gitlab-ce/CHANGELOG.md

Note: This file is automatically generated. Please see the developer documentation for instructions on adding your own entry.

16.7.0 (2023-12-20)

Added (199 changes)

• Geo: Skip download of new blob if already exists (merge request) GitLab Enterprise Edition
• Exempt paid non-trial/enterprise users from identity verification (merge request) GitLab Enterprise Edition
• Add feature toggle for custom CI execution policy (merge request) GitLab Enterprise Edition
• Add namespace setting to enable/disable NuGet symbol server (merge request)
• Soft limit daily phone verification transactions (merge request) GitLab Enterprise Edition
• Cleanup and reschedule finding_id backfilling (merge request)
• Add WorkItems::DatesStart table/model (merge request)
• Allow handling instance custom roles via graphql (merge request) GitLab Enterprise Edition
• Remove SAML Microsoft Attribute Feature Flag (merge request)
• Save timestamp for login in session storage (merge request) GitLab Enterprise Edition
• feat: Add graphql mutation to update container protection rules by @gerardo-navarro (merge request)
• Add feature spec for MR approval settings (merge request) GitLab Enterprise Edition
• Add code added to onboarding progress (merge request)
• Add new fields to GroupType (merge request)
• Store the information about the generated files (merge request)
• Add namespace filtering to streaming destinations (merge request) GitLab Enterprise Edition
• Use XRay data for code generation (merge request) GitLab Enterprise Edition
• Enable security_policies_variables_precedence by default (merge request) GitLab Enterprise Edition
• Expose timeToMerge metrics via GraphQL (merge request) GitLab Enterprise Edition
• Adding group and project filters for instance audit streaming (merge request) GitLab Enterprise Edition
• Add arkose_labs_data_exchange_key column to applicatio_settings table (merge request) GitLab Enterprise Edition
• Move add/editing compliance frameworks to separte page (merge request) GitLab Enterprise Edition
• Added auto_cancel_pipeline_on_job_failure and feature flag by @zillemarco (merge request)
• Support path redirect for component projects (merge request)
• Support multiple ids when querying compliance frameworks (merge request) GitLab Enterprise Edition
• Add support for cyclonedx specVersion 1.5 (merge request)
• Add pre receive secret detection documentation (merge request)
• Adding gin index on name field of compliance frameworks table (merge request)
• Update ingestion logic for vulnerability reads owasp top 10 (merge request) GitLab Enterprise Edition
• Remove explain_vulnerability feature flag (merge request) GitLab Enterprise Edition
• Remove slash_commands feature flag (merge request) GitLab Enterprise Edition
• Add restrict_pipeline_cancellation_role to read project api (merge request) GitLab Enterprise Edition
• Add Internal Events Tracking to Insights charts (merge request) GitLab Enterprise Edition
• Store the information about the generated files (merge request)
• Add PostgresSequence view (merge request)
• Add user viewing catalog logging (merge request)
• Add support for include_descendants (merge request)
• Expose VSD distinct contributor counts via GraphQL (merge request) GitLab Enterprise Edition
• Adding functionality of searching compliance frameworks by name (merge request) GitLab Enterprise Edition
• Remove non_public_artifacts FF (merge request)
• Use Ci::Catalog::Listing class in the Resource Resolver (merge request)
• Add tests for license scanning (merge request) GitLab Enterprise Edition
• Adds API to control model registry project setting (merge request)
• Release Conversational Pipeline Editing (merge request) GitLab Enterprise Edition
• Store the information about the generated files (merge request)
• Background syncing of 'catalog_resources' and 'projects' tables (merge request)
• Add counts.enterprise_users metric (merge request) GitLab Enterprise Edition
• Synchronous index creation to support finding_id backfill (merge request)
• Add performance tests for sync license (merge request) GitLab Enterprise Edition
• Add publish_group feature to Gitlab::EventStore (merge request)
• Reopen issues on a new note from external participants (merge request)
• Add support for querying work items counts by state (merge request)
• Add vulnerabilities to sbom_occurrences ingestion (merge request) GitLab Enterprise Edition
• Compare pipeline refs for secondary jobs (merge request) GitLab Enterprise Edition
• Add the archive_project custom permission (merge request) GitLab Enterprise Edition
• Handles merged events on GitHub Import (merge request)
• Add interruptible to trigger jobs (merge request)
• Add memberCount to memberRole GraphQL type (merge request) GitLab Enterprise Edition
• Create BranchRuleUpdate graphql endpoint (merge request)
• Sync npm metadata cache when package is marked for destruction (merge request)
• Add posibility to return permission in upcase (merge request) GitLab Enterprise Edition
• Add GraphQL API to delete instance Amazon S3 configurations (merge request) GitLab Enterprise Edition
• Rollout enable_remove_all_vulnerabilties_from_project_mutation feature (merge request)
• Allow administrators to provide public security contact information (merge request)
• Adds project feature availability check for model registry (merge request)
• Remove job log jump to failures flag (merge request)
• Add GraphQL API to update instance Amazon S3 configurations (merge request) GitLab Enterprise Edition
• Refactor refresh job for Self-Managed (merge request) GitLab Enterprise Edition
• Implement background syncing for catalog_resources and projects (merge request)
• Inject data attributes to render maven dependency proxy settings (merge request) GitLab Enterprise Edition
• feat: Add graphql mutation to delete container protection rules by @gerardo-navarro (merge request)
• Expose allowedChildTypes in WorkItemType graphQL type (merge request)
• Enable global_ci_catalog globally (merge request)
• Schedule asynchronous index creation to support finding_id backfill (merge request)
• Add a refresh_token parameter to SyncSeatLinkRequestWorker (merge request) GitLab Enterprise Edition
• Endpoint for symbol file download (merge request)
• Update delete_ineligible_user_assignments method (merge request) GitLab Enterprise Edition
• Refactor AffectedVersionRangeMatcher class (merge request) GitLab Enterprise Edition
• Add SAML Auth for Approvals (merge request) GitLab Enterprise Edition
• Add documentation for pages_path_prefix on gitlab-ci.yml (merge request)
• Adding complex merge order dependencies (merge request)
• Add API for listing instance_amazon_s3_configuration for audit events (merge request) GitLab Enterprise Edition
• Add GraphQL mutation to update Organization (merge request)
• Add unique indexes to ci_job_artifacts (merge request)
• Display the new PyPi package metadata fields (merge request)
• Validate key field in CI variables form (merge request)
• Add workload type details (merge request)
• Add workload type details (merge request)
• Create Package during Model Version creation (merge request)
• Add finding builder for Container Scanning (merge request)
• Refactor UserAddOnAssignments and the GQL API (merge request) GitLab Enterprise Edition
• Allow to query value streams on GraphQL (merge request)
• Full dotenv vars support in downstream pipelines by @renehernandez (merge request)
• Include owasp_top_10 to vulnerabilities read model (merge request) GitLab Enterprise Edition
• Introduce new fields to GraphQL ProjectType (merge request)
• Added Diffblue Cover CI template by @roxspring (merge request)
• Hide label close button when label is locked (merge request)
• Add streaming to /code_suggestions/completions API (merge request) GitLab Enterprise Edition
• Added drill down functionality to select Insights charts (merge request) GitLab Enterprise Edition
• Added MLflow API to search for Registered Models (merge request)
• Adds backend project setting for model registry (merge request)
• Restict CI cancellation by role (merge request) GitLab Enterprise Edition
• Change project_authorizations.user_id to LFK (merge request)
• Adding MLFlow API for creating model versions (merge request)
• Add worker to cleanup orphaned packages_nuget_symbols records (merge request)
• Add feature to stream instance audit events to Amazon S3 destinations (merge request) GitLab Enterprise Edition
• Add API for creating instance_amazon_s3_configuration for audit events (merge request) GitLab Enterprise Edition
• Use code suggestions without GitLab Duo prefix (merge request) GitLab Enterprise Edition
• Enable Natural Language Git assistent (merge request)
• Adds query 'Query.addOnPurchase' (merge request) GitLab Enterprise Edition
• Add auto_cancel_on_new_commit to ci_pipeline_metadata and remove a const (merge request)
• Show dismissal reason descriptions in bulk actions (merge request) GitLab Enterprise Edition
• Feat(key_contacts_management): Add feature flag (merge request) GitLab Enterprise Edition
• Allow comment in SecurityFindingRevertToDetected mutation (merge request) GitLab Enterprise Edition
• Store event durations in VSA tables (merge request)
• Prepare Ci::JobArtifact for partitioning 1/3 (merge request)
• Add Mutations::Vulnerabilities::RemoveAllFromProject (merge request) GitLab Enterprise Edition
• Add integration tests for license scanning (merge request) GitLab Enterprise Edition
• Add retry:exit_codes syntax for CI config by @BaptisteLalanne (merge request)
• Introduce Gitlab::CircuitBreaker (merge request)
• Introduce extended_trailers field in commits API (merge request)
• Allow specifying Docker image platform to pull by @ar-mali (merge request)
• Filtering audit events by namespace filters (merge request) GitLab Enterprise Edition
• Update security policies when compliance framework is updated (merge request) GitLab Enterprise Edition
• Docs: Add auth_timeout flag for Gitlab Pages (merge request)
• Work items - Add ancestors widget (merge request)
• Add test sumary section to the job section sidebar (merge request)
• Add member_role_id to group_saml_links (merge request) GitLab Enterprise Edition
• Enable Contribution Analytics page size FF (merge request) GitLab Enterprise Edition
• Add self_managed_add_on_eligible_users to query types (merge request) GitLab Enterprise Edition
• Added MLFLow API to delete a registered model by name (merge request)
• Reschedule BackfillFindingIdInVulnerabilities background migration (merge request)
• Add endpoint for prevent_merge_without_jira_issue (merge request) GitLab Enterprise Edition
• Add experimental namespace_in_path pages url in project deploy (merge request)
• Show email_reset_offered_at to admin users (merge request)
• Add watch API for k8s services (merge request)
• Add watch API for k8s workload types (merge request)
• Add comment form to an abuse report (merge request)
• Breadcrumbs navigation in the Workspaces UI (merge request)
• Log audit event when custom role is created (merge request) GitLab Enterprise Edition
• Add product analytics group usage quota tab (merge request) GitLab Enterprise Edition
• Add object_format field to project_repositories (merge request)
• Add allowsMultipleAssignees field to assignees widget defintion (merge request) GitLab Enterprise Edition
• Remove mastodon_social_ui feature flag (merge request)
• Add saving a custom role to SAML providers (merge request) GitLab Enterprise Edition
• Show survey alert when group_analytics_dashboards is enabled (merge request) GitLab Enterprise Edition
• Add support for ObjectFormatRequest RPC (merge request)
• Make job_artifact_state partitionable (merge request)
• Add Mutation.memberRoleDelete to delete a member role (merge request) GitLab Enterprise Edition
• Allow staring and unstaring of a project via GraphQL by @espadav8 (merge request)
• Add migration for new column (merge request)
• Add filter_project_topics setting to Dora Performers Score chart (merge request) GitLab Enterprise Edition
• Track CS subscription namespace IDs (merge request) GitLab Enterprise Edition
• Enable generate commit message through VertexAI (merge request) GitLab Enterprise Edition
• Use correct attribute for distro_version (merge request)
• This MR adds linked file mode (merge request) GitLab Enterprise Edition
• Add member_role_id to saml_providers (merge request) GitLab Enterprise Edition
• Link security policies to compliance frameworks on policy change (merge request) GitLab Enterprise Edition
• Add projects field to compliance framework GraphQL type (merge request) GitLab Enterprise Edition
• Import approvals from Bitbucket server (merge request)
• Allow to update/create stages for value streams (merge request) GitLab Enterprise Edition
• Set up many-to-many assoc between AbuseReport and User (assignee) (merge request)
• Add user_permissions field to ContainerRepository/Tag type (merge request)
• Added predefined variable for merge request descriptions (merge request)
• Display spam icon to admins next to snippets of banned users (merge request)
• Introduce new Group Users API endpoint (merge request) GitLab Enterprise Edition
• Create instance_audit_events_amazon_s3_configurations table (merge request) GitLab Enterprise Edition
• Expose present_on_default_branch field (merge request) GitLab Enterprise Edition
• Use SyncServiceTokenWorker by default (merge request)
• Release remove remote_development_feature_flag (merge request) GitLab Enterprise Edition
• Add UI to support SHA256 repositories creation (merge request)
• Add workspaces_quota and workspaces_per_user_quota fields (merge request)
• Add X-Gitlab-Host-Name to the AI Gateway header (merge request)
• feat: Add graphql mutation to update package protection rules by @gerardo-navarro (merge request)
• Add unit test for license scanning (merge request) GitLab Enterprise Edition
• Converted search type indicator to Vue (merge request) GitLab Enterprise Edition
• This MR adds section for custom yaml (merge request) GitLab Enterprise Edition
• Add max_workspaces & max_workspaces_per_user field (merge request)
• Rate limit /completions API endpoint (merge request) GitLab Enterprise Edition
• Enable generate test file functionality through vertex (merge request) GitLab Enterprise Edition
• Allow specifying Docker image platform to pull by @ar-mali (merge request)
• Added destroy api for namespace filters (merge request) GitLab Enterprise Edition
• Add COMPRESS_CMD backup option (merge request)
• Adds read_timeout to Service Desk custom email verification errors (merge request)
• Default_resources_per_workspace_container, max_resources_per_workspace (merge request)
• Adjust ingestion pipeline to populate finding_id (merge request) GitLab Enterprise Edition
• Accept current_file parameter for Duo Chat (merge request) GitLab Enterprise Edition
• Enfoce SSH Certificates via Settings (merge request)
• Initial commit of gitlab-secret_detection gem (merge request)
• Adds the Ci::Catalog::Resources::Destroy service (merge request)
• Add metrics for compliance group (merge request) GitLab Enterprise Edition
• Enable scan_result_any_merge_request by default (merge request) GitLab Enterprise Edition
• Add setup for new Ultimate trial plan (merge request) GitLab Enterprise Edition
• Add Tool option to Group By (merge request) GitLab Enterprise Edition
• Removes widget_pipeline_pass_subscription_update feature flag (merge request)
• Add clean Gitlab Duo chat history functionality (merge request) GitLab Enterprise Edition
• This MR adds compliance framework tooltip (merge request) GitLab Enterprise Edition
• Ingest Service Desk custom email address replies (merge request)
• Removes the target_branch_rules_flag feature (merge request)

Fixed (207 changes)

• Prevent duplicate resource links in incidents (merge request)
• Milestones finder - filter by id OR title by @zzaakiirr (merge request)
• Awards: Fix alignment with custom Emojis (merge request)
• Fixed the layout of the work item health status widget by @zillemarco (merge request)
• Refresh security policies only when user is present in approvers (merge request) GitLab Enterprise Edition
• Improved reorderable lists for touch devices (merge request) GitLab Enterprise Edition
• Allow creating assignee lists for invited members (merge request) GitLab Enterprise Edition
• Hide "Merge immediately" button when fast-forward is not possible (merge request) GitLab Enterprise Edition
• Fix creating/updating/destroying of project group links (merge request)
• Animate approval icon on MR reviewers section (merge request)
• Fix inline code serialization in rich text editor (merge request)
• Fix pasting in code blocks in content editor (merge request)
• Fix code block serialization in rich text editor (merge request)
• Close button was not being dispalyed for open MRs (merge request)
• Include group links in access level checks (merge request) GitLab Enterprise Edition
• Add importing: true to GitHub import objects (merge request)
• Fix N+1 queries in vulnerability exports (merge request) GitLab Enterprise Edition
• Fix URL on the UI when unique domain and namespace_in_path is enabled (merge request)
• Stop finding tagless releases (merge request)
• Skip importing pull requests from forks (merge request)
• Push Rules API 404 when dot in the namespace (merge request) GitLab Enterprise Edition
• Fix the missing routing in wiki elasticsearch (merge request) GitLab Enterprise Edition
• Update security_findings fix_available filter to include solution field (merge request) GitLab Enterprise Edition
• Unify storage related banners width (merge request)
• Changes for PAT creation to calculate expiry date as set by user (merge request) GitLab Enterprise Edition
• Fix Board Issue avatar spacing (merge request)
• Fix scrolling issue in rich text editor autocomplete (merge request)
• Fix scrolling tabs on activity view (merge request)
• Fix quick links styling with autodevops off (merge request)
• Dependency Proxy: add group access scope checks (merge request)
• Move deprovisioning of paid group and project features (merge request) GitLab Enterprise Edition
• Include blob_path in VulnerabilityLocationType (merge request) GitLab Enterprise Edition
• Vulnerability report: fix sticky header when error (merge request) GitLab Enterprise Edition
• Fix metrics server not shutting down when Puma is stopped (merge request)
• Show project actions dropdown text on small screens (merge request)
• Add method for removing duplicate epics (merge request) GitLab Enterprise Edition
• Use search_service to determine type (merge request)
• Deduplicate finding maps by UUID before ingestion (merge request)
• Emoji Picker: Fix wrongly shown active tab after closing (merge request)
• Refactor wiki_class_proxy to make simple (merge request) GitLab Enterprise Edition
• Fixed search type indicator bug (merge request)
• Checks if import data contains credentials and data (merge request)
• Fix enabled_zoekt? logic (merge request) GitLab Enterprise Edition
• Prevent showing repos in the new MR dropdown that are inaccessible (merge request)
• Update invalid rules text color for 4.5:1 WCAG 2.1 AA contrast (merge request)
• Do not fail import on NoMethodError (merge request)
• Finding builder errors should be recoverable (merge request)
• Choosing a base diff if using a specific diff id (merge request)
• Don't show project limit popover when FF is disabled (merge request) GitLab Enterprise Edition
• Search indication message alignment (merge request)
• Handle invalid vulnerabilities, finalize bg migration (merge request) GitLab Enterprise Edition
• Tree header controls: Fix alignment and spacing on mobile (merge request)
• Refactor logged out header to isolate styles specific to it's usage (merge request)
• Fix sticky header on vulnerability reports (merge request) GitLab Enterprise Edition
• Fetch group and project after session has been loaded (merge request)
• Accept [PermissionsEnum] instead of [String] (merge request) GitLab Enterprise Edition
• Fix rich text editor format toolbar wrapping (merge request)
• Sanitize custom maintenance mode message (merge request) GitLab Enterprise Edition
• Update logs tree encoding method (merge request)
• fix: Secret Detection findings should require manual resolution (merge request) GitLab Enterprise Edition
• Fix deprovisioning paid features upon transfer to subgroups (merge request) GitLab Enterprise Edition
• Use until_executed deduplication for CoverageReportWorker (merge request)
• Copy iteration system notes on moving issue (merge request) GitLab Enterprise Edition
• Fixes error when noteable is Commit in CreateNoteHandler (merge request)
• Provide minimal access options for custom roles (merge request) GitLab Enterprise Edition
• Fix undefined method <= for nil:NilClass on pages:deploy (merge request)
• Correct aria-expanded usage for related issues (merge request) GitLab Enterprise Edition
• Fix duplicate CI variables when running manual jobs (merge request)
• Add snowsplow to the CSP of all controllers (merge request)
• Compliance framework badge remove custom styles (merge request) GitLab Enterprise Edition
• Fix pre-enforcement banner width (merge request)
• Fix maintenance mode toggle in admin settings (merge request) GitLab Enterprise Edition
• Fix broken dependency list aggregation (merge request) GitLab Enterprise Edition
• Requeue backfill migration for remediations (merge request)
• Update branch protection default setting values (merge request)
• Correctly deduplicate vulnerabilities with 8 digit image tags (merge request) GitLab Enterprise Edition
• Fix project templates at instance level (merge request)
• Fix alignment issues with the MR widget (merge request) GitLab Enterprise Edition
• Fix undefined method `downcase' error (merge request)
• Send confirmation instructions to provisioned by group users if needed (merge request) GitLab Enterprise Edition
• Bump LocalStorageCache key version (merge request)
• Sidebar spacing changes (merge request)
• Do not import if import data is missing (merge request)
• Render different headings when isModal is false (merge request)
• Update creation of Direct Transfer batch exports to use in_batches (merge request)
• Convert events author_id to users foreign key to a LFK (merge request)
• Upsert Vulnerabilities::Scanner (merge request) GitLab Enterprise Edition
• Fix 500 error for X509 commits without a certificate (merge request)
• Allow paratheses for template names (merge request)
• Fix loading of ancestors for signed out users (merge request)
• Fix Z-index Issue on inline Findings Dropdown (merge request)
• Fix hidden retry job dropdown in safari (merge request)
• Fix 500 error when accessing resources as anonymous user (merge request)
• Consider relative URL root in group overview tabs by @zzaakiirr (merge request)
• Fix pages path_prefix ci variable expansion (merge request) GitLab Enterprise Edition
• Fix work item loading as signed out user (merge request)
• Fix code generation anthropic prompt (merge request) GitLab Enterprise Edition
• Fix push & merge branch rules label (merge request)
• Fix task list updates for different issue types (merge request)
• Fix clicking edit the second time on commit comments (merge request)
• Skip email domain checks for service accounts (merge request) GitLab Enterprise Edition
• Gracefully handle corrupted/invalid repo HEAD (merge request)
• Fix work item ancestor loading for user namespaces (merge request)
• Fix undefined framework_id error when unassigning framework (merge request) GitLab Enterprise Edition
• Update mobile spacing of nav links (merge request)
• Commit info: Fix for broken wrapping (merge request)
• Update docs redirects 2023-11-29 (merge request)
• Adjust styling of md editor header (merge request)
• Improve error handling on Usage Quotas (merge request) GitLab Enterprise Edition
• Fix cluster reindexing preflight check (merge request) GitLab Enterprise Edition
• Fix unlocking non-successful pipelines (merge request)
• Fix issue and epic title alignment on small screens (merge request)
• Quick action parsing fixed (merge request)
• Remove notifications from sm issue dropdown behind feature flag (merge request)
• Fix pull mirroring for projects created from templates (merge request) GitLab Enterprise Edition
• Stop Inline Findings Polling when error occurred (merge request) GitLab Enterprise Edition
• Fix scope of project visibility checks when changing group visibility (merge request)
• Fix overflow issue of focus in commit info (merge request)
• Comment on file button expands the file (merge request)
• Remove contributions_calendar_refactoring feature flag by @zzaakiirr (merge request)
• Fix adding confidential child tasks (merge request)
• Fix TLS support for standalone Redis (merge request)
• Fix Kubernetes cluster health badge (merge request)
• Fix project access tokens page for admin (merge request)
• Return job_waiter if an error is raised (merge request)
• Fix javascript errors that occur due to missing elements on project page (merge request) GitLab Enterprise Edition
• Add delay between pipeline schedules execution (merge request)
• Fix copy ref shortcut on issues (merge request)
• Pipelines Artifact set max-height to dropdown (merge request)
• Clarify error when base url invlaid (merge request)
• Blob controls: Fix alignment (merge request)
• MR widget: remove double border Part II (merge request)
• Allow PAT to be rotated in edge case (merge request) GitLab Enterprise Edition
• Bitbucket server should not import when failed (merge request)
• Fix NoMethodError in Vulnerabilities::RemoveAllVulnerabilitiesWorker (merge request)
• Rename package metadata advisory source xid (merge request)
• Fix MS Graph Client validation of token when no token exists (merge request) GitLab Enterprise Edition
• Add migration to fix broken user achievement records by @Taucher2003 (merge request)
• Migrate fields of UserAchievement to Ghost User on User deletion by @Taucher2003 (merge request)
• Allow developers invited through group to read group runners (merge request)
• Set failure flag on parent import when an entity fails (merge request)
• Include scheduled when deduplicating ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Change the foreign key to member_roles on members (merge request)
• Fix the index_name in IndexrepairService (merge request) GitLab Enterprise Edition
• Fixed error for work item update task (merge request)
• Avoid idling in transaction when exporting relation using DirectTransfer (merge request)
• Move unlock pipeline cron scheduler out of ee (merge request)
• MR widget: remove double border (merge request)
• Improve delete_software_license_policies query (merge request)
• Refresh project statistics when removing a fork relationship (merge request)
• Add guard when vun read is absent (merge request) GitLab Enterprise Edition
• Allow + in abuse detection (merge request)
• Enable API redirection for moved projects (merge request)
• Truncate verification failure message to 255 (merge request) GitLab Enterprise Edition
• Package registry: truncate Pypi metadata fields (merge request)
• Handle invalid MIME type on multipart upload (merge request)
• Fixes type bug in MLflow Registered Models API response (merge request)
• Consistency fixes for Tasks widget (merge request)
• Fix ingestion logic for remediations (merge request)
• Geo: Fix VerificationStateBackfillWorker N+1 queries (merge request) GitLab Enterprise Edition
• Update formatTimeAsSummary helper function (merge request)
• Hide stage::deploy filter from issue/mr dashboard (merge request)
• Don't show /invite_email quick action on new issue (merge request)
• Boards - Fix fetching blocking issues (merge request) GitLab Enterprise Edition
• Fix inconsistent scroll to file in 'Show one file at a time' mode (merge request)
• Skip encrypted settings logic for Redis when used by Mailroom (merge request)
• Pipelines Artifact set max-height to dropdown (merge request)
• Replace cropper with cropperjs by @brianjaustin (merge request)
• Fix Security Reports widget not displaying error message (merge request) GitLab Enterprise Edition
• Failing bulk import entity on abort_on_failure (merge request)
• Allow project developers to read runners (merge request)
• Stop CI minutes legacy tracking (merge request)
• Clone button: Styles missing on empty project page (merge request)
• Randomize cron minutes for schedules (merge request)
• Fix token for repository tree keyset pagination (merge request)
• Fix iteration cadence and wild card filter for boards (merge request)
• Removing FF fallback_to_db to ensure we recache ids on cache miss (merge request)
• Fix vertical line on user activity (merge request)
• Allow users to authenticate via OAuth with password-based providers (merge request)
• Increase z index of MR sticky header (merge request)
• Remove Cluster Image Scanning (merge request)
• Only show published catalog resources (merge request)
• Fix public deploy key form (merge request)
• Add block to parent wiget collapsible listbox (merge request)
• Include merge request approved events in Profile heat map by @zzaakiirr (merge request)
• Convert reference text to a reference after spacebar (merge request)
• Handles issue refs that do not have specific issue names (merge request)
• Stop validating snippets when restoring from backup (merge request)
• Add PagesDeployment upload_finished field (merge request)
• Fixes MLflow compatibility issue in model versions API (merge request)
• Don't use cached value for snippet edit (merge request)
• Pipeline Minigraph: Fix job dropdown item link renders twice (merge request)
• Round deployment frequency avg. to nearest 10th (merge request) GitLab Enterprise Edition
• Resets pagination on applying filter on Seats tab on Usage Quotas page (merge request) GitLab Enterprise Edition
• Fix sidebar wiki heading color (merge request)
• Mini Pipeline: Fix alignment of linked items (merge request)
• Add exclusive lock for UpdateRepositoryStorageWorker (merge request)
• Use project CI config path to show CI blob viewer (merge request)
• Fixes LimitAlertComponent access check (merge request) GitLab Enterprise Edition
• Fix button alignment in child issues and epic widget (merge request)
• Fix group page erroring because of nil user (merge request)
• Increse billable users when using custom roles (merge request) GitLab Enterprise Edition
• Initialize Confirm Rollback Modal in Env Folders (merge request)
• Prefer custom sort order with search in users API (merge request)
• Return SAST report errors in an errors array (merge request) GitLab Enterprise Edition
• Support EDITOR having arguments in encrypted secrets Rake tasks (merge request)
• Release GitHub importer higher Sidekiq interrupts (merge request)

Changed (279 changes)

• Refactor code_suggestions_ga_non_owner_alert feature spec GitLab Enterprise Edition
• Adds support to filter packages by version (merge request)
• Add copy to clipboard button to merge conflict file header (merge request)
• Project/group overview: Migrate to use type scale heading (merge request)
• Issuables: Small visual changes to sidebar appearance (merge request)
• Skip ingesting the SBOM reports if any of the SBOM builds fail (merge request) GitLab Enterprise Edition
• Move profile/password to user_settings (merge request)
• Improve logs of the Sidekiq reliable fetcher (merge request)
• Change feature flag from dev to ops (merge request)
• Update gitlab pages version (merge request)
• Change the order of package tags when generate package metadata (merge request)
• Makes creating ai_features token always possible (merge request)
• Adding secuity details section to Project-level Secure Files docs (merge request)
• Allow local network for custom email SMTP host for self-managed (merge request)
• Display temporary extension details in subscription card (merge request) GitLab Enterprise Edition
• Add free access end date to code suggestions alert (merge request) GitLab Enterprise Edition
• Improve Security Training Description (merge request) GitLab Enterprise Edition
• Simplify the MR header with unicode characters and secondary button (merge request)
• Refactored TimelogResolver splitting it up into a resolver and a finder by @zillemarco (merge request)
• Backend changes for workspaces admin (merge request) GitLab Enterprise Edition
• Add filtering for the standards adherence report (merge request) GitLab Enterprise Edition
• Add explicit name to have predictable path name (merge request) GitLab Enterprise Edition
• Migrate ssh keys alert to use pajamas by @missy-davies (merge request)
• Add instance AWS S3 streaming destinations (merge request) GitLab Enterprise Edition
• Discussion lock: Add specs for FF (merge request)
• Warn webhook token will be cleared when URL changes (merge request)
• Add more patterns to gitleaks.toml (merge request) GitLab Enterprise Edition
• Emoji group picker: Migrate button (merge request)
• Truncate a ci mr description if it is too long (merge request)
• Project overview sidebar: Use right sidebar variable (merge request)
• Updates instructions for GitLab.com (merge request)
• Swap primary key on ci_pipeline_variables (merge request)
• Redirect personal access tokens to user_settings (merge request)
• Fixed cyclical dependency of custom project templates feature check (merge request) GitLab Enterprise Edition
• Add migrations for source_package_name column (merge request)
• Update devops illustration (merge request)
• Changed the documentation text from policy to statement (merge request)
• Update text for CI Variables settings (merge request)
• Update dependency auto-deploy-image to v2.71.0 (merge request)
• Migrate doorkeeper alert to use pajamas by @missy-davies (merge request)
• Add severity sorting for sbom_occurrences (merge request) GitLab Enterprise Edition
• Add way to disaable zoekt search via chatops (merge request) GitLab Enterprise Edition
• Enable blob blame by default (merge request)
• Enable graphql git blame feature flag (merge request)
• Cleanup for converted ci_stages.pipeline_id conversion for self host (merge request)
• Adds FE banner for importing projects (merge request)
• Redirect oauth applications to user_settings (merge request)
• Updating contribution docs by @davidwatts111 (merge request)
• Updating docs by @davidwatts111 (merge request)
• Only use code-gecko for code completion (merge request)
• Emoji group picker: Migrate button (merge request)
• Move git command assistant to vertex (merge request) GitLab Enterprise Edition
• Only use claude-2.0 for code generation (merge request)
• Emoji picker tab button migration (merge request)
• Enable linked_work_items by default (merge request)
• Remove approval rules when removing authorization (merge request) GitLab Enterprise Edition
• Exclude each_batch from Style/SymbolProc rubocop rule (merge request)
• Updating UI text by @davidwatts111 (merge request)
• Update dependency auto-deploy-image to v2.70.0 (merge request)
• Validate ref early in deployments API (merge request)
• Display settings panel for Dedicated (merge request) GitLab Enterprise Edition
• Unexpose url_variables from GET project_hooks (merge request)
• Mark Duo Chat as 'Beta' (merge request) GitLab Enterprise Edition
• Removes database migrations up to 15-6-stable-ee (merge request)
• Rename quick action /award to /react (merge request)
• Add a prefix to deploy tokens (merge request)
• Remove feature flag renaming_project_with_tags (merge request)
• Add include_descendants to iteration list API (merge request) GitLab Enterprise Edition
• Migrated signup omniauth buttons to pajamas (merge request) GitLab Enterprise Edition
• Release MemberRoleCreateInput.permissions (merge request) GitLab Enterprise Edition
• Delete feature flag create_project_subscription_graphql_endpoint (merge request)
• Fix project starrers layout (merge request)
• Enable vsa_predefined_date_ranges feature flag by default (merge request)
• Adds a new cop to flag the usage of pluck without a limit (merge request)
• Refactor search dropdowns to collapsible-listbox (merge request)
• Update sidekiq-cron to v1.12.0 (merge request)
• Adds additional step for Self-Managed instances (merge request)
• Export for standards adherence report backend (merge request) GitLab Enterprise Edition
• Code dropdown: Remove artifacts (merge request)
• Remove unused in product email code (merge request)
• This MR extends file path selector (merge request) GitLab Enterprise Edition
• This MR converts exception list to generic (merge request) GitLab Enterprise Edition
• Updates name of ComponentType and InputType in GQL (merge request)
• Re-adds project presenter spec (merge request)
• Remove serialized bitbucket importer and feature flag (merge request)
• Raise artifacts bulk delete selection limit to 100 (merge request)
• Enable free text entry for Kubernetes namespace (merge request)
• Add tooltips to compliance exports dropdown options (merge request) GitLab Enterprise Edition
• Redirect active_sessions to /-/user_settings/active_sessions (merge request)
• Added tasks back to issues API (merge request)
• Remove restrict_ci_job_token FF (merge request)
• Merge Application analytics and Analytics dashboards menu items (merge request) GitLab Enterprise Edition
• Improve autocomplete results in rich text editor (merge request)
• Update epic illustrations (merge request)
• Introduce a FF cache_control_headers_for_openid_jwks (merge request)
• Refactor search bar from search by click (merge request)
• Rename "Contributor statistics" to "Contributor analytics" (merge request)
• Improve order of mention autocomplete in epics (merge request)
• Hide config digest for manifest list tags (merge request)
• Code Suggestions GA alert for non owners (merge request) GitLab Enterprise Edition
• Issue cross-reference notes use issue type name (merge request)
• Updated logic for MLflow Run artifact_url (merge request)
• Migrate VSD metric drill-down event tracking to Internal Events Tracking (merge request) GitLab Enterprise Edition
• Limit updating can_create_group & projects_limit to Enterprise Users (merge request) GitLab Enterprise Edition
• Update empty state illustrations (merge request)
• Handle reset for ultimate-trial-paid-customer plan (merge request) GitLab Enterprise Edition
• Update warning when disabling group shared runners (merge request)
• Update Haml breadcrumbs to use GlBreadcrumbs styles (merge request)
• Adjust scroll to collapsed file (merge request)
• Test case layout update (merge request) GitLab Enterprise Edition
• Hide product analytics checkbox unless root (merge request) GitLab Enterprise Edition
• Rename pages "multiple versions" to "multiple deployments" (merge request)
• Remove flag that enables CVS GA (merge request) GitLab Enterprise Edition
• Refactor remote dev resolvers and finders (merge request)
• Add exponential backoff for bitbucket server client (merge request)
• Update exports text in the compliance center (merge request) GitLab Enterprise Edition
• Change param to include_ancestors (merge request)
• Enable autocomplete/members by default (merge request)
• Project storage: Hide if no permission (merge request)
• Cleanup "use_lock_for_update_repository_storage" feature flag (merge request)
• Disable use_sync_service_token_worker feature flag by default (merge request)
• Project/group name area updates (merge request)
• Cleanup for converted ci_stages.pipeline_id conversion (merge request)
• Improves performance of runners list with large number of jobs (merge request)
• Move compliance center export buttons (merge request) GitLab Enterprise Edition
• Add permissions arg to Mutation.memberRoleCreate (merge request) GitLab Enterprise Edition
• Update error to show in correct place (merge request)
• Refactor search dropdowns to collapsible-listbox (merge request)
• Update field title and allow tab to function as enter (merge request)
• Redirect audit_log to /-/user_settings/authentication_log (merge request)
• Namespace API expose GitlabSubscription.end_date (merge request) GitLab Enterprise Edition
• Audit CI variable changes (merge request) GitLab Enterprise Edition
• Display a list of permission for a custom role (merge request)
• Enables parsing nested sections in logs (merge request)
• Consistently use mmm dd, yyyy format for analytics dates (merge request)
• Update badge in CI/CD Catalog Settings to Beta (merge request)
• Update dependency auto-build-image to v1.51.0 (merge request)
• Update banners (merge request)
• Add CI/CD for github to registration features (merge request) GitLab Enterprise Edition
• Update breadcrumbs and titles for import (merge request)
• Move notes.scss to page_bundles from page_specific_bundles (merge request)
• Allows seat usage export on self managed instances (merge request) GitLab Enterprise Edition
• Default on feature flag (merge request)
• This MR adds popover to compliance framework (merge request) GitLab Enterprise Edition
• Remove bulk_import_async_references_pipeline feature flag (merge request)
• Add description to release title (merge request)
• Update gitlab-pages (merge request)
• Add back private projects to Ci::Catalog::Listing (merge request)
• Remove old top-bar from old Web IDE (merge request)
• Search for users when focus on input (merge request)
• [Feature flag] Remove group_vulnerabilities_optimized_query FF (merge request) GitLab Enterprise Edition
• Add group to approval rule create service (merge request) GitLab Enterprise Edition
• Job scrolls to bottom when a line is highlighted (merge request)
• Project overview page reoganisation: add sidebar (merge request)
• Use new getTopFrequentItems helper (merge request) GitLab Enterprise Edition
• Add status to get container repository(ies) REST API response (merge request)
• Hide the rebase button for ff train MRs (merge request) GitLab Enterprise Edition
• Hardcode email on registration if it is an invite (merge request)
• Migrate GitHub import alert to use Pajamas (merge request)
• Update snippet page layout (merge request)
• Create wiki page form update (merge request)
• Unify reply field (merge request)
• Hide VSD link when no access to the parent group (merge request) GitLab Enterprise Edition
• Add forks breadcrumb (merge request)
• Update fork btn text (merge request)
• Support Microsoft SAML attribute names by default (merge request)
• Enable CVS GA by default (merge request) GitLab Enterprise Edition
• Redirect/proxy the request to the primary site if not verified (merge request) GitLab Enterprise Edition
• When config digest is not present, return an empty string (merge request)
• This MR refactors props for project dropdown (merge request) GitLab Enterprise Edition
• Remove analytics visualization editor feature flag (merge request) GitLab Enterprise Edition
• Wiki page: Update layout (merge request)
• Search for approvers by email and username (merge request)
• Add notification about the container registry during rename (merge request)
• Fix cross joins in epics_finder (merge request) GitLab Enterprise Edition
• feat: Updated docs to reflect behaviour when RD is disabled (merge request) GitLab Enterprise Edition
• Remove combined_analytics_dashboards_editor feature flag (merge request) GitLab Enterprise Edition
• Add NOT NULL constraint to track and series columns (merge request)
• Add merge pipelines to registration features (merge request) GitLab Enterprise Edition
• Enable absolute doc links for duo chat (merge request) GitLab Enterprise Edition
• Fixing rubocop exceptions no. 5 (merge request)
• Project: Merge clone and download options into Code (merge request)
• Respect user locale in setStatus modal (merge request)
• Fix license category in license compliance widget (merge request) GitLab Enterprise Edition
• Remove security_orchestration_policy_configurations.bot_user_id (merge request)
• This MR adds sync between filters and url (merge request) GitLab Enterprise Edition
• Add a project actor to non_public_artifacts feature flag (merge request)
• Remove the feature flag npm_metadata_cache (merge request)
• Update sbom_occurrences.vulnerabilities (merge request) GitLab Enterprise Edition
• Adjust ordering of CTAs on both trial-end and active-trial popover (merge request) GitLab Enterprise Edition
• Drop unique constrain from index (merge request)
• This MR adds default value for policy scope (merge request) GitLab Enterprise Edition
• Removes unused custom email columns in service_desk_settings (merge request)
• feat: Disabled agents are not shown in the dropdown on the UI (merge request) GitLab Enterprise Edition
• Fixing rubocop expections no. 6 (merge request)
• Update outdated golden tanuki logo (merge request) GitLab Enterprise Edition
• Migrate work_item_iteration.vue dropdown to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
• Enable highlight_js_worker feature flag by default (merge request)
• Significant refactor away from metadata for vulnerability mr's (merge request) GitLab Enterprise Edition
• Add some missing bulk_import items (merge request)
• Fetch and present the custom roles in invite modal (merge request)
• Add in-product prompt for CI adoption if jenkins detected (merge request)
• Show only published catalog resources (merge request)
• Refactor Security MR Widget State Badge (merge request) GitLab Enterprise Edition
• Add commit_committer_name_check to project push rule API by @sinkcup (merge request) GitLab Enterprise Edition
• Improve UI text for project badges (merge request)
• Change invite last onboarding step to group or project page (merge request) GitLab Enterprise Edition
• Update rails Banner component (merge request)
• Remove advanced_epic_search flag (merge request)
• Require gitaly_address instead of path in storage settings (merge request)
• Add Multiversion support to Pages internal API (merge request)
• Feature flag legacy bulk import references pipeline (merge request)
• Add attribute to group push rule API by @sinkcup (merge request) GitLab Enterprise Edition
• Rate limit Bitbucket Cloud importer (merge request)
• Refactor Workspace graphql fields and specs (merge request)
• Reverse the order of identity verification steps (merge request) GitLab Enterprise Edition
• Markdown Editor: Make Preview header sticky (merge request)
• This MR creates reusable popover (merge request) GitLab Enterprise Edition
• Rename event type filter (merge request) GitLab Enterprise Edition
• Updates outdated status checks docs (merge request)
• Allow rename of projects with registry tags (merge request)
• Limit line range in blame GraphQL resolver (merge request)
• Move policy bot removal into worker (merge request) GitLab Enterprise Edition
• Remove the frecent_namespaces_suggestions feature flag (merge request)
• Stop passing repository paths via shell rake to the shell install script (merge request)
• Update dependency prometheus-client-mmap to v1 by @gitlab-dependency-update-bot (merge request)
• Group: Project overview item adjustments (merge request)
• Update gitlab-shell to 14.30.1 (merge request)
• Add error message to project_repository_storage_moves table (merge request)
• This MR adds error state to compliance dropdown (merge request) GitLab Enterprise Edition
• Only disable code suggestions if all users groups have it disabled (merge request)
• This MR adds yaml update (merge request) GitLab Enterprise Edition
• Removes database migrations up to 15-3-stable-ee (merge request)
• Validate compliance framework id in security policy (merge request) GitLab Enterprise Edition
• Mention Container Registry and Dependency Proxy in api scope (merge request)
• Clarify Last Activity as Last GitLab Activity on Usage Quotas page (merge request) GitLab Enterprise Edition
• Add import_history_link to status page (merge request)
• Update Graphql version fields and resolver to use Versions (merge request)
• feat: Allow enabled in remote development configuration to be false (merge request) GitLab Enterprise Edition
• Skip delayed own user deletion when the user has been unblocked (merge request)
• Ensure timestamp tooltips respect user locale (merge request)
• Move out read_job_artifacts ability references from build policy (merge request)
• Update component InstancePath to use latest version (merge request)
• Pipeline Minigraph: Change tooltip alignment in job items (merge request)
• Add feature flag related issues to registration features (merge request) GitLab Enterprise Edition
• Allow larger page size for contributions query (merge request) GitLab Enterprise Edition
• Remove reset_approvals_patch_id feature flag (merge request) GitLab Enterprise Edition
• Improve vulnerability report filter text (merge request)
• Make Puma low-level handler send to all available Sentry instances (merge request)
• Fix(License): Match button text for adding license (merge request) GitLab Enterprise Edition
• Blocking undefined audit event types (merge request) GitLab Enterprise Edition
• Cleanup for converted ci_pipelines.auto_canceled_by_id conversion (merge request)
• Remove ignore rule for ci_pipeline_chat_data bigint conversion (merge request)
• Add helpful validation messages to masked ci variables by @JamesHow1ett (merge request)
• Bitbucket Server importer create refs for fetched commits (merge request)
• Update dependency auto-build-image to v1.50.0 (merge request)
• Update permissions to relate issues (merge request) GitLab Enterprise Edition
• Remove extraneous bottom margin from invite modal button (merge request)
• Add circuit breaker for zoekt nodes (merge request) GitLab Enterprise Edition
• Add cross project pipelines to registration features (merge request) GitLab Enterprise Edition
• Cleanup for converted ci_pipeline_variables.pipeline_id (merge request)
• Change "Nothing to merge" widget (merge request)
• Add layout override for GlAlert & GlBroadcast in alert-wrapper (merge request)
• Uses total column for sorting when under no storage enforcement (merge request) GitLab Enterprise Edition
• Use group import_status for status page (merge request)
• Update gitlab-pages to latest version (merge request)
• Add settings to allow merge without pipeline (merge request)
• Activity feed: Update design (merge request)
• Remove duplicated index from merge_requests (merge request)
• Remove ignore column rules for shared_runners_duration (merge request)
• Remove ignore rules for Ci::Sources::Pipeline (merge request)
• Migrate component from GlButton to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.63.0 (merge request)
• Fix [ ] in plain text editor incorrectly expanded to * [ ] in RTE by @manav014 (merge request)
• Remove the tool filter with scanner feature flag (merge request) GitLab Enterprise Edition
• Licensed VSA UI visibility enhancements (merge request) GitLab Enterprise Edition
• Remove feature flag: use_repository_list_tags_on_graphql (merge request)
• Hide CVS enable/disable functionality behind feature flag (merge request)
• Prevent users from copying labels from runner details (merge request)

Deprecated (2 changes)

• Deprecate gitlab:list_repos Rake task (merge request)
• Deprecate temporary storage increase graphql fields (merge request) GitLab Enterprise Edition

Removed (25 changes)

• chore: Updating changelog (merge request)
• Drop max_workspaces and max_workspaces_per_user fields (merge request)
• Remove deprecated & unused #snaphot_* methods (merge request) GitLab Enterprise Edition
• Remove rootNamespace from GQL catalog ResourceType (merge request)
• Remove the unpublish method and mutation (merge request)
• Remove WorkItemDeleteTask mutation from GraphQL API (merge request)
• Remove MVP implementation of CI config chat (merge request) GitLab Enterprise Edition
• Remove legacy Geo sidekiq workers (merge request) GitLab Enterprise Edition
• Remove single_file_file_by_file feature flag (merge request)
• Drop unused index_projects_on_path_and_id for projects (merge request)
• Drop unused index_projects_on_created_at_and_id for projects (merge request)
• Revert "Add generate_ci_finished_builds_sync_events FF" (merge request) GitLab Enterprise Edition
• Remove product analytics seeding and other files (merge request)
• Remove orphaned namespace check (merge request)
• Remove the repository downloads and repository data conflict check (merge request)
• Remove shimo integration by @icbd (merge request)
• Remove gitlab shell build_missing_projects rake task (merge request)
• Create new Remove AiAccessTokenColumn migration (merge request)
• Remove gitlab:cleanup:moved rake task (merge request)
• Removes Jira DVCS Cloud from usage data (merge request)
• Remove Geo deprecated events (merge request) GitLab Enterprise Edition
• Removes fork_count from Ci::Catalog::ResourceType (merge request)
• Remove CheckDeniedPoliciesService mergability check (merge request) GitLab Enterprise Edition
• Remove ignore rule for jitsu_key (merge request)
• Revert "Support Microsoft SAML attribute names by default" (merge request)

Security (21 changes)

• Prevent tag names starting with SHA-1 and SHA-256 values
• Pass encoded file paths to router
• Smartcard auth: encrypt client cert in params
• Restrict passing variables on the pipeline schedule API
• Validate access level of user while rotating token
• Remove the ability to fork and create MR for auditors
• Fix large time_spent value causing GraphQL error Integer out of bounds
• Restrict Protected branch access via group to direct members
• Revert "Check max role for user for group access to protected ref"
• Use ruby 3.0 syntax in User#can?
• Update mermaid version for DOS security fixes
• Treat security policy bots as external
• Enforce ref protection on pipeline schedule updates
• Filter out projects with disabled package registry in Composer finder
• Validate adding members with higher role
• XSS and ReDoS in Markdown via Banzai pipeline of Jira
• Prevent guest users from being able to add emojis in confidential issues
• Prevent branch names starting with SHA-1 and SHA-256 values
• Ensure access is checked when loading releases associated with tags
• Do not run ssl cert validation if key has errors
• Check max role for user for group access to protected ref

Performance (24 changes)

• Utilizing a new Gitaly feautre to speed up conflict file lists (merge request)
• Updating worker to use keyset pagination (merge request)
• Improve DB performance in PolicyRuleScheduleNamespaceWorker (merge request) GitLab Enterprise Edition
• Rollout cache control for autocomplete sources (merge request)
• Adding refresh_jid checkpoints for stuckImportWorker (merge request)
• Use loop with delete_all instead of EachBatch (merge request)
• Refactor single quotes regex import (merge request)
• Drop unique index on ci_job_artifacts (merge request)
• Improve DB performance for SyncScanResultPoliciesService (merge request) GitLab Enterprise Edition
• Adding conditional (updated_at,id) index to bulk_import_entities (merge request)
• Adding indexes for bulk imports (merge request)
• Drop index_users_on_accepted_term_id (merge request)
• Adding index on bulk_import_batch_trackers on (tracker_id, updated_at) (merge request)
• Remove bulk_import_export_batches index (merge request)
• Remove index_web_hook_logs_part_on_web_hook_id (merge request)
• Remove project_relation_exports index (merge request)
• Remove bulk_import_batch_trackers index (merge request)
• Remove index onjira_connect_subscriptions (merge request)
• Remove index_web_hooks_on_project_id index (merge request)
• Disable joins for approval rules group users (merge request) GitLab Enterprise Edition
• Remove Ability based queries and use groups finder (merge request) GitLab Enterprise Edition
• Add a temporary transitionable flag to speed up validations (merge request)
• Disable joins for ApprovalRuleLike.group_users (merge request) GitLab Enterprise Edition
• Rewrite SQL query for ByApproversFinder (merge request)

Other (116 changes)

• No beta label for CS on SM in 16.7 (merge request)
• Add accessibility test for tags view (merge request)
• chore: Fix typo for word response by @gerardo-navarro (merge request)
• Hide unnessary public methods in ProcessCommitWorker by @zzaakiirr (merge request)
• Dropped cluster_id column from deployments table by @TamsilAmani (merge request)
• Add synchronous indexes for partitioned key on ci_stages (merge request)
• Backfill default_branch_protection_defaults for namespace settings (merge request)
• Backfill vs_code_settings uuid with default value (merge request)
• refactor: Rename column container_path_pattern by @gerardo-navarro (merge request)
• Bump gitlab-shell version to v14.32.0 (merge request)
• Finalize BackfillUuidConversionColumnInVulnerabilityOccurrences (merge request)
• Make Direct Transfer logging more consistent (merge request)
• Finalize migration BackfillMissingCiCdSettings by @project_52263761_bot_66de0d9c027ad0d6b413f50a3904241f (merge request)
• Add avatar to organizations table (merge request)
• Add active colors to super sidebar interactive items (merge request)
• Remove logging for read_namespace ability usages by @Taucher2003 (merge request)
• Finalize BackfillProjectStatisticsStorag...PipelineArtifactsSizeJob (merge request)
• Add use_web_ide_extension_marketplace to user_pref (merge request)
• Add a column to store home organization of the user (merge request)
• test: Set feature category for test Ldap::OmniauthCallbacksController by @gerardo-navarro (merge request)
• Add redis-namespace gem for mailroom (merge request)
• Update pages without wildcard DNS docs (merge request)
• Finalize migration RemoveInvalidDeployAccessLevelGroups (merge request)
• Finalize migration PopulateVulnerabilityDismissalFields (merge request)
• Finalize migration MarkDuplicateNpmPackagesForDestruction (merge request)
• Finalize migration FixAllowDescendantsOverrideDisabledSharedRunners (merge request)
• Finalize migration DeleteOrphanedTransferredProjectApprovalRules (merge request)
• Finalize migration CleanupPersonalAccessTokensWithNilExpiresAt (merge request)
• Finalize migration BackfillRootStorageStatisticsForkStorageSizes (merge request)
• Finalize migration BackfillProjectWikiRepositories (merge request)
• Finalize migration BackfillMissingVulnerabilityDismissalDetails (merge request)
• Backfill catalog_resources visibility_level column (merge request)
• Docs: Support for namespace in path for pages (merge request)
• Adds custom email incorrect_forwarding_target error (merge request)
• Add async indexes with partitioned key on ci_stages (merge request)
• Cleanup tech debt from registration features migration (merge request) GitLab Enterprise Edition
• Finalize migration BackfillDesignManagementRepositories (merge request)
• Finalize migration BackfillCodeSuggestionsNamespaceSettings (merge request)
• docs: Improve guideline for integrating omniauth provider auth0 by @gerardo-navarro (merge request)
• Retry exceptions during BulkImports::FileDownloadService (merge request)
• Add instrumentation for Redis connection pools (merge request)
• Remove skip_instructions_extraction FF (merge request) GitLab Enterprise Edition
• Migration to include partition_id on ci_pipeline_variables indexes (merge request)
• Format "URL" as uppercase in profile links (merge request)
• test: Fix typo in omniauth callback controller spec by @gerardo-navarro (merge request)
• Upgrade sidekiq-cron gem to v1.10.1 (merge request)
• Fix project icon and add tooltips to groups list (merge request)
• Map spider timeout to browserker setting (merge request) GitLab Enterprise Edition
• Remove enterprise_users_automatic_claim feature flag (merge request) GitLab Enterprise Edition
• Composite index on organization_id and id in projects table by @TamsilAmani (merge request)
• Remove MultiStore in Gitlab::Redis::DbLoadBalancing (merge request)
• Revert "Resolving cross joins on GroupUsersFinder" (merge request)
• Clean up prevent_visibility_restriction ff (merge request)
• Finalize migration BackfillDismissalReasonInVulnerabilityReads (merge request)
• Update github import known issues (merge request)
• Refactoring 'approvable?' method to include temporary flag (merge request) GitLab Enterprise Edition
• Remove search_issue_label_aggregation FF (merge request)
• Exposes finalize command to BBM admin UI (merge request)
• Add ids to enable labels to screen readers (merge request)
• Restructure CI/CD Components doc (merge request)
• Removes service_desk_custom_email feature flag (merge request)
• Change partition_id default value and add safety concern (merge request) GitLab Enterprise Edition
• Add async indexes for partitioned PK on ci_pipeline_variables (merge request)
• Remove code_*_split_by_language feature flags (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to v14.31.0 (merge request)
• Autocomplete Group Users to use distinct_each_batch (merge request)
• Drops unused projects indexes from Gitlab.com instance (merge request)
• Finalize migration BackfillAdminModeScopeForPersonalAccessTokens (merge request)
• Fix external_redirect to not redirect to self (merge request)
• Db migrations for IDE OAuth (merge request)
• Update tooltip content to show full path (merge request)
• Remove the feature_flag search_project_wikis_hide_archived_projects (merge request)
• Display the whole path to a new file (merge request)
• Mark RelationBatchExportWorker as memory bound (merge request)
• Rename to Namespaces::AddOnPurchaseResolver (merge request) GitLab Enterprise Edition
• Remove FF kubernetes_agent_internal_api (merge request)
• Migrate Read more to Pajamas (merge request)
• Add a setting to allow/disallow creation of organizations (merge request)
• Bump Direct Transfer workers retries count from 3 to 7 (merge request)
• Reduce TTL for duplicate job keys (merge request)
• Drop unused index on users table (merge request)
• Refactor the AddOnPurchasePolicy (merge request) GitLab Enterprise Edition
• Remove feature flag adherence_report_ui and compliance_adherence_report (merge request) GitLab Enterprise Edition
• Add foreign key for merge_request_diffs.project_id (merge request)
• Add synchronous index_merge_request_diffs_on_project_id (merge request)
• Improve compliance SyncService spec to include non existing record (merge request) GitLab Enterprise Edition
• Prepare index for orgId and id on projects by @TamsilAmani (merge request)
• Define id trigger on p_ci_builds routing table - self-managed (merge request)
• Remove unused methods from helpers (merge request)
• Remove custom_roles_ui-[xxx] feature flags (merge request)
• Drops unused index_projects_on_mirror_last_successful_update_at (merge request)
• Remove feature flag allow_streaming_audit_events_to_amazon_s3 (merge request) GitLab Enterprise Edition
• Remove not null constraint from the namespace (merge request)
• Upgrade the Sidekiq gem to v7.0.9 (merge request) GitLab Enterprise Edition
• Remove namespace validation for member role (merge request)
• Add released_at to catalog_resource_versions (merge request)
• Remove dual-namespace polling support in Sidekiq (merge request)
• Schedule backfill of merge_request_diffs.project_id (merge request)
• Update Ci::Catalog::Resource search to use Postgres Full Text Search (merge request)
• Add GQL request tests for CI runner filter by version prefix by @zzaakiirr (merge request)
• Add project_id column to merge_request_diffs and populate it on save (merge request)
• Document regex and type input attributes (merge request)
• Cleanup replicate_object_pool_on_move (merge request)
• Highlight only the discussion diffs that are in the response (merge request)
• Remove resolvable_issue_threads feature flag (merge request)
• Fix wrong name for feature flag packages_protected_packages by @gerardo-navarro (merge request)
• Remove configure_sentry_in_application_settings feature flag (merge request)
• Prevent gitlab-http async to use DB and Gitaly (merge request)
• Adding diff_match_patch gem to vendor/gems to fix upgrade issues (merge request)
• Removes feature flag ipynbdiff_notes_tracker (merge request)
• Enable k8s_watch_api feature flag by default (merge request)
• Finalize backfill of packages_tags.project_id (merge request)
• Drop unused index on namespaces table (merge request)
• Define id trigger on p_ci_builds routing table (merge request)
• Remove already enabled enforce_memory_watchdog feature flag (merge request)
• Drop unused indexes on the users table (merge request)

fixed EE: true (1 change)

• Move export buttons next to each other (merge request)

16.6.2 (2023-12-13)

Fixed (1 change)

• Fix adding confidential child tasks

Security (8 changes)

• Prevent tag names starting with SHA-1 and SHA-256 values (merge request)
• Pass encoded file paths to router (merge request)
• Validate access level of user while rotating token (merge request)
• Fix large time_spent value causing GraphQL error Integer out of bounds (merge request)
• Restrict Protected branch access via group to direct members (merge request)
• Remove the ability to fork and create MR for auditors (merge request)
• Restrict passing variables on the pipeline schedule API (merge request)
• Smartcard auth: encrypt client cert in params (merge request)

16.6.1 (2023-11-30)

Fixed (3 changes)

• Revert "Merge branch 'sc1-release-goredis' into 'master'"
• Truncate verification failure message to 255 GitLab Enterprise Edition
• Prefer custom sort order with search in users API

Security (11 changes)

• Validate adding members with higher role (merge request)
• Enforce ref protection on pipeline schedule updates (merge request)
• Update mermaid version for DOS security fixes (merge request)
• Prevent guest users from being able to add emojis in confidential issues (merge request)
• Do not run ssl cert validation if key has errors (merge request)
• Ensure access is checked when loading releases associated with tags (merge request)
• XSS and ReDoS in Markdown via Banzai pipeline of Jira (merge request)
• Prevent branch names starting with SHA-1 and SHA-256 values (merge request)
• Filter out projects with disabled package registry in Composer finder (merge request)
• Check max role for user for group access to protected ref (merge request)
• Treat security policy bots as external (merge request)

16.6.0 (2023-11-15)

Added (117 changes)

• Add SAML Auth for Approvals (merge request) GitLab Enterprise Edition
• Add Archive Project custom permission (merge request) GitLab Enterprise Edition
• Added MLFLow API to get latest model version (merge request)
• This MR adds compliance framework dropdown (merge request) GitLab Enterprise Edition
• Add Cloud Connector ADR 001 to design doc (merge request)
• Removed nil constraint from personal access token table (merge request) GitLab Enterprise Edition
• Add a fullpath argument to the ciCatalogResource endpoint (merge request)
• Removes the saved_replies feature flag (merge request)
• Add column to namespace settings (merge request)
• Enable bulk_import_details_page by default (merge request)
• Add CVSS Vector to CSV (merge request) GitLab Enterprise Edition
• Added create api for namespace filters (merge request) GitLab Enterprise Edition
• Save additional PyPi metadata info (merge request)
• Save the timestamp of the last project authorization recalculation (merge request)
• Audit auditor role changes (merge request) GitLab Enterprise Edition
• Implement Resolve This Vulnerability service classes (merge request) GitLab Enterprise Edition
• Add triggered badge to pipeline views by @Taucher2003 (merge request)
• Set default true for search_project_wikis_hide_archived_projects (merge request) GitLab Enterprise Edition
• Add a user preference to show times in 12h or 24h format by @n0rdlicht (merge request)
• Helper to create bigint indexes for each integer column index (merge request)
• Accept current_file for chat requests (merge request) GitLab Enterprise Edition
• Added archived filter for wiki_blobs scope (merge request) GitLab Enterprise Edition
• Allow expires_at param in token rotation API (merge request)
• Adds SMTP authentication method to custom email settings page (merge request)
• Add support for wolfi purl type (merge request) GitLab Enterprise Edition
• Adds notes to abuse reports backend (merge request)
• Use SQL functions for primary key lookups (merge request)
• Support source branch param on MR list page (merge request) GitLab Enterprise Edition
• Support artifacts upload from Maven/Gradle using basic-http auth (merge request)
• Add pending members GraphQl endpoint by @missy-davies (merge request) GitLab Enterprise Edition
• Add ability to filter runners by version prefix by @joe-snyder (merge request)
• Introduce Packages::Npm::CleanupStaleMetadataCacheWorker (merge request)
• Support member role in invite endpoints without FF (merge request) GitLab Enterprise Edition
• Add source_package_name to sbom_components (merge request)
• WIP implement Resolve This Vulnerability infrastructure (merge request) GitLab Enterprise Edition
• Add egress ip options in remote development agent configs (merge request) GitLab Enterprise Edition
• Added namespace filter in external destination query api (merge request) GitLab Enterprise Edition
• Added MLFLow API to update registered models (merge request)
• Allow to update value streams in GraphQL (merge request) GitLab Enterprise Edition
• Enable feature flag default true (merge request)
• Show loading icon in vulnerability status badge (merge request) GitLab Enterprise Edition
• Default branch protection settings for application setting (merge request)
• This MR adds policy scope section (merge request) GitLab Enterprise Edition
• Audit pipeline delete action (merge request) GitLab Enterprise Edition
• Remove FF zoekt_index_private_repositories (merge request)
• Add documentation of Parent widget for tasks and OKRs (merge request)
• Handle arkose outage on sign-up (merge request) GitLab Enterprise Edition
• Filter by package version in REST and Graphql APIs by @renehernandez (merge request)
• Adds smtp_authentication to Service Desk Custom Email credentials (merge request)
• Add table to link Security Policies to Compliance Frameworks (merge request) GitLab Enterprise Edition
• Update backend for namespaces for emails_enabled by @joe-snyder (merge request)
• Add Watch API for Flux sync status (merge request)
• Create Group component for list selector (merge request)
• Add include_hidden, include_pending_delete option to Project API (merge request) GitLab Enterprise Edition
• Create spam abuse events worker (merge request)
• Add cost factored storage sizes to graphql project statistics type (merge request) GitLab Enterprise Edition
• Expose single member role in GraphQL (merge request)
• Added settings for access token expiration service accounts (merge request) GitLab Enterprise Edition
• Adds path to catalog_resource_components (merge request)
• Adding MLFlow API for creating registered models (merge request)
• Adding group and project filters for audit streaming (merge request) GitLab Enterprise Edition
• Add Direct Transfer entity failures API (merge request)
• Set default_enabled to true for enterprise_users_automatic_claim FF (merge request) GitLab Enterprise Edition
• Add user_permissions fields to PackageType and PackageDetailsType (merge request)
• Add built-in template for Astro Tailwind (merge request)
• Add api to rename a pipeline by @Taucher2003 (merge request)
• Create GraphQL mutation to create an Organization (merge request)
• feat: Graphql mutation to create container registry protection rules by @gerardo-navarro (merge request)
• Add audit events for releases created, updated or deleted via the UI (merge request) GitLab Enterprise Edition
• Display custom roles on the group members page (merge request) GitLab Enterprise Edition
• Support parent widget on tasks (merge request)
• Adds notes to abuse reports backend (merge request)
• Push work item FFs to groups (merge request)
• Adding ability to view Trusted user in User admin panel (merge request)
• Initialize bigint conversion for p_ci_builds (merge request)
• Cleanup use_embeddings_with_vertex FF (merge request) GitLab Enterprise Edition
• feat: Add graphql mutation to delete package protection rules by @gerardo-navarro (merge request)
• Add enforce_ci_builds_pagination_limit feature flag (merge request)
• Add sha256 hash to NuGet symbols (merge request)
• Add ssh audit events (merge request) GitLab Enterprise Edition
• Added option to filter projects by full paths in GraphQL by @zillemarco (merge request)
• Add name and description denormalized columns in catalog_resources table (merge request)
• Default the issue label aggregation FF to true (merge request)
• Add graphQL create custom role mutation (merge request)
• Allow to save Security Policy YAML with policy scope (merge request) GitLab Enterprise Edition
• Add detailed_import_status to Project in GraphQL by @Taucher2003 (merge request)
• Add nuget allow_duplicates toggle to the group packages settings (merge request)
• Release feature and remove suggested_reviewers_control feature flag (merge request) GitLab Enterprise Edition
• Cleanup nuget_duplicates_option feature flag (merge request)
• Add container scanning properties (merge request)
• Add wiki front matter title by @zhanglinjie (merge request)
• Adds support for options in inputs (merge request)
• Implement support for inactive mergeability check (merge request)
• Add metrices for CSV (merge request) GitLab Enterprise Edition
• GraphQL: Allow to destroy value streams (merge request) GitLab Enterprise Edition
• Support member role assigment via invitation API (merge request) GitLab Enterprise Edition
• Add push option to select target project for MR (merge request)
• Cleanup the create_embeddings_with_vertex_ai FF (merge request) GitLab Enterprise Edition
• Remove frontend code for issues archived ff (merge request)
• Remove frontend code for code archived ff (merge request)
• Adds ModelsController#destroy action (merge request)
• GraphQL API for deleting audit event streaming amazon_s3_configurations (merge request) GitLab Enterprise Edition
• AuditEvent model for ClickHouse database (merge request)
• Adds boilerplate for ModelVersionsController#show (merge request)
• Use Danger to notify about outdated rubocop todos (merge request)
• Allow to trust/untrust users in spam log UI (merge request)
• Add support for Mastodon as user social (merge request)
• Add search to Model registry (merge request)
• Add prefix for certain quick actions in RTE (merge request)
• Notify admin when email signup is not enabled (merge request) GitLab Enterprise Edition
• feat: Integrate package protection rules for npm packages by @gerardo-navarro (merge request)
• Allow to create value streams in GraphQL (merge request) GitLab Enterprise Edition
• Enable runner dashboard (merge request) GitLab Enterprise Edition
• Add an auto merge indicator when merge checks failed (merge request)
• Clean up ci_variable_drawer feature flag (merge request)
• Expose group member roles through graphQL (merge request) GitLab Enterprise Edition
• Allow admin to create identity verification exemption (merge request) GitLab Enterprise Edition

Fixed (117 changes)

• Do not use find_by inside a scope (merge request) GitLab Enterprise Edition
• Set the height of the iframe containing credit card form to 480px (merge request) GitLab Enterprise Edition
• Restrict access level for PrAT with custom roles (merge request)
• Ensure after_run ops execute once only (merge request)
• Use cbl-mariner instead of cbl_mariner purl_type (merge request) GitLab Enterprise Edition
• Update button for Public Groups (Free Tier) in Usage Quotas page (merge request) GitLab Enterprise Edition
• Fixed UX issue for selected unapplied labels (merge request)
• Add closedAt to issue graphql fragment (merge request)
• Reduce batch size of verification state backfill (merge request) GitLab Enterprise Edition
• Fix duration for builds failed via Ci::Build#doom! (merge request)
• Fix create issue for new pipeline finding (merge request) GitLab Enterprise Edition
• Make snippet creation resilient to replication lag (merge request)
• Fix SLO violation on llm_completion (merge request) GitLab Enterprise Edition
• Fix http status when failing to release catalog resource (merge request)
• Fix race condition in deleting scan result policy violation (merge request) GitLab Enterprise Edition
• Increase Jira Net timeout when fetching issues (merge request)
• Fix user sometimes not being set for manual jobs (merge request)
• Use small dot style for Work Item activity (merge request)
• Add scope checks when using Dependency Proxy with group access tokens (merge request)
• Fix errors caused by expired sessions (merge request)
• Refactor can_move_repository_storage concern to resolve race condition (merge request)
• Fix for tall right-aligned images in description (merge request)
• User profile: Fix achievements and actions (merge request)
• Recover long stopping environments in worker (merge request)
• Fix wiki sidebar hierarchy indentation by @glauciellesa (merge request)
• Fix ingestion logic for remediations (merge request) GitLab Enterprise Edition
• Fixed numpad enter not working on the global search (merge request)
• Update oncall shift persistence to fix timezone edge cases (merge request) GitLab Enterprise Edition
• Hide repository size limit field on project settings without admin mode (merge request) GitLab Enterprise Edition
• Fix overflow of project name in activity feed (merge request)
• Hide review app button when review apps exist (merge request)
• Fix group application settings access in admin mode (merge request)
• Add test for mediawiki markup (merge request)
• Create group wiki repo if absent when verifying on primary (merge request) GitLab Enterprise Edition
• Fix assign security check permission checks (merge request) GitLab Enterprise Edition
• Prioritize exact matching on username and e-mail for users search (merge request)
• Add note that branch names are case-sensitive (merge request) GitLab Enterprise Edition
• Fix alignment of related merge request widget (merge request)
• Fix regexp for CI components paths (merge request)
• Fix save password form dialog on CI/CD Registration token (merge request)
• Fix broken issue rendering when initial ID is null (merge request)
• Prevent loading state from showing after undo (merge request)
• Backport thread-safety fix for Sprockets v3.7.2 (merge request)
• Fix alignment of CI icon on pipeline detail page (merge request)
• Fix alignment of MR popover (merge request)
• Unlock non-successful pipelines (merge request)
• Update error messaging when SCIM identity is false (merge request) GitLab Enterprise Edition
• Prioritize exact user matches when searching in users API (merge request)
• Fix epic date range selector not changing date ranges (merge request)
• Switch to UrlValidator for Identifer URL validation (merge request) GitLab Enterprise Edition
• Adds check for temporarily_unapproved approval state (merge request) GitLab Enterprise Edition
• REST: Fix deprecation milestones in documentation (merge request)
• Ignore builds already added to Ci::FinishedBuildChSyncEvent (merge request) GitLab Enterprise Edition
• Fix intermittent CI/CD analytics request error for 180 day windows (merge request)
• Fix merge request file browser height clipped at the top of the page (merge request)
• Geo: Report number of sites on /admin (merge request) GitLab Enterprise Edition
• Remove extra pipeline mini graph margin (merge request)
• Set default branch after importing repo from Bitbucket (merge request)
• Fixes stale link to docs (merge request)
• Restricting job token for public and internal projects (merge request)
• Fix extra divider in header_actions when no permissions (merge request)
• Super sidebar: Update avatar after upload (merge request)
• Activity: Increase contrast of sign in message (merge request)
• Change Issue activity to match MRs (merge request)
• Set deploy key as actor for Git proxied requests (Geo) (merge request) GitLab Enterprise Edition
• Return error message when locked issue state filter is used (merge request)
• Add scan_result_policies to Approval Rule graphql (merge request) GitLab Enterprise Edition
• Branches list: fix border in darkmode (merge request)
• Show all implemented custom permissions (merge request) GitLab Enterprise Edition
• Raise circular dependencies error when job has a self-dependency (merge request)
• Security dashboard: fix latest vulnerability count (merge request) GitLab Enterprise Edition
• Fix tests for GeoNodeStatus replicator stats (merge request) GitLab Enterprise Edition
• Fix Migration[2.2] initialization (merge request)
• Fix undefined tooltip for Toggle commit description button (merge request)
• Fixed alignment of the assign yourself button on MR reviewers by @zillemarco (merge request)
• Adjust job log line padding and margin widths (merge request)
• Geo: Bring back legacy project Prometheus metrics (merge request) GitLab Enterprise Edition
• Add api badge label (merge request)
• Make emoji localstorage cache optional (merge request)
• Ignore jobs without runners when tracking failed jobs (merge request) GitLab Enterprise Edition
• Fix bug with suggestions dropdown in rich text (merge request)
• Stop validating default CI input type in Entry (merge request)
• MR widget: Fix title alignment on mobile (merge request)
• Add safe-guard for projects not in the group with AI enabled (merge request) GitLab Enterprise Edition
• PyPi group endpoint: exclude projects with disabled package registry (merge request)
• Uses non-metadata severity (merge request) GitLab Enterprise Edition
• Improve skeleton for loading status description (merge request) GitLab Enterprise Edition
• Fix issue with content editor under relative URL (merge request)
• Reset environments list when opening CI variable drawer (merge request)
• Add missing package manager poetry (merge request) GitLab Enterprise Edition
• Removing FF bulk_import_idempotent_worker (merge request)
• Downgrade vue-apollo to prevent auto-restarting subscriptions on error (merge request)
• fix: Query declaration error for graphql createPackageProtectionRule by @gerardo-navarro (merge request)
• Include projects.scss on artifacts page (merge request)
• Fix scrolling to a note hash in single file mode (merge request)
• Fix issue with issue templates in rich text editor (merge request)
• Always set source_partition_id from app (merge request)
• Hide Security & Compliance nav links if disabled (merge request) GitLab Enterprise Edition
• Fixing cross joins in lib-banzai (merge request)
• Reindex epics to fix possible wrong values of label_ids (merge request) GitLab Enterprise Edition
• GithubImport::ObjectCounter use same TTL when read (merge request)
• Fix alignment of issuable sidebar header (merge request)
• Show new feature popover after a second (merge request) GitLab Enterprise Edition
• Change order of unknown and info severity (merge request) GitLab Enterprise Edition
• Fix zoekt/client issues (merge request) GitLab Enterprise Edition
• Fix "Leave admin mode" link (merge request)
• Fix Branch Rules showing 'All protected branches' under 'All branches' (merge request) GitLab Enterprise Edition
• Decouple product analytics custom dashboards (merge request) GitLab Enterprise Edition
• Reindex wikis to fix routing and backfill archived (merge request) GitLab Enterprise Edition
• Add group_ids in base_scope for GroupSearchResults (merge request) GitLab Enterprise Edition
• Fix vulnerability count mismatch (merge request) GitLab Enterprise Edition
• Fixes flaky specs in email participants feature specs (merge request)
• Apply Issue Analytics page filters to table (merge request) GitLab Enterprise Edition
• Fix epic board children count and weight on card (merge request) GitLab Enterprise Edition
• Improve script with trigger error message (merge request)
• Fix work items sidebar glitch incase of parent widget (merge request)
• Fix position validation on issues board list movement by @zzaakiirr (merge request) GitLab Enterprise Edition

Changed (175 changes)

• Serve pages deployments without going through PagesMetadatum (merge request)
• Support Microsoft SAML attribute names by default (merge request)
• Avoid calling Git in gitlab-backup-cli.gemspec (merge request)
• Update gitlab-elasticsearch-indexer to 4.5.0 (merge request)
• Fix not efficient alert when you exceeding free storage by @marc-andre.vezeau.exfo (merge request) GitLab Enterprise Edition
• Using a constant for the file amount by @manav014 (merge request)
• Remove duplicated index from merge_request_assignees (merge request)
• Removes feature flag service_desk_new_note_email_native_attachments (merge request)
• Added ApplicationRateLimit for Namespace update API (merge request)
• Fix: Rich Text Editor - Copy/Paste Text from Table Not Behaving Properly by @Himani_Mehra (merge request)
• Update feature flags default_enabled to true (merge request) GitLab Enterprise Edition
• Update adherence table based on ux discussions (merge request) GitLab Enterprise Edition
• Change triggered badge to trigger token (merge request)
• Removes extra line from actions menu (merge request)
• Migrate "Enable for this project" runner button (merge request)
• Prevent update of default branch if block_unprotecting_branches is set (merge request) GitLab Enterprise Edition
• Fix pending status check workers (merge request) GitLab Enterprise Edition
• Show stopping environments as well (merge request)
• Display project full path and remove namespace column from token table (merge request)
• Allow Jira organization admins to setup group links (merge request)
• Added new setting allow_project_creation_for_guest_and_below (merge request)
• Allow you to pass docker options to the Sitespeed docker by @nvalenzuela_paciolan (merge request)
• Update filtering in compliance center docs (merge request)
• Update pagination on the standards adherence table (merge request) GitLab Enterprise Edition
• Updates Ci::Catalog::Resources::CreateService (merge request)
• Add field to query organizations for a given user (merge request)
• This MR adds ability to select projects (merge request) GitLab Enterprise Edition
• Update terraform init default state name (default) (merge request)
• This MR disables unprotect button (merge request) GitLab Enterprise Edition
• Update Learn Gitlab progress bar (merge request) GitLab Enterprise Edition
• Migrate vulnerability state dropdown to Listbox (merge request) GitLab Enterprise Edition
• Don't delete project if the repository is moving to a different shard (merge request)
• Add devops adoption to registration features (merge request) GitLab Enterprise Edition
• Backfill p_ci_builds bigint conversion columns (merge request)
• Adds Ci::Catalog::Resources::ReleaseService (merge request)
• Separates type and status icons in headers (merge request)
• Change color for Kotlin language by @gustavoandresimon (merge request)
• Contribution analytics: Remove request batching when using Clickhouse (merge request) GitLab Enterprise Edition
• UserCore - Add lastActivityOn (merge request)
• Restructure work item header (merge request)
• Initialize bigint conversion for p_ci_builds for self-host (merge request)
• Add delete user vscode_settings endpoint (merge request)
• Add Confidentiality Badge to Test Case Sticky Header (merge request)
• Migrate zoekt_shards to zoekt_nodes (merge request)
• Add setting for external redirect page for job artifacts by @ftab (merge request)
• Use new import status in bulk_import_history_app (merge request)
• Update Kaniko CI template by @mh4ckt3mh4ckt1c4s (merge request)
• Add keyboard shortcut for compare button (merge request)
• Log project repository storage (merge request)
• Default enable allow_streaming_audit_events_to_amazon_s3 feature flag (merge request)
• Add scope argument with all option (merge request)
• Add fixed width and truncate framework badge (merge request)
• Migrate buttons in notes_helper.rb (merge request)
• Enable super sidebar for logged-out users (merge request)
• Update error message for DAG circular dependency (merge request)
• Add a usage quotas card for SaaS project limits = 0 state (merge request) GitLab Enterprise Edition
• Add advanced search to registration features (merge request) GitLab Enterprise Edition
• New CiIcons (merge request)
• refactor: Validate package_name_pattern format in protection rule by @gerardo-navarro (merge request)
• Use the list tags repository API to fetch tags (merge request)
• Ignore plain-text columns from Users::CreditCardValidation model (merge request)
• Fix license category in license compliance widget (merge request)
• Update code suggestion input limits (merge request) GitLab Enterprise Edition
• Activity feed: Update private contribution to use new style (merge request)
• Update enterprise badge, filtering, and disabling 2FA to new definition (merge request) GitLab Enterprise Edition
• Swapped AIGenieChat with DuoChat component (merge request) GitLab Enterprise Edition
• Tweaks plan limit validations to support unlimited (merge request) GitLab Enterprise Edition
• Changes label link to subscribed tab (merge request)
• Add toast when pin item added and removed (merge request)
• Increase spacing of CI Catalog badge (merge request)
• feat: Added field id for the graphql Packages::Protection::RuleType by @gerardo-navarro (merge request)
• Add bold styling to user activity (merge request)
• Allow to move project repositories in hidden/pending_delete state (merge request)
• Allow self-signed certs when adding certs to a pages domain (merge request)
• Increase container spacing (merge request)
• Cleanup for converted ci_pipeline_messages.pipeline_id (merge request)
• Reorders form in admin namespace limits view (merge request) GitLab Enterprise Edition
• Document known issue regarding runner token rotation (merge request)
• Remove avatars from user profile activity (merge request)
• Update dependency auto-build-image to v1.49.0 (merge request)
• Guidance to disable git SSH limit (merge request)
• Add possibility for minimal forks (merge request)
• Add AWS S3 streaming destinations (merge request) GitLab Enterprise Edition
• Migrate header_actions to GlDisclosureDropdown (merge request)
• Link to ruby/gems in Ruby upgrade docs (merge request)
• Format tooltip wait time values in seconds (merge request)
• Cleanup for converted ci_sources_pipelines.pipeline_id (merge request)
• Migrate issue_move_dropdown to GlCollapsibleListbox (merge request)
• Migrates dropdown to Pajamas disclosure (merge request) GitLab Enterprise Edition
• Add DB tables to allow group approval rules (merge request) GitLab Enterprise Edition
• Replace the legacy openai_experimentation FF with ai_global_switch (merge request) GitLab Enterprise Edition
• Pipeline graph: Change group alignments (merge request)
• Update test_file_finder to 0.2.1 (merge request)
• This MR fixes Injections clashing with Computed (merge request) GitLab Enterprise Edition
• Mask shared_with_group and source` if the group is private (merge request)
• Removes new registration flow feedback banner (merge request)
• Removed the composer_use_ssh_source_urls feature flag (merge request)
• Improve runner registration instructions (merge request)
• Adds button to return to runners list from dashboard (merge request) GitLab Enterprise Edition
• Update GraphQL default ability field description (merge request)
• Move compare to beginning of common tree view buttons (merge request)
• Fix trial page footer (merge request) GitLab Enterprise Edition
• Replace all delete tag calls with compliant endpoint (merge request) GitLab Enterprise Edition
• Remove math node limit for wikis and blobs (merge request)
• Migrate dropdown to disclosure dropdown (merge request)
• Add users and permissions report to registration features (merge request) GitLab Enterprise Edition
• Splits namespace usage quotas storage cards by limit type (merge request) GitLab Enterprise Edition
• Update add_catalog_resource helper (merge request)
• Sort emojis based on Unicode ordering (merge request)
• Swapping columns for ci_pipelines for self-host (merge request)
• Redesign of freetrial (merge request) GitLab Enterprise Edition
• Replace cross-joins on approval rules (merge request)
• Added link to commit in commited changes banner (merge request)
• Add aria-hidden attr (merge request) GitLab Enterprise Edition
• Add model validations (merge request) GitLab Enterprise Edition
• Tidy up Activity feed (merge request)
• Swapping columns for ci_stages for self-host (merge request)
• Sync scan_result_policy_violations for license_scanning rules (merge request) GitLab Enterprise Edition
• Update mermaid version to 10.6.0 (merge request)
• Restore repositories from backup manifest files (merge request)
• Remove Chat Self Discover Feature flag (merge request)
• Improve issues metric names in Value Streams Dashboard (merge request) GitLab Enterprise Edition
• This MR fixes undefined in v-on handler (merge request) GitLab Enterprise Edition
• Add worker to timeout status check responses (merge request) GitLab Enterprise Edition
• Improve Jira issue creation dropdown (merge request)
• Block call to CustomersDot when too many namespace name updates (merge request) GitLab Enterprise Edition
• Cleanup for converted ci_pipeline_chat_data.pipeline_id (merge request)
• Moves authorization to runs/experiments resources (merge request)
• Refactor import logos (merge request)
• Replicate object pools during the migration (merge request)
• Add creator information to header of the runner (merge request)
• Add DB tables to allow group approval rules (merge request) GitLab Enterprise Edition
• Add Lock project membership to group to registration features (merge request) GitLab Enterprise Edition
• Expose list of custom roles (merge request)
• Remove drop_job_on_secrets_provider_not_found feature flag (merge request) GitLab Enterprise Edition
• Re-do swapping columns for ci_stages (merge request)
• Add tooltip to status check mr widget (merge request) GitLab Enterprise Edition
• Pipeline: Redesign Pipeline Graph (merge request)
• Small fixups for Bitbucket parallel importer (merge request)
• Improve Jira app config instructions (merge request)
• Format CI/CD analytics metrics using the browser settings (merge request)
• Refactor CiIcon (merge request)
• Move the content of service_usage_data page to metrics_and_profiling (merge request)
• Remove check_multiple_pipelines_for_security_reports feature flag (merge request) GitLab Enterprise Edition
• Remove isSingleRequest true from apollo query context (merge request) GitLab Enterprise Edition
• Use password input field for PAT (merge request)
• Add Service Level Agreement countdown timer to registration features (merge request) GitLab Enterprise Edition
• Cleanup bigint conversion for shared_runners_duration (merge request)
• Remove jwt_auth_space_delimited_scopes feature flag (merge request)
• Rename zoekt shards to nodes (merge request) GitLab Enterprise Edition
• Fix EscapeUtils deprecation warning (merge request) GitLab Enterprise Edition
• Move comment logic to parallel importer (merge request)
• Slack slash commands page: Migrate clipboard buttons (merge request)
• Update acts-as-taggable-on to 10.0 (merge request)
• Unify labelName and authorUsername GraphQL arguments (merge request) GitLab Enterprise Edition
• Add group webhooks to registration features (merge request) GitLab Enterprise Edition
• Underline links in package row component (merge request)
• Remove search_notes_hide_archived_projects (merge request)
• Clean up and remove ios_specific_templates experiment (merge request)
• Migrate actions buttons (merge request)
• Adds a new Danger check for changing column default (merge request)
• Update dependency auto-deploy-image to v2.60.0 (merge request)
• Remove search_merge_requests_hide_archived_projects (merge request)
• Geo Sites Form - Migrate Shards Dropdown (merge request) GitLab Enterprise Edition
• Change notifications/todos feature flag to current_user (merge request)
• Remove search_issues_hide_archived_projects flag (merge request)
• Move user profile actions into overflow menu (merge request)
• Search: Track autocomplete action (merge request)
• Allow permitted invalid approval settings for policy rule builder (merge request) GitLab Enterprise Edition
• Fix and migrate missing clipboard buttons (merge request)
• Add group file templates to registration features (merge request) GitLab Enterprise Edition
• Re-do swapping columns for ci_pipelines (merge request)
• Geo Replicable - Migrate Filter Dropdown (merge request) GitLab Enterprise Edition
• Allow environment override of NODE_OPTIONS for webpack by @twk3 (merge request)
• Update dependency auto-build-image to v1.46.0 (merge request)

Deprecated (1 change)

• Add bigint fields for epic descendant weights (merge request) GitLab Enterprise Edition

Removed (32 changes)

• Remove Rugged patches (step 2) (merge request)
• Remove ignored column from in_product_marketing_emails (merge request)
• Remove flux custom logic (merge request)
• Remove audit event related to third party AI setting (merge request) GitLab Enterprise Edition
• Remove all references to Third-Party AI features setting (merge request) GitLab Enterprise Edition
• Remove design_* and wiki_* ignore columns rule (merge request) GitLab Enterprise Edition
• Remove toggle to turn off new navigation (merge request)
• Cleanup generate description feature (merge request) GitLab Enterprise Edition
• Remove reversibility of Jira endpoints (merge request)
• Drop project_settings.jitsu_key (merge request)
• Remove Rugged patches (merge request)
• Remove unused redis-namespace gem (merge request)
• Remove projects.scss from FF (merge request)
• Remove redundant indexes within Optimize (merge request)
• Remove COOP header (merge request)
• Remove unused Geo::FileRegistryFinder class (merge request) GitLab Enterprise Edition
• Remove deprecated status data from Geo Site Status API (merge request) GitLab Enterprise Edition
• Remove unused #user_table_headers (merge request)
• Delete dupliacted index_scan_result_policies_on_policy_configuration_id (merge request)
• Remove merge_request_refs_cleanup feature flag (merge request)
• Drop unused project_registry table (merge request) GitLab Enterprise Edition
• Remove unused #visibility_level_helper method (merge request)
• Remove the disable merge trains flag (merge request) GitLab Enterprise Edition
• Remove unused wiki_sort_title helper (merge request)
• Drop column force_full_reconciliation from workspaces (merge request)
• Remove Snowplow event generator as obsolete (merge request)
• Remove unused feature flag sync_mr_approval_rules_security_policies (merge request) GitLab Enterprise Edition
• Remove unbatch_graphql_queries FF (merge request)
• Remove value_stream_dashboard_on_off_setting FF (merge request) GitLab Enterprise Edition
• Silent Mode - Remove experiement badge (merge request)
• Remove columns from users and application settings (merge request)
• Remove the tasks to be done worker (merge request)

Security (10 changes)

• Update RedCloth gem to include CVE fix (merge request)
• Proxy asset URLs with protocol but no slashes (merge request)
• Fix infinite loop when finding component project
• Add abuse detection for pipes
• Remove FIFO files from tarball extract
• Guard gitlab_version_check helper
• Add the environment action to the CI JWT token fields
• Prevent unprivileged user assignment in templated projects
• Fixes Service Desk email template issue description privileges
• Update sidekiq to 6.5.12 (merge request)

Performance (10 changes)

• Fix cross-join test failure for ApprovalProjectRule method (merge request)
• Enable and remove the FF ci_fix_performance_pipelines_json_endpoint (merge request)
• Remove notes count from network graph (merge request)
• Use InOperatorOptimization module on standards adherence dashboard (merge request) GitLab Enterprise Edition
• Increase GraphQL client timeout (merge request)
• Add index to catalog_resources on state (merge request)
• Drop an index in deployments table (merge request)
• perf: Improve performance of create_package_service_spec by @gerardo-navarro (merge request)
• Removing offending line to see what pipeline issues arise (merge request)
• Security findings performance improvements (merge request) GitLab Enterprise Edition

Other (58 changes)

• Cleanup package metadata feature flags (merge request)
• Drops unused index from namespaces (merge request)
• Denormalize visibility_level column on catalog_resources (merge request)
• Remove FF use_pipeline_wizard_for_pages (merge request)
• Remove FF create_deployment_only_for_processable_jobs (merge request)
• Remove admin_group_member FF (merge request) GitLab Enterprise Edition
• Remove feature flag data_transfer_monitoring_mock_data (merge request)
• Update the mr doc (merge request)
• Remove all scope from GitClassProxy (merge request) GitLab Enterprise Edition
• Clarify component paths and directory structure (merge request)
• Initialize bigint conversion for system_note_metadata (merge request)
• Reduce duplicate job key TTL from 6 hrs to 10 mins (merge request)
• Dropping repositories columns from geo_node_statuses table by @TamsilAmani (merge request)
• Make BulkImports workers retriable (merge request)
• Doc: non-public email is used for commit match (merge request)
• Make Direct Transfer export workers retriable (merge request)
• Bump devise version to 4.9.3 (merge request)
• Update sentry gems to 5.12.0 (merge request)
• Replace redigo with go-redis (merge request)
• Remove feature flag definition file (merge request)
• Replace database_cleaner with database_cleaner-active_record (merge request)
• Include author username in avatar on Repository (merge request)
• Update wiki search query to filter archived project results (merge request) GitLab Enterprise Edition
• Enable GitLab HTTP_V2 (merge request)
• Use Tooling::FindChanges for scripts/lint-doc.sh by @Taucher2003 (merge request)
• Remove alignment rule for header actions (merge request)
• Improve color contrast ratio to pass WCAG recomendation (merge request)
• refactor: Rename helper file to be consistent with its module name by @gerardo-navarro (merge request)
• Remove temp index by @TamsilAmani (merge request)
• Drop an unused index for GitLab.com (merge request)
• Re-add unique index on design_user_mentions (merge request)
• Remove :vulnerability_report_grouping feature flag (merge request) GitLab Enterprise Edition
• Remove log_verification_user_not_found method from identity verification (merge request) GitLab Enterprise Edition
• Adds cop to ensure mandatory keys in bbm dictionary (merge request)
• Cleanup feature flag verify_push_rules_for_first_commit (merge request)
• test: Adjust feature category to package registry by @gerardo-navarro (merge request)
• Remove super_sidebar_nav_enrolled feature flag (merge request)
• Unite Clickhouse CI data ingestion FF (merge request)
• Display username on smaller screens (merge request)
• Remove cached_security_policies feature flag (merge request) GitLab Enterprise Edition
• Drop the old unique index on approval merge request rule table (merge request)
• Replace kebab menu with x for work item child (merge request)
• Cascade auto_canceled_by_partition_id to canceled jobs (merge request)
• Add auto_canceled_by_partition_id to p_ci_builds for self-managed (merge request)
• Drop the use of namespace in Sidekiq and Mailroom delivery (merge request)
• Add tracking to the pipeline IID dropdown (merge request)
• Add an endpoint for internal/zoekt/callback (merge request) GitLab Enterprise Edition
• Use less attributes for builds initialization (merge request)
• Cleanup geo_registries_update_mutation FF (merge request)
• Fixed shortcut test (merge request)
• Migrate SubmitDropdown to GlDisclosureDropdown (merge request)
• Added generated column to diff files (merge request)
• Check if work item hierarchy widget link redirects properly (merge request) GitLab Enterprise Edition
• Remove unnecessary EntityWorker calls (merge request)
• Drops unused idx namespaces_on_shared_and_extra_runners_minutes_limit (merge request)
• Raise rate limit error with type (merge request)
• Remove pubsub migration helper for actioncable (merge request)
• Use partitioned table for CommitStatus (merge request)

16.5.4 (2023-12-13)

Fixed (1 change)

• Truncate verification failure message to 255 GitLab Enterprise Edition

Security (8 changes)

• Prevent tag names starting with SHA-1 and SHA-256 values (merge request)
• Pass encoded file paths to router (merge request)
• Validate access level of user while rotating token (merge request)
• Fix large time_spent value causing GraphQL error Integer out of bounds (merge request)
• Restrict Protected branch access via group to direct members (merge request)
• Remove the ability to fork and create MR for auditors (merge request)
• Restrict passing variables on the pipeline schedule API (merge request)
• Smartcard auth: encrypt client cert in params (merge request)

16.5.3 (2023-11-30)

Security (11 changes)

• Validate adding members with higher role (merge request)
• Enforce ref protection on pipeline schedule updates (merge request)
• Update mermaid version for DOS security fixes (merge request)
• Prevent guest users from being able to add emojis in confidential issues (merge request)
• Do not run ssl cert validation if key has errors (merge request)
• Ensure access is checked when loading releases associated with tags (merge request)
• XSS and ReDoS in Markdown via Banzai pipeline of Jira (merge request)
• Prevent branch names starting with SHA-1 and SHA-256 values (merge request)
• Filter out projects with disabled package registry in Composer finder (merge request)
• Check max role for user for group access to protected ref (merge request)
• Treat security policy bots as external (merge request)

16.5.2 (2023-11-14)

Fixed (4 changes)

• Fix assign security check permission checks (merge request) GitLab Enterprise Edition
• Create group wiki repo if absent when verifying on primary (merge request) GitLab Enterprise Edition
• Fix broken issue rendering when initial ID is null (merge request)
• Backport artifacts page breadcrumb fixes (merge request)

16.5.1 (2023-10-30)

Fixed (1 change)

• Revert "Merge branch '419642-better-error-messages-for-pull-mirroring' into 'master'" by @Taucher2003

Security (7 changes)

• Fix infinite loop when finding component project (merge request)
• Guard gitlab_version_check helper (merge request)
• Add the environment action to the CI JWT token fields (merge request)
• Remove FIFO files from tarball extract (merge request)
• Backport add abuse detection for pipes (merge request)
• Prevent unprivileged user assignment in templated projects (merge request)
• Fixes Service Desk email template issue description privileges (merge request)

Other (1 change)

• Update migration to drop column only if it exists

16.5.0 (2023-10-20)

Added (140 changes)

• Add branch field to Telegram integration (merge request)
• Add validation for restrictions on work item links (merge request)
• Optimize index for adjourned project deletion (merge request)
• Add parent widget to work items (merge request) GitLab Enterprise Edition
• VSD drill-down links inherit labels from panel filter (merge request) GitLab Enterprise Edition
• Increased the limit of linked items that can be added at the time (merge request)
• feat: Add graphql query for package protection rules by @gerardo-navarro (merge request)
• Hide snippets of banned users (merge request)
• Add counts with no DORA data within scope (merge request) GitLab Enterprise Edition
• Adds notes to abuse reports backend (merge request)
• Enable the print_wiki feature flag by default (merge request)
• Convert user columns in projects to LFKs (merge request)
• Add Cloud Connector service design doc (merge request)
• Add ancestors field to hierarchy widget (merge request)
• Adding GraphQL endpoint for blocking merge requests (merge request) GitLab Enterprise Edition
• Enable Global Search For Epics by @sd5869 (merge request) GitLab Enterprise Edition
• Allow container registry with disabled repository by @Taucher2003 (merge request)
• Boilerplate for /-/ml/models/{model_id} (merge request)
• Remove the server_side_frecent_namespaces feature flag (merge request)
• Add container scanning properties (merge request)
• Add "Manage Project Access Tokens" custom permission (merge request) GitLab Enterprise Edition
• Create notes for new issuable links in async job (merge request)
• Prevent delete protected branches via security policies (merge request) GitLab Enterprise Edition
• Support HTML in merge request review AI summary (merge request)
• Remove the verification_reminder feature flag (merge request) GitLab Enterprise Edition
• Add default related link restrictions (merge request)
• Enable Vulnerability Report Grouping feature flag by default (merge request) GitLab Enterprise Edition
• Trigger webhook on delete release event (merge request)
• Establishes dependency between migrations and BBMs (merge request)
• Add status_message to package graphql payload (merge request)
• Add manage group members as custom permissions (merge request) GitLab Enterprise Edition
• Add option to turn off math rendering limits (merge request)
• Add support for group mention events to Discord integration by @Taucher2003 (merge request)
• Remove api_keyset_pagination_multi_order FF (merge request)
• Adding new scope for_package_name for package protection rule by @gerardo-navarro (merge request)
• Add database indexes for hashed in user_credit_card_validations (merge request)
• Remove batch_delay_jira_branch_sync_worker feature flag (merge request)
• feat: Introducing basics for protecting containers by @gerardo-navarro (merge request)
• GraphQL API for updating audit event streaming amazon_s3_configurations (merge request) GitLab Enterprise Edition
• Enable new Service Desk list by default (merge request)
• Add ambiguous ref modal (merge request)
• Add push/pull token for rename API (merge request)
• Adding update api for instance GCP (merge request) GitLab Enterprise Edition
• Implement mergeabilityChecks GraphQL field (merge request)
• Add a tooltip to include archived filter (merge request)
• Add migration for locking on login attempts settings (merge request)
• Remove declarative policy gem cached attributes patch (merge request)
• Reads mail-key from CC in general email receiver (merge request)
• Add configurable API requests setting (merge request)
• Add rails support for GetFileAttributes RPC (merge request)
• Hide snippets of banned users (merge request)
• Add add_child quick action for work items (merge request)
• Cleanup index_nuget_symbol_files feature flag (merge request)
• Adds pagination to model index (merge request)
• Add remediations filter to finder (merge request) GitLab Enterprise Edition
• Expose has_failures attribute in Direct Transfer API (merge request)
• Add deployment events as supported by discord integration by @Taucher2003 (merge request)
• Added missing states to GraphQL UserState by @jboeijenga (merge request)
• Enable fast-forward and semi-linear merge trains (merge request)
• feat: Add graphql mutation to create package protection rules by @gerardo-navarro (merge request)
• Update vulnerability_reads after remediation creation (merge request)
• Added possibility to filter notes on the GraphQL resolver by @zillemarco (merge request)
• Disallow reserved domains from being verified (merge request) GitLab Enterprise Edition
• Updates model experiments visibility through API (merge request)
• Add support for pull request reviewers (merge request)
• Add clickhouse logs to production (merge request)
• Add vulnerabilities column to sbom_occurrences (merge request) GitLab Enterprise Edition
• Add export route and worker for CSV (merge request) GitLab Enterprise Edition
• Change value streams project ids filter contraint (merge request)
• Added active param while header creation (merge request) GitLab Enterprise Edition
• Add Enterprise group attributes to admin UI (merge request) GitLab Enterprise Edition
• Index nuget symbol files (merge request)
• Adding feature for activating or deactivating headers (merge request) GitLab Enterprise Edition
• Add scope and service for statistics usage export (merge request) GitLab Enterprise Edition
• Update epic hierarchy restrictions records (merge request)
• Add work items related link restrictions table (merge request)
• Add API for listing audit events amazon_s3_configurations for a group (merge request) GitLab Enterprise Edition
• Add integrations placeholder (merge request)
• Add API for creating amazon_s3_configurations for audit event streaming (merge request) GitLab Enterprise Edition
• Added syntax options drawer document (merge request) GitLab Enterprise Edition
• Expose access_locked? as locked (merge request)
• Add new filters to issues completed count (merge request) GitLab Enterprise Edition
• Add missing has_merge_request argument (merge request) GitLab Enterprise Edition
• Remove linked item from the work item (merge request) GitLab Enterprise Edition
• Add set_parent quick action for work items (merge request)
• Displays ai_features token only when available (merge request) GitLab Enterprise Edition
• Implement REST API to create (limited) PAT with PAT (merge request)
• Schedule CronJob to refresh assigned users (merge request) GitLab Enterprise Edition
• Allow to persist value stream settings (merge request) GitLab Enterprise Edition
• Ingest CVSS vectors if given (merge request) GitLab Enterprise Edition
• Update config_version & force_full_reconciliation for stale workspaces (merge request) GitLab Enterprise Edition
• Reschedule finding_id backfilling (merge request)
• Add feature to stream audit events to Amazon S3 destinations (merge request) GitLab Enterprise Edition
• Introduce new column on approval merge request rules (merge request)
• Force include all resources logic for workspaces (merge request) GitLab Enterprise Edition
• Support NuGet Delete Service (merge request)
• Add regex validation to string CI inputs (merge request)
• Create table and model for value stream settings (merge request) GitLab Enterprise Edition
• Add foreign key for ci_stages.pipeline_id_convert_to_bigint (merge request)
• Add foreign key for ci_sources_pipelines bigint conversion (merge request)
• Allow actor override when Direct Transfer disabled (merge request)
• Set patch_id_sha on record creation (merge request)
• Add foreign key for ci_pipelines.auto_canceled_by_id_convert_to_bigint (merge request)
• Enable group_level_licenses by default (merge request) GitLab Enterprise Edition
• Adding OKR checkin reminder email notifications (merge request) GitLab Enterprise Edition
• Add documentation for locked labels (merge request)
• Broadcast chat messages to all clients (merge request) GitLab Enterprise Edition
• Add container registry DB enabled flag to usage ping (merge request)
• Cleanup after vulnerability_occurrences.uuid type migration (merge request)
• Ability to search and link work item (merge request)
• Release admin_merge_request granular permission (merge request) GitLab Enterprise Edition
• Populate finding_id in manual Vulnerability creation service objects (merge request) GitLab Enterprise Edition
• Display a ref type icon in the ref selector (merge request)
• Make GraphQL note and user types countable (merge request)
• Add 'latest_released_at' column to catalog_resources table (merge request)
• Limit number of issues that can be linked to an issue (merge request)
• Create p_ci_finished_build_ch_sync_events table (merge request) GitLab Enterprise Edition
• Add cvss column to vulnerabilities table (merge request)
• Sync create indexes for ci_sources_pipelines pipeline_id conversion (merge request)
• Save draft new releases to local storage (merge request)
• Add security policy schema to block unprotecting branches (merge request) GitLab Enterprise Edition
• Add an option to use unidiff format for diff API responses (merge request)
• Manage achievements order on profile by @Taucher2003 (merge request)
• Typecast both query sides to UUID for safe type migration (merge request)
• Create temporary index on uuid column to support typecasting (merge request)
• Add compare button to tree view page (merge request)
• Add last_assigned_users_refreshed_at column (merge request)
• Add new column to hierarchy restrictions table (merge request)
• Move repository storage to BasicProjectDetails (merge request)
• Add force_include_all_resources field to workspaces (merge request)
• Add support for nuget v2 feed download endpoint (merge request)
• Track weight and sprint_id for VSA issues (merge request)
• Record and display fetched GitHub PR reviewers (merge request)
• Apply filtering of projects by topic for DORA score counts (merge request) GitLab Enterprise Edition
• Geo Replicables - SSF Bulk Actions UI (merge request) GitLab Enterprise Edition
• Add hasParent to issue type (merge request) GitLab Enterprise Edition
• Backfill vulnerabilities.finding_id column (merge request)
• Ensure backfill of default branch protection setting (merge request)
• Sync create indexes for ci_pipelines pipeline_id conversion (merge request)
• Sync creation of i_compliance_violations_for_export (merge request)

Fixed (152 changes)

• Fix combined negated filters for issues (merge request)
• Toggle Auto DevOps extra settings (merge request)
• Fix param names in RelatedLinksCreateWorker (merge request)
• Add work_item_related_link_restrictions to deletion exceptions (merge request)
• Clear AI availability check when members get added (merge request) GitLab Enterprise Edition
• Fix bleeding of page size selector in vulnerability report grouping (merge request) GitLab Enterprise Edition
• Update last_assigned_users_refreshed_at column (merge request) GitLab Enterprise Edition
• Improve create VSA error messaging (merge request) GitLab Enterprise Edition
• Fix missing UI text (merge request)
• Gracefully handle space-delimited scopes in registry /jwt/auth requests (merge request)
• Fix k8s namespaced services list (merge request)
• Do not send empty strings as a chunk (merge request) GitLab Enterprise Edition
• Allow expand/collapse with chevron on vulnerability report grouping (merge request) GitLab Enterprise Edition
• Update mime-types to v3.5.1 and mime-types data to 3.2023.1003 (merge request)
• Catch semver_dialects parse errors (merge request) GitLab Enterprise Edition
• Remove the routing when container exists in wiki cleanup from elastic (merge request) GitLab Enterprise Edition
• Use UntrustedRegexp with inputs regex (merge request)
• Fixed users API docs using a PAT that triggered secret detection by @zillemarco (merge request)
• Fix gitlab_username_claim support for OmniAuth providers (merge request)
• Fix pipeline schedules view when owner is nil (merge request)
• Update migration worker preflight check (merge request) GitLab Enterprise Edition
• Check supported versions when querying compressed package metadata (merge request) GitLab Enterprise Edition
• Switch success to primary variant in split_button (merge request) GitLab Enterprise Edition
• Allow empty email field on LDAP entry (merge request)
• Do not save linked resources if the incident is not persisted (merge request)
• Import missing projects specific CSS on more list pages (merge request)
• Fix regression for breadcrumbs styling after moving projects.scss (merge request)
• Render user menu dropdown list items in <ul> (merge request)
• Block un-UTF-8-able tag names (merge request)
• Fix work item child items widget overflow (merge request)
• Prevent Meta+K default behaviour in rich text editors by @a.shreya202 (merge request)
• Reindex wikis to fix routing and backfill archived (merge request) GitLab Enterprise Edition
• Remove "Skip to main content" link from navigation when logged out (merge request)
• Fix super sidebar update for learn gitlab when updating percent (merge request) GitLab Enterprise Edition
• Fix text overflow in performance bar in text only zoom mode in FF (merge request)
• Fix Direct Transfer stage incorrect execution order due to failures (merge request)
• Fetch missing commits during Bitbucket server import (merge request)
• Geo: Avoid getting resources stuck in Queued (merge request) GitLab Enterprise Edition
• Fix GraphQL ConnectionFilterExtension for list types by @zzaakiirr (merge request)
• Show task icon instead of status in linked item widget (merge request)
• Do not show runner manager as online when registering (merge request)
• Filter k8s services by namespace (merge request)
• Remove active scope in add-on purchase lookup for SM (merge request) GitLab Enterprise Edition
• Fix dummy email for omniauth integrations (merge request)
• Fix spelling corrections not working in RTE (merge request)
• Return 400 Bad Request if request parameters cannot be decoded (merge request)
• Fix Jira issues with 'Done' status do not appear on vulnerability page by @egor-kh (merge request) GitLab Enterprise Edition
• Fix vulnerability statistics gathering query for A grade projects (merge request) GitLab Enterprise Edition
• Fix jest console error on unit tests (merge request)
• Updates schema validation index query (merge request)
• Hide logo images from accessibility tree (merge request)
• Prevent serialization from failing in RTE (merge request)
• Fixes MLflow run search compatibility (merge request)
• Fix failing migration when commit_message_negative_regex is missing (merge request)
• Fixes error when mail without to header in ServiceDeskHandler (merge request)
• Fix vulnerability statistics calculation query (merge request) GitLab Enterprise Edition
• Fix validation error not shown on first click (merge request)
• Protected environment settings modal overflow fix (merge request) GitLab Enterprise Edition
• New navigation display tooltip on keyboard focus (merge request)
• Gracefully handle exceptions (merge request)
• Maintain elasticsearch for epics on label deletion (merge request) GitLab Enterprise Edition
• Temporarily allow listing cross join (merge request)
• Prevent existing undeleted user access to return true (merge request)
• Remove new repository on failed replication (merge request)
• Add nav element to logged out header (merge request)
• Disable group readme mountpoint when gitlab-profile project is private by @Taucher2003 (merge request)
• MR sidebar toggle button position fix (merge request)
• Code generation: skip trailing white spaces suffix (merge request) GitLab Enterprise Edition
• Fix GitHub Import workers from aborting when rate limit is reached (merge request)
• Keep locking_version when updating partitioned records (merge request)
• Fix Security Policy Bot not created when SAML is enabled (merge request) GitLab Enterprise Edition
• Fix issue creation from pipeline security modal (merge request)
• Front-end support for bigint board weight fields (merge request) GitLab Enterprise Edition
• ChatOps calls should record user activity (merge request)
• Enable k8s cluster when CI/CI is disabled by @abhiandthetruth (merge request)
• Fix update of optional_approvals in bot comment (merge request) GitLab Enterprise Edition
• Prevents note column swap migration to fail (merge request)
• Do no re-enqueue timed-out bulk imports (merge request)
• Disable routing in delete for force wiki reindexing (merge request) GitLab Enterprise Edition
• Fix draft comment files not loading (merge request)
• Fix pages custom domain requests being redirected to unique domain (merge request)
• ToDo: Fix count when not filtered (merge request)
• Set pipeline schedule owner_id to importer user when importing (merge request)
• Attempt to parse Redis cert_file and key_file only if defined (merge request)
• Fix GraphQL API for clearing issue contacts (merge request)
• Update vulnerability_read when vulnerability dismissed (merge request) GitLab Enterprise Edition
• Fix GraphQL userNotesCount when not logged in (merge request)
• Cache database_id before doing other work (merge request)
• Fix dropdown alignment in new navigation (merge request)
• Performance Bar: Fix darkmode link color (merge request)
• Fix ci pipeline reference when pushing duplicate NuGet package (merge request)
• Recover environments that are stuck stopping (merge request)
• Invite project mmembers overlay dropdown overflow fix (merge request) GitLab Enterprise Edition
• Fix security policy bot not created when group does not allow new users (merge request) GitLab Enterprise Edition
• Show work item comments locked only after loading (merge request)
• Fix experiment rollout logic (merge request)
• Fixed VSA multi-select project dropdown (merge request)
• Return 401 token invalid form graphql (merge request)
• ToDo badge: Fix count when list is filtered (merge request)
• Stops log from resetting line in every section (merge request)
• Avoid account lockout when account password automatically set (merge request)
• Fix permissions on :read_pipeline_schedule (merge request)
• Keep branch name in a search input (merge request)
• Fix avatar wrapping in work items child objectives widget (merge request)
• Remove orphaned approval rules for imported project/merge request (merge request)
• Revert auth changes on the Composer registry package endpoint (merge request)
• Update ChatName activity timestamp throttle (merge request)
• Remove extra spacing around epic header actions (merge request)
• Child issues and epics widget: Fix alignment and overflow issue (merge request) GitLab Enterprise Edition
• Fix position of job sidebar with performance bar enabled (merge request)
• Fix "Continue editing" button being retained (merge request)
• Add preload hint for GitLab Sans italic font (merge request)
• Prevent modification of security_policy_bot members (merge request) GitLab Enterprise Edition
• Fixes confidentiality handling of NoteForm component (merge request)
• Fix enum fields data propagation (merge request)
• Fix auto-scrolling to Markdown anchors (merge request)
• Limit GraphQL job trace HTML summary to 16KiB (merge request)
• Remove list marker and href attribute (merge request)
• Ensure TLS is disabled with dind service in Code Quality template (merge request)
• Ensure consistent behavior when LDAP encryption config missing (merge request)
• Add merged_commit_sha to queries for merge requests (merge request)
• Fix Direct Transfer stages execution order (merge request)
• Fix composer API to work with CI job token by @ar-mali (merge request)
• Ensure empty relation file exists on disk even if nothing was exported (merge request)
• Add redirecting to identity verification success page back (merge request) GitLab Enterprise Edition
• Fix NoMethodError on CreateBotService when authorization is enabled (merge request) GitLab Enterprise Edition
• Fixes overflow of username in note header in the timeline (merge request)
• Use a more robust extraction function to get the file hash (merge request)
• Send notification emails using background worker (merge request)
• Fix WorkItemUpdate mutation permissions (merge request)
• Add missing provider ID field (merge request) GitLab Enterprise Edition
• Resolve tooltip on navigation toggle button staying visible on mobile (merge request)
• Add report abuse button to epic actions (merge request)
• Remove extra margin on members tabs (merge request)
• Fix missing sha default in merge trains API (merge request) GitLab Enterprise Edition
• Support Microsoft Graph pagination (merge request) GitLab Enterprise Edition
• Fix N+1 for indexing epics and milestones (merge request) GitLab Enterprise Edition
• InternalEvents.track_event should be called with objects and not ids (merge request)
• Fix merge request header icons (merge request)
• Super sidebar contextual header restore font-weight (merge request)
• Verify VSD point target_project_id (merge request) GitLab Enterprise Edition
• Improve ci schema to support several forms of scripts by @pm9551 (merge request)
• Fix invalid HTML markup in super sidebar (merge request)
• This MR adds check for namespace (merge request) GitLab Enterprise Edition
• Only add confirmed accounts directly as member (merge request)
• Fix Markdown rendering references inside inline diff (merge request)
• Fix CLI messages for project limits in SM (merge request) GitLab Enterprise Edition
• Fix mobile alignment of MR AI summary (merge request)
• Fixing import list pagination bug (merge request)
• Fix incorrect SystemHook GitLab header (merge request)
• Fixes the .merge-request-tabs-holder background color in darkmode (merge request)
• Don't signal MR rebase if on current fast-forward train (merge request) GitLab Enterprise Edition

Changed (221 changes)

• Remove user dropdown from terms layout (merge request)
• Display name of user that triggered CI on candidate table by @zzaakiirr (merge request)
• Swap the columns for ci_pipeline_variables (merge request)
• Update devise-two-factor to 4.1.1 (merge request)
• Add logo to PivotalTracker integration (merge request)
• Update tanuki image for new user onboarding (merge request) GitLab Enterprise Edition
• Remove loading spinner in feature flagged todo button (merge request)
• Update similar_by_holder_name & similar_records in CreditCardValidation (merge request)
• Migrate cancel button iin shared/notes/form (merge request)
• Migrate group_dropdown to import_target_dropdown (merge request)
• Move epic notifications and todos (merge request)
• Remove unused blob header files (merge request)
• Remove unncessary typecasting in SQL queries (merge request) GitLab Enterprise Edition
• Improve test case action dropdown (merge request) GitLab Enterprise Edition
• Migrate GlDropdown component to use GlCollapsibleListbox (merge request)
• Remove feature flag database_analyze_on_partitioned_tables (merge request)
• Add pipeline name to GraphQL API (merge request)
• Add Confidentiality Checkbox to New Test Case Form (merge request) GitLab Enterprise Edition
• Add system-out and system-err to test parsing by @evigeant (merge request)
• Remove summarize_diff_abstraction_layer feature flag (merge request) GitLab Enterprise Edition
• Added logging to TokensController (merge request)
• Upgrade GitLab Pages to latest version (merge request)
• Update adherence_report_ui ff to default enabled (merge request)
• Dark mode label fix (merge request)
• Update notifications documentation (merge request)
• Geo Sites Form - Migrate Namespace Dropdown (merge request) GitLab Enterprise Edition
• Remove domain verification SSO redirect feature flag (merge request) GitLab Enterprise Edition
• Add contribution analytics to registration features (merge request) GitLab Enterprise Edition
• Add geo_handle_after_create to all replicators (merge request) GitLab Enterprise Edition
• Import LFS objects (merge request)
• Add internal API to receive zoekt heartbeats (merge request)
• Add logo to Jira integration (merge request)
• Add logo to Pushover integration (merge request)
• Update empty state component (merge request)
• Update dependency auto-deploy-image to v2.59.1 (merge request)
• Migrate the epic actions dropdown to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
• Synch index addition for index_vulnerabilities_on_project_id_and_id (merge request) GitLab Enterprise Edition
• Remove dead code in pipeline presenter (merge request)
• Add schedules pagination (merge request)
• Remove search_commits_hide_archived_projects flag (merge request)
• Fixing rubocop testid exceptions No. 3 (merge request) GitLab Enterprise Edition
• Improve order of mention autocomplete results (merge request)
• Remove search_blobs_hide_archived_projects flag (merge request)
• Move notifications and todos on issues (merge request)
• Ci::BuildNeed name limit increase (merge request)
• Activate and deactivate streaming headers (merge request) GitLab Enterprise Edition
• Migrate kerberos copy url button (merge request)
• Record a custom attribute when auto banning users (merge request)
• MR widget: Align environment button with widget expand button (merge request)
• Domain edit page: Migrate clipboard button (merge request)
• MR sidebar: Migrate clipboard buttons (merge request)
• Add project count for namespace API when admin (merge request) GitLab Enterprise Edition
• Clone repo clipboard button migration (merge request)
• Remove deprecated_clipboard_button from user homepage (merge request)
• SSH Key detail page: Migrate clipboard button (merge request)
• Commit SHA align appearance across pipeline, job, mr (merge request)
• Swap the columns for ci_sources_pipelines (merge request)
• Move projects.scss to page_bundles (merge request)
• Remove deprecated_clipboard_button in Slack (merge request)
• Swap the columns for ci_stages (merge request)
• Swap the columns for ci_pipelines (merge request)
• Make sure scoped label remove icon is visible (merge request)
• Change add-on availability to use UserAssignment (merge request) GitLab Enterprise Edition
• Add instance GCP logging streaming destinations (merge request) GitLab Enterprise Edition
• Migrate split_button to button group with Listbox (merge request) GitLab Enterprise Edition
• Remove move_close_into_dropdown feature flag (merge request)
• Add (gpg_key_id, id) index to gpg_signatures (merge request)
• Update dependency auto-deploy-image to v2.59.0 (merge request)
• Pass CVSS to common security report parser (merge request) GitLab Enterprise Edition
• Make impossible to turn on Rugged feature flags (merge request)
• Enable streaming for gitlab duo (merge request) GitLab Enterprise Edition
• Add email custom text to registration features (merge request) GitLab Enterprise Edition
• Update related epic links permissions (merge request) GitLab Enterprise Edition
• Geo: Proxy Git fetch/clone over SSH via Gitlab Shell (merge request) GitLab Enterprise Edition
• Removed MAX_PANELS_LIMIT for Value Streams Dashboard by @tedtran2019 (merge request) GitLab Enterprise Edition
• Change epic daterange dropdown to use listbox (merge request) GitLab Enterprise Edition
• Create deployments for ready-to-run jobs only (merge request)
• Modify ETV Anthropic implementation to remove precanned response text (merge request) GitLab Enterprise Edition
• Swap the columns for ci_pipeline_chat_data (merge request)
• Add issue analytics to registration features (merge request) GitLab Enterprise Edition
• Use font-display: swap for custom fonts (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Clean up the feature flag search_milestones_hide_archived_projects (merge request) GitLab Enterprise Edition
• Remove redundant version in runner details (merge request)
• Extract runner package host to constants.js by @orozot (merge request)
• Update dependency auto-deploy-image to v2.58.1 (merge request)
• Stop showing the explore plans link on the billing page (merge request) GitLab Enterprise Edition
• Use InOperatorOptimization for group vulnerabilities (merge request) GitLab Enterprise Edition
• Changes props on GlFormInut, GlFormSelect & GlDatepicker (merge request)
• Update tag size in warning alert (merge request)
• Add group wiki to registration features (merge request) GitLab Enterprise Edition
• Database backup script supports overriding individual database settings (merge request)
• Set force_include_all_resources to default true in database (merge request)
• Override project approval settings (merge request) GitLab Enterprise Edition
• Fix complaince in admin mode (merge request) GitLab Enterprise Edition
• Remove redundant details in runner page (merge request)
• Project overview Edit button fix (merge request)
• Remove group_level_licenses feature flag (merge request) GitLab Enterprise Edition
• Add licenses to group level dependency list export (merge request) GitLab Enterprise Edition
• Update illustrations (merge request)
• Move notifications and todos to buttons at top of page (merge request)
• Clean up automatic_trial_registration experiemnt (merge request) GitLab Enterprise Edition
• Enable semi-linear merge trains (behind feature flag) (merge request) GitLab Enterprise Edition
• Add the readme tab to the CI catalog details (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.58.0 (merge request)
• Fix broken master (merge request)
• Update loading of streaming destinations (merge request) GitLab Enterprise Edition
• Restructure Catalog details page (merge request) GitLab Enterprise Edition
• Improve spacing vulnerability details buttons (merge request) GitLab Enterprise Edition
• Allow restoring a specific backup with server-side backups (merge request)
• Update copy on welcome page during free registration (merge request) GitLab Enterprise Edition
• Remove group_level_dependencies ff (merge request) GitLab Enterprise Edition
• Allow group owner access to ssh certs api (merge request) GitLab Enterprise Edition
• Migrate build_timeout to respect the max (merge request)
• Add logo to Telegram integration (merge request)
• Use attachment_color for embed colors in Discord integration by @Taucher2003 (merge request)
• Pipeline detail: Update CiIcon to CiBadgeLink (merge request)
• Show additional access levels for custom roles (merge request) GitLab Enterprise Edition
• Update Jira links (merge request)
• This MR prevents page refresh (merge request) GitLab Enterprise Edition
• Shows all recorded metrics for a candidate (merge request)
• Save Vertex AI Access Token in database (merge request) GitLab Enterprise Edition
• Add logo to Bamboo integration (merge request)
• Rack::Attack - consider /oauth endpoints as API endpoints (merge request)
• Swap the columns for ci_pipeline_messages (merge request)
• Aligns upgrade badge to the surrounding text (merge request)
• Update mermaid version to 10.5.0 (merge request)
• Child issues and epics widget: Add empty message (merge request) GitLab Enterprise Edition
• Sync validate foreign key for ci_sources_pipelines (merge request)
• Sync validate foreign key for ci_pipelines (merge request)
• Add dev documentation for bitbucket importer (merge request)
• Add Sidebar Confidentiality Widget to Test Cases (merge request) GitLab Enterprise Edition
• Allow terraform reports to be seen with a blocked/incomplete state by @vermainfinite (merge request)
• Remove geo_batch_count feature flag (merge request) GitLab Enterprise Edition
• Use cronjob to delete old pages deployments (merge request)
• Remove references to lfs_batch_direct_downloads (merge request)
• Geo Sites - Migrate GlDropdown (merge request) GitLab Enterprise Edition
• Use CiBadgeLink instead of CiIcon for Pipeline Mini Graph (merge request)
• Add refresh_interval to gitlab:elastic:info (merge request) GitLab Enterprise Edition
• Performance Bar improvements (merge request)
• Remove redundant runner version upgrade alert (merge request) GitLab Enterprise Edition
• Adding OKR checkin reminder todo item (merge request) GitLab Enterprise Edition
• Fix grammar in approval rules docs (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Enable cached_security_policies by default (merge request) GitLab Enterprise Edition
• Create pending status check responses per MR (merge request) GitLab Enterprise Edition
• Update the upgrade badge to contain more details (merge request) GitLab Enterprise Edition
• Sync validate foreign key for ci_stages (merge request)
• Export last activity details (merge request) GitLab Enterprise Edition
• Expand import error message (merge request)
• Update adherence table thWidths (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Allow long group description (backend) by @freznicek (merge request)
• Remove "Add seats" btn from usage quotas for community plans (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.57.0 (merge request)
• Consolidate Puma low-level error handler code (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Swap columns for shared_runners_duration conversion (merge request)
• Truncate time in environments page by @vermainfinite (merge request)
• Update dependency auto-build-image to v1.42.0 (merge request)
• Allow merges in the absence of a pipeline (merge request)
• Improve standards adherence report (merge request) GitLab Enterprise Edition
• When user has 2FA enabled, do not attempt OAuth password auth (merge request)
• Enable ingest_sbom_licenses by default (merge request) GitLab Enterprise Edition
• feat: Add runner type badge to jobs table in admin job page by @gerardo-navarro (merge request)
• Remove visible_label_selection_on_metadata feature flag (merge request)
• Replace loading icon with destination path as text (merge request)
• Import bitbucket notes (merge request)
• MIgrate chat names to GlTable (merge request)
• Replace feature flag for Code Suggestions tab on Usage Quotas page (merge request) GitLab Enterprise Edition
• Update text in CI status badges (merge request)
• Update docs for status check removal (merge request)
• Cleaning up build_ios_app_guide_email experiment (merge request)
• Update AI architecture documentation (merge request)
• Fix cross database join in fetch_policy_approvers_service (merge request) GitLab Enterprise Edition
• Tidy up jobs list (merge request)
• Remove maxlength limit from the group description textarea (merge request)
• Handle optional approvals in policy bot comment (merge request) GitLab Enterprise Edition
• Fix RetryJob mutation ID type (merge request)
• Adding index on work_item_progresses.reminder_frequency (merge request)
• Make epic creation dropdown Pajamas compliant (merge request) GitLab Enterprise Edition
• Hide Application Analytics when experiments are disabled (merge request)
• Job page: restructre page (merge request)
• Make pipeline header mobile (merge request)
• Raise MissingAttributeError with explicit message (merge request)
• Find squashed commit if normal commit is not found on import (merge request)
• Respond with 401 instead of 404 on npm unauthenticated requests (merge request)
• Updates CiIcon to CiBadge (merge request)
• Enforce not null constraints for workspace personal_access_token_id (merge request)
• Rename framework folder to projects (merge request) GitLab Enterprise Edition
• Remove deprecated unlock LDAP membership feature (merge request) GitLab Enterprise Edition
• Add pagination to standards adherence table (merge request) GitLab Enterprise Edition
• Add optional SHA parameter to CI lint API by @oula.kuuva (merge request)
• Make boards selector dropdown Pajamas compliant (merge request)
• Move labels.scss to page_bundles from page_specific_bundles (merge request)
• Update artifacts page layout (merge request)
• Removes the mobile_devops_projects_promo feature flag (merge request)
• Redirect product planning hierachy page (merge request)
• Update spacing and classes of user profile controls (merge request)
• feat(web_ide): Added new API for VS Code Settings (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Fix for z-index bug for label filter (merge request)
• Upgrade to grpc v1.58.0 (merge request)
• Rename copy of GitHub PR attachments stat (merge request)
• Update Rails to 7.0.8 (merge request)
• Use handRaiseLeadButton in code_suggestions_intro (merge request) GitLab Enterprise Edition
• Updates CSP for Google Analytics 4 (merge request)
• Update URL for work items with type issue (merge request)
• Update job page layout (merge request)
• Remove use of the welcome controller and route in CE (merge request)
• Fix epic header actions when feature flag is off (merge request) GitLab Enterprise Edition
• Import bitbucket issues (merge request)
• Feature flag cleanup: standalone finding modal FE (merge request) GitLab Enterprise Edition
• Add project push rules changes auditor (merge request) GitLab Enterprise Edition
• Enable the ssh access by default in the Composer package registry (merge request)
• Update schedule pipeline layout (merge request)
• Do not save contributors and exports fields in npm metadata (merge request)
• Prevent namespace level banned users from accessing inviting projects (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Sync validate foreign key for ci_pipeline_messages (merge request)

Deprecated (2 changes)

• Deprecate groupApprovers field in ScanResultPolicyType (merge request) GitLab Enterprise Edition
• Add deprecation for openSUSE Leap 15.4 (merge request)

Removed (26 changes)

• Re-remove the member_tasks table (merge request)
• Clean up bigint conversion for notes (self-managed) (merge request)
• Remove gitlab_gtm_datalayer feature flag (merge request) GitLab Enterprise Edition
• Remove remove_legacy_github_client flag (merge request)
• Remove member_tasks table (merge request)
• Remove issuable features moved popover (merge request)
• Remove Gitlab::Shell#mv_repository calls (merge request)
• Remove user_pat_rest_api FF (merge request)
• Remove feature flag content_editor_on_issues (merge request)
• Remove feature flag enforce_vulnerability_attributes_rules enabled (merge request) GitLab Enterprise Edition
• Remove Pages migration from legacy outdated code (merge request)
• Remove feature flag scan_execution_policy_pipelines enabled by default (merge request) GitLab Enterprise Edition
• Remove legacy replication for project repositories (merge request) GitLab Enterprise Edition
• Remove tasks to be done for members from service and api layer (merge request)
• Drop unused PA cluster settings (merge request)
• Remove k8s_proxy_pat FF (merge request)
• Removed feature flag deactivation_email_additional_text (merge request)
• Remove callout for rich text editor (merge request)
• Remove the deprecated DeleteContainerRepositoryWorker (merge request)
• Remove the arkose_labs_login_challenge feature (merge request) GitLab Enterprise Edition
• Remove unused diff_merge_request_whitespace_link helper (merge request)
• Geo Replicables - Remove RESTful support Vuex (merge request) GitLab Enterprise Edition
• Drop ignored columns from geo_node_statuses (merge request)
• Remove restrict_special_characters_in_namespace_path feature flag (merge request)
• Remove asana gem dependency (merge request)
• Geo Replicables - Remove RESTful support from UI (merge request) GitLab Enterprise Edition

Security (20 changes)

• Enforce that the policy is executed by the bot user (merge request) GitLab Enterprise Edition
• Fix Maven request forward vulnerability to response splitting (merge request) GitLab Enterprise Edition
• Update URI gem to v0.12.2 (merge request)
• Fix leaking source code of restricted project through a fork
• Allow only one membership for security policy bots
• Delete of member branch protection rules cascadingly
• Revert "Merge branch 'security-415371-block-fifo-file' into 'master'"
• Prevents Ci::Build data from being rendered
• Restrict Project Fork Linking to Owners and Admins
• Prevent collaboration across forks when author cannot push
• Reset all approvals when target branch changes
• Default to using the asset proxy
• Pipelines will have no access to protected vars and may fail with tags
• Destroy group service accounts when removing group
• Fix SSO Enforcement for shared groups and projects
• Prevent math hijacking page elements
• Allow Maintainer+ to list Sentry projects
• Validate typeflag of import archive file
• Prevent leaking CI variables via fork MRs
• Mark any CI builds that are not complete as canceled when imported

Performance (6 changes)

• GitHub attachment importers resume their work (merge request)
• Sync removal of index_events_on_author_id_and_created_at_merge_requests (merge request)
• Drop index_deployments_on_project_id_and_ref concurrently (merge request)
• Remove index_deployments_on_project_id_and_ref async-ly (merge request)
• Async remove index_events_on_author_id_and_created_at_merge_requests (merge request)
• Query the sum of approvals required instead of calculating it in Rails (merge request) GitLab Enterprise Edition

Other (73 changes)

• Complete rollout of new pipeline unlock mechanism (merge request)
• Async create index for env state updated at (merge request)
• Add auto_canceled_by_partition_id to p_ci_builds (merge request)
• Drops unused index_namespaces_on_ldap_sync_last_update_at (merge request)
• Change the validation to take into account for the new column (merge request)
• refactor: Improve consistency in create_package_service_spec by @gerardo-navarro (merge request)
• Adds initial developer docs for Model Registry (merge request)
• Migrate webhook resend request button (merge request)
• Backfill has_remediations on existing vulnerability_reads records (merge request)
• Removing temporary index used to backfill project stats by @TamsilAmani (merge request)
• refactor: Use BaseProjectService for CreateRuleService by @gerardo-navarro (merge request)
• Default enable inherit_higher_access_levels_no_cross_join flag (merge request)
• This MR removes on_demand_scans_runner_tags FF (merge request) GitLab Enterprise Edition
• refactor: Add enum for push_protected_up_to_access_level by @gerardo-navarro (merge request)
• Dropping unused idx index_namespaces_on_updated_at (merge request)
• Bump Gitlab Shell to 14.29.0 (merge request)
• Remove issues AI related feature flags (merge request) GitLab Enterprise Edition
• Remove the feature_flag use_new_zoekt_indexer (merge request) GitLab Enterprise Edition
• Remove the hardcoding for getting shard (merge request) GitLab Enterprise Edition
• Removing ff advanceStageTimeout (merge request)
• Renamed groupFilters to reportGroupFilters by @tedtran2019 (merge request)
• Update validation message when verifying sha (merge request)
• Remove use_traversal_ids feature flag (merge request)
• Guidelines regarding rolling out percentages Feature Flags (merge request)
• Reindex and remove merge_requests from main index (merge request) GitLab Enterprise Edition
• Update sass npm from 1.49.9 to 1.69.0 by @tnir (merge request)
• Resolve ambiguous references for archive metadata (merge request)
• Cleanup/promote to production gtm_nonce feature flag (merge request)
• Migrate widget action buttons to GlDisclosureDropdown (merge request)
• refactor: Align file location of package protection rule factory by @gerardo-navarro (merge request)
• Add email_with_layout in access_token_revoked_email method by @KiranSatyaRaj (merge request)
• Send schema_version value flags for blob, commit and wiki (merge request) GitLab Enterprise Edition
• Add documentation related to link work items (merge request)
• Reindex notes from main index (merge request) GitLab Enterprise Edition
• Removing the feature flag loose_foreign_keys_batch_load_using_union (merge request)
• Cleanup FFs for migrating exclusive lease (merge request)
• Remove elastic_file_name_reverse_optimization feature flag (merge request) GitLab Enterprise Edition
• Refactors boolean validation specs using 'validate_inclusion_of' by @harshitprasad (merge request)
• Remove optimize_find_routable feature flag (merge request)
• Drop an unused index on the namespaces table (merge request)
• Remove FF bulk_imports_batched_import_export (merge request)
• Add a migration to remove hashed_root_namespace_id from users index (merge request) GitLab Enterprise Edition
• Use QueuesMetadata for duplicate jobs (merge request)
• Add automated accessibility tests (merge request)
• Externalize strings from viewer_swicher.html.haml by @wwwxx4869 (merge request)
• Write licenses to sbom_occurrences table (merge request) GitLab Enterprise Edition
• Removing a leftover from previous removal (merge request)
• Cleanup deploy_key_for_protected_tags feature flag (merge request)
• Use a dedicated client for workhorse-redis (merge request)
• Drop an unused index on the namespaces table (merge request)
• Remove ff standard_merge_train_ref_merge_commit (merge request) GitLab Enterprise Edition
• Remove 'gitlab_duo' feature flag (merge request) GitLab Enterprise Edition
• Remove 'ai_related_settings' feature flag (merge request) GitLab Enterprise Edition
• Remove mention of ai_redis_chat (merge request) GitLab Enterprise Edition
• Remove 'tanuki_bot' feature flag (merge request) GitLab Enterprise Edition
• Remove 'explain_code_snippet' feature flag (merge request) GitLab Enterprise Edition
• Remove 'chat_epic_identifier' FF (merge request) GitLab Enterprise Edition
• Remove 'ai_tool_info' feature flag (merge request) GitLab Enterprise Edition
• Drop an unused index on the namespaces table (merge request)
• Feature flags rollout instructions update (merge request)
• Add SaaS guard on onboarding controller (merge request) GitLab Enterprise Edition
• Cleanup errors_utf_8_encoding feature flag (merge request)
• Cleanup "optimize_group_template_query" feature flag (merge request)
• Remove the chatops feature flag since it's enabled by default (merge request)
• Added styles to to email by @NIKU-SINGH (merge request)
• Add index on ci_job_artifacts file_final_path (merge request)
• Update documentation regarding deprecated random feature flags (merge request)
• Adds "name" field to provide machine readable status (merge request)
• Remove self_and_hierarchy scope feature flag (merge request)
• Add endpoint_id label to web transaction metrics (merge request)
• Remove FF when canceling redundant pipelines (merge request)
• Alias read_namespace to access_namespace and move usages to new ability by @Taucher2003 (merge request)
• Remove custom_roles_on_groups feature flag (merge request) GitLab Enterprise Edition

16.4.4 (2023-12-13)

Security (8 changes)

• Prevent tag names starting with SHA-1 and SHA-256 values (merge request)
• Pass encoded file paths to router (merge request)
• Validate access level of user while rotating token (merge request)
• Fix large time_spent value causing GraphQL error Integer out of bounds (merge request)
• Restrict Protected branch access via group to direct members (merge request)
• Remove the ability to fork and create MR for auditors (merge request)
• Restrict passing variables on the pipeline schedule API (merge request)
• Smartcard auth: encrypt client cert in params (merge request)

16.4.3 (2023-11-30)

Fixed (1 change)

• Fix assign security check permission checks GitLab Enterprise Edition

Security (10 changes)

• Enforce ref protection on pipeline schedule updates (merge request)
• Update mermaid version for DOS security fixes (merge request)
• Prevent guest users from being able to add emojis in confidential issues (merge request)
• Do not run ssl cert validation if key has errors (merge request)
• Ensure access is checked when loading releases associated with tags (merge request)
• XSS and ReDoS in Markdown via Banzai pipeline of Jira (merge request)
• Prevent branch names starting with SHA-1 and SHA-256 values (merge request)
• Filter out projects with disabled package registry in Composer finder (merge request)
• Check max role for user for group access to protected ref (merge request)
• Treat security policy bots as external (merge request)

16.4.2 (2023-10-30)

Fixed (4 changes)

• Fix pipeline schedules view when owner is nil
• Update dependency prometheus-client-mmap to '>= 0.28.1'
• Fix failing migration when commit_message_negative_regex is missing
• Backport fix flaky epic tests GitLab Enterprise Edition

Security (9 changes)

• Fix infinite loop when finding component project (merge request)
• Update gitlab-chronic-duration to 0.12 (merge request)
• Guard gitlab_version_check helper (merge request)
• Add the environment action to the CI JWT token fields (merge request)
• Remove FIFO files from tarball extract (merge request)
• Backport add abuse detection for pipes (merge request)
• Prevent unprivileged user assignment in templated projects (merge request)
• Fixes Service Desk email template issue description privileges (merge request)
• Update mermaid version for DOS fixes (merge request)

Other (1 change)

• Create Geo event when project is created GitLab Enterprise Edition

16.4.1 (2023-09-28)

Security (15 changes)

• Mark any CI builds that are not complete as canceled when imported (merge request)
• Destroy group service accounts when removing group (merge request)
• Fix SSO Enforcement for shared groups and projects (merge request)
• Prevents Ci::Build data from being rendered (merge request)
• Allow only one membership for security policy bots (merge request)
• Reset all approvals when target branch changes (merge request)
• Default to using the asset proxy (merge request)
• Restrict Project Fork Linking to Owners and Admins (merge request)
• Prevent math hijacking page elements (merge request)
• Delete of member branch protection rules cascadingly (merge request)
• Prevent collaboration across forks when author cannot push (merge request)
• Allow Maintainer+ to list Sentry projects (merge request)
• Fix leaking source code of restricted project through a fork (merge request)
• Prevent leaking CI variables via fork MRs (merge request)
• Pipelines will have no access to protected vars and may fail with tags (merge request)

16.4.0 (2023-09-21)

Added (179 changes)

• Create list for standards adherence report (merge request) GitLab Enterprise Edition
• Add keyset pagination support for /users endpoint (merge request)
• Add documentation for Self-Managed Code Suggestions (merge request)
• Added create api for instance level gcp destinations (merge request) GitLab Enterprise Edition
• Support multiline comment for code generation (merge request) GitLab Enterprise Edition
• Expose vulnerability_events integrations field (merge request) GitLab Enterprise Edition
• Added delete api for instance gcp config (merge request) GitLab Enterprise Edition
• Enable package_metadata_advisory_sync and... (merge request) GitLab Enterprise Edition
• Add /award quick action for work items (merge request)
• Added instance level gcp destination streaming (merge request) GitLab Enterprise Edition
• Graphql endpoint for listing all custom roles (merge request) GitLab Enterprise Edition
• Added archived filter for commits scope (merge request) GitLab Enterprise Edition
• Added archived filter for blobs scope (merge request) GitLab Enterprise Edition
• Add OpenSUSE 15.5 to the support OS page (merge request)
• Update severity count based on dismissal reason (merge request) GitLab Enterprise Edition
• Include the merge commits when checking if appoval is allowed (merge request)
• Support specifying TLS settings in resque.yml (merge request)
• Allow filtering by dismissal reason in vulnerabilitySeveritiesCount (merge request) GitLab Enterprise Edition
• Add snowplow_database_collector_hostname app setting (merge request)
• Create personal access token for workspaces without one (merge request) GitLab Enterprise Edition
• Add experimental info as warning (merge request)
• Added archived filter for notes scope (merge request) GitLab Enterprise Edition
• Add rest endpoints for group CA (merge request) GitLab Enterprise Edition
• Add basic input params restrictions (merge request) GitLab Enterprise Edition
• Enable merge_sbom_api FF (merge request) GitLab Enterprise Edition
• Create list for standards adherence report (merge request) GitLab Enterprise Edition
• Silent Mode - Add experiment badge (merge request)
• Enable UI portion for violation export (merge request) GitLab Enterprise Edition
• Adds duo_api scope for GitLab Duo endpoints (merge request) GitLab Enterprise Edition
• Add graphql mutation for continuous vuln scans (merge request) GitLab Enterprise Edition
• Update milestones search query to filter archived project results (merge request)
• Adds timestamp to sbom report (merge request) GitLab Enterprise Edition
• Updated issuable update mutations allowing null to reset time estimate by @zillemarco (merge request)
• Include has_merge_request field to vulnerabilities graphql (merge request) GitLab Enterprise Edition
• Include has_merge_request filter to vulnerabilities read finder (merge request) GitLab Enterprise Edition
• Allow to list group dashboard visualizations with GraphQL (merge request) GitLab Enterprise Edition
• Add cvs toggle to project security settings (merge request)
• Add refresh assignment worker (merge request) GitLab Enterprise Edition
• Adds Service Desk custom email (merge request)
• Show warning for single database connection (merge request)
• Implement /authorized_certs internal endpoint (merge request)
• Add help popover for dismissal reasons (merge request) GitLab Enterprise Edition
• Add the UserType in create/remove addon response (merge request) GitLab Enterprise Edition
• Create audit_events_amazon_s3_configurations table (merge request) GitLab Enterprise Edition
• Add setting for enabling Continuous Vulnerability Scans (merge request) GitLab Enterprise Edition
• Create index to support uuid typecasting asynchronously (merge request)
• Enable resolvable issue threads by default (merge request)
• GraphQL: Add analytics dashboards listing for groups (merge request) GitLab Enterprise Edition
• Include has_merge_request to vulnerabilities read model (merge request) GitLab Enterprise Edition
• Migration to add root_namespace_id to project_statistics (merge request)
• Silent Mode - Add UI Support (merge request)
• Create background migration to create compliance standards adherence (merge request)
• Call cleanup worker (merge request) GitLab Enterprise Edition
• Peek sidebar when mouse is over the toggle (merge request)
• Add group transfer hook for zoekt (merge request) GitLab Enterprise Edition
• List api for instance level gcl config (merge request) GitLab Enterprise Edition
• Add previousStageJobs field to JobType (merge request)
• Added archived filter to merge_request (merge request) GitLab Enterprise Edition
• Added filters button to search results (merge request)
• Display job external links in sidebar by @KyleFromKitware (merge request)
• Add API endpoint to get license usage data (merge request) GitLab Enterprise Edition
• Basic logic for tracking projects/groups visits in the backend (merge request)
• Release Security Policy branch exceptions (merge request) GitLab Enterprise Edition
• Introducing basics for protecting packages by @gerardo-navarro (merge request)
• Enahnce GraphQL to add fields for lockable labels (merge request)
• Remove hide_deprecated_billing_plans FF (merge request) GitLab Enterprise Edition
• Added archived filter for issues scope (merge request) GitLab Enterprise Edition
• Expose adminWorkItemLink permission in work items (merge request)
• Close similar abuse reports when primary abuse report is closed (merge request)
• Persist approval_settings and any_merge_request rules in policies (merge request) GitLab Enterprise Edition
• Release branch_exceptions feature flag for SaaS (merge request) GitLab Enterprise Edition
• Add Packages::Nuget::Symbol model and corresponding db table (merge request)
• Geo: Add Object Storage verification (filesize check) (merge request) GitLab Enterprise Edition
• Adds Service Desk custom email reply address (merge request)
• Enable on-hover flyout menus in sidebar of new navigation (merge request)
• Chore: add instance and docker-autoscaler executor types by @ar-mali (merge request)
• Adds support for runs/search MLflow API (merge request)
• Support registries to resync all and reverify all via GraphQL (merge request) GitLab Enterprise Edition
• Provide and edit dismissal reason when dismissing finding (merge request) GitLab Enterprise Edition
• Update MATLAB.gitlab-ci.yml to add a new build job by @sameagen-MW (merge request)
• Add notify_only_broken_pipelines field to Telegram (merge request)
• Added model validation and list active attribute for header (merge request) GitLab Enterprise Edition
• Add license type to dependency type (merge request) GitLab Enterprise Edition
• Add force_full_reconciliation field to workspaces (merge request)
• Add ComponentsFinder (merge request) GitLab Enterprise Edition
• Sessions cookie key to be configurable in development environment (merge request)
• Prepare async index for pipeline_id_convert_to_bigint (merge request)
• Sync create indexes for ci_stages pipeline_id conversion (merge request)
• Add extra attributes to Internal events tracking on frontend (merge request)
• Add validation for legacy epic issue relation (merge request) GitLab Enterprise Edition
• Add actual time that the MR was merged to merged MR list (merge request)
• Audit user password reset failure events (merge request) GitLab Enterprise Edition
• Adds Export Sbom APIs (merge request) GitLab Enterprise Edition
• Adding cached markdown fields to Review LLM Summaries (merge request)
• Support for include:rules:changes (merge request)
• Add state header to notification emails (merge request)
• Add vsd banner (merge request) GitLab Enterprise Edition
• Add foreign key for ci_pipeline_chat_data.pipeline_id_convert_to_bigint (merge request)
• Add foreign key for ci_pipeline_messages.pipeline_id_convert_to_bigint (merge request)
• Add cosign template (merge request)
• Add merged_commit_sha to merge_requests (merge request)
• Update advisory scanning to only scan recent (merge request) GitLab Enterprise Edition
• Release expose_dismissal_reason feature (merge request)
• Add a GraphQL query to get organization users (merge request)
• Create cron job to ensure merge requests are prepared (merge request)
• Table and model for instance level gcp config added (merge request) GitLab Enterprise Edition
• Add cleanup worker (merge request) GitLab Enterprise Edition
• Associate projects with organization (merge request)
• Add support for nuget v2 OData package entity endpoints (merge request)
• Display activity for similar open abuse reports when aggregated (merge request)
• Add pages_path_prefix job option (merge request)
• Send email when resource access token about to expire (merge request)
• Adds page URL params for packages list pagination (merge request)
• Prepare async index for pipeline_id_convert_to_bigint (merge request)
• Remove scan_execution_group_bot_users feature flag (merge request) GitLab Enterprise Edition
• Migration for service account users be declared as external (merge request) GitLab Enterprise Edition
• Prepare async index for pipeline_id_convert_to_bigint (merge request)
• Enable VSD count aggregation setting (merge request)
• Add BrowserSDK for page view tracking to Gitlab.com (merge request)
• Exclude archived projects from blob search (merge request) GitLab Enterprise Edition
• Add logo to integrations page (merge request)
• Allow verification of files in Object Storage (merge request) GitLab Enterprise Edition
• Remove elevated_guests FF (merge request) GitLab Enterprise Edition
• Add Geo bulk mark verification pending in batches (merge request) GitLab Enterprise Edition
• Add external issue author to graphql for service desk (merge request)
• Implement VSD GraphQL query (merge request) GitLab Enterprise Edition
• Add user_list to feature_flag api by @zhanglinjie (merge request)
• Backfill ProjectStatistics to use recent size (merge request)
• Add patch_id_sha column to approvals (merge request)
• Add filter argument to linkedItems field (merge request)
• Add group merge request approval setting for SAML (merge request)
• Remove the scan_execution_bot_users feature flag (merge request) GitLab Enterprise Edition
• Add scan policies count to security_orchestration_helper (merge request) GitLab Enterprise Edition
• Prepare async index for pipeline_id_convert_to_bigint (merge request)
• Add support for approval_settings and any_merge_request in policy schema (merge request) GitLab Enterprise Edition
• Remove ai_chat_history_context feature flag (merge request) GitLab Enterprise Edition
• Create index for pipeline_id_convert_to_bigint (merge request)
• Adds merge service (merge request) GitLab Enterprise Edition
• Add vulnerability's full path to CSV export (merge request) GitLab Enterprise Edition
• Synchronously create indexes for uuid colum type migration cleanup (merge request)
• Add frontend metrics tracking for Threat Insights (merge request) GitLab Enterprise Edition
• Adds page URL params for dependency proxy pagination (merge request)
• Schedule VSD CountWorker via Cron (merge request)
• Return response from streamed request to Anthropic (merge request) GitLab Enterprise Edition
• Remove namespace_storage_forks_cost_factor feature flag (merge request)
• Add admin_merge_request to member_roles table (merge request)
• Show custom emoji in issuable title in header & list (merge request) GitLab Enterprise Edition
• Add connected agents usage metric (merge request)
• Add usage data on new product analytics features (merge request)
• Add workspace variables table and add PAT to workspaces table (merge request) GitLab Enterprise Edition
• Globally Enable holt winters forecast for deployment frequency (merge request) GitLab Enterprise Edition
• Add lock_on_merge support for scoped labels (merge request)
• Expose uuid on VulnerabilityType (merge request) GitLab Enterprise Edition
• Expose solution on VulnerabilityType (merge request) GitLab Enterprise Edition
• Add a setting for allowing/disallowing duplicate NuGet package uploads (merge request)
• Add pages multiple version toggle (merge request)
• Audit delivery of confirmation emails (merge request) GitLab Enterprise Edition
• Adding decompress_archive_file_timeout to application settings (merge request)
• Add licenses column to sbom_occurrences table (merge request)
• Check Arkose's status, bypass captcha on sign-in if there is an outage (merge request) GitLab Enterprise Edition
• Add a background migration to fix the namespace_ids read records (merge request)
• Add popover to experiment badge (merge request) GitLab Enterprise Edition
• Include the type of work item in related system notes (merge request)
• Show confidential information when in work item notes (merge request)
• Add a GraphQL query to get organization groups (merge request)
• Toggle on/off rollup progress (merge request) GitLab Enterprise Edition
• Display similar abuse reports in detail view of an abuse report (merge request)
• Adding name field to google cloud logging audit destinations (merge request) GitLab Enterprise Edition
• Add GraphQL mutation to unlink items from a work item (merge request)
• Handle code suggestions add-on purchase in licenses (merge request) GitLab Enterprise Edition
• Dismiss card and copy text for AI discussion summary (merge request) GitLab Enterprise Edition
• Update label views to allow setting lock_on_merge (merge request)
• Populate denormalized columns for the sbom_occurrences table (merge request)
• Add Authorizations Changed Event consumer (merge request)
• Add metrics for Vulnerability Management actions (merge request) GitLab Enterprise Edition
• Add patch_id_sha field to REST API (merge request)
• Remove post_import_repository_size_check ff (merge request) GitLab Enterprise Edition
• Expose source branch protected and squash CI vars (merge request)
• Add DeclarativePolicy patch to memoize some attributes (merge request)

Fixed (167 changes)

• Fix GitHub repositories mirror (merge request)
• Fix import of subrelations on items with 1 emoji (merge request)
• Add period for consistency (merge request)
• Change vulnerability state to detected (merge request) GitLab Enterprise Edition
• Fix vulnerability report pagination alignment (merge request) GitLab Enterprise Edition
• Change last event id columns in geo_node_statuses table to bigint (merge request)
• Removing shared_into_ancestors from members query (merge request)
• Fix opt in email option during registration (merge request) GitLab Enterprise Edition
• Add infinite scroll to source branch dropdown (merge request)
• Update merged_commit_sha in MergeRequests::RefreshService (merge request)
• Add repository_size_limit permission checks (merge request) GitLab Enterprise Edition
• Fixed sligthly off text element on CI job sidebar by @zillemarco (merge request)
• Allow auditors/admins to view VSA (merge request) GitLab Enterprise Edition
• Let people make text bigger if they want to (merge request)
• Fix Geo secondary proxying Git pulls unnecessarily (merge request) GitLab Enterprise Edition
• Hide dropdown divider if user is issuable author (merge request)
• Capture gitaly errors in Security Policies to mitigate 500 errors (merge request) GitLab Enterprise Edition
• Fix feature flag check in Routable (merge request)
• Allow Service Account to be added to SSO-enforced group (merge request) GitLab Enterprise Edition
• Change dropdown label for when 'No one' role is selected (merge request)
• Move pin button to be sibling of nav item link in new navigation (merge request)
• Fix bug with MRs now showing diffs after bitbucket importer (merge request)
• Fix icon for submodules in the commit view (merge request)
• Fix checking of parent presence in namespace method (merge request)
• This MR fixes the bug scan execution policy (merge request) GitLab Enterprise Edition
• This MR fixes the bug (merge request) GitLab Enterprise Edition
• Removes empty alert from Insights page (merge request) GitLab Enterprise Edition
• Clear SafeRequestStore often when exporting (merge request)
• Fix PipelineBatchWorker retries (merge request)
• Update horizontal spacing on runner platform options (merge request)
• Fix pipeline editor file tree spacing (merge request)
• Fix Sidekiq NameError for BackfillNotificationJobsWorker (merge request)
• Fix push event description for batches (merge request)
• Fix redirects for 2fa and finish onboarding appropriately (merge request) GitLab Enterprise Edition
• Handle an exception when Git blame is out of range (merge request)
• Fix sidebar toggle tooltip (merge request)
• Support max_byte_size settings for instance SAML (merge request)
• Fix tooltip rendering in user bar (merge request)
• Inline SyncProjectWorker call in RefreshProjectPoliciesWorker (merge request) GitLab Enterprise Edition
• Fix OAuth bug related to openid_connect (merge request)
• Fix mermaid rendering (merge request)
• Fix admin_merge_request custom role when the feature is private (merge request) GitLab Enterprise Edition
• Remove update_chronic_duration feature flag (merge request)
• Allow CWE(uppercase) for security training (merge request) GitLab Enterprise Edition
• Update regex and mapped usernames to handle bug (merge request)
• Fix group member invite limit rendering (merge request)
• Combine devise 2FA strategies (merge request)
• Reset required approvals for violated rules (merge request) GitLab Enterprise Edition
• Adding contentHtml to review summary types (merge request) GitLab Enterprise Edition
• Fix notification dropdown hover in work_item_actions (merge request)
• Update calendar icon spacing on environments view (merge request)
• Reindex issues to fix possible wrong values of label_ids (merge request) GitLab Enterprise Edition
• Allow dismissal_reason updates on already dismissed findings (merge request) GitLab Enterprise Edition
• Reindex work_item to fix possible wrong values of label_ids (merge request) GitLab Enterprise Edition
• Handle old usernames that are substrings of new usernames (merge request)
• Make sure active nav item in sidebar is visible (merge request)
• Stop sending user to pages they don't have access to on invites (merge request)
• Update namespace_id in standards adherence when a project is moved (merge request) GitLab Enterprise Edition
• Fix active nav item for Service Desk page (merge request)
• Put exact matches first when searching for groups to transfer (merge request)
• Hide the issue from archived project for basic search (merge request)
• Fix positioning of retry job dropdown (merge request)
• Remove checksum guard on modifying service class (merge request) GitLab Enterprise Edition
• Fix broken learn more link (merge request)
• Reindex Issue when attached label gets deleted (merge request) GitLab Enterprise Edition
• Pipelines list: Fix focus state (merge request)
• Prevent pipeline creation while import is running (merge request)
• Pipelines list: Actions are pushed out of table (merge request)
• Properly handle lang attribute on code tags (merge request)
• Ensure include_source_code is appropriately passed to the template (merge request) GitLab Enterprise Edition
• Fix NoMethodError for ActivityPub (merge request)
• Enable sync with package metadata db by default (merge request)
• Jobs list: Fix focus states (merge request)
• Fix handling of locked scoped labels (merge request)
• Email confirmation setting to be considered (merge request) GitLab Enterprise Edition
• Limit the width of alerts on the MR page in fixed-width mode (merge request)
• Fix bug in references pipeline (merge request)
• Gitpod settings description margin bottom fix (Admin area) (merge request)
• Search query hash add filter, fix/refactor (merge request) GitLab Enterprise Edition
• GraphQL: Return error from runners query if permissions missing (merge request)
• Fix bridge policy raises an error when downstream_project is nil (merge request)
• Add background color to new MR tabs (merge request)
• Remove sideborder in incident timeline event by @zarthus (merge request)
• Note form: Normalize button spacing (merge request)
• Fix undefined method `labels' for Jira integration (merge request)
• Indicate user needs to login with primary email (merge request)
• Create iid sequence for ci_pipelines with new projects (merge request)
• Fix undefined method `labels' for Jira integration (merge request)
• Check if SBOM pipeline has ID set (merge request) GitLab Enterprise Edition
• Give dark-mode override higher specifity to fix bg color (merge request)
• Enable offset pagination FF for canceling pipelines (merge request)
• Add user allowlist to bypass Global Search rate limit (merge request)
• Include descendant members in user autocompletes (merge request)
• Fix placement of "Create new..." tooltip in navigation (merge request)
• Fix the date filter on the global time tracking report (merge request)
• Re-raise exceptions that happens during migration sampling (merge request)
• Fix source code range highlighting (merge request)
• Do not render "Create new..." menu when it's empty (merge request)
• Fix nil job JWTs when there are Gitaly connection issues (merge request)
• Fix secret detection ruleset variable suggestion (merge request) GitLab Enterprise Edition
• Refactor checking :enforce_locked_labels_on_merge (merge request)
• Remove redundant 'plan' from order summary details (merge request) GitLab Enterprise Edition
• Fix disappearing filtered search in Issues Analytics (merge request) GitLab Enterprise Edition
• Fix cluster service reindexing params (merge request) GitLab Enterprise Edition
• Add ability to search log header (merge request)
• Add username to users mapper (merge request)
• Change Vulnerability*Finder interaction with archived projects (merge request) GitLab Enterprise Edition
• Prevents Mail::SMTP monkey patch from overriding defaults (merge request)
• Fix vertical alignment of user status sidebar (merge request)
• GraphQL: Mask CiJob.shortSha when non-authorized (merge request)
• gitaly-test-spawn: Ensure that the gitlab-shell secret exists (merge request)
• Update header-height SCSS variable to CSS custom property (merge request)
• Modify ETV to use anthropic body streaming to fix timeout problems (merge request) GitLab Enterprise Edition
• Fix vertical alignment of emoji in cover status (merge request)
• Fix reference to groupApprovers in security approvals (merge request) GitLab Enterprise Edition
• Remove unused jitsu-related settings (merge request) GitLab Enterprise Edition
• Drop bridge jobs on unknown failures (merge request)
• Fix focus mode behaviour for boards (merge request)
• Fix incorrect feature check for group level of push rules (merge request) GitLab Enterprise Edition
• Fix Job URL shows 404 when it's bridge (merge request)
• Fix discrepancy in documentation (merge request)
• Fix false audit event for non persisted members (merge request) GitLab Enterprise Edition
• Increase DROPDOWN_X_OFFSET_BASE in create menu (merge request)
• Fixes missing "locked" checkbox from project runners form (merge request)
• Read latest ingested sbom pipeline id from redis (merge request) GitLab Enterprise Edition
• This MR fixes error for branch exceptions (merge request) GitLab Enterprise Edition
• Assignees & Participants: Fix show more buttons (merge request)
• Modify query for group.first_owner (merge request)
• Markdown editor: FIx alignment of notification warning (merge request)
• Fixing LooseForeignKeys tests for single-db (merge request)
• Pipeline widget: Fix alignment of elements (merge request)
• Remove gl-pt-2 class from sidebar search button wrapper (merge request)
• Introducing LFK CleanupWorker turbo mode (merge request)
• Backfill nuget normalized version (merge request)
• GraphQL: Mask job fields when requested for a non-owned runner (merge request)
• Prevent analyzers from being excluded in scan execution pipelines (merge request) GitLab Enterprise Edition
• Enable "optimize_group_template_query" FF (merge request)
• Fix timeout on group and instance security dashboards (merge request) GitLab Enterprise Edition
• Fix broken link formatting in Gitlab for Slack App (merge request)
• Fix duplicate license_scanning approval rule in MR approvals (merge request) GitLab Enterprise Edition
• Enable feature flag "errors_utf_8_encoding" by default (merge request)
• Perform scheduled scan execution policy in a separate worker (merge request) GitLab Enterprise Edition
• Label selection dropdown: Fix first item stays selected (merge request)
• Update group path updates with NPM packages (merge request)
• Adjust VulnerabilitiesFinderResolver to accept only dismissal reason (merge request) GitLab Enterprise Edition
• Direct import fails early when 2FA requirements not met (merge request)
• Fix issue url generation for group level issues (merge request)
• Don't send Service Desk emails when it's disabled (merge request)
• Projects list: truncate project name (merge request)
• Fix "Convert to task" item showing in epics (merge request)
• Reduce interference between Duo and discussion summary (merge request) GitLab Enterprise Edition
• gitaly_client: Fix indeterministic cherry-picks and reverts (merge request)
• Fixes comma placement for codeowners (merge request) GitLab Enterprise Edition
• Fix exposing artifacts with dot slash paths (merge request)
• Fixes failed render when job stage data is missing (merge request)
• Only include branch name pipeline editor link by @AaronDewes (merge request)
• Fix deployment webhook for bridge job (merge request)
• Support BigInt in front-end for dependency proxy size (merge request) GitLab Enterprise Edition
• Fix project listbox text not wrapping (merge request)
• Update brand logo accessible name for screen readers (merge request)
• Resync direct upload object stored artifacts (merge request) GitLab Enterprise Edition
• Disable deleting approval rules from scan result policies (merge request) GitLab Enterprise Edition
• Fix page title on Compare revisions (merge request)
• Fix Microsoft Application enablement for SaaS (merge request) GitLab Enterprise Edition
• Show iteration period in collapsed sidebar (merge request) GitLab Enterprise Edition
• Surface error when need name exceeds length (merge request)
• Add support for nuget normalized version (merge request)

Changed (224 changes)

• Imports Bitbucket pull requests (merge request)
• GitLab Pages unique domain feature default enabled (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Prevent deletion of security policy bot members (merge request) GitLab Enterprise Edition
• Work Item Quick Action: Set confidentiality (merge request)
• Create service accounts as external in one query (merge request) GitLab Enterprise Edition
• Rely on disk_path for PoolRepository identification (merge request)
• Remove warning from security_and_compliance page (merge request) GitLab Enterprise Edition
• Update code creation template (merge request) GitLab Enterprise Edition
• Update Confidentiality Sidebar to Support Test Cases (merge request)
• Lower redundant pipelines lookup to 3 days (merge request)
• Tweak active nav item with avatar styling (merge request)
• Add username in Web IDE new branch suggestion (merge request)
• Salesforce login button text change (merge request)
• Make actions optional for scan result policies (merge request) GitLab Enterprise Edition
• Only include sbom_occurrences with CVS enabled (merge request) GitLab Enterprise Edition
• Default prevent_visibility_restriction on and update docs (merge request)
• Default enable custom_roles_ui_[xxx] feature flags (merge request) GitLab Enterprise Edition
• Default enable expiring member notifications (merge request)
• Adds a new Danger check for renamed/dropped columns (merge request)
• Add (un)subscribe quick actions to work items (merge request)
• Add PagesDeployment#deleted_at field (merge request)
• Add username to push and pull mirroring form (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Synchronous index for finding_id to the vulnerabilities table (merge request) GitLab Enterprise Edition
• Clean up write_project_authorizations_is_unique feature flag (merge request)
• Add user preference to disable keyboard shortcuts by @FromTheStackAndBack (merge request)
• Add authorization on GET project_import endpoint (merge request)
• Enable admin_merge_request by default (merge request) GitLab Enterprise Edition
• Add language picker to trial registration page (merge request) GitLab Enterprise Edition
• Update group and admin runners layout (merge request)
• Update dependency auto-deploy-image to v2.56.0 (merge request)
• Move approval rules sync after security findings injestion (merge request) GitLab Enterprise Edition
• Include grace period for SM add-on expiration (merge request) GitLab Enterprise Edition
• Disable license scanning job (merge request)
• Stop creating summary when MR author submits a review (merge request) GitLab Enterprise Edition
• Move import and export settings to new section (merge request)
• This MR adds grouping to settings (merge request) GitLab Enterprise Edition
• Remove exact_matches_first_group_transfer feature flag (merge request)
• Update gpgme to v2.0.23 (merge request)
• Update job sidebar and layout (merge request)
• Finalize index on merge_requests.merged_commit_sha (merge request)
• Prevent re-testing webhook logs with outdated URLs (merge request)
• Refactor experimental features toggle for non-AI features (merge request) GitLab Enterprise Edition
• Remove the FF npm_optimize_metadata_generation (merge request)
• Add purchased storage available breakdown card (merge request) GitLab Enterprise Edition
• Add export for violation report (merge request) GitLab Enterprise Edition
• Update dependencies action bar design (merge request) GitLab Enterprise Edition
• Add if active for SCIM (merge request)
• Update integrations development guidelines (merge request)
• Update integrations' status types (merge request)
• Release 1.week TTL for importer JobWaiter keys (merge request)
• This MR adds new approval settings (merge request) GitLab Enterprise Edition
• Update spacing on CI variables table (merge request)
• Update trial column (merge request)
• Introduce admin jobs refactor (merge request)
• Ban users when spamcheck returns a BLOCK verdict (merge request)
• Update illustrations (merge request)
• Lock user for 15 mins after 3 failed login attempts (merge request)
• Enable scan result policies to block changes to protected branches (merge request) GitLab Enterprise Edition
• Update Illustrations (merge request)
• Remove available on-demand badge from ODS when FIPS mode is enabled (merge request) GitLab Enterprise Edition
• Add toggle action to award emoji update mutation (merge request)
• Return an unknown license from the JSON serializer (merge request)
• Use standard merge commit for merge trains (merge request)
• Respect rebase and squash settings when creating merge train ref (merge request)
• Add Configurate button to integrations list view (merge request)
• Update ProductAnalyticsDashboard type to CustomizableDashboard (merge request)
• Remove feature flag ci_commit_statuses_api_exclusive_lock (merge request)
• Enable streaming of audit events for protected environments (merge request) GitLab Enterprise Edition
• Adding checkin reminder setting quick action (merge request) GitLab Enterprise Edition
• Update re2 gem to v2.0.0.beta2 (merge request)
• Pipelines: Migrate Artifacts dropdown (merge request)
• This MR adds option to provide custom values (merge request) GitLab Enterprise Edition
• Hide work item meta data text in small screens (merge request)
• Extend width of jobs tabs to 100% (merge request)
• Super sidebar: Lighten theme background color (merge request)
• Migrate protected branch edit dropdowns to vue by @ShaneMaglangit (merge request)
• Migrate protected branch create dropdowns to vue by @ShaneMaglangit (merge request)
• Removing feature flag ff_external_audit_events (merge request) GitLab Enterprise Edition
• Support for marking Gitsign certs as Unverified by @ChevronTango (merge request)
• Update job sidebar UI (merge request)
• Move labels.scss to page_bundles from page_specific_bundles (merge request)
• Remove tooltip from "Apply" button for suggestions (merge request)
• This MR adds human readable strings (merge request) GitLab Enterprise Edition
• Fix highlighted tab on compliance center page (merge request) GitLab Enterprise Edition
• Update SAST auto-resolution comment to include link with more context (merge request) GitLab Enterprise Edition
• Add protected paths for get request by @zhanglinjie (merge request)
• Add user.id to explain_vulnerability cache key (merge request) GitLab Enterprise Edition
• Pipeline Editor cleanup (merge request)
• Make the BitBucket Cloud importer parallel (merge request)
• Add audit event for changed user profile visiblity (merge request) GitLab Enterprise Edition
• Use for root element in super sidebar (merge request)
• Update dependency auto-build-image to v1.41.0 (merge request)
• Update vulnerability_states filter to match default value (merge request) GitLab Enterprise Edition
• Fix scan execution policy CI variables for pipelines (merge request) GitLab Enterprise Edition
• Update pipeline checking pipeline status tooltip (merge request)
• Update adherence_report_ui ff scope (merge request) GitLab Enterprise Edition
• Geo Sites Form - Use namespace full_name (merge request) GitLab Enterprise Edition
• Re-implement language switcher for registrations (merge request)
• This MR adds new rule builder (merge request) GitLab Enterprise Edition
• Update vulnerability_reads trigger to set has_merge_request (merge request)
• Make License.feature_available? check for Registration Features (merge request)
• Initialize the conversion for shared_runners_duration (merge request)
• Remove min_access_level check (merge request) GitLab Enterprise Edition
• Increase the string limits for regex fields in push_rules (merge request) GitLab Enterprise Edition
• Convert members.user_id to LFK (merge request)
• Update show raw log icon button (merge request)
• Migrate to clipboard_button helper in commit box (merge request)
• Standardize language and terminologies across pipelines (merge request)
• Enable group_level_dependencies by default (merge request) GitLab Enterprise Edition
• Disable on demand scans when in FIPS mode (merge request) GitLab Enterprise Edition
• Display Confidential Icon in Project Test Cases List (merge request) GitLab Enterprise Edition
• Add exclusive lock to ensure only one pipeline is created (merge request)
• Ensure note id column swapping has finished for self managed (merge request)
• Updating UI text (merge request)
• Add slot for externalAuthor (merge request)
• Allow group maintainers to see group runner list (merge request)
• Replacing AuditEventService with Gitlab::Audit::Auditor by @TamsilAmani (merge request) GitLab Enterprise Edition
• Fixed user registration bug when no import sources selected (merge request) GitLab Enterprise Edition
• Rename ambiguosly named settings in pinned section (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• UI polish on the webhook log page (merge request)
• Remove the feature flag harbor_registry_integration (merge request)
• Enable fill_in_mr_template by default (merge request)
• Enable automatically_summarize_mr_review by default (merge request) GitLab Enterprise Edition
• Clean up support_ci_environment_variables_in_job_rules feature flag (merge request)
• Adds a single ops feature flag to disable all database feature flags (merge request)
• Add finding_id to the vulnerabilities table (merge request) GitLab Enterprise Edition
• Allow personal access token authentication in Kubernetes proxy (merge request)
• Add diagonal tolerance when moving the mouse towards flyout menu (merge request)
• Use Pajamas compliant clipboard btn in doorkeeper (merge request)
• Keep SAML Identity when deprovisioning via SCIM (merge request) GitLab Enterprise Edition
• Update gitlab-elasticsearch-indexer to 4.3.9 (merge request)
• URL parsing and sanitizing logic added for Relay State (merge request) GitLab Enterprise Edition
• Update job log page UI (merge request)
• Update validates_hostname gem (merge request)
• Migrate work_item_actions to GlDisclosureDropdown (merge request)
• Delay display of pinning buttons in sidebar (merge request)
• Migrate to PJ compliant button in merge_requests_helper (merge request)
• Update gitlab-pages (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Backfill prometheus integrations into http_integrations table (merge request)
• Add streaming capabilities for chat (merge request) GitLab Enterprise Edition
• Update job sidebar UI (merge request)
• Add re-deploy button (merge request)
• Migrates dependency proxy header dropdown to disclosure (merge request)
• Update user list component error message (merge request)
• Fix scan policies count to security_orchestration_helper (merge request) GitLab Enterprise Edition
• Migrate test report widget to V2 (merge request)
• Allow guest user seat assignment (merge request) GitLab Enterprise Edition
• Updates component fetching (merge request)
• Migrate work_item_links_menu to GlDisclosureDropdown (merge request)
• Improve Docker-in-Docker troubleshooting documentation (merge request)
• Migrates packages shared cli-commands dropdown to disclosure (merge request)
• Use Pajamas button component for Mattermost (merge request)
• Convert notification_settings.user_id to LFK (merge request)
• Remove seats_in_use_for_free_or_trial flag (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Add name to GCP logging streaming destinations (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request)
• Cached project-based ETAG lookup for GitHub email for a user (merge request)
• Use new ci badge link on last commit section (merge request)
• Add Confidential Attribute to CreateTestCase Mutation (merge request) GitLab Enterprise Edition
• Update button variant to newer options (merge request)
• Use browser language setting for registration flows (merge request)
• Pipeline: Change label for triggerer (merge request)
• Update dependency auto-deploy-image to v2.55.0 (merge request)
• Expose config option to show swagger operationId (merge request)
• Use Pajamas compliant clipboard button (merge request)
• Enable Sidekiq JSON logging by default (merge request)
• feat: Add new filter option runner_type to jobs page in admin area by @gerardo-navarro (merge request)
• Move job sidebar buttons to header (merge request)
• Use lighter gray for failed jobs toggle (merge request)
• Jobs list: Change created by (merge request)
• Use Action Cable to update notes in real-time (merge request)
• Pipelines Pagination spacing (merge request)
• Convert routes.namespace_id to LFK (merge request)
• Quarantined flaky invite feature spec becuase of broken master (merge request)
• Make search button in navigation more prominent by @deep-swaraj (merge request)
• Enable geo_proxy_lfs_batch_requests by default (merge request) GitLab Enterprise Edition
• Update top-bar on new project/group pages to be fixed to top of viewport (merge request)
• Remove unneeded template options, handle nil prompt situation (merge request) GitLab Enterprise Edition
• Set merge_request_refs_cleanup default_enabled: true (merge request)
• Updates error message and documentation for interpolator (merge request)
• Migrate security_report_download_dropdown to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
• Remove summarize_diff_vertex feature flag (merge request) GitLab Enterprise Edition
• Refactor inline-findings Drawer (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Enable unbatch_graphql_queries feature flag globally (merge request)
• Update ruby_parser to v3.20.3 (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Add limit for group count within namespaces (merge request) GitLab Enterprise Edition
• Use SSH URL in composer metadata source entry for non-public projects by @nickygerritsen (merge request)
• Add optional client_subscription_id (merge request) GitLab Enterprise Edition
• Enable emoji_webhooks feature flag by default (merge request)
• Respect merge method and squash preferences for merge train ref (merge request)
• Update premium and ultimate titles in plans table (merge request)
• Add protected branch warning (merge request)
• Migrate protected tag dropdowns to vue by @ShaneMaglangit (merge request)
• Migrate pagination bar dropdown to disclosure by @ShaneMaglangit (merge request)
• Update dependency auto-build-image to v1.40.0 (merge request)
• Prevent name collision between migrations (merge request)
• Change default theme to light gray (merge request)
• Migrate to GlCollapsibleListbox in work_item_activity_sort_filter (merge request)
• Sidebar navigation: Change badge background (merge request)
• Introduce schedules refactor (merge request)
• Implement explain vuln anthropic, use vertex by default (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.39.0 (merge request)
• Add PagesDomain#certificate_key length validation (merge request)
• Include double colon inside the translation (merge request) GitLab Enterprise Edition
• Remove FF search_projects_hide_archived (merge request)
• Access tokens - show token name in delete copy by @zarthus (merge request)
• Updated feedback URL (merge request) GitLab Enterprise Edition
• Update placeholder in GitLab Duo text input (merge request) GitLab Enterprise Edition
• Set max widths on project repository settings inputs (merge request)
• Disable feature flag using v1 package metadata sync (merge request) GitLab Enterprise Edition
• Add job status badges to runners list (merge request)
• Remove legacy plan reference from plan presenter (merge request) GitLab Enterprise Edition
• Sync validate foreign key for pipeline_id_convert_to_bigint (merge request)
• Update hex values (merge request)
• Update dependency auto-deploy-image to v2.54.0 (merge request)
• Rollout advanced_search_decrease_indexing_timeout (merge request) GitLab Enterprise Edition

Deprecated (4 changes)

• Make BuildSuccessWorker no-op (merge request)
• Redirect legacy /admin/geo/replication/projects route (merge request) GitLab Enterprise Edition
• Mark unused jitsu-related columns as ignored (merge request)
• Deprecate rake gitlab:list_repos (merge request)

Removed (23 changes)

• Remove cache_pages_domain_api feature flag (merge request)
• Drop unused design_registry table (merge request) GitLab Enterprise Edition
• Remove tasks to be done from onboarding and invite emails (merge request)
• Remove module github.com/grpc-ecosystem/go-grpc-middleware (merge request)
• Remove artifacts page feedback banner (merge request)
• Remove feature flag explain_current_blob (merge request)
• Remove legacy BitBucket Server importer (merge request)
• Cleanup feature flag security_policy_approval_notification (merge request) GitLab Enterprise Edition
• Remove :group_mentions feature flag (merge request)
• Remove deprecated wiki status data from Geo Sites Status API (merge request) GitLab Enterprise Edition
• Clean up project callout three (merge request)
• Remove CTE backward compatibility code (merge request)
• Remove unused namespace details columns for free user cap (merge request)
• Remove free user cap email notification workers (merge request) GitLab Enterprise Edition
• Remove dashboard_notification_limit column (merge request)
• Remove tmp_idx_vuln_reads_where_dismissal_reason_null index (merge request)
• Remove summarize_review_vertex feature flag (merge request)
• Remove Ultimate feature removal banner (merge request)
• Remove batched_api_mergeability_checks FF (merge request)
• Remove role required before action (merge request)
• Clean-up registration_verification feature flag (merge request)
• Perform step 2 in removal of unused dashboard columns (merge request)
• Remove code_suggestions_third_party_alert (merge request) GitLab Enterprise Edition

Security (17 changes)

• Enforce that the policy is executed by the bot user
• Bump query number on spec
• Update commonmarker to 0.23.10
• Service account users should be external by default
• Prevent namespace level banned users from accessing API
• Additional permission check when editing label
• Remove DAST secret variables when URL is updated
• Fix ReDOS in bulk_imports endpoint params
• Add authorization checks to import status endpoint
• Maintainer can leak sentry token by changing the configured URL
• Check prohibit_outer_forks in fork relationship api
• Remove channel properties from API when channels are masked by @Taucher2003 (merge request)
• Prevent traversal for path parameter in refs/switch endpoint
• Requires write_model_experiments on mlflow api
• Remove GCP private key from streaming audit events UI
• Gitaly keyset pager when pagination none only with tree view
• Prefix agent tokens with glagent- (merge request)

Performance (10 changes)

• Cache security policy YAML (merge request) GitLab Enterprise Edition
• Fix performance problem with Projects#new page (merge request) GitLab Enterprise Edition
• Optimize regexp matching (merge request) GitLab Enterprise Edition
• Drop index_deployments_on_id_where_cluster_id_present (merge request)
• Fix long sleeps removing load balancing hosts (merge request)
• Drop an index from the deployments table (merge request)
• Improve rich viewer frontend rendering (merge request)
• Remove an index on deployments table async-ly (merge request)
• Drop index_deployments_on_id_where_cluster_id_present async-ly (merge request)
• Remove duplicate empty state check (merge request)

Other (76 changes)

• Restart sent_notifications column swap for self-installed (merge request)
• Skips disconnecting old hosts when there is no need (merge request)
• Use partitioned table on CommitStatus (merge request)
• Set minimum pipeline batch size in RedisCacheStore (merge request)
• Remove .and_call_original as redundant (merge request) GitLab Enterprise Edition
• Create the sync migration of the prepared_at created_at index removal (merge request)
• Create the sync migration of the prepared_at created_at index addition (merge request)
• List related work items in the work item relationship widget (merge request) GitLab Enterprise Edition
• Add sync index on projects.organization_id (merge request)
• Remove feature flag introduce_ci_max_total_yaml_size_bytes (merge request)
• Backfill has_merge_request on existing vulnerability_reads records (merge request)
• Include the issues in advanced project search on archived project (merge request) GitLab Enterprise Edition
• Include merge requests in advanced project search on archived project (merge request) GitLab Enterprise Edition
• Manually analyze partitioned tables (merge request)
• Remove compressed_package_metadata_query flag (merge request) GitLab Enterprise Edition
• Added --location note to job artifacts api docs by @zillemarco (merge request)
• Prepare async index on file_final_path (merge request)
• Poll dual namespace for sidekiq by default (merge request)
• Remove commits documents from the main index (merge request) GitLab Enterprise Edition
• Simplify gitlab container repository delete tags services by @edith007 (merge request)
• Move Full stop period out of "Learn More" link by @jrachelr1 (merge request) GitLab Enterprise Edition
• Remove search_index_integrity feature flag (merge request) GitLab Enterprise Edition
• Remove command_palette feature flag (merge request)
• Add histogram for Redis pipeline size (merge request)
• Create a Work items relationship widget shell (merge request)
• Add a migration to force commit reindex some projects (merge request) GitLab Enterprise Edition
• Write a migration to backfill archived on milestones (merge request) GitLab Enterprise Edition
• Convert credit card validation data to hashes in database (merge request)
• Use a single flags for AI experimentation endpoint (merge request) GitLab Enterprise Edition
• Clean up flux_resource_for_environment feature flag (merge request)
• Remove multi_pipeline_scan_result_policies feature flag (merge request) GitLab Enterprise Edition
• Update Gitlab Shell version to 14.27.0 (merge request)
• Add migration to sync ScanResultPolicyRead (merge request)
• Rename Tofa experimentation endpoint to Vertex (merge request) GitLab Enterprise Edition
• Add pipeline trigger tokens finder by @missy-davies (merge request)
• Add archived in MilestoneInstanceProxy (merge request) GitLab Enterprise Edition
• Remove AiProxyHelper and SelfManagedi::ProxyRequest (merge request) GitLab Enterprise Edition
• Remove non-hashtag key fallback in manifest-import metadata (merge request)
• Remove PAT field for Code Suggestions (merge request) GitLab Enterprise Edition
• Add linked items widget to Ticket work item type (merge request)
• MonitorLockedTablesWorker to automatically lock tables (merge request)
• Add schema_version to notes (merge request) GitLab Enterprise Edition
• Add schema_version to snippets (merge request) GitLab Enterprise Edition
• Remove the product_analytics_snowplow_support feature flag (merge request)
• Move Project#pages_lookup_path to Pages::VirtualDomain (merge request)
• Add migration to backfill archived field for blobs (merge request) GitLab Enterprise Edition
• Request proofreader permission by @zhaoqi01 (merge request)
• Extract token selector input and create a shared component (merge request)
• Add schema_verison to milestones (merge request) GitLab Enterprise Edition
• Cleanup unused code related to old abuse reports list implementation (merge request)
• Sync Prometheus updates from integrations table to http integrations (merge request)
• Add current user todos widget to Epic work item type (merge request)
• Remove refactor_merge_service feature flag (merge request)
• Remove descendant_security_scans feature flag (merge request) GitLab Enterprise Edition
• Add schema_version to merge_requests (merge request) GitLab Enterprise Edition
• Rescue RecordNotUnique exception silently (merge request) GitLab Enterprise Edition
• Adds class for MlModel packages (merge request)
• Detecting duplicate btree indexes (merge request)
• Switch go go-redis client (merge request)
• Fill null values of user_preferences table with their default values (merge request)
• Fill null values of users table with their default values (merge request)
• Convert merge_request_user_mentions.note_id to bigint for self-managed (merge request)
• Test(Subscription): activating second license (merge request) GitLab Enterprise Edition
• Correcting typos of "existence" (merge request)
• Revert "Add project_runners_vue_ui feature flag" (merge request)
• Tweaked run e2e test message to avoid confusion for non team members by @zillemarco (merge request)
• Convert issue_user_mentions.note_id to bigint for self-managed (merge request)
• Ensure id uniquness across p_ci_builds partitions (merge request)
• Refactor CI External::Rules class to use Entry class (merge request)
• Clean up environment_details_vue feature flag (merge request)
• Convert system_note_metadata.note_id to bigint for self-managed (merge request)
• Remove self_managed_code_suggestions_completion_api FF (merge request)
• Remove code_suggestions_tokens_from_customers_dot FF (merge request)
• Remove completed partition_id migrations (merge request)
• Convert design_user_mentions.note_id to bigint for self-managed (merge request)
• Migrate etag cache store from SharedState to Cache (merge request)

16.3.6 (2023-10-30)

Security (9 changes)

• Fix infinite loop when finding component project (merge request)
• Update gitlab-chronic-duration to 0.12 (merge request)
• Guard gitlab_version_check helper (merge request)
• Add the environment action to the CI JWT token fields (merge request)
• Remove FIFO files from tarball extract (merge request)
• Backport add abuse detection for pipes (merge request)
• Prevent unprivileged user assignment in templated projects (merge request)
• Fixes Service Desk email template issue description privileges (merge request)
• Update mermaid version for DOS fixes (merge request)

16.3.5 (2023-09-28)

Security (16 changes)

• Mark any CI builds that are not complete as canceled when imported (merge request)
• Destroy group service accounts when removing group (merge request)
• Fix SSO Enforcement for shared groups and projects (merge request)
• Prevents Ci::Build data from being rendered (merge request)
• Update dependency auto-deploy-image to v2.55.0 (merge request)
• Allow only one membership for security policy bots (merge request)
• Reset all approvals when target branch changes (merge request)
• Default to using the asset proxy (merge request)
• Restrict Project Fork Linking to Owners and Admins (merge request)
• Prevent math hijacking page elements (merge request)
• Delete of member branch protection rules cascadingly (merge request)
• Prevent collaboration across forks when author cannot push (merge request)
• Allow Maintainer+ to list Sentry projects (merge request)
• Fix leaking source code of restricted project through a fork (merge request)
• Prevent leaking CI variables via fork MRs (merge request)
• Pipelines will have no access to protected vars and may fail with tags (merge request)

16.3.4 (2023-09-18)

Fixed (2 changes)

• Fix Geo secondary proxying Git pulls unnecessarily GitLab Enterprise Edition
• Use new indexer, fix removing blobs from index GitLab Enterprise Edition

Security (1 change)

• Enforce that the policy is executed by the bot user (merge request)

16.3.3 (2023-09-12)

Fixed (2 changes)

• Prevent pipeline creation while import is running (merge request)
• Create iid sequence for ci_pipelines with new projects (merge request)

16.3.2 (2023-09-05)

Fixed (2 changes)

• Drop bridge jobs on unknown failures (merge request)
• Fix Code Suggestions in Web IDE on GitLab 16.3 (merge request)

16.3.1 (2023-08-31)

Fixed (1 change)

• Geo: Resync direct upload object stored artifacts GitLab Enterprise Edition

Security (11 changes)

• Add authorization checks to import status endpoint (merge request)
• Update commonmarker to 0.23.10 (merge request)
• Remove DAST secret variables when URL is updated (merge request)
• Maintainer can leak sentry token by changing the configured URL (merge request)
• Service account users are external by default (merge request)
• Additional permission check when editing label (merge request)
• Fix ReDOS in bulk_imports endpoint params (merge request)
• Prevent namespace level banned users from accessing API (merge request)
• Check prohibit_outer_forks in fork relationship api (merge request)
• Prevent traversal for path parameter in refs/switch endpoint (merge request)
• Gitaly keyset pager when pagination none only with tree view (merge request)

16.3.0 (2023-08-21)

Added (169 changes)

• Add metrics for Dependency Management actions (merge request) GitLab Enterprise Edition
• Adding new application setting called ci_max_total_yaml_size_bytes (merge request)
• Add default_branch_protection_defaults in groups apis (merge request)
• Add documentation for multi pipeline scan result policy feature (merge request) GitLab Enterprise Edition
• Adds CatalogResourceComponents table (merge request)
• Add popover for Flux sync status badge (merge request)
• Adds to_redacted_sql support for ClickHouse QueryBuilder (merge request)
• Remove ci_namespace_catalog_experimental (merge request)
• New default branch protection json field (merge request)
• Allow to select flux resource for environment (merge request)
• Adding WAL rate db health indicator (merge request)
• Support themes in "super sidebar" navigation redesign (merge request)
• Introduce rake task for bumping sequences of cells (merge request)
• Add vulnerability attributes to policy drawer (merge request) GitLab Enterprise Edition
• Add pipelineTriggersDelete GraphQL mutation by @missy-davies (merge request)
• Add GraphQL mutation to link work items (merge request)
• Implement CVS UI in Vulnerability dashboard page (merge request)
• Update pm affected_package ingestion with new attribute (merge request) GitLab Enterprise Edition
• Add frequently visited items to search modal (merge request)
• Error handling to label deletion controllers (merge request)
• Show alert for more than 10 agents (merge request)
• Publish Authorizations Changed Event (merge request)
• Add spam checking for issue CSV uploads (merge request)
• NuGet v2 $metadata endpoint (merge request)
• Add support for GetObjectPool RPC (merge request)
• Add pipelineTriggersUpdate GraphQL mutation by @missy-davies (merge request)
• Add advisory ingestion event (merge request)
• Add Groups::SshCertificate model to store group's CAs (merge request)
• Removes ci_needs_parallel_matrix feature flag (merge request)
• Add has_remediations column to vulnerability_reads (merge request)
• Added [data-event-tracking-load=true] tracking attribute (merge request)
• Save pages_deployments path_prefix and build.ref (merge request)
• Default enable custom_roles_on_groups FF (merge request) GitLab Enterprise Edition
• ClickHouse data collector for contribution analytics (merge request) GitLab Enterprise Edition
• Add flux_resource_path to the environments table (merge request)
• Add attributes filter to scan result policies (merge request) GitLab Enterprise Edition
• Show message acknowledging deployment approval (merge request) GitLab Enterprise Edition
• Add block counts to linked work items widget (merge request)
• Adding migrations for gcp config name backfilling and setting not null (merge request)
• Adding active column to custom http audit event destination headers (merge request)
• Trigger for has_merge_request on vulnerability_issue_links (merge request)
• Remove pat_reuse_detection feature flag (merge request)
• Add REPOSITORIES_SERVER_SIDE env to enable gitaly server-side backups (merge request)
• Add foreign key constraint to ci_pipeline_variables (merge request)
• Create indexes necessary for uuid column type change (merge request)
• Send X-Gitlab-Realm header to AI gateway (merge request) GitLab Enterprise Edition
• Add CRM contacts to the issue webhook by @TickettEnterprises (merge request)
• Add source_project_id to commit template by @bovi (merge request)
• Release sec policy bot users for groups (merge request) GitLab Enterprise Edition
• Add status poller to import groups history page (merge request)
• Release sec policy vulnerability attributes filter (merge request) GitLab Enterprise Edition
• Add usage tracking of security policies actions (merge request) GitLab Enterprise Edition
• Add pipelineTriggersCreate GraphQL mutation by @missy-davies (merge request)
• Feat: Add print to PDF for wiki by @fenyuluoshang (merge request)
• Add GraphQL endpoints to fetch abuse report and abuse report labels (merge request)
• Enhance ci-cd pipeline settings by @dbvech (merge request)
• Add sentry_clientside_traces_sample_rate app setting (merge request)
• Run compliance standards checks when new projects are created (merge request) GitLab Enterprise Edition
• Add at least two approvals check to Gitlab standard (merge request) GitLab Enterprise Edition
• Release sec policy bot users for projects (merge request) GitLab Enterprise Edition
• Add annotations job artifact type by @KyleFromKitware (merge request)
• Add confidentiality to work item bulk edit (merge request)
• Add ability to query linked work items (merge request)
• Adds a health checker for elastic cluster (merge request) GitLab Enterprise Edition
• Update progress update mutation (merge request) GitLab Enterprise Edition
• Remove feat flags: delete unconfirmed user feature (merge request) GitLab Enterprise Edition
• Add support for feature flags on DSL field (merge request)
• Query builder for clickhouse (merge request)
• Added UI to set time estimate on issues and merge requests by @zillemarco (merge request)
• Add lock_on_merge column to labels table (fixed) (merge request)
• Add "auditors" parameter to users API by @joe-snyder (merge request) GitLab Enterprise Edition
• Session variable to store provider two factor bypass (merge request)
• Removed ai_chat_emit_user_messages flag (merge request) GitLab Enterprise Edition
• Allow filtering by dismissal reason on vulnerability report (merge request) GitLab Enterprise Edition
• Exclude archived projects from commit search by @sd5869 (merge request) GitLab Enterprise Edition
• Removes ci_include_components ff (merge request)
• Add get all pipelineTriggers GraphQl endpoint by @missy-davies (merge request)
• Add copy reference keyboard shortcut (merge request)
• Add sync status badge to the environment (merge request)
• Send hashed instance and user IDs to AI gateway (merge request) GitLab Enterprise Edition
• Add lock_on_merge column to labels table (merge request)
• Add component_name and input_file_path columns to sbom_occurrences (merge request)
• Default enable linear self and hierarchy scopes (merge request)
• Add Places group to default search view (merge request)
• Add max decompression archive size to AS (merge request)
• Offer email reset when verifying email (merge request)
• Add temporary index for pipeline_artifacts_size (merge request)
• Added name field to gcp conf for external audit event destinations (merge request)
• Add group users autocomplete to GrahQL API (merge request)
• Create list for standards adherence report (merge request) GitLab Enterprise Edition
• Add prevent approval by committer check to Gitlab standard (merge request) GitLab Enterprise Edition
• Add has_merge_request column to vulnerability_reads (merge request)
• Add new DirectTransfer/Import max file size app settings (merge request)
• Added audit events for update destroy headers (merge request) GitLab Enterprise Edition
• Refactored audit event for group creation (merge request) GitLab Enterprise Edition
• Hide the notes from the archived project in the search results (merge request)
• Add a setting for allowing/disallowing duplicate NuGet package upload (merge request)
• Add basic support for issue filter by date (merge request)
• Add work item state to header (merge request)
• Add ability to store linked work items (merge request)
• Show an alert if there are pending obsolete elastic migrations (merge request) GitLab Enterprise Edition
• Allow filtering Vulnerabilties by dismissal reason (merge request)
• Add versions attribute to affected packages (merge request)
• Add firewall rules to workspaces (merge request)
• Add name and description fields to member_roles (merge request)
• Add namespace to sbom components (merge request)
• Enable standalone_finding_modal by default (merge request) GitLab Enterprise Edition
• Add mutation for subscribing to a work item (merge request)
• Add updated_at timestamp to PlanLimits (merge request)
• Add vulnerability age to policy drawer (merge request) GitLab Enterprise Edition
• Add an application setting to enable public package registries (merge request)
• Enforce approval rules based on attributes (merge request) GitLab Enterprise Edition
• Support functions in Ci config interpolation (merge request)
• Backfill all epics into Elasticsearch (merge request) GitLab Enterprise Edition
• Add boolean and number CI inputs (merge request)
• Add mutation userAddOnAssignmentRemove (merge request) GitLab Enterprise Edition
• Filter groups by repository storage (merge request)
• Index vulnerability_reads on project_id and vulnerability_id (merge request)
• This MR adds branches dropdown (merge request) GitLab Enterprise Edition
• Support search field option for iterations REST API (merge request) GitLab Enterprise Edition
• Validate URL on Vulnerabilities::Identifier model (merge request) GitLab Enterprise Edition
• Add basic auth to Zoekt client (merge request) GitLab Enterprise Edition
• Enable elevated_guests by default (merge request) GitLab Enterprise Edition
• Add new metric for advanced search limited indexing setting (merge request) GitLab Enterprise Edition
• Forward User-Agent header to model gateway (merge request) GitLab Enterprise Edition
• Allow to set different webhooks on events in Discord Integration by @Taucher2003 (merge request)
• Add member expiring email notification by @zhanglinjie (merge request)
• Add form error messages to vulnerability report bulk updates (merge request) GitLab Enterprise Edition
• Add MR reviewers to BitBucketServer import (merge request)
• Add tracking for neovim plugin (merge request)
• Remove notify_kas_on_git_push feature flag (merge request)
• Add age filter for scan result policies (merge request) GitLab Enterprise Edition
• Adds patch_id to merge_request_diffs (merge request)
• Add mutation userAddOnAssignmentCreate (merge request) GitLab Enterprise Edition
• Add tmp index for orphaned approval rules (merge request)
• Add project_visibility JWT claim (merge request)
• Add link to forecast feedback issue at top of Deployment Frequency page (merge request)
• GQL code owners Validation for every file named CODEOWNERS (merge request) GitLab Enterprise Edition
• Aggregate open abuse reports by reported-user and abuse category (merge request)
• Creates Ml::ModelVersion on package creation (merge request)
• Add and endpoint to receive Telesign transaction callbacks (merge request) GitLab Enterprise Edition
• Finalize conversion for FKs targeting p_ci_builds - 3 self-managed (merge request)
• Adds services to create Ml::* entities (merge request)
• Add option to disable rollback on outdated deployments (merge request)
• Add FileTree toggle hotkey (merge request)
• Adding position parameter to Draft Notes API (merge request)
• Update resolved status of notes in real time (merge request)
• Update projects to not use emails_disabled by @joe-snyder (merge request) GitLab Enterprise Edition
• Remove pipeline_name_in_api feature flag (merge request)
• Feat: edit user profile vue avatar (merge request)
• Backfill dismissal_reason column for vulnerability_reads table (merge request)
• Add status_message to packages table (merge request)
• Create catalog_resource_versions table (merge request)
• Add Azure Key Vault support for CI/CD (merge request)
• Add archived col in commits index by @sd5869 (merge request) GitLab Enterprise Edition
• Add service index and publish endpoints for NuGet v2 (merge request)
• Add archived col in main index for blobs by @sd5869 (merge request) GitLab Enterprise Edition
• Added "DORA performers score" panel to Value Streams Dashboard (merge request) GitLab Enterprise Edition
• Add tracking for visual studio extension (merge request)
• Add achievement and user achievement GraphQL count (merge request)
• Add syntax highlighting for Svelte files in Blob view by @rudedog9d (merge request)
• Add package_manager column to sbom_occurrences table (merge request)
• Removes namespace_limits_admin_dashboard FF (merge request) GitLab Enterprise Edition
• Adds a script to generate elastic migration files (merge request)
• Adds a script to generate elastic migration files (merge request)
• Expose deploy key in push access level graphql type (merge request)
• Cleanup ci_group_env_scope_graphql feature flag (merge request)
• Add the sync index creation (merge request)
• Remove track_work_items_activity feature flag (merge request)

Fixed (180 changes)

• Update visibility level when levels are restricted (merge request)
• gitaly: Update server version to include memory leak fix (merge request)
• Fix focus on vulnerability details comment (merge request) GitLab Enterprise Edition
• Fix CI catalog loading state (merge request) GitLab Enterprise Edition
• Redirect API requests to moved projects (merge request)
• Only check valid changes during diff checks (merge request)
• Compare page same branch fix (merge request)
• Remove autosaved drafts when the note entry form is cancelled (merge request)
• Disable max allowed looks check for Geo counters (merge request) GitLab Enterprise Edition
• Fix deploy freeze table alignment (merge request)
• Fix missing SBOM component link (merge request) GitLab Enterprise Edition
• Escape special characters while searching for an SBOM occurrence (merge request) GitLab Enterprise Edition
• Fix blockedByCount GraphQL field (merge request)
• Fix error reporting when user is not authorized (merge request)
• Improving membersQuery for indirect and group relationships (merge request)
• Add support for bot users in Dependency Proxy authentication (merge request)
• Use the denormalized attributes to query SBOM occurrences (merge request)
• Show inherited group members when flag is number (merge request) GitLab Enterprise Edition
• Namepace email address label (merge request)
• Link license report to the correct pipeline by @AaronDewes (merge request) GitLab Enterprise Edition
• What's New entries show 21st rather than 22nd (merge request)
• Fix tab background color on MR tabs when Sourcegraph enabled (merge request)
• SAML Group Sync with multiple providers (merge request) GitLab Enterprise Edition
• Fix MR analytics label search for large groups (merge request) GitLab Enterprise Edition
• Fix missing vue injection with group issue list (merge request)
• Add updated hook to packages shared title area component (merge request)
• Cancel old requests in group select to avoid old data by @fenyuluoshang (merge request)
• Revert "Return LFS URL in blob.external_storage_url if lfs_blob?" (merge request)
• Update requirements drawer (merge request)
• Only expose valid custom notification settings (merge request) GitLab Enterprise Edition
• Fix hash highlighting for .json files (merge request)
• Repair admin tag runner sorting with relative url mounts by @markus.ferrell (merge request)
• Ignore tag pipeline for scan result policy comparison (merge request) GitLab Enterprise Edition
• Making the LFK DeletedRecords fetching query faster (merge request)
• Render GFM content in vulnerability description (merge request) GitLab Enterprise Edition
• Do not emit user messages by default (merge request) GitLab Enterprise Edition
• Include descendant shares in user autocomplete (merge request)
• Fix Emoji button svg alignment (merge request)
• Fix the epics endpoint used by the filtered search bar (merge request) GitLab Enterprise Edition
• Enable Google Syndication CSP on registration flow (merge request)
• Fix limit view of Direct transfer max file size (merge request)
• Fix queue Elasticsearch indexing when branch changes for repo (merge request) GitLab Enterprise Edition
• Remove trial button from free biling page if trialed before (merge request) GitLab Enterprise Edition
• Fix deleting job artifact objects (merge request)
• Fix(Subscription): fix activation form (merge request) GitLab Enterprise Edition
• Allow using Service Accounts for HTTP Basic Authentication for Git (merge request) GitLab Enterprise Edition
• Include subgroup and project users in autocomplete (merge request)
• Respect relative root for MLflow package URLs (merge request)
• Group/Project name overflow fix (merge request)
• Fix searches for Upgrade Status to act on runner manager versions (merge request)
• Fix target projects path (merge request)
• Markdown Editor: Fix height change (merge request)
• Fix issues finder when filtering by project (merge request)
• Fix lock_on_merge migration (merge request)
• Change in_reply_to_discussion_id parameter to string (merge request)
• Remove orphaned approval project rules after transfer (merge request)
• Revert "Remove log_response_length feature flag" (merge request)
• Fix deleting job artifact objects (merge request)
• Fix flaky test on CI (merge request)
• GraphQL: Fix N+1 query for CiRunner.managers field (merge request)
• Fix branch_exceptions for branch_type: protected (merge request) GitLab Enterprise Edition
• Fix group templates tab load (merge request) GitLab Enterprise Edition
• Fix max number of slices (merge request) GitLab Enterprise Edition
• User preferences: Fix AI settings sections (merge request)
• Fix allow_descendants_override_disabled_shared_runners in database (merge request)
• Put back broadcast messages to sign-in page for self-hosted (merge request)
• Fix N+1 query in MR pipelines. Also fix N+1 testing documentation (merge request)
• Change labels for token access settings (merge request)
• Add a migration to reindex on the basis of schema_version (merge request) GitLab Enterprise Edition
• Update the namespace_id of vulnerability_reads when project moves (merge request) GitLab Enterprise Edition
• MR Pipeline widget: Fix view app dropdown behind other elements (merge request)
• Require term param for search/autocomplete (merge request)
• Allow Starter customers to use ApprovalRules API (merge request) GitLab Enterprise Edition
• Always allow re-dismissing a vulnerability (merge request) GitLab Enterprise Edition
• Make artifacts dropdown refetch list on show at 'Pipelines' by @av3f (merge request)
• Support nuget version normalization (merge request)
• Change email validation regex to use Devise email regex (merge request)
• Downcase email before using it to generate confirmation token (merge request) GitLab Enterprise Edition
• stylesheets: Re-increase font-size of gl-emoji (merge request)
• Fix Container Scanning invalid pkg manager types (merge request) GitLab Enterprise Edition
• Promote ffaker gem to production (merge request)
• Fix scheduled scan execution policies is applied to incorrect branches (merge request) GitLab Enterprise Edition
• Remove hierarchy validation for promote_to quick action (merge request)
• Include CodeQuality MR Widget in CE (merge request)
• Fix checkbox to url mapping (merge request)
• Fix CI_PAGES_URL when pages unique domain enabled (merge request)
• Add LFS warning popup for deleting files (merge request)
• Fix variable name for secret detection options (merge request) GitLab Enterprise Edition
• Fix truncate_legacy_tables for detached partitions (merge request)
• Align test coverage tooltip on center of indicator by @glauciellesa (merge request)
• Don't proxy batch request for LFS (merge request) GitLab Enterprise Edition
• Remove the feature gate on the VSD config setting (merge request) GitLab Enterprise Edition
• Fix global search modal input Home/End behaviour (merge request)
• Fix bug in #git_diff_prefix regex (merge request)
• Fix settings for newly created incides (merge request) GitLab Enterprise Edition
• Fix tooltips in workspaces actions (merge request) GitLab Enterprise Edition
• Maintain work_items when projects gets archived/unarchived (merge request) GitLab Enterprise Edition
• Fixes the OpenAPI blob viewer (merge request)
• Fix merge train merge failed when check_mergeability obtain lock error by @zhanglinjie (merge request) GitLab Enterprise Edition
• Fixes flex property of package tags in smaller screen sizes (merge request)
• Fix artifacts object storage geo replication (merge request)
• Allow capturing uniqueness error (merge request) GitLab Enterprise Edition
• Align trial illustration when on fluid layout (merge request)
• Fix Query.vulnerabilitiesCountByDay always returning nil data (merge request) GitLab Enterprise Edition
• Return description field in nuget package catalog entry (merge request)
• Use _path helpers instead of _url helpers (merge request)
• Reduce the number of components created in each transaction (merge request) GitLab Enterprise Edition
• Fix UX issues with the label (merge request)
• Check :code_suggestions licensed feature for SM (merge request) GitLab Enterprise Edition
• Update Ruby system version check for 3.0 (merge request)
• Add includeSourceCode to ExplainVulnerability cache key (merge request) GitLab Enterprise Edition
• Show Code Suggestions settings only on licensed EE (merge request) GitLab Enterprise Edition
• Remove duplicate relative url in package registry by @bymayanksingh (merge request)
• Fix restrict_user_defined_variables restriction on pipeline schedules (merge request)
• Fix group path update validations (merge request)
• Allow frontend to access LFS file storage URL (merge request)
• Allow cube proxy to handle 'continue wait' requrests (merge request)
• Fix push rules validation on initial push (merge request)
• Surfaces error in interpolation inputs when header does not exist (merge request)
• Emoji Picker: Add hover state to tabs (merge request)
• Correctly delete todos when group is made private (merge request)
• fix: Drop unnecessary unique index on vulnerability_signatures (merge request)
• Avoid 6 hours of stale Geo status (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Fix UX issues with the label (merge request)
• Allowing external guest account to pull docker images from the registry (merge request)
• Remove slicing and reduce batch size in migration (merge request) GitLab Enterprise Edition
• Hide protected pipeline job retry/cancel btns (merge request)
• Remove include:rules from the Security/BAS template (merge request)
• Add non negative validation to time estimate quick action by @missy-davies (merge request)
• Exclude projects pending deletion from group visibility level validation (merge request)
• Allow guest users to subscribe work items (merge request) GitLab Enterprise Edition
• Fix impersonation button availability in admin area by @Taucher2003 (merge request)
• Fix wrapping buttons on commits page by @glauciellesa (merge request)
• Do not store chat messages by default (merge request) GitLab Enterprise Edition
• Render textual LFS files in UI (merge request)
• Add non negative validation to time estimate rest api endpoint by @missy-davies (merge request)
• Show correct push instructions for a forked MR (merge request)
• Add space between project housekeeping buttons (merge request)
• Allow report_source to be nil when delegating packager (merge request) GitLab Enterprise Edition
• Prevent triggering explain code on file names (merge request)
• Add negative validation to estimate mutations by @missy-davies (merge request)
• Disable IAT verification by default (merge request)
• Fix issues caused by ambiguous refs (merge request)
• Only allow group owners to query environment scopes (merge request)
• Fix set/edit status button on old navigation (merge request)
• Fix the N+1 query issue for Vulnerability#hasRemediations field (merge request) GitLab Enterprise Edition
• Fix auto-scrolling to hash on Markdown files (merge request)
• Ignore approval rules from policies when importing/exporting project (merge request) GitLab Enterprise Edition
• Fix crash when LDAP CA file set outside tls_options (merge request)
• Fixes container registry image list sorting UI inconsistency (merge request)
• Use root_ref to get last commit for index integrity (merge request) GitLab Enterprise Edition
• Fix "pending deletion" badge (merge request)
• Apply user timezone to date headers in commits list (merge request)
• Add spacing between approval checkbox and textarea (merge request)
• Update GitHub Importer Client Pool to include main token (merge request)
• Display labels description and scoped labels for epics on roadmap (merge request) GitLab Enterprise Edition
• Fix deployments waiting for user actions are marked as "created" (merge request)
• Fix converting issue to incident (merge request)
• Tooltip for long labels on Labels list by @endera_ (merge request)
• Backfill missing vulnerability dismissal information (merge request)
• Fix wrong default licenses saved in package_metadata ingestion (merge request)
• Fix repository push error message (merge request) GitLab Enterprise Edition
• Show archived projects from subgroups (merge request)
• Sync approval rules for group policies when transferring a project (merge request) GitLab Enterprise Edition
• Remove work item input backgrounds in dark mode (merge request)
• Fix system note permissions check (merge request)
• Fix index creation to detect if index exists (merge request)
• Fix canApprove GraphQL field returning null (merge request)
• Fix list style types in rich text and preview (merge request)
• Autofocus the editors when switching between them (merge request)
• Improve query in Projects::ParticipantsService (merge request)
• Fix completion of pending direct upload (merge request)
• Clear GroupIndexStatus in clear_index_status rake task (merge request) GitLab Enterprise Edition
• Allow pasting a markdown block (merge request)
• Autofocus the editor when commenting on a diff (merge request)
• Fixes container registry tags list sorting UI inconsistency (merge request)
• Ensure components are ingested in a consistent order (merge request) GitLab Enterprise Edition
• Fix label on token name field by @Taucher2003 (merge request)
• Fix shadows and scrims in dark mode (merge request)

Changed (265 changes)

• Sort admin runners by runner machine upgrade status by @markus.ferrell (merge request)
• Add search attribute to zoekt indexed namespaces (merge request)
• Do not include min_access_level for admins (merge request)
• Use skeleton loader while waiting for discussion summary (merge request) GitLab Enterprise Edition
• Send review request email to new reviewers (merge request)
• Renamed explain vuln experiment to beta (merge request) GitLab Enterprise Edition
• Remove protected ref check from integrations google play v2 by @StevenMetz (merge request)
• Use secondary text color for project settings subheaders (merge request)
• Add error field when visualization file missing (merge request) GitLab Enterprise Edition
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• Trigger Microsoft Azure Group Sync for self-managed SAML sign-in (merge request) GitLab Enterprise Edition
• Add max width to user settings inputs (merge request)
• Updated the Cargo.toml linker to support inline tables by @Ian678 (merge request)
• Prepare add-on purchase services to work without a namespace (merge request) GitLab Enterprise Edition
• Remove FF add_docker_distribution_manifest_list_v2_type_to_accept_header (merge request)
• Use gitaly exception message (merge request)
• Offer phone verification exemption for medium risk users (merge request) GitLab Enterprise Edition
• Add streaming to Anthropic client (merge request) GitLab Enterprise Edition
• Update incident header layout (merge request)
• Remove recent_objects_for_project_statistics FF (merge request)
• Admin settings: Update description style (merge request)
• Display all potential approval groups in policy drawer (merge request) GitLab Enterprise Edition
• Deploy keys settings: Use GlCard (merge request)
• Group Advanced settings: Use GlCard (merge request)
• Move deploy tokens into card (merge request)
• Add user info to jwt in container registry auth (merge request)
• Disable rule mode for invalid vulnerability_attributes (merge request) GitLab Enterprise Edition
• Enable the compressed_package_metadata_query feature flag by default (merge request) GitLab Enterprise Edition
• Splits monthly and per-project data loading (merge request) GitLab Enterprise Edition
• Use text secondary style for group settings subheaders (merge request)
• Alerts settings: Use GlCard (merge request)
• Improve shared runners toggle for projects (merge request)
• Migrate metrics widget to V2 (merge request) GitLab Enterprise Edition
• Compare results for scan_finding approval rules from multiple pipelines (merge request) GitLab Enterprise Edition
• Update deploy keys and tokens docs (merge request)
• Add border between milestone and iteration (merge request)
• Cleanup new GlCard implementations (merge request)
• Admin Area: Appearance settings change to use one column (merge request)
• Group compliance framework settings: Use GlCard (merge request)
• Move group container registry from operations to deploy (merge request)
• Refactor sastReportsInInlineDiff handling (merge request) GitLab Enterprise Edition
• Enable v2 package metadata license sync (merge request) GitLab Enterprise Edition
• Advanced project settings: Use GlCard (merge request)
• Update broadcast message target roles UI (merge request)
• Ensure_onboarding experiment: Successful cleanup (merge request) GitLab Enterprise Edition
• Billing settings: use GlCard (merge request) GitLab Enterprise Edition
• Group CI/CD settings: remove container limited class (merge request)
• Sort referenced issues numerically (merge request)
• Set max width on user preference inputs (merge request)
• Enable the content block retry to be enabled contextually (merge request) GitLab Enterprise Edition
• Add copy reference shortcut docs (merge request)
• Migrate health status dropdown to listbox by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Add audit event for changed product description (merge request) GitLab Enterprise Edition
• Add spec for parsing inputs as boolean (merge request) GitLab Enterprise Edition
• Finish moving BroadcastMessage under System module (merge request)
• Fix the typo in migration by no-oping migration & adding new one (merge request)
• CI/CD Pipeline subscriptions settings: Use GlCard (merge request)
• Change the error message when trying to make issue confidential (merge request)
• Feat: implement report abuse in user profile (merge request)
• Improves BetaBadge appearance (merge request)
• Include all standards adherence checks in spec (merge request) GitLab Enterprise Edition
• Protected branches: Use GlCard (merge request)
• Change chat background color and chat bubble color (merge request) GitLab Enterprise Edition
• Allow group_approvers to reference inaccessible groups (merge request) GitLab Enterprise Edition
• Parse span from gitaly result (merge request)
• Improve tooltips in top row of sidebar (merge request)
• Remove admin check when creating/updating subscription add-on purchases (merge request) GitLab Enterprise Edition
• Add Gitaly info to info rake task (merge request)
• Remove disable following user feature flag (merge request)
• Merge request approvals settings: Use GlCard (merge request)
• Status checks settings: Use GlCard (merge request) GitLab Enterprise Edition
• CI/CD Pipeline triggers settings: Use GlCard (merge request)
• Convert columns in user_details to loose FK (merge request)
• This MR migrates legacy dropdown (merge request) GitLab Enterprise Edition
• CI/CD Proteted environments project settings: Use GlCard (merge request) GitLab Enterprise Edition
• Adds page URL params for container image tags list pagination (merge request)
• This MR adds ability to add branch exceptions (merge request) GitLab Enterprise Edition
• Retry to drop events temporary conversion table (merge request)
• Update temporary snippet comment button to pajamas (merge request)
• Migrates packages list row delete dropdown to disclosure (merge request)
• Update dependency auto-deploy-image to v2.53.0 (merge request)
• Move mirrored repositories to card (merge request)
• Update the rest of the card settings docs (merge request)
• Implement Trial-end widget and popover (merge request) GitLab Enterprise Edition
• Initialize the bigint conversion for ci_sources_pipelines (merge request)
• Add link to zoekt feedback issue in user preferences page (merge request) GitLab Enterprise Edition
• Update issue and epic header layout to match MRs (merge request)
• Add presubmissionCheckPassed to ExplainVulnerabilityPromptType (merge request) GitLab Enterprise Edition
• Allows dots in Gitaly Storage names (merge request)
• Security approvals settings: Use GlCard (merge request)
• Fix vue3 migrations in alerts_settings_wrapper_spec.js (merge request)
• Migrates container registry details header dropdown to disclosure (merge request)
• Move confidentiality badge to work item detail header (merge request)
• Rename Last event ID processed by cursor message by @bymayanksingh (merge request) GitLab Enterprise Edition
• Modify Vulnerability for_projects scope (merge request) GitLab Enterprise Edition
• Improve shared runners toggle for groups (merge request)
• Update settings documentation (merge request)
• Migrate set_status_form.vue to GlCollapsibleListbox (merge request)
• Revise empty standards adherence table text (merge request) GitLab Enterprise Edition
• Update work item meta data with type and icon (merge request)
• CI/CD Token Access: Use GlCard (merge request)
• CI/CD Secure Files settings: Use GlCard (merge request)
• Clean up track_manual_deployments feature flag (merge request)
• Changed failed pipeline jobs card border to hover and text to hide by @zillemarco (merge request)
• Update dependency auto-build-image to v1.38.1 (merge request)
• Move protected tag settings into card (merge request)
• Convert epic dropdown to GlDisclosureDropdown (merge request)
• This MR adds ability to add branch exceptions (merge request) GitLab Enterprise Edition
• Add artifacts help text (merge request)
• Reword, move variable modal AWS/OIDC guidance (merge request)
• Add documentation for user settings cards (merge request)
• Remove group_saml_jit_errors feature flag (merge request) GitLab Enterprise Edition
• Improve interpolation for TimeHelper (merge request)
• This MR optimise request load for branch selector (merge request) GitLab Enterprise Edition
• Increase push rules regex limit to 511 characters (merge request) GitLab Enterprise Edition
• Add connection adapter logic for schema validations (merge request)
• Use Pajamas component for Gitea import button (merge request)
• Use deactivate service (merge request)
• Relax namespace_id presence checks in GitlabSubscriptions::AddOnPurchase (merge request)
• Reduce inotify watches when cache_classes is enabled (merge request)
• Add partial unique index on project_authorizations (merge request)
• Extends userAddOnAssignmentCreate response (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.52.0 (merge request)
• This MR adds ability to add branch exceptions (merge request) GitLab Enterprise Edition
• Move branch rules into card (merge request)
• Replace vscode-cdn.net with web-ide.gitlab-static.net (merge request)
• Add the ProjectAuthorization::Changes domain concept (merge request)
• Add project_authorizations.is_unique and schedule partial index (merge request)
• Move comment templates into card view (merge request)
• Add specs for links & location_text by @bymayanksingh (merge request) GitLab Enterprise Edition
• Access tokens: Use GlCard (merge request)
• Highlight job log line (merge request)
• Migrate new issue dropdown to listbox by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Settings badges: Use GlCard (merge request)
• Domain verification settings: Use GlCard (merge request)
• CI/CD Settings Variables: use GlCard (merge request)
• Removes reduce_aggregation_schedule_lease FF (merge request)
• Migrate OKR Actions Split Button to Disclosure by @ShaneMaglangit (merge request)
• Replace project import dropdown with listbox (merge request)
• Enable batched_api_mergeability_checks by default (merge request)
• Adds page params for container image list pagination (merge request)
• Set LLM log_level to info by default (merge request) GitLab Enterprise Edition
• Move unified rules alert to help text of approvers (merge request) GitLab Enterprise Edition
• Fix editor tracking (merge request)
• Re-add history button on project overview (merge request)
• Self-generate JWT for SaaS completions (merge request) GitLab Enterprise Edition
• Parse string to boolean (merge request) GitLab Enterprise Edition
• Filter using dismissal reason (merge request) GitLab Enterprise Edition
• Remove dismiss_multiple_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
• Use text-bison instead of codechat-bison for explain this vuln (merge request) GitLab Enterprise Edition
• Remove pages_deploy_upload_file_outside_transaction feature flag (merge request)
• Improve Value stream dashboard loading state (merge request) GitLab Enterprise Edition
• Update details on Namespace storage used card (merge request) GitLab Enterprise Edition
• Remove deleted repositories from Zoekt (merge request) GitLab Enterprise Edition
• Migrate start trial button to Pajamas component (merge request) GitLab Enterprise Edition
• Make PAT Code Suggestions field non-required for SM (merge request) GitLab Enterprise Edition
• Add branch_exceptions support to PolicyBranchesService (merge request)
• Migrate feature flag action dropdown to disclosure by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Reorganized components to scopes (merge request)
• Expose email for admins (merge request) GitLab Enterprise Edition
• Disable rule mode for invalid vulnerability_age (merge request) GitLab Enterprise Edition
• Add guard for when sbom_occurrences (merge request) GitLab Enterprise Edition
• Reorganized components to scopes (merge request)
• Validate vulnerability_age for required keys (merge request) GitLab Enterprise Edition
• Add new merge strategy in frontend as preferred (merge request) GitLab Enterprise Edition
• Migrate GlDropdown to GlDisclosureDropdown (merge request)
• Migrate page_size_selector to GlCollapsibleListbox (merge request)
• Allow new pagination parameters for tags (merge request)
• Update dependency auto-deploy-image to v2.51.1 (merge request)
• Fix scan policy enforcement (merge request) GitLab Enterprise Edition
• Call Internal Event API instead of RedisHLL for tracking on the FE (merge request) GitLab Enterprise Edition
• Uses ModelPresenter instead of ModelIndexPresenter (merge request)
• Add filters to instance streaming destination (merge request) GitLab Enterprise Edition
• MR sidebar label selection fixes (merge request)
• Access tokens: Use GlCard (merge request)
• Deploy keys: Use GlCard (merge request)
• Add codeowners validation block (merge request) GitLab Enterprise Edition
• Migrate blob template selector dropdown to vue by @ShaneMaglangit (merge request)
• Remove accent color as active color (merge request)
• Document tls_options in LDAP servers config (merge request)
• Fix rubocop issues in migrations (merge request)
• Replace alert with empty state component in Value Stream Analytics by @dannyelcf (merge request) GitLab Enterprise Edition
• Update gitlab-pages (merge request)
• Remove alternative ff (merge request)
• Update protected environments settings UI (merge request) GitLab Enterprise Edition
• Add name to streaming destinations (merge request) GitLab Enterprise Edition
• Separates out Container Registry on project Usage Quotas (merge request)
• Remove description from explain vulnerability prompt by @bymayanksingh (merge request) GitLab Enterprise Edition
• Remove group managed account sign up redirect and feature flag (merge request) GitLab Enterprise Edition
• New Merge request layout improvements (merge request)
• Requires Ml::ModelVersion to be valid SemVer (merge request)
• Set flag to default enabled (merge request) GitLab Enterprise Edition
• Migrate Instance OAuth applications to use GlCard (merge request)
• Broadcast messages: Use GlCard (merge request)
• Uses ModelVersion for ModelsController (merge request)
• Add verification_state & replication_state to registry_type by @bymayanksingh (merge request) GitLab Enterprise Edition
• Revises error message for archived mirrors (merge request)
• Use URL helpers for security policy project readme links (merge request) GitLab Enterprise Edition
• SSH Keys user settings: Use GlCard (merge request)
• Cleanup Edit user form (merge request)
• Note activity reply: Fix spacing (merge request)
• Rename compliance report page (merge request)
• MR pipeline widget: cleanup (merge request)
• Create sync index for pipeline_id_convert_to_bigint (merge request)
• Creates fake names for Ml::Candidate (merge request)
• Add frontend code for location finder (merge request) GitLab Enterprise Edition
• SSH Key detail page improvements (merge request)
• Mark RepositoryUpdateMirrorWorker to have external dependencies (merge request) GitLab Enterprise Edition
• Use Markdown Editor in Issuables (merge request)
• Update description text for dependency proxy settings (merge request)
• GPG Keys: Use GlCard (merge request)
• Migrate to GlDisclosureDropdown in work_items_links (merge request)
• Change two-column integration layout to one-column (merge request)
• Global search: increase spacing slightly for better readability (merge request)
• Improve wording on primary email notification change on GitLab.com by @bymayanksingh (merge request)
• Admin labels: use GlCard (merge request)
• Applications settings: use card (merge request)
• Document GitLab 16.2.0 upgrade issues with legacy LDAP configs (merge request)
• Update delete tag modal copy (merge request)
• Remove btn-sm-side-margin misc variable in favor of gitlab ui (merge request)
• Update group project settings (merge request)
• Cleaned up code_suggestions_alert and feature flag (merge request) GitLab Enterprise Edition
• Initialize the conversion for ci_pipeline_messages.pipeline_id (merge request)
• Initialize the conversion for ci_stages.pipeline_id (merge request)
• Move email addresses and form into card (merge request)
• Update in-app usage data reminder banner text (merge request) GitLab Enterprise Edition
• Enable reduced indexing timeout by default (merge request)
• Prepare async index for pipeline_id_convert_to_bigint (merge request)
• Add a visual toggle for archived projects (merge request)
• Initialize the conversion for ci_pipelines.auto_canceled_by_id (merge request)
• Update buttons to use Pajamas::ButtonComponent (merge request)
• Update settings sticky header/footer (merge request)
• Set search_index_integrity FF to default enabled (merge request) GitLab Enterprise Edition
• Move subgroup setting from select to radio buttons (merge request)
• Validate vulnerability_age for presence of previously existing states (merge request) GitLab Enterprise Edition
• Enable restrict_special_characters_in_namespace_path feature flag (merge request)
• Exclude archived projects from merge request search (merge request)
• Add branch_exceptions to security policy schema (merge request) GitLab Enterprise Edition
• Updates to create your group subscriptions page (merge request) GitLab Enterprise Edition
• Add Code Suggestions statistics card (merge request) GitLab Enterprise Edition
• Allow configurable docker socket path for CodeQuality (merge request)
• Integrations settings: use card (merge request)
• Reduce select width on blob and find file page (merge request)
• Re-organize BBM docs (merge request)
• Update ffi-yajl gem to v2.6.0 (merge request)
• Update failed jobs widget (merge request)
• Replace layout select setting with radio buttons (merge request)
• Backfill archived for work_items (merge request) GitLab Enterprise Edition
• Remove ignored column from ChatNames (merge request)
• Add location finder and endpoint (merge request) GitLab Enterprise Edition
• Migrate link_to buttons to Pajamas buttons in commits_helper.rb (merge request)
• Show which enforcement type is applied to a given namespace (merge request) GitLab Enterprise Edition
• Migrate Status Checks to V2 (merge request) GitLab Enterprise Edition
• Move BroadcastMessage model under System module (merge request) GitLab Enterprise Edition
• Clean up security_policies_branch_type feature flag (merge request)
• Persist scan result policy index to scan_result_policies.rule_idx column (merge request) GitLab Enterprise Edition
• Changes namespace limits UI to correct unit (merge request) GitLab Enterprise Edition
• Backfill Elastic migration dictionary records (merge request) GitLab Enterprise Edition
• Change build queuing metrics FF to ops type (merge request)
• Updates link_to with btn cmp by @afzal442 (merge request)
• Enable "search as tokens" in runner search (merge request)
• Correct padding for Admin setting GitLab for Jira App form (merge request)
• Update doorkeeper buttons to pajamas (merge request)
• Upgrade to gitlab-fog-azure-rm v1.8.0 (merge request)
• Initialize the conversion for ci_pipeline_chat_data.pipeline_id (merge request)

Deprecated (1 change)

• Deprecate hasSolutions in favor of hasRemediations (merge request) GitLab Enterprise Edition

Removed (19 changes)

• Remove free user cap email notification related code (merge request) GitLab Enterprise Edition
• Remove support for license scanning artifact (merge request) GitLab Enterprise Edition
• Remove license-finder analyzer (merge request)
• Remove Gitlab::I18n.with_locale usage by @KiranSatyaRaj (merge request)
• Remove License Scanning from AutoDevOps (merge request)
• Remove legacy wiki repository replication code (merge request) GitLab Enterprise Edition
• Remove mispelled namespace details column (merge request)
• Remove the utility class from scss file by @glauciellesa (merge request)
• Remove temp index on vulnerability_occurrences (merge request)
• Cleanup no_todo_for_approvers feature flag (merge request)
• Clean up initialize analytics worker (merge request)
• Remove generated CSP directive entries from Blob#show (merge request)
• Cleanup PK conversion for events table (merge request)
• Removing ci_active_pipelines from table plan_limits (merge request)
• Remove managed prometheus class (merge request)
• Fixes for the Documentation Bot Part (merge request) GitLab Enterprise Edition
• Remove temp index on vulnerability_occurrences (merge request)
• Remove panel preview service and builder controller (merge request)
• Remove restrict_merge_status_recheck feature flag (merge request)

Security (22 changes)

• Use component to hide sensitive analytics settings (merge request)
• Fix undefined method page error in list dependencies (merge request)
• Fix undefined method licenses for nil:NilClass bug (merge request)
• Add pagination for license scanning (merge request)
• Mitigate autolink filter ReDOS (merge request)
• Revert 'security-408388--protected-branch' (merge request)
• Fix bug where comments on files with incorrect sha breaks UI (merge request)
• Prevent leaking emails of newly created users (merge request)
• Sanitize multiple hardlinks from import archives (merge request)
• Mitigate project reference filter ReDOS (merge request)
• Relocate PlantUML config and disable SVG support (merge request)
• Added redirect to filtered params (merge request)
• Validates project path availability (merge request)
• Fix XSS vector in Web IDE (merge request)
• Prevent creation of tags matching protected branch names (merge request)
• Add a stricter regex for the Harbor search param (merge request)
• Prohibit 40 character hex plus a hyphen if branch name is path (merge request)
• Fix policy project assign (merge request)
• Fix pipeline schedule authorization for protected branch/tag (merge request)
• Update pipeline user to the last policy MR author (merge request)
• Test nr 3: fast security->canonical sync (merge request)
• Test fast security->canonical sync (merge request)

Performance (17 changes)

• Add index to external_status_checks table on id and project_id (merge request)
• Drop index_deployments_on_project_id_sha (merge request)
• Drop index_deployments_on_environment_id_and_iid_and_project_id (merge request)
• Revert "Merge branch '392448-npm-metadata-endpoints-high-cpu-duration' into 'master'" (merge request)
• Immediately render the Value Stream Dashboard data as it is loaded (merge request) GitLab Enterprise Edition
• Enable the advanced search reverse optimization (merge request) GitLab Enterprise Edition
• Fix N+1 in notes endpoints (merge request)
• Cache manifest.json view based on current_appearance (merge request)
• Remove duplicate loading of commits on network graph (merge request)
• Preload merge_request_diff_commits when diffStats is requested (merge request)
• Add index to projects on namespace_id and repository_size_limit (merge request)
• Synchronous creation: index_vuln_findings_on_uuid_including_vuln_id (merge request)
• Serve completions endpoint through Workhorse (merge request) GitLab Enterprise Edition
• Improve query for projects in rebalancing service (merge request)
• Minor performance tweak for LFS object downloads (merge request)
• Prevent N+1 when diffStats is queried via GraphQL (merge request)
• Drop index_deployments_on_project_id_and_status (merge request)

Other (90 changes)

• Convert commit_user_mentions.note_id to bigint for self-managed (merge request)
• Enable on_demand_scans_runner_tags by default (merge request) GitLab Enterprise Edition
• Remove feature flag ci_interpolation_inputs_refactor (merge request)
• Use new GraphQL autocomplete field for issue lists (merge request)
• Update documentation for SAML group sync with multiple providers (merge request) GitLab Enterprise Edition
• Adds EnumInheritance as option for STI (merge request)
• Remove ClusterCache module (merge request)
• Add Service Desk Ticket as a new Work Item type to DB (merge request)
• Update the protected paths doc by @zhaoqi01 (merge request)
• Add style to new_user_email notification by @KiranSatyaRaj (merge request)
• Revert "Merge branch 'slashmanov/vite-js-dev' into 'master'" (merge request)
• Add FF to stop emitting Sidekiq histogram metrics (merge request)
• Kubernetes_namespace_for_environment FF cleanup (merge request)
• Add feature_catgory metadata to some stage specs by @missy-davies (merge request)
• Switch CommitStatus table name to p_ci_builds (merge request)
• Refactor TrainingProviders: DRY up common logic to base class by @bymayanksingh (merge request) GitLab Enterprise Edition
• Drop initial prepared_at index, and create one with created_at (merge request)
• Adds indexes on service_desk_custom_email_verifications (merge request)
• Extract Work item contents and create a wrapper (merge request) GitLab Enterprise Edition
• Introducing CrossDatabaseIgnoredTables helper (merge request)
• Ensure id uniquness across p_ci_builds partitions (merge request)
• Allows additionalProperties for prom-alert-based-db-indicators-settings (merge request)
• Renames ApplicationSetting.database_apdex_settings to be more generic (merge request)
• Update Gitlab Shell version to 14.26.0 (merge request)
• Remove free_user_cap_new_namespaces feature flag (merge request) GitLab Enterprise Edition
• Patch Redis Cluster loaders to initialize with random nodes (merge request)
• Ensure id uniquness across partitions (merge request)
• Db health based throttling for PipelineSuccessUnlockArtifactsWorker (merge request)
• Default enable self_managed_code_suggestions_completion_api (merge request)
• Add search_scope in options (merge request) GitLab Enterprise Edition
• Remove telesign_callback feature flag (merge request) GitLab Enterprise Edition
• Backfill default protection branch defaults in application setting (merge request)
• Update Gitlab Shell version (merge request)
• Remove require_notes_last_fetched_at feature flag (merge request)
• Add a migration to backfill archived field in wikis index (merge request) GitLab Enterprise Edition
• Remove managing_group_id foreign key constraint (merge request)
• Add Epic work item type to the DB (merge request)
• Remove use_metric_definitions_for_events_list FF usage (merge request)
• Remove feature flag raise_error_for_missing_audit_event_yml (merge request)
• Clean up application settings Tofa config (merge request)
• Add logs when MR approvals are updated by scan result policy (merge request) GitLab Enterprise Edition
• Clean up FF for sidekiq SLIs (merge request)
• Add namespace_id to issue search data table (merge request)
• Remove default partition value from CI tables (merge request)
• Update the email notification doc (merge request)
• Add notes.namespace_id index and foreign key (merge request)
• Remove the wiki docs from the main index (merge request) GitLab Enterprise Edition
• Send archived to the indexer if the Project is archived (merge request) GitLab Enterprise Edition
• Drop issues.issue_type column (merge request)
• Backfill default_branch_protection_defaults for namespace settings (merge request)
• Update Gitlab Shell to 14.24.1 (merge request)
• Use the package_manager column in filtering and sorting (merge request)
• Remove highlight_js feature flag (merge request)
• Remove vsd_graphql_dora_and_flow_metrics feature flag (merge request) GitLab Enterprise Edition
• Add migration to backfill archived field in commits (merge request) GitLab Enterprise Edition
• Add tests for the methods in the Ci::VariablesHelper by @bymayanksingh (merge request)
• Updates docs with candidate nickname (merge request)
• Add migration to remove projects from main index (merge request) GitLab Enterprise Edition
• Remove free_user_cap_new_namespaces feature flag (merge request) GitLab Enterprise Edition
• Write a migration to backfill archived on notes (merge request) GitLab Enterprise Edition
• Add namespace_id to notes (merge request)
• Remove jira_deployment_issue_keys flag (merge request)
• Change ActiveRecord::RecordInvalid to return 500, not 422 for 2FA login (merge request)
• Move etag caching middleware after rack middleware (merge request)
• Bump rspec-mocks version to 3.12.6 (merge request)
• Sanitize slack-formatted links in chat messages (merge request)
• Revert changes from 414396-complete-ci-builds-partitioning (merge request)
• Set the archived value for the notes index (merge request) GitLab Enterprise Edition
• Remove cache_introspection_query feature flag (merge request)
• Add a migration to remove the wiki docs from the main index (merge request) GitLab Enterprise Edition
• Drop issues.issue_type related indexes (merge request)
• Add group_wikis indexing in the elastic:index task (merge request) GitLab Enterprise Edition
• Add archived to notes index (merge request) GitLab Enterprise Edition
• Improved fork button feature specs by @zillemarco (merge request)
• Enable descendant_security_scans by default (merge request)
• Bump GITLAB_ELASTICSEARCH_INDEXER_VERSION to set new routing for wikis (merge request) GitLab Enterprise Edition
• Revoke tokens only for access token rotate endpoints (merge request)
• Remove import_details_page feature flag (merge request)
• Add error handling to import project members modal (merge request) GitLab Enterprise Edition
• Add archived field in the wikis index (merge request) GitLab Enterprise Edition
• Code suggest endpoint for self-managed completions (merge request) GitLab Enterprise Edition
• Remove free_user_cap_new_namespaces feature flag (merge request) GitLab Enterprise Edition
• Remove members_with_shared_group_access feature flag (merge request)
• Allow overriding model gateway URL (merge request) GitLab Enterprise Edition
• Convert todos.note_id to bigint for self-managed (merge request)
• Swap events.target_id to bigint (merge request)
• Remove the summarize_diff quick action (merge request)
• Remove the FF ci_refactoring_pipeline_schedule_create_service (merge request)
• Fix test pollution in count_deployments_metric_spec (merge request)
• Update BulkImports::PipelineBatchWorker resource boundary (merge request)

16.2.8 (2023-09-28)

Security (16 changes)

• Mark any CI builds that are not complete as canceled when imported (merge request)
• Destroy group service accounts when removing group (merge request)
• Fix SSO Enforcement for shared groups and projects (merge request)
• Prevents Ci::Build data from being rendered (merge request)
• Update dependency auto-deploy-image to v2.55.0 (merge request)
• Allow only one membership for security policy bots (merge request)
• Reset all approvals when target branch changes (merge request)
• Default to using the asset proxy (merge request)
• Restrict Project Fork Linking to Owners and Admins (merge request)
• Prevent math hijacking page elements (merge request)
• Delete of member branch protection rules cascadingly (merge request)
• Prevent collaboration across forks when author cannot push (merge request)
• Allow Maintainer+ to list Sentry projects (merge request)
• Fix leaking source code of restricted project through a fork (merge request)
• Prevent leaking CI variables via fork MRs (merge request)
• Pipelines will have no access to protected vars and may fail with tags (merge request)

16.2.7 (2023-09-18)

Security (1 change)

• Enforce that the policy is executed by the bot user (merge request)

16.2.6 (2023-09-12)

Fixed (3 changes)

• Prevent pipeline creation while import is running (merge request)
• Create iid sequence for ci_pipelines with new projects (merge request)
• Drop bridge jobs on unknown failures (merge request)

16.2.5 (2023-08-31)

Fixed (1 change)

• Geo: Resync direct upload object stored artifacts GitLab Enterprise Edition

Security (13 changes)

• Add authorization checks to import status endpoint (merge request)
• Update commonmarker to 0.23.10 (merge request)
• Remove DAST secret variables when URL is updated (merge request)
• Maintainer can leak sentry token by changing the configured URL (merge request)
• Service account users are external by default (merge request)
• Additional permission check when editing label (merge request)
• Fix ReDOS in bulk_imports endpoint params (merge request)
• Prevent namespace level banned users from accessing API (merge request)
• Requires write_model_experiments on mlflow api (merge request)
• Check prohibit_outer_forks in fork relationship api (merge request)
• Remove GCP private key from streaming audit events UI (merge request)
• Prevent traversal for path parameter in refs/switch endpoint (merge request)
• Gitaly keyset pager when pagination none only with tree view (merge request)

16.2.4 (2023-08-11)

Fixed (2 changes)

• Replace vscode-cdn.net with web-ide.gitlab-static.net (merge request)
• Revert "Remove log_response_length feature flag" (merge request)

16.2.3 (2023-08-03)

No changes.

16.2.2 (2023-08-01)

Added (1 change)

• Add MR reviewers to BitBucketServer import to 16-2

Fixed (2 changes)

• Disable IAT verification by default
• Enable descendant_security_scans by default GitLab Enterprise Edition

Security (17 changes)

• Fix undefined method licenses for nil:NilClass bug (merge request)
• Fix undefined method page error in list dependencies (merge request)
• Add pagination for license scanning (merge request)
• Prevent leaking emails of newly created users (merge request)
• Added redirect to filtered params (merge request)
• Relocate PlantUML config and disable SVG support (merge request)
• Sanitize multiple hardlinks from import archives (merge request)
• Validates project path availability (merge request)
• Fix policy project assign (merge request)
• Fix bug where comments on files with incorrect sha breaks UI (merge request)
• Fix pipeline schedule authorization for protected branch/tag (merge request)
• Mitigate autolink filter ReDOS (merge request)
• Fix XSS vector in Web IDE (merge request)
• Mitigate project reference filter ReDOS (merge request)
• Add a stricter regex for the Harbor search param (merge request)
• Update pipeline user to the last policy MR author (merge request)
• Prohibit 40 character hex plus a hyphen if branch name is path (merge request)

16.2.1 (2023-07-25)

Fixed (1 change)

• Fix crash when LDAP CA file set outside tls_options (merge request)

16.2.0 (2023-07-21)

Added (176 changes)

• Add GraphQL API to get compliance standards adherence at group level (merge request) GitLab Enterprise Edition
• Add read_dependency column to member_roles table (merge request)
• Dashboards item under group analyze nav menu (merge request) GitLab Enterprise Edition
• Backfill vulnerability_occurrences.uuid_convert_string_to_uuid column (merge request)
• Add support for vulnerability age filtering (merge request) GitLab Enterprise Edition
• Use default template when creating issues via gql (merge request)
• Add background migration worker for Redis (merge request)
• Trigger Microsoft Group Sync on sign-in (merge request) GitLab Enterprise Edition
• Add a new faster git refs finder (merge request)
• Add SCIM as a provider to the Users API search (merge request) GitLab Enterprise Edition
• Add sync for advisories (merge request) GitLab Enterprise Edition
• Add developer documentation on required stops (merge request)
• Enforce approval rules based on attributes (merge request) GitLab Enterprise Edition
• Add namespace_storage_forks_cost_factor to application_settings table (merge request)
• Setting ml_experiment_tracking to default enabled (merge request)
• Add AddOnPurchaseType GraphQL (merge request) GitLab Enterprise Edition
• Adds table ml_model_versions and Ml::ModelVersion (merge request)
• Command Palette: Enable feature flag per default (merge request)
• Add PAT automatic reuse detection in AuthFinders (merge request)
• GraphQL endpoint for IDE code suggestions enabled (merge request)
• Add data tracking for editors (merge request)
• Add group_id argument to merge requests resolver (merge request)
• Enable shared runners on descendants (merge request)
• Enable enforcing Scan Execution Policies when gitlab-ci.yml is missing (merge request) GitLab Enterprise Edition
• Award emojis to work item notes (merge request)
• Add abuse categories to the new abuse reports list view (merge request)
• Add Terraform State in Project overview by @glauciellesa (merge request)
• Add filter_labels option to the VSD configuration file (merge request) GitLab Enterprise Edition
• Release GitLab for Slack app for Self Managed (merge request)
• Better NPM error messages (merge request)
• Add a callout for rich text editor (merge request)
• Add name field in audit events api (merge request) GitLab Enterprise Edition
• Forward all additional headers to model gateway (merge request) GitLab Enterprise Edition
• Web IDE AI Assisted code suggestions (merge request)
• Add the logic for searching and showing group wiki search (merge request) GitLab Enterprise Edition
• Release link Jira issues to GitLab deployments (merge request)
• Add emoji webhooks (merge request)
• Update Direct Transfer to support import in batches (merge request)
• Add support for award emojis to design comments (merge request)
• No repository mirroring if silent mode is enabled (merge request) GitLab Enterprise Edition
• Clean up mirror_only_branches_match_regex feature flag by @lyb124553153 (merge request) GitLab Enterprise Edition
• Add Geo bulk mark pending batch worker (merge request) GitLab Enterprise Edition
• Adds table ml_model and entity Ml::Model (merge request)
• Add group mention Slack events behind feature flag (merge request)
• Extending the scope of gitlab_schemas to be locked on multiple dbs (merge request)
• Expose null deploy_key_id fields in REST API (merge request)
• Allow to select K8s namespace for environment (merge request)
• GraphQL node for CODEOWNER file validator (merge request) GitLab Enterprise Edition
• Expose user pronouns via GraphQL (merge request)
• Show pipeline warning when 100+ jobs in stage (merge request)
• Implement include_source_code arg for ETV ai requests (merge request) GitLab Enterprise Edition
• Add Microsoft Graph client (merge request) GitLab Enterprise Edition
• Add id to EE MR state widget (merge request) GitLab Enterprise Edition
• Implement include_source_code arg for ETV ai requests (merge request) GitLab Enterprise Edition
• Add Sidekiq queueing application SLIs (merge request)
• Show user popover for assignees/reviewers in sidebar (merge request)
• Repair user sorting with relative url mounts by @markus.ferrell (merge request)
• Keep epics in elasticsearch up to date when epic data changes (merge request) GitLab Enterprise Edition
• Add /completions endpoint to proxy to model gateway (merge request) GitLab Enterprise Edition
• Specify reason when logging user_access_locked audit event (merge request) GitLab Enterprise Edition
• Relay allowlist column added (merge request)
• Add trigger to prevent delete of default org (merge request)
• Add Microsoft Graph client (merge request) GitLab Enterprise Edition
• Enable geo_registries_update_mutation FF by default (merge request) GitLab Enterprise Edition
• Add user_access_unlocked audit event (merge request) GitLab Enterprise Edition
• Improves empty state for dependency proxy (merge request)
• Add Snowplow tracking to VSD metric drill-down links (merge request) GitLab Enterprise Edition
• Enable the moved_mr_sidebar flag by default (merge request)
• Recreate tmp_idx_vulns_on_converted_uuid synchronously (merge request)
• Add raw Javascript tracking for Gitlab Internal events (merge request)
• Add API endpoint for Internal Events Tracking (merge request)
• Replace foreign keys to use the partitioned table - 4 self-managed (merge request)
• Add prevent approval by author check to Gitlab standard (merge request) GitLab Enterprise Edition
• Add ci_config_sha JWT claim (merge request)
• Add Security Policy Default source (merge request) GitLab Enterprise Edition
• Adds frontend boilerplate for /-/ml/models (merge request)
• Show Verified badge for commits signed by Gitlab (merge request)
• Feat: introduce feature flag for profile overflow menu (merge request)
• Silent mode support for Integrations (merge request)
• Add Kubernetes namespace field (merge request)
• Add support for diff suggestions in content editor (merge request)
• Implement mergeRequestDiffs property for MergeRequestType (merge request) GitLab Enterprise Edition
• Create type migration supporting index synchronously (merge request)
• Adds ModelsConstroller#index (merge request)
• Schema definitions for google cloud events (merge request) GitLab Enterprise Edition
• Adds last_enforced_at column to NamespaceLimits (merge request)
• Drop Sidekiq jobs based on feature flag (merge request)
• Create MergeRequestReviewLLmSummary model and table (merge request)
• Log Gitaly metadata when a Gitaly call raises an exception (merge request)
• Cleanup ci_limit_environment_scope feature flag (merge request)
• Add state to catalog_resources table (merge request)
• objectpools: Add pool_repositories table index (merge request)
• Expose explain this vulnerability prompts via GQL VulnerabilityType (merge request) GitLab Enterprise Edition
• Remove comment_on_files feature flag (merge request)
• Add description optional field for Ci::Variable (merge request)
• Finalize conversion for FKs targeting p_ci_builds - 2 self-managed (merge request)
• Add new method for RepositoryInfo RPC (merge request)
• Expose dismissal_reason on VulnerabilityType (merge request) GitLab Enterprise Edition
• Show user popover for MR approvers list (merge request)
• Add todo quick actions to work items (merge request)
• Ban users that use a banned phone number during identity verification (merge request) GitLab Enterprise Edition
• Keep username when switching between author and assignee in filter bar (merge request)
• Add contextual shortcuts for formatting options (merge request)
• Enable rich text editor in submitting a review (merge request)
• Add Microsoft app/graph tables and models (merge request)
• Adds support to the JwtAuthenticatable module (merge request)
• Admin can delete unconfirmed users automatically (merge request) GitLab Enterprise Edition
• Show user popover for sidebar participants list (merge request)
• Add support for saved replies in content editor (merge request)
• Introduce API for contributed projects (merge request)
• Add RSS feed on topic page by @oelmekki (merge request)
• Add resize handlers for images (merge request)
• Add a configuration page for gilab_shell_operation_limit by @lyb124553153 (merge request)
• Add index to support vulnerability_occurrences.uuid type migration (merge request)
• Update relations export API to support batches (merge request)
• Adds tracking columns to namespace limits (merge request)
• Add :create_runner access token scope (merge request)
• Add grouping to audit event type filter (merge request) GitLab Enterprise Edition
• Add div to MR state widget (merge request)
• Add temporary index to support dismissal_reason backfill (merge request)
• Add validation coloring on approvers (merge request) GitLab Enterprise Edition
• Support include rules 'when:' values 'always' and 'never' (merge request)
• Add creation limits for value streams and stages (merge request)
• Enables ai_chat_history_context by default (merge request) GitLab Enterprise Edition
• Added labels to issue search results (merge request) GitLab Enterprise Edition
• Show user popover for discussion note avatar (merge request)
• Extract Jira issue keys for deploy from commits
• Add Gitlab Internal Events to Frontend to unify RedisHLL/Snowplow
• Create table subscription_users_add_on_assignments
• Show Popover on Epic links within Markdown GitLab Enterprise Edition
• Add deferred_count field on deferring Sidekiq jobs
• Compare results for scan_finding approval rules from multiple pipelines GitLab Enterprise Edition
• Add TXT verification time interval
• Add user_access_locked audit event GitLab Enterprise Edition
• Support CI_JOB_TOKEN auth in Deployments API
• Extract Jira issue keys for deploy from commits (merge request)
• Add Gitlab Internal Events to Frontend to unify RedisHLL/Snowplow (merge request)
• Create table subscription_users_add_on_assignments (merge request)
• Show Popover on Epic links within Markdown (merge request) GitLab Enterprise Edition
• Compare results for scan_finding approval rules from multiple pipelines (merge request) GitLab Enterprise Edition
• Create index for project vulnerability_reads on common filters (merge request)
• Support CI_JOB_TOKEN auth in Environments API (merge request)
• Add user_access_locked audit event (merge request) GitLab Enterprise Edition
• Adds download endpoint to MlModel Registry (merge request)
• Add new method for RepositoryInfo RPC (merge request)
• Add unique index for npm packages (merge request)
• Support CI_JOB_TOKEN auth in Deployments API (merge request)
• Add RelatedPipelinesFinder for security policies (merge request) GitLab Enterprise Edition
• Add TXT verification time interval (merge request)
• Readding associations between Organization and Namespaces (merge request)
• Add async index to prepared_at column for merge requests (merge request)
• Finalize ResourceLinkEvents (merge request)
• Add OrganizationSetting model and support for 1 setting (merge request)
• feat: Add support for scope_offset_compressed signature type (merge request) GitLab Enterprise Edition
• Add delay user deletion UI text (merge request) GitLab Enterprise Edition
• Include null values in DORA metrics API response (merge request) GitLab Enterprise Edition
• Adds code_completion method to VertexAi::Client (merge request) GitLab Enterprise Edition
• Add search to audit event type listbox (merge request) GitLab Enterprise Edition
• Log and expose limits changes (merge request) GitLab Enterprise Edition
• Use ignore-all-space when ignoring white space on diffs (merge request)
• Prepare async index for project vulnerability_reads on common filters (merge request)
• Name column in audit event destination (merge request)
• Adds toggle label to shared registry list component (merge request)
• Adds pagination to package assets table (merge request)
• Add the documentation about the new root folder config (merge request)
• Finalize conversion for FKs targeting p_ci_builds (merge request)
• Add vulnerability_attributes to security policy (merge request) GitLab Enterprise Edition
• Add new index to support age filtering (merge request)
• Remove job_webhook_retries_count feature flag (merge request)
• Add gitlab-rspec gem (merge request)
• Add unique index ot ci_triggers.token (merge request)
• Automatically generate a summary for new diffs (merge request)
• Replace foreign keys to use the partitioned table - V3 (merge request)
• Add secure schemas version 15.0.5 (merge request)
• Add deferred_count field on deferring Sidekiq jobs (merge request)
• Add ref_protected to branch and tag webhooks by @zalimander (merge request)

Fixed (143 changes)

• Remove excess heading and subheading (merge request)
• Support award emoji pagination in work items (merge request) GitLab Enterprise Edition
• Truncate chat prompt placeholder in small viewports (merge request)
• Fix MR throughput on the Value Stream Dashboard (merge request) GitLab Enterprise Edition
• Content editor: Fix layout shifting (merge request)
• Improve audit event stream http form disabling (merge request) GitLab Enterprise Edition
• Fix paste in code suggestions (merge request)
• Fix toolbar buttons after preview (merge request)
• Show new streaming destinations first in list (merge request) GitLab Enterprise Edition
• Fix focus on Release Notes input by @glauciellesa (merge request)
• Fix count of all group members in autocomplete (merge request)
• Fix error in augment ancestors for dependency list report (merge request) GitLab Enterprise Edition
• Allow group transfers to go over free user cap (merge request) GitLab Enterprise Edition
• Add missing tooltip for emoji button (merge request)
• New label selection: fix reload after selection with keyboard (merge request)
• Migrate wiki buttons and fix alert (merge request)
• Fix wrapping pattern of buttons by @glauciellesa (merge request)
• Correctly handle invalid dates on Merge Request Analytics page by @dannyelcf (merge request) GitLab Enterprise Edition
• Fix search projects api requests missing scope permission (merge request)
• Fix snippet threads layout (merge request)
• Fix spacing between columns in audit event destination headers (merge request) GitLab Enterprise Edition
• Handle group label priorities (merge request)
• Editor UI: Fix focus ring (merge request)
• Crop long strings in GitLab Duo Chat (merge request)
• Cleanup dynamically_compute_deployment_approval flag (merge request)
• Fixes package registry list sorting UI inconsistency (merge request)
• Fix alignment of to do sort dropdown (merge request)
• Async migration for 'index_vuln_findings_on_uuid_including_vuln_id' (merge request)
• Minor styling fixes for codeowners (merge request)
• MR: Add title and aria-label attributes to the more menu buttons (merge request)
• Hides dependency proxy loading state while paginating (merge request)
• Fix spacing of reply box on highlighted note (merge request)
• Add "owned" parameter to group project listing by @FromTheStackAndBack (merge request)
• Raise exceptions for analytics worker job retry (merge request)
• Remove key_set_optimizer_ignored_columns feature flag (merge request)
• Adds write policy for Model experiments (merge request)
• Fix NoMethodError in MergeTrains::CarFinder (merge request)
• Fix few event types not getting streamed for group push rules changes (merge request) GitLab Enterprise Edition
• Make a request to SpamCheck before creating/updating milestones (merge request)
• Fix error with initialization of protected environments feature by @ShaneMaglangit (merge request)
• Allow guest user to add todos (merge request) GitLab Enterprise Edition
• Include Gitaly feature flags in KAS client gRPC calls (merge request)
• Fix target note background for first timeline note (merge request)
• Add a link to the Omnibus GitLab 16 changes page (merge request)
• Do not show insights DORA4 for unautthorized users (merge request) GitLab Enterprise Edition
• Revert "Upgrade net-ldap gem" (merge request)
• Fix: group id missing in new resource dropdown (merge request)
• Fix explain code text selection (merge request)
• Fix flaky spec (merge request) GitLab Enterprise Edition
• Change remove_hidden_groups type for GraphQL mutation (merge request)
• Default enable remove_deployments_api_ref_sort (merge request)
• Add a migration to reindex commits to fix repository_access_level (merge request) GitLab Enterprise Edition
• Preserve private key newlines in gcp logging (merge request) GitLab Enterprise Edition
• Fix comment on file input (merge request)
• Decrease the "Create" menu offset while impersonating (merge request)
• Fix invite member button initialization on learn gitlab (merge request) GitLab Enterprise Edition
• Persisting pipelines from failed pipeline schedules (merge request)
• Fix validation in UI when adding comments in MR diff (merge request)
• Prevent text overflow when user name is long (merge request)
• Display error in UI when draft note can't be updated (merge request)
• Fix mr analytics query (merge request) GitLab Enterprise Edition
• Include empty/no repo in projects_not_indexed rake task (merge request) GitLab Enterprise Edition
• Fix anonymous reporter bug (merge request) GitLab Enterprise Edition
• Remove no longer needed fix (merge request)
• Make wrong index creation migration a no-op (merge request)
• Fix md shortcuts not working after preview (merge request)
• Avoid setting an invalid TTL in duplicate job middleware (merge request)
• Fix Artifact class content from returning error (merge request)
• Fixes ml_candidate foreign key on user_id (merge request)
• Improve audit events streaming header UX (merge request) GitLab Enterprise Edition
• Fix self deployment approval triggers approval automatically (merge request)
• Update super sidebar nav item spacing (merge request)
• Fix validation in UI when adding comments in MR diff (merge request)
• Fix wikis cannot be edited in rich text (merge request)
• Ignore nil LSN diff values in Lua script for Sidekiq duplicate job (merge request)
• Add internal_include_prepended=true to Bridge (merge request)
• Fix newlines in multiline comment templates (merge request)
• Fixed alignment of MR title texts by @zillemarco (merge request)
• Fix check for ai availability (merge request) GitLab Enterprise Edition
• Fix cancelling of note edits (merge request)
• Dark shadows and overlays in dark mode (merge request)
• Show work item awards when comment is in edit form (merge request)
• Use latest finished pipeline for scan result policy (merge request) GitLab Enterprise Edition
• Fix clear button not working on file tree search (merge request)
• Enable fix of race-condition for merge request MWPS (merge request)
• Sync scan_finding approvals for all latest pipelines in MR (merge request) GitLab Enterprise Edition
• Fix 500 error from visibleForks when user is not authorized (merge request)
• Fix javascript error on trials page (merge request) GitLab Enterprise Edition
• Increase user menu offset when impersonating a user (merge request)
• Set a min-height for wiki list items (merge request)
• Fixes overflow issue with comment edit focus on editor (merge request)
• Fix autocomplete suggestions in issue descriptions (merge request)
• Check scan_types from scan result policy only for scan removal check (merge request) GitLab Enterprise Edition
• Fix loading state of rich text dropdown (merge request)
• Fixes invalid Jira regex matching (merge request)
• Fix GitHub Importer (merge request)
• Remove extra white space at bottom of project settings (merge request)
• Fix the toggle sidebar icon on issues/MRs on mobiles (merge request)
• Mention now mandatory expires_at parameter in the documentation by @kutelev (merge request)
• Fix: locale issue on issue page header actions (merge request)
• Add first name and last name to compay form during registration (merge request) GitLab Enterprise Edition
• Release fix for skipped jobs issue (merge request)
• Fix NoMethodError when current_user is not set (merge request) GitLab Enterprise Edition
• Fix CSP is set in Environment page incorrectly (merge request)
• Note: Fix scrollTo event (merge request)
• Fix for omniauth-shibboleth strategy by @boontifex (merge request)
• Log correct audit event type when a user is blocked (merge request) GitLab Enterprise Edition
• Fixed design management reply background in dark mode (merge request)
• Reset webpack path for Mermaid iFrames
• Fix error logging with GitlabSettings::Options
• Fix GitHub Import user email cache
• Fix empty response for #refs_by_oid method
• Fix Bitbucket Cloud Importer (merge request)
• Dismiss vulnerability with correct params (merge request) GitLab Enterprise Edition
• Properly use Italics of GitLab Sans (merge request)
• Reset webpack path for Mermaid iFrames (merge request)
• Fix GitHub Import user email cache (merge request)
• Ignore deleted labels in aggregations (merge request) GitLab Enterprise Edition
• Fix error logging with GitlabSettings::Options (merge request)
• Fix empty response for #refs_by_oid method (merge request)
• Fix approval notification for MRs without scan result policies (merge request) GitLab Enterprise Edition
• Fix lock icon in collapsed issue sidebar (merge request)
• Fix LDAP custom TLS options parsing (merge request)
• Use Issue#readable_by to solve disparity in APIs for issue links (merge request) GitLab Enterprise Edition
• Fix scan result policies for empty severity levels (merge request) GitLab Enterprise Edition
• Fix security policy editor validation error rendering (merge request) GitLab Enterprise Edition
• Add margin to last user in assignees list (merge request)
• Fix autocomplete of members of group via group share (merge request)
• Fix missing icons on OAuth page in new nav (merge request)
• Fix uniqueness of destination URL not scoped to namespace (merge request) GitLab Enterprise Edition
• Create design repos if absent when verifying on primary (merge request) GitLab Enterprise Edition
• Fix archived projects tab on group overview (merge request)
• Update DAST "Site Profile Validation" links (merge request)
• Fixes draft function to work in other tabs than Overview (merge request)
• Fix error messages for policy editor's yaml mode (merge request) GitLab Enterprise Edition
• Brnaches: Fix alignment issues (merge request)
• Use identicon avatar when gravatar is disabled in access dropdown by @LXY1226 (merge request)
• Adjust finder to scope by group (merge request) GitLab Enterprise Edition
• Create an empty wiki repo if it is not already there (merge request) GitLab Enterprise Edition
• Fix project's placeholder logo border on Billing page (merge request)
• Fix missing content in HTML files (merge request)
• Do not allow emails with trailing spaces to be added as invites (merge request)
• Fix border radius of internal note (merge request)

Changed (218 changes)

• Use Pajamas compliance button (merge request)
• Prepare group wiki registry table for verification (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.37.0 (merge request)
• Migrate destroy application button (merge request)
• Add warning when replacing MR description with generated content (merge request) GitLab Enterprise Edition
• Move user settings pages to one column and use sticky header (merge request)
• Fix spacing between rows (merge request) GitLab Enterprise Edition
• Fix code suggestions in overview tab (merge request)
• Set cvss vector default to nil (merge request)
• Enable security policy bot for group policies (merge request) GitLab Enterprise Edition
• UI text inconsistency in Assignee field in work items (merge request)
• Migrate cluster actions dropdown to disclosure by @ShaneMaglangit (merge request)
• More robust Pajamas buttons (merge request)
• Migrate Dropdown to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
• Improve vertical spacing in old style (merge request)
• Update file comment UI and comment in parallel diff (merge request)
• Add variables to policy drawer (merge request) GitLab Enterprise Edition
• Enable dismiss_multiple_vulnerabilities by default (merge request) GitLab Enterprise Edition
• Update policy docs to display required property (merge request)
• Enable Geo mutations when maintenance mode is enabled (merge request) GitLab Enterprise Edition
• Update buttons to use Pajamas::ButtonComponent (merge request)
• Add search capabilities for the (merge request) GitLab Enterprise Edition
• Adjust space in job cell (merge request)
• Update Webhooks Settings to use cards (merge request)
• Enable security_policies_branch_type feature flag by default (merge request)
• Migrate runner registration dropdown to disclosure by @ShaneMaglangit (merge request)
• Tweak for UX inconsistency (merge request)
• Convert smartcard button to Pajama style (merge request) GitLab Enterprise Edition
• Update Free Plan usage description (merge request) GitLab Enterprise Edition
• Enable security_policy_approval_notification FF by default (merge request) GitLab Enterprise Edition
• Require alert integration identifiers to be unique by project (merge request)
• Remove the gitlab duo chat backdrop (merge request)
• Create backlog list with board factory (merge request)
• Change button to pajamas compliant (merge request)
• Add comment to AI feedback (merge request)
• Update constraint on PackageMetadata::Advisory (merge request)
• Improve pipeline header mobile (merge request)
• Migrate comment type dropdown to listbox by @ShaneMaglangit (merge request)
• Update tests and docs for type quick action (merge request)
• Refactor protected environments forms to use ajax (merge request) GitLab Enterprise Edition
• Move Close issue button into dropdown (merge request)
• Remove hard coded language in the HTML markup (merge request)
• Change request to groups API to use all_available (merge request)
• Mobile: Collect runner actions in a dropdown (merge request)
• Add infinite scroll to Invite a group dropdown (merge request)
• User preferences: move to one column layout (merge request)
• Renames parameters on ml_model_packages api (merge request)
• Maintain order when executing PackageLicenses#fetch (merge request) GitLab Enterprise Edition
• Provide UI hint when there are 25 new potential findings (merge request) GitLab Enterprise Edition
• Use keys with hash tag in manifest import metadata (merge request)
• Remove hard coded language (merge request)
• Hides package registry bulk deletion for users without permission (merge request)
• Use Markdown editor in Milestone descriptions (merge request)
• This MR adds more options branch type (merge request) GitLab Enterprise Edition
• Move notification settings into single column card layout (merge request)
• Move Access Tokens settings to one column (merge request)
• Return deploy key title when humanizing access levels (merge request)
• Rename GitLab Chat to GitLab Duo Chat (merge request)
• Simplify markdown form header (merge request)
• Migrate vulnerability project_filter to listbox (merge request) GitLab Enterprise Edition
• Updates widgets to properly use the new card styles (merge request)
• Update linked ressources to use reusable card styles (merge request)
• This MR updated error message (merge request) GitLab Enterprise Edition
• Return "Add" button to issue board (merge request)
• Replace Value Streams Dashboard REST api with graphql (merge request) GitLab Enterprise Edition
• Load merge request for a vulnerability via links (merge request) GitLab Enterprise Edition
• Update GraphQL endpoint to support sorting group variables (merge request)
• Add feedback banner to GitLab for Jira (merge request)
• Prevent creation of audit events for invalid approval rules (merge request) GitLab Enterprise Edition
• Remove delete_scan_result_policies_by_project_id feature flag (merge request)
• Show a loading indicator on paste (merge request)
• Remove SAST UI analyzers options (merge request) GitLab Enterprise Edition
• Index projects in zoekt on import (merge request) GitLab Enterprise Edition
• Update Confirm Danger wording (merge request)
• Expose enterprise group attributes (merge request) GitLab Enterprise Edition
• Use one column for packages and registries settings (merge request)
• Users can be exempt from phone verification (merge request) GitLab Enterprise Edition
• Update grpc to v1.55.0 and add monkey patch (merge request)
• Add Roles and Permissions menu in Admin Area (merge request) GitLab Enterprise Edition
• Add help text for files with code owners (merge request) GitLab Enterprise Edition
• Migrate GlDropdown to GlCollapsibleListbox (merge request) GitLab Enterprise Edition
• Migrate link_to to ButtonComponent by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Increase pipeline header space (merge request)
• Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
• Migrate author select dropdown to gl-collapsible-listbox by @ShaneMaglangit (merge request)
• Group dependencies by component_id for both location and project. (merge request) GitLab Enterprise Edition
• Adding reusable new card styles (merge request)
• This MR adds more options branch type (merge request) GitLab Enterprise Edition
• Permanently move the pages menu entry under deploy (merge request)
• Replace the users foreign key on ml experiments (merge request)
• Show pipeline created time (merge request)
• Add gcp logging streaming destination (merge request) GitLab Enterprise Edition
• Moves Model experiments navbar entry to Analyze (merge request)
• Update "Content Editor" to "Rich Text Editor" in docs (merge request)
• Update dependency auto-build-image to v1.36.0 (merge request)
• Add copy to clarify storage included in Project enforcement (merge request)
• Update dependency auto-deploy-image to v2.51.0 (merge request)
• Migrate detection method to listbox (merge request) GitLab Enterprise Edition
• Cleanup webhook edit form (merge request)
• Add resetting of loading state on error (merge request) GitLab Enterprise Edition
• Upgrade re2 gem to v1.7.0 (merge request)
• Improve typography and remove accordion in audit event stream (merge request) GitLab Enterprise Edition
• Change copy for public snippets in projects (merge request)
• Disable Arkose for Group SAML users (merge request) GitLab Enterprise Edition
• Do not use overridden_uuid to create Vulnerabilities::Finding objects (merge request)
• Update OpenAPI yaml file (merge request)
• Move remove_old_scores method to user trust score class (merge request)
• Add Rails 7 as default configuration (merge request)
• Atwho styling update (merge request)
• Allow null and empty string values for unused field (merge request)
• GitLab project importer/exporter uses work_item_type (merge request)
• Polish UI for group package registry by @tejaskarelia17 (merge request)
• Disable rendering comments in content editor (merge request)
• Update Service Desk documentation for Docker installs (merge request)
• Update documentation to advise the use of runnerToken in Helm chart (merge request)
• Migrate tool with vendor filter to gl-collapsible-listbox (merge request) GitLab Enterprise Edition
• Diff: Comments styling improvements (merge request)
• Add sticky titles and sticky action buttons (merge request)
• Add pagination test (merge request)
• Add archived to the issues index (merge request) GitLab Enterprise Edition
• Add a managing section to BBM docs (merge request)
• Move the footer in sign-in pages to the bottom (merge request)
• Expose shared runner setting (merge request)
• Update dependency auto-build-image to v1.35.0 (merge request)
• Move password form into one column (merge request)
• Auto accept terms for security_policy_bot users (merge request)
• Add and delete rows by scan_result_policies.project_id foreign key (merge request) GitLab Enterprise Edition
• Migrate "Invite a group" dropdown to GlCollapsableListbox (merge request)
• Drop GraphQL generic tracer module (merge request)
• This MR adds error handling (merge request) GitLab Enterprise Edition
• Migrate GlDropdown to GlCollapsibleListbox by @ShaneMaglangit (merge request)
• Center align members table rows (merge request)
• Move access tokens settings into single column (merge request)
• Update icons and text for global search sidebar (merge request)
• Add schema validation for approvals_required (merge request) GitLab Enterprise Edition
• Better clarity when comparing branches (merge request)
• Initialize the conversion for ci_pipeline_variables.pipeline_id (merge request)
• Move token and delete button to form in stream destination (merge request) GitLab Enterprise Edition
• Add a new section to BBM docs (merge request)
• Move text warning to Pajamas component (merge request) GitLab Enterprise Edition
• Moved localization texts from actions to i18n by @catinbag (merge request)
• Hide projects created by banned users (merge request)
• Remove unused anchors in Terraform ci templates by @thejan2009 (merge request)
• Update atwho styling to match new dropdown styles (merge request)
• Fix group project page checkbox bug (merge request) GitLab Enterprise Edition
• Add number of shards setting (merge request)
• Render reference link correctly (merge request)
• Add headers to instance audit event streaming destinations (merge request) GitLab Enterprise Edition
• Webhook settings: Change to one column layout (merge request)
• Enable fluid width listbox in notification settings (merge request)
• Unconfirmed user deletion skips users who have signed in (merge request)
• Update sort fields based on namespaceType (merge request) GitLab Enterprise Edition
• Remove environment_settings_to_graphql FF (merge request)
• Disable startup CSS (merge request)
• Remove the issue_type_uses_work_item_types_table feature flag (merge request)
• Rename 'Key metrics' to 'Lifecycle metrics' in VSA overview page (merge request)
• Gate new container registry features with Gitlab.com_except_jh? (merge request) GitLab Enterprise Edition
• Persisting failed pipelines from pipeline schedules (merge request)
• Add dependency list table on group level (merge request) GitLab Enterprise Edition
• Enable language switcher in the SAML SSO page
• Reword Search maximum depth field description in SAST configuration
• Add support for pagination for group GitLab Enterprise Edition
• Refactoring of work item attributes into a separate component GitLab Enterprise Edition
• UI alignment of streaming audit events GitLab Enterprise Edition
• Introduce new pipeline details header
• Add requeue workers setting
• Migrate " tags_list_row.vue" to GlDisclosure" by @Mughees_
• Remove gray background on reply field (merge request)
• Reverse defer_sidekiq_jobs FF to run_sidekiq_jobs (merge request)
• Generate bot comment for license compliance violations (merge request) GitLab Enterprise Edition
• Reword Search maximum depth field description in SAST configuration (merge request)
• Synchronize scan result policy approval rules on default branch change (merge request) GitLab Enterprise Edition
• Add support for pagination for group (merge request) GitLab Enterprise Edition
• Introduce new pipeline details header (merge request)
• Refactoring of work item attributes into a separate component (merge request) GitLab Enterprise Edition
• Add requeue workers setting (merge request)
• Replace link_to with Pajamas ButtonComponent by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Migrate " tags_list_row.vue" to GlDisclosure" by @Mughees_ (merge request)
• Disable rake gitlab:cleanup:remote_upload_files with bucket prefix (merge request)
• Removed pipeline artifact from total_storage (merge request)
• Require Slack app settings when app is enabled (merge request)
• Move applications settings into single column (merge request)
• Add missing filters to issues list (merge request) GitLab Enterprise Edition
• Remove the auto_merge_labels_mr_widget feature flag (merge request)
• Update explain this vulnerability icon (merge request)
• Remove the sign-in restriction text from sign-up (merge request)
• Remove feature flag (merge request)
• Add export button for violations on Compliance Report (merge request) GitLab Enterprise Edition
• Use one column for account settings (merge request)
• Update design management reply input (merge request)
• Use single column layout for user settings (merge request)
• Add validation for timezone in scan execution policies (merge request) GitLab Enterprise Edition
• Group sbom occurrences by component_id (merge request) GitLab Enterprise Edition
• Updates empty text to be more specific (merge request) GitLab Enterprise Edition
• Improve PAT expiration validation error messages (merge request)
• Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
• Use metadata cache for npm metadata endpoint at project level (merge request)
• Add modal for deleting streaming destination (merge request) GitLab Enterprise Edition
• Implement path-dependent feed token (merge request)
• Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
• Migrate resolved threads dropdown to gl-disclosure-dropdown by @ShaneMaglangit (merge request)
• Cleanup adapt_deprecated_approvals feature flag (merge request) GitLab Enterprise Edition
• Update broadcast message target UI (merge request)
• Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
• Migrate "commit_message_dropdown.vue" to GlDisclosure" by @Mughees_ (merge request)
• Add ordering to the git_rate_limit_users_alertlist API call (merge request) GitLab Enterprise Edition
• Prepare the async index for ci_pipelines (merge request)
• Bump kas-grpc to v0.2.0 (merge request)
• Migrate "timeline_events_item.vue" to GlDisclosure" by @Mughees_ (merge request)
• UI alignment of streaming audit events (merge request) GitLab Enterprise Edition
• Makes RuleScheduleService inherit from BaseProjectService by @NIKU-SINGH (merge request) GitLab Enterprise Edition
• Improve wording for chatops account activation (merge request)
• Enable language switcher in the SAML SSO page (merge request)
• Account for runners with multiple IP addresses (merge request)
• Migrate GlDropdown to GlDisclosureDropdown by @ShaneMaglangit (merge request)
• Change background color in dark mode - login page (merge request)
• Move trust score methods to User Trust Score class (merge request) GitLab Enterprise Edition
• Drop message column from vulnerability_occurrences (merge request)

Deprecated (2 changes)

• Updates Container Registry estimation flag name (merge request)
• Deprecate runner API fields (merge request)

Removed (30 changes)

• Revert "Merge branch '399117-enforce-security-policy-vulnerability_attributes-rules' into 'master'" (merge request) GitLab Enterprise Edition
• Add feature flag to PAT reuse detection (merge request)
• Remove Git repo redownload code path (merge request) GitLab Enterprise Edition
• Drop unused advisory tables (merge request)
• Remove file_md5 column ignore in Debian component files by @sathieu (merge request)
• Remove unused Debian services and worker by @sathieu (merge request)
• Remove introduce_rules_with_needs flag (merge request)
• Remove jitsu authentication (merge request) GitLab Enterprise Edition
• Remove user_details.provisioned_by_group_at column (merge request)
• Remove FE for prometheus API URL (merge request)
• Delete Monitor Metrics module (merge request)
• Remove/update prometheus payload for metric removals (merge request)
• Completely remove POST /ci/lint (merge request)
• Remove domain_verification_operation FF (merge request)
• Drop tmp_index_ci_job_artifacts_on_id_expire_at_file_type_trace (merge request)
• Remove ignore rule for WebauthnRegistration#u2f_registration_id (merge request)
• Cleanup PK conversion for notes table (merge request)
• Delete UI for metrics embeded in markdown (merge request)
• Delete sidekiq worker classes (merge request)
• Remove dismissal_reason feature flag (merge request) GitLab Enterprise Edition
• Remove deprecate_vulnerabilities_feedback feature flag (merge request) GitLab Enterprise Edition
• Remove metric related unused routes from project file (merge request)
• Clean up bigint conversion for ci_pipeline_variables.id (merge request)
• Remove feature flag invalid_scan_result_policy_prevents_merge (merge request) GitLab Enterprise Edition
• Drop U2fRegistrations table (merge request)
• Remove audit_event_group_rollup feature (merge request) GitLab Enterprise Edition
• Schedule tmp_index_ci_job_artifacts_on_id_expire_at_file_type_trace (merge request)
• Remove deprecateVulnerabilitiesFeedback feature flag (merge request) GitLab Enterprise Edition
• Remove license_md5 metric from Service Ping (merge request)
• Removed Clusters from Scan Execution policy Schemas by @NIKU-SINGH (merge request) GitLab Enterprise Edition

Security (17 changes)

• Add authorization to the subscriptions group controller
• Migrate resource_link_events to ghost users (merge request) GitLab Enterprise Edition
• Revert 'security-leaked-ci-job-token-permission' from 'master'
• Use fully qualified ref when loading code owner file
• Increasing security for CI_JOB_TOKEN on public and internal projects
• Remove approvals when the only commit gets amended
• Maintainer can leak masked webhook secrets by manipulating URL masking
• Adjust access to value stream create, edit and destroy actions
• Add authorization validation to GithubController#failures action
• Mitigate epic reference filter ReDOS
• Sanitize user email addresses in admin confirm user dialog
• Fix for fork permissions check in compare controller
• Webhook token leaked in Sidekiq logs if log format is 'default'
• Obfuscate email of service desk issue creator in issue REST API
• Fixes typo on PrometheusClient concern
• Fixes typo on Note model
• Fixes typo on Ci::BuildTraceChunk

Performance (13 changes)

• Memoize known_events_names in hll redis counter (merge request) GitLab Enterprise Edition
• Improve rake elastic:projects_not_indexed query (merge request) GitLab Enterprise Edition
• Make removable checks less expensive (merge request)
• Reduce queries in user profile page (merge request)
• Add changes to move projects to separate index (merge request) GitLab Enterprise Edition
• Remove index on deployments table asynchronously (merge request)
• Remove index_deployments_on_project_id_and_status async-ly (merge request)
• Remove index_deployments_on_project_id_sha async-ly (merge request)
• Enable batch_delay_jira_branch_sync_worker by default (merge request)
• Remove slow uploads fallback query
• Remove slow uploads fallback query (merge request)
• Improve TBT of project file rendered (merge request)
• Remove index events on project id and id desc (merge request)

Other (92 changes)

• Migrate buttons to Pajamas component (merge request)
• Migrate button to Pajamas component (merge request)
• Add style to access_token_expired_email by @KiranSatyaRaj (merge request)
• feat: Remove sec_mark_dropped_findings_as_resolved feature flag (merge request)
• Add group_id in the wiki_blobs search API (merge request)
• Migrate buttons to Pajamas (merge request)
• Migrate button to Pajamas component (merge request)
• Save code suggestions service token (merge request) GitLab Enterprise Edition
• Removes duplicated and unused avatar variable (merge request)
• Omit parentheses in plural labels for quick actions by @KiranSatyaRaj (merge request)
• Migrate button to Pajamas (merge request)
• Migrate buttons to use Pajama component (merge request)
• Remove fix_new_blobs_memoization flag (merge request)
• Merge branch 'bwill/delete-vulnerability-advisories' into 'master' (merge request)
• Drop devault value CI partition tables (merge request)
• Remove temporary index used for backfilling (merge request)
• Remove use of multi in issues rebalancing state (merge request)
• Cleanup feature flags for Kubernetes dashboard (merge request)
• Replace event string with constants in container r. replicator by @bymayanksingh (merge request) GitLab Enterprise Edition
• Rename .rb to .rb.tt for templates used in GitLab templates folder by @ya332 (merge request)
• Replace hardcoded event string with constants in Repository Replicator by @bymayanksingh (merge request) GitLab Enterprise Edition
• Update CodeSuggestions-related settings text on SM (merge request)
• Finalize conversion for FKs targeting p_ci_builds - 4 (merge request)
• Remove use_traversal_ids_for_descendants_scopes FF (merge request)
• Replace hardcoded event string with constant in BlobReplicatorStrategy by @bymayanksingh (merge request) GitLab Enterprise Edition
• Remove FF frozen_outbound_job_token_scopes (merge request)
• Update user type migration finalization method (merge request)
• Remove use_traversal_ids_for_ancestors_upto feature flag (merge request)
• Removal of index events on project id and id desc (merge request)
• Identifying all cross joins between namespaces and users (merge request)
• Add expires_at to service_access_token table (merge request)
• Allow dev and test to get this migration if in SaaS mode (merge request)
• Clean up validate_environment_tier_presence feature flag (merge request)
• Remove redundant usage of Gitlab::I18n.with_locale in mailers by @bymayanksingh (merge request)
• Create service_access_tokens table (merge request)
• Change the default database value of project_view to 2 (merge request)
• Revert "Merge branch '414396-partitioned-fks-v7' into 'master'" (merge request)
• Reindex already existing GroupWikis (merge request) GitLab Enterprise Edition
• Unify true-false validation specs II by @anaschwendler (merge request)
• Add value transformation logic method by @bymayanksingh (merge request) GitLab Enterprise Edition
• Finalize conversion for FKs targeting p_ci_builds - 3 (merge request)
• Remove use_traversal_ids_roots feature flag (merge request)
• Drop FF cluster_agents_limit_tokens_created (merge request)
• Remove use_traversal_ids_for_ancestors feature flags (merge request)
• test: Ensure user is project member in create package service tests by @gerardo-navarro (merge request)
• Remove update_personal_access_token_usage_information_every_10_minutes (merge request)
• Use separate del calls in indexing control clean-up step (merge request) GitLab Enterprise Edition
• Remove use_traversal_ids_for_self_and_hierarchy feature flags (merge request)
• Prepare index for converting events.target_id to bigint (merge request)
• Remove log_response_length feature flag (merge request)
• Remove db events feature flags (merge request)
• Remove filter_vulnerability_findings_dismissed_on_default feature flag (merge request) GitLab Enterprise Edition
• Remove enable_vulnerability_remediations_from_records feature flag (merge request) GitLab Enterprise Edition
• Remove linear_group_descendants_finder_upto feature flag (merge request)
• Unify true-false validation specs by @anaschwendler (merge request)
• Add pipeline name to notification emails by @missy-davies (merge request)
• Remove auditor_billing_page_access feature flag (merge request) GitLab Enterprise Edition
• Update email notification for enterprise users (merge request)
• Clean up ci_jwt_v2_ref_uri_claim FF (merge request)
• Add option to expand file ref in ExpandVariables (merge request)
• Backfill name column for audit event tables (merge request)
• Finish BigInt column swap for self-hosted (merge request)
• Replace foreign keys to use the partitioned table - 5 (merge request)
• Remove issues_full_text_search feature flag (merge request)
• Add and backfill TTL for project pipeline status keys (merge request)
• Remove feature flag maintain_group_wiki_index (merge request) GitLab Enterprise Edition
• Add health status sorting indexes for issues table (merge request)
• Upgrade Rails to 7.0.5
• Validate not null constraint on user type
• Fix spec violation for sidebar health status widget spec (merge request) GitLab Enterprise Edition
• Drop unused columns in sent_notifications (merge request)
• Upgrade Rails to 7.0.5 (merge request)
• Add organization_users table (merge request)
• Remove create_runner_workflow_for_* feature flags (merge request)
• Send the schema_version-commits flag to gitlab-elasticsearch-indexer (merge request) GitLab Enterprise Edition
• Remove parenthesis plurals (merge request) GitLab Enterprise Edition
• Remove the code related to FF simplify_logic_to_find_search_proxy_class (merge request) GitLab Enterprise Edition
• Remove the feature_flag use_base_class_in_proxy_util (merge request) GitLab Enterprise Edition
• Remove feature flag "find_changed_paths_new_format" (merge request)
• Replace foreign keys to use the partitioned table - V4 (merge request)
• Remove temporary container_repositories indexes (merge request)
• Updating dropping table documentation instructions (merge request)
• Validate not null constraint on user type (merge request)
• Finalize conversion for FKs targeting p_ci_builds (merge request)
• Docs for google cloud logging streaming (merge request)
• Remove deleting_account_disabled_for_users FF (merge request) GitLab Enterprise Edition
• Cleanup scan_result_policy_latest_completed_pipeline feature flag (merge request) GitLab Enterprise Edition
• Remove custom_roles_vulnerability feature flag (merge request) GitLab Enterprise Edition
• Upgrade gettext_i18n_rails gem to 1.11.0 (merge request)
• Accept period_time as string on DORA executor (merge request) GitLab Enterprise Edition
• Add schema_version in the commits index mapping (merge request) GitLab Enterprise Edition
• Allow to set labels for Redis calls (merge request)

16.1.5 (2023-08-31)

Fixed (1 change)

• Geo: Resync direct upload object stored artifacts GitLab Enterprise Edition

Security (11 changes)

• Add authorization checks to import status endpoint (merge request)
• Update commonmarker to 0.23.10 (merge request)
• Remove DAST secret variables when URL is updated (merge request)
• Maintainer can leak sentry token by changing the configured URL (merge request)
• Service account users are external by default (merge request)
• Additional permission check when editing label (merge request)
• Fix ReDOS in bulk_imports endpoint params (merge request)
• Prevent namespace level banned users from accessing API (merge request)
• Check prohibit_outer_forks in fork relationship api (merge request)
• Prevent traversal for path parameter in refs/switch endpoint (merge request)
• Gitaly keyset pager when pagination none only with tree view (merge request)

16.1.4 (2023-08-03)

No changes.

16.1.3 (2023-08-01)

Added (1 change)

• Add MR reviewers to BitBucketServer import 16-1

Fixed (2 changes)

• Disable IAT verification by default
• Fix FOUC when new sidebar enabled

Security (14 changes)

• Prevent leaking emails of newly created users (merge request)
• Added redirect to filtered params (merge request)
• Relocate PlantUML config and disable SVG support (merge request)
• Sanitize multiple hardlinks from import archives (merge request)
• Validates project path availability (merge request)
• Fix policy project assign (merge request)
• Fix bug where comments on files with incorrect sha breaks UI (merge request)
• Fix pipeline schedule authorization for protected branch/tag (merge request)
• Mitigate autolink filter ReDOS (merge request)
• Fix XSS vector in Web IDE (merge request)
• Mitigate project reference filter ReDOS (merge request)
• Add a stricter regex for the Harbor search param (merge request)
• Update pipeline user to the last policy MR author (merge request)
• Prohibit 40 character hex plus a hyphen if branch name is path (merge request)

16.1.2 (2023-07-04)

Fixed (4 changes)

• Set a min-height for wiki list items
• Fix GitHub Importer
• Fix Bitbucket Cloud Importer
• Fix CSP is set in Environment page incorrectly

Security (1 change)

• Add authorization to the subscriptions group controller (merge request)

16.1.1 (2023-06-28)

Security (12 changes)

• Revert 'security-leaked-ci-job-token-permission-16-1' from '16-1' (merge request)
• Use fully qualified ref when loading code owner file (merge request)
• Maintainer can leak masked webhook secrets by manipulating URL masking (merge request)
• Remove approvals when the only commit gets amended (merge request)
• Add authorization validation to GithubController#failures action (merge request)
• Fix for fork permissions check in compare controller (merge request)
• Webhook token leaked in Sidekiq logs if log format is 'default' (merge request)
• Mitigate epic reference filter ReDOS (merge request)
• Increasing security for CI_JOB_TOKEN on public and internal projects (merge request)
• Adjust access to value stream create, edit and destroy actions (merge request)
• Sanitize user email addresses in admin confirm user dialog (merge request)
• Obfuscate email of service desk issue creator in issue REST API (merge request)

16.1.0 (2023-06-21)

Added (224 changes)

• Initiate the process of group wiki indexing (merge request) GitLab Enterprise Edition
• Add copy reference and email address actions in work items (merge request) GitLab Enterprise Edition
• Implement group-level dependency list export API (merge request) GitLab Enterprise Edition
• Add runner status column (merge request)
• Add a guideline to configure dnsmasq for Pages (merge request)
• Add GeoJSON support for viewing files (merge request)
• Introduce find_changed_paths with merge_commit_diff_mode (merge request)
• Added new component + imoplemented @anna_vovchenko notes (merge request)
• Added not_aimed_for_deletion filter for namespace-project (merge request)
• Adding monthly metric for ci builds (28d) (merge request)
• Show fixed list of audit events in listbox (merge request) GitLab Enterprise Edition
• Add object_attributes.name to pipeline_hooks (merge request)
• Add Add-on purchase API services (merge request) GitLab Enterprise Edition
• Add limit_changes to PlanLimits (merge request)
• Update audit event streams with collapsible UI (merge request) GitLab Enterprise Edition
• Allow PAT creation for instance service accounts (merge request) GitLab Enterprise Edition
• Add popular user fields to GraphQL (merge request)
• User role badges for work item notes (merge request)
• Fix overflow margin on productivity analytics filter bar (merge request) GitLab Enterprise Edition
• Add ci_job_annotations table by @KyleFromKitware (merge request)
• Add API endpoint to get single SAML/SCIM identity (merge request) GitLab Enterprise Edition
• Add state data suport for the new component (merge request)
• Add Add-on purchase API services (merge request) GitLab Enterprise Edition
• Added service and mutation to set user namespace commit email by @zillemarco (merge request)
• Add branch_type validations (merge request) GitLab Enterprise Edition
• Implement package pipelines endpoint (merge request)
• Add upgrade status to runner managers (merge request) GitLab Enterprise Edition
• Add monthly metrics definition for unlink quick action (merge request)
• Track GitLab realm in Code Suggest access token (merge request)
• Add information to runner manager details (merge request)
• Allow to delete UserAchievements by @Taucher2003 (merge request)
• Restore index for contribution analytics (merge request)
• Add API to mark migrations as successful (merge request)
• Seed default organization in development and production databases (merge request)
• Implement rudimentary check to prevent sending secrets to the AI (merge request) GitLab Enterprise Edition
• Add promote_to quick action for work items (merge request)
• Clean up ci_vueify_inherited_group_variables feature flag (merge request)
• Default enable comment_on_files flag (merge request)
• Add vacuum type to vaccum activity view (merge request)
• Add third party alert (merge request) GitLab Enterprise Edition
• Add Telegram notification integrations (merge request)
• Allow users to access agent through user_access keyword (merge request)
• Cron job to delete unconfirmed users after N days (merge request)
• Re-run background migration for PersonalAccessToken#expires_at (merge request)
• Support dotnet nuget api-key option (merge request)
• Add ExplainTool to GitLab Chat & add authorization check (merge request) GitLab Enterprise Edition
• Update Vulnerability::Reads#dismissal_reason if it exists (merge request) GitLab Enterprise Edition
• Add unlink quick actions for issues (merge request)
• Add migration to delete duplicate npm packages (merge request)
• Add pipeline url to webhook payload by @sbansal1999 (merge request)
• Add project_compliance_standards_adherence table (merge request)
• Refactor: user profile page to Vue (merge request)
• Add tracking for bundled JetBrains plugin (merge request)
• Add note contributor and access level (merge request)
• Patch Rails.cache for Redis Cluster compatibility (merge request)
• Add ExplainCode LLM Agent Tool (merge request) GitLab Enterprise Edition
• Add basic default system prompt to LLM Agent (merge request) GitLab Enterprise Edition
• Enable anti-spam for notes (merge request)
• Show detected licenses with their names (merge request) GitLab Enterprise Edition
• Add BigInt dependencyProxyTotalSizeBytes field (merge request)
• Add top border style and size to display label colour in board header (merge request) GitLab Enterprise Edition
• Add permission checks for tools (merge request)
• Track unique users viewing an analytics dashboard (merge request) GitLab Enterprise Edition
• Add workItemUpdated GraphQL subscription (merge request)
• Add omniauthv2-shibboleth provider documentation by @lukaskoenen (merge request)
• Improve table editing in content editor (merge request)
• Expose the prepared_at attribute ot the api (merge request)
• Replace foreign keys to use the partitioned table (merge request)
• Adds authorize endpoint for pacakges/ml_models (merge request)
• Add docs for configuring encrypted SSL keys for Puma (merge request)
• Add delete note action visibility rspec (merge request)
• Add standards adherence tab to compliance report (merge request) GitLab Enterprise Edition
• Support multiple license keys in development or test (merge request)
• Add database structure for add-ons (merge request)
• Google cloud logging streaming strategy (merge request) GitLab Enterprise Edition
• Refactor activate service (merge request) GitLab Enterprise Edition
• Author role badge in work item notes (merge request)
• Defers sidekiq jobs if database health check signals to stop (merge request)
• Add doc for docker thread issue on old OS (merge request)
• Adds migration and backfill migration (merge request) GitLab Enterprise Edition
• Create routing table for ci_builds (merge request)
• Audit events for google cloud logging configurations (merge request) GitLab Enterprise Edition
• Add enterprise columns to users (merge request)
• Add new jsonb column to store settings for default branch protection (merge request)
• Add local_reference (Merge Request ID) to commit template by @zadkiel (merge request)
• Store arkose scores in trust score table (merge request) GitLab Enterprise Edition
• Add routes, controller and view to (merge request) GitLab Enterprise Edition
• Add security bot comment for policy violations in MRs (merge request) GitLab Enterprise Edition
• Add admin_vulnerability to custom roles (merge request) GitLab Enterprise Edition
• Add new columns to scan_result_policies table (merge request)
• Add snippet url to webhook payload by @sbansal1999 (merge request)
• Log event name when yaml definition doesnt exist (merge request)
• Add FIPS mode support to DAST CI template (merge request) GitLab Enterprise Edition
• Ability to add description in uploaded design (merge request)
• Show health badge on Environments index page (merge request)
• Add findingReportsComparer field to MR GraphQL type (merge request) GitLab Enterprise Edition
• Add a GraphQL type for the audit event definitions (merge request)
• Support touch_last_downloaded_at in Packages::Npm::MetadataCache (merge request) GitLab Enterprise Edition
• Add table for the dependency proxy packages settings (merge request)
• Remove ai_redis_cache flag (merge request) GitLab Enterprise Edition
• Enable deleting_account_disabled_for_users by default (merge request)
• Add validation on organizations.path (merge request)
• Add background migration to backfill root storage statistics fork sizes (merge request)
• Audit event for merge request merged deletion started (merge request) GitLab Enterprise Edition
• Adds frontend toggle for Model experiments (merge request)
• Geo: Add verification for design repositories (merge request) GitLab Enterprise Edition
• Adds visualizations to ProjectType (merge request) GitLab Enterprise Edition
• Add upgrade status to RunnerManager in GraphQL (merge request) GitLab Enterprise Edition
• feat: New REST endpoint for project access list of ci job token by @gerardo-navarro (merge request)
• Add MR throughput to value streams dashboard (merge request) GitLab Enterprise Edition
• Add Group Service Accounts API (merge request) GitLab Enterprise Edition
• Show the dismissal reason in finding modal (merge request) GitLab Enterprise Edition
• Add Settings to delete unconfirmed users (merge request)
• Adding table for instance streaming headers (merge request)
• Support creating one project token on trial (merge request) GitLab Enterprise Edition
• Add worker to trigger CreateMetadataCacheService (merge request)
• Fail product analytics initialization after 2 sidekiq failures (merge request) GitLab Enterprise Edition
• Get associated agent info on environment page (merge request)
• Add audit events for issue creation by project access tokens (merge request) GitLab Enterprise Edition
• Add Nuget package description to information returned with a package (merge request)
• Add unique index on merge_request_diff_llm_summaries (merge request)
• Adds policy for read_model_experiments (merge request)
• Adds model for model_experiments_access_level (merge request)
• Add delete option to selected approvers (merge request) GitLab Enterprise Edition
• Adds services to handle MlModel package creation (merge request)
• Remove :admin_mode_for_api FF by @TrueKalix (merge request)
• Cells: Store databases and gitlab schema configuration in YAML (merge request)
• Allow variables in cache:policy field by @renehernandez (merge request)
• Implement diffLlmSummaries property for MergeRequestType (merge request) GitLab Enterprise Edition
• Add artifacts bulk delete (merge request)
• Expose DORA scores via GraphQL (merge request) GitLab Enterprise Edition
• Expand runner details with system id and contact (merge request)
• Cleanup human user type logic (merge request)
• Add links to vulnerability bulk status updates error message (merge request) GitLab Enterprise Edition
• Add service_desk_enabled to service_desk_settings (merge request)
• Add migration for new column on app settings (merge request)
• Cleanup artefacts from notes.id bigint migration (merge request)
• Adds new MlModel package type (merge request)
• Deterministic ordering of value streams (merge request)
• Update mutation for google cloud logging configuration (merge request) GitLab Enterprise Edition
• Add option to allow developer push if there are no branches (merge request)
• Document Flux Receiver integration from agentk (merge request)
• Remove openai_moderation feature flag (merge request) GitLab Enterprise Edition
• Removes circuit_breaker FF (merge request)
• Add DesignManagementRegistry to registrable_type.rb (merge request) GitLab Enterprise Edition
• Add dismissal_reason:smallint to vulnerability_reads (merge request)
• Add a counter metric when job is deferred (merge request)
• Add award emoji to GraphQL note type (merge request)
• Add subtitles on storage usage quotas (merge request) GitLab Enterprise Edition
• Ensure the backfilling of prepared_at is completed (merge request)
• Add internal note feature to work items (merge request)
• Add REST endpoint to delete project from job token scope allowlist (merge request)
• Support Cluster Agent ID in Environment Create mutation (merge request)
• Add initial SummarizeReviewService and docs update (merge request) GitLab Enterprise Edition
• Implements sort for a CI Catalog Resource (merge request)
• Logs additional data for Jira integration (merge request) GitLab Enterprise Edition
• Support ClickUp as an issue tracker by @daniel.vijge (merge request)
• Add API to create JWT tokens for code suggestions (merge request) GitLab Enterprise Edition
• Finalize user type migration (merge request)
• Support updating plan limit enforcement_limit (merge request) GitLab Enterprise Edition
• Add runner managers count to runner details (merge request)
• Add API support for plan limit notification limits (merge request) GitLab Enterprise Edition
• Add audit events for activities performed by a project access token (merge request) GitLab Enterprise Edition
• Destroy mutation for google cloud logging configuration (merge request) GitLab Enterprise Edition
• Add in-memory TimeToMerge virtual VSA stage (merge request) GitLab Enterprise Edition
• Allow expanding and collapsing references (merge request)
• Add ability to read_vulnerability to custom roles (merge request) GitLab Enterprise Edition
• Persist gists import failures (merge request)
• Added aggregation lease column in application settings (merge request)
• Allow 'wiki' to be set as default project view by @jsbittner (merge request)
• New REST endpoint for allowlist of CI_JOB_TOKEN access settings by @gerardo-navarro (merge request)
• Allow escaping code block (merge request)
• Set up no-op VSD aggregation job (merge request)
• Support Cluster Agent ID in Environment Update mutation (merge request)
• Expose createNote permission in work items (merge request)
• Enables "terms-as-tokens" prop on filter bar in Plan Analytics pages (merge request)
• Asynchronously recreate Tanuki Bot records (merge request) GitLab Enterprise Edition
• Add "locked" field to create runner form (merge request)
• Add backend support to filter issues by label (merge request) GitLab Enterprise Edition
• Store telesign risk score in trust score table (merge request) GitLab Enterprise Edition
• Add placeholder for issue url in service desk email (merge request)
• Google cloud logging configuration create api (merge request) GitLab Enterprise Edition
• Expose cluster agent of the environment (merge request)
• Silent Mode: Block many outbound HTTP requests (merge request)
• Add snowplow configuration URL to project settings (merge request)
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add cancel button when editing broadcast message (merge request)
• Implement npm group level endpoints: CRUD tags and security audit (merge request)
• Fix bug where diff note will sometimes not create for whitespace (merge request)
• Show shared agents in deployment projects (merge request)
• Add personal namespace code suggestions settings (merge request) GitLab Enterprise Edition
• Add vertrex project id to the DB (merge request)
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Introduce Delete environment mutation (merge request)
• Add user preference for Project Overview buttons (merge request)
• Add DAST audit events schema definitions (merge request) GitLab Enterprise Edition
• feat: New REST api endpoint to patch CI_JOB_TOKEN access settings by @gerardo-navarro (merge request)
• Add finalization migration for emails_enabled by @joe-snyder (merge request)
• Add API for deployment frequency forecasting (merge request) GitLab Enterprise Edition
• Add group_id column to dependency_list_exports table (merge request)
• Default enable domain_verification_operation feature flag (merge request) GitLab Enterprise Edition
• Adds CI information to candidate detail (merge request)
• Defer Sidekiq jobs from server middleware and FF (merge request)
• Add Search Migrations Admin API (merge request) GitLab Enterprise Edition
• View description diff in system notes (merge request)
• Remove mock from setWorkItemMetadata for assign/unassign to user (merge request)
• Associate organization with namespaces (merge request)
• Improve accessibility of creating tables (merge request)
• Add new feature flag type called worker (merge request)
• Save filter with "show pipeline ID" (merge request)
• Add exclude_metrics to Value Stream Dashboard YAML config (merge request) GitLab Enterprise Edition
• Calculate and store storage sizes of forks in root storage statistics (merge request)
• Add support for custom mappings on prometheus integrations (merge request)
• Implement package metadata endpoint on the group level (merge request)
• Environment Update GraphQL Mutation (merge request)
• Enable work items type quick action (merge request)
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• [Audit Events] Synchronous database index addition (merge request) GitLab Enterprise Edition
• Support password reset from any verified email (merge request)
• Add HLL counter for users that create a dashboard (merge request) GitLab Enterprise Edition
• Add support for /.well-known/change-password URL (merge request)

Fixed (205 changes)

• Do not diff paths changed in merge commits (merge request) GitLab Enterprise Edition
• Change work item add note permission to createNote (merge request)
• Prevent creating custom stage in VSA with same name as default stage (merge request) GitLab Enterprise Edition
• Add repository size limit check during import (merge request) GitLab Enterprise Edition
• Display all VSA errors on UI upon value stream form validation (merge request) GitLab Enterprise Edition
• Include and process visibility_level (merge request)
• Fix some vulnerability report filter placeholders (merge request) GitLab Enterprise Edition
• Support groups_claim for SAML with multiple providers (merge request)
• Fix: Centered the position of the badge by @imrishabh18 (merge request)
• Fix VSD drilldown links with a custom relative_url_root (merge request) GitLab Enterprise Edition
• Fix OIDC account linking from profile (merge request) GitLab Enterprise Edition
• Fix roadmap filtering for nested epics (merge request) GitLab Enterprise Edition
• Fix scroll top position for anchor links with new navigation (merge request)
• Revert change to cache and image into default (merge request)
• Use a run_after_commit to enqueue Geo::VerificationWorker (merge request) GitLab Enterprise Edition
• Update checkpoint data_type (merge request)
• Mark bulk cron workers as idempotent (merge request) GitLab Enterprise Edition
• Repair blob index for projects with mismatched index_status (merge request) GitLab Enterprise Edition
• Fix resize handle glitch in markdown editor (merge request)
• Draft note timeline border fix (merge request)
• Fix "empty" approval rules when user_ids or group_ids provided (merge request) GitLab Enterprise Edition
• Exclude authors from valid metadata check when uploading symbol package (merge request)
• Fix space is added before quick action issue (merge request)
• Fix bottom border radius of comment form (merge request)
• Move compliance metrics to govern stage (merge request) GitLab Enterprise Edition
• Fix group creation validation error on trials (merge request) GitLab Enterprise Edition
• Do not run bulk cron indexer when cluster is unhealthy (merge request) GitLab Enterprise Edition
• Add SAML message if branches are unauthorized (merge request) GitLab Enterprise Edition
• Productivity Analytics: Remove extra space in search bar by @tejaskarelia17 (merge request)
• Fix size of collapsible section buttons in navigation sidebar (merge request)
• Fix autocomplete members of group via group share in projects (merge request)
• Fix flaky work item notes actions test (merge request)
• Allow user to add empty CI variable in the UI (merge request)
• Ensure project path is trimmed upon project creation (merge request)
• Fix validation in UI when updating notes (merge request)
• Fix roadmap filters for subepics (merge request) GitLab Enterprise Edition
• Remove duplicate package names before insert (merge request)
• Include update quick action errors in note creation (merge request)
• Fix approval rules for a project with no protected branches (merge request)
• Geo: don't create state records when not on Geo (merge request)
• Hide runner cost factor fields for runners (merge request) GitLab Enterprise Edition
• New Sidebar: Fix early ellipsis cut-off (merge request)
• Fix rendering of imported file comments (merge request)
• Upgrade prometheus-client-mmap to v0.24.4 (merge request)
• Downgrade gprc gem from v1.55.0 to v1.42.0 (merge request)
• Fix cherry picks for forks (merge request)
• Fix typo in project variable (merge request) GitLab Enterprise Edition
• Handle GRPC::Core::CallError exception (merge request) GitLab Enterprise Edition
• Add custom nuget version sorter (merge request)
• Updated the spec file by @imrishabh18 (merge request)
• Fix flaky usage_data_spec.rb test failure (merge request)
• Make sure escaped nodes work well with HTML (merge request)
• Ignore selection if not in a table cell (merge request)
• Fix docs link (merge request)
• Prevent GitHub Import to progress worker when import fails (merge request)
• Fix styling of checklists in content editor (merge request)
• Fix navigation scrolling unresolvable discussion (merge request)
• Refactor how HEAD ref is checked for indexing blobs (merge request) GitLab Enterprise Edition
• Fix stuck VSA consistency worker (merge request) GitLab Enterprise Edition
• Fix issues with pasting html in content editor (merge request)
• Fix scoped roadmap loading error and layout (merge request) GitLab Enterprise Edition
• Fix issue with pipes in tables (merge request)
• Trim whitespace on invite member lookups (merge request)
• Fix wrong argument error (merge request) GitLab Enterprise Edition
• Fix broadcast messages expiring cache (merge request)
• Fix placeholder note visibilty after note posted with quick action (merge request)
• Use awardEmojiToggle mutation instead of workItemUpdate (merge request) GitLab Enterprise Edition
• Fix incoming emails body encoding (merge request)
• Fix polling of notes for Epics (merge request) GitLab Enterprise Edition
• Fix explore topic path to render non ASCII characters (merge request)
• Fix 500 error for URI with invalid encoding (merge request)
• Fix typo in CodeSuggestionsAlert by @bbodenmiller (merge request) GitLab Enterprise Edition
• Fix image diff discussions in merge requests (merge request)
• Fix documentation link for policy violation bot comment (merge request) GitLab Enterprise Edition
• Fixed promote label dialog title styles by @catinbag (merge request)
• Extend internal note color behind editor on replies (merge request)
• Fixed internal server error when sorting timelogs by @zillemarco (merge request)
• Fix work item note dark mode UI bugs (merge request)
• Fix filtering board by Started milestone (merge request)
• Fix: user profile time localization issue (merge request)
• Fix LDAP tls_options not working (merge request)
• Fix Haskell syntax highlighting (merge request)
• Allow customers to change payment method (merge request) GitLab Enterprise Edition
• This MR fixes deletion of severity filter (merge request) GitLab Enterprise Edition
• Fix approval group lookup within user namespaces (merge request) GitLab Enterprise Edition
• Display errors in UI correctly with creating notes (merge request)
• Check partial image names when validating default branch image (merge request) GitLab Enterprise Edition
• Fix clusterAgentId not being passed with query (merge request) GitLab Enterprise Edition
• Introduce sidekiq job delay for sync scan finding approval rules (merge request) GitLab Enterprise Edition
• Remove unnecessary unscoped style (merge request)
• Resolve duplicate merge req iids during GitHubImport (merge request)
• Fix SSO subsriptions from falling out of the onboarding and checkout (merge request) GitLab Enterprise Edition
• Fix Spring not working with macOS (merge request)
• Fix consistency VSA check worker (merge request) GitLab Enterprise Edition
• Fix avatar lookups by commit email on network graph (merge request)
• Fix keyboard shortcuts for OKRs (merge request)
• Prevent admins from blocking/banning/deleting themselves in abuse report (merge request)
• Fix memory leak in CI config includes entry (merge request)
• Align clear icon in tree list search (merge request)
• Fix alignment of chevron icon (merge request)
• Fix positioning of MR sidebar at bottom of page (merge request)
• Fix LDAP custom attribute support (merge request)
• Declare the markdown API endpoint a readonly operation by @atomic-committen (merge request)
• Remove ineffective cache call (merge request)
• Revert ReleasesResolver and add VersionsResolver (merge request)
• Set KasCookie only when the environment page is loaded (merge request)
• Fix serialization of pull_requests in Bitbucket Server Import (merge request)
• Add worker to sync scan result policies for a given project (merge request) GitLab Enterprise Edition
• Fixed a small layout issue in the project settings page by @zillemarco (merge request)
• Fix invite members trigger initialization (merge request) GitLab Enterprise Edition
• Fix: mr description edited tooltip locale (merge request)
• Persist name when toggling VSA create templates (merge request) GitLab Enterprise Edition
• Fix for old navigation no term issue (merge request)
• Cast artifact sizes to numbers before adding them (merge request)
• Fix background migration progress report on multi-db (merge request)
• This MR fix layout shift (merge request) GitLab Enterprise Edition
• Load whats new tab when no items present (merge request)
• Add space between signature and tags (merge request)
• Delete Project and related data in ES if use_elasticsearch? is false (merge request) GitLab Enterprise Edition
• GitLab Admins should bypass Group SSO enforcement (merge request) GitLab Enterprise Edition
• Add validation for length of push rules regex fields (merge request)
• Fixed typo on Container registry Azure Object Storage by @zillemarco (merge request)
• Fix NoMethoError on importing notes from Github (merge request)
• Add pagination to protected environments (merge request) GitLab Enterprise Edition
• Work around macOS forking issues with grpc gem update (merge request)
• Show epic and issue dropdown when logged out (merge request)
• Handle invalid MIME in HotlinkingDetector (merge request)
• Do not requeue the indexing worker if failures occur (merge request) GitLab Enterprise Edition
• Autofocus input in gitlab chat (merge request)
• Fix is_blocked_by for epic links (merge request) GitLab Enterprise Edition
• Add DRAWER_Z_INDEX to CRM editor drawer (merge request)
• Null error on VulnerabilityStateTransitionType.author (merge request) GitLab Enterprise Edition
• Fix: issuable list item time locale issue (merge request)
• Show Not Found page if admin/group integration does not exist (merge request)
• Fix alignment of issue fields on small screens (merge request)
• Fix 500 error for domain verification (merge request) GitLab Enterprise Edition
• Fix MR approval rules sync when disabling scan result policy (merge request) GitLab Enterprise Edition
• Fix border radius in send message button (merge request)
• Fix caching issue on vulnerability report (merge request) GitLab Enterprise Edition
• Add check for project visibility (merge request)
• GitLab Chat: fix overflow (merge request)
• Add Metrics Dashboard menu (merge request)
• Fixes JiraIssueKey extractor regex format bug (merge request)
• Add space between project runner buttons (merge request)
• Fix: MR widget timeago locale issue (merge request)
• Fix GraphQL error for VulnerabilityType (merge request) GitLab Enterprise Edition
• Files preview: Fix double border at the top (merge request)
• Fix error creating import for unresolvable host (merge request)
• Fix Sidekiq crash when gitlab.yml contains UTF-8 characters (merge request)
• Fix feedback link in GitLab chat (merge request)
• Cleanup packages_delete_orphaned_dependencies_worker FF (merge request)
• Fix FileTree component height (merge request)
• Update Users API (merge request)
• Gracefully handle TooManyIps exception (merge request)
• Add default standard code for Jira exceptions (merge request)
• Added state transition (merge request) GitLab Enterprise Edition
• Update drawers to use .content-wrapper for height offset (merge request)
• Fix URL anchor (merge request)
• Disable browse button when job has no metadata.gz (merge request)
• Proper handle null values returned from BitBucket Cloud API (merge request)
• Handle exception for binary files blame (merge request)
• Add a validation for branch name on push (merge request)
• Add a migration to reindex all project wikis to fix wrong values (merge request) GitLab Enterprise Edition
• Fix keyboard accessibility in content editor (merge request)
• Fixes the regex issue (merge request)
• Fix commits list date format (merge request)
• Enable task list in milestone description by @gerardo-navarro (merge request)
• Include members shared into project ancestors in MR assignee dropdown (merge request)
• Fix participants detection for system notes (merge request)
• Removes additional details from audit event message (merge request) GitLab Enterprise Edition
• Fix the greedy regex (merge request)
• Fix Value steam analytics label search for large groups (merge request)
• Removing release link from error tracking details info (merge request)
• Fix OKR progress tooltip typo (merge request)
• Fixed project label in leave modal (merge request)
• Fix domain edit page when auto_ssl failed (merge request) GitLab Enterprise Edition
• Include members shared into project ancestors in issue assignee dropdown (merge request)
• Update top spacing for layout page and content wrapper (merge request)
• Handle relative timestamps on blame streaming (merge request)
• Load merge request via merge request links (merge request) GitLab Enterprise Edition
• Queue projects for indexing when missing from the index (merge request) GitLab Enterprise Edition
• Support adding emoji for multiple users (merge request) GitLab Enterprise Edition
• Fix SSO onboarding completion failure (merge request) GitLab Enterprise Edition
• Fix the wi description alignment when the FF is off (merge request)
• Sync Elastic documents if repo/wiki permission gets changed in Project (merge request) GitLab Enterprise Edition
• Use fixed custom hook fallback error message (merge request)
• Fix GroupActivityCard relative metric links (merge request) GitLab Enterprise Edition
• Updated line color for linear regression forecast (merge request) GitLab Enterprise Edition
• Add missing encoding for tag related fields (merge request)
• Update approvals_service to filter dismissed vulnerabilities (merge request) GitLab Enterprise Edition
• Makes roadmap current day indicator & timeline locale aware (merge request) GitLab Enterprise Edition
• List projects pending delete from subgroups (merge request)
• Delete issue email participant entry when someone unsubs (merge request)
• Fix issue link in work item breadcrumb (merge request)
• Fix the work item focus description border (merge request)
• Show policy edit button only when access is available (merge request) GitLab Enterprise Edition
• Fix permission for security policies target development projects (merge request) GitLab Enterprise Edition
• Update TeleSignClient services to handle timeout errors (merge request) GitLab Enterprise Edition
• Use the hidden field to hide the merge_requests created by banned users (merge request) GitLab Enterprise Edition
• Fix snippets_access_level usage in Project Create Service by @Taucher2003 (merge request)
• Fix alignment of user profile info in Safari (merge request)
• New MR widget: Fix border-top (merge request)
• Fix width checkbox column in vulnerability report (merge request) GitLab Enterprise Edition
• Adding JobKind: BUILD to failed jobs query (merge request)
• Enable members_with_shared_group_access feature flag by default (merge request)

Changed (307 changes)

• Migrate GlDropdown to GlCollapsibleListbox by @ShaneMaglangit (merge request)
• Improve stacked achievements (merge request)
• Support variables expansion in id_tokens:aud by @thomasgl-orange (merge request)
• Swap primary key with bigint column for ci_pipeline_variables (merge request)
• Add streaming content type header info to docs (merge request) GitLab Enterprise Edition
• Add disabled text to multi file snippet add button by @catinbag (merge request)
• Add prefix to feed and incoming mail tokens (merge request)
• Updates BBM docs (merge request)
• Add feature flag for global snippet search (merge request)
• Update delete confirmation modal for runner groups (merge request)
• Add highlight color to reply form if comment is highlighted (merge request)
• Update Redis documentation to include Sentinel auth (merge request)
• Add branch_type support to scan result policies (merge request) GitLab Enterprise Edition
• Fix VSD failure on first day of month (merge request) GitLab Enterprise Edition
• This MR adds timezone dropdown for sep (merge request) GitLab Enterprise Edition
• Add Uknown license to Scan Result Policies (merge request) GitLab Enterprise Edition
• Hide tooltip on view summary button on mouseout (merge request)
• Updated status icons for project runners by @catinbag (merge request)
• Migrate GlDropdown to GlCollapsibleListbox by @ShaneMaglangit (merge request)
• Update status for when there (merge request) GitLab Enterprise Edition
• Hide toggle comments button on MR creation view (merge request)
• Correct background in input fields in login pages (merge request)
• Release Security Reports V2 (merge request)
• Show writable forks in WebIDE modal (merge request)
• Add tanuki-ai icon to dropdown items and buttons (merge request)
• Design comments visual update (merge request)
• Check for root namespace before creating add-on purchase (merge request) GitLab Enterprise Edition
• Used namespaced tranlsations in shared/access_tokens by @catinbag (merge request)
• Add a feature flag to disable at all mention (merge request)
• Check spam only for merge requests from public projects (merge request)
• Add timezone support for scan execution policies (merge request) GitLab Enterprise Edition
• Add snowplow tracking to SSO registration (merge request)
• Replaced hardcoded sizes on the Blame page by @catinbag (merge request)
• Add a preparing state before any other MR states (merge request)
• Update the issue identifier logic (merge request)
• Add 24h timeline graph to error tracking UI (merge request)
• Remove aggregation from HLL counter (merge request)
• Migrate merge request actions to Vue (merge request)
• Make migrations skipped in production a no-op (merge request)
• Remove rejecting additional attributes in security policies YAML (merge request) GitLab Enterprise Edition
• Replace keep artifacts checkbox with toggle (merge request)
• Move default into framework name (merge request) GitLab Enterprise Edition
• Create the down method (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.24.5 (merge request)
• Remove combined namespace read only git message (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.34.0 (merge request)
• Enable new navigation per default for logged-in users (merge request)
• LFS: Make batch requests to return presigned URLs by default (merge request)
• Use GitLab Mono over JetBrains Mono (merge request)
• Update Purchased Storage Card on Usage Quotas page (merge request)
• Migrate WebIDELink to GlDisclosureDropdown (merge request)
• Reduce height of images in design management section (merge request)
• Add dependency list into security and compliance (merge request) GitLab Enterprise Edition
• Clicking on the label focus on password field (merge request)
• Migrate dropdown to new dropdown component by @ShaneMaglangit (merge request)
• Switch to GraphQL in Environment setting page (merge request)
• Delete index_unique_project_authorizations_on_project_id_user_id index (merge request)
• Delete index_members_on_source_id_and_source_type index (merge request)
• Migrate issues dropdowns to gl-disclosure-dropdown by @ShaneMaglangit (merge request)
• Migrate dropdown to new dropdown component by @ShaneMaglangit (merge request)
• Update typo in markdown doc link parser (merge request)
• Use reply icon for comments (merge request)
• This MR updates select all button (merge request) GitLab Enterprise Edition
• Add SCIM identities to User API response (merge request) GitLab Enterprise Edition
• Remove feature flag search_rate_limited_scopes (merge request)
• Update Search/NamespacedClass cop (merge request) GitLab Enterprise Edition
• Downgrade ffi-yajl gem from v2.5.0 to v2.3.4 (merge request)
• style: Adjust the width of status column in admin jobs table by @gerardo-navarro (merge request)
• Add UI control to switch between Zoekt and Elasticsearch (merge request)
• Remove realtime_approvals feature flag (merge request)
• Updates storage enforcement banners to use MiB labels (merge request)
• Used gitlab-ui classes in Feature flag form by @catinbag (merge request)
• Apply without_count: true to the group/{id}/audit_events API (merge request) GitLab Enterprise Edition
• Add custom language highlighting (merge request)
• Migrate GlDropdown to GlCollapsibleListbox by @ShaneMaglangit (merge request)
• Disable Prometheus metrics in GraphQL generic tracer (merge request)
• Migrate user_action_dropdown.vue to GlDisclosureDropdown by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Update "New Group Name" to "New group name" on trial form (merge request) GitLab Enterprise Edition
• Allow writing text in angle brackets (merge request)
• Migrate generic checkbox to Pajamas component by @ShaneMaglangit (merge request) GitLab Enterprise Edition
• Used gitlab-ui classes for time-ago in pipelines list by @catinbag (merge request)
• Enable invalid_scan_result_policy_prevents_merge by default (merge request) GitLab Enterprise Edition
• Update copy around linking of groups (merge request)
• Add fk to schema validations (merge request)
• Add VulnerabilityDetails::NamedListType to GraphQL (merge request) GitLab Enterprise Edition
• Update language from MWPS to auto-merge (merge request)
• Normalization of vertical and horizontal space (merge request)
• Update variables table layout (merge request)
• Remove adding compliance frameworks for personal (merge request) GitLab Enterprise Edition
• Set default project scope based on user permissions (merge request)
• Update streaming audit event page styles (merge request) GitLab Enterprise Edition
• Remove Feature Flag for Deployments API breaking change (merge request)
• Add PAT Prefix Pattern (merge request)
• Allow the MR Widget to redeploy (merge request)
• Re-organize BBM docs (merge request)
• Refactored paginated_table_with_search_and_tabs_spec.js by @catinbag (merge request)
• Geo Replicables - SSF Resync Action (merge request) GitLab Enterprise Edition
• Update parser gem to 3.2.2.1 (merge request)
• This MR adds select all option (merge request) GitLab Enterprise Edition
• Add branch_type support to scan execution policies (merge request) GitLab Enterprise Edition
• Add tooltip to lock icon in issues and merge requests (merge request)
• Add concurrent index for ci_pipeline_variables (merge request)
• Enable scan_result_policy_latest_completed_pipeline by default (merge request) GitLab Enterprise Edition
• Use Content Editor in Epic descriptions (merge request) GitLab Enterprise Edition
• Improve merge requests dashboard titles (merge request)
• Hide new nav callout for new users (merge request)
• Add text generated by AI warning to test suggestion (merge request)
• Update compliance violation report ui styling (merge request) GitLab Enterprise Edition
• Set PG13 for check-migrations job (merge request)
• Adding Secure Files integrity check (merge request)
• Add version format 2 to package metadata sync (merge request) GitLab Enterprise Edition
• Allow Secure Files to be disabled at instance-level (merge request)
• Remove link icon from file gutter (merge request)
• Use tanuki-ai icon for AI features (merge request)
• Changes bytes notation (merge request)
• Added triggers for RootNameStatistics Update (merge request) GitLab Enterprise Edition
• Revert adding ci_secure_files to consolidated object storage (merge request)
• Updated value stream dashboard vulnerability links (merge request) GitLab Enterprise Edition
• Migrate bulk issues edit dropdowns to GlCollapsibleListbox by @ShaneMaglangit (merge request)
• This MR adds new protected branches dropdown (merge request) GitLab Enterprise Edition
• This MR updates select all button (merge request) GitLab Enterprise Edition
• Update dast mixin profile requests (merge request) GitLab Enterprise Edition
• Improve UI for Candidate CI info (merge request)
• Enable cluster agent tokens limit in API by default (merge request)
• Update dependency auto-deploy-image to v2.50.0 (merge request)
• Remove adding compliance frameworks for personal (merge request) GitLab Enterprise Edition
• Adding Secure Files object storage migration rake task (merge request)
• Move masked variable regex warning to help text (merge request)
• Don't set pagination for recursive tree calls (merge request)
• Use latest completed pipeline for security policy comparison (merge request) GitLab Enterprise Edition
• Avoid slow queries in redundant pipelines service (merge request)
• Swap PG 14 to be default, and 13 to be nightly (merge request)
• Combine sign-in text together - part 1/2 (merge request)
• Rename ci/cd minutes to compute in purchase pages (merge request) GitLab Enterprise Edition
• Changes storage magnitude notation (merge request)
• Archive projects toggle behind a feature flag (merge request)
• Validate presence of PersonalAccessToken#expires_at (merge request)
• Removed translation scope from "Learn more" buttons by @catinbag (merge request)
• Remove in progress text (merge request)
• Adds an Elastic migration helper for creating a new index (merge request) GitLab Enterprise Edition
• Add warning to issue description modal (merge request)
• Tweaked visual styles and reoganized some files (merge request)
• Update Admin settings for compute usage (merge request) GitLab Enterprise Edition
• Revert to using SearchService for user autocomplete (merge request)
• Display completed training urls (merge request) GitLab Enterprise Edition
• Reshedule links related migration with (merge request)
• [Audit Events] Provide all audit events under a group via the API (merge request) GitLab Enterprise Edition
• Add option to not show banner broadcast message in CLI (merge request)
• Branches: Branch item update (merge request)
• Update usage charts to use compute terminology (merge request) GitLab Enterprise Edition
• Shows Model experiments menu only if enabled (merge request)
• Refactors api endpoints to use can? (merge request)
• Refactors Controllers to use can? (merge request)
• Moved user_dismissed_before? helper method to EE helper (merge request) GitLab Enterprise Edition
• Update runners empty state (merge request)
• Adding secure files settings to consolidated object storage (merge request)
• Make ci badge design compliant (merge request)
• Return 503 instead of 429 when Gitaly returns ResourceExhausted (merge request)
• Lock net-http version to v0.1.1 (merge request)
• Add header for scan execution policy scanner dropdown (merge request) GitLab Enterprise Edition
• Add runner group count to the runner list (merge request)
• Replaced js-dropdown-input-field with data-testid by @catinbag (merge request)
• UI updates on summarize comments and description (merge request)
• Update license schema max values (merge request) GitLab Enterprise Edition
• Remove hide_create_issue_resolve_all feature flag (merge request)
• Ensure instance admins can admin service accounts (merge request) GitLab Enterprise Edition
• Use issue/MR sticky header titles to link to top of page (merge request)
• Convert the LDAP sign-in form to Pajamas (merge request)
• Rename analyze to analytics in product analytics metrics (merge request) GitLab Enterprise Edition
• Changed the class name .header-search-new to .header-search (merge request)
• Replace spinner with skeleton loader in explain vulnerability drawer (merge request)
• Display tags and "run untagged jobs" as required (merge request)
• Refresh runner update form (merge request)
• Update vulnerability drawer to match others (merge request)
• Update compliance violation report ui styling (merge request) GitLab Enterprise Edition
• Make MigrateSharedVulnerabilityIdentifiers use slow iteration (merge request)
• General improvements in the 2FA form (merge request)
• Update UI text for LFS setting (merge request)
• Update Puma to v6.3.0 (merge request)
• Set status check back to pending on retry (merge request)
• Remove dashboard_saml_reauth_support feature flag (merge request) GitLab Enterprise Edition
• Remove namespace select after group create fails during trial creation (merge request) GitLab Enterprise Edition
• Geo Replicables - SSF Filtering Support (merge request) GitLab Enterprise Edition
• Don't include archived projects by default (merge request)
• Increase padding between epic title and swimlane (merge request) GitLab Enterprise Edition
• Update the JiraCoonect app error message (merge request)
• Explain code: Highlight selected code lines (merge request)
• Raise the permissions of the group-level APIs to owner (merge request)
• Add info about obsolete migrations to elastic rake tasks (merge request) GitLab Enterprise Edition
• Add database index on members (merge request)
• Update spacing of commits list (merge request)
• Remove the feature flag npm_group_level_endpoints (merge request)
• Enforce a character limit of 2 in autocomplete search (merge request)
• Use GraphQl to update environment info (merge request)
• Remove single tab from admin mode (merge request)
• Simplify and bring uniformity to sign-in language (merge request)
• Change the TanukiBot's distance function (merge request) GitLab Enterprise Edition
• Adding Drawio offline support by @ChevronTango (merge request)
• Convert the CROWD sign-in form to Pajamas (merge request)
• Add feedback link to summarized comments (merge request)
• Added missing unit tests for dismissed before callout methods (merge request)
• Adds minimum value validation for plan limits (merge request)
• Add click actions to card titles pointing to corresponding tabs by @daelmo (merge request) GitLab Enterprise Edition
• Only show code suggestions alert after new nav alert is dismissed (merge request) GitLab Enterprise Edition
• Add Info icons to metric labels in the Value Stream Dashboard (merge request) GitLab Enterprise Edition
• Use GraphQl to update environment info (merge request)
• Uses relative path for projects inside Usage Quotas (merge request) GitLab Enterprise Edition
• Update ci minutes settings to compute (merge request) GitLab Enterprise Edition
• Error Tracking - various fixes around stacktrace file path (merge request)
• Feature flag cleanup (merge request) GitLab Enterprise Edition
• Migrate checkbox to be pajamas compliant (merge request)
• Update checkbox to use pajamas by @ShaneMaglangit (merge request)
• Update Nokogiri to v1.15.2 (merge request)
• Use GraphQl to update environment info (merge request)
• Nav Switch Context fix focus (merge request)
• GitLab Chat: Adding empty state (merge request)
• Update grpc to v1.55.0 (merge request)
• Add CRUD instance level audit event streaming destinations (merge request) GitLab Enterprise Edition
• Update summarize comments UI (merge request)
• Cleaned runner header by @catinbag (merge request)
• Modify storage limit to use admin controlled value (merge request) GitLab Enterprise Edition
• Expose namespace root repository size for admins in API (merge request)
• Add new Markdown editor to Topic descriptions (merge request)
• Add links to commit refs (merge request)
• Rename GroupProjectsController file (merge request) GitLab Enterprise Edition
• Edit file: Remove background from tabs (merge request)
• GitLab Chat: Add ability to increase height of text field (merge request) GitLab Enterprise Edition
• Redirect new topic form to the topics list (merge request)
• Release Geo secondary Git over SSH redesign (merge request) GitLab Enterprise Edition
• Remove Open beta messaging for error tracking (merge request)
• Geo Sites - Order Replicable Types (merge request) GitLab Enterprise Edition
• Bump commonmarker gem to 0.23.9 (merge request)
• Convert Abuse Reports Actions Dropdown into Drawer (merge request)
• Disable Service Desk activation if issue tracker is disabled (merge request)
• Fix inputs, events and buttons in edit escalation policies form by @daelmo (merge request) GitLab Enterprise Edition
• GitLab Chat: increase line-height for better readability (merge request)
• GitLab Chat: Change alignment of sources (merge request)
• Update the circuit breaker notifier (merge request)
• Update gitlab-labkit & pg_query (merge request)
• Add query for compressed package metadata (merge request) GitLab Enterprise Edition
• Update compliance framework ui styling (merge request) GitLab Enterprise Edition
• GitLab Chat: Change loading animation of AI replies (merge request) GitLab Enterprise Edition
• Align GitLab chat drawer headers (merge request)
• Use GraphQl to update environment info (merge request)
• Tanuki Bot: Improve chat message appearance (merge request)
• Create the down method (merge request) GitLab Enterprise Edition
• Add brute force migration back (merge request) GitLab Enterprise Edition
• Add projects_ids to set_runner_associated_projects audit event (merge request) GitLab Enterprise Edition
• Update checkbox to use pajamas by @ShaneMaglangit (merge request)
• This MR migrates legacy GlDropdown (merge request) GitLab Enterprise Edition
• Built-in dashboards go above custom ones (merge request) GitLab Enterprise Edition
• Log Sidekiq job_status as deferred for deferred (merge request)
• Migrate GlDropdown to GlListbox in severity filter (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.33.0 (merge request)
• Use info variant for impersonation alert (merge request)
• Limit the number of agent tokens created (merge request)
• Defers loading of package assets on package details page (merge request)
• Enable and remove user_spam_scores feature flag (merge request)
• Use GraphQl to get environment info (merge request)
• Upgrade prometheus-client-mmap to v0.24.3 (merge request)
• Updates "Submit" button with "Create runner" (merge request)
• Change defer_sidekiq_jobs FF delimiter to _ (merge request)
• Revisited MR empty state by @catinbag (merge request)
• This MR migrates legacy GlDropdown (merge request) GitLab Enterprise Edition
• Remove "already signed in" message on redirect (merge request)
• This MR migrates legacy GlDropdown (merge request) GitLab Enterprise Edition
• Update form submit to use pajamas by @ShaneMaglangit (merge request)
• Add AsciiDoc include for remote URI (merge request)
• Update checkbox to use pajamas by @ShaneMaglangit (merge request)
• Update checkbox to use pajamas by @ShaneMaglangit (merge request)
• Update checkbox to use pajamas by @ShaneMaglangit (merge request)
• Introduce parallelised BitBucket Server Importer (merge request)
• Abuse report worker excludes users in paid groups (merge request)
• Make small updates to GitLab chat UI (merge request)
• Make ci_runners_stale_machines_cleanup_worker job run more frequently (merge request)
• Show explain vuln based on experimental and 3rd party API toggles (merge request) GitLab Enterprise Edition
• Update filter feature flag docs (merge request)
• Upgrade to Puma v6.2.2 (merge request)
• Adding ci_secure_files to backup rake task (merge request)
• Move flash message for unverified domains to local messages by @dannyelcf (merge request)
• Update doorkeeper-openid_connect to v1.8.7 (merge request)
• Update default value for code_suggestions settings (merge request)
• Adjust the correlation id constraint check value in abuse trust scores (merge request)
• Update gitlab-pages (merge request)
• Add moderation status to spamlogs index (merge request)
• Update grpc gem to v1.54.2 (merge request)
• Rename Packages::Package#original_build_info to last_build_info (merge request)
• Migrate status filter to collapsible listbox (merge request) GitLab Enterprise Edition
• Improve branches and tags in commit view (merge request)
• Ensure experimental settings are enabled (merge request) GitLab Enterprise Edition
• Prepare the async index for ci_pipeline_variables (merge request)
• Log rails response length (merge request)
• Add pipeline_ref and pipeline_sha claims to Ci::JwtV2 (merge request)
• Add pre and post import validation to gists import (merge request)
• Shows header of MlExpeirmentIndex on empty state (merge request)
• Improve tests to fit admin mode by @TrueKalix (merge request)
• Add allow_account_deletion to ApplicationSettings by @zhzhang93 (merge request) GitLab Enterprise Edition
• Issuables Designs: Comments actions improvements (merge request)
• Allow adding prometheus-type integrations to HttpIntegrations (merge request)
• Add filter by component names for (merge request) GitLab Enterprise Edition
• Visually align Source Editor toolbar (merge request)
• Restructure and extend scan result policy drawer (merge request) GitLab Enterprise Edition
• Do not return group of current project in list of transfer locations (merge request)
• Rollout of commit_committer_name_check_ff by @zhzhang93 (merge request)
• Remove the feature flag packages_display_last_pipeline (merge request)
• Update dependency auto-deploy-image to v2.49.0 (merge request)
• Update required node version to 18.16.0 or later (merge request)

Deprecated (1 change)

• Deprecate the project_fingerprint field and return uuid (merge request) GitLab Enterprise Edition

Removed (32 changes)

• Remove confidence from vulnerability issue (merge request) GitLab Enterprise Edition
• Migration squash for all migrations from 14.10 (merge request)
• Remove deprecated metrics embeds from GFM (merge request)
• Re-implement sidekiq learn gitlab worker removal migration (merge request)
• Drop project_wiki_repository_states table (merge request)
• Cleanup PK conversion for few notes related tables (merge request)
• Drop WebauthnRegistration#u2f_registration_id column (merge request)
• Remove explicit locking for retrying jobs (merge request)
• Remove synchronize_fork feature flag (merge request)
• Remove temporary index on oauth_access_tokens (merge request)
• Remove Usage Quotas Storage Inline Alert (merge request) GitLab Enterprise Edition
• Stop showing package size on package registry details page (merge request)
• Cleanup super_sidebar_nav feature flag (merge request)
• Remove metric files from db importers (merge request)
• Remove unnecessary index on events async (merge request)
• Remove incorrect enterprise users metrics (merge request) GitLab Enterprise Edition
• Remove not used routes (merge request) GitLab Enterprise Edition
• Remove commits count from daily commits header (merge request)
• Clean metrics/dashboard/* workers and update specs (merge request)
• Remove external_note_author_service_desk feature flag (merge request)
• Remove ClearSharedRunnersMinutesWorker and related (merge request)
• Ignore message in Vulnerabilities::Finding (merge request) GitLab Enterprise Edition
• Remove keyboard shortcuts for deprecated Metrics (merge request)
• Remove file_md5 from debian component files by @sathieu (merge request)
• Delete Monitor Metrics settings UI (merge request)
• Remove project_ci_cd_settings#opt_in_jwt column (merge request)
• Remove links to Metrics in Environments (merge request)
• GraphQL: Remove Mutation.ciCdSettingsUpdate mutation (merge request)
• Delete Metrics form navigation (merge request)
• Drop time_format_in_24h column (merge request)
• Remove use of vulnerabilities[].message (merge request) GitLab Enterprise Edition
• Remove puma worker killer (merge request)

Security (23 changes)

• Fixes typo on project error tracking spec
• Fixes typo on rake tasks documentation
• Fixes typo on Ci::JobArtifact model
• Use recently renamed PathTraversal instead of Utils.check_path_traversal (merge request)
• Fix XSS in Abuse Reports form action (merge request)
• Import source owners with maintainer access if importer is a maintainer (merge request)
• Set IP in ActionContoller filter before IP enforcement is evaluated (merge request)
• Improve ambiguous_ref? logic to include heads and tags (merge request)
• Check for register_project_runners permission at service level (merge request)
• Reject NPM metadata requests with invalid package_name (merge request)
• Filter inaccessible issuable notes when exporting project (merge request)
• Escape the source branch link correctly (merge request)
• Ignore user-defined diff paths in diff notes (merge request)
• Block tag names that are prepended with refs/tags/, due to conflicts (merge request)
• Resolve Overall Project Vulnerability Disclosure (merge request)
• Fix DoS (zip bomb) on test report artifacts (merge request)
• Use UntrustedRegexp to protect FrontMatter filter (merge request)
• Use UntrustedRegexp to protect InlineDiff filter (merge request)
• Use UntrustedRegexp to protect MathFilter regex (merge request)
• Validate description bytesize in labels (merge request)
• Prevent primary email returned as verified on unsaved change (merge request)
• Fix arbitary file read via filename param (merge request)
• Add temp flag to prevent inserting unapproved content (merge request) GitLab Enterprise Edition

Performance (12 changes)

• Remove inline_haml_diff_line_rendering feature flag (merge request)
• Add cross-slot pipeline functionality (merge request)
• Remove project_statistics_bulk_increment feature flag (merge request)
• Improve group issues query for Reporters and above (merge request)
• Exclude deleted projects from scan execution rule (merge request)
• LFS: Serve pre-signed URLs in /lfs/objects/batch (merge request)
• Remove the join query for global search of blobs (merge request) GitLab Enterprise Edition
• Optimize ci_access_authorized_for? query (merge request)
• Submit JiraConnect::SyncBranchWorker in batches (merge request)
• Enable and remove the FF ci_batch_project_includes_context (merge request)
• Remove project_id from join query in project search for blob (merge request) GitLab Enterprise Edition
• Async remove 'merge_requests_state_id_temp_index' (merge request)

Other (98 changes)

• Refactor from link_type to resource_link by @FromTheStackAndBack (merge request)
• Replace issues health status sorting indexes Async (merge request)
• Remove progress bar from subscription flow (merge request) GitLab Enterprise Edition
• Add work_item_type_id closed_at index on issues table (merge request)
• Bump gitlab_quality-test_tooling gem version (merge request)
• Finalize conversion for FKs targeting p_ci_builds (merge request)
• Remove feature flag ci_job_artifacts_backlog_work (merge request)
• Move namespace errors to the namespace name input (merge request) GitLab Enterprise Edition
• Update merge train error messaging with link to docs by @missy-davies (merge request) GitLab Enterprise Edition
• Replace foreign keys to use the partitioned table (merge request)
• Remove branch_rules feature flag (merge request)
• Remove feature flag "inherit_approval_rules_on_creation" (merge request)
• Roll-out direct upload artifacts to final location (merge request)
• Error Tracking: Remove ingestion API (merge request)
• Remove use_traversal_ids_groups_finder feature flag (merge request)
• Validate foreign keys targeting p_ci_builds (merge request)
• Fine tune over limit email notification worker (merge request) GitLab Enterprise Edition
• Revert "Merge branch '382033-force-partition-attach' into 'master'" (merge request)
• Remove use_pipeline_over_multikey feature flag (merge request)
• Add version note related to design description (merge request)
• Add feature flag to disable cancel redundant pipelines (merge request)
• Documentation for deferring sidekiq using db health status (merge request)
• Usage data related scopes use the work_item_types table (merge request)
• Increase coverage for different UI states (merge request) GitLab Enterprise Edition
• Remove spec violations and refactor test (merge request) GitLab Enterprise Edition
• Error Tracking: Consolidate Clickhouse specific feature flag (merge request)
• Update Gitlab Shell version to 14.23.0 (merge request)
• Swap notes.id to bigint for GitLab.com (merge request)
• Migrate tags sort dropdown to GlCollapsibleListbox (merge request)
• Update grape gem to version 1.7.0 (merge request)
• Remove unused 'hideProjects' prop and its related refs by @asadath1395 (merge request)
• Remove vm modification violation (merge request) GitLab Enterprise Edition
• Remove super_sidebar_peek feature flag (merge request)
• Remove ci_multi_doc_yaml FF (merge request)
• Refactor test to solve spec violations (merge request) GitLab Enterprise Edition
• Remove flag always_perform_delayed_deletion (merge request)
• Fix typo of "superseded" (merge request)
• Add default database values for user_preferences table (merge request)
• Add path attribute to organizations (merge request)
• Add default database value for notified_of_own_activity column (merge request)
• Improve test suite performance (merge request) GitLab Enterprise Edition
• Remove broadcast_messages.namespace_id column (merge request)
• Update Epics API for Grape 1.7 compatibility (merge request) GitLab Enterprise Edition
• Add instance-level switch for Code Suggestions for SM (merge request)
• Remove the feature_flag separate_elastic_wiki_indexer_for_project (merge request) GitLab Enterprise Edition
• Clean up tofa* db columns (merge request)
• Update Gitlab Shell version to 14.22.0 (merge request)
• Fix followup issues in ZeroShot Agent (merge request) GitLab Enterprise Edition
• Adding cells blueprint FAQ section (merge request)
• Remove authorize_groups_query_without_column_cache feature flag (merge request)
• Synchronously remove merge_requests_state_id_temp_index (merge request)
• Exposing db health check methods from sidekiq workers (merge request)
• Ensure sso signup through signin onboards (merge request) GitLab Enterprise Edition
• Cleanup sync_approval_rules_from_findings feature flag (merge request) GitLab Enterprise Edition
• Add Code Suggestions token into AppSettings (merge request)
• Remove password_reset_any_verified_email FF (merge request)
• Update Releases API for Grape 1.7 compatibility (merge request)
• Don't fire queries to find gitlab_schema of table (merge request)
• Remove default_pat_expiration FF (merge request)
• Part 3: issues.issue_type column related scopes updated (merge request)
• Remove feature flag for hiding Monitor Metrics visibility setting (merge request)
• Use .gl-rounded-top-base for card header (merge request)
• Remove legacy CI predefined variables (merge request)
• Adds model_registry feature flag (merge request)
• Prevent BitBucket Cloud Import from importing duplicated items (merge request)
• Remove GitHubImport deprecated workers (merge request)
• Remove unique index on organizations.name (merge request)
• Update ResetSkippedJobsService to support multiple jobs (merge request)
• Make API::Release::Links tests faster (merge request)
• Use utility classes instead of custom CSS rules (merge request)
• Update Epics API for Grape 1.7 compatibility (merge request) GitLab Enterprise Edition
• Use listbox in activity_filter (merge request) GitLab Enterprise Edition
• Add async indexes for VSA tables (merge request)
• Add store labels to all Rails.cache metrics (merge request)
• Fix async index creation for long tables (merge request)
• Backfill resource link events (merge request)
• Remove the fix DORA frequency calculation FF (merge request) GitLab Enterprise Edition
• Cleanup remove_scan_result_policy_transaction feature flag (merge request) GitLab Enterprise Edition
• Update Gitlab Shell version to 14.21.0 (merge request)
• Remove temp index on issues.issue_type for incidents (merge request)
• Fix cross-slot request counting methodology (merge request)
• Create temporary index for system_note_metadata (merge request)
• Polish the trials form and reduce code duplication (merge request) GitLab Enterprise Edition
• Remove invalid protected_environment_deploy_access_levels groups (merge request)
• Remove record_issue_and_mr_assignee_events FF (merge request)
• Remove batched_migrations_parallel_execution flag (merge request)
• Remove remaining "wip" logic from spec (merge request)
• Add empty structure for LLM Agents (merge request) GitLab Enterprise Edition
• Add cluster_agent_id FK to environments (merge request)
• Prepare index_issues_on_work_item_type_id index in Gitlab.com (merge request)
• Use listbox in cluster_filter (merge request) GitLab Enterprise Edition
• Remove optional runner token encryption for groups and projects (merge request)
• Enable password_reset_any_verified_email by default (merge request)
• Document pass_user_identities_to_ci_jwt usage by @joe-snyder (merge request)
• Prepare FKs for converting notes.id to bigint (merge request)
• Remove use_traversal_ids_for_ancestor_scopes feature flag (merge request)
• Migrate custom CSS to utility classes (merge request) GitLab Enterprise Edition
• Remove the vsa_group_and_project_parity FF (merge request) GitLab Enterprise Edition

16.0.8 (2023-08-01)

Fixed (1 change)

• Disable IAT verification by default

Security (13 changes)

• Prevent leaking emails of newly created users (merge request)
• Added redirect to filtered params (merge request)
• Relocate PlantUML config and disable SVG support (merge request)
• Sanitize multiple hardlinks from import archives (merge request)
• Validates project path availability (merge request)
• Fix policy project assign (merge request)
• Fix pipeline schedule authorization for protected branch/tag (merge request)
• Mitigate autolink filter ReDOS (merge request)
• Fix XSS vector in Web IDE (merge request)
• Mitigate project reference filter ReDOS (merge request)
• Add a stricter regex for the Harbor search param (merge request)
• Update pipeline user to the last policy MR author (merge request)
• Prohibit 40 character hex plus a hyphen if branch name is path (merge request)

16.0.7 (2023-07-04)

Security (1 change)

• Add authorization to the subscriptions group controller (merge request)

16.0.6 (2023-06-28)

Security (12 changes)

• Revert 'security-leaked-ci-job-token-permission-16-0' from '16-0'" (merge request)
• Use fully qualified ref when loading code owner file (merge request)
• Maintainer can leak masked webhook secrets by manipulating URL masking (merge request)
• Remove approvals when the only commit gets amended (merge request)
• Add authorization validation to GithubController#failures action (merge request)
• Fix for fork permissions check in compare controller (merge request)
• Webhook token leaked in Sidekiq logs if log format is 'default' (merge request)
• Mitigate epic reference filter ReDOS (merge request)
• Increasing security for CI_JOB_TOKEN on public and internal projects (merge request)
• Adjust access to value stream create, edit and destroy actions (merge request)
• Sanitize user email addresses in admin confirm user dialog (merge request)
• Obfuscate email of service desk issue creator in issue REST API (merge request)

16.0.5 (2023-06-16)

Fixed (1 change)

• Update gitlab-elasticsearch-indexer version (merge request)

Changed (1 change)

• Make MigrateSharedVulnerabilityIdentifiers use slow iteration (merge request) GitLab Enterprise Edition

16.0.4 (2023-06-08)

Fixed (1 change)

• Fix LDAP tls_options not working (merge request)

16.0.3 (2023-06-06)

Fixed (3 changes)

• Fix memory leak in CI config includes entry (merge request)
• Fix MR approval rules sync when disabling scan result policy (merge request) GitLab Enterprise Edition
• Fix serialization of pull requests in BitbucketServer Import (merge request)

Performance (1 change)

• LFS: Serve pre-signed URLs in /lfs/objects/batch (merge request)

16.0.2 (2023-06-05)

Fixed (1 change)

• Fix Sidekiq crash when gitlab.yml contains UTF-8 characters

Changed (1 change)

• Introduce parallelised BitBucket Server Importer

Security (16 changes)

• Fix DoS on test report artifacts (merge request)
• Fix XSS in Abuse Reports form action (merge request)
• Escape the source branch link correctly (merge request)
• Import source owners with maintainer access if importer is a maintainer (merge request)
• Filter inaccessible issuable notes when exporting project (merge request)
• Block tag names that are prepended with refs/tags/, due to conflicts (merge request)
• Set IP in ActionContoller filter before IP enforcement is evaluated (merge request)
• Prevent primary email returned as verified on unsaved change (merge request)
• Use UntrustedRegexp to protect FrontMatter filter (merge request)
• Improve ambiguous_ref? logic to include heads and tags (merge request)
• Use UntrustedRegexp to protect InlineDiff filter (merge request)
• Ignore user-defined diff paths in diff notes (merge request)
• Reject NPM metadata requests with invalid package_name (merge request)
• Use UntrustedRegexp to protect MathFilter regex (merge request)
• Resolve Overall Project Vulnerability Disclosure (merge request)
• Validate description length in labels (merge request)

16.0.1 (2023-05-22)

Security (1 change)

• Fix arbitary file read via filename param (merge request)

16.0.0 (2023-05-18)

Added (168 changes)

• Add X-GitLab-ConfidentialIssue: header boolean by @micah (merge request)
• Adds CI information to candidate detail (merge request)
• Added pipelines shortcut by @AlexNewson (merge request)
• Add user deactivate service (merge request) GitLab Enterprise Edition
• Updated code based on suggestion (merge request)
• feat: Add lock_version to milestone by @gerardo-navarro (merge request)
• Enable import_details_page ff by default (merge request)
• Add audit events schema definitions (merge request) GitLab Enterprise Edition
• Add specs for ApprovalProjectRule creation (merge request)
• Add environment tier to deployment webhooks (merge request)
• Add keyword to allow multiple cache fallback keys by @renehernandez (merge request)
• Add emoji awards for work item (merge request) GitLab Enterprise Edition
• GraphQL project fields for refs containing a commit (merge request)
• Make group-level git protocol control available (merge request)
• [Audit Events] Asynchronous database index addition (merge request) GitLab Enterprise Edition
• Show alert about any configured deploy freezes (merge request)
• Model and table for google cloud logging integration (merge request)
• Add to do widget for work items (merge request) GitLab Enterprise Edition
• Add Zola template for .gitlab-ci.yml by @homersimpsons (merge request)
• Allow sending secret detection vulnerabilities to the AI API (merge request) GitLab Enterprise Edition
• Enable realtime approval updates by default (merge request)
• Add coverage fuzzing to registration features (merge request) GitLab Enterprise Edition
• Add update_design permission to check user rights to edit description (merge request)
• Add blocked_by and blocks quick actions for issues (merge request) GitLab Enterprise Edition
• Implement YAML config file for the Value stream dashboard (merge request) GitLab Enterprise Edition
• Add branches to the initial Jira data sync (merge request)
• Adds PAT based auth (merge request)
• Add model for storing ai ci editor conversations (merge request)
• Add dismissal reason and comment to vulnerability bulk updates (merge request) GitLab Enterprise Edition
• Add a Breach and Attack Simulation CI template (merge request) GitLab Enterprise Edition
• Add support for npm group level endpoints in compressed json middleware (merge request)
• Add RTL support in content editor (merge request)
• Add support for basic auth on Maven registry download endpoints (merge request)
• Add health_status to webhook payload data (merge request) GitLab Enterprise Edition
• Add update action and update service for Abuse Reports (merge request)
• Resource access token rotation API (merge request)
• Add model for storing ai ci editor conversations (merge request)
• Add ability to read_vulnerability to custom roles (merge request)
• Extend VertexAi::Client to add text/code/message_chat methods (merge request) GitLab Enterprise Edition
• Add documentation for Compliance Framework CSV Export (merge request) GitLab Enterprise Edition
• Enable feature flags for new runner creation (merge request)
• Add SecureFlag training provider by @bruce.lay (merge request)
• Support + and +s reference expansion for work items (merge request)
• Shows link to jobs on the list of Ml::Candidate (merge request)
• Create a service to build npm metadata cache record (merge request)
• Enable the feature flag ci_include_components (merge request)
• Add HLL counter for projects that initialize product analytics (merge request) GitLab Enterprise Edition
• Add merged merge request delete audit event (merge request) GitLab Enterprise Edition
• PAT rotation API (merge request)
• Enable work item conversion (merge request)
• Add GraphQL query for inherited CI variables (merge request)
• Allow remember me to be set in Admin area general settings (merge request)
• Add truncated text component (merge request)
• Show services on Environments index page (merge request)
• Backend to allow remember me to be disabled (merge request)
• Remote Development feature behind a feature flag (merge request)
• Add vulnerabilities counts to VSD (merge request) GitLab Enterprise Edition
• Add GraphQL support for visibility_pipeline_id (merge request)
• Add type quick action for work items (merge request)
• Expose reference and createNoteEmail fields (merge request)
• Add runner field to job_type by @TrueKalix (merge request)
• Create routing table for ci_builds (merge request)
• Geo Sites - Add primary last event id (merge request) GitLab Enterprise Edition
• Add data migration for human user type (merge request)
• Implement Gitlab::Llm::Anthropic::Client (merge request)
• Skip copy job artifacts uploaded to final location (merge request)
• Implement runner backoff for migrations (merge request)
• Expose Issues Completed under GraphQL flow metrics (merge request) GitLab Enterprise Edition
• Preload SamlProvider for cross child epics groups (merge request) GitLab Enterprise Edition
• Only allow user to be remembered if application setting enabled (merge request)
• Enable vsa_group_and_project_parity FF by default (merge request) GitLab Enterprise Edition
• Add RedisHLL counter for creating dashboards (merge request) GitLab Enterprise Edition
• Add redis counter for viewing dashboard (merge request) GitLab Enterprise Edition
• Geo Sites - Read Help Icon to Secondary Site (merge request) GitLab Enterprise Edition
• Add new properties to GET /users/:user_id/projects (merge request)
• Add export button for framework report (merge request) GitLab Enterprise Edition
• Add support for cancelling drag on Esc key press (merge request) GitLab Enterprise Edition
• Add ability to filter github repositories by relation type (merge request)
• Enable GlFilteredSearch terms-as-tokens prop on Plan pages (merge request)
• Add output moderation to OpenAI::Client (merge request) GitLab Enterprise Edition
• Add ability to add/edit compliance frameworks directly from report (merge request) GitLab Enterprise Edition
• Add Value Stream Dashboard tracking table (merge request)
• Skip phone verification when TeleSign is down (merge request) GitLab Enterprise Edition
• Disallow runner registration if allow_runner_registration_token disabled (merge request)
• Add new table to store note metadata (merge request)
• Allow all users to opt-in to the navigation redesign beta (merge request)
• Adding create API for instance audit external destinations (merge request) GitLab Enterprise Edition
• Adds link to settings from dependency proxy (merge request)
• Reflect state transition comments in system notes (merge request) GitLab Enterprise Edition
• Associate Ml::Candidate to Ci::Build (merge request)
• Create the Organization model (merge request)
• Adds digest label & copy button for dependency proxy UI (merge request)
• Add support for new vulnerability status filtering (merge request) GitLab Enterprise Edition
• Enable sync_approval_rules_from_findings by default (merge request)
• Add option to keep quick actions in text (merge request)
• Add Abuse Reports Detail View (merge request)
• Add moderation to OpenAI::Client (merge request) GitLab Enterprise Edition
• Add settings to database (merge request)
• Add runners to job/pipeline seed data by @TrueKalix (merge request)
• Create Abuse Report Events table (merge request)
• Add project cell admin jobs vue by @TrueKalix (merge request)
• Add Remember Me Enabled to Application Settings (merge request)
• Create a new table to hold diff summaries (merge request)
• Create bot user when security policy is linked (merge request)
• Autofocus link URL when editing link (merge request)
• Add geo_sites API endpoint (merge request) GitLab Enterprise Edition
• Add PA configuration to project level settings (merge request)
• Add ref_path to CI job JWTs (merge request)
• Allow uploading more image types (merge request)
• Add maximum length validation for ci_builds columns (merge request)
• Add cost tracking to OpenAi::Client (merge request) GitLab Enterprise Edition
• Create partitioned table for VSD counts (merge request)
• Feature Flag: Add FF for Rust metrics marshaling (merge request)
• Add registry table to track replication and verification state (merge request)
• Add column visibility_pipeline_id (merge request)
• Enable feedback deprecation by default (merge request)
• Improve the performance of the "vulnerability report" page (merge request) GitLab Enterprise Edition
• Add maintenance mode to registration features (merge request) GitLab Enterprise Edition
• Adds link to settings on container registry image list page (merge request)
• Add first assigned to Issue and MR events to VSA (merge request) GitLab Enterprise Edition
• Add the tanuki_bot migration/model (merge request) GitLab Enterprise Edition
• Enable mr widget V2 by default (merge request)
• Improve error messages by @TrueKalix (merge request)
• Enable use_merge_base_for_security_widget by default (merge request)
• Add support for TOFA AI API (merge request)
• Add private endpoint to show github import errors (merge request)
• Track spam scores for users (merge request)
• Add ci_max_includes to application settings (merge request)
• Add tooltips to Value Stream Dashboard sparkline charts (merge request) GitLab Enterprise Edition
• Add jobs count admin jobs vue by @TrueKalix (merge request)
• Add geo sites fixtures schemas (merge request) GitLab Enterprise Edition
• Add Tanuki Bot backend service and API (merge request) GitLab Enterprise Edition
• Add artifacts management page (merge request)
• Show services on Environments index page (merge request)
• Add ciPipelineStage to QueryType (merge request)
• Add the tanuki_bot migration/model (merge request) GitLab Enterprise Edition
• Introduce "update filters" popover after assigning framework (merge request) GitLab Enterprise Edition
• Enable dismissal_reason feature flag by default (merge request) GitLab Enterprise Edition
• Report abuse to admin for WI notes (merge request)
• Enable Fetching upstream to the fork (merge request)
• Add ability to add/remove compliance framework from single item (merge request) GitLab Enterprise Edition
• Add backend for setWorkItemMetadata (merge request)
• Add display_color to epic_boards (merge request)
• Add ability to disable social feature (following) (merge request)
• Add job filter admin jobs vue by @TrueKalix (merge request)
• Add user feedback (merge request) GitLab Enterprise Edition
• Add intersection observer admin jobs vue by @TrueKalix (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Set minimum role for importing projects to Maintainer (merge request)
• feat: New REST api endpoint to fetch CI_JOB_TOKEN access settings by @gerardo-navarro (merge request)
• Store MR and issue assignment events (merge request)
• Index for namespaces by root namespace lookup (merge request)
• Add skeleton loader to admin jobs vue by @TrueKalix (merge request)
• Show work item id in breadcrumb (merge request)
• Admins can edit arkose_risk_band (merge request) GitLab Enterprise Edition
• Introduce circuit breaker for OpenAI client (merge request)
• Switch status tabs by @TrueKalix (merge request)
• Promote Key Result to Objective (merge request)
• Add Environments::Stop mutation (merge request)
• Add branch filtering for compliance violations report (merge request) GitLab Enterprise Edition
• Add Sidekiq execution SLI as apdex (merge request)
• Add API to toggle pass_user_identities_to_ci_jwt by @joe-snyder (merge request)
• Add sync index security_scans_on_pipeline_id_and_scan_type (merge request)
• Adds request forwarding warning to package details modal (merge request)
• Adds confirmation prompt to container image repository delete modal (merge request)
• Prepare todos for bigint migration (merge request)
• Change fetch policy for work item detail (merge request)
• Populate missing dismissal info (merge request)

Fixed (163 changes)

• Add top margin to admin email alert (merge request) GitLab Enterprise Edition
• Update by_parent filter in EpicsFinder (merge request) GitLab Enterprise Edition
• View projects pending deletion from subgroup (merge request) GitLab Enterprise Edition
• Fixes roadmap timeline bar alignment (merge request) GitLab Enterprise Edition
• Fix no_proxy not working when DNS rebinding protection enabled (merge request)
• Handle String response in ResponseLogger (merge request)
• Fix case sensitive GraphQL username argument (merge request)
• Fix bridge status not inheriting canceled (merge request)
• Fixed how series render and legend in VSA Overview "Total time" chart (merge request) GitLab Enterprise Edition
• Updating PipelineJobResolver for type filter (merge request)
• Make new jira_auth_type Jira API argument optional (merge request)
• Fix pending status when SecureFlag has no content (merge request) GitLab Enterprise Edition
• Fix auditing of merged merge request when metrics are nil (merge request) GitLab Enterprise Edition
• Skip to main content interactive when super sidebar is inert (merge request)
• Remove extra top padding on collapsible discussion (merge request)
• Fix the query when migration add_suffix_project_in_wiki_rid not finished (merge request) GitLab Enterprise Edition
• Fix event location detection for the branch list (merge request)
• Add a boolean field hidden in the MergeRequest ES mapping (merge request) GitLab Enterprise Edition
• Removing Ci:Bridge jobs from ProjectJob#show (merge request)
• Replace stable Terraform CI templates with latest templates (merge request)
• Status checks widget: Remove double bottom border (merge request)
• Fix border on description box (merge request)
• Fix syntax highlighting on Wiki Diff pages (merge request)
• Update GraphQl spec to include SHARED_INTO_ANCESTORS (merge request)
• Fix height calculations with roadmap to prevent extra scrollers (merge request) GitLab Enterprise Edition
• Fix comments template dropdown being hidden (merge request)
• Include shared from groups members in the projects members (merge request)
• Fix container scanning via group level policy (merge request)
• Append bubble menus to body (merge request)
• Fix MR activity filtering (merge request)
• Do not autofocus the description field (merge request)
• Remove epic date fields authorization (merge request) GitLab Enterprise Edition
• Namespace the Gitlab constant to avoid NameError (merge request)
• Fixes missing background in tasks (merge request)
• Alter installation_creation_date metric logic (merge request)
• Move feature-flag to outside pipelined block (merge request)
• Return the error when failed to register runner (merge request)
• Fix avatar when commit email is an empty string (merge request)
• Allow merge when rules are invalid for security policy project (merge request) GitLab Enterprise Edition
• Fix redirect for work items notes for diffPath and deletePath (merge request)
• Lock tables before dropping the LFK trigger (merge request)
• Update new navigation nav item badge positon and hover styles (merge request)
• Do not limit batch_size in migration (merge request) GitLab Enterprise Edition
• Clicking task item doesn’t when using “1)” (merge request)
• Prevent logged in user from blocking themselves in abuse reports (merge request)
• Fix incorrect handler location for list of branches (merge request)
• Show detected licenses with their URLs (merge request) GitLab Enterprise Edition
• Fix active state overlay in content editor (merge request)
• Add missing license check for project approval rules endpoints (merge request) GitLab Enterprise Edition
• Fixes Content-Type for Service Desk emails with attachments (merge request)
• Fix DORA deployment frequency calculation (merge request) GitLab Enterprise Edition
• Resolve "Immediately preview when editing a broadcast message" (merge request)
• Fix group blobs search permission when migration is not complete (merge request) GitLab Enterprise Edition
• Fix arguments in container replication event (merge request) GitLab Enterprise Edition
• Fixes NoMethod when tags are empty (merge request)
• Fixing a misspelling of "absence" (merge request)
• Fixed issue description editor keeping autosaved data after save by @zillemarco (merge request)
• Do not show issuable email address when FF is on (merge request)
• SSO enforcement shouldn't require SSO for non-members and public groups (merge request) GitLab Enterprise Edition
• Fallback to highlighting HAML with Rouge (merge request)
• Hide Add button in issue if user has Guest role (merge request)
• Fix TypeError exceptions in UpdateMergeRequestWorker (merge request)
• Fixes shortcut not working without focus (merge request)
• Fixes rich text editor not wrapping on mobile (merge request)
• Fix loading Web IDE Beta outside gitlab_url (merge request)
• Follow k6's rename of ex/sample folder (merge request)
• Fixes registry search alignment (merge request)
• Fix tab count admin jobs vue by @TrueKalix (merge request)
• Enable "inherit_approval_rules_on_creation" feature flag (merge request)
• SSO enforcement should respect Admin Mode for groups access (merge request) GitLab Enterprise Edition
• Remove counter_attribute_db_lease_for_update FF (merge request)
• Fix empty attachments 500 error in NPM package PUT request (merge request)
• Fix conan search to not find instance-wide packages on project-level (merge request)
• Fix Stop Environment Diaglog shows wrong text (merge request)
• Use trueup_period_seat_count for true-up check (merge request) GitLab Enterprise Edition
• Make sure /api/v4/geo_nodes/current/failures works with the unified URL (merge request)
• Inject apollo for pipelines table (merge request)
• Checks loaded visualisation for tree traversal (merge request) GitLab Enterprise Edition
• Cleanup leftovers in packages_dependencies table (merge request)
• Globally enable ff filter_vulnerability_findings_dismissed_on_default (merge request) GitLab Enterprise Edition
• Fix root_ancestor undefined method error (merge request) GitLab Enterprise Edition
• Fix custom template import permission (merge request)
• Set static page size for fetching notes (merge request)
• Put actual default branch in readme on project creation (merge request)
• Change API endpoint used when inviting a group to a project (merge request)
• Fix N+1 issue for GraphQL VulnerabilityType (merge request) GitLab Enterprise Edition
• Enable remove_scan_result_policy_transaction by default (merge request) GitLab Enterprise Edition
• Search without project namespaces (merge request)
• View projects pending deletion from subgroup (merge request) GitLab Enterprise Edition
• Crop long texts in the MR Security Reports widget (merge request) GitLab Enterprise Edition
• Fix: display correct duration for pipeline >24 hour runtime by @endera_ (merge request)
• Use fallback when avatar fails to load (merge request)
• Fix vue3 spec violation in environments_folder_view_spec.js (merge request)
• Update chat prompt to move references to the end (merge request) GitLab Enterprise Edition
• Fix installation activation bug (merge request) GitLab Enterprise Edition
• Fix for the rebase merge request state being shown incorrectly (merge request)
• Prevent errors when focusing platform button (merge request)
• Do not touch last_downloaded_at when on a geo secondary (merge request) GitLab Enterprise Edition
• Make it possible to run Puma v6 (merge request)
• Fix signing-up page renders by @lyb124553153 (merge request)
• Fix extra social dot divider (merge request)
• Make propmpt_location dynamic, fix spacing in chat (merge request)
• Allow individual pages to set super sidebar open on page load (merge request)
• Fix member source determination in group members report (merge request) GitLab Enterprise Edition
• Fix Merge request tabs page bundle loading (merge request)
• Fixes random questions being answered by Tanuki Bot (merge request) GitLab Enterprise Edition
• Fix vue3 spec violations for tree_content_spec.js (merge request)
• Fix sidekiq_remove_jobs not to run in transaction (merge request)
• Reject invalid repository archive request formats (merge request)
• Update groups header (merge request)
• Remove global audit events stream page refreshes on edits (merge request) GitLab Enterprise Edition
• Fix compliance framework creation error on GitLab premium plans (merge request) GitLab Enterprise Edition
• Fix expanded avatars list display in the MR widget (merge request)
• Work item tree tooltip fix (merge request)
• User profile fix bg for fixed with layout (merge request)
• Fix cadence description box width (merge request) GitLab Enterprise Edition
• Fix search cron worker when indexing is disabled (merge request) GitLab Enterprise Edition
• Fix invite project members modal closing on error (merge request)
• Vertically align epic colors in dropdown (merge request)
• Create unique digests for email verification tokens (merge request)
• Fix encoding error for commits endpoint (merge request)
• Fix data in import_sources column of application_settings (merge request)
• Fix burnup chart line going backwards (merge request) GitLab Enterprise Edition
• Spread sidekiq jobs on reschedule during github import (merge request)
• Remove transaction in ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Fail transfer only with namespaced npm packages (merge request)
• Removes hardcoded path to svg (merge request)
• Fix use of the bootstrap form group with label (merge request)
• Bugfix invite members modal (merge request)
• Putting CI/CD settings behind appropriate permission levels (merge request)
• Fix Web IDE Beta icons not loading in Safari by @gitlab-dependency-update-bot (merge request)
• Provide a single line of vulnerable code (merge request) GitLab Enterprise Edition
• Improve Vale's ElementDescriptors rule to catch previous false negatives by @JonstonChan (merge request)
• Fix GraphQL timelog Int overflow bug (merge request)
• Fix bug in UpdateApprovalsService when target pipeline is empty (merge request) GitLab Enterprise Edition
• Fix broken mermaid markdown rendering of milestone detail views by @gerardo-navarro (merge request)
• Use consistent orange color for low severity (merge request)
• Get rid of infinite work item calls in work item modal (merge request)
• Improve Vale's CIConfigFile rule to catch previous false negatives by @JonstonChan (merge request)
• Do not block project overview when wiki repository fails (merge request)
• Remove operations_access_level REST API field (merge request)
• Fix error when scan result policy is missing actions or rules (merge request) GitLab Enterprise Edition
• Fix layout of mr widget checkboxes (merge request)
• Scroll to job line from hash (merge request)
• Fix work item children order by relative position (merge request)
• Revert "Merge branch 'revert-allow-dots-ff' into 'master'" (merge request)
• Fix assignee avatars alignment on issues list (merge request)
• Renders indexes for Jupyter Notebooks (merge request)
• Set retry limit 2 for Zoekt::IndexerWorker (merge request) GitLab Enterprise Edition
• Don't index empty or missing repositories in Zoekt::IndexerWorker (merge request) GitLab Enterprise Edition
• Add max-width and min-width to the chat component (merge request) GitLab Enterprise Edition
• Exclude any_approver rule from being marked as invalid (merge request) GitLab Enterprise Edition
• Do not require email verification for oAuth users (merge request)
• Include forks in github repository list (merge request)
• Fix docs (merge request)
• Hide New project button if visibility is restricted (merge request)
• Ensure wiki errors are bubbled up to its form (merge request)
• Add correct widget list styles to MR dependencies (merge request)
• Fix namespace async index creation (merge request)
• Fix groups appearing for project create/import (merge request)
• Fix comments rendering in content editor (merge request)
• Fix Ci::CommitWithPipeline batch loader key (merge request)
• Do not use snapshots on single database instances (merge request)

Changed (250 changes)

• Merge request sticky header height and border bottom (merge request)
• Add default organization (merge request)
• Update external status check url visiblity (merge request) GitLab Enterprise Edition
• Upgrade DAST to version 4 (merge request) GitLab Enterprise Edition
• Added reveal/hide password input to login page (merge request)
• Enables the auto_merge_labels_mr_widget feature flag (merge request)
• Refactors ml_candidate_show (merge request)
• Move collaborators import to Advanced import setting (merge request)
• Update POST approvals endpoint (merge request) GitLab Enterprise Edition
• Update package license json schema (merge request) GitLab Enterprise Edition
• Remove namespace storage limit dates (merge request) GitLab Enterprise Edition
• Add worker behind a feature flag to check missing repositories (merge request)
• Disable Compliance pipeline field for Premium licenses (merge request) GitLab Enterprise Edition
• Update expires_at column value to 365 days from now when its nil (merge request)
• Move code suggestions beta feature to free (merge request) GitLab Enterprise Edition
• Add password complexity to registration features (merge request)
• Update environments empty state by @catinbag (merge request)
• Update new entity pages crumbs by @catinbag (merge request)
• Add description_diffs to Registration Features (merge request)
• Expose link to runner if admin (merge request)
• Stores job exceptions into sampling artifacts (merge request)
• Two column format in sign in/up page (merge request)
• Move external issue trackers and wikis from Uncategorized to Plan (merge request)
• Remove formatting bubble menu (merge request)
• Add a warning about a db requirement (merge request)
• Gitlab Chat guarded by AI toggle (merge request) GitLab Enterprise Edition
• Designs: add widget styles (merge request)
• Extend dependencies finder to group level (merge request) GitLab Enterprise Edition
• Set PostgreSQL 13 as the minimum supported version (merge request)
• Lower ProcessSyncEventsWorker dedupe TTL to 1 minute (merge request)
• Return HTTP 410 Gone status code from POST /runners endpoint (merge request)
• Upgrade to doorkeeper-openid_connect v1.8.6 (merge request)
• Disable invalid_scan_result_policy_prevents_merge by default (merge request) GitLab Enterprise Edition
• Remove "merged" icon for merge train in activity (merge request)
• Add feature flag and show new tab (merge request) GitLab Enterprise Edition
• Rename widgets to panels to align with pajamas guidelines (merge request) GitLab Enterprise Edition
• Add admin access option to protected branches and tags (merge request)
• Adds backfill migration for secure file metadata fix (merge request)
• Updates keep rules text for container cleanup policies (merge request)
• Remove stickyness from Diff Stats Header (merge request)
• Update Scan Result Policy documentation (merge request)
• Remove broadcast messages for sign in/sign up flows (merge request) GitLab Enterprise Edition
• Change cancel running button (merge request)
• Refactor group level runner registration setting by @markus.ferrell (merge request)
• Reschedule evidences migration from raw_metadata (merge request) GitLab Enterprise Edition
• Use correct migration finalisation method (merge request)
• Add Admin Mode to new navigation (merge request) GitLab Enterprise Edition
• Improve file upload experience in content editor (merge request)
• Removed autofocus from fields throughout the registration flow (merge request) GitLab Enterprise Edition
• Disable rule mode when vulnerability_states are invalid (merge request) GitLab Enterprise Edition
• UI polish: Spacing in runner list (merge request)
• Cleanup disallow_environment_name_update feature flag (merge request)
• Clarify iteration rollover depends on timezone (merge request) GitLab Enterprise Edition
• Remove user legacy Web IDE toggle (merge request)
• Schedule database index on members (merge request)
• Ignore temp schema objects (merge request)
• Notify KAS on git push events (merge request)
• Refactor compliance framework create/edit to modals (merge request) GitLab Enterprise Edition
• Upgrade to Gemnasium v4 (merge request) GitLab Enterprise Edition
• Disable importers by default in new self-manages instances (merge request)
• Add tooltips to jobs table actions (merge request)
• Add extra instructions for self-managed setup (merge request)
• Enable New Environment Details Page (merge request)
• Update layout of admin labels page (merge request)
• Fixes incorrect expiration date in secure files metadata (merge request)
• Add metrics to GCP banner by @asadath1395 (merge request)
• Add filter by package_name for dependencies (merge request) GitLab Enterprise Edition
• Updated hide/reveal password input to be reuseable (merge request)
• Unlink achievement visibility from namespace visibility by @Taucher2003 (merge request)
• Hide banner when subscription is already on cloud licensing (merge request) GitLab Enterprise Edition
• Removed autofocus on fields throughout the registration flow (merge request) GitLab Enterprise Edition
• Update status and policy drawer tab titles (merge request) GitLab Enterprise Edition
• Reorganize Analytics tab in general settings (merge request) GitLab Enterprise Edition
• Migrate all daily aggregated RedisHLL events to weekly (merge request)
• Adapt status filtering to support new values (merge request) GitLab Enterprise Edition
• Enable mirror only branches match regex feature flag by default by @lyb124553153 (merge request) GitLab Enterprise Edition
• Increment the major version of DAST API and API Fuzzing (merge request) GitLab Enterprise Edition
• Clarify message about no analytics data to show (merge request)
• Rescue errors when dropping pg_stat_statements view (merge request)
• Support deduplicated package licenses (merge request) GitLab Enterprise Edition
• Mark environment URLs as unsafe (merge request)
• Fix runtime check for Puma v6 (merge request)
• Allow just one parallel job by @mcfedr (merge request)
• Remove IncubationAlert from ml_experiments_show (merge request)
• Update Settings/Pages layout by @catinbag (merge request)
• Remove Incubation Alert from ml_experiments_index (merge request)
• Delayed deletion, enabled by default (merge request)
• Removes Incubation alert from ml_candidate_show (merge request)
• Cleanup environment_search_api_min_chars feature flag (merge request)
• Updates mermaid to 10.0.2 (merge request)
• Mark project_fingerprint as experiment (merge request) GitLab Enterprise Edition
• Enable restrict_merge_status_recheck feature flag (merge request)
• Remove feature flag ci_builds_columns_size_validation (merge request)
• Used GlBroadcastMessage for table preview by @catinbag (merge request)
• Default to two database connections for source install (merge request)
• Remove sub-nav transition animation in new sidebar (merge request)
• Update tags list (merge request)
• Remove draft_quick_action_non_toggle feature flag (merge request)
• Remove Blame page streaming feature flag (merge request)
• Enable password check on registration trial page (merge request)
• Upgrade kas-grpc gem to 0.1.0 (merge request)
• Linear groups finder queries (merge request)
• Update gitlab pages (merge request)
• Disable automatic Todo creation for approvers (merge request) GitLab Enterprise Edition
• Update commits list UI (merge request)
• Ensure all CI config loading uses correct loader (merge request)
• New layout for editors (merge request)
• Note actions: Dropdown migration to use Disclousre dropdown (merge request)
• Fix inconsistencies in new file form (merge request)
• Add empty state for jobs tab in runner details (merge request)
• Preselect trial on namespace if started inside namespace (merge request) GitLab Enterprise Edition
• Capture GRPC::ResourceExhausted error (merge request)
• Extract subscriptions comparison url to saas.rb by @orozot (merge request) GitLab Enterprise Edition
• Make operators prop required for NumberRangeSelect (merge request) GitLab Enterprise Edition
• Record first_contribution for all contributors (merge request)
• Add empty state for jobs tab in runner details by @glauciellesa (merge request)
• Enable invalid_scan_result_policy_prevents_merge by default (merge request) GitLab Enterprise Edition
• Add issue description to thank you email in SD (merge request)
• Branches list: move delete branches button into dropdown (merge request)
• Disallow negative integers for vulnerabilities_allowed (merge request) GitLab Enterprise Edition
• Disable rule mode when vulnerabilities_allowed is invalid (merge request) GitLab Enterprise Edition
• Initialize the migration to convert pk for ci_pipeline_variables (merge request)
• Set jira_dvcs_end_of_life_amnesty to default false (merge request)
• Confirm before disabling group shared runners (merge request)
• Update snippet form (merge request)
• Displays latest pipeline on package list page (merge request)
• Streamline notification style for deleting release by @catinbag (merge request)
• Restyle integrated error details info (merge request)
• Branches list: Improve list styling (merge request)
• Add backend for exporting compliance frameworks (merge request) GitLab Enterprise Edition
• Removed DORA metrics tiles from VSA Overview page (merge request)
• Add screen reader title to broadcast message (merge request)
• Reaction: Remove toast (merge request)
• Show alert when shared runners setting is disabled (merge request)
• Add first_contribution field to MR metrics (merge request)
• Remove route_hll_to_snowplow_phase3 FF (merge request)
• Add advisories to package metadata (merge request) GitLab Enterprise Edition
• Hides users from protected branch setting dropdown (merge request) GitLab Enterprise Edition
• Use native number input for weight on "New issue" form (merge request) GitLab Enterprise Edition
• Success alert when runner is assigned to project (merge request)
• Bump major version of secrets (merge request)
• Renamed View Merged YAML to Full configuration by @catinbag (merge request)
• Update dependency auto-deploy-image to v2.48.2 (merge request)
• Update edit issuables button to bulk edit (merge request)
• Avoid redundant job refetching by @TrueKalix (merge request)
• Disable Role-based Approvals for Guests/Reporters (merge request) GitLab Enterprise Edition
• Change color function to check for relative luminance (merge request)
• Initialize the migration to convert pk to bigint for ci_pipelines (merge request)
• Add info popover to status checks (merge request) GitLab Enterprise Edition
• Swap system_note_metadata.note_id to bigint (merge request)
• Add allowed vulnerabilities number information to policy drawer (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.23.0 (merge request)
• Update sast analyzer major versions (merge request)
• Use new priority label illustration in empty state (merge request)
• Release reading fingerprints from UploadedFile instance in maven upload (merge request)
• Remove package icon from package row by @catinbag (merge request)
• This MR adds preserving state of selected filters (merge request) GitLab Enterprise Edition
• Splits mlflow.rb into multiple files (merge request)
• Remove admin override for ProtectedRef Access (merge request)
• Remove unnecessary attributes for filters in vulnerability_filters.vue (merge request) GitLab Enterprise Edition
• Update stackprof to v0.0.25 (merge request)
• Remove strict_ip_enforcement feature flag for universal enablement (merge request)
• Update labels page design (merge request)
• Fetch traces only when on tab (merge request)
• Add a note to about Azure Database for PostgreSQL Flexible Server (merge request)
• Enable GraphQL subscription load balancing (merge request)
• Retain selection in content editor on blur (merge request)
• Change warning text when adding a related issue as a Guest by @LXY1226 (merge request)
• Add sorting for the dependencies_resolver (merge request) GitLab Enterprise Edition
• Never show security configuration upgrade banner in CE (merge request)
• Select range for allowed vulnerabilities using dropdown (merge request) GitLab Enterprise Edition
• Pass namespace in the params (merge request) GitLab Enterprise Edition
• Add rake task to maintain Geo SSF metric schema (merge request) GitLab Enterprise Edition
• Restrict cleanup migrations only for GitLab.com (merge request)
• Remove group_analytics_dashboards_page feature flag (merge request)
• Add buttons to access docs and copy Terraform init command by @glauciellesa (merge request)
• Upgrade Container Scanning analyzer to version 6 (merge request) GitLab Enterprise Edition
• Combine import, export, and subscribe options into dropdown (merge request)
• Cleanup legacy_merge_request_state_check_for_merged_pipelines flag (merge request)
• Update cluster management project template to latest revision (merge request)
• Remove redundant alert message for CI/CD variables setting (merge request)
• Add support for separate wiki index (merge request) GitLab Enterprise Edition
• Update docs and Rake task to require Redis 6 (merge request)
• Sign ansi2json state by default (merge request)
• Update user admin header (merge request)
• Hide borders when entering admin mode - 2 (merge request)
• Group import/export requirements button into dropdown (merge request)
• Improve TeleSign logging (merge request) GitLab Enterprise Edition
• Support custom format in getTimeago (merge request)
• Make name in ScanExecutionPolicyCommit mutation mandatory (merge request) GitLab Enterprise Edition
• Move edit compliance form into modal (merge request) GitLab Enterprise Edition
• Remove margin class from related item component (merge request)
• Remove border on merge request sticky header (merge request)
• Remove "hash form" support in alert management router by @ali_o_kan (merge request)
• Implement timeout for the blockquote banzai filter (merge request)
• Remove unused shortcuts (merge request)
• Add runner_id, runner_environment and sha claims to CI JWT V2 (merge request)
• Activity sort filter dropdown migration (merge request)
• Add running Scan Execution Policies for merge_request_event pipelines (merge request)
• This MR adds empty state selector (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in HAML files by @JonstonChan (merge request)
• Improve job fixutre by @TrueKalix (merge request)
• GraphQL: Change runner.projects default sort (merge request)
• Action Cable metrics: add labels to transmit (merge request)
• Add data to Code Quality MR diff json (merge request)
• FOSS VSA spec reflects component dir structure by @catinbag (merge request)
• Rename include:with to include:inputs (merge request)
• Update parsing of *_DISABLED variables (merge request)
• Refactor/Clean up users specs by @TrueKalix (merge request)
• Disallow NO_ACCESS for UnprotectAccessLevel#access_level (merge request) GitLab Enterprise Edition
• Clean up soft_email_confirmation ff (merge request)
• Move edit label action into dropdown (merge request)
• Preinstall prettier for gitpod (merge request)
• Hide borders when entering admin mode (merge request)
• Replaced Feature flag to reduce aggregation schedule lease (merge request)
• Adapt MR widget to support fail-closed approval rules (merge request) GitLab Enterprise Edition
• Update vendored Express project to match project template by @JonstonChan (merge request)
• Improve repo forking layout by @catinbag (merge request)
• Simplify this_desctructuring in components by @catinbag (merge request)
• Set approval rule as invalid if there are not enough approvers (merge request) GitLab Enterprise Edition
• Make new label form pajamas-compliant (merge request)
• Update admin labels page (merge request)
• Update Value Streams Dashboard title and description (merge request) GitLab Enterprise Edition
• Create a utils helper to generate date ranges by @catinbag (merge request) GitLab Enterprise Edition
• Update label styling (merge request)
• Rename 'Terraform menu' to 'Terraform states' (merge request)
• Rate limit API deletion of member (merge request)
• Improve audit streams display (merge request) GitLab Enterprise Edition
• This MR creates new filtering layout (merge request) GitLab Enterprise Edition
• Geo: Reduce exclusive lease log noise (merge request) GitLab Enterprise Edition
• Update issuable list design (merge request)
• This MR migrates Dropdown to RefSelector (merge request)
• Add small animation to "Finish review" button (merge request)
• Move code suggestions feature to Premium (merge request) GitLab Enterprise Edition
• Use merge_base_pipeline for security report comparison MR widget by @jimmy-outschool (merge request) GitLab Enterprise Edition
• Auto-selects labels created in dropdown (merge request)
• Move streaming frontend bundle to separate action (merge request)
• Reschedule migration for (merge request) GitLab Enterprise Edition
• Expose valid_runner_registrars in Application Settings API by @tomsiewert (merge request)
• Always show target url on note email (merge request)
• Use textarea instead of text field for label description (merge request)
• Restyle color chips in label selector (merge request)
• Update issuable lists (merge request)
• Remove futile colon in userfacing Error Message util (merge request)
• Combine RSS and calendar options into dropdown on dashboard issues (merge request)
• Fix right padding on LDAP radio buttons (merge request) GitLab Enterprise Edition
• Adjusts param handling in namespace API (merge request) GitLab Enterprise Edition
• Update openssl gem to v3.1.0 (merge request)
• Update dependency auto-build-image to v1.32.0 (merge request)
• Update dependency auto-deploy-image to v2.48.1 (merge request)

Deprecated (15 changes)

• Add Metrics Dashboard GraphQL API to FF (merge request)
• Move merged_by under pull_request namespace (merge request)
• Announce deprecation of omnibus packaged Grafana (merge request)
• Return an empty pipelines in the package REST API payload (merge request)
• Deprecate backfill traversal ids to blobs and wiki blobs (merge request) GitLab Enterprise Edition
• Analyzer consolidation for 16.0 (merge request)
• Deprecate obsolete migrations (merge request) GitLab Enterprise Edition
• Move reviews under to pull_request namespace (merge request)
• GraphQL: Rename RunnerMembershipFilter to CiRunnerMembershipFilter (merge request)
• Remove CreateCrossProjectPipelineWorker (merge request)
• Deprecate add hidden to issues migration (merge request) GitLab Enterprise Edition
• GraphQL: Rename CiRunnerUpgradeStatusType to CiRunnerUpgradeStatus (merge request)
• Deprecate CiRunner.projects default sort order value for removal in 17.0 (merge request)
• Deprecate user index migrations (merge request) GitLab Enterprise Edition
• Remove CreateCrossProjectPipelineWorker (merge request)

Removed (73 changes)

• Remove legacy project routes (merge request)
• Remove depricated Monitor Metrics feature (merge request)
• Remove unused ci_triggers.ref column (merge request)
• Geo Sites - Remove Full Details button (merge request) GitLab Enterprise Edition
• Set default PAT expiration to 365 days from now (merge request)
• Remove the opt_in_jwt feature (merge request)
• Announce removal of Redis localhost ports (merge request)
• Add 16.0 Grafana Helm Chart removal notice (merge request)
• Revert "Merge branch 'suppress-schema-deprecation-warning' into 'master'" (merge request) GitLab Enterprise Edition
• Add 16.0 breaking change removal notice for PG12 (merge request)
• Remove deprecated security schemas (merge request) GitLab Enterprise Edition
• Remove deprecated 'started' state for iteration (merge request)
• Remove DS support for Java 13 to 16 (merge request) GitLab Enterprise Edition
• Remove POST /ci/lint (merge request)
• Remove deprecated environment_tier param (merge request) GitLab Enterprise Edition
• Remove License-Check feature (merge request) GitLab Enterprise Edition
• Remove unused sequence from VSD table (merge request)
• GH-style Jira OAuth endpoints default return 404 (merge request)
• Set ci_remove_legacy_predefined_variables default ON (merge request)
• Remove legacyMode for runner status in graphql (merge request)
• Remove obsolete npm packages tags shared example (merge request)
• Migration remove gitlab as import_source (merge request)
• Remove jira_connect/users page (merge request)
• Remove setting Redis config file path via env (merge request)
• Drop clusters_applications_prometheus table (merge request)
• Remove deprecated gitlab.com importer (merge request)
• Add migration to drop crossplane (merge request)
• Remove SoftwareLicensePolicies without ScanResultPolicy (merge request) GitLab Enterprise Edition
• Remove special Redis fallback URLs (merge request)
• Remove toggle for limiting JWT token access (merge request)
• Drop clusters_applications_jupyter table (merge request)
• Remove setting Redis config file path via env var (merge request)
• Drop clusters_applications_cert_managers table (merge request)
• Remove POST approvals endpoint (merge request) GitLab Enterprise Edition
• Remove pql_three_cta_test (merge request) GitLab Enterprise Edition
• GH-style Jira DVCS endpoints return 404 by default (merge request)
• GraphQL: Remove CiCdSettingsUpdate (merge request)
• Remove redundant index from container_repositories (merge request)
• Enable frozen outbound job tokens by default (merge request)
• Add changelog item for redis 5 removal (merge request)
• Remove PipelineSecurityReportFinding.name GraphQL field (merge request) GitLab Enterprise Edition
• Remove preload_max_access_levels_for_labels_... FF (merge request)
• Remove the apiFuzzingCiConfigurationCreate GraphQL mutation (merge request) GitLab Enterprise Edition
• Remove revoked agent tokens from API (merge request)
• Remove Redownload button (merge request) GitLab Enterprise Edition
• Remove feature flag for ci_fix_for_runner_cache_prefix (merge request)
• Remove vulnerabilityFindingDismiss GraphQL mutation (merge request) GitLab Enterprise Edition
• Remove confidence field from PipelineSecurityReportFinding type (merge request) GitLab Enterprise Edition
• Drop U2F foreign key from WebauthnRegistrations (merge request)
• Remove legacy Sidekiq Daemon Memory Killer (merge request)
• Remove 'external' field in ReleaseAssetLink type by @missy-davies (merge request)
• Remove external field from Releases and Release Links APIs by @missy-davies (merge request)
• Remove column application_settings clickhouse_connection_string (merge request)
• Remove Bare repository import rake task (merge request)
• Remove the feature flag npm_obtain_lease_to_create_package (merge request)
• Remove refactor_vulnerability_filters feature flag (merge request) GitLab Enterprise Edition
• Remove the legacy Contribution App and feature flag (merge request) GitLab Enterprise Edition
• Stop using file_md5 from debian component files by @sathieu (merge request)
• Revert "Merge branch 'issue_370251_remove_namespace_agg_scheduler_lease' into 'master'" (merge request)
• Migration to remove phabricator (merge request)
• Clean up role_targeted_broadcast_messages (merge request)
• Remove RT issue weight feature flag (merge request)
• Removes the feature flag use_sub_repositories_api (merge request)
• Remove index_security_scans_on_pipeline_id concurrently (merge request)
• Remove phabricator code, docs and metrics (merge request)
• Remove job_age from jobs/request API endpoint (merge request)
• Unset POSTGRES_ENABLED in Auto DevOps template (merge request)
• Removing Pipeline Activity Limit in 16.0 as the feature is deprecated (merge request)
• Cleanup the detect_android_projects (merge request)
• Remove exit_registration_verification feature (merge request)
• Remove temporary index tmp_idx_package_files_on_non_zero_size (merge request)
• Remove GitHub import deprecated workers (merge request)
• Remove gitbook project template (merge request)

Security (10 changes)

• Bump gitaly version (merge request)
• Only maintainers of projects should be able to assign runners to them
• Relay state to check for only allowing sub paths (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Add specs for external users flag (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)

Performance (11 changes)

• Drop partial_index_deployments_for_project_id_and_tag (merge request)
• Use linear query to refresh the project authorizations (merge request)
• Enable Deployments API error on updated_at filter by default (merge request)
• Remove the ci_enforce_rate_limits_jobs_api feature flag (merge request)
• Set rate limit by default (merge request)
• Add code for the new permutation migration (merge request) GitLab Enterprise Edition
• Fix usage of enqueue_delete_todos (merge request)
• Optimise deployments table by removing an unused index (merge request)
• Allow using db replicas for GraphQL subs (merge request)
• Process limited number of refs in commit (merge request)
• Performance: Preload pipeline in PipelinesController to fix N+1 (merge request)

Other (56 changes)

• Add states and registry table to add SSF support for designs (merge request)
• Rate limits for unauthenticated Projects API use (merge request)
• Synchronously removing merge_request_mentions_temp_index (merge request)
• Add store labels to gitlab_cache_read_multikey_count metric (merge request)
• Update Gitlab Shell version to 14.20.0 (merge request)
• Logs all Exception errors from DB LB service discovery (merge request)
• Revert "Merge branch '388156-read-vuln-custom-role' into 'master'" (merge request)
• Use listbox in image_filter (merge request) GitLab Enterprise Edition
• Remove DropOlderDeploymentsWorker (merge request)
• Prepare async index for system_note_metadata (merge request)
• Remove recursive_approach_for_all_projects feature flag (merge request)
• Remove feature flag sign_and_verify_ansi2json_state (merge request)
• Update PipelineProcessWorker dedup strategy (merge request)
• Add a new worker for wiki indexing (merge request) GitLab Enterprise Edition
• Disable optional runner token encryption for groups and projects (merge request)
• Use clean_gitlab_redis_rate_limiting in search specs to avoid rate limit by @asadath1395 (merge request)
• Remove application_settings_tokens_optional_encryption feature flag (merge request)
• Update restore docs to reflect changes in restore process (merge request)
• Refactored project creation updation events (merge request) GitLab Enterprise Edition
• Add a migration to add prefix project in wiki rid (merge request) GitLab Enterprise Edition
• Record VSD total visits weekly and monthly (merge request) GitLab Enterprise Edition
• Prepare indexes for converting notes.id to bigint (merge request)
• Use invoice preview API to calculate plan pricing for SaaS purchase (merge request) GitLab Enterprise Edition
• Extract token masking code into a separate class by @asadath1395 (merge request)
• Clean up FF remove_job_age_from_jobs_api (merge request)
• Remove use_replica_for_mailers feature flag (merge request)
• Drop cycle analytics unused tables (merge request)
• Make DesignManagement::Repository a container for GitRepository (merge request)
• Update OpenAI::Client cost tracking to include feature category (merge request) GitLab Enterprise Edition
• Remove use_merge_base_for_security_widget feature flag (merge request)
• Refactored audit events for projects (merge request) GitLab Enterprise Edition
• Swap todos.note_id to bigint (merge request)
• Replace legacy variable CI_BUILD_TAG with CI_COMMIT_TAG (merge request)
• Remove 24h time setting (merge request)
• Fix existing incidents issue_type/work_item column out of sync (merge request)
• Add bulk_imports_batched_import_export feature flag (merge request)
• Use database replica for active jobs (merge request)
• Remove jira_connect_oauth FF (merge request)
• Refactored Contribution Analytics Jest test data to GraphQL Fixtures (merge request) GitLab Enterprise Edition
• Add tooltip to feature flag descriptions by @JonstonChan (merge request)
• Delete vue_issues_dashboard feature flag (merge request)
• Modify rubocop to allow revert (merge request)
• Remove dynamic_image_resizing feature flag (merge request)
• Remove ClusterRateLimiting and related feature flags (merge request)
• Fix Style/EmptyElse Cop by @JonstonChan (merge request)
• Adds more info in BBM health status logger (merge request)
• Updating partitioning docs to reflect BBM changes (merge request)
• Backfill design_management_repositories table (merge request) GitLab Enterprise Edition
• Swap award_emoji.awardable_id to bigint (merge request)
• Change Service Desk setting text (merge request)
• Change convert type to work item MVC feature flag (merge request)
• Clean up FF ci_fix_max_includes (merge request)
• Prepare async index creation. Temp issue_type for incidents index (merge request)
• Purges legacy bg migration helpers from partitioning helpers (merge request)
• Add index to group_group_links table (merge request)
• Validate the projects.creator_id foregin key synchronously (merge request)

15.11.13 (2023-07-27)

Fixed (1 change)

• Disable IAT verification by default (merge request)

15.11.12 (2023-07-14)

No changes.

15.11.11 (2023-07-04)

Security (1 change)

• Add authorization to the subscriptions group controller (merge request)

15.11.10 (2023-06-28)

Security (10 changes)

• Revert 'security-leaked-ci-job-token-permission-15-11' from '15-11'" (merge request)
• Use fully qualified ref when loading code owner file (merge request)
• Maintainer can leak masked webhook secrets by manipulating URL masking (merge request)
• Remove approvals when the only commit gets amended (merge request)
• Fix for fork permissions check in compare controller (merge request)
• Webhook token leaked in Sidekiq logs if log format is 'default' (merge request)
• Mitigate epic reference filter ReDOS (merge request)
• Increasing security for CI_JOB_TOKEN on public and internal projects (merge request)
• Sanitize user email addresses in admin confirm user dialog (merge request)
• Obfuscate email of service desk issue creator in issue REST API (merge request)

15.11.9 (2023-06-15)

Changed (1 change)

• Make MigrateSharedVulnerabilityIdentifiers use slow iteration (merge request) GitLab Enterprise Edition

15.11.8 (2023-06-06)

Fixed (2 changes)

• Fix memory leak in CI config includes entry (merge request)
• Fix serialization of pull_requests in Bitbucket Server Import (merge request)

Security (1 change)

• Validate description length in labels (merge request)

Performance (1 change)

• LFS: Serve pre-signed URLs in /lfs/objects/batch (merge request)

15.11.7 (2023-06-05)

Security (16 changes)

• Fix DoS on test report artifacts (merge request)
• Fix XSS in Abuse Reports form action (merge request)
• Escape the source branch link correctly (merge request)
• Import source owners with maintainer access if importer is a maintainer (merge request)
• Filter inaccessible issuable notes when exporting project (merge request)
• Block tag names that are prepended with refs/tags/, due to conflicts (merge request)
• Set IP in ActionContoller filter before IP enforcement is evaluated (merge request)
• Prevent primary email returned as verified on unsaved change (merge request)
• Use UntrustedRegexp to protect FrontMatter filter (merge request)
• Improve ambiguous_ref? logic to include heads and tags (merge request)
• Use UntrustedRegexp to protect InlineDiff filter (merge request)
• Ignore user-defined diff paths in diff notes (merge request)
• Reject NPM metadata requests with invalid package_name (merge request)
• Use UntrustedRegexp to protect MathFilter regex (merge request)
• Resolve Overall Project Vulnerability Disclosure (merge request)
• Validate description length in labels (merge request)

15.11.6 (2023-05-24)

Changed (1 change)

• Introduce parallelised BitBucket Server Importer (merge request)

15.11.5 (2023-05-19)

Fixed (5 changes)

• Makes roadmap current day indicator & timeline locale aware (merge request) GitLab Enterprise Edition
• Fix height calculations with roadmap to prevent extra scrollers (merge request) GitLab Enterprise Edition
• Update by_parent filter in EpicsFinder (merge request) GitLab Enterprise Edition
• Fix no_proxy not working when DNS rebinding protection enabled (merge request)
• Remove epic date fields authorization (merge request) GitLab Enterprise Edition

15.11.4 (2023-05-16)

Fixed (2 changes)

• Do not autofocus the description field (merge request)
• Fix group blobs search permission when migration is not complete (merge request) GitLab Enterprise Edition

Changed (1 change)

• Use correct migration finalisation method (merge request)

15.11.3 (2023-05-10)

Fixed (2 changes)

• Fix issue description keeping autosave after save
• Backport MR 119319 changes to 15-11-stable-ee

Changed (1 change)

• Restrict cleanup migrations only for GitLab.com

15.11.2 (2023-05-03)

Security (2 changes)

• Only maintainers of projects should be able to assign runners to them (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver

15.11.1 (2023-05-01)

Fixed (2 changes)

• Fix search cron worker when indexing is disabled GitLab Enterprise Edition
• Fix Web IDE Beta icons not loading in Safari

Security (9 changes)

• Set minimum role for importing projects to Maintainer (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Add specs for external users flag (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.11.0 (2023-04-21)

Added (175 changes)

• Add error logic for admin jobs vue by @TrueKalix (merge request)
• Added migration and models for instance external audit events (merge request) GitLab Enterprise Edition
• Add "explain this vulnerability" feature to vuln details page (merge request) GitLab Enterprise Edition
• Add empty state to admins jobs vue by @TrueKalix (merge request)
• Add support for snowplow PA configurator (merge request)
• GraphQL project fields to get refs tipping at a commit (merge request)
• Add vulnerabilityIssueLinkCreate GraphQL mutation (merge request) GitLab Enterprise Edition
• Add milestone reference to removed milestone note (merge request)
• Add user_identities field to JWTv2 by @joe-snyder (merge request)
• Create GraphQL endpoint for Explain Vulnerability (merge request) GitLab Enterprise Edition
• Automatically index projects in Zoekt when namespace is enabled (merge request) GitLab Enterprise Edition
• Add AwardEmoji widget update (merge request)
• Add runner's creator to runner admin and group (merge request)
• Include Jira issue keys for related MRs (merge request)
• Adds service desk verification result email (merge request)
• Enable pages unique domain feature flag by default (merge request)
• Add "explain this vulnerability" feature to vuln details page (merge request) GitLab Enterprise Edition
• Prepare job artifacts file_final_path column (merge request)
• Add awardEmoji field to merge request graphql type by @Taucher2003 (merge request)
• Event tracking for Debian packages by @sathieu (merge request)
• Show pods on Environment index page (merge request)
• Add table and data to view by @TrueKalix (merge request)
• Add llm_bot for LLM-generated content attribution (merge request)
• Allow pasting raw content in content editor (merge request)
• Add frontend testing guidelines for apollo mock queries/mutations (merge request)
• Add pnpm to Dependency API (merge request) GitLab Enterprise Edition
• Add link to feedback issue (merge request) GitLab Enterprise Edition
• Project specific runner registration control for admins by @markus.ferrell (merge request)
• Adds navigation menu for Model experiments (merge request)
• Enable CI Interpolation feature flag (merge request)
• Add ability to filter compliance violations by target branch (merge request) GitLab Enterprise Edition
• Enable multi-doc YAML parsing by default (merge request)
• Add index for namespaces by root namespace lookup (merge request)
• Add issue/merge_request_assignment_events tables (merge request)
• Add PNPM support (merge request)
• Adds package forwarding warning to delete modal (merge request)
• Add /admin/search/zoekt APIs for controlling Zoekt rollout (merge request) GitLab Enterprise Edition
• Record work item linking events (merge request)
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Add worker to sync approval rules from security_findings (merge request) GitLab Enterprise Edition
• Expose unified approvals via GraphQL (merge request) GitLab Enterprise Edition
• Add abuse_trust_scores table (merge request)
• Allow project migrations in GitLab Direct Transfer (merge request)
• Add admin setting to sync license db (merge request)
• Add REST endpoint to create runner associated to a user (merge request)
• Groups - Remove show_group_readme FF (merge request)
• Notification widget for work items (merge request) GitLab Enterprise Edition
• Download candidate data as csv (merge request)
• Add missing approval rule settings to group project templates (merge request)
• Backfill the missing wiki permissions in the main index (merge request) GitLab Enterprise Edition
• Add UI to summarize notes (merge request) GitLab Enterprise Edition
• Update runner manager records when runner managers poll for jobs (merge request)
• Enable creation of runner manager records for active runner managers (merge request)
• Prepare system_note_metadata for bigint migration (merge request)
• Expose GitLab Maintenance Mode to internal metrics (merge request)
• Change order for issue_user_mentions PK swap (merge request)
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Add Silent mode application setting (merge request)
• Added the AiGenie component (merge request) GitLab Enterprise Edition
• Adds new MergeRequests::Llm::SummarizeMergeRequestService (merge request) GitLab Enterprise Edition
• Swap issue_user_mentions.note_id to bigint (merge request)
• Implement GraphQL mutation/subscription for AI (merge request) GitLab Enterprise Edition
• Roll out Import remote file from AWS S3 (merge request)
• Allow users to delete experiments (merge request)
• Feat(Subscription Purchase): error_attribute_map (merge request) GitLab Enterprise Edition
• Track npm dist tags routes via snowplow (merge request)
• Add User Identities toggle to User Preferences by @joe-snyder (merge request)
• Add AwardEmoji widget to work items (merge request)
• Add audit event for code suggestions (merge request) GitLab Enterprise Edition
• Instrument database mode in service ping report (merge request)
• Work item comment reply changes (merge request)
• Add shared examples to ci, issues und pages tests by @TrueKalix (merge request)
• Add code suggestions UI (merge request) GitLab Enterprise Edition
• Add reveal-conceal password option (merge request) GitLab Enterprise Edition
• Add create mr button (merge request)
• Add service for syncing approval rules from security_findings (merge request) GitLab Enterprise Edition
• Adds service desk custom email verification email (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• feat: Bump Code-Quality image to 0.94.0 (merge request)
• Send e-mail when achievements are awarded (merge request)
• Audit unban action (merge request) GitLab Enterprise Edition
• Add support for project wiki repositories in the Geo SSF (merge request) GitLab Enterprise Edition
• Add ability to cycle around with keyboard in the header search (merge request)
• Allows for fetching candidate data as csv (merge request)
• Add link to branch rules from codeowners block (merge request)
• Enable Web IDE Beta by default (merge request)
• Create ResourceLinkEvent model and table (merge request)
• Add parent_oid and is_valid to postgres_foreign_keys (merge request)
• Add global time tracking report by @zillemarco (merge request)
• Add API endpoint for retrieving limit exclusions (merge request) GitLab Enterprise Edition
• Adds mutation to create a catalog resource (merge request)
• Added the FE support to Experimental API (merge request) GitLab Enterprise Edition
• Add API for deleting limit exclusion records (merge request) GitLab Enterprise Edition
• Add project group link delete cascade fk (merge request)
• Add API for creating limit exclusions (merge request) GitLab Enterprise Edition
• Include Jira issue keys for related MRs (merge request)
• Adds adjacentWorkItemId and relativePosition fields to Work Item Update by @pkor-ext (merge request)
• Show which CI job currently uses the resource group (merge request)
• Check if user has exceeded git rate limits before forking project (merge request) GitLab Enterprise Edition
• Add CurrentUserTodos widget to add and mark todos (merge request)
• Adds Projects::Ml::CandidatesController.detroy (merge request)
• Expose server SSH host and port in predefined CI variables by @nejc (merge request)
• Exclude namespace-banned users from being counted as billable members (merge request) GitLab Enterprise Edition
• Add a "root_directory" to the pages deployment (merge request)
• Prepare issue_user_mentions for bigint migration (merge request)
• Add audit events schema definition (merge request) GitLab Enterprise Edition
• Remove flag: multiple environment approval rules (merge request)
• Display how far a fork is behind/ahead of its upstream by default (merge request)
• Add forks storage size columns to root storage statistics table (merge request)
• Adds link to settings from package registry list page (merge request)
• Show promotional blurb when applicable (merge request) GitLab Enterprise Edition
• Assign/Unassign WI note to commentator (merge request)
• Make menu items in new navigation sidebar pinnable (merge request)
• Add secret detection in Issue description (merge request)
• Enable parallel execution for batched migrations (merge request)
• Add batched migrations parallel limit setting (merge request)
• Add filtering to compliance framework report (merge request) GitLab Enterprise Edition
• Add user toggle for achievements (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Add achievement update GraphQL mutation (merge request)
• Introduce a model for npm metadata (merge request)
• Add CurrentUserTodos widget (merge request)
• Cleanup Debian incoming files daily by @sathieu
• Rolls out incident_event_tags feature
• Add sync index vulnerability_finding_signatures_on_signature_sha
• Enable Value Stream Dashboard FF (merge request) GitLab Enterprise Edition
• Rolls out incident_event_tags feature (merge request)
• Initialize conversion of events.target_id (merge request)
• Add workItemConvert mutation (merge request)
• Audit ban action (merge request) GitLab Enterprise Edition
• Cleanup Debian incoming files daily by @sathieu (merge request)
• Add a "publish" instruction to the pages job (merge request)
• Pause batched migration when patroni apdex drop below SLO (merge request)
• Make frequent projects/groups list editable (merge request)
• Expose Agent ID in agent view page (merge request)
• Implement bulk applying compliance framework (merge request) GitLab Enterprise Edition
• Add plan limits of access tokens (merge request)
• Add screenshot field to report abuse form (merge request)
• Prepare async index security_scans_on_pipeline_id_and_scan_type (merge request)
• Add audit event schema definitions (merge request) GitLab Enterprise Edition
• Update group-level branch selector to a dropdown (merge request) GitLab Enterprise Edition
• Release CODEOWNERS default owners (merge request)
• Adds UI sorting by total storage size column (merge request) GitLab Enterprise Edition
• Removes ci_recreate_downstream_pipeline feature flag (merge request)
• Adds internal_id and project_id to Ml::Candidate (merge request)
• Initialize conversion of awardable_id to bigint (merge request)
• Add sync index vulnerability_finding_signatures_on_signature_sha (merge request)
• Add rails endpoint for work item import (merge request)
• Add DoraPerformanceScore model (merge request)
• Validate ci_builds partitioning constraint (merge request)
• User unblock audit event (merge request) GitLab Enterprise Edition
• Add secret detection for replies (merge request)
• Add approved filter to merge requests api by @Taucher2003 (merge request)
• Index vulnerability findings on uuid including vuln id (merge request)
• Support quick actions for new work item comments (merge request)
• Prepare note_diff_files for bigint migration (merge request)
• Added support for CODEOWNERS syntax highlighting (merge request)
• Add updated_after and updated_before to projects REST API (merge request)
• Add role_approvers to scan result policy (merge request) GitLab Enterprise Edition
• Add index to package files on package_id and created_at DESC (merge request)
• Add a table for design repo and a class for the corresponding git repo (merge request)
• Finalize issues iids scoping to namespace_id (merge request)
• Allow WIT changes and fix issue types changes (merge request)
• Perform asynchronous index creation (merge request)
• Add role_approvers to graphql response (merge request) GitLab Enterprise Edition
• Warn users about tokens in the comments (merge request)
• Log slowest HTTP requests (merge request)
• Enable Slack slash command to declare incidents (merge request)
• Add bulk publish endpoint to Draft Notes API (merge request)
• Adds check for release service (merge request)
• Add delete achievement mutation and service (merge request)
• Add tracking to language filter component (merge request)
• Clean-up feature-flag git_abuse_rate_limit_feature_flag & keep code (merge request)
• Update issue epic links in real-time (merge request) GitLab Enterprise Edition
• Set email confirmation setting from ff (merge request)

Fixed (197 changes)

• GraphQL: Fix sort order of CiRunner.projects (merge request)
• Use proxied_site for geo proxied clone urls (merge request) GitLab Enterprise Edition
• Add migration to re-sync scan result policies for namepsaces (merge request) GitLab Enterprise Edition
• Fix "Something went wrong. Please try again" error after merging (merge request)
• Update gitlab-net-dns to v0.9.2 (merge request)
• Fix Todo Dashboard SAML reauth for projects in user namespaces (merge request) GitLab Enterprise Edition
• Fix divergence counts for tags and commits (merge request)
• Fix subscribe to label dropdown (merge request)
• Allow to select project value stream using URL parameter (merge request) GitLab Enterprise Edition
• Change copy for conflicts modal (merge request)
• Remove max width restriction from state loader (merge request)
• Fix for notification toggle not working on modal (merge request)
• Remove allow_dots_on_tf_state_names FF (merge request)
• Place dependency proxy skeleton loader underneath the images list header by @glauciellesa (merge request)
• Fix User missing attribute error during audit (merge request) GitLab Enterprise Edition
• Fallback to start commit when merge base is missing (merge request)
• Fix merge request Jira sync problems due to branch (merge request)
• Fixed explain code button background color (merge request) GitLab Enterprise Edition
• Skip DNS rebinding checks if HTTP_PROXY present (merge request)
• Change from path to to_param (merge request)
• Fix bug in SyncFindingsToApprovalRulesWorker (merge request) GitLab Enterprise Edition
• Show groups from group shares in fork targets (merge request)
• Reschedule migration to add admin_mode scope for PATs (merge request)
• Use primary ssh_url_to_repo for geo proxied ssh clone url (merge request) GitLab Enterprise Edition
• Use root ancestor path for filtering in frameworks table (merge request) GitLab Enterprise Edition
• Use root ancestor for listing compliance frameworks (merge request) GitLab Enterprise Edition
• Fix vulnerability status bulk updates (merge request) GitLab Enterprise Edition
• Patch doorkeeper-openid_connect to use RFC7638 thumbprint (merge request)
• Send password reset email to approved users when user caps are enabled (merge request)
• Diff header: Fix checkbox alignment (merge request)
• Fix NoMethodError for empty repositories (merge request)
• Fix duplicate name validation in ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Changes order of text style in Content Editor (merge request)
• Fix milestone_id=0 not clearing milestone (merge request)
• This MR fixes growing width of preview panel (merge request) GitLab Enterprise Edition
• Requeue the BackfillProjectWikiRepositories migration (merge request)
• Show error message from API if any while adding Epic (merge request) GitLab Enterprise Edition
• Fix NoMethodError for BlameController (merge request)
• Fix gitlab_username_claim by reading also extra.raw_info by @bufferoverflow (merge request)
• Calculate correct access level of shared group member (merge request)
• Patch mail gem to handle TLS settings properly (merge request)
• Fixing pipeline minutes calculations (merge request) GitLab Enterprise Edition
• Remove unnecessary write tab for content editor (merge request)
• Fix invite a group on project wording and link (merge request)
• Make ProcessScanResultPolicyWorker idempotent and add deduplication (merge request) GitLab Enterprise Edition
• Add admin_parent_link permission to hide Add button in issue (merge request)
• Sign and verify ansi2json state (merge request)
• Approvals widget: Fix approvers table cell width (merge request)
• Force nowrap on tree body container (merge request)
• Show reference in root Work Item breadcrumb (merge request)
• Fix harbor registry menu item active status by @orozot (merge request)
• Do not display security widget when pipeline is active (merge request) GitLab Enterprise Edition
• Use dummy email address for Ghost gitea users (merge request)
• Apply correct background for dark mode (merge request) GitLab Enterprise Edition
• Update codeowners default owner regex (merge request) GitLab Enterprise Edition
• Convert some regex to use Gitlab::UntrustedRegexp (merge request)
• Remove cascading delete of scan_result_policy_reads (merge request) GitLab Enterprise Edition
• Only enqueue Sbom::IngestReportsWorker on default branches (merge request) GitLab Enterprise Edition
• Replace find with find_by_id in SyncScanPoliciesWorker (merge request) GitLab Enterprise Edition
• Fix NoMethodError for WebHook (merge request)
• Fix job filtering after token clear (merge request)
• Fix minor bug with checkboxes in a table (merge request)
• Fix bugs in Groups::AcceptingProjectSharesFinder (merge request)
• Fix SD blob path when scan is run in "no git" mode (merge request) GitLab Enterprise Edition
• Generate system notes for same state dismissals (merge request) GitLab Enterprise Edition
• Fix: mr approvers alignment (merge request)
• Remove extra space above mermaid sequence diagrams (merge request)
• Fix awardEmoji authorization in epic type by @Taucher2003 (merge request) GitLab Enterprise Edition
• Merge request: fix status icon color (merge request)
• Approvals table: Fix overflow issue (merge request)
• Resolve setWorkItemMetadata in apollo client (merge request)
• Enable FF pages_deploy_upload_file_outside_transaction by default (merge request)
• Merge request: Fixes a console error (merge request)
• Allow CI job to need an undefined, optional job (merge request)
• Disallow field licenseText for npm (merge request)
• Replace message by name for vulnerabilities (merge request) GitLab Enterprise Edition
• Verify deploy keys settings for protected tags (merge request)
• Resolve ambiguous references for archive metadata (merge request)
• Fix Authorize user page for Mattermost (merge request)
• Fix poor performing groups list API query (merge request)
• Updates foreign_keys for Ml::Candidate relations (merge request)
• Fix unreadable text in dark-themed editor tooltips (merge request)
• Dont show Security::Findings dismissed on the default branch (merge request) GitLab Enterprise Edition
• FIx markdown toolbar button actions in MRs (merge request)
• Fix collapse button alignment (merge request)
• Update bulk_imports entity validation for destination_name (merge request)
• Always update compliance report filtered projects list (merge request) GitLab Enterprise Edition
• Fix user reference styles in content editor (merge request)
• Fix border radius of clear filter button (merge request)
• Use admin_bot for adding the default compliance framework (merge request) GitLab Enterprise Edition
• Fix duplication of thread comments on commit page (merge request)
• Fix invite redirect for use of relative root (merge request)
• Changes path for ML::Candidate artifacts (merge request)
• Don't enforce SSO for public groups (merge request) GitLab Enterprise Edition
• Fix a replica latency bug on the Maven package registry upload endpoint (merge request)
• Increase padding for dropdown in content editor (merge request)
• Fix JS error for dropdown widget on issue board (merge request)
• Vue 3 spec violations fixed (merge request)
• Work item copy link fixed for modals (merge request)
• Fix markdown toolbar button actions (merge request)
• Start pipeline in after_commit callback when retrying jobs (merge request)
• When replying comments, the text box isn't focused (merge request)
• Fix demoting of the admin with OIDC enabled (merge request) GitLab Enterprise Edition
• Fix alignment of file tree search icon (merge request)
• Deletes compliance framework setting when transferring project (merge request) GitLab Enterprise Edition
• Fix spacing of referenced commands in comment preview (merge request)
• Use read_code to authorize GET protected_branches (merge request) GitLab Enterprise Edition
• Refetch container image tags list after deletion (merge request)
• [Geo] Fix token timeout for container registry sync (merge request)
• Remove subtransaction in Security::ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
• Fix incorrectly added VSA FF check (merge request) GitLab Enterprise Edition
• Enhance license dependency equality (merge request) GitLab Enterprise Edition
• Fix commits ref switcher (merge request)
• Fix broken trait specs - package by @sathieu (merge request)
• Fix reconcile needed message for offline license (merge request) GitLab Enterprise Edition
• Diff: Fix border radius of thread
• Skip epic cache update if epic can not be saved (merge request) GitLab Enterprise Edition
• Fix date issue for broadcast message edit on firefox (merge request)
• Fix licensed VSA page without parity FF (merge request) GitLab Enterprise Edition
• Diff: Fix border radius of thread (merge request)
• Fix bug in scope Group.project_creation_allowed (merge request)
• Ensure backup restore clears storages before restoring (merge request)
• User with custom role + read_code can view MD link (merge request) GitLab Enterprise Edition
• Append tag notes when creating a new tag too (merge request)
• Fix N+1 query for max access level in project lists (merge request)
• Fix item height in wiki sidebar by @qk44077907 (merge request)
• Add a loading indicator for suggestions (merge request)
• Fix autofocus on work item description (merge request)
• Hide pipeline links tip in Stage view by @homersimpsons (merge request)
• Fix assignee avatars alignment on issues list (merge request)
• Fix missing caller_id for GraphQL subscriptions (merge request)
• Security Finding: fix note link to project (merge request) GitLab Enterprise Edition
• Fix loading multi-doc YAMLs for CI configurations (merge request)
• Do not change object reference when body is nil (merge request)
• Fix reference styles in content editor (merge request)
• Add relative root to broadcast messages (merge request)
• Fix board_list_spec.js vue3 test violations (merge request)
• Adds relation package_id to ml_candidates (merge request)
• Enforce merge request approval settings (merge request) GitLab Enterprise Edition
• Display fallback emoji images with correct aspect ratio (merge request)
• Use UUID to match findings with issue feedback records (merge request) GitLab Enterprise Edition
• Cells: Fix loose foreign key trigger validation routine (merge request)
• Hide achievements on private profiles by @Taucher2003 (merge request)
• Fix unlocking of job artifacts on pipeline state transitions (merge request)
• Hide inactive approvers (merge request) GitLab Enterprise Edition
• Correctly compute blob URL for Secret Detection (merge request) GitLab Enterprise Edition
• Add top margin to merge request description (merge request)
• Allow HEAD ref when viewing blob, commits and compare page (merge request)
• Do not serialize data image urls (merge request)
• Update mail gem to v2.8.1 (merge request)
• Don't generate invalid SQL checking foreign keys (merge request)
• Fix agent version comparison with KAS rc (merge request)
• Improves dataframe rendering in Python Notebooks (merge request)
• Jobs list: remove double bottom border (merge request)
• Fix(Purchase): handle email taken error (merge request) GitLab Enterprise Edition
• Fixes the ref switcher encoding (merge request)
• Child issues and epics: fix closed state (merge request) GitLab Enterprise Edition
• Add sync_name check to Gitlab::Auth::Ldap::Access by @zhzhang93 (merge request) GitLab Enterprise Edition
• Unstuck VSA background aggregations (merge request)
• Fix trial creation action reload with select (merge request) GitLab Enterprise Edition
• Improve paste markdown behavior in Content Editor (merge request)
• Fixing CI mirrored tables mermaid chart (merge request)
• Remove temporary workaround for DeployAccessLevel (merge request)
• Show Projects menu as active while on Starred or Trending projects pages (merge request)
• Add constraint for deploy_access_level (merge request)
• Fix alignment of commit changes block (merge request)
• Fix invalid protected environment access levels (merge request) GitLab Enterprise Edition
• Fix Debian doc for direct upload with older curl by @sathieu (merge request)
• Validate DeployAccessLevel options (merge request) GitLab Enterprise Edition
• Use method to resolve access_level_description field (merge request)
• Fix dropdown closing prematurely when clicking inside (merge request)
• Fix alignment of user readme breadcrumb chevron (merge request)
• Fix inconsistent behaviour in work items comments (merge request)
• Remove long-running transaction while deduplicating the findings (merge request) GitLab Enterprise Edition
• Fix issue dashboard returning issues from archived projects (merge request)
• Fix command-only note not clearing commment form (merge request)
• Widget item: fix status :focus (merge request)
• Canonicalize dependency list names (merge request) GitLab Enterprise Edition
• Fix branch rules details breadcrumbs (merge request)
• Merge request widget: Fix alignment of cancel button (merge request)
• Prevent updating a comment with empty text (deprecated_notes.js) (merge request)
• Search only descendant groups when applicable (merge request) GitLab Enterprise Edition
• Sync security policy rule schedules that may have been deleted by bug (merge request)
• Fix clipping of review bar component when system footer exists (merge request)
• Fixing database backup rake task in single-db-two-connections mode (merge request)
• Fix 500 error for diff_files endpoint (merge request)
• Fix LDAP sync_name option bug by @zhzhang93 (merge request)
• Fix license available of group-protected branches by @songhuangcn (merge request) GitLab Enterprise Edition
• Decrease indent for profile page bio (merge request)
• This MR fixes radio button overlay (merge request) GitLab Enterprise Edition
• Fix openapi viewer for relative url instances (merge request)
• Avoid duplicate key error messages when inserting state record (merge request)
• Fix Google CDN not encoding UTF-8 characters (merge request)
• Linked items fixes (merge request) GitLab Enterprise Edition
• Fix caching to cover whole Service Ping payload (merge request)
• Update wiki repository size after migration (merge request)
• Fix TypeError when json file is an array (merge request)

Changed (275 changes)

• Add support for npm deprecate (merge request)
• Extend issue type change note (merge request)
• Update new label form (merge request)
• Visual tweaks for new sidebar nav search menu (merge request)
• Backfill code suggestions to true for all namespaces (merge request)
• Removing FF lazy_load_pipeline_dropdown_actions (merge request)
• Leave candidate as default code path (merge request) GitLab Enterprise Edition
• Extend approvals UI with fail-closed rules (merge request) GitLab Enterprise Edition
• Guard legacy runner status in graphql by feature flag (merge request)
• Change code suggestions namespace setting default to true (merge request)
• Format explain vulnerability responses with markdown format headers (merge request) GitLab Enterprise Edition
• Animate approval icon in merge request sidebar (merge request)
• Remove top border to prevent overlap (merge request)
• Add "fork" to word list and remove docs link from UI (merge request)
• Replace Deployment Icon with Release Icon on Project Home by @glauciellesa (merge request)
• Update scheduled Scan Execution Policy for secret_detection (merge request)
• Allow logging of all IssuableExportCsvWorker parameters (merge request)
• Adds frontend for candidate deletion (merge request) GitLab Enterprise Edition
• Enable geo_project_wiki_repository_replication feature flag (merge request) GitLab Enterprise Edition
• Add reviewed but not approved state in MR sidebar (merge request)
• Better error message when branch name does not match push rules settings (merge request) GitLab Enterprise Edition
• Update status check documentation (merge request)
• Add extra information to the github identifiers of importer failures (merge request)
• Replace namespace_id with group_id and project_id for POST /user/runners (merge request)
• Apply changes to order of secure nav items (merge request)
• Add tables and columns support to database schema validations (merge request)
• Add experiment label to ai chat header (merge request)
• Use badge component for "busy" status (merge request)
• Replaced VSA Overview "Total time" line chart with stacked area chart (merge request) GitLab Enterprise Edition
• Extend GraphQL approval rules with indication of invalid rules (merge request) GitLab Enterprise Edition
• Fix spacing in content editor code blocks (merge request)
• Convert admin menu from haml to panel (merge request) GitLab Enterprise Edition
• Log warnings on invalid ansi2json state inputs (merge request)
• Clean up runners_availability_section experiment (merge request)
• Sets the default 'Documentation pages URL' to https://docs.gitlab.com (merge request)
• Remove tooltip from merge request actions dropdown (merge request)
• Enable license scanning feature again (merge request) GitLab Enterprise Edition
• Fix insert link in content editor (merge request)
• Only allow developers or higher to trigger merge_status_recheck (merge request)
• Synchronize temporary index (merge request)
• Experiment Cleanup: removed the cart_abandonment_modal experiment (merge request) GitLab Enterprise Edition
• It casts EXTRACT as double precision (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Update security policies docs after fixing concurrent execution bug (merge request)
• Add 'broadcasting' label to Action Cable counter (merge request)
• Left align emoji picker on descriptions and notes (merge request)
• Finalize EncryptCiTriggerToken background migration (merge request)
• Allow immediate deletion of projects using API (merge request) GitLab Enterprise Edition
• Add table validators to schema validation framework (merge request)
• Merge request header: add icon to indicate fork (merge request)
• Enable strict_ip_enforcement by default (merge request) GitLab Enterprise Edition
• Improve rendering of HTML-only emails in issue responses (merge request)
• Add basic implementation of loading only a single diff file (merge request)
• Update wiki diagram editor to be fullscreen (merge request)
• Skip setting base path for GitLab.com (merge request)
• Introduce Breach and Attack Simulation features (merge request)
• Stop flashing issue description on details toggle (merge request)
• Feat(Subscription Purchase): update CDot link (merge request) GitLab Enterprise Edition
• Disable Net::HTTP monkey patch for Ruby 3.1 (merge request)
• This MR creates new filtering layout (merge request) GitLab Enterprise Edition
• Drop retry_job_start_pipeline_after_commit feature flag (merge request)
• Autofills create label form (merge request)
• Rename "Infrastructure Registry" menu to "Terraform modules" (merge request)
• Users list: change user actions (merge request)
• Change dashboard to homepage (merge request)
• Refactor compliance frameworks create/edit to modals (merge request) GitLab Enterprise Edition
• Related branches: add widget styles (merge request)
• Cache inexistence of the GitHub username (merge request)
• Change viewing to editing for editor switcher (merge request)
• Upgrade bundler to v2.4.11 (merge request)
• Add reviewed but not approved state in MR sidebar (merge request)
• Migration to backfill hashed_root_namespace_id to commit index (merge request) GitLab Enterprise Edition
• Update excon to v0.99.0 (merge request)
• Update ruby_parser to v3.20 (merge request)
• Remove the move_year_dropdown_usage_charts feature flag (merge request)
• Removing google_play_integration feature flag (merge request)
• Use YAML.safe_load_file for import/export config (merge request)
• Use YAML.safe_load_file for mail_room config loading (merge request)
• Rename CodeOwners::File#entries_for_path method (merge request) GitLab Enterprise Edition
• Add unlimited members during trial alert on all Project/Group pages (merge request) GitLab Enterprise Edition
• Update gitlab-pages version (merge request)
• Update output of backup timestamps by @quatauta (merge request)
• Remove option to create new issue to resolve all threads in widget (merge request)
• Ensure terraform artifacts are not public (merge request)
• added: Creating marketing cookie to log active user sessions (merge request)
• Adds a unique index for storage limit exclusions (merge request)
• Remove help icon on code review summary comment (merge request)
• Refactor default framework assignments (merge request) GitLab Enterprise Edition
• New/edit MR: Migrate merge options checkbox (merge request)
• Moves container registry to the far right on Usage Quotas (merge request) GitLab Enterprise Edition
• New merge request: change empty state (merge request)
• Approvals table: Update styling (merge request)
• Help icon refactor (merge request)
• Filtered search bar: Fix height & focus state (merge request)
• Issuable widgets: more improvements (merge request)
• Avoid double submission on app secret renewal (merge request)
• Allow NULL file_md5 to Debian component files by @sathieu (merge request)
• Update UI text on create issue to resolve all threads option (merge request)
• Allow updates to mail_room in Gemfile again (merge request)
• This MR adds base layout for security result policy (merge request) GitLab Enterprise Edition
• Reschedule async temp index on finding report types (merge request)
• Move admin jobs files by @TrueKalix (merge request)
• Add root level breadcrumb to "Your work" EE pages (merge request) GitLab Enterprise Edition
• Omit OpenGraph/Twitter tags in redirected sign-in page by @aubiyko (merge request)
• Cleanup of old help icons (merge request)
• Add toasts for variable actions (merge request)
• Add note that confirmation requires primary email (merge request)
• Updating UI text by @sselhorn1 (merge request)
• Add root level breadcrumb to "Your work" pages (merge request)
• Change the order of vulnerability creation (merge request) GitLab Enterprise Edition
• Update BBM best practices section (merge request)
• Add laravel project template (merge request)
• Use YAML.safe_load_file for Bullet exclusions (merge request)
• Swap id columns on sent_notifications (merge request)
• Shows container registry image created time (merge request)
• Capitalize participants in sidebar (merge request)
• Debian package uniqueness by @sathieu (merge request)
• Add alert when project missing pipeline file (merge request) GitLab Enterprise Edition
• Remove the security_reports_mr_widget_prompt experiment (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Reschedule migration for links (merge request)
• Update copy of "Partial import" label (merge request)
• Splits up articats fields for Usage Quotas (merge request) GitLab Enterprise Edition
• Defer loading of other versions tab on package details page (merge request)
• Send queries to fetch schema cache to replicas (merge request)
• Update gitlab-mail_room to v0.0.23 (merge request)
• Cleaned up experiment cross_stage_fdm (merge request) GitLab Enterprise Edition
• Rename "Deployments > Feature Flags" to "Deployments > Feature flags" (merge request)
• Cells: Move appearances into clusterwide (merge request)
• Adjust spacing of merge request widgets (merge request)
• Add hashed_root_namespace_id to commits index mapping (merge request) GitLab Enterprise Edition
• Refactor api admin mode shared example by @TrueKalix (merge request)
• Fixed unnecessary relayout if width is not changed (merge request)
• Remove limit-container-width from more pages (merge request)
• Update MR security widget to read from new properties (merge request) GitLab Enterprise Edition
• Approvals widget: improve styling (merge request) GitLab Enterprise Edition
• Update styling of pending comment (merge request) GitLab Enterprise Edition
• Update Issue's Due Date field real-time (merge request)
• Linked resources widget: change help icon (merge request)
• Diff: toggle file contents with keyboard (merge request)
• Changes the comments help icon (merge request)
• Approvals widget: change vertical alignment of approvals icon (merge request)
• Change container registry copy expiration policy to cleanup policies (merge request)
• Lock writes during gitlab:setup task (merge request)
• Add database migration (merge request)
• Prepare to drop unused jira indexes on projects (merge request)
• Right-align note actions dropdown (merge request)
• Add a throttle to sync service db usage GitLab Enterprise Edition
• Increase vertical spacing on MR header
• Fix add/edit/delete dismissal comment for pipeline security tab
• Migrate the existing RedisHLL keys to default slot (merge request)
• Add empty state for customizable dashboard panels (merge request) GitLab Enterprise Edition
• Add Drawer from CodeQuality Inline-diff findings (merge request) GitLab Enterprise Edition
• Merge blocked: change spacing of merge details (merge request)
• Reschedule the migration of evidences (merge request)
• Enable branch rules feature flag by default (merge request)
• Admin area: change help icons on dashboard (merge request)
• Add a throttle to sync service db usage (merge request) GitLab Enterprise Edition
• Merge request: unify help icons (merge request)
• Load commit diffs async by default (merge request)
• Fix add/edit/delete dismissal comment for pipeline security tab (merge request)
• Epic tree: item spacing improvement (merge request)
• Add a expiry date option for deploy tokens by @ChevronTango (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Python.gitlab-ci.yml: Suggest using the current version of Python by @cclauss (merge request)
• Increase vertical spacing on MR header (merge request)
• Add GraphQL mutation to create a merge request (merge request) GitLab Enterprise Edition
• Improve layout and text of "too many changes" alert (merge request)
• Google cloud pages: Remove container limited class (merge request)
• Issues list: change status to use badge component (merge request)
• MR widgets: Unify loading icon size (merge request)
• Add new application form: form cleanup (merge request)
• Diff: add file permission tooltip (merge request)
• Ensure visualizations have default values (merge request) GitLab Enterprise Edition
• Migrate checkbox to GlFormCheckbox (merge request)
• MR list: change alignment of labels (merge request)
• Merge request: Rename Email patches to Patches (merge request)
• Disallow NONE and ANY filter values for OR operator (merge request)
• Add data transfer graphql queries under feature flag (merge request) GitLab Enterprise Edition
• Hide upgrade billing for ramped subscriptions (merge request) GitLab Enterprise Edition
• Update parsing of *_DISABLED variables (merge request)
• Fix small UI inconsistencies in MR view (merge request)
• Update the breadcrumbs and pagetitles by @Mughees_ (merge request)
• Update vulnerability state change notes to include dismissal reasons (merge request) GitLab Enterprise Edition
• Update validation in order to allow (merge request)
• Remove real_time_issue_epic_links feature flag (merge request)
• Search::Index creates an Elasticsearch index on create (merge request)
• Consolidated product analytics feature flags (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Show "-" when the size of the MR diffs is 0 (merge request)
• Project: Remove container limited class (merge request) GitLab Enterprise Edition
• Enhance safe-html usage on SAST configuration (merge request) GitLab Enterprise Edition
• Replace bootstrap dropdown for issuable type (merge request)
• Remove extra settings content in CI/CD settings (merge request)
• Extended the syntax highlighting for CODEOWNERS (merge request)
• Update user_type value for humans (merge request)
• Change SVN migration link (merge request)
• Update dependency auto-build-image to v1.31.0 (merge request)
• Left align new branch form (merge request)
• Renames ml_candidates.iid to eid (merge request)
• Remove connecting lines between MR widgets (merge request)
• Format personal access token name in email (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Application: Remove container limited class (merge request)
• Cluster: Remove container limited class (merge request)
• Post-process leaked credentials on all branches (merge request) GitLab Enterprise Edition
• Improve error message for Security Features with alias usage in ci file (merge request)
• Create search index assignments for notes (merge request)
• User settings: remove container limited class (merge request)
• Restore breadcrumb border for all pages (merge request)
• Profile page: change border bottom color of personal projects (merge request)
• Merge request, Issue list: remove darker border from closed items (merge request)
• Issuable detail page: restore limited-container-width class (merge request)
• Environment variable UNSTRUCTURED_RAILS_LOG removed from codebase (merge request)
• Update dependency auto-deploy-image to v2.48.0 (merge request)
• Broadcast Messages: form cleanup (merge request)
• Removes all uploads from usage_quotas storage pages (merge request) GitLab Enterprise Edition
• Update parsing of *_DISABLED variables (merge request)
• Update saved reply form layout (merge request)
• Move description templates help text below description title (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Remove .integration-settings-form CSS (merge request)
• Adds hashed_root_namespace_id to issue index (merge request) GitLab Enterprise Edition
• Pipeline editor improvements (merge request)
• Use YAML.safe_load_file for backup/restore (merge request)
• Add keyset pagination to Instance level audit events api (merge request) GitLab Enterprise Edition
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Adding Package Name to Google Play Integration (merge request)
• Update UI action button when loading empty VSA (merge request) GitLab Enterprise Edition
• Remove elasticsearch_use_traversal_id_optimization flag (merge request) GitLab Enterprise Edition
• Remove tertiary category from collapse button (merge request)
• Update ipaddr to v1.2.5 (merge request)
• Add index for free_user_cap_over_limit_notified_at (merge request)
• Add prefix and custom match options for custom Jira issue matching by @jackorp (merge request)
• Add workers to clear notified at flags (merge request) GitLab Enterprise Edition
• Work items: Improve styling of child items (merge request)
• Show a loading spinner while searching (merge request)
• Not use the word retry to refer to webhook executions by @alexkalderimis (merge request)
• Includes namespace when searching for projects in autocomplete bar (merge request)
• Limit invitations to trial groups and projects (merge request)
• Project overview: remove container-limited class (merge request)
• Repository: Remove container limited class (merge request)
• Geo settings page cleanup (merge request) GitLab Enterprise Edition
• Merge request list: Change status to use badge component styles (merge request)
• Issuable list: change meta font-size (merge request)
• Improves the styling of Child issues and epcics (merge request) GitLab Enterprise Edition
• This MR extracts Runner Tags Dropdown (merge request) GitLab Enterprise Edition
• Clean up route_hll_to_snowplow_phase4 feature flag (merge request)
• Move issue checklist item counts to below description (merge request)
• Update gitlab-experiment gem to v0.8.0 (merge request)
• Refactor scan_pipeline_service_spec job list fetching (merge request)
• Cells: Move broadcast_messages into clusterwide (merge request)
• Remove the new_header_search FF (merge request)
• Use state_transitions on pipeline security list (merge request) GitLab Enterprise Edition
• Use page_level_alert content_for on free user cap alerts (merge request) GitLab Enterprise Edition
• Default enable linear_group_descendants_finder_upto (merge request)
• Update UI warning when loading VSA (merge request)
• Move milestone actions into dropdown (merge request)
• Fixes broken docs link for Apple App Store integration (merge request)
• Projects list: style improvements (merge request)
• Removes the old UpdateMaxSeatsUsedForGitlabComSubscriptionsWorker (merge request) GitLab Enterprise Edition
• Revamp of the searchbox events handling (merge request)
• Clear button events (merge request)
• Pipeline list: style improvements (merge request)
• Added ff and flow to skip Namespace Aggregation Lease (merge request)
• Remove caller_id from Redis metrics (merge request)
• Right sidebar: change left-border width to match left sidebar (merge request)
• Admin Area: remove container limited class (merge request)
• Group: Remove limited container class (merge request)
• Group settings: Remove limited container class (merge request)
• Remove group_owners_to_disable_two_factor FF (merge request)
• Add MigrateSharedVulnerabilityIdentifiers background migration (merge request) GitLab Enterprise Edition
• Project settings: remove limited width class (merge request)
• Refactor: Card component to Pajamas comliant by @imrishabh18 (merge request)
• Convert admin system info cards to pajamas (merge request)

Deprecated (1 change)

• Deprecate Project.ci_config_variables sha arg; add ref arg (merge request)

Removed (27 changes)

• Add openSUSE 15.3 removal for GitLab 15.11 (merge request)
• Remove unnecessary admin mode shared examples by @TrueKalix (merge request)
• Hide some tracing instrumentations behind environment variables (merge request)
• Cleanup migration of sent_notifications to bigint (merge request)
• Remove project_export_as_ndjson feature flag (merge request) GitLab Enterprise Edition
• Remove require_verification_for_namespace_creation (merge request)
• Remove disable_vulnerability_feedback_controller FF (merge request) GitLab Enterprise Edition
• Async remove 'merge_request_mentions_temp_index' index (merge request)
• Async remove 'merge_requests_state_id_temp_index' index (merge request)
• Remove ProjectType.ci_config_variables arg (merge request)
• Delete gitbook.tar.gz template (merge request)
• Synchronously remove unused Jira indexes (merge request)
• Remove temporary index on vulnerability_occurrences (merge request)
• Remove release description in tag page (merge request)
• Remove temporary index for licenses cleanup
• Removed PipelinesController#config_variables endpoint (merge request)
• Drop runner_machine_id column from ci_builds_metadata (merge request)
• docs: Remove mentions of gitaly-ruby (merge request)
• Remove temporary index for licenses cleanup (merge request)
• Removing FF refactor_ci_minutes_consumption (merge request)
• Perform final removal of the learn gitlab creation worker (merge request)
• Stop writing v1 ActiveSession keys (merge request)
• Remove unused alert_metrics component (merge request)
• Drop packages_events table (merge request)
• Remove collect_package_events feature flag with relevant code (merge request)
• Remove duplicate metrics for group "editor" (merge request)
• Removes create_table_with_constraints (merge request)

Security (21 changes)

• Revert 'security-find_tag_before_send_git_archive'
• Fix security report authorization
• Check access to parent when creating and updating epics
• Revert security-383776-track-sha-of-last-approval
• Normalize some spaces in snapshot spec
• Check access to target project before looking for branch
• Verify that users have access to the parent of the fork
• Check access to reorder issues in epic tree
• Redirect to tree from project root on ref collision
• Fixes soft email confirmation alert vulnerability
• Record sha of approval
• Use UntrustedRegexp to limit scan of HTML comments
• Replace Unicode space chars with spaces
• Improve Gitlab::UrlSanitizer regex to match more URIs
• Restrict Prometheus API access on public projects
• Filter namespace environments by feature visibility
• Fix the potential leak of internal notes
• Update globalid gem to v1.1.0 (merge request)
• Prevent XSS attack in "Maximum page reached" page
• Protect webhook secrets by resetting url_variables
• Check for tag before send_git_archive

Performance (13 changes)

• Add migration for backfilling project permissions in blob documents (merge request) GitLab Enterprise Edition
• Remove sync index idx_merge_requests_on_state_id_and_merge_status (merge request)
• Remove index on events.action (merge request)
• Apply patch by @terrichu (merge request)
• Contribution analytics: Limit request time range to one week (merge request) GitLab Enterprise Edition
• Return error when updated_at filtering used without sorting (merge request)
• Use optimistic locking when updating Terraform state (merge request)
• Improve the performance of the labels queries
• Make Action Cable subscriptions use DB replicas (merge request)
• Improve the performance of the labels queries (merge request)
• Update ComplianceViolationsFinder to use InOperatorOptimization (merge request)
• Remove index idx_merge_requests_on_state_id_and_merge_status async (merge request)
• Add batch_counter to verifiable_replicator counters (merge request) GitLab Enterprise Edition

Other (80 changes)

• Refactoring audit events for projects (merge request) GitLab Enterprise Edition
• Remaining CTRT edits to Service Desk doc (merge request)
• Make the code suggestions default to be false (merge request)
• Revert the update to code suggestions (merge request)
• Remove refactor_code_quality_inline_findings feature-flag (merge request)
• Remove FF ci_simplify_dag_status_calculation_for_processing (merge request)
• Improves documentation for Model Experiments (merge request)
• Make DesignManagement::Repository a container for GitRepository (merge request)
• Delete webauthn feature flag (merge request)
• Introduce User Access Project/Group Authorizations (merge request)
• Use a mockApolloClient to test Design comments (merge request)
• Remove partition_id default for p_ci_builds_metadata (merge request)
• Track roadmap tab on epics detail page (merge request) GitLab Enterprise Edition
• Update compliance framework pipeline docs (merge request)
• Removes grace period for BackgroundMigration/MissingDictionaryFile (merge request)
• Blame controller refactoring (step 3) (merge request)
• Removes reduce_sub_batch_size_on_timeouts feature flag (merge request)
• Add migrations to truncate error_tracking tables on PostgresSQL (merge request)
• Blame controller refactoring (step 2) (merge request)
• Validate the projects.creator_id foregin key asynchronously (merge request)
• Add code suggestions to namespace settings (merge request)
• Remove FF github_import_gists (merge request)
• Update import workers to set memory resource boundary (merge request)
• Using BBM in TableManagementHelpers#enqueue_partitioning_data_migration (merge request)
• Simplify isEditing for Policy Editor Component (merge request) GitLab Enterprise Edition
• Rename variables used for project counts (merge request)
• Add index to vulnerability_occurrences table for override uuids logic (merge request)
• Remove unused index asynchronously (merge request)
• Swap note_diff_file.diff_note_id to bigint (merge request)
• Prepare async index for vulnerability_occurrences table (merge request)
• Blame controller refactoring (merge request)
• Clean up old redirect route (merge request) GitLab Enterprise Edition
• Update handling of project names in bulk import (merge request)
• Reorder primary key columns for ci_runner_machine_builds (merge request)
• Remove unused index synchronously (merge request)
• Remove db_load_balance_audit_event_streaming_worker feature flag (merge request) GitLab Enterprise Edition
• Swap epic_user_mentions.note_id to bigint (merge request)
• Swap suggestions.note_id to bigint (merge request)
• Update Admin::GroupsController#reset_runners_minutes feature_category (merge request)
• Documenting testing for multiple databases (merge request)
• Make CI config fetch timeout configurable (merge request)
• Backfill Migrations for ML::Candidate.internal_id (merge request)
• Filter out BEGIN/COMMIT correctly in metrics (merge request)
• Set data_consistency to delayed for AuditEventStreamingWorker (merge request) GitLab Enterprise Edition
• Refactors Ml::Candidate.eid usages to internal_id (merge request)
• Remove use_traversal_ids_for_root_ancestor FF (merge request)
• Migrate button group to GlDisclosureDropdown (merge request) GitLab Enterprise Edition
• Update omniauth-auth0 rubygem to 3.1 by @pravi (merge request)
• Add new CI Variable CI_API_GRAPHQL_URL by @homersimpsons (merge request)
• Remove partition_id default from ci_builds (merge request)
• Exposing Finalizing BBMs in Admin portal (merge request)
• Moves Service Desk custom email credentials to own table (merge request)
• Cleanup BigInt conversion for ci_build_needs (merge request)
• Backfill application_settings product_analytics_data_collector_host (merge request)
• Improve error message for application_settings#archive_builds_in_seconds (merge request)
• Remove download_code column from member_roles (merge request)
• Single database testing documentation (merge request)
• Fixing specs for single-db-two-connections (merge request)
• Validate direct transfer enabled on source (merge request)
• Removing 'dropped' from deduplication_type while logging (merge request)
• FileLineBlame feature flag cleanup (merge request)
• Query members via namespaces (merge request)
• Cleanup extend reactivate trial feature (merge request) GitLab Enterprise Edition
• Fix spec violation - spying on methods (merge request)
• Validate direct transfer enabled on source (merge request)
• Upgrade to Vue 2.7 (merge request)
• Handle invalid filter for compliance filters (merge request) GitLab Enterprise Edition
• Remove the legacy_open_source_license_worker feature flag (merge request)
• Swap snippet_user_mentions.note_id to bigint (merge request)
• Reorder primary key columns for ci_runner_machine_builds (merge request)
• Remove partition_id default from ci_builds (merge request)
• Add partitioning check constraint to ci_builds (merge request)
• Consistent naming in for CodeQuality Pipelines (merge request) GitLab Enterprise Edition
• Swap design_user_mentions.note_id to bigint (merge request)
• Swap vulnerability_user_mentions.note_id to bigint (merge request)
• Swap commit_user_mentions.note_id to bigint (merge request)
• Documenting Docker install method switching to two connections (merge request)
• Remove full_path_project_search feature flag (merge request)
• Update header section (merge request) GitLab Enterprise Edition
• Swap merge_request_user_mentions.note_id to bigint (merge request)

15.10.8 (2023-06-05)

Fixed (1 change)

• Convert some regex to use Gitlab::UntrustedRegexp

Security (15 changes)

• Fix DoS on test report artifacts (merge request)
• Fix XSS in Abuse Reports form action (merge request)
• Import source owners with maintainer access if importer is a maintainer (merge request)
• Filter inaccessible issuable notes when exporting project (merge request)
• Block tag names that are prepended with refs/tags/, due to conflicts (merge request)
• Set IP in ActionContoller filter before IP enforcement is evaluated (merge request)
• Prevent primary email returned as verified on unsaved change (merge request)
• Use UntrustedRegexp to protect FrontMatter filter (merge request)
• Improve ambiguous_ref? logic to include heads and tags (merge request)
• Use UntrustedRegexp to protect InlineDiff filter (merge request)
• Ignore user-defined diff paths in diff notes (merge request)
• Reject NPM metadata requests with invalid package_name (merge request)
• Use UntrustedRegexp to protect MathFilter regex (merge request)
• Resolve Overall Project Vulnerability Disclosure (merge request)
• Validate description length in labels (merge request)

15.10.7 (2023-05-10)

Fixed (1 change)

• Backport MR 119319 changes to 15-10-stable-ee GitLab Enterprise Edition

15.10.6 (2023-05-03)

Security (1 change)

• Only maintainers of projects should be able to assign runners to them (merge request)

15.10.5 (2023-05-01)

Security (9 changes)

• Set minimum role for importing projects to Maintainer (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Add specs for external users flag (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.10.4 (2023-04-21)

Fixed (1 change)

• Patch mail gem to handle TLS settings properly (merge request)

15.10.3 (2023-04-14)

Fixed (3 changes)

• Backport fixes for broadcast messages (merge request)
• Fix automatically-retried jobs stuck in pending state (merge request)
• Verify deploy keys settings for protected tags (backport) (merge request)

Changed (1 change)

• Change the order of vulnerability creation (merge request) GitLab Enterprise Edition

15.10.2 (2023-04-05)

Fixed (3 changes)

• Fix openapi viewer for relative url instances (merge request)
• Update mail gem to v2.8.1 (merge request)
• Move ldap option sync_name to ldap server and fix bugs by @zhzhang93 (merge request) GitLab Enterprise Edition

Changed (1 change)

• Migrate the existing RedisHLL keys to default slot (merge request)

15.10.1 (2023-03-30)

Fixed (2 changes)

• Sync security policy rule schedules that may have been deleted by bug
• Fix issue dashboard returning issues from archived projects

Security (15 changes)

• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Use UntrustedRegexp to limit scan of HTML comments (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.10.0 (2023-03-21)

Added (155 changes)

• Add wiki_access_level to group API (merge request) GitLab Enterprise Edition
• Add filter for approved status by @Taucher2003 (merge request)
• Show achievements on user profile (merge request)
• Run package metadata conditionally in dev (merge request) GitLab Enterprise Edition
• Add revoke achievement mutation and service (merge request)
• Add documentation for protected tags creation with deploy keys (merge request)
• Define ci_builds primary key as partitioned (merge request)
• Compliance frameworks report (merge request) GitLab Enterprise Edition
• feat: Enable auto-resolution of removed SAST rules by default (merge request)
• Filter projects by compliance framework presence (merge request) GitLab Enterprise Edition
• Add Squash TM integration by @pckerneis (merge request)
• Enable duo 2FA authentication support (merge request)
• Move work item notes out of FF and docs (merge request)
• Add documentations for Praefect DNS service discovery (merge request)
• Add github repo counts endpoint (merge request)
• Enable License Scanning Policies as new type for Scan Result Policies (merge request) GitLab Enterprise Edition
• repository: Remove license_from_gitaly feature flag (merge request)
• Introduce Kubernetes integration feature (merge request)
• Prepare MR user mentions for bigint migration (merge request)
• Apply auto-disabling failed hooks to group hooks (merge request) GitLab Enterprise Edition
• Consume seat when Guest's permissions are elevated using custom roles (merge request) GitLab Enterprise Edition
• Enable license scanning of CycloneDX files (merge request) GitLab Enterprise Edition
• Native attachments for Service Desk emails (merge request)
• Allows filtering of projects by negated compliance framework id (merge request) GitLab Enterprise Edition
• Support admin/external/required groups for OIDC (merge request) GitLab Enterprise Edition
• Added refresh_billable_member api (merge request) GitLab Enterprise Edition
• Update AbuseReportsFinder to allow filtering by reporter (merge request)
• Release Block all requests feature (merge request)
• Allow self-managed to prevent auto disabling hooks (merge request)
• Add search by author name to Commits API (merge request)
• Add merge requests compliance violations consistency worker (merge request) GitLab Enterprise Edition
• Document new redis settings start_down and set_replicaof (merge request)
• [385117] GitHub import: status of import for each relation-type tab (merge request)
• Add gitlab_dedicated_instance application setting (merge request)
• Adds AddResourceService & ValidateResourceService (merge request)
• Add table and model for container registry data repair details (merge request)
• Expose cycle and lead time metrics via GraphQL (merge request) GitLab Enterprise Edition
• Save github_identifiers to the DB on the last object import worker retry (merge request)
• feat: Added the breadcrumbs for slack page by @imrishabh18 (merge request) GitLab Enterprise Edition
• Allow filtering group members by user type (merge request)
• Merge trains POST API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Adds custom email verification model changes (merge request)
• Allow updating user subscriptions on a work item (merge request)
• Added truncation of the search term (merge request)
• Recreate user_type migration index (merge request)
• Allow comment on GQL vulnerabilityResolve mutation (merge request) GitLab Enterprise Edition
• Add update endpoint to draft note API (merge request)
• Display total weight of epic lists on boards (merge request) GitLab Enterprise Edition
• Backfill project_wiki_repositories table (merge request)
• Clean up child_epics_from_different_hierarchies FF (merge request)
• Add reference from p_ci_runner_machine_builds to ci_runner_machines (merge request)
• GraphQL: Add machines field to CiRunner type (merge request)
• Adjust VulnerabilityConfirm GraphQL mutation to accept comment (merge request) GitLab Enterprise Edition
• Add reordering to search language filter component (merge request)
• This MR introduces alert component (merge request) GitLab Enterprise Edition
• Enable creation of ci_runner_machines records for active ci_runners (merge request)
• Add product_analytics_data_collector_host column (merge request)
• GraphQL: Add CiRunner.createdBy field (merge request)
• Add coupon code terms to success alert and simplify associated logic (merge request) GitLab Enterprise Edition
• Integrate diagrams.net with the Content Editor (merge request)
• Add Notifications Widget to WorkItems (merge request)
• Audit event for event type filter deletion (merge request) GitLab Enterprise Edition
• [388716] Github importer: collaborators (members) (merge request)
• Support quick actions through new note (merge request)
• Admin only project edit page by @markus.ferrell (merge request)
• Allow to export work items with GraphQL mutation (merge request)
• Add dismissal reason to vulnerability details status (merge request) GitLab Enterprise Edition
• Blame page streaming (merge request)
• Add CLI regex for upcoming CLI UserAgent change (merge request)
• Introduce JobArtifact::BulkDestroy mutation (merge request)
• Add the deployment count to the GraphQL API (merge request) GitLab Enterprise Edition
• Allow to set design description in GraphQL API (merge request)
• Add visualization designer button (merge request)
• Add new event serializer to return JSON only response based on FF (merge request)
• Allow filtering of projects by compliance filters (merge request) GitLab Enterprise Edition
• Add value streams dashboard link component (merge request) GitLab Enterprise Edition
• Add language aggregation to code search (merge request) GitLab Enterprise Edition
• Add block all requests to admin/network settings (merge request)
• Add temporary indexes for user_type (merge request)
• Add design description column (merge request)
• Enable by default incident event tags (merge request)
• Adds audit event for audit event filter creation (merge request) GitLab Enterprise Edition
• Add index to oauth_access_grants.application_id (merge request)
• Accept comment in VulnerabilityRevertToDetected GraphQL mutation (merge request) GitLab Enterprise Edition
• Improve Purchase Errors mapping (merge request) GitLab Enterprise Edition
• Warning when branch name from issue contains a white space (merge request)
• Instrument Enterprise Users adoption (merge request) GitLab Enterprise Edition
• Add updated_before and updated_after filters to iterations API (merge request) GitLab Enterprise Edition
• Adds copy to clarify work-in-progress is excluded from VSA stages (merge request)
• Add user_has_committed and committers_can_approve to approvals API (merge request)
• Add requiredApprovalCount to ProtectedEnvironmentType (merge request)
• Add group web-hooks failed notifications by @alexkalderimis (merge request)
• Enable rule mode SEP UI for SAST IaC (merge request) GitLab Enterprise Edition
• Add types to async constraint validations (merge request)
• Validate and replace FK for ci_sources_pipelines and ci_builds (merge request)
• Validate and replace FK for ci_job_variables and ci_builds (merge request)
• Validate and replace FK for ci_build_trace_metadata and ci_builds (merge request)
• Add SAST IaC to scan execution policies (merge request) GitLab Enterprise Edition
• Create a wrapper for Rails.cache with metrics support (merge request)
• Enable CI hooks:pre_get_sources_script syntax (merge request)
• Add sync index for merge_request_diffs external_diff column (merge request)
• Finalize migration and add NOT VALID Foreign Key (merge request)
• Create award achievement GraphQL mutation (merge request)
• Add pipeline reference in state transition (merge request)
• Added updated_after and updated_before params to milestones API (merge request)
• Add markdown soft break on Shift+Enter (merge request)
• Add cost settings which belongs to a runner (merge request)
• Pre-create initial partition for ci_runner_machine_builds (merge request)
• Introduce ErrorAlert Component to Purchase flows (merge request) GitLab Enterprise Edition
• Schedule FK async validations for p_ci_builds_metadata partitions (merge request)
• Add rate limits for access of Projects API (merge request)
• Add inbound access control to projects (merge request)
• Add Create Runner mutation (merge request)
• Add code step (merge request)
• Add Create Runner mutation by @tschmitke (merge request)
• Cleanup add_refresh_pull_mirror_worker feature flag (merge request)
• Release GitLab for Slack notifications (merge request) GitLab Enterprise Edition
• Display parent and work item ID on detail page (merge request)
• Add audit even for agent token creation (merge request) GitLab Enterprise Edition
• Added deprecation warning for Slack on self-hosted (merge request)
• Frontend implementation of work item notes subscription (merge request)
• Expose issue count flow metric via GraphQL (merge request) GitLab Enterprise Edition
• Skip License#check_trueup when converting to cloud (merge request) GitLab Enterprise Edition
• Added the deprecation alert to Slack notifications (merge request)
• Refactor tests for admin mode by @TrueKalix (merge request)
• Add add_concurrent_index migration for index_namespaces_on_updated_at (merge request)
• Add add_concurrent_index migration for index_users_on_updated_at (merge request)
• Summary quick view of issuables using markdown (+s) (merge request)
• API Discovery analyzer for java spring-boot (merge request) GitLab Enterprise Edition
• Add pre scan verification create-update service (merge request)
• BG migration to add issue links to existing findings (merge request)
• Validate and replace FK for ci_build_report_results and ci_builds (merge request)
• SSO-provisioned users are redirected to SSO login after confirmation (merge request) GitLab Enterprise Edition
• Expose total weight for epic board list API (merge request) GitLab Enterprise Edition
• Add bulk_import_export_batches & bulk_import_batch_trackers db tables (merge request)
• Update FKs between p_ci_builds_metadata partitions and ci_builds (merge request)
• Adds delete action on package other versions tab (merge request)
• Validate and replace FK for ci_job_artifacts and ci_builds (merge request)
• Add frontend validation for discord id (merge request)
• Create namespace_ldap_settings table to move columns from namespaces (merge request)
• Add key_fingerprint_sha256 to SshSignatureType (merge request)
• Validate and replace FK for ci_build_needs and ci_builds (merge request)
• Add deployment approver settings to API by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add status and resolved_at columns to abuse_reports (merge request)
• Add ci_runner_machine_builds join table (merge request)
• Backend for Service Account MVC (merge request)
• Add logs for ci resource groups (merge request)
• Allow abuse reports from epic notes (merge request) GitLab Enterprise Edition
• Add sync index for lfs_objects file column (merge request)
• Add has_failures column to bulk_import_* db tables (merge request)
• Add add_provisioned_by_group_at to user_details (merge request)
• Add sync index for package_files file_name column (merge request)
• Index sbom_occurrences on project_id and id (merge request)
• Add Query.project.dependencies to graphql (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)

Fixed (173 changes)

• Fix URL base of API endpoint (merge request) GitLab Enterprise Edition
• Run in batches uuids count (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.19.1 (merge request)
• Work item add comment bug fix (merge request)
• Use only the valid report findings in PipelineVulnerabilitiesFinder (merge request) GitLab Enterprise Edition
• Fix to prevent unlimited CI includes (merge request)
• Fix duplication of thread comments on snippet and commit page (merge request)
• Different fixes for cleanup policies for container images (merge request)
• Fix NoMethodError: undefined method `sha' (merge request)
• Remove calendar icon from epic list item if no date exists (merge request) GitLab Enterprise Edition
• Address polling edge cases in runner registration (merge request)
• Fix Debian generate for group distributions by @sathieu (merge request)
• Put runner machine heartbet under a feature flag (merge request)
• Fix Debian tarball extensions by @sathieu (merge request)
• Fix work items links for relative url instance (merge request)
• Fix webhook failure callout sticky from some pages (merge request)
• Hide bulk deletion UI of container tags for users without permission (merge request)
• Fix alignment of diff system note icons (merge request)
• Check license for package metadata sync (merge request) GitLab Enterprise Edition
• Rebuild MR report approval rules on group access changes (merge request)
• Render broadcast messages preview in markdown (merge request)
• Expire Etag cache for Environemnt when deployment approved (merge request)
• Fix no author shown when changing state of vulnerability (merge request) GitLab Enterprise Edition
• Rebuild MR report approval rules on project access changes (merge request) GitLab Enterprise Edition
• Require disable_ddl_transaction on bbm finalization (merge request)
• Fix border radius on merge request filter (merge request)
• Run override UUID logic for the added and fixed findings (merge request) GitLab Enterprise Edition
• Fix bug causing only the last schedule type policy to run (merge request) GitLab Enterprise Edition
• Exclude archived projects from total and starred counts (merge request)
• Fix TypeError for empty blob.path (merge request) GitLab Enterprise Edition
• Support Maven artifact classifiers when checking for duplicates (merge request)
• Add support for OCI image indexes in Dependency Proxy (merge request)
• Enforce regex in security orchestration schema (merge request)
• Fix project-level VSA license check (merge request) GitLab Enterprise Edition
• Change occurrences column type to join feedback table (merge request) GitLab Enterprise Edition
• Fix styling of add issuable form input wrapper (merge request)
• Fix yaml load compatible issue by @chaomao (merge request)
• Fix border radius on pending comments (merge request)
• Prevent multiple package metadata sync jobs (merge request) GitLab Enterprise Edition
• Use access exclusive lock for FKs on partitioned tables (merge request)
• Fix license approval policies to consider non-default branches (merge request) GitLab Enterprise Edition
• Fix incorrect has_issues on vulnerability_reads (merge request)
• Fix Profile GPG key timeago tooltip (merge request)
• Improve Scan Details alignment and UI issues (merge request) GitLab Enterprise Edition
• Fix finding details header by @jschafer-gitlab (merge request) GitLab Enterprise Edition
• Fix gitlab cleanup tags service default status (merge request)
• Fix artifacts:public accessiblity parameter (merge request)
• Reduce the chances of deadlocks for builds migrations (merge request)
• Fix 500 error for Instance level SCIM identities (merge request) GitLab Enterprise Edition
• Fix spacing on summary comment tabs (merge request)
• Fix double focus outline in content editor (merge request)
• Fix markdown anchor icon in dark mode (merge request)
• Handle InvalidForeignKey errors when indexing deleted projects (merge request) GitLab Enterprise Edition
• Seperate out jobs count query (merge request)
• Fix bug where adding other approver type is added (merge request) GitLab Enterprise Edition
• Fix namespace null bug (merge request)
• Fix border radius on collapsed replies in diffs (merge request)
• Don't show checklist item dropdown within tables (merge request)
• Label dropdown: fix color swatches :focus (merge request)
• Fix dollar replacements in sprintf (merge request)
• Modifies contribution analytics GraphQL query to be recursive (merge request) GitLab Enterprise Edition
• Removed debounce from issues query (merge request)
• Fixed root_ancestor inside transaction (merge request)
• Avoid 404 on empty Debian component file by @sathieu (merge request)
• Standardize related items counters (merge request)
• Add order_by: 'similarity' to invite group API request (merge request)
• Fix N+1 for search notes (merge request) GitLab Enterprise Edition
• Fix task widget border radius (merge request)
• Process packages with not all details (merge request) GitLab Enterprise Edition
• Fix whitespace after author name in note header (merge request)
• Disallow terraform state management if config is disabled (merge request)
• Fix(Subscription Sync): hide button legacy/offline (merge request) GitLab Enterprise Edition
• Remove non-user links from todos (merge request)
• Adds display for errors in Jupyter Notebooks (merge request)
• Require reCAPTCHA for trial registrations (merge request) GitLab Enterprise Edition
• This MR adds handling yaml parsing errors (merge request) GitLab Enterprise Edition
• Prevent validating an invalid promo code once invalid (merge request) GitLab Enterprise Edition
• Fix UI consistencies in bulk update sidebar (merge request)
• Fix unintended changes in db dictionary after db:migrate (merge request)
• Fix icon and textfield in incident timeline by @Mughees_ (merge request)
• Do not include hidden issues in the ES result (merge request) GitLab Enterprise Edition
• Restore style after leaving fullscreen / zen mode by @winniehell (merge request)
• Splat attributes in update_issue call (merge request)
• Remove special handling of trace in DestroyBatchService (merge request)
• Fixes the border-radius of the tasks widget (merge request)
• Fix finding details header (merge request) GitLab Enterprise Edition
• Add guards for issue instance proxy (merge request) GitLab Enterprise Edition
• Fix typo in Terraform template docs example by @artpropp (merge request)
• Fix ignored task that falls between HTML comments (merge request)
• Use proxy base url for http_url_to_repo (merge request) GitLab Enterprise Edition
• Fix foreign_key_exists? migration helper (merge request)
• Increases size limit for Jupyter Notebook diffs (merge request)
• Do not parse git-notes commits during git access checks (merge request)
• Fix alignment of participants in issuable sidebar (merge request)
• Fix contribution calendar not respecting "First day of the week" (merge request)
• Fix unselectable group webhooks (merge request) GitLab Enterprise Edition
• Fix timeout error while deleting approval rules from scan result policy (merge request) GitLab Enterprise Edition
• Ensure corpus management has active nav (merge request) GitLab Enterprise Edition
• Resolve vulnerabilities for each scanner found in the scan report (merge request) GitLab Enterprise Edition
• Fix notebook viewer switching (merge request)
• Reset subscription max_seats_used on trial upgrade (merge request) GitLab Enterprise Edition
• Issuables author :focus fix (merge request)
• Use min and max date to prevent setting end dates before start dates (merge request) GitLab Enterprise Edition
• Fixing tests for single-db-two-connection (merge request)
• Hide scan details when no report summary scans are available (merge request) GitLab Enterprise Edition
• Fix comment links on work items (merge request)
• Allow blank scope for aggregations endpoint (merge request) GitLab Enterprise Edition
• Provide default path for protected environments (merge request)
• Fix inconsistent behaviour in design comments (merge request)
• Fix :focus on participants (merge request)
• Fix protected environment user list title (merge request)
• Add a boolean field hidden in the Issue ES mapping (merge request) GitLab Enterprise Edition
• Breadcrumb: fix :focus (merge request)
• Fix ArgumentError, use default sort by name (merge request)
• Draft: Use epicsCount from metadata instead of from the list (merge request) GitLab Enterprise Edition
• Fix regex for destination namespace path (merge request)
• Allow searching by full path (merge request)
• Enable Geo::RepositoryRegistrySyncWorker on Geo secondary site (merge request) GitLab Enterprise Edition
• Guard against dropped columns when finalizing user details migration (merge request)
• Replace old image with SVG for empty MR state (merge request)
• Fix ArgumentError for Integrations::Campfire (merge request)
• Open vulnerability history comment editor on focus (merge request) GitLab Enterprise Edition
• Work item: fix title :focus (merge request)
• Change order of CSS imports to fix search icon UI (merge request)
• Update yml validation to be more clear (merge request)
• Add response caching for aggregations (merge request) GitLab Enterprise Edition
• Fix null exception for approvals_before_merge (merge request) GitLab Enterprise Edition
• Fix edge case when parent set to nil (merge request)
• Avoid overwriting runner cached values on job API calls (merge request)
• Include memberships from groups shares in preloader (merge request)
• Fix merge checks group name fetching issue (merge request) GitLab Enterprise Edition
• Deduplicate Group & Project destroy workers (merge request)
• Fix note edited i18n issue (merge request)
• Remove spy on component methods (merge request)
• Fix object deletion not working with Azure Blob Storage (merge request)
• [383842] GitHub importer: fix note attachments (merge request)
• Fix typo in the error message rendering (merge request)
• Update createBranch path with a new value (merge request)
• Fix helpPagePath for import table by @Taucher2003 (merge request)
• Sync pipeline commit message for Jira keys (merge request)
• Modify creating resource access token to create email with random part (merge request)
• Fix NotNullViolation in issues API (merge request)
• Add word-break to generic-sec-report tables (merge request) GitLab Enterprise Edition
• Restore original tooltip after copying (merge request)
• Fix #retry_lock overriding .current_scope (merge request)
• Removing FF deduplicate_archive_traces_cron_worker (merge request)
• Fix page navigation alignment on dependencies / licenses pages (merge request) GitLab Enterprise Edition
• Fix invalid return when malformed data (merge request) GitLab Enterprise Edition
• Fixes logic for when we reset subscription seats (merge request) GitLab Enterprise Edition
• Fix date parsing issue on firefox for datetime on bcast msg (merge request)
• Fix Code Quality text contrast (merge request)
• Abstract count from query (merge request)
• Don't allow nil value for allow_force_push (merge request)
• Fix dependency check in license approval policies (merge request) GitLab Enterprise Edition
• GitLab Direct Transfer - update invalid source GitLab URL error message (merge request)
• Remove valid? check when rendering link (merge request)
• Hide Infra::Google Cloud menu if Google OAuth2 disabled (merge request)
• Fix epic roadmap focus states (merge request) GitLab Enterprise Edition
• Fix imported project labels having a group_id (merge request)
• Remove html comment from text/plain variant "new_review_email" by @xdavidwu (merge request)
• Use spec_helper where required (merge request)
• Fix 500 error for calls without JWT token to Git http (merge request)
• Fix caching headers, drop HTTP/1.0 support (merge request)
• Hide merged date sort option for open/closed MRs page (merge request)
• Fix months dropdown for the usage quotas feature (merge request) GitLab Enterprise Edition
• Updates dashboard design closer to designs and fixes navigation bug (merge request)
• Add services:variables to CI schema (merge request)
• Allow pipeline schedule owner to call take_ownership API (merge request)
• Use declarative enum on external issue link type by @przbadu (merge request) GitLab Enterprise Edition
• Fix S3 backups not working on FIPS systems (merge request)
• Handle rendering errors from reStructuredText (merge request)
• Fix cascading attr ability to set value back to same as ancestor (merge request)
• Fix OAuth application creation through API (merge request)

Changed (249 changes)

• Add polling for pending external status checks (merge request) GitLab Enterprise Edition
• Add ops feature flag to stop pruning old events (merge request)
• This MR changes variant of alert (merge request) GitLab Enterprise Edition
• Allow public runner releases to be disabled (merge request)
• Enhance Security & Compliance Error Handlings (merge request) GitLab Enterprise Edition
• Improve help text for compliance framework configuration UI (merge request) GitLab Enterprise Edition
• Run Gemnasium on file matches in all directories (merge request)
• Adds repository sorting by total storage size (merge request) GitLab Enterprise Edition
• Add default owner for CODEOWNERS section (merge request) GitLab Enterprise Edition
• Remove 'redis_key' from known_events (merge request)
• Fix spec violations in dashboard_spec.js (merge request) GitLab Enterprise Edition
• Add column chart visualization (merge request) GitLab Enterprise Edition
• Fixed spec violations in table_spec.js (merge request) GitLab Enterprise Edition
• Application settings: Remove container limited class (merge request)
• Related merge requests: Enhance styling (merge request)
• Highlight possibility of conflict between branch names settings (merge request)
• Unbox work items (merge request)
• Add complexity and gitaly flag against suggest_approvers field (merge request) GitLab Enterprise Edition
• Changed source of current source data (merge request)
• Use linear ancestors_upto namespace queries (merge request)
• Use linear queries for namespace roots (merge request)
• This MR replaces profiles input fields (merge request) GitLab Enterprise Edition
• Added ability to hide issues in default dropdown (merge request)
• Added response body, changed status (merge request) GitLab Enterprise Edition
• Clean up project and group milestone pages (merge request)
• Add topics help text on the project settings page by @Cryptopone (merge request)
• Reschedule migration for remediation (merge request)
• Removing apple_app_store_integration feature flag (merge request)
• Detail page header: remove borders (merge request)
• Add keyset pagination to project audit events api (merge request) GitLab Enterprise Edition
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Hide upgrade billing for ramped subscriptions (merge request) GitLab Enterprise Edition
• Update license scanning widget with license approval policies (merge request) GitLab Enterprise Edition
• Update ruby-magic to v0.6.0 (merge request)
• Unbox widgets (merge request) GitLab Enterprise Edition
• Remove feature flag cache_client_with_metrics (merge request)
• Improve shared examples with status code by @TrueKalix (merge request)
• Set DS_SCHEMA_MODEL to 15 in Container Scanning CI template (merge request)
• Make switching between editors seamless (merge request)
• Issue: related merge request information (merge request)
• Add check that the Gitlab API is supported (merge request)
• Removes feature flags for refresh seats worker (merge request) GitLab Enterprise Edition
• Streamline from input height (merge request)
• Issues: consolidate buttons (merge request) GitLab Enterprise Edition
• Use linear self_and_hierarchy namespace queries (merge request)
• Add event_types for FeatureFlag audit events (merge request)
• Migrate the commit filtering report to include all commits (merge request) GitLab Enterprise Edition
• Replace admin group, project, and topic avatars with pajamas component (merge request)
• Remove customizable_roles feature flag (merge request) GitLab Enterprise Edition
• Add spacing and migrate card for user usage quotas (merge request)
• Remove extra padding from abuse report actions (merge request)
• Change pipeline stats (merge request) GitLab Enterprise Edition
• Remove 'transparent_sso_enforcement` feature flag (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• refactor: Buton migrated to Pajamas compliant by @imrishabh18 (merge request)
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Add redis counter for manifest delete events (merge request)
• Use project's usage_quotas instead of direct URL (merge request) GitLab Enterprise Edition
• Updated copy on free and trial registration pages (merge request)
• Legacy dropdown improvements (merge request)
• Update free user limit alert copy for non-owner roles (merge request) GitLab Enterprise Edition
• Improve revert/cherry-pick error messages (merge request)
• Fix deprecated interface for YAML.safe_load (merge request)
• Remove tag icon in container registry by @parkourkarthik (merge request)
• Update ruby-magic to v0.5.5 (merge request)
• Wiki directory follow page when they have been combined by @zhyhchg (merge request)
• refactor: Changed the card to pajamas compliant by @imrishabh18 (merge request)
• Migrate start and end date button on burndown chart (merge request)
• Migrate restore group button to pajamas component (merge request)
• Reduce sub-batch size for failed Batched Background Migration Jobs (merge request)
• Migrate edit merge request button to pajamas component (merge request)
• Adds triggers to Database Schema validations (merge request)
• Scope issue model iid to namespace (merge request)
• Use small variant for pending comment badge (merge request)
• Add audit events for sharing a group membership to another group (merge request) GitLab Enterprise Edition
• Removes prefixed asterisk for path filters (merge request) GitLab Enterprise Edition
• Migrate projects auto devops card to pajamas (merge request)
• Delete orphaned packages dependencies (merge request)
• Group overview: changes recent activity bold text to content (merge request) GitLab Enterprise Edition
• Migrated Read more button to Pajamas on project env page (merge request)
• This MR replaces tooltip with popover (merge request) GitLab Enterprise Edition
• Set 'send_user_confirmation_email' application (merge request)
• Create label: add color picker (merge request)
• Update card component in Project mirror settings (merge request)
• Migrate 2fa cards to Pajamas components (merge request)
• Update cards component in project starrer page (merge request)
• Remove dynamic_nonce feature flag (merge request)
• Make Security Sidebar part of "Your Work" (merge request) GitLab Enterprise Edition
• Remove disabled_mr_discussions_redis_cache feature flag (merge request)
• Update installation command for maven package (merge request)
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Remove enforce_max_attachment_size_upload_api feature flag (merge request)
• Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
• Remove bottom border from page titles (merge request)
• Added unlimited members alert to members pages (merge request) GitLab Enterprise Edition
• Timeline: tidy up system notes (merge request)
• Migrate evidences from raw_metadata (merge request)
• Add hashed root namespace id mapping to Note index (merge request) GitLab Enterprise Edition
• Add cache for Software Licenses table (merge request) GitLab Enterprise Edition
• Fixes the alignment of the bio on the user profile page (merge request)
• Add cicd config button when missing yaml (merge request)
• Update Slack authorization page UI (merge request)
• Remove linear_user_manageable_groups feature flag (merge request)
• Remove linear_project_ancestors feature flag (merge request)
• Remove use_iid_in_work_items_path feature flag from backend (merge request)
• Use icon button for subscribe to rss feed/calendar (merge request)
• Add tooltip to pending badge (merge request)
• Translate error messages when creating security policy projects (merge request) GitLab Enterprise Edition
• Update table header (merge request)
• Update gitlab pages (merge request)
• Adjust tests to api admin mode by @TrueKalix (merge request)
• Renames fk_rails_f601258b28 FK to fk_rails_0434b48643 on events table (merge request)
• Removed CTA from Free Plan on billings page (merge request) GitLab Enterprise Edition
• This MR adds switch mode for runner tags (merge request) GitLab Enterprise Edition
• Update css_parser gem to v1.14.0 (merge request)
• Rename "CI / CD > Test Cases" to "CI / CD > Test cases" (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request) GitLab Enterprise Edition
• Keep author and timiestamp visible when editing comment (merge request)
• Remove enforced_sso_expiry feature flag (merge request) GitLab Enterprise Edition
• Add breadcrumb linking to dashboard page to project#new (merge request)
• Add breadcrumb linking to dashboard page to group#new (merge request)
• Clean up invite_members_in_side_nav experiment (merge request)
• Hide access token related instructions for public pypi package (merge request)
• Add colors to user tokens on escalation view (merge request) GitLab Enterprise Edition
• Removes feature flag user_search_simple_query_string (merge request) GitLab Enterprise Edition
• Hanlde issue model to reference through the namespace (merge request)
• Add status check id to MR status check widget (merge request) GitLab Enterprise Edition
• Unconcatenate errors for personal access tokens (merge request)
• Database migration for new deny all app setting (merge request)
• Update dependency auto-build-image to v1.30.0 (merge request)
• Enable full_path_project_search feature flag by default (merge request)
• Expose max_seats_used_changed_at in namespace API (merge request) GitLab Enterprise Edition
• Sync Security Policies only for project with updated protected branches (merge request) GitLab Enterprise Edition
• Fix combine page directory case sensitivity bug (merge request)
• Distinguish authentication errors in commits API (merge request)
• Use Gitlab.com? to check if a container has been migrated (merge request)
• User profile page header tidy (merge request)
• Remove the feature flag bulk_cron_worker_auto_requeue (merge request) GitLab Enterprise Edition
• Rename "Configuration" to "Security configuration" (merge request)
• Rename "Repository > Locked Files" to "Repository > Locked files" (merge request)
• Rename "Repository > Contributors" to "Contributor statistics" (merge request)
• Support Ubuntu ddeb by @sathieu (merge request)
• Remove integration_id column from chat_names (merge request)
• User avatar link: fix spacing (merge request)
• Make catalog_resources.project_id to be unique (merge request)
• Update parsing of *_DISABLED variables (merge request)
• Your Work: Environments and Operations Dashboard (merge request) GitLab Enterprise Edition
• Change widget empty state of work items & linked issues/epics (merge request)
• Removes advanced_user_search feature flag (merge request) GitLab Enterprise Edition
• Merged message: change alignment of revert and cherry-pick buttons (merge request)
• Validates db/structure.sql changes without migrations (merge request)
• Rename "Discover" to "Security capabilities" (merge request) GitLab Enterprise Edition
• Prevent Ruby sessions from serializing arbitrary objects (merge request)
• Update super-sidebar styles and add overlay (merge request)
• This MR introduces tags parsing error handling (merge request) GitLab Enterprise Edition
• Update merge strategy labels for Mr. Widget (merge request)
• Move follower counts on profile page (merge request)
• Add check_type enum to PreScanVerificationStep (merge request) GitLab Enterprise Edition
• New section to disable all 2FA (merge request)
• Rename "Repository > Compare" to "Repository > Compare revisions" (merge request)
• Add link to redirect back to sign-up page (merge request)
• Improve visibility of SAST Analyzers banner (merge request) GitLab Enterprise Edition
• Remove the parallel_bulk_cron_worker feature flag (merge request) GitLab Enterprise Edition
• Schedule async temp index on finding report types (merge request)
• Remove use_response_url_for_chat_responder FF (merge request)
• Migrate links for vulnerability findings from (merge request)
• Suppress routing error log messages with POST /jwt/auth route (merge request)
• Standardize note edited presentation (merge request)
• Expand invite modal buttons (merge request)
• Send email when exporting work items as CSV (merge request)
• Implement partially cached MR security reports paths (merge request) GitLab Enterprise Edition
• Improve shared examples for api admin mode by @TrueKalix (merge request)
• Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
• Remove the feature_flag code_basic_search_files_by_regexp (merge request)
• Drop unnecessary storing of WebAuthn credential options in session (merge request)
• Updated Security Compliance SideNav text to sentence case by @parkourkarthik (merge request)
• Fix(Subscr.): success notification + loading icon (merge request) GitLab Enterprise Edition
• This MR updates tags field to be a dropdown (merge request) GitLab Enterprise Edition
• Security warning when rebasing (merge request)
• Log an activity event when an agent token is revoked (merge request)
• Change default public cost factor (merge request)
• Migrate the remediation data into their own (merge request)
• Streamline appearance of widgets (merge request)
• Add styles for line sticky headers (merge request) GitLab Enterprise Edition
• Change private method default values (merge request) GitLab Enterprise Edition
• Adds fuzzy to the list of advanced search syntax options (merge request) GitLab Enterprise Edition
• Add sync creation of next_over_limit_check_at index (merge request)
• Use linear ancestor queries (merge request)
• Use linear queries for namespace ancestor queries (merge request)
• Add specific DORA metric fields to Graphql type (merge request) GitLab Enterprise Edition
• Update webauthn gem to v3.0 (merge request)
• Improves the consistency of the dropdowns (merge request)
• Update scan policies text (merge request)
• Adds project_id to the Note API entity (merge request)
• Update vulnerability_reads trigger to set has_issues (merge request)
• Cleanup 'rely_on_protected_branches_cache' feature flag (merge request)
• Add Search::ReindexingService (merge request) GitLab Enterprise Edition
• Updates advanced user search to use simple query string and fuzzy match (merge request) GitLab Enterprise Edition
• Load partitioned index name if enabled (merge request) GitLab Enterprise Edition
• Launch invite modal from invite members in top nav (merge request)
• Add expand/collapse button on list in wiki sidebar by @qk44077907 (merge request)
• Decrease maximum runtime for VSA aggregations (merge request) GitLab Enterprise Edition
• Add same ssh ports check for geo::check rake task (merge request) GitLab Enterprise Edition
• Renaming the rules label to conditions (merge request) GitLab Enterprise Edition
• Switch package metadata sync to run hourly (merge request) GitLab Enterprise Edition
• Geo: Verification of container repositories (merge request)
• Introduce registry_size_estimated to namespace_root_storage_statistics (merge request)
• Improve issuable locked warning styling (merge request)
• Create index on approval_rules for scan_result_policy_id (merge request)
• Raise CI variables limits on gitlab.com (merge request)
• Validate oauth_access_tokens#expires_in not null (merge request)
• Truncate commits that exceeds the new commits note display limit (merge request)
• Update delete icon in manual var form (merge request)
• Cleanup 'delayed_repository_update_mirror_worker' feature flag (merge request)
• Use mergeRequestLinks on vulnerability details page (merge request) GitLab Enterprise Edition
• Update activation error handling (merge request) GitLab Enterprise Edition
• Set GITALY_SERVERS for gitaly-backup (merge request)
• Update component to use GraphQL jobPlay (merge request)
• Update dependency auto-deploy-image to v2.47.0 (merge request)
• Fetch and display report data (merge request) GitLab Enterprise Edition
• Refactors component ml_experiments_show.vue (merge request)
• Clean up invite_for_help_continuous_onboarding (merge request)
• Group issue-board controls into ellipsis dropdown (merge request)
• Prepare async foreign key validation for ci_build_trace_metadata (merge request)
• Prepare async foreign key validation for ci_job_variables (merge request)
• Prepare async foreign key validation for ci_sources_pipelines (merge request)
• Add default_color_scheme to Gitlab settings by @colin969 (merge request)
• Remove N+1 when loading finding link relations in serialization (merge request) GitLab Enterprise Edition
• Show group sidebar while creating a new subgroup or project (merge request)
• Scope FK name uniqueness to the table name (merge request)
• Add runner registration page (merge request)
• Remove feature flag ci_use_downstream_pipeline_duration_for_calculation (merge request)
• Allow new Slack integrations created on GitLab.com (merge request)
• Lock timelogs when project is archived by @Taucher2003 (merge request)
• Ask for recovery code if WebAuthn is the only 2FA (merge request)
• Improve devise error_message by @ali_o_kan (merge request)
• Swap the order of pin and password fields (merge request)
• Wording changes related to webauthn_without_totp (merge request)
• Show numeric keyboard on mobile for 2fa codes (merge request)
• Cleaned up successful experiment trial_email_validation (merge request)
• Cache search#autocomplete on the frontend (merge request)
• [Feature flag] Clean Up all_commits_compliance_report feature flag (merge request) GitLab Enterprise Edition
• Remove NO_ACCESS option from unprotect_access_level (merge request) GitLab Enterprise Edition
• Update dependency auto-build-image to v1.29.0 (merge request)
• Resolve vulnerabilities from successful scans (merge request) GitLab Enterprise Edition
• Hide software license policies created through scan result policy (merge request) GitLab Enterprise Edition
• Add index on vulnerability_reads (merge request)
• Add index for next_over_limit_check_at (merge request)
• Remove ignore for dropped user profile fields by @brianjaustin (merge request)

Deprecated (2 changes)

• Remove default_value_for gem (merge request)
• UNSTRUCTURED_RAILS_LOG disabled by default (merge request)

Removed (26 changes)

• Cleaned up video_tutorials_continuous_onboarding experiment (merge request) GitLab Enterprise Edition
• Add cleanup migration for orphan Software Licenses (merge request)
• Remove bulk_import_projects from frontend (merge request)
• Remove group_administration_nav_item feature flag (merge request) GitLab Enterprise Edition
• Remove exponential increase experiment (merge request)
• Remove audit log group level feature (merge request) GitLab Enterprise Edition
• Remove learn gitlab project creation (merge request) GitLab Enterprise Edition
• Remove issue templates promotion pop up (merge request) GitLab Enterprise Edition
• Clean up environments search logging feature flag (merge request)
• Drop revokable from achievements by @Taucher2003 (merge request)
• Remove incorrectly onboarded namespaces from onboarding table (merge request)
• [385649] Rollout FF github_client_fetch_repos_via_graphql (merge request)
• git: Remove unused root tree object ID from Git::Tree (merge request)
• Removed cube_api_proxy flag (merge request)
• Remove backup upload drivers Openstack Swift and Rackspace (merge request)
• Remove reactivate/extend trial button (merge request)
• Remove dast_site_validation_drawer feature flag (merge request) GitLab Enterprise Edition
• Remove deprecated path (merge request)
• Remove the send_user_confirmation_email column (merge request)
• Remove concurrent index for index_ci_builds_on_token_encrypted (merge request)
• Prepare async index removal of token for ci_builds (merge request)
• Remove Jira Connect public key storage config (merge request)
• Remove revoke_ssh_signatures feature flag (merge request)
• Remove action_monthly_active_users_web_ide_edit metric (merge request)
• Remove feature flag improved_spread_parallel_import (merge request)
• Remove errantly onboarded namespaces (merge request)

Security (24 changes)

• Protect Datadog API key by changing Datadog site
• Stop Group Transfer Service if SAML Provider or SCIM token is present
• Disallow maintainer to create an owner access token
• Verify Kroki diagram type
• Fix pagination limits for Commits API
• Using builds metadata to determine debug_mode
• Check read_release permission before showing releases in Tags API
• Mask Google IAP account details in Prometheus integration
• Block private personal snippet from unauthorized users
• Protect integrations' sensitive information exposed via API
• Paste only text content in work items title
• Jira DVCS OAuth Open Redirect Vulnerability
• Protect Datadog API key by changing Datadog site
• Stop Group Transfer Service if SAML Provider or SCIM token is present
• Disallow maintainer to create an owner access token
• Verify Kroki diagram type
• Fix pagination limits for Commits API
• Using builds metadata to determine debug_mode
• Check read_release permission before showing releases in Tags API
• Mask Google IAP account details in Prometheus integration
• Block private personal snippet from unauthorized users
• Protect integrations' sensitive information exposed via API
• Paste only text content in work items title
• Jira DVCS OAuth Open Redirect Vulnerability

Performance (10 changes)

• Remove index on events.actions async (merge request)
• Remove notes id while initializing notes component (merge request)
• Use replica to fetch package licenses (merge request) GitLab Enterprise Edition
• Swap explore/groups performance fix to .com only (merge request)
• Use custom Redis backend for Rack::Attack (merge request)
• Increase request timeout in bulk imports (merge request)
• Remove FF for token removal (merge request)
• Add etag caching for epic changes (merge request) GitLab Enterprise Edition
• Remove redundant project selection (merge request)
• Improve performance while exporting CI pipelines (merge request)

Other (55 changes)

• Add worker to wait for project export relations to finished (merge request)
• Edit or remove links to deleted docs (merge request)
• Add BulkImports::ExportBatch & BulkImports::BatchTracker models (merge request)
• Remove repack_after_shard_migration feature flag (merge request)
• Add test cases for work items title and milestone (merge request)
• Handle design notes error logic in single component (merge request)
• Delete security_policy_bot user records (merge request)
• Provide :debug_permission_checks flag for specs (merge request)
• Backfill the prepared_at column for older merge requests (merge request)
• Extend redis hll metrics for github import (merge request)
• Cop to ensure BBM has the associated dictionary file (merge request)
• Creates migration to swap columns (merge request)
• Change VSD url (merge request) GitLab Enterprise Edition
• Update Import failures to include subrelation errors (merge request)
• Remove bulk_import_projects feature flag (merge request)
• Lock net-protocol version to match the monkey patch (merge request)
• Fix rake/require offence in following files: by @przbadu (merge request)
• Clean up p_ci_builds_metadata schema (merge request)
• Remove EnumWithNil helper (merge request)
• Finalize conversion of timelogs.note_id to bigint (merge request)
• Remove hash_oauth_secrets feature flag (merge request)
• Update gitlab-qa gem version (merge request)
• Add migrations_should_finish on elastic_index_dependant_association (merge request) GitLab Enterprise Edition
• Update Codeowners after Certify change (merge request)
• Update Gitlab Shell version to 14.18.0 (merge request)
• Validate and replace FK for p_ci_builds_metadata and ci_builds (merge request)
• Creates a dictionary file on generating the BBM (merge request)
• Remove invalid deprecation notice about maintainer_note (merge request)
• Schedule temporary partitioning indexes removal (merge request)
• Prepare async index on expire_at for unlocked non-trace job artifacts (merge request)
• Remove ci_destroy_unlocked_job_artifact feature flag (merge request)
• Backfill merge request compliance violations table (merge request)
• Add metrics for Redis Cluster redirection (merge request)
• Patch ActiveRecord Preloader to imiatate Rails 7 interface (merge request)
• Remove notes_create_service_tracking feature flag (merge request)
• Adds CIComponentRepositories table (merge request)
• Update CI includes counting structure to include duplicates (merge request)
• Suggest refreshing LDAP group sync page (merge request) GitLab Enterprise Edition
• Remove span to fix button sizing (merge request)
• Make WIP limits button use sentence case (merge request)
• Updating BBM docs to include generators info (merge request)
• Drop non-partitioned FK for ci_running_builds and ci_builds (merge request)
• Drop non-partitioned FK for ci_pending_builds and ci_builds (merge request)
• Make delete action danger variant (merge request)
• Update release version info for direct transfer group relations (merge request)
• Default enable vue_issues_dashboard feature flag (merge request)
• Set traversal_ids on save (merge request)
• Rake task gitlab:db:lock_writes should include table partitions (merge request)
• Add alternative Redis backend for Rack::Attack (merge request)
• Update BulkImport#has_failures attribute when a new failure is created (merge request)
• Creates migration for finalizing ciBuildNeeds BigInt conversion (merge request)
• Remove fallback reads for MultiStore (merge request)
• Remove route_hll_to_snowplow_phase2 feature flag (merge request)
• Add Snowplow instrumentation for secrets usage (merge request) GitLab Enterprise Edition
• Refactor root sha access code (merge request)

change (1 change)

• Update submit buttons to use Pajamas component (merge request)

15.9.8 (2023-05-10)

No changes.

15.9.7 (2023-05-03)

Security (1 change)

• Only maintainers of projects should be able to assign runners to them (merge request)

15.9.6 (2023-05-01)

Security (8 changes)

• Resolve ambiguous references for archive metadata (merge request)
• Commit trailers now only match public user email addresses (merge request)
• Handle invalid URLs in asset proxy (merge request)
• Relay state to check for only allowing sub paths (merge request)
• Prohibit 40 character hex sets at beginning of path-based branch name (merge request)
• Update policy to prevent banned members from accessing public projects (merge request)
• Use dummy filename as filename when viewing raw xml files (merge request)
• Authorize access to vulnerabilitiesCountByDay resolver (merge request)

15.9.5 (2023-04-21)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.9.4 (2023-03-30)

Security (16 changes)

• Add checks to remove open redirects from Observability URL (merge request)
• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Use UntrustedRegexp to limit scan of HTML comments (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.9.3 (2023-03-09)

Fixed (4 changes)

• Fix foreign_key_exists? migration helper (merge request)
• Enable Geo::RepositoryRegistrySyncWorker on Geo secondary site (merge request) GitLab Enterprise Edition
• Guard against dropped columns when finalizing user details migration (merge request)
• Fix object deletion not working with Azure Blob Storage (merge request)

15.9.2 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.9.1 (2023-02-23)

Fixed (2 changes)

• Fix Broadcast messages not showing in admin console (merge request)
• Fix dependency check in license approval policies (merge request) GitLab Enterprise Edition

15.9.0 (2023-02-21)

Added (223 changes)

• Initialize conversion of notes.id to bigint (merge request)
• Add top-level groups GraphQL query (merge request)
• Add aditional arguments to IssuesBulkUpdate mutation (merge request)
• Expose project visibleForks in GraphQL (merge request)
• Add MR settings support for group (EE frontend) by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add EE only metrics for license compliance MR widget (merge request)
• Add widget definitions table (merge request)
• Board - Move epic at top or bottom of list (merge request) GitLab Enterprise Edition
• Add package metadata ingestion service (merge request)
• Initialize the conversion of todos.note_id to bigint (merge request)
• Allow users to stop stale environments via the UI (merge request)
• Process webhook notification to send HLLRedis metrics (merge request) GitLab Enterprise Edition
• Add ability to re-import projects for project importers (merge request)
• Migration to re-enqueue epic cache counts update (merge request)
• Add metric for integrations with Jira (merge request)
• Add GraphQL mutation to approve or reject deployment (merge request) GitLab Enterprise Edition
• Extend Scan Result Policies to process License Approval Policies (merge request) GitLab Enterprise Edition
• Adds bulk delete UI for other versions of package (merge request)
• Add inbound access control to projects (merge request)
• Display revoke-ssh-key button by default (merge request)
• Add more placeholders to service desk custom templates (merge request)
• Show access as "Custom" in UI when custom role (merge request) GitLab Enterprise Edition
• Adds menu to open Model experiments (merge request)
• Add mirror branch setting radio and regex input by @qk44077907 (merge request) GitLab Enterprise Edition
• Allow user to toggle labels on Roadmap (merge request) GitLab Enterprise Edition
• Create a new table for storing automation rules (merge request)
• Initialize conversion of suggestions.note_id to bigint (merge request)
• Initialize conversion of vulnerability_user_mentions.note_id to bigint (merge request)
• Initialize conversion of merge_request_user_mentions.note_id to bigint (merge request)
• Allow to export work items as CSV (merge request)
• Introduce migration for emails_enabled column by @joe-snyder (merge request)
• Add sync service (merge request) GitLab Enterprise Edition
• API to create gitlab ci yml merge request (merge request) GitLab Enterprise Edition
• Add scan result policy relation to approval rules (merge request)
• Display package errors on Other versions tab of package registry (merge request)
• Add partitioned index and FK for ci_job_artifacts and ci_builds (merge request)
• Add partitioned index and FK for ci_build_trace_metadata and ci_builds (merge request)
• Add scheduled job to start package metadata sync (merge request) GitLab Enterprise Edition
• Allow releases to be downloaded by sessionless users (merge request)
• Rebalance partition_id for ci_builds (merge request)
• Add API::MemberRoles endpoints to OpenApiV2 documentation (merge request) GitLab Enterprise Edition
• Allow milestones to be specified by ID on the release API (merge request)
• Initialize conversion of timelogs.note_id to bigint (merge request)
• Initialize conversion of system_note_metadata.note_id to bigint (merge request)
• Add shared example for testing admin mode by @TrueKalix (merge request)
• Add Jira Connect public key store setting (merge request)
• Add Gitaly dns scheme support (merge request)
• Add warning about native attachments in Service Desk comments section (merge request)
• Initialize conversion of note_diff_files.diff_note_id to bigint (merge request)
• Initialize conversion of issue_user_mentions.note_id to bigint (merge request)
• Reschedule Feedback -> StateTransition background migration, attempt 3 (merge request)
• Add README for groups (merge request)
• Add Issue.relatedMergeRequests to GraphQL API by @Taucher2003 (merge request)
• Enable cross-group child epics (merge request) GitLab Enterprise Edition
• Implemented deleting WI notes (merge request)
• Support quick auctions for work item via description editing (merge request)
• PUT /[groups|projects]/:id/members/:user_id accepts member_role_id (merge request) GitLab Enterprise Edition
• Fix unique index on ci_build_pending_states (merge request)
• Add related_epic_links API for groups (merge request) GitLab Enterprise Edition
• Update GraphQL API for work item quick actions (merge request)
• Add created and updated dates to work items (merge request)
• Add fields for appearance pwa attributes by @TrueKalix (merge request)
• Support filtering merge request diffs by keyword via GraphQL (merge request)
• Support filtering uploads registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add more fields to OAuthID tokens (merge request)
• Remove project_language_search feature flag (merge request)
• Initialize conversion of snippet_user_mentions.note_id to bigint (merge request)
• Initialize conversion of design_user_mentions.note_id to bigint (merge request)
• Initialize conversion of commit_user_mentions.note_id to bigint (merge request)
• Limit the initialized metrics by service (merge request)
• Database and API for Git abuse rate limiting alerted users (merge request)
• Add API endpoint for epic boards lists (merge request) GitLab Enterprise Edition
• Rebalance partition_id for ci_pipelines (merge request)
• Add engine_name to CQ violations response (merge request)
• Add logic to create ci_runner_machine on job request (merge request)
• Add async foreign key validation model (merge request)
• Load pwa logo dynamicly to manifest.json by @TrueKalix (merge request)
• Add new cancel_all github imports endpoint (merge request)
• Expose group runners toggle in Projects API by @nejc (merge request)
• Expose Discord ID to API by @ideclon (merge request)
• Add dismissal data to SecurityReportFinding (merge request) GitLab Enterprise Edition
• Add include:component syntax to fetch CI components (merge request)
• Add elastic backfill migration for internal notes (merge request) GitLab Enterprise Edition
• Add subscription for user notes on work items (merge request)
• [388273] GitHub importer: respond with fail exception message (merge request)
• Support image attributes for videos (merge request)
• Add environments anchor to project home (merge request)
• Allowed users to update time estimate via GraphQL mutations by @zillemarco (merge request)
• Adds initial metrics for Ml Experiment Tracking (merge request)
• Allow users to filter epics by sub group (merge request) GitLab Enterprise Edition
• Support filtering LFS objects registries by keyword via GraphQL (merge request)
• Adds OR filtering by author for epics (merge request) GitLab Enterprise Edition
• Add support for alternative internal issue reference prefix "GL-" by @svoop (merge request)
• Email worker for abandoned trials (merge request)
• Update ci_resources FK to include partition_id (merge request)
• Add partitioned index and FK for ci_job_variables and ci_builds (merge request)
• Support filtering terraform registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Introduce ::Zoekt::Logger and log search errors (merge request) GitLab Enterprise Edition
• Add new Terraform-Module.gitlab-ci.yml CI/CD template (merge request)
• Add DELETE draft note endpoint to api (merge request)
• Adds API endpoint for getting a single draft note (merge request)
• Initialize migration of sent_notifications.id to bigint (merge request)
• Instrument Adoption for Custom Roles MVC (merge request) GitLab Enterprise Edition
• Add discord to user profile social networks (merge request)
• Enable ci_register_job_temporary_lock by default (merge request)
• Reschedule Feedback -> StateTransition background migration (merge request)
• Add help link for opt in JWT setting (merge request)
• Adds OR filters for epic boards (merge request) GitLab Enterprise Edition
• Extend encrypted secrets support to incoming and service desk email (merge request)
• Initialize conversion of epic_user_mentions.note_id to bigint (merge request)
• Support quick action autocompletion and preview for work items (merge request)
• Add FK including partition_id to ci_build_report_results (merge request)
• Add Language aggregation components to the sidebar (merge request)
• Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
• Added documentation for new language filter for projects by @zillemarco (merge request)
• Remove mr_compare_dropdowns feature flag (merge request)
• Support filtering snippet repositories registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Support filtering pages deployment registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Default enable customizable_roles feature flag (merge request) GitLab Enterprise Edition
• Debian direct deb and udeb upload by @sathieu (merge request)
• Add position_in_list for epicMoveList mutation (merge request) GitLab Enterprise Edition
• Implement notification for created release (merge request)
• Schedule index for ci_build_needs (merge request)
• Add FK including partition_id to ci_build_needs (merge request)
• Add group epic boards API endpoint (merge request) GitLab Enterprise Edition
• GraphQL: Add ephemeral_authentication_token field to CiRunner (merge request)
• Schedule partial index for ci_build_report_results (merge request)
• Add count projects with monitor enabled metric (merge request)
• Add migration to nullify projects.creator_id (merge request)
• Support filtering container repositories by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add gcp connector for importing package metadata (merge request)
• Adds basic docs for new Draft Notes API (merge request)
• Add securityFindingRevertToDetected mutation (merge request) GitLab Enterprise Edition
• Support filtering package files registries by keyword via GraphQL (merge request)
• feat: Auto-revoke leaked GitLab PATs on default branch detection (merge request) GitLab Enterprise Edition
• Allow to filter work items by author on GraphQL (merge request)
• Add Analytics Dashboards pointer for projects (merge request)
• Add index to installable npm packages (merge request)
• Add partitioned index and FK for ci_sources_pipelines and ci_builds (merge request)
• Navigate across dashboard pages with a new "Your work" sidebar (merge request)
• Add deploy_key associations and validations to protected tags (merge request)
• Add GraphQL support of 'CodeQualityReportSummary' by @luzhiyuan.deer (merge request)
• Add author to GraphQL WorkItem Type (merge request)
• Changes candidate table to Keyset Pagination (merge request)
• Support filtering secure files registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Add index to gitlab subscriptions (merge request)
• Adds candidate count to Ml::Experiment (merge request)
• Add MR meta to merge_request_compliance_violations table (merge request)
• Adds search timeout rescue support (merge request)
• Add Geo::WikiRepositoryState model (merge request)
• Show comment threads in work items (merge request)
• Add confirmation modal when retrying a bridge (merge request)
• Add deploy_key_id field to protected_tag_create_access_levels
• Add initial implementation of CI templates interpolation (merge request)
• Add zoekt code search integration (merge request)
• Add deploy_key_id field to protected_tag_create_access_levels (merge request)
• Expose squash_on_merge field in merge request REST API (merge request)
• Add help message and link for protecting existing environments (merge request) GitLab Enterprise Edition
• Show tags for upcoming deployments in deployment detail (merge request)
• Create test reports widget (merge request) GitLab Enterprise Edition
• Add background migration to fix packages_sizes in project statistics (merge request)
• Add Language aggregation state to the sidebar component (merge request)
• Expose :admin_work_item permission on GraphQL (merge request)
• Drop old FKs on ci_builds (merge request)
• Add sort option to GraphQL ci variables (merge request)
• Reschedule Feedback -> StateTransition background migration (merge request)
• Add GraphQL fields needed for approval widget (merge request) GitLab Enterprise Edition
• Expose comment field on Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
• Add report abuse category to comments on issues & MRs (merge request)
• Trigger merge status subscription when blocking MR gets added/removed (merge request) GitLab Enterprise Edition
• Add new tags for incident timeline events (merge request)
• Add ability for top-level group owners to ban members from the group (merge request) GitLab Enterprise Edition
• Allow filtering by legacy requirement IID in Work Items API (merge request) GitLab Enterprise Edition
• Add FK to ci_running_builds (merge request)
• Add deactivation_email_additional_text database setting by @KyleFromKitware (merge request)
• Assign ArkoseLabs risk band to users that signed up with OAuth (merge request) GitLab Enterprise Edition
• Add matched_lines_count in the Gitlab::Search::FoundBlob (merge request) GitLab Enterprise Edition
• Update ci_builds_runner_session FK to include partition_id (merge request)
• Add cronjob to clean up stale runner machines (merge request)
• Redefine FK update statement (merge request)
• Add FK to ci_pending_builds (merge request)
• Allow revoking signing SSH keys (merge request)
• Add link to spam input in abuse report form (merge request)
• Add documentation for RedisCommands::Recorder tool (merge request)
• Add snowplow event and redis counters to track design comment removal (merge request)
• Add Service Desk custom email foundation (merge request)
• Adds Candidate Search to Experiment page (merge request)
• Return job erase date in GraphQL by @X_Sheep (merge request)
• Add timestamp columns to bulk_import_trackers table (merge request)
• Add report abuse category to comments on issues & MRs (merge request)
• Add index to p_ci_builds_metadata partition metadata table (merge request)
• Add class for fetching package licenses (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Return job erase date in API responses by @X_Sheep (merge request)
• Support on update in postgres_foreign_keys (merge request)
• Attempts to restore plan_limits.web_hook_calls (merge request)
• Add specs for new API endpoint, update docs (merge request)
• Add dast_profiles_tags table (merge request)
• Add docs for authenticating with ID tokens (merge request) GitLab Enterprise Edition
• Create encrypted application setting for product analytics clickhouse (merge request)
• Toggle JWT access from CI/CD settings (merge request)
• Implement Admin Mode for API by @wwwjon (merge request)
• Add Airflow DAGs data model (merge request)
• Add tmp indexes for CI partitioning - 3 (merge request)
• Add pipelineScheduleUpdate mutation (merge request)
• Create table project_data_transfers to store egress data per project (merge request)
• Allow releases to be downloaded by sessionless users (merge request)
• Limit the number of reviewers to maximum 200 (merge request)
• Add a button to toggle issues sections (merge request) GitLab Enterprise Edition
• Trigger merge status subscription when blocking MR gets merged (merge request) GitLab Enterprise Edition
• Add root level issues GraphQL query (merge request)
• Add tmp indexes for CI partitioning - 2 (merge request)
• Run SAST and Dependency Scanning jobs in same pipeline for scan policies (merge request) GitLab Enterprise Edition
• Send fork ahead/behind links to frontend (merge request)
• Add GQL endpoint for toggling JWT access (merge request)
• Add internal Note field for Elastic and sync (merge request) GitLab Enterprise Edition
• Remove allow_possible_spam feature flag (merge request)
• Adds a jobs tab in group runner details (merge request)
• Introduce ExcludedNamespace model/table (merge request)
• Remove mr_review_submit_comment feature flag (merge request)
• Add partitioning temp indexes to CI tables (merge request)
• Support filtering pipeline artifacts registries by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Remove double-up of clear icons from search inputs (merge request)

Fixed (177 changes)

• Consider namespaces with dots in existence check by @winniehell (merge request)
• Fix partition ids for ci_sources_pipelines records (merge request)
• Fix caching of search counters (merge request)
• Fix Rake/Require offence in dependency_proxy/migrate rake task (merge request)
• Add spec_helper for failing f-flag specs (merge request)
• Pass content disposition in query when no cdn used (merge request)
• Fix missing data in merge request note on vulnerability details page (merge request) GitLab Enterprise Edition
• Filter duplicated downstreams in mini pipeline graph using REST (merge request)
• Encrypt trigger tokens in DB (merge request)
• Fix card button overflow on boards (merge request)
• Fix partition_id for p_ci_build_metadata (merge request)
• Fix partition_id for ci_job_artifacts (merge request)
• Fix partition_id for ci_build_report_results (merge request)
• Fix partition_id for ci_pipeline_variables (merge request)
• Fix partition_id for ci_build_trace_metadata (merge request)
• Pass the correct container object for DORA metrics (merge request) GitLab Enterprise Edition
• Remove spying on component methods (merge request)
• Migrates LabelsSelect to LabelsSelectWidget and fixes bug (merge request) GitLab Enterprise Edition
• Rescue JSON::ParserError in BulkImports::Clients::Graphql (merge request)
• Fix failing spec (merge request)
• Deduplicate Ci::ArchiveTracesCronWorker Jobs (merge request)
• Refactor component to improve reactivity (merge request) GitLab Enterprise Edition
• Allow triggered pipelines to have compliance pipeline (merge request) GitLab Enterprise Edition
• Add support for SVG rendering in design management (merge request)
• Allow null pipeline for pre scan verification (merge request)
• Remove feature flag ci_use_run_pipeline_schedule_worker (merge request)
• Geo: Fix sync race condition for mutable types (merge request) GitLab Enterprise Edition
• Revert kerrizor/add-additional-check-to-rescue-search-timeouts (merge request)
• Fix pagination of resource label events (merge request)
• Fix padding in the Ready to Merge MR widget (merge request)
• Make detecting HTML block comments stricter (merge request)
• Fix partition_id for ci_stage (merge request)
• Hide edit on system generated events (merge request)
• Refresh md cache of system notes (merge request)
• Only show applicable overridden rules after merging (merge request)
• Deduplicate ProjectImportSchedule until it's executed (merge request) GitLab Enterprise Edition
• Change PgBouncer documentation page to Free (merge request)
• [378267] Skip DNS rebinding checks if HTTP_PROXY present (merge request)
• Fix: changed column list header styles (merge request)
• Do not send custom confirmation instructions unless user is persisted (merge request) GitLab Enterprise Edition
• [388869] GitHub import: fix merge requests creation (merge request)
• Fix error when modal is unmounted during delete (merge request)
• Drop unused column web_hook_calls_high (merge request)
• Ensure proper stacking context for alert timeline icons (merge request)
• Fix: show "List Settings" when no projects (merge request)
• Skip ArkoseLabs for trial registrations (merge request) GitLab Enterprise Edition
• Reconfigure DAST profile conflict banner (merge request) GitLab Enterprise Edition
• Remove invalid deploy access level entries from the database (merge request)
• Fix depth check when adding existing epics (merge request) GitLab Enterprise Edition
• Hide New project button if visibility level is restricted (merge request)
• Keep order when updating work item labels (merge request)
• Fix bug where page is not reset (merge request)
• Ensure job log keeps scrolled to bottom (merge request)
• Fix group issue bulk update unsetting assignees (merge request) GitLab Enterprise Edition
• Bring back BulkImports::PipelineWorker 90 minutes job timeout (merge request)
• Read schema file from correct path if a PATCH version mismatch occurs (merge request)
• Fix links of avatars in approval widget (merge request)
• Fix notification trigger labels to be accurate (merge request)
• Remove duplicated confirmation button (merge request) GitLab Enterprise Edition
• Remove check for import from S3 feature flag (merge request)
• Remove escaped spans when absolutely not needed (merge request)
• Fix loading state for split button (merge request) GitLab Enterprise Edition
• Fix Exporting members on a LDAP group sync enabled group given 403 (merge request) GitLab Enterprise Edition
• Allow admins to manage approval rules when disallowed instance-wide (merge request) GitLab Enterprise Edition
• Propogate mathStyle for largge math blocks (merge request)
• Filter out duplicated downstreams in pipeline graph (merge request)
• Prevent from creating invalid scan_finding Approval Rules (merge request) GitLab Enterprise Edition
• Fix ActionController::UrlGenerationError for branches (merge request)
• Ignore case in project/group paths when refreshing agent CI access (merge request)
• Support /latest pipelines route (merge request)
• Fixes N+1 queries when users are indexed into elasticsearch (merge request) GitLab Enterprise Edition
• Add regex validation to entity model (merge request)
• Fix cardinality error while upserting the identifiers (merge request) GitLab Enterprise Edition
• Clear existing release on tag name change (merge request)
• User cannot create rotation with negative length (merge request) GitLab Enterprise Edition
• LDAP duration metric should be milliseconds (merge request)
• Update BitBucket Importer logic (merge request)
• Filter duplicated downstreams in mini pipeline graph for commit box (merge request)
• Ensure Debian repositories don't server Packages.gz as plain files by @sathieu (merge request)
• Fix tilde/backslash/star in codeblock incorrectly escaped by rich editor by @xfyuan (merge request)
• Add Confidential badge to incident sticky header by @alichur (merge request)
• Always convert dotenv files to UTF-8 (merge request)
• Add no results found message to transfer group dropdown (merge request)
• Ensures we don't create duplicate records (merge request)
• Hide clone button for users, who can't download project (merge request)
• Roadmap filter by child epic renders child epic (merge request) GitLab Enterprise Edition
• Close Web IDE popup when clicking Try it out button (merge request)
• Adding rollout issue to "mr_experience_survey" feature flag (merge request)
• Add rollout issue and introduction MR to "moved_mr_sidebar" feature flag (merge request)
• Don't fail while fetching remediations from a removed artifact (merge request) GitLab Enterprise Edition
• Add new column to MR for when it has been prepared (merge request)
• Update protected branches push & merge access levels import (merge request)
• Quick fix to Global Search page status bar (merge request)
• Ignore BUNDLER_SETUP as it can pollute execution (merge request)
• Fix broken set status form in Safari (merge request)
• Fix package versions scope (merge request)
• Fix safari redirection bug for trial sign ups (merge request) GitLab Enterprise Edition
• Do not send non-pseudonymized group/project names to snowplow by @mikegreiling (merge request)
• Use approved_by_user instead of approvers (merge request) GitLab Enterprise Edition
• Fix styling of expiring subscription alert (merge request)
• Split ee and ce querries for branch rules details (merge request)
• Fixing SharedModel.connection_db_config when connection is changed (merge request)
• Fix swagger-ui for relative path instances (merge request)
• Show "unavailable" instead of "never" when SSH usage tracking disabled (merge request)
• Drop invalid index from postgres_async_indexes (merge request)
• Fix error thrown in "Mark as ready" in MR widget (merge request)
• Search within the commit-sha if you are searcing from a commit show page (merge request)
• Validate releases author_id only during creation (merge request)
• Indexes emails with an email tokenizer (merge request) GitLab Enterprise Edition
• Fix pipeline triggers missing reveal values button (merge request)
• Fix work information in user popover by @Taucher2003 (merge request)
• Fix relative URL links to groups for DevOps Adoption (merge request) GitLab Enterprise Edition
• Bugfix: Admin can re-enable setting for group/project access token creation (merge request)
• Change transfer group confirmation to use full path instead of name (merge request)
• Render Jira app views based on key storage enabled (merge request)
• Fixed some layout and functional issues with language project filter by @zillemarco (merge request)
• Fix tooltip blocking pointer issue (merge request)
• Fix Deployments::Hooksworker params for Sidekiq (merge request)
• Fix DastProfile Update mutation (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira self-managed view text
• Fix method missing error for ChainOfCustodyReportWorker (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira App - load subscriptions error (merge request)
• Allow nil value in QuickActions::TargetService type argument (merge request) GitLab Enterprise Edition
• Fix GitLab for Jira self-managed view text (merge request)
• Toggle button class only if element exists (merge request)
• Upgrade fugit to 1.8.1 (merge request)
• Fix terms page in dark mode (merge request)
• Fix copy in GitLab for Slack app home tab (merge request) GitLab Enterprise Edition
• Refetch predefined variables if API cache is empty (merge request)
• Fix different cases for slash commands (merge request)
• Migrate geo alerts to Pajamas::AlertComponent (merge request) GitLab Enterprise Edition
• Add is_blocked_by option for issue links API (merge request) GitLab Enterprise Edition
• Sync scan result policies when project assigned to a group (merge request) GitLab Enterprise Edition
• Splat arguments when starting trial (merge request) GitLab Enterprise Edition
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition
• Include LFS object store URL in CSP connect-src (merge request)
• Use result of destroying container repositories when destroying projects (merge request)
• Use randomized suffix when finding path (merge request)
• Fix Ruby 3 kwargs error in CI instrumentation (merge request)
• Prevent Groups Sync Service from removing top level members (merge request) GitLab Enterprise Edition
• Fix search results with very long project name (merge request)
• Obfuscate issue email participants email (merge request)
• Fix forever-disabled analytics aggregations (merge request) GitLab Enterprise Edition
• Remove title from codeowner link (merge request) GitLab Enterprise Edition
• Invalidate personal projects count correctly (merge request)
• Fix Ci::Bridge to have deployment_job? method (merge request)
• Ensure Group hooks are never disabled (merge request)
• Remove strict parameters for registry notification endpoint (merge request)
• Add modify_security_policy permission (merge request) GitLab Enterprise Edition
• Fix border for fork sort dropdown (merge request)
• Calculate and use sha for CI config variables cache (merge request)
• Clear DuplicateJobs cookies from post-deployment migration (merge request)
• Hide forks count if user has not acceess to public project's repository (merge request)
• It fixes Migration/AddLimitToTextColumns for regular migrations (merge request)
• Fix setting a longer max-age for permalink blobs (merge request)
• Fix Jira app can only load public namespaces (merge request)
• Fix dismissal not showing for dismissed findings on MR security widget (merge request)
• Geo Projects - Fix legacy filter nav (merge request) GitLab Enterprise Edition
• Fix [nil] arrays (merge request) GitLab Enterprise Edition
• Fix identifier collision while creating vulnerabilities from findings (merge request) GitLab Enterprise Edition
• Fixed Project dropdown when cherry-picking commits (merge request)
• Fix :focus and border appearance of search field (merge request)
• StatusPages::ProjectSetting<->Project relationship (merge request) GitLab Enterprise Edition
• Remove column ignore rule to mitigate incident (merge request)
• Fix project filter not filtering vulnerability list on page load (merge request) GitLab Enterprise Edition
• Resize component on alert dismiss (merge request)
• Load images in work item description in modals (merge request)
• Fix text alignment issue in celebrate invite modal (merge request)
• [387601] GitHub import: prevent reviewer index violation (merge request)
• Propagate instrumentation params for etag-hits (merge request)
• Fix button alignment by using CSS transform (merge request)
• Apply CSP for Zuora across the application (merge request) GitLab Enterprise Edition
• Remove title case (merge request)
• Update pipeline sec report when dismissing a finding via modal (merge request) GitLab Enterprise Edition
• Fix matching license policy names when contains whitespaces (merge request) GitLab Enterprise Edition
• Fix GitLab Migration groups & projects visibility levels to be preserved (merge request)
• Fix Python indentation in the diffs colors preview (merge request)

Changed (187 changes)

• Prepare async foreign key validation for ci_job_artifacts (merge request)
• Don't create namespaces when importing project using GH import Rake task (merge request)
• Remove image_url requirement on ReleaseHighlights (merge request)
• Adds field public_package to package details graphql (merge request)
• Add Limitable to project and group CI variables (merge request)
• Allow deploy tokens and deploy keys with the external authorization (merge request)
• Add pipeline schedule finder by id (merge request)
• Remove flag epic cache counts flag (merge request)
• Hide retry button when no permissions (merge request) GitLab Enterprise Edition
• Return token and ID information from /runners/verify REST endpoint (merge request)
• Remove unlimited members alert (merge request) GitLab Enterprise Edition
• Account for setting when syncing approval rules (merge request) GitLab Enterprise Edition
• Prepare async foreign key validation for ci_build_report_results (merge request)
• Prepare async foreign key validation for ci_build_needs (merge request)
• Add retry button to status checks in mobile view (merge request)
• Add tracking to tier-badge experiment (merge request) GitLab Enterprise Edition
• Update to docutils 0.19 and python 3.9.6 (merge request)
• Default enable FF validate environment tier presence (merge request)
• Update font weight of all blocked MR messages (merge request) GitLab Enterprise Edition
• Increase KaTeX expansion limit (merge request)
• Show only "Your activity" as default tab in the Activity dashboard (merge request)
• Redirect to success page when all verification steps are completed (merge request) GitLab Enterprise Edition
• Refresh DORA metrics on incident reopen (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)
• Apply fix width to dropdown (merge request)
• Display workItemIid in requirements' list and detail views (merge request) GitLab Enterprise Edition
• Update milestone where runner registration token is disabled (merge request)
• Migrate Ref selector to Listbox (merge request)
• Remove OTP from being required for Webauthn (merge request)
• Updates the ux on Experiments List (merge request)
• Small tweaks to custom roles REST endpoints (merge request) GitLab Enterprise Edition
• Prepare index for vulnerability_reads (merge request)
• Update assign epic quick command permissions (merge request) GitLab Enterprise Edition
• Updated Taiwan country name (merge request) GitLab Enterprise Edition
• Validate notification integrations channel limit (merge request)
• Return "Unknown" when license cannot be found (merge request) GitLab Enterprise Edition
• Move read_internal_note to project and group policies (merge request)
• Improve re-import experience for GitLab direct transfer (merge request)
• Datahelpers for Git abuse rate limiting alerted users (merge request) GitLab Enterprise Edition
• Removes ci_remove_character_limitation_raw_masked_var feature flag (merge request)
• changed: Replace ref_switcher in projects/graphs/charts.html.haml (merge request)
• Add migration to rename ci_runner_machines.machine_xid (merge request)
• This MR removes spying on component method (merge request) GitLab Enterprise Edition
• Update copy on manual variables form (merge request)
• Migrates branches_dropdown.vue to GlCollapsibleListbox (merge request)
• Clean up record_projects_target_platforms feature flag (merge request)
• Migrate confidential MR dropdown to listbox (merge request)
• Add max-width and wrapping to dropdown breadcrumb (merge request)
• Change default value for :inbound_job_token_scope_enabled to true (merge request)
• Move namespace onboarding to only be during registration (merge request) GitLab Enterprise Edition
• Fix registry-list deselecting items after select all (merge request)
• Remove feature flag only_allow_merge_if_all_status_checks_passed (merge request) GitLab Enterprise Edition
• Add Email to Audit Event APIs (merge request) GitLab Enterprise Edition
• Cleanup MultiStore FF used by RepositoryCache (merge request)
• Stores Batched Background Migration info to artifacts (merge request)
• Advanced Search migration to backfill traversal_ids on projects (merge request) GitLab Enterprise Edition
• Update project naming guidelines help text (merge request)
• Add validation to License Approval Policy JSON Schema (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Add help text to Restricted visibility levels checkboxes (merge request)
• Upgrade Alert - Add proper API support (merge request)
• Disable Feedback use in Finding serializer when deprecated (merge request) GitLab Enterprise Edition
• Move CancelPendingPipelines step to run async (merge request)
• Update Jira integration form microcopy (merge request)
• Remove the ENV UPDATE_INDEX (merge request) GitLab Enterprise Edition
• Change icon size to small in Importer status badge (merge request)
• Enable dast_site_validation_drawer flag by default (merge request) GitLab Enterprise Edition
• Add proper display for rate limits on GitLab migration (merge request)
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Avoid polling if in an update variables state (merge request)
• Add unlimited members alert (merge request) GitLab Enterprise Edition
• Update tooltip for DAST site profile field (merge request) GitLab Enterprise Edition
• Add Email to Audit Event CSV report (merge request)
• Ignore task items in html block comments (merge request)
• Document PKCE support in OmniAuth OpenID Connect client (merge request)
• Change learn gitlab ci/cd link to pipelines page (merge request)
• Store GitHub Import stats in DB (merge request)
• Split Sign-in/Register buttons & update the copy on SaaS logged-out nav (merge request)
• Fixes header wrapping on comments (merge request)
• Restyle Analytics metric popover (merge request)
• gitaly_client: Always enable eager housekeeping for manual jobs (merge request)
• Display time until the next package cleanup (merge request)
• Include namespace from source when preloading users for indexing (merge request) GitLab Enterprise Edition
• Check out to gitlab-development-kit/gitlab (merge request)
• Default enable project_members_index_by_project_namespace (merge request)
• This MR migrates Dropdown to Disclosure (merge request) GitLab Enterprise Edition
• Update icon reference to grip (merge request)
• Update runner maintenance note field (merge request)
• Changes method for spreading jobs in GitHub Import (merge request)
• Align read_freeze_period permissions with read_environment by @nfason (merge request)
• This MR adds disabled state for runner tags (merge request) GitLab Enterprise Edition
• Add JetBrains Mono as WebIDE editor font (merge request)
• Change PipelineFinder to perform exact comparison of name (merge request)
• Adds sort order by relative_position to Work Item Hierarchy Widget (merge request)
• Add pointing_at_oids and peel_tags to ListRefs RPC (merge request)
• Update breadcrumbs at Admin Area > Messages > Edit by @quatauta (merge request)
• Set refactor_vulnerability_filters to true (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.46.0 (merge request)
• Update dependency auto-build-image to v1.28.0 (merge request)
• Change retry to run again jobs (merge request)
• Handle page-level errors from the parent component (merge request) GitLab Enterprise Edition
• Hide On-Demand scan actions from auditor (merge request) GitLab Enterprise Edition
• Order groups by id when searching for approvers (merge request) GitLab Enterprise Edition
• Uses Watchdog instead of Sidekiq Memory killer (merge request)
• Add popovers to runner upgrade stat items (merge request) GitLab Enterprise Edition
• Raise default CI variable limits (merge request)
• Rollout preferred_language_switcher by @icbd (merge request)
• Handle mulitline blockquotes in lists (merge request)
• Ref Switch dropdown migration (merge request)
• Add software_license_policies.security_orchestration_policy_configuration_id column (merge request) GitLab Enterprise Edition
• Add group releases resolver to create GraphQL endpoint by @missy-davies (merge request)
• Remove access level default for protected environments table (merge request)
• Improve wiki sidebar (merge request)
• Change releases empty state design (merge request)
• Add schema_version to main index mapping (merge request) GitLab Enterprise Edition
• Read GraphQL PackageLinks to render link on package versions page (merge request)
• Move job status badge to runner status column (merge request)
• Add url_hash column to web_hook_logs (merge request)
• Use invoice preview API to calculate plan pricing for SaaS purchase (merge request) GitLab Enterprise Edition
• Restructure CI variables modal help links (merge request)
• Migrate project combo selects away from select2 (merge request)
• Ensures plpgsql extension is installed (merge request)
• Update Rugged to v1.5.1 (merge request)
• Marks migrations as complete when creating a new index (merge request) GitLab Enterprise Edition
• Add state validation in addon purchase flow (merge request) GitLab Enterprise Edition
• Add new line if cursor in prefix area of list item (merge request)
• Update PackageLicenses.fetch to use batched query (merge request) GitLab Enterprise Edition
• Truncates package version in packages list page (merge request)
• Correct semantic version to conform with SemVer by @lusitania (merge request)
• Include namespaces in project searches when query contains '/' (merge request)
• Transition todos#index to use Pajamas::ButtonComponent (merge request)
• Cleanup css for header styles (merge request)
• Update status checks docs and remove incorrect text in settings (merge request) GitLab Enterprise Edition
• Add index to web_hook_logs (merge request)
• Expose issues and merge request links in Releases API by @nfason (merge request)
• Remove AWS runner deployment modal (merge request)
• Refactor migration to process more data (merge request) GitLab Enterprise Edition
• Allow GITLAB_SIMULATE_SAAS outside development (merge request)
• Deprecate API to generate guidance on runner setup (merge request)
• Use GraphQL to load the Group Contribution Analytics page (merge request) GitLab Enterprise Edition
• Remove rules to disable job when enforced by security policies (merge request) GitLab Enterprise Edition
• Removes char limitation for Ci::Maskable (merge request)
• Migrates projects_dropdown.vue to GlCollapsibleListbox (merge request)
• Revert reusing processable in Seed::Build evaluation (merge request)
• Migrate indexing restrictions away from select2 (merge request) GitLab Enterprise Edition
• Change contributors page to use Vue RefSwitcher (merge request)
• Open Release Evidence JSON in a new tab instead of downloading (merge request)
• Change runner registration text copy (merge request)
• Add filters and sorting options to projects finders (merge request)
• Migrate group template setting away from select2 (merge request) GitLab Enterprise Edition
• This MR adds selector for runners tags (merge request) GitLab Enterprise Edition
• Update group's projects buttons (merge request)
• Update 2fa register buttons (merge request)
• Treat all release asset links as external (merge request)
• Adds GraphQL data attributes to contribution analytics (merge request) GitLab Enterprise Edition
• Fix the offences introduced by Gitlab/DelegatePredicateMethods by @edith007 (merge request)
• Remove graphql_code_quality_full_report flag (merge request)
• Update buttons to pajamas (merge request)
• Update import buttons to pajamas (merge request)
• Update Support/get-help link in ? nav menu (merge request)
• Drop user details fields from users table by @brianjaustin (merge request)
• Switch to upstream omniauth_openid_connect gem (merge request)
• Add Search Curation Settings to ApplicationSettings (merge request)
• ServiceDesk: Added footer and header messages to outgoing emails (merge request)
• Migrate admin namespace dropdown to listbox (merge request)
• This MR migrates Dropdown to GlDisclosureDropdown (merge request)
• Add project field to ci job type (merge request)
• Change usages of "specific" runner to "project" (merge request)
• Update todo done-reversable styles (merge request)
• Update background migration buttons (merge request)
• Track registraion of all users in snowplow (merge request)
• Change Application destroy button to danger (merge request)
• Update all Slack installations for workspace (merge request) GitLab Enterprise Edition
• refactor: Add flags --to-sha and --from-sha to command by @Ashvith (merge request) GitLab Enterprise Edition
• Switch draft state toggle to use a checkbox (merge request)
• Fix tree root alignment on the right side (merge request) GitLab Enterprise Edition
• Expand chain-of-custody report from merge commits to all commits (merge request) GitLab Enterprise Edition
• Show coupon code input for small breakpoints (merge request) GitLab Enterprise Edition
• Add Remediation type for Security Report Findings (merge request) GitLab Enterprise Edition
• Update incident timeline typography (merge request)
• Enable Code Quality Inline Findings feature flag by default (merge request) GitLab Enterprise Edition
• Rename web_hook_calls column to _high (merge request)
• Fix GraphQL descriptions for markdown fields (merge request)
• Adjust the GroupsProjectController urgency (merge request) GitLab Enterprise Edition
• Pods: Make Application Settings to be part of gitlab_main_cluster (merge request)
• Clean up package_registry_access_level feature flag by @wwwjon (merge request)
• Remove skip_ensure_merge_request_diff FF (merge request)

Deprecated (5 changes)

• Announce deprecation of queue selector (merge request)
• Deprecate Projects::ServiceType interface (merge request)
• Deprecate external field in Releases and Release Links APIs (merge request)
• Deprecate external field in GraphQL ReleaseAssetLink type (merge request)
• Change runner registration token reset removal milestone to 17.0 (merge request)

Removed (10 changes)

• Revert addition of model experiments navbar item (merge request)
• Drop revokable from achievements by @Taucher2003 (merge request)
• Experiment cleanup promote_premium_billing_page (merge request)
• gitaly_client: Remove unused embedded errors for trivial cases (merge request)
• Ignore application_settings.clickhouse_connection_string column (merge request)
• Contact sales experiment cleanup (merge request)
• Remove scan_execution_tags feature flag (merge request)
• Remove live preview
• Remove live preview (merge request)
• Remove cluster image scanning from Security Configuration page (merge request)

Security (8 changes)

• Update Gitaly version
• Add prevent rule on locked MRs to policy (merge request) GitLab Enterprise Edition
• Prevent default branches from storing paths
• Security fix dynamic child pipeline zip extraction
• Validate Issuable description max length on update
• Add size validation for Chart.yaml during file extraction
• Update Rails to 6.1.7.1 to address security vulnerabilities (merge request)
• Prevent new invalid oauth_access_token records (merge request)

Performance (17 changes)

• Release improved cache headers for archive and raw blobs (merge request)
• Only load terraform banner js on project overview (merge request)
• Improve the loading of packages tags (merge request)
• Improve performance of artifacts management page (merge request)
• Preload missing resources while exporting projects in Import/Export (merge request)
• Enable batching for local and project includes for CI (merge request)
• Enable bulk_cron_worker_auto_requeue by default (merge request) GitLab Enterprise Edition
• Performance optimization for Projects API (merge request)
• Enable parallel bulk worker by default (merge request) GitLab Enterprise Edition
• Fix N+1 queries in the root level issues query (merge request)
• Optimize CSV issue export to use find_each (merge request)
• Remove ci_limit_complete_hierarchy_size feature flag (merge request)
• Migrate legacy dropdown on admin emails page (merge request)
• Removing FF jobs_api_keyset_pagination as it is enabled on production (merge request)
• Add migration for backfilling traversal_ids in a single project (merge request) GitLab Enterprise Edition
• Removing move_create_deployments_to_worker FF (merge request)
• Add GitLab Migration rate limits (merge request)

Other (70 changes)

• Remove unused original_filename column (merge request)
• Fix partition ids for ci_job_variables records (merge request)
• Copy over code from on-call schedules (merge request)
• Support expect-old-oid for ff_merge and merge methods (merge request)
• Extracts incubation page creation (merge request)
• Track events coming from the Web IDE (merge request)
• Upgrade gitlab-styles to 10.0.0 (merge request)
• Remove searchable_fork_targets feature flag (merge request)
• Update the gitaly gem to 15.9.0-rc3 (merge request)
• Use the delete branch worker (merge request)
• Allows wrapping for diff notes (merge request)
• Add Snowplow instrumentation for id_tokens usage (merge request)
• Refactor async index creation (merge request)
• Schedule ci_builds FK indexes for async creation (merge request)
• Adds bigint conversion to start migrating existing data (merge request)
• Revert changes from structure.sql and init_structure.sql (merge request)
• Replace authorization check on TestReportType (merge request) GitLab Enterprise Edition
• Including disable_ddl_transaction! in migrating int PKs to bigint docs (merge request)
• Add MainClusterwide::ApplicationRecord and new connection (merge request)
• Remove qurantined spec (merge request)
• Remove projects_preloader_fix feature flag (merge request)
• Track usage of g_runner_fleet_read_jobs_statistics (merge request)
• Finalize backfill migration for environment tier (merge request)
• Use help_page_url in HAML to resolve Gitlab/DocUrl cop rule by @sato11 (merge request)
• Remove route_hll_to_snowplow feature flag (merge request)
• Clarify BatchedBackgroundMigrations documentation examples (merge request)
• Remove FF validate-release-with-author (merge request)
• Throttle number of concurrent started entities during GitLab Migration (merge request)
• Skip trueup check if license does not contain (merge request) GitLab Enterprise Edition
• Remove dependency_list_exporter feature flag (merge request)
• Fix flaky spec in Debian distribution signatures (merge request)
• Refactor CSV importer classes (merge request)
• Update Gitlab Shell to v14.16.0 (merge request)
• Upgrade rails to 6.1.7.2 (merge request)
• Remove customizable_roles_per_user feature flag (merge request) GitLab Enterprise Edition
• Fixed overlapping line, button style (merge request)
• Remove search_page_vertical_nav feature flag (merge request)
• Remove highlight paid features during active trial experiment (merge request)
• Removing feature flag gitlab_metrics_error_rate_sli (merge request)
• Fix Style/RedundantSelf offenses by @mhdasm3 (merge request)
• Revert "Merge branch 'sc1-rate-limiting-migrator' into 'master'" (merge request)
• Change issue task list item dropdown feature flag (merge request)
• Refactor CSV exporter classes (merge request)
• Documenting upgrading database migration version (merge request)
• Remove experimental code for 'readme_from_gitaly' FF (merge request)
• Update rspec-rails gem to 6.0.1 version (merge request)
• Validate uniqueness of entity full path (merge request)
• Update link to point to correct doc (merge request)
• Remove skip_notes_diff_include flag (merge request)
• Remove FE logic (merge request)
• Clarify which users are added from a group to a project by @zillemarco (merge request)
• Add instrumentation for CI id_tokens usage (merge request)
• Remove PREVENT_LOAD_BALANCER_RETRIES_IN_TRANSACTION ENV variable usages (merge request)
• Remove the ignore rules for container_repository_updated_event_id (merge request)
• Remove feature flag 'commit_search_trailing_spaces' (merge request)
• Remove jira_connect_oauth_self_managed FF (merge request)
• Remove disable_anonymous_search feature flag (merge request)
• Removing the grace period for BackgroundMigration/FeatureCategory cop (merge request)
• Add snowplow tracking to report abuse form (merge request)
• Add Rubocop rule to raise when docs url is used directly in strings by @sato11 (merge request)
• Update to latest json gem version (merge request)
• Removing immediate_delete_subgroup_api feature flag (merge request) GitLab Enterprise Edition
• Move time calculation to logging method, add specs (merge request)
• Remove rate_limit_issuable_searches feature flag (merge request)
• Default enable hash_oauth_secrets (merge request)
• Remove utilize_finding_data feature flag (merge request) GitLab Enterprise Edition
• Clear the merge error on a Merge Request when transitioning to Merged (merge request)
• Enforcing Gitlab::Database::Migration[2.1] as new DB migration version (merge request)
• Remove Gitlab::Redis::DuplicateJobs (merge request)
• Clean-up feature flag hash_based_cache_for_protected_branches (merge request)

15.8.6 (2023-04-18)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.8.5 (2023-03-30)

Security (16 changes)

• Fix rubocop offenses in lib/gitlab/url_sanitizer.rb (merge request)
• Add checks to remove open redirects from Observability URL (merge request)
• Redirect to tree from project root on ref collision (merge request)
• Fixes soft email confirmation alert vulnerability (merge request)
• Restrict Prometheus API access on public projects (merge request)
• Verify that users have access to the parent of the fork (merge request)
• Protect webhook secrets by resetting url_variables (merge request)
• Replace Unicode space chars with spaces (merge request)
• Check access to parent when creating and updating epics (merge request)
• Improve Gitlab::UrlSanitizer regex to match more URIs (merge request)
• Check access to target project before looking for branch (merge request)
• Fix the potential leak of internal notes (merge request)
• Filter namespace environments by feature visibility (merge request)
• Check access to reorder issues in epic tree (merge request)
• Fix security report authorization (merge request)
• Prevent XSS attack in "Maximum page reached" page (merge request)

15.8.4 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.8.3 (2023-02-15)

Fixed (3 changes)

• Attempt reading schema file instead of a file named #{report_version} (merge request)
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition
• Revert changes on wiki replication/verification legacy code (merge request) GitLab Enterprise Edition

Changed (1 change)

• Upgrade Alert - Add proper API support (merge request)

15.8.2 (2023-02-10)

No changes.

15.8.1 (2023-01-30)

Security (5 changes)

• Remove parameter validation for registry notification request [15.8] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.8.0 (2023-01-20)

Added (120 changes)

• Expose user emails via GraphQL (merge request)
• Describe possible solutions for curl 92 HTTP/2 error (merge request)
• Add report abuse category to merge requests (merge request)
• Add storage admin control columns to plan limits table (merge request)
• Add unique index to ci_builds (merge request)
• Add partitioning tmp indexes to ci_sources_pipelines table (merge request)
• Add SCIM Token section to Admin Area for instance-level SCIM (merge request) GitLab Enterprise Edition
• Drop unused index in ci_builds (merge request)
• Use healthStatusUpdated subscription in frontend (merge request) GitLab Enterprise Edition
• Expose ability to import groups without projects (merge request)
• Add an option to select 180 days of data (merge request) GitLab Enterprise Edition
• Add tmp indexes for CI partitioning (merge request)
• Add GraphQL subscription for health status updates (merge request) GitLab Enterprise Edition
• Add dast_pre_scan_verification field to ProfileType (merge request) GitLab Enterprise Edition
• Add index on created_at and id to ci_runner_machines (merge request)
• Finalize todo sanitization (merge request)
• Expose legacy requirement IID in Work Items GraphQL API (merge request) GitLab Enterprise Edition
• Import 'Allow specified actors to bypass required pull requests' rule (merge request) GitLab Enterprise Edition
• Add report abuse category to issue & incident (merge request)
• Count approval project rule created monthly (merge request) GitLab Enterprise Edition
• Add 'migrate_projects' bool flag for group bulk imports' (merge request)
• Add user and fingerprint to ssh signature (merge request)
• Add create achievement GraphQL mutation (merge request)
• Make frequently projects/groups list editable (merge request)
• Add updatedAt field to Vulnerabilities (merge request) GitLab Enterprise Edition
• Support … and … syntax math in markdown (merge request)
• feat: Bump Code-Quality image to 0.89.0 (merge request)
• Default enable jira_connect_oauth_self_managed (merge request)
• Expose uses legacy iid flag in test report GraphQL type (merge request) GitLab Enterprise Edition
• Add create/update/delete endpoints for instance SCIM (merge request) GitLab Enterprise Edition
• Open Web IDE in new tab in all contexts (merge request)
• Add uses legacy iid flag to test reports table (merge request)
• No-op migration for pm package partitioning (merge request)
• Push language aggregation feature flag to front-end (merge request)
• Refresh pipelines when target branch changes (merge request)
• Extend API spec helper for new admin_mode PAT scope by @wwwjon (merge request)
• Improve the performance of PipelineScheduleWorker (merge request)
• Add 'migrate_projects' column to bulk_import_entities table (merge request)
• Add work_item_iid to requirement update mutation (merge request) GitLab Enterprise Edition
• Add new github import stats elements (merge request)
• Add partitioning for package metadata (merge request)
• Add work_item_iid to requirement update mutation (merge request) GitLab Enterprise Edition
• Add API to stop stale environments (merge request)
• Adds Singlestatistic Option to Visualization Designer (merge request) GitLab Enterprise Edition
• Display error message in BulkImport initial page (merge request)
• Add admin_mode scope for PATs (merge request)
• Adds Candidate Show page (merge request)
• Add Runner performance insights modal (merge request) GitLab Enterprise Edition
• Add reported from URL field to the report abuse form (merge request)
• Add OR filter support for labels (merge request)
• Support rate limiting by user on GitLab shell (merge request)
• mail_room: Make it possible to configure delete after delivery behavior (merge request)
• Add GET endpoints for instance-level SCIM (merge request) GitLab Enterprise Edition
• Add runner_machine_id column to ci_builds_metadata (merge request)
• Migrations to clean up vulnerabilities with overlong html titles (merge request)
• Add customer_health_score performance indicator type (merge request)
• Create logic to find branch rules without protected branches (merge request) GitLab Enterprise Edition
• Add admin role to access level enum in graphql (merge request) GitLab Enterprise Edition
• Add UI to retry failed external MR status checks (merge request) GitLab Enterprise Edition
• Intercept repository archive hotlinking (merge request)
• Support rate limiting by IP on GitLab shell (merge request)
• Support automatic approve deployment by @luzhiyuan.deer (merge request)
• Adding todos on project request access (merge request)
• Store approving user for access requests by @Taucher2003 (merge request)
• Add config column to ci_runner_machines (merge request)
• Add pwa icon to appearance / api by @TrueKalix (merge request)
• Adds support for passing :allow_duplicate option (merge request)
• Work Item activity widget - sorting and pagination (merge request)
• Adds pagination to candidates (merge request)
• Group recent activity metrics are now clickable (merge request) GitLab Enterprise Edition
• Adds section for metadata on CandidateDetails (merge request)
• [385087] GitHub repos fetch by relation type (merge request)
• Add param regex to api branches by @lyb124553153 (merge request)
• Add incident attribute to slack notif settings (merge request)
• Add tag_list to DastScannerProfileType (merge request)
• Remove use_api_for_payment_validation (merge request) GitLab Enterprise Edition
• Add ApplicationSetting for private profile (merge request)
• Add allow_runner_registration_token namespace setting (merge request)
• Add username in the OIDC preferred_username claim by @janLo (merge request)
• Add mirror_branch_regex to api by @lyb124553153 (merge request) GitLab Enterprise Edition
• Trigger merge status subscription when a new discussion is created (merge request)
• GraphQL: Add RunnersJobsStatisticsResolver (merge request) GitLab Enterprise Edition
• Add PATCH method for /user/status REST API (merge request)
• Expose milestone ID in the milestone page (merge request)
• Includes batch-details.json to database sampling artifacts (merge request)
• Remove Feature Flag from Runners Finder (merge request)
• Add incident hooks col to integrations (merge request)
• Create Ci::RunnerMachine model (merge request)
• Add worker to sync repository data types in SSF (merge request) GitLab Enterprise Edition
• Add AnalyticsDashboardPointer model (merge request)
• Send GraphQL triggers on discussion un/resolution (merge request)
• Add allow_runner_registration_token application setting (merge request)
• GraphQL: Add CI jobs statistics types (merge request) GitLab Enterprise Edition
• Add fk details to postgres_foreign_keys view (merge request)
• Show new "Your work" sidebar on Projects dashboard (merge request)
• Add noteable commenters GraphQL field (merge request)
• Added timelogs pagination and total time spent retrieval by @zillemarco (merge request)
• Add noteable commenters GraphQL field (merge request)
• Enable promote to incident quick action for issue creation (merge request)
• Allow TeleSign credentials to be configure via ApplicationSetting API (merge request) GitLab Enterprise Edition
• Index members member_namespace_id and other columns (merge request)
• Allow aggregating CE events with EE events (merge request)
• Add SkipDelete option to the direct upload authorize response (merge request)
• Schedule async index on ci_builds (merge request)
• Add member_namespace async indexes (merge request)
• Added sorting option to timelogs GraphQL resolver by @zillemarco (merge request)
• Create UserAchievement model by @Taucher2003 (merge request)
• Add system notes metadata to GraphQL NoteType (merge request) GitLab Enterprise Edition
• Adds keyword to opt-out of cache isolation (merge request)
• Add import all gists to snippets endpoint (merge request)
• Adds run_name to mlflow/runs/create (merge request)
• Respect bulk_import_enabled application setting when using BulkImports (merge request)
• Add management of streamed audit event filtering (merge request)
• Add index and foreign_keys including partition_id (merge request)
• Issue event filter also includes WorkItem events (merge request)
• Add mindmap support to Mermaid diagrams by @auke- (merge request)
• Add abuse category selector when reporting a user for abuse (merge request)
• Support filtering job_artifacts replicables by keyword via GraphQL (merge request) GitLab Enterprise Edition
• Health status not filter (merge request) GitLab Enterprise Edition
• Reschedule epic cache count migration (merge request)

Fixed (108 changes)

• Add missing incident trigger label (merge request) GitLab Enterprise Edition
• Do not show CI/CD button when user has no permissions (merge request)
• Update styling in admin jobs page (merge request)
• Fix "triggered by" link for pipeline job by @winniehell (merge request)
• Group Owner to remove shared project (merge request)
• Fix missing VueApollo in project importers (merge request)
• Move tilde into inline code by @PeterTillema (merge request)
• Check time before starting reindex action (merge request)
• Display loading icon when destination is unknown (merge request)
• Fix expose of readme_url and forks_count in API (merge request)
• Prevent repository storage move workers from running simultaneously (merge request)
• Fixes Candidate name not being set (merge request)
• Remove CodeQuality Widget duplication in copy text (merge request)
• Fixed the broadcast message text color by @zillemarco (merge request)
• Update NuGet group level permissions requirements (merge request)
• Add migration to rename column (merge request)
• Removes collapsible sections that don't render correctly (merge request) GitLab Enterprise Edition
• Fix 404 when clicking 'Cancel' from fork project page (merge request)
• Add regex validation to bulk import post params (merge request)
• Search API should respect the global search feature_flag (merge request)
• Exclude trailing spaces from commit message search queries (merge request)
• [385860] Fix ProjectImportWorker record not-found (merge request)
• Fix double validation error for project deploy keys (merge request) GitLab Enterprise Edition
• Fix relative repository file link with percent sign (merge request)
• Allow DAST profiles to be modified/removed when not referenced (merge request) GitLab Enterprise Edition
• Fix cache-miss bug in MultiStore (merge request)
• Batch migration to set OauthAccessToken#expires_in (merge request)
• Add regex validation to bulk import post params (merge request)
• Fix when coverage_report is set to null (merge request)
• Handling locked partitions when truncating legacy tables (merge request)
• Fix jira_connect_proxy_url blank setting bug (merge request)
• Fix work item comments not loading by iid (merge request)
• Adapt helpers to use policy instead of admin? (merge request)
• Fix richtext editor buttons in work item modal (merge request)
• Don't open help link in new tab (merge request) GitLab Enterprise Edition
• Do not check for signup info on pwa controller (merge request)
• Fix manual variable inputs width (merge request)
• Group-level project templates do not import various settings (merge request)
• Changing ActiveRecord to ApplicationRecord in spec (merge request)
• Fix amount_used column precision (merge request)
• Geo Sites - Fix invalid href prop (merge request) GitLab Enterprise Edition
• Fix error when validating SBoMs with licenses (merge request)
• Fix Container Repository Geo replication when media type is absent (merge request)
• Fix Import/Export protected branch access levels associated with user (merge request) GitLab Enterprise Edition
• Eliminate certain instances of NoMethodError (merge request)
• Fix time formatting on Container Registry by @giggsey (merge request)
• Fix repoPushed field in contributions GraphQL API (merge request) GitLab Enterprise Edition
• Add CSP Concern to CI/CD Settings (merge request) GitLab Enterprise Edition
• Update vulnerability report when bulk-dismissing (merge request) GitLab Enterprise Edition
• Fix cache-miss bug in MultiStore (merge request)
• Deduplicate increments during a refresh (merge request)
• Cleans-up extra attributes set in clipboard_button helper by @afzal442 (merge request)
• Fix :unknown executor_type (merge request)
• Fixed the URL generation for new MR from IDE (merge request)
• Don't prepend commit SHA with # in registries (merge request)
• Prevent nav text clipping (merge request) GitLab Enterprise Edition
• Fix NoMethodErrors when there is no slack_application (merge request) GitLab Enterprise Edition
• Truncate long vulnerability flag description while ingesting (merge request) GitLab Enterprise Edition
• Fix review summary tabs in dark mode (merge request)
• Fix days used on first day of trial display (merge request) GitLab Enterprise Edition
• Reset Container Repository Sync status on secondary (merge request)
• Update CodeQuality MR Widget Message with no findings (merge request)
• Update classes for CI status icons in deployments (merge request)
• Enforce memory-watchdog by default (merge request)
• Prevent erroring when time is somehow nil (merge request)
• Use the same exclusive lease key name for all indexing actions (merge request)
• Update epic tree count on add and remove epic (merge request) GitLab Enterprise Edition
• Fix typo for environments edit path (merge request)
• Sobelow support for nested Elixir projects (merge request)
• Geo Sites - Update Container Repo Data Type (merge request) GitLab Enterprise Edition
• Drop justify-content-center class in favor of align prop (merge request)
• Supplementary logic for inherit_group_setting by @luzhiyuan.deer (merge request)
• Fix --extra-index-url usage by @usdResponsibleDisclosure (merge request)
• Drop injects' default values (merge request)
• Fix LocalJumpError when an MR has no diff (merge request)
• Fix undefined method error (merge request)
• Fix undefined method error for CI::Pipeline (merge request)
• Clean up prevent_outdated_deployment_jobs feature flag (merge request)
• Geo: Container Repository push events don't work (merge request)
• Fix create epic REST endpoints (merge request) GitLab Enterprise Edition
• Skip rendering of empty admin notes on group page (merge request)
• Fix ContainerRepository graphql in admin area (merge request)
• Fix maintain member for Advanced Search (merge request) GitLab Enterprise Edition
• Change sign in button to use isGitlabCom (merge request)
• Workhorse: Fix code nav relative path calculation (merge request)
• Relax FIPS constraints on PyPi packages (merge request)
• Workaround a segfault due to array GC bug (merge request)
• Fix Maven packages not working on FIPS kernels (merge request)
• Set default OauthAccessToken#expires_in (merge request)
• Rescue BulkImports::NetworkError on bulk import creation (merge request)
• Highlight Python syntax with Rouge (merge request)
• Allow member creator service to handle existing access requests (merge request)
• Fix creating JIRA issue URL for security findings (merge request) GitLab Enterprise Edition
• Fix remove parent epic quick command (merge request) GitLab Enterprise Edition
• Move vulnerability creation out of transaction (merge request) GitLab Enterprise Edition
• Add notebook viewer (merge request)
• Fix the Container Registry tag filter (merge request)
• Return bare hostname for importing a project (merge request)
• Remove breadcrumb border on repository > files view (merge request)
• Fix regression on cyclic definition in GraphQL GroupType by @zillemarco (merge request)
• Only render GFM when the element exists (merge request)
• Fix repository ref encoding issue (merge request)
• Fix WorkItem URL when listing user activity from contributions graph (merge request)
• Remove Geo Replication sidebar nav link (merge request) GitLab Enterprise Edition
• Handle Net::HTTPBadResponse in Gitlab::HTTP (merge request)
• Fix 500 error when artifact file is missing (merge request)
• Fix error in API due to locking mechanism (merge request)
• Use BigInt for Graphql Blob type to cover huge files (merge request)

Changed (141 changes)

• Add clarification for source of username and email info (merge request)
• Adds namespace filtering for group and project searches (merge request) GitLab Enterprise Edition
• Provide an existing namespace when importing project from GitHub (merge request)
• Update UI for image repositories scheduled for deletion (merge request)
• Update permissions for Epic add dropdown action (merge request) GitLab Enterprise Edition
• Converting commit branches dropdown to GlCollapsibleListbox (merge request)
• Move project storage app to core codebase (merge request)
• Improve partial github import display (merge request)
• Add tooltip to epic actions dropdown (merge request) GitLab Enterprise Edition
• Remove the vue_broadcast_messages feature flag (merge request)
• Use RetryError for DeleteBranchWorker (merge request)
• Removed the template type selector (merge request)
• Switch draft state toggle to use a checkbox (merge request)
• Remove Code-quality counter badge when report is not loaded (merge request) GitLab Enterprise Edition
• Improve spacing for DAST profile summary (merge request) GitLab Enterprise Edition
• Order children within Work Items Hierarchy Widget by created_at (merge request)
• Improve escalation policies experience in the add/edit form help text by @daelmo (merge request) GitLab Enterprise Edition
• Migrate runner buttons to pajamas (merge request)
• Block outgoing Chrome connections in Capybara tests (merge request)
• Move dollar math handling to markdown pipeline (merge request)
• Add Gitlab::Redis::RepositoryCache Redis instance (merge request)
• Update permissions to add child issue (merge request) GitLab Enterprise Edition
• Experiment to add tier badge (merge request) GitLab Enterprise Edition
• Rename filepath in Releases APIs to direct_asset_path (merge request)
• Set context header height to auto (merge request) GitLab Enterprise Edition
• DAST path to display on vulnerabilities list (merge request) GitLab Enterprise Edition
• Adapt Debian distributions API to consider package registry access level (merge request)
• Remove solved issues from Package Registry docs by @wwwjon (merge request)
• Raise a BadRequest error when escaping invalid URL (merge request)
• Updates installation docs about plpgsql extension (merge request)
• Remove compatibility_alert from Jira connect app (merge request)
• Add mergeRequest to PipelineSecurityReporyFinding (merge request) GitLab Enterprise Edition
• Fix toggle button in MR collapsible extension (merge request)
• Adds documentation for migration helpers (merge request) GitLab Enterprise Edition
• Version Check - Add feature flag (merge request)
• Display neutral Icon when CodeQuality report did not change (merge request)
• Remove ci_pipeline_triggers_settings_vue_ui feature flag (merge request)
• Default enable validate release with author ff (merge request)
• Add preview alert on invite members modal (merge request)
• Limit abuse reports to one per reporter per category (merge request)
• Globally enable dependency_list_exporter FF (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.45.0 (merge request)
• Remove two_line_mention_enabled feature flag (merge request)
• Update branch rules according to changes in API (merge request) GitLab Enterprise Edition
• Use TimezoneDropdown in oncall schedule create (merge request) GitLab Enterprise Edition
• Set up modal navigating on work items (merge request)
• Migrate ToolbarTextStyle to GlListbox (merge request)
• Align CodeQuality MR Widget wording (merge request)
• Migrate application delete button to Pajamas component (merge request)
• Update approvers_select to use gl-listbox (merge request) GitLab Enterprise Edition
• Limiting Apple App Store Integration to the project level (merge request)
• Cleanup update_oauth_registration_flow feature flag (merge request)
• Add empty state to the pipeline schedules page (merge request)
• Migrate user settings away from select2 (merge request)
• Escape snowplow js asset url (merge request)
• Update contributions GraphQL API date validation (merge request) GitLab Enterprise Edition
• Updates copy for namespace storage enforcement locking banner (merge request) GitLab Enterprise Edition
• Allow multiple users to report a user for abuse (merge request)
• Update notifications.md to be accurate (merge request)
• Closed and expired milestone should show as closed (merge request)
• Made document title descriptive for Web IDE by @mehulsharma (merge request)
• chore: Limit MarkDroppedAsResolved lookup to primary_ids only (merge request)
• Simplify signature badge popover (merge request)
• Remove send_traversal_ids_to_indexer flag (merge request) GitLab Enterprise Edition
• Update 422 page styling (merge request)
• Add audit events for protected environments (merge request) GitLab Enterprise Edition
• Update permissions to relate epics (merge request) GitLab Enterprise Edition
• Add validation for State in purchase flow (merge request) GitLab Enterprise Edition
• Add message to modal explaining that sole owners can't be removed (merge request)
• Enable cyclonedx_sbom_ingestion by default (merge request) GitLab Enterprise Edition
• Migrate error tracking settings dropdown to Listbox (merge request)
• Add system check for pending advanced search migrations (merge request) GitLab Enterprise Edition
• Improve security report schema deprecation message (merge request) GitLab Enterprise Edition
• Remove the vue_group_select feature flag (merge request) GitLab Enterprise Edition
• Simplifies the design for todo mentions (merge request)
• Add spec and refactor null check by @daelmo (merge request)
• Update SYNTAX_OPTIONS_DOCUMENT path for the drawer document (merge request)
• Improve contrast of secondary text in dark mode (merge request)
• Update edit policy page titles (merge request)
• Adding Apple App Store Integration (merge request)
• Add content for retried manual builds (merge request)
• Update link ot TYPO3 distribution template (merge request)
• Set filename when the file is not stored locally (merge request) GitLab Enterprise Edition
• Rename sidebar component to drawer (merge request) GitLab Enterprise Edition
• Use GlCollapsibleListbox in ci_environments_dropdown (merge request)
• Add pipeline name to job webhook event payload (merge request)
• Remove association between ChatName and Integration (merge request)
• Rename short_title to pwa_short_name by @TrueKalix (merge request)
• Exposing BatchedMigration feature_category to metrics (merge request)
• Improve UX of Clear status after field (merge request)
• Migrate deploy token settings button (merge request)
• Add data to shouldCollapse method of MR Widget Extension (merge request)
• Remove update_vuln_identifiers_flag (merge request)
• Add variables argument to PlayJob (merge request)
• Removed the references to schema_linting flag (merge request)
• Add frontend code for dependency list export (merge request) GitLab Enterprise Edition
• This MR migrates Dropdown to Listbox (merge request)
• Unify response from UI and API for rebase operation (merge request)
• Move outdated deployment warning to FOSS (merge request)
• feat: Suppress deprecation warning if ingesting GitLab-vendored reports (merge request) GitLab Enterprise Edition
• Swap button for dropdowns (merge request) GitLab Enterprise Edition
• Add event type information for email address confirmation after sign in by @daelmo (merge request) GitLab Enterprise Edition
• Remove deprecation notice in POST /runners (merge request)
• Add index_status for groups (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Update indexes on ChatNames (merge request)
• Remove optimized-housekeeping feature flag (merge request)
• Add text input field to trigger_field.vue (merge request)
• Move admin menu jobs under CI/CD section by @Taucher2003 (merge request)
• Update internal notes policy names (merge request) GitLab Enterprise Edition
• Enable utilize_finding_data feature flag by default (merge request) GitLab Enterprise Edition
• Remove package registry migration survey banner by @ali_o_kan (merge request)
• Delegate profile fields to user details by @brianjaustin (merge request)
• Update default preferred_language value of user by @icbd (merge request)
• Add event name for merge method (merge request)
• Refactor user type scopes (merge request)
• Update occurrences rather than appending new ones (merge request)
• Move admin runners menu (merge request)
• Update user documents in elasticsearch when certain fields change (merge request) GitLab Enterprise Edition
• Turn gzip errors into structured log events (merge request)
• Add Gitlab::Redis::RepositoryCache Redis instance (merge request)
• Fix(Subscription Card): add disabled state to sync (merge request) GitLab Enterprise Edition
• Persist artifacts:public to Ci::JobArtifact table (merge request)
• Add custom error for gitaly unavailable (merge request)
• Update rails-html-sanitizer to v1.4.4 (merge request)
• Update CI error message when pipeline has no jobs to run (merge request)
• Cleanup members table layout and buttons (merge request)
• Open api users (merge request)
• Replace gl-dropdown with gl-collapsible-list-box for pipelines List (merge request)
• Make todos where you are mentioned two lined (merge request)
• Allow null only/except keywords to be combined with rules (merge request)
• Migrate to GlCollapsibleListbox in jira-connect page (merge request)
• ci: Build Workhorse with FIPS Go compiler (merge request)
• Move richtext editor switcher to toolbar (merge request)
• Update spam log buttons to pajamas (merge request)
• Add issueLinks to PipelineSecurityReportFinding (merge request) GitLab Enterprise Edition
• Update sign-up registration buttons to pajamas (merge request)
• Add synch' portion of multi-step index creation (merge request)
• Migrate status badge to Pajamas (merge request)
• Adapt Debian API to consider package registry access level by @wwwjon (merge request)
• Adapt Ruby gems API to consider package registry access level by @wwwjon (merge request)

Deprecated (4 changes)

• Projects API: Mark operations_access_level as deprecated (merge request)
• Announce planned removal of openSUSE 15.3 packages (merge request)
• Deprecate approvers and approval_group fields (merge request)
• Deprecate security report schemas versions 14.. (merge request) GitLab Enterprise Edition

Removed (8 changes)

• Remove tmp index for vulnerabilities with cluster image scanning (merge request) GitLab Enterprise Edition
• Delete scheduled jobs for Vulnerabilities::Feedback migration (merge request)
• Remove group_export_ndjson, group_import_ndjson FFs (merge request) GitLab Enterprise Edition
• Remove unused VSA use_aggregated_backend endpoint (merge request) GitLab Enterprise Edition
• Replace housekeeping setting with a single one in API (merge request)
• Deduplicate lock-retries helpers in migration modules (merge request)
• Remove phabricator_import feature flag (merge request)
• Remove temp index on project_statistics (merge request)

Security (12 changes)

• Update Gitaly version
• Limit the size of user agent to reduce ReDos attack
• Avoid regex with potential for poorly performing backtracking
• Protect Sentry auth-token after changing URL
• Fix "Race condition enables verified email forgery"
• Validate token scopes in bulk_import service (merge request)
• Policy change to read and destroy token without license for .com
• Pages version bump SHA for 15.8
• Restrict Grafana API access on public projects
• Delete project specific licenses when license policy is deleted
• Protect web-hook url variables after changing URL
• Restrict user avatar availability based on visibility restrictions

Performance (8 changes)

• Add index for environments on project_id and id (merge request)
• Expand compound index on members to include member_role (merge request)
• Add partial index in namespaces (merge request)
• Replace index_ci_runners_on_runner_type to include id (merge request)
• Remove vulnerability state migration (merge request)
• Improve the performance of count queries for replicator class (merge request) GitLab Enterprise Edition
• Remove cache_project_integrations feature flag (merge request)
• Optimize code owners file section regex (merge request) GitLab Enterprise Edition

Other (41 changes)

• Remove obsolete Redis test helper (merge request)
• Adding feature_category to pods related specs (merge request)
• Add sync database indexes to events table (merge request)
• Remove cyclonedx_sbom_ingestion feature flag (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to 14.15.0 (merge request)
• Fix Style/FormatString offenses (merge request)
• Remove pipeline_name feature flag (merge request)
• Log pipelines that exceed includes maximum (merge request)
• Refactor Gitaly client stub to reduce the number of connections (merge request)
• Move disabled message to LearnGitlabHelper, set default in Vue (merge request) GitLab Enterprise Edition
• Update users stat making billable users consistent (merge request) GitLab Enterprise Edition
• Sets feature_category as :database for existing bg migrations (merge request)
• Update when storage banner can be dismissed (merge request) GitLab Enterprise Edition
• Remove the FF ci_raw_variables_in_yaml_config (merge request)
• Remove unused code from UpdateAllMirrorWorker (merge request) GitLab Enterprise Edition
• Bump default partition_id value for CI tables to 101 (merge request)
• Raise an exception when fail to delete a branch (merge request)
• Remove feature flag limit_assigned_issues_count (merge request)
• Remove paginated_mr_discussions feature flag (merge request)
• Remove hide notification feature flag for free user cap (merge request)
• Remove feature flag 'delay_for_repository_update_mirror' (merge request)
• Fixing Database/MultipleDatabases offenses in specs (merge request)
• Add Gitaly grpc client-side load-balancing configs (merge request)
• Remove dispensable_render feature flag (merge request)
• Backfil migration for releases with empty author_id (merge request)
• Remove bulk_update_membership_roles feature flag (merge request)
• Remove display_merge_conflicts_in_diff feature flag (merge request)
• Fix Graphql/Descriptions offenses in 'app/graphql/mutations/' by @Ashvith (merge request)
• Fix Style/SymbolProc offenses by @mhdasm3 (merge request)
• Remove container_repository_updated_event_id from geo_event_log (merge request)
• Remove the log file_variable_is_referenced_in_another_variable (merge request)
• Remove has_many :sourced_pipelines from Ci::Bridge (merge request)
• Unify namespace storage limits view (merge request) GitLab Enterprise Edition
• Cleans up ssh commit sign by @afzal442 (merge request)
• Remove the FF ci_refactoring_external_mapper (merge request)
• Remove ci_build_partition_id_token_prefix feature flag (merge request)
• Fix Rspec/AnyInstanceOf offenses by @mhdasm3 (merge request)
• Remove _test from objectstore tests (merge request)
• Factor out S3 API types (merge request)
• Do not use _test when not necessary (merge request)
• Add config/redis.yml unified config file (merge request)

15.7.9 (2023-04-20)

Fixed (1 change)

• Fix automatically-retried jobs stuck in pending state (merge request)

15.7.8 (2023-03-02)

Security (12 changes)

• Using builds metadata to determine debug_mode (merge request)
• Fix pagination limits for Commits API (merge request)
• Mask Google IAP account details in Prometheus integration (merge request)
• Stop Group Transfer Service if SAML Provider or SCIM token is present (merge request)
• Protect Datadog API key by changing Datadog site (merge request)
• Protect integrations' sensitive information exposed via API (merge request)
• Disallow maintainer to create an owner access token (merge request)
• Paste only text content in work items title (merge request)
• Jira DVCS OAuth Open Redirect Vulnerability (merge request)
• Block private personal snippet from unauthorized users (merge request)
• Verify Kroki diagram type (merge request)
• Check read_release permission before showing releases in Tags API (merge request)

15.7.7 (2023-02-10)

No changes.

15.7.6 (2023-01-30)

Security (5 changes)

• Remove parameter validation for registry notification request [15.7] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.7.5 (2023-01-12)

No changes.

15.7.4 (2023-01-12)

No changes.

15.7.3 (2023-01-11)

Fixed (3 changes)

• Reset Container Repository Sync status on secondary (merge request)
• Enforce memory-watchdog by default (merge request)
• Geo: Container Repository push events don't work (merge request)

15.7.2 (2023-01-09)

Security (9 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.7.1 (2023-01-05)

Fixed (2 changes)

• Relax FIPS constraints on PyPi packages (merge request)
• Workaround a segfault due to array GC bug (merge request)

Performance (1 change)

• Remove vulnerability state migration (merge request)

15.7.0 (2022-12-21)

Added (182 changes)

• Get timeline event tag and display on list (merge request)
• Add tag_list to dast_profiles (merge request)
• Serialize image attributes for content editor (merge request)
• Add CI_PROJECT_NAMESPACE_ID to predefined variables by @vadrin (merge request)
• Add project language search/filter (merge request)
• Creating tasks counts towards user contribution graph (merge request)
• Process requirements_v2 artifacts on CI Jobs (merge request) GitLab Enterprise Edition
• Add health status selection widget for work items (merge request) GitLab Enterprise Edition
• Add metrics for number of created merge requests (merge request)
• Remove feature flag allow audit event type filtering (merge request) GitLab Enterprise Edition
• Create StateTransitions for dismissed Vulnerabilities (merge request)
• Count approval project rules metrics (merge request) GitLab Enterprise Edition
• Add meaningful names for project feature updates (merge request) GitLab Enterprise Edition
• Add class for retrieving SBOM Components (merge request) GitLab Enterprise Edition
• Add forkDetails GraphQL field to ProjectType (merge request)
• Add possibility to import all gists (merge request)
• Add api endpoints for dependency list exports (merge request) GitLab Enterprise Edition
• Add Sidekiq worker to re-enable pull mirror configuration (merge request) GitLab Enterprise Edition
• Add ability to cancel github project improt (merge request)
• Expose Alert (global) ID in GraphQL queries (merge request)
• Add semgrep as a supported analyzer for Scala (merge request)
• Update feature flag to be enabled by default (merge request)
• Add GraphQL mutation to unlink alert from incident (merge request)
• Allow pipelines to have custom names (merge request)
• Add pipeline_hierarchy_size (merge request)
• Counter merged merge requests using approval rules (merge request) GitLab Enterprise Edition
• Add dast_pre_scan_verifications_steps table (merge request)
• Add Package registry visibility toggle (merge request)
• Retry api for failed status checks (merge request) GitLab Enterprise Edition
• Add mutation to update progress (merge request) GitLab Enterprise Edition
• Work Item widget notes (merge request)
• Allow filtering requirements by work_item IID (merge request) GitLab Enterprise Edition
• Filtering TODOs by Issue type includes tasks (merge request)
• Add pipelineScheduleCreate mutation by @batu (merge request)
• Remove the markdown_image_attributes feature flag (merge request)
• Embed observability in GitLab (merge request)
• Add short_title attribute to appearance by @TrueKalix (merge request)
• Require approvals in case of pre-existing vulnerabilities (merge request) GitLab Enterprise Edition
• Exclude uploads_size from project_statisitcs#storage_size (merge request)
• Enable optimized housekeeping by default (merge request)
• Remove require_approval_on_scan_removal feature flag (merge request)
• GraphQL approveDeployment permission (merge request)
• Update importers group select dropdowns to use GraphQL (merge request)
• Add Terraform state size limit to admin UI (merge request)
• Add pipelineSchedulePlay mutation (merge request) GitLab Enterprise Edition
• Global alert when reach the dashboard limit (merge request)
• Allow filtering work items by key result type (merge request)
• Add token sub-keyword to CI config (merge request) GitLab Enterprise Edition
• Add gists importer to schedule each gist import (merge request)
• Add unique index to ci_builds (merge request)
• Add new ci job artifact requirement_work_items (merge request) GitLab Enterprise Edition
• Get tag signature via Tags API (merge request)
• Disable Gitlab migration form when it is disabled (merge request)
• Migrate incident_management to events (merge request)
• Add ability to add read_code to custom roles (merge request)
• Create achievements model and database table (merge request)
• Add PATCH /groups/:id/members/:user_id/member_role (merge request) GitLab Enterprise Edition
• Update import group dropdown to use graphql (merge request)
• Enable hash_based_cache_for_protected_branches FF by default (merge request)
• Added documentation about adding time entries using the UI by @zillemarco (merge request)
• Add bulk_import_enabled to application_settings db table (merge request)
• Add Packages::Debian::ProcessPackageFileWorker by @sathieu (merge request)
• Add admin settings for default preferred language by @icbd (merge request)
• Add GraphQL mutation to link alerts to incidents (merge request)
• Add expanded attribute to variables settings (merge request)
• Allow provisioning group to view member email addresses via API (merge request) GitLab Enterprise Edition
• Add edit_path to pipeline_schedules_type (merge request)
• Add support for CI_ENVIRONMENT_NAME var to be used in job:rules (merge request)
• Add instrumentation for LDAP requests (merge request)
• Added a UI to create timelogs by @zillemarco (merge request)
• Expose Alert (global) ID in GraphQL queries (merge request)
• Commit committer name check with the commit author_name by @zhzhang93 (merge request) GitLab Enterprise Edition
• Extend environment field in GraphQL to expose deploy freezes (merge request)
• Cascade partition_id to Ci::Sources::Pipeline (merge request)
• Add negated health status filtering in GraphQL API (merge request) GitLab Enterprise Edition
• Add hasChildren field to work items hierarchy widget (merge request)
• Add unique index to ci_builds (merge request)
• Add index for author_id and created_at on merge_requests (merge request)
• Add a Search Within token to issues list search (merge request)
• Expose work item iid on requirement type for GraphQL (merge request) GitLab Enterprise Edition
• Migration: add column to project_settings by @luzhiyuan.deer (merge request)
• Add switch to toggle between current and new nav (merge request)
• Link to jobs tab from runner list (merge request)
• Add unit tests for redirection (merge request)
• Add worker to import gist to snippet (merge request)
• Adds execution status badge (merge request)
• Add behavior for self-assigning to reviewers in the sidebar (merge request)
• Add last_seat_refresh_at to gitlab subscriptions (merge request)
• Extend Actions in Scan Execution Policy to include Runner Tags (merge request) GitLab Enterprise Edition
• Document how to specify Git ref in agentk config (merge request)
• Allows user to navigate directly to the jobs tab (merge request)
• Add specific state name URI requirements (merge request)
• Update project GraphQL query to support nested environments (merge request)
• Add support for merge request template variables by @davebarr (merge request)
• Admin toggle individual group runner registration by @markus.ferrell (merge request)
• Add dependency_list_exports table (merge request) GitLab Enterprise Edition
• Remove webhook_form_mask_url feature flag (merge request)
• Ensure new signups complete steps using DB field (merge request)
• Enable the FF ci_raw_variables_in_yaml_config by default (merge request)
• Allow creating SSH keys with usage types via API (merge request)
• Expose Issue.relatedVulnerabilities on GraphQL (merge request) GitLab Enterprise Edition
• Finalize group member namespace id migration (merge request)
• GraphQL Deployment permissions (merge request)
• Manage default compliance frameworks (merge request)
• Implement Git repository housekeeping in SSF (merge request) GitLab Enterprise Edition
• Finalize namespace_id backfilling on issues table (merge request)
• Add $CODE_QUALITY_IMAGE_TAG to Code-Quality template (merge request)
• Adds Candidate Detail page (merge request)
• Add background migration to reset status on container repositories (merge request)
• Check if parent epic is exportable (merge request) GitLab Enterprise Edition
• Display Usage type field for SSH keys (merge request)
• Update email partipants for moved service desk issues (merge request)
• Compare results for scan_finding approval rules from multiple pipelines (merge request) GitLab Enterprise Edition
• Allow commits to be signed with SSH keys (merge request)
• Feat: signin signup locale switcher frontend by @JeremyWuuuuu (merge request)
• Verify user's phone number using TeleSign (merge request) GitLab Enterprise Edition
• Add support for rendering comments in content editor (merge request)
• Allow img size attributes to be specified (merge request)
• Record timestamp of status updates for container repositories by @Ashvith (merge request)
• Add health status sort option to group/project issues list (merge request)
• Update deployment data builder with relevant environment information by @rick.nu (merge request)
• Add HealthStatus Widget to WorkItems (merge request) GitLab Enterprise Edition
• Add key to visible_attributes by @icbd (merge request)
• Filter runners by project (merge request)
• Add warning to invite group modal (merge request)
• Stores MLFlow tags for experiments and runs (merge request)
• Add GRAPQHL option to ScanMethodTypeEnum (merge request) GitLab Enterprise Edition
• Audit Group SAML extern_uid changes (merge request) GitLab Enterprise Edition
• Add default hierarchy restrictions (merge request)
• Add index for vulnerability_feedback.comment processing (merge request)
• Rollout feature: webhook support regex by @luzhiyuan.deer (merge request)
• Add application limits to CI Variables settings (merge request)
• Mirror web_ide_commits metric to Snowplow (merge request)
• Send phone verification SMS to user via TeleSign (merge request) GitLab Enterprise Edition
• Implement new diffs REST API endpoint (merge request)
• Adds count badge for package other versions tab (merge request)
• Add readEnvironment field to GraphQL API (merge request)
• GraphQL Environment permissions (merge request)
• Use the routing table by default for Ci::BuildMetadata (merge request)
• Add async index for MRs on author_id and created_at (merge request)
• Overwrite header of blob viewer for JH-only feature by @LXY1226 (merge request)
• Add index for approval_merge_request_rules with MR ID and Created At (merge request)
• Add jitsu_key to EE::ProjectType (merge request) GitLab Enterprise Edition
• Add length limit to comment attribute (merge request) GitLab Enterprise Edition
• Initialized from Pages/Bridgetown project template (merge request)
• Geo: Replicate Dependency Proxy Manifests (merge request)
• Add dashboard status to namespace details and record (merge request)
• Add merge_requests to OpenAPI documentation (merge request)
• GraphQL: Add job_execution_status to CiRunner (merge request)
• Add SSH signature to GraphQL (merge request)
• Add job retry dropdown for manual jobs (merge request)
• Add filtering option to vulnerabilityGrades field (merge request) GitLab Enterprise Edition
• Add Usage Type to SSH keys (merge request)
• Add wildcard search for Branches and Tags (merge request)
• Add instance audit event for enabling admin mode (merge request) GitLab Enterprise Edition
• Add /license/:id REST API endpoint (merge request) GitLab Enterprise Edition
• Add work item notes widget (merge request)
• Add id_tokens CI keyword (merge request)
• Redis counter for streaming audit event types (merge request) GitLab Enterprise Edition
• Add query parameter to query environments by environment_type (merge request)
• Add work items hierarchy restrictions table (merge request)
• Capture suggested reviewers accepted (merge request)
• Add GraphQL Scan method to DastSiteProfile (merge request) GitLab Enterprise Edition
• Add /labels alias to /label quick action (merge request)
• Add a new reviewed_by variable for commit messages (merge request)
• Show divergence counts for a fork on project page (merge request)
• Add partition_id to ci_resources (merge request)
• Tooltip for description edit button on tasks (merge request)
• Add skeleton loader to Product analytics dashboard (merge request) GitLab Enterprise Edition
• Add JSONB data type with indifferent access (merge request)
• Add dast_pre_scan_verifications table (merge request)
• Add Packages::Debian::ProcessPackageFileService by @sathieu (merge request)
• Query change to include sub-folders in search (merge request)
• Add package metadata tables and models (merge request)
• Add a "reopen" tertiary action to the MR Closed Widget (merge request)
• Track and display all types of invalid approval rules (merge request) GitLab Enterprise Edition
• Add index for namespaces (merge request)
• Merge trains GET merge request API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Add source_enterprise column to BulkImports table (merge request)
• Add partition_id to ci models referenced by fk (merge request)
• Update project iterations query to accept sort (merge request) GitLab Enterprise Edition
• Release Jira Connect application settings (merge request)

Fixed (173 changes)

• Add string validation to trigger:project (merge request)
• Show dismissed finding for query (merge request) GitLab Enterprise Edition
• Fix max width for milestone widget for work items (merge request)
• Deduplicate geo:geo_project_sync jobs (merge request) GitLab Enterprise Edition
• Fix update templates Rake task for development environment (merge request)
• Only verify signatures which use the git namespace (merge request)
• GraphQL: Fix off-by-1 JOB_COUNT_LIMIT limit (merge request)
• Fixes list view of group merge request (merge request)
• Fix GitHub PR comments are out of order after import (merge request)
• Fix serialized import_sources on application_settings (merge request)
• Increase max limit on url_variables token length (merge request)
• Fix board sidebar in focus mode (merge request)
• Add migration to fix approval_project_rules without protected branches (merge request)
• Fix race condition when syncing mutable data types in SSF (merge request) GitLab Enterprise Edition
• Add transparent sso override feature flag (merge request) GitLab Enterprise Edition
• Add QA selector to all vulnerablity filters (merge request) GitLab Enterprise Edition
• Pluralize the entire sentence of "thanks alert" by @luzhiyuan.deer (merge request) GitLab Enterprise Edition
• Add export_path in order to make export api (merge request) GitLab Enterprise Edition
• Adapt specs to not use admin unnecessarily by @wwwjon (merge request)
• Removed pre-set branch in revert modal (merge request)
• Fix empty vendor header for tool filter (merge request) GitLab Enterprise Edition
• Only refresh indexes that exist (merge request) GitLab Enterprise Edition
• [332123] Fetch GitHub repos via GraphQL API (frontend) (merge request)
• [332123] Fetch GitHub repos via GraphQL API (backend) (merge request)
• Update BulkImports models to failed state on exception (merge request)
• Urlencode TF state name in init cmd modal (merge request)
• Show only active milestones in the dropdown (merge request)
• Markdow-drawer top position fix (merge request)
• Fixed output of error msg when editing a blob (merge request)
• Fix update servie desck with project_key by @lyb124553153 (merge request)
• GraphQL: Fix N+1 issue in jobCount (merge request)
• Prevent reload of pipelines table on job run (merge request)
• Allow support_bot assigning issues to epics (merge request) GitLab Enterprise Edition
• GraphQL: Fix N+1 issues with RunnerGroupsResolver (merge request)
• Ensure deploy tokens expires_at does not accept invalid dates (merge request)
• Rescue connection refused error (merge request)
• Raising error response for invalid identity (merge request) GitLab Enterprise Edition
• Improve query to fetch pipelines with given sha in scope of the project (merge request) GitLab Enterprise Edition
• Update prometheus-client-mmap to v0.17.0 (merge request)
• GraphQL: Fix N+1 queries in RunnerJobsResolver (merge request)
• Change relative position assigns for epic boards (merge request) GitLab Enterprise Edition
• Use finding_data to generate response (merge request) GitLab Enterprise Edition
• Ensure Gitlab::Metrics::Subscribers::Ldap is loaded (merge request)
• Show locked icon only for project runner (merge request)
• Display an error when repository has an ambiguous head branch (merge request)
• The packages_size metric is now handled by a counter attribute (merge request)
• Remove feature flag ci_run_bridge_for_pipeline_duration_calculation (merge request)
• GraphQL: Fix N+1 issue in RunnerOwnerProjectResolver (merge request)
• GraphQL: Fix N+1 issue in RunnerProjectsResolver (merge request)
• Do not reset fork visibility to private when possible by @KyleFromKitware (merge request)
• Fix NPE when no DB replicas available (merge request)
• Fix help link not being used in storage card (merge request) GitLab Enterprise Edition
• Fix excessive page updates at GitLab migration (merge request)
• Fix projects API preloader (merge request)
• Fix markdown import attachments in GitHub Import (merge request)
• Filter group_approvers in scan result policies by full_path (merge request)
• Return HTTP 400 for multipart header without boundary (merge request)
• Remove disable_pagination_counts_on_jobs_api feature flag (merge request)
• Revert "Merge branch 'sc1-track-allowed-crossslot-ops' into 'master'" (merge request)
• Fix vulnerability counts height changing when loading new data (merge request) GitLab Enterprise Edition
• Fix link to downstreams in MR (merge request)
• Prevent errors for conflicting pending escalations (merge request) GitLab Enterprise Edition
• Avoid preview request if quantity is not valid (merge request) GitLab Enterprise Edition
• Update check on purchase quantity for add-ons (merge request) GitLab Enterprise Edition
• Ensure TooManyIps exception returns 403 forbidden for GraphQL (merge request)
• Fixed a very small typo in GraphQL style guide by @zillemarco (merge request)
• Use sentence casing for Full report button in merge request widgets (merge request) GitLab Enterprise Edition
• Allow downloading files tracked with Git LFS via API (merge request)
• Add dependent: :destroy to associations in project (merge request)
• Switch from GlBadge to StrategyLabel for FeatureFlags (merge request)
• Fix long strings in incident timeline to break into multiple lines (merge request)
• Fix redirect when cancel GitHub OAuth (merge request)
• Fix integration tests to display extra test data (merge request)
• Fix scan approval when user does not have edit approval rule permission (merge request) GitLab Enterprise Edition
• Version Check - Properly handle bad API response (merge request)
• Adapt APIs to use policy instead of admin? by @wwwjon (merge request)
• Consider Feedback type when creating Vulnerabilities from pipeline (merge request) GitLab Enterprise Edition
• Fixes removal of "paused" parameter in URL (merge request)
• Fix corrupted security_scans statuses (merge request)
• Added correct call for setAssignees on FOSS (merge request)
• Make admin bot confirmed (merge request)
• Fixed wiki condition (merge request)
• Use pagination to limit the number of users returned (merge request)
• Margin between commit widget and colors of programming language (merge request)
• Fix padding (merge request)
• Validate variable key (merge request)
• Include detached partition tables in truncate_legacy_tables (merge request)
• Ensure SSO enforcement is only active when SAML is enabled (merge request) GitLab Enterprise Edition
• Fix empty password submitting failure on admin editing user page by @qk44077907 (merge request) GitLab Enterprise Edition
• Fix auditor users to use filters in the audit event search bar (merge request) GitLab Enterprise Edition
• Update parsing to support v3 pagerduty (merge request)
• Use run_after_commit when triggering GraphQL subscription (merge request)
• Fix filtering by release_tag when ordering by milestone (merge request)
• Indicate that DAG limit can't be disabled by @Taucher2003 (merge request)
• Hide marketing-related entries (merge request)
• Fix agent unique user count (merge request)
• Fix inclusion validation for CI entries (merge request)
• Adapt PAT Finder to use policy instead of admin? by @wwwjon (merge request)
• Reflect the selected insights page in the dropdown (merge request) GitLab Enterprise Edition
• Adapt Ci::JobsFinder to use policy instead of admin? by @wwwjon (merge request)
• Conditionally disable fastupdate on GIN indexes (issues, merge_requests) (merge request)
• Fix Todo GraphQL type which always had null project and group fields by @zillemarco (merge request)
• Update pmg dropdown ci icon size (merge request)
• Lowercase package paths before generating links (merge request)
• Fixed the misalignment of the dropdown item (merge request)
• Show 100% complete if 0 expected documents (merge request) GitLab Enterprise Edition
• Split ee and ce queries, uncomment specs (merge request)
• Hide card actions on boards when user does not have edit permission (merge request)
• Remove dast_api_scanner feature flag (merge request)
• Fix pages internal cache to not use app settings in the cache key (merge request)
• Project cannot belong to bot user namespace (merge request)
• Adapt RoutesFinder to use policy instead of admin? by @wwwjon (merge request)
• Make Work Items breadcrumb icon and URL dynamic (merge request)
• Improve Dast site profile creation error message (merge request) GitLab Enterprise Edition
• Prevent service hooks from being disabled (merge request)
• Migrate away from select2 in User Preferences (merge request)
• Fix securityReportFinding when no pipeline finding (merge request) GitLab Enterprise Edition
• [217925] LFS import in batches (merge request)
• Allow authorization submit from Swagger UI documentations by @W_S (merge request)
• Fix VulnerabilityScannerType to resolve scanners (merge request) GitLab Enterprise Edition
• Remove custom CORS controller for JiraConnect (merge request)
• Fix NoMethodError when showing X.509 signature users (merge request)
• Ignore scan_finding rule for MR against unprotected branches (merge request) GitLab Enterprise Edition
• Fix default value for pipeline logger observations (merge request)
• On user delete associate releases to ghost user (merge request)
• Use pajamas for SSH key delete button (merge request)
• Fix purging scans by build_id (merge request) GitLab Enterprise Edition
• Fixing quick action styling for draft notes (merge request) GitLab Enterprise Edition
• Automatically locking newly created tables on the database (merge request)
• Fix query timeout issues on Security::Scans::PurgeWorker (merge request)
• Adapt UsersFinder to use policy instead of admin? by @wwwjon (merge request)
• Rapture source enterprise info & skip EE data when importing from CE (merge request)
• Paginate group runners in CI/CD settings (merge request)
• Fixed skip option (merge request)
• Fix non menu-item button styles in dropdowns (merge request)
• Sync scan result policies on link/unlink of policy project (merge request) GitLab Enterprise Edition
• Memoize Pages::LookupPath fields to prevent heavy recalculations (merge request)
• Fix: taskable item status locale issue by @JeremyWuuuuu (merge request)
• In 53fb7663 (Support structured error for UserCommitFiles, (merge request)
• Fix localization for Outbound Requests Settings by @Taucher2003 (merge request)
• Fix memory limit for RssMemoryLimit monitor (merge request)
• Fix group deploy token access for Git LFS by @MariusSchiffer (merge request)
• Add rescue to gracefully handle missing namespaces (merge request) GitLab Enterprise Edition
• Use indifferent_keys for WAL locations (merge request)
• Update colors in the user activity calendar (merge request)
• Fix group transfer not transfering groups (merge request) GitLab Enterprise Edition
• Database saved audit events now stream with primary key id (merge request) GitLab Enterprise Edition
• Fix scroll to line number range (merge request)
• Limit project download limit to group namespaces (merge request)
• Fix Sidekiq::Worker::EnqueueFromTransactionError in audit event stream (merge request) GitLab Enterprise Edition
• Fix Group SAML mismatched extern_uid redirect loop (merge request) GitLab Enterprise Edition
• Added classes to hide HR on mobile (merge request)
• Handle ambiguous reference error (merge request)
• Use ind_jsonb type class directly for ApplicationSetting (merge request) GitLab Enterprise Edition
• Register custom Active Record types earlier during boot (merge request)
• Add security_policy_bot user for scan execution policies (merge request) GitLab Enterprise Edition
• Fix Chat Integrations TEST endpoint (merge request)
• GitLab Migration - fail early if export status on source is empty for 5m (merge request)
• Fix deleting protected branch (merge request)
• Fix: kroki settings locale issue by @JeremyWuuuuu (merge request)
• Fix: spam locale issue by @JeremyWuuuuu (merge request)
• Always hide the loader spinner when clicking a tab (merge request)
• Validate UserDetail#website_url only on update (merge request)
• Properly change the URL when changing MR tabs (merge request)
• Fix invite members shared examples (merge request)
• Show how many commits behind an MR is when merge controls are visible (merge request)
• Document how to fix PDF views with LFS and proxy_download disabled (merge request)
• Fix: todos due date locale issue by @JeremyWuuuuu (merge request)
• Highligh classes tweak (merge request)
• Fix: jobs table header locale issue by @JeremyWuuuuu (merge request)
• Fix: locale on admin dashboard by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fixing misspelled stories file name (merge request)
• Remove feature flag ci_retry_job_fix for retry job fix (merge request)

Changed (261 changes)

• Adjusting the default attachment size on self hosted instances (merge request)
• Doc changes for housekeeping documentation (merge request)
• Add vulnerability in PipelineSecurityReportFinding (merge request) GitLab Enterprise Edition
• Make repository snapshotting configurable per replicable (merge request) GitLab Enterprise Edition
• Associate iteration to a work item during creation (merge request)
• Filter out insights charts based on settings (merge request) GitLab Enterprise Edition
• Refresh Slack app home with notifications (merge request) GitLab Enterprise Edition
• Allow Define Tags for Scan Execution Policies (merge request)
• Switch to use a button click to start a new thread (merge request)
• Update user preference Web IDE terminology (merge request)
• Update dotnetcore project template (merge request)
• Sidebar - remove legacy code and feature flag refs (merge request)
• Show add activation code for all subscriptions (merge request) GitLab Enterprise Edition
• Update site_profile to accept file path for graphql scans (merge request)
• Update enabled default value from false to true (merge request)
• Set GOGC for gitlab-metrics-exporter (merge request)
• Run SAST and Dependency Scanning from enforced policies in same pipeline (merge request) GitLab Enterprise Edition
• Migrate to ref_selector.vue (merge request)
• Replace bootstrap dropdown (merge request)
• Change help page path for job timeouts by @Taucher2003 (merge request)
• Add event type information for name attribute by @daelmo (merge request) GitLab Enterprise Edition
• Remove markup_rendering_timeout feature flag (merge request)
• Store slack authorized scopes (merge request)
• Update permissions for epic quick actions (merge request) GitLab Enterprise Edition
• Restrict access to a CI/CD tunnel to specific environments (merge request)
• Restrict changing of issue type (merge request)
• Apply suggested documentation change (merge request)
• Remove feature flag ci_reuse_build_in_seed_context (merge request)
• Cascade partition_id to Ci::Resource (merge request)
• Add event name information for external status check changes by @daelmo (merge request) GitLab Enterprise Edition
• Squash housekeeping period options into a single one (merge request)
• Improve system note for alert resolution from incidents closing (merge request)
• Remove manage subscription button (merge request) GitLab Enterprise Edition
• Remove stage-cell class (merge request)
• Flipped the editable flag on the form for Slack (merge request)
• Improve CI config timeout error message and Update error title (merge request)
• Increase contrast ratio of buttons (merge request)
• Migrate trial's namespace selector away from select2 (merge request) GitLab Enterprise Edition
• Moves done button for to-dos on small devices (merge request)
• Remove gl-card related styles (merge request)
• Move title for todo to beginning of line (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Do not enable advanced user search if the level is group or project (merge request) GitLab Enterprise Edition
• Refactor group overview tabs empty state (merge request)
• Skip create project push rule by @lyb124553153 (merge request) GitLab Enterprise Edition
• Enable pipeline_tabs_vue by default (merge request)
• Update permissions to add child epics (merge request) GitLab Enterprise Edition
• Removed hierarchy_db_restrictions flag (merge request)
• Support just one node version for from-source install (merge request)
• Add resolved Indicator to CodeQuality MR Widget (merge request)
• Improve NTP check converting to multi_check (merge request) GitLab Enterprise Edition
• Exclude Bots from Billable Members on SaaS (merge request)
• Update send_user_confirmation_email usage (merge request)
• Update UI text for push events (merge request)
• Migrate pajamas buttons in invitation template (merge request)
• Coupon code input for new SaaS purchase (merge request) GitLab Enterprise Edition
• Remove quotes from hash keys by @daelmo (merge request) GitLab Enterprise Edition
• Apply rubocop, lint and team suggestions by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for branch_name_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for commit_message_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for commit_message_negative_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for author_email_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for file_name_regex attribute by @daelmo (merge request) GitLab Enterprise Edition
• Add event type information for max_file_size attribute by @daelmo (merge request) GitLab Enterprise Edition
• Migrate GlDropdown in source_branch_dropdown.vue to GlCollapsibleListbox (merge request)
• Add new project features to API (merge request)
• Implement max limit for assigned issues count (merge request)
• Include max_terraform_state_size_bytes in the Application Settings API (merge request)
• Add syntax options drawer to topBar component (merge request)
• Increase partition size of security_findings table (merge request) GitLab Enterprise Edition
• Ignore tags for child pipeline in scan execution policy (merge request) GitLab Enterprise Edition
• Simplify getFormattedScanners logic for vulnerability report tool filter (merge request) GitLab Enterprise Edition
• Add disable personal access tokens to ApplicationSettings (merge request)
• Bump kas version to v15.7.0 (merge request)
• Output gitaly addresses instead of gitaly storage directories (merge request)
• Cleanup run_pipeline_graphql feature flag (merge request)
• Update storage purchase messages (merge request) GitLab Enterprise Edition
• Remove sync button in subscription details footer (merge request) GitLab Enterprise Edition
• Only run sampling for batched background migrations for the current MR (merge request)
• Add Remember me in the SAML workflow (merge request) GitLab Enterprise Edition
• Remove skip trial links for trials/new (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in HAML files by @JonstonChan (merge request)
• This MR migrates Dropdown to Listbox (merge request)
• Add services and workers related to (merge request) GitLab Enterprise Edition
• Add api scope validation for access token (merge request)
• Move todo state to beginning (merge request)
• Fix the delete container repositories background job (merge request)
• Removed milestone widget completely out of FF (merge request)
• Show runner stats only when some runners are found (merge request)
• GitLab Upgrade Alert - Security Upgrade Alert Modal (merge request)
• Update global alert for notification read-only namespace (merge request) GitLab Enterprise Edition
• Add smaller thresholds for development environment (merge request) GitLab Enterprise Edition
• Remove GitHub Import rule from Danger (merge request)
• Use ALL_PROTECTED_BRANCHES text in rule editor for scan result policies (merge request) GitLab Enterprise Edition
• Improves layout of to do items (merge request) GitLab Enterprise Edition
• Remove adding Redis metrics from known_events (merge request)
• Remove ci_secure_files feature flag (merge request)
• Add max_terraform_state_size_bytes column to application_settings (merge request)
• Add index curator debug improvements (merge request) GitLab Enterprise Edition
• Set deduplication strategy :until_executed (merge request) GitLab Enterprise Edition
• This MR migrates button to pajamas component (merge request)
• Disable vulnerability feedback preloading when deprecated (merge request) GitLab Enterprise Edition
• Improve UX of Clear status after field (merge request)
• Fix image filter tooltip and remove tooltip show delay (merge request) GitLab Enterprise Edition
• Clean up image filter and cluster filter isLoading and error message (merge request) GitLab Enterprise Edition
• Add Limitable to project and group CI variables (merge request)
• Use CleanupTagsService in ContainerRepository::ContainerRepository (merge request)
• Create work item with iteration (merge request) GitLab Enterprise Edition
• Add filtering of pipelines by name to PipelinesFinder (merge request)
• Shows "No description" when description is missing (merge request)
• Move settings.scss to page_bundles (merge request) GitLab Enterprise Edition
• Run model validations when importing from GitHub (merge request)
• Update button component in the security banner (merge request)
• Ensure vulnerability issues are marked confidential (merge request) GitLab Enterprise Edition
• Add Snowplow context to ecosystem_total_unique_counts_monthly events (merge request)
• Adds feature_category attribute to BatchedMigrationJob (merge request)
• Add a popover to uploads row in storage usage (merge request) GitLab Enterprise Edition
• Update parser gem to 3.1.3.0 (merge request)
• Enable display_merge_conflicts_in_diff feature flag by default (merge request)
• Add index for health status ordering (merge request)
• Replace the rocket icon with the deployments icon by @dabian.versalle (merge request)
• Manual migration of createFlash to createAlert (merge request)
• Move issuable.scss into page_bundles (merge request) GitLab Enterprise Edition
• Add Helm version policy to agent instructions (merge request)
• Diagnostic reports: compress files (merge request)
• Update button on _todo partial to Pajamas component (merge request)
• Present all GitLab for Slack triggers as unchecked (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request)
• Add correct event type information for user update service by @daelmo (merge request) GitLab Enterprise Edition
• Unscope i18n strings that are incorrectly scoped in Ruby files by @JonstonChan (merge request)
• Make existing scope use outbound (merge request)
• Exit with failure code when sidekiq-cluster child process fails (merge request)
• Update the button component in the page domains (merge request)
• Add dependency_list_export model (merge request) GitLab Enterprise Edition
• Convert invalid AR scope to class method (merge request)
• Delete repo immediately (merge request)
• Display createdAt in releases overview page when sorting by release date by @n0rdlicht (merge request)
• Move pipeline_editor to ~/ci/ by @ali_o_kan (merge request)
• Replace 'pipeline' with 'quota' icon in user profile (merge request)
• Add migration for unique scope links (merge request)
• Scope i18n strings that are incorrectly unscoped by @JonstonChan (merge request)
• Update vendored .NET Core project to match project template by @JonstonChan (merge request)
• Update vendored Rails project to match project template by @JonstonChan (merge request)
• Update vendored Middleman project to match project template by @JonstonChan (merge request)
• Update GitLab Pages to v1.64.0 (merge request)
• This MR adds GRAPHQL option (merge request) GitLab Enterprise Edition
• Remove the new prefix in all gl-new-dropdown- instances by @gitlab-dependency-update-bot (merge request)
• Disable pagination counts for Jobs API (merge request)
• Batched bg migrations to pick feature-category from calling context (merge request)
• Adapt Conan API to consider the package registry access level by @wwwjon (merge request)
• Set Sidekiq default max concurrency to 20 (merge request)
• Refactor CodeQuality Finding Detail List (merge request)
• Add context to PostReceive and MergeRequestActivity Snowplow events (merge request)
• Fix webhook redirects (merge request)
• Bump doorkeeper-openid_connect to v1.8.3 (merge request)
• Update gitlab-shell to 14.14.0 (merge request)
• Update remove to use Pajamas button component (merge request)
• Introduce progress widget for work items (merge request)
• Remove feature_flags/form.scss and .rollout-percentage classes (merge request)
• Adjust alignment of Codequality inline Icons (merge request)
• Adds index as a key to the cache key (merge request)
• This MR request fix stuck validation (merge request) GitLab Enterprise Edition
• Remove orphans for approval project and (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request)
• Redesign Package Registry project setting by @wwwjon (merge request)
• Block weak passwords by default and remove the feature flag (merge request)
• Support finished before and after in Deployments API (merge request)
• Enable dependency proxy blob replication by default (merge request) GitLab Enterprise Edition
• Improve help-text for Monitor visibility setting by @ali_o_kan (merge request)
• Highlight go.sum files on client, add links (merge request)
• This MR adds functionality to toggle sidebars (merge request) GitLab Enterprise Edition
• Remove th classes in job/sidebar/trigger table (merge request)
• Add last login to billable members sorting options (merge request) GitLab Enterprise Edition
• Renamed haml vars (merge request)
• Move ee/reports/ to ee/ci/reports/ by @ali_o_kan (merge request) GitLab Enterprise Edition
• Add data to the search context (merge request)
• Add last login date to billable members table (merge request) GitLab Enterprise Edition
• Move ~/ci_lint to ~/ci/ci_lint by @ali_o_kan (merge request)
• Add documentation for Advanced Search and AWS permissions (merge request)
• Remove default value for agent in policy editor (merge request) GitLab Enterprise Edition
• Update copy in sign up enabled alert (merge request)
• Rename GitLab for Slack app in integration copy (merge request) GitLab Enterprise Edition
• Increase limit on State Transitions comment column (merge request)
• Revised headings to be more consistent (merge request)
• Default enable FF for environments search within folders (merge request)
• Put Users category after Projects category (merge request)
• Install two versions of Sentry Client SDK (merge request)
• This MR adjusts padding for a sidebar content (merge request) GitLab Enterprise Edition
• Improve hint for repository access (merge request)
• Update agent installation command (merge request)
• Open api members (merge request)
• Open api groups (merge request)
• Remove the webhooks_failed_callout feature-flag (merge request)
• Update doorkeeper and doorkeeper-openid_connect gems (merge request)
• GitLab Upgrade Alert - Security Upgrade Alert (merge request)
• Remove secure_files_metadata_parsers feature flag (merge request)
• Add index for group paths (merge request)
• Install two versions of Sentry (merge request)
• This MR migrates submit buttons to pajamas component (merge request)
• Fix error when pushing to a contributor's branch on a fork (merge request)
• Enhance load-error event handling for ZuoraSimple Component (merge request) GitLab Enterprise Edition
• Add mirror_branch_regex to projects and remote_mirrors by @lyb124553153 (merge request) GitLab Enterprise Edition
• Event type for framework is updated (merge request) GitLab Enterprise Edition
• Add limit to recent group activity numbers (merge request) GitLab Enterprise Edition
• Inactive project deletion now uses admin bot user account (merge request)
• Limit group activity metrics value to 999 (merge request) GitLab Enterprise Edition
• Vertical Navigation counter over limit mark (merge request)
• This MR adds pre-scan verification sidebar (merge request) GitLab Enterprise Edition
• Enable require_approval_on_scan_removal by default (merge request) GitLab Enterprise Edition
• Add user autocompletion to search bar (merge request)
• Advanced search for the users scope (merge request) GitLab Enterprise Edition
• Avoid collisions of ids for stream only audit events (merge request) GitLab Enterprise Edition
• Enabled locally hosted schema by default (merge request)
• Open API events (merge request)
• Rename integration to GitLab for Slack app (merge request)
• Enable usage_quotas_pipelines_vue by default (merge request) GitLab Enterprise Edition
• Allow pipeline logger to instrument observations once (merge request)
• Add debug_trace to ci_builds_metadata (merge request)
• Show masked aws secret key if set for Advaced Search (merge request) GitLab Enterprise Edition
• Index users as part of indexing rake task (merge request) GitLab Enterprise Edition
• Show more details in branch rules (merge request)
• Upgrade VersionSorter to 2.3.0 (merge request)
• Switch the order of info and navigation block on project detail page (merge request)
• Improve stale runners cleanup toggle help text (merge request) GitLab Enterprise Edition
• Adapt Composer API to consider the package registry access level by @wwwjon (merge request)
• Add Gon variables when rendering devise two factor by @icbd (merge request)
• Set migration when when dismissing Findings (merge request) GitLab Enterprise Edition
• Allow agents to authorize projects in the same user namespace (merge request)
• Right align expand MR sidebar button on small-medium screens (merge request)
• Remove web_hooks_disable_failed feature-flag (merge request)
• Add runtime warning for group and sub-group scan result policies (merge request) GitLab Enterprise Edition
• Skip auto-cancelation when child pipeline is created (merge request)
• Add Codequality multiple findings indicator (merge request)
• Make merger_requests documentation more consistent (merge request)
• Switched Web IDE to local schema for CI config (merge request)
• Do not display package details if package's status is not default (merge request)
• Move the logic for determining which groups user search is performed on (merge request)
• Remove flag exemption for webhook rate limits (merge request)
• Read GraphQL PackageLinks to render link to package details page (merge request)
• Move from one-to-one to one-to-many for issue alert (merge request)
• Paginate shared runners in CI/CD settings (merge request)
• Make createAlert clears all previous alerts (merge request)
• Remove temp index from vulnerability_occurrences on id and scanner_id (merge request)
• Add branch name to BranchCheck error message (merge request) GitLab Enterprise Edition
• Remove use_introspect_parser feature flag (merge request)
• Creates stages for fixtures 14_pipelines (merge request)
• Test cases: Update empty state copy (merge request) GitLab Enterprise Edition
• Add arm64 URL for MacOS runner to Runner settings (merge request)
• Fix LockedWarning error message when epic by @ali_o_kan (merge request)
• Add default value to the scanner column within (merge request)
• Adapt NuGet API to consider the package registry access level by @wwwjon (merge request)
• Improved project and group home page header by @zillemarco (merge request) GitLab Enterprise Edition
• Move container scanning template to Jobs folder (merge request) GitLab Enterprise Edition
• Add search curation to :elastic trait (merge request) GitLab Enterprise Edition
• Introduce timeout for SyntaxHighlight filter (merge request)
• Sync UI content with tab label (merge request)
• Schedules: Remove card from empty state (merge request)
• Add index for sorting issues by health status (merge request)
• Add inclusion parameter for Search::IndexCurator (merge request) GitLab Enterprise Edition
• Move location of binary for coverage fuzzing (merge request) GitLab Enterprise Edition
• Remove Sidekiq standalone references from systemd examples (merge request)

Deprecated (4 changes)

• Update deprecation documents (merge request)
• Deprecation announcement for registration token reset (merge request)
• Remove add_column_with_default (merge request)
• Remove Timecop (merge request)

Removed (35 changes)

• Remove project_list_filter_bar (merge request)
• Revert - multi_pipeline_scan_result_policies feature (merge request) GitLab Enterprise Edition
• Remove google code as an import source (merge request)
• Removed metrics_dashboard_exhaustive_validations feature flag by @mhdasm3 (merge request)
• Do not show "No license. All rights reserved" on repository pages by @zehkira (merge request)
• Remove upgrade status badge in runner list (merge request) GitLab Enterprise Edition
• Remove Measurable feaure flags (merge request)
• Removes usage_data_diff_searches flag definition (merge request)
• Remove Profile CI minutes usage old app (merge request) GitLab Enterprise Edition
• Remove broken metric for unique authors (merge request)
• Remove Group CI minutes usage old app (merge request) GitLab Enterprise Edition
• Remove remaining old ruby code for usage quotas - pipelines (merge request) GitLab Enterprise Edition
• Remove vulnerability management survey (merge request) GitLab Enterprise Edition
• Remove usage_quotas_pipelines_vue feature flag (merge request) GitLab Enterprise Edition
• Remove an old scope (merge request)
• Removed prometheus_computed_alerts feature flag by @mhdasm3 (merge request)
• Remove Flowdock integration (merge request)
• Removed introductory tasks message (merge request)
• Drop deprecated experiment tables (merge request)
• Removed feature flag for coverage_report (merge request)
• Remove disable_metric_dashboard_refresh_rate feature flag & feature by @ali_o_kan (merge request)
• Drop job_artifact_registry.success column (merge request)
• Remove Flowdock integration records (merge request)
• Remove legacy ContainerRepository replication (merge request)
• Remove vulnerability report export button popover (merge request) GitLab Enterprise Edition
• Remove banner that links Group Runners page (merge request)
• Remove another unused index on vulnerabilities (merge request)
• Remove unused index on vulnerabilities table (merge request)
• Remove global_search_error_rate_sli feature flag (merge request)
• Remove unnecessary index for Feedback migration (merge request)
• Revert "Merge branch 'mk/geo-fix-saml-redirect-after-sign-in' into 'master'" (merge request) GitLab Enterprise Edition
• Remove pagination_without_next_page_query FF (merge request)
• Remove namespaces.tmp_project_id column (merge request)
• Remove jira_raise_timeouts feature flag (merge request)
• Remove feature flag root_statistics_worker_read_replica (merge request)

Security (17 changes)

• HTML content injection in README file
• Send resolved_address param to gitaly during repository import
• Redact user emails from project webhook data
• Sync canonical into security
• Deny all package permissions when group access is restricted by IP
• Update security with canonical changes
• Cross-site scripting in Jira Integration
• Brings canonical changes into security master
• Resolve merge confict of !103570
• Prevent deploy token bypass for external authentication
• Redact secret tokens from web-hook logs
• Protect web-hook secret tokens after changing URL
• Add defense in depth escape calls (merge request)
• Update after_import to expire cache before removing prohibited branches
• Add size validation during nuspec file extraction
• Prevent unauthorized users from seeing Release information on tag pages
• Disallow local URls for build_runner_session if dictated by app setting

Performance (17 changes)

• GraphQL: Preload merge_mequest if needed (merge request)
• Improve billable users query (merge request)
• Remove two unnecessary queries from Unleash endpoint (merge request)
• Add worker to prune old export jobs (merge request)
• Cache project integration records for hooks (merge request)
• Cleanup ci_assign_job_token_on_scheduling feature flag (merge request)
• Fix preload_associations for projects (merge request) GitLab Enterprise Edition
• Use single request for runners list (merge request)
• Improve performance of CounterUserAuth metric (merge request)
• Allow IssuePolicy.can_read_confidential to be preloaded (merge request)
• Use EventedFileUpdateChecker as file_watcher (merge request)
• Remove conditional from line loop (merge request)
• Remove additional loop from highlighter rendering (merge request)
• Faster feature flag readout (merge request)
• Preload access levels and nested fields using lookahead (merge request) GitLab Enterprise Edition
• Remove lazy_load_commits feature flag (merge request)
• Limit Project.environments field call count (merge request)

Other (94 changes)

• Remove the automated_email_provision feature flag (merge request) GitLab Enterprise Edition
• Clean up split_operations_visibility_permissions feature flag (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Improve license text on subscription page (merge request) GitLab Enterprise Edition
• Fix Style/ClassAndModuleChildren offenses by @mhdasm3 (merge request)
• Refactor Workhorse failed request handling (merge request)
• Update /duplicate action description (merge request)
• Remove feature flag ci_update_unlocked_job_artifacts (merge request)
• Fix Style/StringConcatenation offenses by @mhdasm3 (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Making Gitlab::Database::Migration[2.1] the default migration version (merge request)
• Background migration for environment tiers (merge request)
• Fix Rails/TimeZone offenses by @mhdasm3 (merge request) GitLab Enterprise Edition
• Fix Rails/ActiveRecordCallbacksOrder offenses by @mhdasm3 (merge request)
• Change copy of all report abuse links to 'Report abuse to administrator' (merge request)
• Use list_refs to implement find_all_branch_names and find_all_tag_names (merge request)
• Fix RSpec/LeakyConstantDeclaration cop violations by @mhdasm3 (merge request)
• Add popover to uploads cell in namespace storage (merge request) GitLab Enterprise Edition
• Fix Style/RedundantRegexpEscape offenses by @mhdasm3 (merge request)
• Fix Style/EmptyMethod offenses by @mhdasm3 (merge request)
• Fix Rspec/ExampleWording offenses by @mhdasm3 (merge request)
• Add back index_issues_on_work_item_type_id issues index (merge request)
• Changes Gitlab::UrlBlocker to make schemes a required field (merge request)
• Fixing Database/MultipleDatabases offenses in specs (merge request)
• Remove purge_stale_security_findings feature flag (merge request) GitLab Enterprise Edition
• Fix Style/IfUnlessModifier offenses by @mhdasm3 (merge request)
• Remove HeaderClone helper (merge request)
• Use request.Clone for CI long polling (merge request)
• Use director for reverse proxy headers (merge request)
• Fix Style/GuardClause offenses by @mhdasm3 (merge request)
• Enable & Fix Layout/SpaceInsideParens by @mhdasm3 (merge request)
• Fix Rspec/ScatteredLet offenses by @mhdasm3 (merge request)
• Log when Gitlab::URLBlocker.validate! is used with blank scheme (merge request)
• Fix Gitlab/StrongMemoizeAttr offenses by @mhdasm3 (merge request)
• Fix Style/KeywordParametersOrder offenses by @hayanaaz.n (merge request)
• Fix Style/KeywordParametersOrder offenses by @mhdasm3 (merge request)
• Fix Style/ExplicitBlockArgument offenses by @mhdasm3 (merge request)
• Fix Style/PercentLiteralDelimiters offenses by @mhdasm3 (merge request)
• Fix Layout/FirstHashElementIndentation offenses by @mhdasm3 (merge request)
• Fix Rspec/ExpectChange offenses by @mhdasm3 (merge request)
• Fix Layout/SpaceInLambdaLiteral offenses by @mhdasm3 (merge request)
• Fix Rspec/ReturnFromStub offenses by @mhdasm3 (merge request)
• Added delay for touch drag on board (merge request)
• Remove background_upload config setting (merge request)
• Fix Rspec/DescribedClass offenses by @mhdasm3 (merge request)
• Remove actors_aware_gitaly_calls flag (merge request)
• Fix Rspec/LetBeforeExamples offenses by @mhdasm3 (merge request)
• Fix Rspec/HooksBeforeExamples offenses by @mhdasm3 (merge request)
• Fix Performance/BindCall offenses by @mhdasm3 (merge request)
• Fix Style/IfInsideElse offenses by @mhdasm3 (merge request)
• Fix Style/RedundantInterpolation offenses in app & ee by @mhdasm3 (merge request)
• Remove stub for obsolete config setting (merge request)
• Remove stub for obsolete feature flag (merge request)
• Cleanup work_item_type_id issues table backfill (merge request)
• Remove feature flag "approval_rules_pagination" (merge request)
• Remove duplicate Workhorse logging code (merge request)
• Add batched background mg to prune export jobs (merge request)
• Remove ObjectStorage::BackgroundMove concern (merge request)
• Add service and worker to export projects in parallel (merge request)
• Add migration for jobs, update schema_migrations (merge request)
• Add more logs into config_compose to track CI slowness (merge request)
• Adding API::Admin::BatchedBackgroundMigratioins to OpenApiV2 docs (merge request)
• Remove unused issue trigram indexes (merge request)
• Enforce HTTP/HTTPS schemes in RestClient (merge request)
• Enforce URL schemes in mirror services (merge request) GitLab Enterprise Edition
• Enforce HTTP/HTTPS schemes in HTTPConnectionAdapter (merge request)
• Cleanup all Rubocop todo files that do not exist (merge request)
• Workhorse: simplify gRPC call metadata propagation (merge request)
• Remove jira_connect_oauth_self_managed_setting flag (merge request)
• Validate NOT NULL constraint on issues.work_item_type_id column (merge request)
• Workhorse: add call_metadata to GitalyServer (merge request)
• Remove feature flag "subgroups_approval_rules" (merge request)
• Verify method name in MailScheduler::NotificationServiceWorker (merge request)
• Enable the feature flag by default (merge request)
• Add job artifacts api to OpenAPI (merge request)
• Remove Repositories::TreeFinder inheritance (merge request)
• Add link to PA docs on admin settings section (merge request) GitLab Enterprise Edition
• RuboCop: Enable previously disabled Rails/Pluck by @edith007 (merge request)
• Create a GitAbuse::BaseThrottleService (merge request) GitLab Enterprise Edition
• Remove feature flag (merge request)
• Run migrations for index (merge request)
• Remove ObjectStorage::BackgroundMoveWorker (merge request)
• Update the language of the storage alerts copy (merge request) GitLab Enterprise Edition
• Remove background_upload documentation (merge request)
• Remove background_upload from Package uploaders (merge request)
• Mark background_upload metrics as broken (merge request)
• Adding partial index on project settings (merge request)
• Move the Etags check before writing the diff cache (merge request)
• Documenting DELETED_TABLES (merge request)
• Update docs for predefined CI/CD variables (merge request)
• Enforces HTTP/HTTPS schemes in KubeClient (merge request)
• Propagate RemoteIP to Gitaly via Workhorse (merge request)
• Documentation to reflect 100MB upload limit (merge request)

15.6.8 (2023-02-10)

No changes.

15.6.7 (2023-01-30)

Fixed (2 changes)

• Clear DuplicateJobs cookies from post-deployment migration
• Geo: Container Repository push events don't work

Security (5 changes)

• Quarantine features/users/login_spec line 292 [15.6] (merge request)
• Add size validation for Chart.yaml during file extraction (merge request)
• Prevent default branches from storing paths (merge request)
• Validate Issuable description max length on update (merge request)
• Security fix dynamic child pipeline zip extraction (merge request)

15.6.6 (2023-01-12)

No changes.

15.6.5 (2023-01-12)

No changes.

15.6.4 (2023-01-09)

Security (9 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.6.3 (2022-12-21)

No changes.

15.6.2 (2022-12-05)

Added (1 change)

• Finalize group member namespace id migration (merge request)

Fixed (4 changes)

• Conditionally disable fastupdate on GIN indexes (issues, merge_requests) (merge request)
• Hide marketing-related entries (merge request)
• Fix memory limit for RssMemoryLimit monitor (merge request)
• Fix deleting protected branch (merge request)

15.6.1 (2022-11-30)

Fixed (1 change)

• Do not save PipelineMetadata if name is blank [15.6] (merge request)

Security (12 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• HTML content injection in README file (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.6.0 (2022-11-21)

Added (150 changes)

• Migration to backfill users into elastic index (merge request) GitLab Enterprise Edition
• Enable Group-level Scan Result Policies feature by default (merge request) GitLab Enterprise Edition
• Create the first dynamic partition for builds metadata (merge request)
• Allows cascading package forward settings from admin to group (merge request)
• Add enterprise information to Metadata API (merge request)
• Introduce a limit of 200 assignees to issues/MRs (merge request)
• Add a rake task to sanitize internal note todos (merge request)
• Create Telesign services for phone verification (merge request)
• Add trend indicators to the Exec dashboard comparative table (merge request)
• Add database migrations for dependency proxy blobs in SSF (merge request) GitLab Enterprise Edition
• Bulk delete packages for package list (merge request)
• Add global alert for non-owners read-only namespace (merge request) GitLab Enterprise Edition
• [355137] Migrate MR review requests (merge request)
• Merge trains GET API by @markus.ferrell (merge request) GitLab Enterprise Edition
• Add issue health status sorting to GraphQL (merge request) GitLab Enterprise Edition
• Support for highlighting text in content editor (merge request)
• Add UserCounts to the OpenAPI documentation (merge request)
• Removes ci_variable_expansion_in_rules_exists (merge request)
• Add supporting index for Feedback migration (merge request)
• Add Projects::WikiRepository model (merge request)
• Support creation of Objective via work-items (merge request) GitLab Enterprise Edition
• Add index to vulnerability reads to account for no status filtering (merge request)
• Add matchingBranchesCount to branch rules endpoint (merge request)
• Add keyboard shortcut for review requests page (merge request)
• Add a service to create a merge request from a security finding (merge request) GitLab Enterprise Edition
• Add repository actor support to Feature api (merge request) GitLab Enterprise Edition
• Add API::Wikis to OpenAPI V2 (merge request)
• Add top level securityReportFinding query (merge request) GitLab Enterprise Edition
• Upgrade Pages to v1.63.0 (merge request)
• Log CI artifact size when downloaded via UI (merge request)
• Branch rules status check integration (merge request)
• Audit log when a merge request is merged with invalid approval rules (merge request)
• Allow caching of mergeability checks (merge request)
• Allow delete runners in bulk in group runner page (merge request)
• Support Google Cloud CDN for Web UI artifacts downloads (merge request)
• Provide support for multiple approval rules (merge request) GitLab Enterprise Edition
• API annotations for status checks apis (merge request) GitLab Enterprise Edition
• Save vulnerability findings data into security_findings table (merge request) GitLab Enterprise Edition
• Re-enqueue update of epic cached counts (merge request)
• Add temporary column ci_project_monthly_usages.new_amount_used (merge request)
• Fix robocop failures (merge request) GitLab Enterprise Edition
• Readd member namespace id not null (merge request)
• Add querystring sync component for vulnerability report (merge request) GitLab Enterprise Edition
• Add disable_download_button settings for JH-only feature by @LXY1226 (merge request)
• Truncate the title of the issue while creating from vulnerability (merge request)
• Add committer name check to push_rules by @zhzhang93 (merge request) GitLab Enterprise Edition
• Add associations alert to Delete user and contributions modal (merge request)
• Add API::VulnerabilityFindings to OpenApi V2 (merge request) GitLab Enterprise Edition
• Add purl_type to sbom_components (merge request)
• Update deployment tags to only match the current deployment commit (merge request)
• Add OpenApi documentation for CiLint (merge request)
• Add external status checks failed MR widget (merge request) GitLab Enterprise Edition
• Realtime updates for task descriptions (merge request)
• Add API::ProjectSnippets to OpenAPI V2 (merge request)
• Update GroupActivityAnalytics docs for OpenAPI (merge request) GitLab Enterprise Edition
• Background migrations split and retry on ActiveRecord::QueryCanceled (merge request)
• Add externalStatusChecks to graphql endpoint (merge request) GitLab Enterprise Edition
• Include iteration on create issue page by @songhuangcn (merge request) GitLab Enterprise Edition
• Add Rss Memory Growth monitor for Watchdog (merge request)
• Rollout incident_timeline_events_for_severity feature flag (merge request)
• Add AddIndexOnPasswordLastChangedAtToUserDetails migration by @qt-gith (merge request)
• Add API::PersonalAccessToken to OpenAPI V2 (merge request)
• Add OpenAPI documentation for keys (merge request)
• Added pagination to Other Versions packages list by @geriley (merge request)
• Contribution analytics, expose user contributions (merge request) GitLab Enterprise Edition
• Add limited capacity job to destroy container repositories (merge request)
• Add create mutation for timeline event tags (merge request)
• Allow Releases to be published without giving access to source code (merge request)
• Import 'Allow force pushes - everyone' GitHub branch protection rule (merge request)
• Recreate async index for vulnerability reads location image (merge request)
• Add product analytics admin section (merge request) GitLab Enterprise Edition
• Add API::PersonalAccessTokens::SelfInformation to OpenAPI V2 (merge request)
• Added temporary index for uploads_size (merge request)
• Create GroupCommitEmail model and database table (merge request)
• Track users updating milestone for work items (merge request)
• Add GIT_SUBMODULES_DEPTH variable documentation by @bollenn (merge request)
• Add the Geo::ProjectWikiRepositoryRegistry model (merge request) GitLab Enterprise Edition
• Add the registry table to track replication/verification state (merge request) GitLab Enterprise Edition
• Adds search bar to Usage Quotas > Storage tab (merge request) GitLab Enterprise Edition
• Map 'Require review from Code Owners' GitHub rule with GitLab setting (merge request) GitLab Enterprise Edition
• Add error message to insights when query times out (merge request) GitLab Enterprise Edition
• Add OpenAPI documentation for Keys (merge request)
• Add create service, finder for tags (merge request)
• Add findings_data column to security_findings table (merge request)
• Add default_preferred_language to application_settings by @icbd (merge request)
• Prepare for uuid type change (merge request)
• Event type information for group merge request setting updates (merge request) GitLab Enterprise Edition
• Implemented get RPM repository files endpoint by @Mshab (merge request)
• Allow OR params in GraphQL issue resolvers (merge request)
• Add API::Suggestions to OpenAPI V2 (merge request)
• Add API::ResourceAccessToken to OpenAPI V2 (merge request)
• Add project headers to release notifications (merge request)
• Implement Check constraint preventing redundant state transitions (merge request)
• Add status checks must succeed setting to project merge request settings (merge request) GitLab Enterprise Edition
• Add commit_committer_name_check to push_rules by @zhzhang93 (merge request)
• Add 'mirror_branch_regex' to 'project_settings' and 'remote_mirrors' by @lyb124553153 (merge request)
• Allow setting max PG replicas rails process connects to (merge request)
• Add query param to remove deprecated GraphQL schema items by @fabsrc (merge request)
• Adds ml candidate and experiment lists (merge request)
• Add detailed_merge_status to web hooks (merge request)
• Add API annotations for Product Analytics APIs (merge request) GitLab Enterprise Edition
• Add a foreign key on Project#creator_id (merge request)
• Enable dast_api_scanner feature flag (merge request) GitLab Enterprise Edition
• Add detailed_merge_status to REST API (merge request)
• Add anon and file-backed RSS metrics (merge request)
• Add GraphQL subscription for milestone assignment (merge request)
• Add API::MergeRequestDiffs to OpenApi V2 (merge request)
• Add confidential quick command for epics (merge request)
• Add secure schemas version 15.0.4 (merge request)
• Migration and model for audit event type streaming filter (merge request)
• Configure branch name for creating MR from an issue (merge request)
• GraphQL: add commit signature field by @brianjaustin (merge request)
• Add admin OAuth limit setting (merge request)
• Add work item milestone widget (merge request)
• Add take ownership mutation (merge request)
• Expose id field for protected ref API entities (merge request)
• Lock tables for partitioning (merge request)
• Add assignRunner to user permissions (merge request)
• Add index for id on scan finding approval_merge_request_rules (merge request)
• Add languages field to GraphQL Project type by @fabsrc (merge request)
• Add metrics for users creating MRs with applied scan result policies (merge request)
• Update(webhook): support both wildcard & regex by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Improve CRM contacts quick actions suggestions by @zillemarco (merge request)
• Add JC proxy_url application setting (merge request)
• Add instrumentation for cache efficiency metrics (merge request)
• Add info popover MR security report widget (merge request) GitLab Enterprise Edition
• Add descending index for vulnerability reads group filters (merge request)
• Allow epics having child issues from different group hierarchies (merge request) GitLab Enterprise Edition
• Add API::AccessRequests to OpenAPI V2 (merge request)
• New API endpoint to display the user's count of associations (merge request)
• Add Rake task to migrate queued jobs (merge request)
• Cascading settings for package forwarding (merge request)
• Add database and model support for "Group-level Protected Branches" by @songhuangcn (merge request)
• Added the ability to move issues in bulk by @zillemarco (merge request)
• Enables MLFlow artifact storage (merge request)
• Update issue references during GitLab Migration (merge request)
• Add product_analytics_enabled application setting (merge request)
• Allow filtering work items by status widget (merge request) GitLab Enterprise Edition
• Backfill project namespace metadata (merge request)
• Group owners to disable 2FA auth for members (merge request) GitLab Enterprise Edition
• Add GraphQL APIs for updating the group's default compliance framework (merge request) GitLab Enterprise Edition
• Add metrics for user merge request with assigned security policy project (merge request)
• Partition ci_builds_metadata table (merge request)
• Add AI Assist allowed status endpoint (merge request) GitLab Enterprise Edition
• Add duration and queued duration to runner jobs (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR gets approved/unapproved (merge request)
• Add basic JSON helpers (merge request)
• Graphql query for deployment approval summary (merge request)
• Add unprotectAccessLevels to EE graphql endpoint (merge request) GitLab Enterprise Edition
• Pull mirror GET API by @markus.ferrell (merge request) GitLab Enterprise Edition

Fixed (131 changes)

• Improve delete merged branches modal UX (merge request)
• Use project full_path and project iterations query rather than group (merge request)
• Fix: new merge request locale issue by @JeremyWuuuuu (merge request)
• Do not allow forward usage of .strong_memoize_attr() by @KyleFromKitware (merge request)
• Fix: devops adoption locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Don't use redundant validation in ChangedLabel importer (merge request)
• Fix: pipeline minigraph wrong offset issue by @JeremyWuuuuu (merge request)
• Do not allow the last direct owner to leave top-level group (merge request)
• Convert relative repository file link into absolute link by @wwwjon (merge request)
• GitHub integration: use unique context for each pipeline by @KyleFromKitware (merge request) GitLab Enterprise Edition
• Fix sub-language highlighting (merge request)
• Improve statistic calculation for Vulnerabilities (merge request) GitLab Enterprise Edition
• Fix OpenAPI V2 document generation (merge request)
• Ensure Gitlab::Json::RailsEncoder fails the same on invalid UTF-8 (merge request)
• Set max limit to items in suggestions to 15 (merge request)
• Ignores ingress fetch failure for k8s less than 1.19 (merge request)
• Fix tabbing issue on the agents' list (merge request)
• Allow SCIM deprovision when user is not a group member (merge request) GitLab Enterprise Edition
• Dont fail RepositoryImportWorker when ImportService returns an error (merge request) GitLab Enterprise Edition
• Fix Environment Nil error in allowed_agents API (merge request)
• Handle case where selecting a tree entry parent may not have a tree (merge request)
• Keep job expanded while deleting artifact from it (merge request)
• Increase X509 subject attribute column limit by @L11R (merge request)
• Guard On-call Schedule and Escalation Policies URLs if disabled (merge request) GitLab Enterprise Edition
• Update oj-introspect to 0.7.1 (merge request)
• Fix 500 error when tag_name or ref_name are empty (merge request)
• Add auto-scrolling to dropdown during keyboard nav by @kbal11 (merge request)
• Fix a link to incident management configuration docs (merge request) GitLab Enterprise Edition
• Fix undefined method error when merge request is missing (merge request)
• GraphQL: Fix error when bulk deleting runners (merge request)
• Correct text colours on the dark-mode billing page (merge request) GitLab Enterprise Edition
• Revert Sidekiq default routing rules (merge request)
• Allow rollout of older deployment jobs if it's the same SHA (merge request)
• Remove "currently" from some UI text (merge request)
• Prevent impersonation of users with expired passwords (merge request)
• Geo: Fix redirect to secondary after SAML sign in (merge request) GitLab Enterprise Edition
• Show group access tokens in admin cred inventory (merge request) GitLab Enterprise Edition
• Show link to Terms of Use on Sign In only if terms exist by @wwwjon (merge request)
• Associate iteration with work item only when the FF is on (merge request)
• Fix redeploy button behavior (merge request)
• Improve source file syntax highlighting (merge request)
• Update create merge request service to be compatible with transactions (merge request)
• Allow links to be opened from Swagger UI (merge request)
• Update cache keyword for the JSON schema (merge request)
• Fix pipeline state machine when retrying by @qt-gith (merge request)
• Clean up feature flag ajax_new_deploy_token (merge request)
• Fix checkboxes on work item descriptions (merge request)
• Fix TF_STATE_NAME default value in Terraform ci templates (merge request)
• Fix artifacts available for terraform template latest by @benjamincerigo (merge request)
• Allow '..' in resource group keys for use in the API (merge request)
• Avoid streaming audit events when there is no change (merge request) GitLab Enterprise Edition
• Remove the foreign key on Project#creator_id (merge request)
• Update broken heading link (merge request) GitLab Enterprise Edition
• Update verification state in the project_wiki_repository_state (merge request) GitLab Enterprise Edition
• Avoid empty metadata render in container registry (merge request)
• Add partial index for security_scans on id for non-purged records (merge request)
• Fix support for nil values for push rules validations (merge request) GitLab Enterprise Edition
• Update pg_query to v2.2.0 (merge request)
• Allow underscores in full text search query (merge request)
• Add project information to scanner for authorize (merge request) GitLab Enterprise Edition
• Use the same sanitize method for advanced and basic search (merge request) GitLab Enterprise Edition
• Prevent rewriting of joined table in statements to make queries work (merge request)
• Hide delete branch button when user doesn't have permission (merge request)
• Bump the size of elastic query for getting migrations (merge request) GitLab Enterprise Edition
• Fix markdown editor autofocus behavior (merge request)
• Issue: Fix spacing on emoji status in title (merge request)
• Add Hashie::Array to allowed YAML serialization classes (merge request)
• Keep milestone status when a project is transferred (merge request)
• Fix MR notes not showing author badges (merge request)
• Handle events that target vulnerabilities (merge request) GitLab Enterprise Edition
• Iterations bug fixed for task without a parent (merge request)
• Audit security policy project changes (merge request) GitLab Enterprise Edition
• Update loading state styling (merge request)
• Allow all http and https sources for media-src (merge request)
• Prevent search for when under 3 characters (merge request)
• Fix merge request header button alignment (merge request)
• Gracefully ignore non-string search parameters (merge request)
• Ensure additional_params is passed through (merge request)
• Approvers group does not persist after adding it to the approval rules (merge request)
• Container Repository, implement delete event (merge request) GitLab Enterprise Edition
• Test coverage: Extract source path OS-agnostically (merge request)
• Fix Opensearch compatibility check (merge request) GitLab Enterprise Edition
• Support Markdown in Jupyter output (merge request)
• Nullify created_projects relation on User delete (merge request)
• Refetch stage jobs in job log (merge request)
• Hide Tree view button on epics for Premium (merge request) GitLab Enterprise Edition
• Fix to allow empty array of associatedProjects (merge request)
• Correctly position tree view with performance bar (merge request)
• Remove deprecated attribute from cve_value logic (merge request) GitLab Enterprise Edition
• Show play button on environment detail page to deployment-only users (merge request) GitLab Enterprise Edition
• Fix GitHub company name on import page by @Taucher2003 (merge request)
• Adds block to label dropdown (merge request)
• Handle password manager auto-fill-then-submit (merge request) GitLab Enterprise Edition
• Add auditor access for group CI/CD Analytics (merge request) GitLab Enterprise Edition
• Fix comment preview of issuable link+ on epics (merge request) GitLab Enterprise Edition
• Wrap artifact names (merge request)
• Fix Jira namespace subscription bug (merge request)
• Add auditor access for group container registry (merge request) GitLab Enterprise Edition
• Include version suffix in agent install command (merge request)
• Fix audit event date-range inputs responsiveness (merge request) GitLab Enterprise Edition
• Truncate Legacy Tables should error on multiple-shared databases (merge request)
• Fix: locale on commits detail page by @JeremyWuuuuu (merge request)
• Fix header create new button vertical alignment (merge request)
• Add ability for top-level group owners to unban subgroup members (merge request)
• Improve mobile layout of MR widget (merge request)
• Vertically align MR badge and branch info (merge request)
• Fix issues with some scopes not being sent during token creation (merge request)
• Optimize UnestedInFilters query rewriter (merge request)
• GitLab Version - Fix nested links in help dropdown (merge request)
• Fixing cotaining => containing typo (merge request)
• Show re-deploy/rollback button to deployment-only users (merge request) GitLab Enterprise Edition
• Prevent web_hooks.recent_failures overflowing (merge request)
• Fix Ci::RegisterJobService return value (merge request)
• Fix design management styling in MR diff (merge request)
• Updated bulk move issues milestone in the docs by @zillemarco (merge request)
• Disable commenting on lines that will fail to save the comment (merge request)
• Preload indexing records in batches (merge request) GitLab Enterprise Edition
• Show mergedYaml content whenever available (merge request)
• Ensure schemas are up-to-date after migration tests complete (merge request)
• Admin email form - disable submit until required fields are completed (merge request) GitLab Enterprise Edition
• Update scrolling issue (merge request)
• Specify certificates when connecting to KAS using TLS (merge request)
• Fix vertical alignment of system note icon (merge request)
• Fix wrong behavior when CI keyword "when" is an array (merge request)
• Updates the PlayBuildService to use can_enqueue (merge request)
• Add terms disclaimer to Group SAML sign in page (merge request) GitLab Enterprise Edition
• Allow dashes in datadog site (merge request)
• Fix flaky tests for git rate-limiting services (merge request) GitLab Enterprise Edition
• Paths that aren't strings are considered invalid (merge request)
• Fix: locale on create protected tag page by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Delete state transtions with no state change (merge request)

Changed (195 changes)

• Clean up ci_variable_settings_graphql ff (merge request)
• Improve user impersonation button UX by @geriley (merge request)
• Remove unusable feature flag (merge request)
• Remove index_user_callback feature flag (merge request)
• Fix a typo in suggestions REST API doc (merge request)
• Service account list links back to Google Cloud Console (merge request)
• Removed duplicated build package information (merge request)
• Pass search curation flag to elasticsearch indexer (merge request) GitLab Enterprise Edition
• Disable spellcheck on CI variables value field (merge request)
• Change validation for name in scan finding approval rules (merge request)
• Update merge request loading error message (merge request)
• Enable watchdog by default for Puma (merge request)
• This MR transfers method to vue_shared (merge request) GitLab Enterprise Edition
• Add highlight.js plugin to highlight podspec.json files (merge request)
• Add status checks and approval rules to branch details (merge request)
• Remove misleading strong emphasis in MR widget for vulnerabilities (merge request) GitLab Enterprise Edition
• Locked files: Update copy and UI (merge request) GitLab Enterprise Edition
• Update topics open api (merge request)
• Remove project-key-support conditional (merge request)
• Enable split_operations_visibility_permissions by default (merge request)
• Hide env scope field in Admin CI/CD variables (merge request)
• Add updated_at datetime to billable users blocks (merge request) GitLab Enterprise Edition
• Add dry_run parameter to Search::IndexCurator (merge request) GitLab Enterprise Edition
• Add namespace to token access (merge request)
• Implement AccessLevel User and Group types with limited fields (merge request) GitLab Enterprise Edition
• Update suggestions REST API documentation and include batch_apply (merge request)
• Add max_seats_used_changed_at index (merge request)
• Add title to runner delete error alert (merge request)
• Enable use_introspect_parser feature flag by default (merge request) GitLab Enterprise Edition
• Add highlight.js plugin to highlight podspec.json files (merge request)
• Adapt Maven API to consider the package registry access level by @wwwjon (merge request)
• Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/376870 (merge request)
• Adapt npm API to consider the package registry access level by @wwwjon (merge request)
• Refactor vulnerability report status filter (merge request) GitLab Enterprise Edition
• Add pipeline name to Slack pipeline messages (merge request)
• Remove Sidekiq jobs migration in 15.6 (merge request)
• Add new field webUrl to VulnerabilityType (merge request) GitLab Enterprise Edition
• Drop use_cdn_with_job_artifacts_ui_downloads feature flag (merge request)
• Pass column name to mount_file_store_uploader by @sathieu (merge request)
• Support structured error for UserCommitFiles (merge request)
• This MR alert message for pre-scan verification (merge request) GitLab Enterprise Edition
• Update messages for CI include validation errors (merge request)
• Allow using different icons for the help popover (merge request)
• Hide webhook value in chat integrations (merge request)
• Fixed broken links (merge request)
• Update global alert for read-only namespace (merge request)
• Open api invitations (merge request)
• Add new field webUrl to Code Quality Reports API response (merge request) GitLab Enterprise Edition
• Skip create rule for group when creating group by @lyb124553153 (merge request) GitLab Enterprise Edition
• Remove trigger_mr_subscription_on_merge_status_change feature flag (merge request)
• Open api badges (merge request)
• Clean up temporary code that fixed the wrongly backfilled expire_at (merge request)
• Project events open api (merge request)
• Remove temporary index on project_features (merge request)
• Move usage_quotas/pipelines directory (merge request) GitLab Enterprise Edition
• Update CI/CD variable value textarea maxRow to 10 (merge request)
• Require security approval when scans are removed in MR (merge request)
• Fix SSO enforcement for public projects (merge request) GitLab Enterprise Edition
• Remove highlighting from new issues (merge request)
• Add highlight.js plugin to highlight gemfiles (merge request)
• Include database name in Unsupported PostgreSQL warning (merge request)
• Update star_count on hooks and user state transitions by @bufferoverflow (merge request)
• Polish the UI for the projects list (merge request)
• Change job limit message (merge request) GitLab Enterprise Edition
• This MR migrates submit buttons to pajamas component (merge request) GitLab Enterprise Edition
• Search Page Vue vertical navigation (merge request)
• Add h1 to user profile page (merge request)
• Add raw to CI variable REST endpoints (merge request)
• Refactor vulnerability report image filter tooltip into image filter (merge request) GitLab Enterprise Edition
• Search Page Vue vertical navigation (merge request)
• Add notes summary into csv export (merge request) GitLab Enterprise Edition
• This MR adds stepped list for pre-scan verification (merge request) GitLab Enterprise Edition
• Migrate email_confirmation_setting value (merge request)
• Move usage_quotas/ci_minutes_usage directory (merge request) GitLab Enterprise Edition
• Bump gitlab-metrics-exporter version (merge request)
• Exclude Sidekiq retry errors from reportable Sentry events (merge request)
• Removes unused feature flag (merge request)
• Improve error handling of runners bulk deletion (merge request)
• Enabled purge_stale_security_findings flag by default (merge request) GitLab Enterprise Edition
• Update toggle description button to pajamas (merge request)
• Update delete milestone button to pajamas (merge request)
• Add tooltip to issue header ellipsis button (merge request)
• Recognize 'time' for time tracking quick actions by @Taucher2003 (merge request)
• Add custom context to active_users_project_repo event (merge request) GitLab Enterprise Edition
• Move API::BroadcastMessages endpoint (merge request)
• Enable new test summary widget (merge request)
• Squelch "Can't verify CSRF token authenticity" messages (merge request)
• Update access levels from protected branch api (merge request) GitLab Enterprise Edition
• Add search index curation (merge request) GitLab Enterprise Edition
• Remove End-of-Support analyzers from SAST config UI (merge request)
• Bump gitlab-metrics-exporter version (merge request)
• Add a keyword mapping for username (merge request) GitLab Enterprise Edition
• Add job to /api/v4/job/allowed_agents context (merge request)
• Email says user was banned only when auto-ban setting is enabled (merge request) GitLab Enterprise Edition
• Move pipeline_schedules directory (merge request)
• Track wiki verification in the project_wiki_repository_registry table (merge request) GitLab Enterprise Edition
• Track wiki replication in the project_wiki_repository_registry table (merge request) GitLab Enterprise Edition
• Add validationStartedAt to DastSiteProfileType (merge request) GitLab Enterprise Edition
• Remove GitHub Import from database codeowners (merge request)
• Drop Go 1.17 support and mandate Go 1.18 (merge request)
• Adapt Go API to consider the package registry access level by @wwwjon (merge request)
• Limit all Sentry responses for Error Tracking (merge request)
• Remove refactor_code_quality_extension feature flag (merge request)
• Rename columns and add tooltip to path column (merge request)
• Add i18n support to default brand title by @icbd (merge request)
• Removed work_items_hierarchy ff (merge request)
• Add token endpoint to the alllowed sources (merge request)
• Highlight Godeps.json on client (merge request)
• Enable lazy_load_commits feature flag by default (merge request)
• Display incident's severity name and label in timeline events (merge request)
• Change timeline event length validation to 280 on user input (merge request)
• Reduce cleanup package registry worker cadence to every hour (merge request)
• Removed work_items_hierarchy definition (merge request)
• Migrate Sidekiq jobs outside of current routing rules (merge request)
• Drop ci_job_artifacts_cdn feature flag (merge request)
• Update related items empty states (merge request)
• Remove stroke from contrib calender (merge request)
• Move ci_minutes_usage directory (merge request) GitLab Enterprise Edition
• Adding metadata to Secure Files API response (merge request)
• Change the wording of retry button for passed jobs (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Updated the placeholder logic for trigger fields (merge request)
• Backward compatible behavior in alert management client side router by @dannyelcf (merge request)
• Add feature flags user lists endpoints to OpenApi v2 docs (merge request)
• Add Objective and Keyresult to work item types (merge request)
• Remove dast_ui_redesign feature flag (merge request)
• Update documentation for troubleshooting limited job pipelines (merge request)
• Mask the "Secret token" input in the webhook form (merge request)
• Add MigrateSharedVulnerabilityScannersV2 background migration (merge request)
• Use full-text search with in param (merge request)
• Add new columns into vulnerability export (merge request) GitLab Enterprise Edition
• Improve UX for release assets screen (merge request)
• Guard for when user index migration has not been completed (merge request) GitLab Enterprise Edition
• Use inline error when adding existing item to linked items (merge request)
• Remove project_id from sprints (merge request)
• Re-linked Preview tab to live-preview on .md files (merge request)
• Move and refactor PATCH endpoint (merge request)
• Moving default branch setting to branch default (merge request)
• Update CI/CD variables table (merge request)
• Add has_many alerts association to issues (merge request)
• Update user cap description (merge request) GitLab Enterprise Edition
• Change order of items in deployment sidebar (merge request)
• Clean up and tie PBKDF2+SHA512 user passwords to FIPS (merge request)
• Create a user elasticsearch index and index users (merge request)
• Update CLI messages when action is rejected due to storage limit (merge request) GitLab Enterprise Edition
• Improve issuable confirm modal by @ali_o_kan (merge request)
• Update gitlab-labkit to v0.26.0 (merge request)
• Display formatted health status in issue sidebar (merge request) GitLab Enterprise Edition
• Backfill existing user_details fields from users table by @brianjaustin (merge request)
• Allow rollback with Prevent Outdated Deployment Job feature (merge request)
• Add details to security finding type (merge request) GitLab Enterprise Edition
• Remvs redundant var temp_deployment_associations by @afzal442 (merge request)
• This MR adds summary component to a drawer (merge request) GitLab Enterprise Edition
• Replace token indices in ci_runners table (merge request)
• Revisit padding in test suite report table (merge request)
• Remove min_access_level check (merge request)
• Add back in migration (merge request)
• Enable masking the newly created access tokens (merge request)
• Update cluster management project template (merge request)
• Remove agent_authorization_include_descendants feature flag (merge request)
• Drop fingerprint column from sbom sources (merge request)
• Update commit note action buttons (merge request)
• Add DeletePackageModal shared component by @ali_o_kan (merge request)
• Display container image shortened path (merge request)
• Update VSA max date range tooltip text (merge request)
• Less padding for sidebar subfolders on diffs (merge request)
• Add DAST_API_EXCLUDE_URLS variable for api scans (merge request) GitLab Enterprise Edition
• Adapt PyPI API to consider the package registry access level by @wwwjon (merge request)
• Allow only project/group reporters to read confidential notes (merge request)
• Update elastic search filter for confidential notes (merge request) GitLab Enterprise Edition
• GitLab Version - Event naming changes (merge request)
• Add environment keyword to deploy jobs in CI/CD templates by @anshulriyal (merge request)
• Add a meaningful event name for path in Project (merge request) GitLab Enterprise Edition
• Improve alert management client-side router usage by @dannyelcf (merge request)
• Add email confirmation setting enum (merge request)
• Update dependency auto-build-image to v1.21.0 (merge request)
• Group SAML Group Sync retains default membership (merge request) GitLab Enterprise Edition
• Stop returning alerts from prometheus alerts endpoint (merge request)
• Update dependency auto-deploy-image to v2.42.1 (merge request)
• Adds package registry migration survey banner (merge request)
• Create merge_request_diff asynchronously (merge request)
• Extract values and add them to constants by @TrueKalix (merge request)
• Remove remove_extra_primary_submenu_options feature flag (merge request)
• Remove new_navbar_layout feature flag (merge request)
• Add support for group level scan result policies (merge request) GitLab Enterprise Edition
• Update various buttons to use pajamas component (merge request)
• Add API_REQUEST_HEADERS variable for api scans (merge request) GitLab Enterprise Edition
• Show only active users on Starrers page of a project by @wwwjon (merge request)
• Cleanup admin/subscription page tables (merge request) GitLab Enterprise Edition
• Change "Self monitoring" to "Self-monitoring" by @scootergrisen (merge request)
• Optimise remediation ingestion with bulk insertion (merge request) GitLab Enterprise Edition
• Rename ci_pipeline_metadata.title to name (merge request)
• Remove unnecessary horizontal lines (merge request)
• Clean up logged_out_marketing_header (merge request)
• Remove without_deleted param (merge request)

Deprecated (2 changes)

• Deprecation notice for merge_status field (merge request)
• Deprecate registration token in Runner Operator (merge request)

Removed (6 changes)

• Remove temp index invalid member (merge request)
• Remove unused method to check if we should re-download data (merge request) GitLab Enterprise Edition
• Remove missing_security_scan_types feature flag (merge request)
• Remove old product analytics features (merge request)
• Remove temp index on approval_merge_request_rules (merge request)
• Remove new layout feedback banner (merge request)

Security (13 changes)

• Handle JSON input correctly for swagger-ui (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Same-site redirect vulnerability (merge request)
• Update Gitaly Version (merge request)
• Resolve users can view audit events from other members (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Path traversal fix for Secure Files (merge request)
• Add length limit to addressable URLs (merge request)

Performance (22 changes)

• Remove group_overview_tabs_vue feature flag (merge request)
• Use efficient in operator query for fetching group & project activities (merge request)
• Add in_product_marketing_emails index (merge request)
• Cleanup cache_unleash_client_api feature flag (merge request)
• Memoize Project#has_group_hooks? check (merge request) GitLab Enterprise Edition
• Only build MR hook data when needed (merge request)
• Fix Projects list API preloaders (merge request)
• Switch transfer group dropdown to API data source (merge request)
• Remove duplicate_jobs_cookie feature flag (merge request)
• Remove user_destroy_with_limited_execution_time_worker feature flag (merge request)
• Use partial GIN index for non-latin issue searches (merge request)
• Improve performance of MR changes count (merge request)
• Improve issue search performance for recent items (merge request)
• Change ActiveSupport::JSON to use Gitlab::Json (merge request)
• Add GhostUserMigration#consume_after column (merge request)
• Render first chunk immediately (merge request)
• Memoize Project#has_active_integrations? check (merge request)
• Replace Sidekiq JSON methods with Gitlab::Json (merge request)
• Optimize source viewer rendering (merge request)
• Add server-side pagination to SearchFilesByName (merge request)
• Optimize source viewer rendering (merge request)
• Disable fastupdate on issues and merge_requests GIN indexes (merge request)

Other (60 changes)

• Fix Style/Next offenses by @mhdasm3 (merge request)
• Propagate feature flag actors in all Gitaly RPC services (merge request)
• Add migration for new index (merge request)
• Enforce HTTP/HTTPS schemes in Octokit Middleware (merge request)
• RuboCop: Enable previously disabled Rails/ContentTag by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/LexicallyScopedActionFilter by @edith007 (merge request)
• Remove ci_job_jwt feature flag (merge request)
• Stop tracking errors when deleting branches (merge request)
• Improve the specs in invitations_spec.rb (merge request)
• Prepare removal of old issue trigram indexes (merge request)
• Propagate user_id to Gitaly via gRPC metadata (merge request)
• Remove experiment_users table (merge request)
• Removed realtime labels FF (merge request)
• Add more logs for CI config external files V2 (merge request)
• Removes truncate_long_blobs_in_search flag by @sd5869 (merge request)
• Deprecate merge_status from api and webhooks (merge request)
• Add post migration for deleting tag data (merge request)
• Propagate feature flag actors in Gitaly RPC calls (merge request) GitLab Enterprise Edition
• Add new job for solely deleting branchs from gitaly (merge request)
• Update invisible_captcha gem from 1.1.0 to 2.0.0 (merge request)
• Updated OAuth example links to https by @zillemarco (merge request)
• Documentation changes for latest release and release asset download API by @zillemarco (merge request)
• RuboCop: Enable Style/Lambda and change to EnforcedStyle: literal by @edith007 (merge request)
• Validate environment_id foreign key on deployments table (merge request)
• RuboCop: Disable Rails/HasManyOrHasOneDependent permanently by @edith007 (merge request)
• Add more logs for CI config external files (merge request)
• Put requirements filter by test reports under feature flag (merge request) GitLab Enterprise Edition
• Removes ipynb_semantic_diffs feature flag (merge request)
• Add rubocop cop Graphql/EnumNames by @fabsrc (merge request)
• Stub license to fix JH integration factory spec by @chaomao (merge request)
• Change DuplicateJobs cookie key (merge request)
• Fix Style/RedundantInterpolation offenses in spec/ by @mhdasm3 (merge request)
• Add index to support filtering issues by last test report state (merge request)
• Remove externally_stored_diffs_caching_export feature flag (merge request)
• Consolidate Wiki model methods (merge request) GitLab Enterprise Edition
• Ensure that requirement belongs to same project of work item (merge request) GitLab Enterprise Edition
• Fix Style/CaseLikeIf offenses by @mhdasm3 (merge request)
• Another attempt to create issue trigram indexes (merge request)
• Update fogbugz gem to 0.3.0 (merge request)
• Edit pipeline-triggers API annotation (merge request)
• Remove FF ci_stop_expanding_file_vars_for_runners (merge request)
• Remove FF ci_requeue_with_dag_object_hierarchy (merge request)
• Remove outdated gocloud.dev backport (merge request)
• Use MessagePack for DuplicateJobs cookies (merge request)
• Improve Upgrade Path tool visibility by @zillemarco (merge request)
• Expose the raw attribute of ci-variables models (merge request)
• Cleanup task system note renaming background migration (merge request)
• Change DuplicateJobs Redis format (merge request)
• Move work item weight counters to CE (merge request)
• Update graph button to pajamas (merge request)
• Remove unused haml file that was moved to Vue (merge request)
• Remove default-enabled hash_oauth_tokens feature flag (merge request)
• Remove 'audit_event_streaming_git_operations' feature flag (merge request)
• Update profile buttons to pajamas (merge request)
• Remove disable_load_entire_blob_for_diff_viewer feature flag (merge request)
• Move the stale etag check before highlighting cache (merge request)
• Add variable name to file-variable logging (merge request)
• Add delay when performing refresh with delay (merge request)
• Update Gitlab Shell to 14.13.0 (merge request)
• Migrate card to Pajamas (merge request) GitLab Enterprise Edition

15.5.9 (2023-01-12)

No changes.

15.5.8 (2023-01-12)

No changes.

15.5.7 (2023-01-09)

Security (10 changes)

• Avoid regex with potential for poorly performing backtracking (merge request)
• Protect web-hook url variables after changing URL (merge request)
• Limit the size of user agent to reduce ReDos attack (merge request)
• Only allow safe params for diff helper (merge request)
• Protect Sentry auth-token after changing URL (merge request)
• Delete project specific licenses when license policy is deleted (merge request)
• Restrict user avatar availability based on visibility restrictions (merge request)
• Policy change to read and destroy token without license for .com (merge request)
• Restrict Grafana API access on public projects (merge request)
• Fix "Race condition enables verified email forgery" (merge request)

15.5.6 (2022-12-07)

No changes.

15.5.5 (2022-11-30)

Security (11 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.5.4 (2022-11-11)

Fixed (3 changes)

• Allow links to be opened from Swagger UI documentations (merge request)
• Add Hashie::Array to allowed YAML serialization classes (merge request)
• Revert Sidekiq default routing rules (merge request)

15.5.3 (2022-11-07)

Fixed (1 change)

• Fix Opensearch compatibility check (merge request) GitLab Enterprise Edition

15.5.2 (2022-11-02)

Security (11 changes)

• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.5.1 (2022-10-24)

Fixed (2 changes)

• Batch records when preloading for indexing (merge request) GitLab Enterprise Edition
• Specify certificates when connecting to KAS using TLS (merge request)

15.5.0 (2022-10-21)

Added (159 changes)

• Render labels correctly in content editor (merge request)
• Add "use_legacy_web_ide" to "user_preferences" (merge request)
• Set default compliance framework during project creation (merge request) GitLab Enterprise Edition
• Expose created_by in the Users API (merge request)
• Add models for tag and tag links (merge request)
• Adding migration for backfilling namespaces metadata (merge request)
• Add metrics for projects with applied scan result policies (merge request) GitLab Enterprise Edition
• Moved label and date widgets out of FF (merge request)
• Add GraphQL field to preview billable user changes (merge request) GitLab Enterprise Edition
• Additional Gitlab::Json method aliases (merge request)
• Enhance review app modal instructions (merge request)
• [18052] Gitlab import: Issue attachments (merge request)
• Namespace package forward settings in GraphQL (merge request)
• Allow automatic runner authentication token rotation (merge request)
• Add RaspberryPi OS 11 (Bullseye) to the list of supported OS (merge request)
• Add bulk destroy mutation for Packages (merge request)
• Add approvalProjectRules to graphql endpoint (merge request) GitLab Enterprise Edition
• Track work item iteration update (merge request) GitLab Enterprise Edition
• Add environment key to pages jobs by @k0jak (merge request)
• Sync profile fields to user_details and truncate by @brianjaustin (merge request)
• [373705] Configurable optional stages list API (merge request)
• Add scan file path to dast site profile (merge request)
• Removed upload_size from storage_size (merge request) GitLab Enterprise Edition
• Add GIT_SUBMODULE_PATHS documentation by @bollenn (merge request)
• Show edited at for work item descriptions (merge request)
• Add health status filter on issue boards (merge request) GitLab Enterprise Edition
• Autogenerate OpenApi using grape-swagger (merge request)
• Create API to fetch all Github organizations for the user (merge request)
• Only merge when all the status checks have passed (merge request)
• Improved CRM contacts autocomplete service to include state and set by @zillemarco (merge request)
• Add metrics for groups with assigned security policy project (merge request) GitLab Enterprise Edition
• Add metrics for merge requests witj applied scan result policies (merge request) GitLab Enterprise Edition
• Enable JWT authentication for Gitlab Shell (merge request)
• Add new storage type for DSL field (merge request)
• Prepare async index for index on author_id and id in merge_requests (merge request)
• Map 'Require pull request before merging' GitHub rule with access_levels (merge request)
• Add default_compliance_framework_id column to namespace_settings table (merge request)
• Autocomplete support for work items (merge request)
• Feature password expiration migration by @qt-gith (merge request)
• Disable creation of all types of personal tokens with FIPS enabled (merge request) GitLab Enterprise Edition
• After a milestone from the new release form, redirect back (merge request)
• Add cancel projects import from github (merge request)
• Support for suggestions in content editor (merge request)
• Prepare index async for merge requests on author and target project id (merge request)
• Add an owner of a runner to the runners list (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR gets closed (merge request)
• Add support for quick actions in content editor (merge request)
• Allow admins to limit registration of project and group runners (merge request)
• Speed up usage ping count for projects with incident SLAs enabled (merge request)
• Include release ci variables (merge request)
• Map 'Require signed commits' GH rule with project's push_rule attribute (merge request)
• Adding remaining MLFlow endpoints (merge request)
• Add pipelineScheduleDestroy mutation by @batu (merge request)
• Add Push Rule for DCO Signoff (merge request) GitLab Enterprise Edition
• Add jitsu key to project when created (merge request)
• Add metrics for projects with assigned security policy project (merge request) GitLab Enterprise Edition
• Consume Google Cloud Services within GitLab (merge request)
• Update requirement verification status mutation (merge request)
• Filter group runners by tags (merge request)
• [18052] Support img tags in GitHub markdown attachment importers (merge request)
• [18052] Gitlab import: note attachments (merge request)
• Authentication in private registry in code quality (merge request)
• Add user preference to turn off automatically adding a new list item (merge request)
• Add free_user_cap_over_limit_notified_at to NS details (merge request)
• Add Geo::ProjectWikiRepositoryState model (merge request) GitLab Enterprise Edition
• Add project_wiki_repository_states table (merge request)
• Delete orphaned operational vulnerabilities (merge request)
• Add migrated_to_state_transition column (merge request)
• Destroy invalid members (merge request)
• Add advanced settings support to import projects Vue app (merge request)
• Allow admins to delete runners in bulk (merge request)
• Trigger mergeRequestMergeStatusUpdated when MR marked as draft/ready (merge request)
• Create tmp index members on id where namespace id null (merge request)
• Add avatar to user dropdown items (merge request)
• Enable issuable_description_updated subscription in GraphQL (merge request)
• Add project_wiki_repository_states table (merge request)
• Add health filter for board lists (merge request) GitLab Enterprise Edition
• Add labels widget input to work item update mutation (merge request)
• Show empty state for external CI config in pipeline editor (merge request)
• Add inbound_job_token_scope to ci cd settings (merge request)
• Remove FF email_for_two_factor_otp_failure (merge request)
• Add DORA4 charts to Insights by default (merge request) GitLab Enterprise Edition
• Add the ability to sort iterations by due date (merge request) GitLab Enterprise Edition
• feat: Add resolved_on_default_branch index to vuln reads (merge request)
• Add glm values for trials (merge request)
• Add isDefault to BranchRule type objects in GraphQL endpoint (merge request)
• Remove forward_deployment_enabled feature flag (merge request)
• RpmRepositoryFile model with uploader and spec (merge request)
• Add X-Gitlab-Instance header to webhooks (merge request)
• Add support for emojis suggestions (merge request)
• Add Scheduled badge to pipeline detail view by @Taucher2003 (merge request)
• Add migration for direction column of ci scope (merge request)
• Trigger mergeRequestReviewersUpdated when reviewer state change (merge request)
• REST API filter issues by any/none health status (merge request) GitLab Enterprise Edition
• Add mailer with templates (merge request) GitLab Enterprise Edition
• Enable Releases feature toggle (merge request)
• Disable all types of personal access tokens when FIPS enabled (merge request) GitLab Enterprise Edition
• Add resource groups API endpoint to list upcoming jobs (merge request)
• Enable skip_default_scope_for_events FF by default (merge request)
• Add suppport for suggestions in content editor (merge request)
• Trigger mergeRequestReviewersUpdated subscription when reviewers change (merge request)
• Shift can_create_group to ApplicationSetting (merge request)
• Create table and model to store user's phone number validations (merge request)
• Map 'Require conversation resolution' GitHub rule with project setting (merge request)
• Add ci_pipeline_metadata table to hold title strings (merge request)
• Add and fill foreign key for approval rules (merge request) GitLab Enterprise Edition
• Add timing when we use caching in certain api/controller endpoints (merge request)
• Add timing for mergeability checks (merge request)
• Support GraphQL subscription for iteration assignment (merge request) GitLab Enterprise Edition
• Add unprotectAccessLevels to EE graphql endpoint (merge request) GitLab Enterprise Edition
• Jitsu/GitLab Connection PoC (merge request)
• Project setting for suggested Reviewers (merge request)
• Add CI_JOB_NAME_SLUG predefined CI variable by @jdoubleu (merge request)
• Allow users to create annotated tags from release (merge request)
• Allow autosaving wiki content (merge request)
• Send email notification when a personal access token is revoked (merge request)
• GraphQL: Add ALL_AVAILABLE membership value (merge request)
• Include tag specific additional CI variables (merge request)
• Prepares ci_builds_metadata to partitioning (merge request)
• Email user when their 2FA OTP attempt is wrong (merge request)
• Backfill epic cache counts (merge request)
• Adds log-parameter and log-batch MLFlow endpoints (merge request)
• Prepare async index for vulnerability reads location image (merge request)
• Add issuableDescriptionUpdated to the GQL subscription type (merge request)
• Expose if user can mark notes as confidential (merge request)
• Add Any and None options to filter issues by health status (merge request)
• Expose BulkImports::Failure#exception_message in the API (merge request)
• Add real time capability for work item assignees widget (merge request)
• Support secure schemas version 15.0.2 (merge request) GitLab Enterprise Edition
• Add X-Gitlab-Instance header to webhooks (merge request)
• Display blocking items on Roadmap (merge request)
• Fetch Iteration widget as well for work items type task (merge request)
• Add unique indexes to facilitate bulk upserts (merge request)
• Add note when child epic gets moved (merge request) GitLab Enterprise Edition
• Add jobs endpoint by @TrueKalix (merge request)
• Add glm values for trials (merge request)
• Allow epics having child issues from different group hierarchies (merge request) GitLab Enterprise Edition
• Schedule index removal for ci_builds_metadata (merge request)
• Add GET /personal_access_tokens/self endpoint (merge request)
• Add a timeline event preview markdown endpoint (merge request)
• Add indexes to ci_builds_metadata (merge request)
• Metrics for GitLab for Jira App (merge request)
• Display permission alert on epic tree count popovers (merge request) GitLab Enterprise Edition
• Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
• Use Google CDN if enabled for CI job artifacts (merge request)
• Adds LogMetric endpoint to MLFlow (merge request)
• Frontend for Environment Search (merge request)
• Add pipeline_schedule GraphQL type (merge request)
• Added straight mode to compare view by @DracoBlue (merge request)
• Show Slack App Home (merge request)
• Show “Merged date” sort option for dashboard MRs (merge request)
• Extend GraphQL query for protected environments (merge request) GitLab Enterprise Edition
• Add source_id to BulkImports::Entity table (merge request)
• Add filters for PAT by @TrueKalix (merge request)
• Add group shares in group transfer locations API (merge request)
• Add any, none filters for issue health status (merge request)
• Add any, none filters for issue health status (merge request)
• Add REST API filters for issue health status (merge request)
• Add REST API filters for issue health status (merge request)

Fixed (164 changes)

• Fix: locale on sidebar items when collapsed by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Don't fail project export if upload file doesn't exist (merge request)
• Prevent JobArtifactsDestroy whilst refreshing by @leetickett (merge request)
• GitLab Version - Properly track link clicks (merge request)
• Fix naming issue with Test Summary widget (merge request)
• Ensure current user owns table to partition (merge request)
• Check for path traversals in the debian distribution regex by @sathieu (merge request)
• Fix spurious requests when viewing PDF blobs (merge request)
• Pass additional_params to search API logging (merge request)
• Fix scoped label styles in activity feed (merge request)
• Gitlab Migration - retry ExportRequest & RequestStatus network requests (merge request)
• Fix 500 error when namespace path is a negative integer (merge request)
• Prevent outdated deployments from running before execution (merge request)
• Persist page size for group migration (merge request)
• Use configured namespace when generating Kubeconfig (merge request)
• Add the labels to the cache key for merge request api (merge request)
• Don’t append base to links with old wiki path (merge request)
• Ensure schemas are up-to-date after migration tests complete (merge request)
• Fix broken trial registration spec (merge request) GitLab Enterprise Edition
• Fixed commit messages not wrapping when too long by @zillemarco (merge request)
• Hide Reviewers Edit Button when no permissions by @Taucher2003 (merge request)
• Allow grouping more than 1 label of same scope in iteration reports (merge request)
• Fix site profile edit with empty fields (merge request) GitLab Enterprise Edition
• Fix remove epic modal to include children info (merge request) GitLab Enterprise Edition
• Fix: locale on todo filter by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Remove auto_accept_terms from OAuth::User (merge request)
• Fix alignment of internal note header (merge request)
• Fix glm param dropping in the company controller (merge request) GitLab Enterprise Edition
• GitLab Version - Properly import on dashboard (merge request)
• Fix internal note background styling when using dark mode (merge request)
• Fix alignment issues on agent activity list (merge request)
• Add internal_id allocation for GitHub Import (merge request)
• Show error when removing epic or issue from epic (merge request)
• Fix: admin subscription time format locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fix mis-alignment of the action buttons in extensions (merge request)
• Support username in assign push options (merge request)
• Enable read_runner permission for auditors, also for instance runners (merge request) GitLab Enterprise Edition
• Enable read_group_all_available_runners permission for auditors (merge request) GitLab Enterprise Edition
• fix: Improve shell variable quoting in Coverage-Fuzzing templates (merge request)
• Fix grammatical error in exclusive keys validator (merge request)
• Do not show banner if SM subscription is renewed (merge request) GitLab Enterprise Edition
• Remove and add ci_job_variables.raw (merge request)
• Fix feature flag file location (merge request) GitLab Enterprise Edition
• Fix markdown for iteration description (merge request) GitLab Enterprise Edition
• Fix line height on project and group lists (merge request)
• Allocate InternalId for importing issues (merge request)
• Remove outdated migration steps (merge request)
• Add scrolling support for jupyter notebooks (merge request)
• Fix HLJS multi-line-rendering (merge request)
• Fix runner instructions with disabled registration (merge request)
• Fix RunnerPolicy to allow group maintainers to see shared runners (merge request)
• Fix Wiki feature raises exception when titles start with ~ (merge request)
• Fix duplicate key errors during GitHub Import (merge request)
• Fix case where Merge Request change tab shows incorrect number by @hyperhtml (merge request)
• Avoid loading entire blob without limit for displaying diffs (merge request)
• Migrate bulk sidebar subscriptions dropdown to pajamas (merge request)
• Add bottom margin to "Protect a tag" card (merge request)
• Fix epic items not loading for signed out users (merge request) GitLab Enterprise Edition
• fix: Don't fetch environments on Admin variables page (merge request)
• Render markdown for snippets if links contain hash to anchor by @fabsrc (merge request)
• Enable the FF ci_requeue_with_dag_object_hierarchy (merge request)
• Fix closing of external issues (merge request)
• Improve error message when providing an invalid deploy key by @davebarr (merge request)
• Fix indentation of children epics on Roadmap (merge request) GitLab Enterprise Edition
• Use custom logo on sign in page again by @wwwjon (merge request)
• Fix lock retries for the partition helper (merge request)
• Fix alignment issues of resolved with issue system note (merge request)
• This MR fixes cron parsing bug (merge request) GitLab Enterprise Edition
• Don't change escalations if neither status nor policy changed (merge request) GitLab Enterprise Edition
• Hide Analytics features based on project settings (merge request)
• Set default link color to blue-500 (merge request)
• Fix project create service to use known columns (merge request) GitLab Enterprise Edition
• Fix alignment on changed line in multiline suggestion comment (merge request)
• fix: Compare email addresses case insensitively by @DerAstronaut (merge request)
• Deal with multiple filters in query builder (merge request) GitLab Enterprise Edition
• Better memoize BulkImports::ExportStatus#export_status (merge request)
• Fix variables alignment (merge request)
• Add retriable exceptions & dont raise if wiki is disabled (merge request)
• Fix encoding issues with plantuml blocks (merge request)
• Removing single quotes to avoid harbor help text being rendered as math by @orozot (merge request)
• Show notifications toggle when mr merged by @leetickett (merge request)
• Fix 500 errors in Projects::AutocompleteSourcesController (merge request)
• Add missing tooltip for deployment name (merge request)
• Fix ES settings form localization by @Taucher2003 (merge request) GitLab Enterprise Edition
• Add WikiLinkFilter to AsciiDocPipeline (merge request)
• Fix serialization of tables in Content Editor (merge request)
• Prevent creation of duplicate deploy tokens on page refresh (merge request)
• Fix two expand buttons on MR widgets when page width is narrow (merge request)
• Avoid linking CVE IDs as Jira tickets by @kelunik (merge request)
• Hide Contributors menu item by @TrueKalix (merge request)
• Fix ExternalDatabaseChecker tests for geo and PG11 (merge request)
• When getting container repository tags, use a fixed page size (merge request)
• This MR closes drawer when project changed (merge request) GitLab Enterprise Edition
• Fix REST/GRAPHQL APIs handling TODOs WorkItem target (merge request)
• Remove usage of Geo::FileRegistryRemovalWorker worker (merge request) GitLab Enterprise Edition
• Avoid runaway queue growth of Geo::DestroyWorker (merge request) GitLab Enterprise Edition
• Fix initial value set on TimezoneDropdown (merge request)
• Fix the epics search query for displaying roadmap (merge request) GitLab Enterprise Edition
• Allow auditors read-only access to Alerts (merge request) GitLab Enterprise Edition
• Fix flash margin in Web IDE (merge request)
• Discussion: Fix font-size and highlight (merge request)
• Add missing licensed feature flag to frontend (merge request) GitLab Enterprise Edition
• Update project member styles in GFM (merge request)
• ExternalDatabaseChecker to support CI Database (merge request)
• Allow multiple drafts on a single line in MR reviews (merge request)
• Add the diverged commits when displaying the merge controls (merge request)
• Fix DAST profile names for group security policies (merge request) GitLab Enterprise Edition
• Changes how project export tarballs are uploaded to an external website (merge request)
• NuGet case-insensitive version search (merge request)
• Hide add oncall schedule buttons for unauthorized users (merge request)
• Fix CI JSON schema for variables (merge request)
• Fix 500 errors when sorting by merged date with approvers (merge request)
• Apply push rules to squash commit messages (merge request) GitLab Enterprise Edition
• Update GitLab Migration to use source_id when requesting relation export (merge request)
• LockWrites Rake Task to support DRY_RUN mode (merge request)
• Hide harbor registy in menu if uncheck active by @orozot (merge request)
• Fix wrong CLRF rendering by @TrueKalix (merge request)
• Exclude tiers if a protected environment exist from creation form (merge request) GitLab Enterprise Edition
• Hide MR Callout when MRs disabled for project by @Taucher2003 (merge request)
• Use toolbar buttons for indent/outdent (merge request)
• Fix unlocking previous pipeline artifacts (merge request)
• Fix alignment issues on agent activity list (merge request)
• Improve work item detail accessibility (merge request)
• Render form submit button using Pajamas::ButtonComponent (merge request)
• Render form submit button using Pajamas::ButtonComponent (merge request) GitLab Enterprise Edition
• Rescue exception when exporting MR diffs (merge request)
• Set BulkImports::Tracker as skipped if entity is failed (merge request)
• Monkey patch Licensee::License to properly cache (merge request)
• License overview incorrectly shows 'Expired: never' for expired license (merge request) GitLab Enterprise Edition
• Update View latest projects and View latest groups links (merge request)
• Reloading the classes runs the LoadBalancer again (merge request)
• Revert "Merge branch 'toon-no-more-licensee' into 'master'" (merge request)
• Fix escaping for references with special characters (merge request)
• Do not save duplicate notes when importing pipelines (merge request)
• Add shortcuts and permalink updater to vue blob controls (merge request)
• Show tasks in dashboard issue list (merge request)
• Simplify line link (merge request)
• Update custom tag reference in CI schema (merge request)
• Ensure that stage name and record are in sync for page deployments (merge request)
• Fix bugs around file attach button (merge request)
• Keep pipeline editor commit info when changing tabs (merge request)
• Fix wrong inverse_of in vulnerability_state_transitions association (merge request)
• Fix label events being grouped incorrectly (merge request)
• Resolve failure path issue on creating leads (merge request) GitLab Enterprise Edition
• Filter all settings sections and show empty state if no results (merge request)
• Avoid preloading nil root_ancestor in ProjectRootAncestorPreloader (merge request)
• Fix undismissable error alert on contact list by @leetickett (merge request)
• Remove attach file button from toolbar (merge request) GitLab Enterprise Edition
• Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
• Fix N+1 queries when fetching labels of child epics (merge request) GitLab Enterprise Edition
• Add navbar to empty search results (merge request)
• Show emoji in user_popover when status text is empty by @n0rdlicht (merge request)
• Only focus search in dropdown if it has artifacts (merge request)
• Improve specs (merge request)
• Replace visitUrl with Gl-Link in ci-badge-link by @leetickett (merge request)
• Move the index removal migration to a regular migration (merge request)
• Sorted project members by user name (merge request)
• Only mark vulnerabilities on default branch as disappeared (merge request) GitLab Enterprise Edition
• Allow read-only access to escalation policies for auditors (merge request) GitLab Enterprise Edition
• Fix codeowners for sections with the same patterns (merge request)
• Fix: locale on project repo settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Use the MR data to determine if the branch was deleted (merge request)
• Make Wiki operations target default branch instead of HEAD (merge request)
• Fix spacing in commit view of MR (merge request)

Changed (194 changes)

• Update google-protobuf to v3.21.7 (merge request)
• Add validationStartedAt to DastSiteValidationType (merge request) GitLab Enterprise Edition
• Allow specifying document types to reindex (merge request) GitLab Enterprise Edition
• Changes dormant user setting input minimum to 90 days (merge request)
• Fix an issue where the delete button would always delete the fist item (merge request)
• Migrate old sidekiq queues (merge request)
• Update sign in preview page and new label page (merge request)
• Permit to create/update/delete protected branches without repository (merge request)
• Use issue type in user activity for issue or work item events (merge request)
• Track wiki verification in the project_wiki_repository_states table (merge request) GitLab Enterprise Edition
• Fix alert text for rate limiting (merge request)
• Remove RubyProf in favor of StackProf from Gitlab::Profiler (merge request)
• This MR adds agents option for humanized rules (merge request) GitLab Enterprise Edition
• Revert changes to manual actions on environments (merge request)
• Show copy button for unsafe external URLs (merge request)
• Removes experimental feature flag (merge request)
• This MR adds agents option for schedule rule component (merge request) GitLab Enterprise Edition
• Reset form button if error encountered (merge request)
• Remove runners_finder_all_available feature flag (merge request)
• This MR adds new pre-scan verification status (merge request) GitLab Enterprise Edition
• Update pact to v1.63 and rack-test to v2.0.2 (merge request)
• Add pipeline iid to pipeline event webhook by @fabsrc (merge request)
• Make releases_access_level equal repository_access_level when higher (merge request)
• Search Page Layour change (merge request)
• Let go get response http semantic status code by @icbd (merge request)
• Render a dotted line for missing DORA insights data (merge request) GitLab Enterprise Edition
• Add finder for scan result policies and update (merge request) GitLab Enterprise Edition
• Update "last used" date for PATs if used in git operations by @fabsrc (merge request)
• Allow to toggle inbound job token (merge request)
• Extend scan_finding rules to group level (merge request) GitLab Enterprise Edition
• Update IDE pipeline styling (merge request)
• Shows project storage limit notifications only to owners (merge request) GitLab Enterprise Edition
• Exposed current_sign_in_at as last login at for billable members (merge request) GitLab Enterprise Edition
• Correct copy on Project Access Token scope page (merge request)
• Improve SAML SSO wording (merge request)
• Add browseArtifactsPath to GraphQL CiJob (merge request)
• GitLab Version - Badge Tracking (merge request)
• Fix: notify locale on project was not exported email by @qt-gith (merge request)
• Adding .mobileprovision file parser to Project-level Secure Files (merge request)
• Add columns about MR checks to namespace_settings by @luzhiyuan.deer (merge request)
• Convert Octokit response in Github Integration to hash (merge request) GitLab Enterprise Edition
• Adding .p12 file parser to Project-level Secure Files (merge request)
• Updates Config::Entry::Variable value to support array (merge request)
• Update Jitsu authenticator to production endpoint (merge request) GitLab Enterprise Edition
• Remove confusing runners summary text (merge request)
• Replace release notes form in new tag page with a link (merge request)
• Fix issue header alignment (merge request)
• Reduce the size of the initial backoff duration for web-hooks (merge request)
• Store future subscriptions on instance activation (merge request) GitLab Enterprise Edition
• Expose licenses in dependencies API (merge request) GitLab Enterprise Edition
• Allow /page to be used in description on incident creation (merge request)
• Update Work item cannot be accessed (merge request)
• Add localization to markdown actions (merge request)
• Fix padding for draft notes (merge request)
• Moves classes into variables (merge request)
• Improves modal copy when deleting page assets leads to package deletion (merge request)
• Remove container_registry_new_cleanup_service feature flag (merge request)
• Global Search vertical navigation search helper (merge request) GitLab Enterprise Edition
• Add approver for group level scan result policies (merge request) GitLab Enterprise Edition
• Nullify duplicate runner authentication tokens (merge request)
• This MR adds new feature flag for DAST pre-scan verification (merge request) GitLab Enterprise Edition
• Secure Files Metadata Parser (merge request)
• Update alert and incident table styles by @briankabiro (merge request)
• Govern Metric Updates (merge request) GitLab Enterprise Edition
• Productivity Analytics - Migrate url-sync mixin by @ali_o_kan (merge request) GitLab Enterprise Edition
• Update max helm charts to 1000 (merge request)
• Update shared runners summary text (merge request)
• Enable float values in cost factor (merge request) GitLab Enterprise Edition
• Improve MergeService log messages (merge request)
• Update dependency auto-deploy-image to v2.39.0 (merge request)
• Don't pre-fill markdown table with cells in issue (merge request)
• Remove ci_destroy_unlocked_pipeline_artifacts feature flag (merge request)
• Show view-only audit events filter for users with the developer role (merge request) GitLab Enterprise Edition
• Remove participant status from epic participants (merge request)
• Improve copy on delete modale in package by @ali_o_kan (merge request)
• Prevent login using autogenerated passwords (merge request)
• Replace Wiki service list_pages by normal repository RPCs (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.38.1 (merge request)
• Show warning if code search mappings are outdated (merge request) GitLab Enterprise Edition
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Update UI text in insights dropdown list + dropdown sizing (merge request) GitLab Enterprise Edition
• Change design comments cancel confirmation (merge request)
• Debian package API: do not enqueue jobs directly by @sathieu (merge request)
• Fixes top padding for skeleton notes (merge request)
• Remove user attributes from notes (merge request) GitLab Enterprise Edition
• Use inline code for varaiables in harbor text (merge request)
• Deprecate AWS host connection parameter (merge request)
• Migrate card component - user list in admin page (merge request)
• Pull apart emoji and activity controls (merge request) GitLab Enterprise Edition
• Exclude loopback and link local addresses from Google CDN use (merge request)
• Update runner settings styling (merge request)
• Enforce active jobs limit earlier in pipeline creation (merge request)
• Adapt Helm API to consider the package registry access level by @wwwjon (merge request)
• Adapt Generic Packages to consider the package registry access level by @wwwjon (merge request)
• Global Search vertical navigation search helper (merge request)
• Enabled realtime labels FF (merge request)
• Hide Action column when revokePath is missing (merge request)
• Remove use_gitaly_pagination_for_refs feature flag (merge request)
• Upgrade Sourcegraph integration to 0.0.82 by @philipp-spiess (merge request)
• Do not show blocked states (merge request) GitLab Enterprise Edition
• Remove iteration_cadences FF (merge request) GitLab Enterprise Edition
• Update colors in the user activity calendar (merge request)
• Tighten Google CDN URL config requirements (merge request)
• Geo - Update no subscription banner message (merge request) GitLab Enterprise Edition
• Geo - Update URL text to External URL (merge request) GitLab Enterprise Edition
• Update unknown ci_pipeline_artifacts.locked column values (merge request)
• Add codeowners collapse, use vue component instead of haml (merge request) GitLab Enterprise Edition
• Fixes highlighting color for first diff reply (merge request)
• Change Version API to mirror Metadata API (merge request)
• Reduced lease from 1.5hrs to 1 hr (merge request)
• Update extensions in Gitpod configuration by @gtsiolis (merge request)
• Geo: Migrate Container Registry replication to use SSF (merge request) GitLab Enterprise Edition
• Do not user select2 for mirror user id (merge request)
• Don't pre-fill markdown table with cells (merge request)
• Fix invalid runner REST v4 deprecations (merge request)
• Harmonise warning message in Settings < Variables by @ali_o_kan (merge request)
• Update trial status popover title (merge request) GitLab Enterprise Edition
• Harmonise warning message in Settings < Pipeline triggers by @ali_o_kan (merge request)
• Add tmp indx null member namespace id (merge request)
• Default on :operational_vulnerabilities_filters ff (merge request)
• Default on :scan_execution_rule_mode feature flag (merge request)
• Remove dropdown to add members from admin area (merge request)
• Update cards in the milestone view (merge request)
• Ensure PostgreSQL versions are memoized at start of tests (merge request)
• Allow to submit wiki form using ctrl enter (merge request)
• Store dependency scanning SBoMs as reports (merge request)
• ref_service: Clean up find_local_branches_response (merge request)
• Do not restrict epics child issues group structure (merge request) GitLab Enterprise Edition
• This MR stores list of form fields in constant (merge request) GitLab Enterprise Edition
• Use Pajamas alert component for Rails flash (merge request)
• Update code analyzers (merge request) GitLab Enterprise Edition
• Migrate groups' projects settings card to ViewComponent (merge request)
• Harmonise warning in Protected environments by @ali_o_kan (merge request) GitLab Enterprise Edition
• Migrate to GlButton (merge request) GitLab Enterprise Edition
• GraphQL: Rename verification status to status (merge request) GitLab Enterprise Edition
• Hides cleanup policy admin notification while loading (merge request)
• Refetch deployments on user interaction (merge request)
• Migrate groups "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
• Allow updating users.pronouns property in REST API by @drumm (merge request)
• Migrate "Protect a tag" card to ViewComponent (merge request)
• Migrate "Protect environment" card to ViewComponent (merge request) GitLab Enterprise Edition
• Hide delete button when user cannot delete runner (merge request)
• Adding metadata and expires_at to Secure Files (merge request)
• Limit maximum number of child epics (merge request) GitLab Enterprise Edition
• Remove tmp_index_system_note_metadata_on_attention_request_actions (merge request)
• Rename WebHook service_id to integration_id (merge request)
• Migrate issue/MR bulk edit checkboxes to be Pajamas compliant (merge request)
• Migrate LDAP Remember me checkbox to be Pajamas compliant (merge request)
• Migrate OmniAuth Remember me checkbox to be Pajamas compliant (merge request)
• Update dependency auto-deploy-image to v2.38.0 (merge request)
• Migrate card component - admin note in admin area (merge request)
• Migrate pj component - card in the profile SSH page (merge request)
• Allow updating users.commit_email property in REST API by @drumm (merge request)
• Migrate custom attributes card to ViewComponent (merge request)
• Add new alert for creating new top-level group (merge request)
• Autofocus on Markown Editor (merge request)
• Removes spacing from system and discussion notes (merge request) GitLab Enterprise Edition
• Remove temp index that no longer needed (merge request)
• Update deployment rollback buttons (merge request)
• Remove unused db fields from assignees (merge request)
• Remove unused styles on subscription seats table (merge request) GitLab Enterprise Edition
• Drop ci_update_unlocked_job_artifacts feature flag (merge request)
• Update Busy checkbox copy (merge request)
• Update dependency auto-build-image to v1.19.0 (merge request)
• Update successful purchase banner (merge request) GitLab Enterprise Edition
• Remove cleanup_extract_mr_diff_deletions feature flag (merge request)
• Default-enable :hash_oauth_tokens feature flag (merge request)
• GitLab Version - Badge CTA (merge request)
• Backfill internal column on notes (merge request)
• Block userless CI (merge request)
• Remove cache_issue_sums flag (merge request) GitLab Enterprise Edition
• Do not treat warnings as errors (merge request) GitLab Enterprise Edition
• Add warning when Token Access disabled by @ali_o_kan (merge request)
• Add reject_non_dco_commits to push_rules (merge request)
• Added parameter to participants query (merge request)
• Rename timeline event note's validation error message (merge request)
• Remove tmp idx null project namespace id (merge request)
• Hide subgroup milestones on Roadmap when filtered by group (merge request) GitLab Enterprise Edition
• Remove unused updated_state_by_user_id from merge_request_reviewers (merge request)
• Add index on internal notes (merge request)
• Remove multiple iteration cadences license check (merge request) GitLab Enterprise Edition
• Check feature flag in bulk imports API for consistency (merge request)
• Enable auditor access to group runners (merge request)
• GitLab Version - Increase cache life (merge request)
• Adds last downloaded date to package registry UI (merge request)
• Drop tmp_index_user_callouts_on_attention_request_feature_names (merge request)
• Clean up successful experiment promote_mr_approvals_in_free (merge request)
• Add iteration to Issues Analytics table by @ali_o_kan (merge request) GitLab Enterprise Edition
• Finalize member namespace id cleanup (merge request)
• Remove allow non-blocking member refresh feature flag (merge request) GitLab Enterprise Edition
• Ignore fingerprint column on sbom_sources (merge request)
• Clean up read_package_policy_rule feature flag by @wwwjon (merge request)

Removed (18 changes)

• Remove contraint check_508774aac0 (merge request)
• Remove default_scope for the Event model (merge request)
• Drop free user cap columns from namespace settings (merge request)
• Remove FF override_group_level_protected_environment_settings_permission (merge request)
• Remove Feature Flag for artifacts reports junit (merge request)
• Geo Sites - Remove Current Site Badge (merge request) GitLab Enterprise Edition
• Revert "Merge branch 'pages-lets-encrypt-ecdsa' into 'master'" (merge request)
• Remove incident_resource_links_widget feature flag (merge request) GitLab Enterprise Edition
• Delete remove invalid member migrations (merge request)
• Drop index on ci_builds_metadata (merge request)
• Remove unused partial (merge request)
• Remove unused VSA label_ids param (merge request) GitLab Enterprise Edition
• Remove WorkItemUpdateWidgets mutation from GraphQL API (merge request)
• Remove application limits for Jira import (merge request)
• Remove global_search_custom_slis feature flag (merge request)
• Remove contribution_analytics_optimized_base_query (merge request) GitLab Enterprise Edition
• Remove unused experience_level DB column (merge request)
• Remove legacy memory killer (merge request)

Security (19 changes)

• Fix CVE-2022-32149 in workhorse dependency (merge request)
• Validate the scheme of project import URLs (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Fixes XSS in widget extensions (merge request)
• Redact user's private email in group member event webhook (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Manually sync canonical to security (merge request)
• Fix conflict between canonical and security (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Prevent serialization of sensible attributes from JsonCache by @jbobadilla-ext (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Forbid creating a tag using default branch name (merge request)
• Add security protection for Github (merge request)
• Redact secrets from WebHookLogs (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)

Performance (19 changes)

• Avoid query for next page check (merge request)
• Refactor BitBucket importer (merge request)
• Nullify and delete some user associations in batches (merge request)
• Nullify merge request metrics user in batches on user deletion (merge request)
• Nullify merge request and user associations in batches on user deletion (merge request)
• Removing feature flag config files (merge request)
• Fix N+1 when loading labels on issue, epic, mrge_request lists (merge request)
• Fix labels N + 1 query in WorkItemsResolver (merge request)
• Remove n+1 queries for participants policy checks (merge request)
• Fix votes N+1 when loading issues, epics, merge requests lists (merge request)
• Ensure primary key index is used for Geo::Replicable (merge request) GitLab Enterprise Edition
• Remove feature flags related to diff highlight expiration (merge request)
• Destroy unlocked and expired pipeline artifacts (merge request)
• Load all license details from Gitaly (merge request)
• Load all license details from Gitaly (merge request)
• Avoid N+1 in GraphQL WorkItemsResolver (merge request)
• Add delay during project authorizations refresh (merge request)
• Enable background closure of issues from commit messages (merge request)
• Fix Workhorse Redis Sentinel role checks (merge request)

Other (63 changes)

• Add logging for file variable expansion (merge request)
• Remove gitlab_shell_jwt_token feature flag (merge request)
• Deploy tiers named nonprod no longer marked as production (merge request)
• Remove FF gl_listbox_for_sort_dropdowns (merge request)
• Remove duplicated read_confidential_notes policy (merge request)
• Drop index_notes_on_note_gin_trigram index where exists (merge request)
• Add diagnostic reports uploader (merge request)
• Clean up legacy Gitaly Wiki RPCs in Rails (merge request) GitLab Enterprise Edition
• Add message and importer type to logs (merge request)
• Update task system note background migration batch sizes (merge request)
• RuboCop: Enable previously disabled Rails/ActiveRecordCallbacksOrder by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/SoleNestedConditional by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/InverseOf by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/RedundantForeignKey by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/KeywordParametersOrder by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/NumericLiteralPrefix by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/IndexWith by @edith007 (merge request)
• Add bulk_import_id to bulk_import logs (merge request)
• RuboCop: Enable previously disabled Style/SingleArgumentDig by @edith007 (merge request)
• Use bulk_import_entity_id in all logs (merge request)
• Prepare partial non-latin index for issues (merge request)
• Remove incident_timeline feature flag (merge request)
• Enable wiki feature flags by default (merge request)
• Ignore column with typo on NamespaceDetails (merge request)
• Remove the about your company feature flag and commit code (merge request) GitLab Enterprise Edition
• Remove block_emails_with_failures feature flag (merge request)
• Removes the gl_avatar_for_all_user_avatars FF (merge request)
• Remove the non supported google_client_email (merge request)
• Remove background trial application feature flag (merge request)
• Remove the FF ci_project_pipeline_config_refactoring (merge request)
• Add snowplow event tracking to group imports (merge request)
• Add columns for package forward cascade settings (merge request)
• Update profile page buttons to pajamas (merge request)
• Increase branch expiry from 10 minutes to 60 (merge request)
• Revert "Merge branch '371986-introduce-ff' into 'master'" by @kwiebers (merge request)
• Bump Gitlab Shell to v14.12.0 (merge request)
• Remove unused members awaiting index (merge request)
• Change card to Pajamas (merge request)
• RuboCop: Enable previously disabled Style/StringLiteralsInInterpolation by @edith007 (merge request)
• Validate entity type used in Gitlab Migration (merge request)
• Modifications to adding delay logic (merge request)
• Remove unnecessary card component (merge request)
• Remove orphan project bots (merge request)
• Remove FF ci_rules_changes_compare (merge request)
• Remove and add raw of ci-variables tables with new default (merge request)
• Ignore unused columns on requirements (merge request) GitLab Enterprise Edition
• Remove trace column from ci_builds table (merge request)
• Remove unused free user cap data feature flag (merge request) GitLab Enterprise Edition
• Limit the number of active jobs early in the pipeline creation (merge request) GitLab Enterprise Edition
• GraphQL fetch stage by id (merge request)
• RuboCop: Enable previously disabled Style/AccessorGrouping by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/EmptyMethod by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/FilePath by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/ExplicitBlockArgument by @edith007 (merge request)
• Use Gitlab UI empty state in Roadmap by @rajatgitlab (merge request) GitLab Enterprise Edition
• Cleanup task system note renaming background migration (merge request)
• RuboCop: Enable previously disabled Style/CaseLikeIf by @edith007 (merge request)
• RuboCop: Enable previously disabled Rails/HelperInstanceVariable by @edith007 (merge request)
• Add dashboard limit to enable free user management (merge request)
• Decommission BatchPopQueueing class (merge request)
• Remove create_approval_todos_on_mr_update FF (merge request)
• Add environment keyword to pages job by @edith007 (merge request)
• Remove feature flag ci_variables_refactoring_to_variable (merge request)

15.4.6 (2022-11-30)

Security (11 changes)

• Send resolved_address param to gitaly during repository import (merge request)
• Add size validation during nuspec file extraction (merge request)
• Cross-site scripting in Jira Integration (merge request)
• Protect web-hook secret tokens after changing URL (merge request)
• Redact secret tokens from web-hook logs (merge request)
• Prevent unauthorized users from seeing Release information on tag pages (merge request)
• Update after_import to expire cache before removing prohibited branches (merge request)
• Deny all package permissions when group access is restricted by IP (merge request)
• Redact user emails from project webhook data (merge request)
• Disallow local URls for build_runner_session if dictated by app setting (merge request)
• Prevent token bypass for extenal authorisation (merge request)

15.4.5 (2022-11-15)

Fixed (1 change)

• Revert Sidekiq default routing rules (merge request)

15.4.4 (2022-11-02)

Security (12 changes)

• Datadog API key leak by changing integration URL (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.4.3 (2022-10-19)

Fixed (4 changes)

• Sign in: use custom logo again (merge request)
• Fix closing of external issues (merge request)
• Sign in: use custom logo again (merge request)
• Fix REST/GRAPHQL APIs handling TODOs WorkItem target (merge request)

15.4.2 (2022-10-04)

Fixed (1 change)

• Ensure that stage name and record are in sync for page deployments (merge request)

15.4.1 (2022-09-29)

Security (15 changes)

• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.4.0 (2022-09-21)

Added (162 changes)

• Add git tags from last deployment to environment detail page (merge request)
• Background worker for suggested reviewers (merge request)
• Maven request forwarding (merge request)
• Add edited by information to GraphQL WorkItem type (merge request)
• RPM initial upload and package creation (merge request)
• Add codeOwnerReviewRequired to EE (merge request) GitLab Enterprise Edition
• Added REST APIs to fetch latest release and download release assets by @zillemarco (merge request)
• Add iterations cadences to Gitlab Migration (merge request) GitLab Enterprise Edition
• Expose user and group for branch protection access levels in EE (merge request) GitLab Enterprise Edition
• Add cluster_agent_id and image to GraphQL vulnerabilitySeveritiesCount (merge request) GitLab Enterprise Edition
• Add unique index to ci_builds_metadata (merge request)
• Add job field to ProjectType (merge request)
• Enable search option for environments (merge request)
• Added markdown support for solution (merge request) GitLab Enterprise Edition
• Support delivery of emails using Microsoft Graph API (merge request)
• Expose CI variable limits through GraphQL (merge request)
• Add checkbox supported by Autosave and autosave confidential in Issuable form by @ali_o_kan (merge request)
• Backfill namespace_id on issues table (merge request)
• Add issue resource_iteration_events to Project Import/Export (merge request) GitLab Enterprise Edition
• Enabling feature flag immediate_delete_subgroup_api by default (merge request)
• Add harbor registry tags page by @orozot (merge request)
• Add the resource state events REST API endpoint for epics (merge request) GitLab Enterprise Edition
• Add last_downloaded_at to packages (merge request)
• Documentation of Move to start/end of list actions (merge request)
• Add monthly count_user_auth metric (merge request)
• Add auth_type to jwt controller tokens (merge request)
• Add column to store over user limit notification status (merge request)
• Domain Verification MVC (merge request) GitLab Enterprise Edition
• Add default project for epics (merge request) GitLab Enterprise Edition
• Extend packages project policy to consider access level by @wwwjon (merge request)
• Add system note service for resource links (merge request)
• Add group shares in group transfer locations API (merge request)
• Removes group_ip_restrictions_allow_global feature_flag (merge request)
• GraphQL query for last and upcoming deployment (merge request)
• Add clear status after dropdown to profile set status form (merge request)
• Migrate merge request review_requested/removed events (merge request)
• Memoize search_environments finder (merge request)
• Add state field to environments varchar name index (merge request)
• Add version sort to tags API (merge request)
• Show better errors from GraphQL on Releases (merge request)
• Debian Acquire-By-Hash (to avoid Hash Sum Mismatch errors) by @sathieu (merge request)
• Add cube proxy API request (merge request)
• Adds endpoints for MLFlow client Run entity (merge request)
• Optimize the pending todos check query (merge request)
• Load more for task assignees when user scrolls (merge request)
• Add pushAccessLevels to graphql endpoint (merge request)
• Add mergeAccessLevels to graphql endpoint (merge request)
• Support variable expansion on environment auto_stop_in (merge request)
• Add dismissal_reason to StateTransitions (merge request)
• Add branchProtection under project.branchRules in graphql endpoint (merge request)
• Updates container registry project settings (merge request)
• Add support for semantic versioning tags sort (merge request)
• New GraphQL mutation for dismiss security finding (merge request) GitLab Enterprise Edition
• Add rpm package type (merge request)
• Update groups api to accept parameter for ip_restriction_range (merge request) GitLab Enterprise Edition
• Allow users to filter issues by health status (merge request)
• Moved assignees to work_items feature flag (merge request)
• Add support for Google CDN (merge request)
• Use ListCommits rpc to fetch context commits by @akumar1503 (merge request)
• Create international phone input component in Vue (merge request) GitLab Enterprise Edition
• Create ultimate feature removal banner (merge request)
• Add basic DORA configuration model (merge request)
• Autosave due_date in Issuable form by @ali_o_kan (merge request)
• Remove not allowed epics properties from issue CSV export (merge request) GitLab Enterprise Edition
• Add View entire blame button (merge request)
• Support … and … syntax math in markdown (merge request)
• Add integration status area to the agent details (merge request) GitLab Enterprise Edition
• Add support for sorting project and group members Graphql resolvers (merge request)
• Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
• Add count field to the GraphQL EpicConnection type (merge request) GitLab Enterprise Edition
• Add instrumentation for MAU visiting environments pages (merge request)
• Add edit confirmation popover in sidebar dropdown widget (merge request) GitLab Enterprise Edition
• Adding graphQL parameters for move to start and end for boards (merge request)
• Autosave weight in Issuable form by @ali_o_kan (merge request) GitLab Enterprise Edition
• Move embedded Zoom calls to Linked Resources (merge request) GitLab Enterprise Edition
• Allow the creation of scan result policies (merge request) GitLab Enterprise Edition
• Add ArtifactDestroy GraphQL mutation by @leetickett (merge request)
• Introduce backend updates for toggle of diff preview by @joe-snyder (merge request)
• Add a search bar to the list of assigned projects (merge request)
• GraphQL: Add resolver to runner projects (merge request)
• Add partition_id column to selected CI database tables (merge request)
• Adds first endpoints for MLFlow Integration (merge request)
• Add index to todos the improve query performance (merge request)
• Graphql query for environment information (merge request)
• Allow admins to merge topics [API] by @wwwjon (merge request)
• Add autosave on design notes (merge request)
• Add new Katalon ci/cd template for partnership program by @philip.becker (merge request)
• Add JobArtifactsDestroy GraphQL mutation by @leetickett (merge request)
• Default-enable Pipeline Wizard for pages (merge request)
• Add a work item widget for iteration (merge request) GitLab Enterprise Edition
• Expose dates where DORA data is missing (merge request) GitLab Enterprise Edition
• Rollout shimo integration by @icbd (merge request)
• Add streaming audit event for work item and MR deletion (merge request)
• Add mutation to move to start / end of board lists (merge request)
• Migration for creating ghost_user_migrations table (merge request)
• Add pipelined Redis commands to performance bar (merge request)
• Add hasEpic to issue type (merge request) GitLab Enterprise Edition
• Add id, size and expiry to GraphQL Job Artifact by @leetickett (merge request)
• Make Short Sha in Deployments Page a Link (merge request)
• Add harbor registry list page by @orozot (merge request)
• Monitor memory growth in memory-watchdog (merge request)
• Enable escape_gitaly_refs by default (merge request)
• Add Debian endpoints for Sources by @sathieu (merge request)
• Add Debian endpoints for D-I Packages by @sathieu (merge request)
• Add support for task item status tooltip (merge request)
• Support Group Avatar Removal in REST API by @tuxtimo (merge request)
• Align namespace of DeployAccessLevel model (merge request)
• Show epics blocking info on list & boards (merge request) GitLab Enterprise Edition
• Create API endpoint to update a protected environment (merge request) GitLab Enterprise Edition
• Add work item weight widget subscription (merge request)
• Add security finding dismiss service (merge request) GitLab Enterprise Edition
• Add branchRules to project in graphql endpoint (merge request)
• Introduce etag caching for diff batches endpoint (merge request)
• Set forked source cost factor to .008 (merge request) GitLab Enterprise Edition
• Add auto_ban_user_on_excessive_projects_download to group settings (merge request)
• Support GraphQL subscription for weight update (merge request) GitLab Enterprise Edition
• Utilize dormant user period in application settings by @joe-snyder (merge request)
• Extend deployments graphql query for index page (merge request)
• Add resource events to Import/Export (merge request) GitLab Enterprise Edition
• Add sorting/filtering/paging to CRM organizations by @leetickett (merge request)
• Add helper method to prevent default action on submit in feature specs by @mehulsharma (merge request)
• Backfill values for cluster_agents.has_vulnerabilities (merge request)
• Display health status on issue board cards (merge request)
• Adds a Cleanup class for unused still-active Personal Access Tokens (merge request)
• Relate BroadcastMessage and Namespace models (merge request)
• Adds CiConfigVariableType to ProjectType (merge request)
• Update Import/Export for iterations cadences (merge request) GitLab Enterprise Edition
• Record cache data about api/web cache helpers (merge request)
• Add clusterAgent.vulnerabilityImages to GraphQL API (merge request) GitLab Enterprise Edition
• Allow to specify the fields to search for when querying work items (merge request) GitLab Enterprise Edition
• Support lowercase query string status (merge request)
• Add new instance setting to UI and controller (merge request)
• Support Project Avatar removal in REST API by @tuxtimo (merge request)
• Add external_url field to Environment GraphQL Type by @Taucher2003 (merge request)
• Introduce REST API for group transfer locations (merge request)
• Show alert for email exposure for service desk (merge request)
• Add work type icon to boards and color gray for icons (merge request)
• Implement Vuln Scanner reportTypeHumanized for easier frontend use (merge request) GitLab Enterprise Edition
• REST API for project transfer locations (merge request)
• Re-introduce manual iteration management (merge request) GitLab Enterprise Edition
• Add GraphQL query for deployment details (merge request)
• Add auto_ban_user_on_excessive_projects_download to application settings (merge request)
• Add support for snippet spam (merge request)
• Added loading state to "Commit changes" button in the single file editor by @payal-jain (merge request)
• Allow admins to merge topics [frontend] by @wwwjon (merge request)
• Fetch child epics with colour when FF is enabled (merge request) GitLab Enterprise Edition
• Thread Google Chat messages by topic by @csarva (merge request)
• Add query string filtering (merge request)
• Add Vulnerabilities Finding Create Issue mutation (merge request) GitLab Enterprise Edition
• Add selected state for ellipsis button in last commit (merge request)
• Set public open source cost factor to .5 (merge request) GitLab Enterprise Edition
• Add GraphQL query for deployments (merge request)
• Support line chart for DORA charts (merge request) GitLab Enterprise Edition
• Add GraphQL custom emoji schema, flagged (merge request)
• Provide ability to move a board card to the top/bottom of the list (merge request)
• Enables track_work_items_activity feature flag by default (merge request)
• Add GraphQL sort/filter/page crm organizations by @leetickett (merge request)
• Track CI/CD Tunnel usage (merge request)
• Add present on default branch to project_id_and_id_active_cis index (merge request)
• Log JWT authentication failures (merge request)
• Show tooltip on hover on work item icons (merge request)
• Add Iteration Cadences to Group Import/Export (merge request) GitLab Enterprise Edition

Fixed (163 changes)

• Remove vulnerability approval rules (merge request) GitLab Enterprise Edition
• Fix default date timezone for VSA (merge request)
• Fixing Deduplication of ProcessSyncEventsWorkers (merge request)
• List groups from group shares on project transfer (merge request)
• Remove extra padding on every 8th participant in sidebar (merge request)
• Handle large offset more gracefully (merge request)
• Show add button when user has sufficient permissions (merge request) GitLab Enterprise Edition
• Don't show View entire blame button for a single blame page (merge request)
• Resolve web hook edit page timeout (merge request)
• Fix selective code owner removals by @leetickett (merge request)
• Fix gitaly ref replication on project fork (merge request)
• Add a new ability for reading billable members (merge request) GitLab Enterprise Edition
• Fill missing dates on VSA duration chart (merge request) GitLab Enterprise Edition
• Resetting form doesn't affect submit button (merge request)
• Fix group IP allowlist update bug (merge request) GitLab Enterprise Edition
• Fix 500 error sorting merge requests with approvers by milestone (merge request)
• Show test reports immediately on pipeline tests tab (merge request)
• Improve fast-forward merge service reliability (merge request)
• Fixes spacing for issue widgets (merge request) GitLab Enterprise Edition
• Fix feature flag link in related feature flags (merge request) GitLab Enterprise Edition
• Fixes spacing for design management (merge request)
• Fix json payload for external status check feature (merge request) GitLab Enterprise Edition
• Fix group name in memberships export email (merge request) GitLab Enterprise Edition
• Prevent error when user has approved the merge request by @batu (merge request)
• Fix: locale issues on repository settings by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Create authroizations record for personal projects (merge request)
• Remove search bar from project/group hook log pages (merge request)
• Fix: milestones sidebar locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Geo: Avoid runaway queue growth (merge request) GitLab Enterprise Edition
• Use distinct location fingerprints for manually created vulnerabilities (merge request) GitLab Enterprise Edition
• Add flex wrap tp prevent aws logo from overflowing by @beverett (merge request)
• Add db fixtures for providers (merge request) GitLab Enterprise Edition
• CI npm template: Fix comparison of pre-release versions by @the_s (merge request)
• Update the Changes tab with the real file count when it loads (merge request)
• Override ancestor icon background for dark mode (merge request)
• Use first day of week in roadmap (merge request) GitLab Enterprise Edition
• Prevent outdated manual deployment jobs from being ran (merge request)
• Remove unintended "#" from push_to_merge_request_email (merge request)
• Fix trial applying bug in .com (merge request) GitLab Enterprise Edition
• Fix paste markdown feature in Content Editor (merge request)
• Improve VSA edit modal responsiveness (merge request) GitLab Enterprise Edition
• Give blob header buttons correct spacing (merge request)
• Fix GitHub import un/assigned events (merge request)
• Fix deploy freezes when period overlaps with itself (merge request)
• Hide Auto DevOps button on the project page (merge request)
• Show visibility level when creating subgroup (merge request)
• Remove hidden checkboxes when not needed (merge request)
• Ensure the VSA duration chart renders all dates (merge request) GitLab Enterprise Edition
• Fix: pipeline reports missing secret detection report by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Fix: repository analytics time rendering locale issue by @JeremyWuuuuu (merge request) GitLab Enterprise Edition
• Geo: Realign concurrency limits (merge request) GitLab Enterprise Edition
• This MR fixes bug with missing banner (merge request)
• Fix environment auto stop in assignment when former value present (merge request)
• Fix: locale on reviewer sidebar by @JeremyWuuuuu (merge request)
• Fix sha argument passing of ProjectType.ci_config_variables (merge request)
• Sort timeline events by occurred_at then by id (merge request)
• Return 0 when credit_card_validation.holder_name is nil (merge request)
• Fix: locale on assignee sidebar by @JeremyWuuuuu (merge request)
• Fix padding for text editors (merge request) GitLab Enterprise Edition
• Switch 'b' shortcut to not ever focus or click an in-page element (merge request)
• Fix boards switcher for unauthorized user (merge request)
• Fix subgroup support for approval rules (merge request) GitLab Enterprise Edition
• Handling Database Timeouts in gitlab:db:truncate_legacy_tables:* (merge request)
• Fix: new compare merge request locale issues by @JeremyWuuuuu (merge request)
• Removed detached prefix from mr pipelines by @leetickett (merge request)
• Prevent race condition when jobs acquire resource groups (merge request)
• Invalidate the merge request cache when assignee/reviewer changes (merge request)
• Fix stage name escaping in pipeline views by @fabsrc (merge request)
• Fix wrapping in source files (merge request)
• Call .length rather than .size so another query isn't executed (merge request)
• Trigger hooks when updating assignees via GraphQL (merge request)
• Multiline blockquote leading/trailing newline (merge request)
• Update region codes on gtag analytics (merge request)
• Fix oauth password to not be forced to be lowercase by @mtan-gitlab (merge request)
• Update squash commit SHA outside of merge method (merge request)
• Fix visual regression in top toolbar (merge request)
• Improve toolbar performance (merge request)
• Clean up orphaned invited members
• Fix parsing commit trailers without specified email (merge request)
• Fix link bubble menu bug (merge request)
• Remove any broken symlink before creating it for .gitlab_shell_secret (merge request)
• Use FIFO as pending builds strategy for group runners by @wwwjon (merge request)
• Fix 500 error for Commits API (merge request)
• Fixed note buttons spacing on issues by @zillemarco (merge request)
• Fix markdown tabs alignment on issue/MR create pages (merge request)
• Geo: Fix redirects of LFS transfer downloads (merge request) GitLab Enterprise Edition
• Fixes todo button in sticky header not working (merge request)
• Fix start_line/end_line link values (merge request) GitLab Enterprise Edition
• Fix page javascript after a deploy token got created (merge request)
• Fix for broken tag/branch switcher (merge request)
• Use dynamic select dropdown on forks form (merge request)
• Fix/Add css selector by @TrueKalix (merge request)
• Fix/Add css selector by @TrueKalix (merge request)
• Enable geo_batch_count feature flag (merge request) GitLab Enterprise Edition
• Save repository size limit set in admin group page correctly (merge request) GitLab Enterprise Edition
• Fix incorrect job artifacts expire_at (merge request)
• Fix language mapping in the Source Viewer (merge request)
• Fix SVGs not rendering in issuables (merge request)
• Do not prefill new form again with successfully created deploy token (merge request)
• Fix custody report CSV for projects inside subgroup (merge request) GitLab Enterprise Edition
• Fix not showing "job dependencies" view when all jobs are bridges (merge request)
• Fix 'Assign yourself' visibility for users without permissions by @zillemarco (merge request)
• Fix missing metadata for system notes (merge request)
• Fix: issue list assignees label translation by @JeremyWuuuuu (merge request)
• Board card location row breaks incorrectly fix (merge request)
• Add screen reader only text to content editor dropdowns (merge request)
• Handle the exception in case of large yml (merge request) GitLab Enterprise Edition
• Fix empty state MR pipeline run (merge request)
• Fix: merge request editing page wrong translations by @JeremyWuuuuu (merge request)
• Update 2FA requirements async for group members (merge request)
• Add missing runner variables to predefined list by @bbodenmiller (merge request)
• Fix search_files_by_name escaping names twice (merge request)
• Automatically remove leading spaces in project names (merge request)
• Fix clear icon alignment (merge request)
• Prevent invalid characters from causing diffs to error out (merge request)
• Removing mixin from mr widget pipeline (merge request)
• Alter when to send releasedAt when release created (merge request)
• Fix broken UI text in selector in dashboard milestones by @tnir (merge request)
• Ensure the VSA form loading state is rendered (merge request) GitLab Enterprise Edition
• Fix hash order issue test in DORA reducer (merge request) GitLab Enterprise Edition
• Improve the performance of bubble menus (merge request)
• Fix missing project for included remote file including with rules:exists (merge request)
• Fix NoMethodError in IssueResolverArguments (merge request)
• Include reserved report_approvers rule names as (merge request) GitLab Enterprise Edition
• Fix board sidebar links color (merge request)
• Fix hardcode text on new branch page by @icbd (merge request)
• Fix nested ordered task list styling in issue description (merge request)
• Add gray color on component icon to fix all use cases (merge request)
• Fix fetching epics when changing sort option (merge request)
• Fix timelog type policy check by @leetickett (merge request)
• Remove extra space after dismissing free cap alert (merge request) GitLab Enterprise Edition
• Localize dateformat text (merge request)
• Improve blame link feature (merge request)
• Skip file removal if GitLab managed replication is disabled (merge request) GitLab Enterprise Edition
• Fixed fullPath for assignees and labels (merge request)
• Open task in new window when doing ctrl/cmd+click (merge request)
• Upgrade three.js dependency (merge request)
• Fix issue searches using Russian characters (merge request)
• Fix: untranslated merge request consent box by @JeremyWuuuuu (merge request)
• Remove redundant class name from group template by @tnir (merge request)
• Added lowercase to the actual con-reg api call (merge request)
• Fixed alignment of MR activity dropdowns on mobile by @zillemarco (merge request)
• Handle all uploads instead of a hardcoded list (merge request)
• Bypass earliest date validation in importing of iteration cadences (merge request) GitLab Enterprise Edition
• Fix Geo removing uploads on object storage (merge request) GitLab Enterprise Edition
• Set all attachments to Content-Type application/octet-stream (merge request)
• Do not update approval rules for merge request (merge request) GitLab Enterprise Edition
• Rake Task gitlab:db:lock_writes more efficient (merge request)
• Update subscription service for new hashed OAuth tokens (merge request) GitLab Enterprise Edition
• Ignore accents in search term when searcing issues (merge request)
• Update Oj to v3.13.21 (merge request)
• Make compliance report email html_safe (merge request)
• Quick fix for the move to position (merge request)
• Fix Redis pipeline/multi-exec deprecation errors (merge request)
• Geo: Fix registry backfilling (merge request) GitLab Enterprise Edition
• Fix user recent activity links for work item actions (merge request)
• Restore transaction block while extracting sync (merge request) GitLab Enterprise Edition
• Fix issue description list item reordering indentation (merge request)
• Fix boards alignment and dark mode issues (merge request)
• Fix visual bugs from !95073 (merge request)
• Fix CI/CD legacy variables fetching group projects (merge request)
• Hide copy failed tests button when endpoint returns null files (merge request)
• Fix detection of URLs in markdown selection (merge request)

Changed (167 changes)

• Rename last_run_date to next_run_date (merge request)
• Update pg_query to v2.1.4 (merge request)
• Convert issues analytics table to graphql by @ali_o_kan (merge request) GitLab Enterprise Edition
• Hash Oauth application secrets (merge request)
• Fix: notify locale on new user email by @qt-gith (merge request)
• Cleanup attention request related system notes (merge request)
• Remove temp index group membership namespace id (merge request)
• Add graphql feature flag for job_app (merge request)
• Account for inherited runners in RunnerPolicy (merge request)
• Allow job token configuration while disabled by @ali_o_kan (merge request)
• Use a stacked layout for runners list (merge request)
• Adjust codequality inline severity icon (merge request) GitLab Enterprise Edition
• Add project harbor registry feature flag by @orozot (merge request)
• Fix: notify locale on pipeline fixed email by @qt-gith (merge request)
• Hide information for blocked user in popover (merge request)
• Add new MR environment auto-stop logic (merge request)
• Add epoch column to rpm metadata (merge request)
• Merge branch '359067-rename-package-files-to-assets' into 'master' (merge request)
• Add bot badge in user list for admins (merge request)
• Issuable title updates no longer update last_edited values (merge request)
• Move Google IP fetch into a separate service with rate limiting (merge request)
• Fix: notify locale on remote mirror update failed email by @qt-gith (merge request)
• Enable restyle_login_page by default (merge request)
• Changed draft text by @mehulsharma (merge request)
• Use default project for epic issue creation (merge request) GitLab Enterprise Edition
• Add bot badge in project and group member lists (merge request)
• Feat(Subscripion activation): add error handling (merge request) GitLab Enterprise Edition
• Adds redirection when cleanup policy is saved (merge request)
• GraphQL Max Call field extension (merge request)
• Update SubscriptionUpgradeInfoCard title when group is in a trial (merge request) GitLab Enterprise Edition
• Move file editor CSS to its own page bundle (merge request)
• Remove the markdown_corrected_blockquote (merge request)
• Unlock CI pipeline artifacts when pipeline is unlocked (merge request)
• Updated show work item page title (merge request)
• Remove exess buttons (merge request)
• Update default initializer value for Sidekiq routing_rules (merge request)
• Update Service Desk settings help text (merge request)
• Update Service Desk settings help text (merge request)
• Mass update legacy Slack integrations (merge request)
• Update third party login styles (merge request)
• Narrow the definition of an OSS contribution (merge request)
• Allow to sort tags by semantic version (merge request)
• Splits feature flag for removing note attributes (merge request) GitLab Enterprise Edition
• Rename last_used_before scope to last_used_before_or_unused by @TrueKalix (merge request)
• Add prefix comment on note in backend (merge request)
• Update license compliance docs (merge request) GitLab Enterprise Edition
• Add setting for max pages custom domains per project (merge request)
• This MR enables feature flag (merge request) GitLab Enterprise Edition
• Simplify primary navigation bar and align global search to the left (merge request)
• Simplify primary navigation by removing infrequently used options (merge request)
• Removed vuln training message (merge request) GitLab Enterprise Edition
• Removed and-Separators with comma-separators by @anshulriyal (merge request)
• Cleanup «New tag» page (merge request)
• Pipeline job pill alignment (merge request)
• Update controller update to allow clean MD render (merge request)
• Lower the default Rails.cache ttl to 8 hours (merge request)
• Improve account limit settings text (merge request)
• Update dependency auto-deploy-image to v2.37.0 (merge request)
• Improve UI text of FloC setting (merge request)
• Fix: notify locale on push to merge request email by @qt-gith (merge request)
• Remove extra whitespace in buildkite.rb (merge request)
• Update group runners Edit page look and feel (merge request)
• Update removal date in clusters deprecation alert (merge request)
• Replace the term homepage with dashboard (merge request)
• Dropzone: Change border-radius to default radius (merge request)
• Call update_web_hook! for buildkite when ensuring ssl validation (merge request)
• Update copy text for self metrics toggle (merge request)
• Add locked column to Ci::PipelineArtifact (merge request)
• Advanced Search: Index label_ids for issues (merge request) GitLab Enterprise Edition
• Remove after_save callback to create integration webhooks (merge request)
• Replace Wiki service find_page RPC by normal repository RPCs (merge request)
• Add column 'branch_filter_strategy' to 'web_hooks' by @luzhiyuan.deer (merge request)
• First pass legacy license compliance widget removal (merge request) GitLab Enterprise Edition
• Remove file edit actions from blame view (merge request)
• Fix: notify locale on resolved all discussions email by @qt-gith (merge request)
• Handle 429 response for the integration testing (merge request)
• Improve bulk issue creation on epics (merge request) GitLab Enterprise Edition
• Limit number of branches/tags loaded from Gitaly (merge request)
• EE Group Settings General headers expand on click by @quatauta (merge request) GitLab Enterprise Edition
• Fix case of DAST UI text (merge request) GitLab Enterprise Edition
• Fix migration type (merge request)
• Update packages registries menu as sentence case by @parkourkarthik (merge request)
• Allow tokens with any scope to use the self-revocation API by @fabsrc (merge request)
• Update Runner UI badges (merge request)
• Add days as unit to VSA duration chart (merge request) GitLab Enterprise Edition
• Do not show revoke button if revoke_path is absent (merge request)
• Change code block border-radius to default (merge request)
• Hide mirror repos list when not available by @parkourkarthik (merge request)
• Modify scope to avoid table join (merge request)
• Conclude the combined registration experiment (merge request) GitLab Enterprise Edition
• Cleans up the edit form for issuables (merge request)
• This MR adds warning modal for unsaved changes (merge request) GitLab Enterprise Edition
• Destroy invalid project members (merge request)
• Update successful plan purchase message and variant (merge request) GitLab Enterprise Edition
• Remove s3_omit_multipart_urls feature flag (merge request)
• Feat: Increase stats margin on the project home page by @nadia_sotnikova (merge request)
• Add vulnerability_advisories and vulnerable_component_versions tables (merge request)
• Update blocking issues system note text (merge request) GitLab Enterprise Edition
• Refactored time tracking widget to be more reactive by @zillemarco (merge request)
• Use the standard dynamic segment for Debian packages by @sathieu (merge request)
• Add similar credit cards counts to external PVS payload (merge request)
• Edit profile tooltip for style compliance (merge request) GitLab Enterprise Edition
• Reset access token form selectively (merge request)
• Show an additional warning text on SaaS for removing license (merge request) GitLab Enterprise Edition
• Change text Elasticsearch to OpenSearch in AWS search service config (merge request) GitLab Enterprise Edition
• Update stackprof to v0.2.21 (merge request)
• Hide Register Runner button when user is not permitted to do the action (merge request)
• Update case for Manually added text (merge request) GitLab Enterprise Edition
• Show deployment approval options for read access (merge request)
• Always show deployment approval options (merge request) GitLab Enterprise Edition
• Updates UI for package duplicate settings (merge request)
• Clarify lifetime setting that affects all tokens (merge request) GitLab Enterprise Edition
• Add environment tier to allowed agents API response (merge request)
• Removes spacing from system note (merge request)
• Hide create project tile for some users (merge request)
• Remove FF for seat count usage alerts (merge request) GitLab Enterprise Edition
• Adds skeleton loader to Usage Quotas Seats page (merge request) GitLab Enterprise Edition
• Expose ci_job_token_scope_enabled in job API by @paulbry (merge request)
• Remove the Show Details button for Deployments (merge request)
• Changes column width on package side by side settings (merge request)
• Update tabs line-height to match Pajamas (merge request)
• Event type information in saml auth audit event stream (merge request) GitLab Enterprise Edition
• Extend approvers_select component to group level (merge request) GitLab Enterprise Edition
• Updated copy around tasks (merge request)
• Move Slack Events code to EE (merge request) GitLab Enterprise Edition
• Add description_html to SecurityReportFindingType (merge request) GitLab Enterprise Edition
• Update Puma to v5.6.5 (merge request)
• Disallow the rebase without pipeline on certain settings (merge request)
• Rename existing task system notes (merge request)
• Dont generate pipeline reports if the base pipeline is not complete (merge request)
• Add generic cost factor logging (merge request) GitLab Enterprise Edition
• Update error message (merge request) GitLab Enterprise Edition
• Update breadcrumbs of packages and registries under settings by @parkourkarthik (merge request)
• Add prefix to trigger tokens (merge request)
• Remove execute_build_hooks_inline feature flag (merge request)
• Autocomplete dropdown optimization (merge request)
• Fix canary badge styling (merge request)
• Enable async_after_approval feature flag (merge request)
• Combine sort and filter into one dropdown (merge request)
• Use static terraform-images version in Terraform template (merge request)
• Don't create EE::Member audit events when there is no change (merge request) GitLab Enterprise Edition
• Update haml-lint to v0.40.1 (merge request)
• Highlight runner name and move locked icon (merge request)
• Update thrift to v0.16.0 (merge request)
• Use ProtectedBranch service to destroy the branch (merge request)
• Extract 'read_package' rule into separate policy by @wwwjon (merge request)
• Remove self managed wiki notes (merge request)
• This MR adds schedule rule component (merge request) GitLab Enterprise Edition
• Change the way autoclosing issues is checked (merge request)
• Reduce header and footer height of comments (merge request)
• Update redis gem to v4.7.1 (merge request)
• Update Cluster Managed project template (merge request)
• Redesign runners stats (merge request)
• Allow verification token when creation external audit event destination (merge request) GitLab Enterprise Edition
• Replace native date input field to GlDatePicker (merge request)
• Geo Replicables - Enhaced Empty States (merge request) GitLab Enterprise Edition
• Consolidate pipeline mini graph code (merge request) GitLab Enterprise Edition
• Move Group Push Rules to Settings/Repository (merge request) GitLab Enterprise Edition
• Query group descendants using comparison operators (merge request)
• Disable DAST profile name field when configured (merge request) GitLab Enterprise Edition
• Add job logs collection to Datadog Integration by @AdrianLC (merge request)
• Reorganize runner tags in runners table (merge request)
• Add support for MulanPSL-2.0 in license detection by @tnir (merge request)
• Destroy invalid group membership records (merge request)
• Allow Invite button to be enabled by default (merge request)
• Add skip_users as param for members rest api (merge request) GitLab Enterprise Edition
• Rename web_hooks service_id to integration_id (merge request)

Deprecated (5 changes)

• Deprecate draft quick action toggle (merge request)
• Add feature flag for /draft toggle (merge request)
• GraphQL: Deprecate RunnerMembershipFilter (merge request)
• Document CS environment variable deprecations (merge request)
• Deprecate security related confidence fields (merge request) GitLab Enterprise Edition

Removed (17 changes)

• Remove unused VSA aggregation DB columns (merge request)
• Analyzer consolidation in SAST CI template (merge request) GitLab Enterprise Edition
• Remove free user cap awaiting user logic (merge request)
• Remove nonexistent index from schema (merge request)
• Remove awaiting members from billable user finder (merge request) GitLab Enterprise Edition
• Put DAST Basic-auth option behind feature flag (merge request) GitLab Enterprise Edition
• Weekend migration for dropping an empty index (merge request)
• Remove pipeline insights experiment (merge request)
• Remove mr_attention_requests feature flag (merge request)
• Remove temporary todos index for attention request (merge request)
• Remove unused /scan_execution_policies internal API (merge request) GitLab Enterprise Edition
• Drop Project#build_coverage_regex (merge request)
• Remove other_role column from user_details (merge request)
• chore: Cleanup report_artifact_build_completed FF (merge request)
• Remove the use_vsa_aggregated_tables FF (merge request) GitLab Enterprise Edition
• Deprecations in SAST template (merge request)
• Remove tmp_index_merge_requests_draft_and_status (merge request)

Security (19 changes)

• No overriding methods for Sawyer class
• Optimize handling repositories with huge trees
• HTML escape the label background color
• Fix unauthorized GFM references in Incident Timeline
• Sandbox jupyter notebook HTML output
• Prevent long loops when generating suggested branch name
• Validate description length for snippets
• Prevent brute force vuln for Git over HTTP(S) requests
• Replaced smooshpack to fix the vulnerability in LivePreview
• Check for pathological markdown input
• Update package auth for group IP allowlist
• IDOR in Zentao integration issue show page
• Patch VULNDB-255039 (potential Rack cache poisoning)
• Don't show pipeline status
• Parse commit trailers without using regexp
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter
• Validate if values to be saved in Redis can be converted to string
• Enable SSL certification verification by default with Fog access (merge request)
• Update diffy to v3.4.2 (merge request)

Performance (19 changes)

• Optimize GraphQL next page check (merge request)
• Introduce rate-limiting for namespace exists API (merge request)
• Optimize contribution analytics queries (merge request) GitLab Enterprise Edition
• Broadly restrict downstream pipeline tree size (merge request)
• Remove ci_namespace_mirrors sync_children_namespaces (merge request)
• Remove Workhorse pubsub feature flags (merge request)
• Place trial creation on user registration in background (merge request) GitLab Enterprise Edition
• Speed up environments search (merge request)
• Refactor diff_view to include diff_line (merge request)
• Enable async project authroizations by default (merge request)
• Remove the feature flag remove_branch_caching_feature_flag (merge request)
• Add performance optimization for Insights queries (merge request)
• Introduce rate-limiting for namespace exists API (merge request)
• Place learn gitlab creation into background and measure (merge request) GitLab Enterprise Edition
• Prevent CounterJobWorker from exceeding 300 seconds (merge request)
• Fix N+1 in runner jobs API (merge request)
• Update container repositories migration index (merge request)
• Drop database_async_index_creation feature flag (merge request)
• Skip repository disconnect if project is pending delete (merge request)

Other (54 changes)

• RPM initial upload and package creation (merge request)
• Remove feature flags for tracking jetbeans and cli api requests (merge request)
• Helper to convert a table to its first partition (merge request)
• Workhorse: Bump gitaly version (merge request)
• RuboCop: Enable previously disabled Style/BarePercentLiterals by @edith007 (merge request)
• Enable FF ci_stop_expanding_file_vars_for_runners (merge request)
• Add internal column to notes (merge request)
• Clean up attention_requested states (merge request)
• Reschedule work_item_type backfill on issues (merge request)
• Disable ultimate for projects less than 1 MB in size (merge request)
• Remove duplicated % in sprintf (merge request)
• Update the Harbor registry doc by @zhaoqi01 (merge request)
• Remove FF group_level_protected_environment_settings_permission (merge request)
• Cleanup rebalance_issues feature flag (merge request)
• Quarantine flaky test in redis_interceptor_spec.rb (merge request)
• Remove find_epics_performance_improvement feature flag (merge request) GitLab Enterprise Edition
• Add menu headers in primary navigation dropdown (merge request)
• Remove redis caching for diff_batches endpoint (merge request)
• Update the Harbor registry doc by @zhaoqi01 (merge request)
• Remove unnecessary gl-alert-dismiss class (merge request)
• Add the Harbor registry doc by @zhaoqi01 (merge request)
• Remove GITLAB_LEGACY_BACKGROUND_UPLOADS (merge request)
• Remove user callouts that are related to attention request (merge request)
• Add not null constraint for board recent visits columns (merge request)
• Remove feature flag inactive_projects_deletion (merge request)
• Remove reads from ci_builds.stage (merge request)
• Improve error message while validating config/database.yml (merge request)
• Delete the FF ci_variable_for_group_gitlab_deploy_token (merge request)
• Geo: Remove geo_file_transfer_validation FF (merge request) GitLab Enterprise Edition
• Create partitioned security_findings table (merge request)
• Prevent updating requirement deprecated attributes (merge request) GitLab Enterprise Edition
• Finalize removal of incorrect issue indexes (merge request)
• Refactor Groups Rest API to use workhorse for avatar upload by @tuxtimo (merge request)
• Fix flaky tests in ee/spec/models/ee/group_spec.rb (merge request) GitLab Enterprise Edition
• Change copy on issues empty state for logged users by @pjjakubowska (merge request) GitLab Enterprise Edition
• Remove not null constraint for confidence columns (merge request)
• Add extended open issues index (merge request)
• Use the new mergeability check framework (merge request)
• Migrate cadence start date to automation start date (merge request)
• Cleanup old work item type id backfill on issues table (merge request)
• Vertically align the revoke button (merge request)
• Remove registry deploy_token feature flag (merge request)
• Remove code to limit inviting groups in hierarchy for free user cap (merge request)
• Use keyset pagination for Tags API (merge request)
• Rake Task to truncate Legacy tables on Main and CI Database (merge request)
• Remove the feature flag ci_docker_image_pull_policy (merge request)
• Move data-reference-type attribute into a constant (merge request)
• Improve how fields can bre preloaded for WidgetInterface (merge request)
• Avoid using group's web_url in issue_analytics QA by @tnir (merge request)
• Update trial alert to follow design system (merge request) GitLab Enterprise Edition
• Fix group authorization when searching epics (merge request) GitLab Enterprise Edition
• Drop unused security findings index (merge request)
• Improve specs with shared examples (merge request) GitLab Enterprise Edition
• Fix Style/Next offenses (merge request)

15.3.5 (2022-11-02)

Security (12 changes)

• Datadog API key leak by changing integration URL (merge request)
• Redact confidential references in Jira issue descriptions (merge request)
• Forbid reading emojis on internal notes (merge request)
• Same-site redirect vulnerability (merge request)
• BYPASS: Stored-XSS with CSP-bypass via scoped labels' color (merge request)
• Fix Running Upstream Pipelines Jobs Without Permission (merge request)
• Add length limit to addressable URLs (merge request)
• Add a redirect wall before artifact redirect to pages (merge request)
• Sandbox swagger-ui to prevent injection attacks (merge request)
• Fix external project permission when using CI prefill variables (merge request)
• Resolve users can view audit events from other members (merge request)
• Path traversal fix for Secure Files (merge request)

15.3.4 (2022-09-29)

Security (15 changes)

• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.3.3 (2022-09-01)

Fixed (5 changes)

• Skip file removal if GitLab managed replication is disabled (merge request) GitLab Enterprise Edition
• Geo: Fix redirects of LFS transfer downloads (merge request) GitLab Enterprise Edition
• Improve blame link feature (merge request)
• Bypass earliest date validation in importing of iteration cadences (merge request) GitLab Enterprise Edition
• Fix user recent activity links for work item actions (merge request)

15.3.2 (2022-08-30)

Security (17 changes)

• No overriding methods for Sawyer class (merge request)
• Update Oj to v3.13.21 (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.3.1 (2022-08-22)

Security (1 change)

• Validate if values to be saved in Redis can be converted to string (merge request)

15.3.0 (2022-08-19)

Added (147 changes)

• Added delete release audit event by @patnaikshekhar (merge request)
• Adds data models for ML Experiment Tracking (merge request)
• Allow access to project-level packages API with CI job token by @nejc (merge request)
• Add tooltip on task item confidential badge (merge request)
• Add recent events to group hooks (merge request) GitLab Enterprise Edition
• Add parent_full_path to GraphQL WorkItemType (merge request)
• Enable job log search (merge request)
• Update task item status icon & add tooltip support (merge request)
• Expose work item timestamps in GraphQL (merge request)
• Add sorting/filtering/paging to CRM contacts by @leetickett (merge request)
• Make fork targets searchable (merge request)
• Add MR Approvals to Project Import/Export (merge request)
• Add alpha detailed_mergeability_status attribute to graphql (merge request)
• Add documentation link for project and group insights (merge request) GitLab Enterprise Edition
• Add GraphQL epic list metadata weight (Alpha) (merge request) GitLab Enterprise Edition
• Add GraphQL timelog categories Alpha schema (merge request)
• Display SCIM identities in the identity table (merge request) GitLab Enterprise Edition
• Provide GraphQL API for select in fork form (merge request)
• Add Fortify on Demand (FoD) SAST template (merge request)
• Add GraphQL sort/filter/page crm contacts by @leetickett (merge request)
• Add support for owasp (merge request) GitLab Enterprise Edition
• Surface work item type in popovers, work item detail view, issue lists (merge request) GitLab Enterprise Edition
• Update task children icon and display count (merge request)
• Track CI build failures with Snowplow (merge request)
• Rollout Datadog logs collection (merge request)
• Update Web IDE tooltip (merge request)
• Add pause logic to Jira imports (merge request)
• Support conversion to and from manual cadence via API (merge request) GitLab Enterprise Edition
• Add support for updating task confidentiality (merge request)
• Add variables to RetryJob mutation (merge request)
• Add MR reviewers to Project Import/Export (merge request)
• Hash OAuth access tokens (merge request)
• Add Pumble integration by @vojko.pribudic (merge request)
• Add support for toggling contact/org states by @leetickett (merge request)
• Add internal API to fetch policies_configuration for agent (merge request) GitLab Enterprise Edition
• Implement mergeRequestSetReviewers mutation (merge request)
• Allow to merge topics [backend] by @wwwjon (merge request)
• Add cyclonedx to job validation schema (merge request)
• Pause batched migrations when WAL pending archive above a threshold (merge request)
• Add id_tokens field to ci_builds_metadata (merge request)
• Show inherited permission in protected environment (merge request)
• Add merge request assignees to Import/Export (merge request)
• Add async index on ci job artifacts (merge request)
• Add present on default branch to project_id, id index (merge request)
• Add CI_TEMPLATE_REGISTRY_HOST to predefined CI variables by @zhzhang93 (merge request)
• Add state transition entry (merge request) GitLab Enterprise Edition
• Create banner and tool tip (merge request) GitLab Enterprise Edition
• Add timestamp fields to project_statistics table (merge request)
• Add database migration to update deletion adjourned period (merge request)
• Add CI/CD setting for Run pipelines in the parent project (merge request)
• Add dormant user period setting to application settings by @joe-snyder (merge request)
• Add extra information to issue popover (merge request)
• Allow Linked items widget to be collapsible (merge request)
• Add comment to vulnerability_state_transitions (merge request)
• Merge branch 'feat/mr_webhooks' into 'master' (merge request)
• feat: Update SAST-IaC.lates template to support MR pipelines (merge request)
• Enable FF ci_rules_changes_compare (merge request)
• api: Expose merge request reviewers (merge request)
• Allow SE Vue component to install exts (merge request)
• Support updatable automatic scheduling start date (merge request) GitLab Enterprise Edition
• Add CreateFromFindings Service (merge request) GitLab Enterprise Edition
• Support the DORA data source from Insights (merge request) GitLab Enterprise Edition
• Add "Scroll to first failure" button (merge request)
• Allow deletion of deployments via the API (merge request)
• Add search box to artifacts dropdown (merge request)
• Add release link to the tag show page (merge request)
• Add author_id column to vulnerability_state_transitions table by @svdj (merge request)
• Add upgrade status filter for group runners (merge request) GitLab Enterprise Edition
• Replaced local mutation with real mutation (merge request)
• Remove the custom_headers_streaming_audit_events_ui feature flag (merge request) GitLab Enterprise Edition
• Display table of contents in content editor (merge request)
• Allow omniauth username claim to be configurable (merge request)
• Add Authentication options (merge request) GitLab Enterprise Edition
• Add the environment keyword CI/CD template (merge request)
• Enables mr_review_submit_comment by default (merge request)
• GraphQL: Add bulkRunnerDelete mutation (merge request)
• Add support for selective code owner resets by @leetickett (merge request)
• Add all protected branches option to project-level MR approval rules (merge request) GitLab Enterprise Edition
• Add without_projects parameter to Topics API by @wwwjon (merge request)
• Bulk delete package files (merge request)
• Add tracking of unique CI Tunnel interactions from KAS (merge request)
• Allow users to manage Owners via UI (merge request)
• Enable Changelog API commit limitation by default (merge request)
• Support filtering registries by verification status via GraphQL (merge request) GitLab Enterprise Edition
• Introduce project setting for enforcing auth check on image uploads (merge request)
• Add index for PAT filter by @TrueKalix (merge request)
• Exposed timelog categories through GraphQL by @zillemarco (merge request)
• Add cyclonedx report type (merge request) GitLab Enterprise Edition
• Backup/Restore Rake Tasks to support Decomposed Database (merge request)
• Create service to delete runners in bulk (merge request)
• GraphQL docs: Show descriptions for :alpha items (merge request)
• Support filtering registries by replication status via GraphQL (merge request) GitLab Enterprise Edition
• Add RedisCommands::Recorder to detect N+1 commmands in Redis (merge request)
• Event type info in group deploy token audit events (merge request) GitLab Enterprise Edition
• Clean up simulate_pipeline feature flag (merge request)
• Show warning when sharing public project with internal group (merge request)
• Added support for links to markdown file code lines by @zillemarco (merge request)
• Better Vuln Feedback pagination implementation per review (merge request) GitLab Enterprise Edition
• Add ProtectedBranches::CacheService for efficient caching (merge request)
• Index vulnerability reads on filter columns for group-level queries (merge request)
• Show runner projects description and ownership (merge request)
• Upgrade Pages to v1.62.0 (merge request)
• Allow to create tables with JSON (merge request)
• Add unique_project_download_limit_allowlist to namespace_settings (merge request)
• Add Snowplow database changes tracking (merge request)
• Add graphql mutation for deleting file uploads (merge request)
• Vuln Feedback optional pagination review suggestions (merge request) GitLab Enterprise Edition
• Add memory killer running jobs to prometheus (merge request)
• Warn before closing the Diffs if there's a pending batch review (merge request)
• Add models for customizable roles (merge request)
• Add project-link to vulnerability details (merge request) GitLab Enterprise Edition
• Added service to create timelogs by @zillemarco (merge request)
• Implement API to get details of pipelines within a schedule (merge request)
• Make query nesting for the insights YAML (merge request) GitLab Enterprise Edition
• Arrange the indices and PK of security_findings table (merge request)
• Create and edit releases for tags with new form (merge request)
• Add validation to Default Branch Image when parsing CS vulnerability (merge request) GitLab Enterprise Edition
• Add account age to MR experience survey (merge request)
• DOMPurify: Allow links target attribute securely (merge request)
• Initial add of indeterminate checkboxes to GLFM (merge request)
• Add ability to delete deployments via the API (merge request)
• Add ability for group owner to unban banned users in a group (merge request) GitLab Enterprise Edition
• Implement Vuln Feedback count route to enable intelligent pagination (merge request) GitLab Enterprise Edition
• Enable non-default pagination for vulnerability feedback index (merge request) GitLab Enterprise Edition
• Add labels support to incident timeline events (merge request)
• New Audit Event for custom HTTP header changes (merge request) GitLab Enterprise Edition
• Introduce an onboarding view for GitLab Pages (merge request)
• Add a service to turn a security finding into a vulnerability (merge request) GitLab Enterprise Edition
• Add namespace_id to vulnerability_reads table (merge request)
• Create annotated tags in CI using the release:tag_message keyword (merge request)
• Show deployment approval comments (merge request) GitLab Enterprise Edition
• Enable performant artifact expiration by default (merge request)
• Add benchmark timing to search api (merge request)
• Add async index destruction (merge request)
• Import github 'un/assigned' issue events (merge request)
• Add mem_total_bytes gauge to Prometheus (merge request)
• Add background migration to backfill casted_cluster_agent_id (merge request)
• Move agent GitOps access check to core (merge request)
• Add access token information to API log (merge request)
• Expose verification timestamps (merge request) GitLab Enterprise Edition
• Show pipeline parsing error in the Vulnerability Report (merge request) GitLab Enterprise Edition
• Event type information in deploy key audit event (merge request) GitLab Enterprise Edition
• Import github 'de/milestoned' issue events (merge request)
• Show a badge that a release is historical (merge request)
• Support variables in the project property of triggers (merge request)
• Allow last issue board to be deleted via API by @tuxtimo (merge request)
• Enable linear queries (merge request)

Fixed (128 changes)

• Prevent errors saving alerts with non-string inputs for string fields (merge request)
• Unify Personal Access Token expiration behavior (merge request)
• Fix the Consistency Check Maximum Function (merge request)
• Add blame link to the file blob view (merge request)
• Fix JS error and UI for manual vulnerabilities (merge request) GitLab Enterprise Edition
• Refresh task list on parent confidentiality change (merge request)
• Fix board sidebars enter animation (merge request)
• Fix spelling of "address" in several places (merge request)
• Restore label on the email field (merge request)
• Fix stale user highest role stats on dormant user deactivation (merge request)
• Exclude vulnerable dependencies from go.mod (merge request)
• Show failure message when task list fails to load (merge request)
• Fix 500 error when Commit action is missing (merge request)
• Show work items correctly on activity feed (merge request)
• Expire protected branches cache after branch cache expiration (merge request)
• Shifting blank line right should add spaces (merge request)
• docs: Add notice for libravatar in FIPS mode by @tnir (merge request)
• Accept pending invitations for SSO signups (merge request)
• Set correct default for ApplicationSetting#personal_access_token_prefix (merge request)
• Fix global search code search results (merge request)
• Ensure errors deleting a deployment are always returned as bad request (merge request)
• Use Gitlab::Utils::UsageData to count replicables (merge request) GitLab Enterprise Edition
• Fix namespace icon for images with transparent background (merge request)
• Truncate long issue title in tasks (merge request)
• Fix productivity analytics not filters (merge request) GitLab Enterprise Edition
• Fix passing of dry_run to pipeline simulation (merge request)
• Fix overflow in second navbar in group detail top by @tnir (merge request)
• Remove extra space in create MR diff (merge request)
• Geo: Ensure one MetricsUpdateWorker runs at a time (merge request) GitLab Enterprise Edition
• Update commits entry point in Discussions API documentation by @ivan23kor1 (merge request)
• Fix 500 from ci_variables field (merge request)
• Move admin_protected_environment policy to owners alone (merge request) GitLab Enterprise Edition
• Ignore key modifiers except meta for shifting text (merge request)
• Fix VSA consistency worker cursor generator (merge request) GitLab Enterprise Edition
• Add merge_status to merge request cache key (merge request)
• Clarify Description for SSO enforcement for Git activity in groups (merge request) GitLab Enterprise Edition
• Sanitize sort params in Roadmap (merge request) GitLab Enterprise Edition
• Fix issue description list item reordering indentation (merge request)
• Update pull mirror interval wording by @orozot (merge request) GitLab Enterprise Edition
• Disable toggle editing mode while content editor loads (merge request)
• Update scoped labels template to fix tooltips (merge request)
• Bump Oj to v3.13.20 to fix illegal instruction errors (merge request)
• Handle timeout in Gitlab::Ci::RunnerReleases (merge request)
• Redirect back after rejecting a pending user (merge request)
• Fix the merged at dates being used by the compliance report (merge request) GitLab Enterprise Edition
• Fix VersionInfo.parse when receiving VersionInfo (merge request)
• Follow redirects when doing network requests with BulkImports::Http (merge request)
• Fix rename_column_concurrently to work with decomposed DB (merge request)
• Fixed return value when token not found by @TrueKalix (merge request)
• This adds a dependency condition to the base auto merge service (merge request) GitLab Enterprise Edition
• Add present on default branch to common_finder_query index (merge request) GitLab Enterprise Edition
• Fix missing file upload progress in GFM footer (merge request)
• Update api endpoint for approval rules (merge request) GitLab Enterprise Edition
• Handle race condition in creating alerts (merge request)
• Restrict to upgrade status filters to Ultimate (merge request) GitLab Enterprise Edition
• Better format MR failed to merge error message in mr widget failed vue (merge request)
• Fix OpenAPI viewer for dark mode by @fabsrc (merge request)
• Reverts the datadog fields DSL refactor (merge request)
• Fix spacing for pipeline editor header buttons by @Anna_pds31 (merge request)
• Change the order of search autocomplete items (merge request)
• Fix paginatable namespace search where users can create projects (merge request)
• Use updated docs link for the Validate tab popover (merge request)
• Upgrade Oj to v3.13.19 to fix a seg fault (merge request)
• Do not group env and folders that share a name on the project env page (merge request)
• Gracefully handle nil created_at values in CI pipelines (merge request)
• Fix emoji autocomplete when leading with a space (merge request)
• Don't allow negative values for pagination (merge request)
• Fix publish_event rspec helper (merge request)
• Ensures we fetch the stage events when there are no value streams (merge request) GitLab Enterprise Edition
• Fix CI artifact sizes not logged for some runner endpoints (merge request)
• Remove inaccessible artifacts from release evidence (merge request) GitLab Enterprise Edition
• Hide ip address label when ip address is missing (merge request)
• Use unnested_in_filters for Group-level vulnerability reads finder (merge request) GitLab Enterprise Edition
• Clean build directory before gitlab:gitaly:install Rake task (merge request)
• Ensures we show the count of selected projects (merge request) GitLab Enterprise Edition
• Add auditor access for group runners (merge request) GitLab Enterprise Edition
• Fix: notify locale on merge request unmergeable by @JeremyWuuuuu (merge request)
• Fix pipeline cancellation not cascading to children (merge request)
• Check group last owner before assigning default membership role (merge request) GitLab Enterprise Edition
• Fix CI_ENVIRONMENT_TIER if tier is updated (merge request)
• Fix issues board list movements (merge request)
• Expose DAST artifact directory (merge request) GitLab Enterprise Edition
• Add present on default branch to project id and id index (merge request) GitLab Enterprise Edition
• Do not show user popover when user is not signed in (merge request)
• Attempting to delete last package file directs user to delete package (merge request)
• Tags search does not work with Gitaly pagination (merge request)
• Fix ActiveRecord::StaleObjectError where pipeline is updated twice (merge request)
• Fixed link on Pages page (merge request)
• Fix URLs in user_auto_banned_email (merge request) GitLab Enterprise Edition
• Prevent new line insertion while attaching a file (merge request)
• Gracefully handle missing project feature row in API (merge request)
• Make repository analytics graphs responsive (merge request)
• Add two more classes allowed for YAML deserialization (merge request)
• Fix RescheduleBackfillImportedIssueSearchData migration (merge request)
• Show mr pipeline tab when pipelines are enabled (merge request)
• Add tracking event for rendering the error details page content (merge request)
• Prevent guests from assigning issues from notes by @zillemarco (merge request)
• Update vulnerabilities Finder to filter on present on default branch (merge request)
• Upgrade oj to v3.3.18 to fix illegal instruction errors (merge request)
• Fix: notify locale on member invite accepted email by @JeremyWuuuuu (merge request)
• Fix atwho keypress cancel Issue (merge request)
• Fix pipeline cancel to also cancel child pipelines (merge request)
• Replace magic string to constant by @orozot (merge request) GitLab Enterprise Edition
• Disable rate limiting when transferring epics (merge request) GitLab Enterprise Edition
• Remove duplicated false positives alert (merge request) GitLab Enterprise Edition
• Use GitLab UI Tooltip for Environment Metrics Link (merge request)
• Fix workflow rules changes when not using paths (merge request)
• Enable read on demand permission for auditor (merge request) GitLab Enterprise Edition
• Prevent default template from overwriting autosave (merge request)
• The rake task gitlab:db:lock_writes should not lock shared databases (merge request)
• Fix extra leading space in task title created from checklist (merge request)
• GraphQL: Return latest job in Pipeline.job by @roblabla (merge request)
• Fix missing relative_url_root settings update (merge request)
• Fix timestamp of "cloned from" system note (merge request)
• Use CREATE OR REPLACE FUNCTION to define vulnerability reads triggers (merge request)
• Handle ldap blocking when no servers exist (merge request) GitLab Enterprise Edition
• Select upstream project by default when creating MR from fork (merge request)
• Fixes time in container registry partial cleanup tooltip (merge request)
• Fix epic transfer when transfering a project (merge request) GitLab Enterprise Edition
• Return an error if merge request fails to merge (merge request)
• Fix graphql double fetch (merge request)
• Do not copy awarded emoji when cloning issues (merge request)
• Fixes alignment of package details files action column (merge request)
• Prohibit maintainers from starting trial subscription (merge request) GitLab Enterprise Edition
• Fix incorrect Runner#with_upgrade_status scope (merge request)
• Take lease in UpdateProjectStatisticsWorker (merge request)
• Fix system note timestamp for moved issue (merge request)
• List groups from group shares on project transfer (merge request)

Changed (182 changes)

• Escaping the header search bar closes dropdown (merge request)
• Support owasp security training (merge request)
• Updated incorrect UI link (merge request)
• Fixed outdated runners link (merge request)
• Set skip_rugged_auto_detect to default to true (merge request)
• Render failed job item pills with different background in Pipeline view (merge request)
• Add background to internal notes (merge request)
• Disabled related items expand button when no items (merge request)
• Add collapsing for many invite modal errors (merge request)
• Disable Rugged auto-detection by default (merge request)
• Enable rebase without ci (merge request)
• Avoid usage of toBeTruthy/toBeFalsy in iterations_spec.js by @anshulriyal (merge request)
• Default enable group level protected environment settings (merge request)
• Remove duplicated help link in top bar (merge request)
• Rename methods and variables for clarity and legibility (merge request)
• Simplify project_statistics test for column size (merge request)
• Improvements to the audit events streaming UI (merge request) GitLab Enterprise Edition
• Generate chain of custody CSV reports asyncronously (merge request) GitLab Enterprise Edition
• Dart.gitlab-ci.yml: Switch to new docker image for Dart by @mcmahonjohn (merge request)
• Add tooltip to Tanuki logo (merge request)
• Validate with latest vendored patch schema version (merge request) GitLab Enterprise Edition
• Migrate project branches cards to use pajamas (merge request)
• Show project homepage only in group page package registry view by @parkourkarthik (merge request)
• Release changes for CI Secure Files Geo Replication (merge request) GitLab Enterprise Edition
• Increase animation speed of sticky issue header (merge request)
• Docs: Remove Debian 9 from supported os list (merge request)
• Refactor runner pagination (merge request)
• Enable update_vuln_identifiers_flag by default (merge request)
• Preload and cache child work items (merge request)
• Rename service_id to integration_id (merge request)
• Update linked items widget header (merge request)
• Rename service_id to integration_id (merge request)
• Find superset of descendant scope queries (merge request)
• Adds user callouts dismissed by Project (merge request)
• Update linked item buttons to match tasks (merge request)
• Speed up sidebar transition (merge request)
• Geo Replicables - Add margin to pagination (merge request) GitLab Enterprise Edition
• Fixed outdated text (merge request)
• Event type for squash commit template is updated by @abhi_arora (merge request) GitLab Enterprise Edition
• Rename IssueTrackerData service to integration (merge request)
• Rename IssueTrackerData service to integration (merge request)
• Mark pull mirroring for projects without the license as hard-failed (merge request) GitLab Enterprise Edition
• Geo Replicables - True Up Projects Statuses (merge request) GitLab Enterprise Edition
• Change cost factor for open source (merge request) GitLab Enterprise Edition
• Reformat the user identity table (merge request) GitLab Enterprise Edition
• Remove backend code for attention request notifications (merge request)
• Frontend changes from task to checklist item (merge request)
• Add missing skip_ci param (merge request)
• Remove description html text limit (merge request)
• Remove temp index on project membership namespace id (merge request)
• Remove temp index on project membership namespace id (merge request)
• Remove attention request related API references (merge request) GitLab Enterprise Edition
• Moved View in admin area button tooltip placement to top by @PaarthAgarwal (merge request)
• Auditor for FOSS edition (merge request) GitLab Enterprise Edition
• Use branches bulk creation for Pull Mirroring (merge request)
• Update custom card to Pajamas compliant alert (merge request)
• Update Users API call was not updating auditor flag for user (merge request) GitLab Enterprise Edition
• Change response of the api PUT /merge when branch unmergable (merge request)
• Get highest level member on members all API call (merge request)
• Add a tooltip to merge requests shortcut (merge request)
• Enable MR discussions HTTP caching by default (merge request)
• Remove description field from new blank project creation (merge request)
• Fixed backfill code to burst root_namespace cache (merge request)
• Update project pages usage card to be pajamas compliant (merge request)
• Remove settings_ci_cd.scss file (merge request)
• Migrate pages domains card to use pajamas compliant version (merge request)
• Event type for framework is deleted (merge request) GitLab Enterprise Edition
• Event type for allow merge on skipped pipeline (merge request) GitLab Enterprise Edition
• Event type for squash option updated (merge request) GitLab Enterprise Edition
• Add checkbox ViewComponent that can be use outside of form builder (merge request)
• Change task list item system note from task to checklist item (merge request)
• Order security_findings by scan_id (merge request) GitLab Enterprise Edition
• Updated retry pipeline jobs button tooltip by @zillemarco (merge request)
• Create a preflight check for MigrationWorker (merge request) GitLab Enterprise Edition
• Create NamespaceDetails table (merge request)
• Update QR code helper to gl-card utility by @yo (merge request)
• Create ci_runner_versions record on demand (merge request)
• Moved the package tags to the sub-header by @zillemarco (merge request)
• Updates package project settings to use side-by-side layout (merge request)
• Remove duplicate association in has_web_hook_shared_examples (merge request)
• Update gitlab-license gem to the latest version (merge request)
• Update plan widgets grey backgrounds (merge request)
• Use primary btn variant for finish review dropdown (merge request)
• Remove service_hook link from SlackMattermostNotifier (merge request)
• Move webhook association from Integration model (merge request)
• Improve false positive alert UX (merge request) GitLab Enterprise Edition
• Update dependency auto-deploy-image to v2.33.0 (merge request)
• Changes styling of timeline icons (merge request)
• Add invite token indications for partial failure (merge request)
• Rename ReplicableStateEnum to ReplicationStateEnum (merge request) GitLab Enterprise Edition
• Replace remove with close on operations dashboard (merge request)
• Move topics location on project overview (merge request)
• Added gl-flex-basis-third style to the cluster creation page by @NIKU-SINGH (merge request)
• Use GlSegmentedControl to switch between Rich/Source text editor by @shamvi050801 (merge request)
• Update preview assets for copy and terminology consistency (merge request)
• Repositioned the insert suggestion button for better visibility by @zillemarco (merge request)
• Add Google Authenticator to 2FA page (merge request)
• Geo Replication - Last verified data (merge request) GitLab Enterprise Edition
• Geo Replicables - Unboxing the UI (merge request) GitLab Enterprise Edition
• Migrate form_errors in saml_providers (merge request) GitLab Enterprise Edition
• Use refreshed look and feel in group runner view (merge request)
• Refactor description for the IP allow list field (merge request)
• Improve ancestor scope queries (merge request)
• Clean up audit_event_streaming_git_operations_deploy_key flag (merge request)
• Refactor hook log index view (merge request)
• Fix warning when user is unable to create project (merge request)
• Add cloud-based 2FA apps to documentation (merge request)
• Add MigrateSharedVulnerabilityScanners batched migration job (merge request)
• Fix approval visible groups detection (merge request)
• Update PyPI package page with access token docs link by @brianjaustin (merge request)
• Migrate project nothing to compare card to be pajamas compliant (merge request)
• Add info message to Operations Dashboard (merge request) GitLab Enterprise Edition
• Do not display 'Clear cache' dropdown when user isn't permitted to do it (merge request)
• Verify LFS OID (merge request)
• Make ssh_signatures.key_id nullable (merge request)
• Forbid calls with potential to take long sleeps (merge request)
• Sync approvals required after syncing rules (merge request) GitLab Enterprise Edition
• Update metrics settings alert to pajamas (merge request)
• Enable paginated_mr_discussions feature by default (merge request)
• Removed incorrect spacing used by btn-margin-5 variable (merge request)
• Allow Sbom::Occurence.component_version to be nullable (merge request)
• This MR adds header with status of DAST scan (merge request) GitLab Enterprise Edition
• Update alerts to pajamas design system (merge request)
• Move and rename SAML troubleshooting page (merge request)
• GraphQL: Rename CiRunnerUpgradeStatusType (merge request)
• Move feedback issue (merge request)
• This MR allows user to see saved profiles (merge request) GitLab Enterprise Edition
• Add upgrade status badges in runners (merge request) GitLab Enterprise Edition
• This MR adds pipeline rule component (merge request) GitLab Enterprise Edition
• Migrate pages no domains card to be pajamas compliant (merge request)
• Migrate commit list card to be pajamas compliant (merge request)
• Migrate admin notes view partial card to use pajamas compliant version (merge request)
• Migrate pages access card to use pajamas compliant version (merge request)
• Apply secure defaults for access tokens (merge request)
• Update design of security approvals in mr approval settings (merge request) GitLab Enterprise Edition
• Align runner details when viewing runner (merge request)
• Change how ownership works in pipeline schedules (merge request)
• Order list of latest users by descending signup date by @axel-loewe (merge request)
• Convert email badges to a list (merge request)
• Update subgroup creation page (merge request)
• Validate timeline event note on update (merge request)
• Change runner cron job to run daily (merge request)
• Clean up soft_validation_on_external_url feature flag (merge request)
• Collect metrics from all pull mirrors (merge request) GitLab Enterprise Edition
• Create folder for Logs to prepare for nesting of other pages (merge request)
• Update docker logo path (merge request)
• Set required nullable for weight argument (merge request) GitLab Enterprise Edition
• Update UX for attaching files in GFM input fields (merge request)
• Do not disable cadence start date field (merge request) GitLab Enterprise Edition
• Fix ES client for nil password (merge request) GitLab Enterprise Edition
• Imported and used the monaco API explicitly (merge request)
• Modifies storage email notifications delivery (merge request) GitLab Enterprise Edition
• Update google-protobuf to v3.21.3 (merge request)
• Adding Geo support of Project-level Secure Files (merge request) GitLab Enterprise Edition
• Update new list on boards page to match Pajamas specs (merge request)
• Move deployment approval from popover to modal (merge request) GitLab Enterprise Edition
• Trigger KeepAroundRefsCreatedEvent event only if SHAs are passed (merge request) GitLab Enterprise Edition
• Update Salesforce logo for OAuth (merge request)
• Add loading icon to audit event pages (merge request) GitLab Enterprise Edition
• Generate links for escaped content (merge request)
• Update External wiki to use sections (merge request)
• Update JWT OAuth logo (merge request)
• Use #use_open_file for Packages::Debian::ExtractDebMetadataService by @sathieu (merge request)
• Adjust buckets for Pull Mirroring metrics (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to 14.10.0 (merge request)
• Update database migration helper (merge request)
• Drop /api/v4 suffix in GitLab OmniAuth documentation (merge request)
• Add Gitlab Contribution Cost Factor (merge request) GitLab Enterprise Edition
• Update Discord notifications to use sections (merge request)
• Updated Linked issues to Linked items (merge request)
• Synchronize vulnerability findings temporary index (merge request)
• Allow pagination=none for recursive tree API (merge request)
• Remove log messages (merge request)
• Default enable linear root ancestor query (merge request)
• Add new move to project modal (merge request)
• Migrate card class to Pajamas::CardComponent (merge request)
• Updates puma to 5.6.4 (merge request)
• Remove personal_access_tokens_scoped_to_projects feature flag (merge request)
• Enable feature flag approval_rules_pagination (merge request)
• Bump to major version 3 for kics (merge request)
• Use the latest pipeline for a branch instead of (merge request) GitLab Enterprise Edition
• Add allowlisted users to Abuse::ExcessiveProjectsDownloadBanService (merge request) GitLab Enterprise Edition

Deprecated (3 changes)

• Deprecate confidential attribute for notes (merge request)
• Add deprecation warning for Redis 5 by @tnir (merge request)
• Remove build_coverage_regex from project (merge request)

Removed (15 changes)

• Disable support for delayed project deletion for personal projects (merge request) GitLab Enterprise Edition
• Removed unused graphql field issuesCount (merge request) GitLab Enterprise Edition
• Remove shared runner usage tab (merge request)
• Remove clients column (merge request)
• Remove sorting vulnerabilities by report_type (merge request) GitLab Enterprise Edition
• Remove additional_amount_available column (merge request)
• Removes ci_retry_downstream_pipeline feature flag (merge request)
• Remove the use_keyset_aware_user_search_query FF (merge request)
• Remove uncached_mr_attention_requests_count feature flag (merge request)
• Remove the new_graphql_keyset_pagination FF (merge request)
• Remove pat and ssh enforcement database columns (merge request)
• Remove sorting vulnerabilities by state (merge request) GitLab Enterprise Edition
• Remove unused semver column on ci_runners (merge request)
• Drop migrated_to_new_structure column (merge request)
• Remove streaming_audit_event_headers feature flag (merge request) GitLab Enterprise Edition

Security (22 changes)

• Drop soft enforcement of restricted YAML deserialization classes (merge request)
• Add additional condition to accept invitation
• Prevent users who cannot admin a public project from viewing deploy keys
• Protect Grafana and Sentry integrations
• Check permissions when filtering by contact or organization
• Maintainer can change the visibility of Project and Group
• Protect integration secrets
• Fix IDOR in Jira issue show action
• Do not link unverified secondary emails with any users
• Update gitaly version
• Update Rails to v6.1.6.1 (merge request)
• Update version of Gitaly
• Remove group_bot_user and group_access_token after group delete
• Security datadog integration leaking
• Add html_escape to build_details_entity
• Remove todos from confidential notes when user loses access
• Remove feature flag ci_yaml_limit_size
• Forbid exchanging access token for ROP flow to users required 2FA setup
• Use author to run subscribed pipeline
• Update GITLAB_PAGES_VERSION
• Remove prohibited branches after project import
• Limit proxied requests to Grafana API

Performance (12 changes)

• Prevent n+1s when fetching epics on big group hierarchies (merge request) GitLab Enterprise Edition
• Move transfer project namespace dropdown to GraphQL (merge request)
• Cleaup import_relation_object_persistence feature flag (merge request)
• Expire branch cache for bulk creation only once (merge request)
• Add index to fix integration metrics performance (merge request)
• Improve loading of blobs from paginated diffs (merge request)
• Skip extra VSA requests when theres no value stream (merge request) GitLab Enterprise Edition
• Increase rendered elements while loading large files (merge request)
• Improve participants loading performance (merge request)
• Improve blob rendering time (merge request)
• Generate links to dependencies in gemspec files (merge request)
• Refresh smaller TTL for highlighting diffs cache (merge request)

Other (70 changes)

• Track pipeline simulation in the pipeline editor (merge request)
• Create Imageable concern for CI Image and Service config by @ali_o_kan (merge request)
• Remove feature flag lfk_automatic_partition_dropping (merge request)
• Clean up attention request related todos (merge request)
• Update google-cloud-env from 1.5.0 to 1.6.0 in /qa by @tnir (merge request)
• Cleanup feature flags and env vars for cross_database_modification (merge request)
• Backfill project import level on namespace settings (merge request)
• Improve Import/Export logs (merge request)
• RuboCop: Enable previously disabled Style/IfInsideElse by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/PercentLiteralDelimiters by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/FormatString by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/EmptyElse by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/GuardClause by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantInterpolation by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/IfUnlessModifier by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantRegexpEscape by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/RedundantSelf by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/StringConcatenation by @edith007 (merge request)
• Add links to instance fingerprints by @TrueKalix (merge request)
• RuboCop: Enable previously disabled Style/HashAsLastArrayItem by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/HashEachMethods by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/SymbolProc by @edith007 (merge request)
• Add yml definitions for metric (merge request)
• Update "working with uploads" dev docs (merge request)
• Schedule index removal for security findings (merge request)
• Switch back to license_finder and update to 7.0.1 by @tnir (merge request)
• No-op migrations to backfill namespace/project mirror tables (merge request)
• RuboCop: Enable previously disabled Style/Next by @edith007 (merge request)
• RuboCop: Enable previously disabled Style/MissingRespondToMissing by @edith007 (merge request)
• Remove feature flag incremental_repository_backup (merge request)
• Exclude gin and bluemonday package from dependencies (merge request)
• Update octokit from 4.21.0 to 4.25.1 in /qa by @tnir (merge request)
• Update signet from 0.14.0 to 0.17.0 by @tnir (merge request)
• Update google-cloud-env from 1.5.0 to 1.6.0 by @tnir (merge request)
• Update acme-client from 2.0.9 to 2.0.11 by @tnir (merge request)
• Disable ultimate features for public projects with 1 member and no repo (merge request)
• Rollout use_redis_hll_instrumentation_classes ff (merge request)
• Update Jira Deployment Type by @lenikadali (merge request)
• Remove RequirementsManagement::CreateRequirementService (merge request) GitLab Enterprise Edition
• Improve gravatar service administration docs by @tnir (merge request)
• Use update_work_item mutation for removing WI (merge request)
• Remove enforce_security_report_validation flag (merge request)
• Add partial GIN indexes for issues table (merge request)
• Convert final angle icons to chevrons (merge request)
• Removing the FF remove-fix_sliding_list_partitioning (merge request)
• Remove highlight_diffs_optimize_memory_usage feature flag (merge request)
• Reschedule migration to remove ultimate license from non-public projects (merge request)
• Decrease the urgency of unleash endpoint (merge request)
• Delete FF ci_fix_rules_if_comparison_with_regexp_variable (merge request)
• Bump yajl-ruby gem version (merge request)
• Remove analytics_devops_adoption_codeowners feature flag (merge request) GitLab Enterprise Edition
• Reference forked, FIPS-compatible NGINX (merge request)
• Revert "Merge branch 'mmj-async-all-project-auth-refreshes' into 'master'" (merge request)
• Update cluster details alert to pajamas (merge request)
• Remove pending builds covering index (merge request)
• Disable ultimate features for public projects with no issues and no repo (merge request)
• No-op old migration disable_job_token_scope_when_unused (merge request)
• No-op old migration associate_existing_dast_builds_with_variables (merge request)
• No-op old migration copy_ci_builds_columns_to_security_scans2 (merge request)
• Backfill the namespace_id of existing vulnerability_reads records (merge request)
• Delete FF ci_expand_environment_name_and_url (merge request)
• Add start_date to issues table (merge request)
• Use utility classes in test report (merge request)
• Prepare partial issue trigram indexes (merge request)
• Remove FF batch_load_environment_last_deployment_group (merge request)
• Update user API docs to better indicate SaaS availability by @zillemarco (merge request)
• Remove token column from ci_builds table (merge request)
• Drop unused index on ci_builds (merge request)
• Remove FF import_release_authors_from_github (merge request)
• Remove unused feature (merge request)

15.2.5 (2022-09-29)

Security (16 changes)

• Geo: Do not delete object stored files when not GitLab managed (merge request)
• Redact user's private email in group member event webhook (merge request)
• Redact secrets from WebHookLogs (merge request)
• Forbid creating a tag using default branch name (merge request)
• Sanitize Url and check for valid numerical errorId in error tracking (merge request)
• Add security protection for Github (merge request)
• Fix leaking emails in WebHookLogs (merge request)
• Restrict max duration to 1 year for trace display (merge request)
• Use UntrustedRegexp for upload rewriter (merge request)
• Validate httpUrlToRepo to be http or https only (merge request)
• Respect instance level rule for editing approval rules (merge request)
• Prevent users creating issues in ay project via board/issues controller (merge request)
• Prevent serialization of sensible attributes from JsonCache (merge request)
• Update TodoPolicy to handle confidential notes (merge request)
• Enforce group IP restriction on Dependency Proxy (merge request)
• Fixes XSS in widget extensions (merge request)

15.2.4 (2022-08-30)

Security (18 changes)

• No overriding methods for Sawyer class (merge request)
• Update Oj to v3.13.21 (merge request)
• Bump yajl-ruby gem version (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.2.3 (2022-08-22)

Security (2 changes)

• Validate if values to be saved in Redis can be converted to string (merge request)
• Fix CSS selector used in specs (merge request)

15.2.2 (2022-08-01)

Fixed (6 changes)

• Upgrade Oj to v3.13.19 to fix a seg fault (merge request)
• Gracefully handle nil created_at values in CI pipelines (merge request)
• Fix CI artifact sizes not logged for some runner endpoints (merge request)
• Fix RescheduleBackfillImportedIssueSearchData migration (merge request)
• Upgrade oj to v3.3.18 to fix illegal instruction errors (merge request)
• Use CREATE OR REPLACE FUNCTION to define vulnerability reads triggers (merge request)

Changed (1 change)

• Fix ES client for nil password (merge request) GitLab Enterprise Edition

15.2.1 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Protect integration secrets (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.2.0 (2022-07-21)

Added (171 changes)

• Add user id to profile page by @TrueKalix (merge request)
• [API] Get endpoint for latest TF module version by @renehernandez (merge request)
• Adds package cleanup policy project settings (merge request) GitLab Enterprise Edition
• Display users that have been banned in a namespace (merge request) GitLab Enterprise Edition
• Introduce :gitlab_geo schema for Geo tracking DB (merge request) GitLab Enterprise Edition
• Add request-URL to vulnerability details (merge request) GitLab Enterprise Edition
• Add link to change failure rate chart from tile (merge request)
• Add watchdog to observe memory fragmentation (merge request)
• Add background jobs for cleanup policies for packages (merge request)
• Adds sidekiq_jobs_interrupted counter (merge request)
• Add timeline feature to incidents (merge request)
• Respect parent namespace for gitlab migration (merge request)
• Allow users to delete releases from edit page (merge request)
• Add verification token to audit events streams list (merge request) GitLab Enterprise Edition
• Add index on security_findings(uuid id DESC) (merge request)
• Add environment_scope to VariableType (merge request)
• Add manual_variables field to JobType (merge request)
• Work Items - Tasks First Time Experience (merge request)
• Add unique contraint for parent link work_item_id (merge request)
• Upgrade GitLab Pages to 1.61.0 (merge request)
• Event type information in approval rule audit event streaming (merge request) GitLab Enterprise Edition
• Include epic color widget on epic board sidebar by @espadav8 (merge request) GitLab Enterprise Edition
• Hash passwords with PBKDF2+SHA512 (merge request)
• Add upgrade status filter to runners (merge request) GitLab Enterprise Edition
• Preview free user cap only for specific namespaces (merge request)
• Add frontend form password complexity validation (merge request) GitLab Enterprise Edition
• Pipeline Performance insights (merge request)
• Add partition_number and related indices to security_findings table (merge request)
• Enable the use_unnested_queries by removing the FF globally (merge request) GitLab Enterprise Edition
• Allow passing arrays of labels in Epic GraphQL mutations by @espadav8 (merge request) GitLab Enterprise Edition
• Add GraphQL support for removing namespace bans (merge request) GitLab Enterprise Edition
• Copy failed spec names to clipboard from MR widget (merge request)
• Add 3 dot menu in work item link (merge request)
• Add frontend form password complexity validation (merge request) GitLab Enterprise Edition
• Event type information for ci variable audit event (merge request) GitLab Enterprise Edition
• Limit number of project and group CI variables (merge request)
• Adding search bar to group MR search with no results (merge request)
• Expose CI_MERGE_REQUEST_TARGET_BRANCH_PROTECTED as CI Variable by @Taucher2003 (merge request)
• Add Members page link to Project settings (merge request)
• Add the packages execute cleanup policy service (merge request)
• Consume new id format for security training (merge request) GitLab Enterprise Edition
• Generate package.json links (merge request)
• Introduce new jobs table (merge request)
• Event type information in streaming access token audit events (merge request) GitLab Enterprise Edition
• Enable use_keyset_aware_user_search_query FF (merge request)
• Add Vulnerabilities::MergeRequestLink model (merge request)
• Add vulnerability_merge_request_links table (merge request)
• Add group audit event keyset pagination (merge request) GitLab Enterprise Edition
• Event type information in protected branch audit event stream (merge request) GitLab Enterprise Edition
• Ensure namespace_id is set when issue is saved (merge request)
• Upgrade GitLab Pages to 1.60.0 (merge request)
• Add evidence fields to Vulnerability Issue template (merge request) GitLab Enterprise Edition
• Add error_tracking_access_token to application settings (merge request)
• Include commit message templates when forking project by @nejc (merge request)
• Create new rake task with Advanced Search integration details (merge request) GitLab Enterprise Edition
• Periodically reconcile ci_runner_versions (merge request)
• Cleanup BackfillDraftStatusOnMergeRequests migration (merge request)
• Implement granular access for Protected Tags API (merge request) GitLab Enterprise Edition
• [issue-354239] Import github 'renamed' issue events (merge request)
• Format multiple quick actions with
  for MD preview by @espadav8 (merge request)
• Track when user uses a verify action on an environment (merge request)
• Add sbom_occurrences table and model (merge request)
• Expose historical_release in GraphQL API (merge request)
• GraphQL: Add upgrade_status filter (merge request)
• Add update of the number of required approvals (merge request) GitLab Enterprise Edition
• Add BanFromNamespaceService and policies to prevent read access (merge request) GitLab Enterprise Edition
• Disable legacy OpenSource license for inactive public projects (merge request)
• Enable coverage report from child pipelines (merge request)
• Add praefect list virtual storages subcommand documentation (merge request)
• Show epic colours on epic boards by @espadav8 (merge request) GitLab Enterprise Edition
• Create index on security_findings asynchronously (merge request)
• Add tooltip to Colour label on new epic page by @espadav8 (merge request) GitLab Enterprise Edition
• [issue-354235] Import github 'un/labeled' issue eventsq: (merge request)
• Add vulnerableMethod to vulnerability details (merge request) GitLab Enterprise Edition
• Add metrics for runner authentication success/failure by @KyleFromKitware (merge request)
• Add a service to promote security findings to vulnerability findings (merge request) GitLab Enterprise Edition
• Add deployment tier to CI_JOB_JWT (merge request)
• Stream audit event for project group link create/destroy/update actions by @zhanglinjie (merge request) GitLab Enterprise Edition
• Add import_creation_level to namespace settings (merge request)
• [API] Get endpoint for a specific TF module version by @renehernandez (merge request)
• Add security report ingestion information to dashboard seed data (merge request)
• Add heap fragmentation metric (merge request)
• Add the 'first_contribution' attribute to the MR webhook event (merge request)
• Add GitLab Error Tracking to /admin settings (merge request)
• Add NamespaceBan model (merge request)
• Stream audit event on project fork by @zhanglinjie (merge request) GitLab Enterprise Edition
• Adds change failure rate charts to ci/cd analytics (merge request) GitLab Enterprise Edition
• Add 'never' option to auto_stop_in for an environment (merge request)
• Submit rename/new modal in web IDE on enter by @leetickett (merge request)
• Add namespace_id column to issues table (merge request)
• Add canceled state to import state and stage methods (merge request)
• Add approved_by_usernames param to merge request api (merge request) GitLab Enterprise Edition
• Stream audit event on merge request create by @zhanglinjie (merge request) GitLab Enterprise Edition
• Add topic_id attribute to Projects API by @wwwjon (merge request)
• Add due_date and improve CSV issue import docs by @leetickett (merge request)
• Add page size selector to issues list having options for 20, 50 and 100 (merge request)
• Added BackgroundMigration for ProjectStatistics (merge request)
• Add settings for rate limiting unique project downloads per namespace (merge request)
• Add crashType to vulnerability details (merge request) GitLab Enterprise Edition
• Add security trial actions (merge request)
• GraphQL: lists the groups to where a project can be transferred to (merge request)
• Require email verification (merge request)
• Added Civo logo to the create cluster page (merge request)
• Add super/subscript support in content editor (merge request)
• Add cycle and lead times time series endpoint (merge request)
• Improved search bar tokens for CRM contacts and organizations by @zillemarco (merge request)
• Add ci_runner_versions table (merge request)
• Add sbom_sources table and model (merge request)
• Displays the queued duration of a job (merge request)
• Disable Conan registry in FIPS mode (merge request)
• Allow editing of the released at date for Releases (merge request)
• Query vulnerability_reads by the cartesian product of given filters (merge request) GitLab Enterprise Edition
• Extend the DAST-Default-Branch-Deploy template to support ECS (merge request) GitLab Enterprise Edition
• Add project export relations models to Import/Export (merge request)
• Add false-positive alert to vulnerability details (merge request) GitLab Enterprise Edition
• [epic 354234] Import github closed issue events (merge request)
• Include inherited group links on project members page by @wwwjon (merge request)
• Add crashState to vulnerability details (merge request) GitLab Enterprise Edition
• Add has_vulnerabilities argument to ClusterAgent GraphQL API (merge request) GitLab Enterprise Edition
• Support TLS in dedicated metrics servers (merge request)
• Add "all protected branches" as a project approval (merge request) GitLab Enterprise Edition
• Add instrumentations for average number of approvals required (merge request) GitLab Enterprise Edition
• Add VariableType and variables fields (merge request)
• Enable ci_docker_image_pull_policy (merge request)
• Add member limit banner to usage quota seats page (merge request) GitLab Enterprise Edition
• Add Pages::PageDeployedEvent (merge request)
• Added ability to sort issues by closed date on frontend by @zillemarco (merge request)
• Enable streaming audit event headers by default (merge request) GitLab Enterprise Edition
• Add freeUserCapEnforced field to Group type (merge request) GitLab Enterprise Edition
• Finalise member_namespace_id migration (merge request)
• Provide deletion of project topics in UI by @wwwjon (merge request)
• Add SBoM Component tables and models (merge request)
• Add columns for operations toggle split (merge request)
• Add multiple tiers aggregaion to DORA API (merge request) GitLab Enterprise Edition
• Enable Blame page pagination by default (merge request)
• Return build failure_reason in pipeline's webhooks by @albertvaka (merge request)
• Enable highlight_js by default (merge request)
• Ban user when they exceed projects download limit within a time period (merge request) GitLab Enterprise Edition
• Remove temporary index and validate constraint on routes table (merge request)
• Enable closed_as_duplicate_of in issues API (merge request)
• Add colour widget to epic create form and epic sidebar by @espadav8 (merge request) GitLab Enterprise Edition
• Reject Maven md5 requests in FIPS mode (merge request)
• Add clusterAgents field to Project/Group/Security Dashboard GraphQL API (merge request) GitLab Enterprise Edition
• [API] Endpoint to download latest Terraform module version by @renehernandez (merge request)
• Add schedule delay for RepositoryUpdateMirrorWorker (merge request)
• Finalize cleanup orphaned routes migration (merge request)
• Add GraphQL API to list resource links (merge request) GitLab Enterprise Edition
• Add GraphQL API to delete resource links (merge request) GitLab Enterprise Edition
• Add documentation for CWE 209.2 (merge request)
• Prevent users from using known insecure public key (merge request)
• Add Query.todo(id) to GraphQL API by @Taucher2003 (merge request)
• Link cc from service desk emails to CRM contacts by @leetickett (merge request)
• Add git abuse rate limit settings for admins (merge request)
• Make ECS Review apps work with DAST (merge request) GitLab Enterprise Edition
• Always respect namespace_id for OAuth-based importers (merge request)
• Allow ci_separated_caches to be updated from API by @Taucher2003 (merge request)
• Persist markdown editor type in wikis (merge request)
• Add filtering security policies to return only inherited policies (merge request) GitLab Enterprise Edition
• Add a toggle for opt-in JWT to project settings (merge request)
• Add an overflow button in content editor (merge request)
• Render link-name on vulnerability details (merge request) GitLab Enterprise Edition
• Add state transition entry (merge request) GitLab Enterprise Edition
• Implement /metadata REST API endpoint by @tuxtimo (merge request)
• Added previously prepared indexes for issues to sort on closed_at by @zillemarco (merge request)
• GraphQL: Add lazy load for blocking epics count (merge request) GitLab Enterprise Edition
• Add PATCH /users/:id/disable_two_factor API (merge request)
• Display disabled card state for non ultimate users (merge request)
• Update Rails project template with BUNDLE_FROZEN (merge request)
• Enable rebalance_issues feature flag by default (merge request)
• Make FF default enabled and fix additional N+1 queries (merge request)
• Enable feature flag 'tag_list_keyset_pagination' by default (merge request)

Fixed (149 changes)

• Fix move deploy keys during project imports in FIPS mode (merge request)
• Fixes container registry popover not displaying on all rows (merge request)
• Fixed some alignments on the pipeline page by @zillemarco (merge request)
• Group audit event keyset pagination order (merge request) GitLab Enterprise Edition
• Fix blob binary state detection for preloaded files (merge request)
• Don't allow notes created_at too much in past (merge request)
• Remove full stops from end of checkboxes (merge request) GitLab Enterprise Edition
• Fixed some margins and widths on the issue page by @zillemarco (merge request)
• GraphQL: Fix filtering for INVALID runners (merge request) GitLab Enterprise Edition
• Update approval count options to include 0 (merge request) GitLab Enterprise Edition
• Fix description list item reorder for incidents (merge request)
• Prefer non-expired licenses first (merge request) GitLab Enterprise Edition
• Fix AR scopes to support keyset pagination (merge request)
• Fixed loading spinner misalignment on fork page by @zillemarco (merge request)
• Fixes all visible mentions of work items in UI (merge request)
• Fix gitlab project imports releases having nil authors (merge request)
• Track description change when creating a task from markdown (merge request)
• Add second event handler oninput to help mitigate the issue (merge request)
• Retain checklist item when deleting task (merge request)
• Fix recommendation for unpublished runner release (merge request)
• Change color for inherited classes (merge request)
• Improved layout of the create merge request's contribution section by @zillemarco (merge request)
• Corrected the logic on duplicate package toggles (merge request)
• Corrected the logic on duplicate package toggles (merge request)
• Made paths lowercase for deduplicated_size api (merge request)
• Use current time as created_at when cloning issues (merge request)
• Properly fail LDAP logins if GitLab user not persisted (merge request)
• Fix artifact empty state (merge request)
• Fix attribute validations for the Vulnerabilities::FindingLink model (merge request) GitLab Enterprise Edition
• Don't fail StoreSecurityReportsWorker if the pipeline does not exist (merge request) GitLab Enterprise Edition
• Refactor Header Search bar event handlers out of requestIdleCallback (merge request)
• Delete MR files separately on project deletion (merge request)
• Aligns order of sidebar items in bulk update (merge request)
• Make /merge quick action to work in GraphQL via createDiffNote (merge request)
• Migration to correct vulnerability state (merge request)
• Add blame link to the file blob view (merge request)
• Fix deploy keys breaking protected branch dropdown in FIPS mode (merge request)
• Fix scrolling to anchor tags on wiki pages (merge request)
• Fix double scroll in labels dropdown on MR sidebar (merge request)
• Retrieve pageSize from local storage as soon as possible (merge request) GitLab Enterprise Edition
• Make dark scroll bar in Chromium-based browsers by @rakleed (merge request)
• Fix the sentry URL in the CSP (merge request)
• Fix exception when Group relation is empty (merge request) GitLab Enterprise Edition
• Mark environments as available when restarting a deployment build (merge request)
• Fix streaming audit event for sub group event and project destroy event by @zhanglinjie (merge request) GitLab Enterprise Edition
• Fix the broken member search GraphQL query (merge request)
• Default project path to empty when creating from group template (merge request) GitLab Enterprise Edition
• Fix broken syntax highlight for shell scripts (merge request)
• Parse conflict lines with CRLF endings correctly (merge request)
• Fix broken external links by @leetickett (merge request)
• Load TLS intermediate certificates in metrics exporter (merge request)
• Render 404 when Jira issue not found (merge request) GitLab Enterprise Edition
• Fix: notify locale on changed milestone email by @JeremyWuuuuu (merge request)
• Correcting the spelling of 'receive' (merge request)
• Update diffs export for backwards compatibility (merge request)
• Fix pagniator issue in different timezone by @chaomao (merge request) GitLab Enterprise Edition
• Handle errors fetching GitLab Runner releases (merge request) GitLab Enterprise Edition
• Fix creating epic in scoped epic board (merge request) GitLab Enterprise Edition
• Fixed small misalignment on releases card footer by @zillemarco (merge request)
• Do not allow to override jobs defined by Security Policies (merge request) GitLab Enterprise Edition
• Remove stray gl-mt-2 from Label input on new epic page by @espadav8 (merge request)
• Fix contributing to EE link by @leetickett (merge request)
• Fix scss syntax highlighting (merge request)
• Fix BulkImport pipeline retries (merge request)
• Fix group access dropdown failure if no subgroups are available (merge request) GitLab Enterprise Edition
• License feature availability checks in Auditor (merge request) GitLab Enterprise Edition
• Fix 500 error for Tags API when repository is missing (merge request)
• Fix group name conflict when migrating groups via BulkImport (merge request)
• Fix resolving cluster image scanning vulnerabilities (merge request) GitLab Enterprise Edition
• This MR removes sticky footer from sidebar (merge request) GitLab Enterprise Edition
• Allow job tokens to access internal packages (merge request) GitLab Enterprise Edition
• Collapse Edit lock form when clicked outside sidebar in issues (merge request)
• Error Tracking: Disable show next button when next pagination is empty (merge request)
• Fix SSH mirrors not working in FIPS mode (merge request)
• This MR fixes list of corpuses (merge request) GitLab Enterprise Edition
• Correct padding for change password screen (merge request)
• Only show Changes to free tier open source projects banner to members (merge request) GitLab Enterprise Edition
• Fixes diff case where .ipynb line contains '\n' (merge request)
• Fix deployment approval popup to support multiple approval rules (merge request) GitLab Enterprise Edition
• Fixes Semantic diffs displaying twice (merge request)
• Fix vertical alignment of compliance report rows so they are centred (merge request) GitLab Enterprise Edition
• Query only distinct OAuth access tokens by application ID (merge request)
• Fix duplicates in pages when sorting members by last_activity_on (merge request)
• Remove attention request docs (merge request)
• Fix avatar size for issue and MR placeholder notes (merge request)
• Correct call to computed hasSelectedColor by @espadav8 (merge request)
• Upgrade version of Swagger UI by @mulka (merge request)
• Add spec for buildkit cache image replication (merge request) GitLab Enterprise Edition
• Index vulnerability_reads on casted_cluster_agent_id (merge request)
• Fix GraphQL API to fetch clusterAgents from instanceSecurity Dashboard (merge request) GitLab Enterprise Edition
• Do not show guest users as participants when mentioned on internal note (merge request)
• Require project membership for merge request approvals (merge request)
• Use UTC for trial end date in popover (merge request) GitLab Enterprise Edition
• Does not generate ipynb diff if file is collapsed (merge request)
• Fix avatars displaying as block elements (merge request)
• Allow filtering by multiple negated milestones (merge request)
• Allow 16 character SubjectKeyIdentifier for x509 signed commits feature by @.wolf (merge request)
• Add sanity check for inputs (merge request)
• Update Vulnerabilities::DismissService (merge request) GitLab Enterprise Edition
• Sets vulnerability state properly (merge request) GitLab Enterprise Edition
• Simplify issue policy, allow bots metadata access (merge request)
• Fixes the remove group button to look correct (merge request)
• Fix Integration#boolean_accessor to work with data fields (merge request)
• Update Vulnerabilities Confirm Service (merge request) GitLab Enterprise Edition
• Fix plural name "Failed jobs" for the pipeline failed email (merge request)
• Improve keyboard UX for toggle replies widget (merge request)
• gitaly_client: Fix error handling for structured AlreadyApplied error (merge request)
• Fix env var check for DISABLE_PUMA_WORKER_KILLER (merge request)
• Maintain namespace_id when connection error occurs in fogbugz importer (merge request)
• Fix LDAP sign in button padding (merge request)
• Remove valid epic check (merge request) GitLab Enterprise Edition
• Fix incorrect links when coming to 'Find file' from a file view by @shelld3v (merge request)
• Improve performance of loading OAuth apps and tokens (merge request)
• Patched Rails model generator to use GitLab template by @zillemarco (merge request)
• Allow epic_color_highlight flag to be applied to groups by @espadav8 (merge request) GitLab Enterprise Edition
• Add auditor access for group compliance report (merge request) GitLab Enterprise Edition
• Fix performance regression in issuable lists (merge request)
• Fix bitbucket cloud importer (merge request)
• Update Vulnerabilities::RevertToDetected Service (merge request) GitLab Enterprise Edition
• Fix nil error for last deployment group (merge request)
• Respect namespace_id for bitbucket server importer (merge request)
• Adjust members index flex spacing for longer text (merge request)
• Fix future iterations not being scheduled correctly (merge request)
• Show only top-level epics in roadmap page (merge request) GitLab Enterprise Edition
• Fix querying vulnerability_reads by cluster_agent_id (merge request) GitLab Enterprise Edition
• Poll for linked pipelines (merge request)
• Cancelling a merge request edit does not reset the autosaver (merge request)
• Revert Only send signed upload params from Wkhse (merge request)
• Fix deploy boards for Kubernetes 1.22 (merge request)
• Respect namespace_id in fogbugz importer (merge request)
• Improves css in ipynb mrs (merge request)
• GlTabsBehavior - Support hash updating (merge request)
• Merge details in audit event json log (merge request) GitLab Enterprise Edition
• Use i18n translations on reassigned issueable emails by @JeremyWuuuuu (merge request)
• Fix autocomplete in wikis (merge request)
• Insert job taggings in batches (merge request)
• Allow public access to awardables API (merge request)
• Fix GET /groups/:id to include runners token (merge request)
• Update Vulnerabilities::ResolveService (merge request) GitLab Enterprise Edition
• Fix agent token modal (merge request)
• Fix private contributions missing on the calendar if user leaves project by @eggerd (merge request)
• Pass status explicitly to Deployment Hook Worker (merge request)
• Fix eslint error (merge request)
• Prevent popovers from showing on group references (merge request)
• Queue Terraform state destroy worker outside of transaction (merge request)
• Fix Auth#token_bot_in_resource? check (merge request)
• Expand diff when navigating to pending comment by @JonstonChan (merge request)
• Migrate Group name and Group URL fields to Vue (merge request)
• Update color preview shades to match header color (merge request)

Changed (224 changes)

• Update project stats for container reg deletes (merge request)
• Update triggers creating vulnerability_reads records (merge request)
• Adds project-scoped callouts for failed web-hooks (merge request)
• Added creation time-range filters for Snippets API by @spmarisa (merge request)
• Update runners form error to pajamas (merge request)
• Changed instances of (Any )[Ee]ligible user to All eligible users (merge request) GitLab Enterprise Edition
• Hide expand button for empty simple widgets (merge request)
• Add config file param to repository changelog api by @zhanglinjie (merge request)
• Show reports immediately after job completes by @kdabrowski (merge request)
• Remove commits from the main Advanced Search index (merge request) GitLab Enterprise Edition
• Add warning next to public projects shared with a private group (merge request)
• Remove omniauth_login_minimal_scopes feature flag (merge request)
• Create vulnerability state transitions as a better form of tracking (merge request) GitLab Enterprise Edition
• Disable creation of vulnerability feedback when dismissing vulns (merge request) GitLab Enterprise Edition
• Added snowplow tracking for package assets (merge request)
• Apply the VSA filters to the task by type charts (merge request) GitLab Enterprise Edition
• Give 300k minutes to contributors to spend on GitLab contributions (merge request) GitLab Enterprise Edition
• Use field level validation errors (merge request) GitLab Enterprise Edition
• Move header search events out of main.js (merge request)
• Prevent hidden projects to be downloaded via git actions (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to v14.9.0 (merge request)
• Increase number of includes from 100 to 250 (merge request)
• Migrate mirror repos form errors (merge request)
• Migrate protected tag error form (merge request)
• Allow escalation for all incidents (merge request) GitLab Enterprise Edition
• Migrate CI/CD settings form error (merge request)
• Migrate errors form for autodeops settings (merge request)
• Return if FIPS enabled (merge request)
• Admin App-Settings Network header expand/collapse by @quatauta (merge request) GitLab Enterprise Edition
• Define LDAP omniauth_callbacks routes from GitLab config (merge request)
• Show all errors on invites for invite modal (merge request)
• Improve Admin Area settings UI text (merge request)
• Improve alert UX when updating existing design (merge request)
• Add tmp index for vuln findings with potentially mismatched scanners (merge request)
• Add Rebase without CI button to MR rebase widget by @KevSlashNull (merge request)
• Stop syncing alert and incident statuses (merge request)
• Add indices for protected environments and approval rules on created_at (merge request)
• Removes ci_value_change_for_processable_and_rules_entry ff (merge request)
• Remove standard_context_type_check ff (merge request)
• Remove refactor_blob_viewer FF references (merge request)
• Migrates the spacing for icon of related item (merge request)
• Migrate form_errors in integration settings page (merge request)
• Create Vue form to configure git abuse rate limits (merge request) GitLab Enterprise Edition
• Migrates spacing classes for approval checks (merge request) GitLab Enterprise Edition
• Bump omniauth-oauth version to v1.2.0 (merge request)
• Update admin edit group layout (merge request)
• Migrate form_errors in creations/new_compare form to Pajamas alert (merge request)
• Bump prometheus-client-mmap to v0.16.1 (merge request)
• Remove banner about free project changes (merge request)
• Replace ci_runner_versions indices (merge request)
• Make CI/CD form error to be Pajamas compliant (merge request)
• Update gitlab_omniauth-ldap to v2.2.0 (merge request)
• Promote 'New identity' button as a primary action (merge request)
• Update Node.js from 10 to 14 used in CI by @tnir (merge request)
• Updated Secure Files Settings UI (merge request)
• Disable DS auto-remediate when FIPS mode (merge request) GitLab Enterprise Edition
• Make Application Settings sections headers collapsible (merge request)
• Use approvers information which are available (merge request) GitLab Enterprise Edition
• Add uuid to VulnerabilityFindingDismiss (merge request) GitLab Enterprise Edition
• Disable OAuth access token reuse (merge request)
• Move Title and Format fields in the same row by @ssurbhi560 (merge request)
• Migrate form_errors in two_factor_auths/show form to Pajamas alert (merge request)
• Move link to the last item in formatting toolbar (merge request)
• Allow members invited by email to be re-invited (merge request)
• Application Settings General h4 Expand/Collapse by @quatauta (merge request) GitLab Enterprise Edition
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• Adds package group settings side-by-side layout (merge request)
• Track process commit limit overflow (merge request)
• Application Settings General h4 Expand/Collapse by @quatauta (merge request)
• Migrate error alert in user identity form (merge request)
• Migrate error alert in doorkeeper application form (merge request)
• Admin App-Settings Templates header expand by @quatauta (merge request) GitLab Enterprise Edition
• Refactor user popover to use GlAvatarLabeled (merge request)
• Improve label of delete comment button (merge request)
• Use user_application_theme helper instead of hard-coded theme classes by @dreedy (merge request)
• Simplify scanner logic for security reports (merge request) GitLab Enterprise Edition
• Increase Webauthn credential XID length by @spotlightishere (merge request)
• Use Pajamas alert in milestones form (merge request)
• Add tooltip to shortcut element in navbar search field (merge request)
• Migrate form errors to Pajamas for grafana setting (merge request)
• Add the merge date to the Chain of Custody report (merge request) GitLab Enterprise Edition
• Rename CycloneDX artifact files (merge request) GitLab Enterprise Edition
• Feature search bar scope tokens (merge request)
• Add git_rate_limit_users_allowlist column to application_settings (merge request)
• Update supported browser versions (merge request)
• Warn user of feature flags risks (merge request)
• Migrate errors in new password to Pajamas alert (merge request)
• Send root_namespace_id to the Projects::ProjectDeletedEvent (merge request)
• Disable Geo proxy internal API polling when Geo not enabled (merge request)
• Apply rate limiting for paid plan customer hooks (merge request) GitLab Enterprise Edition
• Use auditor when auditing using audit changes (merge request) GitLab Enterprise Edition
• Omit MD5 fingerprints in deploy key API response (merge request)
• Replace deprecated createFlash, add loading icon and tabs query param (merge request) GitLab Enterprise Edition
• Drop empty fingerprint attribute in Vue access dropdown (merge request)
• Add hover state for button and remove border (merge request)
• Parse GitLab Runner release version suffixes (merge request)
• Add quick action support for group members (merge request)
• Move commit documents to new index (merge request) GitLab Enterprise Edition
• Removes noisy lines from transformed notebook (merge request)
• Support language filter for blob searches (merge request) GitLab Enterprise Edition
• Migrates spacing class for board card loader (merge request)
• Fix status box styling on Jira issue details page (merge request)
• Migrate errors in GPG keys to Pajamas alert (merge request)
• Container registry: stop appending Root image (merge request)
• Use Pajamas alert in repository check form (merge request)
• Consider versions with suffix in runner upgrades (merge request)
• Show more details for testing integration error (merge request)
• Migrate button to delete account (merge request)
• Vendor omniauth-gitlab gem to provide backwards compatibility (merge request)
• Use Pajamas alert in gitpod settings (merge request)
• Migrate buttons to switch stl viewer type (merge request)
• Replace Geo node with Geo site (merge request) GitLab Enterprise Edition
• Add ignore rule for migrated_to_new_structure (merge request) GitLab Enterprise Edition
• Change group recent activity window to 30 days (merge request) GitLab Enterprise Edition
• Add a keyword for default values in the CSP (merge request)
• Fixes the spacing of buttons on the compare page (merge request)
• Remove variable override on related tree item (merge request)
• Have Security Policies Enabled by Default (merge request) GitLab Enterprise Edition
• Hide the 'Resync' button when there are no results by @shelld3v (merge request)
• Hide 'New Epic' button on roadmap for unauthorized users by @shelld3v (merge request) GitLab Enterprise Edition
• Admin App-Settings Preferences header expand/collapse by @quatauta (merge request)
• Allow using pre tag outside of code blocks (merge request)
• Add queued_duration to the job entity (merge request)
• Migrates modal to delete pipeline (merge request)
• Update text for rollback modal (merge request)
• Admin App-Settings Advanced Search header expand by @quatauta (merge request) GitLab Enterprise Edition
• Add new column vulnerability_reads.casted_cluster_agent_id as bigint (merge request)
• Remove feature flag ci_build_finished_worker_namespace_changed (merge request)
• Replace YAML approver info with persisted data (merge request) GitLab Enterprise Edition
• In email footers, explicitly link to the GitLab host by @smokris (merge request)
• Updated agent status icons (merge request)
• Add root_namespace_id to Pages::PageDeletedEvent (merge request)
• Use Pajamas alert in repository mirroring settings (merge request)
• DB additions for CI Secure Files Replicator (merge request)
• Consolidate pipeline mini graph code (merge request) GitLab Enterprise Edition
• Migrates view seat usage button in alert (merge request) GitLab Enterprise Edition
• Migrates button to promote milestone (merge request)
• Remove GraphQL check for feature flag and return null by @espadav8 (merge request) GitLab Enterprise Edition
• Use Pajamas alert in visibility and access settings (merge request)
• Change in wording related to SAML experience (merge request) GitLab Enterprise Edition
• Fix: notify locale on failed builds by @JeremyWuuuuu (merge request)
• Migrates the spacing for icon in user dropdown (merge request)
• This MR enables sticky footer in Drawer (merge request) GitLab Enterprise Edition
• Modifies Package Registry group settings (merge request)
• Migrate LDAP sync buttons on member page (merge request) GitLab Enterprise Edition
• Convert admin users and admin group edit/new to be Pajamas compliant (merge request)
• Add Expand/Collapse to application settings CI/CD h4 by @quatauta (merge request)
• This adds the queued_at field to the job entity (merge request)
• Remove form_errors from the groups settings ci_cd form (merge request)
• Migrates the spacing class for job name (merge request)
• Migrates the spacing for buttons in dashboard (merge request)
• Use Pajamas alert in webhooks form (merge request)
• Replace repeat icon with retry icon for jobs (merge request)
• Migrate form errors (merge request) GitLab Enterprise Edition
• Migrates button to add previously merged commits (merge request)
• Accept runner patch upgrades from newer major releases (merge request)
• More informative timeout message (merge request)
• Replace jQuery in init_details_button.js by @quatauta (merge request)
• Remove callouts_trials_link_url (merge request) GitLab Enterprise Edition
• Update oauth2 gem to v2.0.2 (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrates spacing classes in modal to add commits (merge request)
• Add terminating newline to /:username.keys and /:username.gpg (merge request)
• Take migration state into account for size by @jeffpearce (merge request)
• Rewrote Project settings (merge request)
• Fixes truncation and tooltip on group selection (merge request)
• This MR migrates radio button to pajamas radio component (merge request)
• Change the revoke button to type tertiary (merge request)
• Default on group_level_security_policies (merge request)
• Return :invalid for an invalid runner version (merge request)
• Modifies Dependency Proxy group settings (merge request)
• Use Pajamas alert in new application form (merge request)
• API: Backend support for manipulating web-hook variables (merge request)
• Migrate errors in group settings to Pajamas alert (merge request)
• Add Job ID to RepositoryUpdateMirrorWorker logs (merge request) GitLab Enterprise Edition
• Migrates spacing class on web ide tree (merge request)
• Remove artifacts storage warning (merge request) GitLab Enterprise Edition
• Improve UI text - group Permissions settings (merge request)
• Remove renamed workers and feature flag (merge request)
• Replace the menu icon on mobile (merge request)
• Remove custom override of breadcrumb separator (merge request) GitLab Enterprise Edition
• Migrate errors in password update to Pajamas alert (merge request)
• This MR enables sticky header in Drawer (merge request) GitLab Enterprise Edition
• Remove legacy /-/integrations routes from renamed controller (merge request)
• Rollout prevent_abusive_searches feature flag (merge request)
• Migrates spacing classes for code review analytics (merge request) GitLab Enterprise Edition
• This MR defines behaviour of sidebar view mode (merge request) GitLab Enterprise Edition
• Update asana gem to v0.10.13 to relax oauth2 dependency (merge request)
• Remove usage of MD5 by wikicloth gem for FIPS (merge request)
• Migrates the spacing class for add commits button (merge request)
• Consider the certs specified via SSL_CERT_{DIR,FILE} variables (merge request)
• Backend support for manipulating web-hook variables (merge request)
• Migrates spacing classes to add related issue (merge request)
• Update gitaly_cgroups metric name (merge request)
• Use new cost factor 0.008 for public SaaS projects (merge request) GitLab Enterprise Edition
• Remove migrate_vulnerability_finding_uuids flag (merge request)
• Migrate edit profile errors to use Pajamas compliant alert (merge request)
• Migrates button to unprotect an environment (merge request) GitLab Enterprise Edition
• Admin App-Settings Metrics header expand/collapse by @quatauta (merge request)
• Update omniauth-oauth2 to v1.7.3 (merge request)
• Remove fallback calc of last sec report pipeline (merge request) GitLab Enterprise Edition
• Migrates buttons in warning to apply template (merge request)
• Default enable FF import_release_authors_from_github (merge request)
• Cleanup Project Settings > Repository > Protected branches (merge request)
• Adjust migration update query and refactor specs (merge request) GitLab Enterprise Edition
• Replace runners token indices in projects table (merge request)
• Migrates spacing class for requirements title (merge request) GitLab Enterprise Edition
• Migrates spacing class for commits author search (merge request)
• Migrates spacing on icon for hidden approvers (merge request) GitLab Enterprise Edition
• Admin App-Settings Reporting header expand/collapse by @quatauta (merge request)
• Application Settings Repository h4 Expand/Collapse by @quatauta (merge request)
• EE Application Settings CI/CD h4 Expand/Collapse by @quatauta (merge request) GitLab Enterprise Edition
• Migrate spacing class for reverify button in geo (merge request) GitLab Enterprise Edition
• Migrates spacing for applying suggestions message (merge request)
• Migrates spacing classes on snippets empty state (merge request)
• Migrates spacing class for clone button (merge request)
• Migrates spacing class on performance bar (merge request)
• Migrates the spacing class for discussion filters (merge request)
• Use popover for On-demand scans tooltip (merge request) GitLab Enterprise Edition
• Add upgrade indicators to runner details (merge request) GitLab Enterprise Edition
• Stop creating resolved alerts for self-recovering notifications (merge request)
• Update form to use pajamas_alert in spam application settings (merge request)
• Remove projects_build_artifacts_size_refresh flags (merge request)
• Clean up merge_request_pipelines_in_target_project feature flag (merge request)

Removed (23 changes)

• Remove onboarding experience survey and email from onboarding (merge request)
• Remove tracing ff and delete yml (merge request)
• Delete monitor logging ff (merge request)
• Add migrations to remove fk (merge request)
• Delete frontend code related to logs (merge request)
• Remove code for trigger job show page (merge request)
• Remove design resolved discussions popover (merge request)
• Add migrations for table and fk (merge request)
• Removethe optimized_followed_users_queries FF (merge request)
• Remove unused Projects::JobsController#status (merge request)
• Remove dead code from gitlab_ci settings (merge request)
• Remove old route for DAST profiles (merge request) GitLab Enterprise Edition
• Remove pod logs backend code (merge request)
• Remove pod logs service (merge request)
• Remove semver usage (merge request)
• Remove clusters_integrations_elastic_stack metric (merge request)
• Remove projects_enabled_with_tracing metric (merge request)
• Remove elastic cluster section on UI (merge request)
• Remove the infinitely_collapsible_sections feature flag (merge request)
• Geo Sites Form - Remove Beta Badge (merge request) GitLab Enterprise Edition
• Remove old Sidekiq error logging fields (merge request)
• Remove file_identifier_hash feature flag by @feistel (merge request)
• Remove vsa_reaggregation_worker FF (merge request)

Security (17 changes)

• Allow inviting only groups with subset of allowed domains to groups
• Sanitize ZenTao breadcrumb links
• Gitlab Runner version upgrade
• Update ProjectAttributesTransformer to use fixed number of attributes
• Fix open redirect vulnerability
• Escape deploy key title to prevent XSS
• Fix group IP restrictions not enforced for container registry requests (merge request) GitLab Enterprise Edition
• Filter milestone release by user access
• Adds a filter based on user access to Runner jobs endpoint
• Security fix sentry issue leaks and access level check
• Check permissions before exposing user two factor enabled
• Fix permissions in the project labels API
• Fix the required access level in the Conan packages finder
• Restrict CI lint access to pipeline creators
• Catch endless headers when reading HTTP responses
• Prevent runners from picking IP restricted jobs
• Add rate limit on integration testing feature (merge request)

Performance (22 changes)

• Implement hit ration for diff caching (merge request)
• Do not allow waiting project authorizations refreshes (merge request)
• Improve DependencyLinker sanitization (merge request)
• Reduce queries in revert / cherry pick button (merge request)
• Use paginated tree for the last commit query (merge request)
• Remove unnecessary Redis calls in issue endpoints (merge request)
• Improve performance of related branches finder (merge request)
• Improve logs tree fetching performance (merge request)
• Improve performance of users API under load (merge request)
• Uses OJ Saj Parser to speed up Ipynbdiff (merge request)
• Remove delayed_project_import_schedule_worker flag (merge request)
• Remove sticky_ci_archive_trace_worker feature flag (merge request)
• Do not allow waiting project authorizations refreshes (merge request)
• Reduce queries for adding members (merge request)
• Improve performance of finding related branches (merge request)
• Schedule index to improve performance of contribution analytics (merge request)
• Preload rich viewer (merge request)
• Set expire_in for protected branch cache keys (merge request)
• Remove paginated_issue_discussions FF (merge request)
• Enable full-text search of issues by default (merge request)
• Prevent N+1 queries when rendering pipeline stage (merge request)
• Move incident closing for recovery alerts into a background job (merge request)

Other (49 changes)

• Remove plaintext token index from ci_builds (merge request)
• Disallow any database calls, or connections in routes (merge request)
• Drop unused ci builds index (merge request)
• Revert "Merge branch 'soft-validation-on-environment-external-url' into 'master'" (merge request)
• Drop post migration test table (merge request)
• Clean up confidential_notes feature flag (merge request)
• Add uuid to Service Ping medatada report (merge request)
• Turn Project authorizations refresh on changes in ProjectMember async (merge request)
• Fix usage of distance_of_time_in_words_to_now by @edith007 (merge request)
• Use correct styling for clear user status button (merge request)
• Remove measure_service_ping_metric_collection ff (merge request)
• Move finalize background migration to post-deploy (merge request)
• Update delayed_project_removal to NULL for UserNamespaces (merge request)
• Cache payload for unleash clients (merge request)
• Remove legacy queuing code (merge request)
• Remove group_name_path_vue feature flag (merge request)
• Move integration channel placeholder var into constant by @chaomao (merge request)
• Update docs to mention Epic Colours by @espadav8 (merge request)
• Reschedule batched background migration (merge request)
• Remove the gitlab_sli_new_counters feature flag (merge request)
• Remove not null constraints from requirements columns (merge request)
• Pass License sha256 in usage data (merge request) GitLab Enterprise Edition
• Validate requirements.requirement_issue NOT NULL constraint (merge request)
• Cache external MR diffs on disk for faster Project Export (merge request)
• Put migration on hold when autovacuum is active (merge request)
• Use lazy Workhorse upload preauth for fallback routes (merge request)
• Update multiple admin alerts to pajamas (merge request)
• Add Feishu Integration Foundation by @chaomao (merge request)
• Drop unused ci builds index (merge request)
• Rename queues for finishing and achiving workers (merge request)
• Switch ActiveSupport::HashDigest to SHA256 (merge request)
• Ignore ci_triggers.ref before removal (merge request)
• Moves ipynbdiff to vendor (merge request)
• Setting sliding-list Partition Fix FF to True (merge request)
• Moves ipynbdiff to vendor (merge request)
• Add background migration to backfill missing search_data (merge request)
• Add post-migration test table (merge request)
• Clean up fallbacks in Emails::MergeRequests#push_to_merge_request_email (merge request)
• Hide dependency proxy for personal namespaces (merge request) GitLab Enterprise Edition
• Remove prerecord_service_ping_data feature flag (merge request)
• Add skeleton loader for usage_quota's storage (merge request) GitLab Enterprise Edition
• Backfill runner semver column (merge request)
• Remove contacts_autocomplete feature flag (merge request)
• Only send signed upload params from Workhorse (merge request)
• Revert "Merge branch 'jnnkl-codequality-findings-diff-inline' into 'master'" (merge request)
• Fix display of times in access and deploy token table by @edith007 (merge request)
• Support push options when creating merge request pipelines (merge request) GitLab Enterprise Edition
• Update GitLab Runner Helm Chart to 0.42.0 (merge request)
• Address database documentation Vale warningss by @cgives (merge request)

15.1.6 (2022-08-30)

Security (17 changes)

• No overriding methods for Sawyer class (merge request)
• Bump yajl-ruby gem version (merge request)
• Prevent long loops when generating suggested branch name (merge request)
• IDOR in Zentao integration issue show page (merge request)
• Patch VULNDB-255039 (potential Rack cache poisoning) (merge request)
• HTML escape the label background color (merge request)
• Sandbox jupyter notebook HTML output (merge request)
• Fix unauthorized GFM references in Incident Timeline (merge request)
• Optimize handling repositories with huge trees (merge request)
• Parse commit trailers without using regexp (merge request)
• Check for pathological markdown input (merge request)
• Replaced smooshpack to fix the vulnerability in LivePreview (merge request)
• Update package auth for group IP allowlist (merge request)
• Don't show pipeline status (merge request)
• Sanitize img attributes in Banzai::Filter::ImageLinkFilter (merge request)
• Validate description length for snippets (merge request)
• Prevent brute force vuln for Git over HTTP(S) requests (merge request)

15.1.5 (2022-08-22)

Security (2 changes)

• Validate if values to be saved in Redis can be converted to string (merge request)
• Fix CSS selector used in specs (merge request)

15.1.4 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect integration secrets (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.1.3 (2022-07-19)

Added (1 change)

• Add praefect list virtual storages subcommand documentation (merge request)

Fixed (1 change)

• Fix group access dropdown failure if no subgroups are available (merge request) GitLab Enterprise Edition

15.1.2 (2022-07-05)

Fixed (3 changes)

• Resolve "White screen of death on creating new project" (merge request)
• Fix agent token modal (merge request)
• Resolve "Gitlab doesn't detect the deployment pods after K8s cluster upgrade to v1.22" (merge request)

Changed (2 changes)

• Update gitaly_cgroups metric name in docs (merge request)
• Refactor add populate commit permission migration (merge request) GitLab Enterprise Edition

Removed (1 change)

• Geo Sites Form - Remove Beta Badge (merge request) GitLab Enterprise Edition

15.1.1 (2022-06-30)

Security (16 changes)

• Fix group IP restrictions not enforced for container registry requests (merge request)
• Gitlab Runner version upgrade (merge request)
• Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
• Escape deploy key title to prevent XSS (merge request)
• Sanitize ZenTao breadcrumb links (merge request)
• Fix permissions in the project labels API (merge request)
• Security fix sentry issue leaks and access level check (merge request)
• Check permissions before exposing user two factor enabled (merge request)
• Filter milestone release by user access (merge request)
• Fix the required access level in the Conan packages finder (merge request)
• Allow inviting only groups with subset of allowed domains to groups (merge request)
• Fix open redirect vulnerability (merge request)
• Adds a filter based on user access to Runner jobs endpoint (merge request)
• Prevent runners from picking IP restricted jobs (merge request)
• Restrict CI lint access to pipeline creators (merge request)
• Catch endless headers when reading HTTP responses (merge request)

15.1.0 (2022-06-21)

Added (147 changes)

• Add GraphQL API to create resource links (merge request) GitLab Enterprise Edition
• Add support for collecting jemalloc stats (merge request)
• Add audit event for disabling 2FA (merge request) GitLab Enterprise Edition
• Add auditEventsStreamingHeadersDestroy Mutation (merge request) GitLab Enterprise Edition
• Add backend changes to sort issues by closed at by @zillemarco (merge request)
• Display invalid approvals on merge request widget (merge request)
• Add ownerProject field to RunnerType (merge request)
• Mutation to delete multiple package files (merge request)
• GraphQL: Add lazy load for blocking epics count (merge request) GitLab Enterprise Edition
• Add git protocol configuration to groups (merge request)
• Prevent users from using known insecure public key (merge request)
• Preview plantuml/kroki diagrams in content editor (merge request)
• Add scan_execution_policies endpoint to the Kubernetes internal API (merge request) GitLab Enterprise Edition
• Add opened/closed epic issue weights (merge request)
• Added possibility to search CRM contacts and organizations by ids by @zillemarco (merge request)
• Adds timestamps to compliance frameworks (merge request)
• Clean up group_level_protected_environment feature flag (merge request)
• Remove downstream_retry_action ff (merge request)
• Audit event for group level merge request settings (merge request) GitLab Enterprise Edition
• Added token-selector to WI assignees (merge request)
• Introduce database metric batch average operation (merge request)
• Add counts.saml_group_links metric (merge request) GitLab Enterprise Edition
• Remove customer_relations feature flag by @leetickett (merge request)
• Provide HooksExecution task to ensure Slack integrations are called (merge request) GitLab Enterprise Edition
• Introduce gitlab_internal for Rails and pg tables (merge request)
• Add sortable description list items on epic page (merge request)
• Add support for delayed project deletion for personal projects (merge request) GitLab Enterprise Edition
• Create audit stream HTTP header model (merge request)
• Prevent users from adding known, weak keys by @kyrie.31415926535 (merge request)
• Add password complexity checkbox in application settings pages (merge request)
• List children in hierarchy widget (merge request)
• Added remove button to time tracking report entries by @zillemarco (merge request)
• PyPI simple repository API PEP 503 (merge request)
• Create Geo replication events for Terraform state deletions (merge request) GitLab Enterprise Edition
• Add metric for unique MRs with invalid approvers (merge request) GitLab Enterprise Edition
• Add empty state to branch selection when creating an MR (merge request)
• Added a waning alert to the project (merge request)
• Add confidential notes index (merge request)
• Update documentation to reflect current project migration status (merge request)
• Upgrade GitLab Pages to 1.59.0 (merge request)
• Create merged result pipelines when MR is git mergeable (merge request)
• Switch legacy_open_source_license_available for non-public projects (merge request)
• Add upgrade status badge to runners (merge request) GitLab Enterprise Edition
• Internal error tracking check endpoint (merge request)
• User api endpoint for project deploy keys (merge request)
• Added intents.json to act as a multiplier to the emojis score (merge request)
• Add password complexity to application settings API by @mtan-gitlab (merge request) GitLab Enterprise Edition
• Add time to restore service chart to CI/CD analytics (merge request) GitLab Enterprise Edition
• Add new empty state to group overview (merge request)
• Add container_images to Project/Group GraphQL API (merge request)
• Event type information in streaming audit event for deploy token (merge request) GitLab Enterprise Edition
• Create Button ViewComponent (merge request)
• Introduce new Colour Select Widget by @espadav8 (merge request)
• Create release evidence post GitLab Migration (merge request)
• Prepare confidential notes index on .com (merge request)
• Add metric to count number of requirements that require approval (merge request) GitLab Enterprise Edition
• Skip sending pipeline hooks and notifications for blocked users (merge request)
• Add not null constraint on routes#namespace_id column (merge request)
• Add submit license usage data banner (merge request) GitLab Enterprise Edition
• Add version part columns to ci_runners table (merge request)
• Add seat count usage alerts to group pages (merge request) GitLab Enterprise Edition
• Show Terraform state deleted status in UI (merge request)
• Add event type information in merge request approval audit event (merge request) GitLab Enterprise Edition
• Add logic to reset submit license usage data banner data (merge request) GitLab Enterprise Edition
• Removes container_registry_project_statistics FF (merge request)
• Remove updated_diff_expansion_buttons feature flag (merge request)
• Add GraphQL support to manage the Packages Cleanup policy (merge request)
• WIP add filename arguement to allow filtering by file language (merge request) GitLab Enterprise Edition
• Added contacts and organizations resolvers by @zillemarco (merge request)
• graphql: Add merge_request_event_type field to pipeline_type (merge request)
• Add container registry to Namespace usage quotas page (merge request) GitLab Enterprise Edition
• Log GitHub Commit Status API responses by @hchouraria (merge request) GitLab Enterprise Edition
• Add GraphQL operation name to performance bar (merge request)
• Add Note to Todo GraphQL Type by @Taucher2003 (merge request)
• Add maintenance notes in runner view (merge request) GitLab Enterprise Edition
• Log sql query in Sidekiq error logs (merge request)
• Displays embedded images on ipynb diffs (merge request)
• Adds the end event column to the VSA stage table (merge request)
• Add drop_sequence migration helper (merge request)
• Cleanup orphaned routes (merge request)
• Log email delivery failures (merge request)
• Enable escalations of incidents created manually (merge request)
• Add option to backup specified groups (merge request)
• Add a index for vulnerability_state_transitions table (merge request) GitLab Enterprise Edition
• Add tooltip to the downstream expand btn (merge request)
• Adds raw column to all ci variable tables (merge request)
• Add Pages::PageDeletedEvent (merge request)
• Expose epic links properties on GraphQL (merge request) GitLab Enterprise Edition
• Add documentation for CWE 319.1 (merge request)
• Introduce execute_background_migrations feature flag (merge request)
• Add runner status to external pipeline validation payload (merge request)
• Add validation for epic issue group hieararchy (merge request) GitLab Enterprise Edition
• Implement GET API to fetch single issue link by @tuxtimo (merge request)
• Add seat count usage alerts to group pages (merge request) GitLab Enterprise Edition
• Add totalWeight to epic board list (merge request) GitLab Enterprise Edition
• Link service desk issues to CRM contacts by @leetickett (merge request)
• Add event type in audit event streaming (merge request) GitLab Enterprise Edition
• Improve group issues list empty state (merge request)
• Allow creation of annotated tags with the Release API (merge request)
• Add resource links db table migration (merge request) GitLab Enterprise Edition
• Add Pages/Pelican project template (merge request)
• Add and expose Jira app OAuth application ID (merge request)
• Add Developer Documentation for the Pipeline Wizard (merge request)
• Add 'Package registry' visibility setting to project settings by @wwwjon (merge request)
• Allow custom language type in code blocks (merge request)
• Add Milestone.releases GraphQL field (merge request)
• Add index to ci_job_artifacts (merge request)
• Add closed_as_duplicate_of to issues Graphql type (merge request)
• Introduce source versions for BulkImport trackers configuration (merge request)
• Add VulnerabilityStateTransition model (merge request)
• Implement new PAT API endpoint 'id' by @TrueKalix (merge request)
• GraphQL: Allow filtering epics by top level only (merge request) GitLab Enterprise Edition
• Remove updated_mr_header feature flag (merge request)
• Add registry migration Guard dynamic pre import timeout (merge request)
• Add CRM filtered search tokens on group/project issues page (merge request)
• Added mocked assignees to work item (merge request)
• Prepare async index to for Ci::JobArtifact (merge request)
• GraphQL: Add maintenance_note_html field (merge request)
• Prepare new Slack events processing API (merge request)
• Add backup option to filter for specific projects (merge request)
• Add designs migration to GitLab Project Migration (merge request)
• Uplift limit on Math diagrams on wiki pages (merge request)
• Add email to send to admin when a user is auto banned (merge request)
• Work item Hierarchy widget - Empty state (merge request)
• Add models for SSH signed commits (merge request)
• Finalize routes backfilling for projects (merge request)
• Add parent-child work item table (merge request)
• Add designs repository export to relations export API (merge request)
• Display artifact expired page for TestSuite (merge request)
• Update Gitlab Shell to 14.6.1 (merge request)
• Add new inactive project deletion section to admin settings (merge request)
• Add container registry storage type to project storage list (merge request) GitLab Enterprise Edition
• Added timelog categories table and model by @zillemarco (merge request)
• TLS support for metrics endpoints (pprof, prometheus) (merge request)
• Added method to perform api call to get container_registry_size (merge request)
• Default audit_event_streaming_git_operations to true (merge request) GitLab Enterprise Edition
• Self-managed SAML Group Sync (merge request) GitLab Enterprise Edition
• Add epic board list resolver (merge request) GitLab Enterprise Edition
• Add PWA manifest.json (merge request)
• The batched migrations should enforce requirements (merge request)
• Support multi-actor args in the feature API (merge request)
• Feature: dingtalk integration by @chaomao (merge request)
• Cache namespace traversal path in traversal_ids (merge request)
• Allow creation of annotated tags with the GraphQL Release API (merge request)
• Create notes confidential index synchronously (merge request)
• Clean up pipeline_editor_file_tree feature flag (merge request)
• Removes feature flag :rendered_diffs_viewer (merge request)

Fixed (212 changes)

• Enable FF ci_variable_for_group_gitlab_deploy_token (merge request)
• Fix scoped labels bug on group/project issues list (merge request)
• Allowlist OAuth application redirect URI in CSP (merge request)
• Update MergeRequestDiffFile#utf8_diff to not call #diff multiple times (merge request)
• Validation for author during release creation (merge request)
• Bump Gitlab Shell version to v14.7.4 (merge request)
• Send only group namespace with Owner role (merge request) GitLab Enterprise Edition
• Do not double escape release tags with slashes in release URL (merge request)
• Fix code block language related issues (merge request)
• Move "Create an MR" test to different line (merge request) GitLab Enterprise Edition
• Add PipelineReplicator and handle pipeline ref created event (merge request) GitLab Enterprise Edition
• OCI image fix: UI representation and Geo replication (merge request) GitLab Enterprise Edition
• Stop Wiki clone when Wiki is disabled (merge request)
• Make sure there is a separator between commits (merge request)
• Fix sticky position in project compare and commits (merge request)
• Disable project_key validation for inactive Jira integrations (merge request)
• Move checks from mergeable to mergeable_state? (merge request)
• Fixes line mapping for ipynb diffs (merge request)
• Do not mark generic vulnerabilities as "resolved on default branch" (merge request) GitLab Enterprise Edition
• Group Projects settings width does not respect fixed width (merge request)
• Group Repository Settings does not respect fixed with setting (merge request)
• Override HLJS selectors from Sourcegraph (merge request)
• Adding with_lock_retries to the gitlab:db:lock_writes rake task (merge request)
• Fix middle click on todos (merge request)
• Fix static translations in integrations (merge request)
• Improve scrolling tabs (merge request)
• Translate quick action's messages (merge request)
• Add missing padding to confirmation email login box (merge request)
• Fix themes in code blocks in content editor (merge request)
• Preserve language when retrieving cached security training urls (merge request) GitLab Enterprise Edition
• Prevent frozen modification in email encoding patch (merge request)
• Include release authors during Github imports (merge request)
• Refetch subscription after removing a user (merge request) GitLab Enterprise Edition
• Display sec training configu with license helper (merge request)
• Update workhorse local path for Issuable metrics (merge request)
• Take into account for the default merge request template (merge request)
• Fix alignment of action button icons in mini pipelines (merge request)
• Always pass current_user to project search results (merge request) GitLab Enterprise Edition
• Forward invalid feedback prop on EE invite modal (merge request) GitLab Enterprise Edition
• Geo: Fix JobArtifact verification when object storage is used (merge request)
• Fix alignment of delete button on linked items (merge request)
• Remove captcha check GET endpoint (merge request) GitLab Enterprise Edition
• Fix UTF-8 conversion in reply parser (merge request)
• Improve design loading state by @leetickett (merge request)
• Fix a bug in MergeRequests::UpdateService (merge request)
• Remove unused ci_job_artifact_states_job_artifact_id_seq (merge request)
• Fix iteration reports with cadence rollover (merge request) GitLab Enterprise Edition
• Propagate scan result rules related attributes (merge request) GitLab Enterprise Edition
• Use loose foreign key for deployment_clusters.cluster_id (merge request)
• Fixing SlidingListStrategy default value of the partitioning column (merge request)
• Properly handle the PG::ReadOnlySqlTransaction error (merge request)
• Fix API Security registry name in DAST On Demand API template (merge request) GitLab Enterprise Edition
• Fix API Security registry name in Secure Binaries template (merge request) GitLab Enterprise Edition
• Correctly display MR analytics Avg and Max values (merge request) GitLab Enterprise Edition
• Remove unused ci_pipelines_config_pipeline_id_seq (merge request)
• Fix source_project for Ci::Sources::Project (merge request) GitLab Enterprise Edition
• Hide /remove_contacts if issue has no contacts by @leetickett (merge request)
• Do not use custom SVG logo for email header (merge request)
• Fix artifact downloads on Security tab (merge request) GitLab Enterprise Edition
• Add support for sentry request with no content-type by @leetickett (merge request)
• Removed component destroy on mouseout (merge request)
• Respect namespace for phabricator importer (merge request)
• Respect namespace for manifest importer (merge request)
• Use loose foreign key for deployments.cluster_id (merge request)
• Allow OPTIONS method for OAuth2 token endpoints (merge request)
• Update search data when :issues_full_text_search is enabled (merge request)
• Use header logo for merge request emails by @wwwjon (merge request)
• Exclude Requirements & Test Cases from Issues list (merge request) GitLab Enterprise Edition
• Update pipeline mini graph border (merge request)
• Add timestamp columns to VSA aggregated RecordsFetcher (merge request)
• Fix button height on group issues list page (merge request)
• Default to the current group when importing from gitea (merge request)
• Only transition environment to stopped once stop action has succeeded (merge request)
• Update LFS objects export to not fail if file on disk is missing (merge request)
• Fix gitlab:db:validate_config to store db_config_name of a database (merge request)
• Fix namespace_id being lost for github import (merge request)
• Fix rewriting epic in Issues move service (merge request) GitLab Enterprise Edition
• Provide project path to refetched Terraform state GraphQL queries (merge request)
• Use DAST_API_EXCLUDE_URLS with DAST API on-demand scans (merge request) GitLab Enterprise Edition
• Close Epic Label dropdown when clicking on header X by @espadav8 (merge request)
• DeactivateDormantUsersWorker will not deactivate recently created users (merge request)
• Remove unused ci_build_report_results_build_id_seq (merge request)
• Prevented issues designs reordering when on mobile by @zillemarco (merge request)
• Fix MR title link styles (merge request)
• Convert captcha check endpoint to POST request (merge request) GitLab Enterprise Edition
• Retain top level group default membership with SAML Group Sync (merge request) GitLab Enterprise Edition
• Enable FF ci_fix_rules_if_comparison_with_regexp_variable by default (merge request)
• Add auditor access for group wiki (merge request) GitLab Enterprise Edition
• Add GitLab agent image tag to install command (merge request)
• Guard email receiver from empty From and To fields (merge request)
• Allow public terraform modules to anonymous users (merge request)
• Fix error when creating Policy Schedule with invalid cron expression (merge request) GitLab Enterprise Edition
• Show manual actions from matching environments on environment page (merge request)
• Add auditor access for on call schedules (merge request) GitLab Enterprise Edition
• Do not aggregate TestReport when using matrix job (merge request)
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix 404 when purchasing storage from a subgroup (merge request) GitLab Enterprise Edition
• Fix incorrect open issue count in project sidebar (merge request) GitLab Enterprise Edition
• Update deployment status when a build fails due to data integrity (merge request)
• Do not allow last human owner to leave (merge request)
• Disconnect alternates when unlinking from a repository pool (merge request)
• Clean up Terraform state files on deletion (merge request)
• Fix linked pipeline expand cutoff on focus (merge request)
• Always destroy webhooks synchronously (merge request)
• Fix vulnerability report project filter loading icon (merge request) GitLab Enterprise Edition
• Add Cancel buttons to CSV import and export modals (merge request)
• Fix 500 on issues list page (merge request)
• Add !reference support for workflow keyword (merge request)
• New Issue: Fix description label alignment (merge request)
• Fix deployment chat notifications for tags by @rstxn (merge request)
• Fix merge_request should_remove_source_branch by @guillaume.chauvel (merge request)
• Make Plain diff button downloadable (merge request)
• Improve comemnts discussion header (merge request)
• Fix 500 error for CompareController (merge request)
• Fix vanishing design versions by @leetickett (merge request)
• Upgrade fog-aws to v3.14.0 by @hchouraria (merge request)
• Dismiss file tree popover when clicking outside the element (merge request)
• Hide commit form based on pipeline editor path's tab query param (merge request)
• Prevent project maintainers from approving Owner access requests (merge request)
• Add btn-link class back (merge request)
• Correct project coverage graph dates on x axis (merge request)
• Add support for the !reference tag in CI schema (merge request)
• Address ux quota problems (merge request) GitLab Enterprise Edition
• Change page titles from h3 to h1 to be semantically correct (merge request)
• Fix epics list bulk editing by using intersection (merge request) GitLab Enterprise Edition
• Do not store security scans for already purged pipelines (merge request) GitLab Enterprise Edition
• Update binary button links platform changes (merge request)
• Fixed mis-aligment of expanded header-search-bar (merge request)
• Fix Advanced Search Opensearch detection (merge request) GitLab Enterprise Edition
• Use #persisted_environment for agent impersonation (merge request)
• Do not allow mailers to be enqueued from within a transaction (merge request)
• Use live preview extension no matter the first file opened (merge request)
• Fix NoMethodError in Integrations::Prometheus#test by @moofkit (merge request)
• Fix routing for /info/refs (merge request)
• Resolve issues emoji selector missing focus border (merge request)
• Add JobArtifactCreatedAt to build_artifacts_size_refresh table (merge request)
• Prevent project maintainers from creating Owner access tokens (merge request)
• Separate query params for Members and Groups by @wwwjon (merge request)
• Set timestamps correctly when propagating (merge request)
• Patch ActiveRecord::Generators::Migration#configured_migrated_path (merge request) GitLab Enterprise Edition
• Geo: Mark object stored as verification disabled (merge request) GitLab Enterprise Edition
• Update BulkImports to handle empty relation status responses (merge request)
• Fix mail notifications not being sent when requesting access (merge request)
• Include inherited owners in User#solo_owned_groups (merge request)
• Fixes forgotten base class (merge request)
• Prevent project maintainers from creating or modifying Project Owners (merge request)
• Fix bug on Pipeline#has_expired_test_reports? (merge request)
• Fix project packages and registries menu active state (merge request)
• Lower session expiry when user is unauthenticated (merge request)
• Guard clause for no external destinations (merge request) GitLab Enterprise Edition
• Skip orphaned pool repositories even when there's a fork network (merge request)
• Add spacing between threat monitoring breadcrumb and policy section (merge request) GitLab Enterprise Edition
• Allow references to scoped labels by title (merge request)
• Fix Emoji picker button background in highlighted comment (merge request)
• Merge branch 'fix-last-pipeline-fecth-in-web-ide' into 'master' (merge request)
• Ensure last pipeline is fetched on render of Web IDE status bar (merge request)
• Drop defunct unique namespaces name index (merge request)
• Fix issue description list item styling (merge request)
• Improve design consistency of buttons in some modals (merge request)
• Fix overflow on comments (merge request)
• Don't fail extension API getter (merge request)
• Align DAST Site Token URL validation (merge request) GitLab Enterprise Edition
• Add auditor access for dependency proxy (merge request) GitLab Enterprise Edition
• Sets Gon variables in response to requests with invalid reCAPTCHA (merge request)
• Fix 2-factor QR code on small screens (merge request)
• Fix padding regression for SAML SSO sign in (merge request) GitLab Enterprise Edition
• Fix SFE commit message focus (merge request)
• Fix drag and drop issue description list item bugs (merge request)
• Fix REST runner API status filter documentation (merge request)
• Fix inconsistent focus on comment field (merge request)
• Added check for GraphQL ID on popover (merge request)
• Fix focus ring for linked issues input field (merge request)
• Remove streams tab from subgroups audit events UI (merge request) GitLab Enterprise Edition
• Set MailRoom's postback request content type to text/plain (merge request)
• Update account deletion instructions (merge request)
• Remove superfluous whitespace in link to pipeline by @KevSlashNull (merge request)
• Highlight active CRM page in navigation menu by @leetickett (merge request)
• Fix vertical alignemnt of comment icons (merge request)
• docs: Use clear deprecation/removal as examples by @tnir (merge request)
• Hide a dropdown tooltip when toggling by @petewaitforletters (merge request)
• Fix focus overflow on create new label (merge request)
• Delete the duplicate job even in case of errors (merge request)
• docs: Fix DS_DEFAULT_ANALYZERS variable docs by @tnir (merge request)
• Fix custom notification settings for releases (merge request)
• gitaly_client: Fix handling of custom hook errors in UserMergeBranch (merge request)
• Remove existing repository backups when creating a full backup (merge request)
• Fix multiple modals showing when canceling comment in diff (merge request)
• Fix references in wiki pages (merge request)
• Resolve invite member trigger qa selector ambiguity (merge request)
• Update test case and MR popover status badges (merge request)
• Move LFK scheduling out from EE check (merge request)
• Allow users to reset DAST submit field (merge request) GitLab Enterprise Edition
• Fix LabelToken selecting wrong label (merge request)
• Add support for configuring internal IPs (merge request)
• Fix fogbugz ignoring target name and group change (merge request)
• Fix duplicate results in MR pipelines resolver (merge request)
• Fix UTF-8 handling issue for internal mailroom endpoint (merge request)
• Hide internal note checkbox on unsupported types (merge request) GitLab Enterprise Edition
• Grant auditor role read-access to policies (merge request) GitLab Enterprise Edition
• Fix missing action buttons when editing Requirements (merge request)
• Sanitize user input on the harbor registry list page by @orozot (merge request)
• Cleanup backup staging files on failure (merge request)
• Fix issues list previous page bug (merge request)
• Geo Sites - Unknown WAL bug (merge request) GitLab Enterprise Edition
• Fix button text color in dark mode (merge request)
• Use merge_head_diff for code owners (merge request)
• Disallow guests from updating an issue promoted to incident by @nfason (merge request)
• Add correct Default.md MR template precedence handling (merge request)

Changed (453 changes)

• Extend logging for Mirror jobs (merge request)
• Consider patches for eligible runner releases (merge request)
• Introduced /ready quick action by @stingrayza (merge request)
• Use Labkit for checking and enabling FIPS (merge request)
• Migrates spacing class for edit button on release (merge request)
• Migrates spacing class for authenticating github (merge request)
• Enable Geo proxying for separate URLs by default (merge request) GitLab Enterprise Edition
• Migrate spacing classes for feature flag form (merge request)
• Migrates spacing class for commit sidebar of ide (merge request)
• Update CiJobConnection.count to limited count (merge request)
• Migrate link button to tertiary in design management (merge request)
• Drop permissions column from ci_secure_files table (merge request)
• Change form_errors to be pajamas compliant in admin settings (merge request)
• Migrates spacing classes on release overview page (merge request)
• Removed useCustomErrorHandler and callback options (merge request)
• Migrate spacing classes on search overview page (merge request)
• Apply standard registration flow to single-sign on registrations (merge request)
• Fixes the spacing for the contributors buttons (merge request)
• Migrates custom classes for project search (merge request)
• Migrates the spacing for milestone icon analytics (merge request) GitLab Enterprise Edition
• Migrate errors in create user to Pajamas alert (merge request)
• Adds loading for package details additional metadata (merge request)
• Migrates spacing classes for empty approval rule (merge request) GitLab Enterprise Edition
• Fixes spacing for buttons of broadcast message (merge request)
• Migrates spacing class of assignee of related item (merge request)
• Migrates to gl class for checkbox to select commit (merge request)
• Migrates spacing class in security dashboard (merge request) GitLab Enterprise Edition
• This MR updated CI/CD configuration flow (merge request) GitLab Enterprise Edition
• Add has_vulnerabilities to cluster_agents (merge request)
• Update gray-10 from #fafafa to #f5f5f5 (merge request)
• Improve error messages when fetching Jira user information (merge request)
• Migrate repo storage errors to Pajamas alert (merge request)
• Update docs milestone description for alpha (merge request)
• Decrease spacing between checkbox and button (merge request)
• Conditional dropdown value in invite modals (merge request)
• Migrates the spacing for icon in web ide header (merge request)
• Update group deletion protection settings (merge request) GitLab Enterprise Edition
• Migrates the spacing class for sort dropdown (merge request) GitLab Enterprise Edition
• Disable reading remdiation records (merge request) GitLab Enterprise Edition
• Migrates the spacing classes for label search (merge request)
• Support footnotes in client-side deserializer (merge request)
• Migrate the prioritize button (merge request)
• Updated servicedesk callout to BannerComponent (merge request)
• Migrates the spacing class for error severity (merge request)
• Env Folder component icon migration (merge request)
• Right sidebar improvements for collapsed state (merge request)
• Migrate pipeline_schedules/_form.html.haml to Pajamas::ButtonComponent (merge request)
• Enable dast_ui_redesign feature flag by default (merge request) GitLab Enterprise Edition
• Removes unused code for modal close button (merge request) GitLab Enterprise Edition
• Replace pencil-square icon with pencil icon (merge request)
• Migrates to gl class for right margin (merge request)
• Add approval_required entry to widget endpoing (merge request) GitLab Enterprise Edition
• Use RedHat OpenJDK packages in gemnasium-maven FIPS (merge request) GitLab Enterprise Edition
• Migrate the edit button (merge request)
• Backfill project feature 'package_registry_access_level' by @wwwjon (merge request)
• Improve Insights UI text (merge request) GitLab Enterprise Edition
• Migrates the button to request attention (merge request)
• Use chevron icon in mr_collapsible_extension.vue (merge request)
• Migrates the modal to remove related item (merge request) GitLab Enterprise Edition
• Update MR feature callout to BannerComponent (merge request) GitLab Enterprise Edition
• Enable feature flag for renamed integrations workers (merge request)
• Migrates the modal to discard changes in web ide (merge request)
• Allow CI_JOB_TOKEN auth for release links API by @tuxtimo (merge request)
• Event type information in streaming audit event for project download (merge request) GitLab Enterprise Edition
• Update Coverage-Fuzzing.gitlab-ci.yml (merge request)
• Migrate the deprioritize button (merge request)
• Migrate sidebar buttons for bulk update (merge request) GitLab Enterprise Edition
• Unbox Group audit events (merge request)
• Migrates the modal to reset webhook for pagerduty (merge request)
• Prevent page reload on switch board (merge request)
• Update banner implementation to use Pajamas banner (merge request) GitLab Enterprise Edition
• Migrate buttons to add/remove commits (merge request)
• Adjust empty runners state svg height (merge request)
• Migrates button to open sidebar for bulk updates (merge request) GitLab Enterprise Edition
• Update administrator settings for deletion protection (merge request) GitLab Enterprise Edition
• Removes incorrect gl-padding-50 variable (merge request)
• Update omniauth-dingtalk-oauth2 gem to v1.0.1 (merge request)
• Migrates modal to delete iteration (merge request) GitLab Enterprise Edition
• Enable FIPS mode for digest algorithms (merge request)
• Support autolink serialization in Content Editor (merge request)
• Update WebIDE job chevron icon (merge request)
• Migrate button to search projects on dashboard (merge request)
• Rename the "Dark" and "Light" theme to avoid confusion with "Dark Mode" (merge request)
• Migrates the modal to discard all changes (merge request)
• Migrate button component (merge request) GitLab Enterprise Edition
• Rename discussion comment button title (merge request)
• Update buttons on new project from CI/CD pane (merge request) GitLab Enterprise Edition
• Migrates button to revoke validation for dast (merge request) GitLab Enterprise Edition
• Migrates the button to add rotation for schedule (merge request) GitLab Enterprise Edition
• Migrates the button to expand sidebar (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrates the default value for deleting a design (merge request) GitLab Enterprise Edition
• Project Owners can approve access requests (merge request)
• Migrates modal to download test coverage report (merge request) GitLab Enterprise Edition
• Removed container_registry_namespace_statistics ff (merge request)
• Migrates the button to edit a blob file (merge request)
• Cleanup Child issues and epics (merge request)
• Update specs for integrations API to check all modifiable fields (merge request)
• Move IrkerWorker into Integrations:: namespace and rename queue (merge request)
• This MR migrates bootstrap legacy component to pajamas (merge request)
• Add Slack app installations to Service Ping (merge request) GitLab Enterprise Edition
• This MR migrates bootstrap legacy component to pajamas (merge request)
• Update MS Teams form to use sections (merge request)
• Migrate button to confirm user (merge request)
• Migrates the button to add on call schedule (merge request) GitLab Enterprise Edition
• Migrates the button to add an escalation policy (merge request) GitLab Enterprise Edition
• Migrates close button in details for test case (merge request)
• Migrates button to restart Web IDE terminal (merge request)
• Migrates the button to extend trial (merge request) GitLab Enterprise Edition
• Migrates button to view full dashboard (merge request)
• Migrates button to view documentation (merge request)
• Migrates button to view dashboard documentation (merge request)
• Migrates the guidance in docs for buttons (merge request)
• Migrates button to manage plan for subgroups (merge request) GitLab Enterprise Edition
• Migrates buttons to resync and reverify projects (merge request) GitLab Enterprise Edition
• Migrate access token form errors to be Pajamas compliant (merge request)
• Update admin error alerts to pajamas (merge request)
• Migrate the subscribe dropdown button (merge request)
• Updated icons in the group contributions table (merge request) GitLab Enterprise Edition
• Updated buttons in the project settings (merge request)
• Migrate the ellipsis button (merge request)
• Add url variables to web hooks (merge request)
• Migrate group visibility form errors to be Pajamas compliant (merge request)
• Migrate Admin -> Topic -> New form errors to be Pajamas compliant (merge request)
• Migrate alert in the onboarding flow (merge request) GitLab Enterprise Edition
• Migrate button in sidebar for bulk issues update (merge request)
• Migrate button in the group creation (merge request) GitLab Enterprise Edition
• Migrates buttons in labels nav partial (merge request)
• Migrate alert in the SSH key settings (merge request)
• Use Pajamas::AlertComponent for maintenance message by @ali_o_kan (merge request) GitLab Enterprise Edition
• Migrates 'Stop all jobs' button to Pajamas::ButtonComponent (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrate alert docs icon (merge request)
• Add pattern validation for cadence in Scan Execution Policy Schema (merge request) GitLab Enterprise Edition
• Migrate button to create branch (merge request)
• Add a descriptive empty state for runners (merge request)
• Migrate angle icon to chevron in deploy_board_wrapper.vue (merge request)
• Updated repository callout to BannerComponent (merge request) GitLab Enterprise Edition
• Updated buttons in the Repository mirror settings (merge request) GitLab Enterprise Edition
• Remove separator slot from new project breadcrumb (merge request)
• Remove require_auth_for_graphql_user_resolver feature flag (merge request)
• Disable job log checksums when FIPS enabled (merge request)
• Migrate angle icons to chevron icons in Paginator (merge request)
• Migrate angle icons to chevron icons in GraphGroup (merge request)
• Log worker_id for Puma and Sidekiq (merge request)
• Remove records for removed integrations (merge request)
• Migrate angle icons to chevron icons Kaminari (merge request)
• Bump Auto Deploy Image to v2.30.0 (merge request)
• This MR migrates legacy html button to Pajamas button (merge request)
• Migrate chevron icon compliance docs (merge request)
• Migrate angle to chevron in responsive header (merge request)
• Migrate chevrons in pagination buttons (merge request)
• Migrate chevrons in breadcrumbs (merge request)
• Update confidential issue permissions docs (merge request)
• Updated buttons in the group settings (merge request) GitLab Enterprise Edition
• Remove language arg (merge request) GitLab Enterprise Edition
• Determine security training feature accessibility (merge request)
• Replace terms angle icon for a chevron one (merge request)
• Change resolved -> detected on subsequent scans (merge request) GitLab Enterprise Edition
• Removes OpenStruct use by @mehulsharma (merge request)
• Rename cluster integration workers and their queues (merge request)
• Migrate chevron DM docs (merge request)
• Migrate web ide icon docs (merge request)
• Autodevops docs chevron icon migration (merge request)
• Unbox & Cleanup Compare merge request (merge request)
• Replaced generic inputs in the Web IDE (merge request)
• Restore md spinner in MR status widget (merge request)
• Make captcha check over POST rather than GET (merge request) GitLab Enterprise Edition
• Update contextual sidebar background and border (merge request)
• Add missing page-title & font-size-h-display classes (merge request)
• Supported 'language' editor instance option (merge request)
• Change what makes migrations completed (merge request) GitLab Enterprise Edition
• Clean up group_member_inherited_group feature flag by @wwwjon (merge request)
• Update h1 to use .gl-font-size-h-display class (merge request)
• Migrates the create commit button in Web IDE (merge request)
• Replace angle icons for chevron in registry breadcrumb (merge request)
• Migrates the learn more about AWS button (merge request)
• Migrates the export requirements modal (merge request) GitLab Enterprise Edition
• Replace angle icons for chevron in groups (merge request)
• Use tertiary button for alert sidebar assignee (merge request)
• Fix attribute inheritance in workers (merge request)
• Revert data consistency to always (merge request)
• Remove branch names from conflict count (merge request)
• Cleanup Schedule a new pipeline form page (merge request)
• Cleanup New environment page (merge request)
• Migrates the skeleton in terraform MR widget (merge request)
• Migrates the modal to delete an integration (merge request)
• Cleanup New Test Case page (merge request)
• Cleanup New/Edit feature flag form (merge request)
• Add limits on number of scheduled security scan pipelines (merge request)
• Migrates the run pipeline modal in commit (merge request)
• Remove async_mr_close_issue feature flag (merge request)
• Remove use_received_header_for_incoming_emails feature flag (merge request)
• Change loading state (merge request)
• Migrates the feature flag modal to not use ok (merge request)
• Update search settings placeholder text (merge request)
• Improve Debian version regexp by @sathieu (merge request)
• Migrates the skeleton loader for requirements (merge request) GitLab Enterprise Edition
• Update group compliance framework labels (merge request) GitLab Enterprise Edition
• Replace angle icons for chevron in package details (merge request)
• Finally get rid of all btn-warning code (merge request)
• Migrates the configure regions button for GCP (merge request)
• Don't delete expired artifacts undergoing refresh (merge request)
• Change awards active item state (merge request)
• Limit the response being logged from the WebhookWorker (merge request)
• Migrates the download test coverage report button (merge request) GitLab Enterprise Edition
• Refactor storage helper date checking (merge request)
• Update to bundler v2.3.15 (merge request)
• Add phone_verification_code_enabled to ApplicationSettings by @zhzhang93 (merge request)
• Change angle icon (merge request)
• Add invalid approvers to be further used by (merge request) GitLab Enterprise Edition
• Graduate update_storage_usage_design feature flag (merge request) GitLab Enterprise Edition
• Replace angle icons to chevron in admin dashboard (merge request)
• Bump Gitlab Shell version (merge request)
• Cleanup New user form (merge request)
• Improve sidebar styling (merge request)
• Expose alert status (merge request)
• Make sidebar in MRs sticky (merge request)
• This MR replaces outdated skeleton-loading (merge request)
• Use agent name in the agent installation command (merge request)
• Bring DAST templates back inline (merge request) GitLab Enterprise Edition
• Improve editing experience of footnotes (merge request)
• Migrate to tertiary buttons in DropdownContentsCreateView (merge request)
• Update premailer gem to v1.16.0 (merge request)
• Add focus ring to all links (merge request)
• Enable route_hll_to_snowplow_phase2 FF by default (merge request)
• Cleanup New/Edit Label pages (merge request)
• Update gitlab-fog-azure-rm for Ruby 3.0 compatibility (merge request)
• Update more in-app checkout CSS utility classes (merge request)
• Unbox Label pages for Group & Projects (merge request)
• Require authentication when enumerating users via GraqhQL (merge request)
• Left align CTAs and remove background color (merge request)
• Added count in project_type (merge request)
• Clean up feature flag for release path fix (merge request)
• Migrate to a tertiary button in DropdownContentsLabelsView (merge request)
• Cache container repositories size on namespace (merge request)
• Remove unwanted title attribute (merge request) GitLab Enterprise Edition
• Migrate push rules edit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Add trigger section definition to form (merge request)
• Enable new issue reference popovers (merge request)
• Report warnings from the timebox resolver (merge request)
• Upgrade re2 gem to v1.4.0 (merge request)
• Update auto-deploy-image to v2.28.2 (merge request)
• Migrates the skeleton in overview discussion notes (merge request)
• Remove integrations.properties column (merge request)
• Migrates the analytics on group overview page (merge request) GitLab Enterprise Edition
• Rename ProjectServiceWorker to Integrations::ExecuteWorker (merge request)
• Migrate to a tertiary button in Dependency List (merge request) GitLab Enterprise Edition
• Run RubySampler and ThreadSampler in Puma primary (merge request)
• Move VSA task by type description into dropdown (merge request) GitLab Enterprise Edition
• Migrate skeleton loader in MR popover (merge request)
• Enable Slack app OauthV2 flow (merge request) GitLab Enterprise Edition
• Migrate skeleton in Web IDE file tree list (merge request)
• Migrate skeleton loader for test coverage summary (merge request) GitLab Enterprise Edition
• Migrates skeleton loader in issuables list (merge request)
• Add text related to policy status (merge request) GitLab Enterprise Edition
• Migrates the buttons when adding a metrics panel (merge request)
• Use the minimal layout for the in-app checkout flows (merge request) GitLab Enterprise Edition
• Improve styling of dropzone (merge request)
• Add reason for unauthorized in jira connect API (merge request)
• Migrate resolve button in error tracking (merge request)
• Migrates more details button in error tracking (merge request)
• Migrates the edit policy button in drawer (merge request) GitLab Enterprise Edition
• Migrates the modal to promote a milestone (merge request)
• Migrates the modal to edit LDAP user (merge request) GitLab Enterprise Edition
• Remove "other role" details during signup (merge request)
• Migrates radio buttons for strategy of auto devops (merge request)
• Migrate issuable form branch chooser alert to Pajamas ViewComponent (merge request)
• Improve focus states of downstream cards (merge request)
• Migrates the save changes button to edit geo site (merge request) GitLab Enterprise Edition
• Improve UI text of group Templates setting (merge request) GitLab Enterprise Edition
• Migrates skeleton loader for projects in runner (merge request)
• Migrates radio buttons in add license form (merge request) GitLab Enterprise Edition
• Migrate path skeleton in value stream analytics (merge request)
• This MR replaces outdated skeleton-loading (merge request)
• Migrates the resolve conflict button in diff view (merge request)
• Migrates the display anyway button for math (merge request)
• Increase margin in Sec. Dashboard cards (merge request) GitLab Enterprise Edition
• Migrates skeleton for cluster details in table (merge request)
• Remove orphaned commits from Advanced Search index (merge request) GitLab Enterprise Edition
• Migrates the skeleton for notes in diffs (merge request)
• Migrates the save changes button to add metric (merge request)
• Migrate button to go to Confluence (merge request)
• Migrates the add button in form for stream (merge request) GitLab Enterprise Edition
• Migrate action buttons in security (merge request) GitLab Enterprise Edition
• Migrates the add stream button in audit events (merge request) GitLab Enterprise Edition
• Migrates the skeleton for system notes (merge request)
• Migrates the create service account button for gcp (merge request)
• Remove failed_jobs_tab_vue feature flag (merge request)
• Migrate skeleton loader in runner jobs list (merge request)
• Migrates the button to archive a test case (merge request) GitLab Enterprise Edition
• Remove minutes quota copy from banner (merge request)
• Remove unnecessary ExecStop from sidekiq service file by @behrmann (merge request)
• Migrates button in modal for hand raise leads (merge request) GitLab Enterprise Edition
• Migrates the skeleton loader in markdown preview (merge request)
• Migrate wiki/issue rebalancing alert to Pajamas ViewComponent (merge request)
• Clean up background migration BackfillIntegrationsEnableSslVerification (merge request)
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• This MR replaces outdated skeleton-loading (merge request) GitLab Enterprise Edition
• Use CreateOrchestrationPolicyWorker to schedule SyncScanPoliciesWorker (merge request) GitLab Enterprise Edition
• Migrates the submit button to add a new license (merge request) GitLab Enterprise Edition
• Migrates dropdown item in options for error (merge request)
• Change pending text on members page for awaiting members (merge request) GitLab Enterprise Edition
• Allow delete of protected tags if user has authority by @eggerd (merge request)
• Migrates the button in burndown charts (merge request) GitLab Enterprise Edition
• New issue visual cleanup (merge request)
• Migrates skeleton loader in value stream analytics (merge request)
• Remove unused helper method with warning button (merge request) GitLab Enterprise Edition
• Migrates the install button for mattermost teams (merge request)
• Provide can_admin_vulnerability attribute to instance security dash (merge request) GitLab Enterprise Edition
• Migrates the button in the leave group modal (merge request)
• Migrates revoke approval button in merge request (merge request)
• Migrates the dismiss vulnerability button in modal (merge request) GitLab Enterprise Edition
• Sets "Dismiss selected" button variant to default (merge request) GitLab Enterprise Edition
• This MR migrates radio button to pajamas radio component (merge request)
• Migrates the radio to say who is using gitlab (merge request) GitLab Enterprise Edition
• Create index for deployment_approvals on created_at and id (merge request)
• No-op FixMergeRequestDiffCommitUsers background migration (merge request)
• Enable 'automaticLayout' option for Source Editor (merge request)
• Cleanup New merge request selection step (merge request)
• Migrates the clone dropdown (merge request)
• Cleanup New Epic (merge request)
• Remove 'delayed_repository_update_mirror_worker' feature flag (merge request)
• Update empty state of Slack Application page (merge request) GitLab Enterprise Edition
• Migrates the example in docs from success (merge request)
• Migrate angle to chevron in group templates (merge request) GitLab Enterprise Edition
• Migrates the button in the promote label modal (merge request)
• Migrates button to cherry pick commits (merge request)
• Migrate skeleton for unconfigured security rules (merge request) GitLab Enterprise Edition
• Migrates the save changes button for value streams (merge request) GitLab Enterprise Edition
• Migrates the skeleton in usage counts (merge request)
• Migrates the radio mention in cascading settings (merge request)
• Migrates the radio to say who will be using group (merge request)
• Migrates the radio buttons in whats new settings (merge request)
• Align Webhooks settings entry order (merge request) GitLab Enterprise Edition
• Migrate button to view issue for error (merge request)
• Migrates the start web terminal button in web ide (merge request)
• Migrate use template button for custom templates (merge request) GitLab Enterprise Edition
• Migrate pages domain alert to Pajamas ViewComponent (merge request)
• Migrates try out pipeline button in mr widget (merge request)
• Migrates the save changes button for new geo site (merge request) GitLab Enterprise Edition
• Migrate button to confirm users email (merge request)
• Migrate push rules edit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Reject some requests that may conflict with project stats refresh (merge request)
• Migrates button to add approval rule in MR (merge request)
• Migrate project new tag alert to Pajamas ViewComponent (merge request)
• Migrates the revoke oauth button for GCP (merge request)
• Migrates the CLI Commands dropdown for containers (merge request)
• Migrates the button to trigger a manual job (merge request)
• Add script keyword link in tooltip (merge request)
• Migrates the configure button for feature flags (merge request)
• Change order of displayed years in CI minutes app (merge request) GitLab Enterprise Edition
• Rearrange user popover content for better overview (merge request)
• Migrate admin emails to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Enforce Migration[2.0] to make all migrations decomposition supported (merge request)
• Clean up vulnerabilities over time chart and improve tests (merge request) GitLab Enterprise Edition
• Migrate storage limit alert to Pajamas (merge request) GitLab Enterprise Edition
• Migrate remove cluster buttons (merge request)
• Refine mini pipeline graph states (merge request)
• Migrate above size limit alert to Pajamas ViewComponent (merge request) GitLab Enterprise Edition
• Add upstream pipeline attributes in pipeline hooks by @AdrianLC (merge request)
• Migrates the upload file button for secure files (merge request)
• Migrates the clear cluster cache button (merge request)
• Removes the configure later button (merge request)
• Make ci_owned_runners_* FF on by default (merge request)
• Header add focus ring to more elements (merge request)
• Update MR widget styling (merge request)
• Update Gitlab Shell version to 14.7.1 (merge request)
• Clean up security dashboard layout (merge request) GitLab Enterprise Edition
• Improve error display for Zentao issue by @icbd (merge request) GitLab Enterprise Edition
• Remove execute_batched_migrations_on_schedule_ci_database (merge request)
• Update incident escalation policy when alert status is first synced (merge request)
• Update all versions of n/a or N/A to Not applicable by @ali_o_kan (merge request)
• Migrates the Elasticsearch retry migration button (merge request) GitLab Enterprise Edition
• Migrates the button for updating the username (merge request)
• Contribution Analytics - Deprecate seg control (merge request) GitLab Enterprise Edition
• Add validation for namespace on compliance frameworks (merge request) GitLab Enterprise Edition
• Remote h1 from site logo (merge request)
• Add end_event_timestamp to the stage records JSON response (merge request)
• Unbox Designs on issues (merge request)
• Disable Content-MD5 when FIPS is enabled (merge request)
• Migrate archive button in design (merge request)
• Make improvements to group repo analytics UX (merge request) GitLab Enterprise Edition
• Align note actions to Pajamas icon button styles (merge request)
• Migrates the button to add approval rule (merge request) GitLab Enterprise Edition
• Migrates the unprotect environment button (merge request) GitLab Enterprise Edition
• Geo Sites - Link to replication views (merge request) GitLab Enterprise Edition
• Sort projects by CI minutes usage in Usage Quotas page (merge request) GitLab Enterprise Edition
• Migrates the button to change group URL (merge request)
• Migrate the lock button in the sidebar (merge request)
• Migrate button in inline collapsed files alert (merge request)
• Migrate button in alert for collapsed files (merge request)
• Change next_aborted_repository take to limit(2)[0] (merge request)
• Added trigger for namespace_aggregation_worker (merge request)
• Migrate button in alert for mermaid limit (merge request)
• Migrate add project button in operations dashboard (merge request) GitLab Enterprise Edition
• Container Registry: cleanup expire icon changed by @TrayHard (merge request)
• Rename Projects::ServicesController and change routes (merge request)
• Migrate checkbox for mattermost with new group (merge request)
• Remove unused state and function by @JonstonChan (merge request)
• Migrate confirm user button (merge request)
• Migrate service ping consent button (merge request)
• Migrate trigger cluster reindexing button (merge request) GitLab Enterprise Edition
• Migrate buttons in user count alert (merge request) GitLab Enterprise Edition
• Migrate purchase storage button in alert (merge request) GitLab Enterprise Edition
• Migrate enable Service Desk button in info (merge request)
• Update Gitlab Shell version to 14.6.0 (merge request)
• Use backend to send security training status instead of using GraphQL (merge request)
• Forbid creating streaming destinations for subgroups (merge request) GitLab Enterprise Edition
• Add structured error parsing for user_cherry_pick (merge request)
• Verify group name is valid inside of the purchase flow (merge request) GitLab Enterprise Edition
• Add filters by milestone, author, and assignee to task by type (merge request) GitLab Enterprise Edition
• Change edit profile inputs to be full width on mobile (merge request)
• Add shared runner duration to table (merge request) GitLab Enterprise Edition
• Backfill project member namespace id (merge request)
• In emails, style implicit links too by @smokris (merge request)
• Bump Gitlab Shell version to 14.5.0 (merge request)
• Add focus to old form elements (merge request)
• Adjust placement of DAST profile conflict banner (merge request) GitLab Enterprise Edition
• Allow version conflicts in commits migration (merge request) GitLab Enterprise Edition
• Migrate enable service desk button to confirm (merge request)
• Clarify required permission for GitLab Migration by @qb60 (merge request)
• Ghost-userize Threat Insights models on deletion (merge request) GitLab Enterprise Edition
• Migrate save edited snippets comment to confirm (merge request)
• Rename storage to project storage (merge request)
• Exclude date-range controls from loading state (merge request) GitLab Enterprise Edition
• Change group usage quota ux (merge request)
• Update Slack application settings form labels (merge request) GitLab Enterprise Edition
• Redesign package details history loading experience (merge request)
• Bump Gitlab Shell version to 14.4.0 (merge request)
• Fix the odd spacing in the sidebar between Milestone and Iteration (merge request)
• Adding ordered scope to Project-level Secure Files (merge request)
• Increase size of sidebar nav sidebar (merge request)
• Define states parameter in environments api interface (merge request)
• Update commits migration options (merge request) GitLab Enterprise Edition
• Update report schema selection process description (merge request)
• Add enhanced schema for security policies (merge request) GitLab Enterprise Edition
• Scope batched background migrations to current gitlab_schema (merge request)
• Pipeline quota: Sort projects by CI minutes (merge request) GitLab Enterprise Edition
• Swap FK web_hook_logs to web_hooks for LFK (merge request)
• Bump Gitlab Shell version to 14.3.1 (merge request)
• Migrates start free trial button to confirm (merge request) GitLab Enterprise Edition
• Update expires at field to remove the current date from possible options (merge request)
• Migrate save identity button to confirm variant (merge request)
• Migrate new identity button to confirm variant (merge request)
• Added docs links to the keyword tooltips in the pipeline editor by @shridharbhat1998 (merge request)
• Change logo to use tanuki-only (merge request)
• Change navbar height to 48px (merge request)
• Approvals summary content font-weight fix (merge request)
• Add breadcrumb link to release when editing (merge request)
• Generalize Mailgun webhook endpoints (merge request)
• Update icons and text (merge request)
• Improve container registry image copy tooltips (merge request)

Deprecated (4 changes)

• Deprecate project_fingerprint from finding (merge request) GitLab Enterprise Edition
• PipelineSecurityReportFinding.name deprecated flag (merge request) GitLab Enterprise Edition
• Remove geo_lfs_object_delete_events table and references (merge request)
• Deprecate ApiFuzzingCiConfigurationCreate mutation (merge request) GitLab Enterprise Edition

Removed (24 changes)

• Remove the vsa_consistency_worker FF (merge request)
• Remove remove_diff_header_icons feature flag (merge request)
• Remove already used worker as part of a previous (merge request) GitLab Enterprise Edition
• Remove the manual renewal banner (merge request) GitLab Enterprise Edition
• Remove sandboxed_mermaid feature flag (merge request)
• Revert "Merge branch 'ag/348481-saas-seats-count-alert-member-numbers' into 'master'" (merge request)
• Remove the vsa_incremental_worker feature flag (merge request)
• Remove metrics for SSE feature (merge request)
• Remove old Prometheus::CreateDefaultAlertsWorker (merge request)
• Remove prometheus alert index path and usage (merge request)
• Remove container_security_policy_selection related code (merge request) GitLab Enterprise Edition
• Remove ci_owned_runners_unnest_index feature flag (merge request)
• Remove ci_owned_runners_cross_joins_fix feature flag (merge request)
• Remove Cluters Schedule update service (merge request)
• Remove all SSE references (merge request)
• Drop token column from deploy_tokens table (merge request)
• Merge branch 'feat/remove-project-daily-statistics-worker' into 'master' (merge request)
• Remove 'namespaces_cache_first_auto_devops_config' feature flag (merge request)
• Remove 'group_projects_api_preload_groups' feature flag (merge request)
• Remove compliance_framework_setting from project edit API (merge request) GitLab Enterprise Edition
• Remove ignore_column for security_scan_succeeded by @svdj (merge request)
• Remove Pages legacy storage rake tasks by @feistel (merge request)
• Delete threat_monitoring alerts (merge request)
• Drop compliance frameworks regulated column (merge request) GitLab Enterprise Edition

Security (11 changes)

• Remove access_token_ajax feature flag (merge request)
• Update rack gem to version 2.2.3.1 (merge request)
• Subgroup member can list members of parent group
• Fix content injection in Jira issue title
• Trigger token should respect group IP restrictions
• Do not allow project member import when membership is locked
• Disable changing user attributes when updating SCIM provisioned user
• Escape contact details correctly in quick actions
• Allow only job owner to run interactive terminal
• Remove sha from releases internal API (merge request)
• Fix IP restrictions not applying to deploy tokens

Performance (24 changes)

• Add index to improve open issues count query (merge request)
• Introduce timeout to markup rendering (merge request)
• Replace API order by created_at with order by id (merge request)
• Move Elasticsearch project transfer to async worker (merge request) GitLab Enterprise Edition
• Delete repositories without renaming them first (merge request)
• Reduce response cost of deploy keys autocompleter by @hchouraria (merge request)
• Fix N+1 queries for Changelog generation (merge request)
• Prevent processing markdown when copying notes (merge request)
• Preload avatar_url for CompareController (merge request)
• Preload associations for RepositoryUpdateMirrorWorker (merge request) GitLab Enterprise Edition
• Finalize new index and update schema (merge request)
• Fix SQL statement timeout while fetching inactive projects (merge request)
• Add traversal_ids index when type is group using btree (merge request)
• Fix N+1 issue for CompareController (merge request)
• access_checks: Always enable use of quarantine directory (merge request)
• Preload commits markdown cache for CommitsController (merge request)
• Improve performance of namespace existence lookup (merge request)
• Reduce N+1 queries in deployment_group of environment model (merge request)
• Use request cache for protected tags (merge request)
• Create new index for removing artifacts with unknown locked status (merge request)
• Remove redundant issues list GraphQL queries by @leetickett (merge request)
• Extract ServicePing payload persistance (merge request)
• Optimizations for CommitReferenceFilter (merge request)
• Preload deployment associations to reduce N+1 queries (merge request)

Other (60 changes)

• Only do LSIF processing on artifacts (merge request)
• Use OS tempdir for LSIF parsing (merge request)
• Add yml files for tracking incident timeline actions (merge request)
• Remove omit_epic_subscribed feature flag (merge request) GitLab Enterprise Edition
• Remove ci_jwt_signing_key feature flag (merge request)
• Remove faster_owner_access feature flag (merge request)
• Adding listing feature flags command to documentation (merge request)
• Change destination_name to destination_slug (merge request)
• Remove ignore rule from test reports (merge request) GitLab Enterprise Edition
• Remove stale runner cleanup feature flag (merge request)
• Update hook settings error alert (merge request)
• Removed unused gl-col-padding variable (merge request)
• Add caching for group activity counters (merge request) GitLab Enterprise Edition
• Add CI_PROJECT_DESCRIPTION to predefined variables by @nejc (merge request)
• Remove paginated_notes feature flag (merge request)
• Improve performance of Issuable finder (merge request)
• Skip CSRF protection on Workhorse internal API (merge request)
• Rename confidential refs to internal (merge request) GitLab Enterprise Edition
• Remove usage_data_i_incident_management_oncall_notification_sent FF by @feistel (merge request)
• Add database column and setting logic for license_usage_data_exported (merge request)
• Prepare index to improve counting of open issues (merge request)
• Remove rake task to set up EE specific database functionality (merge request)
• Remove the CI mirror tables consistency checks Feature Flags (merge request)
• Delete invalid epic_issue records migration (merge request)
• Add workhorse internal upload API, observation only (merge request)
• Update manual cadence deprecation message (merge request) GitLab Enterprise Edition
• Finalize issue search data migration (merge request)
• Remove enqueue twice option from EnqueuerWorker (merge request)
• Fix Style/OpenStructUse offenses by @edith007 (merge request)
• Rename 'repo by url' to repository by url' by @feistel (merge request)
• Track clicks on the pipeline editor help drawer (merge request)
• Remove gitaly_replace_wiki_create_page flag (merge request)
• Add sketch blob viewer by @mihes3d (merge request)
• Guard worker application setting timeouts (merge request)
• Delete vue_issues_list feature flag (merge request)
• Remove FF ci_trigger_forward_variables (merge request)
• Remove omniauth_initializer_fullhost_proc FF (merge request)
• Delete unused report_not_configured_operational.vue and its test (merge request) GitLab Enterprise Edition
• Drop temporary index not needed anymore (merge request)
• Remove touch_project_repository_state_updated_at FF (merge request)
• Finalize background migration for discussion IDs (merge request)
• Fix callouts test by @chaomao (merge request) GitLab Enterprise Edition
• Support push options when creating merge request pipelines (merge request) GitLab Enterprise Edition
• Rename ci runner migration (merge request)
• Defer database query in favor of cached value check (merge request)
• Use application settings for pipeline creation rate limit (merge request)
• Prepare for lazy upload preauth (merge request)
• Do not vary upload tempfile prefix (merge request)
• Workhorse: fix TestUploadProcessingFile (merge request)
• Create ClusterEnabledGrant model and populates table (merge request)
• Debug batch update (merge request)
• Fix countries controller test by @chaomao (merge request)
• Cleanup phase 4 feature flag and env vars (merge request)
• Remove cross-db modification from destroy_batch_service (merge request) GitLab Enterprise Edition
• Cleanup the database_geo.yml stuff (merge request) GitLab Enterprise Edition
• Mark stale security_scans as purged (merge request) GitLab Enterprise Edition
• Fix confirm email service test by @chaomao (merge request)
• Restructure free user cap under model for better scoping (merge request)
• Fix JH skipped subscription portal spec by @chaomao (merge request)
• Add not null constraint to requirements.issue_id validate:false (merge request)

15.0.5 (2022-07-28)

Security (18 changes)

• Security datadog integration leaking (merge request)
• Prevent users who cannot admin a public project from viewing deploy keys (merge request)
• Add additional condition to accept invitation (merge request)
• Update GITLAB_PAGES_VERSION (merge request)
• Add html_escape to build_details_entity (merge request)
• Check permissions when filtering by contact or organization (merge request)
• Use author to run subscribed pipeline (merge request)
• Remove prohibited branches after project import (merge request)
• Remove feature flag ci_yaml_limit_size (merge request)
• Maintainer can change the visibility of Project and Group (merge request)
• Do not link unverified secondary emails with any users (merge request)
• Forbid exchanging access token for ROP flow to users required 2FA setup (merge request)
• Remove todos from confidential notes when user loses access (merge request)
• Remove group_bot_user and group_access_token after group delete (merge request)
• Protect integration secrets (merge request)
• Protect Grafana and Sentry integrations (merge request)
• Fix IDOR in Jira issue show action (merge request)
• Limit proxied requests to Grafana API (merge request)

15.0.4 (2022-06-30)

Security (17 changes)

• Fix group IP restrictions not enforced for container registry requests (merge request)
• Update rack gem to version 2.2.3.1 (merge request)
• Gitlab Runner version upgrade (merge request)
• Update ProjectAttributesTransformer to use fixed number of attributes (merge request)
• Escape deploy key title to prevent XSS (merge request)
• Sanitize ZenTao breadcrumb links (merge request)
• Fix permissions in the project labels API (merge request)
• Security fix sentry issue leaks and access level check (merge request)
• Check permissions before exposing user two factor enabled (merge request)
• Filter milestone release by user access (merge request)
• Fix the required access level in the Conan packages finder (merge request)
• Allow inviting only groups with subset of allowed domains to groups (merge request)
• Fix open redirect vulnerability (merge request)
• Adds a filter based on user access to Runner jobs endpoint (merge request)
• Prevent runners from picking IP restricted jobs (merge request)
• Restrict CI lint access to pipeline creators (merge request)
• Catch endless headers when reading HTTP responses (merge request)

15.0.3 (2022-06-16)

Fixed (2 changes)

• Disconnect alternates when unlinking from a repository pool (merge request)
• Add GitLab agent image tag to install command (merge request)

15.0.2 (2022-06-06)

Added (1 change)

• Add event type in audit event streaming (merge request) GitLab Enterprise Edition

Fixed (10 changes)

• Fix Advanced Search Opensearch detection (merge request) GitLab Enterprise Edition
• Fix 500 on issues list page (merge request)
• Include inherited owners when calculating User#solo_owned_groups (merge request)
• Fix issue description list item styling (merge request)
• Fix focus for linked issues input field & IDE cursor (merge request)
• docs: Fix DS_DEFAULT_ANALYZERS variable docs (merge request)
• Remove existing repository backups when creating a full backup (merge request)
• Move LFK scheduling out from EE check (merge request)
• Fix drag and drop list item bugs (merge request)
• Hide internal note checkbox on unsupported issuable types (merge request) GitLab Enterprise Edition

Changed (1 change)

• Update auto-deploy-image to v2.28.2 (merge request)

15.0.1 (2022-06-01)

Security (8 changes)

• Fix IP restrictions not applying to deploy tokens (merge request)
• Trigger token should respect group IP restrictions (merge request)
• Fix content injection in Jira issue title (merge request)
• Escape contact details correctly in quick actions (merge request)
• Subgroup member can list members of parent group (merge request)
• Do not allow project member import when membership is locked (merge request)
• Disable changing user attributes when updating SCIM provisioned user (merge request)
• Allow only job owner to run interactive terminal (merge request)

15.0.0 (2022-05-20)

Added (147 changes)

• Self-managed SAML Group Links and Membership Updater (merge request) GitLab Enterprise Edition
• Show error message in pipeline alert (merge request)
• Upgrade GitLab Pages to 1.58.0 (merge request)
• Drag and drop list items on issue page (merge request)
• Default enable automated_email_provision feature flag (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to 14.3.0 (merge request)
• Add documentation for inactive project deletion feature (merge request)
• Enable confidential_notes FF by default (merge request)
• Add slack_app_signing_secret to settings (merge request)
• Add a 409 error page (merge request)
• Store pipeline creation rate limit into application settings (merge request)
• Add REPOSITORIES_STORAGES option to backups (merge request)
• Add option to disable seperated caches by @Taucher2003 (merge request)
• Merge Agents and Agent Tokens API docs by @tuxtimo (merge request)
• Enable poetry.lock dependency scanning (merge request) GitLab Enterprise Edition
• Add exclude from free user cap to namespace settings (merge request)
• Add infinite scrolling to project dropdown (merge request) GitLab Enterprise Edition
• Enable feature flag iteration_cadences (merge request) GitLab Enterprise Edition
• GraphQL: Add maintenance_note to RunnerType (merge request)
• Use Gemnasium FIPS images automatically (merge request)
• Default CRM feature flags to on by @leetickett (merge request)
• Add link from issue contacts to issues list by @leetickett (merge request)
• Add alert banner to usage quota seats page (merge request) GitLab Enterprise Edition
• Extend /help/instance_configuration with CI/CD limits by @wwwjon (merge request)
• Make group import history page size persistent by @wspwebben (merge request)
• Add registry migration guard timeout settings (merge request)
• Add group push rule changes to audit log (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell version to 14.2.0 (merge request)
• Add inactive projects deletion feature (merge request)
• GraphQL: Add allowStaleRunnerPruning to Group (merge request) GitLab Enterprise Edition
• Add merge_request.draft to push options by @svdj (merge request)
• Add NamespaceCiCdSettingsUpdate mutation (merge request) GitLab Enterprise Edition
• Add API to set membership state (merge request) GitLab Enterprise Edition
• Add export size limit for projects by @wwwjon (merge request)
• Add API endpoint for repository size recalculation (merge request)
• Convert newline symbols in description push options to actual newlines by @svdj (merge request)
• Support security report schema version 14.1.2 (merge request)
• Add Runner separation by plan PoC (merge request)
• Display a cancel button in policies page (merge request) GitLab Enterprise Edition
• Implement Cluster Agent Tokens REST API by @tuxtimo (merge request)
• Increased the time tracking report modal size by @zillemarco (merge request)
• Allow pruning of stale group runners (merge request) GitLab Enterprise Edition
• Add index to namespace_ci_cd_settings table (merge request)
• Allow linking CRM organizations to contacts by @leetickett (merge request)
• Backfill draft status column using corrected regex (merge request)
• Validate a tag does not have an existing release (merge request)
• Exposed user permissions for each timelog entry by @zillemarco (merge request)
• Bump Gitlab Shell to 14.1.1 (merge request)
• Add 2 last DORA metric tiles to VSA (merge request) GitLab Enterprise Edition
• Add Architecture and Platform to runner details (merge request)
• Add Follow/Unfollow button to user popover (merge request)
• Enable ServicePing timings reporting (merge request)
• Support storage_size_limit in PlanLimits API (merge request)
• Add project's shared_runners_duration to GraphQL (merge request) GitLab Enterprise Edition
• Add group_inheritance_type to deploy access level and approval rule API (merge request) GitLab Enterprise Edition
• Add deployment metadata when firing hooks (merge request)
• CI: update cluster-integration/auto-build-image by @willianpaixao (merge request)
• Enable the querying of security training urls by language (merge request) GitLab Enterprise Edition
• Add namespace_ci_cd_settings table (merge request)
• Update Project stats on Container Registry event (merge request)
• Add PREVIOUS_BACKUP option to backup.rake (merge request)
• Enable aggregated VSA by default (merge request)
• Add CRM argument handling for issue list filters by @leetickett (merge request)
• Enable updated_diff_expansion_buttons by default (merge request)
• Remove related_epics_widget feature flag (merge request)
• GraphQL: Add platform/arch runner fields (merge request)
• Background job to trim namespaces over limit (merge request) GitLab Enterprise Edition
• Adds container_registry_size to namespace_root_storage_statistics (merge request)
• Start storing changed_at in seat statistics worker (merge request)
• Background Migrations - Mutli DB Admin UI (merge request)
• Allow editing media URL and alt in content editor (merge request)
• Add last_cleanup_deleted_tags graphql field (merge request)
• Record blocked epics removed on usage data (merge request) GitLab Enterprise Edition
• Add deletion warning email template for inactive projects (merge request)
• Add page description to pipeline security tab (merge request) GitLab Enterprise Edition
• Enable Group Level Security Policies in GraphQL API (merge request) GitLab Enterprise Edition
• Allow users to enforce auth checks on upload on a project level (merge request)
• Moving approval notifications from EE to FOSS (merge request)
• Add the packages cleanup policy model (merge request)
• Add tracking events to group and project pages (merge request)
• Handle timeout status in GitLab migration (merge request)
• Add GraphQL API to fetch Group Security Policies (merge request) GitLab Enterprise Edition
• Added prefetching for tasks in issue description (merge request)
• Prepare notes confidential index (merge request)
• Expose container_registry_size via GraphQL (merge request)
• Add CRM arguments to GraphQL issue resolver by @leetickett (merge request)
• Fix pipelines field performance in the package GraphQL type (merge request)
• Add support for sticky header on scroll for epics (merge request) GitLab Enterprise Edition
• Allow (un)following someone in the user popover by @KevSlashNull (merge request)
• Add API endpoint for fetching all resource groups for a project (merge request)
• Add last_cleanup_deleted_tag count column (merge request)
• Add access action for environments (merge request)
• Set custom error budgets (merge request)
• Edit environments tier with API (merge request)
• Expose environments tier over API (merge request)
• Audit IP allowlist editing (merge request) GitLab Enterprise Edition
• Send blocked users to Arkose (merge request) GitLab Enterprise Edition
• Add inherited group membership option for protected environment auth (merge request)
• Add active/state to CRM graphql queries/mutations by @leetickett (merge request)
• Extend Plan limits API with CI/CD limits properties by @wwwjon (merge request)
• Scroll to top of vulnerability list when filters changed (merge request) GitLab Enterprise Edition
• Add group wiki visibility toggle to group settings by @fjsanpedro (merge request)
• Add verify action for environments (merge request)
• Add auditing of runner token reset operations (merge request) GitLab Enterprise Edition
• Add BackgroundMigrationRecord cop to avoid ActiveRecord::Base (merge request)
• Expose billable members membership_state (merge request) GitLab Enterprise Edition
• Refactor the usage quotas -> ci/cd minutes page (merge request) GitLab Enterprise Edition
• Added autofocus on 'Search projects' input by @maksimanisimov1 (merge request)
• Log downstream pipeline creation (merge request)
• Show deployment approval on deployments page (merge request) GitLab Enterprise Edition
• Allow editing link URL and title in content editor (merge request)
• Over limit members in namespaces with a free plan (merge request) GitLab Enterprise Edition
• Revoke agent token from the UI (merge request)
• Enable touch_project_repository_state_updated_at FF by default (merge request) GitLab Enterprise Edition
• Enable VSA reggregation worker by default (merge request)
• Add Workhorse support for FIPS encryption (merge request)
• Backfill all ProjectSetting records (merge request)
• Add delete button to runner details page (merge request)
• Make ArkoseLabs namespace configurable (merge request)
• feat: Add SAST.latest and Secret-Detection.latest templates (merge request)
• Add audit events for merge request settings (merge request) GitLab Enterprise Edition
• Ensure max_seats_used_changed_at stays up to date (merge request)
• Start storing change date for max_seats_used (merge request)
• Add documentation link to CI/CD Variables Form (merge request)
• Support for TLS config on Workhorse (merge request)
• Move MigrationRecord into V1_0 (merge request)
• Add RuboCop::Cop::Migration::MigrationRecord rule (merge request)
• Add releases to GitLab Project Migration (merge request) GitLab Enterprise Edition
• Update container registry size in project stats (merge request)
• Add runner executor to runner details page (merge request)
• Add executorName to GraphQL API (merge request)
• Add delayed group deletion application setting (merge request)
• Quickly copy code blocks in the Content Editor (merge request)
• Add option for submit field in DAST Configuration (merge request) GitLab Enterprise Edition
• Add topics title (model, management, API) by @wwwjon (merge request)
• Auto continue markdown lists (merge request)
• Expose _links.cluster_agents field in project REST API by @tuxtimo (merge request)
• GraphQL: filter group members by access level (merge request)
• Add scan_finding rules into project settings (merge request) GitLab Enterprise Edition
• Added the possibility to remove a timelog from an issuable by @zillemarco (merge request)
• Measure metric collection time (merge request)
• Add group attributes pipeline to group bulk import (merge request) GitLab Enterprise Edition
• Add namespace settings attributes pipeline to group bulk imports (merge request) GitLab Enterprise Edition
• Distribute GitHub import jobs by default (merge request)
• Improve Geo project-out-of-date detection mechanism (merge request)
• Add iteration quickaction displays ID format on autocomplete (merge request) GitLab Enterprise Edition
• Draft: Allow a subset of a blame to be requested from the REST API (merge request)

Fixed (133 changes)

• Fix incident sticky header status badge (merge request)
• Ensure present_on_default_branch is set to true when branch is merged (merge request) GitLab Enterprise Edition
• Fix VerificationStateBackfillWorker re-enqueue process (merge request) GitLab Enterprise Edition
• Downgrade auto-deploy-image to v2.25.0 (merge request)
• Added condition for opening modal (merge request)
• Rename Dismiss VulnerabilitiesFinding mutation (merge request) GitLab Enterprise Edition
• Backfill notes that have null discussion_id (merge request)
• Do not try to create issue links without issues while ingesting reports (merge request) GitLab Enterprise Edition
• Fix error on issues list due to restricted visibility level (merge request)
• Fix comment form action button title (merge request) GitLab Enterprise Edition
• Fix state badge icon and link text color (merge request) GitLab Enterprise Edition
• Correct wrapping on PMG (merge request)
• Start the next ConsistencyWorker run from where it left (merge request)
• Add removed Dependency Scanning jobs as dummies (merge request)
• Update upstream/downstream borders (merge request)
• Change confidential comments doc to internal notes by @leetickett (merge request)
• Display SSO link prior to save (merge request) GitLab Enterprise Edition
• Remove unused batch_size in ExpireOAuthTokens (merge request)
• Add top margin to auto fix card on vulnerability report (merge request) GitLab Enterprise Edition
• Fix user popover overflow and follow/unfollow button alignment (merge request)
• Fix file include-type for CI lint Graphql endpoint (merge request)
• Fix haml conditional logic parsing error in master (merge request) GitLab Enterprise Edition
• Compare agent version against KAS version (merge request)
• Fix scroll to hash (merge request)
• Do not export and import max_pages_size from groups (merge request)
• Fix associated release link on tag page (merge request)
• Preserve branch filter state after delete (merge request)
• Ensure base work item types are created where needed (merge request)
• Fix redirect loop when requiring verification and experiment is inactive (merge request)
• Gracefully handle invalid states when filtering environments (merge request)
• Fix awards focus style overflow (merge request)
• Change cancel button variant/color to danger/red by @leetickett (merge request)
• Backfill finished_at when it is nil for successful deployments (merge request)
• Keep fragment identifier when performing an OAuth redirect (merge request)
• Fix error with initializiation of protected environments feature (merge request)
• Fix group path suggestion bug (merge request)
• Fix Create Vulnerability button height on mobile view (merge request) GitLab Enterprise Edition
• Fix operations dashboard card pipeline background by @mrtgncr733 (merge request)
• Fix assignee filtering on group/issues list (merge request)
• Only poll environment folder if expanded (merge request)
• Change prop type inside the cleanup_status component (merge request)
• Added update to epicsCount (merge request) GitLab Enterprise Edition
• Add DeployTokenAuthor as new type of NullAuthor (merge request) GitLab Enterprise Edition
• Fix error when fetching inherited security execution policy in GraphQL (merge request) GitLab Enterprise Edition
• Fix redirect anchor on Web IDE admin settings by @vaiil (merge request)
• Format dates as UTC (merge request) GitLab Enterprise Edition
• Preserve roadmap timeframe type in page URL (merge request) GitLab Enterprise Edition
• Address several edge cases in ProcessSupervisor (merge request)
• Fixes DAST Profile not found issue (merge request) GitLab Enterprise Edition
• Replicate deletion of remote stored files (merge request) GitLab Enterprise Edition
• Update column name for consistency (merge request) GitLab Enterprise Edition
• Make group scope consistent for scan_finding rules (merge request) GitLab Enterprise Edition
• Re-add usage_data_diff_searches flag (merge request)
• Increase read timeout for Jira requests (merge request)
• Fix the button distance on the milestone page (merge request)
• Fix DORA metric Graphql type (merge request) GitLab Enterprise Edition
• Enable admin to see project level MR analytics (merge request) GitLab Enterprise Edition
• Return 404 on Jira issues if integration inactive (merge request) GitLab Enterprise Edition
• Find feedback based on UUID (merge request) GitLab Enterprise Edition
• Set ProjectAttributesPipeline to be a file extraction pipeline (merge request)
• Add deploy token handling in audit event generation (merge request) GitLab Enterprise Edition
• Include only opened epics in issue bulk actions (merge request) GitLab Enterprise Edition
• Add missing restrict_gitlab_migration to migration (merge request)
• Add error handling for sec config license fetch (merge request) GitLab Enterprise Edition
• Keep "No parent" when page is refreshed (merge request)
• Fix bug when reinstalling Slack app (merge request) GitLab Enterprise Edition
• Remove duplicate records to fix PG::CardinalityViolation on ingestion (merge request) GitLab Enterprise Edition
• Skip initializers in the doctor:secrets task for encrypted data (merge request)
• Fix wiki form not rendering on validation error (merge request)
• Show operation id's by default (SwaggerUI) (merge request)
• Fix typo in event destination GQL docs (merge request) GitLab Enterprise Edition
• Update modal token when its resetting (merge request)
• Forbid recursion during Feature.enabled? (merge request)
• Make minute limit banner dismissible (merge request)
• Load group Vulnerability Report when only subgroups have projects (merge request) GitLab Enterprise Edition
• Fix modal backdrop in dark mode (merge request)
• Fix blob header responsiveness (merge request)
• Fix CRM issue search with vue_issues_list by @leetickett (merge request)
• Use initialTitle prop as is for title component (merge request)
• Allow auditor to read project MR analytics (merge request) GitLab Enterprise Edition
• Fix CRM drawer positioning by @leetickett (merge request)
• Fix transparent table header background on vulnerability report (merge request) GitLab Enterprise Edition
• Migrate form to allow render of UI components (merge request) GitLab Enterprise Edition
• Prevent CRM actions when feature disabled by @leetickett (merge request)
• Move CI pipelines migration to a lower stage during Gitlab Migration (merge request)
• Fix next badge margin (merge request)
• Fix quota counting issue on invite quota limits (merge request) GitLab Enterprise Edition
• Fix browser history for group/project issues page (merge request)
• Fix ZenTao integration when api_url is setup by @chaomao (merge request)
• Allow create_merge_request_in when download_code is allowed (merge request)
• Enable the FF ci_expand_environment_name_and_url (merge request)
• Remove outdated loop prevention check by @andreas.kloeckner (merge request)
• Allow admin to edit requirements (merge request) GitLab Enterprise Edition
• More consistent copy to clipboard buttons (merge request)
• Use pathIdSeparator to format linked epic ref (merge request)
• Fix eslint errors and jest snapshot test by @Ffinnis (merge request)
• Parse only the related artifacts (merge request) GitLab Enterprise Edition
• Hide iteration menu from user namespaced project (merge request) GitLab Enterprise Edition
• Fix mermaid copy to clipboard button by @leetickett (merge request)
• Resolve "Reorder HEAD tags for better performance" (merge request)
• Remove create_project_settings feature flag (merge request)
• Use root ancestor group in buy minutes path (merge request) GitLab Enterprise Edition
• Expose url on discussion award emoji (merge request)
• Nullify merge_request_metrics pipeline_id on pipeline deletion (merge request)
• Fix alignment of cannot merge icon in sidebar (merge request)
• Resolve project filter dropdown overflowing on long names (merge request)
• Fix left over resources when unassigning (merge request) GitLab Enterprise Edition
• Fix mappings errors for ES6.8 (merge request) GitLab Enterprise Edition
• Fix ee css bundles not loading (merge request)
• Fix missing DB duration keys for multiple databases (merge request)
• Use the authoritative file sort to order discussions (merge request)
• Prevent orphaned JobArtifacts in SSF (merge request) GitLab Enterprise Edition
• Fix color picker focus when clicking on a label by @FFxSquall (merge request)
• Fix regression in reactive cache implementation for Environment model (merge request)
• Match dotenv variable limits across subscription plans (merge request)
• Fix check in license load rake task (merge request) GitLab Enterprise Edition
• Resolve group_path to full_path when creating compliance frameworks (merge request) GitLab Enterprise Edition
• Disable STI behavior on MigrationRecord (merge request)
• Use execCommand(‘insertText’) to fix undo (merge request)
• Run repository checks if Geo is not enabled (merge request) GitLab Enterprise Edition
• Fix font weight for snippet count (merge request)
• Add newDirectoryPath computed prop (merge request)
• Fix unintended line breaks were inserted using Japanese IME on MacOS by @hiroponz (merge request)
• Set started_at only once by @Taucher2003 (merge request)
• Fix manual pipeline icons in dark mode (merge request)
• Assign commands should be case insensitive (merge request)
• Fix repository analytics ref dropdown (merge request)
• Use primary for internal registry migration API (merge request)
• Fix raising error in reactive cache setter of kubernetes platform (merge request)
• Fix test case by avoiding lazy evaluation (merge request) GitLab Enterprise Edition
• Show Infrastructure menu item for auditors (merge request) GitLab Enterprise Edition
• Wait until ArkoseLabs token is set before resubmitting (merge request)
• Group analytics lookup group by full_path only (merge request) GitLab Enterprise Edition

Changed (239 changes)

• Allow MR approvals API endpoint for auditors (merge request) GitLab Enterprise Edition
• Enable feature and clean up feature flags (merge request)
• Added link to invite users to contribute to translations by @anshulriyal (merge request)
• Reset skipped container repositories (merge request)
• Moves locking of merge request to dropdown (merge request)
• Moves the To Do button down (merge request)
• internal/git: Pass in GL_ID, GL_USERNAME to receive-pack and upload-pack (merge request)
• Project-level Secure Files upload/remove UI (merge request)
• Move backend documentation paths to frontend for vulnerability report (merge request) GitLab Enterprise Edition
• Split text for kbd shortcut (merge request)
• feature_flags: Default-enable use of filtered quarantine commits (merge request)
• Add permissions to pre-existing commit documents (merge request) GitLab Enterprise Edition
• Change way default CSP is loaded from config (merge request)
• Remove logic from Secret Detection script (merge request)
• Remove vertical padding on branch names (merge request)
• Expose RootStorageStatistics#container_registry_size vis GQL (merge request)
• Update ServicePing metric category to Operational (merge request)
• Hides images on ipynb diff (merge request)
• Improve vulnerability report mobile layout (merge request) GitLab Enterprise Edition
• Turn resolved threads badge green when resolved (merge request)
• Update order of MR header buttons (merge request)
• Add shared runner data to usage quota (merge request)
• Update SAST IaC analyzer major version (merge request)
• Changed :deletion_adjourned_period to a number field (merge request) GitLab Enterprise Edition
• Remove unused CSS class by @mehulsharma (merge request)
• Use active sidekiq router's queues for sidekiq/queue_metrics API (merge request)
• Rename confidential notes to internal notes (merge request) GitLab Enterprise Edition
• Change the text is made bold (merge request) GitLab Enterprise Edition
• Migrate create label button (merge request)
• Update MR merge conflict HTML email (merge request)
• Change certificate_based_clusters FF default to false (merge request)
• Add error alert for Elasticsearch version incompatible (merge request) GitLab Enterprise Edition
• Move backend documentation paths to frontend for vulnerability report (merge request) GitLab Enterprise Edition
• Test one remediation solving two vulnerabilities (merge request) GitLab Enterprise Edition
• Improve Security::Validators::SchemaValidator specs (merge request)
• Update issuable state badge style (merge request)
• Change style of trigger job in pipeline graph (merge request)
• Add props for cancel button by @HerrShmulke (merge request)
• Migrate todo button in collapsed sidebar (merge request) GitLab Enterprise Edition
• Background Migrations - Cleanup Margins (merge request)
• Expand navbar search field when focused (merge request)
• Removes status checks add status field feature flag (merge request) GitLab Enterprise Edition
• Persist group name and use path for destination name (merge request)
• Migrate button in service desk settings (merge request)
• Update GITLAB_KAS_VERSION to 15.0.0 (merge request)
• Fix invalid automatic cadence records (merge request)
• API: Runner status can return "stale" (merge request)
• Enable enhanced_notify_css by default (merge request)
• Migrate purchase storage buttons to confirm (merge request)
• Migrate create jira issue button (merge request) GitLab Enterprise Edition
• Use tertiary confirm dropdown for version switcher (merge request)
• Change discussions to threads in mr settings (merge request)
• Update SAST analyzer major versions (merge request)
• git: Parse and display gitaly limit error (merge request)
• Removing permissions attribute from Secure Files model (merge request)
• Enable approval status new names feature (merge request) GitLab Enterprise Edition
• Update stable Terraform and add stable SAST-IaC template (merge request)
• Migrate button in move for test cases (merge request)
• Update lock invite options (merge request)
• Update package namespace settings permissions (merge request)
• Remove head-variant from GlTable (merge request)
• Migrate create iteration button to confirm (merge request)
• Migrate approve with password modal (merge request) GitLab Enterprise Edition
• Migration with access_token for approval project (merge request) GitLab Enterprise Edition
• Replace issuable sort dropdown (merge request)
• Remove sudo runner registration instructions macos (merge request)
• Add GlBadge with link to Jira vulnerabilities (merge request) GitLab Enterprise Edition
• Do not update project stats for incremental repack (merge request)
• Migrate empty state button for needs (merge request)
• Move report not configured components into specific folders (merge request) GitLab Enterprise Edition
• Upgrade DAST templates to version 3 (merge request) GitLab Enterprise Edition
• Bring Container Scanning to Free (merge request)
• Fix(Subscription errors): handle expired + general (merge request) GitLab Enterprise Edition
• Update dependency proxy settings permissions (merge request)
• Migrate button in vulnerability history (merge request)
• Migrate merge button to confirm (merge request)
• Migrate create incident button (merge request)
• Migrate fork button in diff file (merge request)
• Migrate checkbox to require Jira issue (merge request) GitLab Enterprise Edition
• Update container cleanup policy permissions (merge request)
• Migrate cluster buttons to confirm (merge request)
• Update auto-deploy-image to v2.26.0 (merge request)
• Prevent changing out of hierarchy sharing (merge request) GitLab Enterprise Edition
• Changes labels on merge request dropdown (merge request)
• Geo - Remove legacy redirects (merge request) GitLab Enterprise Edition
• Update documentation for environment multiple stop actions (merge request)
• Deprecate GraphQL type for Network Policies (merge request) GitLab Enterprise Edition
• Deprecate threat_monitoring from GraphQL enum for alerts (merge request) GitLab Enterprise Edition
• Migrate checkboxes when editing runners (merge request)
• Reduce frequently visited projects/groups timeout (merge request)
• Migrate view incident button to confirm (merge request)
• Migrate button in increase storage modal (merge request)
• Migrate apply button in date picker (merge request)
• Update prometheus to 15.x in cluster-management template (merge request)
• Migrate checkboxes for deploy tokens (merge request)
• Migrate success button to confirm (merge request)
• Remove directly addressed references (merge request) GitLab Enterprise Edition
• Update documentation for failed status checks (merge request)
• Migrate use template button (merge request) GitLab Enterprise Edition
• Migrates button in vulnerability header (merge request)
• Migrate create label button in sidebar (merge request)
• Migrate add projects button to confirm (merge request)
• Remove security_scan_succeeded column by @svdj (merge request)
• Migrate add framework button to confirm (merge request)
• Migrate add to review button to confirm (merge request)
• Remove FF for environment multiple stop actions (merge request)
• Hides package delete action for users without permission (merge request)
• Change warning message on partial cleanup runs (merge request)
• Add select all option for scanners (merge request) GitLab Enterprise Edition
• Add dependency proxy total size inside usage quotas (merge request)
• Remove new_vulnerability_form feature flag (merge request) GitLab Enterprise Edition
• Update edit profile page form styling (merge request)
• Add awaiting memberhips in billable members API (merge request) GitLab Enterprise Edition
• Remove integrations.type column (merge request)
• Separate Sidekiq metrics and health-checks server (merge request)
• Feat(Legacy License): move to admin/settings page (merge request) GitLab Enterprise Edition
• Update Vulnerability Management database docs (merge request)
• Update text for the existing mr widget (merge request) GitLab Enterprise Edition
• Reset the original color for security rules (merge request) GitLab Enterprise Edition
• Update search SystemCheck to latest versions (merge request) GitLab Enterprise Edition
• This MR adds new empty state (merge request) GitLab Enterprise Edition
• Add updated date to to-do sort options (merge request)
• Update scan result policies related (merge request) GitLab Enterprise Edition
• Allow Slack app to be reinstalled (merge request) GitLab Enterprise Edition
• Clean up error logging in integrations (merge request)
• Display feature flag name in edit page's title (merge request)
• Use field DSL in CI integrations (merge request)
• Replace Pages confirmation modals with GlModal (merge request)
• Initial commit for skipped to created state (merge request)
• Upgrade warnings about deprecated commands (merge request)
• Add margin to year dropdown (merge request)
• Enable omniauth_initializer_fullhost_proc by default for Geo SSO (merge request)
• Improve shared runner toggle interations (merge request)
• Return back to runner view after successful edit (merge request)
• Visually separate DORA metrics from key VSA metrics (merge request)
• Remove use of md5 by @mehulsharma (merge request)
• Boards - Make scope indicator dynamic (merge request)
• Added Don’t filter milestone option to board scope (merge request) GitLab Enterprise Edition
• Lock invite options when reaches user limit (merge request)
• Update GenericCommitStatus badges (merge request)
• Improved title-related warning on test case (merge request)
• Remove redirection of outdated status by @mehulsharma (merge request)
• Updates delete icon button in runner table by @mehulsharma (merge request)
• Remove .thead-white class from GlTables (merge request) GitLab Enterprise Edition
• Update runner status summary upon filtering (merge request)
• Boards: Polish top buttons on mobile (merge request)
• Gitaly: Increase timeout for repository_size to long_timeout (merge request)
• Improve loading for work item detail (merge request)
• Stops hiding dependency proxy image prefix data behind loader (merge request)
• Remove h2 from breadcrumbs by @KevSlashNull (merge request)
• Remove usages of deprecated self_signed_cert option (merge request)
• Migrate checkbox to GitLabUI (merge request) GitLab Enterprise Edition
• Update copy text for self metrics toggle (merge request)
• Boards - Fix click on label adds filter with new filtered search (merge request)
• Fix broken docs UI links (merge request)
• Display loading spinner instead of text (merge request)
• Use gitlab-ui checkbox for signin oauth settings (merge request)
• Decrease priority of run pipeline button (merge request)
• This MR adds new feature flag for DAST redesign (merge request) GitLab Enterprise Edition
• Limit group invites from projects to also use prevent setting (merge request)
• Prevent projects creating group links outside hierarchy (merge request)
• Allow Reporters to admin milestones and iterations (merge request)
• Update issuable confidentiality UI & status text (merge request)
• Refactor On-demand scans page header section (merge request) GitLab Enterprise Edition
• Upgrade Container Scanning analyzer version (merge request) GitLab Enterprise Edition
• Geo Sites Form - Cleanup Learn more links (merge request) GitLab Enterprise Edition
• Geo Sites - Cleanup Learn more links (merge request) GitLab Enterprise Edition
• Refresh vulnerabilities on vulnerability list after bulk select is done (merge request) GitLab Enterprise Edition
• Flip order of packages and monitor in project sidebar (merge request) GitLab Enterprise Edition
• Use topic title instead of name in UI by @wwwjon (merge request)
• Do not disable snippet form submit button to enforce validation (merge request)
• Replace filter field with search-box-by-click on import repositories by @Xubunter (merge request)
• Hide confirmation required error state by @HerrShmulke (merge request)
• Use button-group on vulns-over-time chart (merge request) GitLab Enterprise Edition
• Replace approved with passed in status check api (merge request) GitLab Enterprise Edition
• Adjust sign in columns and padding to accommodate Arkose (merge request) GitLab Enterprise Edition
• Display security training config based on license (merge request)
• Add border radius (merge request)
• This MR changes layout of new/edit DAST scanner configuration (merge request) GitLab Enterprise Edition
• Make status param required (merge request) GitLab Enterprise Edition
• Update Security Policy Configuration to not exclude rules from pipeline (merge request) GitLab Enterprise Edition
• Update avatar counter styles (merge request)
• Move path navigation below filters for VSA (merge request)
• Remove vulnerability_report_pagination feature flag (merge request) GitLab Enterprise Edition
• Change elements order on the import project page by @cheshirecat902 (merge request)
• Correct styles for select project split button (merge request)
• Adds Ci::Bridge to RetryJobService (merge request)
• Allow pages root domain to be used as custom domain by @mlegner (merge request)
• Improve UI text of sign-up restrictions (merge request)
• Move .thead-white to apply to GlTable as well (merge request)
• Unbox issue board lists (merge request)
• Hide security rules for non ultimate licenses (merge request) GitLab Enterprise Edition
• Remove a question that’s irrelevant for invitation (merge request) GitLab Enterprise Edition
• Updated personal access token references (merge request) GitLab Enterprise Edition
• Allow to delete error packages from package registry (merge request)
• Feat(Subcsription): update general error message (merge request) GitLab Enterprise Edition
• This MR changes the order of elements (merge request)
• Remove fixed bar from merge request page (merge request)
• Update the gitlab-pages documentation (merge request)
• Fix GlTable not displaying styles properly (merge request)
• Remove .service-installation class and polish UI (merge request)
• Use tertiary category for content editor bubble menu (merge request)
• Fix function and view for autovacuum activity (merge request)
• Fix misleading error for job dependencies (merge request)
• Updates anchor links UI (merge request)
• Use new serialized started_at on job in the ui (merge request)
• Don't track Jupiter notebook exceptions (merge request)
• Repeat failed migrations with fix (merge request)
• Wrap toolbar, increase size, and remove dividers (merge request)
• Change pipeline editor branch terminology (merge request)
• Deprecate old Advanced Search migrations (merge request) GitLab Enterprise Edition
• Correct mattermost slash commands integration clipboard buttons (merge request)
• Dropped Runner features column by @mehulsharma (merge request)
• Change how cached images set for deletion are displayed (merge request)
• Replace generic checkbox with GitLab UI element (merge request)
• Use tertiary button for file header actions (merge request)
• Make fingerprint nullable for group_deploy_keys table (merge request)
• Remove hover animation from downstream pipelines (merge request)
• Migrate all checkboxes (merge request) GitLab Enterprise Edition
• Reduce padding to match alignment (merge request)
• Improve runner edit form design (merge request)
• Remove job list in runner Edit page (merge request)
• Enable route_hll_to_snowplow by default (merge request)
• Use deferrable constraint to bulk cadence update (merge request)
• Remove secure_vulnerability_training feature flag (merge request)
• Improve trial only CTAs in Learn GitLab (merge request)
• Use systemd notification and watchdog feature for sidekiq service by @behrmann (merge request)
• Update right sidebar design (merge request)
• Fix default job_arguments for batched migrations (merge request)
• Add "ee" type to projectionist config (merge request)
• Migrate DAST profile library links with new route (merge request) GitLab Enterprise Edition
• Limit number of related epics (merge request) GitLab Enterprise Edition
• Praefect docs: update list-untracked-repositories subcommand (merge request)
• Warn if database connections opened in routes file (merge request)
• Globally enable enforce_security_report_validation (merge request) GitLab Enterprise Edition
• Remove history and upload btns from project page (merge request)
• Replace generic checkbox with GitLab UI component (merge request) GitLab Enterprise Edition
• Use pajamas checkbox for admin application form (merge request)
• Migrate unique index from MD5 to SHA256 fingerprints (merge request)

Deprecated (3 changes)

• Create deprecation entry for legacyMode (merge request)
• Remove coverage CI detection at project setting level (merge request)
• Move required pipeline configuration to GitLab Ultimate (merge request) GitLab Enterprise Edition

Removed (64 changes)

• Update post-deploy migration in order to only (merge request) GitLab Enterprise Edition
• Remove temporary traversal_id indexes (merge request)
• Geo: Remove Legacy Job Artifact replication (merge request)
• Remove tracing feature via feature flag (merge request)
• Replace clusters with agents in scan execution policies (merge request) GitLab Enterprise Edition
• Drop sorting by title functionality from the vulnerability report page (merge request) GitLab Enterprise Edition
• Remove sorting vulnerabilities by title functionality (merge request) GitLab Enterprise Edition
• Remove Monitor Logs feature (merge request)
• Remove elastic stack from cluster management template (merge request)
• Remove the pipelines field (merge request)
• Remove deprecated Dependency Scanning analyzers (merge request)
• Remove omniauth-kerberos gem (merge request) GitLab Enterprise Edition
• Add background migration to expiry all OAuth tokens (merge request)
• Remove support for Cluster Image Scanning Analyzer (merge request) GitLab Enterprise Edition
• Remove namespaces partial index (merge request)
• Remove 'not_connected' status value (merge request)
• Remove ability for SSH key expiration to be optional (merge request) GitLab Enterprise Edition
• Remove OAuth 2.0 Implicit grant flow (merge request)
• Drop support for deprecated security report schemas (merge request)
• Remove Vulnerability-Check from the backend (merge request) GitLab Enterprise Edition
• Remove dynamic check for feature flag (merge request)
• Remove namespaces partial index (merge request)
• Remove background migration with potential data loss (merge request)
• Remove container security charts from the Cluster Management template (merge request) GitLab Enterprise Edition
• Removes types and type keyword (merge request)
• Enforce token expiry for OAuth applications (merge request)
• Remove Vulnerability-Check from frontend (merge request) GitLab Enterprise Edition
• Object storage: Remove background_upload configurations (merge request)
• Remove Network Policies from Policies Controller (merge request) GitLab Enterprise Edition
• Remove deprecated DS_DEFAULT_ANALYZERS (merge request)
• Remove epic feature discovery moment on EE (merge request) GitLab Enterprise Edition
• Remove Network Policies routes and controller (merge request) GitLab Enterprise Edition
• Remove Managed-Cluster-Applications.gitlab-ci.yml (merge request)
• Remove vulnerability_reads_table feature flag (merge request) GitLab Enterprise Edition
• Remove network alerts (merge request) GitLab Enterprise Edition
• Remove cobertura from artifacts:reports (merge request)
• Do not allow expired personal access tokens to work (merge request)
• Remove Network Policies metrics (merge request) GitLab Enterprise Edition
• Remove the form-based GKE / EKS creation page (merge request)
• Remove disabled alerts section from settings page (merge request)
• Remove Serverless from GitLab (merge request)
• Remove artifacts:reports:cluster_applications (merge request)
• Remove orphaned route users/pipeline_quota (merge request) GitLab Enterprise Edition
• Remove ignored column for Test Reports (merge request)
• Omit tags when retrieving a list of registry repositories in a group by @feistel (merge request)
• Remove workhorse_use_sidechannel feature flag (merge request)
• Remove Versions on base PackageType by @feistel (merge request)
• Remove deprecated GraphQL query (merge request)
• Remove unused Prometheus Alert crud code (merge request)
• Remove group_releases_finder_inoperator feature flag (merge request)
• Remove lfk_fair_queueing feature flag (merge request)
• Remove all code related to Gitlab::RequestProfile (merge request)
• Remove defaultMergeCommitMessageWithDescription GraphQL field (merge request)
• Remove env_last_deployment_by_finished_at feature flag (merge request)
• Remove repository push audit event feature (merge request) GitLab Enterprise Edition
• Remove job_deployment_count feature flag (merge request)
• Remove all documentation related to Gitlab::RequestProfile (merge request)
• Remove eye icon on package detail page by @Ffinnis (merge request)
• Remove tmp index used for data migration (merge request)
• Remove ability to change type of a shared runner (merge request)
• Remove support for uses_legacy_database_config (merge request)
• Remove deprecated geo:db:* rake tasks (merge request) GitLab Enterprise Edition
• Remove clusterAgentTokenDelete GraphQL mutation (merge request)
• Remove temporary max seats used in subscription indices (merge request)

Security (16 changes)

• Sanitize URL for project selection button (merge request)
• Remove sha from project/releases.json (merge request)
• Sanitize error input to prevent HTML/CSS injection in messages
• Allow rate limiting of deploy tokens
• Prevent maintainers from editing PipelineSchedule
• Invalidate markdown cache to clear up stored XSS
• Verify that mentioned user can read TODO's note
• Update Import/Export merge/push access levels & exclude ci config path
• Add validation to pypi file sha256 values
• [security] Fix markdown API disclosing issue titles of limited projects
• Conan Token uses PAT rather than ID in payload
• Disable wiki access with CI_JOB_TOKEN when improper access level
• Secure debug trace artifact download
• Add suffix to cache name to add isolation
• Use password type for all secret integration properties
• Limit CI job group_name regexp

Performance (11 changes)

• Use efficient in operator query for fetching group & project activities (merge request)
• Restrict unique index for alerts with fingerprints (merge request)
• Add index to vulnerability_feedback.finding_uuid (merge request)
• changes_access: Speed up commit-based access checks for new refs again (merge request)
• Re-use already collected ServicePing data (merge request)
• Remove subscribed key from epic initial data (merge request) GitLab Enterprise Edition
• Improve epics finder authorization performance (merge request) GitLab Enterprise Edition
• Simplify query to find existing alert (merge request)
• Remove extra GraphQL query when loading alert list (merge request)
• Optimize followed users tabs (merge request)
• Preload some associations in EnvironmentSerializer (merge request)

Other (92 changes)

• Add Pages public folder check (merge request)
• Enable geo_use_clone_on_first_sync by default (merge request) GitLab Enterprise Edition
• Fix saas test by @chaomao (merge request)
• Add notes temp index synchronously (merge request)
• Move Rails/HasManyOrHasOneDependent into separate TODO file by @anshulriyal (merge request)
• Move Style/CaseLikeIf into separate TODO file by @anshulriyal (merge request)
• Move Rails/CreateTableWithTimestamps into separate TODO file by @anshulriyal (merge request)
• Move Style/EmptyMethod into separate TODO file by @anshulriyal (merge request)
• Fix sidekiq config test by @chaomao (merge request)
• Log result for ci_runners_stale_group_runners_prune_worker_cron (merge request) GitLab Enterprise Edition
• Move RSpec/RepeatedExampleGroupBody into separate TODO file by @anshulriyal (merge request)
• Move Style/HashAsLastArrayItem into separate TODO file by @anshulriyal (merge request)
• Move Rails/WhereExists into separate TODO file by @anshulriyal (merge request)
• Move Rails/InverseOf into separate TODO file by @anshulriyal (merge request)
• Move Rails/ActiveRecordCallbacksOrder into separate TODO file by @anshulriyal (merge request)
• Move Rails/NegateInclude into separate TODO file by @anshulriyal (merge request)
• Move Style/KeywordParametersOrder into separate TODO file by @anshulriyal (merge request)
• Moved Rails/ApplicationController into separate TODO file by @anshulriyal (merge request)
• Moved Style/Lambda into separate TODO file by @anshulriyal (merge request)
• Move RSpec/PredicateMatcher into separate TODO file by @anshulriyal (merge request)
• Move Rails/ContentTag into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ExpectChange into separate TODO file by @anshulriyal (merge request)
• Move Style/AccessorGrouping into separate TODO file by @anshulriyal (merge request)
• Moved Style/RedundantRegexpEscape into separate TODO file by @anshulriyal (merge request)
• Move Rails/IndexWith into separate TODO file by @anshulriyal (merge request)
• Move Style/BarePercentLiterals into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ScatteredLet into seprate TODO file by @anshulriyal (merge request)
• Move Performance/ConstantRegexp into separate TODO file by @anshulriyal (merge request)
• Move Rails/HelperInstanceVariable into separate TODO file by @anshulriyal (merge request)
• Move RSpec/ReturnFromStub into separate TODO file by @anshulriyal (merge request)
• Move Rails/RakeEnvironment into separate TODO file by @anshulriyal (merge request)
• Move Style/FormatString into separate TODO file by @anshulriyal (merge request)
• Move Performance/CollectionLiteralInLoop into separate TODO file by @anshulriyal (merge request)
• Moved Style/SingleArgumentDig into separate TODO file by @anshulriyal (merge request)
• Cleanup ci_reduce_persistent_ref_writes feature flag (merge request)
• Move Rails/LexicallyScopedActionFilter into separate TODO file by @anshulriyal (merge request)
• Moved Style/NumericLiteralPrefix into separate TODO file by @anshulriyal (merge request)
• Move Rails/FilePath into separate TODO file by @anshulriyal (merge request)
• Move Naming/RescuedExceptionsVariableName into separate TODO file by @anshulriyal (merge request)
• Moved Style/StringConcatenation into separate TODO file by @anshulriyal (merge request)
• Prevent incorrect usage of tracking_attrs helper (merge request)
• Nullify label events in batches when user is deleted (merge request)
• Fix namespaces helper test by @chaomao (merge request)
• Fix trial status widget test by @chaomao (merge request)
• Cap MR diff render tracking events to 24h (merge request)
• Remove gitaly_replace_wiki_update_page flag (merge request)
• Use OS tempdir for artifact metadata (merge request)
• Remove the packages_graphql_pipelines_resolver feature flag (merge request)
• Remove fix_related_environments_for_merge_requests feature flag (merge request)
• Improve snowplow function by returning bool type (merge request)
• Validate work_item_type_id is NOT NULL for new issue records (merge request)
• Move Rails/SquishedSQLHeredocs into separate TODO file by @anshulriyal (merge request)
• Remove gitlab-shell sidechannel feature flag (merge request)
• Remove ci_variables_builder_config_variables feature flag (merge request)
• Remove tabs_normal and use tab_single partial instead (merge request)
• Moved Style/RedundantInterpolation into separate TODO file by @anshulriyal (merge request)
• Move Style/HashEachMethods into separate TODO file by @anshulriyal (merge request)
• Move Rails/RedundantForeignKey into separate TODO file by @anshulriyal (merge request)
• Move Rails/Pick into separate TODO file by @anshulriyal (merge request)
• Add an empty newline test to Ansi2Json (merge request)
• Remove dependency_proxy_for_private_groups feature flags by @feistel (merge request)
• Add temporary index deployments (merge request)
• Clean up after fixing regression (merge request)
• Find projects affected when membership changes are made in group (merge request)
• Remove runner_read_only_admin_view feature flag (merge request)
• Let /page quick action to support case-insensitive escalation policy names (merge request) GitLab Enterprise Edition
• Bump Gitlab Shell to v14.0.0 (merge request)
• Remove container_registry_expiration_policies_throttling feature flag by @feistel (merge request)
• Remove ci_pending_builds_table_resiliency feature flag (merge request)
• Fix various kwargs issues (merge request)
• Clean up FixMergeRequestDiffCommitUsers background migration (merge request)
• Add repository push audit event worker (merge request) GitLab Enterprise Edition
• Fix RSpec/TimecopTravel offenses (Part 1/2) by @KevSlashNull (merge request)
• Expose CI include links (merge request)
• Add documentation for merge request setting audit events (merge request)
• Use vulnerability_report.vue for agent and pipeline reports (merge request) GitLab Enterprise Edition
• Clean up deployment_approval_rules feature flag (merge request)
• Remove container_registry_follow_redirects_middleware feature flag by @feistel (merge request)
• Extend reduced cost factor to all public projects (merge request) GitLab Enterprise Edition
• Drop, then create function (merge request)
• Bump Gitlab Shell to v13.25.2 (merge request)
• Add documentation for mr settings audit events part 1 (merge request)
• Backfill SSL verification for integrations with known-good hostnames (merge request)
• Limit to current PG user (merge request)
• Make vulnerability report more reusable (merge request) GitLab Enterprise Edition
• Remove feature flag scan_result_policy (merge request) GitLab Enterprise Edition
• Remove runner_list_group_view_vue_ui feature flag (merge request)
• Add VulnerabilityReportTab component (merge request) GitLab Enterprise Edition
• Add view containing autovacuum information (merge request)
• Clean up selection summary (merge request) GitLab Enterprise Edition
• Move methods to build email unsubscribe link to helper (merge request) GitLab Enterprise Edition
• Deprecate push_rules_supersede_code_owners feature flag (merge request)

14.10.5 through 14.0.0

• See changelogs/archive-14.md

13.12.15 through 13.0.0

• See changelogs/archive-13.md

12.10.14 through 12.0.0

• See changelogs/archive-12.md

11.11.8 through 11.0.0

• See changelogs/archive-11.md

10.8.6 through 10.0.0

• See changelogs/archive-10.md

9.5.10 through 0.8.0

• See changelogs/archive.md