacy code (merge request) GitLab Enterprise Edition - Add triggers to sync vulnerability_reads (merge request)
- Add ability to search for an escalation policy by name (merge request) GitLab Enterprise Edition
- Expose language field in GraphQL blob type (merge request)
- Adds mergeRequestInteraction to GraphQL MemberInterface type (merge request)
- Ask for feedback on the Agent listing page (merge request)
- Re-remove foreign keys on GitLab.com (merge request)
- Add Planning Hierarchy page (merge request)
- Enable Gitlab Shell rate limit by default (merge request)
- Enable bulk job tags insertion by default (merge request)
- GraphQL: Add jobs field to CiRunner (merge request)
- Add a GraphQL resolvers to get pipeline counts by scope (merge request)
- Pass custom slots from HelpPopover to GlPopover (merge request)
- Enable project owners to list their projects pending deletion by default (merge request) GitLab Enterprise Edition
- Hide ancestor groups in group invites (merge request)
- Track api usage of the jetbrains plugin (merge request)
- Indicate locked users in Admin Area users list (merge request)
- Add metric tile component (merge request)
- Support iteration search by cadence title (merge request) GitLab Enterprise Edition
- Add badge for invited user (merge request)
- Remove import_redis_increment_by feature flag (merge request)
- Submit ServicePing generation errors to Version app (merge request)
- Add mutation for updating user preferences (merge request)
- Add Graphql mutation to update timeline event (merge request) GitLab Enterprise Edition
- Log project export timings (merge request)
- Re-enable sanboxed mermaid FF with a fix (merge request)
- Redirect in-app trial users to the feature (merge request) GitLab Enterprise Edition
- Add more issue due_date filters to API by @leetickett (merge request)
- Add support for the gitlab container registry API (merge request)
- CI Runners: Support sorting by token_expires_at by @KyleFromKitware (merge request)
- Restrict JWT requests when importing repositories (merge request)
- Show deprecation notification in pipeline page (merge request)
- Allow project owners to list & restore their projects pending deletion (merge request) GitLab Enterprise Edition
- Allow merge requests to be sorted by title (merge request)
- Add everage to CI/CD deployment chart (merge request) GitLab Enterprise Edition
- Add improved readme content for all new projects (merge request)
- Adds dependency_proxy_size to namespace statistics (merge request)
- GraphQL: Add projects property to CiRunner type (merge request)
- Add identifier to VSA summary metrics (merge request)
- GraphQL: Add groups property to Runner type (merge request)
- Add verification header for streamed events (merge request)
- Hide issue contacts and quick actions by @leetickett (merge request)
- Update templates for repository size RF CTA (merge request) GitLab Enterprise Edition
- Adds dependency_proxy_size to root storage stats (merge request)
- CI Runners: Add token expiration field by @KyleFromKitware (merge request)
- Add state/province selector to trials (merge request) GitLab Enterprise Edition
- Add audit logging for runner registration (merge request) GitLab Enterprise Edition
- Support default templates for issues/MRs via .gitlab/ folders by @davebarr (merge request)
- Allow querying recent boards in a group or project (merge request)
- Add url_text column to issuable metric images (merge request)
- Add migration for backfilling project namespaces (merge request)
Fixed (168 changes)
- Allow specifying project name on importing an exported GitLab project by @zhzhang93 (merge request)
- Clean up wrong max_seats_used batch two (merge request)
- Fix Date::Error exception when viewing audit logs for an invalid date (merge request) GitLab Enterprise Edition
- Revert "Merge branch 'if-personal_project_owners' into 'master'" (merge request)
- Fix unit display for VSA charts (merge request) GitLab Enterprise Edition
- Added merge policy for design collection (merge request)
- Fix merge request tabs background leakage (merge request)
- Fix position when creating issue in issue boards (merge request)
- Delete issue contacts if project root changed by @leetickett (merge request)
- Revert user already exists to members API (merge request)
- Avoid exceptions from un-symbolizable job names (merge request)
- Block external fork mirrors (merge request)
- Allow testing of disabled hooks (merge request)
- Fix duplicate draft help text (merge request)
- Stop browser from caching learn gitlab (merge request) GitLab Enterprise Edition
- Add ref param to project level ci/lint by @thadc23 (merge request)
- Apply PJs styling to Pages DNS badge (merge request)
- Fix missing discussion_id in GitHub imports (merge request)
- Allows invite modal to re-invite single users (merge request)
- Add encoding for url params for board filtered search by @sstern (merge request)
- Handle Gitaly error on fetching total-branches for pipeline editor (merge request)
- Fix typo in Pull mirror verification (merge request) GitLab Enterprise Edition
- Allow to toggle requirements_access_level on REST API (merge request) GitLab Enterprise Edition
- Allow GC to run if deduplication service runs into an error (merge request)
- Render submit button only once in Pages settings (merge request)
- Update GitHub PRs Importer to force update repository (merge request)
- Use strong parameters for CompareController (merge request)
- Fix default sort for tags page (merge request)
- Update namespace statistics when project is destroyed (merge request)
- Don't rebase when the branch protected from force push (merge request)
- fix: Reintroduce top-level SAST_ANALYZER_IMAGE_TAG for SCS (merge request)
- Fix typo in Gitlab::Changelog::Release (merge request)
- Merge branch... (merge request)
- Fix corpus delete by updating corpus fetch (merge request) GitLab Enterprise Edition
- Return an error for an invalid ref_name (merge request)
- Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
- Fix layout issues for project tokens in credentials inventory (merge request) GitLab Enterprise Edition
- Use StrongParameters for ExtractsRef (merge request)
- Remove label hover state css override in right sidebars (merge request)
- Change minutes field to shared_runners_duration (merge request) GitLab Enterprise Edition
- Don't record the exception when the repostory already exists (merge request)
- Allow sorting epics by created & updated dates (merge request) GitLab Enterprise Edition
- Use StrongParameters for ProjectsController (merge request)
- Reject reply by email to notification if the from email is not verified (merge request)
- Fix Typo in Protected Tags Settings by @Taucher2003 (merge request)
- Roadmap - Fix today indicator alignment (merge request) GitLab Enterprise Edition
- MacOS remove horizontal scroll in left navigation by @OmerFarukMerey (merge request) GitLab Enterprise Edition
- Remove secondary variant from agent modal cancel button (merge request)
- Add width and alt tag to image in trial flow second step (merge request)
- Fix provisioned_users API endpoint with full_path (merge request) GitLab Enterprise Edition
- Verify project id in API (merge request)
- Fix NoMethodError for calling modified_paths on nil pipeline (merge request)
- Introduce concept of parse errors for quick actions (merge request)
- Test the logical path rather than the real path (merge request)
- Fix merge requests page dark mode (merge request)
- Remove container-image: from location on the Dependency List (merge request) GitLab Enterprise Edition
- Remove dangling running entries from ci running builds table (merge request)
- Reject MIME parts with unsupported encoding (merge request)
- Drop legacy finished at in Deployment (merge request)
- Use strong_parameters for RefsController (merge request)
- Check for group confidential access in EpicsFinder (merge request) GitLab Enterprise Edition
- Allow searching of users using less than 3 chars (merge request)
- Fix label links in MR system notes (merge request)
- Epic boards - Hide toggled off Open column (merge request)
- Fix for rate lmiting test errrors (merge request) GitLab Enterprise Edition
- Catch GitLab::HTTP:ERRORS while streaming auditevents (merge request) GitLab Enterprise Edition
- Fix missing upvote/downvote counts on Epics list (merge request) GitLab Enterprise Edition
- Roadmap - Fix bar width for week layout (merge request) GitLab Enterprise Edition
- Improve dashboard projects blank state code (merge request)
- Fix how busy is displayed in group/project members list (merge request)
- Fix NoMethodError for RefsController (merge request)
- Merge stable Jobs/Deploy.gitlab-ci.yml into latest (merge request)
- Create specific CE display_public_email? user helper (merge request)
- REST: Fix scope of GET /projects/:id/runners endpoint (merge request)
- Validate that reference exists for atom format (merge request)
- Fix reverse tabnabbing vulnerability with improper URL protocol (merge request)
- Allow mergeability check when merge_status is already checking (merge request)
- Validate sort parameter for branches page and branches API (merge request)
- Fix deep linking into settings panels (merge request)
- Deduplicate findings by comparing the UUIDs (merge request) GitLab Enterprise Edition
- Fix Popen not always returning error code (merge request)
- REST: Follow shared runners setting (merge request)
- Fix spacing issue in the packages version details (merge request)
- REST: Fix scope of /groups/:id/runners?type endpoint (merge request)
- Add darkmode variant for black-normal color (merge request)
- Enable Zip64 support (merge request)
- Fix arrow that was overlapping button in Admin -> Users by @orozot (merge request)
- Fix search term case sensitivity for transfer namespace (merge request)
- Show underscores in branch name in merge request by @brcampbell1 (merge request)
- Fix editor browser modal when creating new MR (merge request)
- Fix NoMethodError when commit is missing (merge request)
- Fix incorrect render in JUnit merge UI with null or blank name value (merge request)
- Add id to user of ZentaoSerializers by @icbd GitLab Enterprise Edition
- Remove invalid groups from sharing in invite group modal
- Add id to user of ZentaoSerializers by @icbd (merge request) GitLab Enterprise Edition
- Remove invalid groups from sharing in invite group modal (merge request)
- Revert "Merge branch 'revert-b59c6630' into 'master'" (merge request)
- Geo: Mark object stored files verified (merge request) GitLab Enterprise Edition
- Fix exception when epic has no author (merge request)
- Use finding signatures in deduplication logic (merge request) GitLab Enterprise Edition
- Use strong parameters for CommitsController (merge request)
- Don't return 500 error for tags in atom format (merge request)
- Use strong_parameters for ForksController#index (merge request)
- Fix NoMethodError for empty changelog (merge request)
- Fix typo in RepositoryController#cleanup (merge request)
- Restrict pagination per_page possible values (merge request)
- Fix input parameter validation for tags controller (merge request)
- Fix NoMethodError for UnfoldPresenter (merge request)
- Deprecate and replace MR with approval rules metric (merge request) GitLab Enterprise Edition
- Sign out before redirecting to login page (merge request)
- Restore the lost success event handler for hiding the verification modal (merge request) GitLab Enterprise Edition
- Dedup Ci::RunnerProjects (merge request)
- Allow searching of users using less than 3 chars (merge request)
- Allow all users within a group to view all compliance frameworks (merge request) GitLab Enterprise Edition
- Sort vulnerability identifiers on ingestion to prevent Deadlock errors (merge request) GitLab Enterprise Edition
- Refactor issue move to not require group_id param (merge request)
- Pass URI to elasticsearch client instead of string (merge request) GitLab Enterprise Edition
- Add rouge-ruby Comment.Doc style support by @zsgsdesign (merge request)
- Fix long label overflow in the sidebar by @smortex (merge request)
- Fix hidden notifications dropdown on smaller screens (merge request)
- Change epic list payload variable to uppercase by @orozot (merge request) GitLab Enterprise Edition
- Change trials_link_url name to callouts_trials_link_url by @orozot (merge request) GitLab Enterprise Edition
- Only call the resolved service if we resolve all the active notes (merge request)
- Gracefully handle unexpected severities in code quality report (merge request)
- Ensure mergeability check runs on specific cases (merge request)
- Re-align "Register" and "Cancel" buttons in Agent installation modal (merge request)
- Geo: Fix verification failures of remote stored files (merge request) GitLab Enterprise Edition
- Update project export job status upon failure (merge request)
- GitLab Version - CE Admin Dashboard (merge request)
- Ensure git url validation is always performed (merge request)
- Bump default auto-deploy-image to 2.18.1 (merge request)
- Set class name for the proxy ingestion tasks (merge request) GitLab Enterprise Edition
- Show issuable reference title in milestone description by @wwwjon (merge request)
- Prevent Group API N+1 loading group plans (merge request) GitLab Enterprise Edition
- Fix issue sticky header doesn't align left in fluid layout (merge request)
- Enable ci_order_subsequent_jobs_by_stage by default (merge request)
- Exempt bot users for groups from license seat usage by @fh1ch (merge request) GitLab Enterprise Edition
- Fix incorrect max_seats_used values (merge request)
- Fix the primary button on KAS installation modal (merge request)
- Fix typo in message (merge request)
- Fix broken references when previewing SP payload (merge request)
- Use Bitbucket repo description over project description when importing by @nicosullivan (merge request)
- Guard create issue button in boards against submitting spaces by @sstern (merge request)
- Replace offsetTop with getBoundingClientRect for roadmap_setting panel by @orozot (merge request)
- Fix import/export not checking upload result (merge request)
- Update
resolved_on_default_branchattribute in batches (merge request) GitLab Enterprise Edition - Add missing Git authentication support for group level bot build tokens by @fh1ch (merge request)
- Update
Project.updated_atif other timestamps change by @wwwjon (merge request) - Remove project loads for dast profiles policy checks (merge request) GitLab Enterprise Edition
- Do not require credit card validation when it is present (merge request) GitLab Enterprise Edition
- Fix CI instance variable cache misses (merge request)
- Fix cluster integration HTTP adapter (merge request)
- Clear childrenEpic state when changing roadmap sort order by @espadav8 (merge request) GitLab Enterprise Edition
- Prevent compliance pipelines from overwriting child pipelines (merge request) GitLab Enterprise Edition
- Fix selection summary not showing on vulnerability report (merge request) GitLab Enterprise Edition
- Fix runner count when tabs are used (merge request)
- fix: Fix incorrect il8n referenece for Vulnerability Dismissal (merge request) GitLab Enterprise Edition
- Allow strings and nested arrays of strings for before/after script by @guillaume.chauvel (merge request)
- Extract MergeRequestDiffCommit deletions (merge request)
- Reject MIME parts with unsupported encoding (merge request)
- Add user's preferred language to cache key of MR title partial (merge request)
- Transition abuse_reports_controller spec by @leetickett (merge request)
- Calculate location fingerprint by signature for findings if available (merge request) GitLab Enterprise Edition
- Extend Google Cloud Storage max transfer timeout to 60 minutes (merge request)
- Add spacing for pipeline editor alert close button (merge request)
- Fix check for valid custom pages domains by @mlegner (merge request)
- Add missing tooltip and aria-label for commit description toggle by @nicosullivan (merge request)
- Users who can read project can read bot names (merge request)
Changed (216 changes)
- Use GlAvatar in env dashboard project header (merge request) GitLab Enterprise Edition
- Remove legacy license compliance approval_status (merge request) GitLab Enterprise Edition
- Allow setting feature flag for a single namespace (merge request)
- No-coverage lines more prominent than covered lines by @MMSandal (merge request)
- Global Search - Optimize SearchContext (merge request)
- Geo: Job Artifacts replication using SSF (merge request)
- Update to Puma 5.6.2 (merge request)
- Handle invalid URL for DAST Site Profile (merge request)
- Use
system-errif no failure/error message was given in JUnit output by @jdyl (merge request) - Use pagination for vulnerability report (merge request) GitLab Enterprise Edition
- Handle invalid URL for DAST Site Profile (merge request)
- Handle invalid URL for DAST Site Profile (merge request)
- Updated the docs to include new agent information (merge request)
- Fixed constant wording for clearer understanding (merge request) GitLab Enterprise Edition
- Remove feature flag for the container registry Google CDN feature (merge request)
- Add jobs template for Dependency Scanning and License Scanning (merge request)
- Replicate integrations indices for type_new (merge request)
- Add missing translations (merge request) GitLab Enterprise Edition
- Replace the bitbucket import modal with a GlModal (merge request)
- Update status icons for requirements (merge request) GitLab Enterprise Edition
- Bump cluster management project template for 14.8 (merge request)
- Remove dast_sharded_cloned_ci_builds feature flag (merge request) GitLab Enterprise Edition
- Switch to GlTabs for markdown header component (merge request)
- Link by commit and name for pipeline (merge request)
- Add approvers when editing scan result policies (merge request) GitLab Enterprise Edition
- Move findings deletion into a worker (merge request) GitLab Enterprise Edition
- Replace window.confirm with GlModa in deployment actions (merge request)
- Modify upload license error language (merge request) GitLab Enterprise Edition
- Make integrations type_new trigger null-safe (merge request)
- Default on :cluster_vulnerabilities feature flag (merge request)
- Improve UI message for unfinished pipelines (merge request)
- Drop temporary index on vulnerability_occurrences (merge request)
- Change file input on upload license page to a dropzone (merge request) GitLab Enterprise Edition
- Allow offline cloud license upload (merge request) GitLab Enterprise Edition
- Improve UI text of group settings page (merge request)
- Edit UI text to comply with standards (merge request)
- Show default value in squash and merge commit template textareas by @trakos (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Update KAS to v14.8.1 (merge request)
- Put feature flag for reading from finding_evidence (merge request) GitLab Enterprise Edition
- Remove the border from the signub box on the trial registration page (merge request) GitLab Enterprise Edition
- Upgrade CI images to Debian bullseye (merge request)
- Update confirmation button variant and label (merge request)
- Limit on-demand scans tabs counts (merge request) GitLab Enterprise Edition
- Bump Gitlab Shell version to 13.23.2 (merge request)
- Geo Sites - Filter by Search (merge request) GitLab Enterprise Edition
- Add feature flag toggle for elastic migration worker (merge request) GitLab Enterprise Edition
- Add a memory report link in the Performance Bar (merge request)
- Add vue js fork confirmation modal (merge request)
- Jira create branch: Alert when lacking permissions (merge request)
- Replace window.confirm with GlModa in pipeline manual actions (merge request)
- Exclude guests being billable for ultimate trials (merge request) GitLab Enterprise Edition
- Add message for user count overage (merge request) GitLab Enterprise Edition
- Refactor NamespaceStatistics into CE (merge request)
- Remove limited class from global_alert (merge request)
- Changed the deployment target option (merge request)
- Remove
ci_skip_require_credit_card_for_addon_ci_minutesfeature flag (merge request) - Make rate limiting of /users/:id configurable (merge request)
- Use better colors for activity calendar in darkmode (merge request)
- Convert timestamps to utc in license usage export (merge request) GitLab Enterprise Edition
- Update copy for API Security in DAST (merge request)
- Exclude pending_destruction packages when creating one (merge request)
- Set danger variant and label to leave group (merge request)
- Clean up Create Branch from Jira form (merge request)
- Improve retry tooltip for failed pipeline (merge request)
- Deprecate custom geo:db:* rake tasks in favor of built-in tasks (merge request) GitLab Enterprise Edition
- Make squash/rebase failed messages better (merge request)
- Enable storage purchase via GitLab by default (merge request)
- Remove early_prepare_for_mergeability feature flag (merge request)
- Add tooltip to project variables in CI/CD settings (merge request)
- feat: Bump major security-code-scan sast version for 15.0 (merge request)
- Add link to group pipeline usage quota (merge request)
- Update auto-build-image to v1.5.0 (merge request)
- Update Go to version 1.17.6, workhorse (merge request)
- Simplify CI_DEPLOY_FREEZE conditions in Auto DevOps (merge request)
- Replace window.confirm with GlModal for noteable notes delete and edit (merge request)
- Add severity level to compliance violations table (merge request)
- Move VSA metrics to shared analytics (merge request) GitLab Enterprise Edition
- Remove redundant index_epic_issues_on_epic_id (merge request)
- Remove vue_integration_form feature flag (merge request)
- Remove enable_ci_variable_caching feature flag (merge request)
- Improve the project deletion UI text (merge request)
- Improve copy on Slack app delete project modal (merge request) GitLab Enterprise Edition
- Improve delete webhook modal copy (merge request)
- Change protected branches selector internals (merge request) GitLab Enterprise Edition
- Alias wip methods to -> draft (merge request)
- Remove new_route_ci_minutes_purchase feature flag (merge request)
- Remove WIP support from commits (merge request)
- Add tooltips for pipeline icons (merge request)
- Hide
None&Anytoken wildcards (merge request) GitLab Enterprise Edition - Give immediate feedback when awarding an issuable by @KevSlashNull (merge request)
- Remove WIP support from Merge Requests (merge request)
- Undo filter milestones dropdown in boards by state by @sstern (merge request)
- Fix Kubernetes Agent label capitalization (merge request)
- Add quickSuggestions to Pipeline Editor (merge request)
- Update bitbucket logo (merge request)
- Update Atlassian logo (merge request)
- Update Twitter logo (merge request)
- Update Facebook logo (merge request)
- Remove github_importer_use_diff_note_with_suggestions feature flag (merge request)
- Error on delete tag when importing repository (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Enable jobs tab vue by default (merge request)
- Update Auth0 logo (merge request)
- Hide user cap alert if viewing pending members (merge request) GitLab Enterprise Edition
- Geo Sites - Filter By Status (merge request) GitLab Enterprise Edition
- Add indeterminate state to select all checkbox on vulnerability report (merge request) GitLab Enterprise Edition
- Update to ruby-magic v0.5.4 (merge request)
- Add combined registration to trial registration flow (merge request)
- Update rubyzip gem to v2.3.2 (merge request)
- Don't notify Sentry about PreReceiveErrors (merge request)
- Show disabled CI action icon when unauthorized (merge request)
- Enable the pipelines table redesign by default (merge request)
- Change settings copy (merge request)
- Edit UI text of project permissions (merge request)
- Add instrumentation class to by-stage-secure metrics (merge request) GitLab Enterprise Edition
- Return pretty error validation messages for Security Policy (merge request) GitLab Enterprise Edition
- Hide search bar when registry is empty by @KevSlashNull (merge request)
- Bump Gitlab Shell version (merge request)
- Update styling of date range indicator (merge request)
- Show error message for permissions (merge request)
- Show error message for permissions
- Change contact details for support (merge request)
- Skip redundant checks for runners already scoped to a project (merge request)
- Swap FK ci_pipelines to projects for LFK (merge request)
- Reorganize Kubernetes clusters action button menu (merge request)
- feat(badge): Migrate diff LFS badge to glbadge (merge request)
- Enable linear roots in UpdateAllMirrorsWorker (merge request) GitLab Enterprise Edition
- Default enable issue_boards_filtered_search by @sstern (merge request)
- Add confirmation modal for merge (merge request)
- Update navigation badge to pajamas styling (merge request)
- Allow developers to read Kubernetes clusters (merge request)
- Enable
security_report_ingestion_frameworkFF by default (merge request) GitLab Enterprise Edition - Add text for all branches (merge request) GitLab Enterprise Edition
- Swap FK ci_pipeline_schedules to projects for LFK (merge request)
- Content for hand raise leads (merge request) GitLab Enterprise Edition
- Improve UI text for style compliance (merge request)
- Swap FK ci_builds to projects for LFK (merge request)
- Packages list sort by Published and store pref (merge request)
- Remove projects that are marked for deletion from UI (merge request)
- Swap FK ci_sources_projects to projects for LFK (merge request)
- Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
- Add alert after Slack application is installed (merge request) GitLab Enterprise Edition
- Swap FK ci_runner_projects to projects for LFK (merge request)
- Swap FK ci_job_artifacts to projects for LFK (merge request)
- Update UI for MR pipeline rename (merge request)
- Swap FK vulnerability_feedback to ci_pipelines for LFK (merge request)
- Only fetch namespaces if search value changes (merge request)
- Add error code to project export command status log (merge request)
- Swap FK dast_site_profiles_pipelines to ci_pipelines for LFK (merge request)
- Add compatibility alert to Jira Connect App (merge request)
- Swap FK ci_subscriptions_projects to projects for LFK (merge request)
- Replace window.confirm with GlModal for noteable discussions (merge request)
- Replace window.confirm with GlModal for board setting sidebar (merge request)
- Swap FK ci_project_monthly_usages to projects for LFK (merge request)
- Add IDE preview success metrics (merge request)
- Swap FK ci_stages to projects for LFK (merge request)
- Improve UI text for style compliance (merge request) GitLab Enterprise Edition
- Replace window.confirm with GlModal for repository index (merge request)
- Hide subs expiration banner before eligible (merge request) GitLab Enterprise Edition
- Remove export_reduce_relation_batch_size feature flag (merge request)
- Update runner registration token reset modal (merge request)
- Swap FK ci_pipelines to merge_requests for LFK (merge request)
- Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
- Add Cluster Image Scanning to AutoDevOps (merge request)
- Update iteration dropdowns in sidebars/board list (merge request) GitLab Enterprise Edition
- Add unit test for trials_link_url by @orozot (merge request) GitLab Enterprise Edition
- Refactor hello_deferred path to jh_else_ce by @orozot (merge request)
- Extract callout content trails link to variable by @orozot (merge request) GitLab Enterprise Edition
- Boards - Fix top elements alignment (merge request)
- Swap FK ci_refs to projects for LFK (merge request)
- Swap FK ci_sources_pipelines to projects for LFK (merge request)
- Hide user avatar for blocked and unconfirmed users (merge request)
- Swap FK ci_builds_metadata to projects for LFK (merge request)
- Improve OmniAuth sign in description by @scootergrisen (merge request)
- Swap FK ci_variables to projects for LFK (merge request)
- Swap FK ci_subscriptions_projects to projects for LFK (merge request)
- Swap FK ci_triggers to projects for LFK (merge request)
- Swap FK external_pull_requests to projects for LFK (merge request)
- Add Pajamas badge for diverged from upstream (merge request)
- Refactor system notes for alerts and incidents for consistentcy (merge request)
- Improve explanation for Advanced Project settings (merge request)
- Handle path not found without throwing, accept array as path (merge request)
- Add scan result policy into policy editor (merge request) GitLab Enterprise Edition
- Use gl-badge for web IDE activity bar (merge request)
- Geo Sites - NA Verification Help (merge request) GitLab Enterprise Edition
- Disable sync for offline cloud licenses (merge request) GitLab Enterprise Edition
- Geo Sites - Update replication button (merge request) GitLab Enterprise Edition
- Geo Forms - Fix Buttons (merge request) GitLab Enterprise Edition
- VSA metrics: Only render decimal places for floats (merge request)
- Swap FK vulnerability_statistics to ci_pipelines for LFK (merge request)
- Remove instructions to install Agent if KAS is not set up (merge request)
- Update iteration changed notification format (merge request) GitLab Enterprise Edition
- Lowercased runner because it's referring to agent (merge request)
- Keep branch when going to Pipeline Editor through nav (merge request)
- Swap FK vulnerability_occurrence_pipelines to ci_pipelines for LFK (merge request)
- Swap FK dast_profiles_pipelines to ci_pipelines for LFK (merge request)
- Limit the length of generated anchor URL for markdown headers (merge request)
- Treat API requests from the frontend as web traffic in the rate limiter (merge request)
- Handle members who are existing hierarchy members (merge request) GitLab Enterprise Edition
- Fix empty line to contain two values (merge request) GitLab Enterprise Edition
- Swap FK merge_trains to ci_pipelines for LFK (merge request)
- Add Pajamas complient "whats new" badge (merge request)
- Swap FK ci_triggers to users for LFK (merge request)
- Extract container registry page common component by @orozot (merge request)
- Update secret detection template to be more robust (merge request)
- Remove feature flag for auto-linking LFS objects in forks (merge request)
- Enable ci_skip_require_credit_card_for_addon_ci_minutes by default (merge request)
- Loosen rule to detect cyclical pipelines (merge request)
- Swap FK merge_requests to ci_pipelines for LFK (merge request)
- Swap FK ci_sources_pipelines to projects for LFK (merge request)
- Remove summary from Finding Evidence (merge request)
- Geo UI - Rename Nodes to Sites (merge request) GitLab Enterprise Edition
- Remove FF custom_preloader_for_deployments (merge request)
- Update group#shared_externally to include projects (merge request) GitLab Enterprise Edition
- Improve the labels on Kubernetes Agent UI (merge request)
Deprecated (12 changes)
- Add warning for deprecation notice on logs page (merge request)
- feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)
- Require
auto-deploy use_kube_contextto be present (merge request) - Change merged_by deprecation to breaking change (merge request)
- Deprecate /groups/:id/runners?type=project_type (merge request)
- REST API: Deprecate active/paused values in status filters (merge request)
- GraphQL: Deprecate active field in RunnerUpdateInput (merge request)
- REST API: Deprecate βactiveβ property for Runners (merge request)
- GraphQL: Deprecate active field for RunnerType (merge request)
- GraphQL: Deprecate active filter for Runners resolver (merge request)
- Deprecate Runner API maintainer_note (merge request)
- Deprecate Gitlab Shell's self_signed_cert setting (merge request)
Removed (21 changes)
- Remove deprecated CanMutateSpammable (merge request)
- Remove unused partial remove_approver (merge request)
- git: Stop calling Gitaly's Cleanup RPC (merge request)
- Remove the billing in side nav experiment (merge request) GitLab Enterprise Edition
- Remove unique index (merge request)
- rake/info: Stop reporting Git version (merge request)
- system_check: Remove Git version check (merge request)
- system_check: Remove Git configuration check (merge request)
- Remove unused WIP regex (merge request)
- Remove the loose_foreign_key_cleanup FF (merge request)
- Remove feature flag (merge request)
- Remove security_finding_build_disable_joins feature flag (merge request)
- Remove vulnerability_history feature flag (merge request)
- Remove instance_security_dashboard feature flag (merge request)
- Remove all code related to Gitlab::RequestProfile (merge request)
- Remove duplicate data_category: entry (merge request)
- Remove paid feature callout badge (merge request)
- Disable sandboxed_mermaid feature flag (merge request)
- Remove incident labeled metric (merge request)
- Drop
positioncolumn fromsecurity_findingstable (merge request) - Remove username suggestion for trial registration (merge request) GitLab Enterprise Edition
Security (8 changes)
- Upgrade to Rails v6.1.4.6 (merge request)
- Fixes typo on pipeline model
- Add Gitlab::BufferedIo with header read timeout (merge request)
- Ignore spoofable Reply-To address in Service Desk (merge request)
- Enable Secure attribute for frontend cookies (merge request)
- Block recursive webhooks (merge request)
- Sanitize link markup for vulnerability chat messages (merge request) GitLab Enterprise Edition
- Adding a conditional to prevent an unauthorized route (merge request)
Performance (17 changes)
- Refactor building project secret variables (merge request)
- Enable branches API rate limit cache (merge request)
- Enable caching on tags API (merge request)
- Enable JSON limited encoder (merge request)
- Enable repository API rate limit cache (merge request)
- Enable caching on merge requests API (merge request)
- Enable Grape/Gitlab::Json hook (merge request)
- Add partial index for active Cluster Image Scanning vulnerabilities (merge request)
- Reduce Redis calls for instance level variables (merge request)
- Optimize User#ci_owned_runners query (merge request)
- Add compound index for
vulnerabilitiestable onproject_idandid(merge request) - Cache CI expire_in parsing (merge request)
- Speed up project exports by moving the archive to the cache dir (merge request)
- Fix cross join query for Ci::Runner#projects (merge request)
- Remove ci_preload_runner_tags feature flag (merge request)
- Optimize decryption of CI variables (merge request)
- Improve Sidekiq jobs that use DB load balancing (merge request)
Other (66 changes)
- Revert "Merge branch 'role-targeted-broadcast' into 'master'" (merge request)
- Add foreign key to ci_builds runner_id (merge request)
- Fix Style/OpenStructUse offenses for import service and spec helpers by @edith007 (merge request)
- Remove new_route_storage_purchase feature flag (merge request)
- Fix Style/OpenStructUse offenses in project cluster_controller_spec by @edith007 (merge request)
- Fix Style/OpenStructUse offenses in project clusters_spec by @edith007 (merge request)
- Fix Style/OpenStructUse offenses in group cluster controller specs by @edith007 (merge request)
- Backfill CI queuing tables (merge request)
- Mentioned breaking change label in contribution guide (merge request)
- Migration for deleting service template records by @lenikadali (merge request)
- Make starrers sort dropdown Pajamas-compliant (merge request)
- Remove track_application_boot_time FF (merge request)
- Add statistics card component with tests (merge request) GitLab Enterprise Edition
- Moving gitlab_loose_foreign_key to config/ directory by @edith007 (merge request)
- Remove Geo proxying metrics feature flag (merge request) GitLab Enterprise Edition
- Update comment for ActiveModel::Serializers::JSON in presenter by @edith007 (merge request)
- Truncate before vulnerability link index creation (merge request)
- Remove the FF ci_find_runners_by_ci_mirrors (merge request)
- Remove ::Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
- Remove Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
- Add documentation links to Merge Request settings page (merge request)
- Remove FF ci_order_subsequent_jobs_by_stage (merge request)
- Remove the
packages_installable_package_filesfeature flag (merge request) - Update badge in accessibility issue body (merge request)
- Unify image pin style for diffs/design management (merge request)
- Cleanup after variables builder (merge request)
- Update external authorization docs (merge request)
- Cleanup PopulateTestReportsIssueId background migration jobs (merge request)
- Set type of Web IDE commit button to submit by @tchandelle (merge request)
- Remove redundant index on clusters_kubernetes_namespaces (merge request)
- Fix Rails/SaveBang offenses by @edith007
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Finalize backfilling ci mirror tables (merge request)
- Delete tributejs for autocomplete (merge request)
- Remove feature flags for configuring object store files deletion (merge request)
- Fixes OpenStruct use in design_management specs by @mehulsharma (merge request)
- Fix Style/OpenStructUse offenses by @edith007 (merge request)
- Remove FF ci_namespace_project_mirrors (merge request)
- Remove ci_runner_projects_disable_joins feature flag (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Update seat_usage references (merge request) GitLab Enterprise Edition
- Add World.prepend_mod to allow JH override by @chaomao (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Fix OpenStruct use in metadata_extraction_service by @mehulsharma (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request)
- Remove feature flag
ff_external_audit_events_namespaceby @davebarr (merge request) GitLab Enterprise Edition - Add gl-pr-3 to top_nav_menu_item to account for chevron (merge request)
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove ci_decompose_for_namespace_monthly_usage_query feature flag (merge request)
- Fix RSpec/TimecopFreeze offenses (Part 1/2) by @KevSlashNull (merge request)
- Fix display of times in access and deploy token table by @edith007 (merge request)
- Fix GraphQL/OrderedArguments offense (Part 4/6) by @KevSlashNull (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 1/4) by @KevSlashNull (merge request)
- Update missing branch widget text to include branch name (merge request)
- Revert frontend API rate limits change (merge request)
- Separate deployments creation from pipeline job creation (merge request)
- Move the merge train helper icon to near the merge button (merge request)
- Reschedule migration for self-managed (merge request) GitLab Enterprise Edition
- Remove unnecessary index on cluster_agent_tokens (merge request)
- Remove
net-ssh,ed25519, andbcrypt_pbkdfgems from dependencies (merge request) - Update GitLab Runner Helm Chart to 0.37.1 (merge request)
- Update GitLab Runner Helm Chart to 0.37.0 (merge request)
- Use
ssh_datagem instead ofnet-sshandsshkeywhere possible (merge request) - Remove feature flag already default enabled (merge request) GitLab Enterprise Edition
Security
Security wording was detected, but no CVEs were found.
Details
date
Feb. 21, 2022, midnight
name
14.8.0
type
Minor
π
Register or login to:
- πView and search all GitLab EE releases.
- π οΈCreate and share lists to track your tools.
- π¨Setup notifications for major, security, feature or patch updates.
- πMuch more coming soon!