From 96ddec954fa81b48dacfd49f9a0f2cc4b60c55cd Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Fri, 4 Apr 2025 06:12:46 +0000
Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master

---
 GITLAB_KAS_VERSION                            |   2 +-
 .../lib/utils/datetime/date_format_utility.js |  12 ++
 app/assets/javascripts/todos/utils.js         |  13 +-
 .../16-5-ci-job-token-limit-setting.yml       |   1 +
 data/deprecations/templates/example.yml       |   1 +
 doc/api/graphql/reference/_index.md           |  29 +++++
 doc/update/breaking_windows.md                | 114 +++++++++---------
 lib/tasks/gitlab/docs/compile_windows.rake    |   6 +-
 locale/gitlab.pot                             |  27 +++++
 .../datetime/date_format_utility_spec.js      |   7 ++
 .../components/toggle_snoozed_status_spec.js  |   6 +-
 11 files changed, 152 insertions(+), 66 deletions(-)

diff --git a/GITLAB_KAS_VERSION b/GITLAB_KAS_VERSION
index d645e4fbf6f..d9dc2bca942 100644
--- a/GITLAB_KAS_VERSION
+++ b/GITLAB_KAS_VERSION
@@ -1 +1 @@
-fbc2185f0b97e3f9340bdfb365e2c8b9e24788da
+4cbdaf5d1ab9382c53e36fdbd2df26b6e5e6151f
diff --git a/app/assets/javascripts/lib/utils/datetime/date_format_utility.js b/app/assets/javascripts/lib/utils/datetime/date_format_utility.js
index 51244b4ffd5..7429176f400 100644
--- a/app/assets/javascripts/lib/utils/datetime/date_format_utility.js
+++ b/app/assets/javascripts/lib/utils/datetime/date_format_utility.js
@@ -348,6 +348,18 @@ export const toISODateFormat = (date) => {
   return `${year}-${month}-${day}`;
 };
 
+/**
+ * Formats a date into an ISO string without milliseconds.
+ *
+ * @example
+ * // returns '2020-01-29T00:00:00Z'
+ * toISOStringWithoutMilliseconds(new Date('2020-01-29:00:00:00.123'))
+ *
+ * @param {Date} date The date to be formatted
+ * @returns {string} The ISO string without milliseconds.
+ */
+export const toISOStringWithoutMilliseconds = (date) => date.toISOString().replace(/\.\d+Z$/, 'Z');
+
 /**
  * This combines a date and a time and returns the computed Date's ISO string representation.
  *
diff --git a/app/assets/javascripts/todos/utils.js b/app/assets/javascripts/todos/utils.js
index 46d93d38840..91c4e684c93 100644
--- a/app/assets/javascripts/todos/utils.js
+++ b/app/assets/javascripts/todos/utils.js
@@ -1,12 +1,21 @@
+import { toISOStringWithoutMilliseconds } from '~/lib/utils/datetime_utility';
 import { updateGlobalTodoCount } from '~/sidebar/utils';
 import snoozeTodoMutation from './components/mutations/snooze_todo.mutation.graphql';
 
 export function snoozeTodo(apolloClient, todo, until) {
+  /**
+   * The API responds with the datetime in ISO 8601 format, without milliseconds. We therefore need
+   * to strip the milliseconds client-side as well so that the optimistic response matches the
+   * actual response. Mismatching date formats would invalidate the Apollo cache, in turn causing
+   * the todos to be re-fetched unexpectedly.
+   */
+  const snoozedUntilISOString = toISOStringWithoutMilliseconds(until);
+
   return apolloClient.mutate({
     mutation: snoozeTodoMutation,
     variables: {
       todoId: todo.id,
-      snoozeUntil: until,
+      snoozeUntil: snoozedUntilISOString,
     },
     optimisticResponse: () => {
       updateGlobalTodoCount(-1);
@@ -15,7 +24,7 @@ export function snoozeTodo(apolloClient, todo, until) {
         todoSnooze: {
           todo: {
             id: todo.id,
-            snoozedUntil: until,
+            snoozedUntil: snoozedUntilISOString,
             __typename: 'Todo',
           },
           errors: [],
diff --git a/data/deprecations/16-5-ci-job-token-limit-setting.yml b/data/deprecations/16-5-ci-job-token-limit-setting.yml
index d4e8c3a5e70..9b26ec84ebe 100644
--- a/data/deprecations/16-5-ci-job-token-limit-setting.yml
+++ b/data/deprecations/16-5-ci-job-token-limit-setting.yml
@@ -9,6 +9,7 @@
   reporter: jocelynjane  # (required) GitLab username of the person reporting the deprecation
   stage: govern  # (required) String value of the stage that the feature was created in. e.g., Growth
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/383084  # (required) Link to the deprecation issue in GitLab
+  check_impact: Use the [Authentication Log](../ci/jobs/ci_job_token.md#job-token-authentication-log) to verify which projects are authenticating with your project.
   impact: high  # Can be one of: [critical, high, medium, low]
   scope: project  # Can be one or a combination of: [instance, group, project]
   resolution_role: Maintainer  # Can be one of: [Admin, Owner, Maintainer, Developer]
diff --git a/data/deprecations/templates/example.yml b/data/deprecations/templates/example.yml
index 2a8cac510ad..0aecd0a9cdc 100644
--- a/data/deprecations/templates/example.yml
+++ b/data/deprecations/templates/example.yml
@@ -30,6 +30,7 @@
   reporter: exampleuser  # The GitLab username of the person reporting the change
   stage: stage
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/000000
+  check_impact:  # Link to a resource, like a tool, issue, docs section, or KB article, that has *concrete steps* for customers to assess the impact of this change.
   impact:  # Can be one of: [critical, high, medium, low]
   impact_details:  # Use the impact calculator and paste the full url in here. It will deep link to the configuration. https://gitlab-com.gitlab.io/gl-infra/breaking-change-impact-calculator/?
   impact_offering:  # The offering this impacts. Can be one or a combination of: [GitLab.com, Dedicated, self-managed]
diff --git a/doc/api/graphql/reference/_index.md b/doc/api/graphql/reference/_index.md
index 33d1ca6cc21..84d8b5dfe44 100644
--- a/doc/api/graphql/reference/_index.md
+++ b/doc/api/graphql/reference/_index.md
@@ -7679,6 +7679,35 @@ Input type: `LabelCreateInput`
 | <a id="mutationlabelcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
 | <a id="mutationlabelcreatelabel"></a>`label` | [`Label`](#label) | Label after mutation. |
 
+### `Mutation.ldapAdminRoleLinkCreate`
+
+Creates an instance-level custom admin role LDAP link.
+
+{{< details >}}
+**Introduced** in GitLab 17.11.
+**Status**: Experiment.
+{{< /details >}}
+
+Input type: `LdapAdminRoleLinkCreateInput`
+
+#### Arguments
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="mutationldapadminrolelinkcreateadminmemberroleid"></a>`adminMemberRoleId` | [`MemberRoleID!`](#memberroleid) | Global ID of the custom admin role to be assigned to a user. |
+| <a id="mutationldapadminrolelinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
+| <a id="mutationldapadminrolelinkcreatecn"></a>`cn` | [`String`](#string) | Common Name (CN) of the LDAP group. |
+| <a id="mutationldapadminrolelinkcreatefilter"></a>`filter` | [`String`](#string) | Search filter for the LDAP group. |
+| <a id="mutationldapadminrolelinkcreateprovider"></a>`provider` | [`String!`](#string) | LDAP provider for the LDAP link. |
+
+#### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="mutationldapadminrolelinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
+| <a id="mutationldapadminrolelinkcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
+| <a id="mutationldapadminrolelinkcreateldapadminrolelink"></a>`ldapAdminRoleLink` | [`LdapAdminRoleLink`](#ldapadminrolelink) | Created instance-level LDAP link. |
+
 ### `Mutation.markAsSpamSnippet`
 
 Input type: `MarkAsSpamSnippetInput`
diff --git a/doc/update/breaking_windows.md b/doc/update/breaking_windows.md
index e120981b7c9..2621a10b6a2 100644
--- a/doc/update/breaking_windows.md
+++ b/doc/update/breaking_windows.md
@@ -22,70 +22,70 @@ To update this file, run: bin/rake gitlab:docs:compile_windows
 
 This window takes place on April 21 - 23, 2025 from 09:00 UTC to 22:00 UTC.
 
-| Deprecation | Impact | Stage | Scope |
-|-------------|--------|-------|-------|
-| [CI/CD job token - **Limit access from your project** setting removal](https://gitlab.com/gitlab-org/gitlab/-/issues/395708) | High | Verify | Project |
-| [CI/CD job token - **Authorized groups and projects** allowlist enforcement](https://gitlab.com/gitlab-org/gitlab/-/issues/383084) | High | Govern | Project |
-| [Deprecate License Scanning CI/CD artifact report type](https://gitlab.com/gitlab-org/gitlab/-/issues/439301) | Low | Secure | Project |
-| [OpenTofu CI/CD template](https://gitlab.com/components/opentofu/-/issues/43#note_1913822299) | Low | Deploy | Project |
-| [CodeClimate-based Code Quality scanning will be removed](https://gitlab.com/gitlab-org/gitlab/-/issues/471677) | High | Secure |  |
-| [Replace `add_on_purchase` GraphQL field with `add_on_purchases`](https://gitlab.com/gitlab-org/gitlab/-/issues/476858) | Low | Fulfillment | Instance, group |
-| [Replace namespace `add_on_purchase` GraphQL field with `add_on_purchases`](https://gitlab.com/gitlab-org/gitlab/-/issues/489850) | Low | Fulfillment | Instance, group |
-| [Public use of Secure container registries is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/470641) | Low | Secure | Instance |
-| [Limit number of scan execution policy actions allowed per policy](https://gitlab.com/gitlab-org/gitlab/-/issues/510897) | Low | Security risk management | Instance, group, project |
-| [Deprecate CI job implementation of Repository X-Ray](https://gitlab.com/gitlab-org/gitlab/-/issues/500146) | Low | Create | Project |
-| [Pipeline job limits extended to the Commits API](https://gitlab.com/gitlab-org/gitlab/-/issues/436361) | Low | Verify | Project |
-| [Deprecation of `name` field in `ProjectMonthlyUsageType` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/381894) | Low | Fulfillment | Project |
-| [Deprecation of `STORAGE` enum in `NamespaceProjectSortEnum` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/396284) | Low | Fulfillment | Group |
-| [Workspaces `editor` GraphQL field is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/508155) | Low | Create | Project |
-| [Fix typo in user profile visibility updated audit event type](https://gitlab.com/gitlab-org/gitlab/-/issues/474386) | Low | Software supply chain security | Instance |
-| [DAST `dast_devtools_api_timeout` will have a lower default value](https://gitlab.com/gitlab-org/gitlab/-/issues/517254) | Low | Application security testing | Project |
-| [API Discovery will use branch pipelines by default](https://gitlab.com/gitlab-org/gitlab/-/issues/515487) | Low | Application_security_testing | Project |
-| [Container Scanning default severity threshold set to `medium`](https://gitlab.com/gitlab-org/gitlab/-/issues/515358) | Low | Application security testing | Project |
-| [Subscription related API endpoints in the public API are deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/515371#note_2319368251) | Low | Fulfillment | Instance |
-| [`maxHoursBeforeTermination` GraphQL field is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |
-| [`RemoteDevelopmentAgentConfig` GraphQL type is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |
-| [`defaultMaxHoursBeforeTermination` and `maxHoursBeforeTerminationLimit` fields are deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |
-| [GitLab Advanced SAST will be enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/513685) | Medium | Application security testing | Instance |
-| [The `agentk` container registry is moving to Cloud Native GitLab](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/630) | Medium | Deploy | Instance |
-| [SAST jobs no longer use global cache settings](https://gitlab.com/gitlab-org/gitlab/-/issues/512564) | Medium | Application security testing | Instance |
-| [End-of-Support SAST jobs will be removed from the CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/issues/519133) | High | Application security testing | Project |
-| [Application Security Testing analyzers major version update](https://gitlab.com/gitlab-org/gitlab/-/issues/513417) | Low | Application security testing | Project |
+| Deprecation | Impact | Stage | Scope | Check potential impact |
+|-------------|--------|-------|-------|------------------------|
+| [CI/CD job token - **Limit access from your project** setting removal](https://gitlab.com/gitlab-org/gitlab/-/issues/395708) | High | Verify | Project |  |
+| [CI/CD job token - **Authorized groups and projects** allowlist enforcement](https://gitlab.com/gitlab-org/gitlab/-/issues/383084) | High | Govern | Project | Use the [Authentication Log](../ci/jobs/ci_job_token.md#job-token-authentication-log) to verify which projects are authenticating with your project. |
+| [Deprecate License Scanning CI/CD artifact report type](https://gitlab.com/gitlab-org/gitlab/-/issues/439301) | Low | Secure | Project |  |
+| [OpenTofu CI/CD template](https://gitlab.com/components/opentofu/-/issues/43#note_1913822299) | Low | Deploy | Project |  |
+| [CodeClimate-based Code Quality scanning will be removed](https://gitlab.com/gitlab-org/gitlab/-/issues/471677) | High | Secure |  |  |
+| [Replace `add_on_purchase` GraphQL field with `add_on_purchases`](https://gitlab.com/gitlab-org/gitlab/-/issues/476858) | Low | Fulfillment | Instance, group |  |
+| [Replace namespace `add_on_purchase` GraphQL field with `add_on_purchases`](https://gitlab.com/gitlab-org/gitlab/-/issues/489850) | Low | Fulfillment | Instance, group |  |
+| [Public use of Secure container registries is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/470641) | Low | Secure | Instance |  |
+| [Limit number of scan execution policy actions allowed per policy](https://gitlab.com/gitlab-org/gitlab/-/issues/510897) | Low | Security risk management | Instance, group, project |  |
+| [Deprecate CI job implementation of Repository X-Ray](https://gitlab.com/gitlab-org/gitlab/-/issues/500146) | Low | Create | Project |  |
+| [Pipeline job limits extended to the Commits API](https://gitlab.com/gitlab-org/gitlab/-/issues/436361) | Low | Verify | Project |  |
+| [Deprecation of `name` field in `ProjectMonthlyUsageType` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/381894) | Low | Fulfillment | Project |  |
+| [Deprecation of `STORAGE` enum in `NamespaceProjectSortEnum` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/396284) | Low | Fulfillment | Group |  |
+| [Workspaces `editor` GraphQL field is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/508155) | Low | Create | Project |  |
+| [Fix typo in user profile visibility updated audit event type](https://gitlab.com/gitlab-org/gitlab/-/issues/474386) | Low | Software supply chain security | Instance |  |
+| [DAST `dast_devtools_api_timeout` will have a lower default value](https://gitlab.com/gitlab-org/gitlab/-/issues/517254) | Low | Application security testing | Project |  |
+| [API Discovery will use branch pipelines by default](https://gitlab.com/gitlab-org/gitlab/-/issues/515487) | Low | Application_security_testing | Project |  |
+| [Container Scanning default severity threshold set to `medium`](https://gitlab.com/gitlab-org/gitlab/-/issues/515358) | Low | Application security testing | Project |  |
+| [Subscription related API endpoints in the public API are deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/515371#note_2319368251) | Low | Fulfillment | Instance |  |
+| [`maxHoursBeforeTermination` GraphQL field is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |  |
+| [`RemoteDevelopmentAgentConfig` GraphQL type is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |  |
+| [`defaultMaxHoursBeforeTermination` and `maxHoursBeforeTerminationLimit` fields are deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/509787) | Low | Create | Project |  |
+| [GitLab Advanced SAST will be enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/513685) | Medium | Application security testing | Instance |  |
+| [The `agentk` container registry is moving to Cloud Native GitLab](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/630) | Medium | Deploy | Instance |  |
+| [SAST jobs no longer use global cache settings](https://gitlab.com/gitlab-org/gitlab/-/issues/512564) | Medium | Application security testing | Instance |  |
+| [End-of-Support SAST jobs will be removed from the CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/issues/519133) | High | Application security testing | Project |  |
+| [Application Security Testing analyzers major version update](https://gitlab.com/gitlab-org/gitlab/-/issues/513417) | Low | Application security testing | Project |  |
 
 ## Window 2
 
 This window takes place on April 28 - 30, 2025 from 09:00 UTC to 22:00 UTC.
 
-| Deprecation | Impact | Stage | Scope |
-|-------------|--------|-------|-------|
-| [Replace GraphQL field `take_ownership_pipeline_schedule` with `admin_pipeline_schedule` in PipelineSchedulePermissions](https://gitlab.com/gitlab-org/gitlab/-/issues/391941) | Low | Verify | Project |
-| [The `heroku/builder:22` image is deprecated](https://gitlab.com/gitlab-org/cluster-integration/auto-build-image/-/issues/79) | Medium | Deploy | Project |
-| [`ciMinutesUsed` GraphQL field renamed to `ciDuration`](https://gitlab.com/gitlab-org/gitlab/-/issues/497364) | Medium | Verify | Instance |
-| [`mergeTrainIndex` and `mergeTrainsCount` GraphQL fields deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/473759) | Low | Verify | Project |
-| [Behavior change for Upcoming and Started milestone filters](https://gitlab.com/gitlab-org/gitlab/-/issues/501294) | Low | Plan | Group, project |
-| [`kpt`-based `agentk` is deprecated](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/656) | Low | Deploy | Project |
-| [Updating CI/CD job tokens to JWT standard](https://gitlab.com/gitlab-org/gitlab/-/issues/509578) | Low | Software supply chain security | Project |
+| Deprecation | Impact | Stage | Scope | Check potential impact |
+|-------------|--------|-------|-------|------------------------|
+| [Replace GraphQL field `take_ownership_pipeline_schedule` with `admin_pipeline_schedule` in PipelineSchedulePermissions](https://gitlab.com/gitlab-org/gitlab/-/issues/391941) | Low | Verify | Project |  |
+| [The `heroku/builder:22` image is deprecated](https://gitlab.com/gitlab-org/cluster-integration/auto-build-image/-/issues/79) | Medium | Deploy | Project |  |
+| [`ciMinutesUsed` GraphQL field renamed to `ciDuration`](https://gitlab.com/gitlab-org/gitlab/-/issues/497364) | Medium | Verify | Instance |  |
+| [`mergeTrainIndex` and `mergeTrainsCount` GraphQL fields deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/473759) | Low | Verify | Project |  |
+| [Behavior change for Upcoming and Started milestone filters](https://gitlab.com/gitlab-org/gitlab/-/issues/501294) | Low | Plan | Group, project |  |
+| [`kpt`-based `agentk` is deprecated](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/656) | Low | Deploy | Project |  |
+| [Updating CI/CD job tokens to JWT standard](https://gitlab.com/gitlab-org/gitlab/-/issues/509578) | Low | Software supply chain security | Project |  |
 
 ## Window 3
 
 This window takes place on May 5 - 7, 2025 from 09:00 UTC to 22:00 UTC.
 
-| Deprecation | Impact | Stage | Scope |
-|-------------|--------|-------|-------|
-| [GitLab.com certificate-based integration with Kubernetes](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) | Medium | Deploy |  |
-| [Runner `active` GraphQL fields replaced by `paused`](https://gitlab.com/gitlab-org/gitlab/-/issues/351109) | Low | Verify | Instance, group, project |
-| [ZenTao integration](https://gitlab.com/gitlab-org/gitlab/-/issues/377825) | Low | Foundations | Instance |
-| [GraphQL deprecation of `dependencyProxyTotalSizeInBytes` field](https://gitlab.com/gitlab-org/gitlab/-/issues/414236) | Low | Package | Group |
-| [The `ci_job_token_scope_enabled` projects API attribute is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/423091) | Low | Govern | Project |
-| [Deprecate license metadata format V1](https://gitlab.com/gitlab-org/gitlab/-/issues/438477) | Low | Secure | Instance |
-| [The `direction` GraphQL argument for `ciJobTokenScopeRemoveProject` is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/383084) | Low | Govern | Project |
-| [Replace `threshold` with `maxretries` for container registry notifications](https://gitlab.com/gitlab-org/container-registry/-/issues/1243) | Low | Package | Project |
-| [GraphQL `target` field for to-do items replaced with `targetEntity`](https://gitlab.com/gitlab-org/gitlab/-/issues/484987) | Low | Foundations | Project |
-| [`ciJobTokenScopeAddProject` GraphQL mutation is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/474175) | Low | Govern | Project |
-| [Removal of `migrationState` field in `ContainerRepository` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/459869) | Low | Package | Project |
-| [Updated tooling to release CI/CD components to the Catalog](https://gitlab.com/groups/gitlab-org/-/epics/12788) | High | Verify | Instance |
-| [Increased default security for use of pipeline variables](https://gitlab.com/gitlab-org/gitlab/-/issues/502382) | Medium | Verify | Project |
-| [Amazon S3 Signature Version 2](https://gitlab.com/gitlab-org/container-registry/-/issues/1449) | Low | Package | Project |
-| [Dependency Proxy token scope enforcement](https://gitlab.com/gitlab-org/gitlab/-/issues/426887) | High | Package | Group |
-| [Remove duoProAssignedUsersCount GraphQL field](https://gitlab.com/gitlab-org/gitlab/-/issues/498671) | Low | Plan | Group, project |
-| [Remove `previousStageJobsOrNeeds` from GraphQL](https://gitlab.com/gitlab-org/gitlab/-/issues/424417) | Low | Verify | Instance |
+| Deprecation | Impact | Stage | Scope | Check potential impact |
+|-------------|--------|-------|-------|------------------------|
+| [GitLab.com certificate-based integration with Kubernetes](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) | Medium | Deploy |  |  |
+| [Runner `active` GraphQL fields replaced by `paused`](https://gitlab.com/gitlab-org/gitlab/-/issues/351109) | Low | Verify | Instance, group, project |  |
+| [ZenTao integration](https://gitlab.com/gitlab-org/gitlab/-/issues/377825) | Low | Foundations | Instance |  |
+| [GraphQL deprecation of `dependencyProxyTotalSizeInBytes` field](https://gitlab.com/gitlab-org/gitlab/-/issues/414236) | Low | Package | Group |  |
+| [The `ci_job_token_scope_enabled` projects API attribute is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/423091) | Low | Govern | Project |  |
+| [Deprecate license metadata format V1](https://gitlab.com/gitlab-org/gitlab/-/issues/438477) | Low | Secure | Instance |  |
+| [The `direction` GraphQL argument for `ciJobTokenScopeRemoveProject` is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/383084) | Low | Govern | Project |  |
+| [Replace `threshold` with `maxretries` for container registry notifications](https://gitlab.com/gitlab-org/container-registry/-/issues/1243) | Low | Package | Project |  |
+| [GraphQL `target` field for to-do items replaced with `targetEntity`](https://gitlab.com/gitlab-org/gitlab/-/issues/484987) | Low | Foundations | Project |  |
+| [`ciJobTokenScopeAddProject` GraphQL mutation is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/474175) | Low | Govern | Project |  |
+| [Removal of `migrationState` field in `ContainerRepository` GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/issues/459869) | Low | Package | Project |  |
+| [Updated tooling to release CI/CD components to the Catalog](https://gitlab.com/groups/gitlab-org/-/epics/12788) | High | Verify | Instance |  |
+| [Increased default security for use of pipeline variables](https://gitlab.com/gitlab-org/gitlab/-/issues/502382) | Medium | Verify | Project |  |
+| [Amazon S3 Signature Version 2](https://gitlab.com/gitlab-org/container-registry/-/issues/1449) | Low | Package | Project |  |
+| [Dependency Proxy token scope enforcement](https://gitlab.com/gitlab-org/gitlab/-/issues/426887) | High | Package | Group |  |
+| [Remove duoProAssignedUsersCount GraphQL field](https://gitlab.com/gitlab-org/gitlab/-/issues/498671) | Low | Plan | Group, project |  |
+| [Remove `previousStageJobsOrNeeds` from GraphQL](https://gitlab.com/gitlab-org/gitlab/-/issues/424417) | Low | Verify | Instance |  |
diff --git a/lib/tasks/gitlab/docs/compile_windows.rake b/lib/tasks/gitlab/docs/compile_windows.rake
index 0b41d675788..7ef65589fe7 100644
--- a/lib/tasks/gitlab/docs/compile_windows.rake
+++ b/lib/tasks/gitlab/docs/compile_windows.rake
@@ -63,13 +63,13 @@ def write_windows_content(file)
 
       This window takes place on #{data[:date]} from #{data[:time]}.
 
-      | Deprecation | Impact | Stage | Scope |
-      |-------------|--------|-------|-------|
+      | Deprecation | Impact | Stage | Scope | Check potential impact |
+      |-------------|--------|-------|-------|------------------------|
     WINDOW
 
     data[:changes].each do |deprecation|
       file.puts "| [#{deprecation[:title]}](#{deprecation[:issue_url]}) | #{deprecation[:impact]&.capitalize} | " \
-        "#{deprecation[:stage]&.capitalize} | #{deprecation[:scope]&.capitalize} |"
+        "#{deprecation[:stage]&.capitalize} | #{deprecation[:scope]&.capitalize} | #{deprecation[:check_impact]} |"
     end
 
     file.puts unless index == WINDOWS.size - 1
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index a9917a415b5..fd2e18e254c 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -15470,6 +15470,12 @@ msgstr ""
 msgid "ComplianceFramework|No compliance frameworks are set up yet"
 msgstr ""
 
+msgid "ComplianceManagement|Framework"
+msgstr ""
+
+msgid "ComplianceManagement|Requirement"
+msgstr ""
+
 msgid "ComplianceReport|Apply frameworks to selected projects"
 msgstr ""
 
@@ -15661,6 +15667,9 @@ msgstr ""
 msgid "ComplianceStandardsAdherence|Framework"
 msgstr ""
 
+msgid "ComplianceStandardsAdherence|Frameworks"
+msgstr ""
+
 msgid "ComplianceStandardsAdherence|Group by"
 msgstr ""
 
@@ -15742,6 +15751,9 @@ msgstr ""
 msgid "ComplianceStandardsAdherence|Requirement"
 msgstr ""
 
+msgid "ComplianceStandardsAdherence|Requirements"
+msgstr ""
+
 msgid "ComplianceStandardsAdherence|SAST scan"
 msgstr ""
 
@@ -24986,6 +24998,9 @@ msgstr ""
 msgid "Failed to assign a user because no user was found."
 msgstr ""
 
+msgid "Failed to assign the framework to project %{project_name}"
+msgstr ""
+
 msgid "Failed to assign the framework to the project"
 msgstr ""
 
@@ -25211,6 +25226,9 @@ msgstr ""
 msgid "Failed to remove mirror."
 msgstr ""
 
+msgid "Failed to remove the framework from project %{project_name}"
+msgstr ""
+
 msgid "Failed to remove the pipeline schedule"
 msgstr ""
 
@@ -25328,6 +25346,9 @@ msgstr ""
 msgid "Feature flag"
 msgstr ""
 
+msgid "Feature flag `custom_admin_roles` is not enabled for the instance"
+msgstr ""
+
 msgid "Feature flag status"
 msgstr ""
 
@@ -41195,6 +41216,9 @@ msgstr ""
 msgid "Only accessible by %{membersPageLinkStart}project members%{membersPageLinkEnd}. Membership must be explicitly granted."
 msgstr ""
 
+msgid "Only admin custom roles can be assigned"
+msgstr ""
+
 msgid "Only effective when remote storage is enabled. Set to 0 for no size limit."
 msgstr ""
 
@@ -70290,6 +70314,9 @@ msgstr ""
 msgid "created pipeline for commit %{linkStart}%{shortId}%{linkEnd}"
 msgstr ""
 
+msgid "custom_roles licensed feature must be available"
+msgstr ""
+
 msgid "daily"
 msgstr ""
 
diff --git a/spec/frontend/lib/utils/datetime/date_format_utility_spec.js b/spec/frontend/lib/utils/datetime/date_format_utility_spec.js
index 0eb50641ed4..452f6c4780a 100644
--- a/spec/frontend/lib/utils/datetime/date_format_utility_spec.js
+++ b/spec/frontend/lib/utils/datetime/date_format_utility_spec.js
@@ -400,6 +400,13 @@ describe('date_format_utility.js', () => {
     });
   });
 
+  describe('toISOStringWithoutMilliseconds', () => {
+    it('should format a Date object into ISO string without milliseconds', () => {
+      const date = new Date('2020-01-29:12:34:56.789');
+      expect(utils.toISOStringWithoutMilliseconds(date)).toBe('2020-01-29T12:34:56Z');
+    });
+  });
+
   describe('prettyTime methods', () => {
     // eslint-disable-next-line max-params
     const assertTimeUnits = (obj, minutes, hours, days, weeks) => {
diff --git a/spec/frontend/todos/components/toggle_snoozed_status_spec.js b/spec/frontend/todos/components/toggle_snoozed_status_spec.js
index a740b965ad1..6888e4f9167 100644
--- a/spec/frontend/todos/components/toggle_snoozed_status_spec.js
+++ b/spec/frontend/todos/components/toggle_snoozed_status_spec.js
@@ -32,7 +32,7 @@ describe('ToggleSnoozedStatus', () => {
       todoSnooze: {
         todo: {
           ...mockTodo,
-          snoozedUntil: mockCurrentTime,
+          snoozedUntil: '2024-12-18T13:24:00Z',
         },
         errors: [],
       },
@@ -41,7 +41,7 @@ describe('ToggleSnoozedStatus', () => {
   const unSnoozeTodoMutationSuccessHandler = jest.fn().mockResolvedValue({
     data: {
       todoUnSnooze: {
-        todo: { ...mockTodo, snoozedUntil: mockCurrentTime },
+        todo: { ...mockTodo, snoozedUntil: null },
         errors: [],
       },
     },
@@ -108,7 +108,7 @@ describe('ToggleSnoozedStatus', () => {
     findSnoozeTimePicker().vm.$emit('snooze-until', mockCurrentTime);
 
     expect(snoozeTodoMutationSuccessHandler).toHaveBeenCalledWith({
-      snoozeUntil: mockCurrentTime,
+      snoozeUntil: '2024-12-18T13:24:00Z',
       todoId: mockTodo.id,
     });
     expect(updateGlobalTodoCount).toHaveBeenCalledWith(-1);