GitLab EE - 16.2.0
Security
(2023-07-21)
Added (176 changes)
- Add GraphQL API to get compliance standards adherence at group level (merge request) GitLab Enterprise Edition
- Add read_dependency column to member_roles table (merge request)
- Dashboards item under group analyze nav menu (merge request) GitLab Enterprise Edition
- Backfill vulnerability_occurrences.uuid_convert_string_to_uuid column (merge request)
- Add support for vulnerability age filtering (merge request) GitLab Enterprise Edition
- Use default template when creating issues via gql (merge request)
- Add background migration worker for Redis (merge request)
- Trigger Microsoft Group Sync on sign-in (merge request) GitLab Enterprise Edition
- Add a new faster git refs finder (merge request)
- Add SCIM as a provider to the Users API search (merge request) GitLab Enterprise Edition
- Add sync for advisories (merge request) GitLab Enterprise Edition
- Add developer documentation on required stops (merge request)
- Enforce approval rules based on attributes (merge request) GitLab Enterprise Edition
- Add namespace_storage_forks_cost_factor to application_settings table (merge request)
- Setting ml_experiment_tracking to default enabled (merge request)
- Add AddOnPurchaseType GraphQL (merge request) GitLab Enterprise Edition
- Adds table ml_model_versions and Ml::ModelVersion (merge request)
- Command Palette: Enable feature flag per default (merge request)
- Add PAT automatic reuse detection in AuthFinders (merge request)
- GraphQL endpoint for IDE code suggestions enabled (merge request)
- Add data tracking for editors (merge request)
- Add group_id argument to merge requests resolver (merge request)
- Enable shared runners on descendants (merge request)
- Enable enforcing Scan Execution Policies when gitlab-ci.yml is missing (merge request) GitLab Enterprise Edition
- Award emojis to work item notes (merge request)
- Add abuse categories to the new abuse reports list view (merge request)
- Add Terraform State in Project overview by @glauciellesa (merge request)
- Add filter_labels option to the VSD configuration file (merge request) GitLab Enterprise Edition
- Release GitLab for Slack app for Self Managed (merge request)
- Better NPM error messages (merge request)
- Add a callout for rich text editor (merge request)
- Add name field in audit events api (merge request) GitLab Enterprise Edition
- Forward all additional headers to model gateway (merge request) GitLab Enterprise Edition
- Web IDE AI Assisted code suggestions (merge request)
- Add the logic for searching and showing group wiki search (merge request) GitLab Enterprise Edition
- Release link Jira issues to GitLab deployments (merge request)
- Add emoji webhooks (merge request)
- Update Direct Transfer to support import in batches (merge request)
- Add support for award emojis to design comments (merge request)
- No repository mirroring if silent mode is enabled (merge request) GitLab Enterprise Edition
- Clean up mirror_only_branches_match_regex feature flag by @lyb124553153 (merge request) GitLab Enterprise Edition
- Add Geo bulk mark pending batch worker (merge request) GitLab Enterprise Edition
- Adds table ml_model and entity Ml::Model (merge request)
- Add group mention Slack events behind feature flag (merge request)
- Extending the scope of gitlab_schemas to be locked on multiple dbs (merge request)
- Expose null deploy_key_id fields in REST API (merge request)
- Allow to select K8s namespace for environment (merge request)
- GraphQL node for CODEOWNER file validator (merge request) GitLab Enterprise Edition
- Expose user pronouns via GraphQL (merge request)
- Show pipeline warning when 100+ jobs in stage (merge request)
- Implement include_source_code arg for ETV ai requests (merge request) GitLab Enterprise Edition
- Add Microsoft Graph client (merge request) GitLab Enterprise Edition
- Add id to EE MR state widget (merge request) GitLab Enterprise Edition
- Implement include_source_code arg for ETV ai requests (merge request) GitLab Enterprise Edition
- Add Sidekiq queueing application SLIs (merge request)
- Show user popover for assignees/reviewers in sidebar (merge request)
- Repair user sorting with relative url mounts by @markus.ferrell (merge request)
- Keep epics in elasticsearch up to date when epic data changes (merge request) GitLab Enterprise Edition
- Add /completions endpoint to proxy to model gateway (merge request) GitLab Enterprise Edition
- Specify reason when logging user_access_locked audit event (merge request) GitLab Enterprise Edition
- Relay allowlist column added (merge request)
- Add trigger to prevent delete of default org (merge request)
- Add Microsoft Graph client (merge request) GitLab Enterprise Edition
- Enable geo_registries_update_mutation FF by default (merge request) GitLab Enterprise Edition
- Add user_access_unlocked audit event (merge request) GitLab Enterprise Edition
- Improves empty state for dependency proxy (merge request)
- Add Snowplow tracking to VSD metric drill-down links (merge request) GitLab Enterprise Edition
- Enable the moved_mr_sidebar flag by default (merge request)
- Recreate tmp_idx_vulns_on_converted_uuid synchronously (merge request)
- Add raw Javascript tracking for Gitlab Internal events (merge request)
- Add API endpoint for Internal Events Tracking (merge request)
- Replace foreign keys to use the partitioned table - 4 self-managed (merge request)
- Add prevent approval by author check to Gitlab standard (merge request) GitLab Enterprise Edition
- Add ci_config_sha JWT claim (merge request)
- Add Security Policy Default source (merge request) GitLab Enterprise Edition
- Adds frontend boilerplate for /-/ml/models (merge request)
- Show Verified badge for commits signed by Gitlab (merge request)
- Feat: introduce feature flag for profile overflow menu (merge request)
- Silent mode support for Integrations (merge request)
- Add Kubernetes namespace field (merge request)
- Add support for diff suggestions in content editor (merge request)
- Implement mergeRequestDiffs property for MergeRequestType (merge request) GitLab Enterprise Edition
- Create type migration supporting index synchronously (merge request)
- Adds ModelsConstroller#index (merge request)
- Schema definitions for google cloud events (merge request) GitLab Enterprise Edition
- Adds last_enforced_at column to NamespaceLimits (merge request)
- Drop Sidekiq jobs based on feature flag (merge request)
- Create MergeRequestReviewLLmSummary model and table (merge request)
- Log Gitaly metadata when a Gitaly call raises an exception (merge request)
- Cleanup
ci_limit_environment_scope
feature flag (merge request) - Add state to catalog_resources table (merge request)
- objectpools: Add
pool_repositories
table index (merge request) - Expose explain this vulnerability prompts via GQL VulnerabilityType (merge request) GitLab Enterprise Edition
- Remove comment_on_files feature flag (merge request)
- Add description optional field for Ci::Variable (merge request)
- Finalize conversion for FKs targeting p_ci_builds - 2 self-managed (merge request)
- Add new method for RepositoryInfo RPC (merge request)
- Expose dismissal_reason on VulnerabilityType (merge request) GitLab Enterprise Edition
- Show user popover for MR approvers list (merge request)
- Add todo quick actions to work items (merge request)
- Ban users that use a banned phone number during identity verification (merge request) GitLab Enterprise Edition
- Keep username when switching between author and assignee in filter bar (merge request)
- Add contextual shortcuts for formatting options (merge request)
- Enable rich text editor in submitting a review (merge request)
- Add Microsoft app/graph tables and models (merge request)
- Adds support to the JwtAuthenticatable module (merge request)
- Admin can delete unconfirmed users automatically (merge request) GitLab Enterprise Edition
- Show user popover for sidebar participants list (merge request)
- Add support for saved replies in content editor (merge request)
- Introduce API for contributed projects (merge request)
- Add RSS feed on topic page by @oelmekki (merge request)
- Add resize handlers for images (merge request)
- Add a configuration page for gilab_shell_operation_limit by @lyb124553153 (merge request)
- Add index to support vulnerability_occurrences.uuid type migration (merge request)
- Update relations export API to support batches (merge request)
- Adds tracking columns to namespace limits (merge request)
- Add :create_runner access token scope (merge request)
- Add grouping to audit event type filter (merge request) GitLab Enterprise Edition
- Add div to MR state widget (merge request)
- Add temporary index to support dismissal_reason backfill (merge request)
- Add validation coloring on approvers (merge request) GitLab Enterprise Edition
- Support include rules 'when:' values 'always' and 'never' (merge request)
- Add creation limits for value streams and stages (merge request)
- Enables ai_chat_history_context by default (merge request) GitLab Enterprise Edition
- Added labels to issue search results (merge request) GitLab Enterprise Edition
- Show user popover for discussion note avatar (merge request)
- Extract Jira issue keys for deploy from commits
- Add Gitlab Internal Events to Frontend to unify RedisHLL/Snowplow
- Create table subscription_users_add_on_assignments
- Show Popover on Epic links within Markdown GitLab Enterprise Edition
- Add deferred_count field on deferring Sidekiq jobs
- Compare results for scan_finding approval rules from multiple pipelines GitLab Enterprise Edition
- Add TXT verification time interval
- Add user_access_locked audit event GitLab Enterprise Edition
- Support CI_JOB_TOKEN auth in Deployments API
- Extract Jira issue keys for deploy from commits (merge request)
- Add Gitlab Internal Events to Frontend to unify RedisHLL/Snowplow (merge request)
- Create table subscription_users_add_on_assignments (merge request)
- Show Popover on Epic links within Markdown (merge request) GitLab Enterprise Edition
- Compare results for scan_finding approval rules from multiple pipelines (merge request) GitLab Enterprise Edition
- Create index for project vulnerability_reads on common filters (merge request)
- Support CI_JOB_TOKEN auth in Environments API (merge request)
- Add user_access_locked audit event (merge request) GitLab Enterprise Edition
- Adds download endpoint to MlModel Registry (merge request)
- Add new method for RepositoryInfo RPC (merge request)
- Add unique index for npm packages (merge request)
- Support CI_JOB_TOKEN auth in Deployments API (merge request)
- Add RelatedPipelinesFinder for security policies (merge request) GitLab Enterprise Edition
- Add TXT verification time interval (merge request)
- Readding associations between Organization and Namespaces (merge request)
- Add async index to prepared_at column for merge requests (merge request)
- Finalize ResourceLinkEvents (merge request)
- Add OrganizationSetting model and support for 1 setting (merge request)
- feat: Add support for scope_offset_compressed signature type (merge request) GitLab Enterprise Edition
- Add delay user deletion UI text (merge request) GitLab Enterprise Edition
- Include null values in DORA metrics API response (merge request) GitLab Enterprise Edition
- Adds
code_completion
method to VertexAi::Client (merge request) GitLab Enterprise Edition - Add search to audit event type listbox (merge request) GitLab Enterprise Edition
- Log and expose limits changes (merge request) GitLab Enterprise Edition
- Use ignore-all-space when ignoring white space on diffs (merge request)
- Prepare async index for project vulnerability_reads on common filters (merge request)
- Name column in audit event destination (merge request)
- Adds toggle label to shared registry list component (merge request)
- Adds pagination to package assets table (merge request)
- Add the documentation about the new root folder config (merge request)
- Finalize conversion for FKs targeting p_ci_builds (merge request)
- Add vulnerability_attributes to security policy (merge request) GitLab Enterprise Edition
- Add new index to support age filtering (merge request)
- Remove job_webhook_retries_count feature flag (merge request)
- Add
gitlab-rspec
gem (merge request) - Add unique index ot
ci_triggers.token
(merge request) - Automatically generate a summary for new diffs (merge request)
- Replace foreign keys to use the partitioned table - V3 (merge request)
- Add secure schemas version 15.0.5 (merge request)
- Add deferred_count field on deferring Sidekiq jobs (merge request)
- Add
ref_protected
to branch and tag webhooks by @zalimander (merge request)
Fixed (143 changes)
- Remove excess heading and subheading (merge request)
- Support award emoji pagination in work items (merge request) GitLab Enterprise Edition
- Truncate chat prompt placeholder in small viewports (merge request)
- Fix MR throughput on the Value Stream Dashboard (merge request) GitLab Enterprise Edition
- Content editor: Fix layout shifting (merge request)
- Improve audit event stream http form disabling (merge request) GitLab Enterprise Edition
- Fix paste in code suggestions (merge request)
- Fix toolbar buttons after preview (merge request)
- Show new streaming destinations first in list (merge request) GitLab Enterprise Edition
- Fix focus on Release Notes input by @glauciellesa (merge request)
- Fix count of all group members in autocomplete (merge request)
- Fix error in augment ancestors for dependency list report (merge request) GitLab Enterprise Edition
- Allow group transfers to go over free user cap (merge request) GitLab Enterprise Edition
- Add missing tooltip for emoji button (merge request)
- New label selection: fix reload after selection with keyboard (merge request)
- Migrate wiki buttons and fix alert (merge request)
- Fix wrapping pattern of buttons by @glauciellesa (merge request)
- Correctly handle invalid dates on Merge Request Analytics page by @dannyelcf (merge request) GitLab Enterprise Edition
- Fix search projects api requests missing scope permission (merge request)
- Fix snippet threads layout (merge request)
- Fix spacing between columns in audit event destination headers (merge request) GitLab Enterprise Edition
- Handle group label priorities (merge request)
- Editor UI: Fix focus ring (merge request)
- Crop long strings in GitLab Duo Chat (merge request)
- Cleanup dynamically_compute_deployment_approval flag (merge request)
- Fixes package registry list sorting UI inconsistency (merge request)
- Fix alignment of to do sort dropdown (merge request)
- Async migration for 'index_vuln_findings_on_uuid_including_vuln_id' (merge request)
- Minor styling fixes for codeowners (merge request)
- MR: Add title and aria-label attributes to the more menu buttons (merge request)
- Hides dependency proxy loading state while paginating (merge request)
- Fix spacing of reply box on highlighted note (merge request)
- Add "owned" parameter to group project listing by @FromTheStackAndBack (merge request)
- Raise exceptions for analytics worker job retry (merge request)
- Remove key_set_optimizer_ignored_columns feature flag (merge request)
- Adds write policy for Model experiments (merge request)
- Fix NoMethodError in MergeTrains::CarFinder (merge request)
- Fix few event types not getting streamed for group push rules changes (merge request) GitLab Enterprise Edition
- Make a request to SpamCheck before creating/updating milestones (merge request)
- Fix error with initialization of protected environments feature by @ShaneMaglangit (merge request)
- Allow guest user to add todos (merge request) GitLab Enterprise Edition
- Include Gitaly feature flags in KAS client gRPC calls (merge request)
- Fix target note background for first timeline note (merge request)
- Add a link to the Omnibus GitLab 16 changes page (merge request)
- Do not show insights DORA4 for unautthorized users (merge request) GitLab Enterprise Edition
- Revert "Upgrade net-ldap gem" (merge request)
- Fix: group id missing in new resource dropdown (merge request)
- Fix explain code text selection (merge request)
- Fix flaky spec (merge request) GitLab Enterprise Edition
- Change remove_hidden_groups type for GraphQL mutation (merge request)
- Default enable remove_deployments_api_ref_sort (merge request)
- Add a migration to reindex commits to fix repository_access_level (merge request) GitLab Enterprise Edition
- Preserve private key newlines in gcp logging (merge request) GitLab Enterprise Edition
- Fix comment on file input (merge request)
- Decrease the "Create" menu offset while impersonating (merge request)
- Fix invite member button initialization on learn gitlab (merge request) GitLab Enterprise Edition
- Persisting pipelines from failed pipeline schedules (merge request)
- Fix validation in UI when adding comments in MR diff (merge request)
- Prevent text overflow when user name is long (merge request)
- Display error in UI when draft note can't be updated (merge request)
- Fix mr analytics query (merge request) GitLab Enterprise Edition
- Include empty/no repo in projects_not_indexed rake task (merge request) GitLab Enterprise Edition
- Fix anonymous reporter bug (merge request) GitLab Enterprise Edition
- Remove no longer needed fix (merge request)
- Make wrong index creation migration a no-op (merge request)
- Fix md shortcuts not working after preview (merge request)
- Avoid setting an invalid TTL in duplicate job middleware (merge request)
- Fix Artifact class content from returning error (merge request)
- Fixes ml_candidate foreign key on user_id (merge request)
- Improve audit events streaming header UX (merge request) GitLab Enterprise Edition
- Fix self deployment approval triggers approval automatically (merge request)
- Update super sidebar nav item spacing (merge request)
- Fix validation in UI when adding comments in MR diff (merge request)
- Fix wikis cannot be edited in rich text (merge request)
- Ignore nil LSN diff values in Lua script for Sidekiq duplicate job (merge request)
- Add internal_include_prepended=true to Bridge (merge request)
- Fix newlines in multiline comment templates (merge request)
- Fixed alignment of MR title texts by @zillemarco (merge request)
- Fix check for ai availability (merge request) GitLab Enterprise Edition
- Fix cancelling of note edits (merge request)
- Dark shadows and overlays in dark mode (merge request)
- Show work item awards when comment is in edit form (merge request)
- Use latest finished pipeline for scan result policy (merge request) GitLab Enterprise Edition
- Fix clear button not working on file tree search (merge request)
- Enable fix of race-condition for merge request MWPS (merge request)
- Sync scan_finding approvals for all latest pipelines in MR (merge request) GitLab Enterprise Edition
- Fix 500 error from
visibleForks
when user is not authorized (merge request) - Fix javascript error on trials page (merge request) GitLab Enterprise Edition
- Increase user menu offset when impersonating a user (merge request)
- Set a min-height for wiki list items (merge request)
- Fixes overflow issue with comment edit focus on editor (merge request)
- Fix autocomplete suggestions in issue descriptions (merge request)
- Check scan_types from scan result policy only for scan removal check (merge request) GitLab Enterprise Edition
- Fix loading state of rich text dropdown (merge request)
- Fixes invalid Jira regex matching (merge request)
- Fix GitHub Importer (merge request)
- Remove extra white space at bottom of project settings (merge request)
- Fix the toggle sidebar icon on issues/MRs on mobiles (merge request)
- Mention now mandatory
expires_at
parameter in the documentation by @kutelev (merge request) - Fix: locale issue on issue page header actions (merge request)
- Add first name and last name to compay form during registration (merge request) GitLab Enterprise Edition
- Release fix for skipped jobs issue (merge request)
- Fix NoMethodError when current_user is not set (merge request) GitLab Enterprise Edition
- Fix CSP is set in Environment page incorrectly (merge request)
- Note: Fix scrollTo event (merge request)
- Fix for omniauth-shibboleth strategy by @boontifex (merge request)
- Log correct audit event type when a user is blocked (merge request) GitLab Enterprise Edition
- Fixed design management reply background in dark mode (merge request)
- Reset webpack path for Mermaid iFrames
- Fix error logging with
GitlabSettings::Options
- Fix GitHub Import user email cache
- Fix empty response for #refs_by_oid method
- Fix Bitbucket Cloud Importer (merge request)
- Dismiss vulnerability with correct params (merge request) GitLab Enterprise Edition
- Properly use Italics of GitLab Sans (merge request)
- Reset webpack path for Mermaid iFrames (merge request)
- Fix GitHub Import user email cache (merge request)
- Ignore deleted labels in aggregations (merge request) GitLab Enterprise Edition
- Fix error logging with
GitlabSettings::Options
(merge request) - Fix empty response for #refs_by_oid method (merge request)
- Fix approval notification for MRs without scan result policies (merge request) GitLab Enterprise Edition
- Fix lock icon in collapsed issue sidebar (merge request)
- Fix LDAP custom TLS options parsing (merge request)
- Use
Issue#readable_by
to solve disparity in APIs for issue links (merge request) GitLab Enterprise Edition - Fix scan result policies for empty severity levels (merge request) GitLab Enterprise Edition
- Fix security policy editor validation error rendering (merge request) GitLab Enterprise Edition
- Add margin to last user in assignees list (merge request)
- Fix autocomplete of members of group via group share (merge request)
- Fix missing icons on OAuth page in new nav (merge request)
- Fix uniqueness of destination URL not scoped to namespace (merge request) GitLab Enterprise Edition
- Create design repos if absent when verifying on primary (merge request) GitLab Enterprise Edition
- Fix archived projects tab on group overview (merge request)
- Update DAST "Site Profile Validation" links (merge request)
- Fixes draft function to work in other tabs than Overview (merge request)
- Fix error messages for policy editor's yaml mode (merge request) GitLab Enterprise Edition
- Brnaches: Fix alignment issues (merge request)
- Use identicon avatar when gravatar is disabled in access dropdown by @LXY1226 (merge request)
- Adjust finder to scope by group (merge request) GitLab Enterprise Edition
- Create an empty wiki repo if it is not already there (merge request) GitLab Enterprise Edition
- Fix project's placeholder logo border on Billing page (merge request)
- Fix missing content in HTML files (merge request)
- Do not allow emails with trailing spaces to be added as invites (merge request)
- Fix border radius of internal note (merge request)
Changed (218 changes)
- Use Pajamas compliance button (merge request)
- Prepare group wiki registry table for verification (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v1.37.0 (merge request)
- Migrate destroy application button (merge request)
- Add warning when replacing MR description with generated content (merge request) GitLab Enterprise Edition
- Move user settings pages to one column and use sticky header (merge request)
- Fix spacing between rows (merge request) GitLab Enterprise Edition
- Fix code suggestions in overview tab (merge request)
- Set cvss vector default to nil (merge request)
- Enable security policy bot for group policies (merge request) GitLab Enterprise Edition
- UI text inconsistency in Assignee field in work items (merge request)
- Migrate cluster actions dropdown to disclosure by @ShaneMaglangit (merge request)
- More robust Pajamas buttons (merge request)
- Migrate Dropdown to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
- Improve vertical spacing in old style (merge request)
- Update file comment UI and comment in parallel diff (merge request)
- Add variables to policy drawer (merge request) GitLab Enterprise Edition
- Enable
dismiss_multiple_vulnerabilities
by default (merge request) GitLab Enterprise Edition - Update policy docs to display required property (merge request)
- Enable Geo mutations when maintenance mode is enabled (merge request) GitLab Enterprise Edition
- Update buttons to use Pajamas::ButtonComponent (merge request)
- Add search capabilities for the (merge request) GitLab Enterprise Edition
- Adjust space in job cell (merge request)
- Update Webhooks Settings to use cards (merge request)
- Enable
security_policies_branch_type
feature flag by default (merge request) - Migrate runner registration dropdown to disclosure by @ShaneMaglangit (merge request)
- Tweak for UX inconsistency (merge request)
- Convert smartcard button to Pajama style (merge request) GitLab Enterprise Edition
- Update Free Plan usage description (merge request) GitLab Enterprise Edition
- Enable security_policy_approval_notification FF by default (merge request) GitLab Enterprise Edition
- Require alert integration identifiers to be unique by project (merge request)
- Remove the gitlab duo chat backdrop (merge request)
- Create backlog list with board factory (merge request)
- Change button to pajamas compliant (merge request)
- Add comment to AI feedback (merge request)
- Update constraint on PackageMetadata::Advisory (merge request)
- Improve pipeline header mobile (merge request)
- Migrate comment type dropdown to listbox by @ShaneMaglangit (merge request)
- Update tests and docs for type quick action (merge request)
- Refactor protected environments forms to use ajax (merge request) GitLab Enterprise Edition
- Move Close issue button into dropdown (merge request)
- Remove hard coded language in the HTML markup (merge request)
- Change request to groups API to use all_available (merge request)
- Mobile: Collect runner actions in a dropdown (merge request)
- Add infinite scroll to
Invite a group
dropdown (merge request) - User preferences: move to one column layout (merge request)
- Renames parameters on ml_model_packages api (merge request)
- Maintain order when executing PackageLicenses#fetch (merge request) GitLab Enterprise Edition
- Provide UI hint when there are 25 new potential findings (merge request) GitLab Enterprise Edition
- Use keys with hash tag in manifest import metadata (merge request)
- Remove hard coded language (merge request)
- Hides package registry bulk deletion for users without permission (merge request)
- Use Markdown editor in Milestone descriptions (merge request)
- This MR adds more options branch type (merge request) GitLab Enterprise Edition
- Move notification settings into single column card layout (merge request)
- Move Access Tokens settings to one column (merge request)
- Return deploy key title when humanizing access levels (merge request)
- Rename GitLab Chat to GitLab Duo Chat (merge request)
- Simplify markdown form header (merge request)
- Migrate vulnerability project_filter to listbox (merge request) GitLab Enterprise Edition
- Updates widgets to properly use the new card styles (merge request)
- Update linked ressources to use reusable card styles (merge request)
- This MR updated error message (merge request) GitLab Enterprise Edition
- Return "Add" button to issue board (merge request)
- Replace Value Streams Dashboard REST api with graphql (merge request) GitLab Enterprise Edition
- Load merge request for a vulnerability via links (merge request) GitLab Enterprise Edition
- Update GraphQL endpoint to support sorting group variables (merge request)
- Add feedback banner to GitLab for Jira (merge request)
- Prevent creation of audit events for invalid approval rules (merge request) GitLab Enterprise Edition
- Remove
delete_scan_result_policies_by_project_id
feature flag (merge request) - Show a loading indicator on paste (merge request)
- Remove SAST UI analyzers options (merge request) GitLab Enterprise Edition
- Index projects in zoekt on import (merge request) GitLab Enterprise Edition
- Update Confirm Danger wording (merge request)
- Expose enterprise group attributes (merge request) GitLab Enterprise Edition
- Use one column for packages and registries settings (merge request)
- Users can be exempt from phone verification (merge request) GitLab Enterprise Edition
- Update grpc to v1.55.0 and add monkey patch (merge request)
- Add
Roles and Permissions
menu in Admin Area (merge request) GitLab Enterprise Edition - Add help text for files with code owners (merge request) GitLab Enterprise Edition
- Migrate GlDropdown to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
- Migrate link_to to ButtonComponent by @ShaneMaglangit (merge request) GitLab Enterprise Edition
- Increase pipeline header space (merge request)
- Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
- Migrate author select dropdown to gl-collapsible-listbox by @ShaneMaglangit (merge request)
- Group dependencies by component_id for both location and project. (merge request) GitLab Enterprise Edition
- Adding reusable new card styles (merge request)
- This MR adds more options branch type (merge request) GitLab Enterprise Edition
- Permanently move the pages menu entry under deploy (merge request)
- Replace the users foreign key on ml experiments (merge request)
- Show pipeline created time (merge request)
- Add gcp logging streaming destination (merge request) GitLab Enterprise Edition
- Moves Model experiments navbar entry to Analyze (merge request)
- Update "Content Editor" to "Rich Text Editor" in docs (merge request)
- Update dependency auto-build-image to v1.36.0 (merge request)
- Add copy to clarify storage included in Project enforcement (merge request)
- Update dependency auto-deploy-image to v2.51.0 (merge request)
- Migrate detection method to listbox (merge request) GitLab Enterprise Edition
- Cleanup webhook edit form (merge request)
- Add resetting of loading state on error (merge request) GitLab Enterprise Edition
- Upgrade re2 gem to v1.7.0 (merge request)
- Improve typography and remove accordion in audit event stream (merge request) GitLab Enterprise Edition
- Change copy for public snippets in projects (merge request)
- Disable Arkose for Group SAML users (merge request) GitLab Enterprise Edition
- Do not use overridden_uuid to create Vulnerabilities::Finding objects (merge request)
- Update OpenAPI yaml file (merge request)
- Move remove_old_scores method to user trust score class (merge request)
- Add Rails 7 as default configuration (merge request)
- Atwho styling update (merge request)
- Allow null and empty string values for unused field (merge request)
- GitLab project importer/exporter uses work_item_type (merge request)
- Polish UI for group package registry by @tejaskarelia17 (merge request)
- Disable rendering comments in content editor (merge request)
- Update Service Desk documentation for Docker installs (merge request)
- Update documentation to advise the use of runnerToken in Helm chart (merge request)
- Migrate tool with vendor filter to gl-collapsible-listbox (merge request) GitLab Enterprise Edition
- Diff: Comments styling improvements (merge request)
- Add sticky titles and sticky action buttons (merge request)
- Add pagination test (merge request)
- Add archived to the issues index (merge request) GitLab Enterprise Edition
- Add a managing section to BBM docs (merge request)
- Move the footer in sign-in pages to the bottom (merge request)
- Expose shared runner setting (merge request)
- Update dependency auto-build-image to v1.35.0 (merge request)
- Move password form into one column (merge request)
- Auto accept terms for security_policy_bot users (merge request)
- Add and delete rows by scan_result_policies.project_id foreign key (merge request) GitLab Enterprise Edition
- Migrate "Invite a group" dropdown to
GlCollapsableListbox
(merge request) - Drop GraphQL generic tracer module (merge request)
- This MR adds error handling (merge request) GitLab Enterprise Edition
- Migrate GlDropdown to GlCollapsibleListbox by @ShaneMaglangit (merge request)
- Center align members table rows (merge request)
- Move access tokens settings into single column (merge request)
- Update icons and text for global search sidebar (merge request)
- Add schema validation for approvals_required (merge request) GitLab Enterprise Edition
- Better clarity when comparing branches (merge request)
- Initialize the conversion for ci_pipeline_variables.pipeline_id (merge request)
- Move token and delete button to form in stream destination (merge request) GitLab Enterprise Edition
- Add a new section to BBM docs (merge request)
- Move text warning to Pajamas component (merge request) GitLab Enterprise Edition
- Moved localization texts from actions to i18n by @catinbag (merge request)
- Hide projects created by banned users (merge request)
- Remove unused anchors in Terraform ci templates by @thejan2009 (merge request)
- Update atwho styling to match new dropdown styles (merge request)
- Fix group project page checkbox bug (merge request) GitLab Enterprise Edition
- Add number of shards setting (merge request)
- Render reference link correctly (merge request)
- Add headers to instance audit event streaming destinations (merge request) GitLab Enterprise Edition
- Webhook settings: Change to one column layout (merge request)
- Enable fluid width listbox in notification settings (merge request)
- Unconfirmed user deletion skips users who have signed in (merge request)
- Update sort fields based on namespaceType (merge request) GitLab Enterprise Edition
- Remove
environment_settings_to_graphql
FF (merge request) - Disable startup CSS (merge request)
- Remove the issue_type_uses_work_item_types_table feature flag (merge request)
- Rename 'Key metrics' to 'Lifecycle metrics' in VSA overview page (merge request)
- Gate new container registry features with Gitlab.com_except_jh? (merge request) GitLab Enterprise Edition
- Persisting failed pipelines from pipeline schedules (merge request)
- Add dependency list table on group level (merge request) GitLab Enterprise Edition
- Enable language switcher in the SAML SSO page
- Reword Search maximum depth field description in SAST configuration
- Add support for pagination for group GitLab Enterprise Edition
- Refactoring of work item attributes into a separate component GitLab Enterprise Edition
- UI alignment of streaming audit events GitLab Enterprise Edition
- Introduce new pipeline details header
- Add requeue workers setting
- Migrate " tags_list_row.vue" to GlDisclosure" by @Mughees_
- Remove gray background on reply field (merge request)
- Reverse defer_sidekiq_jobs FF to run_sidekiq_jobs (merge request)
- Generate bot comment for license compliance violations (merge request) GitLab Enterprise Edition
- Reword Search maximum depth field description in SAST configuration (merge request)
- Synchronize scan result policy approval rules on default branch change (merge request) GitLab Enterprise Edition
- Add support for pagination for group (merge request) GitLab Enterprise Edition
- Introduce new pipeline details header (merge request)
- Refactoring of work item attributes into a separate component (merge request) GitLab Enterprise Edition
- Add requeue workers setting (merge request)
- Replace link_to with Pajamas ButtonComponent by @ShaneMaglangit (merge request) GitLab Enterprise Edition
- Migrate " tags_list_row.vue" to GlDisclosure" by @Mughees_ (merge request)
- Disable
rake gitlab:cleanup:remote_upload_files
with bucket prefix (merge request) - Removed pipeline artifact from total_storage (merge request)
- Require Slack app settings when app is enabled (merge request)
- Move applications settings into single column (merge request)
- Add missing filters to issues list (merge request) GitLab Enterprise Edition
- Remove the auto_merge_labels_mr_widget feature flag (merge request)
- Update explain this vulnerability icon (merge request)
- Remove the sign-in restriction text from sign-up (merge request)
- Remove feature flag (merge request)
- Add export button for violations on Compliance Report (merge request) GitLab Enterprise Edition
- Use one column for account settings (merge request)
- Update design management reply input (merge request)
- Use single column layout for user settings (merge request)
- Add validation for timezone in scan execution policies (merge request) GitLab Enterprise Edition
- Group sbom occurrences by component_id (merge request) GitLab Enterprise Edition
- Updates empty text to be more specific (merge request) GitLab Enterprise Edition
- Improve PAT expiration validation error messages (merge request)
- Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
- Use metadata cache for npm metadata endpoint at project level (merge request)
- Add modal for deleting streaming destination (merge request) GitLab Enterprise Edition
- Implement path-dependent feed token (merge request)
- Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
- Migrate resolved threads dropdown to gl-disclosure-dropdown by @ShaneMaglangit (merge request)
- Cleanup adapt_deprecated_approvals feature flag (merge request) GitLab Enterprise Edition
- Update broadcast message target UI (merge request)
- Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
- Migrate "commit_message_dropdown.vue" to GlDisclosure" by @Mughees_ (merge request)
- Add ordering to the git_rate_limit_users_alertlist API call (merge request) GitLab Enterprise Edition
- Prepare the async index for ci_pipelines (merge request)
- Bump kas-grpc to v0.2.0 (merge request)
- Migrate "timeline_events_item.vue" to GlDisclosure" by @Mughees_ (merge request)
- UI alignment of streaming audit events (merge request) GitLab Enterprise Edition
- Makes RuleScheduleService inherit from BaseProjectService by @NIKU-SINGH (merge request) GitLab Enterprise Edition
- Improve wording for chatops account activation (merge request)
- Enable language switcher in the SAML SSO page (merge request)
- Account for runners with multiple IP addresses (merge request)
- Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
- Change background color in dark mode - login page (merge request)
- Move trust score methods to User Trust Score class (merge request) GitLab Enterprise Edition
- Drop message column from vulnerability_occurrences (merge request)
Deprecated (2 changes)
- Updates Container Registry estimation flag name (merge request)
- Deprecate runner API fields (merge request)
Removed (30 changes)
- Revert "Merge branch '399117-enforce-security-policy-vulnerability_attributes-rules' into 'master'" (merge request) GitLab Enterprise Edition
- Add feature flag to PAT reuse detection (merge request)
- Remove Git repo redownload code path (merge request) GitLab Enterprise Edition
- Drop unused advisory tables (merge request)
- Remove file_md5 column ignore in Debian component files by @sathieu (merge request)
- Remove unused Debian services and worker by @sathieu (merge request)
- Remove introduce_rules_with_needs flag (merge request)
- Remove jitsu authentication (merge request) GitLab Enterprise Edition
- Remove
user_details.provisioned_by_group_at
column (merge request) - Remove FE for prometheus API URL (merge request)
- Delete Monitor Metrics module (merge request)
- Remove/update prometheus payload for metric removals (merge request)
- Completely remove POST /ci/lint (merge request)
- Remove domain_verification_operation FF (merge request)
- Drop tmp_index_ci_job_artifacts_on_id_expire_at_file_type_trace (merge request)
- Remove ignore rule for WebauthnRegistration#u2f_registration_id (merge request)
- Cleanup PK conversion for notes table (merge request)
- Delete UI for metrics embeded in markdown (merge request)
- Delete sidekiq worker classes (merge request)
- Remove dismissal_reason feature flag (merge request) GitLab Enterprise Edition
- Remove deprecate_vulnerabilities_feedback feature flag (merge request) GitLab Enterprise Edition
- Remove metric related unused routes from project file (merge request)
- Clean up bigint conversion for ci_pipeline_variables.id (merge request)
- Remove feature flag invalid_scan_result_policy_prevents_merge (merge request) GitLab Enterprise Edition
- Drop U2fRegistrations table (merge request)
- Remove audit_event_group_rollup feature (merge request) GitLab Enterprise Edition
- Schedule tmp_index_ci_job_artifacts_on_id_expire_at_file_type_trace (merge request)
- Remove deprecateVulnerabilitiesFeedback feature flag (merge request) GitLab Enterprise Edition
- Remove license_md5 metric from Service Ping (merge request)
- Removed Clusters from Scan Execution policy Schemas by @NIKU-SINGH (merge request) GitLab Enterprise Edition
Security (17 changes)
- Add authorization to the subscriptions group controller
- Migrate resource_link_events to ghost users (merge request) GitLab Enterprise Edition
- Revert 'security-leaked-ci-job-token-permission' from 'master'
- Use fully qualified ref when loading code owner file
- Increasing security for CI_JOB_TOKEN on public and internal projects
- Remove approvals when the only commit gets amended
- Maintainer can leak masked webhook secrets by manipulating URL masking
- Adjust access to value stream create, edit and destroy actions
- Add authorization validation to GithubController#failures action
- Mitigate epic reference filter ReDOS
- Sanitize user email addresses in admin confirm user dialog
- Fix for fork permissions check in compare controller
- Webhook token leaked in Sidekiq logs if log format is 'default'
- Obfuscate email of service desk issue creator in issue REST API
- Fixes typo on PrometheusClient concern
- Fixes typo on Note model
- Fixes typo on Ci::BuildTraceChunk
Performance (13 changes)
- Memoize known_events_names in hll redis counter (merge request) GitLab Enterprise Edition
- Improve rake elastic:projects_not_indexed query (merge request) GitLab Enterprise Edition
- Make removable checks less expensive (merge request)
- Reduce queries in user profile page (merge request)
- Add changes to move projects to separate index (merge request) GitLab Enterprise Edition
- Remove index on deployments table asynchronously (merge request)
- Remove index_deployments_on_project_id_and_status async-ly (merge request)
- Remove index_deployments_on_project_id_sha async-ly (merge request)
- Enable batch_delay_jira_branch_sync_worker by default (merge request)
- Remove slow uploads fallback query
- Remove slow uploads fallback query (merge request)
- Improve TBT of project file rendered (merge request)
- Remove index events on project id and id desc (merge request)
Other (92 changes)
- Migrate buttons to Pajamas component (merge request)
- Migrate button to Pajamas component (merge request)
- Add style to access_token_expired_email by @KiranSatyaRaj (merge request)
- feat: Remove sec_mark_dropped_findings_as_resolved feature flag (merge request)
- Add group_id in the wiki_blobs search API (merge request)
- Migrate buttons to Pajamas (merge request)
- Migrate button to Pajamas component (merge request)
- Save code suggestions service token (merge request) GitLab Enterprise Edition
- Removes duplicated and unused avatar variable (merge request)
- Omit parentheses in plural labels for quick actions by @KiranSatyaRaj (merge request)
- Migrate button to Pajamas (merge request)
- Migrate buttons to use Pajama component (merge request)
- Remove fix_new_blobs_memoization flag (merge request)
- Merge branch 'bwill/delete-vulnerability-advisories' into 'master' (merge request)
- Drop devault value CI partition tables (merge request)
- Remove temporary index used for backfilling (merge request)
- Remove use of multi in issues rebalancing state (merge request)
- Cleanup feature flags for Kubernetes dashboard (merge request)
- Replace event string with constants in container r. replicator by @bymayanksingh (merge request) GitLab Enterprise Edition
- Rename .rb to .rb.tt for templates used in GitLab templates folder by @ya332 (merge request)
- Replace hardcoded event string with constants in Repository Replicator by @bymayanksingh (merge request) GitLab Enterprise Edition
- Update CodeSuggestions-related settings text on SM (merge request)
- Finalize conversion for FKs targeting p_ci_builds - 4 (merge request)
- Remove use_traversal_ids_for_descendants_scopes FF (merge request)
- Replace hardcoded event string with constant in BlobReplicatorStrategy by @bymayanksingh (merge request) GitLab Enterprise Edition
- Remove FF frozen_outbound_job_token_scopes (merge request)
- Update user type migration finalization method (merge request)
- Remove use_traversal_ids_for_ancestors_upto feature flag (merge request)
- Removal of index events on project id and id desc (merge request)
- Identifying all cross joins between namespaces and users (merge request)
- Add expires_at to service_access_token table (merge request)
- Allow dev and test to get this migration if in SaaS mode (merge request)
- Clean up validate_environment_tier_presence feature flag (merge request)
- Remove redundant usage of Gitlab::I18n.with_locale in mailers by @bymayanksingh (merge request)
- Create service_access_tokens table (merge request)
- Change the default database value of project_view to 2 (merge request)
- Revert "Merge branch '414396-partitioned-fks-v7' into 'master'" (merge request)
- Reindex already existing GroupWikis (merge request) GitLab Enterprise Edition
- Unify true-false validation specs II by @anaschwendler (merge request)
- Add value transformation logic method by @bymayanksingh (merge request) GitLab Enterprise Edition
- Finalize conversion for FKs targeting p_ci_builds - 3 (merge request)
- Remove use_traversal_ids_roots feature flag (merge request)
- Drop FF cluster_agents_limit_tokens_created (merge request)
- Remove use_traversal_ids_for_ancestors feature flags (merge request)
- test: Ensure user is project member in create package service tests by @gerardo-navarro (merge request)
- Remove update_personal_access_token_usage_information_every_10_minutes (merge request)
- Use separate del calls in indexing control clean-up step (merge request) GitLab Enterprise Edition
- Remove use_traversal_ids_for_self_and_hierarchy feature flags (merge request)
- Prepare index for converting events.target_id to bigint (merge request)
- Remove log_response_length feature flag (merge request)
- Remove db events feature flags (merge request)
- Remove filter_vulnerability_findings_dismissed_on_default feature flag (merge request) GitLab Enterprise Edition
- Remove enable_vulnerability_remediations_from_records feature flag (merge request) GitLab Enterprise Edition
- Remove linear_group_descendants_finder_upto feature flag (merge request)
- Unify true-false validation specs by @anaschwendler (merge request)
- Add pipeline name to notification emails by @missy-davies (merge request)
- Remove auditor_billing_page_access feature flag (merge request) GitLab Enterprise Edition
- Update email notification for enterprise users (merge request)
- Clean up ci_jwt_v2_ref_uri_claim FF (merge request)
- Add option to expand file ref in ExpandVariables (merge request)
- Backfill name column for audit event tables (merge request)
- Finish BigInt column swap for self-hosted (merge request)
- Replace foreign keys to use the partitioned table - 5 (merge request)
- Remove issues_full_text_search feature flag (merge request)
- Add and backfill TTL for project pipeline status keys (merge request)
- Remove feature flag maintain_group_wiki_index (merge request) GitLab Enterprise Edition
- Add health status sorting indexes for issues table (merge request)
- Upgrade Rails to 7.0.5
- Validate not null constraint on user type
- Fix spec violation for sidebar health status widget spec (merge request) GitLab Enterprise Edition
- Drop unused columns in sent_notifications (merge request)
- Upgrade Rails to 7.0.5 (merge request)
- Add organization_users table (merge request)
- Remove create_runner_workflow_for_* feature flags (merge request)
- Send the schema_version-commits flag to gitlab-elasticsearch-indexer (merge request) GitLab Enterprise Edition
- Remove parenthesis plurals (merge request) GitLab Enterprise Edition
- Remove the code related to FF simplify_logic_to_find_search_proxy_class (merge request) GitLab Enterprise Edition
- Remove the feature_flag use_base_class_in_proxy_util (merge request) GitLab Enterprise Edition
- Remove feature flag "find_changed_paths_new_format" (merge request)
- Replace foreign keys to use the partitioned table - V4 (merge request)
- Remove temporary container_repositories indexes (merge request)
- Updating dropping table documentation instructions (merge request)
- Validate not null constraint on user type (merge request)
- Finalize conversion for FKs targeting p_ci_builds (merge request)
- Docs for google cloud logging streaming (merge request)
- Remove deleting_account_disabled_for_users FF (merge request) GitLab Enterprise Edition
- Cleanup scan_result_policy_latest_completed_pipeline feature flag (merge request) GitLab Enterprise Edition
- Remove custom_roles_vulnerability feature flag (merge request) GitLab Enterprise Edition
- Upgrade gettext_i18n_rails gem to 1.11.0 (merge request)
- Accept period_time as string on DORA executor (merge request) GitLab Enterprise Edition
- Add schema_version in the commits index mapping (merge request) GitLab Enterprise Edition
- Allow to set labels for Redis calls (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
July 21, 2023, midnight
name
16.2.0
type
Minor
👇
Register or login to:
- 🔍View and search all GitLab EE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!