GitLab EE - 14.9.0
Security
(2022-03-21)
Added (119 changes)
- Toggle the related_epics_widge feature flag (merge request) GitLab Enterprise Edition
- Add Time to Restore Service DORA metric (merge request) GitLab Enterprise Edition
- Added possiblity to create new token from the UI (merge request)
- Add param to Wiki REST endpoint to retrieve different page versions (merge request)
- Add Harbor integration by @prajnamas (merge request)
- MR widget: update merge commit message when default changed by @trakos (merge request)
- Support agent registration without config (merge request)
- Add
RestrictGitlabSchema
that enforcesrestrict_gitlab_migration
(merge request) - Enable the vsa_incremental_worker FF by default (merge request)
- Add deployment approval comment field (merge request) GitLab Enterprise Edition
- Support iteration property for issues api (merge request) GitLab Enterprise Edition
- Filter archived issues / MRs from GraphQL (merge request)
- Purge
security_findings
records periodically (merge request) GitLab Enterprise Edition - Upgrade GitLab Pages to 1.56.0 (merge request)
- Stream audit event on merge request approval (merge request) GitLab Enterprise Edition
- Use batches for pull request import jobs (merge request)
- Verify protected tags permissions for pull mirroring (merge request)
- Document how to use CI
dependencies
andparallel:matrix
together (merge request) - Add security training urls (merge request) GitLab Enterprise Edition
- Add
Enterprise
filter to members search bar (merge request) GitLab Enterprise Edition - Add VulnerabilityReadsFinder to speed up API responses (merge request) GitLab Enterprise Edition
- Copy metric images from alert to new incident (merge request) GitLab Enterprise Edition
- Expose UserInteractions for participants of a merge request (merge request)
- Remove wiki_front_matter FF (merge request)
- Add default branch to Pipelines page filter if no search term provided (merge request)
- Creates asynchronously index on ci_job_artifacts table (merge request)
- GraphQL: Add notificationEmail to GroupMembers (merge request)
- Add external status checks total to ping (merge request) GitLab Enterprise Edition
- Add CAPTCHA to REST API (merge request)
- Implement GET APIs for Deploy Tokens by @tuxtimo (merge request)
- Add namespace to Security Policy Orchestration Configuration (merge request) GitLab Enterprise Edition
- Add deployment approval UI MVC (merge request) GitLab Enterprise Edition
- Add support for failure status status checks (merge request) GitLab Enterprise Edition
- Allow to list related epics on REST API (merge request) GitLab Enterprise Edition
- Add
coverage_report
keyword to CI config (merge request) - Add audit logs when unassigning CI runner from a project (merge request) GitLab Enterprise Edition
- Permalink to the latest release (merge request)
- Allow the /merge quick action through graphql create note (merge request)
- Add projects with status checks to ping (merge request) GitLab Enterprise Edition
- Add security training providers (merge request)
- Add OpenSSL FIPS mode detection and env var (merge request)
- Support Vault EE namespaces by @aleksanderzak (merge request)
- Add free user cap feature flag and controls (merge request) GitLab Enterprise Edition
- Add support stackprof in GitLab profiler (merge request)
- Include invited groups into protected environments API (merge request) GitLab Enterprise Edition
- Add wiki page render option to wiki API (merge request)
- Remove rate_limit_user_sign_up_endpoint feature flag (merge request)
- Expose committers on mergeRequest GraphQL type (merge request)
- Add backend interface to look up for security training (merge request) GitLab Enterprise Edition
- Show security report warnings on pipeline security tab (merge request) GitLab Enterprise Edition
- Allow to destroy related epics association on internal API (merge request) GitLab Enterprise Edition
- Add frontend routing to Geo GraphQL specific sites (merge request) GitLab Enterprise Edition
- Add audit logs when assigning CI runner to project (merge request) GitLab Enterprise Edition
- Merge/squash commit templates: add %{all_commits} variable by @trakos (merge request)
- Add size to image details heade (merge request)
- Feat(Licesing): update upload to activate (merge request) GitLab Enterprise Edition
- Send a notification when a new access token is created by @rpadovani (merge request)
- Add audit event for project deploy tokens (merge request) GitLab Enterprise Edition
- Add audit event for group deploy tokens (merge request) GitLab Enterprise Edition
- Add suggestion to use short-living tokens to end-users (merge request)
- Add comment to Deployment Approvals (merge request) GitLab Enterprise Edition
- Parse pasted markdown (merge request)
- Remove rate_limit_user_by_id_endpoint feature flag (merge request)
- Remove rate_limit_username_exists_endpoint feature flag (merge request)
- Remove rate_limit_profile_update_username feature flag (merge request)
- Expose sum of weights for epic board lists on GraphQL endpoint (merge request) GitLab Enterprise Edition
- Add security scan status to GraphQL API (merge request) GitLab Enterprise Edition
- Add saved replies (merge request)
- Backfill all project namespaces (merge request)
- Implement API endpoint to get single SSH key for specific user by @tuxtimo (merge request)
- Add job_variables_attributes to play build API (merge request)
- Use fair queueing for Loose Foreign Keys (merge request)
- Add application setting for cleanup policy caching (merge request)
- Add GraphQL Todoable interface for to-do targets by @KevSlashNull (merge request)
- Add circuit breaker for gitlab experimentation (merge request)
- Add delete endpoint for Alert metric images (merge request) GitLab Enterprise Edition
- Enable Loose Foreign Keys partition rotation (merge request)
- Add scan method to dast site profile GraphQL API (merge request) GitLab Enterprise Edition
- Filter a pipeline by author by @genctys (merge request)
- Allow to pass suggestedColors to ColorPicker by @wwwjon (merge request)
- Add security_and_compliance_access_level to Projects API by @ytans (merge request)
- Add user and system note filters to note_authors association (merge request)
- Add analytics to detect deployment jobs being executed (merge request)
- Add filters and sorting to compliance violations GraphQL type (merge request) GitLab Enterprise Edition
- Add encoding field to wiki API (merge request)
- Add ingestion for Finding Evidence (merge request) GitLab Enterprise Edition
- Feat(Licensing): add Offline cloud type (merge request) GitLab Enterprise Edition
- Add webhook delivery method options to config/mail_room.yml (merge request)
- Improve strikethrough in Markdown editor by @smokris (merge request)
- Created compliance violation GraphQL type and added to Group type (merge request) GitLab Enterprise Edition
- Implement colour attribute for epics by @espadav8 (merge request)
- Add basic FIPS class (merge request)
- Add Dark Mode support to the image_tag helper (merge request)
- Add upload & update endpoints for alert metrics (merge request) GitLab Enterprise Edition
- API: Add endpoint to reset runner token with old token by @KyleFromKitware (merge request)
- Added updated_state_by_user to reviewers and assignees (merge request)
- Swapable cleaner/raw diffs for Notebooks (merge request)
- Upgrade GitLab Pages to 1.55.0 (merge request)
- Enable pending builds table queuing strategy (merge request)
- Add a timeline event pipeline filter to TimelineEvent (merge request) GitLab Enterprise Edition
- Add read API for Alert Metric Images (merge request) GitLab Enterprise Edition
- Support scoped iteration report (merge request) GitLab Enterprise Edition
- Add mutation to promote timeline event from a note (merge request) GitLab Enterprise Edition
- Add active and passive profiles (merge request) GitLab Enterprise Edition
- Support scoping for timebox report via GraphQL (merge request) GitLab Enterprise Edition
- Add aggregated VSA consistency check service (merge request)
- Return runner editUrl via GraphQL API (merge request)
- Add the total time chart to each VSA stage (merge request) GitLab Enterprise Edition
- Workhorse: Allow HTTPS for backends (merge request)
- Adds cross_project_pipeline_available to NamespaceType (merge request)
- Add readme in repo creation for reg flow (merge request) GitLab Enterprise Edition
- Hide markdown preview tab if editing non-markdown formats by @espadav8 (merge request)
- Log CI runner unregistration audit events (merge request) GitLab Enterprise Edition
- Add a consolidated button to edit blobs (merge request)
- Calculate storage statistics for dependency proxy (merge request)
- Latest release badge documentation inclusion (merge request)
- Add slash command to page incident (merge request) GitLab Enterprise Edition
- Expose container repository sizes (merge request)
- Create RelatedEpic table and model (merge request)
Fixed (132 changes)
- Cleaned up clusters_helper and cluster index haml (merge request)
- Update holder name column to 50 limit constraint (merge request)
- Improve wording for vulnerabilities_allowed (merge request) GitLab Enterprise Edition
- Add missing input box for search rate limiting configuration (merge request)
- Handle Jira Connect installation updates (merge request)
- Return a 422 error for Changelog::Error exception (merge request)
- Fix empty state pipelines page (merge request)
- Update attribute indirection (merge request) GitLab Enterprise Edition
- Fixed incorrect minimum number of users on subscription purchase flow (merge request) GitLab Enterprise Edition
- Refactor remove topic avatar (merge request)
- Fix default Ci config path (merge request)
- Fix ci.json: Remove Nesting from Secrets Rule (merge request)
- Fix DevopsAdoption usage metric gathering (merge request) GitLab Enterprise Edition
- Fix Epic and Label != filtered search suggestions not showing (merge request)
- Handle recursion when creating ApplicationSettings (merge request)
- Fall back to avaiable scope if scope is invalid (merge request)
- Fix sourcegraph breaking on projects/:id (merge request)
- Find or initialize Scanners using project_id (merge request) GitLab Enterprise Edition
- Add responsive property to area charts in CI minutes (merge request) GitLab Enterprise Edition
- Additional spec to capture bug in latest release permalink and fix same (merge request)
- Global Search - Fix ref based searches (merge request)
- Remove duplicate new cluster button (merge request)
- Increase token preview length in runner audit logs (merge request) GitLab Enterprise Edition
- Fix unexpected height stretch of CI job duration badge by @nanmu42 (merge request)
- Allow setting push events branch filter for group hooks (merge request) GitLab Enterprise Edition
- Support CRM contacts only in root groups by @leetickett (merge request)
- UI Bug Fix: Expand the early checks when using /merge quick action (merge request) GitLab Enterprise Edition
- Fix an inaccurate help page link (merge request)
- Add validation for rule/yaml modes switch (merge request) GitLab Enterprise Edition
- Fix namespace usage quotas storage pagination (merge request)
- Replace applications destroy alert with GlModal (merge request)
- Don't allow filtering by
in
alone on issue/MR dashboard (merge request) - Allow invite group modal to render when membership is locked (merge request) GitLab Enterprise Edition
- Scan MR description when syncing builds with Jira (merge request)
- Set resoure_iteration_events to ghost user (merge request) GitLab Enterprise Edition
- Update BulkImports Export to handle unexpected failure (merge request)
- Fix UsageDataQueries API not returning a query (merge request) GitLab Enterprise Edition
- Fixed user cap evaluation for all OAuth login (merge request) GitLab Enterprise Edition
- Fix retrying of batched background migrations (merge request)
- Allow merge commits for SD (merge request)
- Fix startup crash in Puma single mode (merge request)
- Decouple policy name update from yaml/rule modes (merge request) GitLab Enterprise Edition
- Poll folder for changes in new environments page (merge request)
- Remove empty approvers in regards to (merge request) GitLab Enterprise Edition
- Check authorization to view billableMembersCount (merge request) GitLab Enterprise Edition
- Refactor repo deletion existence checking (merge request)
- Make hr in markdown visible in darkmode by @dianapaula19 (merge request)
- Fix filters presence check to take value into consideration (merge request)
- Param requires_python is optional for pypi (merge request)
- Ensure that the spaces between frontmatter are kept by @tchandelle (merge request)
- Fix sourcemap recovery error in Content Editor (merge request)
- Users who can read group should read group token (merge request)
- Fix bot token name in issues (merge request)
- Allow inherited members of groups to deploy protected environments (merge request)
- Update group bulk edit issues user docs (merge request)
- Fix variable in _prometheus.html.haml so it shows as a code block (merge request)
- Project settings: fix semi-linear merge description by @trakos (merge request)
- Fix rake task to seed Geo tracking database (merge request) GitLab Enterprise Edition
- Fix remove button overlap with other components (merge request) GitLab Enterprise Edition
- Include merge-requests in RESERVED_REFS_NAMES (merge request)
- Pass issue ID to merge request creation form (merge request)
- Apply omniauth defaults when no arguments are given (merge request)
- Fix
Verify SAML Configuration
button (merge request) GitLab Enterprise Edition - Replace success variant with the confirm (merge request) GitLab Enterprise Edition
- Modify Union sql construction (merge request)
- Restart Action Cable server when Redis disconnects (merge request)
- Cache namespace first Auto DevOps config (merge request)
- Global Search - Header Search Snippets (merge request)
- Fix NoMethodError when visiting repo analytics (merge request) GitLab Enterprise Edition
- Skip navigation modal for cancel button (merge request)
- Handle not existing training ID for securityTrainingUpdate mutation (merge request) GitLab Enterprise Edition
- Fix VSA error with scoped labels (merge request) GitLab Enterprise Edition
- Fix markdown serialization in content editor (merge request)
- Fix the month view on CI usage by minutes bar chart by @parkourkarthik (merge request)
- Hard delete bulk snippets (merge request)
- Allow popups and links within mermaid diagrams (merge request)
- Fixed bug preventing agent creation from agent tab (merge request)
- Prevent database deadlocks when deleting projects (merge request)
- Fix mermaid background in dark mode (merge request)
- Change Edit to Open in Blob view to maintain consistency by @rajanamistry (merge request)
- Fix loading spinner for legacy Filtered search dropdown (merge request)
- Replace RegistrySearch component with PersistedSearch by @orozot (merge request)
- Fix sending BlobContent query with empty variables (merge request)
- Add container to qrtly reconciliation banner (merge request) GitLab Enterprise Edition
- Add container for manual renewal banner (merge request) GitLab Enterprise Edition
- Make loading spinner Pajamas compliant (merge request)
- Reset paging when sort is changed on vulnerability report (merge request) GitLab Enterprise Edition
- Fix job page copy source branch button by @leetickett (merge request)
- Raise error when diff note import fails (merge request)
- Fix group members tooltip label by @ali_o_kan (merge request)
- Fix loading icon in activity calendar (merge request)
- Fix rendering vulnerability markdown description (merge request) GitLab Enterprise Edition
- Filter commented_approvers for user note authors (merge request)
- Remove fix_comment_scroll feature flag (merge request)
- Fix error from invalid sha for
include
files (merge request) - Fix GRPC 500 from BlobsResolver (merge request)
- Add error for cross pipeline dependencies (merge request)
- Handle received header fallback for missing Delivered-To (merge request)
- Fix erroneous all warning from race condition (merge request)
- Remove unnecessary margin to the right of the Show comment only dropdown by @rajanamistry (merge request)
- Expose merge request flag as boolean in the pipeline entity (merge request)
- Fix pull/push mirror authentication fields (merge request)
- Allow admin to register group runners at all times (merge request)
- Fix cross-database modification when resetting CI minutes (merge request)
- Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
- Enable removing import data on failure by default (merge request)
- Fix flash color when there is an error by @ali_o_kan (merge request)
- Allow assigning users with private profiles (merge request)
- Fix multiple modals showing when canceling note (merge request)
- Allow admin to register project runners at all times (merge request)
- Block execution of cyclical pipelines (merge request)
- Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
- Truncate Jira app key to be no longer than 64 (merge request)
- Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
- Avoid idling in transaction when fetching source for merge requests (merge request)
- Fix response of
securityTrainingUpdate
mutation (merge request) GitLab Enterprise Edition - Remove CachingArrayResolver from epic issues (merge request) GitLab Enterprise Edition
- Do not mirror protected tags restricted for a creation (merge request) GitLab Enterprise Edition
- Hide white box at bottom of MR diff page (merge request)
- Stop backup files from requiring directories to exist when skipped (merge request)
- Fix the Content Editor strikethrough shortcut docs by @smokris (merge request)
- Fix TypeError from Tags::Reference (merge request)
- Fix copy button in Enable Review App modal by @aeboyaci (merge request)
- Pass all options from member entity (merge request)
- Automatically adapt the CSP when snowplow is enabled (merge request)
- Fix toolbar buttons in Markdown field (merge request)
- Fix Replace button form path (merge request)
- Allow project admin to read project approvals (merge request) GitLab Enterprise Edition
- Dynamically add AWS URLs to CSP on EKS auth page (merge request)
- Do not count group bot users from shared group towards seat usage (merge request) GitLab Enterprise Edition
- Make contribution graph email grouping ignore case (merge request)
- Don't return 500 error in Commits API when repository is missing (merge request)
Changed (194 changes)
- Add iteration selector to board scope (merge request) GitLab Enterprise Edition
- Block limited broadcast address (255.255.255.255) in UrlBlocker (merge request)
- Migrate to unique indices in projects runners tokens (merge request)
- Track git blame clicks from code search results (merge request)
- Split cluster creation page into two pages (merge request)
- Prevent group owners from deleting certain project runners (merge request)
- Remove unnecessary Edit tab in WebIDE by @Bisht13 (merge request)
- Switch AWS "easy button" icons with radio buttons (merge request)
- Update error message with importing container repository (merge request)
- Update runner Pause/Resume button labels (merge request)
- Update Jira integration form to have sections (merge request)
- Set geo_job_artifact_replication default to true (merge request) GitLab Enterprise Edition
- Use checkboxes to select target roles for broadcast messages (merge request)
- Add frontend validation to avoid duplicate asset link names by @emanuelfarias (merge request)
- Adding Secure Files upload limit (merge request)
- Promote exp: change_continuous_onboarding_link_urls (merge request)
- Move two-factor authentication callout to the todo-list page (merge request)
- Use new vulnerability report for pipeline security tab (merge request) GitLab Enterprise Edition
- Update job page for blocked deployments (merge request) GitLab Enterprise Edition
- Remove block_project_serialization feature flag (merge request)
- Migrate two-factor auth error message to shared HAML partial (merge request)
- Enable the
geo_token_user_authentication
FF by default (merge request) - Do not ensure HEAD is default_branch on snippets (merge request)
- Project authorization is unique per user, project (merge request)
- Change CI lint primary button style by @gtsiolis (merge request)
- Add pipeline editor walkthrough feature permanently (merge request)
- Add error when acccess denied due to credit card (merge request) GitLab Enterprise Edition
- Turn the subscribable banner into an alert (merge request) GitLab Enterprise Edition
- Add configurable search rate limits (merge request)
- Improve email notification styling by @smokris (merge request)
- Enable API kaminari count with limit by @jaspreet-3911 (merge request)
- Bump GITLAB_KAS_VERSION to 14.9.0 (merge request)
- Revise merge-conflict modal text (merge request)
- Rename remove user action (merge request)
- Search presenter is a noop when given empty results (merge request)
- Restyle project deletion and restoration containers (merge request) GitLab Enterprise Edition
- Remove new environments table feature flag (merge request)
- Add link to incident title (merge request)
- Remove type from ruby template (merge request)
- Enable feature flags to resume artifact removal (merge request)
- Validate urls before attempting to download (merge request)
- Parse Snowplow value as Number (merge request)
- Remove placeholder and move error message in the form (merge request)
- Update auto-build-image to v1.9.1 (merge request)
- Remove feature flag to read finding evidence model (merge request) GitLab Enterprise Edition
- Removed compliance_violations_graphql_type feature flag (merge request) GitLab Enterprise Edition
- Enable show_report_validation_warnings by default (merge request)
- Use follow redirects middleware in the Container Registry clients (merge request)
- Use SAX parser for cobertura coverage reports (merge request)
- Migrate spinners in approver suggestion partial (merge request) GitLab Enterprise Edition
- Release chat notification branch filter for deployments (merge request)
- Add no-sort-reset prop to vulnerability list (merge request) GitLab Enterprise Edition
- Update placeholder text in import projects table (merge request)
- Reduce the number of buckets in Sidekiq histograms (merge request)
- Wrap alert in a DIV by @gitlab-dependency-update-bot (merge request) GitLab Enterprise Edition
- Remove vulnerability_finding_replace_metadata flag (merge request) GitLab Enterprise Edition
- Update group-level compliance framework to match project settings (merge request) GitLab Enterprise Edition
- Merge injected KUBECONFIGs for clusters and agents (merge request)
- Fallback to basic search on archived projects (merge request) GitLab Enterprise Edition
- Added cluster Actions menu to group and admin view (merge request)
- Remove feature flags for runner token prefix (merge request)
- Fix RSpec/TimecopTravel offenses (Part 2/2) by @KevSlashNull (merge request)
- Disallow integrated error tracking by default (merge request)
- Improve and internationalize Deployment Approval error messages (merge request) GitLab Enterprise Edition
- Update new issue form to match Pajamas specs (merge request)
- Refactor(Groups SSO): migrate to gl-tabs (merge request) GitLab Enterprise Edition
- Enable cleanup policies throttling by default (merge request)
- Global Search - Support non-js searches (merge request)
- Update icon, remove text, and switch (merge request)
- Allow to hide deployment target on New Project page by @wwwjon (merge request)
- Support GraphQL authentication with project tokens (merge request)
- Migrate Epic Tabs to use Button Group (merge request) GitLab Enterprise Edition
- Extend billable members count to accept requested hosted plan parameter (merge request) GitLab Enterprise Edition
- Bump Auto Deploy Image verion to v2.22.0 (merge request)
- Consider non-default config files for Security UI (merge request)
- Migrate loading spinners (merge request)
- Update project compliance frameworks settings (merge request) GitLab Enterprise Edition
- Issue 349398 - Update search field in Global Search (merge request)
- Header Search Refactor - Handle Errors in the component (merge request)
- Migrate spinners in archived projects partial (merge request)
- Migrate spinners in user's overview (merge request)
- Migrate spinners in explore groups partial (merge request)
- Creates audit event when approval rule is deleted (merge request) GitLab Enterprise Edition
- Creates audit event on approval rule creation (merge request) GitLab Enterprise Edition
- Update Auto DevOps docker versions to 20.x (merge request)
- Remove constraints from sprints table (merge request)
- Move Geo repository updated event creation into a worker (merge request) GitLab Enterprise Edition
- Migrate loading icon to be Pajamas compliant (merge request)
- Migrate loading spinners (merge request)
- Move default branch protection to repository settings (merge request)
- Migrate loading spinners (merge request)
- Update registration enabled callout (merge request)
- Migrate loading spinners (merge request)
- Iteration search uses cadence and iteration titles (merge request) GitLab Enterprise Edition
- Display license ID retrieved from CustomersDot (merge request) GitLab Enterprise Edition
- Re-introduce role-targeted broadcast messages (merge request)
- Use GlAvatar in security dashboard (merge request) GitLab Enterprise Edition
- Remove personal_project_owner_with_owner_access feature flag (merge request)
- Use the environment tier for jira connect deployment environment type by @alanandrade (merge request)
- Add unique index for security training providers (merge request)
- Allow tags as target of pipeline scheduled by @KevSlashNull (merge request)
- Migrate group/project member spinners (merge request)
- Migrate legacy spinner (merge request)
- Disable multi-project viz for free users (merge request)
- Update Import object persistence approach (merge request)
- Correct text of Banner message label (merge request) GitLab Enterprise Edition
- Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
- Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
- Update maximum allowable lifetime message for PAT (merge request) GitLab Enterprise Edition
- Disable the PA commit button when there are no changes (merge request)
- Add the "Support Ukraine" tanuki (merge request)
- Link new issue to original via checkbox by @smokris (merge request)
- Migrate gfm loading spinner (merge request)
- Use report-declared version of the schema (merge request) GitLab Enterprise Edition
- Migrate MAINTAINER access memberships to OWNER (merge request)
- Surface validation errors as warnings (merge request) GitLab Enterprise Edition
- Migrate loading icon (merge request)
- Geo secondary proxying: serve assets locally (merge request) GitLab Enterprise Edition
- Replace n/a with a hyphen in the runners table (merge request)
- Update Secret Detection template (merge request)
- Add alert and disable active checkbox (merge request)
- Improve UI text of sign-in restrictions (merge request)
- Put deprecated serverless features behind feature flag (merge request)
- Add BlocksUnsafeSerialization to Project (merge request)
- Add default_branch to KAS responses (merge request)
- Use GlButtonGroup instead of GlSegmentedControl (merge request) GitLab Enterprise Edition
- Change loading state jobs tab (merge request)
- Increase pipeline editor debounce to 500ms (merge request)
- Set danger variant and label to delete WA Device (merge request)
- Set danger variant and label to destroy oauth app (merge request)
- Set variants and labels to abuse report buttons (merge request)
- Set danger variant to delete artifact button (merge request)
- Set danger variant & labels for appearance buttons (merge request)
- Improve Sourcegraph settings text (merge request)
- Remove pipeline editor button from blob view (merge request)
- Refine copy for Jira integration (merge request)
- Project quality summary: add test runs empty state (merge request)
- Backfill
member_namespace_id
forGroupMember
(merge request) - Merge branch 'user-validation-failed-message' into 'master' (merge request)
- Improve user validation failed message (merge request)
- Remove releases with NULL tags and add not-NULL constraint (merge request)
- Replace success with confim variant (merge request)
- Suggest backend reviewer for erb and haml files (merge request)
- Add Gitlab.revision to Gitlab::JsonCache cache_key by default (merge request)
- Replace window.confirm with GlModa in environment actions (merge request)
- Use instrumentation classes for Service Ping generation (merge request)
- Remove null constraint from security_scan_succeeded column by @svdj (merge request)
- Improve the labels on Kubernetes Agent UI (merge request)
- Expose created_at when serializing Deployment Approvals (merge request) GitLab Enterprise Edition
- Split rebase action buttons into two separate buttons by @KevSlashNull (merge request)
- Reword 'build' to 'pipeline' in todos by @KevSlashNull (merge request)
- Update pipeline labels (merge request)
- Re-position the erase log button (merge request)
- Adjust incident list column widths and truncation (merge request)
- Replace the gitlab import haml modal with a GlModal (merge request)
- Adds a notification for a future dated license (merge request) GitLab Enterprise Edition
- Use strong params for ProjectsController by default (merge request)
- Update iteration lists (merge request) GitLab Enterprise Edition
- Improve accessibility on empty project page (merge request)
- Use GlAvatar in operations dashboard (merge request) GitLab Enterprise Edition
- Update trial status reminder design (merge request) GitLab Enterprise Edition
- Hide issue header dropdown button if there are no actions by @KevSlashNull (merge request)
- Use groups API for Approvals form by default (merge request) GitLab Enterprise Edition
- Remove the VSA duration chart stage dropdown (merge request) GitLab Enterprise Edition
- Introduce new jobs tab (merge request)
- Rate limit epic create service (merge request) GitLab Enterprise Edition
- Use sentence case for trigger events (merge request)
- Remove GlAlert contained prop (merge request) GitLab Enterprise Edition
- Switched title to h1 on issues (merge request)
- Improve Amazon EKS settings text (merge request)
- Stop using type, and use type_new instead (merge request)
- Drop show_diff_preview_in_email column (merge request)
- Add aria-label and tooltip to the emoji picker (merge request)
- Update cleanup policy parameters (merge request)
- Increase text limit of maintainer_note field (merge request)
- Clear future subscriptions info on license destroy (merge request) GitLab Enterprise Edition
- Change button variant to confirm in Web IDE modals (merge request)
- Allow only topic names that are case insensitive unique by @wwwjon (merge request)
- Return project delete errors (merge request)
- Replace GlSegmentedControl with GlDropdown (merge request)
- Change the order column of topics to non_private_projects_count by @wwwjon (merge request)
- Removed rate_limited_service_issues_create flag (merge request)
- Migrate create protected branch form to GlToggle (merge request)
- Deprecate test reports relationship with requirements (merge request) GitLab Enterprise Edition
- Update registry regex to allow 4 levels (merge request)
- Validate NOT NULL on security_findings.uuid column (merge request)
- Migrate edit protected branch form to GlToggle (merge request)
- Clean up feature flag publish_project_deleted_event to enable by default (merge request)
- Default to delayed deletion for projects not in personal namespace (merge request)
- Enable scan_result_policy by default (merge request) GitLab Enterprise Edition
- Append URL issue description to template by @smokris (merge request)
- Remove fork_project_form feature flag (merge request)
- Add SUPPORTED_VERSIONS and DEPRECATED_VERSIONS to SchemaValidator (merge request)
- Update documentation for Usage quota (merge request)
Deprecated (3 changes)
- Deprecate VALIDATE_SCHEMA configuration variable (merge request)
- Add deprecation notice to NetworkPolicyConnection (merge request) GitLab Enterprise Edition
- feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)
Removed (10 changes)
- Clean up import and other invite members modal rollout pieces (merge request)
- Untrack external_pull_requests row deletions (merge request)
- Remove support for unsafe regular expressions (merge request)
- Drop unused partitioned_foreign_keys table (merge request)
- Cleanup Code Quality Walkthrough experiment (merge request)
- Cleanup Ci Runner Templates experiment (merge request)
- Remove :cluster_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
- Clean up forcibly_show_trial_status_popover experiment (merge request)
- Remove
security_report_ingestion_framework
feature flag (merge request) GitLab Enterprise Edition - Remove cache_shared_runners_enabled FF (merge request)
Security (16 changes)
- Set nosniff header on assets requests (merge request)
- Default enable header_read_timeout_buffered_io (merge request)
- Escape branch names in push instructions (merge request)
- Create Error.rb, update ProcessPolicyService by @FacVain (merge request) GitLab Enterprise Edition
- Add Integration.encrypted_properties (merge request)
- Warn when snippet contains unretrievable files
- Change runners_token prefix for Group and Project
- Add runners_token prefix to Group and Project
- Only expose
id
andname
attributes when serializing deploy token (merge request) - Prevent DOS when rendering math markdown
- Limit commands_changes to certain keys
- Reset password field on page load
- Check permission when creating members through service
- Check for unsafe characters in email addresses before sending
- Anonymous user can enumerate all users through GraphQL endpoint
- Exif metadata not stripped when uploading image attachments via Emails (merge request)
Performance (10 changes)
- Improve performance of group releases endpoints (merge request)
- Load highlight.js languages asynchronously (merge request)
- Add index on releases table to resolve cicd settings page timeout (merge request)
- Fix slow query for "All" tabs in "Your projects" activity page (merge request)
- Drop old index for security ci builds on name and id parser (merge request)
- Create new index for security ci builds with new features (merge request)
- Recreate index for security builds to include fuzzing jobs (merge request)
- Schedule async weekend build of index for job traces (merge request)
- Decrease the default fast statement timeout (merge request)
- GlTableLite in favor of GlTable for runners list (merge request)
Other (82 changes)
- Adjust NullifyOrphanRunnerIdOnCiBuilds batch parameters (merge request)
- Remove duplicate releases from projects (merge request)
- Pass formats explicitly when rendering .html format by @edith007 (merge request)
- Complete environments
GET
API docs by @tuxtimo (merge request) - Add statistics seats card (merge request) GitLab Enterprise Edition
- Remove
maxlength
limit from the project description textarea (merge request) - Add support for relating epics (merge request) GitLab Enterprise Edition
- Revert changes about moving methods to base class (merge request) GitLab Enterprise Edition
- Add list related epic links API documentation (merge request)
- Remove restrict_special_characters_in_project_path feature flag (merge request)
- Update import manifest alert (merge request)
- Update gcp signup offer to alert partial (merge request)
- Update runner edit alert to use partial (merge request)
- Fix GraphQL/FieldMethod offense (Part 1/2) by @KevSlashNull (merge request)
- Remove dependency list usage data from Redis (merge request) GitLab Enterprise Edition
- Remove corpus management feature flags (merge request) GitLab Enterprise Edition
- Fix artifacts with wrong expire_at date (merge request)
- Update data in batches while deleting a user (merge request) GitLab Enterprise Edition
- Document performance implication of the feature flags (merge request)
- Remove real-time feature flags (merge request)
- Move reactive cache methods to base class (merge request) GitLab Enterprise Edition
- This enables the pipeline_schedules_with_tags feature flag (merge request)
- Remove the invite members modal feature flag (merge request) GitLab Enterprise Edition
- Remove feature flag
project_owners_list_project_pending_deletion
(merge request) GitLab Enterprise Edition - Update Web IDE copy (merge request)
- Add dispensable_render methods (merge request)
- Remove ci_pipeline_merge_request_presence_check feature flag (merge request)
- Remove default_merge_ref_for_diffs feature fflag (merge request)
- Remove rearrange_pipeline_table feature flag (merge request)
- Add RelatedEpicsLinks::DestroyService (merge request) GitLab Enterprise Edition
- Ignore requirements_management_test_reports.requirement_id column (merge request) GitLab Enterprise Edition
- Add nullify job for orphan runner_id columns of ci_builds (merge request)
- Rerun ConvertStringifiedRawMetadataHashToJson inline (merge request)
- Update GlAlert in security dashboard table (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Remove context_commits feature flag (merge request)
- Remove deprecated package application setting (merge request)
- Remove feature flag for bulk inserting job tags (merge request)
- Cleanup back-filling CI queuing tables migration (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Remove snippets_binary_blob FF (merge request)
- Remove usage_data_i_snippets_show FF (merge request)
- Implement Gitlab mirror scheduling tracker (merge request)
- Add certificate_based_clusters FF to Service Ping (merge request)
- danger: Use changelog rule from gitlab-dangerfiles (merge request)
- Resolve Rails/LinkToBlank rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Resolve Rails/IndexBy rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
- Remove feature flag
group_merge_request_approval_settings_feature_flag
(merge request) GitLab Enterprise Edition - Move shared code for related epic links (merge request) GitLab Enterprise Edition
- Remove the
container_expiration_policies_historic_entry
feature flag (merge request) - Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
- Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
- Support load timings for non-Chromium browsers by @davebarr (merge request)
- Resolve Rails/ShortI18n rubocop offenses by @edith007 (merge request)
- Migrate projects create from template page to GlTabs (merge request)
- Memoize group secret variables on the variables builder (merge request)
- Resolve Performance/Sum rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
- Resolve Performance/DeleteSuffix rubocop offenses by @edith007 (merge request)
- Remove feature flag for Group Projects API Plan Preloading (merge request) GitLab Enterprise Edition
- Show an IPv6 sample in placeholder text (merge request) GitLab Enterprise Edition
- Fix GraphQL/OrderedArguments offense (Part 6/6) by @KevSlashNull (merge request)
- Add advanced_search metrics to the dictionary (merge request) GitLab Enterprise Edition
- Rename usage column in storage projects-list (merge request) GitLab Enterprise Edition
- Set worker resource boundary for ImportRequirementsCsvWorker by @edith007 (merge request) GitLab Enterprise Edition
- Clean up roadmap_settings feature flag (merge request)
- Fix GraphQL/FieldDefinitions offense (Part 4/4) by @KevSlashNull (merge request)
- Fix GraphQL/OrderedArguments offense (Part 5/6) by @KevSlashNull (merge request)
- Simplify container repository delete tags services by @edith007 (merge request)
- Make labels sort dropdown pajamas compliant (merge request)
- Fix Style/OpenStructUse offenses in auth provider specs by @edith007 (merge request)
- Remove the generic_packages feature flag (merge request)
- Remove delegate as it's redundant due to SimpleDelegator by @edith007 (merge request)
- Remove unneeded override in Ci::PipelinePresenter by @edith007 (merge request)
- Clean up issue_boards_filtered_search feature flag (merge request)
- Add table for storing issue tsvector (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
March 21, 2022, midnight
name
14.9.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab EE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!