14.10.5 (2022-06-30)

Security (17 changes)

• Fix group IP restrictions not enforced for container registry requests (merge request)
• Update rack gem to version 2.2.3.1 (merge request)
• Gitlab Runner version upgrade (merge request)
• Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
• Escape deploy key title to prevent XSS (merge request)
• Sanitize ZenTao breadcrumb links (merge request)
• Fix permissions in the project labels API (merge request)
• Security fix sentry issue leaks and access level check (merge request)
• Check permissions before exposing user two factor enabled (merge request)
• Filter milestone release by user access (merge request)
• Fix the required access level in the Conan packages finder (merge request)
• Allow inviting only groups with subset of allowed domains to groups (merge request)
• Fix open redirect vulnerability (merge request)
• Adds a filter based on user access to Runner jobs endpoint (merge request)
• Prevent runners from picking IP restricted jobs (merge request)
• Restrict CI lint access to pipeline creators (merge request)
• Catch endless headers when reading HTTP responses (merge request)

14.10.4 (2022-06-01)

Security (7 changes)

• Fix IP restrictions not applying to deploy tokens (merge request)
• Trigger token should respect group IP restrictions (merge request)
• Fix content injection in Jira issue title (merge request)
• Subgroup member can list members of parent group (merge request)
• Do not allow project member import when membership is locked (merge request)
• Disable changing user attributes when updating SCIM provisioned user (merge request)
• Allow only job owner to run interactive terminal (merge request)

14.10.3 (2022-05-20)

Added (1 change)

• Add option to disable seperated caches by @Taucher2003 (merge request)

Fixed (1 change)

• Fix assignee filtering on group/project issues list (merge request)

14.10.2 (2022-05-04)

Fixed (2 changes)

• Resolve "Fork relationship is not respected for certain projects" (merge request)
• Fix mappings errors for ES6.8 (merge request) GitLab Enterprise Edition

Other (1 change)

• Add documentation for mr settings audit events part 1 (merge request)

14.10.1 (2022-04-29)

Security (14 changes)

• Add suffix to cache name to add isolation (merge request)
• Update Import/Export merge/push access levels & exclude ci config path (merge request)
• Prevent maintainers from editing PipelineSchedule (merge request)
• Add validation to pypi file sha256 values (merge request)
• Conan Token uses PAT rather than ID in payload (merge request)
• [security] Fix markdown API disclosing issue titles of limited projects (merge request)
• Verify that mentioned user can read TODO's note (merge request)
• Invalidate markdown cache to clear up stored XSS (merge request)
• Allow rate limiting of deploy tokens (merge request)
• Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
• Sanitize error input to prevent HTML/CSS injection in messages (merge request)
• Secure debug trace artifact download (merge request)
• Use password type for all secret integration properties (merge request)
• Limit CI job group_name regexp (merge request)

14.10.0 (2022-04-21)

Added (141 changes)

• Add a dropdown to switch language in code blocks (merge request)
• Wraps Jupyter Notebook Diff in a feature flag (merge request)
• Track related epics blocked added on usage data (merge request) GitLab Enterprise Edition
• Optimize followed users queries (merge request)
• Enable feature flag by default (merge request)
• Enable policy type selection page by default (merge request) GitLab Enterprise Edition
• Add DS_IMAGE_SUFFIX to enable Gemnasium FIPS (merge request)
• feat: Add SAST/SD template support for FIPS images (merge request)
• Enable FF ci_trigger_forward_variables (merge request)
• Add gitlab-pages http server timeout options documentation (merge request)
• Namespace onboarding action for license scanning (merge request) GitLab Enterprise Edition
• Enable feature flag by default (merge request) GitLab Enterprise Edition
• Default to the current group when importing from GitHub (merge request)
• Add metrics image UI for Alerts (merge request)
• Extend decomposition prometheus metric with information about CI (merge request)
• Introduce a onboarding_complete setting for GitLab Pages (merge request)
• Nullify dependent associations in batches on user deletion (merge request)
• Add option to add DAST_SUBMIT_FIELD (merge request) GitLab Enterprise Edition
• Default group/project issues list page to Vue refactor (merge request)
• Move arkose settings into database (merge request)
• Bump GitLab Pages to 1.57.0 (merge request)
• Update Security Policy to use FIPS images when FIPS Mode is enabled (merge request) GitLab Enterprise Edition
• Add ttl expiration to user otp_secrets (merge request)
• Implement wiki async page load (merge request)
• Allow uploading audio and video in content editor (merge request)
• Add identifer to response (merge request) GitLab Enterprise Edition
• Implement first iteration of the agents REST API by @tuxtimo (merge request)
• Backfill routes namespace_id for projects (merge request)
• Add periodic re-aggregation worker for VSA (merge request)
• Fire a Snowplow events with its definition on FE (merge request)
• Added MATLAB template by @nbhoski (merge request)
• Add new route for DAST profile library (merge request) GitLab Enterprise Edition
• Allow SKIP=remote option to be specified during backup by @kakakikikeke (merge request)
• Add a feature flag to control when we could prevent users to login (merge request) GitLab Enterprise Edition
• Allow bypassing registration when joining project (merge request) GitLab Enterprise Edition
• Track blocking epics removed on usage data (merge request) GitLab Enterprise Edition
• Add application settings to support inactive project deletion feature (merge request)
• Add epics.relative_position column if missing (merge request)
• Include inherited group links on group members page by @wwwjon (merge request)
• Implement wiki page async load (merge request)
• Add omniauth provider AliCloud by @zhanglinjie (merge request)
• Different copy on trial/registration flow (merge request) GitLab Enterprise Edition
• Add support for the deduplicated container repositories size (merge request)
• Fire a Snowplow events with its definition on BE (merge request) GitLab Enterprise Edition
• Adding FIPS support to DAST API/API Fuzzing latest CI template (merge request) GitLab Enterprise Edition
• Repeat the captcha check during the login (merge request) GitLab Enterprise Edition
• Allow Invitations API to receive user_ids (merge request)
• Add groups release API (merge request)
• Adds container_registry_size to project_statistics (merge request)
• Add not null and delete cascade constraints on project_namespace_id (merge request)
• Enable incremental repository backups (merge request)
• Add minute limit banner (merge request)
• Create unique index on projects namespace_id and name (merge request)
• Add resolve thread to permission table (merge request)
• Add audit events for merge request settings (merge request) GitLab Enterprise Edition
• Support security report schema version 14.1.1 (merge request)
• Add ability to query awaiting billable members (merge request)
• Add arkose verify response details to custom attributes (merge request) GitLab Enterprise Edition
• Implement detailed github status reporting (merge request)
• Allow invitation service to receive user_ids (merge request)
• Create status index for batched migrations (merge request)
• Allow to put migrations on hold for some time (merge request)
• Add dast_submit_field to DAST site profile (merge request)
• Add missing authorization (merge request) GitLab Enterprise Edition
• Add Commit Author to Pipeline List Page by @Taucher2003 (merge request)
• Track blocking epics added on usage ping (merge request) GitLab Enterprise Edition
• Add clear cache button to dependency proxy (merge request)
• Track linked epics removed on usage ping (merge request) GitLab Enterprise Edition
• Added deprecation notice to cluster creation pages (merge request)
• Created new feature flags for free and paid users (merge request) GitLab Enterprise Edition
• Add new CI/CD template for Liquibase by @szandany (merge request)
• Added a clipboard button to the "Branches" page in "Repository" by @DavidRotert (merge request)
• Add changed_by field to API members entities by @remyj38 (merge request)
• Support executable flag in repository files API by @tuxtimo (merge request)
• Adds kind field to JobType (merge request)
• Merge branch 'ahmetkaramercan17-master-patch-18116' into 'master' (merge request)
• awardEmoji: Display custom emoji (merge request)
• Enable Value Stream Analytics consistency check (merge request) GitLab Enterprise Edition
• Create index on security_findings(scan_id, id) (merge request)
• Display the tier of the environment on page (merge request)
• Use the remote ip for the captcha check (merge request) GitLab Enterprise Edition
• Add page size selector to vulnerability report (merge request) GitLab Enterprise Edition
• Add a temporary specialized index on project_namespace_id (merge request)
• Support template button focus state by @ahmetkaramercan17 (merge request)
• Remove pipeline_schedules_with_tags feature flag by @KevSlashNull (merge request)
• Introduce new Group Feature model and database structure (merge request)
• Search the user by username or email (merge request) GitLab Enterprise Edition
• Add collapsed comparer for license_scanning (merge request) GitLab Enterprise Edition
• Add harbor registry list page by @orozot (merge request)
• Add commit diff stats (merge request)
• Fix project name duplicates and missing project namespace ids (merge request)
• Add user limit notification for invite members modal (merge request)
• Add Runner releases API URL to ApplicationSetting (merge request)
• Add link to create group in general project settings (merge request)
• Implement sort param for bulk imports API (merge request)
• Add notification_level to namespace_root_storage_statistics table (merge request)
• Detect projects built for Apple iOS platform (merge request)
• feat: Add CI_GITLAB_FIPS_MODE to predefined CI variables (merge request)
• Add a test group cleanup worker to remove test groups on production (merge request)
• Allow administrators to set active pipelines limits (merge request)
• New Group Runners administration view (merge request)
• Allow restore tasks to be skipped using SKIP (merge request)
• Track api usage of the gitlab cli (merge request)
• Add support for the nested repositories container registry access token (merge request)
• Handle auth error for container registry (merge request) GitLab Enterprise Edition
• Introduce API for Change Failure Rate DORA metric (merge request)
• Added a create cluster page for the FF (merge request)
• Ensure project backfilling has finished (merge request)
• Add endpoint to decide if the ArkoseLabs integration should be triggered (merge request)
• Add delete endpoint for related epics (merge request) GitLab Enterprise Edition
• FIPS SSH key configuration settings (merge request)
• Add creator_id to deploy_tokens (merge request)
• Mark Import trackers as timed out with entities (merge request)
• Add ArkoseLabs verify request service (merge request)
• Add DB Grafana config as application settings (merge request)
• When no iterations are present show empty state by @sstern (merge request) GitLab Enterprise Edition
• Add timeout status to bulk importer (merge request)
• Remove improved_emoji_picker feature flag (merge request)
• Expose github stats in realtime_changes private API (merge request)
• Trigger an email when seat overage occurs (merge request) GitLab Enterprise Edition
• Implement GET API for GATs and PATs by @tuxtimo (merge request)
• Implement history for project imports (merge request)
• Expose import url and status in projects API (merge request)
• Render plantuml/kroki diagrams in content editor (merge request)
• Add "Created on" & "Last activity" columns to groups and projects page (merge request)
• Implement API to get single Project Remote Mirror by @tuxtimo (merge request)
• Extend workers and services to support namespace for Security Policies (merge request) GitLab Enterprise Edition
• Graceful degradation for refs endpoint (merge request)
• Add create endpoint for related epics (merge request) GitLab Enterprise Edition
• Expose namespace_id in users GET API for admins by @tuxtimo (merge request)
• Add Project template for Middleman (merge request)
• Implement DELETE API for Remote Mirrors by @tuxtimo (merge request)
• Add target_id option to TodosMarkAllDone mutation (merge request)
• Add ability to enable SAST at project creation (merge request)
• Implement API to get single MR rule by @tuxtimo (merge request) GitLab Enterprise Edition
• Add Migration[2.0] that enforces restrict_gitlab_migration (merge request)
• Allow administrators to change plan limits via the UI (merge request)
• Enable service ping for error tracking features (merge request)
• Show expired security report information on "pipeline security tab" (merge request) GitLab Enterprise Edition
• Send a notification email when a new email address is added by @rpadovani (merge request)
• Include code_coverage in presented build for runner (merge request)

Fixed (147 changes)

• Remove geo database from db_config_names (merge request)
• Fixed spacing for the loading icon in time tracker (merge request)
• Increase the visibility of the keyboard shortcut for Global Search (merge request)
• Update stage name to use truncate (merge request)
• banzai: Get Custom Emoji from group as well (merge request)
• Add scope to CustomEmoji to find emoji for resource (merge request)
• AwardEmoji: Don't look up url for built-in emoji (merge request)
• Fix rendering failure for the 'Verified' badge (merge request)
• Update links to CI/CD docs (merge request)
• Add default scan execution policies stage to pipeline (merge request) GitLab Enterprise Edition
• Move VSA aggregation migration to migrate folder (merge request)
• Enable fix_related_environments_for_merge_requests FF by default (merge request)
• Fix the conditions when we scope to gitlab-org (merge request) GitLab Enterprise Edition
• Use lowercase values in user search ordering (merge request)
• Always select an environment's last deployment by deploy date (merge request)
• Fix infinite activities requests on profile (merge request)
• Adds timeout to notebook rendering (merge request)
• Fix query params parsing when NOT operator is used (merge request) GitLab Enterprise Edition
• Fix regression with logic to add user primary email to emails (merge request)
• Updated the terraform empty state (merge request)
• Allow empty future subscriptions on seat link sync (merge request) GitLab Enterprise Edition
• Fix import button width on Issue list page (merge request)
• Fixes infinite loop when rendering Ipynb Diffs (merge request)
• Merged MR notification: Fix sprintf evaluation by @inakimalerba (merge request)
• Guard against Deployment#deployed_by being nil (merge request)
• Search Autocomplete: Review how icons are generated (merge request)
• Switch from respond_with_navigational to redirect_to (merge request)
• Adds timeout for notebook rendering on CustomDiff (merge request)
• Change Create commit button variant to confirm (merge request)
• Remove ci_destroy_all_expired_service feature flag (merge request)
• Fix tooltip and truncation on incident list (merge request)
• Fix "sticky" user popovers (merge request)
• Include *.jira.com in Jira Connect CSP frame ancestors (merge request)
• Fix doc link to code suggestions in MR diff tab (merge request)
• Fix impersonation created_at audit event field (merge request) GitLab Enterprise Edition
• Add validation for invalid protected branches for (merge request) GitLab Enterprise Edition
• Keep edited timestamp when reacting to old notes (merge request)
• Remove early exit to allow marking as complete (merge request)
• Fix scroll to line number (merge request)
• Change pipeline status to canceled (merge request)
• Fix Value Stream Analytics doc links (merge request) GitLab Enterprise Edition
• Change button variant to confirm (merge request) GitLab Enterprise Edition
• Add ability to pre/post-date audit events (merge request)
• Fix undefined method error for Compare, Commit controllers (merge request)
• Do not try to update a deleted record (merge request)
• Hide New Epic button on boards for guest users (merge request) GitLab Enterprise Edition
• Fix Licensee::InvalidLicense exception (merge request)
• Revert mergeability check changes (merge request)
• Add the ability to parse CWE-{number} format (merge request) GitLab Enterprise Edition
• Fix required data for referenced commands (merge request)
• Fix missing clear cache text inside the dependency proxy dropdown (merge request)
• Add search keyboard shortcut to docs (merge request)
• Fix for code search bug in Safari when zoomed (merge request)
• Fix the rubygems extraction service to not create subtransactions (merge request)
• Fix package file cleanup worker with PyPI files (merge request)
• Fix stale object error in Environment Stop (merge request)
• Remove Milestone token wildcard values (merge request) GitLab Enterprise Edition
• Fix incorrect empty state for filtered tag list (merge request)
• Reconfigure DB load balancing connection on code reload (merge request)
• Fix URL blocker when object storage enabled but type is disabled (merge request)
• Count nil artifact size as zero when recalculating (merge request)
• Remove FF ci_fix_order_of_subsequent_jobs (merge request)
• Remove pending builds from the queue on conflict (merge request)
• Add polling for commit pipeline status (merge request)
• Include X-Forwarded-Host when proxying and rewriting Host in Workhorse (merge request)
• Fixed UX bug in agent creation modal (merge request)
• Do not use GOPATH in default CI template (merge request)
• Move checks from mergeable to mergeable_state? (merge request)
• Use article tag on embedded snippets by @joshbouganim (merge request)
• Fix iteration dates adding timezone offset (merge request) GitLab Enterprise Edition
• Add polling to commit box graph (merge request)
• Add customers-dot URL to CSP not only in dev (merge request)
• Preserve sibling elements in settings search (merge request)
• Show quick actions link when editing comments (merge request)
• Test scanner creation (merge request) GitLab Enterprise Edition
• Fix null argument handling in background migration Rake task (merge request)
• Quote project key in Jira JQL queries (merge request) GitLab Enterprise Edition
• Handle commit being nil (merge request)
• Check task with no-break space by @tchandelle (merge request)
• Avoid milestone icon shrinking (merge request)
• Update BulkImports::EntityWorker deduplication strategy (merge request)
• Handle nil values in Grape length limit validator (merge request)
• Add SAML default membership asynchronously (merge request)
• Set account string when 2fa creation fails (merge request)
• Fix scope of project export download throttling by @eggerd (merge request)
• Preload group root ancestor for Group Projects API (merge request)
• Update secret detection template to remove fetch on historic scan (merge request)
• Fix bug when decrementing open MR count (merge request)
• Do not schedule project import when migrating using GitLab Migration (merge request)
• Mark token encryption job as completed when there are no users (merge request)
• Allow ConnectionNotEstablished for DB rake tasks using validate_config (merge request)
• Fix link deletion (merge request)
• Allow auditor to view group VSA analytics (merge request) GitLab Enterprise Edition
• Allow auditor to read group contribution analytics (merge request) GitLab Enterprise Edition
• Handle escaped underscores in usernames (merge request)
• Fix 500 error when visiting a non-existing integration (merge request)
• Expire relevant ETag caches for realtime_changes endpoints (merge request)
• Allow auditor to view repository analytics (merge request) GitLab Enterprise Edition
• Fix GraphQL pagination for vulnerabilities (merge request) GitLab Enterprise Edition
• Use cached column list for members union query (merge request)
• Add unique keyField for Blob types (merge request)
• Allow auditor to view devops adoption analytics (merge request) GitLab Enterprise Edition
• Fixed receiveDashboardValidationWarningsFailure by @gotounix (merge request)
• Handle BulkImports::ExportStatus incorrect export status value (merge request)
• Refactor environment empty state to use scope (merge request)
• Remove attempted redirection on non-HTML requests (merge request)
• Fix project permission toggle behavior (merge request)
• Fix project permission toggle behavior
• Fixed crm db seed trying to seed non-root groups by @leetickett (merge request)
• Don't include compliance pipeline definition in scheduled security orchestration pipelines (merge request) GitLab Enterprise Edition
• Fix code quality report display by @nanmu42 (merge request)
• Raise exception when gitaly-backup could not be found (merge request)
• Replace success variant with the confirm (merge request) GitLab Enterprise Edition
• Updated ComplianceViolation merged_at where checks to use DATE() (merge request) GitLab Enterprise Edition
• Fix missing metrics for Sidekiq exporter server (merge request)
• Fix incorrect new group path in import history (merge request)
• Scope Geo replication details progressbar popup target by site ID (merge request) GitLab Enterprise Edition
• Allow auditor to view grop productivity analytics (merge request) GitLab Enterprise Edition
• Fix credentials detection for UrlSanitizer (merge request)
• Revert Protected Environment group access inheritence (merge request)
• Add an example path for gitaly_backup_path setting (merge request)
• Suggestions: use template from target project instead of source project by @trakos (merge request)
• Fix issue with delete project container text (merge request) GitLab Enterprise Edition
• Fix error in table when text is too long (merge request)
• Ensure ci_environment_status always return latest deployment status (merge request)
• Fix create issue in board with weight (merge request) GitLab Enterprise Edition
• Fix GraphQlController not logging sessionless user (merge request)
• Limit audit events controller to 31 days date range (merge request) GitLab Enterprise Edition
• Fix ComplianceViolationResolver pagination with sorting (merge request) GitLab Enterprise Edition
• Fix PA for projects in nested groups (merge request) GitLab Enterprise Edition
• Improve topic avatar copy (merge request)
• Handle CRM objects when moving groups by @leetickett (merge request)
• Always pass data payloads as a hash for hooks (merge request)
• Adding a forced UTF-8 conversion to prevent encoding errors (merge request)
• Allow admins to invite groups they are not a member of for group (merge request)
• Update manual job message for protected jobs (merge request) GitLab Enterprise Edition
• Use last focused markdown field for quoted reply (merge request)
• Retain membership record for a personal project’s owner after transfer (merge request)
• Improve backup logging (merge request)
• Refetch runners list data after runner is updated (merge request)
• Fix markdown header toolbar showing in compact preview view (merge request)
• Fix vulnerability list clearing when already-selected filter is clicked (merge request) GitLab Enterprise Edition
• Upgrade rack-proxy to v0.7.2 (merge request)
• Convert seconds to minutes for the shared runner usage chart (merge request) GitLab Enterprise Edition
• Fix NoMethodError for CommitController (merge request)
• Fix backups not working when feature_flags table does not exist (merge request)
• SAST flawfinder + semgrep: add missing extensions by @blueur (merge request)

Changed (227 changes)

• Geo Sites - Empty Search State (merge request) GitLab Enterprise Edition
• Use GlAvatar in environments dashboard (merge request)
• Reduce size of file header buttons (merge request)
• Remove setting link from branches page (merge request)
• Bump Gitaly to v14.10.0.pre.rc1 by @nick.thomas (merge request)
• Downgrade coverage-check approval rule to premium (merge request) GitLab Enterprise Edition
• Migrate localization checkbox (merge request)
• Remove security_scan_succeeded from code by @svdj (merge request) GitLab Enterprise Edition
• Make OmniAuth initializer return Geo proxied URL when it exists (merge request) GitLab Enterprise Edition
• Replace generic checkbox with GitLab UI component (merge request) GitLab Enterprise Edition
• This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
• Update variant to confirm (merge request)
• Use GlBroadcastMessage in Broadcast Message admin settings page (merge request)
• Change snippet award emoji state from active to selected (merge request)
• Disable image deletion during registry migration (merge request)
• Use Pajamas components for checkboxes in webhook forms (merge request)
• Update GITLAB_KAS_VERSION to 14.10.0 (merge request)
• Update icon to long arrow (merge request)
• Pass hash instead of URI to Elasticsearch client (merge request) GitLab Enterprise Edition
• Port checkboxes in spam settings to pajamas (merge request)
• Add spotbugs to analyzer order (merge request)
• Update variant to confirm (merge request)
• Allow invitations API to handle user invites as well as emails (merge request)
• Use pajamas checkbox for group owners can manage default branch checkbox (merge request)
• Migrate button to GlButton variants (merge request)
• Updates checkboxes in Admin -> Settings -> General (merge request)
• Use Pajamas styled checkbox in Admin help page form (merge request)
• Migrate checkboxes on user preferences page to be Pajamas compliant (merge request)
• Change variant to confirm (merge request) GitLab Enterprise Edition
• Update auto-deploy-image to v2.23.0 (merge request)
• Change delete project confirmation modal to default size (merge request)
• Migrate checkboxes on admin group edit page to be Pajamas compliant (merge request)
• Change subgroups to use official subgroup icon (merge request)
• Prevent global user searches (merge request)
• Move diff overflow warning into component (merge request)
• Add more helpful error when not authorized to update (merge request)
• Hide IP Address label when no space is available (merge request)
• Re-backfill escalation statuses (merge request)
• Update monitor deprecation notices (merge request)
• Update unprotect branch button variant and size (merge request)
• Update checkbox third party offers to be Pajamas compliant (merge request)
• Migrate checkboxes on user notifications page to be Pajamas compliant (merge request)
• Migrate pipeline setting checkbox to Pajamas design system (merge request)
• Use pajamas checkbox for appearance header and footer form (merge request)
• Improve readability for MR review emails (merge request)
• Update brand header logo to match tanuki height (merge request)
• Port admin hooks form to be pajamas compliant (merge request)
• Migrate account limits checkboxes (merge request)
• Update corpus management file size formatting to appear cleaner (merge request) GitLab Enterprise Edition
• Migrate admin pages settings to GitLab UI (merge request)
• Replace generic checkbox with GitLab UI element (merge request)
• Replace generic checkbox with GitLab UI component (merge request)
• Replace generic chackbox with GitLab UI element (merge request)
• Enable vulnerability_reads_table by default (merge request) GitLab Enterprise Edition
• Replace generic checkbox with GitLab UI component (merge request)
• Allow unconfirmed users in non-admin searches (merge request) GitLab Enterprise Edition
• Replace generic checkbox with GitLab UI element (merge request)
• Run all deployment jobs for the common pipeline with same environment (merge request)
• Replace generic checkbox with GitLab UI component (merge request)
• Remove group_import_export feature flag (merge request)
• Migrate checkbox for performance optimization settings (merge request)
• Recommend Helm for installing the GitLab agent (merge request)
• Read encrypted properties (merge request)
• Use Pajamas checkbox for ldap_access_setting.html.haml (merge request) GitLab Enterprise Edition
• Geo status: Explicate item counts (merge request) GitLab Enterprise Edition
• Add GlButton classes to complete button migration (merge request)
• Change button label (merge request)
• Add remaining storage size to namespace storage email notification (merge request)
• Make WebIDE dropdown fullwidth (merge request)
• Modify container-scanning template to automatically apply FIPS image (merge request)
• This MR adds info badge to DAST configuration card (merge request) GitLab Enterprise Edition
• Move Alerts metric image API to CE (merge request)
• Migrate form checkbox in the Grafana admin settings (merge request)
• This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
• This MR replaces generic checkbox (merge request) GitLab Enterprise Edition
• Add help link for escalation status dropdown (merge request) GitLab Enterprise Edition
• Use GlAvatar in environments dashboard (merge request)
• Enable vulnerability_report_pagination feature flag by default (merge request) GitLab Enterprise Edition
• Replace generic checkbox with GitLab UI component (merge request)
• Use pajamas checkbox for user access level form (merge request)
• Add HTML5 validation to about your company form (merge request) GitLab Enterprise Edition
• Document Kubernetes 1.21 as supported (merge request)
• Migrate snowplow checkbox (merge request)
• Migrate sourcegraph checkboxes (merge request)
• Add more verbose error message if 2FA required (merge request)
• Port app settings checkboxes (merge request)
• Port checkbox in pipeline schedules (merge request)
• Change variant to confirm (merge request)
• Change variant to confirm (merge request)
• Change variant to confirm (merge request)
• Add validation for confidentiality notes (merge request)
• Add status to DependencyProxy::Manifest type in GraphQL (merge request)
• Migrate admin email checkboxes (merge request)
• Migrate group auto devops form to GitLab UI (merge request)
• Change variant to confirm (merge request)
• Change variant to confirm (merge request)
• Update to rails 6.1.4.7 (merge request)
• Change variant to confirm (merge request)
• Adds a project scoped unique file name constraint for Secure Files (merge request)
• Improve accessibility of Admin application settings page (merge request)
• Updated encyption key generation for Secure Files (merge request)
• Find topic by case insensitive name for detail page by @wwwjon (merge request)
• Bump Gitaly server to v14.10.0.pre.rc1 (merge request)
• Update GlButton variant to confirm in test cases (merge request) GitLab Enterprise Edition
• Added educational text about K8s deployments (merge request)
• Polish Jira issue fields UI (merge request) GitLab Enterprise Edition
• Use SHA256 fingerprint instead of MD5 for LFS token secret (merge request)
• Fix: notify service i18n for MR and Issues by @JeremyWuuuuu (merge request)
• Remove the ip check from the captcha challenge check (merge request) GitLab Enterprise Edition
• Polish UI of epic roadmap view (merge request) GitLab Enterprise Edition
• Only admins can search blocked and banned users (merge request) GitLab Enterprise Edition
• Polish jira_connect users UI (merge request)
• Remove support for file checksum to Secure File uploads (merge request)
• Updated Kubernetes clusters UI (merge request)
• Ignore unindexed projects that have no repository (merge request) GitLab Enterprise Edition
• Add repository size to Plan Limits by @zhzhang93 (merge request)
• Refactor DAST Profiles to use GraphQL fragments (merge request) GitLab Enterprise Edition
• Keep labels sorted by title after mutation (merge request)
• Move liquibase template up one directory (merge request)
• Show UsageData buttons only if cache exists (merge request)
• Extend namespace gitlab_subscription API (merge request) GitLab Enterprise Edition
• Serialize and deserialize by default for LocalStorageSync component (merge request)
• Update group overview icons to match sidebar icons (merge request)
• Don't generate MD5 fingerprint in FIPS mode (merge request)
• Log deprecated/unsupported report schema versions (merge request) GitLab Enterprise Edition
• Update DAST site profile mutations to return payload (merge request) GitLab Enterprise Edition
• Update DAST Scanner Profile Mutations to return payload (merge request) GitLab Enterprise Edition
• Replace compliance dashboard with new compliance violations report (merge request) GitLab Enterprise Edition
• Do not allow to change note's confidentiality (merge request)
• Removing the ignored column project_pages_metadata.artifacts_archive_id (merge request)
• Merge topics with same name by @wwwjon (merge request)
• Updated language on vulnerability report page (merge request) GitLab Enterprise Edition
• Remove gray background from milestone page (merge request)
• Replace runners 'active' filters with 'paused' (merge request)
• Merge branch '356485-refactor-detected-licenses' into 'master' (merge request) GitLab Enterprise Edition
• Migrate alert to shared partial in import group (merge request)
• Ensure Workhorse AWS endpoint is only used for S3 (merge request)
• Use GlAvatar in design note (merge request)
• Change license compliance to use warning alert (merge request)
• Migrate alert to shared partial in notifications (merge request)
• Change user popover avatar to supported size (merge request)
• gitlab/setup_helper: Migrate Gitaly to use runtime directory (merge request)
• Feat(License): update license type names (merge request) GitLab Enterprise Edition
• Add binaries folder and remove build flags in Go CI-Template (merge request)
• Roadmap App with Tree View (merge request) GitLab Enterprise Edition
• Remove link to content editor feedback issue (merge request)
• Remove user_email_lookup_limit column (merge request)
• Change container registry policy banner (merge request)
• FIPS support for API keys endpoint (merge request)
• Migrate diff stats view to component (merge request)
• Adds status popover in runners table header (merge request)
• Add labels to the 'Note on MR' webhook payload (merge request)
• Update locked tooltip for project runners (merge request)
• Update the translations (merge request)
• Filter out project bots from user results on invite members (merge request)
• Switch grad hat icon with bulb for learn gitlab (merge request)
• Remove go to profile text from tooltips (merge request)
• Update "locked" tooltips and text (merge request)
• Add index to improve speed of vulnerabilities (merge request)
• Update button text in pipeline editor (merge request)
• Make the shared/groups/_dropdown Pajamas compliant (merge request)
• Update help popover icon (merge request)
• Support attn alias for attention (merge request)
• Issue 323331 - createFlash called twice in search fetchProjects (merge request)
• Update help link in UI to remove 'ee' (merge request)
• Issue 351689 - Prevent autocomplete searches under X characters (merge request)
• Update DAST profile summary to hide empty values (merge request) GitLab Enterprise Edition
• Updated wording for the agent token instructions (merge request)
• Optimise ci_namespace_mirrors_for_group_members to search prefix (merge request)
• Relocate runner IP Address to Runner column (merge request)
• Redirect deprecated SSE to Web IDE (merge request)
• Migrate export group alerts to be Pajamas compliant (merge request)
• Adjust ProjectExportWorker urgency (merge request)
• Specify that the committer email is checked (merge request) GitLab Enterprise Edition
• Use GlAvatar in project_list_item component (merge request)
• Remove the jira_connect_installation_update flag (merge request)
• Add stricter e-mail validation for on push notification by @lenikadali (merge request)
• Geo migrations settings are included by default (merge request) GitLab Enterprise Edition
• Default multi_json to Oj (merge request)
• Update button text for DAST On-demand scans (merge request) GitLab Enterprise Edition
• gitlab/setup_helper: Migrate Gitaly to use runtime directory (merge request)
• Hide "Users in Subscription" card for Ultimate plans (merge request) GitLab Enterprise Edition
• Update copy for DAST Profile library page (merge request) GitLab Enterprise Edition
• Period limit default Insights yaml (merge request) GitLab Enterprise Edition
• Change default search rate limits (merge request)
• Adjust icons and button wording for license compliance (merge request)
• Generalize empty array for all scanners (merge request) GitLab Enterprise Edition
• Update mutation to unassign security policy from a group (merge request) GitLab Enterprise Edition
• Force Host header rewrite in Workhorse for Geo proxying (merge request) GitLab Enterprise Edition
• Order projects by real last update by @wwwjon (merge request)
• Use neutral colours for nav background (merge request)
• Capture user feedback in Feedback not Meta for Google Cloud app (merge request)
• Remove unnecessary html respond (merge request)
• Use instrumentation classes for Service Ping metrics (merge request)
• Expose membership_lock on group detail API by @jtymes (merge request) GitLab Enterprise Edition
• Remove block_namespace_serialization feature flag (merge request)
• Update mutation to create and assign security policy to a group (merge request) GitLab Enterprise Edition
• This MR adds new empty state for corpus management (merge request) GitLab Enterprise Edition
• Adding upload checksum to Secure Files API (merge request)
• Update tooltips for runner statuses (merge request)
• Ignore format of unmatched route (merge request)
• Remove feature flag ci_use_new_monthly_minutes (merge request) GitLab Enterprise Edition
• Add overage check for members and groups (merge request) GitLab Enterprise Edition
• Global Search - Enable Header Search Default (merge request)
• More helpful empty states for milestones (merge request)
• Remove omniauth_login_minimal_scopes feature flag (merge request)
• Link to previous path when viewing blame on renamed files by @tchandelle (merge request)
• Use gl-drawer for pipeline editor help drawer (merge request)
• Limit the number of commits in push merge request emails (merge request)
• Remove integration_form_sections feature flag (merge request)
• Enable refactor_blob_viewer by default (merge request)
• Enforce schema validation for security reports (merge request) GitLab Enterprise Edition
• Use GraphQL alias to simplify vulnerability list id property (merge request) GitLab Enterprise Edition
• Ignore search param for autosave on issue new form (merge request)
• Remove reliance on Flash styling (merge request) GitLab Enterprise Edition
• Add BlocksUnsafeSerialization to Namespace (merge request)
• Update mutation to commit security policy to a group (merge request) GitLab Enterprise Edition
• Increase remote import URL character length limit from 512 to 2048 (merge request)
• Migrate alert to gitlab-ui (merge request)
• Add empty state for Instance OAuth app page (merge request)
• Prevent encrypted fields from being serialized by default (merge request)
• Added severity to issues REST API by @stingrayza (merge request)
• Don't trigger a sentry error for Gitaly exceptions (merge request)
• Add index to improve speed of vulnerability_reads (merge request)
• Update the runner page alerts (merge request)
• Alias user_email_lookup_limit to search_rate_limit (merge request)
• Create about your company page for registration flow (merge request) GitLab Enterprise Edition

Deprecated (4 changes)

• Deprecate modifying notes confidentiality on API (merge request)
• Deprecate updating an iteration's attributes via GraphQL (merge request) GitLab Enterprise Edition
• Deprecate manual iteration creation (merge request) GitLab Enterprise Edition
• Deprecate deleting iterations via the GraphQL API (merge request) GitLab Enterprise Edition

Removed (16 changes)

• Remove the "Upgrade {rocket-emoji}" link from the user dropdown menu (merge request) GitLab Enterprise Edition
• Remove runner list in group settings (merge request)
• Remove diff_settings_usage_data flag (merge request)
• Remove bitmap creation housekeeping option (merge request)
• Remove unused MD5 generation logic for InsecureKey (merge request)
• Remove users_expanding_widgets_usage_data feature flag (merge request)
• Remove mrc_api_use_raw_diffs_from_gitaly flag (merge request)
• Remove usage_data_diff_searches feature flag (merge request)
• Remove remove_import_data_on_failure feature flag (merge request)
• Removal notice for rerequest review (merge request)
• Cleanup api_kaminari_count_with_limit feature flag by @jaspreet-3911 (merge request)
• Remove invite_team_email experiment code (merge request)
• Remove new_dir_modal feature flag (merge request)
• Remove feature flag gitaly_backup (merge request)
• Remove Balsamiq File Preview (merge request)
• Revert "Add Sbom Survey Banner" (merge request)

Security (25 changes)

• Add authorization to composer package archive download by @trakos (merge request)
• Remove ci_safe_artifact_content_type feature flag (merge request)
• Fix artifact content-type raw endpoint (merge request)
• Disallow login if password matches a fixed list (merge request)
• Upgrade swagger-ui dependency (merge request)
• Update devise-two-factor to 4.0.2 (merge request)
• Fix kroki exploit (merge request)
• GitLab Pages Security Updates for 14.9 (merge request)
• Revert "JH need more complex passwords" (merge request)
• Escape original content in reference redactor (merge request)
• Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
• Hide features a user shouldn't be able to see in a list of forks (merge request)
• Modify release link format check to avoid regex if string is too long (merge request)
• Project import maps members' created_by_id users based on source user ID (merge request)
• Monkey patch of RDoc to prevent Ruby segfault (merge request)
• Escape user provided string to prevent XSS (merge request)
• Masks variables in error messages (merge request)
• Security fix for CI/CD analytics visibility (merge request)
• Limit the number of tags associated with a CI runner (merge request)
• Latest commit exposed through fork of a private project (merge request)
• Redact InvalidURIError error messages (merge request)
• Fix access for approval rules API (merge request)
• Fix Asana integration restricted branch filter (merge request)
• Add state param validation for Bitbucket OAuth flow (merge request)
• Fix artifacts content-type (merge request)

Performance (19 changes)

• Optimise Security::Finding cleanup by clearing build_id scope (merge request) GitLab Enterprise Edition
• Drop trace-inclusive artifact removal index from ci_job_artifacts (merge request)
• Make User#ci_owned_runners to use unnest index instead of GIN (merge request)
• Fix remaining N+1 queries in EnvironmentSerializer (merge request)
• Remove ci_artifact_fast_removal_large_loop_limit feature flag (merge request)
• Finalize asynchronously built index (merge request)
• Resolve "ActionView::Template::Error: 4:Deadline Exceeded." (merge request)
• Optimize the query on Environment Detail page (merge request)
• Improve query performance of attention requests count (merge request)
• Fix discussions N+1 queries (merge request)
• Optimize User#ci_owned_runners query V3 (merge request)
• Do not include highlighted_diff_email css for each note (merge request)
• Schedule async index build for ci_job_artifacts (merge request)
• Registry import enqueuer uses migration_plan (merge request) GitLab Enterprise Edition
• Prevent loading wiki content for destroy and diff actions (merge request)
• Make the Invite Modal load conditionally (merge request)
• Load highlight.js languages asynchronously (merge request)
• Move updating statistics logic outside of the transaction (merge request) GitLab Enterprise Edition
• Caches the by email lookup logic for user in member creation (merge request)

Other (66 changes)

• Finalize traversal_ids background migrations (merge request)
• Add tests for vulnerability_report.vue (merge request) GitLab Enterprise Edition
• Use StatisticsCard in usage_quotas/seats (merge request) GitLab Enterprise Edition
• Add new packages build infos finder (merge request)
• Fix usage of distance_of_time_in_words_to_now by @edith007 (merge request)
• Add unique index for work item type names with no namespace (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by using Struct by @edith007 (merge request)
• Refactor pipeline schedule variables (merge request)
• Bump Gitlab Shell version (merge request)
• Refactor: Introduce BaseThirdPartyWiki by @chaomao (merge request)
• Update RelationExportService to not export if recently exported (merge request)
• Makes BackfillWorkItemTypeIdOnIssues migration more efficient (merge request)
• Backfill dependency proxy size in namespace stats (merge request)
• Use statistics card in storage app (merge request) GitLab Enterprise Edition
• Set usage_activity_by_stage_monthly.create.merge_requests to removed (merge request)
• Remove obsolete wiki notes (merge request)
• Chore: remove track_editor_edit_actions FF (merge request)
• Removes ci_validate_job_length ff (merge request)
• Update BulkImports::PipelineWorker Ndjson perform delay (merge request)
• Remove import_project_from_remote_file ff (merge request)
• Add temp index for notes without discussion_id (merge request)
• Document how to add a new built-in project template (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Geo: (SSF) State machine refactoring (merge request)
• Run project after import when GitLab Migration is complete (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• When building from source, require nodeJS >= 14.15.0 (merge request)
• Remove switch editing controls feature flag (merge request)
• Simplify third party container repository delete tags services by @edith007 (merge request)
• Remove the unused instance variable from the controller by @edith007 (merge request)
• Expose HTTP code during GitHub importer errors (merge request)
• Workhorse: bump gitaly client (merge request)
• Bump Gitlab Shell version (merge request)
• Remove header_read_timeout_buffered_io featureflag (merge request)
• Move compliance framework auditor to a new class (merge request) GitLab Enterprise Edition
• Cleanup secret variables refactoring in variables builder (merge request)
• Resolve Performance/DeletePrefix rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix typo in milestones empty state (merge request)
• Added read_usage_quotas ability to ProjectPolicy (merge request)
• Update API doc to show correct return type (merge request) GitLab Enterprise Edition
• Clean up after fixing issue when admin changes email (merge request)
• Remove use_model_load_balancing feature flag (merge request)
• Lazy initialization for user popovers by @cyberap (merge request)
• Migrate groups show page to GlTabs (merge request)
• Track related epics added on usage ping (merge request) GitLab Enterprise Edition
• Remove verify_protected_tags_for_pull_mirror feature flag (merge request)
• Remove feature flag spread_parallel_import (merge request)
• Resolve Rails/FindById rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove admin_application_settings_service_usage_data_center feature flag (merge request)
• Cleanup draft column data (merge request)
• Resolve Rails/BelongsTo rubocop offenses by @edith007 (merge request)
• Remove bulk_expire_project_artifacts feature flag (merge request)
• Backfill work_item_type_id for all Issues (merge request)
• Remove geo_token_user_authentication feature flag (merge request) GitLab Enterprise Edition
• Modeling for Multi Access Levels in Deployment Approval (merge request)
• Update GitLab Runner Helm Chart to 0.39.0 (merge request)
• Cleanup show_report_validation_warnings flag (merge request)
• Add tests for vulnerability report pagination feature (merge request) GitLab Enterprise Edition
• Remove temp index on id in vulnerability_occurrences (merge request)
• Fix the offences introduced by Performance/OpenStruct by @edith007 (merge request)
• Move BASE_FILTERS from filters/constants to security_dashboard/helpers (merge request) GitLab Enterprise Edition
• Add migration_plan to container_repositories (merge request)
• Bump Gitlab Shell version (merge request)
• Convert ci_builds-runner_id FK to LFK (merge request)
• Fix related epic links and issue links specs fixtures (merge request)

14.9.5 (2022-06-01)

Security (7 changes)

• Fix IP restrictions not applying to deploy tokens (merge request)
• Trigger token should respect group IP restrictions (merge request)
• Fix content injection in Jira issue title (merge request)
• Subgroup member can list members of parent group (merge request)
• Do not allow project member import when membership is locked (merge request)
• Disable changing user attributes when updating SCIM provisioned user (merge request)
• Allow only job owner to run interactive terminal (merge request)

14.9.4 (2022-04-29)

Security (15 changes)

• Fixes infinite loop when rendering Ipynb Diffs (merge request)
• Update Import/Export merge/push access levels & exclude ci config path (merge request)
• Prevent maintainers from editing PipelineSchedule (merge request)
• Add validation to pypi file sha256 values (merge request)
• Conan Token uses PAT rather than ID in payload (merge request)
• [security] Fix markdown API disclosing issue titles of limited projects (merge request)
• Verify that mentioned user can read TODO's note (merge request)
• Invalidate markdown cache to clear up stored XSS (merge request)
• Allow rate limiting of deploy tokens (merge request)
• Add suffix to cache name to add isolation (merge request)
• Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
• Sanitize error input to prevent HTML/CSS injection in messages (merge request)
• Secure debug trace artifact download (merge request)
• Use password type for all secret integration properties (merge request)
• Limit CI job group_name regexp (merge request)

14.9.3 (2022-04-12)

Fixed (4 changes)

• Revert Protected Environment group access inheritence (merge request)
• Fix URL blocker when object storage enabled but type is disabled (merge request)
• Remove pending builds from the queue on conflict (merge request)
• Fix null argument handling in background migration Rake task (merge request)

14.9.2 (2022-03-31)

Security (20 changes)

• Quarantine UsageDataNonSqlMetrics failing test (merge request)
• Disallow login if password matches a fixed list (merge request)
• Update devise-two-factor to 4.0.2 (merge request)
• Limit the number of tags associated with a CI runner (merge request)
• GitLab Pages Security Updates for 14.9 (merge request)
• Upgrade swagger-ui dependency (merge request)
• Modify release link format check to avoid regex if string is too long (merge request)
• Masks variables in error messages (merge request)
• Escape user provided string to prevent XSS (merge request)
• Monkey patch of RDoc to prevent Ruby segfault (merge request)
• Project import maps members' created_by_id users based on source user ID (merge request)
• Redact InvalidURIError error messages (merge request)
• Fix access for approval rules API (merge request)
• Fix kroki exploit (merge request)
• Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
• Escape original content in reference redactor (merge request)
• Security fix for CI/CD analytics visibility (merge request)
• Latest commit exposed through fork of a private project (merge request)
• Fix Asana integration restricted branch filter (merge request)
• Revert "JH need more complex passwords" (merge request)

14.9.1 (2022-03-23)

Fixed (1 change)

• Fix backups not working when feature_flags table does not exist (merge request)

Changed (1 change)

• Alias user_email_lookup_limit to search_rate_limit (merge request)

14.9.0 (2022-03-21)

Added (119 changes)

• Toggle the related_epics_widge feature flag (merge request) GitLab Enterprise Edition
• Add Time to Restore Service DORA metric (merge request) GitLab Enterprise Edition
• Added possiblity to create new token from the UI (merge request)
• Add param to Wiki REST endpoint to retrieve different page versions (merge request)
• Add Harbor integration by @prajnamas (merge request)
• MR widget: update merge commit message when default changed by @trakos (merge request)
• Support agent registration without config (merge request)
• Add RestrictGitlabSchema that enforces restrict_gitlab_migration (merge request)
• Enable the vsa_incremental_worker FF by default (merge request)
• Add deployment approval comment field (merge request) GitLab Enterprise Edition
• Support iteration property for issues api (merge request) GitLab Enterprise Edition
• Filter archived issues / MRs from GraphQL (merge request)
• Purge security_findings records periodically (merge request) GitLab Enterprise Edition
• Upgrade GitLab Pages to 1.56.0 (merge request)
• Stream audit event on merge request approval (merge request) GitLab Enterprise Edition
• Use batches for pull request import jobs (merge request)
• Verify protected tags permissions for pull mirroring (merge request)
• Document how to use CI dependencies and parallel:matrix together (merge request)
• Add security training urls (merge request) GitLab Enterprise Edition
• Add Enterprise filter to members search bar (merge request) GitLab Enterprise Edition
• Add VulnerabilityReadsFinder to speed up API responses (merge request) GitLab Enterprise Edition
• Copy metric images from alert to new incident (merge request) GitLab Enterprise Edition
• Expose UserInteractions for participants of a merge request (merge request)
• Remove wiki_front_matter FF (merge request)
• Add default branch to Pipelines page filter if no search term provided (merge request)
• Creates asynchronously index on ci_job_artifacts table (merge request)
• GraphQL: Add notificationEmail to GroupMembers (merge request)
• Add external status checks total to ping (merge request) GitLab Enterprise Edition
• Add CAPTCHA to REST API (merge request)
• Implement GET APIs for Deploy Tokens by @tuxtimo (merge request)
• Add namespace to Security Policy Orchestration Configuration (merge request) GitLab Enterprise Edition
• Add deployment approval UI MVC (merge request) GitLab Enterprise Edition
• Add support for failure status status checks (merge request) GitLab Enterprise Edition
• Allow to list related epics on REST API (merge request) GitLab Enterprise Edition
• Add coverage_report keyword to CI config (merge request)
• Add audit logs when unassigning CI runner from a project (merge request) GitLab Enterprise Edition
• Permalink to the latest release (merge request)
• Allow the /merge quick action through graphql create note (merge request)
• Add projects with status checks to ping (merge request) GitLab Enterprise Edition
• Add security training providers (merge request)
• Add OpenSSL FIPS mode detection and env var (merge request)
• Support Vault EE namespaces by @aleksanderzak (merge request)
• Add free user cap feature flag and controls (merge request) GitLab Enterprise Edition
• Add support stackprof in GitLab profiler (merge request)
• Include invited groups into protected environments API (merge request) GitLab Enterprise Edition
• Add wiki page render option to wiki API (merge request)
• Remove rate_limit_user_sign_up_endpoint feature flag (merge request)
• Expose committers on mergeRequest GraphQL type (merge request)
• Add backend interface to look up for security training (merge request) GitLab Enterprise Edition
• Show security report warnings on pipeline security tab (merge request) GitLab Enterprise Edition
• Allow to destroy related epics association on internal API (merge request) GitLab Enterprise Edition
• Add frontend routing to Geo GraphQL specific sites (merge request) GitLab Enterprise Edition
• Add audit logs when assigning CI runner to project (merge request) GitLab Enterprise Edition
• Merge/squash commit templates: add %{all_commits} variable by @trakos (merge request)
• Add size to image details heade (merge request)
• Feat(Licesing): update upload to activate (merge request) GitLab Enterprise Edition
• Send a notification when a new access token is created by @rpadovani (merge request)
• Add audit event for project deploy tokens (merge request) GitLab Enterprise Edition
• Add audit event for group deploy tokens (merge request) GitLab Enterprise Edition
• Add suggestion to use short-living tokens to end-users (merge request)
• Add comment to Deployment Approvals (merge request) GitLab Enterprise Edition
• Parse pasted markdown (merge request)
• Remove rate_limit_user_by_id_endpoint feature flag (merge request)
• Remove rate_limit_username_exists_endpoint feature flag (merge request)
• Remove rate_limit_profile_update_username feature flag (merge request)
• Expose sum of weights for epic board lists on GraphQL endpoint (merge request) GitLab Enterprise Edition
• Add security scan status to GraphQL API (merge request) GitLab Enterprise Edition
• Add saved replies (merge request)
• Backfill all project namespaces (merge request)
• Implement API endpoint to get single SSH key for specific user by @tuxtimo (merge request)
• Add job_variables_attributes to play build API (merge request)
• Use fair queueing for Loose Foreign Keys (merge request)
• Add application setting for cleanup policy caching (merge request)
• Add GraphQL Todoable interface for to-do targets by @KevSlashNull (merge request)
• Add circuit breaker for gitlab experimentation (merge request)
• Add delete endpoint for Alert metric images (merge request) GitLab Enterprise Edition
• Enable Loose Foreign Keys partition rotation (merge request)
• Add scan method to dast site profile GraphQL API (merge request) GitLab Enterprise Edition
• Filter a pipeline by author by @genctys (merge request)
• Allow to pass suggestedColors to ColorPicker by @wwwjon (merge request)
• Add security_and_compliance_access_level to Projects API by @ytans (merge request)
• Add user and system note filters to note_authors association (merge request)
• Add analytics to detect deployment jobs being executed (merge request)
• Add filters and sorting to compliance violations GraphQL type (merge request) GitLab Enterprise Edition
• Add encoding field to wiki API (merge request)
• Add ingestion for Finding Evidence (merge request) GitLab Enterprise Edition
• Feat(Licensing): add Offline cloud type (merge request) GitLab Enterprise Edition
• Add webhook delivery method options to config/mail_room.yml (merge request)
• Improve strikethrough in Markdown editor by @smokris (merge request)
• Created compliance violation GraphQL type and added to Group type (merge request) GitLab Enterprise Edition
• Implement colour attribute for epics by @espadav8 (merge request)
• Add basic FIPS class (merge request)
• Add Dark Mode support to the image_tag helper (merge request)
• Add upload & update endpoints for alert metrics (merge request) GitLab Enterprise Edition
• API: Add endpoint to reset runner token with old token by @KyleFromKitware (merge request)
• Added updated_state_by_user to reviewers and assignees (merge request)
• Swapable cleaner/raw diffs for Notebooks (merge request)
• Upgrade GitLab Pages to 1.55.0 (merge request)
• Enable pending builds table queuing strategy (merge request)
• Add a timeline event pipeline filter to TimelineEvent (merge request) GitLab Enterprise Edition
• Add read API for Alert Metric Images (merge request) GitLab Enterprise Edition
• Support scoped iteration report (merge request) GitLab Enterprise Edition
• Add mutation to promote timeline event from a note (merge request) GitLab Enterprise Edition
• Add active and passive profiles (merge request) GitLab Enterprise Edition
• Support scoping for timebox report via GraphQL (merge request) GitLab Enterprise Edition
• Add aggregated VSA consistency check service (merge request)
• Return runner editUrl via GraphQL API (merge request)
• Add the total time chart to each VSA stage (merge request) GitLab Enterprise Edition
• Workhorse: Allow HTTPS for backends (merge request)
• Adds cross_project_pipeline_available to NamespaceType (merge request)
• Add readme in repo creation for reg flow (merge request) GitLab Enterprise Edition
• Hide markdown preview tab if editing non-markdown formats by @espadav8 (merge request)
• Log CI runner unregistration audit events (merge request) GitLab Enterprise Edition
• Add a consolidated button to edit blobs (merge request)
• Calculate storage statistics for dependency proxy (merge request)
• Latest release badge documentation inclusion (merge request)
• Add slash command to page incident (merge request) GitLab Enterprise Edition
• Expose container repository sizes (merge request)
• Create RelatedEpic table and model (merge request)

Fixed (132 changes)

• Cleaned up clusters_helper and cluster index haml (merge request)
• Update holder name column to 50 limit constraint (merge request)
• Improve wording for vulnerabilities_allowed (merge request) GitLab Enterprise Edition
• Add missing input box for search rate limiting configuration (merge request)
• Handle Jira Connect installation updates (merge request)
• Return a 422 error for Changelog::Error exception (merge request)
• Fix empty state pipelines page (merge request)
• Update attribute indirection (merge request) GitLab Enterprise Edition
• Fixed incorrect minimum number of users on subscription purchase flow (merge request) GitLab Enterprise Edition
• Refactor remove topic avatar (merge request)
• Fix default Ci config path (merge request)
• Fix ci.json: Remove Nesting from Secrets Rule (merge request)
• Fix DevopsAdoption usage metric gathering (merge request) GitLab Enterprise Edition
• Fix Epic and Label != filtered search suggestions not showing (merge request)
• Handle recursion when creating ApplicationSettings (merge request)
• Fall back to avaiable scope if scope is invalid (merge request)
• Fix sourcegraph breaking on projects/:id (merge request)
• Find or initialize Scanners using project_id (merge request) GitLab Enterprise Edition
• Add responsive property to area charts in CI minutes (merge request) GitLab Enterprise Edition
• Additional spec to capture bug in latest release permalink and fix same (merge request)
• Global Search - Fix ref based searches (merge request)
• Remove duplicate new cluster button (merge request)
• Increase token preview length in runner audit logs (merge request) GitLab Enterprise Edition
• Fix unexpected height stretch of CI job duration badge by @nanmu42 (merge request)
• Allow setting push events branch filter for group hooks (merge request) GitLab Enterprise Edition
• Support CRM contacts only in root groups by @leetickett (merge request)
• UI Bug Fix: Expand the early checks when using /merge quick action (merge request) GitLab Enterprise Edition
• Fix an inaccurate help page link (merge request)
• Add validation for rule/yaml modes switch (merge request) GitLab Enterprise Edition
• Fix namespace usage quotas storage pagination (merge request)
• Replace applications destroy alert with GlModal (merge request)
• Don't allow filtering by in alone on issue/MR dashboard (merge request)
• Allow invite group modal to render when membership is locked (merge request) GitLab Enterprise Edition
• Scan MR description when syncing builds with Jira (merge request)
• Set resoure_iteration_events to ghost user (merge request) GitLab Enterprise Edition
• Update BulkImports Export to handle unexpected failure (merge request)
• Fix UsageDataQueries API not returning a query (merge request) GitLab Enterprise Edition
• Fixed user cap evaluation for all OAuth login (merge request) GitLab Enterprise Edition
• Fix retrying of batched background migrations (merge request)
• Allow merge commits for SD (merge request)
• Fix startup crash in Puma single mode (merge request)
• Decouple policy name update from yaml/rule modes (merge request) GitLab Enterprise Edition
• Poll folder for changes in new environments page (merge request)
• Remove empty approvers in regards to (merge request) GitLab Enterprise Edition
• Check authorization to view billableMembersCount (merge request) GitLab Enterprise Edition
• Refactor repo deletion existence checking (merge request)
• Make hr in markdown visible in darkmode by @dianapaula19 (merge request)
• Fix filters presence check to take value into consideration (merge request)
• Param requires_python is optional for pypi (merge request)
• Ensure that the spaces between frontmatter are kept by @tchandelle (merge request)
• Fix sourcemap recovery error in Content Editor (merge request)
• Users who can read group should read group token (merge request)
• Fix bot token name in issues (merge request)
• Allow inherited members of groups to deploy protected environments (merge request)
• Update group bulk edit issues user docs (merge request)
• Fix variable in _prometheus.html.haml so it shows as a code block (merge request)
• Project settings: fix semi-linear merge description by @trakos (merge request)
• Fix rake task to seed Geo tracking database (merge request) GitLab Enterprise Edition
• Fix remove button overlap with other components (merge request) GitLab Enterprise Edition
• Include merge-requests in RESERVED_REFS_NAMES (merge request)
• Pass issue ID to merge request creation form (merge request)
• Apply omniauth defaults when no arguments are given (merge request)
• Fix Verify SAML Configuration button (merge request) GitLab Enterprise Edition
• Replace success variant with the confirm (merge request) GitLab Enterprise Edition
• Modify Union sql construction (merge request)
• Restart Action Cable server when Redis disconnects (merge request)
• Cache namespace first Auto DevOps config (merge request)
• Global Search - Header Search Snippets (merge request)
• Fix NoMethodError when visiting repo analytics (merge request) GitLab Enterprise Edition
• Skip navigation modal for cancel button (merge request)
• Handle not existing training ID for securityTrainingUpdate mutation (merge request) GitLab Enterprise Edition
• Fix VSA error with scoped labels (merge request) GitLab Enterprise Edition
• Fix markdown serialization in content editor (merge request)
• Fix the month view on CI usage by minutes bar chart by @parkourkarthik (merge request)
• Hard delete bulk snippets (merge request)
• Allow popups and links within mermaid diagrams (merge request)
• Fixed bug preventing agent creation from agent tab (merge request)
• Prevent database deadlocks when deleting projects (merge request)
• Fix mermaid background in dark mode (merge request)
• Change Edit to Open in Blob view to maintain consistency by @rajanamistry (merge request)
• Fix loading spinner for legacy Filtered search dropdown (merge request)
• Replace RegistrySearch component with PersistedSearch by @orozot (merge request)
• Fix sending BlobContent query with empty variables (merge request)
• Add container to qrtly reconciliation banner (merge request) GitLab Enterprise Edition
• Add container for manual renewal banner (merge request) GitLab Enterprise Edition
• Make loading spinner Pajamas compliant (merge request)
• Reset paging when sort is changed on vulnerability report (merge request) GitLab Enterprise Edition
• Fix job page copy source branch button by @leetickett (merge request)
• Raise error when diff note import fails (merge request)
• Fix group members tooltip label by @ali_o_kan (merge request)
• Fix loading icon in activity calendar (merge request)
• Fix rendering vulnerability markdown description (merge request) GitLab Enterprise Edition
• Filter commented_approvers for user note authors (merge request)
• Remove fix_comment_scroll feature flag (merge request)
• Fix error from invalid sha for include files (merge request)
• Fix GRPC 500 from BlobsResolver (merge request)
• Add error for cross pipeline dependencies (merge request)
• Handle received header fallback for missing Delivered-To (merge request)
• Fix erroneous all warning from race condition (merge request)
• Remove unnecessary margin to the right of the Show comment only dropdown by @rajanamistry (merge request)
• Expose merge request flag as boolean in the pipeline entity (merge request)
• Fix pull/push mirror authentication fields (merge request)
• Allow admin to register group runners at all times (merge request)
• Fix cross-database modification when resetting CI minutes (merge request)
• Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
• Enable removing import data on failure by default (merge request)
• Fix flash color when there is an error by @ali_o_kan (merge request)
• Allow assigning users with private profiles (merge request)
• Fix multiple modals showing when canceling note (merge request)
• Allow admin to register project runners at all times (merge request)
• Block execution of cyclical pipelines (merge request)
• Ensures audit events are visible to auditor (merge request) GitLab Enterprise Edition
• Truncate Jira app key to be no longer than 64 (merge request)
• Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
• Avoid idling in transaction when fetching source for merge requests (merge request)
• Fix response of securityTrainingUpdate mutation (merge request) GitLab Enterprise Edition
• Remove CachingArrayResolver from epic issues (merge request) GitLab Enterprise Edition
• Do not mirror protected tags restricted for a creation (merge request) GitLab Enterprise Edition
• Hide white box at bottom of MR diff page (merge request)
• Stop backup files from requiring directories to exist when skipped (merge request)
• Fix the Content Editor strikethrough shortcut docs by @smokris (merge request)
• Fix TypeError from Tags::Reference (merge request)
• Fix copy button in Enable Review App modal by @aeboyaci (merge request)
• Pass all options from member entity (merge request)
• Automatically adapt the CSP when snowplow is enabled (merge request)
• Fix toolbar buttons in Markdown field (merge request)
• Fix Replace button form path (merge request)
• Allow project admin to read project approvals (merge request) GitLab Enterprise Edition
• Dynamically add AWS URLs to CSP on EKS auth page (merge request)
• Do not count group bot users from shared group towards seat usage (merge request) GitLab Enterprise Edition
• Make contribution graph email grouping ignore case (merge request)
• Don't return 500 error in Commits API when repository is missing (merge request)

Changed (194 changes)

• Add iteration selector to board scope (merge request) GitLab Enterprise Edition
• Block limited broadcast address (255.255.255.255) in UrlBlocker (merge request)
• Migrate to unique indices in projects runners tokens (merge request)
• Track git blame clicks from code search results (merge request)
• Split cluster creation page into two pages (merge request)
• Prevent group owners from deleting certain project runners (merge request)
• Remove unnecessary Edit tab in WebIDE by @Bisht13 (merge request)
• Switch AWS "easy button" icons with radio buttons (merge request)
• Update error message with importing container repository (merge request)
• Update runner Pause/Resume button labels (merge request)
• Update Jira integration form to have sections (merge request)
• Set geo_job_artifact_replication default to true (merge request) GitLab Enterprise Edition
• Use checkboxes to select target roles for broadcast messages (merge request)
• Add frontend validation to avoid duplicate asset link names by @emanuelfarias (merge request)
• Adding Secure Files upload limit (merge request)
• Promote exp: change_continuous_onboarding_link_urls (merge request)
• Move two-factor authentication callout to the todo-list page (merge request)
• Use new vulnerability report for pipeline security tab (merge request) GitLab Enterprise Edition
• Update job page for blocked deployments (merge request) GitLab Enterprise Edition
• Remove block_project_serialization feature flag (merge request)
• Migrate two-factor auth error message to shared HAML partial (merge request)
• Enable the geo_token_user_authentication FF by default (merge request)
• Do not ensure HEAD is default_branch on snippets (merge request)
• Project authorization is unique per user, project (merge request)
• Change CI lint primary button style by @gtsiolis (merge request)
• Add pipeline editor walkthrough feature permanently (merge request)
• Add error when acccess denied due to credit card (merge request) GitLab Enterprise Edition
• Turn the subscribable banner into an alert (merge request) GitLab Enterprise Edition
• Add configurable search rate limits (merge request)
• Improve email notification styling by @smokris (merge request)
• Enable API kaminari count with limit by @jaspreet-3911 (merge request)
• Bump GITLAB_KAS_VERSION to 14.9.0 (merge request)
• Revise merge-conflict modal text (merge request)
• Rename remove user action (merge request)
• Search presenter is a noop when given empty results (merge request)
• Restyle project deletion and restoration containers (merge request) GitLab Enterprise Edition
• Remove new environments table feature flag (merge request)
• Add link to incident title (merge request)
• Remove type from ruby template (merge request)
• Enable feature flags to resume artifact removal (merge request)
• Validate urls before attempting to download (merge request)
• Parse Snowplow value as Number (merge request)
• Remove placeholder and move error message in the form (merge request)
• Update auto-build-image to v1.9.1 (merge request)
• Remove feature flag to read finding evidence model (merge request) GitLab Enterprise Edition
• Removed compliance_violations_graphql_type feature flag (merge request) GitLab Enterprise Edition
• Enable show_report_validation_warnings by default (merge request)
• Use follow redirects middleware in the Container Registry clients (merge request)
• Use SAX parser for cobertura coverage reports (merge request)
• Migrate spinners in approver suggestion partial (merge request) GitLab Enterprise Edition
• Release chat notification branch filter for deployments (merge request)
• Add no-sort-reset prop to vulnerability list (merge request) GitLab Enterprise Edition
• Update placeholder text in import projects table (merge request)
• Reduce the number of buckets in Sidekiq histograms (merge request)
• Wrap alert in a DIV by @gitlab-dependency-update-bot (merge request) GitLab Enterprise Edition
• Remove vulnerability_finding_replace_metadata flag (merge request) GitLab Enterprise Edition
• Update group-level compliance framework to match project settings (merge request) GitLab Enterprise Edition
• Merge injected KUBECONFIGs for clusters and agents (merge request)
• Fallback to basic search on archived projects (merge request) GitLab Enterprise Edition
• Added cluster Actions menu to group and admin view (merge request)
• Remove feature flags for runner token prefix (merge request)
• Fix RSpec/TimecopTravel offenses (Part 2/2) by @KevSlashNull (merge request)
• Disallow integrated error tracking by default (merge request)
• Improve and internationalize Deployment Approval error messages (merge request) GitLab Enterprise Edition
• Update new issue form to match Pajamas specs (merge request)
• Refactor(Groups SSO): migrate to gl-tabs (merge request) GitLab Enterprise Edition
• Enable cleanup policies throttling by default (merge request)
• Global Search - Support non-js searches (merge request)
• Update icon, remove text, and switch (merge request)
• Allow to hide deployment target on New Project page by @wwwjon (merge request)
• Support GraphQL authentication with project tokens (merge request)
• Migrate Epic Tabs to use Button Group (merge request) GitLab Enterprise Edition
• Extend billable members count to accept requested hosted plan parameter (merge request) GitLab Enterprise Edition
• Bump Auto Deploy Image verion to v2.22.0 (merge request)
• Consider non-default config files for Security UI (merge request)
• Migrate loading spinners (merge request)
• Update project compliance frameworks settings (merge request) GitLab Enterprise Edition
• Issue 349398 - Update search field in Global Search (merge request)
• Header Search Refactor - Handle Errors in the component (merge request)
• Migrate spinners in archived projects partial (merge request)
• Migrate spinners in user's overview (merge request)
• Migrate spinners in explore groups partial (merge request)
• Creates audit event when approval rule is deleted (merge request) GitLab Enterprise Edition
• Creates audit event on approval rule creation (merge request) GitLab Enterprise Edition
• Update Auto DevOps docker versions to 20.x (merge request)
• Remove constraints from sprints table (merge request)
• Move Geo repository updated event creation into a worker (merge request) GitLab Enterprise Edition
• Migrate loading icon to be Pajamas compliant (merge request)
• Migrate loading spinners (merge request)
• Move default branch protection to repository settings (merge request)
• Migrate loading spinners (merge request)
• Update registration enabled callout (merge request)
• Migrate loading spinners (merge request)
• Iteration search uses cadence and iteration titles (merge request) GitLab Enterprise Edition
• Display license ID retrieved from CustomersDot (merge request) GitLab Enterprise Edition
• Re-introduce role-targeted broadcast messages (merge request)
• Use GlAvatar in security dashboard (merge request) GitLab Enterprise Edition
• Remove personal_project_owner_with_owner_access feature flag (merge request)
• Use the environment tier for jira connect deployment environment type by @alanandrade (merge request)
• Add unique index for security training providers (merge request)
• Allow tags as target of pipeline scheduled by @KevSlashNull (merge request)
• Migrate group/project member spinners (merge request)
• Migrate legacy spinner (merge request)
• Disable multi-project viz for free users (merge request)
• Update Import object persistence approach (merge request)
• Correct text of Banner message label (merge request) GitLab Enterprise Edition
• Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
• Remove non-human created tokens from PAT list (merge request) GitLab Enterprise Edition
• Update maximum allowable lifetime message for PAT (merge request) GitLab Enterprise Edition
• Disable the PA commit button when there are no changes (merge request)
• Add the "Support Ukraine" tanuki (merge request)
• Link new issue to original via checkbox by @smokris (merge request)
• Migrate gfm loading spinner (merge request)
• Use report-declared version of the schema (merge request) GitLab Enterprise Edition
• Migrate MAINTAINER access memberships to OWNER (merge request)
• Surface validation errors as warnings (merge request) GitLab Enterprise Edition
• Migrate loading icon (merge request)
• Geo secondary proxying: serve assets locally (merge request) GitLab Enterprise Edition
• Replace n/a with a hyphen in the runners table (merge request)
• Update Secret Detection template (merge request)
• Add alert and disable active checkbox (merge request)
• Improve UI text of sign-in restrictions (merge request)
• Put deprecated serverless features behind feature flag (merge request)
• Add BlocksUnsafeSerialization to Project (merge request)
• Add default_branch to KAS responses (merge request)
• Use GlButtonGroup instead of GlSegmentedControl (merge request) GitLab Enterprise Edition
• Change loading state jobs tab (merge request)
• Increase pipeline editor debounce to 500ms (merge request)
• Set danger variant and label to delete WA Device (merge request)
• Set danger variant and label to destroy oauth app (merge request)
• Set variants and labels to abuse report buttons (merge request)
• Set danger variant to delete artifact button (merge request)
• Set danger variant & labels for appearance buttons (merge request)
• Improve Sourcegraph settings text (merge request)
• Remove pipeline editor button from blob view (merge request)
• Refine copy for Jira integration (merge request)
• Project quality summary: add test runs empty state (merge request)
• Backfill member_namespace_id for GroupMember (merge request)
• Merge branch 'user-validation-failed-message' into 'master' (merge request)
• Improve user validation failed message (merge request)
• Remove releases with NULL tags and add not-NULL constraint (merge request)
• Replace success with confim variant (merge request)
• Suggest backend reviewer for erb and haml files (merge request)
• Add Gitlab.revision to Gitlab::JsonCache cache_key by default (merge request)
• Replace window.confirm with GlModa in environment actions (merge request)
• Use instrumentation classes for Service Ping generation (merge request)
• Remove null constraint from security_scan_succeeded column by @svdj (merge request)
• Improve the labels on Kubernetes Agent UI (merge request)
• Expose created_at when serializing Deployment Approvals (merge request) GitLab Enterprise Edition
• Split rebase action buttons into two separate buttons by @KevSlashNull (merge request)
• Reword 'build' to 'pipeline' in todos by @KevSlashNull (merge request)
• Update pipeline labels (merge request)
• Re-position the erase log button (merge request)
• Adjust incident list column widths and truncation (merge request)
• Replace the gitlab import haml modal with a GlModal (merge request)
• Adds a notification for a future dated license (merge request) GitLab Enterprise Edition
• Use strong params for ProjectsController by default (merge request)
• Update iteration lists (merge request) GitLab Enterprise Edition
• Improve accessibility on empty project page (merge request)
• Use GlAvatar in operations dashboard (merge request) GitLab Enterprise Edition
• Update trial status reminder design (merge request) GitLab Enterprise Edition
• Hide issue header dropdown button if there are no actions by @KevSlashNull (merge request)
• Use groups API for Approvals form by default (merge request) GitLab Enterprise Edition
• Remove the VSA duration chart stage dropdown (merge request) GitLab Enterprise Edition
• Introduce new jobs tab (merge request)
• Rate limit epic create service (merge request) GitLab Enterprise Edition
• Use sentence case for trigger events (merge request)
• Remove GlAlert contained prop (merge request) GitLab Enterprise Edition
• Switched title to h1 on issues (merge request)
• Improve Amazon EKS settings text (merge request)
• Stop using type, and use type_new instead (merge request)
• Drop show_diff_preview_in_email column (merge request)
• Add aria-label and tooltip to the emoji picker (merge request)
• Update cleanup policy parameters (merge request)
• Increase text limit of maintainer_note field (merge request)
• Clear future subscriptions info on license destroy (merge request) GitLab Enterprise Edition
• Change button variant to confirm in Web IDE modals (merge request)
• Allow only topic names that are case insensitive unique by @wwwjon (merge request)
• Return project delete errors (merge request)
• Replace GlSegmentedControl with GlDropdown (merge request)
• Change the order column of topics to non_private_projects_count by @wwwjon (merge request)
• Removed rate_limited_service_issues_create flag (merge request)
• Migrate create protected branch form to GlToggle (merge request)
• Deprecate test reports relationship with requirements (merge request) GitLab Enterprise Edition
• Update registry regex to allow 4 levels (merge request)
• Validate NOT NULL on security_findings.uuid column (merge request)
• Migrate edit protected branch form to GlToggle (merge request)
• Clean up feature flag publish_project_deleted_event to enable by default (merge request)
• Default to delayed deletion for projects not in personal namespace (merge request)
• Enable scan_result_policy by default (merge request) GitLab Enterprise Edition
• Append URL issue description to template by @smokris (merge request)
• Remove fork_project_form feature flag (merge request)
• Add SUPPORTED_VERSIONS and DEPRECATED_VERSIONS to SchemaValidator (merge request)
• Update documentation for Usage quota (merge request)

Deprecated (3 changes)

• Deprecate VALIDATE_SCHEMA configuration variable (merge request)
• Add deprecation notice to NetworkPolicyConnection (merge request) GitLab Enterprise Edition
• feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)

Removed (10 changes)

• Clean up import and other invite members modal rollout pieces (merge request)
• Untrack external_pull_requests row deletions (merge request)
• Remove support for unsafe regular expressions (merge request)
• Drop unused partitioned_foreign_keys table (merge request)
• Cleanup Code Quality Walkthrough experiment (merge request)
• Cleanup Ci Runner Templates experiment (merge request)
• Remove :cluster_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
• Clean up forcibly_show_trial_status_popover experiment (merge request)
• Remove security_report_ingestion_framework feature flag (merge request) GitLab Enterprise Edition
• Remove cache_shared_runners_enabled FF (merge request)

Security (16 changes)

• Set nosniff header on assets requests (merge request)
• Default enable header_read_timeout_buffered_io (merge request)
• Escape branch names in push instructions (merge request)
• Create Error.rb, update ProcessPolicyService by @FacVain (merge request) GitLab Enterprise Edition
• Add Integration.encrypted_properties (merge request)
• Warn when snippet contains unretrievable files
• Change runners_token prefix for Group and Project
• Add runners_token prefix to Group and Project
• Only expose id and name attributes when serializing deploy token (merge request)
• Prevent DOS when rendering math markdown
• Limit commands_changes to certain keys
• Reset password field on page load
• Check permission when creating members through service
• Check for unsafe characters in email addresses before sending
• Anonymous user can enumerate all users through GraphQL endpoint
• Exif metadata not stripped when uploading image attachments via Emails (merge request)

Performance (10 changes)

• Improve performance of group releases endpoints (merge request)
• Load highlight.js languages asynchronously (merge request)
• Add index on releases table to resolve cicd settings page timeout (merge request)
• Fix slow query for "All" tabs in "Your projects" activity page (merge request)
• Drop old index for security ci builds on name and id parser (merge request)
• Create new index for security ci builds with new features (merge request)
• Recreate index for security builds to include fuzzing jobs (merge request)
• Schedule async weekend build of index for job traces (merge request)
• Decrease the default fast statement timeout (merge request)
• GlTableLite in favor of GlTable for runners list (merge request)

Other (82 changes)

• Adjust NullifyOrphanRunnerIdOnCiBuilds batch parameters (merge request)
• Remove duplicate releases from projects (merge request)
• Pass formats explicitly when rendering .html format by @edith007 (merge request)
• Complete environments GET API docs by @tuxtimo (merge request)
• Add statistics seats card (merge request) GitLab Enterprise Edition
• Remove maxlength limit from the project description textarea (merge request)
• Add support for relating epics (merge request) GitLab Enterprise Edition
• Revert changes about moving methods to base class (merge request) GitLab Enterprise Edition
• Add list related epic links API documentation (merge request)
• Remove restrict_special_characters_in_project_path feature flag (merge request)
• Update import manifest alert (merge request)
• Update gcp signup offer to alert partial (merge request)
• Update runner edit alert to use partial (merge request)
• Fix GraphQL/FieldMethod offense (Part 1/2) by @KevSlashNull (merge request)
• Remove dependency list usage data from Redis (merge request) GitLab Enterprise Edition
• Remove corpus management feature flags (merge request) GitLab Enterprise Edition
• Fix artifacts with wrong expire_at date (merge request)
• Update data in batches while deleting a user (merge request) GitLab Enterprise Edition
• Document performance implication of the feature flags (merge request)
• Remove real-time feature flags (merge request)
• Move reactive cache methods to base class (merge request) GitLab Enterprise Edition
• This enables the pipeline_schedules_with_tags feature flag (merge request)
• Remove the invite members modal feature flag (merge request) GitLab Enterprise Edition
• Remove feature flag project_owners_list_project_pending_deletion (merge request) GitLab Enterprise Edition
• Update Web IDE copy (merge request)
• Add dispensable_render methods (merge request)
• Remove ci_pipeline_merge_request_presence_check feature flag (merge request)
• Remove default_merge_ref_for_diffs feature fflag (merge request)
• Remove rearrange_pipeline_table feature flag (merge request)
• Add RelatedEpicsLinks::DestroyService (merge request) GitLab Enterprise Edition
• Ignore requirements_management_test_reports.requirement_id column (merge request) GitLab Enterprise Edition
• Add nullify job for orphan runner_id columns of ci_builds (merge request)
• Rerun ConvertStringifiedRawMetadataHashToJson inline (merge request)
• Update GlAlert in security dashboard table (merge request) GitLab Enterprise Edition
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Remove context_commits feature flag (merge request)
• Remove deprecated package application setting (merge request)
• Remove feature flag for bulk inserting job tags (merge request)
• Cleanup back-filling CI queuing tables migration (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Remove snippets_binary_blob FF (merge request)
• Remove usage_data_i_snippets_show FF (merge request)
• Implement Gitlab mirror scheduling tracker (merge request)
• Add certificate_based_clusters FF to Service Ping (merge request)
• danger: Use changelog rule from gitlab-dangerfiles (merge request)
• Resolve Rails/LinkToBlank rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
• Resolve Rails/IndexBy rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove feature flag group_merge_request_approval_settings_feature_flag (merge request) GitLab Enterprise Edition
• Move shared code for related epic links (merge request) GitLab Enterprise Edition
• Remove the container_expiration_policies_historic_entry feature flag (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request)
• Fix GraphQL/OrderedFields offenses by @edith007 (merge request) GitLab Enterprise Edition
• Support load timings for non-Chromium browsers by @davebarr (merge request)
• Resolve Rails/ShortI18n rubocop offenses by @edith007 (merge request)
• Migrate projects create from template page to GlTabs (merge request)
• Memoize group secret variables on the variables builder (merge request)
• Resolve Performance/Sum rubocop offenses by @edith007 (merge request) GitLab Enterprise Edition
• Resolve Performance/DeleteSuffix rubocop offenses by @edith007 (merge request)
• Remove feature flag for Group Projects API Plan Preloading (merge request) GitLab Enterprise Edition
• Show an IPv6 sample in placeholder text (merge request) GitLab Enterprise Edition
• Fix GraphQL/OrderedArguments offense (Part 6/6) by @KevSlashNull (merge request)
• Add advanced_search metrics to the dictionary (merge request) GitLab Enterprise Edition
• Rename usage column in storage projects-list (merge request) GitLab Enterprise Edition
• Set worker resource boundary for ImportRequirementsCsvWorker by @edith007 (merge request) GitLab Enterprise Edition
• Clean up roadmap_settings feature flag (merge request)
• Fix GraphQL/FieldDefinitions offense (Part 4/4) by @KevSlashNull (merge request)
• Fix GraphQL/OrderedArguments offense (Part 5/6) by @KevSlashNull (merge request)
• Simplify container repository delete tags services by @edith007 (merge request)
• Make labels sort dropdown pajamas compliant (merge request)
• Fix Style/OpenStructUse offenses in auth provider specs by @edith007 (merge request)
• Remove the generic_packages feature flag (merge request)
• Remove delegate as it's redundant due to SimpleDelegator by @edith007 (merge request)
• Remove unneeded override in Ci::PipelinePresenter by @edith007 (merge request)
• Clean up issue_boards_filtered_search feature flag (merge request)
• Add table for storing issue tsvector (merge request)

14.8.6 (2022-04-29)

Security (14 changes)

• Update Import/Export merge/push access levels & exclude ci config path (merge request)
• Prevent maintainers from editing PipelineSchedule (merge request)
• Add validation to pypi file sha256 values (merge request)
• Conan Token uses PAT rather than ID in payload (merge request)
• [security] Fix markdown API disclosing issue titles of limited projects (merge request)
• Verify that mentioned user can read TODO's note (merge request)
• Invalidate markdown cache to clear up stored XSS (merge request)
• Allow rate limiting of deploy tokens (merge request)
• Add suffix to cache name to add isolation (merge request)
• Disable wiki access with CI_JOB_TOKEN when improper access level (merge request)
• Sanitize error input to prevent HTML/CSS injection in messages (merge request)
• Secure debug trace artifact download (merge request)
• Use password type for all secret integration properties (merge request)
• Limit CI job group_name regexp (merge request)

14.8.5 (2022-03-31)

Security (21 changes)

• Update to commonmarker 0.23.4 (merge request)
• Revert merge request approval groups behavior (merge request)
• Disallow login if password matches a fixed list (merge request)
• Update devise-two-factor to 4.0.2 (merge request)
• Limit the number of tags associated with a CI runner (merge request)
• GitLab Pages Security Updates for 14.9 (merge request)
• Upgrade swagger-ui dependency (merge request)
• Modify release link format check to avoid regex if string is too long (merge request)
• Masks variables in error messages (merge request)
• Escape user provided string to prevent XSS (merge request)
• Monkey patch of RDoc to prevent Ruby segfault (merge request)
• Project import maps members' created_by_id users based on source user ID (merge request)
• Redact InvalidURIError error messages (merge request)
• Fix access for approval rules API (merge request)
• Fix kroki exploit (merge request)
• Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
• Escape original content in reference redactor (merge request)
• Security fix for CI/CD analytics visibility (merge request)
• Latest commit exposed through fork of a private project (merge request)
• Fix Asana integration restricted branch filter (merge request)
• Revert "JH need more complex passwords" (merge request)

14.8.4 (2022-03-16)

Added (1 change)

• Detect and fix artifacts with backfilled expire_at (merge request)

Fixed (1 change)

• Pass issue ID to merge request creation form (merge request)

Changed (1 change)

• Enable feature flags to resume artifact removal on self-managed (merge request)

14.8.3 (2022-03-14)

Fixed (3 changes)

• Fix rake task to setup the Geo tracking database (merge request) GitLab Enterprise Edition
• Fix handling of resource iteration events when deleting a User (merge request) GitLab Enterprise Edition
• Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)

Changed (1 change)

• Remove runners token prefix feature flags (merge request)

14.8.2 (2022-02-25)

Security (8 changes)

• Limit commands_changes to certain keys (merge request)
• Add runners_token prefix to Group and Project (merge request)
• Anonymous user can enumerate all users through GraphQL endpoint (merge request)
• Check for unsafe characters in email addresses before sending (merge request)
• Warn when snippet contains unretrievable files (merge request)
• Prevent DOS when rendering math markdown (merge request)
• Check permission when creating members through service (merge request)
• Reset password field on page load (merge request)

14.8.1 (2022-02-23)

Fixed (3 changes)

• Allow assigning users with private profiles with quick-actions (merge request)
• Stop backup files from requiring directories to exist when skipped (merge request)
• Fix toolbar buttons in Markdown field (merge request)

14.8.0 (2022-02-21)

Added (134 changes)

• Add fields to PipelineSecurityReportFindingType (merge request) GitLab Enterprise Edition
• Add overage confirmation modal (merge request) GitLab Enterprise Edition
• Add custom tags to the Datadog integration by @AdrianLC (merge request)
• Save sort on querystring for vulnerability report (merge request) GitLab Enterprise Edition
• Pipeline and other fixes to community contribution (merge request)
• Allow broadcast messages to be targeted to the current user's role (merge request)
• Provide FF to project edit action (merge request) GitLab Enterprise Edition
• Stream audit events using audit event JSON (merge request) GitLab Enterprise Edition
• Add CI minutes usage charts to group usage quotas (merge request) GitLab Enterprise Edition
• Defaulted roadmap_settings to true (merge request)
• GraphQL: Expose token_expires_at property and sorting by @KyleFromKitware (merge request)
• Add scan method to dast site profile (merge request)
• Enable admin runner read-only runner view (merge request)
• Enable corpus management for self-managed installs (merge request) GitLab Enterprise Edition
• Fix(SM: Subscription): Refresh local state (merge request) GitLab Enterprise Edition
• Enable Service Usage data page by default (merge request)
• Exclude pending memberships from billable members count (merge request) GitLab Enterprise Edition
• Make granting of open-source license to public projects configurable (merge request)
• Enable prohibition of hex branch names (merge request)
• Add dependency_proxy_size to GraphQL type (merge request)
• Removed work_items_hierarchy feature flag (merge request)
• Add the ability to ban users in the Admin Area (merge request)
• Add "Delete" group button to the groups dashboard (merge request)
• Registry import enqueuer (merge request)
• Add crm system notes by @leetickett (merge request)
• Extend the GraphQL interface with securityTrainingUpdate mutation (merge request) GitLab Enterprise Edition
• Add alert metric image table and basic model (merge request)
• Add required approvals to Protected Environment settings (merge request) GitLab Enterprise Edition
• Add GEMNASIUM_LIBRARY_SCAN_ENABLED variable (merge request)
• Allow to list project group ancestors on REST API (merge request)
• Upgrade GitLab Pages to 1.54.0 (merge request)
• Add public_projects_count counter to topics by @wwwjon (merge request)
• Registry import observer worker (merge request)
• Add support for contacts autocompletion (merge request)
• Add the registry migration guard job (merge request)
• Save audit events for start/stop user impersonation to group level (merge request) GitLab Enterprise Edition
• Add ability to download Service Ping payload (merge request)
• Backfill route namespace_id for namespaces (merge request)
• Support position params in issue creation mutation (merge request)
• Add dependency proxy migrate rake task (merge request)
• Add script to track clicks for RF offer (merge request) GitLab Enterprise Edition
• Add owner_valid to Dast::ProfileScheduleType (merge request) GitLab Enterprise Edition
• Add deprecation notice to the Serverless UI (merge request)
• Add Project Access Tokens to credentials inventory (merge request) GitLab Enterprise Edition
• Copy contacts when moving an issue (merge request)
• Request deployment target info from users (merge request)
• Add utility method to add parameters to a URL (merge request)
• Enable invite member modal by default (merge request)
• Add GraphQL API endpoint access from primary to secondary Geo nodes (merge request) GitLab Enterprise Edition
• Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
• Add epic sort by last created or updated (merge request) GitLab Enterprise Edition
• Add simple multi select for when the number of (merge request) GitLab Enterprise Edition
• Cache shared runners enabled check (merge request)
• Implement fair queueing for LFK (merge request)
• Add max_batch_size to batched migrations table (merge request)
• Add setting to not display code diffs in MR review emails by @joe-snyder (merge request)
• Add attention requests to the MR list view (merge request)
• Add version column to the Agent listing page (merge request)
• Add owners array to webhook data (merge request)
• Enable searching for MRs by updated_at (merge request)
• Support "ecdsa-sk" and "ed25519-sk" SSH keys (merge request)
• Promote the trial_registrations_with_reassurance experiment (merge request) GitLab Enterprise Edition
• Record and publish application boot time (merge request)
• Add GraphQL create API for incident timeline events (merge request) GitLab Enterprise Edition
• Populate data for vulnerability_reads from vulnerabilities (merge request)
• Remove deployment_approvals feature flag (merge request) GitLab Enterprise Edition
• Added Qualys IaC Security template by @mbachhav (merge request)
• CI/CD analytics: Add metric tiles (merge request) GitLab Enterprise Edition
• Show KAS version on admin dashboard (merge request)
• Add validation to check if branches are valid for security policy (merge request) GitLab Enterprise Edition
• Add Container Registry migration notification APIs (merge request)
• Allow group maintainers to list provisioned users for a group (merge request) GitLab Enterprise Edition
• Upgrade GitLab Pages to 1.53.0 (merge request)
• Enable Configure with a MR button for Container Scanning (merge request) GitLab Enterprise Edition
• Enable json_limited_encoder ff by default (merge request)
• Add Blob#symlink? boolean method (merge request)
• Feat(SM: Subscription History): add future subscr (merge request) GitLab Enterprise Edition
• Remove extract_mr_diff_commit_deletions FF (merge request)
• Add enabling container-scanning for project with GraphQL (merge request) GitLab Enterprise Edition
• Add median to CI/CD lead time chart (merge request) GitLab Enterprise Edition
• Feat(SM: Subscription Activation): size + text GitLab Enterprise Edition
• Bump GitLab pages to 1.52.0 (merge request)
• Feat(SM: Subscription Activation): size + text (merge request) GitLab Enterprise Edition
• Remove vue_epics_list and legacy code (merge request) GitLab Enterprise Edition
• Add triggers to sync vulnerability_reads (merge request)
• Add ability to search for an escalation policy by name (merge request) GitLab Enterprise Edition
• Expose language field in GraphQL blob type (merge request)
• Adds mergeRequestInteraction to GraphQL MemberInterface type (merge request)
• Ask for feedback on the Agent listing page (merge request)
• Re-remove foreign keys on GitLab.com (merge request)
• Add Planning Hierarchy page (merge request)
• Enable Gitlab Shell rate limit by default (merge request)
• Enable bulk job tags insertion by default (merge request)
• GraphQL: Add jobs field to CiRunner (merge request)
• Add a GraphQL resolvers to get pipeline counts by scope (merge request)
• Pass custom slots from HelpPopover to GlPopover (merge request)
• Enable project owners to list their projects pending deletion by default (merge request) GitLab Enterprise Edition
• Hide ancestor groups in group invites (merge request)
• Track api usage of the jetbrains plugin (merge request)
• Indicate locked users in Admin Area users list (merge request)
• Add metric tile component (merge request)
• Support iteration search by cadence title (merge request) GitLab Enterprise Edition
• Add badge for invited user (merge request)
• Remove import_redis_increment_by feature flag (merge request)
• Submit ServicePing generation errors to Version app (merge request)
• Add mutation for updating user preferences (merge request)
• Add Graphql mutation to update timeline event (merge request) GitLab Enterprise Edition
• Log project export timings (merge request)
• Re-enable sanboxed mermaid FF with a fix (merge request)
• Redirect in-app trial users to the feature (merge request) GitLab Enterprise Edition
• Add more issue due_date filters to API by @leetickett (merge request)
• Add support for the gitlab container registry API (merge request)
• CI Runners: Support sorting by token_expires_at by @KyleFromKitware (merge request)
• Restrict JWT requests when importing repositories (merge request)
• Show deprecation notification in pipeline page (merge request)
• Allow project owners to list & restore their projects pending deletion (merge request) GitLab Enterprise Edition
• Allow merge requests to be sorted by title (merge request)
• Add everage to CI/CD deployment chart (merge request) GitLab Enterprise Edition
• Add improved readme content for all new projects (merge request)
• Adds dependency_proxy_size to namespace statistics (merge request)
• GraphQL: Add projects property to CiRunner type (merge request)
• Add identifier to VSA summary metrics (merge request)
• GraphQL: Add groups property to Runner type (merge request)
• Add verification header for streamed events (merge request)
• Hide issue contacts and quick actions by @leetickett (merge request)
• Update templates for repository size RF CTA (merge request) GitLab Enterprise Edition
• Adds dependency_proxy_size to root storage stats (merge request)
• CI Runners: Add token expiration field by @KyleFromKitware (merge request)
• Add state/province selector to trials (merge request) GitLab Enterprise Edition
• Add audit logging for runner registration (merge request) GitLab Enterprise Edition
• Support default templates for issues/MRs via .gitlab/ folders by @davebarr (merge request)
• Allow querying recent boards in a group or project (merge request)
• Add url_text column to issuable metric images (merge request)
• Add migration for backfilling project namespaces (merge request)

Fixed (168 changes)

• Allow specifying project name on importing an exported GitLab project by @zhzhang93 (merge request)
• Clean up wrong max_seats_used batch two (merge request)
• Fix Date::Error exception when viewing audit logs for an invalid date (merge request) GitLab Enterprise Edition
• Revert "Merge branch 'if-personal_project_owners' into 'master'" (merge request)
• Fix unit display for VSA charts (merge request) GitLab Enterprise Edition
• Added merge policy for design collection (merge request)
• Fix merge request tabs background leakage (merge request)
• Fix position when creating issue in issue boards (merge request)
• Delete issue contacts if project root changed by @leetickett (merge request)
• Revert user already exists to members API (merge request)
• Avoid exceptions from un-symbolizable job names (merge request)
• Block external fork mirrors (merge request)
• Allow testing of disabled hooks (merge request)
• Fix duplicate draft help text (merge request)
• Stop browser from caching learn gitlab (merge request) GitLab Enterprise Edition
• Add ref param to project level ci/lint by @thadc23 (merge request)
• Apply PJs styling to Pages DNS badge (merge request)
• Fix missing discussion_id in GitHub imports (merge request)
• Allows invite modal to re-invite single users (merge request)
• Add encoding for url params for board filtered search by @sstern (merge request)
• Handle Gitaly error on fetching total-branches for pipeline editor (merge request)
• Fix typo in Pull mirror verification (merge request) GitLab Enterprise Edition
• Allow to toggle requirements_access_level on REST API (merge request) GitLab Enterprise Edition
• Allow GC to run if deduplication service runs into an error (merge request)
• Render submit button only once in Pages settings (merge request)
• Update GitHub PRs Importer to force update repository (merge request)
• Use strong parameters for CompareController (merge request)
• Fix default sort for tags page (merge request)
• Update namespace statistics when project is destroyed (merge request)
• Don't rebase when the branch protected from force push (merge request)
• fix: Reintroduce top-level SAST_ANALYZER_IMAGE_TAG for SCS (merge request)
• Fix typo in Gitlab::Changelog::Release (merge request)
• Merge branch... (merge request)
• Fix corpus delete by updating corpus fetch (merge request) GitLab Enterprise Edition
• Return an error for an invalid ref_name (merge request)
• Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
• Fix layout issues for project tokens in credentials inventory (merge request) GitLab Enterprise Edition
• Use StrongParameters for ExtractsRef (merge request)
• Remove label hover state css override in right sidebars (merge request)
• Change minutes field to shared_runners_duration (merge request) GitLab Enterprise Edition
• Don't record the exception when the repository already exists (merge request)
• Allow sorting epics by created & updated dates (merge request) GitLab Enterprise Edition
• Use StrongParameters for ProjectsController (merge request)
• Reject reply by email to notification if the from email is not verified (merge request)
• Fix Typo in Protected Tags Settings by @Taucher2003 (merge request)
• Roadmap - Fix today indicator alignment (merge request) GitLab Enterprise Edition
• MacOS remove horizontal scroll in left navigation by @OmerFarukMerey (merge request) GitLab Enterprise Edition
• Remove secondary variant from agent modal cancel button (merge request)
• Add width and alt tag to image in trial flow second step (merge request)
• Fix provisioned_users API endpoint with full_path (merge request) GitLab Enterprise Edition
• Verify project id in API (merge request)
• Fix NoMethodError for calling modified_paths on nil pipeline (merge request)
• Introduce concept of parse errors for quick actions (merge request)
• Test the logical path rather than the real path (merge request)
• Fix merge requests page dark mode (merge request)
• Remove container-image: from location on the Dependency List (merge request) GitLab Enterprise Edition
• Remove dangling running entries from ci running builds table (merge request)
• Reject MIME parts with unsupported encoding (merge request)
• Drop legacy finished at in Deployment (merge request)
• Use strong_parameters for RefsController (merge request)
• Check for group confidential access in EpicsFinder (merge request) GitLab Enterprise Edition
• Allow searching of users using less than 3 chars (merge request)
• Fix label links in MR system notes (merge request)
• Epic boards - Hide toggled off Open column (merge request)
• Fix for rate lmiting test errrors (merge request) GitLab Enterprise Edition
• Catch GitLab::HTTP:ERRORS while streaming auditevents (merge request) GitLab Enterprise Edition
• Fix missing upvote/downvote counts on Epics list (merge request) GitLab Enterprise Edition
• Roadmap - Fix bar width for week layout (merge request) GitLab Enterprise Edition
• Improve dashboard projects blank state code (merge request)
• Fix how busy is displayed in group/project members list (merge request)
• Fix NoMethodError for RefsController (merge request)
• Merge stable Jobs/Deploy.gitlab-ci.yml into latest (merge request)
• Create specific CE display_public_email? user helper (merge request)
• REST: Fix scope of GET /projects/:id/runners endpoint (merge request)
• Validate that reference exists for atom format (merge request)
• Fix reverse tabnabbing vulnerability with improper URL protocol (merge request)
• Allow mergeability check when merge_status is already checking (merge request)
• Validate sort parameter for branches page and branches API (merge request)
• Fix deep linking into settings panels (merge request)
• Deduplicate findings by comparing the UUIDs (merge request) GitLab Enterprise Edition
• Fix Popen not always returning error code (merge request)
• REST: Follow shared runners setting (merge request)
• Fix spacing issue in the packages version details (merge request)
• REST: Fix scope of /groups/:id/runners?type endpoint (merge request)
• Add darkmode variant for black-normal color (merge request)
• Enable Zip64 support (merge request)
• Fix arrow that was overlapping button in Admin -> Users by @orozot (merge request)
• Fix search term case sensitivity for transfer namespace (merge request)
• Show underscores in branch name in merge request by @brcampbell1 (merge request)
• Fix editor browser modal when creating new MR (merge request)
• Fix NoMethodError when commit is missing (merge request)
• Fix incorrect render in JUnit merge UI with null or blank name value (merge request)
• Add id to user of ZentaoSerializers by @icbd GitLab Enterprise Edition
• Remove invalid groups from sharing in invite group modal
• Add id to user of ZentaoSerializers by @icbd (merge request) GitLab Enterprise Edition
• Remove invalid groups from sharing in invite group modal (merge request)
• Revert "Merge branch 'revert-b59c6630' into 'master'" (merge request)
• Geo: Mark object stored files verified (merge request) GitLab Enterprise Edition
• Fix exception when epic has no author (merge request)
• Use finding signatures in deduplication logic (merge request) GitLab Enterprise Edition
• Use strong parameters for CommitsController (merge request)
• Don't return 500 error for tags in atom format (merge request)
• Use strong_parameters for ForksController#index (merge request)
• Fix NoMethodError for empty changelog (merge request)
• Fix typo in RepositoryController#cleanup (merge request)
• Restrict pagination per_page possible values (merge request)
• Fix input parameter validation for tags controller (merge request)
• Fix NoMethodError for UnfoldPresenter (merge request)
• Deprecate and replace MR with approval rules metric (merge request) GitLab Enterprise Edition
• Sign out before redirecting to login page (merge request)
• Restore the lost success event handler for hiding the verification modal (merge request) GitLab Enterprise Edition
• Dedup Ci::RunnerProjects (merge request)
• Allow searching of users using less than 3 chars (merge request)
• Allow all users within a group to view all compliance frameworks (merge request) GitLab Enterprise Edition
• Sort vulnerability identifiers on ingestion to prevent Deadlock errors (merge request) GitLab Enterprise Edition
• Refactor issue move to not require group_id param (merge request)
• Pass URI to elasticsearch client instead of string (merge request) GitLab Enterprise Edition
• Add rouge-ruby Comment.Doc style support by @zsgsdesign (merge request)
• Fix long label overflow in the sidebar by @smortex (merge request)
• Fix hidden notifications dropdown on smaller screens (merge request)
• Change epic list payload variable to uppercase by @orozot (merge request) GitLab Enterprise Edition
• Change trials_link_url name to callouts_trials_link_url by @orozot (merge request) GitLab Enterprise Edition
• Only call the resolved service if we resolve all the active notes (merge request)
• Gracefully handle unexpected severities in code quality report (merge request)
• Ensure mergeability check runs on specific cases (merge request)
• Re-align "Register" and "Cancel" buttons in Agent installation modal (merge request)
• Geo: Fix verification failures of remote stored files (merge request) GitLab Enterprise Edition
• Update project export job status upon failure (merge request)
• GitLab Version - CE Admin Dashboard (merge request)
• Ensure git url validation is always performed (merge request)
• Bump default auto-deploy-image to 2.18.1 (merge request)
• Set class name for the proxy ingestion tasks (merge request) GitLab Enterprise Edition
• Show issuable reference title in milestone description by @wwwjon (merge request)
• Prevent Group API N+1 loading group plans (merge request) GitLab Enterprise Edition
• Fix issue sticky header doesn't align left in fluid layout (merge request)
• Enable ci_order_subsequent_jobs_by_stage by default (merge request)
• Exempt bot users for groups from license seat usage by @fh1ch (merge request) GitLab Enterprise Edition
• Fix incorrect max_seats_used values (merge request)
• Fix the primary button on KAS installation modal (merge request)
• Fix typo in message (merge request)
• Fix broken references when previewing SP payload (merge request)
• Use Bitbucket repo description over project description when importing by @nicosullivan (merge request)
• Guard create issue button in boards against submitting spaces by @sstern (merge request)
• Replace offsetTop with getBoundingClientRect for roadmap_setting panel by @orozot (merge request)
• Fix import/export not checking upload result (merge request)
• Update resolved_on_default_branch attribute in batches (merge request) GitLab Enterprise Edition
• Add missing Git authentication support for group level bot build tokens by @fh1ch (merge request)
• Update Project.updated_at if other timestamps change by @wwwjon (merge request)
• Remove project loads for dast profiles policy checks (merge request) GitLab Enterprise Edition
• Do not require credit card validation when it is present (merge request) GitLab Enterprise Edition
• Fix CI instance variable cache misses (merge request)
• Fix cluster integration HTTP adapter (merge request)
• Clear childrenEpic state when changing roadmap sort order by @espadav8 (merge request) GitLab Enterprise Edition
• Prevent compliance pipelines from overwriting child pipelines (merge request) GitLab Enterprise Edition
• Fix selection summary not showing on vulnerability report (merge request) GitLab Enterprise Edition
• Fix runner count when tabs are used (merge request)
• fix: Fix incorrect il8n referenece for Vulnerability Dismissal (merge request) GitLab Enterprise Edition
• Allow strings and nested arrays of strings for before/after script by @guillaume.chauvel (merge request)
• Extract MergeRequestDiffCommit deletions (merge request)
• Reject MIME parts with unsupported encoding (merge request)
• Add user's preferred language to cache key of MR title partial (merge request)
• Transition abuse_reports_controller spec by @leetickett (merge request)
• Calculate location fingerprint by signature for findings if available (merge request) GitLab Enterprise Edition
• Extend Google Cloud Storage max transfer timeout to 60 minutes (merge request)
• Add spacing for pipeline editor alert close button (merge request)
• Fix check for valid custom pages domains by @mlegner (merge request)
• Add missing tooltip and aria-label for commit description toggle by @nicosullivan (merge request)
• Users who can read project can read bot names (merge request)

Changed (216 changes)

• Use GlAvatar in env dashboard project header (merge request) GitLab Enterprise Edition
• Remove legacy license compliance approval_status (merge request) GitLab Enterprise Edition
• Allow setting feature flag for a single namespace (merge request)
• No-coverage lines more prominent than covered lines by @MMSandal (merge request)
• Global Search - Optimize SearchContext (merge request)
• Geo: Job Artifacts replication using SSF (merge request)
• Update to Puma 5.6.2 (merge request)
• Handle invalid URL for DAST Site Profile (merge request)
• Use system-err if no failure/error message was given in JUnit output by @jdyl (merge request)
• Use pagination for vulnerability report (merge request) GitLab Enterprise Edition
• Handle invalid URL for DAST Site Profile (merge request)
• Handle invalid URL for DAST Site Profile (merge request)
• Updated the docs to include new agent information (merge request)
• Fixed constant wording for clearer understanding (merge request) GitLab Enterprise Edition
• Remove feature flag for the container registry Google CDN feature (merge request)
• Add jobs template for Dependency Scanning and License Scanning (merge request)
• Replicate integrations indices for type_new (merge request)
• Add missing translations (merge request) GitLab Enterprise Edition
• Replace the bitbucket import modal with a GlModal (merge request)
• Update status icons for requirements (merge request) GitLab Enterprise Edition
• Bump cluster management project template for 14.8 (merge request)
• Remove dast_sharded_cloned_ci_builds feature flag (merge request) GitLab Enterprise Edition
• Switch to GlTabs for markdown header component (merge request)
• Link by commit and name for pipeline (merge request)
• Add approvers when editing scan result policies (merge request) GitLab Enterprise Edition
• Move findings deletion into a worker (merge request) GitLab Enterprise Edition
• Replace window.confirm with GlModa in deployment actions (merge request)
• Modify upload license error language (merge request) GitLab Enterprise Edition
• Make integrations type_new trigger null-safe (merge request)
• Default on :cluster_vulnerabilities feature flag (merge request)
• Improve UI message for unfinished pipelines (merge request)
• Drop temporary index on vulnerability_occurrences (merge request)
• Change file input on upload license page to a dropzone (merge request) GitLab Enterprise Edition
• Allow offline cloud license upload (merge request) GitLab Enterprise Edition
• Improve UI text of group settings page (merge request)
• Edit UI text to comply with standards (merge request)
• Show default value in squash and merge commit template textareas by @trakos (merge request)
• Treat API requests from the frontend as web traffic in the rate limiter (merge request)
• Update KAS to v14.8.1 (merge request)
• Put feature flag for reading from finding_evidence (merge request) GitLab Enterprise Edition
• Remove the border from the signub box on the trial registration page (merge request) GitLab Enterprise Edition
• Upgrade CI images to Debian bullseye (merge request)
• Update confirmation button variant and label (merge request)
• Limit on-demand scans tabs counts (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to 13.23.2 (merge request)
• Geo Sites - Filter by Search (merge request) GitLab Enterprise Edition
• Add feature flag toggle for elastic migration worker (merge request) GitLab Enterprise Edition
• Add a memory report link in the Performance Bar (merge request)
• Add vue js fork confirmation modal (merge request)
• Jira create branch: Alert when lacking permissions (merge request)
• Replace window.confirm with GlModa in pipeline manual actions (merge request)
• Exclude guests being billable for ultimate trials (merge request) GitLab Enterprise Edition
• Add message for user count overage (merge request) GitLab Enterprise Edition
• Refactor NamespaceStatistics into CE (merge request)
• Remove limited class from global_alert (merge request)
• Changed the deployment target option (merge request)
• Remove ci_skip_require_credit_card_for_addon_ci_minutes feature flag (merge request)
• Make rate limiting of /users/:id configurable (merge request)
• Use better colors for activity calendar in darkmode (merge request)
• Convert timestamps to utc in license usage export (merge request) GitLab Enterprise Edition
• Update copy for API Security in DAST (merge request)
• Exclude pending_destruction packages when creating one (merge request)
• Set danger variant and label to leave group (merge request)
• Clean up Create Branch from Jira form (merge request)
• Improve retry tooltip for failed pipeline (merge request)
• Deprecate custom geo:db:* rake tasks in favor of built-in tasks (merge request) GitLab Enterprise Edition
• Make squash/rebase failed messages better (merge request)
• Enable storage purchase via GitLab by default (merge request)
• Remove early_prepare_for_mergeability feature flag (merge request)
• Add tooltip to project variables in CI/CD settings (merge request)
• feat: Bump major security-code-scan sast version for 15.0 (merge request)
• Add link to group pipeline usage quota (merge request)
• Update auto-build-image to v1.5.0 (merge request)
• Update Go to version 1.17.6, workhorse (merge request)
• Simplify CI_DEPLOY_FREEZE conditions in Auto DevOps (merge request)
• Replace window.confirm with GlModal for noteable notes delete and edit (merge request)
• Add severity level to compliance violations table (merge request)
• Move VSA metrics to shared analytics (merge request) GitLab Enterprise Edition
• Remove redundant index_epic_issues_on_epic_id (merge request)
• Remove vue_integration_form feature flag (merge request)
• Remove enable_ci_variable_caching feature flag (merge request)
• Improve the project deletion UI text (merge request)
• Improve copy on Slack app delete project modal (merge request) GitLab Enterprise Edition
• Improve delete webhook modal copy (merge request)
• Change protected branches selector internals (merge request) GitLab Enterprise Edition
• Alias wip* methods to -> draft* (merge request)
• Remove new_route_ci_minutes_purchase feature flag (merge request)
• Remove WIP support from commits (merge request)
• Add tooltips for pipeline icons (merge request)
• Hide None & Any token wildcards (merge request) GitLab Enterprise Edition
• Give immediate feedback when awarding an issuable by @KevSlashNull (merge request)
• Remove WIP support from Merge Requests (merge request)
• Undo filter milestones dropdown in boards by state by @sstern (merge request)
• Fix Kubernetes Agent label capitalization (merge request)
• Add quickSuggestions to Pipeline Editor (merge request)
• Update bitbucket logo (merge request)
• Update Atlassian logo (merge request)
• Update Twitter logo (merge request)
• Update Facebook logo (merge request)
• Remove github_importer_use_diff_note_with_suggestions feature flag (merge request)
• Error on delete tag when importing repository (merge request)
• Treat API requests from the frontend as web traffic in the rate limiter (merge request)
• Enable jobs tab vue by default (merge request)
• Update Auth0 logo (merge request)
• Hide user cap alert if viewing pending members (merge request) GitLab Enterprise Edition
• Geo Sites - Filter By Status (merge request) GitLab Enterprise Edition
• Add indeterminate state to select all checkbox on vulnerability report (merge request) GitLab Enterprise Edition
• Update to ruby-magic v0.5.4 (merge request)
• Add combined registration to trial registration flow (merge request)
• Update rubyzip gem to v2.3.2 (merge request)
• Don't notify Sentry about PreReceiveErrors (merge request)
• Show disabled CI action icon when unauthorized (merge request)
• Enable the pipelines table redesign by default (merge request)
• Change settings copy (merge request)
• Edit UI text of project permissions (merge request)
• Add instrumentation class to by-stage-secure metrics (merge request) GitLab Enterprise Edition
• Return pretty error validation messages for Security Policy (merge request) GitLab Enterprise Edition
• Hide search bar when registry is empty by @KevSlashNull (merge request)
• Bump Gitlab Shell version (merge request)
• Update styling of date range indicator (merge request)
• Show error message for permissions (merge request)
• Show error message for permissions
• Change contact details for support (merge request)
• Skip redundant checks for runners already scoped to a project (merge request)
• Swap FK ci_pipelines to projects for LFK (merge request)
• Reorganize Kubernetes clusters action button menu (merge request)
• feat(badge): Migrate diff LFS badge to glbadge (merge request)
• Enable linear roots in UpdateAllMirrorsWorker (merge request) GitLab Enterprise Edition
• Default enable issue_boards_filtered_search by @sstern (merge request)
• Add confirmation modal for merge (merge request)
• Update navigation badge to pajamas styling (merge request)
• Allow developers to read Kubernetes clusters (merge request)
• Enable security_report_ingestion_framework FF by default (merge request) GitLab Enterprise Edition
• Add text for all branches (merge request) GitLab Enterprise Edition
• Swap FK ci_pipeline_schedules to projects for LFK (merge request)
• Content for hand raise leads (merge request) GitLab Enterprise Edition
• Improve UI text for style compliance (merge request)
• Swap FK ci_builds to projects for LFK (merge request)
• Packages list sort by Published and store pref (merge request)
• Remove projects that are marked for deletion from UI (merge request)
• Swap FK ci_sources_projects to projects for LFK (merge request)
• Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
• Add alert after Slack application is installed (merge request) GitLab Enterprise Edition
• Swap FK ci_runner_projects to projects for LFK (merge request)
• Swap FK ci_job_artifacts to projects for LFK (merge request)
• Update UI for MR pipeline rename (merge request)
• Swap FK vulnerability_feedback to ci_pipelines for LFK (merge request)
• Only fetch namespaces if search value changes (merge request)
• Add error code to project export command status log (merge request)
• Swap FK dast_site_profiles_pipelines to ci_pipelines for LFK (merge request)
• Add compatibility alert to Jira Connect App (merge request)
• Swap FK ci_subscriptions_projects to projects for LFK (merge request)
• Replace window.confirm with GlModal for noteable discussions (merge request)
• Replace window.confirm with GlModal for board setting sidebar (merge request)
• Swap FK ci_project_monthly_usages to projects for LFK (merge request)
• Add IDE preview success metrics (merge request)
• Swap FK ci_stages to projects for LFK (merge request)
• Improve UI text for style compliance (merge request) GitLab Enterprise Edition
• Replace window.confirm with GlModal for repository index (merge request)
• Hide subs expiration banner before eligible (merge request) GitLab Enterprise Edition
• Remove export_reduce_relation_batch_size feature flag (merge request)
• Update runner registration token reset modal (merge request)
• Swap FK ci_pipelines to merge_requests for LFK (merge request)
• Swap FK ci_job_token_project_scope_links to projects for LFK (merge request)
• Add Cluster Image Scanning to AutoDevOps (merge request)
• Update iteration dropdowns in sidebars/board list (merge request) GitLab Enterprise Edition
• Add unit test for trials_link_url by @orozot (merge request) GitLab Enterprise Edition
• Refactor hello_deferred path to jh_else_ce by @orozot (merge request)
• Extract callout content trails link to variable by @orozot (merge request) GitLab Enterprise Edition
• Boards - Fix top elements alignment (merge request)
• Swap FK ci_refs to projects for LFK (merge request)
• Swap FK ci_sources_pipelines to projects for LFK (merge request)
• Hide user avatar for blocked and unconfirmed users (merge request)
• Swap FK ci_builds_metadata to projects for LFK (merge request)
• Improve OmniAuth sign in description by @scootergrisen (merge request)
• Swap FK ci_variables to projects for LFK (merge request)
• Swap FK ci_subscriptions_projects to projects for LFK (merge request)
• Swap FK ci_triggers to projects for LFK (merge request)
• Swap FK external_pull_requests to projects for LFK (merge request)
• Add Pajamas badge for diverged from upstream (merge request)
• Refactor system notes for alerts and incidents for consistentcy (merge request)
• Improve explanation for Advanced Project settings (merge request)
• Handle path not found without throwing, accept array as path (merge request)
• Add scan result policy into policy editor (merge request) GitLab Enterprise Edition
• Use gl-badge for web IDE activity bar (merge request)
• Geo Sites - NA Verification Help (merge request) GitLab Enterprise Edition
• Disable sync for offline cloud licenses (merge request) GitLab Enterprise Edition
• Geo Sites - Update replication button (merge request) GitLab Enterprise Edition
• Geo Forms - Fix Buttons (merge request) GitLab Enterprise Edition
• VSA metrics: Only render decimal places for floats (merge request)
• Swap FK vulnerability_statistics to ci_pipelines for LFK (merge request)
• Remove instructions to install Agent if KAS is not set up (merge request)
• Update iteration changed notification format (merge request) GitLab Enterprise Edition
• Lowercased runner because it's referring to agent (merge request)
• Keep branch when going to Pipeline Editor through nav (merge request)
• Swap FK vulnerability_occurrence_pipelines to ci_pipelines for LFK (merge request)
• Swap FK dast_profiles_pipelines to ci_pipelines for LFK (merge request)
• Limit the length of generated anchor URL for markdown headers (merge request)
• Treat API requests from the frontend as web traffic in the rate limiter (merge request)
• Handle members who are existing hierarchy members (merge request) GitLab Enterprise Edition
• Fix empty line to contain two values (merge request) GitLab Enterprise Edition
• Swap FK merge_trains to ci_pipelines for LFK (merge request)
• Add Pajamas complient "whats new" badge (merge request)
• Swap FK ci_triggers to users for LFK (merge request)
• Extract container registry page common component by @orozot (merge request)
• Update secret detection template to be more robust (merge request)
• Remove feature flag for auto-linking LFS objects in forks (merge request)
• Enable ci_skip_require_credit_card_for_addon_ci_minutes by default (merge request)
• Loosen rule to detect cyclical pipelines (merge request)
• Swap FK merge_requests to ci_pipelines for LFK (merge request)
• Swap FK ci_sources_pipelines to projects for LFK (merge request)
• Remove summary from Finding Evidence (merge request)
• Geo UI - Rename Nodes to Sites (merge request) GitLab Enterprise Edition
• Remove FF custom_preloader_for_deployments (merge request)
• Update group#shared_externally to include projects (merge request) GitLab Enterprise Edition
• Improve the labels on Kubernetes Agent UI (merge request)

Deprecated (12 changes)

• Add warning for deprecation notice on logs page (merge request)
• feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates (merge request)
• Require auto-deploy use_kube_context to be present (merge request)
• Change merged_by deprecation to breaking change (merge request)
• Deprecate /groups/:id/runners?type=project_type (merge request)
• REST API: Deprecate active/paused values in status filters (merge request)
• GraphQL: Deprecate active field in RunnerUpdateInput (merge request)
• REST API: Deprecate ‘active’ property for Runners (merge request)
• GraphQL: Deprecate active field for RunnerType (merge request)
• GraphQL: Deprecate active filter for Runners resolver (merge request)
• Deprecate Runner API maintainer_note (merge request)
• Deprecate Gitlab Shell's self_signed_cert setting (merge request)

Removed (21 changes)

• Remove deprecated CanMutateSpammable (merge request)
• Remove unused partial remove_approver (merge request)
• git: Stop calling Gitaly's Cleanup RPC (merge request)
• Remove the billing in side nav experiment (merge request) GitLab Enterprise Edition
• Remove unique index (merge request)
• rake/info: Stop reporting Git version (merge request)
• system_check: Remove Git version check (merge request)
• system_check: Remove Git configuration check (merge request)
• Remove unused WIP regex (merge request)
• Remove the loose_foreign_key_cleanup FF (merge request)
• Remove feature flag (merge request)
• Remove security_finding_build_disable_joins feature flag (merge request)
• Remove vulnerability_history feature flag (merge request)
• Remove instance_security_dashboard feature flag (merge request)
• Remove all code related to Gitlab::RequestProfile (merge request)
• Remove duplicate data_category: entry (merge request)
• Remove paid feature callout badge (merge request)
• Disable sandboxed_mermaid feature flag (merge request)
• Remove incident labeled metric (merge request)
• Drop position column from security_findings table (merge request)
• Remove username suggestion for trial registration (merge request) GitLab Enterprise Edition

Security (8 changes)

• Upgrade to Rails v6.1.4.6 (merge request)
• Fixes typo on pipeline model
• Add Gitlab::BufferedIo with header read timeout (merge request)
• Ignore spoofable Reply-To address in Service Desk (merge request)
• Enable Secure attribute for frontend cookies (merge request)
• Block recursive webhooks (merge request)
• Sanitize link markup for vulnerability chat messages (merge request) GitLab Enterprise Edition
• Adding a conditional to prevent an unauthorized route (merge request)

Performance (17 changes)

• Refactor building project secret variables (merge request)
• Enable branches API rate limit cache (merge request)
• Enable caching on tags API (merge request)
• Enable JSON limited encoder (merge request)
• Enable repository API rate limit cache (merge request)
• Enable caching on merge requests API (merge request)
• Enable Grape/Gitlab::Json hook (merge request)
• Add partial index for active Cluster Image Scanning vulnerabilities (merge request)
• Reduce Redis calls for instance level variables (merge request)
• Optimize User#ci_owned_runners query (merge request)
• Add compound index for vulnerabilities table on project_id and id (merge request)
• Cache CI expire_in parsing (merge request)
• Speed up project exports by moving the archive to the cache dir (merge request)
• Fix cross join query for Ci::Runner#projects (merge request)
• Remove ci_preload_runner_tags feature flag (merge request)
• Optimize decryption of CI variables (merge request)
• Improve Sidekiq jobs that use DB load balancing (merge request)

Other (66 changes)

• Revert "Merge branch 'role-targeted-broadcast' into 'master'" (merge request)
• Add foreign key to ci_builds runner_id (merge request)
• Fix Style/OpenStructUse offenses for import service and spec helpers by @edith007 (merge request)
• Remove new_route_storage_purchase feature flag (merge request)
• Fix Style/OpenStructUse offenses in project cluster_controller_spec by @edith007 (merge request)
• Fix Style/OpenStructUse offenses in project clusters_spec by @edith007 (merge request)
• Fix Style/OpenStructUse offenses in group cluster controller specs by @edith007 (merge request)
• Backfill CI queuing tables (merge request)
• Mentioned breaking change label in contribution guide (merge request)
• Migration for deleting service template records by @lenikadali (merge request)
• Make starrers sort dropdown Pajamas-compliant (merge request)
• Remove track_application_boot_time FF (merge request)
• Add statistics card component with tests (merge request) GitLab Enterprise Edition
• Moving gitlab_loose_foreign_key to config/ directory by @edith007 (merge request)
• Remove Geo proxying metrics feature flag (merge request) GitLab Enterprise Edition
• Update comment for ActiveModel::Serializers::JSON in presenter by @edith007 (merge request)
• Truncate before vulnerability link index creation (merge request)
• Remove the FF ci_find_runners_by_ci_mirrors (merge request)
• Remove ::Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
• Remove Gitlab::Utils::StrongMemoize inclusion as it's duplicate by @edith007 (merge request)
• Add documentation links to Merge Request settings page (merge request)
• Remove FF ci_order_subsequent_jobs_by_stage (merge request)
• Remove the packages_installable_package_files feature flag (merge request)
• Update badge in accessibility issue body (merge request)
• Unify image pin style for diffs/design management (merge request)
• Cleanup after variables builder (merge request)
• Update external authorization docs (merge request)
• Cleanup PopulateTestReportsIssueId background migration jobs (merge request)
• Set type of Web IDE commit button to submit by @tchandelle (merge request)
• Remove redundant index on clusters_kubernetes_namespaces (merge request)
• Fix Rails/SaveBang offenses by @edith007
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Finalize backfilling ci mirror tables (merge request)
• Delete tributejs for autocomplete (merge request)
• Remove feature flags for configuring object store files deletion (merge request)
• Fixes OpenStruct use in design_management specs by @mehulsharma (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Remove FF ci_namespace_project_mirrors (merge request)
• Remove ci_runner_projects_disable_joins feature flag (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Update seat_usage references (merge request) GitLab Enterprise Edition
• Add World.prepend_mod to allow JH override by @chaomao (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Fix OpenStruct use in metadata_extraction_service by @mehulsharma (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Remove feature flag ff_external_audit_events_namespace by @davebarr (merge request) GitLab Enterprise Edition
• Add gl-pr-3 to top_nav_menu_item to account for chevron (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove ci_decompose_for_namespace_monthly_usage_query feature flag (merge request)
• Fix RSpec/TimecopFreeze offenses (Part 1/2) by @KevSlashNull (merge request)
• Fix display of times in access and deploy token table by @edith007 (merge request)
• Fix GraphQL/OrderedArguments offense (Part 4/6) by @KevSlashNull (merge request)
• Fix GraphQL/FieldDefinitions offense (Part 1/4) by @KevSlashNull (merge request)
• Update missing branch widget text to include branch name (merge request)
• Revert frontend API rate limits change (merge request)
• Separate deployments creation from pipeline job creation (merge request)
• Move the merge train helper icon to near the merge button (merge request)
• Reschedule migration for self-managed (merge request) GitLab Enterprise Edition
• Remove unnecessary index on cluster_agent_tokens (merge request)
• Remove net-ssh, ed25519, and bcrypt_pbkdf gems from dependencies (merge request)
• Update GitLab Runner Helm Chart to 0.37.1 (merge request)
• Update GitLab Runner Helm Chart to 0.37.0 (merge request)
• Use ssh_data gem instead of net-ssh and sshkey where possible (merge request)
• Remove feature flag already default enabled (merge request) GitLab Enterprise Edition

14.7.7 (2022-03-31)

Security (21 changes)

• Update to commonmarker 0.23.4 (merge request)
• Revert merge request approval groups behavior (merge request)
• Disallow login if password matches a fixed list (merge request)
• Update devise-two-factor to 4.0.2 (merge request)
• Limit the number of tags associated with a CI runner (merge request)
• GitLab Pages Security Updates for 14.9 (merge request)
• Upgrade swagger-ui dependency (merge request)
• Modify release link format check to avoid regex if string is too long (merge request)
• Masks variables in error messages (merge request)
• Escape user provided string to prevent XSS (merge request)
• Monkey patch of RDoc to prevent Ruby segfault (merge request)
• Project import maps members' created_by_id users based on source user ID (merge request)
• Redact InvalidURIError error messages (merge request)
• Fix access for approval rules API (merge request)
• Fix kroki exploit (merge request)
• Fix blind SSRF when looking up SSH host keys for mirroring (merge request)
• Escape original content in reference redactor (merge request)
• Security fix for CI/CD analytics visibility (merge request)
• Latest commit exposed through fork of a private project (merge request)
• Fix Asana integration restricted branch filter (merge request)
• Revert "JH need more complex passwords" (merge request)

14.7.6 (2022-03-24)

Added (1 change)

• Detect and fix artifacts with backfilled expire_at (merge request)

Changed (2 changes)

• Enable feature flags to resume artifact removal on self-managed (merge request)
• Remove runners token prefix feature flags (merge request)

14.7.5 (2022-03-09)

Fixed (1 change)

• Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)

Other (1 change)

• Change to truncate table before adding finding_link_url_idx (merge request)

14.7.4 (2022-02-25)

Security (8 changes)

• Limit commands_changes to certain keys (merge request)
• Add runners_token prefix to Group and Project (merge request)
• Anonymous user can enumerate all users through GraphQL endpoint (merge request)
• Check for unsafe characters in email addresses before sending (merge request)
• Warn when snippet contains unretrievable files (merge request)
• Prevent DOS when rendering math markdown (merge request)
• Check permission when creating members through service (merge request)
• Reset password field on page load (merge request)

14.7.3 (2022-02-15)

Fixed (2 changes)

• Update GitHub PRs Importer to force update repository (merge request)
• Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition

Changed (1 change)

• Properly exclude pending_destruction packages when creating one (merge request)

14.7.2 (2022-02-08)

Added (1 change)

• Allow self-hosted instances to render same-origin Iframe (merge request)

Fixed (4 changes)

• Geo: Fix reverify object stored files (merge request) GitLab Enterprise Edition
• Geo: Fix verification failures of remote stored files (merge request) GitLab Enterprise Edition
• GitLab Version - CE Admin Dashboard [RUN ALL RSPEC] [RUN AS-IF-FOSS] (merge request)
• Fix cluster integration HTTP adapter (merge request)

Changed (1 change)

• Update to ruby-magic v0.5.4 (merge request)

Removed (1 change)

• Disable sandboxed_mermaid feature flag by default (merge request)

14.7.1 (2022-02-03)

Security

See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/

14.7.0 (2022-01-21)

Added (84 changes)

• Add verification before namespace creation (merge request)
• Add GraphQL mutation to destroy timeline events (merge request) GitLab Enterprise Edition
• ApplicationSetting: Add runner_token_expiration_interval field by @KyleFromKitware (merge request)
• Rate limit Gitlab Shell operations (merge request)
• Add Delete button to label edit view (merge request)
• Enable autocomplete on cadence iteration create/edit pages by @espadav8 (merge request) GitLab Enterprise Edition
• Extend GraphQL API interface with securityTrainingProviders field (merge request) GitLab Enterprise Edition
• Hierarchy page to show work items (merge request)
• Add group level access token UI by @fh1ch (merge request)
• Remove ci_archived_build_trace_checksum feature flag (merge request)
• Add scan result policies into the policy (merge request) GitLab Enterprise Edition
• Enable logging when recursive webhook detected (merge request)
• Enable sandboxed_mermaid feature flag (merge request)
• Feat(SM Subscription History): trim table size (merge request) GitLab Enterprise Edition
• Add subsidized cost factor for Open Source plan (merge request) GitLab Enterprise Edition
• Remove expired agent activity events as new events are created (merge request)
• Add docs for pages domain rate-limits (merge request)
• Add a temporary index for Member.state (merge request)
• Adding Secure Files data model and file uploader (merge request)
• Expose internal_url setting for Geo secondaries (merge request) GitLab Enterprise Edition
• Add the draft argument to GraphQL MergeRequestsResolver (merge request)
• Send a rejection email if incoming emails are too large (merge request)
• Clean up escalations after changing incident proj (merge request) GitLab Enterprise Edition
• Support default templates for issues/MRs via .gitlab/ folders by @davebarr (merge request)
• Add link to the self-managed trial flow from SaaS trial signup (merge request) GitLab Enterprise Edition
• feat: Bump Code-Quality image to 0.85.26 (merge request)
• Allow issue contacts from parent groups by @leetickett (merge request)
• Allow to wrap inline code in other marks (merge request)
• Registration features info for ip restriction (merge request) GitLab Enterprise Edition
• Add approve button on pending members table (merge request) GitLab Enterprise Edition
• Upgrade GitLab Pages to 1.51.0 (merge request)
• Indicate locked users in Admin Area (merge request)
• Include the project name VSA stage records (merge request) GitLab Enterprise Edition
• Accept maintainer_note in REST runner registration (merge request)
• Enforce unique contact email for group hierarchy by @leetickett (merge request)
• Add maintainer_note field to CI runners table (merge request)
• GitLab Version - Help Dropdown Version (merge request)
• Add support for backing up Packages (merge request)
• Allow to configure log level of Gitlab:Logger (by env variable) by @wwwjon (merge request)
• REST API: add field merge_user to MR response by @trakos (merge request)
• Add index for selecting active agent tokens (merge request)
• Add vulnerabilityFindingDismiss GraphQL mutation (merge request) GitLab Enterprise Edition
• Enable filtering agent tokens by status (merge request)
• Add customer relations group setting by @leetickett (merge request)
• Add namespace_id reference to routes (merge request)
• Add scan result policy into policy list (merge request) GitLab Enterprise Edition
• Add package managers api paths to details type (merge request)
• Adds API feature configuring default mr target (merge request)
• Enable autocomplete features on iteration forms by @espadav8 (merge request) GitLab Enterprise Edition
• Add editAdminUrl to Runner GraphQL API (merge request)
• Expose iteration ordinal number via APIs (merge request) GitLab Enterprise Edition
• Add enable and disable advanced search rake tasks (merge request) GitLab Enterprise Edition
• Allow to hide personalization questions on New Group page by @wwwjon (merge request)
• Registration features info for sending emails (merge request) GitLab Enterprise Edition
• Add Group Access Token API endpoints by @fh1ch (merge request)
• GraphQL: Add count property to RunnerType’s connection (merge request)
• Add GraphQL mutation to revoke an agent token (merge request)
• Schedule recalculating UUID for all Vulnerabilities::Finding records (merge request)
• Add migration to enqueue background worker (merge request)
• Add createdAt to Runner GraphQL API (merge request)
• Add search and sorting to tags (merge request)
• Update gitlab-omniauth-openid-connect gem to support ECSDA keys (merge request)
• Remove dependency proxy feature flag (merge request)
• Upgrade GitLab Pages to 1.50.0 (merge request)
• Add HTTP status to LFS push client error messages (merge request)
• Add group crm settings by @leetickett (merge request)
• Add co_authored_by to merge commit templates by @trakos (merge request)
• Allow filtering epics by author_username and not[author_username] by @espadav8 (merge request) GitLab Enterprise Edition
• Add ref_path to PipelineType by @genctys (merge request)
• Allow LDAP failover by @sathieu (merge request)
• Add Backup and Restore tasks for Terraform States (merge request)
• Handle syncing alert escalation status to incident (merge request)
• Added possibility to remove agent from UI (merge request)
• Add "Scan library" tab (merge request) GitLab Enterprise Edition
• Enable github_importer_use_diff_note_with_suggestions by default (merge request)
• Rename projects set for delayed deletion (merge request)
• Add unique userid count for Geo proxied requests (merge request) GitLab Enterprise Edition
• Add rate limiting for user email lookup (merge request)
• Export Project LFS Objects as part of GitLab Migration (merge request)
• Add GraphQL query to retrieve timeline events (merge request) GitLab Enterprise Edition
• Limit Sidekiq push_bulk to a maximum of 1000 jobs in one go by default (merge request)
• Add revoked status to cluster agent tokens (merge request)
• Allow passing in an epic parent_id when updating epics by @espadav8 (merge request) GitLab Enterprise Edition
• Add database.flavor to usage data (merge request)

Fixed (98 changes)

• Fix copying/pasting images in the Content Editor (merge request)
• Fix security dashboard showing wrong count for more than 100 projects (merge request) GitLab Enterprise Edition
• Fix default emaildomain when creating RAT users by @cruelsmith (merge request)
• Show blocked status label in deployments view (merge request) GitLab Enterprise Edition
• Dependency proxy settings are built on access (merge request)
• Allow git protocol to be used for repository imports (merge request)
• Show "Issues" menu when Jira issues is enabled (merge request) GitLab Enterprise Edition
• Order child epics in roadmap by configured sort order by @espadav8 (merge request) GitLab Enterprise Edition
• Fix disabled style for mirror settings field (merge request)
• Destroy trace chunks and data when deleting pipelines (merge request)
• Fix authorized_groups to include sub groups as well by @wwwjon (merge request)
• Fix margin for submit button with captcha (merge request)
• Migrate Epics tabs to Vue (merge request) GitLab Enterprise Edition
• Fix N+1 issue when associating DAST profiles and CI Builds (merge request) GitLab Enterprise Edition
• Geo: Fix undefined separate_verification_state_table? (merge request) GitLab Enterprise Edition
• Error Tracking: Fix collecting errors for golang by @bastianccm (merge request)
• Notify admins 15 days prior to license expiration (merge request) GitLab Enterprise Edition
• Fix auditor user able to bulk select vulns on vulnerability report (merge request) GitLab Enterprise Edition
• Fix autoscroll to comments on issues (merge request)
• Strip + reference format from HTML links (merge request)
• Allow developers to fork into group (merge request)
• Use normal font weight and border for 'Subscribe' buttons by @KevSlashNull (merge request)
• Improve visibility radio option text on new project page (merge request)
• Fix schema registration in the pipeline editor (merge request)
• Boards - Fix weight assigned to wrong card (merge request) GitLab Enterprise Edition
• Remove unnecessary CSS in VSA (merge request)
• Fix shift after VSA path load (merge request)
• Fix Incident sidebar on issue boards (merge request)
• Always autofill group slug (merge request)
• Update excon to v0.90.0 (merge request)
• Format issue list counts (merge request)
• Ignore multiple <code> when syntax highlighting (merge request)
• Waive credit card validation if project has paid CI/CD minutes (merge request) GitLab Enterprise Edition
• Fix toggle code block button in Content Editor (merge request)
• Use the same email validation for User and Email (merge request)
• Expose new monthIso8601 GraphQL option to fix CI minutes usage sorting by @davebarr (merge request)
• Improve ReadTotalTimeout to start with reading (merge request)
• Update excon gem to v0.89.0 (merge request)
• Fix infinite loop in Content Editor codeblocks (merge request)
• Only show owners & admins CI minutes purchase notifications (merge request) GitLab Enterprise Edition
• Restric access to crm to reporter+ by @leetickett (merge request)
• Fix destruction of projects with pipelines (merge request)
• Fix invalid raw_metadata being persisted (merge request)
• Disable copy-code button for mermaid diagrams (merge request)
• Return 401 when using invalid tokens in oauth/token/info (merge request)
• Fix the text on Kubenetes Agent modal (merge request)
• Add patch for WikiCloth Lua vulnerability (merge request)
• Notify admins 15 days prior to license expiration (merge request) GitLab Enterprise Edition
• Fix image comment note submission (merge request)
• Fix last update time for project in group page by @orozot (merge request)
• Fix missing autosave support in Epic create form (merge request) GitLab Enterprise Edition
• Remove menu when is not possible to delete (merge request)
• Correctly pass instance in EDITOR_READY_EVENT (merge request)
• Merge/squash commit templates: avoid breaking Git trailers by @trakos (merge request)
• Prevent design discussions without login (merge request)
• Remove cluster image scanning dropdown item from scanner filter (merge request) GitLab Enterprise Edition
• Fix hook log path for service hooks (merge request)
• Fix pipeline schedule resets to UTC on edit by @JonstonChan (merge request)
• Use correct namespace method (merge request)
• Re-add EachBatch include for failed_verification_timeouts (merge request) GitLab Enterprise Edition
• Fix Sidekiq reporting to Sentry outside of job contexts (merge request)
• Fix sticky filters not working on vulnerability report (merge request) GitLab Enterprise Edition
• Fix Kubernetes Agent Link on Project page (merge request)
• Externalize strings for translation in todos (merge request)
• Update Rails to v6.1.4.4 (merge request)
• Fix input group text border color (merge request)
• Match address of host when checking whether to login (merge request) GitLab Enterprise Edition
• Improve LFS client performance and fix compatibility with Azure DevOps (merge request)
• Do not fail report ingestion if there is an invalid finding (merge request) GitLab Enterprise Edition
• Update acme-client to v2.0.9 (merge request)
• Update rouge gem version (merge request)
• Adjust bottom margin for loose markdown lists (merge request)
• Remove running build entries when calling doom on a build (merge request)
• Fix migration for cases with empty strings (merge request)
• Fix 500 errors when renaming projects with underscores (merge request)
• Geo: adapt verification timed out query to use state table (merge request) GitLab Enterprise Edition
• Allow admins to foce confirm emails (merge request)
• Ignore new line differences when deciding whether to squash MR by @trakos (merge request)
• Fix re-use of extensions between instances (merge request)
• Fix nil actor errors in Sentry API handler (merge request)
• Removes the dismiss button from the pipeline header alert (merge request)
• Call dependency proxy cleanup workers in purge (merge request)
• Add Auth0, JWT, and Shibboleth to list of providers with icons (merge request)
• Fix Prometheus endpoint to return created alerts (merge request)
• Make time track help state top margin consistent (merge request)
• Validate against duplicates in job needs (merge request)
• Fix MergeRequest's MergeUser for non-MWPS merges in GraphQL API by @trakos (merge request)
• Align roadmap quarters to calendar quarters by @espadav8 (merge request) GitLab Enterprise Edition
• checks: Fix revalidation of preexisting commits (merge request)
• Fix project import from remote to import from S3 (merge request)
• Mark vulnerabilities as not resolved on default branch on ingestion (merge request) GitLab Enterprise Edition
• Skip updating vulnerability statistics if there are no new records (merge request) GitLab Enterprise Edition
• Remove legacy pages config updates (merge request)
• Do not check SSO session for git operations originating from CI/CD jobs (merge request) GitLab Enterprise Edition
• MR Documentation suggestions by @lzampier (merge request)
• Drop reindexing leftovers only if exclusive lease is granted (merge request)
• Fix import project from gitlab.com error by @orozot (merge request)
• Fix filename overflowing modal when importing by @KevSlashNull (merge request)

Changed (135 changes)

• Change hashing algorithm in webpack (merge request)
• Swap FK ci_pipeline_artifacts to projects for LFK (merge request)
• Remove permitted_attributes_for_import_export feature flag (merge request)
• Do not add a failed build todo before auto-retry (merge request)
• Redesign new policy form (merge request) GitLab Enterprise Edition
• Labels widget - focus first item on search (merge request)
• Add shared runner tab to group CI/CD analytics (merge request) GitLab Enterprise Edition
• Update sort name from Last updated to Updated date (merge request)
• Warn when mention all users in a group (merge request)
• Check for removed external issues before creation (merge request) GitLab Enterprise Edition
• Replace Member created state with active (merge request)
• Polish Slack application edit page UI (merge request) GitLab Enterprise Edition
• Enable feature flag bulk_expire_project_artifacts (merge request)
• Make pipeline badges Pajamas-complient (merge request)
• Format email code blocks and code blocks in emails by @smokris (merge request)
• Geo Sites - Icon Actions (merge request) GitLab Enterprise Edition
• Geo - Rename routes from Nodes to Sites (merge request) GitLab Enterprise Edition
• Cleanup after AddPrimaryEmailToEmailsIfUserConfirmed (merge request)
• Change default shallow clone depth to 20 (merge request)
• Update webhook badges to pajamas (merge request)
• Update button text to expand all files (merge request)
• Ignnore Finding Evidence summary column (merge request) GitLab Enterprise Edition
• Add LFK ci_daily_build_group_report_results to projects (merge request)
• Enable by default the feature flag to track Geo proxy events (merge request) GitLab Enterprise Edition
• Update on-demand scans breadcrumbs (merge request) GitLab Enterprise Edition
• Change pipeline page layout to fluid (merge request)
• Default to fluid layout for the pipeline editor (merge request)
• Skip failed builds (merge request) GitLab Enterprise Edition
• Redirect to on-demand scan form after editing a DAST profile (merge request) GitLab Enterprise Edition
• Conditionally disable group user cap enablement (merge request) GitLab Enterprise Edition
• Use normalized license data in csv export (merge request) GitLab Enterprise Edition
• Enable vue-router in package registry (merge request)
• Replace window.confirm with GlModal for registration token reset (merge request)
• Enable packages_installable_package_files by default (merge request)
• Labels widget - focus first item on search (merge request)
• Increase exclusive lease timeout (merge request) GitLab Enterprise Edition
• Add offline, stale count to runner admins section (merge request)
• Enable trial onboarding flow for other sources (merge request) GitLab Enterprise Edition
• Add member_namespace_id to members table (merge request)
• Convert trial lead creation form to Vue (merge request) GitLab Enterprise Edition
• Update approval settings to toast on success (merge request) GitLab Enterprise Edition
• Format total count of runners in tabs by locale (merge request)
• Updated Group/Project home panel ID copy-on-click by @stingrayza (merge request)
• Update MR head pipeline when pipeline event is published (merge request)
• Removes FK for ci_pipeline_schedules to users (merge request)
• Removes FK for ci_job_token_project_scope_links to users (merge request)
• Swap FK ci_build_report_results to projects for LFK (merge request)
• Swap FK ci_resource_groups to projects for LFK (merge request)
• Swap FK ci_freeze_periods to projects for LFK (merge request)
• Add LFK ci_unit_tests to projects on project_id (merge request)
• Enable new rich text/source toggle in self-managed (merge request)
• Nullify project_namespace_id reference (merge request)
• Geo Nodes Form - Object Storage Beta Badge (merge request) GitLab Enterprise Edition
• Update total count of runners for each type (merge request)
• Clean up add GitLab to Slack app (merge request) GitLab Enterprise Edition
• Fix help text for checkboxes on integrations form (merge request)
• Encrypt static_object_token_encrypted field via background migration (merge request)
• Migrate enable Gitpod confirmation modal to GlModal (merge request)
• Allow skipping CI when rebasing in UI by @KevSlashNull (merge request)
• Update Nokogiri to v1.12.5 (merge request)
• Use badges for branches/tags in commit page (merge request)
• Update DAST On-demand scan template (merge request) GitLab Enterprise Edition
• Update secret-detection git log command (merge request)
• Add validation for new_user_signups_cap enabling (merge request) GitLab Enterprise Edition
• Update upload a license file docs (merge request) GitLab Enterprise Edition
• Reposition and restyle integration reset button (merge request)
• Add merge trains copy to ff merge (merge request)
• Remove carat from dropdown button (merge request)
• Convert OAuth2 authorization panel to GitLab UI utility classes (merge request)
• Translate settings string in user preferences (merge request)
• Replaced browser confirm modal with GlModal for lock button (merge request) GitLab Enterprise Edition
• Enable linear versions in GroupDescendantsFinder (merge request)
• Create Deployments in Separate Transaction (merge request)
• Improve UI text of external authentication (merge request)
• Update search badges to pajamas (merge request)
• Switch from confirm to default (merge request)
• Improve UI text of group webhooks page (merge request)
• Refactor admin labels to use shared HAML partial (merge request)
• Update flash alerts of Admin Runner UI (merge request)
• Sort followed users events by id desc (merge request)
• GitLab Version - Update Version Status Indicator (merge request)
• Prevent raising validation errors for SyncDashboardsWorker (merge request)
• Update snippet search badge to use pajamas (merge request)
• Improve outbound requests settings UI text (merge request)
• Remove Geo pages verification feature flag (merge request) GitLab Enterprise Edition
• Geo: Verify LFS objects (merge request) GitLab Enterprise Edition
• Add support for user_id, group_id and group_path (merge request) GitLab Enterprise Edition
• Remove log_import_export_relation_creation feature flag (merge request)
• Remove feature flag optimize_merge_request_parser (merge request)
• Update look and feel of runner heading (merge request)
• Move the Runner edit page to an /edit path (merge request)
• User linear version UserGroupNotificationSettingsFinder#execute (merge request)
• Refactored sidebar jobs details container badge (merge request)
• Remove deployments_archive feature flag (merge request)
• Update Coverage-Fuzzing yml and use last package file in corpus (merge request) GitLab Enterprise Edition
• Make strings in user preferences translatable (merge request)
• Deprecate plaintext field static_objects_external_storage_auth_token (merge request)
• Add createAlert as alternative to createFlash (merge request)
• Increase icon size for categories in emoji picker (merge request)
• Update acts-as-taggable-on gem version (merge request)
• Refactored Badges on environment items (merge request)
• Update nuget version regex (merge request)
• Remove commit templates variable placeholders from settings by @trakos (merge request)
• Externalize strings for translation on dashboard (merge request)
• Make strings in top nav translatable (merge request) GitLab Enterprise Edition
• Fail remote mirror if LFS sync fails (merge request)
• Update Azure storage Gem dependencies (merge request)
• Add Pajamas-complient badge for runners (merge request)
• Translate labels in user main settings (merge request)
• Allow hidden pacakge files to be downloaded (merge request)
• Externalize strings for translation user's chat settings (merge request)
• Use "never contacted" wording in runner's frontend (merge request)
• Rename routes for project services (merge request)
• Update button variant and category (merge request)
• Alter phone constraint bigger by @memorycancel (merge request)
• Set feature flag lfs_auto_link_fork_source to true by default (merge request)
• Registration Flow - Don't pre-select role by @tarunvelli (merge request)
• Remove find_tag_via_gitaly feature flag (merge request)
• Adjusts Member awaiting scope to be distinct (merge request) GitLab Enterprise Edition
• Add fail flag to pipeline trigger examples (merge request)
• Release Geo: Treat missing blobs as sync failed (merge request) GitLab Enterprise Edition
• Delete events in batches when project is destroyed (merge request)
• Add limitation warning for permission export (merge request) GitLab Enterprise Edition
• Change texts about credit card verification (merge request) GitLab Enterprise Edition
• Treat API requests from the frontend as web traffic in the rate limiter (merge request)
• Restyle "hints" on appearance settings by @KevSlashNull (merge request)
• Do not show participants invisible to the user (merge request)
• Use connects_to to connect to the Geo tracking DB (merge request) GitLab Enterprise Edition
• Add CI_JOB_JWT_V2 with iss and aud format changes (merge request)
• Migrate the visibility change confirmation to vue (merge request)
• Drop jira_use_first_ref_by_oid feature flag (merge request)
• Update button variant to confirm (merge request)
• Remove OAuth paths from protected paths rate limit (merge request)
• Add vulnerability_states for scan_result_policies (merge request) GitLab Enterprise Edition
• Add toggle method to control use_minimum_char_limit by @orozot (merge request)

Removed (13 changes)

• Remove feedback link in discover security point (merge request) GitLab Enterprise Edition
• Revert "Merge branch 'rajat/work-hierarchy' into 'master'" (merge request)
• Remove cached_mr_widget feature flag (merge request)
• Remove automatic addition of incident label (merge request)
• Delete paginatable_namespace_drop_down_for_project_creation FF (merge request)
• Remove redis MultiStore implementation (merge request)
• Remove "Saved scans" tab from DAST configuration (merge request) GitLab Enterprise Edition
• Remove EXMOD experiment documentation (merge request)
• Remove delete_branch_confirmation_modals feature flag (merge request)
• Remove problematic query from obselete open environment in diff feature (merge request)
• Remove LooseIndexScanDistinctCount class (merge request)
• Delete vue_issuables_list feature flag (merge request)
• Remove vulnerability_location_image_filter feature flag (merge request)

Security (4 changes)

• Upgrade mermaid js library (merge request)
• Rate limit /users/sign_up (merge request)
• Rate limit update username action (merge request)
• Enforce rate limit per IP on /users/:username/exists (merge request)

Performance (12 changes)

• Avoid extra Sidekiq jobs for expiring CI etags (merge request)
• Optimize query for issue neighbors (merge request)
• Improve on-demand scans polling performances (merge request) GitLab Enterprise Edition
• Remove ci_decompose_belonging_to_parent_group feature flag (merge request)
• Optimize protected branches/tags matching (merge request)
• Add index for resolving timeouts on environments page (merge request)
• Inline diff line rendering (merge request)
• Utilize C version of CommonMark renderer (merge request)
• Improve epic swimlanes query performance for group board (merge request) GitLab Enterprise Edition
• Fix slow events query for followed users (merge request)
• Read running builds from denormalized table upon assignment (merge request)
• Introduce an optimized labels query on group transfer (merge request)

Other (68 changes)

• Geo: Verify uploads (merge request) GitLab Enterprise Edition
• Add columns in prep of registry import (merge request)
• Remove ci_running_builds FK to projects (merge request)
• Remove scim_token_vue feature flag (merge request)
• Remove FK security_scans.build_id as we have LFK (merge request)
• Add backfill migrations for ci namespace/project mirrors (merge request)
• Add package file cleanup jobs (merge request)
• Remove ci_store_trace_outside_transaction feature flag (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove FK dast_scanner_profiles_builds.ci_build_id as we have LFK (merge request)
• Remove FK requirements_management_test_reports.build_id as we have LFK (merge request)
• Remove FK dast_site_profiles_builds.ci_build_id as we have LFK (merge request)
• Fix GraphQL/FieldDefinitions offense (Part 3/4) by @KevSlashNull (merge request)
• Fix GraphQL/ArgumentName offense by @KevSlashNull (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
• Remove alllow database cross join from runner_matchers (merge request)
• Remove opt_in_sidekiq_status feature flag (merge request)
• chore: Mark previous Recalculation background migrations as succeeded (merge request)
• Limit subscription page container to 990px (merge request) GitLab Enterprise Edition
• Improve SSH key format validation (merge request)
• Remove admin_deploy_keys_vue feature flag (merge request)
• Remove hide_access_tokens feature flag (merge request)
• Remove show.html.erb as Rails 5 now supports nonce-based CSP headers by @edith007 (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Remove ci_pending_builds FK to projects (merge request)
• Truncate ci_namespace_mirrors and ci_project_mirrors (merge request)
• Remove feature flag multiple_gpg_signatures (merge request)
• Backfill TestReports issue_id column (merge request)
• Fix Style/OpenStructUse offenses for users and package specs by @edith007 (merge request)
• Fix Style/OpenStructUse offense for Gitlab::Database::Migrations::Runner by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Pass formats explicitly when rendering .html file by @edith007 (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Pass formats explicitly when rendering kerberos error by @edith007 (merge request) GitLab Enterprise Edition
• Fix Style/OpenStructUse offenses in gitlab_controller_spec by @edith007 (merge request)
• Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
• Adjust license upload page style (merge request) GitLab Enterprise Edition
• Pass formats explicitly when rendering html by @edith007 (merge request)
• Remove index_merge_requests_on_title index from merge_requests table by @edith007 (merge request)
• Improve 'Add an SSH key' page (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove "show_relevant_approval_rule_approvers" feature flag (merge request)
• Cleanup pipeline logger feature flags (merge request)
• Remove the dast_view_scans feature flag (merge request) GitLab Enterprise Edition
• Refactor all the specs to use :integration rather than :service by @edith007 (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove foreign key constraint ci_runner_namespaces.namespace_id (merge request)
• Remove foreign key ci_daily_build_group_report_results.group_id (merge request)
• Deprecate agent token deletion mutation (merge request)
• Use an enum for agent token statuses (merge request)
• Remove foreign key ci_pending_builds.namespace_id (merge request)
• Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
• Raise custom errors when backup creation fails (merge request)
• Pass formats explicitly when rendering .md file by @edith007 (merge request) GitLab Enterprise Edition
• Use design system badges for project domains (merge request)
• Add package file status attribute (merge request)
• Remove foreign key ci_minutes_additional_packs.namespace_id (merge request)
• Remove foreign key ci_group_variables.group_id as we have loose fK (merge request)
• Remove feature flag ff_limit_ssh_key_lifetime (merge request)
• Cleanup after DropInvalidSecurityFindings migration (merge request)
• Remove foreign key project_pages_metadata.ci_job_artifacts (merge request)
• Update GitLab Runner Helm Chart to 0.36.0 (merge request)
• Fix GraphQL/OrderedArguments offense (Part 3/6) by @KevSlashNull (merge request)
• Pass formats explicitly when rendering .html format by @edith007 (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition

14.6.7 (2022-03-31)

Changed (1 change)

• Remove runners token prefix feature flags (merge request)

14.6.6 (2022-03-01)

Fixed (3 changes)

• Ensure cleanup job artifacts task does not include pipeline artifacts (merge request)
• Fix Geo checksummable check failing when file is nil (merge request) GitLab Enterprise Edition
• Resolve "Imports fail in 14.5.2 fail with HTTParty::UnsupportedURIScheme error" (merge request)

14.6.5 (2022-02-25)

Security (8 changes)

• Limit commands_changes to certain keys (merge request)
• Add runners_token prefix to Group and Project (merge request)
• Anonymous user can enumerate all users through GraphQL endpoint (merge request)
• Check for unsafe characters in email addresses before sending (merge request)
• Warn when snippet contains unretrievable files (merge request)
• Prevent DOS when rendering math markdown (merge request)
• Check permission when creating members through service (merge request)
• Reset password field on page load (merge request)

14.6.4 (2022-02-03)

Security

See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/

14.6.3 (2022-01-18)

Fixed (4 changes)

• Fix destruction of projects with pipelines (merge request)
• Geo: Resolve "undefined method each_batch" (merge request) GitLab Enterprise Edition
• Fix migration for cases with empty strings (merge request)
• Geo: adapt verification timed out query to use state table (merge request) GitLab Enterprise Edition

14.6.2 (2022-01-10)

No changes.

14.6.1 (2022-01-04)

Fixed (2 changes)

• Ignore new line differences when deciding whether to squash MR (merge request)
• Fix re-use of extensions between instances (merge request)

14.6.0 (2021-12-21)

Added (76 changes)

• Create table to store merge request compliance violations (merge request)
• Upgrade GitLab Pages to 1.49.0 (merge request)
• Add create crm organization component by @leetickett (merge request)
• Registration features info for setting repo size (merge request) GitLab Enterprise Edition
• Log structured message when LFS object is auto-linked from parent (merge request)
• Enable display_outdated_line_diff by default (merge request)
• Default enable webauthn feature flag by @kingjan1999 (merge request)
• Update return type for previousStageJobsOrNeeds (merge request)
• Add support for Rel-License microformat (merge request)
• Add error alerts and badge for webhooks (merge request)
• Add alert for rate limited webhooks (merge request)
• Expose iid in pipelines api (merge request)
• Implement separate status for bulk imports (merge request)
• Include parent_iid and parent link in epic responses by @espadav8 (merge request) GitLab Enterprise Edition
• Add ClusterImageScanningType to VulnerabilitiesResolver (merge request) GitLab Enterprise Edition
• Add ability to retry scans from on-demand scans list (merge request) GitLab Enterprise Edition
• Add ability to cancel on-demand scans (merge request) GitLab Enterprise Edition
• Add Geo proxied/local events service ping (merge request) GitLab Enterprise Edition
• Allow use of when and rules (merge request)
• Add Workhorse metrics for secondary proxy requests (merge request) GitLab Enterprise Edition
• Delete project events before the project (merge request)
• Capture job executor value in ci_runners table (merge request)
• Add markdown support for Vulnerability Description (merge request) GitLab Enterprise Edition
• ADd deprecation warning for group import/export (merge request)
• Add sticky header to group migration table (merge request)
• Add a total number of jobs run by a runner (merge request)
• GraphQL: Allow filtering runners by active status (merge request)
• Log an activity event when an Agent connects (merge request)
• Added tracking events for the validation errors (merge request)
• Add handling for pending incident escalations (merge request) GitLab Enterprise Edition
• Add future_subscriptions column (merge request)
• Create data model for Deployment Approvals (merge request)
• Add event streaming metrics (merge request) GitLab Enterprise Edition
• Enable bulk delete in tags list (merge request)
• Encrypt plaintext static_objects_external_storage_auth_token (merge request)
• Enable SSH key lifetime settings by default (merge request) GitLab Enterprise Edition
• Adds graphql markdown field for Vulnerability Description (merge request) GitLab Enterprise Edition
• Add first_commit and first_multiline_commit to commit template by @trakos (merge request)
• Add the "Scheduled" tab to the on-demand scans page (merge request) GitLab Enterprise Edition
• Add index snippets on project_id and title (merge request)
• Put vuln finding link ingest behind feature flag (merge request)
• Add stale runners filters and badge (merge request)
• Add feature to limit the lifetime of SSH keys (merge request)
• Add Task work item type to the database (merge request)
• Remove importer usage ping feature flag (merge request)
• Enable FF multiple_gpg_signatures (merge request)
• Fixed sign-in via LDAP when a user cap is set (merge request) GitLab Enterprise Edition
• Support expanded reference formats for URLs (merge request)
• Create vulnerability read model (merge request)
• Execute build hooks on pending status (merge request)
• Include Last Activity in User Permissions CSV export (merge request) GitLab Enterprise Edition
• Introduce API to transfer groups to a new parent group (merge request)
• Added Snowplow events to the Clusters page (merge request)
• Return job failure reason in API responses by @albertvaka (merge request)
• Add project CI CD tab tracking (merge request)
• Add incident_management_timeline_events table (merge request)
• Set CS_DEFAULT_BRANCH_IMAGE in Auto DevOps template (merge request)
• Add confidential filter to board list in GraphQL (merge request)
• Add canCurrentUserPushToBranch permission (merge request)
• Use Keyset pagination for Groups API by default (merge request)
• Add GraphQL type and resolver for agent activity events (merge request)
• Create default squash commit message using customizable template by @trakos (merge request)
• Display issue crm contacts in UI by @leetickett (merge request)
• Create a note when replied to the email creating the service desk issue (merge request)
• Update Member entity to expose member state (merge request) GitLab Enterprise Edition
• Remove tag limit feature flag (merge request)
• Migrate remaining U2fRegistrations to WebauthnRegistrations (merge request)
• Create agent_activity_events table for storing Agent activity (merge request)
• Invite members for tasks (merge request)
• Add issue customer relations contacts quick actions by @leetickett (merge request)
• Allow board issue filtering by iteration cadence ID in GraphQL (merge request) GitLab Enterprise Edition
• Make invite members in quick menu permanent (merge request)
• Partition pruning for the web_hook_logs table (merge request)
• Moved user cap worker logic to User (merge request) GitLab Enterprise Edition
• Validate batched migration jobs (merge request)
• Track created_at on CI minutes records (merge request)

Fixed (93 changes)

• Fix foreign key and index names in ci_sources_pipelines (merge request)
• Strip leading and trailing whitespace from user's name (merge request)
• Ensure all scanners are translated in alerts (merge request)
• Fixed cache_key ids by @akumar1503 (merge request)
• Fix N+1 problem for system notes metadata association (merge request)
• Fix updating emails for group notifications (merge request)
• Handle nil services error in external pipeline validation (merge request)
• Fix expose status in Runners API (merge request)
• Fix N+1 problem for notes association (merge request)
• Copy auth field objects when serializing values (merge request) GitLab Enterprise Edition
• Update gitlab-markup gem to 1.8.0 (merge request)
• Expose finished_at in job details JSON by @KevSlashNull (merge request)
• Fix OlderDeploymentsDropService drops manual deployments (merge request)
• Unescape and sanitize protected tag name on create and update (merge request)
• Gracefully handle bad dependency scanner input (merge request) GitLab Enterprise Edition
• Fix CI/CD settings available when CI/CD is off by @KevSlashNull (merge request)
• Add new line to code nav popover (merge request)
• Error Tracking: Allow event payload to contain null bytes (merge request)
• Only trigger housekeeping once per push (merge request)
• Link existing LFS objects from parent fork during uploads (merge request)
• Fix SMIME signed email sending, do not overwrite Content-Disposition by @bufferoverflow (merge request)
• GithubImporter: Fallback to LegacyDiffNote when DiffNote fails (merge request)
• Fixed NoMethodError on import from GitHub Enterprise on RFC1918 IP by @colinbarr (merge request)
• Fix issue sidebar keyboard shortcuts (merge request)
• Fix 'Erase job log' button is misleading by @KevSlashNull (merge request)
• Generate human readable message on duplicate dotenv variables (merge request)
• Optimize query for issue neighbors (merge request)
• Fix commit sha being used instead of tag for tagged pipelines (merge request)
• Ensure Jira users and labels have id attribute (merge request) GitLab Enterprise Edition
• Present pipeline coverage in pipeline API entity as string (merge request)
• Fix user list selection is not in sync with UI by @KevSlashNull (merge request)
• Fix schedule ID is show on schedule edit page by @KevSlashNull (merge request)
• Use additional headers for matching service desk email (merge request)
• Fix vulnerability report tab querystring removed when filters changed (merge request) GitLab Enterprise Edition
• Fix occasional failure when updating labels from sidebar (merge request)
• Fix wrong end date in query for contributions (merge request)
• Copy manual variables when retrying job (merge request)
• Fix some private contributions being hidden on the contribution calendar by @eggerd (merge request)
• Fix permissions for label promotion via API (merge request)
• Fix serverity and alert sidebar edit button style by @orozot (merge request)
• Pass current_user when rendering Markdown in email (merge request)
• Fix infinite loop on saml login of a blocked user (merge request)
• Add ci_status.scss for commit piplines page by @orozot (merge request)
• Fix button variant in maintenance mode settings by @KevSlashNull (merge request)
• Fix epic date changes without user input (merge request)
• Fix cut off focus ring in commit container by @KevSlashNull (merge request)
• Add patch for WikiCloth (merge request)
• Fix pride flag emoji rendering (merge request)
• Fix order in monthly events boundary query (merge request)
• Do not run service discovery for DB load balancing for rake tasks (merge request)
• Ensure current user and variables are updated when playing a job (merge request)
• Allow creating a group access token for a group with SSO enforcement (merge request) GitLab Enterprise Edition
• Fixes pending note avatar size in diff view (merge request)
• Fix link to docs in the "Transfer Group" section by @gizero (merge request)
• Fix Wiki Pipeline network error if wiki does not exist (merge request)
• Fix for hexadecimal branch deletion (merge request)
• Fix column order in jobs tab in the pipelines details page (merge request)
• Fix import from remote object storage documentation (merge request)
• Fix Gitlab Pages deployment wrong if a project has a public folder by @sodepr (merge request)
• Catch YAML errors when parsing security policies (merge request) GitLab Enterprise Edition
• Fix Debian Sources file name by @sathieu (merge request)
• Fix the SSL_CERT_DIR logging on git operations (merge request)
• Fix cross database transaction when blocking users (merge request)
• Support Action Cable on GCP Memorystore (merge request)
• Update dependency proxy copy and help text (merge request)
• Only display user bio for confirmed and active users (merge request)
• Heartbeat runner only for specific job-context requests (merge request)
• Sort months of the CI minutes chart app (merge request) GitLab Enterprise Edition
• Fix broken project creation without import sources (merge request)
• Do not try to auto-complete vulnerabilities if the user is nil (merge request) GitLab Enterprise Edition
• Do not show primary email as secondary email in admin view (merge request) GitLab Enterprise Edition
• Ensure coverage approval rule sync is successful (merge request) GitLab Enterprise Edition
• Fix Sidekiq sleep time for jobs that use replicas (merge request)
• Fix border spacing on multi-line comments (merge request) GitLab Enterprise Edition
• Add retries to github importer on client errors (merge request)
• Update dotNET-Core.gitlab-ci.yml template image by @softis-software (merge request)
• Fix wrong default branch imported with Bitbucket Server (merge request)
• Upgrading ipynbdiff to 0.3.8 (merge request)
• Allow to create issues by email when it contains only quotes (merge request)
• Grant permissions for oauth users based on scopes (merge request)
• Fix security report schema validation logic (merge request) GitLab Enterprise Edition
• Fix docs error in NuGet API by @wwwjon (merge request)
• Allow uploading up to 10 files (merge request)
• Fix issue and MR exports to support NOT filters (merge request)
• Create missing /root/.gnupg dir in Scala.gitlab-ci.yml by @carlosrogue (merge request)
• Don't try to generate url for an finding records (merge request) GitLab Enterprise Edition
• Use gpg --recv-keys instead of curl in Scala.gitlab-ci.yml by @carlosrogue (merge request)
• Error Tracking: Support exceptions from Python's repl (merge request)
• Move VSA stage options to footer (merge request) GitLab Enterprise Edition
• Fix discussions filter not working (merge request)
• Remove deprecated apt-key usage on Scala.gitlab-ci.yml by @carlosrogue (merge request)
• Fix display of times in access and deploy token table by @edith007 (merge request)
• Add emoji aliases for :) and :( (merge request)

Changed (95 changes)

• Use linear version GroupsWithTemplatesFinder#extended_group_search (merge request) GitLab Enterprise Edition
• Add Pajamas badge for pipelines license tab (merge request) GitLab Enterprise Edition
• Add copy issue URL button to vulnerability error message (merge request) GitLab Enterprise Edition
• Make badge in admin/users/_access_levels.html.haml Pajamas compliant (merge request)
• Update badges for ci builds to use helper (merge request)
• Update project runner badges to pajamas (merge request)
• Removes all ci_optimize_project_records_destruction ff (merge request)
• Update user signups cap to allow values greater than licensed user count (merge request) GitLab Enterprise Edition
• Make use of the project data served by Rails (merge request)
• Remove Analytics menu item from unlicensed EE (merge request) GitLab Enterprise Edition
• Geo: Treat missing files as sync failures (merge request) GitLab Enterprise Edition
• Remove FF avoid_cross_joins_environments_in_self_and_descendants (merge request)
• Remove cached_mr_title feature flag (merge request)
• Update cluster badge to pajamas (merge request)
• Hide user avatar for blocked and unconfirmed users (merge request)
• Order jobs returned desc (merge request)
• Enhance the sidebar to use gl-link focus styling (merge request)
• Default improved_container_scan_matching to true (merge request)
• Add Pajamas-complient protected tags badge (merge request)
• Split up yaml and humanized policy previews (merge request) GitLab Enterprise Edition
• Use finding_evidence over raw_metadata (merge request) GitLab Enterprise Edition
• When dependency proxy is disabled remove the menu (merge request)
• Clean up clone_job_variables_at_job_retry (merge request)
• Remove branches_pagination_without_count FF (merge request)
• Enable deployments_archive feature flag by default (merge request)
• Migrate auto-devops setting to GlBadge abstraction (merge request)
• Geo - Use Rails 6 many databases support (merge request) GitLab Enterprise Edition
• Tanuki Emoji: switch fallback emoji to Noto Emoji (merge request)
• Display tag messages with line endings by @KevSlashNull (merge request)
• Migrate badges to be compliant with the Pajamas design system (merge request)
• Merge feature flags related to new CI minutes tracking (merge request) GitLab Enterprise Edition
• Add loose foreign key for Terraform state versions (merge request)
• Remove load_balancing_for_update_all_mirrors_worker FF (merge request)
• Separate CI minutes notification levels between new and legacy (merge request) GitLab Enterprise Edition
• Allow external Spamcheck API key to be blank (merge request)
• Migrate badges in Admin -> Groups -> Show (merge request)
• Migrate badge in Group -> CI/CD -> Auto DevOps (merge request)
• Migrate badge component in the admin -> projects area (merge request)
• Fix: web ide text color in dark theme by @orozot (merge request)
• Make DORA data visible for admins (merge request)
• Improve runner deletion modal (merge request)
• Handle query timeouts better (merge request)
• Add cleanup migration for BackfillUserNamespace (merge request)
• Modify pending member approval endpoint (merge request) GitLab Enterprise Edition
• Use confirm variant for 'New requirement' button by @KevSlashNull (merge request) GitLab Enterprise Edition
• Add title with the file name to file_row component by @ruben.meza (merge request)
• Enable linear version User#membership_groups (merge request)
• UI text updates in new OAuth applications view (merge request)
• Change job duration label to 'Elapsed time' when in progress by @KevSlashNull (merge request)
• Add link for failed pipelines (merge request)
• Pipelines show full job names by @albertvaka (merge request)
• Cleanup unaccessible todos when user leaves public project (merge request)
• Add space between columns in runner table (merge request)
• Fixed an event for focus (merge request)
• Remove feature flag create_vulnerabilities_via_api (merge request)
• Adapt to size changes when displaying tooltips (merge request)
• Rework markdown footnote processing (merge request)
• Add Helm-chart storage limits to API and UI by @mlegner (merge request)
• Default jira_use_first_ref_by_oid feature flag to true (merge request)
• Remove chevron for menu button (merge request)
• Change icon to review-list (merge request)
• Expose failed import error through API (merge request)
• Remove ci_new_query_for_pending_stuck_jobs feature flag (merge request)
• Enable job trace store outside database transaction by default (merge request)
• Change namespace type default to 'User' (merge request)
• Load only one scan_finding_rule per policy (merge request) GitLab Enterprise Edition
• Add line number and import_type to the import status API (merge request)
• Refine the take-out-of-draft message (merge request)
• Improve copy when no iteration found in sidebar (merge request) GitLab Enterprise Edition
• Update UI message for merge conflicts (merge request)
• Change remediated badge icon from wrench to check-circle-dashed (merge request) GitLab Enterprise Edition
• Do not require startDate when creating a manual iteration cadence (merge request)
• Show disabled fork button for user without enough permissions (merge request)
• Copy variables when retrying job (merge request)
• Relocate online runners count in search bar (merge request)
• Prevent runner list IP and version overflow (merge request)
• Add more merging messages from the community (merge request)
• Remove diff limiting feature flags (merge request)
• Add URL to rejection_message if terms_not_accepted by @jgay (merge request)
• Drop FindingPipelines and Findings in bg migration (merge request)
• Enable preserve_latest_wal_locations_for_idempotent_jobs by default (merge request)
• Enable linear version of groups_including_descendants_by (merge request)
• Migrate snippets tabs to rails helper (merge request)
• Remove surface_environment_creation_failure feature flag (merge request)
• Improve UI message: creating branch from fork (merge request)
• Add Shimo integration sidebar menu and landing page by @icbd (merge request)
• Enable External MR diff verification by default (merge request) GitLab Enterprise Edition
• Remove support for sticking to old and new keys (merge request)
• Add BaseEdge base class (merge request)
• Split out main, and geo DB out of CI transactions (merge request) GitLab Enterprise Edition
• Migrate button variants (merge request) GitLab Enterprise Edition
• Update gl-modal buttons in user status modal by @yo (merge request)
• Do not select "My company or team" radio box by default (merge request)
• Allow squashing in MRs with single commit by @trakos (merge request)
• Start using v1.x of our IAC analyzer (merge request)

Deprecated (2 changes)

• Ignore position column (merge request) GitLab Enterprise Edition
• Deprecate ApiFuzzingCiConfigurationCreate fields (merge request) GitLab Enterprise Edition

Removed (4 changes)

• Remove force_company_trial experiment (merge request)
• Remove the configureIacScanningViaMr feature flag (merge request)
• Remove sast_entry_points experiment (merge request)
• Remove reference to lower_relation_max_count_limit (merge request)

Security (5 changes)

• Enable visibility filter on Epics menu pill count (merge request) GitLab Enterprise Edition
• Use Gitlab::Json to serialize sessions (merge request)
• Update Puma to version 5.5.2 (merge request)
• Disallow non-members unlocking project files (merge request) GitLab Enterprise Edition
• Use a more precise Sourcegraph URL in CSP (merge request)

Performance (18 changes)

• Limit the amount of ids loaded when using package build infos (merge request)
• Update dependency proxy API to use cleanup worker (merge request)
• Utilize C version of CommonMark renderer (merge request)
• Add index to projects on marked_for_deletion_at field is null (merge request)
• Only enqueue Jira workers when configured (merge request)
• Add index to improve contribution graph query (merge request)
• Simplify sanitizing emojis from localStorage (merge request)
• Optimize finding environment for BlobController (merge request)
• Improve index for calendar query (merge request)
• Replace Banzai based label rendering in VSA (merge request)
• Bulk insert job tags when creating a CI pipelines (merge request)
• Enable load balancing for update all mirrors by default (merge request)
• Avoid N+1 issue linking DAST profiles and builds (merge request) GitLab Enterprise Edition
• Reduce variables transformations when creating a new pipeline (merge request)
• Replace Ci::Runner with linear scopes (merge request)
• Enable perform FindTag RPC request for a single tag (merge request)
• Use linear version of User#ci_owned_runners (merge request)
• Remove trigram index on notes (merge request)

Other (59 changes)

• Use design system badge in admin project page (merge request)
• Fix GraphQL/OrderedArguments offense (Part 1/6) by @KevSlashNull (merge request)
• Fix GraphQL/FieldDefinitions offense (Part 2/4) by @KevSlashNull (merge request)
• Remove abort_deleted_project_pipelines flag (merge request)
• Remove vulnerability_occurrences_location_temp_index (merge request)
• Snowplow ED first run for data-attributes (merge request) GitLab Enterprise Edition
• Remove additional vulnerability finding links (merge request)
• Merge CI queuing denomalization feature flags into a single one (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
• Delegate Requirement model attributes (merge request) GitLab Enterprise Edition
• Use rails helper to render mark_for_deletion badge (merge request) GitLab Enterprise Edition
• Delete invalid epic_issue records migration (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Make projects storage badge pajamas compliant (merge request)
• Fix Gitlab/DelegatePredicateMethods offenses by @edith007 (merge request) GitLab Enterprise Edition
• Make milestone page tabs Pajamas-compliant (merge request)
• Implement syncing ci_project_mirrors and ci_namespace_mirrors tables (merge request)
• Convert single tab partial to Pajamas (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request)
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Fix Rails/SaveBang offenses by @edith007 (merge request) GitLab Enterprise Edition
• Remove ::VisibleApprovable inclusion as it's duplicate by @edith007 (merge request)
• Pass formats explicitly when rendering .html format by @edith007 (merge request)
• Apply feedback to Snowplow event definitions (merge request) GitLab Enterprise Edition
• Hide search settings component in usage quota page (merge request) GitLab Enterprise Edition
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Merge branch '341849_cleanup_reference_cache_memoization_ff' into 'master' (merge request)
• Cleanup feature flag "reference_cache_memoization" (merge request)
• Prepare projects and namespaces loose foreign keys (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Merge maintain feature flags for new queuing mechanism (merge request)
• Remove decoupling projects-runners feature flags (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Make design note pin compliant with Pajamas (merge request)
• Remove the validate_namespace_parent_type feature flag (merge request)
• Fill TestReport#issue_id field when creating new objects (merge request) GitLab Enterprise Edition
• Remove ci_predefined_vars_in_builder feature flag (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Make Service Desk Pajamas Design compliant (merge request)
• Improve Blame Page rendering performance by @cyberap (merge request)
• Fix OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
• Update GitLab Runner Helm Chart to 0.35.0 (merge request)
• Improve service desk service settings input tips (merge request)
• Remove PropagateServiceTemplateWorker and queue by @lenikadali (merge request)
• Remove unused CommitsBetween wrapper (merge request)
• Enhance SSO enforcement warning message (merge request) GitLab Enterprise Edition
• Fix offenses introduced by Style/OpenStructUse by @edith007 (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Update Sidekiq to 6.3.1 (merge request)

14.5.4 (2022-02-03)

Security

See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/

14.5.3 (2022-01-11)

No changes.

14.5.2 (2021-12-03)

No changes.

14.5.1 (2021-12-01)

Fixed (4 changes)

• Check validation for license only if new record (merge request) GitLab Enterprise Edition
• Fix for hexadecimal branch deletion (merge request)
• Fix the SSL_CERT_DIR logging on git operations (merge request)
• Support Action Cable on GCP Memorystore (merge request)

14.5.0 (2021-11-19)

Added (113 changes)

• Show warning for markdown structure changes (merge request)
• Implement Pipeline Editor Walkthrough experiment (merge request)
• Add endpoint for activating all pending members (merge request) GitLab Enterprise Edition
• Add Yaml Source Editor Extension (merge request)
• Introduced the Source Editor Instance module (merge request)
• Add total counters in each runner type tab (merge request)
• Add customer relations organizations viewer by @leetickett (merge request)
• Add customer relations contacts viewer by @leetickett (merge request)
• Add endpoint for activating an waiting member (merge request) GitLab Enterprise Edition
• Add keyset pagination for tags API (merge request)
• Enable loose_foreign_key_cleanup FF by default (merge request)
• Allow reporters to see the service desk email address (merge request)
• Upgrade GitLab Pages to 1.48.0 (merge request)
• Implement deep linking for project VSA filters (merge request)
• Feature: Let OmniAuth support DingTalk by @icbd (merge request)
• Add group SAML configuration changes to group audit events (merge request) GitLab Enterprise Edition
• Add migration for backfilling project namespaces (merge request)
• Audit changes to compliance frameworks (merge request) GitLab Enterprise Edition
• Enable dependency_proxy_manifest_workhorse by dflt (merge request)
• Upgrade GitLab Pages to 1.47.0 (merge request)
• Add exists support to includes:rules CI config (merge request)
• Enable configure_iac_scanning_via_mr by default (merge request)
• Allow Minimal Access role for top-level SAML Group Links (merge request) GitLab Enterprise Edition
• Add slash command to promote issue to incident (merge request)
• Add member approval service (merge request) GitLab Enterprise Edition
• Enable linear GroupPlanPreloader ancestors queries (merge request) GitLab Enterprise Edition
• Create default merge commit message using customizable template by @trakos (merge request)
• GithubImporter: Thread diff notes (merge request)
• Query all partitions when loading loose FK records (merge request)
• Remove flag that hides event streaming from graphQL schema (merge request) GitLab Enterprise Edition
• Add opensource plan to database (merge request)
• Add wiki migration to projects and groups (merge request) GitLab Enterprise Edition
• Send invite team email after a root group is created (merge request)
• Render inherited templates from group in service desk (merge request)
• Add indexes to aggregated VSA tables (merge request)
• Add required label to tag name in release form (merge request)
• Add modal to warn group owners the impact of changing user cap (merge request) GitLab Enterprise Edition
• Add issues set crm contacts service and graphql mutation by @leetickett (merge request)
• Add pagination support for FindAllTagsRequest (merge request)
• Enable linear ancestors for groups (merge request)
• Add note regarding topic visibility to admin doc by @wwwjon (merge request)
• Track Shared Runners duration separate from CI minutes consumption (merge request) GitLab Enterprise Edition
• Show blocked icon on epic blocked issues (merge request) GitLab Enterprise Edition
• Add Sentry configs to application settings (merge request)
• Add helpful text to project select modal (merge request)
• Enable linear ApplicationSettings ancestors queries (merge request) GitLab Enterprise Edition
• Enable pipeline_editor_mini_graph feature flag by default (merge request)
• Limit issues one user can quickly create using service desk (merge request)
• Add Helm metadata to GraphQL by @sathieu (merge request)
• Enable linear EE Group ancestors queries (merge request) GitLab Enterprise Edition
• Remove redundant index_events_on_target_type_and_target_id (merge request)
• Rollout user namespace & project tracking (merge request)
• Unblock LDAP blocked user on sign-in with other auth methods (merge request)
• Add queuing mechanic for reindexing (merge request)
• Topic management: add link to topic detail page by @wwwjon (merge request)
• Add jobArtifacts to PipelineType by @genctys (merge request)
• Track processed loose FK records (merge request)
• Update user attributes for Group SAML enterprise users (merge request) GitLab Enterprise Edition
• Add 'show' page for topic by @wwwjon (merge request)
• Record transaction duration during migrations (merge request)
• Add corpus create mutation and service (merge request) GitLab Enterprise Edition
• Update scroll position to synchronize the Jump To Next button (merge request)
• Add created_at to the GraphQL LicenseType (merge request) GitLab Enterprise Edition
• Speed up searching environments by ref deployed (merge request)
• Add customer relations menu item and root apps by @leetickett (merge request)
• Enable linear ParticipantsService ancestors queries (merge request)
• Enable linear MembersFinder ancestors queries (merge request)
• Promote empty_repo_upload experiment (merge request)
• Adding Special diff rendering for .ipynb notebooks (merge request)
• VSA: Add deployment frequency links (merge request) GitLab Enterprise Edition
• Enables the mr_changes_fluid_layout flag by default (merge request)
• Adds vulnerability state to Vulnerability-Check (merge request)
• Enable logging of Sidekiq bulk job insertions (merge request)
• Remove group_authorized_agents feature flag (merge request)
• Add Prometheus metrics for loose foreign keys (merge request)
• Include state_id when gathering VSA data (merge request)
• Loose foreign key definition experiment (merge request)
• Enable real-time issue assignees by default (merge request)
• Feature: add user track script entry point by @orozot (merge request)
• Fix spec to properly support many databases (merge request)
• Enable group-level MR approval settings by default (merge request) GitLab Enterprise Edition
• Enable linear GroupTree ancestors queries (merge request)
• Annotate DAST models strings for localization (merge request) GitLab Enterprise Edition
• Persist credit card network (merge request)
• Adds DB column for merge request assignee state (merge request)
• Add native systemd units by @behrmann (merge request)
• Clean up migration to populate commit users (merge request)
• Enabled variables for CI services by @ST-Apps1 (merge request)
• Add runtime_runner_features column to ci_builds_metadata (merge request)
• Add metric for users associating group milestones to releases (merge request)
• Loose foreign key worker implementation (merge request)
• Added kaniko ci template to build docker images (merge request)
• Invite members for task experiment (merge request)
• Remove FF verification_state_backfill_worker (merge request) GitLab Enterprise Edition
• Add 'tencent_serverless_framework' to built-in project template (merge request)
• Merge branch 'mw/clearup-ff_group_membership_export' into 'master' (merge request) GitLab Enterprise Edition
• Allow custom support email without configuring custom project suffix (merge request)
• Add median lead time for changes to VSA (merge request) GitLab Enterprise Edition
• Remove ff_group_membership_export flag (merge request) GitLab Enterprise Edition
• Move Agent usage metrics to Core (merge request)
• Enable Agent creation in Core (merge request)
• Move Agent KUBECONFIG variable generation to core (merge request)
• Sync creating requirements with requirements issue (merge request) GitLab Enterprise Edition
• Add user caps to group's membership settings (merge request) GitLab Enterprise Edition
• Remove the rails_apdex_counters feature flag (merge request)
• Add CustomerRelations::IssueContact model by @leetickett (merge request)
• Cleanup project_storage_ui feature flag (merge request)
• Add created_at filters to MR resolver (merge request)
• Add integration with ZenTao by @icbd (merge request)
• Move Agent CI tunnel functionality to Core (merge request)
• Add Debian endpoint for distribution key by @sathieu (merge request)
• Filter issues by releaseTag in GraphQL (merge request)
• Add 'Explore topics' page by @wwwjon (merge request)

Fixed (123 changes)

• Fix SAML SSO redirects for pseudonymized URLS (merge request)
• Add suggestion_commit_message length validation by @trakos (merge request)
• GithubImporter: Fix import duration metric (merge request)
• Fix a bug with the metadata during the npm package upload (merge request)
• Fix error when Origin header is null (merge request)
• Fix loading authors in issues list (merge request)
• Fix regression in code blocks in the Content Editor (merge request)
• Fix sysvinit Sidekiq logging (merge request)
• Fix setting block animation issues (merge request)
• Remove presence validator on name on WebauthnRegistration (merge request)
• Fix common errors in AuthorizedProjectsWorker (merge request)
• Fix widget dropdown title overflow (merge request)
• Don't transform empty .ipynb diffs (merge request)
• Allow destruction of records in archived pending_delete projects (merge request)
• Allow to create service desk issues for all quoted emails (merge request)
• Fix bug due to fuzzy matching in Infrastructure Registry (merge request)
• Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
• Fix commit msg color for dark mode graph (merge request)
• Fixes broken trigger layout (merge request)
• Fix agent install page paths (merge request)
• Reduce noise in cluster cleanup workers (merge request)
• Fix scoped board milestone/iteration Timebox global ID (merge request) GitLab Enterprise Edition
• Prevent overflowing of runner tags (merge request)
• Fix manifest workhorse upload (merge request)
• Extend the OverrideUuids service logic (merge request) GitLab Enterprise Edition
• Fix foreign_key of using on data_fields by @icbd (merge request)
• Vulnerability Report: Fix typo in description text (merge request) GitLab Enterprise Edition
• Fix built-in template import creating duplicate audit logs (merge request) GitLab Enterprise Edition
• Fix merge requests not importing for older projects (merge request)
• Add sidebar highlight and fix link by @icbd (merge request)
• Fix 2FA setup for LDAP users (merge request)
• Recalculate project authorizations on group transfer by @vfazio (merge request)
• Clear closure references when issue is reopened (merge request)
• Prevent Git operations from checking replication lag on non-Geo sites (merge request) GitLab Enterprise Edition
• Allow non-group Agent projects to authorize themselves (merge request)
• Vulnerability Modal: Fix issue with long URLs (merge request) GitLab Enterprise Edition
• Fix Type error about namespace through provides on members page (merge request)
• Fix pipeline editor crashing the browser when getting a 500 error (merge request)
• Reset subscription max seats used on new term (merge request) GitLab Enterprise Edition
• Fix issue rebalance banner (merge request)
• Disable query cache when outside Rails executor (merge request)
• Fix todo API when used with Alerts (merge request)
• Add remediation based on cve or id by @ssarka (merge request) GitLab Enterprise Edition
• Wrap Sidekiq scheduler threads in Rails reloader (merge request)
• Fix quick action permissions to match UI (merge request)
• Skip retrying for reads on connection errors if primary only (merge request)
• Fix illustration paths in survey response page (merge request) GitLab Enterprise Edition
• Fix MR commits with missing committers/authors (merge request)
• Fix: update broken pipeline layout (merge request)
• Use the To header when sending pipeline emails (merge request)
• Cleanup sticky_environments_in_job_retry feature flag (merge request)
• Improve tracking of requests in rate limiter (merge request)
• Check correct permissions before showing Release Evidence link (merge request)
• Fix ghost button on payment step for subscriptions (merge request) GitLab Enterprise Edition
• Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition
• Fix error on environment rollback (merge request)
• Fix permission check for confidential quick action (merge request)
• Fix Geo: Secondaries may be orphaning Upload files (merge request) GitLab Enterprise Edition
• Add better error handling to BulkImports::GroupLoader (merge request)
• Ensure that GlSingleStat animates (merge request)
• Fix tasklist header counts in Test Cases (merge request) GitLab Enterprise Edition
• Allow relative WebP image embed in markdown by @KevSlashNull (merge request)
• Fix uninitialized constant STICK_OBJECT by @leetickett (merge request)
• Increase file import size validator timeout (merge request)
• Fix breadcrumb click event handling (merge request)
• Do not update feedback when it is persisted (merge request) GitLab Enterprise Edition
• Increase the deduplication TTL for future jobs (merge request)
• Fix filtering of "Not connected" runners (merge request)
• Exclude project bots from deactivation in DeactivateDormantUsersWorker (merge request)
• Fix 2FA management on Safari (merge request)
• Fix slight scroll bounce when jumping between unresolved discussions (merge request)
• Don't limit number of Gitaly client keepalives (merge request)
• Silence unknown PostgreSQL OIDs warnings (merge request)
• Do not auto-retry unrecoverable job failure (merge request)
• Fix: filename display when copy/paste in comment by @orozot (merge request)
• Do now unescape branch name when deleting branch (merge request)
• Enable surface_environment_creation_failure feature flag by default (merge request)
• Prevent timeouts when updating share_with_group_lock of a group (merge request)
• Fix epic board scope text (merge request)
• Standardize error message field in structured logs (merge request)
• Make LoadBalancer to configure pool sizes of all classes (merge request)
• Sort epic ancestors in hierarchical order in graphQL endpoint (merge request) GitLab Enterprise Edition
• Fix cascading settings attr reader behavior by @gizero (merge request)
• Don't fail DeleteStoredFilesWorker if one of the files is missing (merge request)
• Schedule AutoFix background job after ingesting the security reports (merge request) GitLab Enterprise Edition
• Move yaml processor secrets configuration to EE (merge request) GitLab Enterprise Edition
• Remove the pipelines link from Auto DevOps toast (merge request)
• Fix 'private method 'load' called' when posting non-whitelisted webhook by @perlun (merge request)
• Change manage events metric counter method (merge request)
• Fix canUpdate console error on external issues (merge request) GitLab Enterprise Edition
• Show captcha verification on issue boards (merge request)
• Fix error when archiving requirements (merge request) GitLab Enterprise Edition
• Persist solution, message and description fields (merge request) GitLab Enterprise Edition
• Skip st_diff setting on LegacyDiffNote during import (merge request)
• Use overridden_uuid as primary lookup for the report finding (merge request) GitLab Enterprise Edition
• Remove duplicate text from create group description (merge request)
• Add reschedule option to Resource Group worker (merge request)
• Fix SMIME signature for emails on push (merge request)
• Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
• Fix file mode changes not always visible in MRs by @hypemc (merge request)
• Allow job token to perform all release REST API operations by @guillaume.chauvel (merge request)
• Fix 2+ discussions on one line not working (merge request)
• Fix issues with frame-src CSP directive (merge request)
• Fix shared runners form injections (merge request)
• Fix deployment merge request link creation (merge request)
• Add latest commit hash to compare cache key (merge request)
• Move DAST CI Job keys to the EE Variant (merge request) GitLab Enterprise Edition
• Fix issue with CSP using Safari in dev mode (merge request)
• Remove compliance framework section for unlicensed EE (merge request) GitLab Enterprise Edition
• Fix unnecessary epics fetch req with empty filters (merge request) GitLab Enterprise Edition
• Fix object deduplication on Geo first sync (merge request) GitLab Enterprise Edition
• Allow newlines in HTTP URLs (merge request)
• Fix Security::OverrideUuidsService matching logic (merge request) GitLab Enterprise Edition
• Add cloak-startup class and apply to mobile overlay by @leetickett (merge request)
• Stop polling when checking task lists on an issue (merge request)
• Modify error message for clarity (merge request)
• Ensure Azure-related gems are loaded (merge request)
• Ensure commits limit is always positive (merge request)
• Add DEFAULT_CERT_DIR handling to Spamcheck and fix Gitaly GRPC Bug (merge request)
• Fix a join in the postgres_indexes view (merge request)
• Fix spacing around code quality problem icon in diff view by @antonykor.ak (merge request) GitLab Enterprise Edition
• Transaction metrics from workers are not collected (merge request)
• Fix nil value in location column in vulnerability_occurrences (merge request) GitLab Enterprise Edition

Changed (142 changes)

• Update deprecation notice (merge request)
• Increase LFS token entropy for keys/deploy keys (merge request)
• Fixes cross-db modification for Ci::JobArtifacts::DestroyBatchService (merge request)
• Remove query_project_ci_feature_usages_for_coverage flag (merge request) GitLab Enterprise Edition
• Replace window.confirm with GlModal confirmation (merge request)
• Update audit events to filter by username (merge request) GitLab Enterprise Edition
• Fix OpenStruct use by @mehulsharma (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Move API fuzzing YAML generation to the client (merge request) GitLab Enterprise Edition
• Use after_commit in Vulnerabilities::Feedback (merge request)
• Use allowlist of allowed attributes for imported models (merge request)
• Use image digest for Auto DevOps deployments by @kinolaev (merge request)
• Make capitalization of incident management objects uniform in modal (merge request)
• feat: Update default PAT prefix when not set (merge request)
• Use rectangular avatar on topic detail page by @wwwjon (merge request)
• Fix OpenStruct use by @mehulsharma (merge request)
• Fixed OpenStruct use offense by @mehulsharma (merge request)
• Fix OpenStruct usage by @mehulsharma (merge request)
• Release the NPM metadata abbreviated support (merge request)
• Deprecation of the cert-based K8s integration (merge request)
• Use token authentication in the Debian distribution APIs by @sathieu (merge request)
• Get cluster_id from kubernetes_resource for CIS (merge request) GitLab Enterprise Edition
• Remove Apollo error suppression feature flag (merge request)
• Show validation error for setting project suffix (merge request)
• Update admin deploy keys table to comply with Pajamas design system (merge request)
• Go back denylist for importing project (merge request)
• Add shared_runners_duration field to NamespaceMonthlyUsageType (merge request)
• Update vendored cluster management project template (merge request)
• Move creation of external cross-references into background worker (merge request)
• Enable by default new refactored page (merge request)
• Remove cached_loading_hints feature flag (merge request)
• Restore TagsFinder class interface (merge request)
• Refactor profile authentication log to show relevent events (merge request)
• Redirect to Pipeline Editor from Suggest Pipeline banner CTA (merge request)
• Fixed OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
• Create ProjectNamespace when a Project is created (merge request)
• Source Editor Extension module (merge request)
• Update workflow propeties in CI json schema (merge request)
• Avoid sending send-data headers in API response body (merge request)
• Fixed OpenStruct use by @mehulsharma (merge request)
• Add tooltip and commit title to pipeline editor's status header (merge request)
• Add user popup to CI pipeline header by @KevSlashNull (merge request)
• Redirect to continuous onboarding after trial reg (merge request) GitLab Enterprise Edition
• Add read_at to dependency proxy objects (merge request)
• Add pipeline artifacts size to admin area project statistics by @guillaume.chauvel (merge request)
• Spin reviewer on UX label (merge request)
• Refactor fetching board scope to GraphQL (merge request) GitLab Enterprise Edition
• Use allowlist for importing project attributes (merge request)
• Filter runner type via tabs (merge request)
• Update runner status badges and locked icon (merge request)
• Reorganise Jira Connect UI (merge request)
• Update Rugged to v1.2.0 (merge request)
• Vulnerability Chart: Fix selected state of buttons (merge request) GitLab Enterprise Edition
• Log when primary host for DB load balancing is marked offline (merge request)
• Review Adv Search admin UI text (merge request)
• Load MR widget artifacts on mount (merge request)
• Change API permissions to set epic of an issue (merge request) GitLab Enterprise Edition
• Use path_with_namespace for delete confirmation phrase (merge request)
• Flash a warning when not using index aliases (merge request) GitLab Enterprise Edition
• Toggle file tree bolding based on file "Viewed" status (merge request)
• Change Geo SSH proxy to internal primary URL (merge request) GitLab Enterprise Edition
• Add empty state for CI mintues (merge request) GitLab Enterprise Edition
• Runner status won't return "paused" (merge request)
• Add policy name to ScanExecutionPolicyCommit mutation (merge request) GitLab Enterprise Edition
• Update omniauth-oauth2 and remove error verification monkey-patch (merge request)
• Add optional include_jobs param for CI lint APIs (merge request)
• Shift a user's contribution calendar based on their timezone setting by @davebarr (merge request)
• Updated texts and illustrations on Kubernetes page (merge request)
• Improve run pipeline ux (merge request)
• Add project count and coverage count to tooltip (merge request) GitLab Enterprise Edition
• Remove not_null constraint and default for public_email (merge request)
• Replaced v-html with v-safe-html by @mehulsharma (merge request)
• Refactor manual variables form (merge request)
• Remove jira_connect_asymmetric_jwt feature flag (merge request)
• Revert temporary change for sending expiration email for all ssh keys (merge request)
• Add clarification of repo size limits (merge request)
• Pluralize DevOps Report to DevOps Reports (merge request)
• Add limit-container-width to Jira create branch (merge request)
• Restore namespace requirement for project deletion confirmation (merge request)
• Handle Errno::ENETUNREACH in Gitlab::HTTP (merge request)
• Enable terms_of_service_vue feature flag by default (merge request)
• Add links to Jira-related error messages (merge request)
• Update breadcrumb toggle to inline (merge request)
• Use GlAvatar in approval rule selector (merge request) GitLab Enterprise Edition
• Change the active link color in the sidebar (merge request)
• Moved clusters empty state to Vue component (merge request)
• Store trace files outside of a database transaction (merge request)
• Exclude internal API and Geo git_ssh routes from secondary proxying (merge request) GitLab Enterprise Edition
• Remove jQuery from Jira connect app (merge request)
• Add GITLAB_CDN_HOST to frame-src and worker-src (merge request)
• Only delete data from Elasticsearch 30 days after subscription expires (merge request) GitLab Enterprise Edition
• feat: Set PersonalAccessToken default prefix (merge request)
• Turn on Feature Flag of ZenTao by @icbd (merge request)
• Skip already imported merge requests on importer (merge request)
• Say when MR was approved by me by @KevSlashNull (merge request)
• Update clusters index help paths (merge request)
• Change question marks to Learn More in Settings (merge request)
• Enable dependency proxy by default (merge request)
• Re-position merge train help icon (merge request) GitLab Enterprise Edition
• Rename crm related policies and consider feature flag status by @leetickett (merge request)
• Remove skip_legacy_diff_note_callback_on_import feature flag (merge request)
• Use secured analyzer image for cluster image scanning (merge request) GitLab Enterprise Edition
• Edit UI text (merge request)
• Add response in Publish a package file endpoint (merge request)
• Update copy of branches_to_be_notified label (merge request)
• Migrate Terraform template to use rules syntax by @willianpaixao (merge request)
• Link Pipeline Editor button to open in correct branch (merge request)
• Admin: card match can have different holder name (merge request) GitLab Enterprise Edition
• Fix translation of title of ZenTao by @icbd (merge request) GitLab Enterprise Edition
• Add "Load more" button to environment dropdown (merge request) GitLab Enterprise Edition
• Convert dropdowns in Admin / Visiblity and access to radio buttons (merge request)
• Make cosmetic improvements to Geo Admin UI (merge request) GitLab Enterprise Edition
• Remove the left-overs of use-deprecated-sizes attributes (merge request)
• Remove stage default from CI schema (merge request)
• Enable feature flag default on (merge request)
• Replace registration token in registration modal (merge request)
• Move register runner information to a dropdown (merge request)
• Run GraphQL docs rake task on changes (merge request)
• Removes cross-joins FF in MergeRequest#environements (merge request)
• Redirect Geo HTTP(s) pulls to different path with missing repo (merge request) GitLab Enterprise Edition
• Hide private group name when access request is denied (merge request)
• Improve empty state when artifacts fail to load by @mehulsharma (merge request)
• Change enforcement label to status (merge request) GitLab Enterprise Edition
• Remove retarget_merge_requests feature flag (merge request)
• Handle MissingPersonalAccessTokenError on Go middleware (merge request)
• Add missing labels when password is filled out (merge request)
• UI polish on the webhook log page (merge request)
• Fix ZenTao spelling by @icbd (merge request) GitLab Enterprise Edition
• Update audit events date range filter (merge request) GitLab Enterprise Edition
• Improve merge blocked text (merge request) GitLab Enterprise Edition
• Show CSV and json artifact download on security tab and merge request (merge request)
• Add custom label GitHub status check checkbox (merge request) GitLab Enterprise Edition
• Use default timeouts for Jira calls (merge request)
• Deduplicate http transport creation (merge request)
• Update Terraform.latest.gitlab-ci.yml template by @willianpaixao (merge request)
• Does not update Geo node if running on a primary site (merge request) GitLab Enterprise Edition
• Remove roadmap_daterange_filter ff & legacy code (merge request) GitLab Enterprise Edition
• Use Gitlab::HTTP in download method (merge request)
• Order Deployments by Finish Time (merge request)
• Enable flag group_authorized_agents by default (merge request)
• Drop Vulnerabilites that would be invalid as well (merge request)
• Rename Import Uploader Extension Allowlist Constant (merge request)

Deprecated (1 change)

• Remove include MR description checkbox and deprecate related API field by @trakos (merge request)

Removed (6 changes)

• Remove chat_names -> ci_pipeline_chat_data FK (merge request)
• Remove deprecated WIP from GraphQL (merge request)
• Remove frontend for editing of Jira labels (merge request) GitLab Enterprise Edition
• Remove jobs and projects columns (merge request)
• Remove the DORA DF feature flag in VSA (merge request)
• Remove product analytics tracking (merge request)

Security (15 changes)

• Add reCAPTCHA to password reset and confirmation email forms (merge request)
• Highlight usage of unicode bidi characters
• Fix dompurify.js to prevent path traversal attacks
• Refresh authorizations on transfer of groups having project shares
• Don't allow author to resolve discussions when MR is locked via GraphQL
• Workhorse: Allow uploading only a single file
• Adding a '[redacted]' to mask private email addresses
• Avoid decoding the whole tiff image on isTIFF check
• Respect visibility level settings when updating project via API
• Only include visible groups a project is shared with
• Stop using 'self' in the CSP's frame-src directive (merge request)
• Do not display the root password by default
• Group owners should see SCIM token only once GitLab Enterprise Edition
• Set PipelineSchedules to inactive
• Do not allow Applications API to create apps with blank scopes

Performance (25 changes)

• Enable API v3 branches/:sha partial response (merge request)
• Avoid cross-joins in PipelinesForMergeRequestFinder (merge request)
• Improve ETag caching for issue discussions (merge request)
• GraphQL user.groups node authorization DB query count optimization (merge request)
• Remove unused index index_for_resource_group on ci_builds (merge request)
• Remove startup JS call for issue notes (merge request)
• Use keyset pagination when fixing diff commits (merge request)
• Enable workhorse_use_sidechannel by default (merge request)
• Omit query params for discussions.json (merge request)
• Add index to events table support UMAU metric (merge request)
• Use new worker/service to refresh authorizations of project members (merge request)
• Add an index on vulnerability_occurrence_pipelines (merge request)
• Add index for cluster_id in vulnerability_occurrences location (merge request)
• Default enable new_graphql_keyset_pagination (merge request)
• Omit WHERE clause for NOT labels filter when empty (merge request)
• Remove releases author_id index (merge request)
• Optimize JIRA ref lookup (merge request)
• Recreate broken ci_builds index (merge request)
• Fix N+1 query in VulnerabilitiesResolver (merge request) GitLab Enterprise Edition
• Cleanup update_deployment_after_transaction_commit feature flag (merge request)
• Search for group descendants through a btree (merge request)
• Improve TBT on file source view (merge request)
• Cache CI variables used for rules evaluation (merge request)
• Speed up Sidekiq size limiter middleware (merge request)
• Remove use of Redis multi in Sidekiq client (merge request)

Other (78 changes)

• Fix the offenses introduced by Style/OpenStructUse by @edith007 (merge request)
• Fix OpenStruct use by @mehulsharma (merge request) GitLab Enterprise Edition
• Fix OpenStruct use by @mehulsharma (merge request)
• Set total of Progress bar nil when replication is disabled by @edith007 (merge request) GitLab Enterprise Edition
• Add post deploy migration to remove open_project_data by @lenikadali (merge request)
• Create pipeline trigger application limits (merge request)
• Convert admin users page tabs to Pajamas (merge request)
• Geo: Remove legacy code for upload sync (merge request)
• Cleanup feature flag gitaly_tags_finder (merge request)
• Remove paginated_tree_graphql_query feature flag (merge request)
• Convert labels page tabs to Pajamas (merge request)
• Set user's highlight theme for the Blame page during SSR by @cyberap (merge request)
• Convert projects dashboard tabs to Pajamas (merge request)
• Convert snippets page tabs to Pajamas (merge request)
• Convert projects explore page tabs to Pajamas (merge request)
• Convert admin users page tabs to Pajamas (merge request)
• Convert pipeline schedules page tabs to Pajamas (merge request)
• Convert commit tabs to pajamas (merge request)
• Decouple group's storage table from feature flag (merge request) GitLab Enterprise Edition
• Add with_highest_role_minimal_access to statistics (merge request)
• Update GlTab helpers (merge request)
• Hide details for invited members in seats usage (merge request) GitLab Enterprise Edition
• Adds margin to billings page (merge request) GitLab Enterprise Edition
• Enabling jupyter_clean_diff by default (merge request)
• Remove report_on_long_redis_durations flag (merge request)
• Replace dotenv constants with application limits (merge request)
• Convert search tabs to pajamas (merge request)
• Convert blob editor tabs to pajamas (merge request)
• Convert markdown field tabs to pajamas (merge request)
• Convert credential inventory tabs to pajamas (merge request) GitLab Enterprise Edition
• Migrate requirement to work items (merge request)
• Convert explore tabs to pajamas (merge request)
• Convert explore tabs to pajamas (merge request)
• Remove rate limiter feature flag (merge request)
• Improve Blame Page rendering performance by @cyberap (merge request)
• Convert product analytics tabs to pajamas (merge request)
• Drop ci_build_trace_sections table and related (merge request)
• Changed the chronological order of Job history sequence on CI Job by @edith007 (merge request)
• Remove FF ci_create_external_pr_pipeline_async (merge request)
• Remove FF ci_new_artifact_file_reader (merge request)
• Fix the Style/OpenStructUse Cop offense for Guardfile by @edith007 (merge request)
• Remove the packages_remove_cross_joins_to_pipelines feature flag (merge request)
• Remove the container_registry_expiration_policies_caching feature flag (merge request)
• Remove include_sti_condition flag (merge request)
• Expose 'blocked' attribute on epic issues endpoint (merge request) GitLab Enterprise Edition
• Removed new_customersdot_staging_url feature flag (merge request)
• Remove variable_inside_variable feature flag (merge request)
• Add spacing at top of project/group blank new forms (merge request)
• Exclude ProjectNamespaces from GraphQL namespace results (merge request)
• Pass formats explicitly when rendering .md.erb by @edith007 (merge request) GitLab Enterprise Edition
• Remove pipeline association from Vulnerabilities::Finding (merge request) GitLab Enterprise Edition
• Remove release_evidence feature flag (merge request)
• Fix the offences introduced by Performance/OpenStruct by @edith007 (merge request)
• Add icons to project's storage table (merge request)
• Cleanup unused tagging records (merge request)
• Backfill default namespace as User namespace (merge request)
• Pass formats explicitly when rendering svg icons by @edith007 (merge request)
• Pass formats explicitly when rendering svg icons by @edith007 (merge request)
• Pass formats explicitly when rendering svg icons by @edith007 (merge request)
• Enable quarantined service ping metrics (merge request) GitLab Enterprise Edition
• Replace v-html with v-safe-html to improve frontend security posture by @edith007 (merge request)
• Improve User Exprience for Blame page by @cyberap (merge request)
• Mark all time events ServicePing metric as broken (merge request)
• Restore MR to populate MR diff commit users (merge request)
• Fixing the deprecation warning as using . in template has deprecated by @edith007 (merge request)
• Drop redundant broken index (merge request)
• Refactor protected paths UI and documentation (merge request)
• Update GitLab Runner Helm Chart to 0.34.0 (merge request)
• Update gitlab-dangerfiles to 2.3.1 (merge request)
• Remove the dast_on_demand_scans_scheduler feature flag (merge request) GitLab Enterprise Edition
• Fix storage row line height (merge request) GitLab Enterprise Edition
• Remove managed cluster alerts feature flag (merge request)
• Schedule migration to remove duplicate Findings (merge request)
• Show all storage types in project's storage usage (merge request)
• Remove ci_synchronous_artifact_parsing feature flag (merge request)
• Add pipeline artifacts, packages and uploads size to group REST API by @guillaume.chauvel (merge request)
• Add pipeline artifacts and uploads sizes to project REST API by @guillaume.chauvel (merge request)
• Remove not used parameter from epics finder (merge request) GitLab Enterprise Edition

14.4.5 (2022-01-11)

No changes.

14.4.4 (2021-12-03)

No changes.

14.4.3 (2021-12-01)

Fixed (6 changes)

• Check validation only if new record of license (merge request) GitLab Enterprise Edition
• Fix for hexadecimal branch deletion (merge request)
• Geo - Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
• Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
• Allow SSO callbacks through maintenance mode by @dzaporozhets (merge request) GitLab Enterprise Edition
• Fix 2FA setup for LDAP users (merge request)

14.4.2 (2021-11-08)

Fixed (3 changes)

• Skip retrying for reads on connection errors if primary only (merge request)
• Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
• Skip st_diff callback setting on LegacyDiffNote when importing (merge request)

Changed (1 change)

• Remove skip_legacy_diff_note_callback_on_import from legacy diff note (merge request)

Performance (1 change)

• Prevent Sidekiq size limiter middleware from running multiple times on the same job (merge request)

14.4.1 (2021-10-28)

Security (13 changes)

• Highlight usage of unicode bidi characters (merge request)
• Fix dompurify.js to prevent path traversal attacks (merge request)
• Refresh authorizations on transfer of groups having project shares (merge request)
• Adding a '[redacted]' to mask private email addresses (merge request)
• Do not allow Applications API to create apps with blank scopes (merge request)
• Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
• Workhorse: Allow uploading only a single file (merge request)
• Set PipelineSchedules to inactive (merge request)
• Do not display the root password by default (merge request)
• Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
• Respect visibility level settings when updating project via API (merge request)
• Avoid decoding the whole tiff image on isTIFF check (merge request)
• Remove external_webhook_token from exported project (merge request)

14.4.0 (2021-10-21)

Added (79 changes)

• Upgrade GitLab Pages to 1.46.0 (merge request)
• Support math expressions in the Content Editor (merge request)
• Add Reviewer names (merge request)
• Geo: Enable Upload replication using SSF by default (merge request) GitLab Enterprise Edition
• Add username attribute support for GitLab.com Group SAML SSO (merge request) GitLab Enterprise Edition
• Expose issue contacts via GraphQL by @leetickett (merge request)
• Add source instance version validation for project (merge request)
• Add top-level GraphQL query for single board list (merge request)
• Allow to setup Documentation pages URL for help pages redirects (merge request)
• DevOps Adoption: Add "trend over time" graph (merge request) GitLab Enterprise Edition
• Improve data zoom on contribution analytics (merge request) GitLab Enterprise Edition
• Add cluster_image_scanning CI parser to update location data (merge request) GitLab Enterprise Edition
• Enable on-demand scans scheduler (merge request) GitLab Enterprise Edition
• Add EE variant of Resolvers::ProjectPipelinesResolver (merge request) GitLab Enterprise Edition
• Implement PostUploadPackWithSidechannel client in Workhorse (merge request)
• Introduce status column for the security_scans table and populate it (merge request)
• Add contact update mutation to GraphQL by @leetickett (merge request)
• Add support for load balancing multiple databases (merge request)
• Admin: listing matching card details of an user (merge request) GitLab Enterprise Edition
• Import repository with project migration (merge request)
• Graceful degradation for Branches controller (merge request)
• Add ability to set iteration on issue creation via GraphQL API (merge request) GitLab Enterprise Edition
• Avoid cross-joins in PipelinesForMergeRequestFinder (merge request)
• Remove ci_resource_group_process_modes feature flag (merge request)
• Add customer relations contact create mutation by @leetickett (merge request)
• Sync requirement and requirement issues state (merge request) GitLab Enterprise Edition
• Keep credit card non-sensitive info (merge request) GitLab Enterprise Edition
• Subscriptions hand raise lead API client (merge request) GitLab Enterprise Edition
• Add metric for users associating milestones to releases (merge request)
• Add meta data in user_credit_card_validations (merge request)
• Link to a search for feature flag name in project (merge request) GitLab Enterprise Edition
• Add includeSubepics argument to issue filters in GraphQL (merge request) GitLab Enterprise Edition
• Warn users of impacted escalation policies on leave/delete (merge request) GitLab Enterprise Edition
• Add confidential issues filtering for GraphQL API (merge request)
• Measure Sidekiq enqueue latency for scheduled jobs (merge request)
• Add ability to set iteration on issue creation via GraphQL API (merge request) GitLab Enterprise Edition
• Add issue_customer_relations_contacts linking table by @leetickett (merge request)
• Add config field gitlab_kas.external_k8s_proxy_url (merge request)
• Add DependencyProxySettings mutation (merge request)
• Added feature flag to show terraform banner (merge request)
• Promote jobs_to_be_done experiment (merge request)
• Feat(Cloud Activation Form Modal): loading button (merge request) GitLab Enterprise Edition
• Return runner webUrl via GraphQL API (merge request)
• Add option of 60 days to container image expiration policy by @pataar (merge request)
• Add missing keywords to CI schema (merge request)
• BulkImports: Handle network errors (merge request)
• Add sorting to DA overview table (merge request) GitLab Enterprise Edition
• Document how to migrate off Gitaly Cluster (merge request)
• Make it possible to define custom request duration thresholds (merge request)
• Implement rate-limiting for a deprecated API endpoint (merge request)
• Extend EE::Types::Ci::PipelineType with dast_profile (merge request) GitLab Enterprise Edition
• Add links and message field to VulnerabilityType (merge request) GitLab Enterprise Edition
• Allow relate quick action on issue create (merge request)
• Allow plus character in project names by @lzampier (merge request)
• Render frontmatter codeblock in the Content Editor (merge request)
• Add support for wbr in content editor (merge request)
• Enable live tracking and enforcement of CI minutes (merge request) GitLab Enterprise Edition
• Send "setup for company" in trial form to CustomersDot (merge request)
• Perform validations on the parent of a namespace/group by default (merge request)
• Added support for test coverage badge color configuration by @szaboi (merge request)
• Move cluster agent GraphQL mutations and supporting services to core (merge request)
• Move cluster agent GraphQL types and resolvers to core (merge request)
• Address the PK Overflow risk for the taggins - Step 3 (merge request)
• Remove i_testing_metrics_report_artifact_uploaders feature flag (merge request)
• Remove usage_data_i_testing_test_case_parsed feature flag (merge request)
• Enable FF "paginated_tree_graphql_query" by default (merge request)
• Add user permissions for runners in GraphQL API (merge request)
• Always enable the database load balancer (merge request)
• Add endpoints for project relations exports (merge request)
• Upgrade Pages to 1.45.0 (merge request)
• Support FIFO/LIFO process modes to Resource Group (merge request)
• Add documentation to Files API Rate Limits (merge request)
• Add security_orchestration_policy to pipeline source filter (merge request) GitLab Enterprise Edition
• Add sign-in count to external pipeline validation (merge request)
• Add negated issueType filter to issue resolver (group and project) (merge request)
• Add clone issue to REST API (merge request)
• Add runner_features column to ci_builds_metadata (merge request)
• Extend /help/instance_configuration with Git LFS rate limit by @wwwjon (merge request)
• API: Add endpoint to reset runner authentication token by @KyleFromKitware (merge request)

Fixed (96 changes)

• Fix Analytics Author filters (merge request)
• Allow maintainers to set MR approval settings (merge request) GitLab Enterprise Edition
• Fix: update links in billing page by @orozot (merge request) GitLab Enterprise Edition
• Update onboarding template project (merge request) GitLab Enterprise Edition
• Fix handling Service Ping response DevOps metrics (merge request)
• Add guard clause to ensure incoming params (merge request)
• MR Analytics: Add pipelines sanity check (merge request) GitLab Enterprise Edition
• Replace calls to LoadBalancing with ::Gitlab::Database::LoadBalancing (merge request)
• Change shared runner settings on import on conflict with group (merge request)
• Fix undefined method `use_primary!' error in GDK by @leetickett (merge request)
• Guard against exceptions from unfound DiffNotes (merge request)
• Replace success button in the add linked issue (merge request)
• Ensure correct group for DA chart (merge request) GitLab Enterprise Edition
• Fix cut-off dropdown in board breadcrumbs (merge request)
• Fix non-restarted skipped bridge jobs (merge request)
• Don't run WAL queries when not using replicas (merge request)
• Enable syntax highlighting for new files (merge request)
• Add go, nuget, and sbt to Dependencies API filters (merge request) GitLab Enterprise Edition
• Present sbt, nuget, and go in Dependency List page (merge request) GitLab Enterprise Edition
• Fix detail page of NuGet package with missing metadata by @wwwjon (merge request)
• Remove local form errors flash (merge request)
• Make CI minutes consumption increment idempotently (merge request) GitLab Enterprise Edition
• Boards - Sort closed issues by closedAt date (merge request)
• Gracefully track errors raised by sending CI minutes notifications (merge request) GitLab Enterprise Edition
• Add IssuesFieldExtension to set relative positions (merge request)
• Update strategies used for DB count approximation for read-only DB (merge request)
• Mark the created_at attribute as read-only to prevent updating it (merge request)
• Disable caching of MergeToRefService call in mergeability check (merge request)
• Return the correct project in job/allowed_agents API response (merge request)
• Use pessimistic locking when accessing Terraform state (merge request)
• Sanitize given scan types before querying the security_scans (merge request)
• Fix auto-renew of LetsEncrypt domains for Pages (merge request)
• Show hint if input value is invalid (merge request) GitLab Enterprise Edition
• Fix inline JavaScript HAML linter not working (merge request)
• Add ON DELETE constraint to security_policy_management_project_id (merge request)
• Fix merge request approvals accordion (merge request) GitLab Enterprise Edition
• Fix undefined method error in validate_remote_git_endpoint service (merge request)
• Hide filters UI in Roadmap within epic page (merge request) GitLab Enterprise Edition
• Fix storing first_mentioned_in_commit_at attribute (merge request)
• Redirect Geo git push operations to primary external URL (merge request) GitLab Enterprise Edition
• Fix spacing between note badges by @TaehyeokKang (merge request)
• Fix project statistics Uploads by @guillaume.chauvel (merge request)
• Move required styles for issue-token to core by @michael.telgkamp (merge request)
• Fix default values for the deprecated API throttle (merge request)
• Fix dependency proxy image prefix (merge request)
• Upgrade mermaid-js to v8.13.2 (merge request)
• Don't retry errors when there are no replicas (merge request)
• Delete issues css (merge request)
• Use GlAlert for external issues list errors (merge request) GitLab Enterprise Edition
• Fix tabs switching between tree and roadmap (merge request) GitLab Enterprise Edition
• Fix: change dropdown background to transparent by @orozot (merge request)
• Use GlAlert for integrations table errors (merge request)
• Removes reporting on non-existant failures for import rake task (merge request)
• Fix compliance framework labels readability (merge request) GitLab Enterprise Edition
• Fix clipped broadcast message on login page when using custom header (merge request)
• Fix issue search optimization in GraphQL (merge request)
• Expand template names when tracking inclusion (merge request)
• Fix incorrect date in type of work chart (merge request) GitLab Enterprise Edition
• Fix: translate upload license tips by @orozot (merge request) GitLab Enterprise Edition
• Reapply table-layout fixed in repository file list (merge request)
• Global Search - Upvote Tooltip Alignment (merge request)
• Prevent group wiki writes on read-only DBs (merge request) GitLab Enterprise Edition
• Fix incorrect trigger of issue/epic autocomplete (merge request) GitLab Enterprise Edition
• Fix Web IDE renaming empty content (merge request)
• Fix milestone references in group context (merge request)
• Value of lock_memberships_to_ldap should not affect authorizations (merge request)
• Remove file upload type restirction (merge request)
• Fixed post merge ci status bug (merge request)
• Generate startup css as if com_and_canary by @leetickett (merge request)
• Disable form on admin appearance sign-in page preview (merge request)
• Add connection fallback to ActiveRecordProxy (merge request)
• Update GitLab Shell to v13.21.1 (merge request)
• Fix Australian timezone abbreviations in tooltips (merge request)
• Merge branch 'jswain_combined_registration_auto_trial_params' into 'master' (merge request) GitLab Enterprise Edition
• Provide namespace_id default value (merge request)
• Fix CSV issues import max file size message by @JonstonChan (merge request)
• Fix unmet prerequisites help URL (merge request)
• Fix polling on vuln details page (merge request) GitLab Enterprise Edition
• Fix rule all branches not using monospace font (merge request) GitLab Enterprise Edition
• Fix sum of LFS objects size with identical value by @guillaume.chauvel (merge request)
• Fix project group share setting wording (merge request)
• Fix gitaly-backup TLS connections (merge request)
• Fix Content-Disposition header not working in Azure Blob storage (merge request)
• Handle ConnectionNotEstablished in the DB LB (merge request)
• MR Analytics: Add yAxis formatter (merge request) GitLab Enterprise Edition
• Remove unnecessary route (merge request)
• Fix address requires string literal i18n helpers by @elcordova (merge request)
• Fix DB connection check for Geo user routing (merge request) GitLab Enterprise Edition
• Update to commonmarker gem 0.23.2 (merge request)
• Focus on input when dropdown is shown on issue creation page (merge request)
• Replace public_send with send in doctor rake task (merge request)
• Open sidebar after user creates a new item in boards (merge request)
• Geo: Fix maintenance mode causing Unhealthy secondary status (merge request) GitLab Enterprise Edition
• Allow BoardListType.issues to filter by negated issueType in GraphQL (merge request)
• Add additional properties to policy_details helper (merge request) GitLab Enterprise Edition
• Persist feedback alert for SAST Configuration (merge request) GitLab Enterprise Edition

Changed (80 changes)

• Implement Dependency proxy via Workhorse injectors (merge request)
• Added v-scrolling to both editors by @mehulsharma (merge request)
• Update auto-deploy-image to v2.14.0 (merge request)
• Adjust update_runners_registration_token permission (merge request)
• Remove feature flag member_destroy_async_auth_refresh (merge request)
• Disable create list button after clicked once (merge request)
• Preselect all projects in group coverage analytics (merge request) GitLab Enterprise Edition
• Allow longer Helm channel names by @sathieu (merge request)
• Enable create_vulnerabilities_via_api by default (merge request) GitLab Enterprise Edition
• Use allowlist of allowed attributes for imported models (merge request)
• Refactor the usage of Secret Scanning to Secret Detection (merge request)
• Improve Git HTTPS message given when Gitaly unavailable (merge request)
• Remove performance_roadmap ff and legacy code (merge request) GitLab Enterprise Edition
• Respect security scanner schema (merge request) GitLab Enterprise Edition
• Default enable use_upsert_query_for_mr_metrics FF (merge request)
• Support Jira Connect asymmetric JWTs (merge request)
• Improve translatability of email confirmation page (merge request)
• Remove vulnerability flags feature flag (merge request)
• Styling updates of the protected environments edit access dropdown (merge request) GitLab Enterprise Edition
• Clean up oauth buttons on sign in/up (merge request)
• Improve merge train help text (merge request) GitLab Enterprise Edition
• Update branch name to use monospace (merge request) GitLab Enterprise Edition
• Remove redundant help text from runners (merge request)
• Proxy Geo secondary HTTP pushes + lfs through Workhorse (merge request) GitLab Enterprise Edition
• Update compliance report title and navigation (merge request) GitLab Enterprise Edition
• Change MR draft status notification from flash to tast (merge request)
• Allow minimal access value for UserHighestRole (merge request) GitLab Enterprise Edition
• Add jsonb field for Finding Evidence (merge request)
• Geo: Increase reliability of certain one-time jobs (merge request) GitLab Enterprise Edition
• Geo: Reduce unnecessary resource usage (merge request) GitLab Enterprise Edition
• Geo: Reduce unnecessary resource usage (merge request) GitLab Enterprise Edition
• GithubImporter: Format diff note suggestions to the gitlab format (merge request)
• system_check: Bump minimum required Git version to v2.33.0 (merge request)
• Update SAST config primary action button variant (merge request) GitLab Enterprise Edition
• Add rake task to pause or resume elastic indexing (merge request) GitLab Enterprise Edition
• Changed cluster type badge to gitlab-ui element (merge request)
• Move advanced_search_multi_project_select FF to user actor (merge request) GitLab Enterprise Edition
• Implement Dependency proxy via Workhorse injectors (merge request)
• Replace namespaces unique index on name and parent_id (merge request)
• Remove orchestration policies feature flag (merge request) GitLab Enterprise Edition
• Redirect threat_monitoring policies endpoints (merge request) GitLab Enterprise Edition
• Add tooltips to runners badges (merge request)
• Remove beta badge from GitLab Migration (merge request)
• Show author badge in comments (merge request)
• Toggle banner using suggest_pipeline_enabled application setting (merge request)
• Enable merge requests discussions cache (merge request)
• Edit UI text of Abuse reports settings (merge request)
• Prevent Workhorse panics when Geo proxy URL is unset (merge request) GitLab Enterprise Edition
• Improve deployment information on Jira Cloud app by @rbordignon (merge request)
• Migrate branches nav from Bootstrap tabs to GlTabs (merge request)
• Allow dots in Helm channel, but forbid repeated dots by @sathieu (merge request)
• Remove analyzer_pipeline metrics join to ci_builds (merge request) GitLab Enterprise Edition
• Update cluster management project template with new version of Falco (merge request)
• Update UI text in Group general settings (merge request)
• Allow removal of cloud licenses (merge request) GitLab Enterprise Edition
• Remove default value for time zone user preference (merge request)
• Exclude secret_detection findings from autoresolution (merge request) GitLab Enterprise Edition
• Enable repo size limit and ip restriction (merge request) GitLab Enterprise Edition
• Remove async_filtering feature flag (merge request)
• Convert ee/geo/db/schema.rb to ee/geo/db/structure.sql (merge request) GitLab Enterprise Edition
• Updated the Cluster Agent Token table heading (merge request) GitLab Enterprise Edition
• Fix DB load balance autoloading/code-reloading (merge request)
• Remove "files" from end of default commit message in Web IDE by @scootergrisen (merge request)
• Ensure merge request header strings are internationalized (merge request)
• Add namespace_ancestry_ids migration (merge request) GitLab Enterprise Edition
• Update Copy on License Compliance CTA (merge request) GitLab Enterprise Edition
• Remove download text from pipeline artifact dropdown items by @fabsrc (merge request)
• Add suggest_pipeline_enabled to application_settings (merge request)
• Update deprecated GlIcon size in IDE preview navigator by @jameschensmith (merge request)
• Block move and clone of requirement issues (merge request) GitLab Enterprise Edition
• Remove owner validation in AdditionalPack transfer (merge request) GitLab Enterprise Edition
• Update Rouge syntax highlighting gem (merge request)
• Check anonymous search access in API endpoints (merge request) GitLab Enterprise Edition
• Merge boards Apollo client (merge request)
• Bump swagger-ui-dist to 3.52.3 by @bufferoverflow (merge request)
• Assign trial to only eligible namespace (merge request) GitLab Enterprise Edition
• Remove cutoff logic for expiration message (merge request) GitLab Enterprise Edition
• Replace "Any branch" with "All branches" (merge request)
• Re-organize Environment Action Buttons (merge request)
• Fix multiple translation strings by @scootergrisen (merge request)

Removed (9 changes)

• Remove shared runners CTE FF (merge request)
• Remove bio-html and cached_markdown_version from user_details (merge request)
• Remove obsolete column for DevOps analytics (merge request)
• Drop Delayed Project Removal column from Namespaces (merge request)
• Remove ignoring framework column for compliance project settings (merge request) GitLab Enterprise Edition
• Remove unused Debian distribution methods by @sathieu (merge request)
• Remove project_level_issues_analytics FF (merge request)
• Removed instance level serverless domains feature (merge request)
• Remove feature flag ci_parallel_minutes_reset (merge request) GitLab Enterprise Edition

Security (34 changes)

• Add autocomplete attribute to most password fields (merge request)
• Rename profile password fields so password managers understand (merge request)
• Fix reverse tabnabbing issue (merge request)
• Use v-safe-html in project_list_item.vue by @Fall1ngStar (merge request)
• Require password confirmation when user changes their primary email (merge request)
• Fix XSS in Jira link GitLab Enterprise Edition
• Return 404 if model id wasn't passed to UploadsController
• Scrub artifacts signed URL in SendEntry logs
• Prevent double-impersonation and impersonation breakout
• Clear session access tokens when starting/stopping impersonation
• Require password param for 2FA changes
• Prevent users from bypassing 2FA on certain pages
• Use validated URL when sending request to Gitea Importer
• Fix permissions check on project members import
• Fix fogbugz importer DNS Rebind SSRF
• Require group admin access to list pending invites
• Do not export and import repository_size_limit
• Escapes MR approval rule names correctly
• Disable exporting pipeline triggers on project export
• Add pagination to dependencies API GitLab Enterprise Edition
• Filter shared groups autocomplete by permitted GitLab Enterprise Edition
• Apply account locking to password reset page
• Verify state before using errors from OAuth2 OmniAuth providers
• Fix GFM autocomplete xss
• Remove related project access tokens when a project is deleted
• Do not allow status checks to exist with external protected branches GitLab Enterprise Edition
• Permission check issuable template API data GitLab Enterprise Edition
• Require access token for git when 2fa is required
• Prohibit anonymous access for specific user API endpoint
• Respect disabled import sources when initiating import via API
• Prevent showing not allowed subgroup epics GitLab Enterprise Edition
• Prevent moving epic issues to different group hierarchy GitLab Enterprise Edition
• Fix denial-of-service attack in Markdown parser
• Enforce configured scopes for Oauth applications

Performance (27 changes)

• Set X-Requested-With for startup JS requests (merge request)
• Use Group linear ancestor scopes (merge request) GitLab Enterprise Edition
• Skip secure product metrics in service ping (merge request) GitLab Enterprise Edition
• Clean up failed archive when no more attempts left (merge request)
• Render gitaly-unavailable error for Tags page (merge request)
• Enable FF "reference_cache_memoization" by default (merge request)
• Enable FF "tags_finder_gitaly" by default (merge request)
• Quarantine broken security_products_usage metrics (merge request) GitLab Enterprise Edition
• Preload user project access in group API (merge request)
• User ParticipantService linear ancestor scopes (merge request)
• Use GroupPlansPreloader linear ancestor scopes (merge request) GitLab Enterprise Edition
• Use specialized worker to refresh authorizations on group-share update (merge request)
• Disable BatchLoader replace_methods by default (merge request)
• Avoid loading project namespace for id (merge request)
• Use MembersFinder ancestors linear scopes (merge request)
• Use ApplicationSetting ancestors linear scopes (merge request) GitLab Enterprise Edition
• Disable replace_methods in users autocomplete (merge request)
• Remove priority sort from board list issues (merge request)
• Use GroupTree ancestors linear scopes (merge request)
• Replace Group ancestors scope with linear version (merge request)
• Add concurrent index for selecting resource_group from ci_builds (merge request)
• Skip keep_around commit callback if skip_keep_around_commits is true (merge request)
• Add index for vulnerability_occurrences image location (merge request)
• Improve retrieving default branch of empty repos (merge request)
• Update pending builds namespace traversal ids (merge request)
• Use specialized worker to refresh authorizations on project transfer (merge request)
• Add a uniq filter to SHAs passed to the keep around service (merge request)

Other (41 changes)

• Remove feature flag for pipeline editor drawer (merge request)
• Improve UX of group two factor grace period input (merge request)
• Remove metrics that keeps count of deleted container images by @edith007 (merge request) GitLab Enterprise Edition
• Remove metric that keeps track of published Debian packages by @edith007 (merge request) GitLab Enterprise Edition
• Remove the FF ci_idempotent_pipeline_process_worker (merge request)
• Remove metric that keeps track of downloaded container images by @edith007 (merge request) GitLab Enterprise Edition
• Add Google Analytics ID to gitlab_standard schema for snowplow (merge request)
• Remove metric that keeps track of published container images by @edith007 (merge request) GitLab Enterprise Edition
• Remove the FF ci_include_rules (merge request)
• Always use rate limiting Redis (merge request)
• Cleanup delete orphaned deployments background migration (merge request)
• Remove feature flag disable_joins_upstream_downstream_projects (merge request)
• Do not append hash to pseudonymized URL (merge request)
• Remove test summary widget usage ping feature flag (merge request)
• Remove sync_namespace_name_with_cdot flag (merge request)
• Set assumeImmutableResults to true in access tokens Apollo config by @imrishabh18 (merge request)
• Remove unused struct field (merge request)
• Re Reschedule Delete Orphaned Deployments BG migration (merge request)
• Refactor compliance framework UI and documentation (merge request) GitLab Enterprise Edition
• Remove the FF ci_pipeline_add_job_with_lock (merge request)
• Remove project authorizations API FF (merge request)
• Revise UI text for Usage Statistics (merge request)
• Removes track_epic_boards_activity feature flag (merge request)
• Remove pages_smart_check_outdated_sha feature flag (merge request)
• Additional tests of #work_in_progress? (merge request)
• Use varchar_pattern_ops indexes for labels (merge request)
• Update runner status descriptions (merge request)
• Make build_id param as required when updating CI minutes async (merge request) GitLab Enterprise Edition
• Remove FF ci_remove_update_retried_from_process_pipeline (merge request)
• Filter Welcome to GitLab console message from capybara by @leetickett (merge request)
• Remove redundant index on taggings table (merge request)
• Update additional CI minute docs (merge request)
• Drop old int4 PK column for push_event_payloads (merge request)
• Drop old int4 PK column for events (merge request)
• Remove foreign key from terraform_state_versions to ci_builds (merge request)
• Drop old int4 PK columns for ci_sources_pipelines (merge request)
• Drop old int4 PK columns for ci_job_artifacts (merge request)
• Cleanup bigint conversion for ci_builds_metadata (merge request)
• Remove pipeline foreign keys from package tables (merge request)
• Cleanup bigint conversion for ci_builds (merge request)
• Drop support for data-track-event (merge request)

14.3.6 (2021-12-03)

No changes.

14.3.5 (2021-11-26)

Fixed (6 changes)

• Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition
• Geo - Fix no repo error message for group-level wikis (merge request) GitLab Enterprise Edition
• Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
• Fix error 500 loading branch with UTF-8 characters with performance bar (merge request)
• Remove defaultAuthors from MR Analytics and VSA (merge request)
• Allow SSO callbacks through maintenance mode (merge request) GitLab Enterprise Edition

14.3.4 (2021-10-28)

Security (13 changes)

• Highlight usage of unicode bidi characters (merge request)
• Fix dompurify.js to prevent path traversal attacks (merge request)
• Refresh authorizations on transfer of groups having project shares (merge request)
• Do not allow Applications API to create apps with blank scopes (merge request)
• Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
• Workhorse: Allow uploading only a single file (merge request)
• Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
• Respect visibility level settings when updating project via API (merge request)
• Avoid decoding the whole tiff image on isTIFF check (merge request)
• Adding a '[redacted]' to mask private email addresses (merge request)
• Do not display the root password by default (merge request)
• Set PipelineSchedules to inactive (merge request)
• Remove external_webhook_token from exported project (merge request)

14.3.3 (2021-10-12)

Fixed (3 changes)

• Disable caching of MergeToRefService call in mergeability check (merge request)
• Fix 2FA setup for users with no password (merge request)
• Fix dependency proxy image prefix (merge request)

14.3.2 (2021-10-01)

Fixed (1 change)

• Update GitLab Shell to v13.21.1 (merge request)

Changed (1 change)

• Remove async_filtering feature flag (merge request)

14.3.1 (2021-09-30)

Security (29 changes)

• Fix permissions check on project members import (merge request)
• Require password param for 2FA changes (merge request)
• Respect disabled import sources when initiating import via API (merge request)
• Return 404 if model id wasn't passed to UploadsController (merge request)
• Scrub artifacts signed URL in SendEntry logs (merge request)
• Prevent double-impersonation and impersonation breakout (merge request)
• Clear session access tokens when starting/stopping impersonation (merge request)
• Prevent users from bypassing 2FA on certain pages (merge request)
• Use validated URL when sending request to Gitea Importer (merge request)
• Fix XSS in Jira link (merge request) GitLab Enterprise Edition
• Fix fogbugz importer DNS Rebind SSRF (merge request)
• Remove related project access tokens when a project is deleted (merge request)
• Require group admin access to list pending invites (merge request)
• Do not export and import repository_size_limit (merge request)
• Escapes MR approval rule names correctly (merge request)
• Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
• Require access token for git when 2fa is required (merge request)
• Prohibit anonymous access for specific user API endpoint (merge request)
• Disable exporting pipeline triggers on project export (merge request)
• Add pagination to dependencies API (merge request) GitLab Enterprise Edition
• Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
• Permission check issuable template API data (merge request) GitLab Enterprise Edition
• Apply account locking to password reset page (merge request)
• Enforce configured scopes for Oauth applications (merge request)
• Verify state before using errors from OAuth2 OmniAuth providers (merge request)
• Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
• Fix GFM autocomplete xss (merge request)
• Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
• Fix denial-of-service attack in Markdown parser (merge request)

14.3.0 (2021-09-21)

Added (111 changes)

• Add organizations update mutation to GraphQL by @leetickett (merge request)
• Auto-scope board to iteration cadence (merge request)
• Decouple project runners queuing query from projects table (merge request)
• Add owner validation for project namespaces (merge request)
• Add ProjectNamespace model and DB relationships (merge request)
• Upgrade Pages to 1.44.0 (merge request)
• Add docs on how to use AWS server side encryption for backups (merge request)
• Persist projects configured to use an Agent (merge request)
• Enable Pages replication with Geo by default (merge request) GitLab Enterprise Edition
• Address the PK Overflow risk for the ci_build_needs - Step 3 (merge request)
• Extend marginalia to provide db_config_name (merge request)
• Enable Roadmap daterange presets (merge request) GitLab Enterprise Edition
• Test project namespace is destroyed with project_namespace.rb (merge request)
• Add DastSiteValidations status filter (disabled) (merge request) GitLab Enterprise Edition
• Allow using inherited description templates on service desk (merge request) GitLab Enterprise Edition
• Gitaly repository tree keyset pagination (merge request)
• Sort scoped labels first in issuable sidebar by @leetickett (merge request)
• Enable surfacing false positives for vulnerabilities (merge request)
• Remove related todos when a design is archived (merge request)
• Updated vendored cluster management project tpl (merge request)
• Configure the sidekiq job limits through settings (merge request)
• GraphQL for dependency proxy ttl policies (merge request)
• Track CI minutes usage on a monthly basis (merge request) GitLab Enterprise Edition
• Added connectivity status to Kubernetes Agents (merge request) GitLab Enterprise Edition
• Display icon for hidden issues on group/project issue boards (merge request)
• Add milestoneWildcardId to board issues graphQL endpoint (merge request)
• Support multiple dbs in MigrationHelpers (merge request)
• Add unauthenticated API throttle settings to admin area (merge request)
• Apply throttling settings for unauthenticated API requests (merge request)
• Add throttle_unauthenticated_api_* columns to application settings (merge request)
• Track resolving a thread through a new issue action (merge request)
• Reject pending approval users via API (merge request)
• Add connected agents to cluster agents GraphQL response (merge request) GitLab Enterprise Edition
• Introduce max saml message size setting (merge request) GitLab Enterprise Edition
• Add group contacts query to GraphQL by @leetickett (merge request)
• Merge branch '322839-dp-graphql-image-prefix' into 'master' (merge request)
• Enable ci_build_tags_limit by default (merge request)
• Reimplement tree pagination for Rugged (merge request)
• Address the PK Overflow risk for the ci_build_trace_chunks - Step 3 (merge request)
• Address the PK Overflow risk for the ci_builds_runner_session - Step 3 (merge request)
• Apply throttling settings to Files API (merge request)
• Add more details to Protected Branches Audit Events by @adrien.gooris (merge request) GitLab Enterprise Edition
• Allow sorting issues by their title by @espadav8 (merge request)
• Added filter bar to project VSA (merge request)
• Track CI minutes notifications for new monthly tracking (merge request)
• Support refname in external repo CI configuration by @jspricke (merge request)
• Keyset pagination for Groups API (merge request)
• repository: Always use ListBlobs() to enumerate new blobs (merge request)
• Add latest column into security_scans table (merge request)
• Add not filters for MR Analytics (merge request) GitLab Enterprise Edition
• Validate user website_url (merge request)
• Adding terraform fmt to the Terraform template by @willianpaixao (merge request)
• Address the PK Overflow risk for the ci_sources_pipelines - Step 3 (merge request)
• Added /unapprove quick-action by @lzampier (merge request) GitLab Enterprise Edition
• Split diff commit migrations into smaller chunks (merge request)
• Add hidden field to GraphQL Issue type (merge request)
• Add ProjectNamespace model and DB relationships (merge request)
• Add dependency proxy image prefix to group type (merge request)
• Backfill projects with CI coverage usage (merge request)
• Add Mailgun endpoint for receiving permanent failures (merge request)
• Clean up group_level_protected_environments feature flag (merge request)
• Add paginated tree graphQL query (merge request)
• Auto-DevOps: respect deploy freezes (merge request)
• Add new VSA partitioned tables (merge request)
• Readding state column for members table (merge request)
• Address the PK Overflow risk for the ci_job_artifacts - Step 3 (merge request)
• Add organizations to GraphQL by @leetickett (merge request)
• Mark the PostReceive worker as idempotent (merge request)
• Added connectivity status to Kubernetes Agents (merge request) GitLab Enterprise Edition
• Use Gitaly API to sort tags (merge request)
• Promote continuous onboarding A variant (merge request)
• Allow support for description lists in content editor (merge request)
• Support AWS SSE-KMS in backups (merge request)
• Add new methods to support the PK migration - STEP 3 (merge request)
• Add ability to Delete Freeze Periods by @jayaddison (merge request)
• Add DevOps Adoption Overview table (merge request) GitLab Enterprise Edition
• Render video in content editor by @leetickett (merge request)
• Upgrade GitLab Pages to 1.43.0 (merge request)
• Requirement migration: Sync title and description changes (merge request) GitLab Enterprise Edition
• Render audio in content editor by @leetickett (merge request)
• Adds k8s 1.20 to EKS list (merge request)
• API: Add endpoint to reset runner registration token by @KyleFromKitware (merge request)
• Add personalization questions to group creation (merge request)
• Fix unban specs (merge request)
• Log backtrace when SAVEPOINT is discovered (merge request)
• Improve serialization of content editor extensions (merge request)
• Removes load_balancing_for_expire_job_cache_worker FF (merge request)
• Enable the FF ci_include_rules by default (merge request)
• Allow arbitrary html tags in content editor (merge request)
• Expose web_url to Compare API endpoint (merge request)
• Add configure integrations button to project view (merge request)
• Steal pending merge request diff commit user jobs (merge request)
• Database work to support inherited templates on service desk (merge request)
• Add param to allow scoped caching of Repo#merge_to_ref (merge request)
• Allow to create epic from ancestor board (merge request) GitLab Enterprise Edition
• BG migration for populating stage event hash (merge request)
• Add VulnerabilityCreate GraphQL mutation (merge request) GitLab Enterprise Edition
• Add direct group dependency proxy env variable (merge request)
• Persist groups configured to use an Agent (merge request)
• Test case return 404 instead of 500 error (merge request) GitLab Enterprise Edition
• Add approvalRules to MergeRequest GraphQL API (merge request) GitLab Enterprise Edition
• Add Files API throttling to application settings (merge request)
• Add support for fetching merge requests via RSS / Atom by @kingjan1999 (merge request)
• Enable new vulnerability report project filter by default (merge request)
• Allow title attribute in elements in content editor (merge request)
• Allow editing the structure of tables (merge request)
• Adds a button to retry a failed migration (merge request)
• Add system note for issue type changes (merge request)
• Add contacts table and model by @leetickett (merge request)
• Add oncall_users to oncall schedule Graphql type (merge request) GitLab Enterprise Edition
• Add gauge metric on ci queue size (merge request)

Fixed (120 changes)

• Fix AddUpvotesToMergeRequests migration (merge request) GitLab Enterprise Edition
• Add yAxis formatter (merge request)
• Fix composer package version regex by @leopold.jacquot (merge request)
• Use configurable page size for jobs in stages (merge request)
• Fix for approval check popover bug (merge request) GitLab Enterprise Edition
• Shorten session TTL of anonymous blob access (merge request)
• Makes kubectl annotate work in Helm 2to3 migration Jobs by @erik.forsberg (merge request)
• Use the correct project path in generated KUBECONFIG file (merge request) GitLab Enterprise Edition
• Removes cleanup job from Terraform.latest (merge request)
• Geo Nodes - Fix flex alignment (merge request) GitLab Enterprise Edition
• Do not cache user email from github if email is nil/private (merge request)
• Change non-breaking space to space in email by @scootergrisen (merge request)
• Add metric to service ping if has defintion (merge request)
• Open reply box on resolved design discussions (merge request)
• Add GraphQL type for agent metadata (merge request) GitLab Enterprise Edition
• Include author in commit message from core team community members by @leetickett (merge request)
• Refactor the helm presenter (merge request)
• Prevent vuln table header from cutting off dropdown (merge request) GitLab Enterprise Edition
• Only render "No artifacts found" when not loading (merge request)
• Upgrade fog-aws to v3.12.0 (merge request)
• Fix Geo Pages replication for selective sync (merge request) GitLab Enterprise Edition
• Dynamically read pool sizes for LB configurations (merge request)
• tags: Always enable fix for verification of long tag messages (merge request)
• Fix editing network policies without policy management project (merge request) GitLab Enterprise Edition
• Fix not being able to delete unparseable policies (merge request) GitLab Enterprise Edition
• Check if root ancestor has an active trial (merge request)
• Fix text ellipsis on linked issues/MRs (merge request)
• Fix overlap of error message and sidebar on boards (merge request)
• Use global ids when updating board scope (merge request) GitLab Enterprise Edition
• Fix displaying label text in labels dropdown in dark mode (merge request)
• Don't release primary connections in the DB LB (merge request)
• Add epic board scope to newly created epic (merge request) GitLab Enterprise Edition
• Invalidate ES namespace cache when transferring groups (merge request) GitLab Enterprise Edition
• Use SafeRequestStore in the DB LB (merge request)
• Fix display of relative/absolute time in PAT and deploy token tables (merge request)
• Symbolize load balancer configuration keys (merge request)
• Fix GitHub Importer outdated diff notes not showing (merge request)
• Fix Elastic::MigrationWorker current_migration (merge request) GitLab Enterprise Edition
• Fix comments cutting off the left side of wide characters (merge request)
• Make group and project fields fullPath argument case-insensitive (merge request)
• Prevent opening sidebar when clicking on board card title (merge request)
• Do not cache .terraform.lock.hcl (merge request)
• Prevent creation of too long file name (merge request)
• Ensure Milestones Are Displayed With Few Results (merge request)
• Replace vsa stage slug with id (merge request) GitLab Enterprise Edition
• Load config variables from external project (merge request)
• Fix creating issue in milestone list (merge request) GitLab Enterprise Edition
• Fix header order in CI/CD pipeline's job tab by @JonstonChan (merge request)
• Make RepositoryUpdateMirrorWorker idempotent (merge request)
• Fix selected for User#commit_email input (merge request)
• Allow additional minute transfer for Users (merge request) GitLab Enterprise Edition
• Fix labels applied to a wrong issue (merge request)
• Max width for sidebar dropdown widgets (merge request)
• Fix yaml viewer padding not changing color (merge request) GitLab Enterprise Edition
• Remove paste event listener on destroy (merge request)
• Fix formatting bubble menu in Content Editor (merge request)
• Fix group membership CSV export for invited users (merge request)
• Remove table-layout: fixed style from the tree table of files (merge request)
• Remove the existing duplicates of DastSiteTokens (merge request)
• Update Audit Logging for Feature Flags (merge request)
• Error on newlines in sidekiq-cluster arguments (merge request)
• Reduce DA pagerefresh rate (merge request) GitLab Enterprise Edition
• Fix security report schema validation (merge request) GitLab Enterprise Edition
• Fix disappearing badge in commit image thread edit (merge request)
• Fix - Some users cannot move issues in epic swimlanes (merge request) GitLab Enterprise Edition
• Logged out users can view public group epic boards (merge request) GitLab Enterprise Edition
• Reschedule 'ExtractProjectTopicsIntoSeparateTable' post migration by @wwwjon (merge request)
• Update relative positions on querying board issues (merge request)
• Patch grape-entity to prevent having NameError loop (merge request)
• Catch Helm invalid versions by @sathieu (merge request)
• Fix broken image for runner templates (merge request)
• Disallow editing the environment name (merge request)
• Fix visibility reference check (merge request)
• Add missing graphQL ids (merge request)
• Don't override setup_for_company in subscription flow (merge request)
• Skip highlighting cache for diffs with unsupported characters (merge request)
• Use the last Helm chart when downloading by @sathieu (merge request)
• Fix OrphanedInviteTokensCleanup migration (merge request)
• Fix downstream counter badge link (merge request) GitLab Enterprise Edition
• Only set User#commit_email with user input (merge request)
• Fix Connection#exists? when using the DB LB (merge request)
• Fix contributors detection in changelog generation (merge request)
• Downgrade grpc from 1.38.0 to 1.30.2 (merge request)
• Let non-members set confidential flag on issue (merge request)
• Fix displaying weight of 0 for issues in epic tree (merge request) GitLab Enterprise Edition
• Fix epic swimlanes list drag drop reordering (merge request) GitLab Enterprise Edition
• Show create-jira on pipeline and MR when enabled (merge request) GitLab Enterprise Edition
• Fix new project page in dark mode (merge request)
• Move service_desk_setting to CE in project import export by @leetickett (merge request)
• Add default option to notification_email input (merge request)
• Fix overflowing text in OmniAuth login buttons (merge request)
• Use binary property on the file object (merge request)
• Handle errors without causes (merge request)
• Fix bug validating EE project features (merge request)
• Fix Live Markdown Preview in personal and subgroup projects (merge request)
• Send rotation email inline when deleting user (merge request) GitLab Enterprise Edition
• Use type to detect password fields in integrations instead of name (merge request)
• Use dynamic mapping in trigger to sync integrations.type_new (merge request)
• Fix Epic bulk updates leaking to other epics (merge request) GitLab Enterprise Edition
• Drop un-used db/ci_migrate symlink (merge request)
• Fix getAction is undefined bug in Web IDE markdown files (merge request)
• Remove substransaction from wiki event creation (merge request)
• Fix namespace checks for live quota consumption (merge request) GitLab Enterprise Edition
• Fix project importers pagination issues (merge request)
• Use binary property on the file object (merge request)
• Fix links to Jira docs (merge request)
• Enable the FF ci_new_artifact_file_reader by default (merge request)
• Remove redundant callbacks, rely instead on validations (merge request)
• Fix tooltip on issue sidebar (merge request)
• Reduce the spacing of list items for Content Editor (merge request)
• Respect namespaces with unlimited minutes (merge request)
• Fix some edge cases with Content Editor serializing (merge request)
• Geo: Replicate wiki and design repository HEAD ref (merge request) GitLab Enterprise Edition
• Fix designCollection object after design is uploaded (merge request)
• Wrap pipeline artifact dropdown item names (merge request)
• Fix SSO SAML redirection not including query string (merge request)
• Add fix for 'old' file type (merge request)
• Fix invite url on invited emails (merge request)
• Track build minutes for disabled shared runners (merge request) GitLab Enterprise Edition
• Validate the uniqueness of pipeline variables (merge request)

Changed (109 changes)

• Reset notification level when CI minutes limit change (merge request) GitLab Enterprise Edition
• Associate successful DAST validations with sites (merge request) GitLab Enterprise Edition
• Use new code quality version 0.85.24-gitlab.1 (merge request)
• Add notice when runner projects are updated (merge request)
• Change DAST url download text to button (merge request) GitLab Enterprise Edition
• Update expired message for namespace (merge request) GitLab Enterprise Edition
• Measure image scaler duration for cached images (merge request)
• Use allowlist of allowed attributes for imported models (merge request)
• Migrate admin projects tabs styles (merge request)
• Rebalance issues relative position without transaction (merge request)
• Show project suffix input as disabled (merge request)
• Update board list settings drawer style (merge request)
• Set different session cookie for Geo secondaries (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
• Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition
• Update Devise sign_in path for Geo secondaries (merge request) GitLab Enterprise Edition
• Fix policy editor performance (merge request) GitLab Enterprise Edition
• Fix DORA deployment frequency in VSA (merge request)
• Clean up settings_block.vue (merge request)
• Don't allow anonymous users to search with text (merge request)
• Add migrations to swap ci_builds.id column (merge request)
• Fix policy preview for non-parseable policies (merge request) GitLab Enterprise Edition
• Add CI/CD variables for Auto Build and Auto Deploy image versions (merge request)
• Update parser gem to 3.0.2.0 (merge request)
• Disable Sendfile interface for serving Sidekiq Web assets (merge request)
• Enable updated delete branch modal styles (merge request)
• Add worker_class argument to Sidekiq queues APIs (merge request)
• Change Ci::Minutes:AdditionalPack text limit (merge request) GitLab Enterprise Edition
• Remove package_details_apollo feature flag (merge request)
• Add migrations to swap ci_builds.id column (merge request)
• Add abuse actions to account lock email text (merge request)
• Security MR-widget: Clarify dismissed state (merge request) GitLab Enterprise Edition
• Default on policies feature flag (merge request) GitLab Enterprise Edition
• Update UI text for artifacts expiration setting (merge request)
• Use GlAlert instead of a custom alert class (merge request) GitLab Enterprise Edition
• Generate iids with implicit locking by default (merge request)
• Update profile conflict message (merge request) GitLab Enterprise Edition
• Add a link to site profiles management (merge request) GitLab Enterprise Edition
• Use similarity sort in search project dropdown (merge request)
• Diff stats dropdown styling update due to migration to GlDropdown (merge request)
• Update CODEOWNERS - Marcia - Configure (merge request)
• Review group general settings (merge request)
• Update UI text and link for variable warning (merge request)
• Retry archive if left in incomplete state (merge request)
• Remove File-By-File preference cookie (merge request)
• Add migration to swap ci_builds.stage_id column (merge request)
• Update Graphql dastProfileUpdate mutation to include Schedule (merge request)
• Support restoring repository backups in parallel (merge request)
• Roll back support for caching encoding detection (merge request)
• Allow to open table editing dropdown from headers (merge request)
• Rename throttle_unauthenticated_* attributes in application settings (merge request)
• Prepare the DB LB for always being enabled (merge request)
• Move group's "allow request access" to new section (merge request)
• Fix integer columns on new VSA table (merge request)
• Update GitLab User Doc for EKS supported version (merge request)
• Resize Jupyter images to fit within the parent box (merge request)
• Renders images on the repository of .ipynb files (merge request)
• Update help text for API Fuzzing Configuration (merge request) GitLab Enterprise Edition
• Eanble sort_by_project_users_by_project_authorizations_user_id FF (merge request)
• Move CI job token details to new page in CI docs (merge request)
• Improve UI text for maintenance mode (merge request)
• Update security policy editor rule button styling (merge request) GitLab Enterprise Edition
• Show up to 200 jobs per CI stage (merge request)
• Update project/clusters/ CODEOWNERS (merge request)
• Zoom into design image upto 100% of actual size (merge request)
• Adds DB fixtures to create base work item types (merge request)
• Add configurable maximum YAML file size and depth by @discinaround (merge request)
• Add customized README file when creating new Security Policy Project (merge request) GitLab Enterprise Edition
• Remove ci_job_trace_force_encode feature flag (merge request)
• Add pipeline_artifacts_size to projectSatisticsType (merge request)
• Enable bulk_import feature flag by default (merge request)
• Update Geo node to Geo site (merge request)
• Update to Ruby 2.7.4 (merge request)
• Group Settings CI/CD h4 expand by @quatauta (merge request)
• Catch all errors when processing Debian changes by @sathieu (merge request)
• Externalize messages on EKS settings page by @JonstonChan (merge request)
• Externalize page-title messages by @JonstonChan (merge request)
• Externalize add_to_breadcrumbs messages by @JonstonChan (merge request)
• Add warning to when converting runner to specific (merge request)
• Update incident management limits UI text (merge request) GitLab Enterprise Edition
• Scope i18n strings that are incorrectly unscoped by @JonstonChan (merge request)
• Unscope i18n strings that are incorrectly scoped by @JonstonChan (merge request)
• Externalize breadcrumb_title message by @JonstonChan (merge request)
• Externalize submit "Save changes" message by @JonstonChan (merge request)
• Use Gitlab::Ci::Lint in /ci/lint API endpoint (merge request)
• Require a LoadBalancer for service discovery (merge request)
• Only show tooltip on truncate (merge request)
• Remove scanner_type argument from GraphQL mutation (merge request) GitLab Enterprise Edition
• Remove runner "locked" toggle where not used (merge request)
• Fetch discussions using GraphQL (merge request)
• Prepopulate new issue with link to the parent by @smokris (merge request)
• Group Settings Default initial branch h4 expand by @quatauta (merge request)
• Always use SetFullPath RPC (merge request)
• Making cross-reference links distinctly visible (merge request)
• Pipeline Security: Rename "scanner" to "tool" (merge request) GitLab Enterprise Edition
• Set blocked Omniauth accounts to blocked_pending_approval by @vfazio (merge request)
• Stringify policy yaml response in scanExecutionPolicies graphql query (merge request) GitLab Enterprise Edition
• Improve error message for TransferService (merge request)
• Geo SSF: fix texting in admin area (merge request) GitLab Enterprise Edition
• Split for_project_paths into two queries (merge request)
• Migrate epic sidebar participants to widget (merge request) GitLab Enterprise Edition
• Remove the usage_data_design_action feature flag (merge request)
• Vulnerabilities CSV: Rename "scanner" to "tool" (merge request) GitLab Enterprise Edition
• Remove feature flags for DAST disable_joins (merge request) GitLab Enterprise Edition
• Migrate epic sidebar ancestors to widget (merge request) GitLab Enterprise Edition
• Disable Vulnerability Finding Link creation (merge request) GitLab Enterprise Edition
• Remove feature flag milestone_reference_pattern (merge request)

Deprecated (1 change)

• Consider repository_push_audit_events deprecated (merge request)

Removed (16 changes)

• Remove ci_templates_total_unique metrics (merge request)
• Disable method instrumentation initialization (merge request)
• Remove feature flag for env_vars_resource_group (merge request)
• Add migration to remove projects.container_registry_enabled (merge request)
• Update docs regarding pages legacy storage in 14.3 (merge request)
• Remove experience level functionality (merge request)
• Remove Markdown support for bio field (merge request)
• Remove FF load balancing for deployments hooks worker (merge request)
• Remove GitLab Pages legacy storage lease (merge request)
• Stop deploying GitLab Pages to legacy storage (merge request)
• Remove Clair deprecation warning (merge request) GitLab Enterprise Edition
• Remove feature flag gitaly_backup (merge request)
• Remove name parameter from pipeline finder (merge request)
• Remove seat_link_enabled from ApplicationSettings db table (merge request)
• Remove cloud_license_enabled database column (merge request)
• merge_request: Drop checks whether a squash is in progress (merge request)

Security (14 changes)

• OAuth Access Tokens generated by new applications have expiry (merge request)
• Sanitize emojis when reading from LocalStorage (merge request)
• Always include default config for DOMPurify (merge request)
• Deny access for repository coverage info for guests (merge request) GitLab Enterprise Edition
• Prevent non-admins from configuring Jira connect app
• Update apollo_upload_server dependency
• Ensure shared group members lose project access after group deletion
• Update Import/Export to use public email when mapping users GitLab Enterprise Edition
• Update mermaid to 8.11.5 by @bufferoverflow (merge request)
• Escape issue reference and title for Jira issues GitLab Enterprise Edition
• Fix stored XSS vulnerability in Datadog settings form
• Inherit user external status while creating project bots
• Require sign in for .keys endpoint on non-public instances
• Only create jira connect NS subscriptions for admins

Performance (43 changes)

• Add index for selecting resource_group from ci_builds (merge request)
• Perform FindTag RPC request for a single tag (merge request)
• Remove redundant permission checks for GraphQL job type (merge request)
• Avoid a duplicated SQL condition in the NPM metadata endpoint (merge request)
• Remove preload_repo_cache feature flag (merge request)
• Limit updates to Web Hook backoff interval (merge request)
• Fix N+1 in projects API (merge request)
• Remove cache_merge_to_ref_calls feature flag (merge request)
• Limit max pagination count for relations to 1000 (merge request)
• Batch loading of open issues count from Redis (merge request)
• Decrease WebHooks::LogExecutionWorker retries (merge request)
• Use specialized worker to refresh authorizations on group-share removal (merge request)
• Run UserRefreshFromReplicaWorker jobs on the replica db by default (merge request)
• push_rules: Implement bulk-checking of file sizes (merge request)
• Reduce DB queries when loading root_ancestor (merge request)
• Release cached merge_request show.json (merge request)
• Release diffs_batch cached rendering (merge request)
• Fix n+1 for award_emoji field when fetching epics (merge request) GitLab Enterprise Edition
• Remove pipeline variable unique validation (merge request)
• Splits up auto_cancelable_pipelines query, adds limit (merge request)
• Use linear version GroupsWithTemplatesFinder#extended_group_search (merge request) GitLab Enterprise Edition
• Use linear version ApplicationSettings#elasticsearch_limited_namespaces (merge request) GitLab Enterprise Edition
• Use linear version User#groups_with_developer_maintainer_project_access (merge request)
• Move vulnerability statistics update out of transaction (merge request) GitLab Enterprise Edition
• Use linear version of User#manageable_groups (merge request)
• Decrease epics, child epics and child issues max page size (merge request) GitLab Enterprise Edition
• Caching the protected branch check (merge request)
• Enable caching of MergeToRefService responses (merge request)
• Remove the npm_presenter_queries_tuning FF (merge request)
• Use linear version of User#membership_groups (merge request)
• Use linear version of groups_including_descendants_by (merge request)
• Optimize StuckCiJobsWorker running builds query (merge request)
• Use reference cache for iterations (merge request) GitLab Enterprise Edition
• Cache content_sha256 field for Files API (merge request)
• Eliminate N+1 queries for pipeline GraphQL endpoint (merge request)
• Upgrade grape-path-helpers to 1.7.0 (merge request)
• Remove safe_find_or_create_by! usage (merge request)
• Remove feature flag used to enable subtransactions counter (merge request)
• Remove safe_find_or_create_by! calls (merge request)
• checks: Always enable batched computation of commits (merge request)
• Never fetch more than 101 commits when processing a git push (merge request)
• Reduce Gitaly calls for keeping around refs of published notes (merge request)
• Use the ListCommits RPC, not CommitsBetween, when processing git push (merge request)

Other (56 changes)

• Remove optimized_issuable_label_filter flag (merge request)
• Snowplow event dictionary first run for Vue files (merge request) GitLab Enterprise Edition
• Add Snowplow event dictionary for Vue files (merge request) GitLab Enterprise Edition
• Remove track_all_ci_template_inclusions FF (merge request)
• Plain replace of track-event to track-action (merge request) GitLab Enterprise Edition
• Remove FF ci_daily_limit_for_pipeline_schedules (merge request)
• Remove FF ci_modified_paths_of_external_prs (merge request)
• Update the helm documentation (merge request)
• Finalize conversion to bigint for ci_builds_metadata (merge request)
• Add status columns to dependency proxy tables (merge request)
• Remove load performance widget usage data flag (merge request) GitLab Enterprise Edition
• Finalize conversion to bigint for taggings (merge request)
• Clean up feature flag for pipeline editor branch switcher (merge request)
• Track all CI template inclusions (merge request)
• Revert "Merge branch... (merge request)
• Remove the default enabled feature flag (merge request)
• Fix: update error budget documentation (merge request)
• Cleanup bigint conversion for geo_job_artifact_deleted_events (merge request)
• Cleanup bigint conversion for deployments (merge request)
• Cleanup bigint conversion for ci_stages (merge request)
• Remove use_insert_all_in_internal_id feature flag (merge request)
• Remove metrics report usage data feature flag (merge request) GitLab Enterprise Edition
• Remove the FF ci_fix_commit_status_retried (merge request)
• Remove bigint conversion triggers for events (merge request)
• Move usage_graph component to vue_shared folder (merge request)
• Prepare ci_builds swap indexes for async creation (merge request)
• Bump fast_gettext to the latest (merge request)
• Introduce versioned GitLab migration class (merge request)
• Remove bigint conversion triggers for push_event_payloads (merge request)
• Fix contextual help link and other minor improvements (merge request) GitLab Enterprise Edition
• Clean up :graphql_board_list feature flag (merge request)
• Revert "Merge branch 'stuck-ci-jobs-worker-optimize-running' into 'master'" (merge request)
• Cleanup used membership invites (merge request)
• Remove temp index on approval_project_rules (merge request)
• Add models for dependency proxy ttl policies (merge request)
• Bump prometheus-client-mmap to 14.0 (merge request)
• Update GitLab Shell to v13.21.0 (merge request)
• Remove enabled runner_graphql_query feature flag (merge request)
• Remove upsert_issue_metrics feature flag (merge request)
• Remove optimize_safe_find_or_create_by FF (merge request)
• Remove column from project_settings (merge request)
• Remove the "local file reviews" feature flag (merge request)
• Prepare async indexes for ci table int8 swaps (merge request)
• Remove store_mentions_without_subtransactions FF (merge request)
• Remove unused other_storage_counter (merge request)
• Remove enabled runner_detailed_view_vue_ui flag (merge request)
• Remove web performance widget usage data flag (merge request) GitLab Enterprise Edition
• Finalize conversion to bigint for events (merge request)
• Remove column from project_settings (merge request)
• Fix instrumentation meta method definition (merge request)
• Remove board_new_list feature flag (merge request)
• Prepare indexes on events for bigint column conversions (merge request)
• Remove track_unique_visits feature flag by @edith007 (merge request)
• Remove deprecated deployment workers by @edith007 (merge request)
• Remove the FF ci_reset_bridge_with_subsequent_jobs (merge request)
• Removes ci_same_stage_job_needs ff (merge request)

14.2.7 (2021-11-26)

Fixed (3 changes)

• Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition
• Remove defaultAuthors from MR Analytics and VSA (merge request)
• Let non-members set confidential flag when creating an issue in public project (merge request)

Changed (4 changes)

• Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
• Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition

14.2.6 (2021-10-28)

Security (13 changes)

• Highlight usage of unicode bidi characters (merge request)
• Fix dompurify.js to prevent path traversal attacks (merge request)
• Refresh authorizations on transfer of groups having project shares (merge request)
• Do not allow Applications API to create apps with blank scopes (merge request)
• Don't allow author to resolve discussions when MR is locked via GraphQL (merge request)
• Workhorse: Allow uploading only a single file (merge request)
• Group owners should see SCIM token only once (merge request) GitLab Enterprise Edition
• Respect visibility level settings when updating project via API (merge request)
• Avoid decoding the whole tiff image on isTIFF check (merge request)
• Adding a '[redacted]' to mask private email addresses (merge request)
• Do not display the root password by default (merge request)
• Set PipelineSchedules to inactive (merge request)
• Remove external_webhook_token from exported project (merge request)

14.2.5 (2021-09-30)

Security (28 changes)

• Require password param for 2FA changes (merge request)
• Fix permissions check on project members import (merge request)
• Respect disabled import sources when initiating import via API (merge request)
• Return 404 if model id wasn't passed to UploadsController (merge request)
• Scrub artifacts signed URL in SendEntry logs (merge request)
• Prevent double-impersonation and impersonation breakout (merge request)
• Clear session access tokens when starting/stopping impersonation (merge request)
• Use validated URL when sending request to Gitea Importer (merge request)
• Fix XSS in Jira link (merge request) GitLab Enterprise Edition
• Fix fogbugz importer DNS Rebind SSRF (merge request)
• Remove related project access tokens when a project is deleted (merge request)
• Require group admin access to list pending invites (merge request)
• Do not export and import repository_size_limit (merge request)
• Escapes MR approval rule names correctly (merge request)
• Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
• Require access token for git when 2fa is required (merge request)
• Disable exporting pipeline triggers on project export (merge request)
• Add pagination to dependencies API (merge request) GitLab Enterprise Edition
• Permission check issuable template API data (merge request) GitLab Enterprise Edition
• Apply account locking to password reset page (merge request)
• Enforce configured scopes for Oauth applications (merge request)
• Verify state before using errors from OAuth2 OmniAuth providers (merge request)
• Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
• Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
• Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
• Fix GFM autocomplete xss (merge request)
• Prohibit anonymous access for specific user API endpoint (merge request)
• Fix denial-of-service attack in Markdown parser (merge request)

14.2.4 (2021-09-17)

Fixed (2 changes)

• Fix Elastic::MigrationWorker current_migration (2nd attempt) (merge request) GitLab Enterprise Edition
• Removes cleanup job from Terraform.latest (merge request)

14.2.3 (2021-09-01)

Fixed (4 changes)

• Fix Live Markdown Preview in personal and subgroup projects (merge request)
• Fix OrphanedInviteTokensCleanup migration (merge request)
• Reset severity_levels default (merge request)
• Geo: Replicate multi-arch containers (merge request) GitLab Enterprise Edition

14.2.2 (2021-08-31)

Security (9 changes)

• Prevent non-admins from configuring Jira connect app (merge request)
• Only create jira connect NS subscriptions for admins (merge request)
• Update apollo_upload_server dependency (merge request)
• Ensure shared group members lose project access after group deletion (merge request)
• Update Import/Export to use public email when mapping users (merge request) GitLab Enterprise Edition
• Require sign in for .keys endpoint on non-public instances (merge request)
• Inherit user external status while creating project bots (merge request)
• Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
• Fix stored XSS vulnerability in Datadog settings form (merge request)

14.2.1 (2021-08-23)

Fixed (1 change)

• Drop un-used db/ci_migrate symlink (merge request)

Changed (2 changes)

• Reorder vuln check criteria (merge request) GitLab Enterprise Edition
• Don't override vulnerability feedback UUID anymore (merge request) GitLab Enterprise Edition

14.2.0 (2021-08-20)

Added (128 changes)

• Add missing Ci::Build graphql mutations (merge request)
• Introduce a table to store job trace metadata (merge request)
• Promote the contact_sales_btn_in_app experiment to product feature (merge request)
• Upgrade GitLab Pages to v1.42.0 (merge request)
• Enable the instance-level overrides feature (merge request)
• Add support for inline diff in content editor (merge request)
• Update security policies pipeline processor to support secret detection (merge request) GitLab Enterprise Edition
• Render references in content editor (merge request)
• Add copy feature to CI job page (merge request)
• Limit number of files per pages site (merge request)
• Added new user callout for the Terraform banner (merge request)
• Markdown Live preview for Source Editor (merge request)
• Create table zentao_tracker_data (merge request)
• Start tracking project ci feature usages (merge request)
• Add support for task list in content editor (merge request)
• Add support for subscript/superscript (merge request)
• Enable agent registration UI (merge request) GitLab Enterprise Edition
• Add support for meta tag DAST site validation (merge request) GitLab Enterprise Edition
• Include reply in email egenrated notes (merge request)
• Allow sorting merge requests by latest closed at (merge request)
• Enable seat usage export (merge request) GitLab Enterprise Edition
• Show artifact downloads for security reports (merge request)
• Expose integrated error tracking to services (merge request)
• Render emojis in the Content Editor (merge request)
• Add dependency link to package type (merge request)
• Enabled diff virtual scrolling by default (merge request)
• Enables ci_same_stage_job_needs by default (merge request)
• Remove agent_kubeconfig_ci_variable feature flag (merge request)
• Prune database partitions older than a retention period (merge request)
• Add vulnerabilities_allowed into rules (merge request) GitLab Enterprise Edition
• Add organizations table and model (merge request)
• Support setting Rails asset host via gitlab.yml (merge request)
• Disable project/group sharing when User Cap set (merge request)
• Expose timelogs in GraphQL query type (merge request)
• Enable ci_daily_limit_for_pipeline_schedules by default (merge request)
• Track changes in merge request approval settings in Audit Events (merge request) GitLab Enterprise Edition
• Store hashcode for VSA stage events (merge request)
• Remove ci_jobs_trace_size_limit feature flag (merge request)
• Index issues on project_id, state_id, created, id (merge request)
• Feat: enable report abuse button for snippets (merge request)
• Add tooltip to No Target text in corpus management (merge request)
• Remove code quality usage feature flag (merge request)
• Add severity_levels validation and usage (merge request) GitLab Enterprise Edition
• Add support for adding attachments in Content Editor (merge request)
• Add expired tokens alert to personal access tokens profile page (merge request) GitLab Enterprise Edition
• Show topics in the project list (merge request)
• Add pipeline iid dropdown (merge request)
• Mark completed jobs as successful (merge request)
• Add namespace field to User type in GraphQL (merge request)
• Add view pipeline button in pipeline editor (merge request)
• Add a bubblemenu for text format to Content Editor (merge request)
• Adds APIs and their specs to projectionist example file (merge request)
• Add rule_index to security_orchestration_policy_rule_schedules (merge request)
• Extend graphql repository with paginated tree field (merge request)
• Add support for security policy project for Projects::CreateService (merge request) GitLab Enterprise Edition
• Expose vulnerabilities_allowed (merge request) GitLab Enterprise Edition
• Deploy token access for the Dependency Proxy (merge request)
• Remove compare_repo_dropdown feature flag (merge request)
• Add mutation to change namespace shared runners setting (merge request)
• Add severity_levels into approval_project_rules (merge request)
• Add admin_verify track to in-product marketing emails (merge request)
• Add instance setting for delayed project deletion (merge request) GitLab Enterprise Edition
• Add Snowplow Tracking to Environment Actions (merge request)
• Finalize converting geo_job_artifact_deleted_events (merge request)
• Remove feature flag search_sort_issues_by_popularity (merge request)
• Cancel pipelines before deleting (merge request)
• Add structured logging to MergeRequestMergeabilityCheckWorker (merge request)
• Allow immediate deletion of groups (merge request) GitLab Enterprise Edition
• Add application and DB layer validations for flag_type uniqueness (merge request) GitLab Enterprise Edition
• Add pronunciation to GitLab profile page (merge request)
• Add trial_short track to in-product marketing emails (merge request)
• Deploy token access for the dependency proxy (merge request)
• Generate Debian component files for udeb and source files (merge request)
• Log deprecations to dedicated log file (merge request)
• Add button for reactivating/extending trial (merge request) GitLab Enterprise Edition
• Add secret_detection to security_orchestration_policy JSON schema (merge request) GitLab Enterprise Edition
• Add assigned issue and pending todo counts to /users_count API (merge request)
• GraphQL: Add sharedRunnersSetting to Group/Namespace (merge request)
• feat: Add environments survey alert (merge request)
• Allow Limitable to use override feature flag (merge request)
• Retain trigger time of alerts (merge request)
• Add mutation to lock/unlock project paths (merge request) GitLab Enterprise Edition
• Use non-predefined variables inside CI include blocks (merge request)
• Allow resetting issue labels (merge request)
• Exposed created_at to billable members API (merge request) GitLab Enterprise Edition
• Add pagination support for get_tree_entries RPC (merge request)
• Introduce AutoDeleteCronWorker for Environments (merge request)
• Enable DAST runner site validation by default (merge request) GitLab Enterprise Edition
• Return signature in InRelease and Release.gpg endpoints (merge request)
• Add pages_file_entries to plan_limits (merge request)
• Add the compliance framework label to group projects listing (merge request) GitLab Enterprise Edition
• Adds ProjectSetComplianceFramework GraphQL Mutation (merge request) GitLab Enterprise Edition
• Add timelog summary to time tracking report (merge request)
• Plug Debian SignDistributionService in GenerateDistributionService (merge request)
• Add team_short track to in-product marketing emails (merge request)
• Add Mailgun endpoint for receiving permanent failures (merge request)
• Render CSV parsing errors (merge request)
• Added state column to members table (merge request)
• Trial onboarding for trial registrations (merge request) GitLab Enterprise Edition
• Display pending user count when modifying user cap (merge request) GitLab Enterprise Edition
• Search for epics by iid if search starts with & (merge request) GitLab Enterprise Edition
• Add PyPI package endpoints for project and group path (escaped) (merge request)
• Add Debian API endpoint for deb, udeb, ... files (merge request)
• Support setting timelog summary via API (merge request)
• Geo: Add verification of snippet repositories (merge request) GitLab Enterprise Edition
• Add support for propagation correlation IDs from trusted CIDRs (merge request)
• Debian CRUD group distribution endpoints (merge request)
• Added error classes for specific backup rake task (merge request)
• Automatically resync verification failures (merge request) GitLab Enterprise Edition
• Add log count of active jobs (merge request)
• Add saml_provider_id query param to Users API (merge request) GitLab Enterprise Edition
• Add vulnerability_amount column (merge request)
• Add error tracking client key (merge request)
• Add a badge for project invite members (merge request) GitLab Enterprise Edition
• Expose security scanners in MR approval rules API (merge request) GitLab Enterprise Edition
• Add overridden_uuid column to security_findings (merge request)
• Add Jira Connect branches controller (merge request)
• Add signed_file to Debian distributions (merge request)
• Add new BulkImports endpoint to start new migration (merge request)
• Add service to sign Debian distribution (merge request)
• Implement Scheduling Logic for DAST On-demand Scheduler (merge request)
• Sync vulnerability rules (merge request) GitLab Enterprise Edition
• Add Fuzz Testing to DevOps Adoption (merge request) GitLab Enterprise Edition
• Removes mr_collapsed_approval_rules feature flag (merge request)
• Add descendantGroups field to Group type (merge request)
• Added user_cap_reached? to Group (merge request) GitLab Enterprise Edition
• Add security scanners column into (merge request)
• Save visited URL to recent searches and update weight token list (merge request)

Fixed (137 changes)

• Resolve layout issues in notes form (merge request)
• Set db name when creating connection with new pool size (merge request)
• Project reporters can drag cards in group board (merge request)
• Added ability to create assignee list of descendants (merge request)
• Merge branch 'dreedy-fix-application_experiment-publish_to_database' into 'master' (merge request)
• Run serivce discovery on load balancing configuration (merge request)
• Fix intermittent 'branch not found' errors when pushing creates an MR (merge request)
• Fix reference pattern for iterations (merge request) GitLab Enterprise Edition
• Include all available groups as import target (merge request)
• Allow to apply issue inherited templates using URL (merge request) GitLab Enterprise Edition
• Increase spacing between buttons to 8px (merge request)
• Noop migrations containing faulty SQL regex (merge request)
• Add migration to update ultimate trial plan limits (merge request)
• Fix Security::FindingsFinder to return only the latest findings (merge request) GitLab Enterprise Edition
• Reset oncall-schedule form on cancel or close (merge request) GitLab Enterprise Edition
• Do not run refresh_member_authorized_projects callback when importing (merge request)
• Resolve todo when resolve button is clicked (merge request)
• Hide notification warning for private comments (merge request)
• Remove broken "default" storage initialiser (merge request)
• When ordering epics by title, do so case-insensitively (merge request) GitLab Enterprise Edition
• Fix spacing between dropdowns in policy editor (merge request) GitLab Enterprise Edition
• Fix: Container repository geo syncs stuck in started state (merge request) GitLab Enterprise Edition
• Use sub-batches in BackfillIntegrationsTypeNew background migration (merge request)
• Always use the newest commit in a branch for push events (merge request)
• Fix mirror repo table buttons in _mirror_repos.html.haml (merge request)
• Optimize #latest_successful_for_refs method (merge request)
• Github Importer: Ensure to fail and log imports on exceptions (merge request)
• Delete backups/tmp after restore (merge request)
• Enable the feature flag by default (merge request)
• Fix due date tooltip on milestone in sidebar (merge request)
• Add Conan to filters (merge request) GitLab Enterprise Edition
• Move audit events promo illustration and update text (merge request) GitLab Enterprise Edition
• Delete private subgroups todos when removing member (merge request) GitLab Enterprise Edition
• fix: Regenerate locale/gitlab.pot (merge request)
• Remove class to fix dark mode readability (merge request)
• Fix adding or updating vulnerability history comments (merge request)
• checks: Fix combinatorial explosion in #commits_for() (merge request)
• Fix code block input rules (merge request)
• Fix N+1 database queries in pipeline databuilder (merge request)
• Ensure service discovery runs before results are used (merge request)
• fix: Update locale/gitlab.pot (merge request)
• Fix basic search full count load (merge request)
• Update Pikaday colors for dark mode (merge request)
• copy: Clarify gift card currency in copy (merge request)
• Fix connection search path being reset (merge request)
• Fix policy_editor environment picker (merge request) GitLab Enterprise Edition
• Hide reference path on project board cards (merge request)
• Restrict Runner.locked to project runners (merge request)
• Refactor the nuget package updater service (merge request)
• Fix UI of project topics popover (merge request)
• Handle some WebHookService errors (merge request)
• Fix group runner sort dropdown (merge request)
• Get branches from rules using rule_index for security policy (merge request) GitLab Enterprise Edition
• Fix environments regex for etag restful (merge request)
• Fix feature flag check for security policy project (merge request) GitLab Enterprise Edition
• Fix punctuation on help line (merge request) GitLab Enterprise Edition
• Fix pipeline status layout in pipeline editor (merge request)
• Fix the npm package already taken validator (merge request)
• Ensure SAML Group Sync runs anytime SAML Group Links exist (merge request) GitLab Enterprise Edition
• Delete test cases when migrating project to a free group (merge request) GitLab Enterprise Edition
• Conditionally render create project button (merge request)
• checks: Fix mismatch in #new_commits() signature (merge request)
• Use correct fingerprint values in recalculate finding UUIDs migration (merge request) GitLab Enterprise Edition
• Fix displaying the actual plan name on the billings page (merge request) GitLab Enterprise Edition
• Refactor stop environments service (merge request)
• Fix StoreReportService by falling back to find by location approach (merge request) GitLab Enterprise Edition
• Fix preloading unrelated associations for CommitStatus (merge request)
• Accept all 2xx HTTP responses when testing the Datadog integration (merge request)
• Refactor init logic of merge request options on project settings page (merge request)
• Enable the FF ci_modified_paths_of_external_prs (merge request)
• Code-Quality.gitlab-ci.yml: automatically clean-up docker container (merge request)
• Update min selectable number for subscription buy process (merge request) GitLab Enterprise Edition
• Make DbCleaner and BeforeAllAdapter to support many connections (merge request)
• feat: Add one more i18n translation string (merge request)
• Fix double escaping when clicking WebIDE button (merge request)
• Fix some button border colors in dark mode (merge request)
• Reschedule latest_pipeline_id population with all artifact types (merge request)
• feat: Fix environments survey i18n strings (merge request)
• Set latest_pipeline_id and mark project as vulnerable first (merge request) GitLab Enterprise Edition
• Fix assignee avatar tooltip w special char names (merge request)
• Geo Node Form Regression - Realitive URLs broken (merge request) GitLab Enterprise Edition
• Fix Stickiness to Match Unleash API (merge request)
• Use new and old paths instead of just the new path for diff batching (merge request)
• Continue code quality widget polling while parsing (merge request)
• Fix empty recursive query for base_and_ancestors (merge request)
• fix: Atom feed for commit list should point to path (merge request)
• Add missing Delete user and contributions action in admin user view (merge request)
• Replace the success btn with the confirm button (merge request)
• Run sync BuildFinishedWorker operations always before (merge request) GitLab Enterprise Edition
• Prevent weightSum to be updated on child epic fetch (merge request) GitLab Enterprise Edition
• Fix Review App Multiple Deletion API payload (merge request)
• Fix redirect loop when relative url root is blank (merge request)
• Fix backup.rake from trying to tar non-existent directories (merge request)
• Fix Ci::Artifactable#selective_sync_scope cross-join DBs (merge request) GitLab Enterprise Edition
• Use parent integration settings when reverting from custom settings (merge request)
• Adjust documentation paths (merge request)
• Rescue stuck resource groups (merge request)
• Decode square brackets with "queryToObject" (merge request)
• Advanced Search should index trials regardless of seats (merge request) GitLab Enterprise Edition
• Validate timezone presence on schedule creation form (merge request) GitLab Enterprise Edition
• Update timeout help page URLs in job sidebar (merge request)
• Fix dates being incorrectly set on epic creation (merge request) GitLab Enterprise Edition
• Fix contribution analytics MR closed count param (merge request) GitLab Enterprise Edition
• Fix alert positioning and content for oncall schedules page (merge request) GitLab Enterprise Edition
• Delete pipeline subscriptions when migrating project to a free group (merge request) GitLab Enterprise Edition
• Remove trial suffix from plan titles that include it (merge request) GitLab Enterprise Edition
• Fix "Remove" button in Slack app integration (merge request)
• Fix :admin_compliance_framework to only be true if the user is an owner (merge request) GitLab Enterprise Edition
• Fix SAML SSO login redirects not working (merge request) GitLab Enterprise Edition
• Fix Error 500 viewing pipelines with invalid UTF-8 data (merge request)
• Map jira users for server version by 'key' attribute (merge request)
• Fix missing CSS variables in Darkmode (merge request)
• Fix whats new top positioning with system-header and performance-bar (merge request)
• GithubImporter: match user by external id only from github.com (merge request)
• Hide edit severity btn for users without permissions (merge request)
• Fix group level vulnerability permissions (merge request) GitLab Enterprise Edition
• Ignore searching in full path in GroupsFinder (merge request)
• Fix 400 errors not being logged in multipart middleware (merge request)
• Fix subgroup epic path on epic boards (merge request) GitLab Enterprise Edition
• Remove extra margin above issue navigation tabs (merge request)
• Activate correct nav item for Admin::LicensesController (merge request) GitLab Enterprise Edition
• Prevent terms from being created if blank (merge request)
• Delete PATs when transfering project to a free group (merge request) GitLab Enterprise Edition
• Fix epic tab dropdown menu overlay on mobile (merge request) GitLab Enterprise Edition
• Use the correct text for tooltip (merge request)
• Fix audit events empty space (merge request) GitLab Enterprise Edition
• Extend basic authentication detection for rate limiting (merge request)
• Fix labels dropdown causing form submission (merge request)
• Fix: Sidekiq workers delete each other's metrics (merge request)
• Drop invalid UTF-8 when displaying in job logs (merge request)
• Fix spam checking to consider updater of issue instead of author (merge request)
• Return error when moving issues between not authorized lists (merge request)
• Look up SSH keys by SHA256 fingerprint, not MD5 fingerprint (merge request)
• Skip already downloaded LFS objects in mirror updates (merge request)
• Bump gitlab-omniauth-openid-connect to v0.8.0 (merge request)
• Better links on the subscription details page (merge request) GitLab Enterprise Edition
• Allow group bot to http authenticate (merge request)

Changed (117 changes)

• Update create merge request button on last push event (merge request)
• Deprecate Secure user scan metrics (merge request) GitLab Enterprise Edition
• Move sast latest template to stable (merge request)
• Migrate epic sidebar todo button to widget (merge request) GitLab Enterprise Edition
• Remove optional languge from Compliance framework label (merge request)
• Add empty artifacts message (merge request)
• Flatten CI config rules (merge request)
• Provide more information in design version selector (merge request)
• Set immutable results to true (merge request)
• Renames the Base terraform template jobs for better scaling (merge request) GitLab Enterprise Edition
• Remove CI builds for test and staging stages in VSA (merge request)
• Update Auto DevOps' auto-deploy-image to v2.12.0 (merge request)
• Remove protocol from Dependency Proxy UI (merge request)
• Replace plain text application secret with copy button (merge request)
• Improve button layout (merge request)
• Open addon purchase in the same window (merge request) GitLab Enterprise Edition
• Remove efficient_counter_attribute flag (merge request)
• Updated message on DevOps Adoption Report (merge request) GitLab Enterprise Edition
• Move issue_type enum to WorkItem::Type base_type (merge request)
• Add group value stream metrics UI to project VSA (merge request)
• Count epics against issue creation rate limit (merge request) GitLab Enterprise Edition
• Migrate Markdown Editor toolbar buttons to GlButton (merge request)
• Change date time formatting for corpus managment (merge request)
• Global Search - Add spacing/border to code results (merge request)
• Standarize board column highlight style (merge request)
• Added linked pipelines to commit (merge request) GitLab Enterprise Edition
• Update nothing-here-block to utilize Pajamas spacing scale (merge request)
• Show due date in gray when issue is closed in issues list (merge request)
• Refactor the Ci::Minutes::Additional pack service (merge request) GitLab Enterprise Edition
• Enable ci_skip_before_parsing_yaml by default (merge request)
• Added cloneDeep to prevent mutating cache (merge request)
• Don't show due date in red on epic related issues if issue is closed (merge request)
• Deprecate build trace sections tables by renaming (merge request)
• Return API error when inviting restricted email (merge request) GitLab Enterprise Edition
• Migrate md header buttons to gl-buttons (merge request)
• Removed dependency on $ from the highlighter (merge request)
• Show tax line even when tax has zero amount (merge request) GitLab Enterprise Edition
• Update design management wording in activity feed (merge request)
• Revert Dependency Proxy permission (merge request)
• Placeholder for "Number of employees" in trial (merge request) GitLab Enterprise Edition
• Allow 10% overage for true-ups when uploading a license (merge request) GitLab Enterprise Edition
• Prepare On-Demand DAST for CI sharding initiative (merge request)
• Move DevOps Score callout to Vue (merge request)
• Change Evidence Supporting Messages to array (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Make ci_structure.sql to be equal (merge request)
• Add deployment_id to deployment payloads (merge request)
• Allow downloading archives using PRIVATE-TOKEN (merge request)
• Global Search - Track top nav searches (merge request)
• Allow licenses with a 10% overage of users for renewals (merge request) GitLab Enterprise Edition
• Render base path error based on report status (merge request)
• Backfill type_new column on integrations (merge request)
• Configure Elasticsearch Ruby client without retry by default (merge request) GitLab Enterprise Edition
• Update copy in account recovery settings global alert (merge request)
• Allow setting of container registry visibility in project settings UI (merge request)
• Add Gitlab::GithubImport::Logger with default values (merge request)
• Expose iid in the pipelines entity (merge request)
• Added a hack to set labels (merge request)
• Update terms of service docs and UI text (merge request)
• Allow usage of severity quickaction on create (merge request)
• Implement JWT for customers-dot proxy (merge request)
• Use 'branch' icon instead of 'fork' (merge request)
• Remove dataBackground property from chart (merge request)
• Update UI help links (merge request) GitLab Enterprise Edition
• Update runner description text (merge request)
• Handle int and bigint namespaces.id column (merge request)
• copy: Update survey callout text (merge request)
• Changed the column order in the jobs table (merge request)
• Add field validations for Finding Evidence models (merge request) GitLab Enterprise Edition
• Use gitaly-backup for repository backups by default (merge request)
• Enhance UX on Environment Form with Loading Icon (merge request)
• Include retried jobs in pipeline payloads for Datadog integration (merge request)
• Expose mergeRequestCounts for Issue GraphQL type (merge request)
• Hide pull mirror update time from guest visitors (merge request)
• Use feature flag for finding links (merge request) GitLab Enterprise Edition
• Unified preloading stylesheets (merge request)
• Promote source activity as the invite email body (merge request)
• Include deployment_tier to pipeline environment hook attributes (merge request)
• Imrpove model validation when adding spent time (merge request)
• Boards sidebar design tweaks (merge request)
• Make experiments API a filter of features API (merge request) GitLab Enterprise Edition
• Add filitering by issue type in issue boards (merge request)
• Fix alt tag on participant avatars (merge request)
• Use popovers for inline code quality (merge request) GitLab Enterprise Edition
• Update UI text for CI/CD settings (merge request) GitLab Enterprise Edition
• Use gitaly-backup for repository backups by default (merge request)
• Add request and response to SupportingMessage (merge request)
• Remove DOMPurify attribute sanitization (merge request)
• Update documentation to use compliance report not compliance dashboard (merge request) GitLab Enterprise Edition
• Make vulnerability-dismissal error more descriptive (merge request) GitLab Enterprise Edition
• Increase contrast for successful pipelines in charts (merge request)
• Add labels as search token in Jira issues list (merge request) GitLab Enterprise Edition
• Add linked pipelines to component (merge request) GitLab Enterprise Edition
• ff: Remove :list_commits feature flag (merge request)
• flags: Drop fetch_remote_params feature flag (merge request)
• flags: Drop update_remote_mirror_inmemory feature flag (merge request)
• Migrate Edit Environments Form to Vue (merge request)
• Sort according to the field in Dependency List (merge request) GitLab Enterprise Edition
• Show minor ellipsis when loading large blobs (merge request)
• Polish tab count and create button in test cases (merge request) GitLab Enterprise Edition
• Edit Grafana UI text in admin area (merge request)
• Add link to GitLab Changelog With Version Check (merge request)
• The readme checkbox for new projects is checked by default (merge request)
• Add linked pipelines to component (merge request)
• Move the compliance framework selector to a new expandable section (merge request) GitLab Enterprise Edition
• Skip in-product marketing emails when on trial (merge request) GitLab Enterprise Edition
• Force user to re-enter integration password (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Remove prevent_retry_of_retried_jobs feature flag (merge request)
• Add dast-runner-validation to Secure-Binaries YAML (merge request) GitLab Enterprise Edition
• Fix missing amount in Contribution Analytics (merge request) GitLab Enterprise Edition
• Migrate New Environments Form to Vue (merge request)
• Allow updating merged results pipelines and merge trains via API (merge request)
• Handle team-managed (next-gen) Jira projects (merge request) GitLab Enterprise Edition
• Remove badge cache (merge request)
• Enable writes to CI builds metadata table by default (merge request)
• Nginx: modernise TLS config (merge request)

Deprecated (2 changes)

• Deprecate sorting vulnerabilities by title in GraphQL API (merge request) GitLab Enterprise Edition
• Deprecate container_registry_enabled in projects public API (merge request)

Removed (11 changes)

• Cleanup group empty state experiment (merge request)
• Remove devops_adoption_feature feature flag (merge request)
• Remove sec_dependency_scanning_ui_enable Feature Flag (merge request)
• Remove scan_execution_policy_ui feature flag (merge request) GitLab Enterprise Edition
• Drop FF load_balancing_for_pipeline_notification_worker (merge request)
• Remove the similarity_search feature flag (merge request)
• Remove unused Gitlab::Database::MultiThreadedMigration (merge request)
• Remove 'one_megabyte_file_size_limit' feature flag (merge request)
• Remove group invites from new user registration (merge request) GitLab Enterprise Edition
• Remove not_null constraint on project_fingerprint (merge request) GitLab Enterprise Edition
• Remove marketing email opt-in for self-managed (merge request)

Security (19 changes)

• Sanitize default branch name in repo settings (merge request)
• Add project member validation for domain limitation
• Hide project-level CI/CD Analytics for Guests
• Only allow invite to be accepted by user with matching email
• Add html escaping for default branch name
• Filter todos whose target users no longer have access to
• Configure OmniAuth to use GitLab AppLogger
• Add permissions check to pipelines#show action
• Prevent impersonation in gitlab-shell SSH certs
• Do not show email address in error message GitLab Enterprise Edition
• Disallow non-members to set issue metadata on issue create
• Prevent guests from linking issues with errors
• Block impersonation token use if it is not permitted
• Fix Protected Environment Accesses Cleanup GitLab Enterprise Edition
• Updates oauth to 0.5.6
• Remove impersonation token from api response for non-admin user
• Use oauth_app id instead of uid GitLab Enterprise Edition
• Restrict access to instance-level security features for reporters GitLab Enterprise Edition
• Fix XSS in Mermaid Markdown rendering

Performance (23 changes)

• Use common namespace ancestor queries (merge request)
• Do not use subtransactions when updating ci minutes usage (merge request)
• Avoid subtransaction in UserInteractedProject (merge request)
• Reduce N+1 Gitaly queries when publishing multiple draft notes (merge request)
• Memoize namespace monthly usage to reduce SQL queries (merge request)
• Include database load balancing for Deployments HooksWorker (merge request)
• Use default project filter for issue/merge request project searches (merge request)
• Improve raw blobs downloading (merge request)
• Use common namespace ancestor queries (merge request)
• Query multiple group descendants at once (merge request)
• Use new service to refresh authorizations of project members (merge request)
• Cache commit stats for a single commit (merge request)
• Query ActiveRecord::Relation descendants (merge request)
• checks: Speed up retrieving commits via quarantine directory (merge request)
• Reduce Markdown cache updates during deploy (merge request)
• Query ActiveRecord::Relation descendants (merge request)
• Reduce repaints on blame page (merge request)
• geo: Pass authentication header via #fetch_remote (merge request) GitLab Enterprise Edition
• Disable creating user mentions during import (merge request)
• Remove flag guarding batched computation of changes size (merge request)
• Move merge-request merge_pipeline to cached_widget (merge request)
• Optimize scanning for references process (merge request)
• Move versions icon to CSS (merge request)

Other (87 changes)

• Make commit and design user mention indexes unique (merge request)
• Add index on historical_data (recored_at) to improve queries (merge request)
• Fix and reschedule background migration (merge request)
• Finalize conversion of ci_stages.id to bigint (merge request)
• Reschedules migration for uuid recalculation (merge request)
• Remove pipelineGraphLayersView feature flag (merge request)
• Pass **kwargs to the conn. for LB defined methods (merge request)
• Remove subscribable_subscription_banner flag (merge request) GitLab Enterprise Edition
• Finalize conversion to bigint for ci_sources_pipelines (merge request)
• Remove ci_skip_before_parsing_yaml FF (merge request)
• Cleanup invalid membership invites (merge request)
• Rename GraphQL query resource from "instanceDashboard" to "instance" (merge request) GitLab Enterprise Edition
• Disable updating the historical vulnerability statistics by default (merge request) GitLab Enterprise Edition
• Rename strip_attributes method (merge request)
• Updating the description for ecosystem metric (merge request)
• Add ResetJobTokenScopeEnabledAgain migration (merge request)
• Remove by default enabled feature flag (merge request)
• Remove docs redirects raketask (merge request)
• Remove pipelineGraphLayersView feature flag (merge request)
• Remove jira_issue_association_on_merge_request feature flag (merge request) GitLab Enterprise Edition
• Finalize ci_job_artifacts conversion to bigint (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Include Puma worker PID in structured log (merge request)
• Denormalize ci_builds into security_scans (merge request) GitLab Enterprise Edition
• Bump factory_bot_rails for Ruby3 support (merge request)
• Additional namespace validation for AdditionalPack (merge request) GitLab Enterprise Edition
• Finalize job_id conversion to bigint for ci_job_artifacts (merge request)
• Use text links in MR approval settings section of UI (merge request) GitLab Enterprise Edition
• Remove jira_connect_create_branch feature flag (merge request)
• Refactor documentation links for SP disabled (merge request) GitLab Enterprise Edition
• Swap multiple_database_metrics FF for env var (merge request)
• Update limitations of members API docs (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" GitLab Enterprise Edition
• Remove runner_list_view_vue_ui feature flag (merge request)
• Update internal API docs (merge request)
• Finalize conversion to bigint for ci_builds_runner_session (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
• Finalize conversion to bigint for push_event_payloads (merge request)
• Finalize conversion to bigint for ci_build_needs (merge request)
• Refine Documentation pages URL UI and documentation (merge request) GitLab Enterprise Edition
• Prepare indexes for bigint column conversions (merge request)
• Revise UI text for PlantUML settings (merge request)
• Follow-up pass for renaming Usage Ping/Data (merge request)
• Finalize converting deployments to bigint (merge request)
• Remove the FF ci_wildcard_file_paths (merge request)
• Revise admin area Pages settings UI (merge request)
• Remove feature flag related to valid hosts list (merge request)
• Refactor timezone UI and documentation (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• For consistency do not use CSS calc for simple calculation of margin-top (merge request)
• Remove unused code (merge request) GitLab Enterprise Edition
• Reschedule Delete Orphaned Deployments BG migration (merge request)
• Finalize conversion to bigint for push_event_payloads (merge request)
• Finalize conversion to bigint for ci_build_trace_chunks (merge request)
• Remove gitlab_subscription_future_renewal feature flag (merge request) GitLab Enterprise Edition
• Remove dast_configuration_ui feature flag (merge request) GitLab Enterprise Edition
• Fix the offenses introduced by Style/RegexpLiteralMixedPreserve (merge request) GitLab Enterprise Edition
• Removes unused gitorious logos (merge request)
• Revised Package Registry settings text (merge request)
• Revert backfill on ci_build_trace_sections (merge request)
• Clean up evalute_protected_tag_for_release_permissions feature flag (merge request)
• Update service ping metric implementation guidelines (merge request)
• Add tracking events for the dependency proxy (merge request)
• Remove redundant indexes for devops adoption (merge request)
• Add area of focus to members (merge request)
• Fix up the docs warning detected by the vale latin term rule (merge request)
• Update help text in runner update form (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Log when a container repository is selected (merge request)
• Expose init aux viewer (merge request)
• Remove service templates (merge request)
• Remove merge_request_draft_filter feature flag (merge request)
• Remove unused cluster application logos (merge request)
• Update GitLab Runner Helm Chart to 0.31.0 (merge request)
• Revise UI text for Kroki settings (merge request)
• Add Chrome to Jira connect working browsers (merge request)
• Refactor polling interval multiplier configuration UI and docs (merge request)
• Add helpful text to URL group validation and limit text (merge request) GitLab Enterprise Edition
• Refactor external storage admin area configuration UI and docs (merge request)

14.1.8 (2021-11-15)

Fixed (1 change)

• Prevent Git operations from checking replication lag on non-Geo-secondary sites (merge request) GitLab Enterprise Edition

Changed (4 changes)

• Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
• Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition

14.1.7 (2021-09-30)

Security (28 changes)

• Require password param for 2FA changes (merge request)
• Fix permissions check on project members import (merge request)
• Respect disabled import sources when initiating import via API (merge request)
• Return 404 if model id wasn't passed to UploadsController (merge request)
• Scrub artifacts signed URL in SendEntry logs (merge request)
• Prevent double-impersonation and impersonation breakout (merge request)
• Clear session access tokens when starting/stopping impersonation (merge request)
• Use validated URL when sending request to Gitea Importer (merge request)
• Fix XSS in Jira link (merge request) GitLab Enterprise Edition
• Fix fogbugz importer DNS Rebind SSRF (merge request)
• Remove related project access tokens when a project is deleted (merge request)
• Require group admin access to list pending invites (merge request)
• Do not export and import repository_size_limit (merge request)
• Escapes MR approval rule names correctly (merge request)
• Filter shared groups autocomplete by permitted (merge request) GitLab Enterprise Edition
• Require access token for git when 2fa is required (merge request)
• Disable exporting pipeline triggers on project export (merge request)
• Add pagination to dependencies API (merge request) GitLab Enterprise Edition
• Permission check issuable template API data (merge request) GitLab Enterprise Edition
• Apply account locking to password reset page (merge request)
• Enforce configured scopes for Oauth applications (merge request)
• Verify state before using errors from OAuth2 OmniAuth providers (merge request)
• Prevent moving epic issues to different group hierarchy (merge request) GitLab Enterprise Edition
• Prevent showing not allowed subgroup epics (merge request) GitLab Enterprise Edition
• Do not allow status checks to exist with external protected branches (merge request) GitLab Enterprise Edition
• Fix GFM autocomplete xss (merge request)
• Prohibit anonymous access for specific user API endpoint (merge request)
• Fix denial-of-service attack in Markdown parser (merge request)

14.1.6 (2021-09-27)

Fixed (1 change)

• Fix Elastic::MigrationWorker current_migration (2nd attempt) (merge request) GitLab Enterprise Edition

14.1.5 (2021-09-02)

Fixed (1 change)

• Geo: Replicate multi-arch containers (merge request) GitLab Enterprise Edition

14.1.4 (2021-08-31)

Security (8 changes)

• Update apollo_upload_server dependency (merge request)
• Ensure shared group members lose project access after group deletion (merge request)
• Fix stored XSS vulnerability in Datadog settings form (merge request)
• Inherit user external status while creating project bots (merge request)
• Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
• Require sign in for .keys endpoint on non-public instances (merge request)
• Only create jira connect NS subscriptions for admins (merge request)
• Prevent non-admins from configuring Jira connect app (merge request)

14.1.3 (2021-08-17)

Fixed (2 changes)

• Geo 2.0 Regression - Add ability to remove primary (merge request) GitLab Enterprise Edition
• [RUN AS-IF-FOSS] AS Fix SAML SSO login redirects not working (merge request) GitLab Enterprise Edition

Changed (1 change)

• Resolve "operator does not exist: integer[] || bigint in... (merge request)

14.1.2 (2021-08-03)

Security (19 changes)

• Add project member validation for domain limitation (merge request)
• Hide project-level CI/CD Analytics for Guests (merge request)
• Only allow invite to be accepted by user with matching email (merge request)
• Add html escaping for default branch name (merge request)
• Configure OmniAuth to use GitLab AppLogger (merge request)
• Add permissions check to pipelines#show action (merge request)
• Prevent impersonation in gitlab-shell SSH certs (merge request)
• Fix Protected Environment Accesses Cleanup (merge request) GitLab Enterprise Edition
• Use oauth_app id instead of uid (merge request) GitLab Enterprise Edition
• Block impersonation token use if it is not permitted (merge request)
• Fix XSS in Mermaid Markdown rendering (merge request)
• Do not show email address in error message (merge request) GitLab Enterprise Edition
• Updates oauth to 0.5.6 (merge request)
• Fix tag ref detection for pipelines (merge request)
• Disallow non-members to set issue metadata on issue create (merge request)
• Prevent guests from linking issues with errors (merge request)
• Filter todos whose target users no longer have access to (merge request)
• Remove impersonation token from api response for non-admin user (merge request)
• Restrict access to instance-level security features for reporters (merge request) GitLab Enterprise Edition

14.1.1 (2021-07-28)

Added (1 change)

• RackAttack: extend basic authentication detection for rate limiting (merge request)

Fixed (3 changes)

• Prevent terms from being created if blank (merge request)
• Fix: Sidekiq workers delete each other's metrics (merge request)
• Resolve "Bulk dismissal checkboxes don't appear on group vulnerability report" (merge request) GitLab Enterprise Edition

Other (1 change)

• Revert backfill on ci_build_trace_sections (merge request)

14.1.0 (2021-07-21)

Added (123 changes)

• Add ability to set squash_option in the Project API (merge request)
• Add ref to pipeline graphql schema (merge request)
• Upsell the GitLab Managed Terraform state if the repo contains .tf files (merge request)
• Add mailgun endpoint for receiveing permanent failures (merge request)
• Add error tracking collector (merge request)
• Add Vulnerability Management metric for Devops Adoption API (merge request)
• Allow immediate deletion of projects (merge request) GitLab Enterprise Edition
• Make database changes to persist false_positive information (merge request)
• Added user_cap to setting update service (merge request)
• Audit successful GPG key creation and removal (merge request) GitLab Enterprise Edition
• Enable sidekiq load balancing by default (merge request)
• Add Pipeline Editor branch selector (merge request)
• Introduce multiple oncall schedules feature (merge request) GitLab Enterprise Edition
• Track secure scans (merge request) GitLab Enterprise Edition
• Redirect to the new default branch from a deleted default branch (merge request)
• Add button to insert images in content editor (merge request)
• Add support for rendering tables in content editor (merge request)
• Release the Helm charts registry (merge request)
• Allow configuring Redis trace chunks instance (merge request)
• Add warning when import url does not ends with .git (merge request)
• Adds ID to group, stage, and detailed status (merge request)
• Removed the compliance_dashboard_drawer feature flag (merge request) GitLab Enterprise Edition
• Upgrade GitLab Pages to 1.41.0 (merge request)
• Enable GraphQL Runner API (merge request)
• Add Collected Data Categories Service Ping metric (merge request)
• Show progress of an epic on epic board cards (merge request) GitLab Enterprise Edition
• Add graphql mutation to enable dependency scanning (merge request) GitLab Enterprise Edition
• Enable sec_dependency_scanning_ui_enable by default (merge request) GitLab Enterprise Edition
• Add policy type filter (merge request) GitLab Enterprise Edition
• Adds audit event when compliance framework changed (merge request) GitLab Enterprise Edition
• Allow copying Epic reference from sidebar (merge request) GitLab Enterprise Edition
• Audit successful key destroy action (merge request) GitLab Enterprise Edition
• Add observability to Snowplow tracking (merge request)
• Support providing kind to internal Network Policies edit API (merge request) GitLab Enterprise Edition
• Add Running Container Scanning CI Template (merge request) GitLab Enterprise Edition
• Add pause and resume to background migrations (merge request)
• Display Helm packages in the package registry (merge request)
• Feat(Blob): Add CSV render support for Blob Viewer (merge request)
• Added user_cap column to namespace_settings (merge request)
• Wiki repositories use default branch when creating the repo (merge request)
• Allow sort by popularity for issues via GraphQL (merge request)
• Allow sort by blocking issues via GraphQL (merge request) GitLab Enterprise Edition
• Expose GraphQL query complexity score (merge request)
• Extend NetworkPolicy GraphQL API with Environments field (merge request) GitLab Enterprise Edition
• Remove ff_external_status_checks feature flag (merge request) GitLab Enterprise Edition
• Accept GitHub source highlight URL argument format (merge request)
• Add emoji name to tooltip (merge request)
• Do not export certain models when using Relations Export API (merge request)
• Add Coverage fuzzing to DevopsAdoption API (merge request)
• Extend Plan limits API with terraform_module_max_file_size (merge request)
• Add dependency scanning to DevopsAdoption API (merge request)
• Add Bulk Imports API to view user initiated imports (merge request)
• Allow sort and expose expired field for milestones (merge request)
• Add group-level DORA metrics to GraphQL endpoint (merge request) GitLab Enterprise Edition
• Make the variable type for the GitLab CI secret configurable (merge request) GitLab Enterprise Edition
• Add GitLab revision to Prometheus metric (merge request)
• Add project-level DORA metrics to GraphQL endpoint (merge request) GitLab Enterprise Edition
• Remove project from Job Token Scope via GraphQL (merge request)
• Add timezone to web operations (merge request)
• Add CIJobToken project allow list resolver (merge request)
• Add ability to search for cluster image scanning jobs (merge request) GitLab Enterprise Edition
• Add target branch in pipeline editor for blank projects (merge request)
• Add jobCount and projectCount to GraphQL CiRunner (merge request)
• Remove gitlab_experiment_middleware feature flag (merge request)
• Add instance-level audit event when admin status changes (merge request) GitLab Enterprise Edition
• Add link to admin area on project view and group view (merge request)
• Add support for legacy blob viewers (merge request)
• Preserve user authorship during bulk imports (merge request)
• Add usage ping features frontend checkboxes (merge request)
• Remove kubernetes_agent_on_gitlab_com feature flag (merge request)
• Add system note when escalating to users (merge request) GitLab Enterprise Edition
• Remove project_finder_similarity_sort feature flag (merge request)
• Track usage data for Network Policies UI (merge request) GitLab Enterprise Edition
• Add compliance_frameworks_with_pipeline to usage ping (merge request) GitLab Enterprise Edition
• Remove ci_quota_check_on_retries feature flag (merge request) GitLab Enterprise Edition
• Add scan execution policies to the policy list (merge request) GitLab Enterprise Edition
• Allow passing PAT name and scopes via the URL (merge request)
• Add summary to timelogs (merge request)
• Allow specifying an access level for Project Access Tokens (merge request)
• Send purchase source to customers API (merge request) GitLab Enterprise Edition
• Sync destruction between requirements and issues (merge request) GitLab Enterprise Edition
• Add CI/CD templates picker for empty pipelines page (merge request)
• Save last_synced_at on licenses table (merge request)
• Add validate account button on CI/CD shared runners page (merge request) GitLab Enterprise Edition
• Relate issues and requirements (merge request)
• Add present_on_default_branch to Vulnerabilites (merge request)
• Helm charts index API endpoint (merge request)
• Add backup logger class (merge request)
• Add configuration for locating gitaly-backup (merge request)
• Adding raw_plain_data type to snippets (merge request)
• Allow to query discussion design on GraphQL (merge request)
• Converts the diff row component into a functional component (merge request)
• Add state argument for the PipelineSecurityReportFindingsResolver (merge request) GitLab Enterprise Edition
• Add NOT filtering to epic roadmap filtered search (merge request) GitLab Enterprise Edition
• Show access level of Project Access Token in UI and API (merge request)
• Add CI variable CI_MERGE_REQUEST_APPROVED (merge request) GitLab Enterprise Edition
• Add compliance framework label to compliance dashboard (merge request) GitLab Enterprise Edition
• Display Feature Flags Related to Issues (merge request) GitLab Enterprise Edition
• Update styling on policy editor page (merge request) GitLab Enterprise Edition
• Remove ci_drop_new_builds_when_ci_quota_exceeded feature flag (merge request) GitLab Enterprise Edition
• Adds sha argument to lint (merge request)
• Add Debian API endpoint for Packages files (merge request)
• Add option to order epics by title on list page (merge request) GitLab Enterprise Edition
• Add wal cached counter metric (merge request)
• Accept repository_update_events in SystemHooks API (merge request)
• Added omniauth_user check when verifying user cap GitLab Enterprise Edition
• Add the ability to deep link into group/project member tabs (merge request)
• Allow changing AdditionalPack namespace (merge request) GitLab Enterprise Edition
• BulkImports: Import Group Avatar (merge request)
• Allow admins to limit registration of project and group runners (merge request)
• Populate latest_pipeline_id values for vulnerability_statistics (merge request) GitLab Enterprise Edition
• Add support for horizontal rule in content editor (merge request)
• Add state of merge request diff to the entity (merge request)
• Associate Build with DAST Site and Scanner profile (merge request)
• Show pronouns in user popover (merge request)
• Create API to update upcoming reconciliations (merge request) GitLab Enterprise Edition
• Add layout for "first mile" (merge request)
• Adds status to StageType in gql (merge request)
• Expose SAST & DAST devops adoption metrics (merge request) GitLab Enterprise Edition
• Allow sorting by title in REST/GraphQL API (merge request) GitLab Enterprise Edition
• Add in-product marketing emails (merge request)
• Commit registration invite page to product (merge request)
• Support specifying a milestone for MR via push options (merge request)

Fixed (150 changes)

• Fix error when creating or deleting a board list (merge request)
• Skip LFS fragment on redirect (merge request)
• Fix scanner comparison error (merge request)
• Fix background color of markdown code in dark mode (merge request)
• Fix transposed rows and cols (merge request)
• Fix wiki repositories with wrong HEAD (merge request)
• Fix public selection of pages permissions (merge request)
• Geo: Replicate the HEAD ref (merge request) GitLab Enterprise Edition
• Remove useless delete button in group settings (merge request) GitLab Enterprise Edition
• Allow cleartext communication with KAS in production (merge request)
• Automatically create integration webhooks when missing (merge request)
• Fix snippet url helper when repository is not present (merge request)
• Adjust Groups API call used in Search Group Projects select (merge request)
• Fix snippets display issues on mobile devices (merge request)
• Fixed the header color in fly-outs for Dark mode (merge request)
• Fixed association between Finding, Finding Links (merge request) GitLab Enterprise Edition
• Correct check for displaying SubEpic counts on boards (merge request) GitLab Enterprise Edition
• Preload correct latest test report for requirements (merge request)
• Fix "Confirm user" button on tabs other than "Account" (merge request)
• Add trigger_source for empty page tracking event (merge request)
• Fix GET requests from graphql client when using relative url (merge request)
• Ensure pages visibility levels are correct (merge request)
• Fix the write permission of the Releases with Protected Tag (merge request)
• Fix labelFilterParam value in issuable_list_root (merge request) GitLab Enterprise Edition
• Fix filePath not being stored in GraphQL log tree cache (merge request)
• Fix user popovers in design management discussions (merge request)
• Update confirmation button text in edit modals (merge request) GitLab Enterprise Edition
• Revert to use merge requests count for group view (merge request)
• Remove transaction when migrating diff commits (merge request)
• Replace deprecated_project_avatar in create_issue_form.vue (merge request) GitLab Enterprise Edition
• Fix validation method regarding MIME type keys (merge request)
• Replace the success btn to the confirm btn in the preferences page (merge request)
• Use ProjectAvatar in frequent_items_list_item.vue (merge request)
• Strip whitespace from GraphQL queries using GET (merge request)
• Make job_token_scope_enabled project setting false by default (merge request)
• Use namespaced security report type for Cluster Image Scanning (merge request) GitLab Enterprise Edition
• Fix race condition on container repository create (merge request)
• Fix WebIDE image being base64 (merge request)
• Fix Issue check_for_spam? for bots (merge request)
• Fix scan execution policy selection (merge request) GitLab Enterprise Edition
• Advanced Search: Fix inaccessible ES server error (merge request) GitLab Enterprise Edition
• Migrate drawer titles to title slot (merge request)
• Fix timebox charts events computing (merge request) GitLab Enterprise Edition
• Fix bug in DORA GraphQL endpoint (merge request) GitLab Enterprise Edition
• Correctly positioned the is-above flyouts (merge request)
• Add another guard clause to password_expired_if_applicable (merge request)
• Allow Bulk Import to use relative GitLab URL (merge request)
• Hide Renew button if less than 15 days for term end date (merge request) GitLab Enterprise Edition
• Fix default url for Monitor sidebar menu (merge request)
• Fix vulnerability report filter dropdown button text truncation (merge request) GitLab Enterprise Edition
• Fixed broken ui link (merge request)
• Fix icon size for usage quotas and billing (merge request) GitLab Enterprise Edition
• Fix LFS objects not downloading from Bitbucket (merge request)
• Fix CAPTCHA modal for setting issue non-confidential (merge request)
• Fix typo for dismissible (merge request)
• Display correct label for named-list report types (merge request) GitLab Enterprise Edition
• Handle git exceptions in wiki create and update services (merge request)
• Do not create audit event for failed logins on read-only DB (merge request) GitLab Enterprise Edition
• Fix git clone for projects with a trailing dot over HTTP (merge request)
• Always encode group path for labels API (merge request) GitLab Enterprise Edition
• Return empty strings for Jira links when URL is not set (merge request)
• Fix pipeline count on merge request tab (merge request)
• Define deduplication strategy in Resource Group Worker (merge request)
• Allow users to setup Jenkins without username (merge request)
• Hide group-level DORA charts if not licensed (merge request) GitLab Enterprise Edition
• Fix uninitialized constant Audit::UpdateService (merge request) GitLab Enterprise Edition
• Add prefix to autocomplete path (merge request)
• Fix cache update for schedules and policies (merge request) GitLab Enterprise Edition
• Fix WebIDE dropdown background color (merge request)
• Add option to force notification on expired subscriptions (merge request) GitLab Enterprise Edition
• Fix alignment issues (merge request)
• Reduce noisy code quality diff errors on MR page (merge request) GitLab Enterprise Edition
• Only disable pause indexing when migration running needs indexing paused (merge request) GitLab Enterprise Edition
• Fix caching for pagination headers (merge request)
• Catch Git::CommandError in Branches::CreateService (merge request)
• Bugfix: Disable the ability from the FE to use Approver != in MR search (merge request)
• Raise the error when repository storage move fails (merge request)
• Fix PopulateLatestPipelineIds background migration (merge request) GitLab Enterprise Edition
• Add license check to status checks rendering (merge request) GitLab Enterprise Edition
• Fix create issue dropdown button wrapping (merge request)
• Fix plans cards width on lg screens (merge request) GitLab Enterprise Edition
• Return issue feedback from loader when there is no issue link (merge request) GitLab Enterprise Edition
• Fix deploy keys not working with LFS auth check (merge request)
• Fix review-bar-component height (merge request)
• Use small ellipsis button in DAST saved scans and profiles (merge request) GitLab Enterprise Edition
• Update a user highest role when removed from group (merge request)
• Fix wiki encoding error creating event (merge request)
• Update connect_instance_spec.rb (merge request)
• Default cableBackend to authBackend (merge request)
• Fix double scrollbar in some dropdowns (merge request)
• Wrap Labels and Members menu items with access levels checks (merge request)
• Takes per page setting into account when paginate (merge request)
• Show create-jira-issue when gitlab issues disabled (merge request) GitLab Enterprise Edition
• Guard Compliance CI evaluation against blank path (merge request) GitLab Enterprise Edition
• Skip saving the diffs whitespace setting if the user isn't logged in (merge request)
• Fix Group avatar API endpoint (merge request)
• Allow nil for remaining ci cd settings (merge request)
• Fix 2FA Download codes button (merge request)
• Fix breadcrumbs and page title for 2FA page (merge request)
• Fix return codes for getting an inexisting release (merge request)
• Show the default "default branch" in the API for empty projects (merge request)
• Persist Direct Asset Path on Release Updates (merge request)
• Fix svg logos for empty pipeline templates (merge request)
• Ensure displayNamespaceID is included (merge request) GitLab Enterprise Edition
• Drone hook API endpoint (merge request)
• Fix NuGet installs with symbol packages (merge request)
• Change PHP template for PHP 8 (merge request)
• Update embedded snippet file links to open in new tab (merge request)
• Fix typo with credit card (merge request) GitLab Enterprise Edition
• Fix error when loading incident issue with alert (merge request)
• Fix state value in the lfs_object_registry table (merge request) GitLab Enterprise Edition
• Fix broken Time Tracking Reports on Issuables (merge request)
• Fix frequent items timestamps not updated (merge request)
• Fix bug where Milestone page led to console error (merge request)
• Include hours into elapsed time in jobs (merge request)
• Fix retry-lock problem on pipeline cancel (merge request)
• Fix link for commit-type security report items (merge request) GitLab Enterprise Edition
• Fix submit button not being clickable (merge request) GitLab Enterprise Edition
• Fix top position on board sidebar (merge request)
• Carry line_range info forward on unchanged positions (merge request)
• Force ASCII-8BIT encodings in CI job trace (merge request)
• Fix pages deployment storage migration (merge request)
• Show warning when files are hidden in an MR (merge request)
• Allow ancestor milestones to be set to an MR via push options (merge request)
• Group Avatar API: ensure to send the remote filename (merge request)
• Bump the sys-filesystem version to prevent errors in System Info (merge request)
• Fix missing attributes on token audit events (merge request) GitLab Enterprise Edition
• Fix Zuora frame size after client-side error (merge request) GitLab Enterprise Edition
• Fix infrastructure menu link to the first visible menu item (merge request)
• Upgrade omniauth-azure-activedirectory-v2 to v1.0.0 (merge request)
• GithubImporter: Avoid failing when PullRequest has empty body (merge request)
• Update margin-left on widget attachment to match content start (merge request)
• Allow Projects with Freeze Periods to be Deleted (merge request)
• Fix expiring subscription message on subgroups (merge request) GitLab Enterprise Edition
• Constraint status checks to protected branches (merge request) GitLab Enterprise Edition
• Enable deep linking on environments page for tabs (merge request)
• Fix sidekiq:migrate_jobs tasks in production mode (merge request)
• Fix a bug where the displayNamespaceId (merge request) GitLab Enterprise Edition
• Remove add button from Devops Adoption (merge request) GitLab Enterprise Edition
• Create close issue event on issue move (merge request) GitLab Enterprise Edition
• Fix missing "Clear" button on namespace search (merge request)
• Remove disable_composer_callback feature flag (merge request)
• Fix group avatar API (merge request)
• Fix environment folder broken layout (merge request)
• Fix redirection for DAST Scanner Profile (merge request) GitLab Enterprise Edition
• Fix visibility of issue enforcement setting (merge request) GitLab Enterprise Edition
• Fix too many redirects during Geo check task (merge request) GitLab Enterprise Edition
• Format network policies update time (merge request) GitLab Enterprise Edition
• Use user permissions (merge request)
• Display license start date without special format (merge request) GitLab Enterprise Edition

Changed (137 changes)

• Move admin user actions from cards to a dropdown (merge request)
• Use configured browser locales for date formatting (merge request)
• Update GraphQL project type field container_registry_enabled (merge request)
• Enable load balancing for Jira Connect workers (merge request)
• ContainerRepositoriesFinder now checks container registry visibility (merge request)
• Drop support for Safari 13.0 (merge request)
• Add Finding Evidence Assets (merge request)
• Search epic by title in issues (merge request)
• Migrate Add To Do button to widget (merge request)
• Makes the feature_name field for UserCallout nullable (merge request)
• Add a runner cost factor for new public projects (merge request) GitLab Enterprise Edition
• Create environment column in policies list (merge request) GitLab Enterprise Edition
• Filter service ping payload by category (merge request)
• Schedule MergeRequestCleanupRefsWorker more efficiently (merge request)
• Update urlParams on Jira issues list page (merge request) GitLab Enterprise Edition
• Remove snippet_spam feature flag (merge request)
• Update DevOps Score doc and callout (merge request)
• Add sort by popularity to issues (merge request)
• Rename project / group removal to deletion (merge request) GitLab Enterprise Edition
• Swimlanes - Fetch more epics button (merge request)
• Change style of add button on License Compliance page (merge request) GitLab Enterprise Edition
• Change success color (merge request)
• Optimized blob view loading in repository (merge request)
• Require encryption on builds tokens (merge request)
• GithubImporter: Count fetched/import objects globally and by project (merge request)
• Improve Error Tracking models (merge request)
• Ignore cloud_license_enabled in ApplicationSetting (merge request) GitLab Enterprise Edition
• Extracted Admin E-mail notification code from EE to core (merge request)
• Update Admin Area's Runner Details Page UI (merge request)
• Add upvotes_count to issues (merge request)
• Update Admin Area's Runners Page UI (merge request)
• Increment DAST_VERSION in on-demand DAST template (merge request) GitLab Enterprise Edition
• Update the Discord integration embed (merge request)
• Update UI text for CI token scope setting (merge request)
• Optimised the hash retrieval from URL (merge request)
• Update warnings for ci minute quotas (merge request) GitLab Enterprise Edition
• Update gitlab-labkit to v0.20.0 (merge request)
• Update requirement import modal to show focus (merge request) GitLab Enterprise Edition
• Mask runner registration (merge request)
• Update DAST version for offline environments (merge request) GitLab Enterprise Edition
• Add Finding Evidence Supporting Messages (merge request)
• Update buildkite.rb (merge request)
• Use load balancing for Jira Connect workers (merge request)
• Start reading project_features.container_registry_access_level (merge request)
• Rearrange milestone form (merge request)
• Update license compliance icons (merge request) GitLab Enterprise Edition
• Improve consistency of admin user dropdown actions (merge request)
• Remove cloud_license_enabled application setting (merge request) GitLab Enterprise Edition
• Remove date from Seat Link data fields (merge request) GitLab Enterprise Edition
• Update dot style for DORA lead time graphs (merge request) GitLab Enterprise Edition
• Schedule devops adoption calculation only for pending namespaces (merge request) GitLab Enterprise Edition
• Move "Show latest version" button to the left (merge request)
• Allow wiki pages to be empty (merge request)
• Bump Nokogiri from v1.11.4 to v1.11.5 (merge request)
• Log and advise about push-rule-rejected commit (merge request) GitLab Enterprise Edition
• Update supported browser versions (merge request)
• Merge branch '334976-fix-misleading-upgrade-cta-jira-issues' into 'master' (merge request)
• Update timestamp fields to Standard (merge request)
• Update copy and type for sync subscription banner (merge request)
• Upgraded Monaco to 0.25.2 (merge request) GitLab Enterprise Edition
• Reintroduce lfs_link_existing_object feature flag (merge request)
• Show 'Delete' button to developers in Wiki (merge request)
• Switch back to pg_query (merge request)
• Use Gitaly long timeout for resolving conflicts (merge request)
• Add upvotes field to issues index (merge request) GitLab Enterprise Edition
• Identicon - Align GitLab UI Colors (merge request) GitLab Enterprise Edition
• Update color scheme of createFlash (merge request)
• Fix misleading upgrade CTA in Jira configuration (merge request)
• Sort fork form namespaces alphabetically (merge request)
• Present error when DAST profile not found (merge request)
• Add selected to description (merge request)
• Remove the sec_secret_detection_ui_enable feature flag (merge request) GitLab Enterprise Edition
• Block external pull mirrors for forks (merge request)
• DRY deactivate dormant user worker spec (merge request)
• Fix sorting bug in dependency list (merge request) GitLab Enterprise Edition
• Create or update a cloud license on sync/activate (merge request) GitLab Enterprise Edition
• Truncate body length (merge request) GitLab Enterprise Edition
• Update dictionary renderer to include data category (merge request)
• Add policy type column (merge request) GitLab Enterprise Edition
• Trial CTA source split (merge request) GitLab Enterprise Edition
• Change the number of pipelines per page to 15 (merge request)
• Revise the navbar to use sentence case (merge request)
• Update status column in Threat Monitoring (merge request) GitLab Enterprise Edition
• Bump import job status expiration to 24h (merge request)
• Promote new_repo experiment (merge request)
• Re-named the remaining EditorLite files (merge request)
• Update compliance dashboard empty state (merge request) GitLab Enterprise Edition
• Polish formatted_stage_count for analytics (merge request)
• VSA: Change item count to 1000+ (merge request) GitLab Enterprise Edition
• Move Scan PORO to CE [RUN AS-IF-FOSS] (merge request)
• Enable ci_job_trace_force_encode feature flag by default (merge request)
• Move migration to a pre-deployment migration (merge request) GitLab Enterprise Edition
• Remove access request controls in admin area (merge request)
• Revise UI text for third-party offers (merge request)
• Add documentation for billable member sorting (merge request)
• Add confirmation modal to "Sync now" LDAP button (merge request) GitLab Enterprise Edition
• Add correct extension to dotnet CI template (merge request)
• Rename ci examples readmes to index (merge request)
• Update copy for DAST code snippet modal (merge request) GitLab Enterprise Edition
• Add source version check to Bulk Import (merge request)
• Fix deprecated GlIcon size and property (merge request)
• Rename usage ping to service ping (merge request)
• Use minimal layout in trial flow (merge request)
• Fix admin mode when authenticating with LDAP (merge request)
• Simplify the sign in page after confirmation (merge request)
• Enable FF ci_reset_bridge_with_subsequent_jobs by default (merge request)
• Sort milestones by due date in filtered search (merge request)
• Add searchability to ci template dropdown (merge request) GitLab Enterprise Edition
• Remove deprecated API elements (merge request)
• Remove unncessary type options (merge request)
• Migrate top-centered toasts to bottom-left (merge request) GitLab Enterprise Edition
• Upgrade @gitlab/ui to v30.0.0 (merge request)
• Remove web_hooks_rate_limit feature flag (merge request)
• Default-enable :update_remote_mirror_inmemory feature flag (merge request)
• Default-enable :fetch_remote_params feature flag (merge request)
• Remove the regulated tab from compliance frameworks list (merge request) GitLab Enterprise Edition
• Move Debian regexp to ::Packages::Debian (merge request)
• Add Pending Alert Escalations table (merge request)
• Add parameters to in app purchase links (merge request)
• Search: add ability to sort epics (merge request) GitLab Enterprise Edition
• Support repository moved message with all container types (merge request)
• Allow billable member sorting by last activity (merge request) GitLab Enterprise Edition
• Render confidential icon in epic tree for epics (merge request)
• Sort epic list in issue sidebar by title (merge request) GitLab Enterprise Edition
• GithubImporter: Count and log each object imported (merge request)
• Standardize UI text for protected branches and protected tags (merge request)
• Allow to promote confidential issues into confidential epics (merge request)
• Sort by similarity in Search Group's Project dropdown (merge request)
• Refactor db selection in SidekiqServerMiddleware (merge request)
• Renamed EditorLite to SourceEditor (merge request) GitLab Enterprise Edition
• Remove job dependency for Vulnerability-Check (merge request) GitLab Enterprise Edition
• Reduce horizontal padding in new top nav (merge request)
• Add descriptions for EpicStateEnum (merge request) GitLab Enterprise Edition
• Relabel access token fields (merge request)
• Pajamas-compliant dismiss button for HAML alerts (merge request)
• Add validation to additional pack purchase_xid (merge request) GitLab Enterprise Edition
• Use standard filter for scanner filter on non-project level vuln report (merge request) GitLab Enterprise Edition

Deprecated (1 change)

• Deprecate GraphQL PrometheusServiceID argument (merge request)

Removed (24 changes)

• Remove securityScansSucceeded from DevOps Adoption (merge request) GitLab Enterprise Edition
• Remove old license page logic (merge request) GitLab Enterprise Edition
• Remove trace_memory_allocations FF (merge request)
• Undo CTE fix for PG11 (merge request)
• Delete framework column from project_compliance_framework_settings (merge request)
• Removed ff sidebar_refactor from views (merge request)
• Remove productivity_analytics_scatterplot flag (merge request) GitLab Enterprise Edition
• Remove cycle analytics scatterplot ff (merge request) GitLab Enterprise Edition
• Remove the approvals_commented_by feature flag (merge request)
• Remove the use_workhorse_s3_client feature flag (merge request)
• Remove the use_distinct_in_shas_cte FF (merge request)
• Remove un-used Event archived action (merge request)
• Remove Frontend to Edit Legacy Flags (merge request)
• Removes pipeline_filter_jobs feature flag (merge request)
• Remove Clusters Applications Fluentd Table (merge request)
• Drop deprecated Prometheus settings in gitlab.yml (merge request)
• Remove ability to enable/disable seat link from settings (merge request) GitLab Enterprise Edition
• Drop index_ci_builds_on_protected index (merge request)
• Remove Legacy Flags from Feature Flag Table (merge request)
• Enable the new project sidebar (merge request)
• Remove omit_commit_sha feature flag (merge request)
• Drop LB FF for ExpirePipelineCacheWorker (merge request)
• Remove new_release_page feature flag (merge request)
• Drop load-balancing FF in PipelineHooksWorker (merge request)

Security (17 changes)

• Update addressable gem to v2.8.0 (merge request)
• Disable file and network premailer strategies
• Add total http read timeout
• Update rdoc to 6.3.1
• Forbid GET requests with mutations
• Prevent GraphQL API access by deactivated users
• Add sanitizing for name field
• Fix XSS on audit log for feature flag actions
• Copy feature visibility settings to a fork
• Avoid disclosing project in web IDE
• Allow only same-origin URLs for Edit Release Cancel button
• Add new username validation
• Removes security_ci_lint_authorization code (merge request)
• Update Nokogiri to 1.11.4
• Fix deploy key fallback issue in protected branch
• Sanitize input on pasteGFM
• Fix merge request diff display issue with unsupported encoding

Performance (31 changes)

• Update anscestor deduplication in pipeline graph (merge request)
• Enqueue async, non-blocking jobs for group-group share actions (merge request)
• Immediately show parent row (merge request)
• Improve sort by popularity for issues board (merge request)
• Adjustments to compare caching (merge request)
• Move link icon to CSS (merge request)
• Lazy load avatars (merge request)
• Increase page size exponentially (merge request)
• Reduce space needed for merge request diff commits (merge request)
• Preload project user authorizations on REST API (merge request)
• Remove replica selection change FF (merge request)
• Remove redundant call to RenderService (merge request)
• Cache rendered compare entity (merge request)
• Use linear root_ancestor when possible (merge request)
• Schedule requirements processing conditionally (merge request) GitLab Enterprise Edition
• Fix Namespace#all_projects performance (merge request)
• Improve LoadBalancer#all_caught_up? logic (merge request)
• Drop full index on ci_builds.token (merge request)
• Linear traversal query for Namespace#self_and_ancestors (merge request)
• Use async job when creating/updating EpicIssue (merge request) GitLab Enterprise Edition
• Enable milestone reference caching (merge request)
• git_access: Use batched new blobs check (merge request)
• Eliminate some N+1 queries on project-pipeline GraphQL endpoint (merge request)
• Improve the performance of project/users API (merge request)
• Replacement partial index for ci_builds.token (merge request)
• Use materialied CTE to improve builds fair scheduling (merge request)
• Speed up initial page load on Releases page (merge request)
• Remove replica selection change FF for LB (merge request)
• Remove duplicate where condition (merge request)
• Implement pending builds queue builder in a separate class (merge request)
• Utilize load balancing for BuildQueueWorker (merge request)

Other (58 changes)

• Support reindexing unique indexes (merge request)
• Revise group Pages size UI text (merge request) GitLab Enterprise Edition
• First run for events dictionary for backend (merge request) GitLab Enterprise Edition
• Record message size transmitted over action cable (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request) GitLab Enterprise Edition
• Rename License.usage_ping to License.customer_service_enabled (merge request) GitLab Enterprise Edition
• Remove codequality_mr_diff_annotations flag (merge request) GitLab Enterprise Edition
• Remove temporary feature flags (merge request)
• Remove the codequality_mr_diff feature flag (merge request) GitLab Enterprise Edition
• Add troubleshooting section to batched migrations docs (merge request)
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
• Fix security scan query timeout (merge request)
• Index batched migration jobs by max value (merge request)
• Delete legacy operations feature flags (merge request)
• Avoid splitting strings in repository maintenance UI (merge request)
• Fix GLIcon size property (merge request)
• Only reindex btree and gist indexes (merge request)
• Refactoring string literals used for snowplow tracking in the sidebar (merge request) GitLab Enterprise Edition
• Refactor health status widget to use Apollo (merge request) GitLab Enterprise Edition
• Migrate the deprecated "urlParamsToObject" to "queryToObject" (merge request)
• Improve gradle QA scenario (merge request)
• Update help for renamed documentation index (merge request)
• Improves repository storage-related UI and documentation (merge request)
• Refactor health status widget to use Apollo (merge request) GitLab Enterprise Edition
• Add rel property to help link (merge request)
• Initialize conversion of ci_builds_metadata.id for bigint migration (merge request)
• Remove project_statistics_sync feature flag (merge request)
• Improve repository maintenance UI and documentation (merge request)
• Migrate push_event_payloads.event_id back to integer (GitLab.com only) (merge request)
• Remove cached_markdown_blob feature flag (merge request)
• Remove sort_dependency_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
• Move prometheus service creation to the background job (merge request)
• Add BG migration to delete orphaned deployments (merge request)
• Remove by default enabled feature flag (merge request)
• Enable new Rails connection handling (merge request)
• Review and revise Audit Events UI text (merge request) GitLab Enterprise Edition
• Add service desk project key validation error message (merge request)
• Remove FF ci_fix_pipeline_status_for_dag_needs_manual (merge request)
• Add FK for deployments.environment_id to environments table (merge request)
• Remove ci_artifacts_exclude feature flag (merge request)
• Finalize conversion to bigint for push_event_payloads (merge request)
• Log WaitableWorker inline job executions (merge request)
• Remove default-enabled cascading_namespace_settings feature flag (merge request)
• Track finished_at timestamp for schema migrations (merge request)
• Drop remove_on_close column from labels table in envs where it exists (merge request)
• Toggle codequality diff annotations flag (merge request)
• Remove usage_data_code_review_aggregation feature flag (merge request)
• Remove FF ci_workflow_rules_variables (merge request)
• Cleanup group_devops_adoption feature flag (merge request) GitLab Enterprise Edition
• Remove ci_pipeline_latest feature flag (merge request)
• Remove ci_runners_tokens_optional_encryption ff (merge request)
• Update GitLab Runner Helm Chart to 0.30.0 (merge request)
• Decrease epic issues and child epics page size (merge request) GitLab Enterprise Edition
• Remove invite_signup_page_interaction experiment (merge request)
• Add internal docs for changing CI minute namespace (merge request) GitLab Enterprise Edition
• Add more logging to track encoding errors appending CI traces (merge request)
• Remove diffs gradual load feature flag (merge request)
• Remove partial index for Hashed Storage migration (merge request)

14.0.12 (2021-11-05)

Changed (4 changes)

• Geo: Alternate redownload and normal design sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal SSF sync attempts (merge request) GitLab Enterprise Edition
• Geo: Alternate redownload and normal project syncs (merge request) GitLab Enterprise Edition
• Geo: Reduce frequency of redownload attempts (merge request) GitLab Enterprise Edition

14.0.11 (2021-09-23)

Fixed (1 change)

• Fix Elastic::MigrationWorker current_migration (merge request) GitLab Enterprise Edition

14.0.10 (2021-09-02)

No changes.

14.0.9 (2021-08-31)

Security (9 changes)

• Update apollo_upload_server dependency (merge request)
• Ensure shared group members lose project access after group deletion (merge request)
• Fix stored XSS vulnerability in Datadog settings form (merge request)
• Inherit user external status while creating project bots (merge request)
• Escape issue reference and title for Jira issues (merge request) GitLab Enterprise Edition
• Require sign in for .keys endpoint on non-public instances (merge request)
• Update Import/Export to use public email when mapping users (merge request) GitLab Enterprise Edition
• Only create jira connect NS subscriptions for admins (merge request)
• Prevent non-admins from configuring Jira connect app (merge request)

14.0.8 (2021-08-25)

Fixed (1 change)

• Fix: Sidekiq workers delete each other's metrics (merge request)

Changed (1 change)

• Resolve "operator does not exist: integer[] || bigint in... (merge request)

Other (1 change)

• Revert backfill on ci_build_trace_sections (merge request)

14.0.7 (2021-08-03)

Security (18 changes)

• Add project member validation for domain limitation (merge request)
• Hide project-level CI/CD Analytics for Guests (merge request)
• Only allow invite to be accepted by user with matching email (merge request)
• Add html escaping for default branch name (merge request)
• Configure OmniAuth to use GitLab AppLogger (merge request)
• Add permissions check to pipelines#show action (merge request)
• Prevent impersonation in gitlab-shell SSH certs (merge request)
• Fix Protected Environment Accesses Cleanup (merge request) GitLab Enterprise Edition
• Do not show email address in error message (merge request) GitLab Enterprise Edition
• Disallow non-members to set issue metadata on issue create (merge request)
• Prevent guests from linking issues with errors (merge request)
• Block impersonation token use if it is not permitted (merge request)
• Updates oauth to 0.5.6 (merge request)
• Remove impersonation token from api response for non-admin user (merge request)
• Filter todos whose target users no longer have access to (merge request)
• Fix tag ref detection for pipelines (merge request)
• Restrict access to instance-level security features for reporters (merge request) GitLab Enterprise Edition
• Fix XSS in Mermaid Markdown rendering (merge request)

14.0.6 (2021-07-20)

Fixed (4 changes)

• Fix validation method regarding MIME type keys (merge request)
• Geo: Fix snippet verification by replicating the HEAD ref (merge request) GitLab Enterprise Edition
• Fix LFS objects not downloading with Bitbucket (merge request)
• Replace Excon with Faraday for requesting object storage (merge request)

14.0.5 (2021-07-08)

Fixed (4 changes)

• Return empty strings for Jira links when URL is not set (merge request)
• Add prefix to autocomplete path (merge request)
• Do not create audit event for failed logins on read-only DB (merge request) GitLab Enterprise Edition
• Fix git clone for projects with a trailing dot over HTTP (merge request)

Other (1 change)

• Initialize conversion of ci_builds_metadata.id for bigint migration (merge request)

14.0.4 (2021-07-07)

Security (1 change)

• Disable file and network premailer strategies (merge request)

14.0.3 (2021-07-06)

Fixed (7 changes)

• Fix deploy keys not working with LFS auth check (merge request)
• DevOps Adoption - ensure displayNamespaceId is included (merge request) GitLab Enterprise Edition
• Geo - Fix state value in the lfs_object_registry table (merge request) GitLab Enterprise Edition
• Fix broken Time Tracking Reports on Issuable sidebar (merge request)
• Fix bug where Milestone page led to console error (merge request)
• Fix frequent items timestamps not updated (merge request)
• Fix pages deployment storage migration (merge request)

Changed (2 changes)

• Geo - Move migration to a pre-deployment migration (merge request) GitLab Enterprise Edition
• Reintroduce recursive_approach_for_all_projects default-enabled (merge request)

14.0.2 (2021-07-01)

Added (1 change)

• Added omniauth_user check when verifying user cap (merge request) GitLab Enterprise Edition

Security (14 changes)

• Update rdoc to 6.3.1 (merge request)
• Forbid GET requests with mutations (merge request)
• Prevent GraphQL API access by deactivated users (merge request)
• Add sanitizing for name field (merge request)
• Copy feature visibility settings to a fork (merge request)
• Fix XSS on audit log for feature flag actions (merge request)
• Avoid disclosing project in web IDE (merge request)
• Sanitize input on pasteGFM (merge request)
• Fix merge request diff display issue with unsupported encoding (merge request)
• Fix deploy key fallback issue in protected branch (merge request)
• Add total http read timeout (merge request)
• Allow only same-origin URLs for Edit Release Cancel button (merge request)
• Update Nokogiri to 1.11.4 (merge request)
• Add new username validation (merge request)

14.0.1 (2021-06-24)

Fixed (3 changes)

• Remove add button from Devops Adoption (merge request) GitLab Enterprise Edition
• DevOps Adoption - ensure displayNamespaceId is included (merge request) GitLab Enterprise Edition
• Add Helm-2to3.gitlab-ci.yml to Auto DevOps (merge request)

14.0.0 (2021-06-21)

Added (116 changes)

• Add Packages::Helm::ProcessFileService (merge request)
• Add unique index for Helm packages (merge request)
• Disable policies linked to no container repositories (merge request)
• Allow storing detection_method in vulnerability findings (merge request)
• Expose humanTimeEstimate & humanTotalTimeSpent (merge request)
• Make max diff files and max diff lines configurable (merge request)
• Add GraphQL endpoint to list agent configurations (via KAS) (merge request) GitLab Enterprise Edition
• Add checkbox in group settings for prevent sharing outside hierarchy (merge request)
• Add "Enterprise" badge to users that are provisioned via SAML/SCIM (merge request) GitLab Enterprise Edition
• Update Bulk Import state more accurately (merge request)
• Enable DB Load-balancer flag USE_NEW_LOAD_BALANCER_QUERY by default (merge request)
• Allow toggle job_token_scope_enabled via GraphQL (merge request)
• Publish package hash on Package Page (merge request)
• Add backend support for Coverage-Check rule (merge request)
• Add project setting to toggle job token scope (merge request)
• Scope JobToken to only authorized projects (merge request)
• Scope JobToken to only authorized projects (merge request)
• Mark pending todo as done when resolving design discussions (merge request)
• Migration for fixing missing traversal ids (merge request)
• Add qrtly reconciliation alert (merge request) GitLab Enterprise Edition
• Enable by default FF sidebar_refactor (merge request)
• Add time_change in Issue, MR and Note webhook (merge request)
• Prepopulates the pipeline editor with a 3 stage template (merge request)
• Add commit type to generic security reports (merge request) GitLab Enterprise Edition
• Adjust indexes for iterations and iteration cadences (merge request)
• Epic Boards (merge request) GitLab Enterprise Edition
• Add order_project_path to package graphql API sort (merge request)
• Add provisioning group to pipeline validation payload (merge request) GitLab Enterprise Edition
• Add index for description in ci_runners table (merge request)
• Show security report scan errors on pipeline view (merge request) GitLab Enterprise Edition
• Upgrade GitLab Pages to 1.40.0 (merge request)
• Check hierarchy sharing settings in GroupLinks::CreateService (merge request)
• Allow user to create epics via epic board list (merge request) GitLab Enterprise Edition
• Create table for tracking ci minute purchases (merge request) GitLab Enterprise Edition
• Add epic's note system_note_meta to import/export (merge request) GitLab Enterprise Edition
• Add Group Avatar endpoint (merge request)
• Add Content Editor support for wikis (merge request)
• Enable CORS headers for OpenID Connect discovery endpoints (merge request)
• Add a GET endpoint to user preferences (merge request)
• Escaped markdown not interpreted as shortcuts (merge request)
• Allow to make test cases confidential (merge request) GitLab Enterprise Edition
• Add is_shared and runner_type to hooks and API responses (merge request)
• Enable reporting of usage data for Jira integration (merge request)
• Create metric events for service desk emails (merge request)
• Add option to disable printing of root password during DB seeding (merge request)
• Allow users to specify their pronouns (merge request)
• Gracefully handle query timeouts for project VSA (merge request)
• Add title and tooltip to diff preferences dropdown (merge request)
• Add group-level lead time charts (merge request) GitLab Enterprise Edition
• Change pipeline url to have underline (merge request)
• Add danger for merge trains (merge request)
• Optionally include trailers in the commits API (merge request)
• Add compliance tab to redesigned Security-Configuration Page (merge request)
• Instrumenting project sidebar menus (merge request)
• Add upcoming_reconciliations table and model (merge request)
• Support graceful shutdown of Workhorse connections (merge request)
• Add Clone with VS Code for SSH (merge request)
• Get ancestors of an Epic using GraphQL (merge request) GitLab Enterprise Edition
• Add wiki page diff url to Slack notification message (merge request)
• Allow administrators to enable automatic deactivation of dormant users (merge request)
• Add pipeline source to custom CI_JOB_JWT claims (merge request)
• Display credit card status in /admin/users/:id page (merge request) GitLab Enterprise Edition
• Allow users to delete items from the package file list (merge request)
• Show generic 'code' type on vuln details (merge request) GitLab Enterprise Edition
• Add ability to search instanceSecurityDashboard.projects GraphQL query (merge request) GitLab Enterprise Edition
• Add latest_pipeline_id column to vulnerability_statistics table (merge request)
• Import group boards & board lists via ndjson when using Bulk Import (merge request) GitLab Enterprise Edition
• Add an option to expose description_html in Release API (merge request)
• Render table types on generic vulnerability report (merge request) GitLab Enterprise Edition
• Remove Web Application Firewall related frontend files (merge request) GitLab Enterprise Edition
• Add link to navigate to profile settings page (merge request)
• Persist the page parameter for VSA pagination (merge request) GitLab Enterprise Edition
• Adds block_changes_at to LicenseType in GraphQL (merge request) GitLab Enterprise Edition
• Add .drafts scope to MergeRequests (merge request)
• Add delete branch modals behind feature flag (merge request)
• Add the documentation for sidekiq routing rules (merge request)
• Helm chart download API endpoint (merge request)
• Add custom header text to free personal namespaces billing page (merge request)
• Add delete escalation policy GraphQL mutation (merge request)
• Add file-location component for generic security reports (merge request) GitLab Enterprise Edition
• Store CI runner config data (merge request)
• Expose the state field for vulnerability findings (merge request) GitLab Enterprise Edition
• Add graphql API to list Scan Execution Policies (merge request) GitLab Enterprise Edition
• Support custom messages in the cherry-pick API (merge request)
• Add post migration to cleanup orphaned records (merge request)
• GraphQl: Allow filtering epics by negated parameters (merge request)
• Add finding evidence header (merge request)
• Add module-name component for generic security reports (merge request) GitLab Enterprise Edition
• Use assignee sidebar widget in the alert drawer (merge request) GitLab Enterprise Edition
• Add 'show_whitespace_in_diffs' to the UserPreferences endpoint (merge request)
• Update button variants alignment and spacing (merge request)
• Allow recording of experiment subjects (merge request)
• Set the git default branch to "main" (merge request)
• Add memory view to Performance Bar (merge request)
• Add user IP data to external pipeline validation service (merge request)
• Backfill primary key migration for self-managed instances (merge request)
• Makes the invite button on empty projects permanent (merge request)
• Restrict trial during free signup to company users (merge request)
• Add credit card validation checkbox to admin users panel (merge request)
• Delay worker execution for workers utilizing LB (merge request)
• Optionally start a trial during free signup (merge request)
• Adds content to createCommit mutation (merge request)
• Add dast_runner_site_validation feature flag (merge request)
• Add GraphQL types for escalation policies and rules (merge request)
• Debian Group and Project Distribution Keys schema (merge request)
• Compress oversized Sidekiq job payload before dispatching into Redis (merge request)
• Add metrics to calculate rate of project imports (merge request)
• Enable Kroki on reStructuredText and Textile documents (merge request)
• Add admin page for batched background migrations (merge request)
• Remove threat_monitoring_alerts feature flag (merge request)
• Add GraphQL types for escalation policies and rules (merge request)
• Update button variants and avatar layout (merge request)
• Add admin page for batched background migrations (merge request)
• Add Sidekiq payload compression log fields (merge request)
• Add Sidekiq payload decomression server middleware (merge request)
• Implement Sidekiq job payload compressor (merge request)

Fixed (161 changes)

• Only update required instance CI template when the parameter is present (merge request)
• Bugfix: avoid 500 when resending confirmation (merge request)
• Deal with invalid caches (merge request)
• Fix CI/CD > Pipelines active routes (merge request)
• Fix unreachable ES url exception (merge request) GitLab Enterprise Edition
• Fix problems with ldap users with expired password (merge request)
• Fix DA dropdown alignment (merge request) GitLab Enterprise Edition
• Normalize buttons whitespace to only rely on margins (merge request)
• JS error on continuous onboarding welcome page (merge request) GitLab Enterprise Edition
• Only show coverage fuzzing artifact download when the job exists (merge request)
• Align file line numbers for some Safari users (merge request)
• Use context-aware translation for cloud license (merge request) GitLab Enterprise Edition
• Fix Embedded Snippet CSS to remove unnecessary vertical scroll bar (merge request)
• Rebuild iterations automation index (merge request)
• Fix migration for SSH key expiration enforcement (merge request)
• Fix spacing between deploy buttons in MR widget (merge request)
• Fix blank state styling for welcome screens (merge request)
• Fix sidebar item on Jira issue details page (merge request) GitLab Enterprise Edition
• checks: Fix LFS pointer checks only verifying first reference (merge request)
• Fix NameError Admin::ApplicationSettings::UpdateService (merge request)
• Fix CI editor template not updating on commit (merge request)
• Add select_rows to the list of NON_STICKY_READS (merge request)
• Allow nil on delegated CI/CD settings (merge request)
• Fetch from all parent groups in issue epic select (merge request) GitLab Enterprise Edition
• Prevent CI schema from registering if schema_linting flag is off (merge request)
• Conditionally render create group buttons (merge request)
• Do not trim wiki content by default (merge request)
• Show the bytes when git reports the file as undiffable (merge request)
• Use unstranslated names for telemetry on membership (merge request)
• Hide search icon on larger breakpoints again (merge request)
• Use user config for first day of week in issue datepicker (merge request)
• Fix accessing the errors property of the scan objects (merge request) GitLab Enterprise Edition
• Gracefully handle unknown failure reason in runner CI job (merge request)
• Check Security::Scan resources to identify ran security jobs (merge request) GitLab Enterprise Edition
• Fix bug where disabling usage ping via gitlab.rb did not work (merge request)
• Add default_branch support for Project API (merge request)
• Avoid idling in transaction while saving project export object (merge request)
• Fix timeouts on expiring SSH keys (merge request)
• Only check for modified paths when the branch is updated (merge request) GitLab Enterprise Edition
• Change meta tag theme color to match theme (merge request)
• fix: VulnerabilityFinding equality should exclude other record types (merge request) GitLab Enterprise Edition
• Fix trendline error (merge request) GitLab Enterprise Edition
• Fix unintentional cleanup of Import/Export tmp files (merge request)
• Use issueable reference prefix in basic search results (merge request)
• Calculate mergeability check sync on first widget load (merge request)
• Fix fetch policy in pipeline editor branch switcher (merge request)
• Fix upload-file-experiment-trigger setting incorrect base route (merge request)
• Add guard - diff missing from merge_request_diffs (merge request)
• Resolve Yajl encoding incompatibility (merge request)
• Fix MR approval by reporters (merge request) GitLab Enterprise Edition
• Fix conflict resolve to handle FailedPrecondition error correctly (merge request)
• Repurpose Key.expired_today_and_not_notified scope (merge request)
• Fix escaping characters in authors name for "Pending Comments" dropdown (merge request)
• Fix links in code quality widget (merge request)
• Fix spam detection with Akismet client (merge request)
• Do not display bulk selection when user is auditor (merge request) GitLab Enterprise Edition
• Add guard condition for when cilium (merge request) GitLab Enterprise Edition
• Enable HTML labels in Mermaid (merge request)
• Upgrade gitaly dependency to use proper go modules versioning (merge request)
• Fix MR diff compare with previous version (merge request)
• Use tag helper to generate custom emojis (merge request)
• Allow GraphQL MemberInterface to support null users (merge request)
• Fix blank error message for codequality diff (merge request) GitLab Enterprise Edition
• Fix known issues with the CSP (merge request)
• Whitelist pages in mermaid rendering (merge request)
• Fix pipeline graph visualization lines disappearing (merge request)
• Set CSP back to disabled by default (merge request)
• Fix Advanced Search retry migration button (merge request) GitLab Enterprise Edition
• Permit symbols when loading mail_room.yml (merge request)
• Use #use_open_file for NuGet metadata extraction (merge request)
• Fix iteration wildcard id filtering for boards (merge request) GitLab Enterprise Edition
• Fix reference to isSquashReadOnly (merge request)
• Prevent error when accessing optional needs in pipeline graph (merge request)
• Prevent prepending single quote to issue CSV exports (merge request)
• Record impersonation details on Auditor (merge request) GitLab Enterprise Edition
• Set default retries for mailers to 3 (merge request)
• Fix non-custom Total stage in VSA (merge request) GitLab Enterprise Edition
• Do not enforce UTF-8 in any forms (merge request)
• Fix indexer running longer than lock timeout (merge request) GitLab Enterprise Edition
• Fix junit report attachment in tests with error (merge request)
• Force use of UTC in formatting seconds into MM:SS (merge request)
• Fix known issues with the CSP (merge request)
• Fix CSP issues related to captchas (merge request)
• Fix "Security & Compliance" access for auditors (merge request) GitLab Enterprise Edition
• Add the deduplication hash to the job payload (merge request)
• Authorize GraphQL Vulnerabilities::IssueLink type (merge request) GitLab Enterprise Edition
• Fix the requiring_cleanup scope (merge request)
• Do not remove export when uploading via URL (merge request)
• Set iteration state based on updated dates (merge request)
• Update google-protobuf to v3.17.1 (merge request)
• Fix CSS for MR widget for dark mode (merge request)
• Fix shared runner minutes reset on self-managed (merge request) GitLab Enterprise Edition
• Fix layout, spacing, and style of reaction emoji on issuables (merge request)
• fix: Update StoreReportService to better unique signature violations (merge request) GitLab Enterprise Edition
• Update startup css which fixes login pages (merge request)
• Make arrow on generic report section clickable (merge request) GitLab Enterprise Edition
• Determine Jira deployment_type based on URL (merge request)
• Fix ability for non project member to subscribe to an issue (merge request)
• Fix Releases page/GraphQL pagination (merge request)
• Overhaul CSS in performance bar in Dark mode (merge request)
• Fix Security::FindingsFinder for multiple report artifacts (merge request) GitLab Enterprise Edition
• Stop using basic auth for GKE cluster creation (merge request)
• Allow error-free deletion of orphaned group members (merge request)
• Fix "Leave this group" button for subgroups listed in group overview (merge request)
• Adds a conditional to not uncheck an unchecked MR (merge request)
• Fix alignment of global alerts (merge request)
• Fix vuln scanner filter not working when report type has no scanner IDs (merge request)
• Call RedisHllUserEvent only when a user is set (merge request)
• Fix Gitpod url in user preferences (merge request)
• Fix Jira issue fields not disabled when inheriting (merge request)
• Handle invalid project ID in reply-by-email (merge request)
• Fix tooltip positioning on job view list (merge request)
• Fix typo showing error message after destroy page (merge request)
• Process emails for projects with not unique service desk keys (merge request)
• Fix JavaScript initialization in readonly mode (merge request)
• Update Gitaly's binary path in init.d scripts (merge request)
• Pin the GKE version to 1.18 for cluster creation (merge request)
• Fix N+1 problem for ForksController#new (merge request)
• Fix missing system notes and system events on create issue (merge request)
• Avoid conflicting workers in authorized_projects namespace (merge request)
• Fix humanized size numbers for negative values (merge request)
• Fix double render in project's git URL redirect (merge request)
• Fix issue with frames not loading in Safari (merge request)
• Fix timeouts when destroying a project with many notes (merge request)
• Check user permissions for pipeline operations (merge request)
• Include environments from current and descendant pipelines (merge request)
• Render Discover link for Security & Compliance (merge request) GitLab Enterprise Edition
• Avoid updating Elasticsearch when project is pending_delete (merge request)
• Remove feature flag around policy alert creation (merge request) GitLab Enterprise Edition
• Fix bulk edit vulnerability dropdown layering issue (merge request) GitLab Enterprise Edition
• Bump Cluster Applications version which includes: (merge request)
• Only check index status if modifying Advanced Search form (merge request)
• Preserve epic labels association during Group Import/Export (merge request)
• Hide billing plans with truthy hide_card attribute (merge request)
• Check for credit card when playing manual jobs (merge request)
• Ensure post-update actions are applied when assignees change (merge request)
• Fix errors in instance and group-level integration pages for some integrations (merge request)
• Return 404 from branches API when repository does not exist (merge request)
• Fixed Rails Save Bang offenses in few spec/models/* files (merge request)
• Fix blob preview error (merge request)
• Fix atom feed with push events for multiple tags (merge request)
• Resolve Time tracking report is bugged on GraphQL boards (merge request)
• Fixed Rails Save Bang offenses in few spec/models/* files (merge request)
• Properly process stale ongoing container repository cleanups (merge request)
• Execute member hooks only if an associated user is present (merge request)
• Fix pry debugging location with pry-byebug and pry-shell by updating the pry-shell gem (merge request)
• Fix permission check when setting issue/merge request subscription in GraphQL API. (merge request)
• Fix pipeline graph undefined needs error (merge request)
• Prevent overflows in WebHook#backoff_count (merge request)
• Prevent overflows in WebHook#backoff_count (merge request)
• Ensure that we always run the update worker (merge request)
• Execute member hooks only if an associated user is present (merge request)
• Check for credit card when playing manual jobs (merge request)
• Added changelogfile (merge request)
• Fixed offenses in spec/models/* part 5 (merge request)
• Fix blob preview error (merge request)
• Return 404 from branches API when repository does not exist (merge request)
• Preserve epic labels association during Group Import/Export (merge request)
• Fix atom feed with push events for multiple tags (merge request)
• Fixed offenses in spec/models/* part 2 (merge request)
• Fix UI bug overflowing the text in TODO list (merge request)

Changed (155 changes)

• Move admin cohorts to separate controller (merge request)
• Improve beta state communication of content editor (merge request)
• DA use dropdown for adding groups (merge request) GitLab Enterprise Edition
• Remove ci_register_job_service_one_by_one feature flag (merge request)
• Use database as SSOT for diffs whitespace (merge request)
• Namespace translations in view switcher for clarity (merge request)
• Show update branch message when MR branch diverged from target branch (merge request) GitLab Enterprise Edition
• Backend support for multi-select project search (merge request) GitLab Enterprise Edition
• Use GraphQL for Time tracking info on Issuables (merge request)
• Bump DAST to use version 2 (merge request) GitLab Enterprise Edition
• Fix Helm version regexp to match unprefixed semver too (merge request)
• Add deprecation notice to Managed-Cluster-Applications.gitlab-ci.yml (merge request)
• Hide tooltips and popovers with escape key (merge request)
• Adds more identifiers to Seat Link (merge request) GitLab Enterprise Edition
• Usage dictionary: update name, Group Overview (merge request) GitLab Enterprise Edition
• Set PostgreSQL 12 as the minimum supported version (merge request)
• Fix: update incident sidebar severity title margin (merge request)
• Add webhook rate-limit threshold for Free plan on gitlab.com (merge request)
• Update instructions how to initialize/clone git repository (merge request)
• Add indices for created_at+id and contacted_at+id on ci_runners (merge request)
• Update Diff UI settings to match style guides (merge request)
• Relate Test Reports and Requirement Issues (merge request)
• Add verification for MR diffs using SSF (merge request) GitLab Enterprise Edition
• Make Alert details table attributes clickable (merge request)
• Add migrations for adding verification for MR diffs (merge request)
• Allow guest user to assign issue metadata on create (merge request)
• Replace plugin.log with file_hook.log (merge request)
• Restore previous month perspective (merge request) GitLab Enterprise Edition
• Update Styling of MR-Widget (merge request)
• Enforce SSH key expiration by default (merge request)
• Tidy up language on access tokens UI page (merge request)
• Move "Appearances" menu item into "Settings" in Admin Area (merge request)
• Geo: Remove feature flag geo_terraform_state_version_verification (merge request) GitLab Enterprise Edition
• Retry pipelines in the background (merge request)
• Remove feature flag introduce_marker_ranges (merge request)
• Add input rules for creating links (merge request)
• Add new way of encrypting tokens (merge request)
• Remove maven metadata CTE FF (merge request)
• Bump major version of auto-deploy-image in Auto Deploy template (merge request)
• Fix title, value spacing of various sidebar blocks (merge request) GitLab Enterprise Edition
• Expose include_ancestor_groups arg for epics query (merge request) GitLab Enterprise Edition
• Change vulnerability filters All option text to be "All <filter name>" (merge request) GitLab Enterprise Edition
• Replace work_in_progress with draft (merge request)
• Successful sync should cause verification (merge request) GitLab Enterprise Edition
• Wait until DB is ready to list data on legacy storage (merge request)
• Add level four heading to text style dropdown (merge request)
• Reintroduce DA group max requests (merge request) GitLab Enterprise Edition
• Remove env var restriction for Database load balancing (merge request)
• Hide scanner filter vendor header when there's only the GitLab vendor (merge request) GitLab Enterprise Edition
• Add vulnerability activity filters in GraphQL (merge request) GitLab Enterprise Edition
• Update the vendored cluster management Project Template (merge request)
• Projects API show the project's squash option (merge request)
• Add git push counter to geo node status (merge request) GitLab Enterprise Edition
• Adjust Button Sizes on Secure MR Widget (merge request)
• Apply Slack's UI guide to channel placeholders (merge request)
• Remove DA max requests for groups (merge request) GitLab Enterprise Edition
• Rollout arel_package_scopes feature (merge request)
• Allow iteration cadence argument on iteration creation (merge request)
• Migrate board label select to Vue (merge request)
• Remove old Advanced Search migrations (merge request) GitLab Enterprise Edition
• Added a check for user: null (merge request)
• Enable :disable_service_templates FF by default (merge request)
• Remove load_balancing_atomic_replica feature flag (merge request)
• Replaces Klar by Trivy from the specs (merge request)
• Add vulnerability scanner ID filter in GraphQL (merge request) GitLab Enterprise Edition
• Right align action buttons on jobs index page (merge request)
• Move component and spec to static site editor (merge request)
• Geo Node 2.0 - Remove geo_nodes_beta FF (merge request) GitLab Enterprise Edition
• Remove geo_lfs_object_replication feature flag (merge request) GitLab Enterprise Edition
• Increase max groups fetched for DA (merge request) GitLab Enterprise Edition
• Update breadcrumbs for project imports (merge request)
• Revise UI phrasing around force pushes (merge request) GitLab Enterprise Edition
• Upgrade to Mermaid v8.10.2 (merge request)
• Enable validate_import_decompressed_archive_size feature flag by default (merge request)
• Improve VSM date tooltip (merge request) GitLab Enterprise Edition
• Pass through escaped variable values to Runner (merge request)
• Update deprecated GlIcon size in IDE branch search (merge request)
• Use application/octet-stream as Content-Type for files in CI artifacts (merge request)
• Rename Browser Performance template jobs (merge request)
• Rearrange 'Security & Compliance' menu items (merge request) GitLab Enterprise Edition
• Enable prevent_retry_of_retried_jobs feature flag on by default (merge request)
• Simplify npm.gitlab-ci.yml using new CI variables (merge request)
• Enable cross pipeline artifacts download (merge request)
• Rename read_vulnerability to read_security_resource policy (merge request) GitLab Enterprise Edition
• Remove feature flag usage_data_p_terraform_state_api_unique_users (merge request)
• Remove feature flag create_cloud_run_clusters (merge request)
• Remove ci-trace-read-consistency feature flag (merge request)
• Added path navigation to project VSA (merge request) GitLab Enterprise Edition
• Enable ci_fix_commit_status_retried by default (merge request)
• Change docs link style in group CI settings (merge request)
• Upgrade Sentry gem to 4.4.0 (merge request)
• Refactor performance bar cookie check (merge request)
• Database Load Balancing feature available in GitLab Free (merge request)
• Align titles and icons in Security pages (merge request) GitLab Enterprise Edition
• Prevent projects with same slug from having same project key (merge request)
• Allow reporters to read project statistics (merge request)
• Simplify network policy sidebar (merge request) GitLab Enterprise Edition
• Rename instance_statistics_measurements_table (merge request)
• Converted issuable id to string (merge request)
• Fixed scroll on todos (merge request)
• Replace Flash with GlAlert in Boards (merge request)
• Improve fork error message (merge request)
• Allow extra parameter for Snowplow events (merge request)
• Import group epics via ndjson when using Bulk Import (merge request) GitLab Enterprise Edition
• What's New content link opens in new tab (merge request)
• No Longer Send Legacy Feature Flags (merge request)
• Strip out junit screenshot path (merge request)
• Remove unused ProcessPrometheusAlertWorker worker (merge request)
• Rename experiment_subjects group_id column (merge request)
• Remove unused ProcessAlertWorker (merge request)
• Update pipeline failed notification emails to refer to jobs (merge request)
• Improve approvers text (merge request) GitLab Enterprise Edition
• Update securityReportSummary to avoid expensive operation (merge request) GitLab Enterprise Edition
• Redesign policy editor page (merge request) GitLab Enterprise Edition
• Enable builds queue on replicas by default (merge request)
• Update Unknown signin email timestamp to use 24 hour time (merge request)
• Move cluster management projects out of alpha (merge request)
• Update group creation UI (merge request)
• Remove group timelog mandatory arguments (merge request)
• Remove include_lfs_blobs_in_archive feature flag (merge request)
• Add BulkImports NdjsonExtractor & update labels pipeline to use it (merge request)
• Remove @service from integrations contollers (merge request)
• Allow url without .git suffix for import (merge request)
• Enforce maximum attachment size in project API uploads by default (merge request)
• Added path navigation to project VSA (merge request) GitLab Enterprise Edition
• Enable builds queue limit by default (merge request)
• Fix spacing for branch switcher in pipeline editor (merge request)
• Updates authorization for lint (merge request)
• Separate adoption segment namespaces (merge request)
• Use :latest image tag in default Ruby CI template (merge request)
• Globally enable better generic metrics comparison (merge request)
• Upgrade CQ for updated Rubocop for Ruby 3 (merge request)
• Remove Links header (merge request)
• Reduce queries when ticking the runner queue by default (merge request)
• Add codeowners to DevOps Adoption (merge request)
• Prevent retried builds from being retried again (merge request)
• Raise job rules without workflow warnings by default (merge request)
• Better errors to users for CustomersDot API calls (merge request)
• Enable live consumption for all paid plans (merge request)
• Remove webhooks_moved user callout (merge request)
• Use new location for container-scanning analyzer (merge request)
• Remove code owner ribbon move announcement from settings (merge request)
• Move gosec to alphabetical order (merge request)
• Update Operations settings forms to be UX consistent (merge request)
• Lock a newly created item card in boards (merge request)
• Simplify error code handling for external pipeline validation (merge request)
• Backfill clusters_integration_prometheus.enabled (merge request)
• Add ease score onboarding in-product marketing email (merge request)
• Allow issue type change for incidents (merge request)
• Observe secondary email addresses when adding a member (merge request)
• Left-align certain application-wide cancel buttons to conform to the GitLab Pajamas style guide (merge request)
• Remove old redirect rule for the usage trends feature (merge request)
• Simplify error code handling for external pipeline validation (merge request)
• Set minimum Redis version to 5.0 (merge request)
• Observe secondary email addresses when adding a member (merge request)

Deprecated (3 changes)

• Depreciate GMA from Logs view in Operations (merge request)
• Deprecate related projects_with_prometheus_alerts metrics (merge request)
• Remove OpenJDK-alpine Dockerfile template (merge request)

Removed (46 changes)

• Remove metrics dashboard alert functionality (merge request)
• Remove load_balancing_for_web_hook_worker FF (merge request)
• Drop license_management artifact (merge request) GitLab Enterprise Edition
• Remove ssh_key_expiration_email_notification feature flag (merge request)
• Remove support for creating/updating release notes via tags API (merge request)
• Drop support of legacy feature flag (merge request)
• Removes SAST_DEFAULT_ANALYZERS variable (merge request)
• Replace 'tag_list' with 'topic_list' attribute on project (merge request)
• Don't take fingerprints for the internal authorized_keys API (merge request)
• Remove redundant key/value pair from the payload of DORA metrics API (merge request)
• Remove canary_ingress_weight_control feature flag (merge request)
• Remove allow_group_deploy_token feature flag (merge request)
• Remove GitLab-managed applications UI (merge request)
• Remove GMAv1 Fluentd (merge request)
• Remove GraphQL deprecated fields (merge request)
• Remove GitLab WAF related models, services and workers (merge request) GitLab Enterprise Edition
• Remove legacy profile routes (merge request)
• Replace 'tags' with 'topics' association on project (merge request)
• Remove deprecated CI workers and arguments (merge request)
• Deprecate global usage of SAST_ANALYZER_IMAGE_TAG (merge request)
• Remove BuildsEmailService records from services (merge request)
• Remove metrics for Web Application Firewall (merge request)
• Remove documentation for GitLab WAF (merge request)
• Remove Unicorn support (merge request)
• Remove projects_with_prometheus_alerts and pod_logs_usages_total metrics (merge request)
• Remove code coverage tracking feature flag (merge request)
• Remove pick_into_project feature flag (merge request)
• Remove postgres hll batch counting ff (merge request)
• Remove trace parameter from PUT /api/jobs/:id (merge request)
• Remove CI_PROJECT_CONFIG_PATH variable (merge request)
• Remove inherited_issuable_templates feature flag (merge request)
• Remove deprecated --experimental-queue-selector flag for Sidekiq (merge request)
• Remove unused instance statistics workers (merge request)
• Remove Unicorn references from runtime logic (merge request)
• Remove unicorn-worker-killer gem and relations (merge request)
• Remove Unicorn detection in pid provider (merge request)
• Remove assigned open issue count background worker (merge request)
• Remove start-up scripts for Unicorn web server (merge request)
• Remove UnicornCheck service (merge request)
• Remove support for /wip quick action (merge request)
• Redirect some of deprecated repository routes (merge request)
• Remove some deprecated global routes (merge request)
• Remove Unicorn Sampler (merge request)
• Drop plugins directory support (merge request)
• Remove UnicornCheck service (merge request)
• Remove Unicorn Sampler and its dependencies (merge request)

Security (12 changes)

• Change button type so the form doesn't submit (merge request)
• Bump BinData version
• Use xpath search of Nokogiri instead of css search
• Truncate all non-blob markdown to 1MB by default
• Block access to GitLab for users with expired password
• Adds redirect page to OAuth
• Opt in to Atlassians new context qsh
• Limit oncall projects shown to scope of source GitLab Enterprise Edition
• Merge branch 'id-upgrade-rails-to-6.0.3.7' into 'master' (merge request)
• Update users two factor required from group
• Only verify commit signatures if the user email is verified
• Prevent XSS on notebooks

Performance (45 changes)

• Add post deployment migration for cleanup policies (merge request)
• Enable caching of PG typemap by default (merge request)
• Paginate diffs using Gitaly paths (merge request)
• Prevent refetching commit data (merge request)
• Use title, not full_title for commit mentionables (merge request)
• Add index for project_features.container_registry_access_level (merge request)
• Reduce number of gitaly calls in Snippet REST list Endpoints (merge request)
• Improve cache sharing between cached markdown fields and mentionables (merge request)
• Add protected pending build column and migrate data (merge request)
• Prevent fetching commits for next page (merge request)
• Retry traversal_ids backfill jobs (merge request)
• Enable label reference caching (merge request)
• chore: Drop optimize_sql_query_for_security_report feature flag (merge request) GitLab Enterprise Edition
• Add tracking of running shared runner builds (merge request)
• Use specialized project_authorization workers (merge request)
• Enable 'use_distinct_in_shas_cte' FF by default (merge request)
• Add background migration for unused expiration policies (merge request)
• Fix N+1 problem for fork controller (merge request)
• Preload blobs in repo view (merge request)
• Utilize load balancing capabilities for UserRefreshOverUserRangeWorker (merge request)
• Optimize queries that timeout in StuckCiJobsWorker (merge request)
• Linear traversal query for Namespace#root_ancestor (merge request)
• Cache open epics count in group sidebar (merge request) GitLab Enterprise Edition
• Cache sidebar merge requests count at group level (merge request)
• Moves the pipelines.json endpoint to startup js (merge request)
• Remove unreferenced lfs objects in batches (merge request)
• Remove preloading of forks in projects API (merge request)
• Enable pending builds parity by default (merge request)
• Refine linear queries in Namespace#all_projects (merge request)
• Reinstate branches keyset pagination (merge request)
• Optimize Nokogiri search for post-processing pipeline (merge request)
• Removes unneeded preloading in Markdown rendering (merge request)
• Cache branch_requires_code_owner_approval? (merge request) GitLab Enterprise Edition
• Switch group member max access to use bulk load (merge request)
• Utilize load balancing capabilities for BuildHooksWorker (merge request)
• Add viewer URL to StartupJS (merge request)
• Advanced Search: Allow indexing workers to use replicas (merge request)
• Reduce memory consumption when an API exception goes to Sentry (merge request)
• Use cache for CI::Build runners check (merge request)
• Optimize query for loading artifacts in pipeline (merge request)
• Accelerate builds queuing using a denormalized accelerated table (merge request)
• Remove the redundant update for API endpoint projects/:id/statuses/:sha (merge request)
• Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/325744 (merge request)
• Optimize query for loading artifacts in pipeline (merge request)
• Remove feature flag for "runners_cached_states" (merge request)

Other (70 changes)

• Update alert markup in runners page (merge request)
• Use a new worker in lieu of UserRefreshWithLowUrgencyWorker as safeguard (merge request)
• Update test_file_finder and Faraday (merge request)
• Remove notification_setting_recipient_refactor feature flag (merge request)
• Add Atlassian referrer to Jira links inside GitLab (merge request)
• Use the parent element to find elements to remove the child (merge request) GitLab Enterprise Edition
• Remove ci_dynamic_child_pipeline feature flag (merge request)
• Add tracking for epic boards (merge request)
• Remove feature flag release_mr_issue_urls (merge request)
• Standardize on roles term in UI (merge request)
• Add unique index on configuration for batched_background_migrations (merge request)
• Drop the web_hook_logs_archived table (merge request)
• Bump gitlab-fog-azure-rm version to 1.1.1 (merge request)
• Remove the nuget new file reader feature flag (merge request)
• Clenup deployments_finder_implicitly_enforce_ordering feature flag (merge request)
• Extract CSS from user calendar JS (merge request)
• Add data migration to update draft on merge_requests (merge request)
• Prepare ci_stages for bigint conversion (merge request)
• Add source tracking to invites (merge request)
• Track the validation error on Environment Update (merge request)
• Enable by default Allow force push option to Protected branches (merge request)
• Update GitLab Shell to v13.19.0 (merge request)
• Add the origin of squash merge feature to the docs (merge request)
• Ensure delay for all UserRefreshOverUserRangeWorker jobs enqueued (merge request)
• Rename DevOpsAdoptionSegment (merge request) GitLab Enterprise Edition
• Prepare geo_job_artifact_deleted_events table (merge request)
• Prepare deployments table for bigint conversion (merge request)
• Remove database_sourced_aggregated_metrics FF (merge request)
• Document and lint that trailers are case-sensitive (merge request)
• Change JiraTrackerData#deployment_type based on URL (merge request)
• Group-level Protected Environment Alpha Version (merge request)
• Upgrade Puma to 5.3.2 (merge request)
• Add subgroups and user namespaces spec examples (merge request)
• Add default value for merge_requests_author_approval (merge request)
• Place multiselect drag drop behind a feature flag (merge request)
• Remove obsolete Segment selections table (merge request)
• Explicitly destroy webhooks and logs before the project deletion (merge request)
• Remove :find_remote_root_refs_inmemory feature flag (merge request)
• Reschedules migration for uuid recalculation (merge request)
• Cleanup container_registry_enabled background migration (merge request)
• Update managed cluster template to avoid hardcoded master (merge request)
• Prepare ci_builds_metadata for int8 migration (merge request)
• Remove the usage of limit_projects_in_groups_api feature flag (merge request)
• Remove the check_maven_path_first feature flag (merge request)
• Prepare taggings table for bigint conversion (merge request)
• Update ffi from 1.13.1 to 1.15.1 (merge request)
• Remove DAST site profile related feature flags (merge request) GitLab Enterprise Edition
• Remove the FF *_unique_users_pushing_mr_ciconfigfile (merge request)
• Remove the FF ci_needs_optional (merge request)
• Remove the FF usage_data_unique_users_committing_ciconfigfile (merge request)
• Remove delayed_perform_for_build_hooks_worker feature flag (merge request)
• Update GitLab Runner Helm Chart to 0.29.0 (merge request)
• Remove threat_monitoring_alerts feature flag (merge request)
• VSA: Add decimal places to metrics (merge request)
• Prepare ci_build_trace_sections for int8 migration (merge request)
• Update button variants and alignment to align with the Pajamas Design System... (merge request)
• Removed packages_finder_helper_deploy_token feature flag (merge request)
• Update group/project member tabs to comply with Pajamas design system (merge request)
• Merge Request edit: make breadcrumbs consistent (merge request)
• Remove the feature flag for the external validation service (merge request)
• Add options events to Redis HLL metrics for filtering data (merge request)
• Track usage of the resolve conflict UI (merge request)
• Remove the packages_finder_helper_deploy_token feature flag (merge request)
• Prepare ci_build_trace_sections for int8 migration (merge request)
• Use @gitlab/ui color in member badges (merge request)
• Remove the feature flag for the external validation service (merge request)
• Update http-parser from 1.2.1 to 1.2.3 (merge request)
• Track usage of the resolve UI (merge request)
• Add missing metrics information (merge request)
• Track usage of the resolve UI (merge request)