mirror of
https://gitlab.com/gitlab-org/gitlab-foss.git
synced 2025-07-20 16:46:17 +00:00
2.7 MiB
2.7 MiB
Note: This file is automatically generated. Please see the developer documentation for instructions on adding your own entry.
18.2.0 (2025-07-16)
Added (203 changes)
- Add analyzer status update mutex based on root namespace (merge request) GitLab Enterprise Edition
- Cleanup package_registry_audit_events FF (merge request)
- Add API to enable/disable Pipeline Execution Policy setting (merge request) GitLab Enterprise Edition
- Add vulnerability id to csv export by @he-patrick (merge request) GitLab Enterprise Edition
- Archived & Stalled status for agent flows (merge request)
- Add issue to MR feature flag (merge request) GitLab Enterprise Edition
- Project webhook events for Groups (merge request) GitLab Enterprise Edition
- Detect incorrect sequence owners (merge request)
- Add visibility to projects API when using
simpleflag (merge request) - Release the beta of the Maven Virtual Registry (merge request)
- Add support for placeholder variables in markdown (merge request)
- Default enable consolidation audit event feature flags (merge request) GitLab Enterprise Edition
- Add user preference for maintaining cursor (merge request)
- Add bypass_settings to MR approval policy (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add new mutation that adds children items to work items (merge request)
- Replace top_level_namespace_path with root_namespace_id (merge request) GitLab Enterprise Edition
- Add SDRS configuration fields to application_settings table (merge request) GitLab Enterprise Edition
- Cleanup feature flag and add feature spec (merge request) GitLab Enterprise Edition
- feat: Add bulk move functionality to WorkItems::BulkUpdate (merge request)
- Add support for pagination in GLQL (merge request)
- Add skipped security policies pipelines audit event (merge request) GitLab Enterprise Edition
- Add customizable metadata field visibility to work items list (merge request) GitLab Enterprise Edition
- Add repair index tool (merge request)
- Add status field for work item list metadata preference (merge request)
- Support type, status and source/target project fields in GLQL (merge request)
- Toggle enabled by default for compliance group dashboard FF (merge request) GitLab Enterprise Edition
- Default enable FF advanced_vulnerability_management (merge request) GitLab Enterprise Edition
- Implement frameworks needs attention panel (merge request) GitLab Enterprise Edition
- Add user prefernce markdown_maintain_indentation (merge request)
- Implement
strategy: mirror(merge request) - Add audit event for external status check update (merge request) GitLab Enterprise Edition
- Add a system note when the status of a compliance violation is updated (merge request) GitLab Enterprise Edition
- FF Cleanup - Release protected nuget packages (merge request)
- Add namespace_id arg and deprecate parent_id (merge request)
- Include vulnerabilities indexing during indexing trigger (merge request) GitLab Enterprise Edition
- Add all_active_project_ids to namespace descendants cache (merge request) GitLab Enterprise Edition
- MergeRequestLink custom DataTable field component (merge request) GitLab Enterprise Edition
- Add groups web_based_commit_signing_enabled field and argument (merge request) GitLab Enterprise Edition
- feat: Enable dependency graph visuals by default (merge request) GitLab Enterprise Edition
- Add syntax for issue and workitem references (merge request)
- Add agentic mode toggle to Duo Chat interfaces (merge request) GitLab Enterprise Edition
- Release security inventory dashboard (beta) (merge request) GitLab Enterprise Edition
- Add request body size configuration to Workhorse (merge request)
- Allows email to be updated in the group level service account update API (merge request) GitLab Enterprise Edition
- Sync vulnerability ES index on sbom ingestion (merge request) GitLab Enterprise Edition
- Add email notifications for expiring deploy tokens by @guptapratibha26 (merge request)
- Add reserved_storage_bytes for replicas (merge request) GitLab Enterprise Edition
- feat: Add dependencyPaths Vulnerability support to GraphQL (merge request) GitLab Enterprise Edition
- Cleanup packages_protected_packages_generic FF (merge request)
- Enable AWS Secrets Manager integration in GitLab CI by @DerAstronaut (merge request) GitLab Enterprise Edition
- Add
p_duo_workflows_checkpointsdaily partitioned table (merge request) - Add toggle for active state on streaming destinations (merge request) GitLab Enterprise Edition
- Listing issues linked with compliance violation (merge request) GitLab Enterprise Edition
- Implement failed controls & failed requirements panels (merge request) GitLab Enterprise Edition
- Start adding new service for model matching (merge request) GitLab Enterprise Edition
- Add bypass_settings to MR approval policy (merge request) GitLab Enterprise Edition
- Update YAML with service accounts (merge request) GitLab Enterprise Edition
- Graphql query for frameworks needing attention (merge request) GitLab Enterprise Edition
- Update AnalyzerNamespaceStatuses on group deleted events (merge request) GitLab Enterprise Edition
- Omit streaming token from helper methods syncing (merge request) GitLab Enterprise Edition
- Update the title if exportable has name or title (merge request) GitLab Enterprise Edition
- Add project_statistics field to groups GraphQL query (merge request)
- Introduce new ff for SettingsBasedUpdateService (merge request) GitLab Enterprise Edition
- ActiveContext: add completed check for migrations (merge request) GitLab Enterprise Edition
- Add work item to current context for chat (merge request) GitLab Enterprise Edition
- Use created_at column to fetch latest sbom graph (merge request) GitLab Enterprise Edition
- Include changes param in shellhorse Git over HTTP (merge request)
- Add pagination for violations (merge request) GitLab Enterprise Edition
- Duo Chat custom rules (merge request) GitLab Enterprise Edition
- Add hierarchy_widget to bulk update (merge request)
- Allow setting default status (merge request)
- Update GitLab Pages version (merge request)
- Allow reorder of status in lifecycle page (merge request)
- Add GraphQL active status updates for AWS audit event destinations (merge request) GitLab Enterprise Edition
- Add insecure channel on TS (merge request)
- feat: Add tool approval flow for Duo Agentic Chat (merge request) GitLab Enterprise Edition
- Allow using directories (folders) with rules:exists by @thinard (merge request)
- Added files count for zoekt results on Advanced Search page (merge request)
- Small fixes for edit lifecycle form (merge request)
- Record user Arkose data to Users::ArkoseSession (merge request) GitLab Enterprise Edition
- Add active status updates for streaming audit event destinations (merge request) GitLab Enterprise Edition
- Persist partial_scan_mode when storing scans (merge request) GitLab Enterprise Edition
- Add Pipeline Trigger token to validity checks (merge request) GitLab Enterprise Edition
- Add experiment badge to vulnerability Validity Check (merge request) GitLab Enterprise Edition
- Add reachability to ES within vulnerabilities (merge request) GitLab Enterprise Edition
- Geo Replicables List: Error details (merge request) GitLab Enterprise Edition
- Isolate Create Work Item draft for New Related Item flow (merge request)
- Add graphQL endpoint for import work item by csv by @n.h.long.9697 (merge request)
- Add class method to update last_downloaded_at (merge request)
- Feat: Paginate dependency paths (merge request) GitLab Enterprise Edition
- Add group SSO support for OAuth applications (merge request)
- Track AI usage to new Ai::UsageEvent model (merge request) GitLab Enterprise Edition
- Update project violation status (merge request) GitLab Enterprise Edition
- Add is_self_deletion_scheduled field to GraphQL API (merge request)
- Add metrics for SEP trigger condition (merge request) GitLab Enterprise Edition
- Add plan field to namespace GraphQL type (merge request) GitLab Enterprise Edition
- Add audit event type to violation graphql type (merge request) GitLab Enterprise Edition
- Create audit logs when an MR is bypassed by security policy (merge request) GitLab Enterprise Edition
- Add execution type to duo workflows (merge request) GitLab Enterprise Edition
- Add full_path_search parameter to namespaces API (merge request)
- Remove feature flag (merge request) GitLab Enterprise Edition
- Add configuration option for opening work items drawer on Lists (merge request)
- Add health_status_widget arg (merge request)
- Requeue BBM a second time (merge request)
- Add purge cache functionality for Maven virtual registry upstreams (merge request) GitLab Enterprise Edition
- Add experiment badge and fix text color for Validity Checks (merge request) GitLab Enterprise Edition
- Accept group handles on IssuablesFinder (merge request)
- Add Collation Checker task (merge request)
- Add GraphQL mutation for bulk updating work items (merge request)
- Add namespace filter sync helper (merge request) GitLab Enterprise Edition
- Return occurrence_id to /dependencies/location api (merge request) GitLab Enterprise Edition
- Use Activatable concern for strategy and streamers (merge request) GitLab Enterprise Edition
- Add support for fixing schema drift in schema validation gem (merge request)
- Added new CI variable for releases by @galyfray (merge request)
- Share compatible Parent & Custom Fields between WI types during create (merge request)
- Add projects web_based_commit_signing_enabled field and argument (merge request) GitLab Enterprise Edition
- Added SettingsBasedUpdateService (merge request) GitLab Enterprise Edition
- Implement initial compliance dashboard for group level (merge request) GitLab Enterprise Edition
- Add headers sync for consolidated APIs (merge request) GitLab Enterprise Edition
- feat: Step-up auth: Show step-up auth for admin mode in active sessions by @gerardo-navarro (merge request)
- Add AssigneeAvatars as a custom field for DataTable visualization (merge request) GitLab Enterprise Edition
- Adds reachability to vulnerability reference (merge request) GitLab Enterprise Edition
- Add listing of violations (merge request) GitLab Enterprise Edition
- Add rca claude 4 upgrade (merge request) GitLab Enterprise Edition
- Update issue status when moving between lists (merge request) GitLab Enterprise Edition
- Add email token and feed token to validity checks (merge request) GitLab Enterprise Edition
- Use Activatable concern for strategy and streamers (merge request) GitLab Enterprise Edition
- Add source_branch option to start Duo Workflow (merge request) GitLab Enterprise Edition
- Retain selected work item type in Create form draft (merge request)
- Add bypass_settings to MR approval policy (merge request) GitLab Enterprise Edition
- Adds support for setting Parent during create work item for all types (merge request)
- Geo Replicables List: Verification status (merge request) GitLab Enterprise Edition
- Graphql query for requirement coverage (merge request) GitLab Enterprise Edition
- List service account PAT in credentials inventory (merge request) GitLab Enterprise Edition
- Add additional metrics to the AI impact analytics dashboard (merge request) GitLab Enterprise Edition
- Create new issues in status lists (merge request)
- Enable Rapid Diffs on the merge request creation form (merge request)
- Add traversable traversal_ids within scope (merge request)
- Add support of bulk update from project and group issues list (merge request)
- Add Direct Transfer export audit events (merge request)
- Use Activatable concern for strategy and streamers (merge request) GitLab Enterprise Edition
- Add more info to gitlab:elastic:info rake task (merge request) GitLab Enterprise Edition
- Add model batch update button (merge request) GitLab Enterprise Edition
- Add namespace data to audit event for project deletion marked (merge request) GitLab Enterprise Edition
- Add custom table field components to Analytics DataTable (merge request) GitLab Enterprise Edition
- Add validity checks toggle to pipeline secret detection (merge request) GitLab Enterprise Edition
- Added SettingsBasedUpdateService (merge request) GitLab Enterprise Edition
- Added SettingsBasedUpdateService (merge request) GitLab Enterprise Edition
- Prevent streaming token header from being edited (merge request) GitLab Enterprise Edition
- Add branches to scheduled pipeline execution policies (merge request) GitLab Enterprise Edition
- Add hidden and imported badges to work item header (merge request)
- Update YAML with tokens (merge request) GitLab Enterprise Edition
- Add job execution status to Runner, RunnerManager API (merge request)
- Add Author role badge for wiki notes (merge request)
- Add project_path in lookup path api response (merge request)
- Show badge on dashboard app (merge request)
- Add 'marked_for_deletion' and 'is_self_deletion_in_progress' fields (merge request)
- Add namespace_path support for Projects Graphql API (merge request)
- Configure web based commit signing with project update endpoint (merge request) GitLab Enterprise Edition
- Added target branch filter (merge request)
- Graphql query for fetching project compliance violation (merge request) GitLab Enterprise Edition
- Add Step 1 for Lightweight Registration Experiment (merge request) GitLab Enterprise Edition
- Access requirement from control and framework from requirement (merge request) GitLab Enterprise Edition
- Support visibilityLevel parameter on Projects GQL API (merge request)
- Add CI_DEFAULT_BRANCH_SLUG env variable (merge request)
- Add compliance_controls field to audit event YML (merge request)
- Enable filtering multiple values for a single multi-select custom field (merge request)
- Add tooltip to requirement controls (merge request) GitLab Enterprise Edition
- Fix event type filters for consolidated APIs (merge request) GitLab Enterprise Edition
- Enable multiple token types for validity checks (merge request) GitLab Enterprise Edition
- Make the announcement dismissible (merge request) GitLab Enterprise Edition
- Add
config_file_refargument for Changelog API (merge request) - Add duplicate validation (merge request) GitLab Enterprise Edition
- Requeue BBM for vulnerability_statistics backfill (merge request)
- Audit creating an OAuth application (merge request) GitLab Enterprise Edition
- Support
activeparameter group's children.json endpoint (merge request) - Expose
work_item_status_feature_flagto epics controller (merge request) - Remove feature flag search_mr_filter_target_branch (merge request) GitLab Enterprise Edition
- Backfill packages_composer_packages table (merge request)
- Filter work item status on frontend and hide status badge (merge request)
- Added ability to remove frontend feature flags (merge request)
- Use sbom_graph_paths in DependencyPaths graphql (merge request) GitLab Enterprise Edition
- Hide state when status is available (merge request)
- Add maintenance note for project and group runners (merge request) GitLab Enterprise Edition
- Add a list of selected exceptions (merge request) GitLab Enterprise Edition
- Add preview inputs feature (merge request)
- Expend analyzer types enum with new types (merge request) GitLab Enterprise Edition
- Link to a specific file from the overview tab (merge request)
- Feature flag enforce_pipl_compliance converted to app setting (merge request)
- Make the /manage/PATs GET endpoint use the cred_inv_finder (merge request) GitLab Enterprise Edition
- Add all_active_project_ids column to namespace_descendants table (merge request) GitLab Enterprise Edition
- Allow DataTable fields to be customized (merge request) GitLab Enterprise Edition
- Make relation export batch size configurable as an application setting (merge request)
- User OrganizationUserDetail in mentions, autocomplete, participants (merge request)
- Added archived field to resource type by @npilin (merge request)
- Add audit_event_table_name column to project_compliance_violations (merge request) GitLab Enterprise Edition
- Remove restartable_project_import feature flag (merge request)
- Return vulnerability initial and latest pipeline in GraphQL API by @he-patrick (merge request) GitLab Enterprise Edition
- Add source_branch option to start Duo Workflow (merge request) GitLab Enterprise Edition
- Share Create Work Item Form draft between Work Item types (merge request)
- Graphql mutation endpoint to create a Duo Workflow (merge request) GitLab Enterprise Edition
- Swap to http integration requests for prometheus alerting (merge request)
Fixed (142 changes)
- Fix commit signatures route (merge request)
- GitLab UI integration test for tabs-fix-aria-role (merge request) GitLab Enterprise Edition
- Fix 500 from too many dots in inputs expression (merge request)
- Fix runner REST API documentation inconsistencies (merge request)
- VSA: Refetch stage counts when switching between value streams (merge request) GitLab Enterprise Edition
- Handle blank event_name for audit events (merge request) GitLab Enterprise Edition
- Do not record group member last_activity_at on self-managed instances (merge request)
- Fix audit event types docs (merge request)
- Fix handling of gist import rate limit (merge request)
- Clear Create Work Item form draft for related item on save (merge request)
- Fix a11y of colors used in system emails (merge request)
- Remove list markers from day activity view (merge request)
- Markdown: Add aria-label to checkboxes (merge request)
- Use individual feature flags for bypass settings (merge request) GitLab Enterprise Edition
- VSA: Fix overview chart loading when switching value streams (merge request) GitLab Enterprise Edition
- Exclude service accounts from top-level group owners (merge request) GitLab Enterprise Edition
- Group maintainer cannot see subgroup runners (merge request)
- Fix
NoMethodErrorin SBOM ingestion logic (merge request) GitLab Enterprise Edition - Fix validity check project policy (merge request) GitLab Enterprise Edition
- Normalize absolute paths in CI config files entry (merge request)
- Prevent the access token to be added to the search field (merge request)
- Fix broken button (merge request)
- Relax the test for tracking DB connection (merge request) GitLab Enterprise Edition
- Fix setting analyzer statuses being changed on pipeline run (merge request) GitLab Enterprise Edition
- Fix GutHub Import stage pagination (merge request)
- Fix no method error license report (merge request) GitLab Enterprise Edition
- Disable batch update if model is incompatible with other features (merge request) GitLab Enterprise Edition
- Add batch_counter based on max model primary (merge request) GitLab Enterprise Edition
- Fixes increase_sequences_range (merge request)
- Trigger subscription when closing or reopening (merge request)
- Fix alignment of upvotes, downvotes etc on issues list (merge request)
- Switch to using relative URLs in group and project lists (merge request)
- Only skip the ci check for the two auto merge strategies (merge request)
- Update user attachment url (merge request)
- Reduce setting changed update worker input size (merge request) GitLab Enterprise Edition
- Add defer_on_database_health_signal to setting change update worker (merge request) GitLab Enterprise Edition
- Fix group overview routes when switching tabs (merge request)
- Add handling for verification-secret token migration conversion (merge request) GitLab Enterprise Edition
- Truncate namespace in Usage Overview panel in Value Streams Dashboard (merge request) GitLab Enterprise Edition
- Display comment text area while comments are loading (merge request)
- Add worker delay between scheduled workers (merge request) GitLab Enterprise Edition
- Allow removing labels using remove button in create mode (merge request)
- Issue boards: Make tooltips accessibile via keyboard (merge request)
- Fix missing permissions for group runners owned indirectly (merge request)
- Use reactive ref for currentRef (merge request)
- Fix symbol parameter being passed to sidekiq (merge request) GitLab Enterprise Edition
- Hide the created token when navigating to another service account (merge request)
- Fix Firefox bug where content was bleeding into threads dropdown (merge request)
- Fix alignment of mirror button on commits page (merge request)
- Add contribution guideline link to work item creation flow (merge request)
- Rake Doctor Secrets: Fix WebHook error (merge request)
- Fix ruby syntax highlighting (merge request)
- Allow user to access project runners through group access (merge request)
- Fixed page reset in zoekt multi-result view (merge request)
- Fix custom roles not showing when inviting members/groups to a project (merge request) GitLab Enterprise Edition
- Fixes 3 extra queries by preloading :project_namespace in ProjectType (merge request)
- Fix project creation permissions for users in shared groups (merge request)
- Ensure status limit validations are enforced (merge request) GitLab Enterprise Edition
- Update tier and offering in policy settings API docs (merge request)
- Prevent deletion of last group owner in concurrent requests (merge request)
- Skip unenforceable policy rules notification for child pipelines (merge request) GitLab Enterprise Edition
- Log message whenever 403 occurs due to too many IPs from one user (merge request)
- Add gl-wrap-anywhere to MR titles (merge request)
- Ensure uploaded file copy URL button in RTE copies full URL (merge request)
- Do not arbitrarily truncate status at a fixed width (merge request)
- Show both author and committer in last commit (merge request)
- Support legacy blob URLs in branch selector (merge request)
- Include Incidents in Milestone dashboard by @nwittstruck (merge request)
- Fix layout shift when modal window is toggled (merge request)
- Fix pipelines with PEP executed via ChatOps commands (merge request) GitLab Enterprise Edition
- Link policies to containing group in sidebar (merge request) GitLab Enterprise Edition
- Add linkPaths to work_item_metadata_provider (merge request)
- Work item (issue): Make user popovers keyboard accessible (merge request)
- Unify framework compliance badge token across compliance center (merge request) GitLab Enterprise Edition
- Add migration to update oauth_applications scopes field to text (merge request)
- Fix Task only custom field filter not showing on issues list and board (merge request)
- Remove Sidekiq shutdown delay in ConcurrencyLimitSampler (merge request)
- Fix generate description on work items by @psimyn (merge request)
- Fix spacing in file path header (merge request)
- Fix border radius of merged status (merge request)
- Add tooltip with keyboard shortcut to Markdown preview toggle button (merge request)
- Filter inactive CRM contacts out of work item sidebar CRM widget options (merge request)
- Add a redirect status as a success (merge request)
- Fixed issues label row margin regression (merge request)
- Fix title on empty projects (merge request)
- Exclude project template as admin import source (merge request) GitLab Enterprise Edition
- Project members: Make user popovers keyboard accessible (merge request)
- Fix 404 to group CI/CD variables (merge request)
- Merge request approval coverage check popover keyboard focus fix (merge request)
- Access tokens table: Fix responsive behavior (merge request)
- Issuable list: Fix a11y issues (merge request)
- RTE: Add aria-label to checkboxes (merge request)
- Ensure line numbers meet minimum WCAG AA touch target size (merge request)
- Zoekt: Only enable global search when nodes are online (merge request) GitLab Enterprise Edition
- Feature flags list: Fix tooltips not accessible via keyboard (merge request)
- Issues list: Fix tooltip for keyboard users (merge request)
- Groups: Fix tabindex of stats (merge request)
- Fix NamespacesLinkPaths.newCommentTemplate (merge request)
- Handle error response in project/runner_projects_controller#destroy (merge request)
- Guard against empty filenames for job artifacts (merge request) GitLab Enterprise Edition
- No-op vulnerabilities when group is unlicensed by @he-patrick (merge request) GitLab Enterprise Edition
- Search modal: Remove dot when no subitem or namespace is available (merge request)
- Pipeline actions: Make tooltips available via focus (merge request)
- Explore projects: Fix topics not being accessible by keyboard (merge request)
- Re-instate dependency proxy tracking (merge request)
- Provide fallback background-color for prefers-reduced-transparency (merge request)
- Fix merge request fluid layout gap (merge request)
- Adjust placement of "Milestone can be closed" alert (merge request)
- Chomp a trailng slash in pages.publish keyword by @curs3_w4ll (merge request)
- Fix state badges for epics in GLQL (merge request)
- Fix code owner validation for roles (merge request) GitLab Enterprise Edition
- fix: Git over ssh proxied to secondary failing (merge request) GitLab Enterprise Edition
- Fetch commentTemplatesPaths for work items views (merge request)
- Add hasErrorDuringInvite prop to handle invite errors (merge request) GitLab Enterprise Edition
- Fix project project list fetching from Create Form (merge request)
- Repo list: Fix lock hover state (merge request)
- Uncheck SAML options if they are disabled (merge request)
- Show vulnerability severiy only if an override is present (merge request) GitLab Enterprise Edition
- Create external statuses on new pipelines (merge request)
- Pipeline item loading icon alignment fix (merge request)
- Fix viewed files in file browser in file by file mode (merge request)
- Fix race condition in memory reporter (merge request)
- Fix calculation for tagging
expiringtokens (merge request) - Fix variable expansion in dynamic child pipelines with nested includes (merge request)
- Remove overflow on RTE (merge request)
- Add VR resolution to pipeline security report (merge request) GitLab Enterprise Edition
- Wiki page: Fix a11y issues (merge request)
- Place never contacted runners at end when sorting desc by contacted_at (merge request)
- Fix dark mode MR suggestion border color (merge request)
- Re-focus markdown textarea when exiting zen mode (merge request)
- Add a validation for an empty commit message (merge request)
- Fix preserve markdown logic for lists (merge request)
- Handle GRPC::DeadlineExceeded for CI project include (merge request)
- Add resolver for preReceiveSecretDetection in ProjectType (merge request) GitLab Enterprise Edition
- Remove concurrency_limit_group_enterprise_users_associate_worker FF (merge request) GitLab Enterprise Edition
- Fix undefined title segments in repository (merge request)
- Fall back to diff start pipeline when comparing security reports (merge request) GitLab Enterprise Edition
- Fix adding action with default variables (merge request) GitLab Enterprise Edition
- When entering zen mode, set fixed MR top bar to static (merge request)
- Use merge base for all report comparisons (merge request)
- Ensure read_compliance_report custom role has access to new report (merge request) GitLab Enterprise Edition
- bug: Fix mermaid rendering for wiki content on project main page by @gerardo-navarro (merge request)
Changed (176 changes)
- Migrate default: {} for JSONB column (merge request)
- Clarifies purpose of the user settings > chat function (merge request)
- Hide default options in filter while searching (merge request)
- Fix archived counts as not_configured in analyzer_namespace_statuses (merge request) GitLab Enterprise Edition
- Add expiry date to enterprise bypass placeholder confirmation (merge request) GitLab Enterprise Edition
- Enforce RE2 regex for all push rules (merge request) GitLab Enterprise Edition
- Make MR list status badge keyboard accessible (merge request)
- Use mutation for CI lint (merge request)
- Update status on violations propogates to backend (merge request) GitLab Enterprise Edition
- Make issues list keyboard accessible (merge request)
- Animate diff header chevron (merge request)
- ActiveContext code: switch completed check (merge request) GitLab Enterprise Edition
- Update gitlab-secret_detection ruby gem to v0.33.0 (merge request)
- Aggregate Duo Core state in overview (merge request) GitLab Enterprise Edition
- Disable Duo Core checkbox on Duo availability always off (merge request) GitLab Enterprise Edition
- Check Topology Service Health during cells sequence alteration (merge request)
- Discard SBoM graph building job on invalid foreign key (merge request) GitLab Enterprise Edition
- Switch from client resolvers (merge request) GitLab Enterprise Edition
- Remove import user membership popover (merge request)
- Introduce container registry immutable tags (merge request)
- Make epics list items keyboard accessible (merge request)
- Show model used by "GitLab Default" option (merge request) GitLab Enterprise Edition
- Update JWT banner text on settings page (merge request)
- Show Draft status instead of Open when MR is Draft (merge request)
- Add dark mode syntax highlight theme options to profile preferences (merge request)
- Send staging events to Snowplow staging endpoint (merge request)
- Add organization_id to security_policy_settings (merge request) GitLab Enterprise Edition
- Update violation columns with more info (merge request) GitLab Enterprise Edition
- Make Create Work Item form enhancements generally available (merge request)
- Deduplicate graph path nodes before saving (merge request) GitLab Enterprise Edition
- Allow namespace-forced access control on unique and custom domains (merge request)
- Create runner form: Add a registration step (merge request)
- Fix placeholder user table to make in responsive (merge request)
- Change deduplication strategy for Sbom::BuildDependencyGraphWorker (merge request) GitLab Enterprise Edition
- Group non-chat Duo features by functionality (merge request) GitLab Enterprise Edition
- List framework with control in violations listing (merge request) GitLab Enterprise Edition
- Remove
use_websocket_for_k8s_watchFF (merge request) - Update job badge to lowercase (merge request)
- Re-order AI analytics dashboard lifecycle metrics (merge request) GitLab Enterprise Edition
- Remove duo_chat_early_thread_creation feature flag (merge request) GitLab Enterprise Edition
- Replace file browser shortcut with mod+b (merge request)
- Update group member placeholder empty state (merge request)
- Update metric names in AI usage metrics table (merge request) GitLab Enterprise Edition
- Add new access point for whats new (merge request)
- Fix TypeError in JiraConnect for mixed response types (merge request)
- Add not null constraint on integrations table (merge request)
- Clean-up feature flag enable_add_on_users_filtering (merge request)
- Remove Sbom::GraphPath records in a separate job (merge request) GitLab Enterprise Edition
- Improve Web IDE workbench error handling (merge request)
- Add database columns for 7+30+60d Deploy Token expiry notifications by @guptapratibha26 (merge request)
- Add pagination to DataTable analytics dashboard visualization (merge request) GitLab Enterprise Edition
- Add default 'd' collprovider (merge request)
- Update compliance center tab titles (merge request) GitLab Enterprise Edition
- Update indexes of user_group_member_roles table (merge request) GitLab Enterprise Edition
- Allow deletion of unused converted custom statuses (merge request) GitLab Enterprise Edition
- Make merge request list metadata accessible by keyboard (merge request)
- Test coverage report badges for a job is independent of pipeline status (merge request)
- Update
SingleStatpanels in AI impact analytics dashboard (merge request) GitLab Enterprise Edition - Back off immediately if we can't acquire advisory lock (merge request) GitLab Enterprise Edition
- Remove summarize_new_merge_request_claude_4_0_rollout (merge request)
- Update validate_lfs_object_access default to true (merge request)
- Remove unneeded restrict user defined variables control check (merge request) GitLab Enterprise Edition
- Add project and agent privileges to Duo Workflow Event graphql (merge request)
- Default to similarity sort if searching projects (merge request)
- Add expired artifact field (merge request)
- Import table: Fix icons shrinking and alignment (merge request)
- Namespacing dependency graph rebuild cache key (merge request) GitLab Enterprise Edition
- Finalize BackfillOnboardingStatusRegistrationObjective migration (merge request) GitLab Enterprise Edition
- Persist source_id in params of the framework create service call (merge request) GitLab Enterprise Edition
- Fix the owner for sequence ci_builds_id_seq (merge request)
- Remove enable_lock_retries! from migration helpers (merge request)
- Set custom statuses via /status quick action (merge request) GitLab Enterprise Edition
- Allow GLQL searching by label names (merge request)
- Animate widget chevron (merge request)
- Add batched background migration to update user detail onboarding URLs (merge request)
- Add new column to compliance management frameworks (merge request) GitLab Enterprise Edition
- Use open and reopen instead of unresolve for threads (merge request)
- Improve runner detail page (merge request)
- Fix user placeholder buttons (merge request)
- Unify Duo configuration overview (merge request) GitLab Enterprise Edition
- Remove feature flag active_context_code_event_saas_initial_indexing (merge request) GitLab Enterprise Edition
- Simplifying the cache key generation for dependency graph (merge request) GitLab Enterprise Edition
- Reduce lifecycle name and status description limits (merge request) GitLab Enterprise Edition
- Rename to read_work_item_lifecycle policy (merge request) GitLab Enterprise Edition
- Dependency Graph rebuild only on components change (merge request) GitLab Enterprise Edition
- Advanced Search: Allow custom prefix for index names (merge request) GitLab Enterprise Edition
- Add add_ssh_key audit event type (merge request) GitLab Enterprise Edition
- Alter compliance framework details graphql type (merge request) GitLab Enterprise Edition
- Extend Duo Core description for GitLab.com and Self-Managed/Dedicated (merge request) GitLab Enterprise Edition
- Use advisory lock when recreating dependency graphs (merge request) GitLab Enterprise Edition
- Add more feature flags for bypass options (merge request) GitLab Enterprise Edition
- Remove duo_workflow_mcp_support feature flag (merge request) GitLab Enterprise Edition
- Add validity_checks_enabled backend-to-frontend data flow (merge request) GitLab Enterprise Edition
- Fix Protected Tags Flaky Specs (merge request)
- Use lowercase cloud connector headers (merge request) GitLab Enterprise Edition
- Reduce status name limit from 255 to 32 chars (merge request) GitLab Enterprise Edition
- Remove calls to enable_lock_retries! from migrations (merge request)
- Implement dynamic routing for Compare GitLab plans link (merge request)
- Update styling of /welcome page to match other areas (merge request) GitLab Enterprise Edition
- Use default button variant for code dropdown (merge request)
- Rename all_active_project_ids to all_unarchived_project_ids (merge request) GitLab Enterprise Edition
- Enable using glab for CI release (merge request)
- Extend remove_ssh_key audit event to Enterprise users (merge request) GitLab Enterprise Edition
- Do not return status lists if the FF is disabled (merge request) GitLab Enterprise Edition
- Truncate long custom statuses in issue lists and wrap issue list item (merge request) GitLab Enterprise Edition
- Fixes padding and navbar issues (merge request) GitLab Enterprise Edition
- Implement methods for .sql validation source (merge request)
- Add happy path feature spec for experiment (merge request) GitLab Enterprise Edition
- Only count open abuse reports in admin nav (merge request)
- Update pipeline inputs empty state (merge request)
- Ignore software_license_id in SoftwareLicensePolicy (merge request) GitLab Enterprise Edition
- Add Grape API for fetching and updating CSP (merge request) GitLab Enterprise Edition
- Admin dashboard: Migrate GlCard to Crud (merge request)
- Improve the bot message disabling with multiple policies (merge request) GitLab Enterprise Edition
- Backfill traversal_ids in notes index (merge request) GitLab Enterprise Edition
- Show 'Pending deletion' badge for group children in groups list (merge request)
- Show an indicator when a group is being deleted (merge request)
- Add status exclusion filtering for board lists (merge request) GitLab Enterprise Edition
- Add worker to delete expired and revoked OAuth Access Tokens (merge request)
- Improve public pipelines setting text (merge request)
- Remove generate_commit_message_claude_4_0 feature flag (merge request) GitLab Enterprise Edition
- Reduce batch size and number of retries (merge request) GitLab Enterprise Edition
- Do not search notes if query source is GLQL (merge request)
- Remove ff collect_product_usage_events (merge request)
- Remove
commits_from_gitalyfeature flag (merge request) - Add default_dark_syntax_highlighting_theme to application settings (merge request)
- Cleanup "containing_commits_limit" feature flag (merge request)
- Replace feature flag with application setting for pipeline variables (merge request)
- Timeline entry timeago: Remove double tabbing (merge request)
- Show update fork button on mobile (merge request)
- Build#debug_mode? to return true when degenerated (merge request)
- Add docs for Workspace token (merge request) GitLab Enterprise Edition
- Improve actions discoverability (merge request)
- Set :throttled urgency for GlobalAdvisoryScanWorker (merge request) GitLab Enterprise Edition
- Change test summary table header text (merge request)
- Provide branch to Duo Workflow action (merge request) GitLab Enterprise Edition
- Enable multi-domain architecture in self-managed (merge request)
- Detect more Jenkinsfile patterns (merge request)
- Allow GLQL search ES by work item assignees (merge request)
- Remove code_based_slash_commands_claude_4_0_rollout feature flag (merge request)
- Remove code_generation_claude_4_0_rollout feature flag (merge request)
- Set importer_user_mapping_allow_bypass_of_confirmation to true (merge request)
- Add internal endpoint to fetch agent info for agentk (merge request)
- Change Incident sidebar label to
Paging status(merge request) - Update vue 3 tests for mr widget (merge request)
- Work item: Add spacing between ancestors and title (merge request)
- Increase interruption retries for Bitbucket Server workers (merge request)
- Add project policy to take ancestors in account (merge request) GitLab Enterprise Edition
- Remove tabs from from runners details page (merge request)
- Return counts for all analyzer types (merge request) GitLab Enterprise Edition
- Add spacing between project export buttons (merge request)
- Add index to workspace tokens on token_encrypted (merge request) GitLab Enterprise Edition
- Include email in Arkose::DataExchangePayload (merge request) GitLab Enterprise Edition
- Remove Feature flag vulnerability_es_ingestion (merge request) GitLab Enterprise Edition
- Rename column duo_nano_features_enabled (merge request) GitLab Enterprise Edition
- Remove work_item_epics_list feature flag (merge request) GitLab Enterprise Edition
- Prevent removal of mapped statuses (merge request) GitLab Enterprise Edition
- Update Company Logos on billing page in Dark Mode (merge request) GitLab Enterprise Edition
- Clean up root_cause_analysis_hotspot experiment (merge request)
- Fail RelationExportWorker when user is banned (merge request)
- Fix more actions button in groups and projects (merge request)
- Clean up feature flag duo_workflow_claude_sonnet_4 (merge request) GitLab Enterprise Edition
- Create ActiveContext state tracking models (merge request) GitLab Enterprise Edition
- Use long timestamps for LDAP sync item (merge request) GitLab Enterprise Edition
- Improve styling of GLQL tables (merge request)
- Show date when relative time is over a year (merge request)
- Update Trial Widget to be compliant with Dark Mode (merge request) GitLab Enterprise Edition
- Compare versions: Migrate GlCard to Crud (merge request)
- Filter issues in status-based board lists (merge request) GitLab Enterprise Edition
- Remove summarize_new_merge_request_claude_4_0_rollout feature flag (merge request)
- Repository analytics: Migrate components and fix a11y issues (merge request)
- Show an indicator when a group is being deleted (backend) (merge request)
- Update pipeline inputs selector (merge request)
- Remove transition from work item drawer (merge request)
- Log filtered SAML response for all SAML providers (merge request)
- chore: Cleanup batch_duo_workflow_planner_tasks feature flag (merge request) GitLab Enterprise Edition
Deprecated (1 change)
Removed (19 changes)
- Drop p_ci_pipelines_config table (merge request)
- Convert feature flag to application setting (merge request)
- Remove unified_ai_events_write feature flag (merge request) GitLab Enterprise Edition
- Remove MR Experience survey & sub-components & feature flag (merge request)
- Ensure foreign keys are handled correctly when dropping table (merge request)
- Removal of FF delete_pipl_non_compliant_users (merge request) GitLab Enterprise Edition
- Delete the
search_uses_match_queriesfeature flag (merge request) - Cleanup usage of epic_update_via_work_item FF (merge request)
- Cleanup usage of work_item_epic_milestones feature flag (merge request)
- Delete the
frontend_cachingfeature flag (merge request) - Remove
ci_runner_separation_by_planfeature flag (merge request) - Remove subscription_plan_cache_key feature flag (merge request)
- Delete the
enhanced_notify_cssfeature flag (merge request) - Remove Projects::CommitController#branches endpoint (merge request)
- Drop unused roadmap_sort_order helper (merge request)
- Delete the
ci_queuing_include_allowed_plansfeature flag (merge request) - Drop remaining metrics dashboard tables (merge request)
- Remove ignore rule for project_fingerprint column (merge request) GitLab Enterprise Edition
- Remove ignore rule for project_fingerprint column (merge request) GitLab Enterprise Edition
Security (15 changes)
- Enable by default the path traversal middleware (merge request)
- Update rack in vendored gems to patch CVEs (merge request)
- Revert "Merge branch 'security-fix-id-tokens-forked-projects-security-vulnerability' into 'master'"
- Fix CI ID Token claims for forked project MR jobs
- Prevent linking fork if target group disallows external forks
- Enforces invite_project_members permission when creating project members
- Enforces invite_group_members permission when creating group members
- OSS ultimate should require identity check (merge request) GitLab Enterprise Edition
- Fix XSS via blob rich viewer
- Fix guest permissions for incident hierarchy updates
- Checking if framework and project have same namespace
- Prevent anonymous users from creating uploads
- Fix the validation logic for IDP Certificate Fingerprint
- Fix incorrect role grant after a user access_request
- Remove
saml_provider_idfilter forGET /usersAPI endpoint (merge request) GitLab Enterprise Edition
Performance (7 changes)
- Adding a temporary project_id column for diff commits epic (merge request)
- Use keyset pagination for iterating through MRs (merge request)
- Add index for duo settings on namespace_settings table (merge request)
- Add composite index on oauth_access_grants for cleanup worker (merge request)
- Lowering max project_ids to prevent timeouts (merge request) GitLab Enterprise Edition
- Provide limit to Gitaly for "Get references a commit is pushed to" API (merge request)
- Increase the performance of the PatFinder (merge request) GitLab Enterprise Edition
Other (165 changes)
- Quarantine a flaky test (merge request)
- Cleanup feature flag unblock_rules_using_pipeline_execution_policies (merge request) GitLab Enterprise Edition
- Cleanup dependency path CTE and related code (merge request) GitLab Enterprise Edition
- Improve UI text for "Assign to commenting user" (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM BackfillBulkImportFailuresProjectId (merge request)
- Finalize BBM BackfillOnboardingStatusSetupForCompany (merge request)
- Cleanup pnp_subscription_plan_cache_key feature flag (merge request)
- Adds db.rake and its spec files to Database codeowners (merge request)
- Revert backfill rolled-up weight migration (merge request)
- Drop operations_feature_flag_scopes table (merge request)
- feat: Add sharding key issue URLs for database tables (merge request)
- Finalize BackfillScanResultPoliciesNamespaceId (merge request)
- Remove keyset_paginate_exported_merge_requests feature flag (merge request)
- Remove active_context_code_event_mark_repository_ready feature flag (merge request) GitLab Enterprise Edition
- Remove redundant logs (merge request)
- Backfill resource_state_events sharding key (merge request)
- Finalize BackfillSnippetStatisticsSnippetProjectId (merge request)
- Clean up feature flag with references (merge request)
- Remove dependency_paths field from vulnerability entity (merge request) GitLab Enterprise Edition
- Finalize BBM FixUsernamespaceAuditEvents (merge request)
- Finalize BBM BackfillSeatAssignmentsTable (merge request)
- Quarantine a flaky test (merge request)
- Remove dependency_paths from dependencies (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize BackfillIssueAssigneesNamespaceId (merge request)
- Finalize BackfillMergeRequestPredictionsProjectId (merge request)
- Finalize BackfillMergeRequestContextCommitDiffFilesProjectId (merge request)
- Backfills AnalyzerProjectStatuses (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint to required_code_owners_sections (merge request)
- Finalize BBM BackfillBulkImportFailuresOrganizationId (merge request)
- Regenerate RuboCop TODO files (merge request)
- Finalize BBM BackfillOnboardingStatusRegistrationObjective (merge request)
- Finalize BBM BackfillBulkImportFailuresNamespaceId (merge request)
- Skip cyclic paths in Sbom::PathFinder (merge request) GitLab Enterprise Edition
- Do not add issue_id to epic resource_label_events (merge request)
- Finalize BackfillApprovalMergeRequestRulesApprovedApprovers (merge request)
- Remove integrations not null constraint if it exists (merge request)
- Add NOT NULL constraint to dast_pre_scan_verification_steps (merge request)
- Finalize BackfillSnippetUserMentionsSnippetOrganizationId (merge request)
- Cleanup ultimate_trial_single_form feature flag (merge request) GitLab Enterprise Edition
- Finalize BackfillSnippetStatisticsSnippetOrganizationId (merge request)
- Add NOT NULL constraint to snippet_repository_storage_moves (merge request)
- Clean up bitbucket_import_resumable_worker feature flag (merge request)
- Cleanup security_policies_optional_variables_control and fix schedules (merge request) GitLab Enterprise Edition
- Handling string errors from AI GW (merge request)
- Cleanup security_policies_optional_variables_control on backend (merge request) GitLab Enterprise Edition
- Remove store_arkose_session feature flag (merge request)
- Remove explore_pipeline_status feature flag (merge request)
- Add node_modules to default dependency scanning excluded paths (merge request) GitLab Enterprise Edition
- Api#buidlUrl skipped if input is an absolute URL (merge request)
- Cleanup use_approval_policy_rules_for_approval_rules feature (merge request) GitLab Enterprise Edition
- Add PG index to support code suggestions filtering (merge request)
- Finalize BBM MigrateScimIdentities (merge request)
- Sets the frequency of the Oauth Access Token cleanup job to daily (merge request)
- Remove concurrency_limit from ArchiveTraceWorker (merge request)
- maintenance: Encrypt missed ci_runner plain tokens (merge request)
- No-op FinalizeBackfillOnboardingStatusRegistrationObjective migration (merge request)
- Backfill partitioned sent_notifications table (merge request)
- Advanced to Exact query transpiler for API (merge request) GitLab Enterprise Edition
- Add resource_state_events sharding key (merge request)
- Make confidential items checkbox clearer (merge request)
- Remove enqueue_immediately feature flag (merge request)
- Remove notify_compromised_passwords feature flag (merge request)
- Log errors return from AI GW on direct_access_endpoint (merge request)
- Finalize BackfillPackagesDebianFileMetadataProjectId (merge request)
- Add NOT NULL to protected_branch_unprotect_access_levels (merge request)
- Finalize BackfillSnippetRepositoryStorageMovesSnippetProjectId (merge request)
- Quarantining end to end spec (merge request)
- Remove Planner role promotion related code (merge request)
- Add text limit constraint to oauth_applications.scopes (merge request)
- Regenerate RuboCop TODO files (merge request)
- Fix 20 rubocop violations for Layout/ArrayAlignment (merge request)
- Fix 10 rubocop violations for InternalAffairs/RedundantSourceRange (merge request)
- Fix 20 rubocop violations for InternalAffairs/NodeMatcherDirective (merge request)
- Fix 20 rubocop violations for InternalAffairs/ExampleHeredocDelimiter (merge request)
- Initialize conversion of deployments to bigint (merge request)
- Finalize QueueBackfillRequiredCodeOwnersSectionsProtectedBranch (merge request)
- Add NOT NULL constraint to requirements_management_test_reports (merge request)
- Remove remove_prompt_migration_review_merge_request feature flag (merge request) GitLab Enterprise Edition
- Remove backoff count from web_hooks table (merge request)
- Fills analyzer_project_statuses values (merge request) GitLab Enterprise Edition
- Make Code Owners validations generally available (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add NOT NULL constraint to packages_conan_file_metadata (merge request)
- Remove attribute_parser_fix feature flag (merge request)
- Initialize conversion of deployment_clusters to bigint (merge request)
- Add NOT NULL constraint to wiki_page_slugs (merge request)
- Add NOT NULL constraint to operations_scopes (merge request)
- Add NOT NULL constraint to packages_package_file_build_infos (merge request)
- Backfill organization_id values in ci_runner_machines (merge request)
- Finalize BackfillDastPreScanVerificationStepsProjectId (merge request)
- Remove duo_code_review_show_all_comments feature flag (merge request) GitLab Enterprise Edition
- Validate organization_id on runner-related models (merge request)
- Add NOT NULL cosntraint to packages_nuget_dependency_link_metadata (merge request)
- Remove
use_merge_base_for_all_report_comparisonsfeature flag (merge request) - No-op ValidateCiBuildNeedsProjectIdNotNull (merge request)
- Add NOT NULL constraint to packages_debian_project_component_files (merge request)
- Add NOT NULL constraint to packages_helm_file_metadata (merge request)
- Add NOT NULL to bulk_import_export_batches (merge request)
- Cleanup destroy_fork_network_on_archive-ff FF (merge request)
- Add NOT NULL constraint to packages_debian_group_component_files (merge request)
- Add NOT NULL constraint to packages_composer_metadata (merge request)
- Enforcing Gitlab::Database::Migration[2.3] as new DB migration version (merge request)
- Clean up runner_spec.rb (merge request)
- Finalize BackfillSnippetRepositoryStorageMovesSnippetOrgId (merge request)
- Remove dead code from ff removal (merge request) GitLab Enterprise Edition
- Fix E2E tests for personal access tokens UI (merge request)
- Finalize BackfillRequiredCodeOwnersSectionsProtectedBranchProjId (merge request)
- Add NOT NULL to issue_customer_relations_contacts (merge request)
- Remove chat mutation flag (merge request)
- Regenerate RuboCop TODO files (merge request)
- Remove file from CODEOWNERS (merge request)
- Removes
merge_request_dashboard_author_or_assigneefeature flag (merge request) - Fix 1 rubocop violations for InternalAffairs/ProcessedSourceBufferName (merge request)
- Fix 1 rubocop violations for InternalAffairs/NodePatternGroups (merge request)
- Fix 20 rubocop violations for InternalAffairs/NodeMatcherDirective (merge request)
- Fix 20 rubocop violations for InternalAffairs/ExampleHeredocDelimiter (merge request)
- Fix 6 rubocop violations for InternalAffairs/ExampleDescription (merge request)
- Finalize Backfill (merge request)
- Finalize BackfillRequirementsManagementTestReportsProjectId (merge request)
- Add NOT NULL to issuable_slas (merge request)
- Quarantine a flaky test (merge request)
- Finalize BackfillPackagesConanFileMetadataProjectId (merge request)
- Finalize BackfillWikiPageSlugsNamespaceId (merge request)
- Add partitioned copy for sent_notifications table (merge request)
- Remove
current_user_use_work_items_viewuser preference usage (merge request) - Clean up version filtering FF (merge request) GitLab Enterprise Edition
- Finalize BackfillOperationsScopesProjectId (merge request)
- Add migration to truncate old build names partitions (merge request)
- Create index synchronously (merge request)
- Finalize BackfillPackagesComposerMetadataProjectId (merge request)
- Quarantine a flaky test (merge request)
- Finalize BackfillPackagesNugetDependencyLinkMetadataProjectId (merge request)
- Finalize BackfillNamespacesRedirectRoutesNamespaceId (merge request)
- Finalize BackfillProjectsRedirectRoutesNamespaceId (merge request)
- Add Max number of files setting for zoekt indexable project (merge request) GitLab Enterprise Edition
- Finalize BackfillPackagesPackageFileBuildInfosProjectId (merge request)
- Add NOT NULL to bulk_import_configurations (merge request)
- Finalize BBM MigrateScimTokens (merge request)
- Add NOT NULL to design_management_repository_states (merge request)
- Enable two tests for personal access token UI (merge request)
- Add NOT NULL to issuable_resource_links (merge request)
- Remove pull_ref_directly_from_gitaly FF (merge request)
- Finalize BackfillPackagesHelmFileMetadataProjectId (merge request)
- Finalize BackfillPackagesDebianProjectComponentFilesProjectId (merge request)
- Finalize BackfillPackagesDebianGroupComponentFilesGroupId (merge request)
- Refine some company form items and remove unnecessary website_url (merge request) GitLab Enterprise Edition
- Warn Elasticsearch disabled in rake list pending migrations task (merge request) GitLab Enterprise Edition
- Add NOT NULL to boards_epic_list_user_preferences (merge request)
- Move the about site link to self-managed for trial registrations (merge request) GitLab Enterprise Edition
- Backfill ci_runners.organization_id (merge request)
- Add NOT NULL to sentry_issues (merge request)
- Fix 7 rubocop violations for InternalAffairs/NodeFirstOrLastArgument (merge request)
- Fix 10 rubocop violations for InternalAffairs/MethodNameEqual (merge request)
- Fix 1 rubocop violations for InternalAffairs/MethodNameEndWith (merge request)
- Fix 20 rubocop violations for InternalAffairs/ExampleHeredocDelimiter (merge request)
- Fix 1 rubocop violations for InternalAffairs/EmptyLineBetweenExpectOffen (merge request)
- Backfill issue_tracker_data sharding_key (merge request)
- Back-fill new partitioned uploads table (merge request)
- Finalize BackfillIssueCustomerRelationsContactsNamespaceId (merge request)
- Remove pat_last_used_at_optimization FF (merge request)
- Add NOT NULL on incident_management_pending_alert_escalations (merge request)
- Sync translations from crowdin (2025-05-28) (merge request)
18.1.2 (2025-07-09)
Fixed (5 changes)
- Rake Doctor Secrets: Fix WebHook error
- Fix title on empty projects
- Show both author and committer in last commit
- Remove Sidekiq shutdown delay in ConcurrencyLimitSampler
- Fix code owner validation for roles GitLab Enterprise Edition
Changed (2 changes)
Security (6 changes)
- Revert "Merge branch..." from 18.1 (merge request)
- Enforces invite_group_members permission when creating group members (merge request)
- Enforces invite_project_members permission when creating project members (merge request)
- Fix XSS via blob rich viewer (merge request)
- Fix CI ID Token claims for forked project MR jobs (merge request)
- Prevent linking fork if target group disallows external forks (merge request)
18.1.1 (2025-06-24)
Security (5 changes)
- Fix guest permissions for incident hierarchy updates (merge request)
- Fix the validation logic for IDP Certificate Fingerprint (merge request)
- Checking if framework and project have same namespace (merge request)
- Fix incorrect role grant after a user access_request (merge request)
- Prevent anonymous users from creating uploads (merge request)
18.1.0 (2025-06-18)
Added (182 changes)
- Update yaml with branch patterns (merge request) GitLab Enterprise Edition
- Show warning for incidents dragging on status list (merge request)
- Configure web_based_commit_signing_enabled with group update endpoint (merge request) GitLab Enterprise Edition
- Extracts logic for Pipeline Secret Detection into its own feature card (merge request)
- Update table_size database dictionary entries (merge request)
- Remove experiment flag from CiLint mutation (merge request)
- New UI for the personal access tokens in the profile settings (merge request)
- Add group and project transferred analyzers status event handlers (merge request) GitLab Enterprise Edition
- Enable accessible_code_owners_validation feature by default (merge request) GitLab Enterprise Edition
- Add setting for bypassing placeholder email confirmation (merge request) GitLab Enterprise Edition
- Clean up duo_workflow_commit_tools feature flag (merge request) GitLab Enterprise Edition
- Add work items display settings to user preferences (merge request)
- Move the zoekt indexing timeout to the application setting (merge request) GitLab Enterprise Edition
- Add marked_for_deletion field to Projects GraphQL query (merge request)
- WIP Add toggle for new violations view (merge request) GitLab Enterprise Edition
- Implement
DELETE /Groups/:idSCIM endpoint (merge request) GitLab Enterprise Edition - Implement grouping for new adherence report (merge request) GitLab Enterprise Edition
- Graphql query for controls coverage (merge request) GitLab Enterprise Edition
- Add zoekt node services (merge request) GitLab Enterprise Edition
- Add a worker to update minimum override role (merge request)
- Show icons on status lists (merge request)
- Implement compliance requirement status hover popup (merge request) GitLab Enterprise Edition
- Add GraphQL mutation for updating lifecycles (merge request) GitLab Enterprise Edition
- Add "select all" button to inputs selector (merge request)
- Add Modal for User Cap settings change (merge request) GitLab Enterprise Edition
- Add missing filters for: Cadence, Iteration (merge request) GitLab Enterprise Edition
- Personal and Group access token support for new virtual registry scopes (merge request)
- Add custom fields filtering to work items list view (merge request) GitLab Enterprise Edition
- Allow creation of Prometheus-type HTTP integrations in GraphQL (merge request)
- Add ability to copy the selected ref (merge request)
- Create column and setting for confirmation bypass (merge request) GitLab Enterprise Edition
- Add an option to insert GLQL view in RTE (merge request)
- Graphql api for listing project compliance violations (merge request) GitLab Enterprise Edition
- Update table_size database dictionary entries (merge request)
- Add author role badge to Wiki notes (merge request)
- Use existing Namespaces::WorkItemsResolver on namespace (merge request)
- Support minimum language server client restriction (merge request)
- Graphql query for framework coverage summary (merge request) GitLab Enterprise Edition
- Reintroduce backfill migration for vulnerabilities ES index (merge request) GitLab Enterprise Edition
- Add wiki page subscription backend and GraphQL mutation (merge request)
- Create Duo Self-Hosted Provision Service Class (merge request) GitLab Enterprise Edition
- Remove duplicated incidents from change failure rate (merge request) GitLab Enterprise Edition
- Add mention of the policy logs in PEP documentation (merge request)
- Remove connection types from CI lint mutation (merge request)
- Expose container_scanning_for_registry_enabled in graphql (merge request) GitLab Enterprise Edition
- Add health status and weight filter for WorkItem API (merge request)
- Add UI for controlling variables restriction in pipelines (merge request)
- Update GitLab Pages version (merge request)
- Track event when fine-grained permissions are enabled (merge request)
- New log and event for the adjustment service (merge request) GitLab Enterprise Edition
- Step-up auth: Add support for
includedcondition by @gerardo-navarro (merge request) - Allow to update value stream stages on GraphQL (merge request) GitLab Enterprise Edition
- Display runner creator and runner created_at within Runners API (merge request)
- Expose status details in the board list API (merge request) GitLab Enterprise Edition
- Add rechability field to vulnerability index (merge request) GitLab Enterprise Edition
- Add ability to sort compliance frameworks (merge request) GitLab Enterprise Edition
- Create new page for violation details (merge request) GitLab Enterprise Edition
- Add Duo Context Exclusion settings GraphQL interface (merge request)
- Add "GET /groups/:id/saml_users" API endpoint (merge request) GitLab Enterprise Edition
- Add filter
ALLto cluster agents query (merge request) GitLab Enterprise Edition - Release OWASP 2021 grouping (merge request) GitLab Enterprise Edition
- Add sorting to compliance_frameworks GraphQL field (merge request) GitLab Enterprise Edition
- Add Release, Contact, Organisation filters on WorkItems API (merge request)
- feat: Introducing Labkit::Metrics (merge request) GitLab Enterprise Edition
- Add conan delete package_revision endpoint for v2 by @oceane_scania (merge request)
- Add index to
sbom_graph_pathsfor efficient EachBatch usage (merge request) - Update pipeline inputs view (merge request)
- Allow adding comments to project_compliance_violations (merge request) GitLab Enterprise Edition
- Add learn more button to the banner (merge request) GitLab Enterprise Edition
- Add packages_composer_packages database table (merge request)
- Add index on provider, sync_status to ldap_admin_role_links table (merge request)
- Query work item statuses for a namespace (merge request) GitLab Enterprise Edition
- Cache and restore Work Item sidebar widgets during create (merge request)
- Fix and requeue analyzer status backfill migration (merge request) GitLab Enterprise Edition
- Drop 2 unused indexes (merge request)
- Add event and metric for GET groups/:id/enterprise_users (merge request) GitLab Enterprise Edition
- Remove FF auto_enable_duo_core_settings (merge request) GitLab Enterprise Edition
- Add branch pattern editor (merge request) GitLab Enterprise Edition
- Expose policy options for runner jobs (merge request) GitLab Enterprise Edition
- Add support for placeholder variables in markdown (merge request)
- Introduce LicensedFeatures field (merge request)
- Add oid column to lfs_objects_projects (merge request)
- Add AWS Secrets Manager Support by @DerAstronaut (merge request) GitLab Enterprise Edition
- Add pagination to a policy list (merge request) GitLab Enterprise Edition
- Update work item titles to show html version (merge request)
- Add Activatible concern for audit events (merge request) GitLab Enterprise Edition
- Enable security_policies_optional_variables_control by default (merge request) GitLab Enterprise Edition
- Add a
jsonbcolumn tovulnerability_exportstable (merge request) GitLab Enterprise Edition - Add license check for work item detail page (merge request)
- Add sync info to admin role ldap sync table (merge request) GitLab Enterprise Edition
- Add migration to correct vulnerabilities transitioned by auto-resolve (merge request)
- Update analyzer_namespace_status on project archive event (merge request) GitLab Enterprise Edition
- Add policy exceptions selector (merge request) GitLab Enterprise Edition
- Add name column to CI pipeline tables in ClickHouse (merge request)
- Add runner tokens to validity checks (merge request) GitLab Enterprise Edition
- Hide CRM Contacts widget when source group has no contacts (merge request)
- Created index for project violation for created (merge request) GitLab Enterprise Edition
- Build dependency graphs after ingesting SBoM report (merge request) GitLab Enterprise Edition
- Expose prometheus-type HTTP alert integrations in GraphQL (merge request)
- Add created_by/updated_by to lifecycle and status (merge request) GitLab Enterprise Edition
- Add not_configured counter to AnalyzerGroupStatusType in graphql (merge request) GitLab Enterprise Edition
- Remove duo_code_review_multi_file feature flag (merge request) GitLab Enterprise Edition
- Query work item lifecycles for a namespace (merge request)
- Support creating board lists with status values (merge request) GitLab Enterprise Edition
- Enable version filtering by default (merge request) GitLab Enterprise Edition
- Adding glab CLI event tracking (merge request)
- Add status list filtering in issue boards (merge request)
- Add lazy-load to projects & requirements section (merge request) GitLab Enterprise Edition
- Add group delete event handler (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Enable group hierarchy lookup optimization (merge request)
- Display only project-specific data in project compliance center (merge request) GitLab Enterprise Edition
- Add project_count field to User type in Graphql (merge request)
- Configure delete_limit of async delete pipelines for deleted triggers (merge request)
- Paginate requirements in framework edit sectino (merge request) GitLab Enterprise Edition
- Add project_id index on p_ci_pipeline_variables (merge request)
- Adding documentation for Experimental Feature (merge request)
- Small UI changes for long status names (merge request) GitLab Enterprise Edition
- Update table_size database dictionary entries (merge request)
- Adds groupRunnersEnabled to CiCdSettings GraphQL (merge request)
- Add knowledge graph models (merge request) GitLab Enterprise Edition
- Add namespace analyzer status alignment service (merge request) GitLab Enterprise Edition
- Allows users to bulk pause/unpause runners in runner lists by @tonton1728 (merge request)
- Call create mutation when admin role LDAP sync form is submitted (merge request) GitLab Enterprise Edition
- Evaluate project statuses on requirement update (merge request) GitLab Enterprise Edition
- Email/banner when compromised password is detected (merge request) GitLab Enterprise Edition
- Add top_namespace_model_ref logic to request (merge request) GitLab Enterprise Edition
- Code Context: use new unit prmitive (merge request) GitLab Enterprise Edition
- Add updatedAt field to graphql analyzer statuses types (merge request) GitLab Enterprise Edition
- Add DuoWorkflowAction to GraphQL (merge request) GitLab Enterprise Edition
- Add role dropdown to LDAP admin role sync form (merge request) GitLab Enterprise Edition
- Show work item status badge in issue cards (merge request)
- Add csp_namespace_id to application settings (merge request) GitLab Enterprise Edition
- Add script to create AI context migration files (merge request)
- Pages live block (merge request)
- Updated resource_spec file by @Syandell (merge request)
- Add deploy token support to Validity checks (merge request) GitLab Enterprise Edition
- ActiveContext: add code embedding files (merge request) GitLab Enterprise Edition
- Add project_compliance_violations DB table (merge request) GitLab Enterprise Edition
- Add findingTokenStatus to Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
- Protected packages: Generic package push protection by @gerardo-navarro (merge request)
- Add GitHub username to user profile by @bufferoverflow (merge request)
- Introduced policy for Duo Agentic Chat availability (merge request) GitLab Enterprise Edition
- Add status widget definition to issue work item type (merge request)
- Allow agent CI access sharing across top level groups (merge request)
- Add Irish to llist of selectable languages in the UI (merge request)
- Make groups GraphQL query countable and add
activeargument (merge request) - Remove track_sidekiq_concurrency_limit_execution FF (merge request)
- Remove gitlab_managed_cluster_resources feature flag (merge request)
- Update table_size database dictionary entries (merge request)
- Add active column to audit event streaming destination tables (merge request) GitLab Enterprise Edition
- Sync group_push_rules on push_rules write operations (merge request)
- Add API endpoint to retrieve Conan package revisions by @mbo5be (merge request)
- Add conan delete recipe_revision endpoint for v2 by @mbo5be (merge request)
- GraphQL: Allow retrieving pending jobs compatible with runner (merge request)
- Add FK on project_id (merge request)
- Add CompromisedPasswordDetection model and service (merge request) GitLab Enterprise Edition
- Add "imported" field to WorkItemType (merge request)
- Add ability to filter project and group issues by status (merge request)
- Create index on MRDC synchronously (merge request)
- Add sync method radios to LDAP create sync form (merge request) GitLab Enterprise Edition
- Add ServerFormGroup for admin role ldap sync form (merge request) GitLab Enterprise Edition
- Filter by access_levels in projects members GraphQL (merge request)
- Add bypass option widget (merge request) GitLab Enterprise Edition
- Add group archived abilities policy (merge request)
- Update GitLab Pages version (merge request)
- Use Elasticsearch to fetch vulnerabilities (merge request) GitLab Enterprise Edition
- Add the zoekt setting to control parallel processes (merge request) GitLab Enterprise Edition
- Translucent glass utility: Add option to pass bg color (merge request)
- Protected packages: Helm chart push protection by @gerardo-navarro (merge request)
- Refactor the Ci::Trigger.last_used (merge request)
- Use ES to fetch identifier names (merge request) GitLab Enterprise Edition
- Updating Learn Gitlab with Get Familiar section (merge request) GitLab Enterprise Edition
- Fill project analyzer build_id column post pipeline execution (merge request) GitLab Enterprise Edition
- Use ES to fetch severity counts (merge request) GitLab Enterprise Edition
- Backfill software_license_policies with custom licenses (merge request) GitLab Enterprise Edition
- Add GraphQL mutation to assign or unassign projects to a runner (merge request)
- Show default selected status when creating a work item (merge request) GitLab Enterprise Edition
- Remove cluster_agent_migrations feature flag (merge request)
- Remove autocomplete_users_rate_limit FF (merge request)
- Extend the existing package license to (merge request) GitLab Enterprise Edition
- Add merged date to work item MR items (merge request)
Fixed (204 changes)
- Fix Value Stream form restore defaults button (merge request) GitLab Enterprise Edition
- Fix link to the docs page to create project with "git push" (merge request)
- Fix ref selector branch list (merge request)
- Only show restore link on project listing when pending deletion (merge request)
- Make all scanner variables additional variables (merge request) GitLab Enterprise Edition
- Ensure overage modal appears for Projects (merge request)
- Add data points to Value Stream Analytics overview chart (merge request) GitLab Enterprise Edition
- Handle situation where match line is after target line (merge request)
- Fix stuck mirrors logic (merge request) GitLab Enterprise Edition
- Fix PowerShell variable expansion in Windows release scripts (merge request)
- Make
any_merge_requestapproval policy rules respect branch spec (merge request) GitLab Enterprise Edition - Issue boards: Fix a11y issues (merge request)
- Activity lists: List should be marked as such (a11y fix) (merge request)
- Pipeline editor visualize tab: Fix a11y issue with heading (merge request)
- Fix wrong check on displaying passed status in popup (merge request) GitLab Enterprise Edition
- Restrict adding a forward slash to node name (merge request) GitLab Enterprise Edition
- Fix stop button in MR widget (merge request)
- Disable using glab for CI release (merge request)
- Maintain label sorting when LabelLinks exist on Epic and WorkItem (merge request)
- File diff: Fix border radius issue with lighter syntax themes (merge request)
- Backfill placeholder users that miss an organization (merge request)
- Fix security policy sync workers to use string keys for params (merge request) GitLab Enterprise Edition
- Fix uppercase secret detection report type (merge request) GitLab Enterprise Edition
- Make selected only toggle use backend for filtering (merge request) GitLab Enterprise Edition
- Identify error for scope value field in issue boards (merge request)
- Fix issue board content wrapping (merge request)
- Ensure scoped labels display properly in source code md preview (merge request)
- Fix error when fetching all policies by type (merge request) GitLab Enterprise Edition
- Adds missing h1 to branches, commits and snippets pages (merge request)
- Iteration cadences: Fix a11y issues (merge request)
- Milestones a11y fix: Add missing h1 (merge request)
- Labels page: Fix a11y issues (merge request)
- Acvitity pages: Add hidden h1 (merge request)
- Enable batch loading linked work items (merge request)
- Environments page: Fix a11y issues (merge request)
- Pass seat_control value to FE for non-licensed (EE) instances (merge request) GitLab Enterprise Edition
- GLQL table shadow fix (darkmode) (merge request)
- Avoid extra line when no actions (merge request)
- Prevent value dropdown from overflowing (merge request)
- Fix line number in zoekt results (merge request) GitLab Enterprise Edition
- Add active nav state to work items (merge request)
- Add support for ADDITIONAL_CA_CERT_BUNDLE in glab releases (merge request)
- Fix incorrect redirect when branch doesn't include files (merge request)
- Explicitly normalize timestamps to use UTC timezone (merge request) GitLab Enterprise Edition
- Limit Validity Checks to Only Display on Secret Detection Reports (merge request) GitLab Enterprise Edition
- Fix NamespaceStatistics total counter (merge request) GitLab Enterprise Edition
- Transform epic data source properly (merge request)
- Fix border radius of failed jobs widget; update hover state (merge request)
- Fix race condition / segfault in the glab release command (merge request)
- Fixing Coverage-Check automatically being approved (merge request) GitLab Enterprise Edition
- Fix incorrect log formatting of variables_override without exceptions (merge request) GitLab Enterprise Edition
- Intersperse collection of items with a space (merge request)
- Recover when a partition is missing from the current state (merge request)
- Add new notification (merge request)
- Increase registry form btns gap (merge request)
- Prevent create form draft data from clearing when form modal is expanded (merge request)
- bug: Fix mermaid rendering on wiki notes by @gerardo-navarro (merge request)
- Merge branch '299607-multiple-emails-after-a-single-migration-is-complete' into 'master' (merge request)
- Fix a11y of board cards by not nesting content inside button (merge request)
- Check if policy is enabled before syncing rules (merge request) GitLab Enterprise Edition
- Fixed the description on timelogs modals for work items by @zillemarco (merge request)
- Moved @scope definition in search controller (merge request)
- Add scan_settings schema to scan_execution_policy_content schema (merge request) GitLab Enterprise Edition
- Fix misalignment in pipeline graph (merge request)
- Fix margin of ordered list in GLQL (merge request)
- Remove overflow hidden on GLQL tables (merge request)
- Allow selecting static environment scope (merge request)
- Validate push rules max_file_size (merge request) GitLab Enterprise Edition
- Fix error when querying custom attributes on non-existing attributable by @nwittstruck (merge request)
- Force rake gitlab:backup:restore to ignore PG16
must be able to SET ROLE "gitlab-psql"error (merge request) - Limit the number of pipeline count in merge request table (merge request)
- Geo Sites: Expose disabled registries (merge request) GitLab Enterprise Edition
- Refactor SimpleOrderBuilder to reduce objects allocation (merge request)
- Isolate project scope for AtomicInternalId shared example by @zakaria-fatahi (merge request)
- Avoid reordering sort enum values (merge request)
- Fix graphQL ID mismatch in replicable detail view (merge request) GitLab Enterprise Edition
- Fix Protected Tags show page (merge request)
- Fix drawer update not reflecting on item board bug (merge request)
- Fixing CI/CD import when user is not authenticated (merge request)
- Dependency Proxy: Restore ExternalAuthorization check on deploy tokens (merge request)
- The mark_all_as_completed! method should also drop halted cache (merge request) GitLab Enterprise Edition
- Fix typo in error message (merge request) GitLab Enterprise Edition
- Fix cursor store (merge request) GitLab Enterprise Edition
- Add active nav state to edit deploy keys (merge request)
- Fix: Ensure placeholder users are organization users (merge request)
- Fix links in Value Stream Analytics metric tiles and their popovers (merge request)
- Time tooltip triggers on keyboard focus (merge request)
- Include relative URL in latest release redirect (merge request)
- Fix emoji picker for users with scrollbars always on (merge request)
- Override complexity for Development widget fields (merge request)
- Gracefully handle timeout when validating git URL (merge request)
- Refactored project requirement compliance status refresh (merge request) GitLab Enterprise Edition
- Fix subgroup filtering in framework project tab (merge request) GitLab Enterprise Edition
- Allow
inputs:regexto match empty strings (merge request) - Make
<mark>within a table cell appear properly (merge request) - Fixed sidebar not highlighting scope when no search term (merge request)
- Fix race condition while creating scan_result_policy_read (merge request) GitLab Enterprise Edition
- Fix loading standard roles on premium license (merge request)
- Create worker to handle security policies on project transfer (merge request) GitLab Enterprise Edition
- Fix cache issue with work item refetch (merge request)
- Do not make membership of same level as inherited (merge request)
- Fix typo in SAML warning modal (merge request)
- Use symbol keys for addtional tracking property (merge request) GitLab Enterprise Edition
- Enable stream-audit-events-remote-ip-proxy-protocol by default (merge request)
- Fix Internal Server error from branchRuleCreate mutation (merge request)
- fix: Ensure test stage when enabling sec scans via Config page (merge request) GitLab Enterprise Edition
- Fixes spacing of runner skeleton loader (merge request)
- Use count fields instead of querying linked items (merge request)
- Add branch rules squash option license check (merge request)
- Fix Upgrade to 18.0: No such column (merge request)
- Fix: Restrict reassignment for non-enterprise users by @PRANJALI-SANKPAL (merge request) GitLab Enterprise Edition
- Fix the title/body issue for todo apis when it is a duo todo (merge request) GitLab Enterprise Edition
- Fix n+1 issues on vulnerabilities resolver (merge request) GitLab Enterprise Edition
- Fix
branchandtagsscope in pipelines resolver (merge request) - Fix /issues/new page bugs (merge request)
- Fixes layout of the full job log viewer (merge request)
- Fix: Make custom status name index case-insensitive by @PRANJALI-SANKPAL (merge request)
- Support markdown anchors and multi-line in permalink (merge request)
- Fix escape from work item creation (merge request)
- Make JSON import more fault tolerant (merge request) GitLab Enterprise Edition
- Fix wrong spacing in commit link (merge request)
- Do not hide the projects list when user searches and result is empty (merge request)
- Refactor and stabilize batch suggestion tests by @zakaria-fatahi (merge request)
- Prevent automatic default template selection on Work Items (merge request)
- Fix Firefox ESR overrides for work item notes note container query (merge request)
- Removed FE exposure of findingTokenStatus for Multiversion Compatability (merge request)
- Pass file path to Duo Workflow (merge request) GitLab Enterprise Edition
- Support custom domains when pages run on separate server (merge request)
- Trim pages deployment file name to 60 characters (merge request)
- Remove "new look" badge from project issue board (merge request)
- Fix permissions not showing for selected admin role on user edit page (merge request) GitLab Enterprise Edition
- Migrate orphaned timelogs to ghost user (merge request)
- Prevent hiding WI type select in create form (merge request)
- Fix branch rules url in the protected branch redirect banner (merge request)
- Elastic::MigrationWorker should not create migrations index (merge request) GitLab Enterprise Edition
- Fix UX bug related to personal access token scopes (merge request)
- Add missing work item/issue feature flags to board controllers (merge request)
- Default
VulerabilityType.identifiersto an[](merge request) GitLab Enterprise Edition - Fix visibility of custom roles on SaaS (merge request) GitLab Enterprise Edition
- Fix .gitattribute parsing logic (merge request)
- Apply Rails 7-1-stable patches to fix type map init issues (merge request)
- Fix wrapping in secret detection confirmation modal (merge request)
- Build list-id for group notifications (merge request) GitLab Enterprise Edition
- fix: Allow user to be passed as a string (merge request)
- Stabilize dashboard sort preference test with wait by @zakaria-fatahi (merge request)
- Add full unique index on issuable-resource-links by @tomasz.skorupa (merge request)
- Move fork_networks organization_id NOT NULL to post-migrate (merge request)
- Enable pull_ref_directly_from_gitaly FF by default (merge request)
- Do not truncate titles in GLQL views (merge request)
- Ensure geo_node is secondary git_http_controller_spec.rb (merge request) GitLab Enterprise Edition
- Disable validation limits to stabilize HTTP Integration update spec by @zakaria-fatahi (merge request)
- Fix NoMethodError: Projects::BlobController#update (merge request)
- Fix licence widget to align with full report (merge request) GitLab Enterprise Edition
- Ensure consistent diff ordering in spec by @zakaria-fatahi (merge request)
- Fix error adding timelog when user has invalid timezone set (merge request)
- Destroy orphaned job artifacts (merge request)
- Do not run index integrity worker for zoekt search (merge request) GitLab Enterprise Edition
- Prevent rounding of hours for time tracking (merge request)
- Fix updating member with custom role after license downgrade (merge request) GitLab Enterprise Edition
- Zoekt: Only enable search when nodes are online (merge request) GitLab Enterprise Edition
- Fix group icon in token access table (merge request)
- Fix stream audit events remote_ip for Git over SSH (merge request)
- Update tab count when searching and filtering (merge request)
- Update
run_jobpermission for bridge jobs (merge request) - Focus on username or password field in sign-in tabs (merge request)
- Include identifierName filter in the severities count query (merge request) GitLab Enterprise Edition
- Allow canceled Direct transfer to be re-imported (merge request)
- Fix HTTP audit event destinations (merge request) GitLab Enterprise Edition
- Fix gitpod button is missing in the edit dropdown (merge request)
- Fixes escape behavior in work item editors (merge request)
- Fix alignment of codeowners info button and branch rules button on repo (merge request) GitLab Enterprise Edition
- Fix scrolling on boards when filters don't fit inside the screen (merge request)
- Add group display uniqueness for the user on in-app trials (merge request) GitLab Enterprise Edition
- Settings section: Fix border appearing on retina like displays (merge request)
- Fix the router issue while closing the designs (merge request)
- Work items design management gap fix (merge request)
- Exclude binary files from ai_reviewable_files (merge request) GitLab Enterprise Edition
- Schedule p_ci_pipeline_variables project_id index (merge request)
- Fix setting confidential and set_parent (merge request)
- Update @loader method in catalog data loader (merge request)
- Stabilize multi-line suggestion tests by @zakaria-fatahi (merge request)
- Fix the state filtering for dismissal reason (merge request) GitLab Enterprise Edition
- Stabilize time-sensitive tests by @zakaria-fatahi (merge request)
- Make DB metric expectations resilient to zero durations by @zakaria-fatahi (merge request)
- Check policy scope before syncing with project (merge request) GitLab Enterprise Edition
- Add test for stale diff_stats memoization by @zakaria-fatahi (merge request)
- Add exclusions on drawer close (merge request)
- Enables numeric values for FQDN in workspace:agent (merge request) GitLab Enterprise Edition
- Isolate TreeSaver export_path to per-example tempdir by @zakaria-fatahi (merge request) GitLab Enterprise Edition
- Add text.color.default design token to .dropdown-menu class (merge request)
- Fix IDE links returns about:blank in old code dropdown (merge request)
- Hide false-positive template warning on Create Work Item (merge request)
- Fix mr count is not sending on render tracking event (merge request)
- Repo code owners block: Add missing top border (merge request)
- Removed unnecessary test in TokenValidityBadge spec (merge request)
- Run Sidekiq samplers after Rails initialization (merge request)
- Change create work item modal visibility logic so toast appears (merge request)
- Prevent work item sidebar dropdowns from overflowing when narrow (merge request)
- Manage DB connections in with_threads helper (merge request) GitLab Enterprise Edition
- Fix NoMethodError in RemoveBotForNamespaceWorker (merge request) GitLab Enterprise Edition
- Support bucket prefix when moving package files in object storage (merge request)
- Fix bug with group settings change trigger CRM validation unnecessarily (merge request)
- Respect ENV and config variables when initializing Bullet (merge request)
- Move showBlobControls logic to header area (merge request)
Changed (222 changes)
- feat: Add capability to filter mergerequests of commit by state by @gmicouin (merge request)
- Remove dependency on default organization id (merge request)
- Update control popup grouping (merge request) GitLab Enterprise Edition
- Remove exclude license packages feature flag (merge request) GitLab Enterprise Edition
- Map OpenMRs to GlDisclosureDropdownItem API (merge request)
- Add filtering by type for a policy list (merge request) GitLab Enterprise Edition
- Add tab label to group compliance dashboard tracking (merge request) GitLab Enterprise Edition
- Send only selected inputs by default (merge request)
- Update UI text for push rules by @cfleee (merge request) GitLab Enterprise Edition
- Change
protect_merge_request_pipelinescolumn default value to true (merge request) - Update
vulnerability_exportAPI to acceptreport_data(merge request) GitLab Enterprise Edition - Reduce QUEUE_THRESHOLD to ease incremental queue (merge request) GitLab Enterprise Edition
- Add instructions to empty status report (merge request) GitLab Enterprise Edition
- Remove default target namespace for external imports (merge request)
- Default enable work_item_epics_list feature flag (merge request) GitLab Enterprise Edition
- Fix: Removing the "ci" prefix from "server_fqdn" variable by @guptapratibha26 (merge request)
- Force transfer project dropdown to display at top (merge request)
- Refactor namespace permissions to use standard permission types (merge request) GitLab Enterprise Edition
- Add dark_color_scheme_id column to user_preferences table (merge request)
- Add graphql mutation to resync security policies (merge request) GitLab Enterprise Edition
- Remove autofocus on show for runner registration modal (merge request)
- Clean up 'explicit_group_saml_fingerprint_algorithm' FF and old code (merge request) GitLab Enterprise Edition
- Add additional metadata to zoekt indexing tasks (merge request) GitLab Enterprise Edition
- Add Duo Provision Service to Provisioning Workflows (merge request) GitLab Enterprise Edition
- Pass PATs scopes from backend to frontend in new UI (merge request)
- Add WorkspaceTokens model and table (merge request) GitLab Enterprise Edition
- Add type argument to policy resolver (merge request) GitLab Enterprise Edition
- Remove background for plan details on billing page (merge request) GitLab Enterprise Edition
- Job log: Related jobs cleanup (merge request)
- Cleanup FF allow_issuer_claim_custom....id_tokens (merge request)
- Rename knn limit to k (merge request) GitLab Enterprise Edition
- Allow GLQL searching ES by the milestone title (merge request)
- Fix feature flag limit badge (merge request)
- Restrict LFS file download to project-bound objects (merge request)
- Frontend changes to support external control name (merge request) GitLab Enterprise Edition
- Record target entity ID with spam logs (merge request)
- Track security finding severity manual overrides (merge request) GitLab Enterprise Edition
- Add animation to review button when review is started (merge request)
- Enable project-level control of web-based commit signing (merge request) GitLab Enterprise Edition
- Add aria-label to time entry button (merge request)
- Add index to labels table (merge request)
- Increase background visibility on highlighted job log line (merge request)
- Allow preselecting all inputs (merge request)
- Show allowlist entry for current project at the top (merge request)
- Adds a new Cop to prevent
connection.executecalls (merge request) - Update the Hugo tutorial and CI template by @annegentle (merge request)
- Update scanner to project default branch (merge request) GitLab Enterprise Edition
- Drop unique index scoped to the framework (merge request) GitLab Enterprise Edition
- Modify Microsoft Azure integration text (merge request) GitLab Enterprise Edition
- Cleanup FF protect_merge_request_pipelines (merge request)
- Remove static_licenses feature flag (merge request) GitLab Enterprise Edition
- Backfill data for new fields in the existing work item documents (merge request)
- Update project name error copy (merge request)
- Update analyzer statuses on default branch only (merge request) GitLab Enterprise Edition
- Split construct policy methods by type (merge request) GitLab Enterprise Edition
- CI/CD Variables drawer: Change visual heading size in drawer (merge request)
- Allow customization of issuer claim in ID tokens (merge request)
- Use composite oauth token for Duo Workflows CI execution (merge request) GitLab Enterprise Edition
- Removes grace period from Lock Retries Cop (merge request)
- Make issue type icon focusable (merge request)
- Clarify pipeline error message (merge request)
- Move info out of tooltip to fix accessibility problem (merge request) GitLab Enterprise Edition
- Introduce policy YAML annotation experiment (merge request) GitLab Enterprise Edition
- Add extra fields mappings to work items ES index (merge request)
- Fix null last_call values in project analyzer status (merge request) GitLab Enterprise Edition
- Add granular job token permissions for self project (merge request)
- Display the selected ref in ref selector group (merge request)
- Remove feature flag ci_limit_commit_statuses (merge request)
- Display help text to admins viewing sub-groups (merge request)
- Update Projects API status parameters to respect inherited status (merge request)
- Fix issue with non-supported dependency packager (merge request) GitLab Enterprise Edition
- Add top 5 countries to country selector (merge request) GitLab Enterprise Edition
- Allow artifacts from Code-Quality template to be downloaded (merge request)
- Allow ai_workflows scope access to POST CI lint (merge request)
- Add active context code scheduling service and worker (merge request) GitLab Enterprise Edition
- Mark row header cells in Google Cloud configuration (merge request)
- Add traversal_ids to notes index (merge request) GitLab Enterprise Edition
- Sort default branch at the top of ref dropdown (merge request)
- Fix upsert and project_id (merge request)
- feat: Start remote execution jobs with service account (merge request) GitLab Enterprise Edition
- Reduce spacing on role details page and fix disabled permissions click (merge request) GitLab Enterprise Edition
- Remove FF resolve_vulnerability_claude_3_7_rollout (merge request) GitLab Enterprise Edition
- Make issue board health statuses keyboard focusable (merge request)
- Update the copy of the heading for Step 1 of Trial Registration Flow (merge request) GitLab Enterprise Edition
- Replace build_id type in AnalyzerProjectStatusType to BigInt (merge request)
- Rollout work item embeddings for gitlab project (merge request) GitLab Enterprise Edition
- Add secure variable as default (merge request) GitLab Enterprise Edition
- Update texts for the policy drawer (merge request) GitLab Enterprise Edition
- Use authorize shorthand instead of Ability.allowed (merge request) GitLab Enterprise Edition
- Fix updated_at not updating in analyzer_project_statuses (merge request) GitLab Enterprise Edition
- Reduce permission scope of Duo workflow action (merge request) GitLab Enterprise Edition
- Add Pipeline ID to page title (merge request)
- Commits view: Add 'Browse files' button by @santigl (merge request)
- Make issue board header data focusable on keyboard (merge request)
- Downgrade Workhorse PubSub EOF errors to info messages (merge request)
- Default enable duo_code_review_show_all_comments (merge request) GitLab Enterprise Edition
- Allow customer with ramp subscriptions to purchase addons (merge request) GitLab Enterprise Edition
- Enable group-level control of web-based commit signing (merge request) GitLab Enterprise Edition
- Set destroy_fork_network_on_archive true (merge request)
- Improve DCR comment line position handling (merge request) GitLab Enterprise Edition
- Update project_user_defined_variables_restricted_to_maintainers labels (merge request) GitLab Enterprise Edition
- Remove default for actual_state_updated_at (merge request) GitLab Enterprise Edition
- Rename OrganizationUserAlias to OrganizationUserDetail (merge request)
- Move topics list into crudcomponent (merge request)
- Change
permanent_deletion_dateGraphQL field for groups and projects (merge request) - Changed issue description template dropdown to default size by @zillemarco (merge request)
- Security Inventory data should be visible by Dev+ (merge request) GitLab Enterprise Edition
- Replace index with ci_triggers (project_id, id) (merge request)
- Present queue_size and queue_depth in CI job payload (merge request)
- Adjust UI elements and styling of search modal (merge request)
- Change HNSW engine from nmslib to lucene (merge request) GitLab Enterprise Edition
- Add check for empty policy_hash (merge request) GitLab Enterprise Edition
- Improve adjustment service stability (merge request) GitLab Enterprise Edition
- Move closer access token expiration and lifetime settings (merge request)
- Fix responsive layout for admin role LDAP sync table and roles table (merge request) GitLab Enterprise Edition
- Add PHP language support to gitlab-advanced-sast (merge request)
- Update Groups API status parameters to respect inherited status (merge request)
- Implement various UI fixes for framework info drawer (merge request) GitLab Enterprise Edition
- Frontend changes to support external control name (merge request) GitLab Enterprise Edition
- Protected containers: Allow rule editing by @gerardo-navarro (merge request)
- Add source and target branches to branch_exceptions (merge request) GitLab Enterprise Edition
- Remove default selection in project import dropdown (merge request)
- Track audit log visits with active frameworks (merge request) GitLab Enterprise Edition
- Protect pipelines of MRs between protectd branches (merge request)
- Move DuoWorkflowAction to use GraphQL (merge request) GitLab Enterprise Edition
- Pass search term for project to backend for attach new issue (merge request) GitLab Enterprise Edition
- Increase Duo Code Review request timeout (merge request) GitLab Enterprise Edition
- Migrate harbor registry breadcrumb to new method (merge request)
- Decrease height of wiki sidebar items (merge request)
- Limit the number of tags displayed (merge request)
- Use GitLabSchema.parse_gid for ids filter (merge request) GitLab Enterprise Edition
- Show label names in work items labels widget (merge request)
- Move files from ai/context/ to ai/active_context (merge request) GitLab Enterprise Edition
- Do not backoff webhook if disabling not enabled (merge request)
- Add Auditor as a filter option to the Admin users page (merge request) GitLab Enterprise Edition
- Fixed flashing of no results screens while loading (merge request)
- Pages settings: Migrate delete action block (merge request)
- Remove FF for SSRF protection for dependency proxy (merge request)
- Add patch for attribute_instance_methods_as_symbols_available method (merge request)
- Add Prometheus histogram for PEP dry run duration (merge request) GitLab Enterprise Edition
- Increase Duo Workflow goal limit to 16k bytes (merge request) GitLab Enterprise Edition
- Pages settings: Move settings into a Crud (merge request)
- Resolve compromised password detection on change (merge request) GitLab Enterprise Edition
- Pages settings: Update copy of domain settings (merge request)
- Make "lock discussion" menu item behave like "confidential" item (merge request)
- feat: Enable WebIde to open to line in project (merge request)
- fix: LSP Issue 1955 fix for filtering by type (merge request) GitLab Enterprise Edition
- Expose 'ai_resolution_enabled' in vulnerability serialization (merge request) GitLab Enterprise Edition
- Clean up aigw v1 chat redirect ff (merge request)
- Conditionally sign web based commits on Saas (merge request) GitLab Enterprise Edition
- Visibility repository help text: Use
instead of **(merge request) - Add group cn dropdown for admin role ldap sync form (merge request) GitLab Enterprise Edition
- Change author of duo todos to internal duo bot (merge request) GitLab Enterprise Edition
- Combined policy list for policy table (merge request) GitLab Enterprise Edition
- Remove forcing legacy epic view (merge request) GitLab Enterprise Edition
- Add posibility to filter work items by parent reference (merge request)
- Move webhook secret token to Vue (merge request)
- Fix navigation from environment to job page (merge request)
- Remove duo_chat_read_directly_from_db feature flag (merge request) GitLab Enterprise Edition
- Expose "active" parameter to the projects graphql api by @dagaranupam (merge request)
- Don't require password confirmation when password auth is disabled (merge request) GitLab Enterprise Edition
- Don't require password confirmation when group disables password auth (merge request) GitLab Enterprise Edition
- Zoekt: Add lost node threashold setting (merge request) GitLab Enterprise Edition
- Always show zoekt preference when feature is enabled (merge request) GitLab Enterprise Edition
- Allow GLQL searching work items by author name in ES (merge request)
- Default enable use_approval_policy_rules_for_approval_rules (merge request) GitLab Enterprise Edition
- Rename
Inactive ProjectstoDormant Projectsby @bhanutejach9 (merge request) - Set Fireworks-hosted Codestral as defualt code completion (merge request) GitLab Enterprise Edition
- Add margin to drawer issue link (merge request)
- Backfill has_vulnerability_resolution for CWE-78 and CWE-89 (merge request) GitLab Enterprise Edition
- Remove nav spacing in fullscreen on job (merge request)
- Pages: Add tabs (merge request)
- Change batch_size & helper in BackfillWorkItemMilestoneData migration (merge request) GitLab Enterprise Edition
- Pages domain verification status migrations (merge request)
- Remove duoSettings object from Duo setting update GraphQL mutation (merge request) GitLab Enterprise Edition
- Add option to force resync security policies (merge request) GitLab Enterprise Edition
- Log when
.safe_find_or_create_bycannot find a row that should exist (merge request) - Remove unused href (merge request) GitLab Enterprise Edition
- Use design tokens in pipeline graph job hover (merge request)
- GLQL table view: Use link color for title link (merge request)
- Pages deployments: Cleanup loading, error and empty states (merge request)
- Convert try walkthrough link to button (merge request) GitLab Enterprise Edition
- MR widgets: Update border radius from base to lg (merge request)
- Create
project_authorizations_for_migrationstable (merge request) - Use AI-native terminology (merge request) GitLab Enterprise Edition
- Migrate google artifact registry breadcrumb to new method (merge request) GitLab Enterprise Edition
- Migrate workspace breadcrumbs to single nav option (merge request) GitLab Enterprise Edition
- Use user profile timezone for timelog quick actions and system notes (merge request)
- Clean up
new_implementation_of_invite_members_searchFF and old code (merge request) - Project area heading 1 migrations (merge request)
- Add human readable audit event labels (merge request) GitLab Enterprise Edition
- Notes: Increase border radius from base to lg (merge request)
- Add a flat policy list of all types (merge request) GitLab Enterprise Edition
- Show warning when user has no Duo code review access (merge request) GitLab Enterprise Edition
- Add UserFilterFormGroup for admin role ldap sync form (merge request) GitLab Enterprise Edition
- Cleanup new_duo_workflow_service feature flag (merge request) GitLab Enterprise Edition
- Backend changes to support 'external_control_name' (merge request) GitLab Enterprise Edition
- Migrate CI Secrets breadcrumbs to new method (merge request) GitLab Enterprise Edition
- Migrate analytics dashboard vue breadcrumb to new injection method (merge request)
- Use timezone related dates in expiring subscription message code (merge request) GitLab Enterprise Edition
- Add policy validation for pipeline execution schedule count (merge request) GitLab Enterprise Edition
- Backfill milestone title and id in work items index (merge request) GitLab Enterprise Edition
- Translucent sticky header: Increase transparency in darkmode (merge request)
- Update dependency auto-deploy-image to v2.130.0 (merge request)
- Backfill pipeline execution policy enforced scans (merge request) GitLab Enterprise Edition
- Add additional condition for banner (merge request) GitLab Enterprise Edition
- Add outbound allowlist to allowed endpoints for SSRF filter (merge request) GitLab Enterprise Edition
- Add type-specific policy constructors (merge request) GitLab Enterprise Edition
- Use localstorage for todos page size (merge request)
- Update placeholder text for filters in search modal (merge request)
- Convert filter include forked to exlude forks (merge request)
- Update banner to include dark mode svg bg (merge request) GitLab Enterprise Edition
- Doorkeeper Heading 1 migrations (merge request)
- Remove pipeline reference from Duo Workflow alert (merge request) GitLab Enterprise Edition
- Pages deployments: Migrate to Crud (merge request)
- Align delete policy button (merge request) GitLab Enterprise Edition
- Update package registry details UI (merge request)
- Migrate Iterations breadcrumb to new injection method (merge request) GitLab Enterprise Edition
- Add max and min date for the new PATs UI (merge request)
- Raise default Puma memory limits to 1.5 GB (merge request)
- Update order of container registry header buttons (merge request)
- Updates the link text for the GitLab community forum (merge request)
Removed (36 changes)
- Remove work_item_epics feature flag (merge request) GitLab Enterprise Edition
- Remove FF and references (merge request)
- Remove feature flag duo chat react agent claude 4 (merge request) GitLab Enterprise Edition
- Revert "Merge branch '14389-project-and-branch-variables-for-markdown' into 'master'" (merge request)
- Delete the
work_items_view_preference feature flag (merge request)
- Clean up
blob_repository_vue_header_app flag (merge request)
- Remove namespace_level_work_items feature flag (merge request)
- Drop ci_trigger_requests and remove Ci::TriggerRequest (merge request)
- Drop duplicate index ci_pipeline_variables (merge request)
- Remove add_on_purchases from AvailableServices (merge request) GitLab Enterprise Edition
- Dropped project_fingerpint column (merge request)
- Stop enqueuing epic validation worker (merge request) GitLab Enterprise Edition
- Delete the
blob_overflow_menu feature flag (merge request)
- Dropped project_fingerprint column (merge request)
- Chore: remove unneeded duo workflow feature flags (merge request)
- Drop unused group_icon and topic_icon helpers (merge request)
- Drop unused #search_filter_link method (merge request)
- Cleanup BBM BackfillFreeSharedRunnersMinutesLimit (merge request)
- Drop catalog resource component usages table (merge request)
- Update text embeddings for VertexAI Client (merge request) GitLab Enterprise Edition
- Remove unused feature flag
work_item_status_transitions (merge request)
- Delete the
search_button_top_right feature flag (merge request)
- Revert "Merge branch '434218-revert-ff-removal' into 'master'" (merge request) GitLab Enterprise Edition
- Remove periodicalnamespace_descendants_cache FF (merge request)
- Remove QueueRefreshOfBrokenAdherenceGroupsWorker (merge request) GitLab Enterprise Edition
- Remove x-gitlab-duo-seat-count HTTP header (merge request) GitLab Enterprise Edition
- Delete the
advanced_search_work_item_uses_note_fields feature flag (merge request)
- Remove include_forked param (merge request) GitLab Enterprise Edition
- Remove unused project_branches helper method (merge request)
- Remove unused link_to_wiki_page helper method (merge request)
- Dropped project_fingerprint column (merge request)
- Remove read_admin_dasbhoard custom admin ability (merge request) GitLab Enterprise Edition
- Remove redundant index ci_pipelines (merge request)
- Remove derisk FF:
resolve_vulnerability_send_finding_description (merge request) GitLab Enterprise Edition
- Drop p_ci_builds.trigger_request_id (merge request)
- Delete the
zoekt_critical_watermark_stop_indexing feature flag (merge request)
Security (19 changes)
- Added additinal sanitization
- Fix # #1329 - IDOR in compliance framework export endpoint
- Fix XSS with CSP bypass in JSON tables
- security: Git redirection inconsistency
- Add validation for board name length
- Protect webhook from excessive payload lengths
- Limit HTTP response size
- Endless Redirect Loop in any project when query param "format" is "git"
- Fix authorization for compliance frameworks projects
- Limit length of certificate cluster text fields
- Security 479168 discord zip vulnerability
- Remove trace field as it is already added in the interface
- Use CI::VariableValue in BasicEntity to prevent exposing hidden values in collapsible UI element
- Show full path of project in create MR dropdown
- Check rate limit for over-sized blobs
- Added size constraint validation to notes position fields
- Obfuscate emails in note.bodyFirstLineHtml
- Need to update 2fa requirement after accepting request
- Ensure SAML authn context comes from signed portion of SAML response
Performance (7 changes)
- Delete all user todos in batches from MigrateRecordsToGhostUserService (merge request)
- Remove skip_custom_roles_queries feature flag (merge request)
- Performance improvements for gitlab:doctor:secrets (merge request)
- Fix SQL N+1 issue for list project MRs endpoint (merge request)
- Remove reduce_lock_usage_during_partition_creation FF (merge request)
- Lazy load set status modal (merge request)
- Improve performance of Members::ExpiringWorker (merge request)
Other (217 changes)
- Adapt documentation to new PATs UI (merge request)
- Regenerate RuboCop TODO files (merge request)
- Fix 20 rubocop violations for InternalAffairs/NodeMatcherDirective (merge request)
- Add event store subscription for PolicyResyncEvent (merge request) GitLab Enterprise Edition
- Delete the non-ee version of feature flag (merge request)
- Add NOT NULL to design_user_mentions (merge request)
- Finalize BBM DeleteOrphanedProjectNamespaces (merge request)
- Quarantine a flaky test (merge request)
- Do not create duo core todo if a user has already received one (merge request) GitLab Enterprise Edition
- Mark first vulnerabilities ES backfill migration as obsolete (merge request) GitLab Enterprise Edition
- test: Refactor factory usage of project_deploy_token by @gerardo-navarro (merge request)
- Protected containers: Show error details when deleting container images by @gerardo-navarro (merge request)
- Add background migration to delete expired vulnerability exports (merge request) GitLab Enterprise Edition
- Remove remove_summarize_merge_request_claude_3_7_sonnet feature flag (merge request) GitLab Enterprise Edition
- Delete scan_result_policy_reads by approval_policy_rule_id (merge request) GitLab Enterprise Edition
- Backfill jira_tracker_data sharding_key (merge request)
- Finalize sharding key back-fill migrations for design management (merge request)
- Populate organization_id value in in runner tables (merge request)
- Backfill zentao_tracker_data sharding key (merge request)
- Finalize BackfillBulkImportExportBatchesGroupId (merge request)
- Finaliza BackfillBulkImportExportBatchesProjectId (merge request)
- Add
name to pipeline seeding in runner_fleet rake job (merge request)
- Protected packags: Generic push protection (Part 2) by @gerardo-navarro (merge request)
- Fix owasp_top_10 filter to accept multiple owasp values (merge request) GitLab Enterprise Edition
- Step-up auth: Make conditions evaluation more readable by @gerardo-navarro (merge request)
- refactor: Avoid magic z-index const for drawer components (Part 2) by @gerardo-navarro (merge request)
- Add NOT NULL to incident_management_oncall_shifts (merge request)
- Finalize troubleshoot job claude 3.7 upgrade (merge request) GitLab Enterprise Edition
- Swap pk on ci_build_reports to include partition_id (merge request)
- Remove remove_summarize_code_review_claude_3_7_sonnet feature flag (merge request) GitLab Enterprise Edition
- Remove duo_code_review_full_file feature flag (merge request) GitLab Enterprise Edition
- Finalize BackfillBulkImportConfigurationsOrganizationId (merge request)
- Finalize BackfillIssuableSlasNamespaceId (merge request)
- Regenerate RuboCop TODO files (merge request)
- test: Split up x509 user certificates by @gerardo-navarro (merge request)
- Finalize BBM BackfillProtectedBranchUnprotectAccessLevelsProtectedBranch (merge request)
- Finalize BackfillBoardsEpicListUserPreferencesGroupId (merge request)
- Add analytics.gitlab.com to CSP (merge request) GitLab Enterprise Edition
- Add NOT NULL on design_management_designs_versions (merge request)
- Add NOT NULL on project_relation_export_uploads (merge request)
- Add advanced vulnerability management event (merge request) GitLab Enterprise Edition
- Remove the learn_gitlab_redesign feature flag (merge request) GitLab Enterprise Edition
- Refactor helpers for consolidated APIs (merge request) GitLab Enterprise Edition
- Update x509 signatures: Add docs for automatic retry on GRPC error by @gerardo-navarro (merge request)
- Add NOT NULL on bulk_import_export_uploads (merge request)
- Quarantine a flaky test (merge request)
- Remove ci_build_needs index on partition_id (merge request)
- Add NOT NULL on incident_management_oncall_participants (merge request)
- Finalize BackfillIssuableResourceLinksNamespaceId (merge request)
- refactor: Use await nextTick in Framework Table component by @gerardo-navarro (merge request) GitLab Enterprise Edition
- Remove Extension Marketplace feature flags (merge request)
- Move ci_pipelines into the dynamic schema (merge request)
- Cleanup code related to packages_dependency_proxy_containers_scope_check (merge request)
- Add NOT NULL for sharding key on work_item_progresses (merge request)
- Add organization_id column to runner tables (merge request)
- Remove leftover permalink values (merge request)
- Quarantine a flaky test (merge request)
- Finalize BackfillIncidentManagementPendingAlertEscalationsProjectId (merge request)
- Update x509 signatures: Add automatic retry on GRPC timeout errors by @gerardo-navarro (merge request)
- Finalize BackfillIncidentManagementOncallShiftsProjectId (merge request)
- Add NOT NULL on incident_management_pending_issue_escalations (merge request)
- Document the PG upgrade process in the Database docs (merge request)
- Remove 'audit_events_api_offset_optimization' feature flag (merge request)
- Regenerate RuboCop TODO files (merge request)
- Remove foreign key from
vulnerability_archived_records (merge request)
- Include the repos with mismatched schema_version for indexing (merge request) GitLab Enterprise Edition
- Add async index migration (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add system defined status id for custom statuses (merge request)
- Feat: Add RuboCop cop to discourage Current.organization&.id (merge request)
- Add NOT NULL for sharding key on merge_request_assignment_events (merge request)
- Finalize BackfillMergeRequestAssignmentEventsProjectId (merge request)
- chore(rake): Add logging for x509 commit signature updates by @gerardo-navarro (merge request)
- Finalize BackfillIncidentManagementOncallParticipantsProjectId (merge request)
- Remove ff from code (merge request)
- Finalize BackfillIncidentManagementPendingIssueEscalationsNamespaceId (merge request)
- Schedule Vulnerability archival manually (merge request)
- Move ci_builds into the dynamic schema (merge request)
- Consolidate namespace deletion-related helper methods in a new file (merge request)
- Drop project_deletion_schedules table (merge request)
- Refactor x509 update rake task specs by @gerardo-navarro (merge request)
- Add NOT NULL for sharding key on issue_metrics (merge request)
- Sync drop index on ci_job_variables for partition_id (merge request)
- Quarantine a flaky test (merge request) GitLab Enterprise Edition
- Add schema_version to zoekt:info task (merge request) GitLab Enterprise Edition
- Refactor code suggestions base task endpoint method (merge request) GitLab Enterprise Edition
- Protected packages: Consolidate CheckDeleteRuleExistenceService by @gerardo-navarro (merge request)
- Maven virtual registry: support shareable upstreams (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM UpdateStatusForDeprecatedNpmPackages (merge request)
- Finalize BBM CreateMissingTerraformModuleMetadata (merge request)
- Add board_user_preferences sharding key (merge request)
- Remove invalid ticket hierarchy restrictions (merge request)
- docs: Apply tabs to x509 documentation sections "Linux" and "Win/macOS" by @gerardo-navarro (merge request)
- Add
namespace_deletion_schedules table and model (merge request)
- Replace index on ci_build_report_results (merge request)
- Finalize uploads back-fill dependencies (merge request)
- Revise new-changes block message (merge request)
- Remove push_rule_file_size_limit ff (merge request)
- Add NOT NULL for sharding key on resource_weight_events (merge request)
- Updating Topology Service Client Gem to 20a0104 (merge request)
- Prepare (namespace_id, id) index on sent_notifications (merge request)
- Cleanup snippet_ip_restrictions FF (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM BackfillWorkItemProgressesNamespaceId (merge request)
- Finalize BBM BackfillIssueMetricsNamespaceId (merge request)
- Drop redundant partition_id indexes on ci tables (merge request)
- refactor: Avoid magic number for drawer z-index by @gerardo-navarro (merge request) GitLab Enterprise Edition
- Backfill migration to fill project level analyzer status data (merge request)
- Correct documentation for revocation SA PATs (merge request)
- Remove web_ide_multi_domain feature flag (merge request)
- Update docs and comment about missing FKs (merge request)
- Create namespace_id based indexes for issue lists (merge request)
- Update SyncProjectPolicyWorker to handle events (merge request) GitLab Enterprise Edition
- Async drop index on p_ci_job_artifacts file_final_path (merge request)
- Fix Performance/FlatMap offenses by @louisraymond (merge request)
- Async remove index on ci_job_variables (merge request)
- Use migrate_to_encrypts :asset_proxy_secret_key in ApplicationSetting (merge request)
- Use consistant default values for locks (merge request)
- Sync translations from crowdin (2025-05-27) (merge request)
- Add condition to skip stdout silencing based on env variable by @gerardo-navarro (merge request)
- Add parameter hash to SyncProjectPoliciesWorker (merge request) GitLab Enterprise Edition
- Align Geo replicable names in the UI according to the Geo data types by @karras (merge request) GitLab Enterprise Edition
- Align Geo data type and Replicated feature flag names by @karras (merge request)
- Sync translations from crowdin (2025-05-26) (merge request)
- Add NOT NULL on security_orchestration_policy_rule_schedules (merge request)
- Regenerate RuboCop TODO files (merge request)
- Improve vulnerability specs where es is used (merge request) GitLab Enterprise Edition
- Add schema_version to zoekt_nodes and zoket_repositories (merge request)
- Track token usage for REST API requests from CI runners (merge request)
- Increase query limit threshold for license_compliance feature spec (merge request) GitLab Enterprise Edition
- Use duo_core_features_enabled in application code (merge request) GitLab Enterprise Edition
- Add NOT NULL for sharding key on status_page_published_incidents (merge request)
- Add NOT NULL on protected_branch_merge_access_levels (merge request)
- Revert "Reuse hosts during service discovery update" (merge request)
- Update ComplianceFrameworkChangedEvent subscription (merge request) GitLab Enterprise Edition
- Migrate Ancestor widget to use design tokens (merge request)
- Add logs when creating approval_merge_request_rule (merge request) GitLab Enterprise Edition
- Final steps for resource_milestone_events sharding_key (merge request)
- Remove FF allow_duo_base_access from backend (merge request) GitLab Enterprise Edition
- Remove rate limit feature flags (merge request)
- Protected packages: Original package publisher for NuGet worker (Part 1) by @gerardo-navarro (merge request)
- Rename index_ci_runner_machines_*_trigram indices (merge request)
- Finalize BBM BackfillStatusPagePublishedIncidentsNamespaceId (merge request)
- Async remove index_ci_build_needs_on_partition_id_build_id (merge request)
- Set RunScheduleWorker TTL to max time window (merge request) GitLab Enterprise Edition
- Readd index_users_for_auditors for GitLab.com (merge request)
- Add NOT NULL for sharding key on issue_user_mentions (merge request)
- Make sure default values are used when project data is unavailable (merge request) GitLab Enterprise Edition
- Maven virtual registry: support multiple registries (merge request) GitLab Enterprise Edition
- Add parameter hash to SyncProjectPolicyWorker (merge request) GitLab Enterprise Edition
- Remove the search_zoekt_proxy FF (merge request) GitLab Enterprise Edition
- Remove Current.organization&.id in registrations controller (merge request)
- Finalize BBM BackfillSoftwareLicenseSpdxIdentifierForSoftwareLicensePoli (merge request)
- Remove reveal_duo_core_feature feature flag (merge request) GitLab Enterprise Edition
- Protected packages: Graphql experiment description for helm by @gerardo-navarro (merge request)
- Clean up ff revalidate_gpg_fingerprints (merge request)
- Finalize adding sharding key on lists (merge request)
- Remove fallback for Current.organization&.id in api base and users (merge request)
- Refactor error class assignments to avoid chained assignment by @gerardo-navarro (merge request)
- Finalize adding sharding key on description_versions (merge request)
- Update documentation about LFK regarding tracking deletions (merge request)
- Regenerate RuboCop TODO files (merge request)
- Move ComplianceFrameworkChangedEvent handler to SyncPolicyEventWorker (merge request) GitLab Enterprise Edition
- Added Finalize limit namespace visibility by organization by @IP1102 (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM BackfillResourceWeightEventsNamespaceId (merge request)
- Ensure nuget client receives error message by @gerardo-navarro (merge request)
- Replace ci_runner_taggings FK with loose foreign key (merge request)
- Use provided sort options in es pagination (merge request) GitLab Enterprise Edition
- Return highest group access level across all ancestors in Projects API (merge request)
- Drop unused issues indexes synchronously (merge request)
- Removing unused cross database ignored tables (merge request)
- Finalize BBM BackfillProtectedBranchMergeAccessLevelsProtectedBranchName (merge request)
- Add NOT NULL for sharding key on issue_emails (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add NOT NULL for sharding key on resource_link_events (merge request)
- Finalize BBM BackfillSentryIssuesNamespaceId (merge request)
- Remove search_work_items_index_notes flag (merge request) GitLab Enterprise Edition
- Cleanup bigint conversion for terraform module metadata semver patch (merge request)
- Add http timeouts for AuditEventStreamingWorker (merge request) GitLab Enterprise Edition
- Move ci_job_artifacts into the dynamic schema (merge request)
- Move ci_stages into the dynamic schema (merge request)
- Finalize migration BackfillDependencyProxyManifestStatesGroupId (merge request)
- Clean up
allow_ldap_users_to_authenticate_with_gitlab_username FF (merge request)
- Add new sli for deleted objects (merge request)
- Update labels for virtual registries (merge request) GitLab Enterprise Edition
- Remove FF ci_inputs_for_pipelines (merge request)
- Replace tmp index with unique index for Maven packages (merge request)
- Add NOT NULL for sharding key on issuable_severities (merge request)
- Workhorse: set metrics labels for external URLs (merge request)
- Quarantine a flaky test (merge request)
- Add NOT NULL on protected_tag_create_access_levels (merge request)
- Add NOT NULL for sharding key on packages_pypi_metadata (merge request)
- Remove new_issue_attachment_from_vulnerability_bulk_action feature flag (merge request) GitLab Enterprise Edition
- Add NOT NULL on approval_project_rules_protected_branches (merge request)
- Add NOT NULL for sharding key on pages_domain_acme_orders (merge request)
- Remove enhanced_vulnerability_bulk_action feature flag (merge request) GitLab Enterprise Edition
- Remove work_item_related_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
- Protected containers: Improve method names in components by @gerardo-navarro (merge request)
- Move ci_builds_metadata into the dynamic schema (merge request)
- Add concurrency limit and http timeout for AuditEventStreamingWorker (merge request) GitLab Enterprise Edition
- Remove duo_chat_multi_thread flag as it is stable (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch work items to update integer with long type (merge request) GitLab Enterprise Edition
- Async namespace_id based indexes for issues (merge request)
- Add NOT NULL for sharding key on issuable_metric_images (merge request)
- Add NOT NULL for sharding key on packages_rubygems_metadata (merge request)
- Make telephone optional on in-app trial forms (merge request) GitLab Enterprise Edition
- Add NOT NULL for sharding key on packages_rpm_metadata (merge request)
- Drop resource_label_events Markdown cache columns (merge request)
- Finalize BBM BackfillResourceLinkEventsNamespaceId (merge request)
- Change users_preferences.organization_groups_projects_display defaults (merge request)
- Quarantine a flaky test (merge request)
18.0.4 (2025-07-09)
Fixed (8 changes)
- Fix incorrect redirect when branch doesn't include files
- Fix title on empty projects
- Show both author and committer in last commit
- Backport "Add a spinner for a loading elipsis menu" to 18.0
- Refactor blob commit info section
- Remove Sidekiq shutdown delay in ConcurrencyLimitSampler
- Fix code owner validation for roles GitLab Enterprise Edition
- Fix Protected Tags show page
Security (6 changes)
- Revert "Merge branch..." from 18.0 (merge request)
- Enforces invite_group_members permission when creating group members (merge request)
- Enforces invite_project_members permission when creating project members (merge request)
- Fix XSS via blob rich viewer (merge request)
- Fix CI ID Token claims for forked project MR jobs (merge request)
- Prevent linking fork if target group disallows external forks (merge request)
18.0.3 (2025-06-24)
Fixed (1 change)
Changed (2 changes)
- Revert "Merge branch 'backport-bugfix-restrict-LFS-download--18-0' into '18-0-stable-ee'"
- Restrict LFS file download to project-bound objects
Security (5 changes)
- Fix guest permissions for incident hierarchy updates (merge request)
- Fix the validation logic for IDP Certificate Fingerprint (merge request)
- Checking if framework and project have same namespace (merge request)
- Fix incorrect role grant after a user access_request (merge request)
- Prevent anonymous users from creating uploads (merge request)
18.0.2 (2025-06-11)
Fixed (5 changes)
- Fix Upgrade to 18.0: No such column
- Fix IDE links returns about:blank in old code dropdown
- Fix the title/body issue for todo apis when it is a duo todo GitLab Enterprise Edition
- Fix gitpod button is missing in the edit dropdown
- Move fork_networks organization_id NOT NULL to post-migrate
Security (8 changes)
- Protect webhook from excessive payload lengths (merge request)
- Endless Redirect Loop in any project when query param "format" is "git" (merge request)
- Backport for "Add validation for board name length" to 18-0 stable (merge request)
- Fix # #1329 - IDOR in compliance framework export endpoint (merge request)
- Fix authorization for compliance frameworks projects (merge request)
- security: Git redirection inconsistency (merge request)
- Fix XSS with CSP bypass in JSON tables (merge request)
- Limit HTTP response size (merge request)
18.0.1 (2025-05-21)
Fixed (1 change)
Changed (1 change)
- Add outbound allowlist to allowed endpoints for SSRF filter GitLab Enterprise Edition
Security (10 changes)
- Use CI::VariableValue in BasicEntity to prevent exposing hidden values in collapsible UI element (merge request)
- Show full path of project in create MR dropdown (merge request)
- Remove trace field as it is already added in the interface (merge request)
- Security 479168 discord zip vulnerability (merge request)
- Limit length of certificate cluster text fields (merge request)
- Check rate limit for over-sized blobs (merge request)
- Added size constraint validation to notes position fields (merge request)
- Obfuscate emails in note.bodyFirstLineHtml (merge request)
- Need to update 2fa requirement after accepting request (merge request)
- Ensure SAML authn context comes from signed portion of SAML response (merge request)
18.0.0 (2025-05-14)
Added (177 changes)
- Backfill vulnerabilities ES index (merge request) GitLab Enterprise Edition
- Add markdown rendering to code quality issue name by @django1194 (merge request)
- Adding api for listing project requirement statuses (merge request) GitLab Enterprise Edition
- Add archive column and event handler for project analyzer status (merge request) GitLab Enterprise Edition
- Prepare async FK for p_ci_pipelines.trigger_id (merge request)
- Update table_size database dictionary entries (merge request)
- Update model validation to new value constraint (merge request) GitLab Enterprise Edition
- Add wiki endpoints to notes REST API (merge request)
- Remove
duo_code_review_system_note feature flag (merge request)
- Add last updated information to Compliance Frameworks table (merge request) GitLab Enterprise Edition
- Add configurable cookie salts (merge request)
- Backfill instance integrations organization_id (merge request)
- Enable duo_code_review_full_file feature flag by default (merge request) GitLab Enterprise Edition
- Enable duo_code_review_multi_file feature flag by default (merge request) GitLab Enterprise Edition
- Hide Duo availability for Duo Core only scenarios (merge request) GitLab Enterprise Edition
- Delete old routing docs from Vulnerability Index on Project transfer (merge request) GitLab Enterprise Edition
- Add updated_at to ComplianceFrameworkType (merge request) GitLab Enterprise Edition
- Add reusable TokenValidityBadge component (merge request) GitLab Enterprise Edition
- Sticky headers: Add translucent glass style (merge request)
- Add project delete event worker for vulnerability namespace statistics (merge request) GitLab Enterprise Edition
- Add messaging to redirect users to Branch rules section (merge request)
- Enable enhanced bulk actions and related vulnerabilities by default (merge request) GitLab Enterprise Edition
- Add column for project web_based_commit_signing_enabled setting (merge request)
- Remove job source feature flag (merge request)
- Allow session to expire after specific time (merge request)
- Add is_team_member property to workflow API (merge request) GitLab Enterprise Edition
- Vulnerability webhook events for Groups (merge request) GitLab Enterprise Edition
- Add group import histories controller (merge request)
- Add Pages/Docusaurus project template (merge request)
- Add event forwarder for Snowplow events (merge request)
- Add control for one approval on MRs (merge request) GitLab Enterprise Edition
- Enable CI-based analyzer event tracking (merge request) GitLab Enterprise Edition
- Adds the analyzer_project_statuses query (merge request) GitLab Enterprise Edition
- Add columns for web_based_commit_signing_enabled setting (merge request)
- Add product usage data log (merge request)
- Add
organization_id validations to fork_networks (merge request)
- Add Duo Workflow action component (merge request) GitLab Enterprise Edition
- Add table for Organizations::OrganizationUserAlias (merge request)
- The base implementation of the PDF Vulnerability Report (merge request) GitLab Enterprise Edition
- Release the routable tokens feature (merge request)
- Add migration to create hosted runner records (merge request) GitLab Enterprise Edition
- Allow ai_workflows token to create Merge Requests (merge request)
- Add arguments to filter board lists by status (merge request) GitLab Enterprise Edition
- Add
Reload option to GLQL blocks (merge request)
- Add more accurate cluster health states (merge request)
- ActiveContext: use stored search embedding version during search (merge request)
- Add status to board list GraphQL API (merge request) GitLab Enterprise Edition
- Add auto_duo_code_review_enabled setting to REST API (merge request) GitLab Enterprise Edition
- Add sync status, timestamps & error columns to ldap_admin_role_links (merge request)
- Update table_size database dictionary entries (merge request)
- Add default variable configuration to new policy (merge request) GitLab Enterprise Edition
- Add update logic for Duo Core enablement for Self-Managed (merge request) GitLab Enterprise Edition
- Display missing Duo configs in info card (merge request) GitLab Enterprise Edition
- Add variables overwrite configuration (merge request) GitLab Enterprise Edition
- Add author_email column to gpg_signatures table (merge request)
- Add LDAP badge & filter to the users page in admin area (merge request)
- Add batched background migration to dpop column (merge request)
- Introduce policy for creating immutable tag rules (merge request)
- Add ScheduleWithinWorker to schedule jobs with jitter (merge request)
- Update GitLab Pages version (merge request)
- Add syncing LDAP with admin roles to cron jobs (merge request)
- Set branch and pass in workflow_definition (merge request) GitLab Enterprise Edition
- Allow Organization agents when creating workspaces (merge request)
- Remove limit_unique_project_downloads_per_namespace_user (merge request) GitLab Enterprise Edition
- Add default state and validation (merge request) GitLab Enterprise Edition
- Add protected and immutable tag patterns to tokens (merge request)
- Add copy permalink to repository overflow menu (merge request)
- Show work item status badge in child and linked items (merge request) GitLab Enterprise Edition
- Adding order by attribute to project compliance statuses (merge request) GitLab Enterprise Edition
- Add group transfer event handler for vulnerability_namespace_statistics (merge request) GitLab Enterprise Edition
- Add classes for syncing ldap with custom admin roles (merge request)
- Add status argument to boardListCreate mutation (merge request) GitLab Enterprise Edition
- Add internal event for dependency list version filtering (merge request) GitLab Enterprise Edition
- Show detailed pod status (merge request)
- Add get package files with revision by @mbo5be (merge request)
- Auto enable Duo Core features setting when activating a new subscription (merge request) GitLab Enterprise Edition
- Add support for showing Duo Workflow component (merge request) GitLab Enterprise Edition
- Protected packages: NuGet package push protection by @gerardo-navarro (merge request)
- Add variable override option (merge request) GitLab Enterprise Edition
- Add the admin setting to cache the zoekt result (merge request) GitLab Enterprise Edition
- Add Vulnerability Reads Es finder (merge request) GitLab Enterprise Edition
- Allow links from work items to incidents by @vedant-jain03 (merge request)
- Update Semver_dialects to 3.7.0 (merge request)
- Removes the group_remove_dormant_members FF (merge request) GitLab Enterprise Edition
- Add silent-mode subscription activation error (merge request) GitLab Enterprise Edition
- Remove duo_additional_context feature flag (merge request) GitLab Enterprise Edition
- Add application settings to manage CI/CD partitions (merge request)
- Add the ability fetch group level sbom component versions (merge request) GitLab Enterprise Edition
- Add upgrade Duo Core card (merge request) GitLab Enterprise Edition
- ActiveContext: use indexing_embedding_versions to generate embeddings (merge request)
- Allow admin to update duo_nano_features_enabled Duo setting (merge request) GitLab Enterprise Edition
- Add Contributor count to project-level VSD lifecycle metrics table (merge request) GitLab Enterprise Edition
- Finalize BackfillArchivedAndTraversalIdsToVulnerabilityStatistics BBM (merge request)
- Adapt Duo configuration info card for Duo Nano (merge request) GitLab Enterprise Edition
- Remove duo_additional_context feature flag (merge request) GitLab Enterprise Edition
- Deleting all compliance statuses for a project when moved (merge request) GitLab Enterprise Edition
- ActiveContext: add operation type upsert_only (merge request)
- ActiveContext: add migration for updating metadata on collection (merge request)
- Add variable override option (merge request) GitLab Enterprise Edition
- Add
up key shortcut behaviour on Work Items (merge request)
- Release SAML Groups Duo Add On Assignment (merge request) GitLab Enterprise Edition
- Introduce GitLab Geo feedback banner by @karras (merge request) GitLab Enterprise Edition
- Raise headers chars for audit event destinations (merge request) GitLab Enterprise Edition
- Add the ability to filter by version for project (merge request) GitLab Enterprise Edition
- Relocate Duo self-hosted pages to Duo settings menu (merge request) GitLab Enterprise Edition
- Enable dormant member limited capacity worker (merge request) GitLab Enterprise Edition
- Allows runner URLs to be fetched via a project connection (merge request)
- Add
active parameter to Groups REST API (merge request)
- Add optional parent_namespace_id to group delete event (merge request)
- Expose "active" parameter to the Projects REST API by @dagaranupam (merge request)
- Display Last GitLab Duo Activity on Duo Seat Utilization Page (merge request) GitLab Enterprise Edition
- Add new code suggestions field to GraphQL aiMetrics (merge request) GitLab Enterprise Edition
- Filter Non-Applicable Features from Premium Users in Duo Enterprise (merge request) GitLab Enterprise Edition
- Remove vulnerability redetected note feature flag (merge request) GitLab Enterprise Edition
- Add status to legacy issues GraphQL API (merge request) GitLab Enterprise Edition
- Add search to pipeline stage dropdown (merge request)
- Add group_setting jsonb column to app_settings (merge request) GitLab Enterprise Edition
- Add popover to parent widget link (merge request)
- Add auto_duo_code_review project setting (merge request) GitLab Enterprise Edition
- Show
Create new emoji within work items emoji picker (merge request)
- Add authenticate v2 endpoint by @mbo5be (merge request)
- Add latest package revision endpoint by @oceane_scania (merge request)
- Create merge_request_commits_metadata table (merge request)
- feat: Add admin API to revoke user support PIN (merge request)
- Add possibility to hide Duo Base from Duo frontend (merge request) GitLab Enterprise Edition
- Add support for deleting agent managed resources on environment stop (merge request)
- Add column build_id to analzyer_project_statuses table (merge request)
- Update GitLab Pages version (merge request)
- Update table_size database dictionary entries (merge request)
- Release scheduled PEP feature as experiment (merge request) GitLab Enterprise Edition
- Initial commit to create vulnerabilities ES Index (merge request) GitLab Enterprise Edition
- Create instance level compute visualization (merge request)
- Add Pages/Next.js project template (merge request)
- Add multiline paste support for custom fields (merge request)
- Add the ability to filter dependecines by version (merge request) GitLab Enterprise Edition
- Add system note when a vulnerability is redetected (merge request) GitLab Enterprise Edition
- Add support for Duo to GitLab Duo pages (merge request) GitLab Enterprise Edition
- Add endpoint for deletion of all done todos (merge request)
- Add REST API support for managing pipeline schedule inputs (merge request)
- Allow LDAP users to authenticate by using their GitLab username (merge request)
- Follow-on Root Cause Analysis Hotspot experiment (merge request) GitLab Enterprise Edition
- Use duo_base_features_enabled as attribute instead (merge request) GitLab Enterprise Edition
- Update TroubleshootJob executor to include ai tracking (merge request) GitLab Enterprise Edition
- Allow to display Rapid Diffs on merge request creation page (merge request)
- Add MR pipeline support to AST CI/CD templates (merge request)
- Remove importer_user_mapping_reassignment_csv feature flag (merge request)
- Allow batched background migrations to be listed by job name (merge request)
- Support Premium licenses to use self-hosted AI models (merge request) GitLab Enterprise Edition
- Create Rake Task to Bulk Assign Duo Seats (merge request) GitLab Enterprise Edition
- Add ability to trigger Duo Code Review automatically (merge request) GitLab Enterprise Edition
- Add metrics for mrap package exceptions (merge request) GitLab Enterprise Edition
- Enable Coverband UI (merge request)
- Add SaaS detection and Duo Workflow paths to admin settings (merge request) GitLab Enterprise Edition
- Adds GraphQL queries for vulnerabilities (merge request) GitLab Enterprise Edition
- Add sorting projects by full path (merge request)
- Add email prefix feature for gitlab emails (merge request)
- Add support for aliases in GLQL (merge request)
- Add status widget to the sidebar of tasks (merge request)
- Sync Cloud Connector tokens hourly (merge request) GitLab Enterprise Edition
- Add advanced vulnerability filters to es (merge request) GitLab Enterprise Edition
- Allow titles to contain markdown (merge request)
- Add copy button to work item MR modal (merge request)
- Enable periodical_namespace_descendants... FF (merge request)
- Use whitespace setting on Rapid Diffs page reload (merge request)
- Update table_size database dictionary entries (merge request)
- Update table_size database dictionary entries (merge request)
- Add IdP-scoped SAML group links (merge request) GitLab Enterprise Edition
- Add UI setting for AI agents to run pipelines (merge request) GitLab Enterprise Edition
- Create organization_push_rules table (merge request) GitLab Enterprise Edition
- Enable custom fields by default (merge request) GitLab Enterprise Edition
- Allow owner to update duo_nano_features_enabled (merge request) GitLab Enterprise Edition
- Add merge requests data source (merge request) GitLab Enterprise Edition
- Connect current statuses and custom statuses (merge request)
- Added validation for control name and expression (merge request) GitLab Enterprise Edition
- Add
permalinkPath field to TreeType via TreePresenter (merge request)
- Release conan protected packages feature (merge request)
- Add AST_ENABLE_MR_PIPELINES var to scan execution policies (merge request)
Fixed (169 changes)
- Loosen settings.write stub and expectations in GithubService spec (merge request) GitLab Enterprise Edition
- Hide delete button for All branches (merge request)
- Handle invalid import URLs (merge request)
- Add query params for prefilling new work item (merge request)
- Update feature specs to pass when pipeline inputs flag enabled (merge request)
- Prevent duplicate submissions in work item form (merge request)
- Move class to component (merge request) GitLab Enterprise Edition
- Use
no_longer_detected_ids when auto-resolving vulnerabilities (merge request) GitLab Enterprise Edition
- Fix sequence ownership for builds_metadata (merge request)
- Use tanuki icon for pages/html import (merge request)
- Fix scheduled PEP project schedule (re)creation (merge request) GitLab Enterprise Edition
- Fix members list in group protected environments (merge request) GitLab Enterprise Edition
- Fix bugs on dependency paths (merge request) GitLab Enterprise Edition
- Change workspace scripts volume permission to 555 (merge request)
- Search Settings checkboxes only visible when instance is licensed (merge request) GitLab Enterprise Edition
- Fix TypeError for GraphqlController#query parameter (merge request)
- Fix creating system notes for mentions in wiki pages (merge request)
- Add Imported badge for Comments and System notes (merge request)
- Fix manual job is not clickable (mini graph) (merge request)
- Markdown preview header: Fix overlap on left (merge request)
- Fix NoMethodError for markdown documents with a single space (merge request)
- Disable Self-hosted models configurations on GitLab dedicated (merge request) GitLab Enterprise Edition
- Allows clearing Docker Hub Authentication details in the UI (merge request)
- Support trusted proxies in Workhorse config (merge request)
- Add a ping? check before hitting Elasticsearch in admin (merge request) GitLab Enterprise Edition
- Skip orphan Sbom::Occurrence records when executing CVS (merge request)
- Adapt request for Duo settings update for sub-groups (merge request) GitLab Enterprise Edition
- Link security policy to framework from multiple top-level groups (merge request) GitLab Enterprise Edition
- Update comment box warning text (merge request)
- Hide disable PAT group setting on self-managed (merge request) GitLab Enterprise Edition
- Make Geo Registry Names translatable and no longer auto generated by @karras (merge request) GitLab Enterprise Edition
- Fix no method error in SyncPolicyEventWorker (merge request) GitLab Enterprise Edition
- Save custom_software_license if license is not on SPDX list (merge request) GitLab Enterprise Edition
- Fix Web IDE iframe-based OAuth token refresh (merge request)
- Fix missing PAT last_used_ips in GitLab CE by @thomasgl-orange (merge request)
- Fixed command palette edge case (merge request)
- Fix overflow issue of issue title in user profile activity by @mosampatel78 (merge request)
- Fix work item URLs in activity RSS feeds (merge request)
- Reschedule deduplicated
SyncScanPoliciesWorker (merge request) GitLab Enterprise Edition
- Handle race condition in approval rule creation from approval policy (merge request) GitLab Enterprise Edition
- Pull branch ref from Gitaly if not present in Redis (merge request)
- Skip resolved_by validation on importing records (merge request)
- Work items notes: Fix use of shortcut 'r' (merge request)
- Update runners/all access (merge request) GitLab Enterprise Edition
- Fix the new DS analyzer CI job image url (merge request)
- Fix subgroup filtering in framework project selection (merge request) GitLab Enterprise Edition
- Fix the deletion callback bug for ES bookkeeping (merge request) GitLab Enterprise Edition
- Check for router nav possibility (merge request)
- Allow using comment templates in MR reviews (merge request)
- Fix title disappearing in CreateWorkItemModal (merge request)
- Check for setting before showing ImportHistoryMenu (merge request)
- Prevent unauthorized users from adding, selecting or archiving designs (merge request)
- Fix read AI Setting error when not logged in (merge request) GitLab Enterprise Edition
- Optimize searching projects with component version (merge request) GitLab Enterprise Edition
- Alternative Vue breadcrumb injection method (merge request)
- Use SECURE_ANALYZERS_PREFIX in new dependency-scanning jobs (merge request)
- Make
after_script and before_script mutually exclusive with run keyword (merge request)
- Link security policy to framework from multiple top-level groups (merge request) GitLab Enterprise Edition
- Package Assets table: Add check for upload slot (merge request)
- Use issuable name in issuable by email popup by @curs3_w4ll (merge request)
- Fix manual job is not clickable (merge request)
- Fix ci variable drawer state (merge request)
- Added detectAndConfirmSensitiveTokens to work_item_comment_form (merge request)
- Fix CI depended triggers not locks resources (merge request)
- Rescue invalid URI in TransformReferencesWorker (merge request)
- Fix typo in FIPS docs page by @zillemarco (merge request)
- Add the Parallelism flag in the indexing request (merge request) GitLab Enterprise Edition
- Bump devfile gem to v0.4.3 (merge request)
- Show unknown status when nil Finding token status (merge request) GitLab Enterprise Edition
- Fix bug where jobs don't show up in stage (merge request)
- Refactor NamespaceStatistics schedule worker namespace ids extraction (merge request) GitLab Enterprise Edition
- Hide SSH signature from the tag's message (merge request)
- Fix NoMethodError for Projects::RefsController#logs_tree (merge request)
- Update fast_gettext gem to v4.1.0 (merge request)
- Fix nullable timelog.user in GraphQL (merge request)
- Migrate timelogs for deleted users to ghost user (merge request)
- Fix logic to hide work item notifications widget for logged out users (merge request)
- Consolidate style for "Please register or sign in to reply" (merge request)
- Fix SEP validation for target_default and target_protected branch types (merge request) GitLab Enterprise Edition
- Ensure primary button on board form remains disabled before modal closes (merge request)
- Ignore up arrow shortcut trigger if current comment is not empty (merge request)
- Prioritize service response when showing issue type fetch error (merge request)
- Remove force_scrollbar feature flag (merge request)
- Show partial data when there is an error in development widget (merge request) GitLab Enterprise Edition
- Replace error with message when no comments found in /summarize_comments by @dagaranupam (merge request) GitLab Enterprise Edition
- Ensure security policy bot user before executing auto resolve policy (merge request) GitLab Enterprise Edition
- Fix issue popover's createdAt for non-relative-time users (merge request)
- Only check records with encrypted data in gitlab:doctor:encryption_keys (merge request)
- Improve namespace statistics scheduleWorker performance (merge request) GitLab Enterprise Edition
- Ensure token status has the correct value (merge request) GitLab Enterprise Edition
- Account for sign in bar for work item drawer (merge request)
- Fix policy editor button position (merge request) GitLab Enterprise Edition
- Auto-expand work item description on link navigation (merge request)
- Add key to router-view to ensure re-renders (merge request)
- Fixed single relation endpoint bugs (merge request)
- Fix CRM validation bug when updating group settings (merge request)
- Show webhook settings link if user has permissions (merge request) GitLab Enterprise Edition
- Handle nils for prometheus integrations (merge request)
- Add BBMs to fix string config hashes in streaming destinations (merge request) GitLab Enterprise Edition
- Fix streaming destinations BBMs (merge request) GitLab Enterprise Edition
- Update assignees search to include participants (merge request)
- Provide set_pipeline_variables policy from backend (merge request)
- Fix skeleton loader for work item mention popover (merge request)
- Use CSS-based loaders for work item loading state (merge request)
- Fix quoting of user name in ReplaceTable helper class (merge request)
- Remove unnecessary expectation to fix flaky test (merge request)
- Fix broken Dockerfile highlighting (merge request)
- Prevent :remove_group perm. when projects cannot be removed by owners (merge request) GitLab Enterprise Edition
- Hide group settings for dependency proxy if config is disabled (merge request)
- Fix fluid width invite members banner (merge request)
- Clear form on milestone create or cancel (merge request)
- Fix token prefix change when PAT prefix is nil (merge request)
- Update fog-xml to v0.1.5 (merge request)
- Fix MR diffs endpoint to respond with pagination headers (merge request)
- Fix bug with pipeline_schedule.last_pipeline loading all pipelines (merge request)
- Fix project transfer not prioritizing exact matches (merge request)
- Fix GraphQL /assign non-project member quick action (confidential issue) (merge request)
- Fix design routing issue (merge request)
- Fix no method error construct pep with invalid policies (merge request) GitLab Enterprise Edition
- Fix suffix alignment for mobile screen (merge request) GitLab Enterprise Edition
- Remove unnecessary preload from pipeline schedules API endpoint (merge request)
- Fixed calling only one proper method to populate count (merge request)
- Fix the rendering of token Last Used IPs (merge request)
- Do not try to update not existing record (merge request) GitLab Enterprise Edition
- Create security_policy_bot on project transfer (merge request) GitLab Enterprise Edition
- Use commit email for cherry pick via UI (merge request)
- Respect fork filter for global zoekt search (merge request) GitLab Enterprise Edition
- Fix issue where attached JS files couldn't be downloaded by @nikitasakau (merge request)
- Allow update_runner policy for project runners shared indirectly (merge request)
- Fix pipeline execution policies limit for group-level policies (merge request) GitLab Enterprise Edition
- Move router view out of collapsible section (merge request)
- Adjust package history loading skeleton (merge request)
- Localize work item types in "Change type" modal (merge request)
- Fix search SAML redirect for subgroup search (merge request) GitLab Enterprise Edition
- Fix toggle text on dropdowns when initially selection is reset (merge request)
- Use fullpath for MR tooltip (merge request)
- Provide set_pipeline_variables policy from backend (merge request)
- Make sure long inline code in GLFM doesn't overflow its parent (merge request)
- Runners list: Delete action fix loading icon (merge request)
- Improve custom field select options validation (merge request) GitLab Enterprise Edition
- Update approval_policy_rule_id to loose foreign key (merge request) GitLab Enterprise Edition
- Fix Epic note events in contribution calendar (merge request) GitLab Enterprise Edition
- Fix time discrepancy in open MRs for blob (merge request)
- Fix MWPS notification label and improve event handling (merge request)
- Protected container repositories Crud migrations (merge request)
- Fix alignment of items in vulnerability report on mobile devices by @karras (merge request) GitLab Enterprise Edition
- Show only scoped Vulnerability Management Policies in policies list (merge request) GitLab Enterprise Edition
- Fix policy index handling for deleted security policies (merge request) GitLab Enterprise Edition
- Prevent title overflow (merge request)
- Remove potential duplicate settings (merge request)
- Show PMD results in inline code quality diff (merge request)
- Fix new issue template work item logic (merge request)
- Display loading icon on the correct button (merge request) GitLab Enterprise Edition
- Fix alignment of pending note footers (merge request)
- Fix string conversion for CI Inputs (merge request)
- Pipeline graph: Failed grouped jobs spacing fix (merge request)
- Always log CloudFlare leaked cred reports on signin (merge request) GitLab Enterprise Edition
- Top bar search: Fix alignment on right (merge request)
- Use fuzzy search on work item labels dropdown (merge request)
- Ensure board card "Card options" menu toggle button has accessible text (merge request)
- Allow long downstream pipeline names to break (merge request)
- Fix execute_count method on elasticsearch (merge request) GitLab Enterprise Edition
- Fix spacing of note header timestamp for notes with system content (merge request)
- Truncate long test suite names (merge request)
- Fix positioning of GLQL actions dropdown (merge request)
- Schedule pipeline: Validate cron timezone (merge request)
- Input copy toggle: Add border to input (merge request)
- Ensure end of notification email signature has unique content (merge request)
- Fix service account email confirmation with domain verification (merge request) GitLab Enterprise Edition
Changed (231 changes)
- Remove custom_software_license feature flag (merge request) GitLab Enterprise Edition
- Add right sidebar for new learn gitlab (merge request) GitLab Enterprise Edition
- Handle nil vulnerability_read for VulnerabilityType (merge request)
- Add base policy attributes (merge request) GitLab Enterprise Edition
- User admin detail: Migrate page header to pageHeading (merge request)
- Remove feature flag zoekt_multimatch_frontend (merge request) GitLab Enterprise Edition
- Add human/bot filtering options to admin interface (merge request)
- Help menu: Fix contribute link (merge request)
- Adjust capitalization for service accounts UI (merge request)
- Update PostgreSQL docs for version 16 (merge request)
- Public avatar settings section migration (merge request)
- Bump minimum required PostgreSQL version to 16 (merge request)
- Decrease bottom padding in content wrapper (merge request)
- Update container registry page and shared list item (merge request)
- Improve access tokens options in admin settings (merge request)
- Add style to new_gpg_key_email notification (merge request)
- Set FF allow_duo_base_access to true (merge request) GitLab Enterprise Edition
- Settings section: Make only heading sticky (merge request)
- Roles and permissions detail page: Remove tabs (merge request) GitLab Enterprise Edition
- Permanently enables dependency_proxy_read_write_scopes (merge request)
- Inclusive due_date for %Started scope (merge request)
- make control name reflect what is ensured by @erik.petzold1 (merge request) GitLab Enterprise Edition
- Add registry upstream list item and form components (merge request)
- Add source filter to
newest_first method in the Pipeline model (merge request)
- Update tooltip and docs description for Cycle time analytics (merge request)
- Populate email field if email is present (merge request) GitLab Enterprise Edition
- Only send modified inputs in pipeline new form (merge request)
- Use user organization as fallback for missing organization (merge request)
- Consider namespace bans for Duo root_group_ids (merge request) GitLab Enterprise Edition
- Bypass permission check to close MRs for archived projects (merge request)
- Add ES bookkeeping when calling update_all or delete_all on vulnerabilities (merge request) GitLab Enterprise Edition
- Allow auto enable Duo Core feature setting via seat link sync (merge request) GitLab Enterprise Edition
- Delete placeholder users when a top level group is deleted (merge request)
- ActiveContext: Add consitent error handling for preprocessors (merge request)
- Improve UX on CTAs after creation of compliance framework (merge request) GitLab Enterprise Edition
- Refactor AI Setting mutation to return the object (merge request) GitLab Enterprise Edition
- Allow only active and non-bot user (merge request) GitLab Enterprise Edition
- Modernize Crud component (merge request)
- Disables editing blob for lfs (merge request)
- Revert user-facing docs for enabling admin bypass placeholder confirmation (merge request)
- Include push_ruleable concern in group_push_rule (merge request) GitLab Enterprise Edition
- Extract shared logic from push_rules to a concern (merge request) GitLab Enterprise Edition
- Update header app and blob overflow menu feature flag (merge request)
- Updates project runner details page (merge request)
- Scope Duo Workflow action feature flag to user (merge request) GitLab Enterprise Edition
- Enable better CI/CD analytics for project pipelines (merge request)
- Track collapsed diffs from Gitaly to show safe limit warnings (merge request)
- Enable
commits_from_gitaly feature flag by default (merge request)
- Update major version of GLAS image (merge request)
- Remove the extra space on no results (merge request)
- Update on call schedule to import only data design token color constants (merge request)
- Add explore GitLab Duo Core banner to MR (merge request) GitLab Enterprise Edition
- Finalize backfill_secret_push_protection_enabled migration (merge request)
- Remove the git_push_create_all_pipelines feature flag (merge request)
- Make external status checks support group-level protected branches (merge request) GitLab Enterprise Edition
- Update project template list (merge request) GitLab Enterprise Edition
- Revalidate_gpg_fingerprins ff default_enabled set to true (merge request)
- Updates enable duo banner to use api (merge request) GitLab Enterprise Edition
- Add admin UI control for
scan_execution_policies_schedule_limit (merge request) GitLab Enterprise Edition
- Permanently enables packages_dependency_proxy_containers_scope_check (merge request)
- Role detail view: Migrate components (merge request)
- Increse max_tokens for review_merge_request (merge request) GitLab Enterprise Edition
- Fixes tracking for modal primary event (merge request) GitLab Enterprise Edition
- Show message when Duo code review is unavailable (merge request) GitLab Enterprise Edition
- ActiveContext: allow disabling ref fields (merge request)
- Container registry forms: Set autofocus to add forms (merge request)
- Create member role: Migrate components used to shared components (merge request)
- Drop exact_matches_first_project_transfer feature flag (merge request)
- Disable batch update button for disabled features (merge request) GitLab Enterprise Edition
- Feature flag default_enabled set to true (merge request)
- Update example response for Geo site status API (merge request)
- Package registry: Improve loader to reflect more real world data (merge request)
- Document SaaS-only GraphQL schema (merge request)
- Remove company size from company form (merge request) GitLab Enterprise Edition
- Add boolean type custom cell to inputs table (merge request)
- Shorten import options list on group registration page (merge request) GitLab Enterprise Edition
- Hide Duo availability for Duo Core (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v4.11.1 (merge request)
- Enable open MRs for a file feature by default (merge request)
- Package project settings: Use section instead of block component (merge request)
- Add ExclusiveLeaseGuard to bulk update (merge request) GitLab Enterprise Edition
- Stop persisting pipeline config (merge request)
- Update registration company form (merge request) GitLab Enterprise Edition
- Make delayed deletion available to all pricing tiers (merge request)
- Reset variables modal to initial state (merge request) GitLab Enterprise Edition
- Add 'external_control_name' to compliance requirements controls (merge request) GitLab Enterprise Edition
- Add enable duo banner component (merge request) GitLab Enterprise Edition
- Move work item confidentiality loading spinner to actions dropdown (merge request)
- Separate project and group dependency types in GraphQL API (merge request) GitLab Enterprise Edition
- Enable using glab for CI release (merge request)
- Add API endpoint to update Maven virtual registry upstream position (merge request)
- Add ApplicationSetting for the
git_push_create_all_pipelines ff (merge request)
- Update milestone scopes (merge request)
- Remove next button from identity verification (merge request) GitLab Enterprise Edition
- Add archived project to compliance framework filter (merge request) GitLab Enterprise Edition
- Move a variable list to a parent component (merge request) GitLab Enterprise Edition
- Increased default bcrypt stretches, enabled transparent upgrade (merge request)
- Updated Validity Check Badge text to reflect possible design titles (merge request)
- Change column default from true to false (merge request) GitLab Enterprise Edition
- Revert MR 189075 (merge request) GitLab Enterprise Edition
- Update package page headings and install instructions (merge request)
- Pipeline minigraph: Improve search input styles (merge request)
- Work item: Reduce spacing between title and meta information (merge request)
- Re-prepare async index on merge_request_commits_metadata_id (merge request)
- Project sidebar badges alignment improvement (merge request)
- Rename Security Orchestration Policy to Scheduled Scan Execution Policy (merge request) GitLab Enterprise Edition
- Updated move and clone operations to work on work item framework (merge request)
- Model registry: Performance tab changes (merge request)
- Model registry version: Refactor header (merge request)
- Update variable args in workspaceCreate mutation (merge request) GitLab Enterprise Edition
- Document tuning of lower Geo concurrency default settings by @karras (merge request)
- Add Auditor as a filter option to the Admin users page (merge request) GitLab Enterprise Edition
- Separate project and group dependency types in GraphQL API (merge request) GitLab Enterprise Edition
- Disable
confetti_post_signup cookie (merge request) GitLab Enterprise Edition
- Flexible work item sidebar (merge request)
- Turn auto_devops_banner_disabled on by default to hide the banner (merge request)
- Improve interpolation error messaging (merge request)
- Make PDM no-op since it was incorrect (merge request)
- Runner detail page: Show runners in Crud (merge request)
- Change to async_delete for ci_running_builds.runner_id (merge request)
- Lower Geo replication concurrency default settings by @karras (merge request)
- Add integration tests for exclude licenses (merge request) GitLab Enterprise Edition
- Add "Open in Workspace" in MR page (merge request) GitLab Enterprise Edition
- Update group and project label in search modal (merge request)
- Fix the styling of import buttons (merge request) GitLab Enterprise Edition
- Use package id in package registry breadcrumbs (merge request)
- Update dependency auto-deploy-image to v2.128.0 (merge request)
- Update dependency auto-build-image to v4.11.0 (merge request)
- Model registry detail page improvements (merge request)
- Update error messages for pipeline inputs (merge request)
- Add confirmation step before a broadcast messages gets saved (merge request)
- Move
workItemStatus fragment to main query (merge request) GitLab Enterprise Edition
- Set cache: [] in Secret Detection latest template (merge request)
- Hide child items and linked items widgets when empty and can't edit (merge request)
- Add a warning modal when disconnecting SAML groups (merge request)
- Enable
disable_widget_responses by default (merge request)
- Fix PAT last_used_ips for /self API by @thomasgl-orange (merge request)
- Update ffi and mixlib-log gems (merge request)
- Add milestone_title keyword field to work_items index (merge request)
- Expose vulnerabilities fields to Jira integration API (merge request) GitLab Enterprise Edition
- Nullify embedding0 field (merge request) GitLab Enterprise Edition
- Cleanup plan_limits_repository_size Feature Flag (merge request)
- Switch workitem index to use new embedding field and model (merge request) GitLab Enterprise Edition
- Update Duo Nano to Duo Core (merge request) GitLab Enterprise Edition
- Always enable sorting for storage usage quotas (merge request)
- Add namespace and project metadata to application context for GLQL (merge request)
- Add merge_request_commits_metadata_id column to MRDC (merge request)
- Log error message when managed resources fail to delete (merge request)
- Add a new ResourceGroup process_mode: "newest_ready_first" by @BageDevimo (merge request)
- Add infinite scroll to GitHub organizations box (merge request)
- Add actor for static_licenses feature flag (merge request) GitLab Enterprise Edition
- Add embedding1 field to workitems index (merge request) GitLab Enterprise Edition
- Update environments to use token for websocket (merge request)
- Updated EnforceDatabaseHealthSignalDeferral ignored list (merge request)
- Improve help text for auto user deactivation (merge request)
- Bump CS and DS analyzer major version (merge request)
- Bump secrets analyzer major version (merge request)
- Bump SD analyzer version to 7 (merge request)
- Drop sequences for some ID columns in MRCM table (merge request)
- Track all workers concurrency jobs (merge request)
- Runner detail: Delete action (merge request)
- Add versioning support to routable token (merge request)
- Package detail page: Move delete button into ellipsis menu (merge request)
- Adds Rubocop rule to enforce worker deferral based on DB health (merge request)
- Hide test button - GitLab for Jira app integration (merge request)
- Move social accounts into their own section (merge request)
- Rename Duo Nano to Duo Core (merge request) GitLab Enterprise Edition
- Skips processing dormant members when deactivated (merge request) GitLab Enterprise Edition
- Update openapi docs (merge request)
- Validate seat assignable add-on (merge request) GitLab Enterprise Edition
- Limit the number of concurrent exports in progress (merge request) GitLab Enterprise Edition
- Add security_policy_id to compliance_framework_security_policies (merge request) GitLab Enterprise Edition
- Dry'd check for increase in billable count (merge request) GitLab Enterprise Edition
- Change DuoNano to DuoCore (merge request) GitLab Enterprise Edition
- Align API Discovery CI templates with other AST features (merge request)
- Upgrade Hugo project template (merge request)
- Adjust code to work with static licenses catalogue (merge request) GitLab Enterprise Edition
- Update
r key shortcut behaviour on Work Items (merge request)
- Remove fix_gmail_footer_truncation feature flag (merge request)
- Remove confidentiality relocation sidebar stub (merge request)
- Rename search admin UI checkboxes and update relevant documentation (merge request)
- Cleanup FF enable_secrets_provider_check (merge request) GitLab Enterprise Edition
- Remove beta status from block seat overages for .com (merge request) GitLab Enterprise Edition
- Remove beta status for BSO self-managed (merge request) GitLab Enterprise Edition
- Introduce subscriptions refactor (merge request)
- Change user authorization to use terms query for projects (merge request) GitLab Enterprise Edition
- Default
scan_execution_policies_action_limit setting to 0 (merge request) GitLab Enterprise Edition
- Crud: Change loading state to use skeleton loader (merge request)
- Use read replica for GLQL queries if available (merge request)
- Make license version optional (merge request) GitLab Enterprise Edition
- Move branch rules alert into settings block (merge request)
- Default backdated timelogs to midday (12:00) (merge request)
- Update alignment of package registry page (merge request)
- Allow specifying the organization for an Internal User (merge request) GitLab Enterprise Edition
- Update reachability to only be present for (merge request) GitLab Enterprise Edition
- Model registry: Improve upload artifacts of assets (merge request)
- Add MR pipelines support to Container Scanning CI template (merge request)
- Added registry setup instruction for group level endpoint (merge request)
- Add UpdateTroubleshootJobEventsPrimaryKey migration (merge request)
- Finalize semver_patch conversion to bigint in terraform module metadata (merge request)
- Only refresh seat assignable add-on (merge request) GitLab Enterprise Edition
- Package group settings: Cleanup settings (merge request)
- Package detail page migrations (merge request)
- Set some columns in MRDC to be nullable (merge request)
- Update the permalinkPath description (merge request)
- Improve styling of user calendar activities (merge request)
- Add MR pipelines support to Container Scanning CI template (merge request)
- Return a success status when stopping an already stopped environment (merge request)
- Update DrawIO media bubble edit button copy (merge request)
- Migrate
.setting-message to Pajamas alert component (merge request)
- Updated supported CWE list for Vulnerability Resolution (merge request) GitLab Enterprise Edition
- Reorder routable token's base-64-payload (merge request)
- Container registry cleanup policies: Migrate to Crud (merge request)
- Allow vertex embeddings model to be passed in (merge request) GitLab Enterprise Edition
- Update project runners update page (merge request)
- Improve policy bot message for pipeline failures (merge request) GitLab Enterprise Edition
- Support dynamic predefined question prompts on Duo Chat (merge request) GitLab Enterprise Edition
- Allow shift key in sidebar shortcut (merge request)
- Remove resolve_vulnerability_with_ai flag (merge request) GitLab Enterprise Edition
- Remove incorrect docs link shown for push rule file size limit (merge request) GitLab Enterprise Edition
- Remove SafelyChangeColumnDefault concern from topics (merge request)
- Organization switcher: Decrease spacing (merge request)
- Only show convert_to_ticket quick action when Service Desk enabled (merge request)
- Update Q settings link to Amazon Q console to create profile by @katwal (merge request) GitLab Enterprise Edition
- Fix alert icon size by @yonghyun.jin13 (merge request)
- Wrap multiline selection to collapsible section by @Bubbis (merge request)
- Enabled exclude_license_packages feature flag (merge request) GitLab Enterprise Edition
- Remove docker hub alert (merge request)
- Add Prometheus histogram for scheduled pipeline execution scheduling (merge request) GitLab Enterprise Edition
- ActiveContext: add query to get all results (merge request)
- Convert hover overlay text to focus interaction (merge request)
Deprecated (1 change)
- Ignore project_fingerprint and removed usages (merge request) GitLab Enterprise Edition
Removed (35 changes)
- Delete the
zoekt_index_circuit_breaker feature flag (merge request)
- Remove Twitter identities (merge request)
- Disable Limit CI_JOB_TOKEN access scope feature (merge request)
- Drop support for scan_result_policy in backend (merge request) GitLab Enterprise Edition
- Remove feature flag custom_ability_admin_protected_environments (merge request)
- Removes FF mr_show_reports_immediately (merge request)
- Remove work item type old ID fallback (merge request)
- Remove IssuesBulkUpdate mutation (merge request)
- Remove prompt migration feature flags post completion (merge request) GitLab Enterprise Edition
- Remove Pages Project templates (merge request)
- Delete the
zoekt_optimized_performance_indexing feature flag (merge request)
- Remove project limit from the dependency list (merge request) GitLab Enterprise Edition
- Remove deprecated Terraform CI/CD templates (merge request)
- Disable Limit CI_JOB_TOKEN access scope feature (merge request)
- Cleans up code_suggestions_include_context_imports ff (merge request)
- Remove Usage model references from create service (merge request)
- Remove the references of trigger_request (merge request)
- Delete the
elastic_migration_worker feature flag (merge request)
- Remove deprecated Geo VerificationWorker by @karras (merge request) GitLab Enterprise Edition
- Remove GraphQL Namespace addOnPurchase Field (merge request) GitLab Enterprise Edition
- Remove the tmp index for p_ci_builds.trigger_request_id (merge request)
- Remove GraphQL addOnPurchase Query (merge request) GitLab Enterprise Edition
- Merge
more_commits_from_gitaly FF into commits_from_gitaly (merge request)
- Remove feature flag cloud_connector_new_token_impl (merge request) GitLab Enterprise Edition
- Remove feature flag ci_only_one_persistent_ref_creation (merge request)
- Remove custom scan action from policy schema (merge request) GitLab Enterprise Edition
- Remove ff ci_read_trigger_from_ci_pipeline (merge request)
- Mark the migration as obsolete (merge request) GitLab Enterprise Edition
- Clean up ai_duo_chat_switch feature flag by @aryandutt (merge request)
- Remove unused #wiki_page_version_author_avatar (merge request)
- Remove GraphQL
name field in CiMinutesProjectMonthlyUsage (merge request) GitLab Enterprise Edition
- Remove GraphQL
STORAGE enum in NamespaceProjectSortEnum (merge request) GitLab Enterprise Edition
- Remove secret_checks_for_web_requests FF (merge request)
- Remove project from the group settings sidebar menu (merge request)
- Remove duo redirct banners from general settings (merge request)
Security (7 changes)
- Improve Octokit::ResponseValidation middleware and add rate limits
- Remove id attribute from OAuth form
- Use IssuePolicy for #issues_readable_by_user
- Security unauthorized access to reading branch names (merge request)
- Add SecureHeaders middleware with the Nel header (merge request)
- Restrict forwarded headers in Maven dependency proxy (merge request)
- Simplify detecting paragraphs for quick actions (merge request)
Performance (11 changes)
- Delete environments in batches to fix project.destroy! timeout (merge request)
- Use bulk_perform to trigger security policy sync (merge request) GitLab Enterprise Edition
- Optimize issues banned users query (merge request)
- Delete commit status in batches (merge request)
- Drop web_hook_logs table (merge request)
- Prevent timeout in cancel pipeline query during project deletion (merge request)
- Clean up group_microsoft_applications_table FF (merge request) GitLab Enterprise Edition
- Enable reindexing FF by default (merge request)
- Use web_hook_logs_daily (merge request)
- Apply InOperatorOptimization to relative_position (merge request)
- Reduce merge request diff batch size for keep-around rake task (merge request)
Other (174 changes)
- Remove duo_code_review_chat feature flag (merge request) GitLab Enterprise Edition
- refactor: Consolidate tests for CheckRuleExistenceService by @gerardo-navarro (merge request)
- Document how to troubleshoot missing files on the Geo primary site by @karras (merge request)
- Regenerate RuboCop TODO files (merge request)
- Return ServiceResponse for Generic::CreatePackageFileService by @gerardo-navarro (merge request)
- Synchronously remove unused index_merge_request_diffs_on_project_id (merge request)
- Remove ai_review_merge_request feature flag (merge request) GitLab Enterprise Edition
- Drop index (expire_at, job_id) from p_ci_job_artifacts (merge request)
- Remove feature flag (merge request)
- Clean up feature flag (merge request) GitLab Enterprise Edition
- Feature flag cleanup (merge request) GitLab Enterprise Edition
- Workhorse: set metrics labels for external URLs (merge request)
- Clean up sum vulnerability count feature flag (merge request) GitLab Enterprise Edition
- Revert MR 187612 until DB query is resolved (merge request)
- Finalize BBM MarkDuplicateMavenPackagesForDestruction (merge request)
- Add sent_notifications.namespace_id column (merge request)
- Disable product usage data for offline license (merge request)
- Change schema for pipeline_variables (merge request)
- Sync translations from crowdin (2025-05-08) (merge request)
- Remove duo_code_review_claude_3_7_sonnet Feature flag (merge request) GitLab Enterprise Edition
- Remove generate_commit_message_claude_3_7 Feature flag (merge request) GitLab Enterprise Edition
- Remove fallback for Current.organization&.id in groups controller (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM BackfillProtectedBranchMergeAccessLevelsProtectedBranchProj (merge request)
- Remove usage of default organization in Certificate (merge request)
- Remove new_milestone_filtering_logic flag and use new behaviour globally (merge request)
- Remove group_vulnerability_scanners_using_statistics FF (merge request) GitLab Enterprise Edition
- Update CI partitioning threshold to 1TB (merge request)
- Copy global push rule to organization push rules (merge request)
- Remove
commit_message_logger feature flag (merge request)
- Add sent_notifications.created_at column (merge request)
- Drop taggings table (merge request)
- Ignore resource_label_event columns (merge request)
- Add migration to set rate limits to zero for self-managed instances (merge request)
- Replace ff with admin setting (merge request)
- Drop siphon_issues.correct_work_item_type_id from CH (merge request)
- Remove correct_work_item_type_id from work item index (merge request) GitLab Enterprise Edition
- Improve Geo post-failover clean up documentation by @karras (merge request)
- Add NOT NULL for sharding key on issue_email_participants (merge request)
- Finalize DeleteOrphanedGroups batched background migration (merge request)
- Add a new cop to prevent explicit calls for enable_lock_retries! (merge request)
- Reindex Elasticsearch note index to update integer with long type (merge request) GitLab Enterprise Edition
- Remove populate_and_use_build_source_table feature flag (merge request)
- Remove ci_enable_live_trace flag (merge request)
- Finalize BBM BackfillIssueLinkIdOnRelatedEpicLinks (merge request)
- Create the temp index for notes project null sync (merge request)
- Backfill DuoCore AddOnPurchase for existing subscription (merge request) GitLab Enterprise Edition
- Run ConcurrencyLimitSampler once per interval (merge request)
- Add and fill resource_iteration_events group (merge request)
- Remove model-level validation for sharding key in issue_assignment_event (merge request)
- Finalize BBM BackfillIssueUserMentionsNamespaceId (merge request)
- Adds todo notification for self-managed enabling duo core features (merge request) GitLab Enterprise Edition
- Finalize migration BackfillGroupWikiRepositoryStatesGroupId (merge request)
- Drop unused indexes from issues table (merge request)
- Quarantine a flaky test (merge request)
- Remove safe navigation operator from Current.organization.id references (merge request)
- Add not NULL constraint to fork_networks (merge request)
- Upgrade Jekyll project template (merge request)
- Add NOT NULL constraint on design_management_versions.namespace_id (merge request)
- Adds todo notification for self-managed enabling duo core features (merge request) GitLab Enterprise Edition
- Truncate p_ci_build_trace_metadata partition 102 on .com (merge request)
- Change plan card styling for trial billing page (merge request) GitLab Enterprise Edition
- Make pipeline cleanup limits configurable (merge request)
- Finalize migration BackfillPipelineExecutionPoliciesConfigLinks (merge request)
- Finalize BBM BackfillIssueEmailsNamespaceId (merge request)
- Step-up auth: Use NamespacedSessionStore for accessing session data by @gerardo-navarro (merge request)
- Drop ci_runner_machines_archived table (merge request)
- Add FF switch to fetch contributions data from new CH tables (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Include ability checks for advanced vulnerability management using ES (merge request) GitLab Enterprise Edition
- Validate NOT NULL constraint on ci_build_needs.project_id (merge request)
- Add a new POST heartbeat endpoint (merge request) GitLab Enterprise Edition
- Streamline Project#archived? to hide deletion-related logic (merge request)
- Set search_uses_match_queries as default true (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize the finish onboarding for group saml backfill (merge request)
- Remove FF hide_merge_requests_from_banned_users (merge request) GitLab Enterprise Edition
- Improve custom template logging (merge request) GitLab Enterprise Edition
- Change ai_troubleshoot_job_events foreign key (merge request)
- Ignore blank values in policy field comparison (merge request) GitLab Enterprise Edition
- Drop ci_runners_archived table (merge request)
- Add not-null constraint check for non-extensions settings (merge request)
- Sync translations from crowdin (2025-04-25) (merge request)
- Reindex Elasticsearch work items to update integer with long type (merge request) GitLab Enterprise Edition
- Remove p_ci_builds_metadata.runtime_runner_features column (merge request)
- Add the retry rollout logic for failed namespaces (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-04-24) (merge request)
- Mark 20250113152652 as obsolete (merge request) GitLab Enterprise Edition
- Sync rules from read model on default branch change (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch merge request to update integer with long type (merge request) GitLab Enterprise Edition
- refactor: Avoid escaping characters in error message in package overview by @gerardo-navarro (merge request)
- Add NOT NULL for sharding key on issue_assignment_events (merge request)
- Set zoekt_critical_watermark_stop_indexing as default_enabled true (merge request) GitLab Enterprise Edition
- Mark 20241204115350 as obsolete (merge request) GitLab Enterprise Edition
- Remove mentions to enable_lock_retries! from docs (merge request)
- Conditionally show first name and last name fields on in-app trials (merge request) GitLab Enterprise Edition
- Lower retries for audit events worker to 3 (merge request) GitLab Enterprise Edition
- Drop redundant indexes on the issues table (merge request)
- Mark 20250203130827 as obsolete (merge request) GitLab Enterprise Edition
- Remove hide_snippets_of_banned_users feature flag (merge request)
- Finalize BBM BackfillPCiPipelineVariablesFromCiTriggerRequests (merge request)
- Add
canLeave user permission field for the Groups GQL query (merge request)
- Remove vscode_web_ide feature flag (merge request)
- Finalize settings context hash backfill (merge request)
- Add NOT NULL for sharding key on dast_site_profiles_builds (merge request)
- Add & backfill sharding keys for protected_branch_push_access_levels (merge request)
- Mark 20250203213829 as obsolete (merge request) GitLab Enterprise Edition
- Remove safe navigators (merge request)
- Mark 20241107131942 as obsolete (merge request) GitLab Enterprise Edition
- Refactor and breakdown SyncProjectApprovalPolicyRulesService (merge request) GitLab Enterprise Edition
- Mark 20250204111501 as obsolete (merge request) GitLab Enterprise Edition
- Finalize BackfillPartitionedWebHookLogsDaily (merge request)
- Finalize BBM BackfillPCiPipelinesTriggerId (merge request)
- Add migration to remove the jobs of a deprecated worker (merge request) GitLab Enterprise Edition
- Remove custom_fields_feature feature flag (merge request)
- Remove redundant index from job artifacts (merge request)
- Remove deprecated ElasticCommitIndexerWorker (merge request) GitLab Enterprise Edition
- Include EncryptedAttribute in non-owned files (merge request)
- Protected containers: Repository push protection for deploy token by @gerardo-navarro (merge request)
- Allow null values for namespace_id column in compliance adherence table (merge request)
- Quarantine a flaky test (merge request)
- Finalize BBM BackfillIssueEmailParticipantsNamespaceId (merge request)
- Regenerate RuboCop TODO files (merge request)
- Mark 20241107144941 as obsolete (merge request) GitLab Enterprise Edition
- Remove hidden_notes feature flag (merge request)
- Add documentation for approving an MR directly after creation/push (merge request)
- Optimize and requeue redirect_routes namespace_id backfill (merge request)
- Move custom emoji path logic to widget model (merge request)
- Remove unused default_organization initialization from spec (merge request)
- Fix timestamp inconsistency for AI events in CH (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-04-17) (merge request)
- Finalize migration BulkImportTrackers (merge request)
- Delete orphaned ci_runner_machines records on self-managed (merge request)
- Finalize BBM BackfillIssueAssignmentEventsNamespaceId (merge request)
- Add migration to remove the jobs of a deprecated worker (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-04-16) (merge request)
- Swap stage with stage_id column in ci_finished_builds ClickHouse table by @karras (merge request) GitLab Enterprise Edition
- Add NOT NULL for sharding key on container_repository_states (merge request)
- Recreate new code_suggestion_events storage in CH (merge request)
- Remove feature flag group_deletion_notification_email (merge request)
- Remove the check_path_traversal_middleware_reject_requests feature flag (merge request)
- Finalize fork_networks organization_id backfill (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Async remove unused index from ci_job_artifacts (merge request)
- Drop unused notes.attachment column (merge request)
- Removed member_promotion_management feature flag (merge request)
- Add and fill resource_iteration_events group (merge request)
- test: Improve readability of test by applying table syntax by @gerardo-navarro (merge request)
- Document replicator and GitLab component names in Geo glossary by @karras (merge request)
- Validate NOT NULL constraint on packages_npm_metadata.project_id (merge request)
- Regenerate RuboCop TODO files (merge request)
- Drop credentials columns from virtual registries maven upstreams (merge request)
- Finalize FixBadShardingKeyIdOnProjectCiRunners migration (merge request)
- Add NOT NULL on ci_resources.project_id (merge request)
- Optimize re-enqueue the RolloutWorker (merge request) GitLab Enterprise Edition
- Clean up branch_rule_squash_settings feature flag (merge request)
- Drop package registry application settings individual columns (merge request)
- Remove approval_policies_pipelines_limit feature flag (merge request) GitLab Enterprise Edition
- Step-up auth: Add feature tests for step-up auth scenarios by @gerardo-navarro (merge request)
- Add approval_policy_rule association to ScanResultPolicyRead (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Rename notification for being added as approver (merge request)
- Remove redundant partition index from job artifacts (merge request)
- Add step to disable automated PostgreSQL upgrades in Geo setup docs by @karras (merge request)
- Remove service_accounts_crud feature flag (merge request)
- Add NOT NULL for sharding key on packages_nuget_metadata (merge request)
- Fix RSpec/RedundantAround offenses by @JonstonChan (merge request)
- Finalize migration BackfillIssuableSeveritiesNamespaceId (merge request)
- Sync translations from crowdin (2025-04-09) (merge request)
- Increase severity for logging blob downloads in Geo to warning by @karras (merge request) GitLab Enterprise Edition
- Finalize migration BackfillContainerRepositoryStatesProjectId (merge request)
- Finalize migration BackfillPackagesRpmMetadataProjectId (merge request)
17.11.6 (2025-07-09)
Fixed (3 changes)
- Fix incorrect redirect when branch doesn't include files
- Fix incompatible Rails cache version from 7.1 to 6.1
- Fix code owner validation for roles GitLab Enterprise Edition
Security (4 changes)
- Revert "Merge branch..." from 17.11 (merge request)
- Fix XSS via blob rich viewer (merge request)
- Fix CI ID Token claims for forked project MR jobs (merge request)
- Prevent linking fork if target group disallows external forks (merge request)
17.11.5 (2025-06-24)
Changed (2 changes)
- Revert "Merge branch 'backport-bugfix-restrict-LFS-download--17-11' into '17-11-stable-ee'"
- Restrict LFS file download to project-bound objects
Security (5 changes)
- Fix guest permissions for incident hierarchy updates (merge request)
- Fix the validation logic for IDP Certificate Fingerprint (merge request)
- Checking if framework and project have same namespace (merge request)
- Fix incorrect role grant after a user access_request (merge request)
- Prevent anonymous users from creating uploads (merge request)
17.11.4 (2025-06-11)
Fixed (2 changes)
- Fix gitpod button is missing in the edit dropdown
- Attempt to migrate ci_runner_taggings table (try 2)
Security (8 changes)
- Protect webhook from excessive payload lengths (merge request)
- Endless Redirect Loop in any project when query param "format" is "git" (merge request)
- Backport for "Add validation for board name length" to 17-11-stable (merge request)
- Fix # #1329 - IDOR in compliance framework export endpoint (merge request)
- security: Git redirection inconsistency (merge request)
- Fix XSS with CSP bypass in JSON tables (merge request)
- Limit HTTP response size (merge request)
- Fix authorization for compliance frameworks projects (merge request)
17.11.3 (2025-05-21)
Fixed (1 change)
- Merge branch 'bwill/fix-auto-resolve-misalignment' into 'master' GitLab Enterprise Edition
Changed (2 changes)
- Add outbound allowlist to allowed endpoints for SSRF filter GitLab Enterprise Edition
- Add backport to fix shortSHA uniqueness
Security (9 changes)
- Use CI::VariableValue in BasicEntity to prevent exposing hidden values in collapsible UI element (merge request)
- Show full path of project in create MR dropdown (merge request)
- Security 479168 discord zip vulnerability (merge request)
- Limit length of certificate cluster text fields (merge request)
- Check rate limit for over-sized blobs (merge request)
- Added size constraint validation to notes position fields (merge request)
- Obfuscate emails in note.bodyFirstLineHtml (merge request)
- Need to update 2fa requirement after accepting request (merge request)
- Ensure SAML authn context comes from signed portion of SAML response (merge request)
Other (1 change)
17.11.2 (2025-05-07)
Fixed (3 changes)
- Bump devfile gem to v0.4.3
- Only check records with encrypted data in gitlab:doctor:encryption_keys
- Fix MR diffs endpoint to respond with pagination headers
Changed (1 change)
Security (3 changes)
- Improve Octokit::ResponseValidation middleware and add rate limits (merge request)
- Remove id attribute from OAuth form (merge request)
- Use IssuePolicy for #issues_readable_by_user (merge request)
17.11.1 (2025-04-22)
Fixed (1 change)
Changed (1 change)
Security (4 changes)
- Add SecureHeaders middleware with the Nel header (merge request)
- Restrict forwarded headers in Maven dependency proxy (merge request)
- Security unauthorized access to reading branch names (merge request)
- Simplify detecting paragraphs for quick actions (merge request)
17.11.0 (2025-04-16)
Added (211 changes)
- Requeue batched background migration (merge request)
- Add workflow settings (merge request) GitLab Enterprise Edition
- Changes to record the users who cannot be deleted (merge request)
- Release Pipeline Inputs and add more details in docs (merge request)
- Add metric to determine how many instances configured ClickHouse (merge request)
- Add support for variable for pages.expire_in (merge request)
- Implement Root Cause Analysis Hotspot experiment (merge request) GitLab Enterprise Edition
- Add Frontend support for finding_token_status (merge request) GitLab Enterprise Edition
- Introduce custom status and lifecycle (merge request)
- Release duo_chat_multi_thread to self-managed (merge request) GitLab Enterprise Edition
- Destroying control statuses on project framework disassociation (merge request) GitLab Enterprise Edition
- Add new column to
project_settings table (merge request)
- Project runner settings: Add new FF for new Vue variant (Part 2) (merge request)
- Enabling enable_stale_compliance_status_removal by default (merge request) GitLab Enterprise Edition
- Enabling enable_standards_adherence_dashboard_v2 by default (merge request) GitLab Enterprise Edition
- Trigger AI events backfill on instance setting change (merge request) GitLab Enterprise Edition
- Add show only selected projects toggle (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Enabling evaluate_compliance_controls by default (merge request) GitLab Enterprise Edition
- Add status widget to the sidebar of tasks (merge request)
- Enable FF code_suggestions_include_context_imports by default (merge request) GitLab Enterprise Edition
- Enable Fireworks/Codestral by default for code completion (merge request) GitLab Enterprise Edition
- Evaluating external controls for a project (merge request) GitLab Enterprise Edition
- Add Internal Inventory checks (merge request) GitLab Enterprise Edition
- Add additional pipelines usage information (merge request) GitLab Enterprise Edition
- Fix editing requirements with external controls (merge request) GitLab Enterprise Edition
- Fix reference style links after quick actions in RTE (merge request)
- Update table_size database dictionary entries (merge request)
- Add Duo nano support to new namespace provision API endpoint (merge request) GitLab Enterprise Edition
- Add instance AI setting to enable or disable Duo Nano features (merge request) GitLab Enterprise Edition
- Add a settings dropdown to GLQL views (merge request)
- Expose
newCustomEmojiPath on WorkItemWidgetAwardEmoji (merge request)
- Add policy for deleting registry tag rules (merge request)
- Adding MemberApprovalEvent data builder (merge request) GitLab Enterprise Edition
- Add catalog column to CloudConnectorAccess (merge request)
- Add warning icon and alert for scheduled rules (merge request) GitLab Enterprise Edition
- Migration to add duo_nano_features_enabled column (merge request) GitLab Enterprise Edition
- Protected containers: Minimum access level delete in project setting UI by @gerardo-navarro (merge request)
- Add before_validation :update_project_id (merge request)
- Step-up auth: Add omniauth step-up auth for admin mode by @gerardo-navarro (merge request)
- Add SOC2 compliance requirement controls (merge request) GitLab Enterprise Edition
- Add copy control ID button to framework info drawer (merge request) GitLab Enterprise Edition
- Add filter for placeholder to users module (merge request)
- Add user_profile_visibility_updated audit event (merge request) GitLab Enterprise Edition
- Pipline Graph: Group failed jobs on top of stage (merge request)
- Introduce application settings for pipeline execution policy limits (merge request) GitLab Enterprise Edition
- Extend Duo Health check with Amazon Q probes (merge request) GitLab Enterprise Edition
- Create organization_push_rules table (merge request) GitLab Enterprise Edition
- Fix bug edit framework without projects modified (merge request) GitLab Enterprise Edition
- Initial commit to create vulnerabilities ES Index (merge request) GitLab Enterprise Edition
- Default-enable prevent token-prefixed fallback for sessionless (merge request)
- ActiveContext: redact unauthorized results (merge request)
- Add Duo Nano support to provision API and service for GitLab.com (merge request) GitLab Enterprise Edition
- GraphQL: Expose CiRunner.creationState (merge request)
- Create runner form: Add new FF for new form (merge request)
- Add project pagination to the update framework page (merge request) GitLab Enterprise Edition
- Make reindexing settings configurable (merge request)
- Increased the limit on description (merge request) GitLab Enterprise Edition
- Destroying requirement statuses on project framework disassociation (merge request) GitLab Enterprise Edition
- Change behaviour of control update service (merge request) GitLab Enterprise Edition
- Refresh requirement statuses on control deletion (merge request) GitLab Enterprise Edition
- Check policy when evaluating control (merge request) GitLab Enterprise Edition
- Add counts.user_with_nil_external_attribute metric (merge request)
- Add instance setting to enable or disable Duo Nano features (merge request) GitLab Enterprise Edition
- Add fluidWidth prop to entity_select and group_select (merge request)
- Add filter for placeholder to users module (merge request)
- Enable policy_mergability_check by default (merge request) GitLab Enterprise Edition
- Update duo pro seat assignment email (merge request) GitLab Enterprise Edition
- UI for JSON Import Service (merge request) GitLab Enterprise Edition
- Add Backend Support for finding_token_status (merge request) GitLab Enterprise Edition
- Add projects to the ComplianceFrameworkFilterInputType graphql type (merge request) GitLab Enterprise Edition
- Geo: Enable observability ui feature flags (merge request) GitLab Enterprise Edition
- Groups sort by name, id, path (merge request)
- Create group_push_rule table (merge request) GitLab Enterprise Edition
- Remove
cyclonedx_dependency_list_export feature flag (merge request) GitLab Enterprise Edition
- Add analytics for CycloneDX exports (merge request) GitLab Enterprise Edition
- Implement new adherence report drawer (merge request) GitLab Enterprise Edition
- Token prefixes: Add support for deploy tokens by @nwittstruck (merge request)
- Release the routable tokens feature (merge request)
- ActiveContext: embeddings for documents (merge request)
- Apply Framework to Projects Services (merge request) GitLab Enterprise Edition
- Added analyzer_namespace_statuses table (merge request)
- Create index on merge_request_diff_files.project_id (merge request)
- Add reverse_issuer_* formats for LDAP Smart Card Authentication (merge request) GitLab Enterprise Edition
- Implement filtering in new adherence report (merge request) GitLab Enterprise Edition
- Adds seat_type enum to seat_assignments (merge request) GitLab Enterprise Edition
- Create system notes when custom field is changed or removed (merge request) GitLab Enterprise Edition
- Added new error page for zoekt multi-match (merge request)
- Log CloudFlare-reported leaked creds on sign-ins (merge request) GitLab Enterprise Edition
- ActiveContext concern to track on ActiveRecord callbacks (merge request)
- Add Duo Nano support to provision API and service for GitLab.com (merge request) GitLab Enterprise Edition
- Release Duo seat assignment TODO notificiation (merge request) GitLab Enterprise Edition
- Add date based expiration to Issue WIT feedback badge (merge request)
- Add limit to creating requirements in UI (merge request) GitLab Enterprise Edition
- Add system note when a vulnerability is redetected by @onasser (merge request) GitLab Enterprise Edition
- Implement pagination in new adherence report (merge request) GitLab Enterprise Edition
- Added requirement status column to control status (merge request) GitLab Enterprise Edition
- Add Duo Nano support to provision API and service for GitLab.com (merge request) GitLab Enterprise Edition
- Enable Snowplow batching (merge request)
- Add read model support for package filtering (merge request) GitLab Enterprise Edition
- Add pages/Nuxt project template (merge request)
- Updating and creating requirement status (merge request) GitLab Enterprise Edition
- Release protected maven packages feature (merge request)
- Remove vsd visualizations feature flag (merge request) GitLab Enterprise Edition
- Implement
PATCH /Groups/:id SCIM endpoint for self-managed (merge request) GitLab Enterprise Edition
- Show only linked items in unlink quick action suggestions (merge request)
- Implement basic version of new adherence report (merge request) GitLab Enterprise Edition
- Add GET /personal_access_tokens to service_accounts API (merge request) GitLab Enterprise Edition
- Feat: Add checkbox for group level setting AmazonQ (merge request) GitLab Enterprise Edition
- Release group custom service account email (merge request) GitLab Enterprise Edition
- Added validations on associations for control status (merge request) GitLab Enterprise Edition
- Add top-align to the trash icon in the requirement modal (merge request) GitLab Enterprise Edition
- Improve compliance control development flow (merge request) GitLab Enterprise Edition
- Update table_size database dictionary entries (merge request)
- Expose
aboutToBeArchived information for vulnerabilities on GraphQL (merge request) GitLab Enterprise Edition
- Support getting predominant worker from pg_stat (merge request)
- DB change to add member_approvals_event column (merge request)
- Allow owners to revoke service account tokens (merge request) GitLab Enterprise Edition
- ActiveContext PostgreSQL processor for queries (merge request)
- Add missing prompt versions for tools (merge request) GitLab Enterprise Edition
- Added analyzer_project_statuses table (merge request) GitLab Enterprise Edition
- Protected packages: Add minimumAccessLevelForDelete in proj. settings UI by @gerardo-navarro (merge request)
- Add create MR to work item branch (merge request)
- Add immutable field to access level interface (merge request)
- Add summarize_new_merge_request tool (merge request)
- Project runner settings: Add new FF for new Vue variant (merge request)
- Add tables and models to store SBoM dependency graphs (merge request) GitLab Enterprise Edition
- Release the track_repository_xray_in_ci FF (merge request) GitLab Enterprise Edition
- Add sort by path to group projects (merge request)
- Add cylonedx export parameter (merge request) GitLab Enterprise Edition
- Add lastComment presenter for GLQL (merge request)
- Save namespace_path to CH when provided for AI usage events (merge request) GitLab Enterprise Edition
- Add duo workflow checkpoint endpoint (merge request) GitLab Enterprise Edition
- Add DB metric for external audit streams (merge request) GitLab Enterprise Edition
- UI and docuemtation changes for the virtual registry scopes (merge request)
- Add
group_wikis_routes_view database view (merge request)
- Add ClickHouse configuration settings to CE (merge request)
- Add page size selector to packages list page (merge request)
- Add merge_request_title_regex to project setting (merge request)
- Add tracking for dependency exports (merge request) GitLab Enterprise Edition
- Added a new vulnerability_namespace_statistics table (merge request)
- Adds organization_id to seat_assignments table (merge request)
- Add sort actions to all columns in Storage view in Usage quotas by @nwittstruck (merge request)
- Readds tooltips to icons in dev widget (merge request)
- Add sort actions to all columns in Storage view in Usage quotas by @nwittstruck (merge request)
- Create basic Ai::TroubleshootJobEvent model (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Admin Token API: Revoke GitLab Session by @nwittstruck (merge request)
- Notify users if famework export was truncated (merge request) GitLab Enterprise Edition
- Add shared_namespace column to workspaces_agent_configs (merge request) GitLab Enterprise Edition
- Adding framework namespace validation in requirement model (merge request) GitLab Enterprise Edition
- Add editPath to GraphQL for Compliance Frameworks (merge request) GitLab Enterprise Edition
- Add subscribed, due, and updated filters to work items list (merge request)
- Connect audit event streams from new tables (merge request) GitLab Enterprise Edition
- Add fix button for Amazon Q quick actions by @jlosito (merge request) GitLab Enterprise Edition
- Added a new vulnerability_namespace_statistics table (merge request)
- Add help icon for array types (merge request)
- Add endpoint to batch delete todos records (merge request)
- Feat: Amazon Q code review button (merge request) GitLab Enterprise Edition
- Protected packages: Add minimum_access_level_for_delete to REST API by @gerardo-navarro (merge request)
- Expose contacts_available field for work item CRM contacts widget (merge request)
- Audit environment_scope changes (merge request) GitLab Enterprise Edition
- RequestAccess for non-billable users (merge request) GitLab Enterprise Edition
- Redirect
/-/u/:id to user page (merge request)
- Add
project_snippets_view database view (merge request)
- Support new access token sorting options in the UI (merge request)
- Add
personal_snippets_view database view (merge request)
- List project control statuses for a requirement (merge request) GitLab Enterprise Edition
- Add a new licenses violation checker for package exclusions (merge request) GitLab Enterprise Edition
- Adds additional context for self-hosted generation (merge request)
- Implement cronjob to archive vulnerabilities periodically (merge request) GitLab Enterprise Edition
- Remove the
add_policies_to_ci_job_token feature flag (merge request)
- Json Import Service for Compliance Frameworks (merge request) GitLab Enterprise Edition
- Add Geo rake task for checking tracking DB after promotion by @karras (merge request) GitLab Enterprise Edition
- Implement
GET /Groups SCIM endpoint for self-managed (merge request) GitLab Enterprise Edition
- Add component field to GraphQL (merge request) GitLab Enterprise Edition
- Add ancestor type to GraphQL (merge request) GitLab Enterprise Edition
- Add API endpoint to revoke PATs for service accounts (merge request)
- Add sidebar shortcut, event tracking (merge request)
- Export adherence project statuses report (merge request) GitLab Enterprise Edition
- Show job source in job details (merge request)
- Add jobs filter by source (merge request) GitLab Enterprise Edition
- Added filtering for project requirement compliance statuses (merge request) GitLab Enterprise Edition
- Add negated filter for component versions (merge request) GitLab Enterprise Edition
- Make field connection type so that we can use pagination (merge request) GitLab Enterprise Edition
- Add migration issue form (merge request)
- Adds duo workflow to ai_settings (merge request) GitLab Enterprise Edition
- Update controls in requirement update mutation (merge request) GitLab Enterprise Edition
- Add count.admins metric (merge request)
- Enable extension marketplace by default by @pslaughter (merge request)
- Introduce retention policy alert (merge request) GitLab Enterprise Edition
- Create partitioned table for uploads (merge request)
- Add inputs banner to pipeline editor (merge request)
- Resolve vulnerability using Claude 3.7 Sonnet prompt version (merge request) GitLab Enterprise Edition
- Add version filtering in project level controller (merge request) GitLab Enterprise Edition
- ActiveContext migration worker (merge request)
- Add inputs to PipelineScheduleUpdate mutation (merge request)
- Add CI/CD job token policies switch (merge request)
- Remove preload_member_roles from projects resolvers (merge request) GitLab Enterprise Edition
- Add support for organization-wide agent CI authorization (merge request)
- Add pipeline inputs to pipeline schedule (merge request)
- Update ci schema to support inputs (merge request)
- Add
organization_id code logic to fork_networks (merge request)
- Support sorting params in List package files endpoint (merge request)
- Allow users to input docker hub credentials (merge request)
- Add notes field to notes work item widget type (merge request)
- Optimize offsets on Group/Project audit events API (merge request) GitLab Enterprise Edition
- Add Import usage tab to group usage quotas (merge request)
- Add rotate and admin_token_api events with namespace metrics (merge request)
- Add GraphQL mutation to delete custom admin roles (merge request) GitLab Enterprise Edition
- Add the ability filter by versions (merge request) GitLab Enterprise Edition
Fixed (132 changes)
- Update signatures also for gpg key fingerprints by @filipmoc (merge request)
- Clear session cookie when browser is closed (merge request)
- Fix CI inputs conversion (merge request)
- Zoekt: Fix last_rollout_failed_at usage (merge request) GitLab Enterprise Edition
- Set the MR to unchecked when updating target branch (merge request)
- Fix 500 in Todo API when wiki page todo exists (merge request)
- Create progress note for DCR and handle errors better (merge request) GitLab Enterprise Edition
- Fix filtering pipelines by merge request branch name (merge request)
- Enforce scrollbar on body (merge request)
- Fix how title changed system notes rendered (merge request)
- Fixed access level statement inviting members to a project or group by @zillemarco (merge request)
- Safari-specific container query fixes for work items (merge request)
- Hide unsupported WI relationship types on free tier (merge request)
- Check block seat overages during group access request approval (merge request) GitLab Enterprise Edition
- Fix bug when secrets provider URL given in dotenv (merge request) GitLab Enterprise Edition
- Include reserved refs in pipeline branch searches (merge request)
- Preserve ReAct steps in Duo Chat history (merge request) GitLab Enterprise Edition
- Add project to work item MRs (merge request)
- Show current namespace name in create work item form (merge request)
- Fix license widget classification (merge request) GitLab Enterprise Edition
- Ensure scan execution policy respects skip_ci for scheduled scans (merge request) GitLab Enterprise Edition
- Return the empty result of project is not available for zoekt search (merge request) GitLab Enterprise Edition
- Use case-insensitive comparison for commit SHAs (merge request)
- Handle errors when smartcard user not found on LDAP server (merge request) GitLab Enterprise Edition
- Disable filter shortcut on file browser (merge request)
- Stop throwing exceptions when the discussion diff is broken (merge request)
- Support
type param on new incidents page for Work Items (merge request)
- Show current work item assignees for
/unassign (merge request)
- Move notification trigger to list item (merge request)
- Fix removal of policies which have reached limits (merge request) GitLab Enterprise Edition
- Prevent invalid tokens from falling back to Git password auth (merge request)
- Use cached values of Ci::Runner#creation_state (merge request)
- Fix ActiveRecord::QueryCanceled in RelatedPipelinesFinder (merge request) GitLab Enterprise Edition
- Fix broken regex in flaky tests for funnels (merge request) GitLab Enterprise Edition
- Allow empty code suggestion in RTE (merge request)
- Fix setCurrentDiffFileIdFromNote not returning Promise (merge request)
- Take a more declarative/dependency injection path for trial alert (merge request) GitLab Enterprise Edition
- Use a more universal selector for initQuickSubmit (merge request)
- Override restrict_user_defined_variables (merge request)
- Fix SCIM group sync when externalId is missing (merge request) GitLab Enterprise Edition
- Fix loading reference error in YAML editor (merge request) GitLab Enterprise Edition
- Fix ProjectsRelationBuilder to preload member roles for projects API (merge request)
- Fix the GitLab import button on the user registration process (merge request) GitLab Enterprise Edition
- Ensure files are deleted from storage alongside dependency list exports (merge request) GitLab Enterprise Edition
- Update approval_project_rule name validation to include approval policy (merge request) GitLab Enterprise Edition
- Fix string interpolation in MR discussion filter (merge request)
- Fix bug in remember_me_available? helper (merge request)
- Bulk indexing cron workers should respect pause setting (merge request) GitLab Enterprise Edition
- Do not try to access root ancestor if project is not under a group (merge request) GitLab Enterprise Edition
- Pluralize bulk_import_csv mailer text (merge request)
- Fix behavior of merged MR widget (merge request)
- Fix Duo Code Review failures when SAML SSO is enabled (merge request) GitLab Enterprise Edition
- Fix N+1 queries in Linked Items widget (merge request) GitLab Enterprise Edition
- Fix NoMethodError in IdentityVerifable (merge request) GitLab Enterprise Edition
- Update mr widget to consider cyclonedx artifacts (merge request) GitLab Enterprise Edition
- Properly fetch assigned Duo users for self-managed instances (merge request) GitLab Enterprise Edition
- Add line type to Duo Code Review input and handle chunk headers (merge request) GitLab Enterprise Edition
- Fix ANSI color parsing and add specs (merge request)
- Fix 2 flaky tests (merge request)
- Prevent negative number entry in CI/CD admin limit inputs (merge request)
- Support AWS assume roles in Advanced search (merge request) GitLab Enterprise Edition
- Fix accessibility of pipeline labels (merge request)
- Fix troubleshoot_job policy (merge request) GitLab Enterprise Edition
- Fix 'Connect a cluster' button at group level (merge request)
- Pre-authorize work items children field (merge request)
- Increase max packages limit for bulk destroy mutation (merge request)
- Fix: Omit null fields in CycloneDX export (merge request)
- Optimize SAML SSO session filtering in GroupsFinder (merge request) GitLab Enterprise Edition
- Fix encoding for patch and diff responses (merge request)
- Remove wrongly displayed line for Free Namespaces (merge request) GitLab Enterprise Edition
- Delete duplicate CI taggings in gitlab:db:deduplicate_tags (merge request)
- Move group.cluster_agents field to CE (merge request) GitLab Enterprise Edition
- Fix auditing when same status is updated (merge request) GitLab Enterprise Edition
- Fix pipelines mini graph separator (merge request)
- Work item due dates ce and ee version (merge request) GitLab Enterprise Edition
- Avoid possible project authorization race condtions on project create (merge request)
- Add job source options (merge request) GitLab Enterprise Edition
- Update style of top bar search and fix a11y concern (merge request)
- Allow user to use keyboard to access pipeline job status tags (merge request)
- Normalize pm_affected_packages package_name (merge request)
- Return merge request count for non hidden users only by @dagaranupam (merge request)
- Ensure runner taggings are copied from taggings (merge request)
- Drop unwanted sequence on foreign key project_id (merge request)
- Adjust work item create loading top margin (merge request)
- Fix free push limit on non-saas (merge request)
- Fix invalid pipelines for scan execution policies (merge request) GitLab Enterprise Edition
- Send lowercase Cloud Connector HTTP headers (merge request) GitLab Enterprise Edition
- Mark License Usage Banner as Dismissable After API Export (merge request) GitLab Enterprise Edition
- Ensure new epic route has a title (merge request) GitLab Enterprise Edition
- Fix analytics dashboard editor confirm prompt (merge request) GitLab Enterprise Edition
- Configure first day of week according to user preferences (merge request)
- Apply group/project access token rotation logic to project_bot only (merge request)
- Apply labels from quick actions and widget sidebar (merge request)
- Remove the rebase_sha != newrev check (merge request) GitLab Enterprise Edition
- Ensure current user is first to appear in assignee list if assigned (merge request)
- Fix missing autocompletes for work item comments (merge request)
- Reset pagination when changing todos filters (merge request)
- Remove unknown license insertion (merge request) GitLab Enterprise Edition
- Init conversion of terraform modules metadata semver to bigint (merge request)
- Correctly set archive for the archived records (merge request) GitLab Enterprise Edition
- Fix handling of HTTP 500 errors in Geo GraphQL API by @karras (merge request) GitLab Enterprise Edition
- Fix handling for current controls (merge request) GitLab Enterprise Edition
- Retain existing page params while using design version dropdown (merge request)
- Use semantic h3 for subscription table row title (merge request) GitLab Enterprise Edition
- Fix drag handles on work items loaded outside issue view (merge request)
- Send only required fields to protected environment (merge request)
- Fix partitioned uploads table FK on projects (merge request)
- Return success when pending promotions fails if user is billable (merge request) GitLab Enterprise Edition
- Fix notification settings for Epic notifications (merge request) GitLab Enterprise Edition
- Fix issue when empty plans sorting to of terraform reports widget in MRs by @BageDevimo (merge request)
- Account for design note paths (merge request)
- Replace HTML entities with normal characters (merge request)
- Add pipeline syntax check when publish and pages.publish both specified (merge request)
- Enables full screen in create work item (merge request)
- Retain drawer params while switching design versions (merge request)
- Truncate name in
namespace_metadata panel (merge request) GitLab Enterprise Edition
- Fix lookup of find_diff_start_pipeline_with_security_reports (merge request) GitLab Enterprise Edition
- Add a11y labels to star, fork, MR and issue links on vue project list (merge request)
- Don't add duplicate emojis to emoji cache (merge request)
- Adjust prompt_version for summarize_new_merge_request (merge request) GitLab Enterprise Edition
- Fix award emoji policy for group-level work items (merge request) GitLab Enterprise Edition
- Fix gitattributes parser to apply patterns to subdirectories (merge request)
- Fix bug in Mutation.ciJobTokenScopeRemoveProject (merge request)
- Fix end date filter in global time tracking report (merge request)
- Ignore pending member in Direct Transfer member pipeline (merge request)
- Avoid unrelated items from affecting finishing onboarding (merge request) GitLab Enterprise Edition
- Removes ordering requirement for funnel sync test (merge request)
- Detect organization_id change to be synced in project callback (merge request)
- Update docs to shoe private incident comments could be public (merge request)
- Use source repository storage for forking process (merge request)
- Tags::CreateService: add a handler for NoRepository exception (merge request)
- Show "Copy to clipboard" button in snippet descriptions by @puxlit (merge request)
Changed (195 changes)
- Display /new command in suggested slash commands (merge request) GitLab Enterprise Edition
- Show correct http error when accessing security policies (merge request) GitLab Enterprise Edition
- Update astro project template and move to pages/astro (merge request)
- Always show new thread when opening Duo Chat (merge request) GitLab Enterprise Edition
- Stores instance ai logging config to database (merge request)
- Remove project_authorizations_update_in_background feature flag by @Taucher2003 (merge request)
- Clarify access to PEP configuration when using $CI_JOB_TOKEN (merge request)
- Remove seat assignment not null constraint (merge request)
- Cleanup feature flags for vulnerability export (merge request)
- ActiveContext: allow ref to define unique identifier (merge request)
- Project runner settings: Simplify group runner crud (merge request)
- Swap ordering of Self-hosted Duo tabs (merge request) GitLab Enterprise Edition
- Remove default value from topics sharding key (merge request)
- Replace FK with LFK on lfs_object_states (merge request)
- Set product_usage_data FF enabled by default (merge request)
- Add modal when importing to personal namespace (merge request)
- Update search bar width and button text (merge request)
- Keep selected labels in the list in the labels selector (merge request)
- Add created and update design events to contribution calendar (merge request)
- Update PAT logic for tokens with expiry beyond 1 year by @guptapratibha26 (merge request)
- Add reachability into vulnerability list (merge request) GitLab Enterprise Edition
- Convert commands to filter in search modal (merge request)
- Update issue popover to include start–due date range (merge request)
- CI/CD Variables: Migrate masked value to dots (merge request)
- Set security_policy_id to compliance_framework_security_policies (merge request) GitLab Enterprise Edition
- Compliance status report style tweaks (merge request) GitLab Enterprise Edition
- Remove small or medium entries from Migration/UpdateLargeTable list (merge request)
- Create new Geo verification state table for Terraform::StateVersion (merge request) GitLab Enterprise Edition
- Fix the placement of rca troubleshoot button (merge request)
- Change sidekiq queueing related duration logic (merge request)
- Project runner page: Migrate to Vue (merge request)
- fix: Updated Amazon Q error message note by @protsivd (merge request) GitLab Enterprise Edition
- Update Code Generation to Claude 3.7 Sonnet (merge request) GitLab Enterprise Edition
- Update compliance status report content (merge request) GitLab Enterprise Edition
- Set vulnerability_report_type_scanner_filter to default enabled (merge request) GitLab Enterprise Edition
- Removes organization_id default value (merge request)
- Implement better rendering of compliance dashboard side drawer (merge request) GitLab Enterprise Edition
- Pipeline header: Migrate to use shared PageHeading component (merge request)
- Default enable generate_commit_message_claude_3_7 (merge request) GitLab Enterprise Edition
- Default enable duo_code_review_claude_3_7_sonnet (merge request) GitLab Enterprise Edition
- Add last_used_at attribute to SSHKey API entity (merge request)
- Add skip ci configuration to default policy (merge request) GitLab Enterprise Edition
- Remove security_policy_bot_worker feature flag (merge request) GitLab Enterprise Edition
- Limit scan execution policy schedule
actions (merge request) GitLab Enterprise Edition
- Map source ghost users to destination ghost users in importers (merge request)
- Runner page: Update assigned projects (merge request)
- Improve the text so that the message is clearer (merge request) GitLab Enterprise Edition
- Add ES filters for vulnerabilities (merge request) GitLab Enterprise Edition
- Compliance style tweaks (merge request) GitLab Enterprise Edition
- Rename main plan to base product in namespace provision API endpoint (merge request) GitLab Enterprise Edition
- Refactor SPP scan prechecks into PreconditionValidator class (merge request)
- Add Live Trace Application Setting (merge request)
- Updates to subscription cards (merge request) GitLab Enterprise Edition
- Update location tooltip in the dependency page (merge request) GitLab Enterprise Edition
- Limit scan execution policy pipeline
actions (merge request) GitLab Enterprise Edition
- Render Markdown in Pipeline Variable descriptions (merge request)
- Add polling to last commit (merge request)
- Expose expected archival date of vulnerability on GraphQL (merge request) GitLab Enterprise Edition
- Refactor error tracking widget to use GraphQL (merge request)
- MR elipsis menu: Add icons (merge request)
- Add pipelines fine-grained permission for job tokens (merge request)
- Remove feature flag on protected tags (merge request)
- Evaluate only for projects assigned to the framework (merge request) GitLab Enterprise Edition
- Log token OAuth application ID when available (merge request)
- Convert array types back to array on emit (merge request)
- Sync removal pages_deployments_deleted_at_index (merge request)
- Update downstream name for multi-project child pipelines (merge request)
- Migrate
.settings-message elements to the Alert component (merge request)
- Update availability of analytics dashboard designer to experiment (merge request) GitLab Enterprise Edition
- Add max actions to scan execution policy (merge request) GitLab Enterprise Edition
- Update to proper tailwind classes (merge request) GitLab Enterprise Edition
- Reset accesslevel to Guest when promotion on a billable role (merge request) GitLab Enterprise Edition
- ActiveContext: add chunk preprocessors (merge request)
- Add
scan_execution_policies_schedule_limit application setting (merge request) GitLab Enterprise Edition
- Update company controller urgency (merge request)
- Add security_policy_id to compliance_framework_security_policies (merge request) GitLab Enterprise Edition
- Move Your Workspaces from Edit Menu to Code Menu (merge request)
- Runner edit: Improve view of project restrictions (merge request)
- Make instance_type runners routable (merge request)
- Expose expires_at field for exports (merge request) GitLab Enterprise Edition
- ActiveContext: support multiple jsons (merge request)
- New work item kebab menu: Add icons to items (merge request)
- Adjust alignment of project artifacts table (merge request)
- Fix Duo Chat buttons that do not work on multithreaded (merge request) GitLab Enterprise Edition
- Remove second CTA on group members page (merge request) GitLab Enterprise Edition
- Add more details to estimate_cluster_size, udpate docs (merge request) GitLab Enterprise Edition
- Change file result title to two-lines (merge request)
- Add ability to distinguish Duo Chat commands from buttons (merge request) GitLab Enterprise Edition
- Sync new index and drop old one for p_ci_pipelines (merge request)
- Allow users to customize Pages publish directory in setup wizard (merge request)
- Consolidate package registry application settings into one JSONB column (merge request)
- Return the namespace cluster agent mapping after it is deleted (merge request) GitLab Enterprise Edition
- Refactor by_traversal_ids filter (merge request) GitLab Enterprise Edition
- Runners project settings: Overhaul display of runners (merge request)
- Remove vulnerabilities_as_webhook_events FF (merge request) GitLab Enterprise Edition
- Token prefixes: Make feed tokens backwards compatible by @nwittstruck (merge request)
- Respect global time tracking hours-only setting in work item issues view (merge request)
- Allow internal users read external status checks response (merge request) GitLab Enterprise Edition
- Hide Instance tab from Create from template page (merge request) GitLab Enterprise Edition
- Changed show more and less button inconsistent wording (merge request)
- Added scoped items to user search in command palette (merge request)
- Add index that covers project_id, path_prefix, id in pages_deployments (merge request)
- Store the Kubernetes objects created when using managed resources (merge request)
- Return unique Sbom::Component by name (merge request) GitLab Enterprise Edition
- Add immutability to tag rule model (merge request)
- Add documentation for
monospace property in pipeline wizard (merge request)
- Add tooltip to task list actions menu (merge request)
- Drop cache_validity_hours from maven vreg registries table (merge request) GitLab Enterprise Edition
- More comfortable styles for custom wiki sidebar content (merge request)
- Add label to color picker GlFormInputGroup (merge request)
- Show requirements info in Frameworks report and Drawer (merge request) GitLab Enterprise Edition
- Move service ping worker to sticky data_consistency (merge request)
- Improve CodeOwner section parsing logic (merge request) GitLab Enterprise Edition
- CI Pipeline graph: Indicate groups as failed if job has failed (merge request)
- Re-establish agent association for environments lacking agent links (merge request)
- Make entire collapsible state container widget header clickable (merge request)
- Remove search_migration_cleanup feature flag (merge request) GitLab Enterprise Edition
- Add docker hub rate limits alert (merge request)
- Move partition_id to token payload (merge request)
- Add not null constraint to started_at (merge request)
- Add conditional rounded corner styling (merge request)
- Remove skip ci feature flag (merge request) GitLab Enterprise Edition
- Cleanup of feature flag 'filter_unknown_licenses_by_spdx_identifier' (merge request)
- Remove commit details async feature flag (merge request)
- Include "directly addressed" when filtering for "mentioned" (merge request)
- Container queries for work item note content (merge request)
- Sort destination namespace results by similarity (merge request)
- SPP refactor audit logger (merge request)
- Mini pipeline graph: Add max height to downstream dropdowns (merge request)
- Deactivate dormant users from enterprise groups (merge request) GitLab Enterprise Edition
- Remove FF use_related_pipelines_for_policy_evaluation (merge request) GitLab Enterprise Edition
- Project runner: Update destructive actions to secondary buttons (merge request)
- Remove auto resolve banner (merge request) GitLab Enterprise Edition
- Cleanup Duo Chat Claude 3.7 feature flags (merge request)
- Improve performance in edit framework screen (merge request) GitLab Enterprise Edition
- Make entire header of collapsible crud component clickable to toggle (merge request)
- Update layout of pipeline schedules variables form (merge request)
- Update existing external status check secret (merge request) GitLab Enterprise Edition
- Add arguments to Geo bulk update mutation (merge request) GitLab Enterprise Edition
- Swap FK project_repositories.project_id for LFK (merge request)
- Document IMDS V2 hop limit and other troubleshooting information (merge request)
- Deprecate
restrict_user_defined_variables in REST docs (merge request)
- Update array validation (merge request)
- Remove user autocomplete feature flags (merge request)
- Preserve text selection after removing or adding emphasis by @Bubbis (merge request)
- Add LFK triggers to pool_repositories (merge request)
- Add userCalloutsDismisser to pipeline inputs adoption banner (merge request)
- Silence ActiveContext worker logs (merge request) GitLab Enterprise Edition
- Token prefixes: Clarify level of support of automatic secret detection by @nwittstruck (merge request)
- Swap FK group_wiki_repository_states.group_id for LFK (merge request)
- Revisit snoozed todos timestamp display (merge request)
- Use UserCounts for Your Work > Issues pill (merge request)
- Use UserCounts for Your Work > Merge requests pill (merge request)
- Use UserCounts for Your Work > To-Do List pill (merge request)
- Swap FK group_wiki_repositories.group_id for LFK (merge request) GitLab Enterprise Edition
- Allow to add inherited members to the group level protected environments by @antonkalmykov (merge request) GitLab Enterprise Edition
- GraphQL: Rename CiPipelineCiSources to CiPipelineSources (merge request)
- Update protected packages feature to allow rule editing (merge request)
- Allow for clicking anywhere on failed jobs widget to expand it (merge request)
- Use grid and container queries for layout of work item design widget (merge request)
- Swap FK geo_node_namespace_links.namespace_id for LFK (merge request)
- Swap FK pool_repositories.source_project_id for LFK (merge request)
- Swap FK project_states.project_id for LFK (merge request)
- Remove pending members on switch from user caps to block seat overages (merge request) GitLab Enterprise Edition
- Rename
Created sort option to Recommended in the todos app (merge request)
- CI Pipeline graph: Indicate failed job on group better (merge request)
- Validate saml and scim for sso requirements (merge request) GitLab Enterprise Edition
- Check marketplace_home_url with user opt in by @pslaughter (merge request)
- Update Google Cloud setup instructions (merge request)
- Update the status timeout message for Geo metrics (merge request) GitLab Enterprise Edition
- ActiveContext build partition from name and number (merge request)
- To-do dashboard: Optimistic updates to global count (merge request)
- To-do dashboard: Tie pending counts to global UserCounts (merge request)
- Update form UX by marking optional fields by @ahmad-kashkoush (merge request)
- Prepare async index creation for p_ci_pipelines trigger_id and id desc (merge request)
- Update secureflag text by @mega6382 (merge request)
- Sentence case container registry (merge request)
- Improve visibility for Database review in MR description (merge request)
- Update projects finder to filter topics from user's organization (merge request)
- Rename Jobs column to Jobs Artifacts for consistency by @nwittstruck (merge request)
- Adjust FeatureSettings Mutation to allow batch updates (merge request) GitLab Enterprise Edition
- Retry SyncServiceTokenWorker for up to 12 times (merge request) GitLab Enterprise Edition
- Add Placeholder badge to admin users (merge request)
- Update copy for User Cap disclaimer (merge request) GitLab Enterprise Edition
- Raise error when deleting images with rules (merge request)
- Admin roles and permissions: Migrate components used (merge request)
- Refine SAST template patterns (merge request)
- Filter Pipelines API by created_at date (merge request)
- Update amazon q notes by @jlosito (merge request) GitLab Enterprise Edition
- Geo Replication List: Make name more readable (merge request) GitLab Enterprise Edition
- Consolidate unknown license feature flags (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.126.0 (merge request)
- Remove Current.organization_id method (merge request) GitLab Enterprise Edition
- Prefix export subject line with exportable name (merge request) GitLab Enterprise Edition
- Remove onboarding_step_full_uri feature flag (merge request) GitLab Enterprise Edition
Removed (31 changes)
- Marked SetComplianceFramework deprecated (merge request) GitLab Enterprise Edition
- Remove Fireworks/Qwen support for SaaS (merge request) GitLab Enterprise Edition
- Delete the
search_sidekiq_default_concurrency_limit feature flag (merge request)
- Delete the
zoekt_index_pending_delete_repos feature flag (merge request)
- Dropping control_expression and requirement_type columns (merge request) GitLab Enterprise Edition
- Attempt 3 to remove the broken fk_fb57e6cc56_p (merge request)
- Remove spp_scan_diffs ff (merge request)
- Remove the merge_when_pipeline_succeeds code (merge request)
- Attempt 2 to remove the broken fk_fb57e6cc56_p (merge request)
- Drop p_ci_pipelines_trigger_id_idx (merge request)
- Remove parse_conan_metadata_on_upload flag code by @mbo5be (merge request)
- Remove hide_projects_of_banned_users feature (merge request)
- Remove amazon_q_chat_and_code_suggestions feature flag (merge request)
- Remove all code of
/remind_me proof-of-concept (merge request)
- Remove unused code for UsersFinder (merge request)
- Remove "Work item" option from category filter (merge request)
- Remove broken fk fk_fb57e6cc56_p (merge request)
- Removed ignore rule for dropped column (merge request) GitLab Enterprise Edition
- Do not report search_zoekt_task_processing_queue_size in sidekiq (merge request) GitLab Enterprise Edition
- Remove
dora_projects_comparison_subgroups feature flag (merge request) GitLab Enterprise Edition
- Remove auto-deletion of banned user projects (merge request)
- Remove broken foreign key fk_f29c5f4380_p (merge request)
- Delete the
zoekt_reduced_pull_frequency feature flag (merge request)
- Remove sep max_concurrency application setting (merge request)
- Attempt 2 to remove fk fk_a2141b1522_p (merge request)
- Remove old implementation of the Environment folder page by @antonkalmykov (merge request) GitLab Enterprise Edition
- Remove broken foreign key fk_rails_e214655a86_p (merge request)
- Delete the
zoekt_node_assignment feature flag (merge request)
- Remove ci_auth_job_finder_in_runner_api and Ci::Build#valid_token? (merge request)
- Remove unused method #project_merge_requests_list_more_actions_data (merge request)
- Remove filtering by packager (merge request) GitLab Enterprise Edition
Security (14 changes)
- Add delay to when pointer events are enabled for 0Auth authorize page
- Set the IP address state for Action Cable requests
- Do not enable pprof by default in Workhorse
- Global search count leak for confidential issues
- Adding validation for Ci::Pipeline
- Bump workhorse golang-jwt/jwt to 5.2.2
- Filter LFS objects to prevent unauthorized access in merge requests (merge request)
- Add CI/CD project setting
allow_composite_identities_to_run_pipelines
- Inherit current_user external status while rotating project/group token
- Prevent XSS via merge error on the merge request page
- Sync organization user access when admin status changes
- Add validations for the project_name of Harbor integration
- Sanitize returned input on asciidoc Timeout
- Add limit to resource counts in tfplan merge request report
Performance (2 changes)
- Enable bitbucket_server_notes_separate_worker by default (merge request)
- Reduce queries when building pipeline webhook data (merge request) GitLab Enterprise Edition
Other (157 changes)
- Create new contributions materialized view (merge request)
- GraphQL: Remove deprecation of ciMinutesUsed (merge request)
- GraphQL: Remove deprecation of runner active field (merge request)
- Remove feature flag project_deletion_notification_email (merge request)
- Remove bulk_update_work_items_mutation feature flag (merge request)
- Add and backfill lists sharding key (merge request)
- Finalize the finish onboarding for enterprise user backfill (merge request)
- Fix Duo with Amazon policy (merge request)
- [Add NOT NULL for sharding key on ](https://gitlab.com/gitlab-org/gitlab/-/commit/5a86e3b3fbe4053fae141d93855427a40fab8eb1) (merge request)
- Remove feature flag for PK lookup using functions (merge request)
- Add created rule ID to security policy diff (merge request) GitLab Enterprise Edition
- Remove application code from onboarding status role backfill (merge request)
- Finalize migration IncidentManagementIssuableEscalation (merge request)
- Add and backfill organization_id for bulk_import_configurations (merge request)
- Remove worker data consistency feature flag (merge request)
- Force update reserved_storage_bytes for overprovisioned indices (merge request) GitLab Enterprise Edition
- Remove filtering_optimization_for_work_items references (merge request)
- Clarify when "due soon" email is sent (merge request)
- Protected packages: Extend docs for minimum access level for delete by @gerardo-navarro (merge request)
- Add NOT NULL for sharding key (merge request)
- Extract Work Item userPermissions to its own fragment for CE & EE (merge request) GitLab Enterprise Edition
- No-op FinalizeBackfillCiRunnerMachinesPartitionedTable migration (merge request)
- Add NOT NULL on vulnerability_external_issue_links.project_id (merge request)
- Make "Approved by" MR fliter use sentence case (merge request)
- Add NOT NULL for sharding key on packages_npm_metadata (merge request)
- Reindex Elasticsearch project index to update integer with long type (merge request) GitLab Enterprise Edition
- Finalize migration BackfillIssuableMetricImagesNamespaceId (merge request)
- Clarify that "Watch" doesn't include all notifications (merge request)
- Delete ci build trace metadata record after archive (merge request)
- Update values for ci_runner_machines_archived in LFKs (merge request)
- Cleanup Redis BufferedCounter post migration (merge request)
- Regenerate RuboCop TODO files (merge request)
- Remove feature flag autocomplete_projects_use_search_service (merge request)
- Quarantine a flaky test (merge request)
- Document how to troubleshoot object storage migration inconsistencies by @karras (merge request)
- Add migration to delete orphaned routes (merge request)
- Update Storybook to v7 (merge request)
- Fetch component name from sbom_components (merge request) GitLab Enterprise Edition
- Finalize migration BackfillFreeSharedRunnersMinutesLimit (merge request)
- Remove GitLab Duo features from Duo with Amazon Q docs (merge request) GitLab Enterprise Edition
- Remove force_cancel_build FF (merge request)
- Ignore runtime_runner_features on builds metadata (merge request)
- Clean up feature flag cleanup_stale_policy_violations (merge request) GitLab Enterprise Edition
- Clean up feature flag pat_expiry_inherited_members_notification (merge request)
- Add API endpoint rate limit for virtual registries (merge request)
- Sync translations from crowdin (2025-04-02) (merge request)
- Drop issues.correct_work_item_type_id column (merge request)
- Clean up blame_ignore_revs feature flag (merge request)
- Sync translations from crowdin (2025-03-31) (merge request)
- Update workers data_consistency (merge request)
- Limit dependency paths returned for a vuln (merge request) GitLab Enterprise Edition
- Document Container Repositories as part of the Geo data types by @karras (merge request)
- Finalize migration BackfillPersonalAccessTokenSevenDaysNotificationSent (merge request)
- Add NOT NULL for sharding key on incident_management_escalation_rules (merge request)
- Ensure user is authorized to push NuGet packages by @gerardo-navarro (merge request)
- Make "Target Branch" MR filter use sentence case (merge request)
- Add documentation to service access tokens revocation (merge request)
- Fix flaky tests for Loose Foreign Keys (merge request)
- Add project export event tracking (merge request)
- Add NOT NULL for sharding key on milestone_releases (merge request)
- Migrate Amazon instance audit event destinations (merge request) GitLab Enterprise Edition
- Remove deprecation for cancel pipelines api (merge request)
- Removes the add_timezone_to_web_operations (merge request)
- Display with Amazon Q on duo chat button when enabled by @jlosito (merge request) GitLab Enterprise Edition
- Remove cancel gracefully from metadata (merge request)
- Backfill organization_id on fork_networks (merge request)
- Add duo seat assignment task to learn gitlab (merge request) GitLab Enterprise Edition
- Add reemit event to speedup (merge request) GitLab Enterprise Edition
- Drop admin-token from internal CDot (merge request) GitLab Enterprise Edition
- Rename usage of file to blob in Geo by @karras (merge request) GitLab Enterprise Edition
- Remove runner registration token deprecations (merge request)
- Add BBM to migrate group legacy HTTP destinations (merge request) GitLab Enterprise Edition
- Migrate Google Group audit event destinations (merge request) GitLab Enterprise Edition
- Add BBM to migrate group legacy Amazon destinations (merge request) GitLab Enterprise Edition
- Add NOT NULL on error_tracking_error_events.project_id (merge request)
- Remove beta from Amazon Q auto complete descriptions by @jlosito (merge request) GitLab Enterprise Edition
- Move the FF to ops to enable by default (merge request) GitLab Enterprise Edition
- Remove the
merge_request_dashboard_merge_checks feature flag (merge request)
- Make work item quick actions text consistent (merge request)
- Backfill redirect_routes.namespace_id (merge request)
- Add NOT NULL on vulnerability_occurrence_identifiers.project_id (merge request)
- Add NOT NULL on projected_environment_deploy_access_level sharding keys (merge request)
- Finalize migration BackfillDependencyProxyBlobStatesGroupId (merge request)
- Finalize migration SetTotalNumberOfVulnerabilitiesForExistingProjects (merge request)
- Deprecate the merge_when_pipeline_suceeds push option for auto_merge (merge request)
- Finish user onboarding when the user is an enterprise user (merge request)
- Finalize migration BackfillPackagesRubygemsMetadataProjectId (merge request)
- Initialize conversion of MergeRequestDiff Id columns to bigint (merge request)
- Add information about the known issue (merge request) GitLab Enterprise Edition
- Add a description for the /using_docker_images doc to improve SEO by @nikitasakau (merge request)
- Create new ClickHouse events table (merge request)
- Complete the virtual registry cleanup worker rename (merge request)
- Sync translations from crowdin (2025-03-25) (merge request)
- Add models for mapping ldap group to admin custom role (merge request)
- Re-queue migration to delete orphaned groups (merge request)
- Remove ai_features_enabled and improve ai_features_banned policy by @karras (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add organization support to merge request diff commit users (merge request)
- Remove the
todos_bulk_actions feature flag (merge request)
- Backfill approval_policy_rule_id in scan_result_policies (merge request) GitLab Enterprise Edition
- Drop RequeueDeleteOrphanedPartitionedCiRunnerMachineRecords (merge request)
- Drop DeleteOrphanedPartitionedCiRunnerMachineRecords migration (merge request)
- No-op ci_runner_machines_687967fa8a table backfill migration (merge request)
- Fix Graphql/ResourceNotAvailableError offenses by @prileygraham (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add and backfill project_id for packages_helm_file_metadata (merge request)
- Sync translations from crowdin (2025-03-24) (merge request)
- Change "My-Reaction" filter to "My reaction" (merge request)
- Removing old CI partition tables from LFK config file (merge request)
- Add NOT NULL on merge_request_user_mentions.project_id (merge request)
- Remove custom debug message in organization_controller_spec by @karras (merge request)
- Finalize migration FixProjectSettingsHasVulnerabilities (merge request)
- Add service pings for runner token expiration by runner type (merge request)
- Drop partitioned copy of merge_request_diff_commits (merge request)
- Add and backfill project_id for packages_package_file_build_infos (merge request)
- Add and backfill project_id for packages_debian_file_metadata (merge request)
- Add and backfill project_id for packages_conan_file_metadata (merge request)
- Reduce increased query count for decomposition (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-03-21) (merge request)
- Create new code suggestion_daily_events table in ClickHouse (merge request)
- Add NOT NULL on ci_trigger_requests.project_id (merge request)
- Quarantine a flaky test (merge request)
- Add NOT VALID NOT NULL constraint to ci_build_needs.project_id (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillPagesDomainAcmeOrdersProjectId (merge request)
- Finalize migration BackfillPagesDeploymentStatesProjectId (merge request)
- Re-queue BackfillOnboardingStatusRole migration (merge request)
- Cleanup use_ssot_for_ultimate_trial_eligibility feature flag (merge request) GitLab Enterprise Edition
- Partition vulnerability archival related tables (merge request)
- Finalize migration BackfillPackagesNpmMetadataProjectId (merge request)
- Make "Search Within" filter use sentence case (merge request)
- Finalize migration BackfillPackagesNugetMetadataProjectId (merge request)
- Finalize migration BackfillPackagesPypiMetadataProjectId (merge request)
- Changing "acknowledgement" to American spelling (merge request)
- Add ComplianceFrameworks count metric (merge request) GitLab Enterprise Edition
- Validate NOT NULL on packages_package_files (merge request)
- Remove ElasticIndexingControlWorker class and related files (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch note index to update integer with long type (merge request) GitLab Enterprise Edition
- Add a migration to remove the routes that are pending deletion (merge request)
- Finalize Jira Cloud App connection migration (merge request)
- Quarantine a flaky test (merge request)
- Add NOT NULL on protected_environment_approval_rules sharding keys (merge request)
- Validate NOT NULL on approvals.project_id (merge request)
- Remove feature flag "Cleanup codeowners_file_exclusions" (merge request)
- Add NOT NULL on epic_issues.namespace_id (merge request)
- Initial commit: Remove log_response_length feature flag (merge request)
- Add and backfill project_id for incident_management_oncall_shifts (merge request)
- Migrate Google Instance audit event destinations (merge request) GitLab Enterprise Edition
- Add and backfill project_id for incident_management_oncall_participants (merge request)
- Add NOT NULL on ci_build_pending_states.project_id (merge request)
- Remove feature flag label_keep_around_ref_metrics (merge request)
- Log Runner info for Release builds (merge request)
- Protected containers: Fix metadata for FF minium access level for delete by @gerardo-navarro (merge request)
- Sync translations from crowdin (2025-03-15) (merge request)
- Cleanupp the no_onboarding_enterprise_users feature flag (merge request) GitLab Enterprise Edition
- Remove feature flag allow_merge_request_pipelines_from_fork (merge request)
- Finalize migration BackfillNewAuditEventTables (merge request)
17.10.8 (2025-06-11)
Fixed (2 changes)
- Fix gitpod button is missing in the edit dropdown
- Attempt to migrate ci_runner_taggings table (try 2)
Security (7 changes)
- Protect webhook from excessive payload lengths (merge request)
- Endless Redirect Loop in any project when query param "format" is "git" (merge request)
- Backport for "Add validation for board name length" to 17-10-stable (merge request)
- Fix # #1329 - IDOR in compliance framework export endpoint (merge request)
- security: Git redirection inconsistency (merge request)
- Fix XSS with CSP bypass in JSON tables (merge request)
- Limit HTTP response size (merge request)
17.10.7 (2025-05-21)
Security (9 changes)
- Use CI::VariableValue in BasicEntity to prevent exposing hidden values in collapsible UI element (merge request)
- Show full path of project in create MR dropdown (merge request)
- Security 479168 discord zip vulnerability (merge request)
- Limit length of certificate cluster text fields (merge request)
- Check rate limit for over-sized blobs (merge request)
- Added size constraint validation to notes position fields (merge request)
- Obfuscate emails in note.bodyFirstLineHtml (merge request)
- Need to update 2fa requirement after accepting request (merge request)
- Ensure SAML authn context comes from signed portion of SAML response (merge request)
Other (1 change)
17.10.6 (2025-05-07)
Fixed (2 changes)
Changed (1 change)
Security (3 changes)
- Improve Octokit::ResponseValidation middleware and add rate limits (merge request)
- Remove id attribute from OAuth form (merge request)
- Use IssuePolicy for #issues_readable_by_user (merge request)
17.10.5 (2025-04-22)
Fixed (3 changes)
- Fix 500 in Todo API when wiki page todo exists
- Clear session cookie when browser is closed
- Fix workspaces reconciliation to send inventory config map correctly GitLab Enterprise Edition
Security (4 changes)
- Add SecureHeaders middleware with the Nel header (merge request)
- Restrict forwarded headers in Maven dependency proxy (merge request)
- Security unauthorized access to reading branch names (merge request)
- Simplify detecting paragraphs for quick actions (merge request)
Other (1 change)
17.10.4 (2025-04-09)
Fixed (2 changes)
- Fix invalid pipelines for scan execution policies GitLab Enterprise Edition
- Move group.cluster_agents field to CE GitLab Enterprise Edition
Security (7 changes)
- Bump workhorse golang-jwt/jwt to 5.2.2 (merge request)
- Global search count leak for confidential issues (merge request)
- Set the IP address state for Action Cable requests (merge request)
- Bump Golang Oauth2 >=0.27.0 (merge request)
- Adding validation for Ci::Pipeline (merge request)
- Add delay to when pointer events are enabled for 0Auth authorize page (merge request)
- Do not enable pprof by default in Workhorse (merge request)
17.10.3 (2025-04-02)
No changes.
17.10.2 (2025-04-02)
Fixed (2 changes)
- Fix free push limit on non-saas (merge request)
- Ensure runner taggings are copied from taggings (merge request)
Other (1 change)
17.10.1 (2025-03-26)
Security (7 changes)
- Sync organization user access when admin status changes (merge request)
- Prevent XSS via merge error on the merge request page (merge request)
- Inherit current_user external status while rotating project/group token (merge request)
- Add validations for the project_name of Harbor integration (merge request)
- Sanitize returned input on asciidoc Timeout (merge request)
- Add CI/CD project setting
allow_composite_identities_to_run_pipelines (merge request)
- Add limit to resource counts in tfplan merge request report (merge request)
17.10.0 (2025-03-19)
Added (150 changes)
- Add CI runner manager custom executor count to service ping (merge request)
- Add compliance control: auth_sso_enabled (merge request) GitLab Enterprise Edition
- Protected containers: Integrate delete protection in REST API by @gerardo-navarro (merge request)
- Destroy compliance statuses when project is deleted (merge request) GitLab Enterprise Edition
- Add GraphQL query for organization cluster agents (merge request)
- Export squash options (merge request) GitLab Enterprise Edition
- Add query to pipeline inputs form (merge request)
- Update table_size database dictionary entries (merge request)
- Added graphql query for listing project compliance statuses (merge request) GitLab Enterprise Edition
- Emit input data to pipeline new form (merge request)
- Add missing sorting options to access token APIs (merge request)
- Add work item view controls (merge request)
- Backfill software_license_policies without spdx and custom_license (merge request) GitLab Enterprise Edition
- Updating pipeline inputs form (merge request)
- Track credentials inventory page visits on SAAS, SM & Dedicated (merge request) GitLab Enterprise Edition
- Add inputs to pipeline schedule endpoints (merge request)
- Support filtering work items by timeframe (merge request)
- Release GitLab Query Language (GLQL) Beta (merge request)
- Add createdAt field to source_user_type (merge request)
- Automatically scan pubspec.lock files when new analyzer enabled (merge request)
- Add admin page for targeted messages basic upload (merge request) GitLab Enterprise Edition
- Implement vulnerability archive export API (merge request) GitLab Enterprise Edition
- Create merge_request_approval_settings table (merge request) GitLab Enterprise Edition
- ActiveContext preprocessor for embeddings (merge request)
- Respect tag protection rules when deleting tags (merge request)
- Show subgroup projects in the DORA projects comparison visualization (merge request) GitLab Enterprise Edition
- Enable importer_user_mapping_reassignment_csv flag by default (merge request)
- Add count of createdservice_accounts,28d (merge request) GitLab Enterprise Edition
- Add by_project_id scope to ProjectSettings (merge request) GitLab Enterprise Edition
- Enable the
todos_bulk_actions FF by default (merge request)
- Add shortcut tooltips (merge request)
- ActiveContext preprocessors for preload and bulk embeddings (merge request)
- Add the ability to search versions (merge request) GitLab Enterprise Edition
- Add service account update endpoint for groups (merge request) GitLab Enterprise Edition
- Added code to auto approve pending promotions via ldap (merge request) GitLab Enterprise Edition
- Admin Token API: Revoke pipeline trigger tokens by @nwittstruck (merge request)
- Expose path_lock permissions in graphql endpoint (merge request) GitLab Enterprise Edition
- Protected packages: Add minimum_access_level_for_delete to GRAPHQL API by @gerardo-navarro (merge request)
- Add
usage_count data source and visualizations (merge request) GitLab Enterprise Edition
- Add Duo with Amazon Q to Duo interface (merge request) GitLab Enterprise Edition
- Model experiments: Add artifacts list (merge request)
- Add excluded_merge_requests table (merge request)
- Add vulnerability_severity_overrides table (merge request) GitLab Enterprise Edition
- Introduce Ci::ProjectWithPipelineVariable model and migration (merge request)
- Protected packages: Integrate delete protection by @gerardo-navarro (merge request)
- Add ci_pipeline_schedule_inputs table (merge request)
- Add duo_chat_troubleshoot_job to FLAGGED_FEATURES (merge request) GitLab Enterprise Edition
- Remove users_search_scoped_to_authorized_namespaces_advanced_search flag (merge request) GitLab Enterprise Edition
- Add Authz::UserGroupMemberRole model (merge request) GitLab Enterprise Edition
- Add
parent_path argument to Groups GQL resolver (merge request)
- Added a new vulnerability_namespace_statistics table (merge request)
- Support admin custom roles on SaaS (merge request) GitLab Enterprise Edition
- Implement
GET /Groups/:id SCIM endpoint (merge request) GitLab Enterprise Edition
- Add WorkItemWidgetVulnerabilities with related vulnerabilities (merge request) GitLab Enterprise Edition
- Prevent decremeting stars of project with zero star count (merge request)
- Added table and model for project requirement status (merge request) GitLab Enterprise Edition
- Enable Duo Code Review and change it to beta (merge request) GitLab Enterprise Edition
- Add inputs adoption banner (merge request)
- Add dependency paths data to vulnerabilities (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Show blame preferences when .git-blame-ignore-revs file exists (merge request)
- Bulk add controls while requirement creation (merge request) GitLab Enterprise Edition
- Add groups GQL query argument to only return groups with user membership (merge request)
- Add ability to force cancel jobs stuck in canceling status by @ajuckel (merge request)
- Add put API endpoint to support uploading recipe package files by @oceane_scania (merge request)
- Add the
RecentlyViewedMergeRequestsResolver class (merge request)
- Introduce GroupDora type with projects (merge request) GitLab Enterprise Edition
- Introduce separate rate limiter for /autocomplete/users (merge request)
- Track Cloud Connector token signing metrics (merge request) GitLab Enterprise Edition
- Add vulnerability_severity_overrides table (merge request) GitLab Enterprise Edition
- Process security report observability events (merge request)
- Capture job token policies for API endpoints (merge request)
- Update vulnerabilities ExternalIssueLink create service (merge request) GitLab Enterprise Edition
- Migrate table cell dropdown to a bubble menu (merge request)
- Add Duo with Amazon Q support to SM/Dedicated provisioning (merge request) GitLab Enterprise Edition
- Add value renderer (merge request)
- Remove block_seat_overages feeature flag (merge request) GitLab Enterprise Edition
- Add import history table and import source table components (merge request)
- Add namespace_metadata visualization and data source (merge request) GitLab Enterprise Edition
- Add CSV format to group dependency export (merge request) GitLab Enterprise Edition
- Restrict manual job variables (merge request)
- Cloud Connector: add key rotation rake tasks (merge request) GitLab Enterprise Edition
- Create GraphQL endpoint to return pipeline inputs (merge request)
- Add Project.forkedFrom to graphql api by @Taucher2003 (merge request)
- Add error tracking widget to work items (merge request)
- Enable cluster agents for groups (merge request)
- Apply GitHub markdown reformatting to more objects (merge request)
- Improve pipeline execution policy documentation (merge request)
- Add GraphQL API for querying dedicated usage filters (merge request) GitLab Enterprise Edition
- Add namespace package setting for audit events (merge request)
- Adding the CI_PROJECT_NAMESPACE_SLUG variable by @tonton1728 (merge request)
- Update GitLab Pages version (merge request)
- ActiveContext OpenSearch processor for queries (merge request)
- Add support for /epic on work_items (merge request) GitLab Enterprise Edition
- Add
organization_id field to fork_networks (merge request)
- Add vulnerability id for create work item (merge request)
- Pre-select permissions when creating a custom role (merge request) GitLab Enterprise Edition
- Append any value defined in pages.publish to artifact paths (merge request)
- Add a limited count field to registries (merge request) GitLab Enterprise Edition
- Implement
POST /Groups SCIM endpoint for self-managed (merge request) GitLab Enterprise Edition
- GraphQL query for component dependency path (merge request) GitLab Enterprise Edition
- Add pipeline inputs table (merge request)
- Add worker to assign security bot for namespaces (merge request) GitLab Enterprise Edition
- Remove feature flag change_data_consistency_for_permissions_workers (merge request)
- Allow users to /q test in mr note by @jlosito (merge request) GitLab Enterprise Edition
- Add models for system defined status (merge request)
- Add default role to variables settings (merge request)
- Add index on merge_request_diffs for id and project_id (merge request)
- Support duo_chat_2 conversation type (merge request) GitLab Enterprise Edition
- Expose CI_JOB_GROUP_NAME variable for builds by @azinke (merge request)
- Add find_or_initialize_project_control_status (merge request) GitLab Enterprise Edition
- Expose
blocked_work_items feature availability in WI permissions (merge request) GitLab Enterprise Edition
- Add GraphQL for WorkItems::UserPreference (merge request)
- Release PAT expiry notifications to inherited group and project members (merge request)
- Promote model version through api (merge request)
- Introduce a GraphQL mutation to archive vulnerabilities (merge request) GitLab Enterprise Edition
- Add user_discussions_count to WorkItem API by @vedant-jain03 (merge request)
- Add migration to create missing nuget symbols (merge request)
- Enable users to fetch all WorkItems they have access through GraphQL (merge request)
- Preload policies in contributed and starred projects resolvers (merge request)
- Markdown: Select text and paste URL to create link (merge request)
- Add export dropdown to dependency list (merge request) GitLab Enterprise Edition
- GraphQL: search by commit in the repository (merge request)
- Add external control fields to GraphQL API (merge request) GitLab Enterprise Edition
- Make Ci::Runner#token routable (merge request)
- Removes limited_capacity_member_destruction FF (merge request)
- Add comment summarization to work items (merge request) GitLab Enterprise Edition
- Removes billable_member_async_deletion FF (merge request) GitLab Enterprise Edition
- Show auto-resolve info banner on vulnerability report (merge request) GitLab Enterprise Edition
- Make Users API rate limits configurable (merge request)
- Add switch for CI/CD Job Token format (merge request)
- Show Start/Due date sort options in Work Item list (merge request)
- Remove feature flag pipeline_execution_policy_analyze_configs (merge request) GitLab Enterprise Edition
- Add import history stats and error components (merge request)
- Add runner ID filter for dedicated usage query (merge request) GitLab Enterprise Edition
- ActiveContext OpenSearch executor for migrations (merge request)
- ActiveContext Find partition by serializing collection (merge request)
- Mutation for destroying compliance control (merge request) GitLab Enterprise Edition
- Add Support PIN UI functionality (merge request)
- Add system note when submitted review is "comments only" by @antonkalmykov (merge request)
- Enable work item description templates (merge request)
- Protected packages: Add basics for package delete protection by @gerardo-navarro (merge request)
- Display warning banner when LFS is misconfigured (merge request)
- Expose error tracking stack trace though GraphQL (merge request)
- Adds project_id and namespace_id to JWT payload (merge request)
- Add peek functionality for ResourceUsageLimiter (merge request)
- Add move button to work item Issue type actions menu (merge request)
- Add support for api site profiles in DAST Scan Execution Policies (merge request) GitLab Enterprise Edition
- Clean up display_password_requirements feature flag (merge request) GitLab Enterprise Edition
- Handle Silent Mode for Audit Events streaming (merge request) GitLab Enterprise Edition
Fixed (183 changes)
- Detect JSON tables even with other lang params (merge request)
- Make sure a.anchor::after has position absolute all the time (merge request)
- Do not enforce job token permissions for public endpoints (merge request)
- Fix URL escaping in badges API (merge request)
- Add migration to delete zoekt_replicas with evicted zoekt_indices (merge request)
- Fix group level auth for epics advanced search (merge request) GitLab Enterprise Edition
- Handle duplication error (merge request)
- Fix comment templates (merge request)
- Add conditional Flux reconciliation update (merge request)
- Fix integrations table alignment (merge request)
- Fix VSA filtered search bar overflow issue when many filters are applied (merge request)
- Prevent new user registration when block seat overages is enabled (merge request) GitLab Enterprise Edition
- GLQL table: Fix inclusion of table in description field (merge request)
- Rolled up dates only when rollUp is true (merge request)
- Fix: Skip agent authorization check for environment creation in REST API (merge request)
- Stop scroll misbehavior when linking to comments (merge request)
- Prevent WI sticky header edit button from shrinking when title is long (merge request)
- Add additional checks for group projects (merge request) GitLab Enterprise Edition
- Only load vulnerability related records when actually exporting (merge request) GitLab Enterprise Edition
- Reorder runners backfill migrations (merge request)
- Ignore math on spaced_link_filter by @Bubbis (merge request)
- Fix read more button styling (merge request)
- Zoekt: Fix undefined feature flag handling in gitlab:zoekt:info (merge request) GitLab Enterprise Edition
- Refactor rule_index while updating security policy (merge request) GitLab Enterprise Edition
- Return an error if the parent DNE / Lacks permissions (merge request)
- Removes ordering requirement for funnel sync test by @max.woolf (merge request)
- Add check for nullability for compliance framework (merge request) GitLab Enterprise Edition
- Fix sorting issue credential inventory (merge request)
- Add
description param to the service access tokens (merge request)
- Reduce redundant Redis parameter initialization (merge request)
- Fix gitlab:elastic:info rake task (merge request) GitLab Enterprise Edition
- Fix work item draft and description with "\n\n" (merge request)
- Add fallback for yaml editor (merge request)
- Improve a11y of Integrations table (merge request)
- Fix inconsistent state for project-level approval settings (merge request) GitLab Enterprise Edition
- Ensure "Edit release" links have accessible labels (merge request)
- Fix error when fetching custom roles when used in policies (merge request) GitLab Enterprise Edition
- Add 99 to valid onboarding_status_role value (merge request) GitLab Enterprise Edition
- Don't use DestroyExportWorker on successful export (merge request) GitLab Enterprise Edition
- Fix CI/CD variable settings with custom role (merge request)
- Fix merge request pipelines on ambiguous refs (merge request)
- Remove tsquery_deduplicate_search_terms feature flag (merge request)
- Handle undefined body and html for rte (merge request)
- Use normalized package_name during (merge request) GitLab Enterprise Edition
- Update pipeline variables polling (merge request)
- Fix rebase failure alert variant (merge request)
- Ensure "Edit release" links have accessible labels (merge request)
- Adapt Duo Chat Slash commands for multi-threaded (merge request) GitLab Enterprise Edition
- Passing color contrast for job log line numbers (merge request)
- Show full job sidebar when troubleshoot bar exists (merge request)
- fix: Use short ref name as fallback in pipeline UI (merge request)
- Add unverified_author_email to grahql endpoint (merge request)
- Allow anonymous users to load pipeline analytics (merge request)
- Fix WorkItemType for reference work items (merge request)
- Stop redirection loop with welcome during onboarding (merge request) GitLab Enterprise Edition
- Capture model experiment creation RecordNotUnique error (merge request)
- Fix frozen array error with custom analyzers (merge request) GitLab Enterprise Edition
- Fix Rack Attack incorrectly rate limiting runner API (merge request)
- Fix SHM health check not enabling properly (merge request) GitLab Enterprise Edition
- Use Redis pipeline creation for MR commit pushes (merge request)
- Use design tokens for diff file row and linked diff file (merge request)
- Convert DuoEnterprise trials lead form to view component (merge request) GitLab Enterprise Edition
- Fix confidential filters for epics advanced search (merge request) GitLab Enterprise Edition
- Add all actions to sticky header (merge request)
- A11y improvements for user profile and admin user groups/projects page (merge request)
- Ensure revoke token buttons have unique link text (merge request)
- Fix path rejection for Dependency path (merge request) GitLab Enterprise Edition
- Make sure aside has its implicit complementary role (merge request)
- Fix admin_display_duo_addon_settings? check (merge request) GitLab Enterprise Edition
- Prevent invalidating remember tokens on logout (merge request)
- Fix checkbox toggling in work item notes (merge request)
- Fixes CE profile Usage Quotas rendering (merge request)
- Don't auto-resolve dismissed vulnerabilities (merge request) GitLab Enterprise Edition
- Include before_sha in PEP pipelines (merge request) GitLab Enterprise Edition
- Added long line truncation for frontend highlighting (merge request)
- Requeue migration to resync policy project links (merge request) GitLab Enterprise Edition
- Capture model registry version creation PG errors (merge request)
- Do not disable OAuth by "Disable personal access tokens" group setting (merge request) GitLab Enterprise Edition
- Stop user onboarding for group saml (merge request) GitLab Enterprise Edition
- Update PruneProjectExportJobsWorker cronjob schedule (merge request)
- Add optional chaining to ref response (merge request)
- Improve a11y of Help menu (merge request)
- Ensure feature flag edit buttons have unique link text (merge request)
- Remove filter_saml_enforced_resources_from_graphql feature flag (merge request)
- Improve a11y of links in Whats New drawer (merge request)
- Show copy to clipboard button on mermaid code block (merge request)
- Fix RTE loading indicator position (merge request)
- Ensure user edit links in admin have unique text (merge request)
- Ensure docs and config links on admin dashboard are accessible (merge request)
- Fix source and target branch in dev widget (merge request)
- Fix group filter on work items list (merge request)
- Fix custom_ability_ feature flag usage (merge request) GitLab Enterprise Edition
- Fix pipeline marked invalid when var is empty string (merge request)
- Add aria-desrcribedby for status links in admin jobs table (merge request)
- Fix open vsx resource url template (merge request)
- Stream audit events only once using feature flag (merge request) GitLab Enterprise Edition
- Fix missing graphql field (merge request)
- Skip entry owners check for exclusion pattern (merge request)
- Fix invalid sort in placeholder users app (merge request)
- Fix emoji key in suggestions dropdown (merge request)
- Abuse report: Fix a11y issues (merge request)
- Process auto megre on page load if required (merge request)
- Fix downloads failing due to duplicate SSRF filters (merge request)
- Implement repository archive cache cleaning inside Workhorse (merge request)
- Split cyclonedx artifact into multiple reports (merge request) GitLab Enterprise Edition
- Fix the pipe search for zoekt exact search mode (merge request)
- Fix workItem parent dropdown item click (merge request)
- Preserve selected items in dropdown text (merge request) GitLab Enterprise Edition
- Model runs: Handle not destroyed error (merge request)
- Return a bad request status if an environment fails to stop via API (merge request)
- Update typo (merge request)
- Reset selected exceptions projects (merge request) GitLab Enterprise Edition
- Adjust help text for instance wide restricted access setting (merge request) GitLab Enterprise Edition
- Fixed missing regex and syntax options buttons in topbar (merge request)
- Delete security_policies when policy.yml becomes invalid (merge request) GitLab Enterprise Edition
- Show rebase button if user can push to source branch (merge request)
- Fix emoji award button styling for selected state (merge request)
- Prevent CiIcon text color from being overridden (merge request)
- Ensure badge popover opens on click (merge request)
- Zoekt: Fix missing repo logic (merge request) GitLab Enterprise Edition
- Fix issuable filter focus shortcut (merge request)
- Release status badge: Fix border not appearing render issue (merge request)
- Catch Key errors in Google Cloud audit event steaming (merge request)
- Add background migration to resync policy project links (merge request) GitLab Enterprise Edition
- Use semantic H2 for "Related jobs" header (merge request)
- Set default for pipeline dependency export (merge request) GitLab Enterprise Edition
- Prevent deletion of project_bot users with non-expiring access tokens (merge request)
- Fix accessibility of Whats New drawer headers (merge request)
- Fix skip to main content button UI (merge request)
- Fix indentation for default yaml file (merge request) GitLab Enterprise Edition
- Add validation styling for approver widget (merge request) GitLab Enterprise Edition
- Prevent double escaping forward slashes (merge request)
- Fix badly formatted help link on some integrations (merge request)
- Update truncato (merge request)
- Load missing from dropdown groups (merge request) GitLab Enterprise Edition
- Fix "code_owner_approval_required" override when the param is not set (merge request) GitLab Enterprise Edition
- Fix pagination issue on empty To-Do dashboard pages (merge request)
- Fix policies for GitLab Duo code suggestions and glab ask by @stepech (merge request) GitLab Enterprise Edition
- Issue boards: Add new item projects select a11y label fix (merge request)
- Use semantic H3 for "Can't scan the code" section of 2FA setup (merge request)
- Use semantic headers in SingleStatComponent in admin elasticsearch form (merge request)
- Use semantic headers for user stat cards in admin and unique links (merge request)
- Correct acessibility header issues in admin dashboard (merge request)
- Use H2 for job empty state (merge request)
- Prevent Child item expand toggle from overlapping child item (merge request)
- Fix detection of empty merge request approval policy (merge request) GitLab Enterprise Edition
- Fix MR approval policy evaluation for chained MRs (merge request) GitLab Enterprise Edition
- Ensure Md header anchor shows even when description is collapsed (merge request)
- Fix previous/next commit buttons on merge requests (merge request)
- Fix work item epic listing button (merge request)
- Fixes deactive active deployment with same path by @Rumple_17 (merge request)
- Load missing from dropdown frameworks (merge request) GitLab Enterprise Edition
- Load missing from dropdown projects (merge request) GitLab Enterprise Edition
- Add max length calculations and user indications to status form (merge request)
- Resync security_policies with incorrect index (merge request) GitLab Enterprise Edition
- Adjusts BSO logic for free groups (merge request) GitLab Enterprise Edition
- Dompurify: Allow background-color style attribute on GlLabel (merge request)
- Allow read access for admin job token permissions (merge request)
- Fix setting ci_id_token_sub_claim_components (merge request) GitLab Enterprise Edition
- Fixes admin page CI minutes css class usage (merge request) GitLab Enterprise Edition
- Correct milestone in featue flag definition (merge request) GitLab Enterprise Edition
- Ignore policy schema validation for custom roles (merge request) GitLab Enterprise Edition
- Keep value stream analytics active in sidebar (merge request)
- Add queuing worker for broken adherences (merge request) GitLab Enterprise Edition
- Fix severity filtering for severity overridden security findings (merge request) GitLab Enterprise Edition
- Skip processed members (merge request)
- Fix DOMPurify validation for SVGs (merge request)
- Import GitHub collaborators consistently (merge request)
- Fix edit framework refresh bug by @nradina (merge request)
- Add min size to confidential icon (merge request)
- Generate correct agent URL in managed resource annotations (merge request)
- Small alignment fixes in merge widget (merge request)
- Change date toggle when updated via subscriptions (merge request) GitLab Enterprise Edition
- Hide markdown editor fullscreen button when work item is in drawer (merge request)
- Fix release evidence tag name generation (merge request)
- Fix ambiguous created_at column for pipeline_configuration_full_path (merge request) GitLab Enterprise Edition
- Fix audit event http streaming under feature flag (merge request) GitLab Enterprise Edition
- Update query for banned user project deletion (merge request)
- Safely handle when sanitized Elastic result is blank (merge request) GitLab Enterprise Edition
- Use correct project when fetching managed resources templates (merge request)
- Fix 'Apply' button for WI dates widget (merge request)
- Allow access to publicly accessible features from job tokens (merge request)
- Make multi-word label matching case-insensitive (merge request)
Changed (189 changes)
- Use epic creation adapter in more places (merge request) GitLab Enterprise Edition
- Add email delivery for vulnerabilities exports (merge request) GitLab Enterprise Edition
- Update CI steps syntax specification (merge request)
- Document how to use a custom PEP pre stage as non-blocking (merge request)
- Finalize delete_orphaned_stage_records (merge request)
- Finalize backfill subscription_add_on_purchases (merge request)
- Improve performance of CI/CD analytics page (merge request)
- Update description for q test mr norm and diff by @jlosito (merge request) GitLab Enterprise Edition
- Changed text on the breadcrumbs for creating new entities in projects: by @illia_bakunovskyi (merge request)
- Crud, MR widget, settings block: Add preference for reduced motion (merge request)
- Remove feature flag (merge request) GitLab Enterprise Edition
- Refresh member authorized projects in background job by @Taucher2003 (merge request)
- Enable migrated prompts for summarize comments (merge request)
- Refactored util to fix sm billable logic (merge request) GitLab Enterprise Edition
- Add header to project snippets page (merge request)
- Enable configuration of Duo Chat sub-features (merge request) GitLab Enterprise Edition
- Show skipped rows in CSV reassignment email (merge request)
- Expose correlation ID in overloaded message (merge request)
- Update dependency auto-deploy-image to v2.125.0 (merge request)
- Add group and project scope for basic users autocomplete (merge request)
- RCA/Troubleshoot uses new Claude 3.7 model (merge request) GitLab Enterprise Edition
- Release the Docker Hub credentials support in the Dependency Proxy (merge request)
- Update code creation slash commands to Claude 3.7 Sonnet (merge request) GitLab Enterprise Edition
- Remove deprecated remote_development_agent_config references (merge request) GitLab Enterprise Edition
- Release squash commits options for branch rules (merge request)
- GLQL: Add Crud to views (merge request)
- Vulnerability finding: Update design of form (merge request)
- Move Seat Control > Restricted Access to paid plans only (merge request) GitLab Enterprise Edition
- Release ignore specific revisions in git blame (merge request)
- Tables: Add scroll indicator (merge request)
- Update class for to-do item on hover (merge request)
- Update page headings in the CI/CD analytics pages (merge request)
- Remove feature flag
dependency_scanning_using_sbom_reports (merge request) GitLab Enterprise Edition
- Clean up labels UI (merge request)
- Improve error message for webhook name description (merge request)
- Default enable duo_code_review_claude_3_7_sonnet (merge request) GitLab Enterprise Edition
- Default enable generate_commit_message_claude_3_7 (merge request) GitLab Enterprise Edition
- SPP docs diff scan web requests feature flag (merge request)
- Make snippet list info focusable (merge request)
- Add archived only project filter to project graphQL (merge request)
- Optimize file size check using quarantine dir and add EE-specific check (merge request) GitLab Enterprise Edition
- Remove group_dependency_list_csv_export feature flag (merge request) GitLab Enterprise Edition
- Updating /troubleshoot or RCA AI Feature to pull prompt from AI Gateway (merge request)
- Rollout manual severity overrides feature (merge request) GitLab Enterprise Edition
- Move GLQL SLIs to its new controller (merge request)
- Bump PG default version for CI (merge request)
- Update Sidekiq memory killer docs (merge request)
- Remove
your_work_projects_vue feature flag (merge request)
- Move CI_PAGES_HOSTNAME from build.rb to project.rb (merge request)
- Rename Rack Attack log field: request_method -> method (merge request)
- Add v2 approval rule associations to user and user group (merge request) GitLab Enterprise Edition
- Ingest and display direct dependencies (merge request) GitLab Enterprise Edition
- Add ReplicatorEvents module to seperate event logic from other files by @bymayanksingh (merge request) GitLab Enterprise Edition
- Add tooltip directive to remove snooze (merge request)
- Add policy type property to editors (merge request) GitLab Enterprise Edition
- Mlflow get run to return less metrics data (merge request)
- Block local URLs for external controls on SaaS (merge request) GitLab Enterprise Edition
- Simplify admin_display_duo_addon_settings? method (merge request) GitLab Enterprise Edition
- For autocomplete scoped search options, check greater than or equal (merge request)
- Enable unblock_rules_using_pipeline_execution_policies by default (merge request) GitLab Enterprise Edition
- Update policy_tuning wording to account for pipeline execution policies (merge request) GitLab Enterprise Edition
- Use secure defaults for token storage in TokenAuthenticatable (merge request)
- Update documentation of policy_tuning with pipeline execution policies (merge request)
- Update User Cap settings related error message (merge request) GitLab Enterprise Edition
- Sync FK
fk_rails_507416c33a_p (merge request)
- Add validation for approvals required (merge request) GitLab Enterprise Edition
- Changed regex button colors to design tokem colors (merge request)
- Change text limit for duo workflow event message (merge request)
- Use progress track when importing single relations (merge request)
- Use sentence case for package registry (merge request)
- Rename custom status widget to status widget (merge request)
- Use text.color.link for hover color in issuable sidebar controls (merge request)
- Rename the status widget to the verification status widget (merge request)
- Making existing pipeline colours more vibrant and supporting additional pipeline statuses by @barton.tomas (merge request)
- Display test duration time in 24hr format (merge request)
- Add check to prevent banning paid users (merge request) GitLab Enterprise Edition
- Exclude bot users from dormant removal (merge request) GitLab Enterprise Edition
- System notes: Update icon design tokens (merge request)
- Fix auto-applying labels when creating a child issue (merge request)
- Restrict new pipeline variables (merge request)
- Runner registration page should not be accessible if registered (merge request)
- Add awareness banner for new adhernece report (merge request) GitLab Enterprise Edition
- Raise runner token_encrypted length from 128 to 512 bytes (merge request)
- Update feature name to GitLab Duo Self-Hosted in the UI (merge request) GitLab Enterprise Edition
- Design item: Improve a11y label, contrast and alignment (merge request)
- Remove
reject_security_policy_project_deletion_groups feature flag (merge request) GitLab Enterprise Edition
- Update Compliance Center Breadcrumbs (merge request) GitLab Enterprise Edition
- Allow requesting multiple embeddings from vertex (merge request) GitLab Enterprise Edition
- Delete the
index_todos_on_author_id index (merge request)
- Clean up validate_codeowner_users feature flag (merge request)
- Restrict pipeline schedule variables (merge request)
- Prevent double policy update (merge request) GitLab Enterprise Edition
- Write multiple PEP schedules (merge request) GitLab Enterprise Edition
- Add PG 17 to nightly rspec builds (merge request)
- Remove FF projectComponentFilter (merge request) GitLab Enterprise Edition
- Update seats related notifications (merge request) GitLab Enterprise Edition
- Backfill pipeline execution policy config links (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.124.0 (merge request)
- Skip updated failed zoekt tasks to processing (merge request) GitLab Enterprise Edition
- Add enterprise_user key to allowlist (merge request)
- Re-enable PG16 nightly integration jobs (merge request)
- Show type label for all pipeline types (merge request)
- Update UX for dependency proxy for packages settings (merge request) GitLab Enterprise Edition
- Update Application Secrets developer docs (merge request)
- Wiki notes: Update design tokens used, bugfixes (merge request)
- Add learn more link to Disable PAT for enterprise users docs (merge request) GitLab Enterprise Edition
- Sync FK
fk_rails_494e57ee78_p (merge request)
- Align submit buttons for policy cards (merge request) GitLab Enterprise Edition
- Remove feature flag separate_group_scim_table (merge request)
- Improve development widget error message (merge request)
- Migrate web_ide_extensions_marketplace ff to data (merge request)
- Extends work item shortcut support (merge request)
- Remove
reject_security_policy_project_deletion feature flag (merge request)
- Update icon in nav to use import (merge request)
- Advanced Search user autocomplete scoped to auth namespaces (merge request) GitLab Enterprise Edition
- Execute GitLabDocumentation tool via Agents (merge request) GitLab Enterprise Edition
- Remove id mapping from skip ci (merge request) GitLab Enterprise Edition
- Remove two related Cloud Connector FFs (merge request) GitLab Enterprise Edition
- Introduce new policy for deleting image tags (merge request)
- Replace feature flags for email restrictions with setting (merge request)
- Persist analytics dashboards filter bar selections in the URL (merge request)
- Stop logging Direct Transfer pipeline steps (merge request)
- Migrate restrict_user_defined_variables to
true (merge request)
- Fix Style/FormatString offenses by @JonstonChan (merge request)
- Copying over the rest of the pipeline variables form code (merge request)
- Add scheduling columns to PEP schedules (merge request) GitLab Enterprise Edition
- Shorten text when leaving comment as review (merge request)
- Adjust texts for exclude license packages (merge request) GitLab Enterprise Edition
- Create new Geo verification state table for SnippetRepository (merge request) GitLab Enterprise Edition
- Add ids argument for descendant groups (merge request)
- Fetch details of banned and blocked users (merge request)
- Abstract pipeline_variables_form to its own component (merge request)
- Document Workhorse repository archive cache (merge request)
- Improve dependency export API usability (merge request) GitLab Enterprise Edition
- Clean up auto_assign_duo_seat feature flag (merge request) GitLab Enterprise Edition
- Change strings to use consistant ellipses (merge request)
- Add zoekt setting to control rollout batch size (merge request) GitLab Enterprise Edition
- Added delete oauth connection on Amazon Q disconnect by @protsivd (merge request) GitLab Enterprise Edition
- Deprecate the
force_to_redownload field in Types::Geo::RegistryType by @antonkalmykov (merge request) GitLab Enterprise Edition
- Add bulk dismissed event and subscriber (merge request) GitLab Enterprise Edition
- Save licenses outside of the spdx catalog as custom licenses (merge request) GitLab Enterprise Edition
- Allow use to select a date range of Runner Usage (merge request)
- Allow dashboard panel to reload data with query overrides (merge request)
- Add ai context migration model (merge request) GitLab Enterprise Edition
- Delete dropdown item in label list use danger variant (merge request)
- Use tertiary explore projects button (merge request)
- Update active context Collections table (merge request)
- Update bundler to v2.6.5 (merge request)
- Extract fromYaml method shared method (merge request) GitLab Enterprise Edition
- Change markdown multiline quoting behaviour on already quoted lines by @Bubbis (merge request)
- Update Pod counters to reflect search filter results on environment page by @antonkalmykov (merge request)
- Remove action approvers from helper (merge request) GitLab Enterprise Edition
- Add UI for pipeline variables minimum role project setting (merge request)
- Clarify tooltip message (merge request) GitLab Enterprise Edition
- Avoid writing over the severity override (merge request) GitLab Enterprise Edition
- Improve API error for invalid sub claim component (merge request) GitLab Enterprise Edition
- Cleanup duo_chat_drop_redis_storage feature flag (merge request) GitLab Enterprise Edition
- Log Duo Chat M2000 Error Code (merge request) GitLab Enterprise Edition
- Support custom pipcompile lockfile in DS latest template (merge request) GitLab Enterprise Edition
- Change keyFields for ScanExecution type (merge request) GitLab Enterprise Edition
- Remove work_items_alpha flag from Move button (merge request)
- Add minor UI changes for Severity Override (merge request) GitLab Enterprise Edition
- Move Troubleshoot button inside the sticky footer (merge request)
- Update allow/deny list payload (merge request) GitLab Enterprise Edition
- Remove the
snoozed_todos_sort_order feature flag (merge request)
- Static reachability job process only DS artifacts (merge request)
- Add minimum override role to CI/CD settings mutation (merge request)
- Disable group ascendency validation on Direct Transfer (merge request)
- Redesign the action buttons for manual jobs to improve usability by @shakahwath.hussain (merge request)
- Model registry: Clarify buttons and titles (merge request)
- Update repository limit notifications (merge request) GitLab Enterprise Edition
- Enable
ensure_pipeline_policy_pre_stage_complete by default (merge request) GitLab Enterprise Edition
- Disable remove user button for last owners (merge request)
- Allow Duo Chat to be resizable on self-managed (merge request) GitLab Enterprise Edition
- DB migration to add Milestone widget to Epic work item type (merge request)
- Add zoekt index watermark level update callback (merge request) GitLab Enterprise Edition
- Remove the
pat_ip derisk feature flag (merge request)
- Fix vulnerability autoresolve flaky test (merge request) GitLab Enterprise Edition
- Fix: Enhance error handling for expired relation export keys by @guptapratibha26 (merge request)
- Improve error handling when creating new directory (merge request)
- Add ai active context connection model (merge request) GitLab Enterprise Edition
- Change project export download rate limit (merge request)
- Update Duo Pro usage button to Purchase seats (merge request)
- Show badge for multiple licenses and tooltip for unknown licenses (merge request) GitLab Enterprise Edition
- Add animation to a menu section chevron (merge request)
- Make the Troubleshoot button in the Job Log app sticky (merge request)
- Set new host URL params when initializing Web IDE (merge request)
- Fix Style/FormatString offenses by @JonstonChan (merge request)
- Readd 422 error context to omniauth error page (merge request)
Removed (28 changes)
- Remove all *_tab ff and mark migration as noop (merge request) GitLab Enterprise Edition
- Removal of non Claude 3 Model (merge request) GitLab Enterprise Edition
- BBM for removing orphaned notes (merge request)
- Removed feature flag extended_expiry_webhook_execution_setting (merge request)
- Remove note on commit real-time update on MR (merge request)
- Clean up
blob_repository_vue_header_app flag (merge request)
- Cleanup Claude 3.5 Haiku feature flag (merge request) GitLab Enterprise Edition
- Delete the
zoekt_cache_search_responses feature flag (merge request)
- Remove broken foreign key fk_a2141b1522_p (merge request)
- Remove unused feature flag and partially completed code (merge request)
- Delete increased concurrency indexing ff (merge request)
- Remove redundant code from new pipeline page (merge request)
- Remove unused feature flag (merge request)
- Remove confidence columns from vulnerabilities (merge request)
- Delete the
zoekt_reallocation_task feature flag (merge request)
- Delete the
zoekt_scheduling_worker feature flag (merge request)
- Delete the
zoekt_replica_state_updates feature flag (merge request)
- Removing use_typhoeus_elasticsearch_adapter flag (merge request) GitLab Enterprise Edition
- Delete the
zoekt_random_force_reindexing feature flag (merge request)
- Delete the
zoekt_internal_api_register_nodes feature flag (merge request)
- Drop geo_event_log.repositories_changed_event_id column (merge request)
- Remove DB table system hooks and NoStiSystemHooks model (merge request)
- Delete the
pipeline_stage_set_last_modified feature flag (merge request)
- Remove yaml format feature flag (merge request) GitLab Enterprise Edition
- Remove ignored AI application settings columns by @crenz (merge request)
- Remove fetch-arkose-data-exchange-payload feature flag (merge request)
- Remove custom_ability_read_admin_users feature flag (merge request) GitLab Enterprise Edition
- Remove pass_add_on_name_for_trial_requests feature flag (merge request)
Security (18 changes)
- Fix ruby-saml gemspec
- Mask unencoded userinfo in project mirror errors
- approval_rules name is unbounded
- Vendor GraphQL gem
- Ruby-SAML updates
- Limit preview size
- Prevent custom role to activate group members
- Filter out internal notes if the recipient do not have access
- Maintainer can inject shell code in Google integration configurations that...
- Revert "Merge branch 'security-private-artifacts-jobs-api' into 'master'"
- Bump KAS version
- Use stricter CSP values in the packages dependency proxy
- Escape work item dropdown items and restrict HTML tags
- Fix access to read code review analytics in private projects
- Increase minimum role in SPP to read policy yaml
- Check user access for artifacts in Jobs API endpoint
- Resolve "Enterprise User with disabled PATs can still use PATs" (merge request) GitLab Enterprise Edition
- Resolve "Enterprise User with disabled PATs can still create PATs" (merge request) GitLab Enterprise Edition
Performance (12 changes)
- Improve User#verified_emails when emails are preloaded (merge request)
- Set the patch_id outside of the DB TXN (merge request)
- Fix backend filtering in RTE autocomplete (merge request)
- Model: Improve performance of with_version_count scope (merge request)
- Update the authentication codeowners yml & script (merge request)
- Improve query performance for all_projects_pages_domains query (merge request) GitLab Enterprise Edition
- Enable ci_merge_request_variables_preload and remove the FF (merge request)
- Prevent N+1 queries when fetching issue references (merge request)
- Optimize build.execute_hooks when creating pipeline (merge request)
- Validate p_ci_pipeline_variables#project_id constraint (merge request)
- Deliver reassignment mails later (merge request)
- Enable bitbucket_import_resumable_worker flag (merge request)
Other (194 changes)
- Add NOT NULL on ml_candidate_metrics.project_id (merge request)
- Add NOT NULL on ml_candidate_params.project_id (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add and backfill project_id for merge_request_context_commit_diff_files (merge request)
- Add compliance control status transition events and metrics (merge request) GitLab Enterprise Edition
- Add NOT NULL on ci_build_trace_chunks.project_id (merge request)
- Documenting Cells configuration for OmniBus and Helm Charts (merge request)
- Improve documentation access token API (merge request)
- Regenerate RuboCop TODO files (merge request)
- Model registry: Simplify table mechanism (merge request)
- Add and backfill project_id for packages_nuget_dependency_link_metadata (merge request)
- Add NOT NULL for sharding key on packages_package_files (merge request)
- Add NOT NULL for sharding key on incident_management_oncall_rotations (merge request)
- Sync translations from crowdin (2025-03-14) (merge request)
- Add sequence to partitioned runner tables (merge request)
- Remove Gitlab::Redis::ClusterSessions post migration (merge request)
- Add NOT NULL on ci_builds_runner_session.project_id (merge request)
- Add NOT NULL constraint on ci_unit_test_failures.project_id (merge request)
- Add NOT NULL constraint on packages_dependency_links.project_id (merge request)
- Migrate HTTP instance audit event destinations (merge request) GitLab Enterprise Edition
- Skip saving pipeline config when using inputs (merge request)
- Add & backfill sharding keys for snippet_user_mentions (merge request)
- Add & backfill sharding keys for snippet_statistics (merge request)
- Add & backfill sharding keys for snippet_repositories (merge request)
- No-op 20250307080100 migration and retry in 20250307080101 (merge request)
- Add ProjectsWithComplianceFrameworks metric (merge request) GitLab Enterprise Edition
- Add compliance requirement metrics for controls and policies (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-03-13) (merge request)
- Remove Gitlab::Sessions::RedisStore as session store (merge request)
- Remove update_merge_request_worker_sticky feature flag (merge request)
- test: Add missing feature categories for tests related to system access by @gerardo-navarro (merge request) GitLab Enterprise Edition
- Sync translations from crowdin (2025-03-12) (merge request)
- Finalize migration BackfillMembersRequestAcceptedAt (merge request)
- Add internal event tracking to placeholder reassignment (merge request)
- Enable reassignment throttling feature (merge request)
- Replace ci_runner_machines with partitioned table (merge request)
- Finalize migration BackfillMilestoneReleasesProjectId (merge request)
- Remove redundant validate in BulkImport::Entity by @n.h.long.9697 (merge request)
- Improving Cells validation message (merge request)
- Finalize migration BackfillIncidentManagementEscalationRulesProjectId (merge request)
- Add and backfill project_id for deployment_merge_requests (merge request)
- Add and backfill wiki_page_slugs for namespace_id (merge request)
- Remove Gitlab::Redis::ClusterSessions post migration (merge request)
- Finalize BackfillIncMgmtTimelineEventTagLinksProjectId (merge request)
- Finalize migration RerunEpicDatesToWorkItemDatesSourcesSync (merge request)
- Remove bulk_create_scan_result_policies Feature Flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Populate redirect_routes.namespace_id on save (merge request)
- Add FK constraint and index on merge_request_user_mentions.project_id (merge request)
- Fix merged MRs that reverted to "closed" state (merge request)
- Remove existing users from onboarding if they have group saml (merge request)
- Fix Style/SendWithLiteralMethodName offenses by @albertoroldanq (merge request) GitLab Enterprise Edition
- Remove the
mr_approvers_filter_hidden_users feature flag (merge request)
- Add and backfill project_id for approval_merge_request_rules_approved_ap (merge request)
- Replace ci_runners with partitioned table (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill project_id for approval_merge_request_rules_users (merge request)
- refactor: Add oauth_login_counter before request phase middleware by @gerardo-navarro (merge request)
- Finalize migration BackfillCiSecureFileStatesProjectId (merge request)
- Finalize migration BackfillIncidentManagementOncallRotationsProjectId (merge request)
- Finalize migration BackfillDastSiteProfilesBuildsProjectId (merge request)
- Finalize migration to backfill namespace_id in policy rule schedules (merge request)
- Finalize BackfillApprovalProjectRulesProtectedBranchesProjectId (merge request)
- Add CountFrameworksWithRequirementsMetric (merge request) GitLab Enterprise Edition
- Add and backfill project_id for packages_debian_project_component_files (merge request)
- Rename remote development namespace cluster agent mapping table (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint on packages_debian_project_components.project_id (merge request)
- Cleans up authentication_logs_migration_for_allowlist feature flag (merge request)
- Create ClickHouse table to store group traversal namespaces paths (merge request)
- Add namespace_id column to redirect_routes (merge request)
- Add performance bar to GraphQL explorer (merge request)
- Validate not null constraint on projects.project_namespace_id column (merge request)
- Refactor Cells configuration (merge request)
- Add and backfill namespace_id for incident_management_pending_issue_esca (merge request)
- Remove shared_namespace_locks feature flag (merge request)
- Use occurrence id to fetch dependency graph (merge request) GitLab Enterprise Edition
- Finalize migration BackfillCiBuildTraceMetadataProjectId (merge request)
- Backfill onboarding_status_setup_for_company from user_preferences (merge request)
- Add approval_policy_rule_id to scan_result_policies (merge request) GitLab Enterprise Edition
- Remove broken FK between builds and pipelines (merge request)
- Move Import file removal to a cron job (merge request)
- Remove ci_runner_manager_runtime_features feature flag (merge request)
- Finalize BackfillSecurityOrchestrationPolicyRuleSchedulesProjectId (merge request)
- Finalize Batched Background Migration (merge request)
- Remove groups/discovers_helper.rb (merge request) GitLab Enterprise Edition
- Reindex work items to index notes data (merge request) GitLab Enterprise Edition
- Replace ci_runners with partitioned table (merge request)
- Add and ensure presence of resource_mileston_events.namespace_id (merge request)
- Add ability to manage experimental features for security policies (merge request)
- Add index on approvals.project_id (merge request)
- Add NOT NULL on ci_pipeline_schedule_variables.project_id (merge request)
- Add and backfill project_id for push_event_payloads (merge request)
- Finalize protected_environment_deploy_access_levels backfill (merge request)
- Validate NOT NULL on approval_merge_request_rules sharding key (merge request)
- Add and backfill project_id for scan_result_policies (merge request)
- Minor improvements to the performance bar (merge request)
- Finalize migration BackfillProtectedTagCreateAccessLevelsProjectId (merge request)
- Remove dead code around recaptcha_on_top_level_group_creation feature (merge request)
- Finalize migration BackfillMlCandidateParamsProjectId (merge request)
- Finalize migration MakeSecurityPolicyBotsPrivate (merge request)
- Finalize protected_environment_deploy_access_levels backfill (merge request)
- Move Import file removal to a cron job (merge request)
- Finalize migration BackfillReservedStorageBytes (merge request)
- Store project namespace traversal paths on ClickHouse (merge request)
- Introduce
Vulnerabilities::ArchiveExport model (merge request)
- Reindex Elasticsearch merge request to update integer with long type (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch user index to update integer with long type (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch note index to update integer with long type (merge request) GitLab Enterprise Edition
- Finalize "generate commit message" migration to AI Gateway (merge request)
- Finalize migration BackfillCiBuildsRunnerSessionProjectId (merge request)
- Finalize migration BackfillMlCandidateMetricsProjectId (merge request)
- Finalize migration BackfillVulnerabilityOccurrenceIdentifiersProjectId (merge request)
- fix(rubocop): Fix Performance/MapCompact offenses in app/models/ci by @thelooter (merge request)
- Remove kubernetes_agent_protected_branches feature flag (merge request)
- Remove feature flag pat_organization_filter (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillEpicIssuesNamespaceId (merge request)
- Finalize migration FixNamespaceIdForWorkItemParentLinks (merge request)
- Fix any bad sharding_key_id values on project runners (merge request)
- Update work_item_type_custom_fields FK (merge request)
- Fix Style/SymbolProc offenses by @barton.tomas (merge request)
- Introduce data retention guidelines (merge request)
- Add NOT NULL on vulnerability_state_transitions.project_id (merge request)
- Finalize migration BackfillErrorTrackingErrorEventsProjectId (merge request)
- Save runner runtime features to runner manager (merge request)
- Validate NOT NULL constraint on packages_build_infos.project_id (merge request)
- Validate NOT NULL constraint on merge_request_reviewers.project_id (merge request)
- Add NOT NULL constraint on evidences.project_id (merge request)
- Add NOT NULL constraint on packages_maven_metadata.project_id (merge request)
- Add and backfill namespace_id for issue_assignees (merge request)
- Finalize migration BackfillCiPipelineScheduleVariablesProjectId (merge request)
- Remove correct_work_item_type_id from work item index (merge request) GitLab Enterprise Edition
- Replace client lib with pure HTTP implementation (merge request)
- Add new Elastic commit indexer worker (merge request) GitLab Enterprise Edition
- Enable virtual_registry_maven_cleanup_new_worker_class by default (merge request)
- Remove security widget findings FF (merge request) GitLab Enterprise Edition
- Remove show_diff_if_head_sha_commit_is_missing flag (merge request)
- Creates event trigger to alter range of new sequences (merge request)
- Add the new state deleted in Zoekt::Repository model (merge request) GitLab Enterprise Edition
- Remove
global_file_size_check feature flag (merge request)
- Remove reference to taggings table in deduplicate_tags rake task (merge request)
- Regenerate RuboCop TODO files (merge request)
- Cleanup security_policy_custom_roles feature flag (merge request) GitLab Enterprise Edition
- Finalize migration BackfillMergeRequestUserMentionsProjectId (merge request)
- Validate NOT NULL on merge_request_blocks sharding key (merge request)
- Remove feature flag
policies_always_override_project_ci (merge request) GitLab Enterprise Edition
- Finalize Batched Background Migration (merge request)
- Finalize migration BackfillEvidencesProjectId (merge request)
- Finalize migration BackfillCiBuildTraceChunksProjectId (merge request)
- Finalize migration BackfillCiBuildPendingStatesProjectId (merge request)
- Add tables/model for targeted messages (merge request)
- Remove ai_commit_reader_for_chat flag (merge request) GitLab Enterprise Edition
- Add and backfill group_id for packages_debian_group_component_files (merge request)
- Add and backfill project_id for project_relation_export_uploads (merge request)
- Add NOT NULL constraint on packages_debian_group_components.group_id (merge request)
- Release vulnerability report identifier filter for group level (merge request) GitLab Enterprise Edition
- Finalize migration FixSyncedEpicWorkItemParentLinks (merge request)
- Validate NOT NULL on project_relation_exports sharding key (merge request)
- Quarantine a flaky test (merge request)
- Validate NOT NULL on draft_notes sharding key (merge request)
- Finalize migration AlterWebhookDeletedAuditEvent (merge request)
- Finalize migration BackfillCiResourcesProjectId (merge request)
- Refactor approvals widget (merge request) GitLab Enterprise Edition
- Remove Elasticsearch settings from application settings (merge request)
- Remove unused ClickHouse table ci_failed_pipelines_counts_by_namespace (merge request)
- Validate NOT NULL on status_check_responses sharding key (merge request)
- Validate NOT NULL on vulnerability_finding_links sharding key (merge request)
- Finalize migration NullifyBuildsAutoCanceledById (merge request)
- Finalize migration BackfillCiTriggerRequestsProjectId (merge request)
- Finalize migration DeleteOrphanedPipelineVariableRecords (merge request)
- Finalize migration BackfillCiBuildNeedsProjectId (merge request)
- Reindex work items for type id alignment (merge request) GitLab Enterprise Edition
- Finalize migration BackfillCiUnitTestFailuresProjectId (merge request)
- Finalize migration BackfillPackagesPackageFilesProjectId (merge request)
- Finalize migration BackfillVulnerabilityStateTransitionsProjectId (merge request)
- Remove ElasticIndexingControlWorker job instances (merge request)
- Change routes.namespace_id from LFK to regular foreign key (merge request)
- Finalize migration BackfillVulnerabilityExternalIssueLinksProjectId (merge request)
- Remove concurrency_limit_process_commit_worker feature flag (merge request)
- Add NOT NULL constraint on merge_request_reviewers.project_id (merge request)
- Use the pipeline creation meta data rather than project.ci? (merge request)
- Validate NOT NULL on merge_request_assignees sharding key (merge request)
- Quarantine a flaky test (merge request)
- Update maven virtual registry cache entries table (merge request)
- Re-enqueue LimitNamespaceVisibilityByOrganizationVisibility migration (merge request)
- Add NOT NULL constraint on merge_requests_closing_issues.project_id (merge request)
- Finalize migration BackfillPackagesMavenMetadataProjectId (merge request)
- Add NOT NULL constraint on vulnerability_merge_request_links.project_id (merge request)
- Add NOT NULL constraint on vulnerability_issue_links.project_id (merge request)
- Validate NOT NULL on epic_user_mentions sharding key (merge request)
- Validate NOT NULL on issue_links sharding key (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
17.9.8 (2025-05-07)
Fixed (2 changes)
Security (3 changes)
- Improve Octokit::ResponseValidation middleware and add rate limits (merge request)
- Remove id attribute from OAuth form (merge request)
- Use IssuePolicy for #issues_readable_by_user (merge request)
17.9.7 (2025-04-22)
Security (4 changes)
- Add SecureHeaders middleware with the Nel header (merge request)
- Restrict forwarded headers in Maven dependency proxy (merge request)
- Security unauthorized access to reading branch names (merge request)
- Simplify detecting paragraphs for quick actions (merge request)
Other (2 changes)
- Clean up BackfillCiRunnerMachinesPartitionedTable migration
- No-op FinalizeBackfillCiRunnerMachinesPartitionedTable migration
17.9.6 (2025-04-09)
Security (6 changes)
- Bump workhorse golang-jwt/jwt to 5.2.2 (merge request)
- Global search count leak for confidential issues (merge request)
- Set the IP address state for Action Cable requests (merge request)
- Adding validation for Ci::Pipeline (merge request)
- Add delay to when pointer events are enabled for 0Auth authorize page (merge request)
- Do not enable pprof by default in Workhorse (merge request)
17.9.5 (2025-04-02)
No changes.
17.9.4 (2025-04-01)
Fixed (1 change)
Other (1 change)
17.9.3 (2025-03-26)
Fixed (2 changes)
Security (7 changes)
- Sync organization user access when admin status changes (merge request)
- Prevent XSS via merge error on the merge request page (merge request)
- Inherit current_user external status while rotating project/group token (merge request)
- Add validations for the project_name of Harbor integration (merge request)
- Sanitize returned input on asciidoc Timeout (merge request)
- Add CI/CD project setting
allow_composite_identities_to_run_pipelines (merge request)
- Add limit to resource counts in tfplan merge request report (merge request)
17.9.2 (2025-03-11)
Fixed (3 changes)
- Fix the pipe search for zoekt exact search mode (merge request)
- Prevent deletion of project_bot users with non-expiring access tokens
- Use correct project when fetching managed resources templates
Security (8 changes)
- Vendor GraphQL gem (merge request)
- Ruby-SAML updates (merge request)
- Prevent custom role to activate group members (merge request)
- approval_rules name is unbounded (merge request)
- Limit preview size (merge request)
- Maintainer can inject shell code in Google integration configurations that... (merge request)
- Filter out internal notes if the recipient do not have access (merge request)
- Mask unencoded userinfo in project mirror errors (merge request)
17.9.1 (2025-02-26)
Fixed (1 change)
- Fix instance level dashboard by default severity override GitLab Enterprise Edition
Security (4 changes)
- Increase minimum role in SPP to read policy yaml (merge request)
- Fix access to read code review analytics in private projects (merge request)
- Escape work item dropdown items and restrict HTML tags (merge request)
- Use stricter CSP values in the packages dependency proxy (merge request)
17.9.0 (2025-02-19)
Added (202 changes)
- Add GraphQL API for visualizing dedicated hosted runner compute usage (merge request) GitLab Enterprise Edition
- Adds the
experiment status for analytics dashboards (merge request) GitLab Enterprise Edition
- Allow adding comments on Wiki pages (merge request)
- Add integrity verification for remote CI includes (merge request)
- Set default_enabled to true for feature flag (merge request) GitLab Enterprise Edition
- Set
default_enabled to true for the feature flag (merge request) GitLab Enterprise Edition
- Remove maven_extract_package_model feature flag (merge request)
- ActiveContext add preprocessors for references (merge request)
- Add worker to unassign security bot (merge request) GitLab Enterprise Edition
- Introduce project.vulnerabilityArchives GraphQL field (merge request) GitLab Enterprise Edition
- ActiveContext postgres indexer (merge request)
- Add support for created_at on work_items create API (merge request)
- Add
Shared groups tab to group overview (merge request)
- Model registry: Support loading runs (merge request)
- Add API endpoints for group level integrations (merge request)
- Admin Token API: Revoke Feature Flags Client token by @nwittstruck (merge request)
- Update flag for duo chat include file context (merge request) GitLab Enterprise Edition
- Add pipeline analytics for groups on GraphQL (merge request)
- Add organization and job title to user synced attributes (merge request)
- Query evaluator for expression control (merge request) GitLab Enterprise Edition
- Add vulnerability_severity_overrides table (merge request) GitLab Enterprise Edition
- Display dropdown text explainer on component token (merge request) GitLab Enterprise Edition
- feat: Protected packages: Maven package push protection by @gerardo-navarro (merge request)
- Show message when approaching Pages deployments limit (merge request) GitLab Enterprise Edition
- Add error tracking widget to work items (merge request)
- Added resources widget (merge request)
- Expose sign_in_restrictions from ApplicationSettings API (merge request)
- Add thread ID to AI completion response (merge request) GitLab Enterprise Edition
- Add enforce_email_subaddress_restrictions application setting (merge request)
- Add support for severity overrides in pipeline security finding type (merge request) GitLab Enterprise Edition
- Add inject_policy_ci as default pipeline execution config strategy (merge request) GitLab Enterprise Edition
- Add service class to trigger external control (merge request) GitLab Enterprise Edition
- Implement revisions/:recipe_revision/:file_name endpoint by @oceane_scania (merge request)
- Add
MALFORMED_ENTRY_OWNER error for CODEOWNERS (merge request) GitLab Enterprise Edition
- Reschedule backfill of vulnerabilities.detected_at (merge request)
- Add UI for subscribed filter by @Taucher2003 (merge request)
- Promote runs in standalone experiments to a model version (merge request)
- Add an option to specify language for file icon (merge request)
- Added ability to manage compliance frameworks at project level (merge request) GitLab Enterprise Edition
- Add swift to package_metadata_purl_types (merge request)
- Pipeline mini graph downstream jobs (merge request)
- Expose lastDuoActivityOn user field in GraphQL (merge request) GitLab Enterprise Edition
- Load SoftwareLicenses names from catalogue (merge request) GitLab Enterprise Edition
- Add rebase button to MR widget if available (merge request)
- Adds root redirect feature (merge request)
- Add updatedAt ExperimentType graphql type (merge request)
- Document how to use Azure workload and managed identities (merge request)
- Add missing json fields to WorkspacesAgentConfigType (merge request) GitLab Enterprise Edition
- Add scim_group_uid to saml_group_links (merge request)
- Add vulnerability_severity_overrides table (merge request) GitLab Enterprise Edition
- Add model-level default for Vulnerability#detected_at (merge request) GitLab Enterprise Edition
- Browser history added by @nraj0408 (merge request)
- Extend GraphQL dependency type (merge request) GitLab Enterprise Edition
- Add the model record id to a replicable item in the Geo replicables list by @antonkalmykov (merge request) GitLab Enterprise Edition
- Update Create Page with Default Devfile (merge request) GitLab Enterprise Edition
- Remove oauth2_device_grant_flow FF (merge request)
- Add group-level pages access control setting (merge request)
- Add service class to trigger external control (merge request) GitLab Enterprise Edition
- Remove async dependency export feature flags (merge request) GitLab Enterprise Edition
- This commit adds support to delete Duo Chat threads through GraphQL (merge request) GitLab Enterprise Edition
- Admin Token API: Identify Incoming Email Tokens by @nwittstruck (merge request)
- Add new sort option placeholders (merge request)
- Add clusters_managed_resources table (merge request)
- Add support for unassigning user from an admin custom role in GraohQL (merge request)
- Remove the check_ip_address_for_email_verification FF (merge request)
- Introduce CloudConnector::Keys model (merge request) GitLab Enterprise Edition
- Add parameter to toggle if email is sent on export completion (merge request)
- Add streaming to new audit event models (merge request) GitLab Enterprise Edition
- Exempt specific files from Codeowners rules (merge request) GitLab Enterprise Edition
- Add popover support on milestone in WI Sidebar (merge request)
- Audit authorizing an OAuth application (merge request)
- Allow read_admin_monitoring access to audit_logs (merge request) GitLab Enterprise Edition
- Markdown: Select text and paste URL to create link by @ajuckel (merge request)
- Prompt user to enter missing access token (merge request)
- Adding correlation_id attribute to duo workflow message event api (merge request) GitLab Enterprise Edition
- Feat(Blob): Add PlantUML render support for Blob Viewer by @schurzi (merge request)
- Add ability to snooze to-dos until a custom time (merge request)
- Add queue_namespace as an attribute for Sidekiq routing rules (merge request)
- Enforce NOT NULL constraint on vulnerabilities.detected_at (merge request)
- Admin Token API: Revoke Runner authentication token by @nwittstruck (merge request)
- Add indexes to web_hook_logs_daily (merge request)
- Add
read_admin_users permission (merge request) GitLab Enterprise Edition
- Introduce archival related entities (merge request)
- Add a new 'Index version' to the elastic info rake task (merge request) GitLab Enterprise Edition
- Add license check to the fields allowedParentTypes and allowedChildTypes (merge request) GitLab Enterprise Edition
- Resolve MR issue with new work item (merge request)
- ActiveContext OpenSearch indexer (merge request) GitLab Enterprise Edition
- Extend dashboard date range filter configuration (merge request) GitLab Enterprise Edition
- Remove microsoft_azure_group_sync FF (merge request)
- Add
project_design_management_routes_view database view (merge request)
- Add
project_routes_view database view (merge request)
- Add “Added from log” icon in job token allowlist UI (merge request)
- Add ActiveContext reference class (merge request) GitLab Enterprise Edition
- Introduce a NamespaceSettingsUpdate mutation (merge request)
- Enable ability to view IP addresses in access tokens (merge request)
- Create work_item_user_preferences table (merge request)
- GraphQL: Populate
timeSeries.count field in AnalyticsType (merge request)
- Prevent unnecessary processing of AutoDevops with overriding PEP (merge request)
- Allow SSH keys to be filtered by created at and expires at (merge request)
- Added severity override support in MR security widget (merge request) GitLab Enterprise Edition
- Admin Token API: Identify GitLab sessions by @nwittstruck (merge request)
- Add Security Risk Management feature categories (merge request)
- Add external_url to compliance_requirements_control (merge request) GitLab Enterprise Edition
- Admin Token API: Add support for revocation of Cluster Agent Tokens by @nwittstruck (merge request)
- GraphQL: Add
timeSeries.durationStatistics field to AnalyticsType (merge request)
- Update GitLab Pages version (merge request)
- Add Amazon Q role arn validation by @protsivd (merge request)
- Add read_admin_monitoring permission (merge request) GitLab Enterprise Edition
- Add security findings severity override mutation (merge request) GitLab Enterprise Edition
- Add anti_abuse_settings column to application_settings table (merge request)
- Prioritize vulnerability severity when resolving security findings (merge request) GitLab Enterprise Edition
- Backfill web_hook_logs_daily (merge request)
- Enable Vulnerability Change Status modal by default (merge request) GitLab Enterprise Edition
- Add more details for zoekt performance bar in multimatch (merge request) GitLab Enterprise Edition
- Release SAML Groups Duo Add On Assignment (merge request) GitLab Enterprise Edition
- ActiveContext indexer for elasticsearch (merge request) GitLab Enterprise Edition
- Add AI impact visualizations to the analytics dashboard designer (merge request) GitLab Enterprise Edition
- Add GraphQL fields for pipeline creation status (merge request)
- Allow to configure LFS link batch size via environment variable (merge request)
- Crud HAML component: Adds collapsible feature (merge request)
- Adding GraphQL mutations to trigger Allowlist Autopopulation processes (merge request)
- Added update mutation for compliance requirement controls (merge request) GitLab Enterprise Edition
- Block Seat Overage for SM (merge request) GitLab Enterprise Edition
- Introduce endpoint to discover cert-based clusters (merge request)
- Add clusters_managed_resources table (merge request)
- Remove composite identity FF (merge request)
- Admin Token API: Identify Feature Flags client token by @nwittstruck (merge request)
- Add
raw_diff endpoint to merge request API (merge request)
- Adds not-null migration for ComplianceViolation on target_project (merge request) GitLab Enterprise Edition
- Add diff_lines endpoint to blobs controller (merge request)
- Throw error when incorrect scope is used in auditor (merge request) GitLab Enterprise Edition
- Add self_rotate scope for access token self rotate endpoint by @ajuckel (merge request)
- Backfill archived and traversal_ids for vulnerability_statistics (merge request)
- Add manage protected tags custom permission (merge request) GitLab Enterprise Edition
- ActiveContext processes refs from queues via cron worker (merge request) GitLab Enterprise Edition
- Add cloud_connector_keys ApplicationSetting (merge request) GitLab Enterprise Edition
- Create AiUserMetrics table and model (merge request) GitLab Enterprise Edition
- Expose linkType in field linkedWorkItems (merge request)
- Use security_findings for security mr widget (merge request) GitLab Enterprise Edition
- Add protection rules to TagType (merge request)
- Schedule web_hook_logs_daily indexes (merge request)
- Add skip ci configuration (merge request) GitLab Enterprise Edition
- Changes to support group level report for severities count api (merge request) GitLab Enterprise Edition
- Support expires_at param for group service account PAT rotation API (merge request)
- Add skip ci configuration to a policy drawer (merge request) GitLab Enterprise Edition
- Add instance setting to restrict private user profiles (merge request) GitLab Enterprise Edition
- Add migration to enable read_compliance_dashboard in member roles (merge request)
- Improve throttling during user record reassignment (merge request)
- List threads GraphQL API (merge request) GitLab Enterprise Edition
- Add Duo Chat usage rate to AI analytics dashboard metric table (merge request) GitLab Enterprise Edition
- Add worker architecture for scheduled PEP (merge request)
- Fix documentation for confidential incidents visibility (merge request)
- Introduce codeSuggestionsContexts for CurrentUser (merge request) GitLab Enterprise Edition
- GraphQL: add TagDelete mutation (merge request)
- Remove the
todos_snoozing feature flag (merge request)
- Use helper to update stream destinations from legacy API (merge request) GitLab Enterprise Edition
- Expose cvss v3 in vulnerability details page (merge request) GitLab Enterprise Edition
- Add "PATCH /groups/:id/enterprise_users/:user_id/disable_two_factor" API endpoint (merge request) GitLab Enterprise Edition
- Support thread id in AiAction GraphQL mutation (merge request) GitLab Enterprise Edition
- Define sharding key for events (merge request)
- Delete paired audit event destinations (merge request) GitLab Enterprise Edition
- Add project topics to CI/CD Catalog (merge request)
- Add Ci/CD job token policies static analysis (merge request)
- Adding mutation for creating compliance controls (merge request) GitLab Enterprise Edition
- Add AiDuoChatEvent model (merge request) GitLab Enterprise Edition
- Defined event and metrics (merge request) GitLab Enterprise Edition
- Add last_approved_at event to VSA (merge request)
- Surface user.type to frontend (merge request)
- Improve UX of registering a GitLab agent (merge request)
- Release DAST UI additional varibles feature (merge request) GitLab Enterprise Edition
- Introduce write_virtual_registry scope (merge request)
- Add metrics for sep scheduled scans using time_window (merge request) GitLab Enterprise Edition
- Add ability to add related item for work items (merge request)
- Let ActiveContext add references to a queue (merge request) GitLab Enterprise Edition
- Update vulnerability_statistic.archived when project is archived (merge request) GitLab Enterprise Edition
- Prepare not-null for ci_pipeline_messages.project_id (merge request)
- Implement filtered search UI for credentials (merge request)
- Add Code Suggestions acceptance rate to AI usage metrics table (merge request) GitLab Enterprise Edition
- Persist licenses column to support component filtering (merge request) GitLab Enterprise Edition
- Add feature flag for anthropic prompt caching (merge request) GitLab Enterprise Edition
- Update Report class to return new dependencies for licenses (merge request) GitLab Enterprise Edition
- Admin Token API: Identify CI/CD Job Tokens by @nwittstruck (merge request)
- Extend selective sync scope to the primary checksumming (merge request) GitLab Enterprise Edition
- Add uri validation for licenses purl (merge request) GitLab Enterprise Edition
- Add
expires_at column to vulnerability_exports (merge request)
- Add
expires_at column to dependency_list_exports (merge request)
- Add elastic client to active context gem (merge request) GitLab Enterprise Edition
- GitLab storybook add missing features (merge request)
- Allow gem to register queues (merge request) GitLab Enterprise Edition
- Allow users to configure skip_ci behavior for scan execution policy (merge request) GitLab Enterprise Edition
- Add "GET /groups/:id/enterprise_users/:user_id" API endpoint (merge request) GitLab Enterprise Edition
- Remove Epics scope and replace it with work_item type epic (merge request) GitLab Enterprise Edition
- Add vulnerability_severity_overrides table (merge request) GitLab Enterprise Edition
- Defined event and metrics (merge request) GitLab Enterprise Edition
- Add traversal_ids to vulnerability_statistics (merge request)
- Add helper method to update legacy destination from stream destination (merge request) GitLab Enterprise Edition
- Model Registry: Add ability to get Model Version by alias (merge request)
- Fetch latest pipeline if no arguments are passed (merge request)
- Add /create_merge_request quickaction to work items (merge request)
- Add reports identification (merge request)
- Run dependency scanning on uv.lock detection (merge request)
- Release group credentials inventory feature (merge request)
Fixed (242 changes)
- Hide Edit button for work item metadata for Guest users (merge request)
- Update net-imap gem (merge request)
- Fix runner owner if necessary when runner assigned to a project (merge request)
- Fix vulnerability severify badge rendering (merge request) GitLab Enterprise Edition
- Fix incident layout when new issue look is turned on (merge request)
- Fix returning cached severity value after severity override (merge request) GitLab Enterprise Edition
- Backfill default pages deployment limit (merge request)
- Upgrade net-http-persistent gem to 4.0.2 to fix connection pool issues (merge request)
- Fix: Removing all domains does not reset primary domain (merge request)
- Add default value to plan deployment limits (merge request)
- Render files based on the correct file sizes (merge request)
- Fix incorrect branch access check (merge request)
- Fixed UX flow when when author filter dropdown opens (merge request)
- Update getBlobSearchCountQuery variables (merge request) GitLab Enterprise Edition
- It is not necessary to set FK when moving issue under new parent (merge request) GitLab Enterprise Edition
- Enforce SEP jobs when
pipeline_source is a string (merge request) GitLab Enterprise Edition
- Fix Ci::RunnerTagging sharding_key_id validation (merge request)
- Fix overflow issues on snippets page (merge request)
- Fix work item issues webhook event type and object kind (merge request)
- Add custom role preloader to projects resolver (merge request) GitLab Enterprise Edition
- Fix CRM issue filters when contacts not sourced from root group (merge request)
- Add content_disposition to export downloads (merge request) GitLab Enterprise Edition
- Strip trailing newline from rendered Kroki and PlantUML diagram source by @puxlit (merge request)
- Width correction (merge request)
- Remove
repo if agent project is null (merge request)
- Change Security Finding to reference project from scan (merge request) GitLab Enterprise Edition
- Fix overlap with description (merge request)
- Ensure issues has fixed dates (merge request)
- Make
any_merge_request rules respect branch_exceptions (merge request) GitLab Enterprise Edition
- Fix member guidelines resulting in overflow in group member view by @nwittstruck (merge request)
- Increase query limiting threshold (merge request)
- Update stop environment API to use different policy (merge request)
- Clean up remote_mirror_retry_with_delay feature flag (merge request)
- Fix linking of policy to the project (merge request) GitLab Enterprise Edition
- Zoekt cache should invalidate if multi match chunk size changes (merge request) GitLab Enterprise Edition
- Fix broken vulnerability management save functionality (merge request) GitLab Enterprise Edition
- Determine file id from hash by @crenz (merge request)
- Nav eval > Enable filters button (merge request)
- Handle invalid repository names gracefully (merge request)
- Add group-level validation for audit events feature flag (merge request) GitLab Enterprise Edition
- Dismiss alert upon toggling labels in Tasks by type chart in VSA (merge request) GitLab Enterprise Edition
- Support merge request variables in pipeline execution policies (merge request) GitLab Enterprise Edition
- Fix link rendering in GitHub integration (merge request) GitLab Enterprise Edition
- Fix AddOnPurchase API override trial attribute bug when deprovision (merge request) GitLab Enterprise Edition
- Prevent Direct Transfer from re-enqueueing timed-out pipelines (merge request)
- Fix getExperiments Graphql Query (merge request)
- Use common insertText in dropzone_input to preserve browser undo by @Bubbis (merge request)
- Fix: add name prop to instances of devops_adoption_table_cell_flag.vue (merge request)
- Do not list pending migrations if search service unreachable (merge request) GitLab Enterprise Edition
- Do not allow assigning non-admin custom roles directly to users (merge request)
- Display download message conditionally (merge request)
- Fix issue work item spacing issue related to gutter classes (merge request)
- Update policy for stop environment REST API (merge request)
- Fix console error during filter search (merge request) GitLab Enterprise Edition
- Fix remote response broadcast messages with target path (merge request)
- Ensure correct header is present for work item detail (merge request)
- Fix bug of missing groups in JobTokenAllowlist (merge request)
- Display the correct Direct Connections value in Duo admin page (merge request) GitLab Enterprise Edition
- Add conditional operation for system note (merge request)
- Exclude file upload trigger from closing drawer (merge request)
- Send additional params to getBlobSearchCountQuery (merge request) GitLab Enterprise Edition
- Ignore database policies check for enforcing SEP (merge request) GitLab Enterprise Edition
- Fix scrolling to clipped file browser items (merge request)
- Fix dependency proxy with some object storage providers (merge request)
- Fix button name (merge request)
- Return false for pending_migrations? if indexing disabled (merge request) GitLab Enterprise Edition
- Add aria-label to delete project modal (merge request)
- Capture enter & tab in related MR field (merge request) GitLab Enterprise Edition
- Update topics path for badges (merge request)
- Add gitRef support for workspaces (merge request) GitLab Enterprise Edition
- Fix compare branches from the fork (merge request)
- Add ids to a policy actions and rules (merge request) GitLab Enterprise Edition
- Persist payload attributes of code suggestion events (merge request) GitLab Enterprise Edition
- Fixes Restricted access gitlab.com bugs (merge request) GitLab Enterprise Edition
- Improve error-handling when editing blobs (merge request)
- Fix epic creation when instance templates are set (merge request) GitLab Enterprise Edition
- Fix Duo Chat getting slower by message increase (merge request) GitLab Enterprise Edition
- Fix QueryCanceled error in PersistSecurityPoliciesWorker (merge request) GitLab Enterprise Edition
- Fix SecurityPolicyDefault to work with mr pipelines (merge request) GitLab Enterprise Edition
- Add aria-label to single file editor search input for accessible name (merge request)
- Add comment to cache when submitting a comment on a work item (merge request)
- Improve Value Stream Analytics path navigation accessibility (merge request) GitLab Enterprise Edition
- Fix calculation of owner project when project runner is assigned (merge request)
- MLOps run with no metrics with step results in failed display (merge request)
- Fix find file on blame page (merge request)
- Update pipeline graph (merge request)
- Dismiss value stream created/updated success alert upon its deletion (merge request) GitLab Enterprise Edition
- Fix GQL Error on accessing Job Token Authentication log (merge request)
- Remove jobs_api_use_primary_to_authenticate feature flag (merge request)
- Fix Ctrl+k command palette keyboard shortcut (merge request)
- Add a way to present Epics using WorkItem new logic (merge request) GitLab Enterprise Edition
- Use comma-separated IDs for skipping groups (merge request)
- Remove graphql_minimal_auth_methods FpF (merge request)
- Display custom permission title (merge request) GitLab Enterprise Edition
- Only check pending migrations if indexing enabled (merge request) GitLab Enterprise Edition
- Remove duplicated controls for narrow viewport (merge request)
- Fix the exact code search (merge request) GitLab Enterprise Edition
- Fix "Edit single file" option for empty files by @sahilsarawagi (merge request)
- Redirect group searches when SSO enabled and expired (merge request) GitLab Enterprise Edition
- Fix storing incorrect policy index in scan_result_policies (merge request) GitLab Enterprise Edition
- MR actions: Fix alignment and responsive behavior (merge request)
- Include SEP jobs with overriding PEPs (merge request) GitLab Enterprise Edition
- Fix todos for user mentions in wiki page comments (merge request)
- Add missing
hasParent to Hierarchy widget definition (merge request) GitLab Enterprise Edition
- Ensure dropdown toggle has accessible text on work item create MR button (merge request)
- Decrease inline button min-height in merge conflict page by @mschoenlaub (merge request)
- Enable submit buttons (merge request) GitLab Enterprise Edition
- Fix MergeRequestsComplianceViolations not null migrations (merge request)
- Allow user to have only 1 admin member role (merge request)
- Removed coverage check learn more link by @peterhdangg (merge request) GitLab Enterprise Edition
- Add a post deploment migration fixing the scim data (merge request)
- Update error message for validation errors of slugs by @schurzi (merge request)
- Fix a11y issue for new todos dashboard (merge request)
- Model Registry: Fix default_experiment path (merge request)
- Fix CI_RUNNER_TAGS regression (merge request)
- Fix API logging of JSON float/boolean param values (merge request)
- Filter out SAML projects when SAML session has expired (merge request) GitLab Enterprise Edition
- Filter out SAML projects when SAML session has expired (merge request) GitLab Enterprise Edition
- Add alert when global search and logged out groups exist (merge request) GitLab Enterprise Edition
- Filter out SAML projects when SAML session has expired (merge request) GitLab Enterprise Edition
- Ensure file tree table has row headers (merge request)
- Fix commit length (merge request)
- Tags list: Fix alignment of actions (merge request)
- Add role to informative icons for monitor settings (merge request)
- Two-factor quth: Add title to QR Code SVG (merge request)
- Add work item title and description in draft (merge request)
- Fixed invalid states for custom stage fields in VSA settings form (merge request) GitLab Enterprise Edition
- Use proper HTML semantics in shortcuts modal window (merge request)
- Avoid hard-coding test integer (merge request)
- Only show re-request review button to users who have permission (merge request) GitLab Enterprise Edition
- Wrap devops table help icon with
gl-button (merge request) GitLab Enterprise Edition
- Fix loading pipeline execution policies with missing project (merge request) GitLab Enterprise Edition
- Fix bug with contacts autocomplete checking root group not CRM group (merge request)
- Uses billable or nonbillable trait for member roles (merge request) GitLab Enterprise Edition
- Hide comment template button in work item description (merge request)
- Update to use
gl-button instead of gl-icon in visibility-icon (merge request) GitLab Enterprise Edition
- Remove exclude_child_pipelines_from_tag_branch_query feature flag (merge request)
- Fix category of collapsed issue sidebar notification button (merge request)
- Rescue timeout errors in GeoNodeStatus metrics queries (merge request) GitLab Enterprise Edition
- Use primary DB when authenticating via job token in jobs API (merge request)
- Skip scheduling service cache if no period is provided (merge request) GitLab Enterprise Edition
- Fix resource_tokens page in credentials (merge request) GitLab Enterprise Edition
- Fix pages multiple deployments limit for forgotten plans (merge request)
- Take scrollbar width into account when calculating collapsed sidebar (merge request)
- Use
canUpdate policy to control close button visibility (merge request)
- Work items design management: Fix alignment (merge request)
- Update validations for pipeline removal (merge request)
- Localize type names in work item create form (merge request)
- Fix NoMethodError when quick action users are not set (merge request)
- Fix routing for projects with dots in catalog (merge request)
- Update project settings approval widget (merge request) GitLab Enterprise Edition
- Skip cyclonedx report when its type is set to (merge request) GitLab Enterprise Edition
- Ensure DevOps Reports tables have row headers (merge request) GitLab Enterprise Edition
- Ensure admin subscripton page tables have row headers (merge request)
- Ensure Admin users table has appropriate row headers (merge request)
- Ensure PAT table rows have a row header (merge request)
- Add labels to color picker inputs in user preferences (merge request)
- Ensure Kubernetes cluster table rows have row headers (merge request)
- Ensure Job cell is the row header for Jobs table (merge request)
- Ensure board move to top/bottom buttons have role (merge request)
- Update to use
gl-button for feature flag description info (merge request)
- Fix review/draft notes using only quick actions (merge request)
- Fix alignment of user profile info (merge request)
- Editor toolbar: Add role and aria-label (merge request)
- Pass schedule param to execution policy pipelines (merge request) GitLab Enterprise Edition
- Verification: Add missing id for form label to work (merge request)
- Monitor settings: Fix a11y issue with labels (merge request)
- Pages: Adds label to input fields on step 2 (merge request)
- Design management (legacy): Add aria-label to checkbox (merge request)
- Project acess tokens: Fix select label for attribute value (merge request)
- Remove "project_templates_reporter_access" feature flag (merge request)
- Make sure badges visible for non-admins (merge request)
- Content editor: Add missing aria-label (merge request)
- Add missing name for disclosure button on group list page (merge request)
- Add missing name for disclosure button (merge request)
- Instance overview: Fix link focus (merge request)
- Fix ActionView::MissingTemplate for CompareController (merge request)
- Commment user link: Add focus ring (merge request)
- Fix intermittent logouts even with remember me (merge request)
- Add missing names for buttons on policies, labels and clusters table (merge request)
- Fix error for anonymous users on Projects::Ml::CandidatesController#show (merge request)
- Finalize deduplication of issuable_resource_links (merge request)
- Fix memory leak in DiffFile.vue (merge request)
- Upload large export files outside DB transaction (merge request) GitLab Enterprise Edition
- Fixes merge reports section in the widget not being fully hidden (merge request)
- Add error handling to dependency export creation (merge request) GitLab Enterprise Edition
- Fixed layout issue on the invite member modal component by @zillemarco (merge request)
- Wrap project card content on small screens (merge request)
- Fix projectAnalytics.aggregate.durationStatistics nil values (merge request)
- Fix 500 error when tag delete process fails (merge request)
- Remove useless validations for subgroup settings (merge request)
- Add static analysis checks for job token policies (merge request)
- Fix DumpWriteBufferCronWorker with multiple attribute groups (merge request) GitLab Enterprise Edition
- Fix permission issue for On-demand scans (merge request) GitLab Enterprise Edition
- Fix 500 error when
ciPipelineStage query has an invalid id (merge request)
- Add db trigger to fill wiki user mention sharding key (merge request)
- Fix 500 error on unauthenticated audit event (merge request) GitLab Enterprise Edition
- Fix vulnerability details header alignment (merge request) GitLab Enterprise Edition
- Fix Workhorse failing on 64-bit unaligned access on Raspberry Pi 32-bit (merge request)
- Support capitalized response for smart server reply (merge request)
- Fix nil input in causing SetGroupSecretPushProtectionService to fail (merge request) GitLab Enterprise Edition
- Ensure user external attribute is preserved and not null (merge request)
- Delete scan_result_policy_reads when deleting security policies (merge request) GitLab Enterprise Edition
- Use
moveDesign permission to control design reordering (merge request)
- Fix rescue statement by returning expected value (merge request)
- Fix descendant filter for security policies (merge request) GitLab Enterprise Edition
- Use naive component-based state approach for infinite list (merge request) GitLab Enterprise Edition
- Include support_bot comments in MRs to Duo Chat context (merge request) GitLab Enterprise Edition
- Fix weight attribute truncation on related items (merge request)
- Fix shared agents list (merge request)
- Fix member role preloaders when IDs are passed instead of objects (merge request) GitLab Enterprise Edition
- Don't show incorrect median value for Overview tab of VSA (merge request)
- Check for admin in remote_mirror_setting_enabled? (merge request) GitLab Enterprise Edition
- Fix commit tags badge link text color in dark mode (merge request)
- Prevent guest users from locking issue discussion (merge request)
- Fix work item parent reset error on create work item (merge request)
- Cloud Connector: Fix health check for dev use case (merge request) GitLab Enterprise Edition
- Redirect users not in onboarding to root_path (merge request) GitLab Enterprise Edition
- Fix text color of rich text suggestion added line text (merge request)
- Remove limit of max 5 defined policies from json schema (merge request) GitLab Enterprise Edition
- Show diff when diff_refs.head_sha has been pruned (merge request)
- Fix SCIM revoked identities (merge request) GitLab Enterprise Edition
- Fix console warning on work items new page (merge request)
- Move to-dos actions out of the main link (merge request)
- GitHub import handle requested_reviewer nil (merge request)
- Fix console error on work item detail page (merge request)
- Use UTF-8 encoding for email notifications (merge request)
- Show diff when diff_refs.head_sha has been pruned (merge request)
- Handle case when deployable is nil (merge request)
- Apply all filters to flowMetricsQuery (merge request)
- Handle nil
#mapped_user_id in SourceUserMapper (merge request)
- Reset variable visibility on form reset (merge request)
- Fix issue template loading for templates with spaces in names (merge request)
- Fix merge_after moving on each edit if server timezone is not UTC by @Taucher2003 (merge request)
- Fix merge request list empty state (merge request)
- Resolve vulnerability modal error race condition (merge request) GitLab Enterprise Edition
- Fix error when deleting all optional variables (merge request) GitLab Enterprise Edition
- Render code line breaks in vulnerability (merge request) GitLab Enterprise Edition
- Fix scroll position while loading comments (merge request)
- Prevent guests from locking MR or assigning reviewers (merge request)
- Add H1 to legacy issue edit page for screen reader users (merge request)
- Fix HAML rendering (merge request)
Changed (273 changes)
- Adjust import history table row toggle (merge request)
- Add dropdown to load projects for multiple groups (merge request) GitLab Enterprise Edition
- Add db migration for vscode_extension_marketplace (merge request)
- Update the latest DS template to use the new DS analyzer (merge request) GitLab Enterprise Edition
- Remove mark_resolved_vulnerabilities_with_sbom_scans feature flag (merge request)
- Apply gl-card styling to code suggestion blocks (merge request)
- Move Add to tree control (merge request)
- Improve accessibility for project and commit views (merge request)
- Pass interface and client information to AI Gateway (merge request) GitLab Enterprise Edition
- Fix 500 error on IP restrictions when checking snippets (merge request) GitLab Enterprise Edition
- Update the CI templates for DS to use the new DS analyzer (merge request) GitLab Enterprise Edition
- Change new github project error message (merge request) GitLab Enterprise Edition
- Migrate model experiments listing page to graphql (merge request)
- Improve invalid owners detection in CODEOWNERS (merge request) GitLab Enterprise Edition
- Link custom software license to software license policies (merge request) GitLab Enterprise Edition
- Admin Token API: Revoke Incoming Email Tokens by @nwittstruck (merge request)
- Call MarkAsResolvedService after an SBOM security scan (merge request) GitLab Enterprise Edition
- Show a visual when the environment is in the stopping state by @antonkalmykov (merge request)
- Consider user permissions when validating Code Owners (merge request) GitLab Enterprise Edition
- Add v2 approval rule table and model (merge request) GitLab Enterprise Edition
- Document inject_policy strategy for pipeline execution policies (merge request)
- Fix Pages CI Variables (merge request) GitLab Enterprise Edition
- Cloud Connector: Expose keys from database (merge request) GitLab Enterprise Edition
- Prevent user from downloading empty CSV (merge request)
- Zoekt: Rollout the zoekt_reemit_events FF (merge request) GitLab Enterprise Edition
- Remove unnecessary codes (merge request) GitLab Enterprise Edition
- Remove loose_foreign_keys_for_polymorphic_associations FF (merge request) GitLab Enterprise Edition
- Removed feature flag search_mr_filter_source_branch (merge request) GitLab Enterprise Edition
- Change label ID field type to Types::GlobalIDType[::Label] (merge request)
- Update squash options update mutation to support all branches rules (merge request)
- Remove claude_3_5_sonnet_20241022_for_code_gen feature flag (merge request)
- Update links to full docs URLs to skip index (merge request)
- Update comment to be mandatory in bulk severity override mutation (merge request) GitLab Enterprise Edition
- Update links to full docs URLs to skip index (merge request)
- Add import history table destination formatter (merge request)
- Documentation changes for rename prsd to spp (merge request)
- Add import history table row and header container components (merge request)
- Rename index files in application security docs (merge request)
- Allow shortcuts to remove markdown by @Bubbis (merge request)
- Import group: Migrate components used (merge request)
- Import groups by direct transfer: Cleanup interface (merge request)
- Use work item epic-issue adapter by default (merge request) GitLab Enterprise Edition
- Automatically update subsequent ordered lines in plain markdown editor by @Bubbis (merge request)
- Disallow project runners from being unassigned from owner (merge request)
- Update links to full docs URLs to skip index (merge request)
- Improve error messages for custom stage fields in VSA settings form (merge request) GitLab Enterprise Edition
- Change user ID field type to Types::GlobalIDType[::User] (merge request)
- Add an explanation why the CI variable value cannot be masked by @antonkalmykov (merge request)
- Change repository controls into a dropdown (merge request)
- Update error message for
needs CI keyword (merge request)
- Move the troubleshoot button to a sticky footer (merge request)
- Handle ghost users consistently (merge request)
- Update sort labels to be consistent across groups and projects (merge request)
- Store recently delete billable members to ease the sync up (merge request) GitLab Enterprise Edition
- Cleanup left over cross-db suppressions (merge request) GitLab Enterprise Edition
- Default-enable security policy project deletion prevention (merge request) GitLab Enterprise Edition
- Update links to full docs URLs to skip index (merge request)
- Rename index files for user/group clusters and contribution_analytics (merge request)
- Update CI_JOB_TOKEN JWT payload (merge request)
- Add the ability to download compliance frameworks (merge request) GitLab Enterprise Edition
- Add GET /projects/:id/remote_mirrors/:mirror_id/public_key API endpoint (merge request)
- Enhance resilience of single relation import Sidekiq worker (merge request)
- Do not drill props to BlobButtonGroup (merge request) GitLab Enterprise Edition
- Rename index files for Hugo migration (merge request)
- Remove codeowner_role_approvers ff (merge request) GitLab Enterprise Edition
- Advanced search: Cleanup sections (merge request)
- Zoekt: Update dot_com_rollout task (merge request) GitLab Enterprise Edition
- Rename index.md to _index.md for compatibility with docs-gitlab-com (merge request)
- Rename index.md to _index.md for compatibility with docs-gitlab-com (merge request)
- Rename index.md to _index.md for compatibility with docs-gitlab-com (merge request)
- Restructures code coverage doc and incorporates test coverage viz doc (merge request)
- Rename index.md to _index.md for compatibility with docs-gitlab-com (merge request)
- Rename from index.md to _index.md (merge request)
- Update pages service (merge request)
- Update create pipeline mutation to use GraphQL (merge request)
- Add ComplianceFrameworksController for JSON export (merge request) GitLab Enterprise Edition
- Change UX flow of license exclude packages (merge request) GitLab Enterprise Edition
- Include AllBranchesRules in non-EE branch rules responses (merge request)
- Remove $registryClass from replicableTypeUpdate mutation in Geo by @antonkalmykov (merge request) GitLab Enterprise Edition
- Create downstream_pipeline_dropdown.vue (merge request)
- Add
cronjob_child tag to Sidekiq cronjob workers (merge request)
- Add v2 approval rule table and model (merge request) GitLab Enterprise Edition
- Remove fully rolled-out feature flag for Duo Chat conciseness (merge request) GitLab Enterprise Edition
- Check root namespace for ci_jwt_groups_direct feature flag (merge request)
- Set traversal_ids on vulnerability stat insert (merge request) GitLab Enterprise Edition
- Add more spacing to super-sidebar toggle button (merge request)
- Rename index.md to _index.md for compatibility with docs-gitlab-com (merge request)
- Include users from custom roles as MR approvers (merge request) GitLab Enterprise Edition
- Import status: Update component (merge request)
- Rename variable and environments index files (merge request)
- Remove without_archived_projects (merge request) GitLab Enterprise Edition
- Rename CI YAML index file (merge request)
- Reflow work item buttons (merge request)
- Cleanup pages_multiple_versions_setting feature flag (merge request)
- Remove cross-DB modification (merge request) GitLab Enterprise Edition
- Expose squash options for all branches rules in free plan (merge request)
- Topic badge tooltip enhancement (merge request)
- Ingest all licenses for components with at least one known license (merge request) GitLab Enterprise Edition
- Make project visibility icon keyboard focusable (merge request)
- Model Experiments: Sort data descending (merge request)
- Visibility settings: Migrate to GlCard (merge request)
- Remove callback for adding user to default organization (merge request)
- Permanently enables duplicate exceptions for packages (merge request)
- Admin Token API: Reset OAuth Application Secrets by @nwittstruck (merge request)
- Remove feature-flag drop_lease_usage_project_recalculate_workers (merge request)
- Cleanup bigint conversion for geo_event_log.geo_event_id (merge request)
- Update text for license rule (merge request) GitLab Enterprise Edition
- Commit: Update page header to use PageHeading component (merge request)
- Add import history to your work nav bar (merge request)
- Fix duplicate emails sent for PrAT and GrAT expiring tokens (merge request)
- Enable FF by default for project dependency page (merge request)
- Improve UI text for syntax theme selection (merge request)
- Move publish to pages.publish (merge request)
- Add discernible text to project notifications button (merge request)
- Use background status warning on matched text (merge request)
- Improve seat controls copy (merge request) GitLab Enterprise Edition
- Split microsoft_applications tables (merge request) GitLab Enterprise Edition
- Improve to-do items' styling (merge request)
- Always allow pipeline variables in ondemand_dast_validation pipelines (merge request)
- Increase fileSize threshold for Highlight.js (merge request)
- Add in-product announcement for legacy IDE removal (merge request)
- Update gitlab-glfm-markdown and prometheus-client-mmap gems (merge request)
- Update import page header (merge request)
- Change group SPP feature category to security_testing_configuration (merge request) GitLab Enterprise Edition
- Add table creator to plain markdown editor by @Bubbis (merge request)
- Load linked to SPP groups (merge request) GitLab Enterprise Edition
- Remove feature-flag drop_lease_usage_authorized_projects_worker (merge request)
- Add partially disabled mode (merge request) GitLab Enterprise Edition
- Refactor limit check (merge request)
- Update breadcrumbs to match tabs and view in the Geo replication by @antonkalmykov (merge request) GitLab Enterprise Edition
- Truncate the project description when it is long in the CI/CD Catalog by @antonkalmykov (merge request)
- Add ordering when updating used storage bytes for zoekt indices (merge request) GitLab Enterprise Edition
- Add number formatting to ci minutes limit banner (merge request) GitLab Enterprise Edition
- Add sast tooltip and download link (merge request)
- Allow MarkAsResolvedService to scope by report type (merge request) GitLab Enterprise Edition
- Update re2 to v2.15.0 (merge request)
- Make file tree and modified icon focusable (merge request)
- Rename seat controls section to singular (merge request) GitLab Enterprise Edition
- Rename Sign-up restrictions settings section (merge request) GitLab Enterprise Edition
- Restrict tag rule ops when Gitlab API is not supported (merge request)
- Add project_id to DescriptionTemplates & split singular/bulk fields (merge request) GitLab Enterprise Edition
- Runner Authentication Tokens: Explain how a token can be resetted by @nwittstruck (merge request)
- Sync security policies when protected branch is modified (merge request) GitLab Enterprise Edition
- Add linked groups resolver (merge request) GitLab Enterprise Edition
- Resolve cross-join in security project statistics (merge request) GitLab Enterprise Edition
- Update notification to Admin (merge request) GitLab Enterprise Edition
- Pipeline wizard placeholder use design tokens (merge request)
- Migrate authored todos to GhostUser (merge request)
- Add discernible text to merge request overview activity sorting button (merge request)
- Set vuln stat traversal_ids when setting pipeline (merge request) GitLab Enterprise Edition
- Restrict creation of new rules if over maximum (merge request)
- Allow option to do multi node search on zoekt proxy (merge request) GitLab Enterprise Edition
- Add partially disabled mode (merge request) GitLab Enterprise Edition
- Remove feature flag (merge request) GitLab Enterprise Edition
- Papercuts 17.9 (merge request)
- Enhance CI/CD variable drawer UI with popovers for help content by @antonkalmykov (merge request)
- Enable specifying a semantic element for the CRUD component container (merge request)
- Return ids of created vulnerabilities with SBOM scanning (merge request) GitLab Enterprise Edition
- Add protected tag to the container registry (merge request)
- Do not update target entities if todos change (merge request)
- Refactored non-billable check for Gitlab.com BSO (merge request) GitLab Enterprise Edition
- Reduce layout shifts in usage quotas > pipelines (merge request) GitLab Enterprise Edition
- Integration: Item changes (merge request)
- Single/Multiple choice component: Update selected and disabled (merge request)
- Remove cross-join from namespace historical statistics (merge request) GitLab Enterprise Edition
- Fix some RSpec/BeEmpty offenses (merge request)
- Use small text for description. by @nomad_blaze (merge request)
- Remove feature flag after globally enbaling (merge request) GitLab Enterprise Edition
- Update software license policies with custom licenses (merge request) GitLab Enterprise Edition
- Show commit SHA in target column of AuditEvents table (merge request) GitLab Enterprise Edition
- Admin Token API: Clarify historic prefixes are only excluded for PATs by @nwittstruck (merge request)
- Elaticsearch issue query boost iid by 50 (merge request) GitLab Enterprise Edition
- Validate not-null and update sharding key for ci_pipeline_messages (merge request)
- Compliance framework dropdown order change & style update (merge request) GitLab Enterprise Edition
- Finalize backfilling epic work item data (merge request)
- Allow null access levels on rule creation (merge request)
- Execute pipelines for PEP project schedules (merge request) GitLab Enterprise Edition
- Work item note activity buttons enabled while loading (merge request)
- Show timeago tooltip on tab (merge request)
- Add discernible text to network/repository graph search button (merge request)
- Add label to feature flag instance ID regeneration input (merge request)
- Create and trigger the an event to update the (merge request) GitLab Enterprise Edition
- Remove branch_names_sorting feature flag (merge request)
- Specify username and password required (merge request)
- Update dependency @gitlab/web-ide to ^0.0.1-dev-20250110172049 by @gitlab-dependency-update-bot (merge request)
- Update traversal_ids for vulnerability statistic (merge request) GitLab Enterprise Edition
- Only log elasticsearch metrics if the cluster is red (merge request) GitLab Enterprise Edition
- Release create NuGet packages on the fly feature (merge request)
- Allow
max_artifact_size to be changed via the REST API (merge request)
- Integrations detail page: Migrations and small visual fixes (merge request)
- Clean up duo_chat_storage_postgresql feature flags (merge request) GitLab Enterprise Edition
- fix: Move call to
AiRelatedSettingsChangedEvent by @yashikajotwani12 (merge request) GitLab Enterprise Edition
- Make new header app default (merge request)
- Clean up PATs::ExpiringWorker extended logging (merge request)
- Clean up
rewrite_history_ui flag (merge request)
- Add class level config for simple zoekt scheduling service tasks (merge request) GitLab Enterprise Edition
- Allow access fields on Protection::TagRule to be null (merge request)
- Remove move_ai_tracking_to_instrumentation_layer feature flag (merge request)
- Only claim human users as enterprise (merge request) GitLab Enterprise Edition
- Update skip ci payload (merge request) GitLab Enterprise Edition
- Improve heading hierarchy and accessibility on group import (merge request)
- Replace '.' character on organization path (merge request)
- Update SPDX to 3.26.0 (merge request)
- Show only folder name and a link to the folder in the environments list by @antonkalmykov (merge request)
- Fix counter and remove first/last pages from applications (merge request)
- Process repo_to_delete worker in a single batch (merge request) GitLab Enterprise Edition
- Resolve cross-joins from InstanceSecurityDashboard (merge request) GitLab Enterprise Edition
- Expand publish variables for pages deployment (merge request)
- Prevent creation of placeholder users for deleted users (merge request)
- Remove delete_inactive_project_bot_users FF (merge request)
- Align deletion action between groups and projects in the settings page by @antonkalmykov (merge request) GitLab Enterprise Edition
- Clean up duo_chat_storage_postgresql feature flags (merge request) GitLab Enterprise Edition
- Update streaming filters docs links (merge request) GitLab Enterprise Edition
- Add setup_for_company to onboarding status json (merge request)
- Show "delete model" and "version" links only with permission (merge request)
- Add sast/dast identification on job (merge request)
- Remove retain_resource_access_token_user_after_revoke FF (merge request)
- Remove policies check from pipeline tooling (merge request)
- Add secret_token for compliance requirement controls (merge request) GitLab Enterprise Edition
- Hide "promote run" button when no permission exists (merge request)
- Extend DescriptionTemplate type to include category (merge request)
- Add notes to mention permissions related to a DAST scan (merge request) GitLab Enterprise Edition
- Add pending status for req. controls (merge request) GitLab Enterprise Edition
- Remove search_mr_filter_author feature flag (merge request) GitLab Enterprise Edition
- Update license exceptions format (merge request) GitLab Enterprise Edition
- Remove enable_inactive_tokens_deletion_cron_worker FF (merge request)
- Fix jira api required field (merge request)
- Refactor where actions appear in the accessibility MR widget by @antonkalmykov (merge request)
- Increase spacing between to-do link and actions (merge request)
- Hide "Delete experiment" for model experiment without permission (merge request)
- Added ability to close the board modal with esc or background click by @zillemarco (merge request)
- Remove deprecated and disabled SAST jobs (merge request)
- Bump nokogiri to v1.18 (merge request)
- Refactor scheduling service to use dispatch helper (merge request) GitLab Enterprise Edition
- Update error message when password validation fails (merge request) GitLab Enterprise Edition
- Remove cross-join from .grades_for with instance (merge request) GitLab Enterprise Edition
- Add new workspace_variables query API (merge request) GitLab Enterprise Edition
- Return all validation errors when manual vulnerability creation fails (merge request) GitLab Enterprise Edition
- Remove unused prop (merge request)
- Get group grades using vulnerability statistics (merge request) GitLab Enterprise Edition
- Remove alert_message_faq from storage banners (merge request) GitLab Enterprise Edition
- Save the LDAP tab pressed in cookie (merge request)
- Change registry protection rule admin text to Adminstrator (merge request)
- Update spacing (merge request)
- Enable the highlighting and memoization of admin tabs (merge request)
- Update dependency auto-deploy-image to v2.118.0 (merge request)
- LicenseScanning Report refactoring (merge request) GitLab Enterprise Edition
- Update pre-populated branch name when user can push to branch (merge request)
- Warn user if iteration has confidential issues they can't access (merge request) GitLab Enterprise Edition
- Replace paginator for keyset paginator admin applications (merge request)
- Use page heading component in feature flags list view (merge request)
- Model Registry: Rename candidate to run (merge request)
- Show agent version warnings from KAS (merge request)
- Add separate tabs for project and shared agents (merge request) GitLab Enterprise Edition
- Topics subpage: Cleanup and layout refinements (merge request)
- Add index to import_source_user_placeholder_references (merge request)
- Set traversal_ids upon vuln statistics ingestion (merge request) GitLab Enterprise Edition
- Move conan v1 search endpoint to conan shared endpoint by @oceane_scania (merge request)
- Get group grades using vulnerability statistics (merge request) GitLab Enterprise Edition
- Support multiple oidc providers (merge request) GitLab Enterprise Edition
- Process repo_to_index event with one batch at a time (merge request) GitLab Enterprise Edition
- Use page heading component in compliance center dashboard (merge request) GitLab Enterprise Edition
- Replace VulnerabilitiesFinder with VulnerabilityReadsFinder (merge request) GitLab Enterprise Edition
- Generalize relationship quick action copy (merge request)
- Move full page tooltip to right (merge request)
- Drop ipaddr as a dependency (merge request)
- Expose linked work item state on LinkedItemType (merge request)
- Move Seat Control to licensed feature (merge request) GitLab Enterprise Edition
- Add an icon to the bypassed reviews event in the MR timeline by @antonkalmykov (merge request)
- Change checkbox placement in Artifacts stacked view by @Deepak18-06 (merge request)
- Remove job token auth feature flag (merge request)
- Unhide container repository protection rules API by @nwittstruck (merge request)
- Switch from delete_all to destroy_all for user add-on assignments (merge request) GitLab Enterprise Edition
Deprecated (5 changes)
- Add deprecation announcements for DS build support and Gemnasium (merge request)
- Geo GraphQL API: Deprecate keyword arg (merge request) GitLab Enterprise Edition
- Fix deprecated field name (merge request)
- Redirect page visit on group projects page to the group overview (merge request)
- Ignore confidence columns on Vulnerability model (merge request) GitLab Enterprise Edition
Removed (24 changes)
- Remove rake task to enable or disable work item epics (merge request) GitLab Enterprise Edition
- Ignoring expression and type column from requirement (merge request) GitLab Enterprise Edition
- Remove availableFromAccessLevel field (merge request) GitLab Enterprise Edition
- Remove buildForecast graphQL endpoint (merge request) GitLab Enterprise Edition
- Remove All tab from To-Do dashboard (merge request)
- Removed feature flag by_pass_two_factor_for_current_session (merge request)
- Remove richText from bloblSearch graphQL (merge request) GitLab Enterprise Edition
- Remove epic_metrics table, models and associated references (merge request)
- Remove web_ide_settings_context_hash feature flag (merge request)
- Remove scan_execution_pipeline_concurrency_control ff (merge request)
- Remove temporary indicies from packages_dependencies table (merge request)
- Revert "Merge branch 'autoflow/basic-workitems-events' into 'master'" (merge request)
- Add post-deploy migration to drop unused column (merge request)
- Remove function-based namespace lookups (merge request)
- Ignore sep max_concurrency application setting (merge request) GitLab Enterprise Edition
- Removed the ignore rule for dropped column (merge request) GitLab Enterprise Edition
- Remove todos_vue_application feature flag and all inactive code (merge request)
- Remove
index_vulnerabilities_on_detected_at_and_id synchronously (merge request)
- Remove license_scanning_with_sbom_licenses feature flag (merge request)
- Remove sep scheduled scans application settings unused view (merge request) GitLab Enterprise Edition
- Remove hybrid search (merge request) GitLab Enterprise Edition
- Drop advanced_scopes from personal_access_tokens (merge request)
- Remove failing merge request approval rules metric (merge request) GitLab Enterprise Edition
- Remove broken compliance_total_unique_counts weekly, monthly metrics (merge request) GitLab Enterprise Edition
Security (15 changes)
- Revert "Update Kas version to the lastest sha"
- Do not allow Planner role to update or delete incidents
- Reduce number of object allocations on PAT endpoint
- Prevent SSRF attacks for Workspaces
- Security Duo Chat Escape Unknown Domain Hyperlinks
- Fixes XSS on the target branch in the merge request widget
- Prevent read code access when repository is disabled
- Unsubscribe from actioncable channel when PAT is revoked
- Update Kas version to the lastest sha
- Add offset optimization to audits event API (merge request) GitLab Enterprise Edition
- Fix protected variable exfiltration (merge request)
- Avoid recursive sidekiq calls on cyclic work item hierarchies (merge request)
- Enhance rich viewer sanitization (merge request)
- Respect the private profile constraints (merge request)
- Reduce REGEXP_TIMEOUT_SECONDS to 40 seconds (merge request)
Performance (11 changes)
- Optimize build.execute_hooks when creating pipeline (merge request)
- Set idempotency_arguments to SyncProjectPolicyWorker (merge request) GitLab Enterprise Edition
- Fix cache of branch_requires_code_owner_approval? (merge request) GitLab Enterprise Edition
- Reduce N+1 in project GraphQL project queries (merge request)
- Update import_failures sharding (merge request)
- Share preloads across multiple GraphQL project resolvers (merge request)
- Remove auto_merge_process_worker_pipeline feature flag (merge request)
- Replace check_rate_limit! with check_rate_limit_by_user_or_ip! (merge request)
- Remove check_oversized_blobs_without_blob_stitcher ff (merge request)
- Improve resolved vulnerabilities performance with SM-specific index (merge request)
- Create system_hooks table (merge request)
Other (283 changes)
- Add Telegram instance integration (merge request) GitLab Enterprise Edition
- Add sharding_key to board_labels table (merge request)
- Validate not null on vulnerability_finding_evidences sharding key (merge request)
- Regenerate RuboCop TODO files (merge request)
- Finalize migration BackfillIssuesDatesWithWorkItemDatesSources (merge request)
- Remove deprecation notice for runner fields in REST entity (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillWikiPageSlugsProjectId (merge request)
- Set pipl user soft deletion (merge request) GitLab Enterprise Edition
- Add MicrosoftTeams instance integration (merge request)
- Address non-blocking comments (merge request) GitLab Enterprise Edition
- Add new CDot internal endpoint (merge request) GitLab Enterprise Edition
- Sync setup_for_company in user_preferences and onboarding_status (merge request) GitLab Enterprise Edition
- Fix rubocop offenses for conan package tests by @gerardo-navarro (merge request)
- Expose project/root_namespace ids for Workhorse requests (merge request)
- Remove numbers from alerts integration settings (merge request)
- Remove current_page_context_prompt_in_aigw feature flag (merge request) GitLab Enterprise Edition
- Remove Search::Zoekt::IndexOverWatermarkEventWorker job instances (merge request)
- Reject API calls from orphaned project runners with HTTP 403 (merge request)
- Add and backfill namespace_id for design_management_repository_states (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillZoektReplicas (merge request)
- Finalize migration BackfillPackagesDependencyLinksProjectId (merge request)
- Finalize migration BackfillPackagesDebianProjectComponentsProjectId (merge request)
- Add & backfill sharding keys for bulk_import_failures (merge request)
- Model registry: Remove unused components (merge request)
- Add Teamcity instance integration (merge request)
- Add a migration to limit group visibility by organization visibility (merge request)
- Set packages_debian_project_architectures.project_id as NOT NULL (merge request)
- Add NOT NULL constraint on packages_debian_group_architectures.group_id (merge request)
- Add NOT NULL constraint on packages_conan_metadata.project_id (merge request)
- Set external_status_checks_protected_branches.project_id as NOT NULL (merge request)
- Quarantine a flaky test (merge request)
- Validate NOT NULL on vulnerability_findings_remediations sharding key (merge request)
- Validate NOT NULL on terraform_state_versions sharding key (merge request)
- Add unique constraints on ci_runners_e59bb2812d partitions (merge request)
- Add ExternalWiki instance integration (merge request)
- Remove search_group_sso_redirect feature flag (merge request) GitLab Enterprise Edition
- Remove search_global_sso_redirect feature flag (merge request)
- Add Harbor instance integration (merge request)
- Use ResetAuthenticationTokenService in Runner API by @nwittstruck (merge request)
- Validate NOT NULL on wiki_repository_states sharding key (merge request)
- Regenerate RuboCop TODO files (merge request)
- Cleanup feature flag ff_pages_use_open_file (merge request)
- Validate NOT NULL on work_item_parent_links sharding key (merge request)
- Validate NOT NULL on approval_project_rules_users sharding key (merge request)
- Validate NOT NULL on approval_merge_request_rule_sources sharding key (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add EmailsOnPush instance integration (merge request)
- Add and backfill project_id for merge_request_cleanup_schedules (merge request)
- Add & backfill sharding keys for bulk_import_trackers (merge request)
- Add and backfill project_id for merge_request_predictions (merge request)
- Add and backfill project_id for requirements_management_test_reports (merge request)
- Add and backfill namespace_id for design_user_mentions (merge request)
- Admin Token API: Revoke Impersonation tokens by @nwittstruck (merge request)
- Add NOT NULL constraint on approvals sharding key (merge request)
- Validate NOT NULL on vulnerability_finding_signatures sharding key (merge request)
- Add NOT NULL constraint on ml_model_metadata.project_id (merge request)
- Requeue backfill for target_project_id on ComplianceViolations table (merge request)
- Refactor NuGet package enqueuing by @holtvogt (merge request)
- Add Discord instance integration (merge request)
- Add and backfill project_id for operations_scopes (merge request)
- Add and backfill project_id for merge_request_diff_details (merge request)
- Add & backfill sharding keys for bulk_import_export_batches (merge request)
- Add & backfill sharding keys for required_code_owners_sections (merge request)
- Mark 20241025160103 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20241106201829 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill namespace_id for design_management_designs_versions (merge request)
- Validate not null on sbom_occurrences_vulnerabilities sharding key (merge request)
- Add & backfill sharding keys for snippet_repository_storage_moves (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove vulnerability_report_security_scores feature flag (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch projects index to update integer with long type (merge request) GitLab Enterprise Edition
- Reindex Elasticsearch users index to update integer with long type (merge request) GitLab Enterprise Edition
- Remove
sourcegraph feature flag (merge request)
- refactor: Use BaseProjectService for container protection services by @gerardo-navarro (merge request)
- Protected packages: Remove deprecation warnings in GRAPHQL by @gerardo-navarro (merge request)
- Change FF ownership (merge request) GitLab Enterprise Edition
- Delete track_user_access_from_pipl_countries FF (merge request) GitLab Enterprise Edition
- Mark 20241105111645 as obsolete (merge request) GitLab Enterprise Edition
- Regenerate RuboCop TODO files (merge request)
- Add milestones not null sharding key constraint (merge request)
- Instrument the creation of CI runners (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add and backfill group_id for boards_epic_list_user_preferences (merge request)
- Extend SyncNamespaceService for add-on purchases (merge request) GitLab Enterprise Edition
- Add and backfill project_id for dast_pre_scan_verification_steps (merge request)
- Reindex Elasticsearch wiki index to update integer with long type (merge request) GitLab Enterprise Edition
- Add Confluence instance integraiton model (merge request)
- Add sharding key to board_assignees (merge request)
- Set sharding key for merge_requests_compliance_violations (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Add new provision service (merge request) GitLab Enterprise Edition
- test: Improve readability of test by applying table syntax by @gerardo-navarro (merge request)
- Remove start and due date widget from incident WIT (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add NOT NULL constraint to release_links.project_id column (merge request)
- Add NOT NULL constraint on draft_notes.project_id (merge request)
- Fix 20 rubocop violations for Layout/ArrayAlignment (merge request)
- Add project_namespace_id_from and project_namespace_id_to (merge request) GitLab Enterprise Edition
- Extend documentation for includes in code blocks by @schurzi (merge request)
- Mark 20240814223217 as obsolete (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint on ml_candidate_metadata.project_id (merge request)
- Add FK back to issues.work_item_type_id (merge request)
- Add NOT NULL constraint on merge_request_blocks.project_id (merge request)
- Create siphon tables for namespace details and bulk imports (merge request)
- Add NOT NULL constraint to boards sharding key (merge request)
- Remove vulnerability_filtering_by_identifier feature flag (merge request) GitLab Enterprise Edition
- Add custom fields widget to all work item types (merge request)
- Partition Manager to automatically attack LFK trigger to new partitions (merge request)
- Remove duplicate shared spec (merge request)
- Finalize migration BackfillPackagesDebianProjectArchitecturesProjectId (merge request)
- Add trigger token expiration by @william.allen1 (merge request)
- Add not null constraint on vulnerability_finding_signatures.project_id (merge request)
- Add NOT NULL constraint on approval_merge_request_rules.project_id (merge request)
- Add NOT NULL constraint on work_item_parent_links.namespace_id (merge request)
- Add NOT NULL constraint on merge_request_context_commits.project_id (merge request)
- Add not null constraint on dast_scanner_profiles_builds.project_id (merge request)
- Add NOT NULL constraint on epic_user_mentions.group_id (merge request)
- Add NOT NULL constraint on status_check_responses.project_id (merge request)
- Cleanup throttle_with_process_commit_worker_pool feature flag (merge request)
- Create cluster_agent_migrations table (merge request)
- test: Fix typo in test by @gerardo-navarro (merge request)
- Create ClickHouse siphon tables for milestones and events (merge request)
- Rename feature flag for enhanced vulnerability bulk actions (merge request) GitLab Enterprise Edition
- Add MattermostSlashCommands instance integration (merge request)
- Add MockCi instance integration (merge request)
- Regenerate RuboCop TODO files (merge request)
- Remove the index_curation feature (merge request)
- Fix pngquant script by requiring logger (merge request)
- Add MockMonitoring instance integration (merge request)
- Add Phorge instance integration (merge request)
- Add PipelinesEmail instance integration (merge request)
- Add Pivotaltracker instance integration (merge request)
- Fix Usernamespace Audit events (merge request)
- Add Pumble instance integration (merge request)
- Add Pushover instance integration (merge request)
- Remove Ci::Tagging model (merge request)
- Add Redmine instance integration (merge request)
- Remove enforce_global_file_size_limit feature flag (merge request)
- Handle case where pipeline can be nil in FindingsFinder (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint on project_relation_exports.project_id (merge request)
- Add NOT NULL constraint on merge_request_assignees.project_id (merge request)
- Add NOT NULL constraint on vulnerability_finding_links.project_id (merge request)
- Mark 20241003142503 as obsolete (merge request) GitLab Enterprise Edition
- Add UnifyCircuit instance integration (merge request)
- Remove Ci::Tagging association (merge request)
- Finalize migration BackfillMergeRequestReviewersProjectId (merge request)
- Add WebexTeams instance integration (merge request)
- Finalize migration for backfilling security policies (merge request)
- Backfill p_ci_pipeline_variables from ci_trigger_requests (merge request)
- Add Youtrack instance integration (merge request)
- Add warning to DT docs (merge request)
- Move registration_objective to onboarding_status column (merge request) GitLab Enterprise Edition
- Validate not null constraint on projects.project_namespace_id column by @c0rydoras (merge request)
- Refactor Cell Configuration (merge request)
- Mark 20241017094601 as obsolete (merge request) GitLab Enterprise Edition
- Remove multiple_todos feature flag (merge request)
- Add CustomIssueTracker instance integration (merge request)
- Add DiffblueCover instance integration (merge request)
- Add Ewm instance integration (merge request)
- Finalize 20250109133913 batched migration (merge request)
- Finalize 20250108170045 batched migration (merge request)
- Finalize RecalculateShardingKeyIdForOrphanedProjectRunners (merge request)
- Remove
merge_request_dashboard_new_lists feature flag (merge request)
- Set vulnerability_findings_remediations.project_id as NOT NULL (merge request)
- Add NOT NULL constraint on issue_links.namespace_id (merge request)
- Consolidate secure tokens feature flags (merge request)
- Add not null constraint on packages_build_infos.project_id (merge request)
- Remove feature flag for pipeline cleanup (merge request)
- Add Irker instance intergration (merge request)
- Finalize migration BackfillResourceLinkEvents (merge request)
- Create ClickHouse siphon table for notes (merge request)
- Remove toggle_redis_6_0_compatibility FF (merge request)
- Finalize migration BackfillPackagesConanMetadataProjectId (merge request)
- Store failed pipeline counts on ClickHouse (merge request)
- Finalize migration BackfillDetectedAtFromCreatedAtColumn (merge request)
- Creating table for scheduling user deletion by @Anzala09 (merge request)
- Remove Gitlab::Redis::ClusterDbLoadBalancing store post migration (merge request)
- Add not null constraint on dast_profiles_pipelines.project_id (merge request)
- Add not null constraint on vulnerability_finding_evidences.project_id (merge request)
- Finalize SkipCompanyOnboardingStep batched migration (merge request)
- Finalize migration ResyncHasVulnerabilities (merge request)
- Mark 20240716141532 as obsolete (merge request) GitLab Enterprise Edition
- Clean up dora_charts_forecast feature flag (merge request) GitLab Enterprise Edition
- Add HangoutsChat instance integration (merge request)
- Mark 20240807160655 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20241003151804 as obsolete (merge request) GitLab Enterprise Edition
- Add Clickup instance integration (merge request)
- Optimize the update_index_used_bytes (merge request) GitLab Enterprise Edition
- Mark 20240704125425 as obsolete (merge request) GitLab Enterprise Edition
- Validate
namespaces.organization_id foreign key (merge request)
- feat: Abstracting SLIs' initialization step (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillPackagesDebianGroupComponentsGroupId (merge request)
- Use project_id as sharding key for packages_nuget_symbols (merge request)
- Add placeholder instance integration models (merge request)
- Guard against status changes (merge request) GitLab Enterprise Edition
- Mark 20240826172514 as obsolete (merge request) GitLab Enterprise Edition
- Remove the FF zoekt_index_marked_as_ready_event (merge request)
- Set approval_merge_request_rule_sources.project_id as NOT NULL (merge request)
- Add NOT NULL constraint on approval_project_rules_users.project_id (merge request)
- Add NOT NULL constraint on terraform_state_versions.project_id (merge request)
- Add NOT NULL constraint on terraform_state_versions.project_id (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration RestoreOptInToGitlabCom (merge request)
- Drop the virtual_registries_packages_maven_cached_responses table (merge request)
- Mark 20241002103536 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20240814231502 as obsolete (merge request) GitLab Enterprise Edition
- Remove feature flag new_pages_ui (merge request)
- Add alert_management_alert_user_mentions.project_id NOT NULL constraint (merge request)
- feat: Record error rate on security scan reports (merge request) GitLab Enterprise Edition
- Remove project and group vulnerability management feature flags (merge request) GitLab Enterprise Edition
- Create ClickHouse table siphon_merge_requests (merge request)
- Removing cascading-duo-features-for-instance FF (merge request) GitLab Enterprise Edition
- Validate the not null constraint on
projects.organization_id (merge request)
- Add NOT NULL constraint on design_management_designs.namespace_id (merge request)
- Finalize copy runner taggings migrations (merge request)
- Add not null constraint on sbom_occurrences_vulnerabilities.project_id (merge request)
- Add NOT NULL constraint on operations_strategies_user_lists.project_id (merge request)
- Quarantine a flaky test (merge request)
- Create ClickHouse siphon for issues (merge request)
- docs: Extend docs that delete protection is not yet implemented by @gerardo-navarro (merge request)
- Add Bugzilla instance integration (merge request)
- Drop table subscription_provision_syncs (merge request) GitLab Enterprise Edition
- Finalize BackfillCiRunnerMachinesPartitionedTable (merge request)
- Finalize migration BackfillPackagesDebianGroupArchitecturesGroupId (merge request)
- [Feature flag] Cleanup mr_vulnerability_code_flow (merge request)
- Remove advanced_search_multi_project_select feature flag (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint on design_management_repositories.namespace_id (merge request)
- Update sharding_key_id for project runners if project is deleted (merge request)
- Add NOT NULL constraint to cluster_agent_tokens.project_id column (merge request)
- Add not null constraint on related_epic_links.group_id (merge request)
- Add NOT NULL constraint on packages_debian_publications.project_id (merge request)
- Add schema for work item custom field values (merge request)
- Quarantine a flaky test (merge request)
- Direct code generation requests to v4 when client supports sse (merge request)
- Add NOT NULL constraint on operations_strategies.project_id (merge request)
- Finalize backfill_onboarding_status_role migration (merge request)
- Finalize migration for backfilling status checks project ID (merge request)
- Remove ApplicationSetting legacy AI columns (merge request)
- Finalize QueueBackfillComplianceViolationNullTargetProjectIds migration (merge request)
- Remove orphaned managers from .com ci_runner_machines_687967fa8a (merge request)
- Fix backfill_p_ci_pipelines_trigger_id (merge request)
- Add not null constraint on dast_pre_scan_verifications.project_id (merge request)
- Validate fk_0e743433ff foreign key (merge request)
- Finalize the DeleteOrphanedCiRunnerProjects migration (merge request)
- Finalize BackfillCiRunnersPartitionedTable (merge request)
- Model Registry: Add metrics for users (merge request)
- Schedule the
namespaces.organization_id foreign key to be validated (merge request)
- Add not null constraint on dast_profiles_tags.project_id (merge request)
- Set compliance_framework_security_policies sharding keys as NOT NULL (merge request)
- Add not null constraint on boards_epic_user_preferences.group_id (merge request)
- Finalize migration BackfillMlModelMetadataProjectId (merge request)
- Finalize migration for Software Licenses without spdx (merge request)
- Remove DeleteProjectWorker and feature flag (merge request) GitLab Enterprise Edition
- Finalize migration BackfillMergeRequestsClosingIssuesProjectId (merge request)
- Add Bamboo instance integration (merge request)
- Set approval_group_rules_protected_branches.group_id as NOT NULL (merge request)
- Add NOT NULL constraint on user_achievements.namespace_id (merge request)
- Add NOT NULL constraint on audit_events_streaming_headers.group_id (merge request)
- Set audit_events_streaming_event_type_filters.group_id as NOT NULL (merge request)
- Add NOT NULL constraint on workspace_variables.project_id (merge request)
- Add NOT NULL constraint on vulnerability_user_mentions.project_id (merge request)
- Add NOT NULL constraint on vulnerability_flags.project_id (merge request)
- Add NOT NULL constraint on operations_feature_flags_issues.project_id (merge request)
- Set packages_debian_project_distribution_keys.project_id as NOT NULL (merge request)
- Set packages_debian_group_distribution_keys.group_id as NOT NULL (merge request)
- Add not null constraint on dast_site_validations.project_id (merge request)
- Add not null constraint on dast_site_profile_secret_variables.project_id (merge request)
- Add not null constraint on dora_daily_metrics.project_id (merge request)
- Add not null constraint on boards_epic_board_positions.group_id (merge request)
- Add not null constraint on boards_epic_board_labels.group_id (merge request)
- Add alert_management_alert_metric_images.project_id NOT NULL constraint (merge request)
- Add NOT NULL constraint to alert_management_alert_assignees.project_id (merge request)
- Add NOT NULL constraint to ml_experiment_metadata.project_id column (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillRemoteDevelopmentAgentConfigsProjectId (merge request)
17.8.7 (2025-04-09)
Security (5 changes)
- Bump workhorse golang-jwt/jwt to 5.2.2 (merge request)
- Global search count leak for confidential issues (merge request)
- Set the IP address state for Action Cable requests (merge request)
- Adding validation for Ci::Pipeline (merge request)
- Add delay to when pointer events are enabled for 0Auth authorize page (merge request)
Other (1 change)
17.8.6 (2025-03-26)
Fixed (1 change)
Security (8 changes)
- Sync organization user access when admin status changes (merge request)
- Prevent XSS via merge error on the merge request page (merge request)
- Inherit current_user external status while rotating project/group token (merge request)
- Add validations for the project_name of Harbor integration (merge request)
- Sanitize returned input on asciidoc Timeout (merge request)
- Add CI/CD project setting
allow_composite_identities_to_run_pipelines (merge request)
- Add limit to resource counts in tfplan merge request report (merge request)
- Fix a typo in sitemap_controller_spec (merge request)
17.8.5 (2025-03-11)
Security (8 changes)
- Vendor GraphQL gem (merge request)
- Ruby-SAML updates (merge request)
- Prevent custom role to activate group members (merge request)
- approval_rules name is unbounded (merge request)
- Limit preview size (merge request)
- Maintainer can inject shell code in Google integration configurations that... (merge request)
- Filter out internal notes if the recipient do not have access (merge request)
- Mask unencoded userinfo in project mirror errors (merge request)
17.8.4 (2025-02-26)
Security (4 changes)
- Increase minimum role in SPP to read policy yaml (merge request)
- Fix access to read code review analytics in private projects (merge request)
- Escape work item dropdown items and restrict HTML tags (merge request)
- Use stricter CSP values in the packages dependency proxy (merge request)
17.8.3 (2025-02-21)
Fixed (2 changes)
- Use primary DB when authenticating via job token in jobs API (merge request)
- Revert stricter workhorse route regexes (merge request)
17.8.2 (2025-02-11)
Fixed (3 changes)
- Fix storing incorrect policy index in scan_result_policies GitLab Enterprise Edition
- Enable ai tracking even with feature flag disabled GitLab Enterprise Edition
- Fix Workhorse failing on 64-bit unaligned access on Raspberry Pi 32-bit
Security (8 changes)
- Security Duo Chat Escape Unknown Domain Hyperlinks (merge request)
- Hide sensitive workhorse headers and fix route confusion between web and workhorse routes (merge request)
- Do not allow Planner role to update or delete incidents (merge request)
- Reduce memory allocations on create PAT endpoint (merge request)
- Prevent SSRF attacks for Workspaces (merge request)
- Prevent read code access when repository is disabled (merge request)
- Fixes XSS on the target branch in the merge request widget (merge request)
- Unsubscribe from actioncable channel when PAT is revoked (merge request)
17.8.1 (2025-01-22)
Security (4 changes)
- Fix protected variable exfiltration (merge request)
- Enhance rich viewer sanitization (merge request)
- Avoid recursive sidekiq calls on cyclic work item hierarchies (merge request)
- Respect the private profile constraints (merge request)
17.8.0 (2025-01-15)
Added (127 changes)
- Add more specs for most_recent_commit_sha method (merge request) GitLab Enterprise Edition
- Update runners owned by non-existent projects (merge request)
- Delete orphaned project runners when project is deleted (merge request)
- Allow configuring "auto_stop_setting" through graphql (merge request)
- Create GraphQL query for the pages settings by @antonkalmykov (merge request)
- Add elastic client to active context gem (merge request) GitLab Enterprise Edition
- Save branch name of code suggestion events (merge request) GitLab Enterprise Edition
- Release protected pypi packages feature (merge request)
- Model experiments: Add href to CI Job (merge request)
- Add graphql field ai_xray_reports to ProjectType (merge request)
- Add LinkedResources work item widget placeholder (merge request)
- Add ability to add related item for work items (merge request)
- Create siphon ClickHouse table for projects (merge request)
- Add Rest and GraphQL API to configure scheduled merge by @Taucher2003 (merge request)
- Promote runs in a model's experiments to a model version (merge request)
- Allow users to configure skip_ci for pipeline execution policies (merge request) GitLab Enterprise Edition
- Add indices for sharding_key_id for runners and runner managers (merge request)
- Release protected container repositories feature (merge request)
- Add resolve MR discussion arguments to create work item mutation (merge request)
- Add directory or file name with icon (merge request)
- Adds workflows_definition to Duo Workflow (merge request) GitLab Enterprise Edition
- Allow filtering tokens by before and after expires at (merge request)
- Adds bso instrumentation metric (merge request) GitLab Enterprise Edition
- Update runner taggings owned by non-existing projects (merge request)
- Update runner managers owned by non-existing projects (merge request)
- Mock Api for custom statuses (merge request) GitLab Enterprise Edition
- Surface user.type to frontend (merge request)
- Remove use_list_commits_rpc_network_graph feature flag (merge request)
- Add support in UI to select Pages primary domain (merge request)
- Model experiments: Improve candidate table (merge request)
- Add Restricted Access option to Seat Controls (merge request) GitLab Enterprise Edition
- Add linkedWorkItems field to EpicType (merge request) GitLab Enterprise Edition
- Use legacy destination helper in legacy destination create APIs (merge request) GitLab Enterprise Edition
- Add xray context to /refactor (merge request) GitLab Enterprise Edition
- Add optional variables for passing on to CI (merge request) GitLab Enterprise Edition
- Group level support for dropdown API (merge request) GitLab Enterprise Edition
- Enable group-level vulnerability management policies by default (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Full support for Vulnerability Webhook events (merge request) GitLab Enterprise Edition
- Remove amazon_q_integration feature flag (merge request)
- Search in accessible deploy keys (merge request)
- Model experiments: Add copy button to MLflow usage (merge request)
- Model experiments: Add experiment id (merge request)
- Add linkedWorkItems field to EpicType (merge request) GitLab Enterprise Edition
- Model experiments: Add creator to candidates table (merge request)
- Adding project control status table (merge request) GitLab Enterprise Edition
- Model experiments: Add creator field to candidates type (merge request)
- Add retry_duo_workflow_execution event (merge request) GitLab Enterprise Edition
- Model experiments: Add Experiments to GraphQL (merge request)
- Added destroy requested changes GraphQL mutation (merge request) GitLab Enterprise Edition
- Sync index for p_ci_pipelines.trigger_id (merge request)
- Add CUD endpoints for tag protection rule (merge request)
- Introduce lazy loading of projects list in framework drawer (merge request) GitLab Enterprise Edition
- Add skip ci configuration (merge request) GitLab Enterprise Edition
- Add optional variables to dast_site_profiles table (merge request) GitLab Enterprise Edition
- Helper method for legacy audit event destinations graphql create (merge request) GitLab Enterprise Edition
- Helper method for audit event destinations graphql create (merge request) GitLab Enterprise Edition
- Create v2 enpoints and add feature flag by @ScanianJP (merge request)
- Link user_destroyed event for user provisioned by group to the group (merge request) GitLab Enterprise Edition
- Remove log_advanced_search_cluster_health_elastic flag (merge request) GitLab Enterprise Edition
- Add skip ci configuration to a policy drawer (merge request) GitLab Enterprise Edition
- Add licenses to scan_result_policies (merge request) GitLab Enterprise Edition
- GraphQL: add TagCreate mutation (merge request)
- Update policy schema to support package exclusion (merge request) GitLab Enterprise Edition
- Delete orphaned ci_runner_projects records (merge request)
- Add an audit event for user provisioning by group SCIM (merge request) GitLab Enterprise Edition
- Reorganise project-level packages and registries settings (merge request)
- Added merge request requested changes to the merge request GraphQL type (merge request)
- Enable third-party UCM flags by default (merge request)
- Set gh user mapping ff to true (merge request)
- Update loading state of create merge request button (merge request)
- Show title suggestions to project work items (merge request)
- Add new table subcsrption_provision_syncs (merge request) GitLab Enterprise Edition
- Automatically enable group hierarchy optimization (merge request)
- Fix policies update MR blocked (merge request) GitLab Enterprise Edition
- Expose
move_design policy in GraphQL permission type (merge request)
- Adding tables and models for requirement controls (merge request) GitLab Enterprise Edition
- Log all AI Gateway responses related to Amazon Q (merge request)
- Expose EPSS and KEV in finding entity (merge request) GitLab Enterprise Edition
- Remove track_member_activity feature flag (merge request)
- Remove epic_and_work_item_associations_unification ff (merge request) GitLab Enterprise Edition
- Show modal when updating with pipeline (merge request) GitLab Enterprise Edition
- Add API endpoints and services for Account Ownership Verification PIN (merge request)
- Add read compliance dashboard as a custom ability (merge request) GitLab Enterprise Edition
- Add Amazon Q system note support (merge request)
- Add
async arg to PipelineCreate mutation (merge request)
- Add quick actions messages to work items (merge request)
- Add topic to catalog resources (merge request)
- Add a confirmation alert when an environment is protected/unprotected by @antonkalmykov (merge request) GitLab Enterprise Edition
- Implement project secrets graphql query (merge request)
- Show Closed MRs deprecated in the list (merge request)
- Defined event and metrics (merge request) GitLab Enterprise Edition
- Remove create branch and merge request from behind FF (merge request)
- Show warning when approval settings are overridden for MR (merge request) GitLab Enterprise Edition
- Make composite_identity FF default enabled (merge request)
- Model registry: Add empty state to candidate list (merge request)
- Implement delete pipl users (merge request) GitLab Enterprise Edition
- Add arkose_labs_data_exchange_enabled setting (merge request) GitLab Enterprise Edition
- Model experiments: Split Experiment card into tabs (merge request)
- Allow configuring "auto_stop_setting" through Environments API (merge request)
- Connect Amazon Q trigger service to issuable create/update (merge request) GitLab Enterprise Edition
- Connect Amazon Q trigger service to quick actions (merge request) GitLab Enterprise Edition
- Add
inputs key to trigger include objects CI schema by @Ben.Leith (merge request)
- Add 'Start review' button to MR Overview (merge request)
- Add
group_analytics_dashboard_editor feature flag (merge request) GitLab Enterprise Edition
- Add base support for Amazon Q quick actions service (merge request)
- Add duo_add_on_groups config for LDAP (merge request) GitLab Enterprise Edition
- Model registry: Add link to candidate (merge request)
- Add audit event to CreateRunnerService (merge request) GitLab Enterprise Edition
- Model experiments: Enhance experiment card title (merge request)
- Show Related MR's in dev widget with deduplication (merge request)
- Add iteration support to content editor (merge request)
- Adds scheduled workers for dormant member removal (merge request)
- Add web_hook_logs_daily table (merge request)
- Update semver_dialects to 3.4.5 (merge request)
- Add status deprecated to the packages statuses (merge request)
- Add ability to assign GitLab Duo seats based on SAML groups (merge request) GitLab Enterprise Edition
- Extend GraphQL with policies overriding project approval settings in MR (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add container tag protection rules to project (merge request)
- Model registry: Add Experiment to model card (merge request)
- Add unique domain regenerate button (merge request)
- Add warning modal when creating work item (merge request)
- Add arkose_labs_enabled application setting (merge request) GitLab Enterprise Edition
- Remove feature flag custom_ability_admin_push_rules & keep new code (merge request)
- Adding Service Ping metric for dependency api (merge request) GitLab Enterprise Edition
- Add support for using ActiveRecord::Encryption (merge request)
Fixed (88 changes)
- Prevent Direct Transfer from incorrectly marking entities as stale (merge request)
- Reassign runner's owner when owning project is deleted (merge request)
- Fix visitor location country localization (merge request)
- Reset
resolved_at attribute vulnerabilities (merge request) GitLab Enterprise Edition
- Fix
/unlink quick command to work with epic work items (merge request) GitLab Enterprise Edition
- Use NamespaceProjectIdsEachBatch instead of for_group_and_its_subgroups (merge request)
- Add resource context to Duo Chat history (merge request) GitLab Enterprise Edition
- Protected Container Repositories: Fix link in documentation by @nwittstruck (merge request)
- Fix UI text in lock and unlock file modal (merge request) GitLab Enterprise Edition
- BBS handle missing users when user mapping (merge request)
- Documentation and refactor for Duo group/subgroups bug fix (merge request) GitLab Enterprise Edition
- Make ClickHouse write buffer workers compatible with Redis 6.0 (merge request)
- Update FinishBatchedRelationExportWorker to fail export on timeout (merge request)
- Last commit: Fix alignemnt of right content (merge request)
- Fix circular reference with pipeline execution policy variables (merge request) GitLab Enterprise Edition
- Update Secure sub-section of the sidebar to show only permitted items (merge request) GitLab Enterprise Edition
- Fix Pages primary domain not getting saved (merge request)
- Set the used_storage_bytes to default when it is 0 (merge request) GitLab Enterprise Edition
- Lazily initiate a Redis publish/subscribe channel (merge request)
- Fix handling of short gzip metadata files (merge request)
- Apply all filters to flowMetricsQuery (merge request)
- Update the default API value for environment auto stop setting (merge request)
- Make sure MR sticky header is accessible when browser font size=large (merge request)
- Fix mobile layout for requirements list page (merge request) GitLab Enterprise Edition
- Show Iteration field on items within the work items Child widget by @vedant-jain03 (merge request)
- Fix pipeline execution policies skipping when allowed (merge request) GitLab Enterprise Edition
- Reverse toggle to enable skip ci behavior for policy (merge request) GitLab Enterprise Edition
- Fix sizing of done/redo button on mobile todo page (merge request)
- Show milestone popover for GFM references to group milestones (merge request)
- Use data from current tab of Vue MR list page for export to CSV (merge request)
- Geo Replication - Fix incorrect breadcrumbs (merge request) GitLab Enterprise Edition
- Ensure REST API handles SSH key expiry todos (merge request)
- Ensure users can receive notifications before verifying email (merge request)
- Fix typo in policy UI editor for skip ci allowlist (merge request) GitLab Enterprise Edition
- Fix undefined method error for
remaining_pipl_access_days (merge request) GitLab Enterprise Edition
- Fix missing variables for DAST scans (merge request) GitLab Enterprise Edition
- Fix resource access token bot namespace bug for admin users (merge request)
- Remove unnecessary padding for policy warning icon (merge request)
- Remove "go_get_handle_relative_url" feature flag (merge request)
- Use add on trial dates for combined trial on premium (merge request) GitLab Enterprise Edition
- Fix policy name in MR with trailing numbers (merge request) GitLab Enterprise Edition
- Move User namespace audit events to instance scope (merge request) GitLab Enterprise Edition
- Don't post policy bot comments in MRs of archived projects (merge request) GitLab Enterprise Edition
- Fixing audit event group path failure (merge request)
- Add BoardEpicConnection type policy for pagination (merge request) GitLab Enterprise Edition
- Fix 500 error when banzai commit filter incorrectly captures a group (merge request)
- Add reference permission check for group level items (merge request)
- Merge branch... (merge request)
- Update acme-client to v2.0.19 (merge request)
- Fix failed jobs widget polling issue (merge request)
- Restore diff file draft note editing state (merge request)
- Add a migration to regenerate CI job token signing key (merge request)
- Fix CI job token signing key not always generated (merge request)
- Fix issues boards unable to fetch issues for anonymous users (merge request)
- bug: Fix appearance of protected badge in group package overview by @gerardo-navarro (merge request)
- Fix NoMethodError on most_recent_commit_sha method (merge request) GitLab Enterprise Edition
- Only create Geo verification records if primary checksumming enabled (merge request) GitLab Enterprise Edition
- Update subscription check for hide duo section (merge request) GitLab Enterprise Edition
- Provide a workaround for users that do not have a registration_type (merge request) GitLab Enterprise Edition
- Only show repo file tooltip when truncated (merge request)
- Make ClickHouse exclusive lock compatilble with Redis 6 (merge request)
- Fix Analytics dashboards description
Show more toggle button (merge request) GitLab Enterprise Edition
- Use the project_id_from and project_id_to in InitialIndexingEventWorker (merge request) GitLab Enterprise Edition
- Fix resetting timer on ChunkWriter (merge request)
- Fix last commit styling when description is expanded (merge request)
- Preserve saved access levels when re-enabling project features (merge request)
- Handle SSO redirect during authorization (merge request) GitLab Enterprise Edition
- Fix Gitlab::Audit::NullAuthor string keyword splat (merge request)
- Protected containers: Show protected badge in group container overview by @gerardo-navarro (merge request)
- Fix index to evict event worker (merge request) GitLab Enterprise Edition
- Fix foreign key error while backfilling (merge request) GitLab Enterprise Edition
- Fix appearance of merge split button (merge request)
- Fix infinite scroll when inviting a group to a project (merge request)
- Pipeline stage job polling fix (merge request)
- Fix backoff of disabled webhooks ramp up too fast (merge request)
- Fix audit events destination_url to be public (merge request) GitLab Enterprise Edition
- MR widget alert warning: border bottom and fix border-radius (merge request)
- Zoekt: Fix negative unclaimed storage bytes (merge request) GitLab Enterprise Edition
- Replace DB unique index with model validator (merge request)
- Fix edge case when trying to access policy approval_settings (merge request) GitLab Enterprise Edition
- Fix issue in RTE with image resize (merge request)
- Fix issue with preserving checkboxes whitespace (merge request)
- Use correct height value for emoji picker rows (merge request)
- Fix a case-sensitivity issue in the application rate limiter (merge request)
- Skip copying over custom award emoji that do not exist (merge request)
- Fix Random.rand for zero values in RuleScheduleService (merge request) GitLab Enterprise Edition
- Ignore system notes when indexing notes on work items by @joe-snyder (merge request) GitLab Enterprise Edition
- Restrict PAT informaton endpoint to PAT authentication (merge request)
Changed (102 changes)
- Fix layout of requirements (merge request)
- Abstract project topics to reusable component (merge request)
- Change language filter icon to "code" (merge request)
- Update environments list page (merge request) GitLab Enterprise Edition
- Modify gl-icon in email_verification.vue to use info variant and size 16 by @alvinowyong (merge request)
- Update operational vulnerabilities info (merge request)
- Fix AdjustmentService to use SEC DB connection (merge request) GitLab Enterprise Edition
- Split SCIM tables (merge request)
- Reject soft-deletion of groups containing security policy projects (merge request) GitLab Enterprise Edition
- Specify SCIM as reason for DestroyService audit event (merge request) GitLab Enterprise Edition
- Set Amazon Q service account username (merge request) GitLab Enterprise Edition
- Adjust hidden variables error messages (merge request)
- Set codeowner_role_approvers to default enabled (merge request)
- Added project id to the internal workflow API get method (merge request) GitLab Enterprise Edition
- Remove flag gitaly_pack_objects_hook_with_sidechannel (merge request)
- Update edit blob to use commit change modal (merge request)
- Amazon Q service account has private profile (merge request) GitLab Enterprise Edition
- Easily copy link to current issue template from URL (merge request)
- Remove
auto_resolve_vulnerabilities feature flag (merge request) GitLab Enterprise Edition
- Support enablement of Fireworks/Qwen model by top-level group (merge request) GitLab Enterprise Edition
- Remove tooltip from activity item (merge request)
- Model experiments: Rename candidate to run (merge request)
- Remove duo_seat_assignment_email_for_sm feature flag (merge request) GitLab Enterprise Edition
- Model registry: rename candidate to "run" (merge request)
- Enable FF policies_always_override_project_ci by default (merge request) GitLab Enterprise Edition
- Dont show amazon q with duo add ons (merge request)
- Make in-app trials display fixed (merge request) GitLab Enterprise Edition
- Show file type in security scan artifact download dropdown (merge request)
- Promote project.dependencies to generally available (merge request) GitLab Enterprise Edition
- Update adherence report drawer heading (merge request) GitLab Enterprise Edition
- Add X-Gitlab-Feature-Enablement-Type AI Gateway header (merge request) GitLab Enterprise Edition
- Enhance model experiments listing page (merge request)
- Ref container darkmode color changes (merge request)
- Remove automatic feature access level adjustments when updating project visibility (merge request)
- Remove WalReceiverSaturation indicator (merge request)
- Rename pages_default_domain_redirect to pages_primary_domain (merge request)
- Drop use of AWS SDK v1 in Workhorse uploads (merge request)
- Change tooltip text and icon for Summarize button on issues (merge request)
- Allow nil values for project_id_to in zoekt index metadata (merge request) GitLab Enterprise Edition
- Update CreateIssueService rollback (merge request) GitLab Enterprise Edition
- Remove default value for organization_id (merge request)
- Change tooltips to HelpPopover in projects import (merge request)
- Use diff_blobs for streaming compare rapid diffs (merge request)
- Reject deletion of security policy projects (merge request) GitLab Enterprise Edition
- Change pipeline identifier priority (merge request)
- Repaced and removed css gl-last-of-type-border-b-0 by @illia_bakunovskyi (merge request)
- Group usage quotas: Update page hierarchy (merge request) GitLab Enterprise Edition
- Refactor topics admin page to use PageHeadingComponent by @bufferoverflow (merge request)
- Add validation for license rule (merge request) GitLab Enterprise Edition
- Update widget in pipeline editor to use pipeline summary component (merge request)
- Update licenses validation (merge request) GitLab Enterprise Edition
- Unify error messages styling when onboarding (merge request)
- Updates BBM docs (merge request)
- New split view for a policy editor (merge request) GitLab Enterprise Edition
- Remove validation for branches on group level (merge request) GitLab Enterprise Edition
- Enhance experiment candidate(run) detail page (merge request)
- Fix icon text alignment (merge request) GitLab Enterprise Edition
- Sync index creation for p_ci_builds.trigger_request_id (merge request)
- Moved seat_control from helper to controller (merge request) GitLab Enterprise Edition
- Remove old completions class and update service_class (merge request)
- Enable scan_execution_pipeline_concurrency_control ff (merge request) GitLab Enterprise Edition
- Remove database default for organization_id from oauth tables (merge request)
- Removed sync code for seat_control and new_user_signups_cap (merge request) GitLab Enterprise Edition
- Changes index on namespace_settings (merge request)
- Add instructions in the pipeline editor for configuring jobs for MRs by @antonkalmykov (merge request)
- New machine learning runs use ml_model package type (merge request)
- Make details disclosures easier to spot in rendered markdown (merge request)
- Added link to project and group (merge request)
- Update label text for protected branch in commit change modal (merge request)
- Help Icon: Removes small size and replaces it with default (merge request)
- Consolidate pipeline queries (merge request)
- Update Kubernetes agent registration (merge request) GitLab Enterprise Edition
- Improve readability of status icon (merge request) GitLab Enterprise Edition
- feat: Toggle Duo Chat drawer state instead of only showing (merge request) GitLab Enterprise Edition
- Remove
download_code dependency from access to read merge requests (merge request)
- Markdown: Use fixed type scale (merge request)
- Add auto-approval param in CE (merge request)
- Use diff_blobs for streaming commit rapid diffs (merge request)
- Updated SeatControl UX (merge request) GitLab Enterprise Edition
- Allow dots in path_prefix in Pages (merge request)
- Fix Direct Transfer scopes copy to be precise (merge request)
- Use YMD date for value stream metrics queries (merge request)
- Update edit blob to use commit change modal (merge request)
- Update styling in pipeline mini graph dropdown (merge request)
- Show an Actions column name on the pipelines list on the desktop view by @antonkalmykov (merge request)
- Release feature flag ml_experiment_tracking (merge request)
- Model Experiments: Add menu item to MLflow usage example (merge request)
- Remove default value from namespaces.organization_id column (merge request)
- Replace NamespaceSettings index with composite (merge request)
- Add Auditor badge to Admin area Users page (merge request) GitLab Enterprise Edition
- Uses organization id on Topics GraphQL (merge request)
- Update sign up path on Admin Settings (merge request)
- Remove BackfillPCiPipelinesTriggerId (merge request)
- Change CreateMergeRequestService rollback for sec (merge request) GitLab Enterprise Edition
- Fix first and last pagination icon sizes (merge request)
- Use projects icon and add tooltips in admin > groups (merge request)
- Update text in dependency table (merge request) GitLab Enterprise Edition
- Remove increase_lsif_artifacts_limit feature flag (merge request)
- Increase ci_max_artifact_size_lsif default limit (merge request)
- Remove correct_work_item_type feature flags (merge request)
- Update dependency auto-deploy-image to v2.115.0 (merge request)
- Set cache: [] in SAST latest CI templates (merge request)
Removed (17 changes)
- Removed the ignore rule (merge request) GitLab Enterprise Edition
- Remove top-level group concurrency docs (merge request) GitLab Enterprise Edition
- Remove feature flag 'vulnerability_code_flow' (merge request)
- Remove ci_graphql_pipeline_mini_graph (merge request)
- Remove pipeline editor dead code (merge request)
- Removing ci_secure_files_read_only feature flag (merge request)
- Remove epic cached count checking (merge request) GitLab Enterprise Edition
- Remove sync_audit_events_to_clickhouse feature flag (merge request)
- Create migration for synchronous index removal (merge request)
- Remove namespace_descendants_cache_expiration FF (merge request)
- Dropping confidence column from security_findings (merge request)
- Remove
use_holt_winters_forecast_for_deployment_frequency (merge request) GitLab Enterprise Edition
- Remove require_resource_id feature flag (merge request)
- Remove self_hosted_models_beta_ended FF (merge request)
- Remove code_suggestions_usage_events_in_pg feature flag (merge request) GitLab Enterprise Edition
- Remove groups_with_event_streaming_destinations metric (merge request) GitLab Enterprise Edition
- Remove the 'auth_finder_no_token_length_detection' FF (merge request)
Security (12 changes)
- Update KaTeX to fix several CVEs (merge request)
- Update rails to 7.0.8.7 (merge request)
- Revert "Merge branch 'sh-fix-http-io-empty-gz-handling' into 'master'"
- Add strong parameters to the passwords_controller (merge request)
- Fix handling of short gzip metadata files
- Filter out sensitive parameters on Auth logs
- Prevent cyclic reference in work item hierarchy widget from frontend
- Allow external_provider config take precedence over external_groups
- Don't allow unauthorized users to close issues automatically
- Update golang.org/x/net package (merge request)
- Update net-ssh to fix CVE-2023-48795 (merge request)
- Update yard to fix CVE-2024-27285 (merge request)
Performance (4 changes)
- Implement included remote checksum in the Maven package registry (merge request)
- Remove auto_merge_process_worker_sticky feature flag (merge request)
- Load entire discussion first when linking to a note (merge request)
- Lazy load create epic modal in group sidebar (merge request)
Other (83 changes)
- Finalize migration BackfillMlCandidateMetadataProjectId (merge request)
- Add not null constraint on boards_epic_lists.group_id (merge request)
- Introduce partitioned table for maven virtual registry cache entries (merge request)
- Remove ci_catalog_ranking_from_new_usage_table feature flag (merge request)
- Add Asana instance integraiton model (merge request)
- Regenerate RuboCop TODO files (merge request)
- Quarantine a flaky test (merge request)
- Cleanup lfs_sync_before_branch_updates FF (merge request)
- Remove actor override flag for GH and BBS importer (merge request)
- Finalize migration BackfillVulnerabilityIssueLinksProjectId (merge request)
- Remove unnecessary wrapper method (merge request)
- Re-queue migration to delete orphaned groups (merge request)
- Add closed reason urls to work item GraphQL types (merge request)
- Reorder migrations for ci_deleted_objects (merge request)
- Add ClickHouse table siphon for namespaces (merge request)
- Remove actor override when Direct Transfer disabled (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Cell ID to default to null instead of 1 (merge request)
- Add Assembla instance integraiton model (merge request)
- Revert ElasticsearchSettingsFromApplicationSettings pd migration (merge request)
- Remove Search::Zoekt::DeleteProjectWorker job instances (merge request)
- Drop sequence for work_item_types.id column (merge request)
- Simplify Rouge/HLJS mapping (merge request)
- Fix issues.work_item_type_id values (merge request)
- Regenerate RuboCop TODO files (merge request)
- refactor: Extract shared examples in create_package_service_spec.rb by @gerardo-navarro (merge request)
- Only show active trial widget for ultimate trial plans (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize migration BackfillVulnerabilityMergeRequestLinksProjectId (merge request)
- Finalize migration MigrateOsSbomOccurrencesToComponentsWithoutPrefix (merge request)
- Update downtime migration docs (merge request)
- Remove feature flag definition (merge request)
- Cleanup multiple_approval_actions feature flag (merge request) GitLab Enterprise Edition
- Finalize migration BackfillVulnerabilityUserMentionsProjectId (merge request)
- Fix work_item_types.id values with sequential values 1-9 (merge request)
- Enable pause control for zoekt workers (merge request) GitLab Enterprise Edition
- Cleanup premium_can_trial_again feature flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove orphaned managers from .com ci_runner_machines_687967fa8a (merge request)
- Requeue backfill of ci_runners_e59bb2812d table (merge request)
- Fix a misspelling in BBM docs (merge request)
- Add tracking metrics for multiple approver actions (merge request) GitLab Enterprise Edition
- Delete redundant docs link from "Linked items" (merge request)
- Remove UpdateIndexUsedBytesWorker job instances (merge request)
- Quarantine a flaky test (merge request)
- Add feature category to github import specs (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove feature_flag admin_agnostic_token_finder (merge request)
- Finalize migration BackfillVulnerabilityFindingLinksProjectId (merge request)
- Finalize migration BackfillVulnerabilityFlagsProjectId (merge request)
- Finalize migration BackfillVulnerabilityFindingEvidencesProjectId (merge request)
- Finalize migration BackfillVulnerabilityFindingSignaturesProjectId (merge request)
- Protected packages: Add regex validation for pypi protection rules by @gerardo-navarro (merge request)
- Merge branch '458891-metadata-api-get-kas-version-by-serverinfo-rpc' into 'master' (merge request)
- Create helper method for tree header app (merge request) GitLab Enterprise Edition
- Removed git_guardian_integration FF (merge request)
- Detail view renders legcy issue view for unsupported work item types (merge request)
- Quarantine a flaky test (merge request)
- Updates step_url for users that do not have registration_type (merge request)
- Update vulnerability_management_policy to clarify group availability (merge request) GitLab Enterprise Edition
- Consolidate elasticsearch application settings into one JSON field (merge request) GitLab Enterprise Edition
- Run EnsureFactoryForTable in CE to avoid RedundantCopDisableDirective (merge request)
- Add missing widgets to incidents for parity with issues (merge request)
- Add & backfill sharding keys for protected_branch_unprotect_access_level (merge request)
- Remove feature flag write_to_ci_runner_taggings (merge request)
- test: Move test from feature test to model test by @gerardo-navarro (merge request)
- Reclaim disk space used by old job tokens (merge request)
- Quarantine a flaky test (merge request)
- Fix variable literal (merge request) GitLab Enterprise Edition
- Add and backfill namespace_id for issuable_slas (merge request)
- Add & backfill sharding keys for bulk_import_export_uploads (merge request)
- Use the project_id_from and project_id_to in InitialIndexingEventWorker (merge request) GitLab Enterprise Edition
- Remove cache_autocomplete_sources_* feature flags (merge request)
- Remove feature flag
ai_custom_model (merge request)
- Remove default on `group_saved_replies_flag feature flag (merge request)
- Remove use_actual_plan_in_license_check flag (merge request)
17.7.7 (2025-03-11)
Security (8 changes)
- Vendor GraphQL gem (merge request)
- Ruby-SAML updates (merge request)
- Prevent custom role to activate group members (merge request)
- approval_rules name is unbounded (merge request)
- Limit preview size (merge request)
- Maintainer can inject shell code in Google integration configurations that... (merge request)
- Filter out internal notes if the recipient do not have access (merge request)
- Mask unencoded userinfo in project mirror errors (merge request)
17.7.6 (2025-02-26)
Fixed (1 change)
Security (4 changes)
- Increase minimum role in SPP to read policy yaml (merge request)
- Fix access to read code review analytics in private projects (merge request)
- Escape work item dropdown items and restrict HTML tags (merge request)
- Use stricter CSP values in the packages dependency proxy (merge request)
17.7.5 (2025-02-21)
Fixed (1 change)
17.7.4 (2025-02-11)
Security (8 changes)
- Security Duo Chat Escape Unknown Domain Hyperlinks (merge request)
- Hide sensitive workhorse headers and fix route confusion between web and workhorse routes (merge request)
- Do not allow Planner role to update or delete incidents (merge request)
- Reduce memory allocations on create PAT endpoint (merge request)
- Prevent SSRF attacks for Workspaces (merge request)
- Prevent read code access when repository is disabled (merge request)
- Fixes XSS on the target branch in the merge request widget (merge request)
- Unsubscribe from actioncable channel when PAT is revoked (merge request)
17.7.3 (2025-01-22)
Fixed (1 change)
- Add BoardEpicConnection type policy for pagination GitLab Enterprise Edition
Security (4 changes)
- Fix protected variable exfiltration (merge request)
- Enhance rich viewer sanitization (merge request)
- Avoid recursive sidekiq calls on cyclic work item hierarchies (merge request)
- Respect the private profile constraints (merge request)
17.7.2 (2025-01-14)
Fixed (1 change)
Changed (1 change)
17.7.1 (2025-01-08)
Fixed (3 changes)
- Update acme-client to v2.0.19
- Add a migration to regenerate CI job token signing key
- Fix CI job token signing key not always generated
Security (4 changes)
- Prevent cyclic reference in work item hierarchy widget from frontend (merge request)
- Allow external_provider config take precedence over external_groups (merge request)
- Filter out sensitive parameters on Auth logs (merge request)
- Don't allow unauthorized users to close issues automatically (merge request)
17.7.0 (2024-12-18)
Added (178 changes)
- Add iteration autocomplete to RTE by @salihudickson (merge request) GitLab Enterprise Edition
- Add pages domain verify API (merge request)
- Add foreign key constraints to ci_runner_machines_687967fa8a (merge request)
- Register new audit event (merge request) GitLab Enterprise Edition
- Add credit_card_verification_enabled setting (merge request) GitLab Enterprise Edition
- Add internal events tracking to the individual release page by @antonkalmykov (merge request)
- GraphQL: add BranchDelete mutation (merge request)
- Update qa github spec (merge request)
- Add deny allow list to a policy drawer (merge request) GitLab Enterprise Edition
- Add search for Kubernetes pods (merge request)
- Add
/relate quick action to WorkItems (merge request) GitLab Enterprise Edition
- Model experiments: Add empty state to performance graph (merge request)
- In project update service add support for pages default domain redirect (merge request)
- Log scope when auditor initialized (merge request)
- Add validation key for license exceptions (merge request) GitLab Enterprise Edition
- Enable markdown description lists (merge request)
- Add backticks and remove FF (merge request)
- Add note regarding user namespaces (merge request)
- Model experiments: Add user, created_at, model_id (merge request)
- Remove npm_extract_npm_package_model feature flag (merge request)
- Add ability to assign GitLab Duo seats based on SAML groups (merge request) GitLab Enterprise Edition
- Add ci_requires_identity_verification_on_free_plan setting (merge request) GitLab Enterprise Edition
- GraphQL API: add endpoint to return a list open merge requests (merge request)
- Admin Token API: Revoke token by @nwittstruck (merge request)
- Default enable FF vulnerability_filtering_by_identifier (merge request) GitLab Enterprise Edition
- Allow default editor setting to be optional (merge request)
- Support for Vulnerability webhook events (merge request) GitLab Enterprise Edition
- Introduce Rotate Token in UI - Impersonation Tokens by @shangsuru (merge request)
- Add and track events for Vulnerability auto-resolution (merge request) GitLab Enterprise Edition
- Add pipeline summary for reusable pipeline widgets (merge request)
- Add UI for managing integrations allowlist (merge request) GitLab Enterprise Edition
- Add warning to group approval settings when policies may override it (merge request) GitLab Enterprise Edition
- Add a warning when approval settings may be affected by policies (merge request) GitLab Enterprise Edition
- Add new API to update secret push protection for group (merge request) GitLab Enterprise Edition
- Add build source filter to GraphQL Project Job query (merge request)
- Added the ability to query EPSS data in GraphQL through vulnerabilities (merge request) GitLab Enterprise Edition
- Model experiments: Add candidates table (merge request)
- Document skip_ci option for pipeline execution policies (merge request)
- Adding metric for when a vulnerability is resolved (merge request) GitLab Enterprise Edition
- Support composite identity in Runner activity (merge request)
- Allow users to configure skip ci behavior for pipeline execution policy (merge request) GitLab Enterprise Edition
- Enable VR in MR by default (merge request) GitLab Enterprise Edition
- Include snippet import requirements (merge request)
- Add vulnerabilities in Import and Export and Direct Transfer (merge request)
- Add include_forked for blobs search graphql api (merge request) GitLab Enterprise Edition
- Add new KAS fields to GraphQl (merge request)
- Fix the response order (merge request) GitLab Enterprise Edition
- Add yaml update for allow list (merge request) GitLab Enterprise Edition
- Create approval rules for multiple policy approvers (merge request) GitLab Enterprise Edition
- Document that Planner role can import issues from CSV (merge request)
- Add migration to reindex all work items by @joe-snyder (merge request) GitLab Enterprise Edition
- Add phone_verification_enabled application setting (merge request) GitLab Enterprise Edition
- Added total policy violations count to the GrpahQL API (merge request) GitLab Enterprise Edition
- Add new API to update secret push protection for group (merge request) GitLab Enterprise Edition
- Add composite identity enforce setting to users (merge request)
- Model experiments: Performance graph (merge request)
- Backfill namespace shared_runner_minutes_limits (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add custom_role_approvers to MR approval policies (merge request) GitLab Enterprise Edition
- Remove merge_when_checks_pass_merge_train feature flag (merge request)
- Add indent and outdent functionality to RTE by @salihudickson (merge request)
- Add include_archived for blobs search graphql api (merge request) GitLab Enterprise Edition
- Adds autopopulated to group and project scope links tables (merge request)
- Support composite identity in CI pipelines (merge request)
- Create entry in package reference when adding new package file by @oceane_scania (merge request)
- Add documentation and roll out ensure PEP pre stage complete (merge request) GitLab Enterprise Edition
- Allow unverified users to opt-in to identity verification for access (merge request) GitLab Enterprise Edition
- Add a type field to UserCore (merge request)
- Add ai_conversation_threads and ai_conversation_messages tables (merge request) GitLab Enterprise Edition
- Add auto stop setting to environments (merge request)
- Update issue tracking integrations to work with instance integrations (merge request)
- Added new author filter for merge request scope (merge request) GitLab Enterprise Edition
- Add GQL type on project for component usages (merge request) GitLab Enterprise Edition
- Settings block: Add id to url to make them shareable (merge request)
- Add pages_default_domain_redirect in project_settings (merge request)
- Write trigger_id to Ci::Pipeline (merge request)
- Allow promoting a work item issue to an epic using quick actions (merge request) GitLab Enterprise Edition
- Add backticks around username mentions (merge request)
- Implement WorkItemWidgetDevelopment.relatedMergeRequests field (merge request)
- Add policy action_idx to approval rules validation (merge request) GitLab Enterprise Edition
- Enable filtering by subscriptions in GraphQL (merge request)
- Add concurrency limit to CreateBotWorker (merge request) GitLab Enterprise Edition
- Vue Projects - Inactive project descriptions (merge request)
- Add error_messages to GraphQL (merge request)
- Introduce failed jobs in MR (merge request)
- Add option without auto-approvals to User Signup settings (merge request) GitLab Enterprise Edition
- Handle variables_attributes for policy pipelines (merge request) GitLab Enterprise Edition
- Enable work item epics (merge request) GitLab Enterprise Edition
- Remove api_audit_requests_with_scope flag (merge request)
- Promote planner role on invite members page (merge request)
- Add with_highest_role_planner field to users_statistics table (merge request) GitLab Enterprise Edition
- Specify namespace and flux_resource_path in CI job (merge request)
- Fix: Completions worker accessing deleting feature flag (merge request) GitLab Enterprise Edition
- Update Initial Duo Config Box Settings (merge request) GitLab Enterprise Edition
- Add markdown include directive (merge request)
- Add rotate via UI to project and group access tokens by @shangsuru (merge request)
- Update dormant member docs to reference max value (merge request)
- Remove specialized_worker_for_group_lock_update_auth_recalculation FF (merge request)
- Add Owners to
Allowed to create projects options on Group by @yasuk (merge request)
- Add pages_default_domain_redirect in project_settings (merge request)
- Backfill issue_links_id on related_epic_links (merge request) GitLab Enterprise Edition
- Fix AiSetting race condition (merge request) GitLab Enterprise Edition
- Added completion notification for project imports (merge request)
- Add sharding key columns to uploads (merge request)
- Clean up expiring_pats_30d_60d_notifications FF (merge request)
- Add stream destination mapping to legacy models (merge request) GitLab Enterprise Edition
- Add remaining licenses without spdx to custom software license table (merge request)
- Model registry: Add default experiment to model card (merge request)
- Add persisted related item to new work item flow (merge request)
- Add processing for additional error codes (merge request) GitLab Enterprise Edition
- Add the model for registry tag protection rules (merge request)
- Added Work item frontend ground work (merge request) GitLab Enterprise Edition
- Integrations observe settings allow list (merge request) GitLab Enterprise Edition
- Add dormant scope to seat assignments (merge request)
- Add
suspended status for Flux sync badge (merge request)
- Rename to follow convention (merge request) GitLab Enterprise Edition
- Add pages_default_domain_redirect in project_settings (merge request)
- Add Duo seats usage panel to AI Impact dashboard (merge request) GitLab Enterprise Edition
- Allow transfer of project with tags (merge request)
- Add trial date attribute validations (merge request) GitLab Enterprise Edition
- Model registry: Add candidates tab to Model card (merge request)
- Enforce allowlisted policies for CI/CD Jobs (merge request)
- Add additional fields and optional slot to commit changes modal (merge request)
- Adding update mutation for compliance requirements (merge request) GitLab Enterprise Edition
- Add new index to alert management alerts by @max.woolf (merge request)
- Exposed pre_receive_secret_detection_enabled in ProjectTypes (merge request) GitLab Enterprise Edition
- Enable auto_stop_in for non-deployment environment actions (merge request)
- Add notes fields to work item query by @joe-snyder (merge request)
- Add entry for GLQL to code block languages (merge request)
- Remove feature flag "beyond_identity_exclusions" (merge request)
- Set assign_custom_roles_to_group_links_sm to true by default (merge request) GitLab Enterprise Edition
- Dynamically populate Duo Chat slash command suggestions based on URL (merge request) GitLab Enterprise Edition
- GraphQL: Expose user timezone (merge request)
- Add "GET /groups/:id/enterprise_users" API endpoint (merge request) GitLab Enterprise Edition
- Remove work_items_rolledup_dates feature flag (merge request) GitLab Enterprise Edition
- Include identifierName argument to vulnerabilitySeveritiesCount GraphQL (merge request) GitLab Enterprise Edition
- Add duo workflow status check (merge request) GitLab Enterprise Edition
- View branches in development widget (merge request)
- Setup associations for inviting a group to a project with a custom role (merge request) GitLab Enterprise Edition
- Support job token auth for read-only changelog generation API (merge request)
- Admin Token API: Cluster Agent Tokens by @nwittstruck (merge request)
- Admin Token API: Add support for reading OAuth Application Secrets by @nwittstruck (merge request)
- Update project statistics when create/delete NuGet symbols (merge request)
- Make PersonalAccessToken#token routable (merge request)
- Update UI text referencing confidentiality visibility (merge request)
- Show anchors in cleanup image tags regex input fields (merge request)
- Add PostgresTableSize (merge request)
- Add Planner role to access level GraphQL enums (merge request) GitLab Enterprise Edition
- Add permissions for Planner role (merge request)
- Add Planner role to Roles and permissions admin page (merge request) GitLab Enterprise Edition
- Add Planner role (merge request)
- Implement new routable token specification (merge request)
- New GraphQL API for filter by identifier dropdown (merge request) GitLab Enterprise Edition
- Initial checkin for Admin Duo Configuration page (merge request) GitLab Enterprise Edition
- Destroy mutation for compliance requirements (merge request) GitLab Enterprise Edition
- Add migration to create missing terraform module metadata (merge request)
- Create is_known_exploit column in pm_cve_enrichment and add tests (merge request)
- Expose can_create_organization through application settings API (merge request)
- Remove merge_when_checks_pass feature flag (merge request)
- Remove feature flag lfs_misconfiguration_banner (merge request)
- Link compliance frameworks with vulnerability management policies (merge request) GitLab Enterprise Edition
- Fetch linked context lines (merge request)
- Update GitLab Pages version (merge request)
- Add additional JWT audiences for Jira Connect (merge request)
- Clean up sm_duo_pro_bulk_user_assignment (merge request) GitLab Enterprise Edition
- Add legacy_destination mapping for audit event streaming destinations (merge request) GitLab Enterprise Edition
- Add transclusion markdown syntax (merge request)
- Add ciJobTokenScopeAllowlist graphql type (merge request)
- Support claude 3.5 Sonnet new model version (merge request) GitLab Enterprise Edition
- Use feature flag to new streamers (merge request) GitLab Enterprise Edition
- Project template becomes an official part of the product (merge request) GitLab Enterprise Edition
- Add support for using ActiveRecord::Encryption (merge request)
- Initial checkin for duo configuration page (merge request) GitLab Enterprise Edition
- Mark note as internal permission on frontend (merge request)
- Added Work item frontend ground work (merge request)
- Added keyboard shortcuts for command platte (merge request)
- Enable ingestion of EPSS data to GitLab database (merge request) GitLab Enterprise Edition
- Default Duo Chat output tokens to 8k (merge request) GitLab Enterprise Edition
Fixed (181 changes)
- Fix duplicate reply bug on wiki comments by @salihudickson (merge request)
- Set CVSS vectors during vulnerability scanning (merge request) GitLab Enterprise Edition
- Fix CreateService for buffered_token_expiration_limit by @joe-snyder (merge request) GitLab Enterprise Edition
- Render a warning for pull mirroring when the project is read-only (merge request)
- Fix classification label default behaviour (merge request)
- Return
title field from YAML for name custom role graphql field by @Florian_Lang (merge request) GitLab Enterprise Edition
- Fix alignment of MR approvals widget revoke button (merge request)
- Additional updates to PAT buffered expiration flow by @joe-snyder (merge request)
- Improve confusing UX when deleting free project on gitlab.com (merge request) GitLab Enterprise Edition
- Fix styling in Analytics data explorer (merge request) GitLab Enterprise Edition
- Fix work item create new draft data (merge request)
- Don't rewrite
applies_to_all_protected_branches value on update (merge request) GitLab Enterprise Edition
- BranchRuleDelete mutation: fix 500 error when rule is missing (merge request)
- Fix incorrect query parameters for commits request (merge request)
- Backport bugfix for diff_files highlighting (merge request)
- fix: Add missing gitlab_sec schema to PrometheusAlertIndicator (merge request)
- Fix message for the restart merge train popup (merge request)
- Sync any_merge_request rules based on scan_result_policy_reads (merge request) GitLab Enterprise Edition
- Show group dropdown for minimal access users (merge request)
- Set minimum override role to developer (merge request)
- Fix vulnerability_states filter for pre-existing approval rules (merge request) GitLab Enterprise Edition
- Fix composite identities with Gitaly calls (merge request)
- Fix a strange bug with preserving paragraphs and list items (merge request)
- Strip frontmatter when including wiki content (merge request)
- Allow issuable expansion when previewing wiki (merge request)
- Fix: last commit box action styling (merge request)
- Allow deactivated users with password reset to reactivate their accounts (merge request)
- Make finalzie background migration no-op (merge request)
- Clean up
upgrade_pdf flag (merge request)
- Capture composite identity in Git workflows (merge request)
- Namespace api find un-replicated newly created trial group by id (merge request) GitLab Enterprise Edition
- Remove Owner from base_access_level roles when creating custom role (merge request) GitLab Enterprise Edition
- Fix free shared runners minutes backfill (merge request) GitLab Enterprise Edition
- Fix ability to use password for Git when password for Web is disabled (merge request)
- Fix color of emoji picker sticky header category header (merge request)
- Ensure p element inside details summary behaves properly (merge request)
- Only truncate/scroll to anchor on mount of work item description (merge request)
- Add pagination to group applications (merge request)
- Fix empty branch name exception for branch delete (merge request)
- Set engine for OpenSearch indices (merge request) GitLab Enterprise Edition
- Deprecate :labels negatable filter value (merge request)
- Fix note creation error for SHA256 repositories (merge request)
- Improve checking on status of SAST jobs (merge request)
- Set request_path when rendering repository blobs (merge request)
- Remove redacting inaccessible wiki link slugs (merge request)
- Make discussions API work with quick actions-only notes (merge request)
- Update doorkeeper to v5.8.1 (merge request)
- Fix date re-calculation when moving children (merge request)
- Changed A tag to pajamas button by @mehulsharma (merge request)
- Fix Flux status popover with long message (merge request)
- Add additional checks for diff tabs (merge request)
- Fix font weight when selecting status (merge request) GitLab Enterprise Edition
- Style fixes for on call schedules page (merge request) GitLab Enterprise Edition
- Remove FF update_approval_rules_for_related_mrs (merge request)
- Fix scrolling in markdown/RTE (merge request)
- Adjust styles of Value stream filters row (merge request)
- Adjust styling of Merge request analytics filters bar (merge request)
- Fix reference to inline code bug by @mehulsharma (merge request)
- Emails on Push: fix wrong number of changed files (merge request)
- Only add matching roles for codeowner role approvers (merge request) GitLab Enterprise Edition
- Disable read_dependency and read_licenses policies for Planner role (merge request) GitLab Enterprise Edition
- Fix GlCard rendering in dark mode for empty repository message (merge request)
- Re-order concurrency limit and deduplication middleware (merge request)
- Make control expression nullable (merge request) GitLab Enterprise Edition
- Update styles of Error tracking list page (merge request)
- Mention ClickHouse requirement in GraphQL queries (merge request) GitLab Enterprise Edition
- Set defaults format to csv (merge request)
- Handle other errors from TomlRB library (merge request)
- Allow approvals widget content to wrap (merge request)
- Fix wording on vulnerability state transitions (merge request) GitLab Enterprise Edition
- Backfill ci_cd_settings when updating project (merge request)
- Move nuget symbol files creation outside uploading package transaction (merge request)
- Ensure project deletion with external pipeline works (merge request)
- Use
:not(.gl-button) selector to avoid overriding GlButton usage (merge request)
- Remove box-shadow from old dropdowns on hover (merge request)
- Pre-load the TanukiEmoji index (merge request)
- Add a namespace to the csv_download_path (merge request)
- Fix dropdown variant for AI actions (merge request) GitLab Enterprise Edition
- Re-add Tier/Offering details to bulk edit issues documentation (merge request)
- Add budget into Auto Resolve process (merge request) GitLab Enterprise Edition
- Backfill nil started_at values (merge request)
- Fix vertical alignment of MR approvals summary (merge request)
- Reset unconfirmed_email if it exists on /users/identity_verification/verify_email_code (merge request) GitLab Enterprise Edition
- Avoid creating approval rules from policies for unprotected branches (merge request) GitLab Enterprise Edition
- Fix alignment of wiki pages buttons (merge request)
- Fix page header button alignment (merge request)
- Fix incorrect conflict warnings on issuable update (merge request)
- Fix Psych::DisallowedClass in WebHookLog (merge request)
- Fix integration test settings (merge request)
- Fix gap between avatar and text for board assignee in config modal (merge request) GitLab Enterprise Edition
- Fix spacing of boad configuration modal buttons at small size (merge request)
- Continue to show roadmap filters bar when no results to access settings (merge request) GitLab Enterprise Edition
- Revert removing default value from oauth tables (merge request)
- Allow plus icons in project nav to inherit color (merge request)
- Do not warn changelog required when removing feature flag patches (merge request)
- Ensure access_level is present before comparison (merge request)
- Fix undefined method error 'assigned_to_duo_enterprise?' (merge request) GitLab Enterprise Edition
- Fix accessibility violation for vue_shared/settings-block (merge request)
- Support quick actions in commits and discussions API (merge request)
- Avoid reporting error in Sentry for known failures (merge request)
- Add optional chaining to avoid
null error (merge request)
- Fix is_blocked_by for epic work item (merge request) GitLab Enterprise Edition
- Fix protected tags with Deploy keys (merge request)
- Fix Dangerfile parsing non-Ruby files (merge request)
- Fix epic work item rake task progressbar (merge request) GitLab Enterprise Edition
- Fix search on the environments page (merge request)
- Only show LFS misconfiguration banner when objects exist in project repo (merge request)
- Skip validations when transforming references (merge request)
- Mark repository at URL not found as missing on primary (merge request) GitLab Enterprise Edition
- Fixed z-index issue in content editor box by @mehulsharma (merge request)
- Add guard clause to Wiki#find_page when title is nil (merge request)
- Rewrite the InitialIndexingEventWorker to fix the SQL timeout (merge request)
- Fix the logic of mark_indices_as_ready (merge request) GitLab Enterprise Edition
- Cache Cloud Connector keys in process memory (merge request) GitLab Enterprise Edition
- Refactor to check if user has access to experimental features (merge request) GitLab Enterprise Edition
- Do not create system not when linked on same EPIC (merge request) GitLab Enterprise Edition
- Fetch projects in subgroups for DORA projects comparison chart (merge request) GitLab Enterprise Edition
- Ensure cron manager receives updated geo node (merge request) GitLab Enterprise Edition
- Raise internal/suggested_reviewers query limit to 110 (merge request)
- Fix code block style in RTE (merge request)
- Release use_exclusive_lease_in_mvn_find_or_create_package FF (merge request)
- Allow pushing locked LFS files merged from upstream (merge request)
- Ensure .pipeline-policy-pre jobs finish before starting others (merge request) GitLab Enterprise Edition
- Zoekt: Do not process failed repos (merge request) GitLab Enterprise Edition
- Fix stages_compatible? not being restrictive enough (merge request) GitLab Enterprise Edition
- Make sure ref_type for History control is appended only once (merge request)
- Fix wrong changes counter on merge request commit diffs (merge request)
- Temporary fix for activity feed tooltip contrast (merge request)
- Fix 403 errors when setting CI/CD variables via REST API (merge request)
- Improve error message for runner creation with invalid scope (merge request)
- Fix model registry version table error with null author (merge request)
- Fix dependency on ApplicationSetting stubs for
let_it_be (merge request)
- Improve MR resource prompt to avoid misunderstandings of LLM (merge request) GitLab Enterprise Edition
- Allow invited Owners to top-level group to manage its enterprise users (merge request) GitLab Enterprise Edition
- Ensure placeholder references are creating in Direct Transfer (merge request)
- Revert "Merge branch 'remove-ff-lfs_misconfiguration_banner' into 'master'" (merge request)
- Fix translated string used in comparison (merge request) GitLab Enterprise Edition
- Fix 500 error for /api/v4/groups?all_available=false&statistics=true API (merge request)
- Mini Pipeline Graph dropdown: Change job action button size to sm (merge request)
- Notes: Confidential or locked message see-through fix (merge request)
- Fix edit snippet button alignment (merge request)
- Add a loading state for branch rule query (merge request)
- Ensures margin in confidential badge (merge request)
- Fix creating current iterations by @umahasu (merge request) GitLab Enterprise Edition
- Fix code reloading problems with custom database types (merge request)
- fix: Ordering of metadata on work items Child & Linked widgets by @vedant-jain03 (merge request)
- Sync security policies when compliance framework is changed (merge request) GitLab Enterprise Edition
- Return unique project set on any framework filter (merge request) GitLab Enterprise Edition
- Fix issue dashboard ANY/NONE assignee filters (merge request)
- Enable nested expansion in rules:changes/exists (merge request)
- Enforce both scan and pipeline execution policies with missing CI (merge request) GitLab Enterprise Edition
- Sort by member role when a user has the same access_level (merge request)
- Improvements for markdown editor resize behavior (merge request)
- Hotix: filtering out licenses with a nil spdx_identifier (merge request) GitLab Enterprise Edition
- Update glql docs link (merge request)
- Fix behavior of copy buttons on Wiki clone modal (merge request)
- Ensure collapsed sidebar todo button is correct color (merge request)
- Only show "can only add issues" warning when issuableType is issue (merge request)
- Remove description text limit on security_policies (merge request)
- Fix wrong MR reference in draft notes (merge request)
- Fix ElasticIndexingControlWorker exception (merge request) GitLab Enterprise Edition
- Fix Keyboard shortcuts for work items (merge request)
- Log AI Gateway client HTTP errors (merge request)
- Ensure new issues in iteration list have that iteration (merge request) GitLab Enterprise Edition
- Fix X-Gitlab-Token always present in webhook logs (merge request)
- Revert external_audit_event_destination url generation change (merge request) GitLab Enterprise Edition
- Ensure
! is used for MR identifiers in Vue MR list page (merge request)
- Filter security_findings by latest successful security_scan (merge request) GitLab Enterprise Edition
- Add pagination to projects DORA comparison table (merge request) GitLab Enterprise Edition
- Fix responsive layout of failed pipeline job troubleshoot button (merge request) GitLab Enterprise Edition
- Fix 401 errors when installing the GitLab for Jira app (merge request)
- Fix ActionView::Template::Error: undefined method `xpath' (merge request)
- Nil check in after_sign_in_path_for (merge request)
- Support stages from policies with override_project_ci strategy (merge request) GitLab Enterprise Edition
- Pre-populate branch name for delete and replace blob (merge request)
- Fix logic and styling of archived project warning in diff comments (merge request)
- Change audit label to 30 days instead of month (merge request) GitLab Enterprise Edition
- Fix incorrect pull mirror configuration after re-creation (merge request) GitLab Enterprise Edition
- Fix: incorrect sorting url for branches (merge request)
- Add missing email suffix for Emails On Push and Admin emails (merge request)
- Show None role for invited group members when project sharing disabled (merge request)
Changed (227 changes)
- Remove feature flag (merge request)
- Add currentUser query to LockDirectoryButton (merge request) GitLab Enterprise Edition
- Resolve cross-transaction when destroying project (merge request) GitLab Enterprise Edition
- Extend topics explore page to provide more details by @bufferoverflow (merge request)
- HelpIcon migrations (merge request)
- Remove set_feature_flag_service feature flag (merge request)
- Basic MVP for wiki template management from create page (merge request)
- Add feature flags for all included duo context (merge request) GitLab Enterprise Edition
- Add summarize new mr aigw service (merge request) GitLab Enterprise Edition
- Use cloud connector gem config and remove access_data.yml (merge request)
- Update existing approvers when yaml updates (merge request) GitLab Enterprise Edition
- Queue AfterImportWorker after every import (merge request)
- Enable closing issues automatically, cross-project (merge request)
- Distinguish Jira Connect apps by hostname (merge request)
- Write organization_id to oauth tables (merge request)
- Migrate value_stream_metrics REST queries to Graphql (merge request)
- Resolve "Geo - Rename Replication Status to Database Replication status and... (merge request) GitLab Enterprise Edition
- Use commit changes modal for upload/replace blob (merge request)
- Rearrage viewer swithcer and table contents (merge request)
- Refactor getIterationPeriod() to support locale dateformat (merge request)
- Add currentUser query to LockDirectoryButton (merge request) GitLab Enterprise Edition
- Protected branches settings: Change breakpoint of table (merge request)
- Don't expose url credentials for bulk import (merge request)
- Remove cross-join from ProjectsGrade (merge request) GitLab Enterprise Edition
- Remove isNotSastIACTemporaryHack (merge request) GitLab Enterprise Edition
- Update feature flag type for 3rd party importer user mapping to beta (merge request)
- Move compliance center up in project nav (merge request)
- Enabled importer_user_mapping by default (merge request)
- Enabled bulk_import_importer_user_mapping by default (merge request)
- Enable auto-resolve feature flags by default (merge request)
- Add currentUser query to LockDirectoryButton (merge request) GitLab Enterprise Edition
- Change default of
restrict_user_defined_variables to true behind FF (merge request)
- Rollout feature flag for self-maneged instances (merge request) GitLab Enterprise Edition
- Add exceptions selector to allow deny list (merge request) GitLab Enterprise Edition
- Add time window for sep schedule scans (merge request) GitLab Enterprise Edition
- Raise error on rename/move if geo is enabled (merge request) GitLab Enterprise Edition
- Move confidentiality to actions menu for legacy issuable (merge request)
- Update validation for multiple approval actions (merge request) GitLab Enterprise Edition
- Switch duo pro cdot direct linking in favour of redirect (merge request) GitLab Enterprise Edition
- Update validation of multiple approval actions (merge request) GitLab Enterprise Edition
- Add conditions to LFK definition (merge request) GitLab Enterprise Edition
- Move work item dev widget to main body and add create entity (merge request) GitLab Enterprise Edition
- Move Import::GithubService#repository_size_limit to EE (merge request)
- Add disable password authentication to group audit events (merge request) GitLab Enterprise Edition
- Update labels for required comments and dismissal reasons (merge request) GitLab Enterprise Edition
- Iterations: Migrate to use Crud (merge request)
- Remove role question from new group creation (merge request)
- Empty project page follow up by @mh4ckt3mh4ckt1c4s (merge request)
- Remove search_auth_filter_for_work_items feature flag (merge request) GitLab Enterprise Edition
- Delete remote_development_agent_configs table (merge request)
- Update dependency auto-deploy-image to v2.114.0 (merge request)
- Fix CI_PAGES_DOMAIN and CI_PAGES_URL for parallel deployments (merge request)
- Add assignee_ids field to merge request index (merge request) GitLab Enterprise Edition
- Update compliance center framework drawer UX (merge request) GitLab Enterprise Edition
- Remove temporary_ignore_tables_in_transaction issue already solved (merge request) GitLab Enterprise Edition
- Remove temporary_ignore_tables_in_transaction issue already solved (merge request) GitLab Enterprise Edition
- Add correlation_id to mergeability check error (merge request)
- Remove multi column null constraint (merge request) GitLab Enterprise Edition
- Remove search_query_authorization_refactor feature flag (merge request) GitLab Enterprise Edition
- Do not show username for vulnerability details system notes (merge request) GitLab Enterprise Edition
- Admin Token API: Identify Pipeline trigger tokens by @nwittstruck (merge request)
- Tag the ID/path in Projects::DestroyService logs (merge request)
- Model creation screens "cancel" buttons to move back (merge request)
- Improve underscore error and Geo doc (merge request) GitLab Enterprise Edition
- Add collapsible commit component for blob page on narrow viewports (merge request)
- Make CI job token JWT available for composite identity users (merge request)
- Model version creation screen "cancel" button to move back (merge request)
- Set default for desired_config_generator_version fiedl (merge request) GitLab Enterprise Edition
- Store vulnerability user mentions after commit (merge request) GitLab Enterprise Edition
- Use "Advanced SAST" name for SAST_ADVANCED report (merge request) GitLab Enterprise Edition
- Handle bespoke integrations observe allowlist (merge request) GitLab Enterprise Edition
- Update new pipeline button (merge request)
- Add toast when work item confidentiality is toggled (merge request)
- Extend policy editor sidebar width (merge request) GitLab Enterprise Edition
- Changed shared component to be more universal (merge request)
- Format numbers in statistics_card.vue (merge request) GitLab Enterprise Edition
- Remove prompt_migration_categorize_question flag (merge request) GitLab Enterprise Edition
- Makes verify_self_hosted_setup accepts username (merge request)
- Change approval selector disabled state (merge request) GitLab Enterprise Edition
- Update self-hosted models table column name (merge request)
- Use link variant for merge trains button on MR list (merge request)
- Add allow deny list modal (merge request) GitLab Enterprise Edition
- Don't fetch projects in subgroups for DORA projects comparison chart (merge request) GitLab Enterprise Edition
- Adding a limit to the number of auto-resolved vulnerabilities (merge request) GitLab Enterprise Edition
- Code flow: Make file title into a link to the file (merge request) GitLab Enterprise Edition
- Additional webhook types for Datadog integration by @rpelliard (merge request)
- Activity contribution calendar: Migitate grid illusion (merge request)
- Expose invite_accepted_at field to display member access granted date by @antonkalmykov (merge request)
- ML Model registry: Update create/edit forms (merge request)
- Refactor container registry list_spec.js by @antonkalmykov (merge request)
- Customize edit button in code flow file header (merge request) GitLab Enterprise Edition
- Update audit event streaming destination name validations (merge request) GitLab Enterprise Edition
- Add copy branch button on branch creation alert (merge request)
- Add usage of CustomersDot error messages to view helpers (merge request) GitLab Enterprise Edition
- Highlight changed fields in framework update audit log (merge request) GitLab Enterprise Edition
- Pluralize job_token_policy route_setting (merge request)
- Admin Token API: Identify Impersonation Tokens by @nwittstruck (merge request)
- Remove redundant self-hosted models HAML views (merge request) GitLab Enterprise Edition
- Model registry: List all Experiments (merge request)
- Improve mobile layout of (Vue) Todos page (merge request)
- Changed text on the breadcrumbs for creating new entities in projects: by @illia_bakunovskyi (merge request)
- Replace unique index on scan_result_policies with action_idx (merge request) GitLab Enterprise Edition
- Use correct entity value in runner audit log events (merge request) GitLab Enterprise Edition
- Remove
epic and reaction from GLQL docs (merge request)
- Add gitlab standard layout to admin emails by @jimender2 (merge request)
- Model registry: Bump patch by default instead of major (merge request)
- Move history button into commit box on repository and blob pages (merge request)
- Updates add seats button on duo seat utilization (merge request) GitLab Enterprise Edition
- Resolve cross-transaction when moving issues (merge request) GitLab Enterprise Edition
- Update sast and dast adherence wording (merge request) GitLab Enterprise Edition
- Regularly update zoekt indices with mismatched watermark levels (merge request) GitLab Enterprise Edition
- Package registry: Pretty wrap long names (merge request)
- Display role labels instead of counters (merge request)
- Pipeline mini graph polling update (merge request)
- Used seat_control_user_cap? to check user_cap enabled (merge request) GitLab Enterprise Edition
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Rephrase API forbidden error message (merge request)
- Not use translated strings for deployment target on project creation by @antonkalmykov (merge request)
- Update group for export_csv_preload_in_batches (merge request)
- Remove btn-color SCSS mixin and usage (merge request)
- Split Microsoft applications table (merge request)
- Expose exitCode on jobs in GraphQL (merge request)
- Remove feature flag glql_rust (merge request)
- Use correct entity value in runner audit log events (merge request) GitLab Enterprise Edition
- Show rule button tooltip for merge request approval policy (merge request) GitLab Enterprise Edition
- Adjust the style of admin breakdown cards (merge request)
- Convert token_expiry_notify_inherited to cascading setting (merge request)
- Create Dangerfile for internal user changes (merge request)
- Include last contacted time on audit log when runner is deleted (merge request) GitLab Enterprise Edition
- Add policy action index to approval rules and scan_result_policies (merge request) GitLab Enterprise Edition
- Write organization_id on OAuth tables (merge request)
- Admin Token Api: Identify Runner Authentication Tokens by @nwittstruck (merge request)
- Enable not-null constraint on namespaces.organization_id column (merge request)
- Remove multiple versions setting from project settings (merge request) GitLab Enterprise Edition
- Generate audit event per project association from runner (merge request) GitLab Enterprise Edition
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Adds page description to Usage Quotas Pipelines tab (merge request) GitLab Enterprise Edition
- Stop creating keep-arounds for sent notifications (merge request)
- Stop creating keep-arounds for Todos (merge request)
- Model card tabs rendering without versions (merge request)
- Move groups_controller from subscriptions (merge request) GitLab Enterprise Edition
- Move history button into commit box on repository and blob pages (merge request)
- Remove the ci_skip_persistent_ref_existence_check feature flag (merge request)
- Sort compliance framework project settings by created_at (merge request) GitLab Enterprise Edition
- Set namespaces.organization_id to NOT NULL (merge request)
- Prevents db.rake to alter cell sequences range (merge request)
- Update VR MR disclaimer text to
Fix' from Patch` (merge request) GitLab Enterprise Edition
- Add ci minutes usage details to the warning banner (merge request) GitLab Enterprise Edition
- Diff viewed files: Make visual difference more evident (merge request)
- Display bolder warning if email TLD is missing (merge request)
- Support cost factor fields in runner creation GraphQL (merge request) GitLab Enterprise Edition
- Remove bulk_push_concurrency_limit_resume_worker FF (merge request)
- Update security policy yaml when filter is updated (merge request) GitLab Enterprise Edition
- It does not alter cell sequences for legacy cell (merge request)
- Backfill spdx column in software_license_policies table (merge request) GitLab Enterprise Edition
- Remove purchase seats button for duo enterprise trial (merge request) GitLab Enterprise Edition
- Add Ability to reference maintainers or developers from codeowners (merge request) GitLab Enterprise Edition
- Route minimal access user to groups dashboard (merge request) GitLab Enterprise Edition
- Style improvements in the 2FA page (merge request)
- Only remove SeatAssignment if no other membership (merge request) GitLab Enterprise Edition
- Requeue backfill security policies background migration (merge request) GitLab Enterprise Edition
- Make dismissal comment required in finding modal (merge request) GitLab Enterprise Edition
- Update Doorkeeper to version 5.8.0 (merge request)
- Add infinite scroll to exceptions dropdown (merge request) GitLab Enterprise Edition
- Remove file path tooltips from repo page (merge request)
- Fix failed jobs widget size (merge request)
- Send stop indexing signal to zoekt nodes on critical watermark (merge request) GitLab Enterprise Edition
- Replace database token with JWT for CI Job Tokens (merge request)
- Ignore failed zoekt repositories when checking non_ready instances (merge request) GitLab Enterprise Edition
- Reduce size and padding of collapse replies button (merge request)
- Mark all ready zoekt indices as pending (merge request) GitLab Enterprise Edition
- Ensure grouped iteration cadences are sorted alphabetically (merge request) GitLab Enterprise Edition
- Support submitting create work item form with keyboard (merge request)
- Removes unnecessary top margin on Members page (merge request)
- Disable OfflineCloudLicenseProvisionWorker for SaaS (merge request)
- Remove embedding_cron_worker_re_enqueue feature flag (merge request) GitLab Enterprise Edition
- Log requested scopes when auth is denied (merge request)
- Update dependency auto-deploy-image to v2.113.0 (merge request)
- Update seat_control based on new_user_signups_cap (merge request)
- Add feature flag for multiple approver action (merge request) GitLab Enterprise Edition
- User profile contribution activity calendar darkmode update (merge request)
- Use
WARN log level when vulnerable code is too long for an LLM (merge request) GitLab Enterprise Edition
- Code flow: Truncate steps file path and file name (merge request) GitLab Enterprise Edition
- Add feature flag for validation service (merge request) GitLab Enterprise Edition
- Replace api calls with graphql queries (merge request) GitLab Enterprise Edition
- Resolve cross-join in vuln bulk dismiss service (merge request) GitLab Enterprise Edition
- Log check result status in mergeability logger (merge request)
- Adds traversal_ids to merge request index (merge request) GitLab Enterprise Edition
- Add animation to a recation picker (merge request)
- Super sidebar: Refine Gray and Neutral themes in darkmode (merge request)
- Change ProcessFileService to return error response when error (merge request)
- Make Jenkins Banner dismissable (merge request)
- Move
daysToSeconds local function to the shared utils by @antonkalmykov (merge request) GitLab Enterprise Edition
- Sticky submit buttons in work item epic modal (merge request)
- Refine feature flags documentation (merge request)
- Add indexes to improve syncing security policy to approval_rules (merge request)
- Update documentation regarding custom stages and override_project_ci (merge request)
- Clean up wiki clone steps (merge request)
- Move types and enums to registry namespace (merge request)
- Update focused file styles (merge request)
- Backfill target_project_id for ComplianceViolation (merge request)
- Always show Flux resource selector on the environment settings page by @antonkalmykov (merge request)
- Update emojis from tanuki_emoji gem (merge request)
- Update zoekt watermark level whenever reservations change (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.112.0 (merge request)
- Re-redesignate merge_request_diff_commit_users as gitlab_main_cell (merge request)
- Modify approval_rules when security policy is changed (merge request) GitLab Enterprise Edition
- Remove job polling (merge request)
- Do not create DiffNote commented event in GithubImport (merge request)
- Reduce repository batch size for zoekt initial indexing (merge request) GitLab Enterprise Edition
- Update title copy for stop environment modal by @antonkalmykov (merge request)
- Clarify origin of changes in merge conflicts (merge request)
- Do not assign users to the default organization if it does not exist (merge request)
- Two Factor Auth page: Migrate components (merge request)
- Align note layout to legacy (merge request)
- Remove cross-DB from related_vulnerabilities (merge request) GitLab Enterprise Edition
- Add top_level_only argument to a group resolver (merge request)
- Update sharding_key for ci_pipeline_chat_data (merge request)
- Update sharding key for p_ci_pipelines_config (merge request)
- Allow a non admin developers to download Terraform state via the UI by @antonkalmykov (merge request)
- Improve Stopping Environments Modal usability by @antonkalmykov (merge request)
- Fix links to docs from misc ruby files (merge request)
- Drop broken FK for p_ci_builds.upstream_pipeline_id (merge request)
- Enhance consistency between dynamic and static 503 error pages (merge request)
- Skip create index tasks for indices that should be deleted (merge request) GitLab Enterprise Edition
- Remove dont_ignore_alternate_directories feature flag (merge request)
- Delete zoekt replicas during evictions (merge request) GitLab Enterprise Edition
Deprecated (3 changes)
- Initial checkin for GitLab Duo Usage Quotas alert (merge request) GitLab Enterprise Edition
- Initial checkin for decomissioning general duo settings (merge request) GitLab Enterprise Edition
- Deprecate RunnersRegistrationTokenReset GraphQL mutation (merge request)
Removed (21 changes)
- Remove migrate_memberships column (merge request)
- Remove feature flag pre_receive_secret_detection_push_check (merge request) GitLab Enterprise Edition
- Remove dead code associated with commit box pipeline status (merge request)
- Remove the
enable_vsd_visual_editor feature flag (merge request) GitLab Enterprise Edition
- Remove revisions columns from packages_conan_file_metadata table by @oceane_scania (merge request)
- Remove feature flag - soft_limit_daily_phone_verifications (merge request)
- Remove feature flag - credit_card_validation_daily_limit (merge request)
- Remove feature flag - unverified-account-group-creation-limit (merge request)
- Remove bitbucket_server_user_mapping_by_username feature flag (merge request)
- Remove feature flag cloud_connector_jwt_replace (merge request) GitLab Enterprise Edition
- Remove feature flag: secret_detection_project_level_exclusions (merge request)
- Revert "Relax criteria for proxying Git fetches" (merge request) GitLab Enterprise Edition
- Remove duplicated Duo Pro alert (merge request) GitLab Enterprise Edition
- Remove feature flag - require_identity_verification_for_old_users (merge request)
- Drop namespace_details pending_delete column (merge request)
- Drop temporary_storage_increase_ends_on column (merge request)
- Remove
vsa_standalone_settings_page feature flag (merge request) GitLab Enterprise Edition
- Remove git_write_at column from onboarding_progresses (merge request) GitLab Enterprise Edition
- Drops file_checksum column from xray_reports table (merge request)
- Remove last_activity_on from members table (merge request)
- Cleanup references to epic_color_highlight feature flag (merge request) GitLab Enterprise Edition
Security (25 changes)
- Update rails-html-sanitizer to 1.6.1 (merge request)
- Revert "Merge branch '456922-confidential-issue' into 'master'"
- Update file GITLAB_KAS_VERSION
- Fix: unsubscribe from actioncable channel when PAT is revoked
- HTML injection in vulnerability details, leads to XSS on self hosted servers
- Add timeout around Parslet in template parser
- Add authorization check to protectableBranches field
- Ignore titles for GFM links in rich text editor
- Add query to filter_parameters
- Restrict user and group creation when same pages unique domain exist
- Check harbor name & digest for path traversal
- Added invalid redirect fragment check
- Do not set session cookie for /v2 endpoints in the response
- DoS by repeatedly sending unauthenticated requests for diff-files of a commit or merge request
- Make confidential threads unresolvable via new issue
- Reduce REGEXP_TIMEOUT_SECONDS to 45 seconds (merge request)
- Update rails to version 7.0.8.6 (merge request)
- Upgrade fugit to 1.11.1 (merge request)
- Add size check for harbor registry
- Allow a LFS token to be used only for LFS related requests
- Adding JobArtifactReport class to pre-emptively validate job artifacts
- Move allow_access_with_scope to class level
- Fix possible DOS with TOML file parsing
- Update cross-spawn to resolve CVE-2024-21538 (merge request)
- Update webrick to 1.8.2 (merge request)
Performance (9 changes)
- Resolve N+1 queries in Groups::ChildrenController (merge request)
- Add responsive throttling for ph reassignment (merge request)
- Improve performance of rendering fork button (merge request)
- Improve performance of feature checks with actor (merge request) GitLab Enterprise Edition
- Stop creating keep-arounds on merge-request notes (merge request)
- Fetch sidebar counts async (merge request)
- Stop creating keep-arounds in cleanup ref service (merge request)
- Remove billed_project_members_performance_improvement feature flag (merge request) GitLab Enterprise Edition
- Optimize packages lookup in the deprecate npm packages service (merge request)
Other (143 changes)
- test: Refactor test utility configure_mock_auth by @gerardo-navarro (merge request)
- Add foreign key constraint to
namespaces.organization_id (merge request)
- Backfill onboarding_status_role from role column in users table (merge request)
- Implement pipl alert (merge request) GitLab Enterprise Edition
- Cleanup globally enabled feature flag
incubation_5mp_google_cloud (merge request)
- Quarantine a flaky test (merge request)
- Remove ignore_policies_for_unprotected_branches feature flag (merge request) GitLab Enterprise Edition
- Remove default on
project_saved_replies_flag feature flag (merge request)
- Fix rubocop bounded context for GitLab pages by @gerardo-navarro (merge request)
- Implement block pipl users (merge request) GitLab Enterprise Edition
- Add telesign_intelligence application setting (merge request) GitLab Enterprise Edition
- Remove feature flag - hard_limit_daily_phone_verifications (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine spec/features/cycl_analytics_spec.rb test (merge request)
- Add new FK for builds execution configs (merge request)
- Change data consistency for permissions workers (merge request)
- refactor: Use ServiceResponse for VerifyPagesDomainService by @gerardo-navarro (merge request)
- Enable ci_optimize_memory_for_variables and remove the FF (merge request)
- Allow premium namespaces who trialed as free to do it again (merge request) GitLab Enterprise Edition
- Add a new scheduling task adjust_indices_reserved_storage_bytes (merge request) GitLab Enterprise Edition
- Excludes existing bigint IDs from bigint conversion helpers (merge request)
- Schedule async FK validation for p_ci_stages partitions (merge request)
- Remove the deprecated worker (merge request)
- Add the FF zoekt_optimized_performance_indexing (merge request) GitLab Enterprise Edition
- Remove software licenses sharding key issue url (merge request)
- Ensures the ticket work item type has the same widgets as issues (merge request)
- Update github service (merge request)
- Remove company question from duo pro and ultimate trial forms (merge request) GitLab Enterprise Edition
- Cleanup stop_bulk_sidekiq_job_activation feature flag (merge request) GitLab Enterprise Edition
- Regenerate RuboCop TODO files (merge request)
- Requeue backfill milestone releases (merge request)
- Add RuboCop rule to enforce class-level allow_access_with_scope (merge request)
- Remove references to Codestral model for SaaS (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill namespace_id for status_page_published_incidents (merge request)
- Finalize migration BackfillResourceLinkEvents (merge request)
- Add & backfill sharding keys for protected_branch_merge_access_levels (merge request)
- Add new FK for build execution configs (merge request)
- Add and backfill namespace_id for resource_weight_events (merge request)
- Remove sharding key issue from geo_events (merge request)
- Add NOT NULL constraint on project.organization_id column (merge request)
- Remove run_keyword_instrumentation feature flag (merge request)
- Clean up YAML definition file for prompt_migration_summarize_review ff (merge request)
- Add and backfill namespace_id for issue_emails (merge request)
- Add and backfill namespace_id for issue_user_mentions (merge request)
- Remove feature flags for pre-Chat GA (merge request) GitLab Enterprise Edition
- Add desired sharding key for BuildPendingStates (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill namespace_id for issue_metrics (merge request)
- Add and backfill namespace_id for sentry_issues (merge request)
- Add and backfill namespace_id for issue_customer_relations_contacts (merge request)
- Add and backfill namespace_id for issue_email_participants (merge request)
- Add and backfill namespace_id for resource_link_events (merge request)
- Add and backfill namespace_id for issuable_metric_images (merge request)
- Add and backfill namespace_id for issue_assignment_events (merge request)
- Add missing rollout issues for feature flags (merge request) GitLab Enterprise Edition
- New web_hooks.vulnerability_events migration (merge request)
- Store WAL locations in concurrency limiter (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill namespace_id for incident_management_issuable_escalatio (merge request)
- Add and backfill namespace_id for work_item_progresses (merge request)
- Add and backfill namespace_id for issuable_resource_links (merge request)
- Backfill missing user_detail records for specific user_types (merge request)
- Add Edit button to tree header (merge request) GitLab Enterprise Edition
- Add and backfill namespace_id for issuable_severities (merge request)
- Regenerate RuboCop TODO files (merge request)
- Quarantine a flaky test (merge request)
- Set missing/incorrect feature categories for tests (merge request)
- Sync approval policies after creating security_policies (merge request) GitLab Enterprise Edition
- Set pipeline expiry time (merge request)
- Quarantine a flaky test (merge request)
- Cleanup security_policies_sync feature flag (merge request) GitLab Enterprise Edition
- Add foreign key beween builds and pipelines (merge request)
- Change data consistency for workers maintained by code_testing (merge request)
- Async validate new ci_pipelines FKs (merge request)
- Remove broken FK between pipelines and build exec configs (merge request)
- Remove duo_chat_stream_help_answer feature flag (merge request) GitLab Enterprise Edition
- Finalize migration BackfillVulnerabilityFindingsRemediationsProjectId (merge request)
- Remove feature flag: fail_stuck_mirrors (merge request)
- Remove "remote_mirror_fail_on_lfs" feature flag (merge request)
- Start implementing recurring PIPL email (merge request) GitLab Enterprise Edition
- Finalize DisableAllowRunnerRegistrationOnNamespaceSettingsForGitlabCom (merge request)
- Remove unused matched_lines_count (merge request)
- Fix all RSpec/IsExpectedSpecify offenses by @richie_ctr360 (merge request)
- Quarantine a flaky test (merge request)
- Backfill subscription_seat_assignments table (merge request) GitLab Enterprise Edition
- Remove
ssh_certificates_rest_endpoints feature flag (merge request)
- Cleanup use_latest_security_scans_for_security_policies flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add and backfill group_id for group_wiki_repository_states (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Change data consistency for workers maintained by importers (merge request)
- Change data consistency for workers maintained by pipeline_composition (merge request)
- Fix the spacing between trials title and text (merge request) GitLab Enterprise Edition
- Model registry: Add metrics for projects and namespaces (merge request)
- Create foreign key for build execution configs (merge request)
- Remove "cached_commits" feature flag (merge request)
- Remove the variable from manual_confirmation message by @francoisauclair911 (merge request)
- Regenerate RuboCop TODO files (merge request)
- Update chat-based integrations to use shared modules (merge request) GitLab Enterprise Edition
- Remove 'explain_code_chat' feature flag (merge request)
- Remove
web_ui_commit_author_change feature flag (merge request)
- Remove the FF ci_variables_optimize_kubernetes_variables (merge request)
- Cleanup trial gitlab subscription date attributes (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Adding ci_pipelines to LFK config file (merge request)
- Fix Style/IfUnlessModifier offences by @divyamtayal (merge request)
- Regenerate RuboCop TODO files (merge request)
- Remove "handle_structured_gitaly_errors" feature flag (merge request)
- Mark 20240626145458 as obsolete (merge request) GitLab Enterprise Edition
- Remove zoekt_send_tasks feature flag (merge request) GitLab Enterprise Edition
- Add UX improvement for in-app trials on button and titles (merge request) GitLab Enterprise Edition
- Refactor RubyGems package enqueuing by @holtvogt (merge request)
- Finalize migration BackfillProjectRelationExportsProjectId (merge request)
- Cleanup "enforce_ssh_certificates_via_settings" feature flag (merge request)
- config: Disable GitLab container registry by default in gitlab test env by @gerardo-navarro (merge request)
- Bulk enqueue for ConcurrencyLimit::ResumeWorker (merge request)
- Add resource_usage_limits column to application_settings (merge request)
- Add async validation for p_ci_builds - p_ci_pipelines FK (merge request)
- Validate duplicate jobs cookie against schema (merge request)
- Finalize migration BackfillStatusCheckResponsesProjectId (merge request)
- Remove CiEditor tool (merge request) GitLab Enterprise Edition
- refactor: Use single quote in shared example by @gerardo-navarro (merge request)
- Cleanup spamcheck_runway_migration feature flag (merge request)
- Remove ai_impact_only_on_duo_enterprise feature flag (merge request) GitLab Enterprise Edition
- Bump ruby-lsp version (merge request)
- Remove search_mr_filter_label_ids feature flag (merge request) GitLab Enterprise Edition
- Mark 20240517092224 as obsolete (merge request) GitLab Enterprise Edition
- Update step JSON schema (merge request)
- Finalize CopyTaggingsToPCiBuildTags migration (merge request)
- Send invited_user_ids on MembersAdded event (merge request)
- Finalize DeleteOrphanedBuildRecords migration (merge request)
- Concurrency limit: parallelize resume worker (merge request) GitLab Enterprise Edition
- Finalize migration BackfillUserAchievementsNamespaceId (merge request)
- Finalize migration BackfillTerraformStateVersionsProjectId (merge request)
- Model registry: Add additional tests (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Protected packages: Use CheckRuleExistenceService in npm push protection by @gerardo-navarro (merge request)
- Finalize migration BackfillMlExperimentMetadataProjectId (merge request)
- Finalize migration BackfillDastSiteValidationsProjectId (merge request)
17.6.5 (2025-02-11)
Security (7 changes)
- Security Duo Chat Escape Unknown Domain Hyperlinks (merge request)
- Hide sensitive workhorse headers and fix route confusion between web and workhorse routes (merge request)
- Reduce memory allocations on create PAT endpoint (merge request)
- Prevent SSRF attacks for Workspaces (merge request)
- Prevent read code access when repository is disabled (merge request)
- Fixes XSS on the target branch in the merge request widget (merge request)
- Unsubscribe from actioncable channel when PAT is revoked (merge request)
17.6.4 (2025-01-22)
Fixed (2 changes)
- Add BoardEpicConnection type policy for pagination GitLab Enterprise Edition
- Fix handling of short gzip metadata files
Security (4 changes)
- Fix protected variable exfiltration (merge request)
- Enhance rich viewer sanitization (merge request)
- Avoid recursive sidekiq calls on cyclic work item hierarchies (merge request)
- Respect the private profile constraints (merge request)
Other (1 change)
17.6.3 (2025-01-08)
Fixed (2 changes)
- Backport bugfix for diff_files highlighting
- Fix ability to use password for Git when password for Web is disabled
Security (4 changes)
- Prevent cyclic reference in work item hierarchy widget from frontend (merge request)
- Allow external_provider config take precedence over external_groups (merge request)
- Filter out sensitive parameters on Auth logs (merge request)
- Don't allow unauthorized users to close issues automatically (merge request)
17.6.2 (2024-12-10)
Fixed (2 changes)
- Add guard clause to Wiki#find_page when title is nil
- Fix 401 errors when installing the GitLab for Jira app
Security (11 changes)
- Add timeout around Parslet in template parser (merge request)
- Add authorization check to protectableBranches field (merge request)
- Check harbor name & digest for path traversal (merge request)
- Ignore titles for GFM links in rich text editor (merge request)
- Restrict user and group creation when same pages unique domain exist (merge request)
- DoS by repeatedly sending unauthenticated requests for diff-files of a commit or merge request (merge request)
- Add query to filter_parameters (merge request)
- Added invalid redirect fragment check (merge request)
- Make confidential threads unresolvable via new issue (merge request)
- Do not set session cookie for /v2 endpoints in the response (merge request)
- HTML injection in vulnerability details, leads to XSS on self hosted servers (merge request)
17.6.1 (2024-11-26)
Security (6 changes)
- Add size check for harbor registry (merge request)
- Adding JobArtifactReport class to pre-emptively validate job artifacts (merge request)
- Fix: unsubscribe from actioncable channel when PAT is revoked (merge request)
- Allow a LFS token to be used only for LFS related requests (merge request)
- Fix possible DOS with TOML file parsing (merge request)
- Move allow_access_with_scope to class level (merge request)
17.6.0 (2024-11-20)
Added (181 changes)
- Added type and controls column to requirements and api (merge request) GitLab Enterprise Edition
- Allow Sidekiq workers to be disabled by default by configuration (merge request) GitLab Enterprise Edition
- Remove nuget_extract_nuget_package_model feature flag (merge request)
- Introduce rotation of personal tokens in UI by @shangsuru (merge request)
- Add worker for member deletion (merge request)
- Adds ciJobTokenScopeAllowlistEntry graphql type (merge request)
- Update docs to reflect workspaces private container registry support (merge request)
- Track epic syncing errors (merge request) GitLab Enterprise Edition
- Create ci_runner_tags table (merge request)
- Add ai_settings table (merge request)
- Add network polling and pagination (merge request)
- Added API for Project Security Settings (merge request) GitLab Enterprise Edition
- Add sep concurrency control documentation (merge request)
- Add DORA projects comparison panel to group Value Streams Dashboard (merge request) GitLab Enterprise Edition
- Add missing fields to WorkspaceType (merge request) GitLab Enterprise Edition
- Update routes to redirect to duo home (merge request) GitLab Enterprise Edition
- Support workspace suspension (merge request)
- Backfill security policies table from YAML (merge request) GitLab Enterprise Edition
- Add spdx column to software_license_policies table (merge request) GitLab Enterprise Edition
- Create streamers for audit events streaming destinations (merge request) GitLab Enterprise Edition
- Add job to create missing ExternalIssueLinks (merge request) GitLab Enterprise Edition
- Persist add on seat assignments records on CH (merge request) GitLab Enterprise Edition
- Add base importers for GitHub import user mapping (merge request)
- Add rake task to enable work item epics (merge request) GitLab Enterprise Edition
- Sync Application Settings seat_control value with new_user_signups_cap (merge request) GitLab Enterprise Edition
- Protected packages: Integrate push package protection for conan packages by @gerardo-navarro (merge request)
- Backfill project bot user details bot namespace (merge request)
- Add placeholder field for work_item related merge requests (merge request)
- Remove feature flag unblock_rules_using_execution_policies (merge request) GitLab Enterprise Edition
- Claude 3.5 Haiku model addition gitlab-rails (merge request) GitLab Enterprise Edition
- Add support for changing group contact source (for CRM) (merge request)
- Add Conda to supported SBoM PURL_TYPES by @duncanmmacleod (merge request) GitLab Enterprise Edition
- Add webhook for creating a repo (project) (merge request) GitLab Enterprise Edition
- Expose KAS Kubernetes API Proxy URL in metadata APIs (merge request)
- Include model changes and graphql arg for filter by identifier name (merge request) GitLab Enterprise Edition
- User Mapping: Add warning about reasssignments being permanent (merge request)
- Add frameworks tab at project compliance center (merge request) GitLab Enterprise Edition
- Add filter by group inside compliance center projects tab (merge request) GitLab Enterprise Edition
- Show comment tooltips for markdown links to comments (merge request)
- Update GitLab Pages version (merge request)
- GitHub importer add backticks to imported notes (merge request)
- Adds user_seat_management setting (merge request)
- Add frontend and controllers for scheduled merge by @Taucher2003 (merge request)
- Create is_known_exploit column in pm_cve_enrichment and add tests (merge request)
- Allow to regenerate the schema from the beginning by loading init schema (merge request)
- Enable FF true for VR filter in the vulnerability (merge request) GitLab Enterprise Edition
- Add licenses without spdx to custom software license table (merge request)
- Update GitLab Pages version (merge request)
- Adding adherence check for DAST scanner on UI (merge request) GitLab Enterprise Edition
- Add paper trail to seat assignment models (merge request)
- Add policy_tuning into merge request approval policies documentation (merge request)
- Adds Members::DeletionSchedule model (merge request)
- Allow non-epics to use new related item (merge request)
- Model registry: Add actions to models table (merge request)
- Backfill ci_runner_machines_687967fa8a partitioned table (merge request)
- Add DORA projects comparison analytics dashboard visualization (merge request) GitLab Enterprise Edition
- Enable internal Repository X-Ray service (merge request)
- Display project visibility level (merge request)
- Enable admin agnostic token finder (merge request)
- Consolidate audit event streaming strategies to streaming destinations (merge request) GitLab Enterprise Edition
- Added validation for streaming destinations on secret token (merge request) GitLab Enterprise Edition
- Create todos for expiring and expired SSH keys (merge request)
- Log current organization id (merge request)
- Adds syntax highlight support to richt text editor diffs (merge request)
- Model registry: Add artifacts tab on Version card (merge request)
- Add application settings to allowlist integrations (merge request) GitLab Enterprise Edition
- Added headers hash for http destinations (merge request)
- Render description column as HTML in GLQL (merge request)
- Backfill p_ci_runners table (merge request)
- chore: Adding changelog (merge request)
- Update package registry list to show accurate number of error packages (merge request)
- Unset auto-resolved status on Vulnerability when unresolving (merge request) GitLab Enterprise Edition
- Allow maintainers to admin notes in group level issues (merge request)
- Add standards adherence lighthouse metrics (merge request) GitLab Enterprise Edition
- Add sorting component for deployments (merge request)
- Adding adherence check for SAST scanner on UI (merge request) GitLab Enterprise Edition
- Add limit to concurrent batch exports (merge request)
- Add VSA StageAggregation model (merge request)
- Add mark_internal_note permission to note (merge request)
- Create Projects::DeployTokens::RevokeService by @nwittstruck (merge request)
- Add subtab query param to placeholders section (merge request)
- Add modal to keep all contributions as placeholders (merge request)
- Add vulnerability_reference_information table (merge request)
- Create index supporting sbom_occurrences.package_manager search (merge request)
- Move 'Maximum number of jobs in a single pipeline' from EE to CE by @choznerol (merge request) GitLab Enterprise Edition
- Add security policy bot for container scanning (merge request) GitLab Enterprise Edition
- Adding adherence check for dast scanner run (merge request) GitLab Enterprise Edition
- Add admin role option for the default project creation protection (merge request)
- Configure Sec CI for MR's labelled sec-decomposition (merge request)
- Model registry: Add actions to versions (merge request)
- Default enable security_policies_sync feature flags (merge request) GitLab Enterprise Edition
- Add JobTokenAuthLog resolver and type (merge request)
- Add
solo_owned filter to the Users#Organizations resolver (merge request)
- Adds UI elements for deprecated packages (merge request)
- Model registry: Add artifactsCount (merge request)
- Make GKE runner option generally available (merge request) GitLab Enterprise Edition
- Model registry: Add performance tab to Version card (merge request)
- Enable NOT filtering for target branches in MR List GQL (merge request)
- Activate syntaxhighlighting in CI/CD catalog README by @hairmare (merge request)
- Adding adherence check for sast scanner run (merge request) GitLab Enterprise Edition
- Added ability to push multi-result count to sidebar (merge request)
- Add streamed diffs to rapid diffs commit page (merge request)
- Add GraphQL API for Wiki notes (merge request)
- Add and backfill project_id for ci_trigger_requests (merge request)
- Create ci_runners_e59bb2812d partitioned table (merge request)
- Model registry model right sidebar (merge request)
- Add DeleteNotPresentOccurrencesService for CS4R (merge request) GitLab Enterprise Edition
- Group settting to notify inherited members for access token expiry (merge request)
- Add a setting for text editors (merge request)
- Create an audit event when SD exclusion is applied (merge request) GitLab Enterprise Edition
- Add mailer for duo enterprise seat assignment (merge request) GitLab Enterprise Edition
- Model registry: Add tabs to Version card (merge request)
- Subscribe to Members::Added event (merge request) GitLab Enterprise Edition
- Add license option to sort options (merge request) GitLab Enterprise Edition
- Add reverse_lock_order on pending_alert_escalations table (merge request)
- Add Feed Tokens to Token information API by @nwittstruck (merge request)
- Remove terraform_extract_terraform_package_model feature flag (merge request)
- Adds enable_member_management setting to api response (merge request) GitLab Enterprise Edition
- Expose /licenses endpoint on Project Dependency list (merge request) GitLab Enterprise Edition
- Add
auto_resolved column to vulnerabilities table (merge request)
- Add archived to NamespaceSettings for groups (merge request)
- Add label filter for merge requests scope (merge request)
- Add new event Members::DestroyedEvent (merge request) GitLab Enterprise Edition
- Audit when multi project down stream pipeline is created (merge request) GitLab Enterprise Edition
- Backfill sharding key for events (merge request)
- Make JaCoCo reports Generally Available (merge request)
- Add warning to file uploads in confidential/internal notes (merge request)
- Assume high risk for users who use a duplicate phone number (merge request) GitLab Enterprise Edition
- Added mutation for creating compliance requirements (merge request) GitLab Enterprise Edition
- Release Jira deployment gating feature (merge request)
- Prepare conversion of abuse_reports to bigint (merge request)
- Support X-Delivered-To headers for email ingestion by @divyamtayal (merge request)
- Remove model registry feature flag by releasing the feature (merge request)
- Model registry: Display author in model metadata (merge request)
- Add support for assigning an agent to an environment via CI (merge request)
- Add work item iteration to create flow (merge request)
- Expose list of Duo Chat available features (merge request) GitLab Enterprise Edition
- Support subscriptions in GraphQL explorer (merge request)
- Release protected npm packages feature (merge request)
- Remove
ci_retry_on_exit_codes feature flag (merge request)
- Retry some errors (merge request) GitLab Enterprise Edition
- Display external author in note header on work items (merge request)
- Filter todos when marking all as done (merge request)
- Add identity_verification_settings column to application_settings table (merge request)
- Rake to alter cells only table sequences (merge request)
- Model registry: Display author in modelversion metadata (merge request)
- Protected packages: Integrate package protection rules for pypi packages by @gerardo-navarro (merge request)
- Create unique table visualizations for analytics dashboards (merge request) GitLab Enterprise Edition
- Add duo enterprise trial discover page (merge request) GitLab Enterprise Edition
- Add feature flag for github import user mapping (merge request)
- Add duoUsedCount aiMetrics (merge request) GitLab Enterprise Edition
- Add
counts.groups_with_enterprise_users metric (merge request) GitLab Enterprise Edition
- Add visibilityLevel to Ci::Catalog::Resource type in GQL (merge request)
- Create new compute_minutes internal API route (merge request) GitLab Enterprise Edition
- Add project_id to ci_pipeline_messages (merge request)
- Add
theme parameter to broadcast message API (merge request)
- Customize GraphQL explorer logo and welcome text (merge request)
- Add GKE provisioning service (merge request) GitLab Enterprise Edition
- Setting for resource token expiry notifications to inherited members (merge request)
- Model registry: Add author to model and model version (merge request)
- REST API: add an endpoint to configure pull mirrors (merge request) GitLab Enterprise Edition
- Add forked_from_project_id to project entity (merge request)
- Search API: Issue support fields parameter to search by title (merge request) GitLab Enterprise Edition
- Add AssignDesiredShardingKey to support non id PK (merge request)
- Create rake task to cleanup wrongly provisioned add-on purchases (merge request) GitLab Enterprise Edition
- Auto-ban duplicate users when a user is banned (merge request)
- Export CI Job Token Authorizations in CSV (merge request)
- Add skip parameter in network graph list commits (merge request)
- Service Ping count projects using multiple compliance frameworks (merge request) GitLab Enterprise Edition
- Add GitLab University link to pipeline editor (merge request)
- Check parents when rendering 'pending deletion' badges (merge request) GitLab Enterprise Edition
- Create new gitlab_subscriptions internal API route (merge request) GitLab Enterprise Edition
- Adds external author to note type (merge request)
- Add epic_issue and epic_links work item references (merge request) GitLab Enterprise Edition
- Validate OmniAuth email length by default (merge request)
- Use LFK to mark packages nuget symbols for destruction (merge request)
- Adds email participants widget definition (merge request)
- Add sharding key project_id for p_ci_pipelines_config (merge request)
- Update GitLab Pages version (merge request)
- Add badges to Catalog releases (merge request)
- Add lastActivityOn field to MemberInterface type (merge request)
Fixed (176 changes)
- Limit follower and following count to 21 before pagination (merge request)
- Only highlight file on changes tab (merge request)
- Use GlFormSelect for project visibility dropdown (merge request)
- Update namespace_id when moving issues (merge request)
- Fix setting namespace_id for group wiki page notes (merge request)
- Add quickActionsStatus field to create/update note GraphQL mutations (merge request)
- No op BBM QueueCreateMissingExternalLinksForVulnerabilities (merge request)
- Fix padding of reply comments so that username and comment content align (merge request)
- Merge request: Add correct design token for border bottom (merge request)
- Publish AuthorizationsAddedEvent with multiple projects (merge request) GitLab Enterprise Edition
- Fix displaying “unsupported” emojis (merge request)
- Do not run validations on AccessToken revocation (merge request)
- Save comments on a diff file automatically (merge request)
- Remove ci_redis_pipeline_creations flag (merge request)
- Exclude hidden issues in sidebar count (merge request)
- Return error when unable to create import relation (merge request)
- Consider manual pipeline for unenforceable policy rules (merge request) GitLab Enterprise Edition
- Fix application errors in /user/personal_tokens endpoint (merge request)
- Fix check for
Diff::Line#match? (merge request)
- Update AuthorizationsAddedEvent to handle multiple projects (merge request) GitLab Enterprise Edition
- Fix pipeline security summary not loading (merge request) GitLab Enterprise Edition
- Fix on call rotation modal styles (merge request)
- Check title and name fields for scope delimiter for labels (merge request) GitLab Enterprise Edition
- Display the mermaid plot in terms page when 2FA on (merge request)
- Let activity entries wrap instead of overflowing (merge request)
- Use nav item title as aria-label on nav link (merge request)
- Fix warning background color for compare page (merge request)
- Index work items when project visibility level changes (merge request) GitLab Enterprise Edition
- Conditionally show Users without a group or project in correct section (merge request) GitLab Enterprise Edition
- Add missing namespace IDs header for Code Completion requests (merge request) GitLab Enterprise Edition
- Optimize
standardRoles.memberCounts query (merge request) GitLab Enterprise Edition
- Re-add utility classes mw-m, mw-l and mw-xl for metadata_item.vue (merge request)
- Check work_item_epics FF for legacy date rollup (merge request) GitLab Enterprise Edition
- Fetch left super sidebar counts with async GraphQL calls (merge request)
- Vertically align badges in glql lists (merge request)
- Fix issue with /label and /unlabel commands (merge request)
- Fix updating approvers of multiple merge request rules (merge request) GitLab Enterprise Edition
- Adds findings exists check (merge request) GitLab Enterprise Edition
- Fix LLM AI client not returning a HTTP response with 204 responses (merge request)
- Fix error during project deletion when pipeline sha is nil (merge request)
- Fix user caps alert positioning to be above members buttons (merge request) GitLab Enterprise Edition
- Fix double API call when inviting a project member (merge request) GitLab Enterprise Edition
- Check for package_forwarding feature availability in admin's settings (merge request) GitLab Enterprise Edition
- Wait until pipeline finishes to evaluate unenforceable scans (merge request) GitLab Enterprise Edition
- Fix AIGW header for chat requests (merge request) GitLab Enterprise Edition
- Stop blocking pre-existing policy rules as unenforceable (merge request) GitLab Enterprise Edition
- Use Gitlab::HTTP for outbound filtering rules (merge request)
- Remove #find_object override in CI job mutations (merge request)
- Handle TypeError in parsing webhook template (merge request)
- Create migration to update admin bot profiles (merge request)
- Implement abort pod logs stream (merge request)
- Fix cron worker that deletes project_bot users to delete inactive only (merge request)
- Use subscription data for subscription related card (merge request) GitLab Enterprise Edition
- Fix pagination redirect for protected branches/tags (merge request)
- Don't change MR closing issues if MR is set to auto merge (merge request)
- Return an error for an invalid ref_name (merge request)
- Fix group wiki activity events breaking the user feed (merge request)
- Fix PendingStatusCheckWorker when merge_request is not found (merge request) GitLab Enterprise Edition
- Fix RTE rendering bug with empty code blocks (merge request)
- Fix project subscriptions policy (merge request) GitLab Enterprise Edition
- Fix repository push emails: don't escape commits for plain text emails (merge request)
- Changelog API: fix pattern for header detection (merge request)
- Allow job play mutation to act on instances of Ci::Bridge (merge request)
- Create project security_setting if necessary (merge request) GitLab Enterprise Edition
- Fix update of violation status for non-applicable approval rules (merge request) GitLab Enterprise Edition
- Avoid updating or creating runner managers when deleting runner (merge request)
- Fix start and due dates values for work items (merge request) GitLab Enterprise Edition
- Markdown header: Fix bg color in darkmode (merge request)
- fixed: Redirect behaviour for git-upload-pack requests (merge request) GitLab Enterprise Edition
- Settings footer: increase z-index by 1 from header (merge request)
- Repo language bar: Fix text in darkmode (merge request)
- Don't create approval rules without require_approval action (merge request) GitLab Enterprise Edition
- Model registry: Allow author to be missing (merge request)
- Update container registry link to settings path (merge request)
- Only set has_vulnerabilities records are ingested (merge request) GitLab Enterprise Edition
- Fix incorrect
has_vulnerabilities values (merge request)
- Replace non-existing path in the profile 2FA page (merge request)
- Fix diff hunk header overflow (merge request)
- Corrects an inaccuracy in idempotent jobs docs (merge request)
- Fix GitLab Duo chat session error in the Web IDE (merge request) GitLab Enterprise Edition
- Uses tool input rather than user_input for calls (merge request)
- Fix: admin group update logic (merge request) GitLab Enterprise Edition
- Resolve "Correct cve-enrichments to cve-enrichment" (merge request)
- Ensure auto_merge_enabled is set when validating merge trains (merge request) GitLab Enterprise Edition
- Fix nondeterministic
discussions_for_summary method (merge request) GitLab Enterprise Edition
- Convert 20241022181600 to a schema migration (merge request)
- Support namespaces in X-Gitlab-Duo-Seat-Count (merge request) GitLab Enterprise Edition
- Fix edge case when imprting issues with invalid associations (merge request)
- Go-get: return 404 error code when personal token is invalid (merge request)
- Group filtered search: Fix bg and border color (merge request)
- Unmark project as pending delete if user lacks delete access (merge request)
- Remove duplicate banner for scheduled project and group deletion (merge request) GitLab Enterprise Edition
- Fix show/hide logic for licenses tap in pipeline view (merge request)
- Fix error when adding quick actions to diffs (merge request)
- Fix markdown editor header background (merge request)
- Catch analytics tracking error during maintenance mode (merge request)
- Fix redirect after sign in when requesting access (merge request)
- Fix unlikely race on previous merge train car (merge request) GitLab Enterprise Edition
- Make merge trains more robust to ref deletion errors (merge request) GitLab Enterprise Edition
- Update pdf worker file path in pdf viewer (merge request)
- Fix work item assignees ordering GQL API (merge request)
- Specify default query sync values for status token (merge request) GitLab Enterprise Edition
- Change TailwindCSS darkMode from default to selector (merge request)
- Change root namespace for specific projects (merge request) GitLab Enterprise Edition
- Fix directory resolution for Google Cloud runners services (merge request)
- RefSwitcher: fix support for
% symbol in reference names (merge request)
- Fix work item icon when conflicted with cache (merge request)
- Prevent group restoration during deletion (merge request) GitLab Enterprise Edition
- History rewrite: handle Gitaly errors (merge request)
- Fix Module deployment in Terraform template (merge request)
- Update
has_vulnerabilities when deleting records (merge request)
- Add search for a ful path for polices (merge request) GitLab Enterprise Edition
- Make sure framework selection is updated (merge request)
- Deduplicate issuable_resource_links (merge request)
- Fix double line number hash on pipeline security tab (merge request) GitLab Enterprise Edition
- Broadcast message settings: Render message preview (merge request)
- Sidebar navigation: Fix skip link position (merge request)
- Simplify DropCiPipelinesConfig migration (merge request)
- Fix trial title for duo info card (merge request) GitLab Enterprise Edition
- Fix marking CVS vulnerabilities as no longer detected (merge request) GitLab Enterprise Edition
- Pipeline graph: Fix item hover in lightmode (merge request)
- MR sidebar: Refactor resize handling, remove CSS (merge request)
- Disable DNS rebinding protection when proxy used (merge request)
- Retry RepositoryUpdateMirror jobs on failure (merge request) GitLab Enterprise Edition
- Fix unneeded right sidebar gap for work item epic page (merge request) GitLab Enterprise Edition
- Localize dates on UI (merge request)
- Commit note: Fix commit on image styles (merge request)
- Fix comment template button missing from issue child items (merge request)
- fix: Admin user can see pipeline trigger token from other project by @gerardo-navarro (merge request)
- Include LDAP blocked users in user dropdowns (merge request)
- Notes app: Fix use of shortcut 'r' (merge request)
- Fix followees count (only count active users) by @bufferoverflow (merge request)
- Prevent errors in GraphQL notes type (merge request)
- Reduce batch size when backing up group wiki repositories (merge request) GitLab Enterprise Edition
- Increase precision of Value stream analytics time values (merge request) GitLab Enterprise Edition
- Secure Policies list: Fix vertical spacing and delete action (merge request)
- Fix admin groups page LDAP group links display (merge request) GitLab Enterprise Edition
- Avoid SELECT 1/LIMIT 1 query in credentials inventory (merge request) GitLab Enterprise Edition
- Fix broken link to doc on project transfer dialog (merge request)
- Remove from Matrix notify (merge request)
- Fix possible javascript loading order issues with trial widget dismissal (merge request) GitLab Enterprise Edition
- Fix performance of deleting MR approval_rules (merge request) GitLab Enterprise Edition
- Widgets: Use chevron lg size as design specs indicate (merge request)
- Remove policy_scope check to stop N+1 queries (merge request) GitLab Enterprise Edition
- Fix new project group templates pagination (merge request) GitLab Enterprise Edition
- Gracefully handle timeouts when counting issues (merge request)
- Skip defering scheduled jobs in concurrency limit client middleware (merge request)
- Use text-subtle for secondary text color in autocomplete (merge request)
- Security patch upgrade alert: Only expose to admins (merge request)
- Add check for CodeSuggestions API (merge request)
- Fix creating of terraform module metadatum (merge request)
- Fixed isNarrowScreen helper to not require specific element (merge request)
- Only delete protected tags if text matches (merge request)
- Fixed isNarrowScreen helper to not require specific element (merge request)
- Fix an intermittent add_on_purchase finding issue with duo trials (merge request) GitLab Enterprise Edition
- Fix work item modal timeline in dark mode (merge request)
- Dont use blob stitcher when finding oversized blobs (merge request)
- Fix two agent authorization UI issues (merge request) GitLab Enterprise Edition
- Treat a missing fixed_code block as a false positive (merge request) GitLab Enterprise Edition
- Localize dates on UI (merge request)
- Show SAML badges for projects under nested subgroups (merge request) GitLab Enterprise Edition
- Rollback related links on partial success (merge request) GitLab Enterprise Edition
- PullMirrors::UpdateService: fix a case with not enough provided params (merge request) GitLab Enterprise Edition
- Delete orphaned stages (merge request)
- Don't show note from background item in work item modal (merge request)
- Fix admin_mode enforcement in AdjournedProjectDeletionWorker (merge request) GitLab Enterprise Edition
- Include project ancestors when determining agent user access (merge request)
- Badges - Migrate to Server Side Pagination (merge request)
- Fix searching in the label filter (merge request)
- Fix missing groups in autocomplete (merge request)
- Fix container registry tag cleanup schedule visibility (merge request)
- Localize dates in epics and roadmaps UI (merge request)
- Remove Manual sort option from issues dashboard page (merge request)
- Have user_ids.size look for greater than or equal to 1 record (merge request) GitLab Enterprise Edition
- Lazy render emoji dropdown (merge request)
- Remove on empty task lists (merge request)
Changed (281 changes)
- Change yaml format for approval policy (merge request) GitLab Enterprise Edition
- Move history button into commit box on repository and blob pages (merge request)
- Disable scan_execution_pipeline_concurrency_control ff (merge request) GitLab Enterprise Edition
- Disable ViewComponent deprecation warnings in production (merge request)
- Change yaml format for vulnerability management policy (merge request) GitLab Enterprise Edition
- Refactor notes quick action handling (merge request)
- Prevent missing records in Direct Transfer when Sidekiq restarts (merge request)
- Update framework detail text on audit events (merge request) GitLab Enterprise Edition
- Fix broadcast message dismissal for Omniauth/SAML (merge request)
- Change yaml format for pipeline execution policy (merge request) GitLab Enterprise Edition
- Initial checkin for Admin Duo Home Page (merge request) GitLab Enterprise Edition
- Add ids argument to a group resolver (merge request)
- Handle mailmaped emails for verified gpg signed commits (merge request)
- Allow LLMs to return a full resource definition (merge request)
- Small visual updates to glql UI (merge request)
- Enable ai_commit_reader_for_chat feature flag by default (merge request) GitLab Enterprise Edition
- Update edit blob to use commit change modal (merge request)
- Collapse Pipeline section when empty on load (merge request) GitLab Enterprise Edition
- Validate sharding constraint on p_ci_stages (merge request)
- AI-Resolution: Add public project warning (merge request) GitLab Enterprise Edition
- Remove search and allow text input for job token allowlist (merge request)
- Put inline blame behind feature flag (merge request)
- Updated all audit events to be streamed (merge request) GitLab Enterprise Edition
- Replace text-muted class with gl-text-subtle (merge request)
- Synchronize prepared security policy indexes (merge request)
- Remove enable_adherence_check_for_scanners feature flag (merge request)
- Remove unused policy helper property (merge request) GitLab Enterprise Edition
- Update User Cap settings message (merge request) GitLab Enterprise Edition
- Change yaml format for scan execution policy (merge request) GitLab Enterprise Edition
- Fix discover page breadcrumbs title (merge request) GitLab Enterprise Edition
- Update decompose approvers (merge request) GitLab Enterprise Edition
- Model registry: Allows directories in MLflow artifacts (merge request)
- Allow project transfer with tags conditionally (merge request)
- Clean up ai_build_reader_for_chat feature flag (merge request) GitLab Enterprise Edition
- Update outdated links (merge request)
- Enable FF enable_add_on_users_pagesize_selection by default (merge request) GitLab Enterprise Edition
- Initial checkin for Groups Duo Home Page (merge request) GitLab Enterprise Edition
- Remove search and allow text input for job token allowlist (merge request)
- Clean up gitlab_ci_archived_trace_consistent_reads feature flag (merge request)
- Update Admin Dashboard to fetch KAS version from KAS by @choznerol (merge request)
- Move creator_id LFKs to routing table ci_runners_e59bb2812d (merge request)
- Migrate text variables to design tokens in sidebars (merge request)
- Make memberships import optional (merge request)
- Require projects to be associated to an organization (merge request)
- Re-route pmg dropdowns to GraphQL version (merge request)
- Improve VSD and AI analytics dashboards panel titles (merge request) GitLab Enterprise Edition
- Error page: use a user friendly error page for ResourceExhausted errors by @divyamtayal (merge request)
- Remove FF batched_redis_updates_for_kubernetes_agent_events (merge request)
- Update jwt gem to 2.9.3 (merge request)
- Migrate your work MR dashboard to use Crud component (merge request)
- Remove collapse_card.scss stylesheet (merge request)
- Enable reviewer_assign_drawer feature flag by default (merge request)
- Improve layout of workspace items (merge request) GitLab Enterprise Edition
- Remove old format for action approvers (merge request) GitLab Enterprise Edition
- Enable scan_execution_pipeline_concurrency_control FF (merge request) GitLab Enterprise Edition
- Add user ssh and gpg system signatures using signature author email (merge request) GitLab Enterprise Edition
- Allow interrupted RelationBatchExportWorker to bypass limit (merge request)
- Model registry: Change create button (merge request)
- Ensure ID uniqueness for p_ci_pipelines (merge request)
- Create separate tables for group SCIM (merge request)
- Update audit event scope when a group disables 2FA for a user (merge request) GitLab Enterprise Edition
- Remove subscriber code from zoekt update used bytes worker (merge request) GitLab Enterprise Edition
- Use latest tanuki_emoji gem (merge request)
- Drop requires_credit_card_verification column (merge request)
- REST API: deprecate old pull mirror configuration process (merge request) GitLab Enterprise Edition
- Improve formatting of geo:status Rake task (merge request) GitLab Enterprise Edition
- Update opt-in email copy and remove deprecated language (merge request) GitLab Enterprise Edition
- Show warning about importing memberships when user namespace is selected (merge request)
- Refactor auditor subclasses to their bounded contexts (merge request) GitLab Enterprise Edition
- Remove cross-join from vuln stat adjustment (merge request) GitLab Enterprise Edition
- Add timeout handling for release evidence workers (merge request)
- Add user ssh and gpg system signatures using signature author email (merge request) GitLab Enterprise Edition
- Extract approvers mapping method to utils (merge request) GitLab Enterprise Edition
- License Scanning metrics (merge request) GitLab Enterprise Edition
- Enhance model registry and experiments permissions (merge request)
- Keep search enabled for namespaces with evicted zoekt indices (merge request) GitLab Enterprise Edition
- Add user to organization after group/project access request is approved (merge request)
- Run CVE Enrichment worker once an hour (merge request) GitLab Enterprise Edition
- Remove cross-join from snapshot calculator (merge request) GitLab Enterprise Edition
- Project sidebar: Migrate color classes to design tokens (merge request)
- Remove autocomplete_group_search_optimization feature flag (merge request)
- Remove feature flag to rollout code generation (merge request)
- Add multiple approval action support (merge request) GitLab Enterprise Edition
- Update vertical spacing of project settings (merge request)
- Update zoekt index storage reservations (merge request)
- Update link size in time tracking (merge request)
- Diff file too large warning: Migrate to design tokens (merge request)
- Avoid setting spent at value from the frontend when creating a timelog by @zillemarco (merge request)
- Update pages custom domains (merge request)
- Add backend validation for multiple actions (merge request) GitLab Enterprise Edition
- Add actor for CreatePipelineWorker FF check (merge request) GitLab Enterprise Edition
- Cleanup cte_for_group_search_access_level Feature Flag (merge request)
- Cleans up duo_chat_use_tool_input (merge request)
- Sync FK for p_ci_builds.upstream_pipeline_id (merge request)
- Model registry: Enhance model create flow (merge request)
- Log TriggerIndexingWorker task argument for debugging (merge request) GitLab Enterprise Edition
- Add remaining changes to topics (merge request)
- Remove search_project_query_builder feature flag (merge request) GitLab Enterprise Edition
- Remove feature flag no_locking_for_stop_actions (merge request)
- It adds a new Keep to change worker data consistency (merge request)
- Improve standard role type (merge request) GitLab Enterprise Edition
- Update breadcrumbs and page headers (merge request)
- Post bot message for fail-open violations (merge request) GitLab Enterprise Edition
- Cleanup v2_chat_agent_integration feature flag (merge request)
- Use devise authenticate_user! for search controller (merge request)
- Refactor ci templates page (merge request)
- Send emails on bulk user duo seat assignment (merge request) GitLab Enterprise Edition
- Update breadcrumbs for edit pages (merge request)
- Enhance model registry version creation (merge request)
- Extend merge request approval graphql api (merge request) GitLab Enterprise Edition
- Removed data.js files from filters as part of the code maintenance (merge request)
- Wells: Update design to match darkmode design direction (merge request)
- Add optimization for groups autocomplete (merge request)
- Rollout two feature flags for self-maneged instances (merge request) GitLab Enterprise Edition
- Renamed Promotion Management util methods (merge request) GitLab Enterprise Edition
- Tree table: Update design for darkmode (merge request)
- User Account - Block deletion with org ownership (merge request)
- Replace toggle with checkbox in upload file, create dir modals by @antonkalmykov (merge request)
- Update zoekt index used_storage_bytes on interval instead of callbacks (merge request) GitLab Enterprise Edition
- Enable license_scanning_with_sbom_licenses by default (merge request) GitLab Enterprise Edition
- Add clarifying help text to legacy issueable linked items input (merge request)
- Updates text under container image cleanup policies settings section (merge request)
- Update semver_dialects gem (merge request)
- Allow multiple approver actions (merge request) GitLab Enterprise Edition
- Add projects label for exceeding number (merge request) GitLab Enterprise Edition
- Use page header component for group members (merge request)
- Allow users with permission to delete last board (merge request)
- Model version right sidebar (merge request)
- Update contents of empty state without any issues (merge request)
- Update license violation checker for custom software licenses (merge request) GitLab Enterprise Edition
- PA team paper cuts 17.6 (merge request)
- Replace
duoProAssignedUsersCount usage with duoAssignedUsersCount (merge request) GitLab Enterprise Edition
- Rewrite HostProbe to use Gitlab::HTTP (merge request) GitLab Enterprise Edition
- Feature flag clean up for purchase flow migration (merge request) GitLab Enterprise Edition
- Expose signature author email from gitaly (merge request)
- Initial checkin for Groups Duo Home Page (merge request) GitLab Enterprise Edition
- Allow for
closed_by_id param in issues API queries (merge request)
- Update admin breadcrumbs and page headers (merge request)
- Notes: Migrate to section tokens to unbox darkmode (merge request)
- Update layout of alert header (merge request)
- Add migration for setting Namespace organization_id to 1 (merge request)
- Job log detail line number: Migrate text value (merge request)
- Use elastic retry setting for search requests (merge request) GitLab Enterprise Edition
- Remove FF prevent_job_token_admin_permissions (merge request)
- Show release notes on deployment approval page for tagged deployments by @antonkalmykov (merge request) GitLab Enterprise Edition
- Modify text for scheduled policy scan concurrency (merge request) GitLab Enterprise Edition
- Use lowercase text for environment badges (merge request)
- Use calendar-overdue for past due dates (merge request)
- Update layout of edit application page (merge request)
- Add multiple approvers action support (merge request) GitLab Enterprise Edition
- Changed Global Search modal scoped search position (merge request)
- New runner page: Use PageHeading component (merge request)
- Adjust report abuse layout (merge request)
- Update false positive have uniform text size (merge request) GitLab Enterprise Edition
- Update embedding developer docs (merge request) GitLab Enterprise Edition
- Refactor pipeline editor drawer (merge request)
- Model registry: Improve model listing (merge request)
- Replace prop drilling in pipelines.vue with provide/inject pattern by @antonkalmykov (merge request)
- Add link to Epic modal trigger button (merge request)
- Add instance setting to enforce CI job token scope (merge request)
- This MR cleans out feature flag (merge request) GitLab Enterprise Edition
- Update layout of admin edit project page (merge request)
- Adds migration to make file_checksum colmumn nullable (merge request)
- Job page: Migrate to use design tokens (merge request)
- Move WorkerDataConsistency inline disables to external file (merge request)
- Improves custom email verification SMTP error logging (merge request)
- Remove feature flag
async_rewrite_history (merge request)
- Add slash command GraphQL query for Duo Chat (merge request) GitLab Enterprise Edition
- Replace
span element by button in the group dependencies to fix a11y by @antonkalmykov (merge request) GitLab Enterprise Edition
- Drop the editor feild from the workspaces table (merge request) GitLab Enterprise Edition
- Fix alignment of actions in requirements drawer (merge request)
- Replace GlSegmentedControl with a more modern component with better UI (merge request)
- Improve regexp for system note email obfuscation (merge request)
- Wiki form: Don't disable submit button (merge request)
- Add policy type for breadcrumb (merge request) GitLab Enterprise Edition
- Adds application setting for elasticsearch retry on failure (merge request) GitLab Enterprise Edition
- Enhance model registry model version deletion (merge request)
- Add organization_id to oauth_device_grants table (merge request)
- Update Duo troubleshooting docs (merge request)
- Restore scheduled deletions if the user loses group/project access (merge request) GitLab Enterprise Edition
- Enhance model registry model deletion (merge request)
- Set zoekt enabled namespaces to have search enabled by default (merge request) GitLab Enterprise Edition
- Remove transition animation of copy code button (merge request)
- Add edit text to edit snippet breadcrumbs (merge request)
- Clean up the UI for the protected environments settings by @antonkalmykov (merge request) GitLab Enterprise Edition
- Index work_item embeddings (merge request) GitLab Enterprise Edition
- Adjust Bulk create/remove limit for up to 100 assignments (merge request) GitLab Enterprise Edition
- Enabling group_level_dependencies_filtering_by_component by default (merge request)
- apps/settings: Extend maximum token and SSH key expiration to 400 days by @ben.boeckel (merge request)
- MR widget: Migrate to use design tokens to update darkmode (merge request)
- Remove cross join exception (merge request) GitLab Enterprise Edition
- Model registry: Improve model version listing (merge request)
- Default enable ff_pages_use_open_file feature flag (merge request)
- Secure policies edit: Move delete action to right side (merge request)
- Fix links in pipeline editor helper (merge request)
- Finalize BackfillRootNamespaceClusterAgentMappings migration (merge request)
- Always search through zoekt replicas (merge request) GitLab Enterprise Edition
- Move model registry model editing from modals into forms (merge request)
- Increase zoekt bytes limit to 450 GB (merge request) GitLab Enterprise Edition
- Increase zoekt indexing timeout (merge request) GitLab Enterprise Edition
- Improve security policy comparison before persisting (merge request) GitLab Enterprise Edition
- Update empty policy list page svg (merge request) GitLab Enterprise Edition
- Disable add action button when limit is reached (merge request) GitLab Enterprise Edition
- Deprecate
force_push_regex and delete_branch_regex from push_rules (merge request) GitLab Enterprise Edition
- Pipeline editor: Replace the commit confirmation alert with a toast by @antonkalmykov (merge request)
- Editor: Use design tokens (merge request)
- Sidebar nav: Change background in darkmode (merge request)
- Add name to paths in edit label and milestone pages (merge request)
- Increase create work item toast delay (merge request)
- Model registry: Improve empty version description state (merge request)
- Expose schedule name (merge request)
- Modify the way the zoekt multi-result loads (merge request) GitLab Enterprise Edition
- Cache user project authorizations for faster autocomplete and search (merge request)
- Update blob delete modal (merge request)
- Move model registry model editing from modals into forms (merge request)
- Store abuse report labels separate from project/group labels (merge request)
- Allow overriding of ingest and query O11y URLs (merge request) GitLab Enterprise Edition
- Swap beta badge component on Self-hosted models page (merge request)
- Define sharding key for
snippets (merge request)
- Finalize
ResolveVulnerabilitiesForRemovedAnalyzers migration (merge request)
- Adds knn index setting for opensearch clusters for workitem index (merge request) GitLab Enterprise Edition
- Show copy action in milestone list (merge request)
- Add job to run rubocop docs link check in docs pipelines (merge request)
- Cleanup feature flag ff_compliance_audit_mr_merge (merge request) GitLab Enterprise Edition
- Your work MR dashboard: Align approval badge icon on left side (merge request)
- Allow changing synced work item epics (merge request) GitLab Enterprise Edition
- Update usercap email to use standard email template (merge request)
- Mirror repository email apply standard template (merge request)
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Groups Projects - Unify Restore UX (merge request) GitLab Enterprise Edition
- Remove
access_token_pagination feature flag (merge request)
- Restore opt-in values from temporary table (merge request) GitLab Enterprise Edition
- Add not null constraint on p_ci_stages (merge request)
- Use search service for project autocomplete (merge request)
- Changed placeholder text in global search modal (merge request)
- Update delete approval rules query to use index (merge request) GitLab Enterprise Edition
- Fix rubocop violations from docs links (merge request) GitLab Enterprise Edition
- Updated error message when VR MR suggestions can’t be created (merge request) GitLab Enterprise Edition
- Remove unused table classes in alert details (merge request)
- Add call to action to issue analytics empty state (merge request) GitLab Enterprise Edition
- Allow vertically resizing markdown and rich text fields (merge request)
- Use routing table name for BuildTraceMetadata model (merge request)
- Model registry: Improve empty version description state (merge request)
- Add title attribute to MR list diff stats (merge request)
- Add back refetchQueries to placeholder_actions (merge request)
- De-emphasize required approvals in sidebar (merge request)
- Replace label fuzzy search with exact search for VSD (merge request) GitLab Enterprise Edition
- Transition vulnerability feedback to gitlab_sec (merge request) GitLab Enterprise Edition
- Remove
webauthn_without_totp feature flag (merge request)
- Add feature flag for zoekt index circuit breakers (merge request) GitLab Enterprise Edition
- Move model registry UI away from modals into pages (merge request)
- Backfill project_id on Ci Stages (merge request)
- Crud: Migrate design tokens to use section tokens (merge request)
- Add organization_id to OAuth tables (merge request)
- Prepare async fk validation for p_ci_builds.upstream_pipeline_id (merge request)
- Reorder note actions (merge request)
- Sync security_policies when project is added to group (merge request) GitLab Enterprise Edition
- Remove error message if replication not enabled (merge request) GitLab Enterprise Edition
- Bump Gitaly gem to 17.5.0.pre.rc1 (merge request)
- Implement new Duo Pro trial widget design (merge request) GitLab Enterprise Edition
- Update CI templates for Browser Performance Testing (merge request)
- Put Geo::MetricsUpdateWorker behind a feature flag (merge request) GitLab Enterprise Edition
- Remove set_delete_failed_container_repository flag (merge request)
- Remove ci_hidden_variables ff (merge request)
- Surface which unspecified stage was incorrectly chosen (merge request)
- Show the vulnerability report even if 0 vulnerabilities (merge request)
- Add the bootstrap command to the agent creation modal by @antonkalmykov (merge request)
- Improve SBoM search performance with a inverted index (merge request)
- Update empty states on group landing page (merge request)
- Finalize rename of ::Abuse workers to ::AntiAbuse bounded context (merge request)
- Rename duoProAssignedUsersCount GraphQL field (merge request) GitLab Enterprise Edition
- Back up secrets.yml if it changes (merge request)
- Update pipeline mini graph upstream/downstream (merge request)
- Require password to delete WebAuthn devices (merge request)
- Work item hierarchy - Prevent dropping in child when type is not allowed (merge request)
- Roadmap - Expand caret does not display if no children in timeframe (merge request) GitLab Enterprise Edition
- Identify masked variable output clearly (merge request)
- Adding limit constraints on frameworks and requirements (merge request) GitLab Enterprise Edition
- Use
helpPagePath to render container registry documentation links by @antonkalmykov (merge request) GitLab Enterprise Edition
- Show confidential action disabled when unavailable (merge request)
- Add "skipped" as valid state for commit status API by @marthyn.elzes (merge request)
Deprecated (1 change)
Removed (27 changes)
- Remove scan_execution_pipeline_worker feature flag (merge request)
- Remove dead legacy pipeline mini graph code (merge request)
- Remove faulty async index definitions (merge request)
- Removed feature flag (merge request)
- Remove commented code (merge request)
- Remove
confidence column from vulnerability_occurrences (merge request)
- Remove generate description rails feature flag (merge request)
- Removes finalized BBM for project stats (merge request)
- Remove BAS security configuration option (merge request) GitLab Enterprise Edition
- Remove stepper in policy editor (merge request) GitLab Enterprise Edition
- Removes finalized background migration (merge request)
- Cleanup duo_free_access_ending_banner feature flag (merge request)
- Drop old temporary vulnerability management indices (merge request)
- Drop user_canonical_emails table (merge request)
- Remove
vulnerability_occurrence_pipelines table and code (merge request) GitLab Enterprise Edition
- Remove tmp index from vulnerability_reads for bbm (merge request) GitLab Enterprise Edition
- Remove
namespace_id from vulnerability_reads table (merge request)
- Remove database table packages_composer_cache_files (merge request)
- Remove feature flag and code combining queries (merge request)
- Remove sharding key issue url keys (merge request)
- Remove Packages::Composer::CacheFile and related code (merge request)
- Delete no longer used BBM code ahead of Sec Decomposition (merge request)
- Remove labels parameter (merge request) GitLab Enterprise Edition
- Remove unused vulnerability header CSS (merge request)
- Clean up ci_require_credit_card_on_trial_plan feature flag (merge request) GitLab Enterprise Edition
- Remove cross join suppression ahead of sec-decomposition (merge request) GitLab Enterprise Edition
- Remove user canonical emails (merge request)
Security (15 changes)
- Update rails-related gems in gems folder (merge request)
- Removed id from authorize buttons and added specs
- Prevent agent access via unconfirmed or disallowed group members
- Details of blocking merge request can be exposed via list
- Remove is-unsafe-link from product analytics tables to prevent XSS
- HTML injection in vulnerability Code flow leads to XSS on self hosted instances
- Use custom adapter for parsing FogBugz XML
- Update nokogiri to fix recent CVEs (merge request)
- Limit ProcessCommitWorker by number of branches (merge request)
- Update rexml to fix CVE-2024-49761 (merge request)
- Bump rack minor versions to patch CVEs (merge request)
- Fixed HTML injection in Global Search bug - renamed branch
- Limit max size of manifest file upload
- Update rexml to fix CVE-2024-41946 (merge request)
- Set Global timeout for Regexp to prevent ReDOS (merge request)
Performance (17 changes)
- Set PipelineProcessWorker to use sticky data consistency for main db (merge request)
- Optimize the upload confirmation endpoint in the virtual registries (merge request)
- Default to sticky for Ci::BuildFinishedWorker (merge request)
- Use CTE for Group access_level search (merge request)
- Prepare index for faster search build name (merge request)
- Optimize: custom ability verification (merge request) GitLab Enterprise Edition
- Enable CI kubernetes variables optimization for pipeline creation (merge request)
- Use
:delayed or :sticky data_consistency for cleanup policy workers (merge request)
- Use sticky data consistency for InitialPipelineProcessWorker by default (merge request)
- Optimize: association loading for RepositoryController (merge request)
- Remove permissions JSONB column from the condition (merge request) GitLab Enterprise Edition
- Update import_export_uploads sharding (merge request)
- feat: Update Occurrence group scope to rely off traversal_ids (merge request) GitLab Enterprise Edition
- Create multi not null constraint for exports (merge request)
- Optimization: don't load a User when user_id is missing (merge request)
- Optimization: don't load group if not needed (merge request)
- Improve performance of issues autocomplete (merge request)
Other (258 changes)
- Backfill project organization_id column (merge request)
- Add non id primary key support for backfill (merge request)
- Remove dependency_list_exports from wip (merge request)
- Unquarantine project subscriptions spec (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add PIPL email sent timestamp (merge request)
- Add models and initial ability for admin related custom roles (merge request)
- Quarantine test suite (merge request) GitLab Enterprise Edition
- Remove orphaned managers from ci_runner_machines_687967fa8a on .com (merge request)
- Remove FF owasp_top_10_null_filtering (merge request) GitLab Enterprise Edition
- Finalize migration BackfillSbomOccurrencesVulnerabilitiesProjectId (merge request)
- Cleanup monolith prompt for glab_ask_git_command (merge request)
- Add NOT NULL for sharding key on security_scans (merge request)
- Quarantine flaky spec (merge request) GitLab Enterprise Edition
- Finalize migration BackfillPkgsDebianProjectDistributionKeysProjectId (merge request)
- Use SessionMap for tracking per-db primary/replica usage (merge request)
- Finalize migration BackfillPackagesDebianPublicationsProjectId (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillReleaseLinksProjectId (merge request)
- Finalize migration BackfillRelatedEpicLinksGroupId (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Model registry: Fix position of actions ellipsis (merge request)
- Remove current partition feature flags (merge request)
- Elasticsearch migration: Backfill correct_work_item_type_id (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize migration BackfillPackagesDebianGroupDistributionKeysGroupId (merge request)
- Finalize migration BackfillPackagesBuildInfosProjectId (merge request)
- Finalize migration BackfillOperationsStrategiesUserListsProjectId (merge request)
- Protected containers: Remove field "Minimum access level for delete" by @gerardo-navarro (merge request)
- Calls alter_cell_sequences_range rake from db:configure (merge request)
- Finalize backfill_vulnerability_state_transitions_project_id bbm (merge request)
- Add custom access denied page for ultimate trials in-app (merge request) GitLab Enterprise Edition
- Regenerate RuboCop TODO files (merge request)
- Add NOT NULL for sharding key on dependency_list_exports (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillMergeRequestAssigneesProjectId (merge request)
- Add issues.correct_work_item_type FK (merge request)
- Add tmp issues.correct_work_item_type_id indexes (merge request)
- Update postgres_sequences view (merge request)
- Protected packages: Remove scope :matching_package_protection_rules by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillMergeRequestContextCommitsProjectId (merge request)
- Finalize migration BackfillMergeRequestBlocksProjectId (merge request)
- Finalize migration BackfillOperationsStrategiesProjectId (merge request)
- Add and backfill work_item_types.old_id column (merge request)
- Check if user can create package in npm create package service by @gerardo-navarro (merge request)
- Better extraction of variable and rubocop by @gerardo-navarro (merge request)
- Change data consistency for workers maintained by integrations (merge request)
- Finalize migration BackfillEpicUserMentionsGroupId (merge request)
- Use p_ci_build_tags for jobs queuing (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillOperationsFeatureFlagsIssuesProjectId (merge request)
- Finalize migration BackfillIssueLinksNamespaceId (merge request)
- Use sidekiq_interruptions_exhausted in Direct Transfer jobs (merge request)
- Remove add_on_purchase_expires_on feature flag (merge request) GitLab Enterprise Edition
- Revert caching authorized_projects (merge request)
- Quarantine a flaky test (merge request)
- Requeue migration security findings (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Backfill embeddings for work items (merge request) GitLab Enterprise Edition
- Finalize BackfillProjectIdToDependencyListExports (merge request)
- Elasticsearch: Migration to add work item type correct id (merge request) GitLab Enterprise Edition
- Use p_ci_pipelines by default (merge request)
- Remove prompt migration feature flags (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize migration BackfillDraftNotesProjectId (merge request)
- Finalize migration BackfillDesignManagementVersionsNamespaceId (merge request)
- Finalize migration BackfillDesignManagementRepositoriesNamespaceId (merge request)
- Finalize migration BackfillWorkspaceVariablesProjectId (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Use 24 hours lease time (merge request) GitLab Enterprise Edition
- Fix sidekiq warning for ElasticsearchIndexedWorker by @gerardo-navarro (merge request) GitLab Enterprise Edition
- Fix Layout/ExtraSpacing offenses by @mr1chter (merge request)
- Finalize BackfillProjectIdToSecurityScans (merge request)
- Create new internal path for AddOnPurcahse (merge request) GitLab Enterprise Edition
- Groups::DeployTokens::RevokeService should return ServiceResponse by @nwittstruck (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillDoraDailyMetricsProjectId (merge request)
- Finalize migration BackfillDesignManagementDesignsNamespaceId (merge request)
- Add desired sharding key (merge request)
- Create a new zpekt scheduling task repo_to_index_check (merge request) GitLab Enterprise Edition
- Add desired sharding key (merge request)
- Add policy toggle unblock_rules_using_scan_execution_policies (merge request) GitLab Enterprise Edition
- Cleanup CreateIterableTriggersWorker class and instances (merge request) GitLab Enterprise Edition
- Cleanup duo enterprise rollout feature flags (merge request) GitLab Enterprise Edition
- Use lock_key for BulkRefreshUserAssignmentsWorker (merge request) GitLab Enterprise Edition
- Regenerate RuboCop TODO files (merge request)
- Add pipl_users table (merge request) GitLab Enterprise Edition
- Protected packages: Add tests for pypi push protection with deploy token by @gerardo-navarro (merge request)
- Mark 20240410193847 as obsolete (merge request) GitLab Enterprise Edition
- Introduce histogram for ApplicationRateLimiter (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillDefaultBranchProtectionSettings (merge request)
- Finalize migration BackfillDastSiteProfileSecretVariablesProjectId (merge request)
- Finalize migration BackfillDastProfilesTagsProjectId (merge request)
- Finalize migration BackfillWorkItemParentLinksNamespaceId (merge request)
- Finalize migration BackfillJiraTrackerDataProjectKeys (merge request)
- Fix Lint/UselessNumericOperation offenses by @ksp_1306 (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Create new WorkflowsInternal API for ai_workflows scope (merge request)
- Fix Style/IfUnlessModifier offences by @divyamtayal (merge request)
- Change data consistency for workers maintained by permissions (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Add service ping to support tracking runner maintenance notes (merge request)
- Add work item weight sources table (merge request)
- Finalize migration BackfillWikiRepositoryStatesProjectId (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Remove the trial boolean qualification for ultimate trials (merge request) GitLab Enterprise Edition
- Fix Style/IfUnlessModifier offences by @divyamtayal (merge request)
- Remove expired cut off date feature flag (merge request)
- Make to-do item spelling in UI consistent (merge request) GitLab Enterprise Edition
- Update Dependency List docs (merge request) GitLab Enterprise Edition
- Remove trial column observance from the eligible trial query (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration PopulateTopicsSlugColumn (merge request)
- Add sharding_key_issue_url for manually backfilled (merge request)
- Log relation name when exporting projects (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Add and backfill namespace_id for analytics_cycle_analytics_value_stream (merge request)
- Remove custom_models_vue_app feature flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Finalize migration UpdateSbomOccurrencesComponentNameBasedOnPep503 (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Fix Style/CombinableLoops offenses by @JonstonChan (merge request)
- Remove custom_models_feature_settings_vue_app feature flag (merge request) GitLab Enterprise Edition
- Add ci_deleted_objects#project_id not null constraint (merge request)
- Mark 20240213091440 as obsolete (merge request) GitLab Enterprise Edition
- chore: Adds additonal properties in duo workflow event definitions (merge request) GitLab Enterprise Edition
- Move base integration code to a separate module (merge request)
- Track worker concurrency using Redis hash (merge request)
- Update instance_integrations table to match integrations schema (merge request)
- GitLab pages: Fix rubocop issues in certain files by @gerardo-navarro (merge request)
- Add
namespace_details.deleted_at column (merge request)
- Exclude qa sbom fixtures from dependency scanning (merge request)
- Add RequeueBackfillApprovalProjectRulesProtectedBranchesProjectId (merge request)
- Change data consistency for workers maintained by not_owned (merge request)
- Remove sync_traversal_ids_nowait feature flag (merge request)
- Finalize migration DeleteOrphansApprovalProjectRules2 (merge request)
- Fix Gitlab/StrongMemoizeAttr offenses (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillDastScannerProfilesBuildsProjectId (merge request)
- Finalize migration BackfillDastProfilesPipelinesProjectId (merge request)
- Finalize migration BackfillAlertManagementAlertMetricImagesProjectId (merge request)
- Support data consistency overrides for specific db in ApplicationWorker (merge request)
- Fix Style/IfUnlessModifier offences by @divyamtayal (merge request)
- Topology Service CellService client (merge request)
- Log when placeholder users are created (merge request)
- Finalize BackfillPCiRunnerMachineBuildsProjectId migration (merge request)
- Update seed factory exclusion (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add created_by and updated_by to custom fields (merge request)
- Use exclusive lease for resuming job processing (merge request)
- Finalize migration BackfillDastPreScanVerificationsProjectId (merge request)
- Finalize migration BackfillAuditEventsStreamingEventTypeFiltersGroupId (merge request)
- Finalize migration BackfillAlertManagementAlertUserMentionsProjectId (merge request)
- Finalize migration BackfillAlertManagementAlertAssigneesProjectId (merge request)
- Finalize BackfillRunnerTypeAndShardingKeyIdOnCiRunnerManagers (merge request)
- Enqueue migration to fix canceling attributes for CI jobs (merge request)
- Mark 20240130154724 as obsolete (merge request) GitLab Enterprise Edition
- Check if user can create package in pypi create package service by @gerardo-navarro (merge request)
- Update to add sharding key (merge request)
- Protected packages: Return ServiceResponse for CreateConanPackageService by @gerardo-navarro (merge request)
- Change data consistency for workers maintained by importers (merge request)
- Fix docs link in UI (merge request) GitLab Enterprise Edition
- Add missing test for method #consume_event in Subscription by @gerardo-navarro (merge request)
- Drop search_namespace_index_assignments and search_indices tables (merge request)
- Fix Layout/LineLength offenses by @ikelax (merge request)
- Quarantine a flaky test (merge request)
- Temporarily unapprove MR for code owner rules to sync (merge request) GitLab Enterprise Edition
- Use SessionMap for tracking per-db primary/replica usage (merge request)
- Use project_id as sharding key for packages_dependencies table (merge request)
- Finalize migration BackfillBoardsEpicBoardLabelsGroupId (merge request)
- Change data consistency for workers maintained by auto_devops (merge request)
- Improve test performance of conan request tests by @gerardo-navarro (merge request)
- Change ultimate trial select namespace form language for duo (merge request) GitLab Enterprise Edition
- Remove the FF zoekt_initial_indexing_task (merge request) GitLab Enterprise Edition
- Refactor Token Identification by @nwittstruck (merge request)
- Add opensource limit to pages deployments limit (merge request)
- Mark 20240130215043 as obsolete (merge request) GitLab Enterprise Edition
- Finalize the backfill user details migration (merge request)
- Finalize BackfillShardingKeyIdOnCiRunners background migration (merge request)
- Add NOT NULL for sharding key on agent_activity_events (merge request)
- Improve sharding key spec (merge request)
- Add NOT NULL for sharding key on subscription_user_add_on_assignments (merge request)
- Cleanup group_protected_branches feature flag (merge request)
- Add and backfill project_id for security_findings (merge request)
- Remove search_indices table related code (merge request) GitLab Enterprise Edition
- Fixed rubocop space_inside_parens by @b310-jannik (merge request)
- Fix sidekiq warning for MergeRequests::RemoveUserApprovalRulesWorker by @gerardo-navarro (merge request)
- Bump issues bigint conversion cols removable data (merge request)
- Remove unnecessary ExclusiveLeaseHelpers from spec by @nwittstruck (merge request)
- Use AssignResourceFromResourceGroupWorker instead of V2 (merge request)
- Quarantine a flaky test (merge request)
- Add foreign key constraints to
organization_users (merge request)
- Prepare async index creation for issues.correct_work_item_type_id (merge request)
- Introduce a checking state for approvals mergeability check (merge request) GitLab Enterprise Edition
- Remove the search_issues_uses_work_items_index ff (merge request) GitLab Enterprise Edition
- Mark 20240123181031 as obsolete (merge request) GitLab Enterprise Edition
- Projects::Settings::RepositoryController#show: re-enable query limit (merge request)
- Mark 20240130144625 as obsolete (merge request) GitLab Enterprise Edition
- Set retention period of 1 month for web_hook_logs (merge request)
- Validate ci_job_variables#project_id constraint (merge request)
- Regenerate RuboCop TODO files (merge request)
- Cleanup allow_protected_branches_for_group feature flag (merge request)
- GitLab Pages: Move error handling to model Gitlab::LetsEncrypt::Order by @gerardo-navarro (merge request)
- Remove ignore rule for identifier_external_ids column (merge request) GitLab Enterprise Edition
- Finalize BackfillSubscriptionUserAddOnAssignmentsOrganizationId (merge request)
- Add NOT NULL for sharding key on approval_group_rules_users (merge request)
- Emit concurrency limit stats in background sampler (merge request)
- Change data consistency for workers maintained by source_code_manageme (merge request)
- Mark 20240219161432 as obsolete (merge request) GitLab Enterprise Edition
- Replace ci_build_trace_metadata with dynamic partitions (merge request)
- Delete orphaned pipeline variables (merge request)
- Update work_item_types FKs to UPDATE CASCADE (merge request)
- Change data consistency for workers maintained by user_profile (merge request)
- Mark 20240119130539 as obsolete (merge request) GitLab Enterprise Edition
- Ignore last_activity_on column (merge request)
- Finalize migration BackfillBoardsEpicUserPreferencesGroupId (merge request)
- Replace ci_pipelines_config with dynamic partitions (merge request)
- Remove ignore state_changed_at_pipeline_id rule (merge request) GitLab Enterprise Edition
- Remove FF ci_variables_optimization_for_yaml_and_node (merge request)
- Finalize BackfillDeployTokensShardingKey background migration (merge request)
- Finalize DeleteOrphanedDeployTokens background migration (merge request)
- Allow the day 0 option of the trial widget to still show as active (merge request) GitLab Enterprise Edition
- Use project_id as sharding key for packages_npm_metadata_caches table (merge request)
- Drop
vulnerability_count column from project_statistics table (merge request)
- Updating Topology Service Client Gem to d88ee3c (merge request)
- Suppresses Composite PK warning for Security::Finding (merge request) GitLab Enterprise Edition
- Reduce frequent nodes update (merge request) GitLab Enterprise Edition
- Add and backfill group_id for dependency_proxy_manifest_states (merge request)
- Remove the search_issues_uses_work_items_index ff (merge request) GitLab Enterprise Edition
- Mark 20240201164432 as obsolete (merge request) GitLab Enterprise Edition
- Change data consistency for workers maintained by devops_reports (merge request)
- Mark 20240208160152 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill group_id for dependency_proxy_blob_states (merge request)
- Add and backfill project_id for container_repository_states (merge request)
- Remove cross join suppression from vuln create service (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillComplianceFrameworkSecurityPoliciesProjectId (merge request)
- Drop index_for_owasp_top_10_group_level_reports idx (merge request)
- Use Job::Setter to indicate resumed job for concurrency limiting (merge request)
- Index namespace historical vulnerability statistics table (merge request)
- Remove unused Users::RecordLastActivityWorker (merge request)
- Remove block_password_auth_for_saml_users FF and the accompanying code (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
17.5.5 (2025-01-08)
Fixed (2 changes)
- Fix ability to use password for Git when password for Web is disabled
- Backport bugfix for diff_files highlighting
Security (4 changes)
- Prevent cyclic reference in work item hierarchy widget from frontend (merge request)
- Allow external_provider config take precedence over external_groups (merge request)
- Filter out sensitive parameters on Auth logs (merge request)
- Don't allow unauthorized users to close issues automatically (merge request)
17.5.4 (2024-12-10)
Fixed (1 change)
Security (11 changes)
- Add timeout around Parslet in template parser (merge request)
- Add authorization check to protectableBranches field (merge request)
- Check harbor name & digest for path traversal (merge request)
- Ignore titles for GFM links in rich text editor (merge request)
- Restrict user and group creation when same pages unique domain exist (merge request)
- DoS by repeatedly sending unauthenticated requests for diff-files of a commit or merge request (merge request)
- Add query to filter_parameters (merge request)
- Added invalid redirect fragment check (merge request)
- Make confidential threads unresolvable via new issue (merge request)
- Do not set session cookie for /v2 endpoints in the response (merge request)
- HTML injection in vulnerability details, leads to XSS on self hosted servers (merge request)
17.5.3 (2024-11-26)
Fixed (1 change)
- Ensure auto_merge_enabled is set when validating merge trains GitLab Enterprise Edition
Security (6 changes)
- Add size check for harbor registry (merge request)
- Adding JobArtifactReport class to pre-emptively validate job artifacts (merge request)
- Fix: unsubscribe from actioncable channel when PAT is revoked (merge request)
- Allow a LFS token to be used only for LFS related requests (merge request)
- Fix possible DOS with TOML file parsing (merge request)
- Move allow_access_with_scope to class level (merge request)
17.5.2 (2024-11-12)
Fixed (4 changes)
- Fix group wiki activity events breaking the user feed
- Add param filtering to avoid error while saving project settings (merge request) GitLab Enterprise Edition
- Fix new project group templates pagination GitLab Enterprise Edition
- Update pdf worker file path in pdf viewer
Security (7 changes)
- Add missing project_id for build_chat_data (merge request)
- Use custom adapter for parsing FogBugz XML (merge request)
- Removed id from authorize buttons and added specs (merge request)
- HTML injection in vulnerability Code flow leads to XSS on self hosted instances (merge request)
- Remove is-unsafe-link from product analytics tables to prevent XSS (merge request)
- Details of blocking merge request can be exposed via list (merge request)
- Prevent agent access via unconfirmed or disallowed group members (merge request)
Performance (1 change)
17.5.1 (2024-10-22)
Security (2 changes)
- Fixed HTML injection in Global Search bug (merge request)
- Limit max size of manifest file upload (merge request)
17.5.0 (2024-10-16)
Added (145 changes)
- Add X-Forwarded-To to allowed headers for email ingestion by @divyamtayal (merge request)
- Search API: Merge request support for title search_as_you_type (merge request) GitLab Enterprise Edition
- Added the group select to the global timelogs report by @zillemarco (merge request)
- Add global work item epics feature flag (merge request) GitLab Enterprise Edition
- Add support for updating abuse report notes (merge request)
- Audit merged MRs (merge request) GitLab Enterprise Edition
- Add user level AI metrics API (merge request) GitLab Enterprise Edition
- Reschedule BackfillPCiRunnerMachineBuildsProjectId migration (merge request)
- Backfill runner_type, sharding_key_id columns on ci_runner_machines (merge request)
- Add sharding key ci_pipeline_chat_data.project_id (merge request)
- Add customize jira issue setting (merge request) GitLab Enterprise Edition
- Create todos for expired SSH keys (merge request)
- Implement project compliance center (merge request) GitLab Enterprise Edition
- Add search button back to the header gated by feature flag (merge request)
- History rewrite: send emails after asynchronous processing (merge request)
- Add Project.projectComplianceStandardsAdherence field (merge request) GitLab Enterprise Edition
- Add Project.projectComplianceStandardsAdherence field (merge request) GitLab Enterprise Edition
- Allow disabling password auth for SSO users (merge request)
- Add download button to a health-check page (merge request) GitLab Enterprise Edition
- Release project-level security exclusions feature (merge request) GitLab Enterprise Edition
- Directly ingest emails by custom email in To header (merge request)
- Add migrate_memberships to BulkImportEntities (merge request)
- Ignore column vulnerablity_count in project_statistics table (merge request)
- Add custom license to license widget (merge request) GitLab Enterprise Edition
- Update Saml NameID related authentication errors (merge request) GitLab Enterprise Edition
- Add /help slash command (merge request) GitLab Enterprise Edition
- Integrate SD Exclusions with Scan Diffs feature (merge request) GitLab Enterprise Edition
- Create audit event for container_repository_created (merge request) GitLab Enterprise Edition
- Document new API endpoint
POST /deploy_keys (merge request)
- Pull mirror API: extend response with mirror related fields (merge request)
- Add update event handler for security policies (merge request) GitLab Enterprise Edition
- Persist additional context in chat history (merge request) GitLab Enterprise Edition
- Model registry: Metrics for pull and push package (merge request)
- Add runner_type, sharding_key_id columns to ci_runner_machines (merge request)
- Allow setting of weight on work item create (merge request) GitLab Enterprise Edition
- Restoration of object storage through gitlab-backup-cli (merge request)
- Add FK on events.personal_namespace_id (merge request)
- Create AbuseReportLabelType GraphQL type (merge request)
- Changed feature flag type from wip to beta (merge request) GitLab Enterprise Edition
- Introduce notes and notes_internal to WorkItems by @joe-snyder (merge request) GitLab Enterprise Edition
- Changes for allowed_email_domain update audit event (merge request)
- Add migration and model for max retries and backoff (merge request)
- Added service ping metric for member management enabled (merge request) GitLab Enterprise Edition
- Add members activity tracker worker (merge request) GitLab Enterprise Edition
- Show location and ISP in sign in from new location email by @shangsuru (merge request)
- Add project.mergeRequestViolations field on project type (merge request) GitLab Enterprise Edition
- Added new table and API for Workflow Events (merge request) GitLab Enterprise Edition
- Enable edit_branch_rules feature falg by default (merge request)
- Add job_token_policies column to CI job token allowlist (merge request)
- Add work_item_epics_ssot feature flag (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Alert success or file errors with model/version creation (merge request)
- Remove pypi_extract_pypi_package_model feature flag (merge request)
- Model Registry ability to delete experiment (merge request)
- Display page header and subheader (merge request) GitLab Enterprise Edition
- Add a GraphQL mutation for updating
OrganizationUser (merge request)
- Adds a cop and a generator to initialize bigint conversion (merge request)
- Add search argument to contributed projects GraphQL query (merge request)
- Add min_access_level and programming_language_name arguments (merge request)
- Add audit events for SD Exclusions on create, update and delete (merge request) GitLab Enterprise Edition
- Add programming language filter to contributed projects GraphQL query (merge request)
- Model Registry ability to delete candidate (merge request)
- Create merge request dependency api endpoint (merge request) GitLab Enterprise Edition
- Add async index to partition table (merge request)
- Add instance level job token application settings (merge request)
- Add async index to partition table (merge request)
- Expose code suggestion events on GraphQL (merge request) GitLab Enterprise Edition
- Add sharding_key_id to ci_runners table (merge request)
- Introduce group-level protected branches (merge request) GitLab Enterprise Edition
- Release "allow anyone to pull" feature for terraform modules (merge request)
- Update API and docs to account for non-billable promotions (merge request) GitLab Enterprise Edition
- Populate personal namespace for events (merge request)
- Add ml-candidate-metadata sharding-key (merge request)
- Add aiFeatureSettings GQL query (merge request) GitLab Enterprise Edition
- Ingest identifier_names of vulnerability_reads (merge request)
- Auto-ban duplicate users when a user is banned (merge request)
- Add new project redirect route to spec (merge request)
- Add Duo permission ability to vulnerability report (merge request) GitLab Enterprise Edition
- Add UserActivity class (merge request) GitLab Enterprise Edition
- Add a link to navigate to the CI/CD analytics on the pipelines page by @antonkalmykov (merge request)
- Enable CI job token authorizations log (merge request)
- Model Registry ability to load model (merge request)
- Add migrate_memberships to bulk_import_config (merge request)
- Add duo free access ending alert banner (merge request) GitLab Enterprise Edition
- Delete stale npm metadata caches with background migration (merge request)
- Add suffix strategy selector (merge request) GitLab Enterprise Edition
- Save draft data in storage (merge request)
- Add ability to remove resolved vulnerabilities (merge request) GitLab Enterprise Edition
- Add description field environments API (merge request)
- Expose
has_vulnerability_resolution via GraphQL (merge request) GitLab Enterprise Edition
- Add description text field to environment details (merge request)
- Add description field to environment (BE & DB) (merge request)
- Create the snooze and un-snooze todos mutations (merge request)
- Filter merge trains by branch param (merge request) GitLab Enterprise Edition
- Introduce a delete MR dependency api endpoint (merge request) GitLab Enterprise Edition
- Add
include_personal argument to contributed projects GraphQL query (merge request)
- GraphQL: Add
aggregate field to PipelineAnalytics (merge request)
- Update Llm completion for VR suggestion (merge request) GitLab Enterprise Edition
- Add source-branch filter (merge request)
- Enable Ruby support for GitLab Advanced SAST (merge request)
- Add ingestion for EPSS data into GitLab DB (merge request) GitLab Enterprise Edition
- Remove feature flag vulnerability_resolution_ga (merge request) GitLab Enterprise Edition
- Added membership_modified_by_admin_event (merge request) GitLab Enterprise Edition
- Protected branches API: support
deploy_key_id (merge request) GitLab Enterprise Edition
- Remove loose_foreign_keys_update_column_to feature flag (merge request)
- Add an empty state for MR approvals per branch (merge request) GitLab Enterprise Edition
- Adds GitlabSubscriptions::SeatAssignment model (merge request) GitLab Enterprise Edition
- Backfill for
vulnerability_reads.has_vulnerability_resolution (merge request) GitLab Enterprise Edition
- Elasticsearch: Merge requests with title completion (merge request) GitLab Enterprise Edition
- Add min_access_level argument to contributed projects GraphQL query (merge request)
- Use CycloneDX SBOMs licenses in license scanner (merge request) GitLab Enterprise Edition
- Add backticks to GitHub import user mentions (merge request)
- Support for editing the model version description in the model registry (merge request)
- Add column 'max_number_of_vulnerabilities' to 'project_settings' table (merge request)
- Add RewriteHistoryWorker to asynchronously rewrite repository history (merge request)
- Protected tags API: support
deploy_key_id (merge request) GitLab Enterprise Edition
- Remove work_item_epics_rollout feature flag (merge request)
- Add cron info to pipeline schedules table (merge request)
- Add subscribed argument to issues query (merge request)
- Initial checkin for Banner (merge request) GitLab Enterprise Edition
- Change relationship type of linked items via drag & drop (merge request)
- Remove references to gitlab_com_duo_pro_bulk_user_assignment (merge request)
- Add rails endpoinds for workflow status updates (merge request) GitLab Enterprise Edition
- Add event handlers for security policies changes (merge request) GitLab Enterprise Edition
- Add API endpoint to publish CI Catalog Resource Version (merge request)
- Add language filter to projects GraphQL query (merge request)
- Database changes for splitting microsoft applications (merge request)
- Add vuln counts to container regsitry page (merge request)
- Add license checks to group level work items ability checks (merge request)
- Add log fingerprint to the created issue (merge request) GitLab Enterprise Edition
- Add min_access_level argument to Projects GraphQL query (merge request)
- Add graphql mutations for project security exclusions (merge request) GitLab Enterprise Edition
- Admin API Endpoint: Token Info by @nwittstruck (merge request)
- Release "allow anyone to pull" feature for group-level maven endpoints (merge request)
- Add artifacts archive setting (merge request)
- Release "allow anyone to pull" feature for group-level NuGet endpoints (merge request)
- Delete
custom_ability_admin_runners feature flag (merge request) GitLab Enterprise Edition
- Persist approval_policy_rule_id for scan_result_policy_violations (merge request) GitLab Enterprise Edition
- Move the zoekt_repository to failed if retries_left gets 0 (merge request) GitLab Enterprise Edition
- Rename and add fields additional context rest api (merge request) GitLab Enterprise Edition
- Show SBOM reports errors on the pipeline security and licenses tabs (merge request) GitLab Enterprise Edition
- Enable dependency_scanning_using_sbom_reports by (merge request) GitLab Enterprise Edition
- Add aiSelfHostedModelFeatureSettings query (merge request) GitLab Enterprise Edition
- Add merge_after attribute to MergeRequest by @Taucher2003 (merge request)
- Suspend/Resume flux reconciliation from the UI (merge request)
Fixed (132 changes)
- Protected containers: Push protection for admin users by @gerardo-navarro (merge request)
- Prevent submitting form when pressing enter in transfer location search (merge request)
- Revert "Fix Helm chart appVersion not being quoted in index.yaml" (merge request)
- Cloud Connector sync: Read license from DB (merge request) GitLab Enterprise Edition
- Revert "Merge branch 'sc1-optimise-concurrency-tracking' into 'master'" (merge request)
- Fix handling of loading secrets with empty section (merge request)
- Merge requests API: fix cache for "with_labels_details" argument (merge request)
- Labels page: Fix vertical alignment and badge (merge request)
- Prevent non-ASCII names (merge request)
- Mini Pipeline graph: Fix height of item and alignment of retry (merge request)
- Add response-content-disposition to url in Workhorse.send_url (merge request)
- PullMirrors::UpdateService: remove previous data after mirror's update (merge request) GitLab Enterprise Edition
- Update export to not hard fail when one batch export fails (merge request)
- Requeue BackfillPCiPipelineVariablesProjectId (merge request)
- Show pending project members on pending members page (merge request) GitLab Enterprise Edition
- fix: Use hash reference for resolving security finding CWE identifier (merge request) GitLab Enterprise Edition
- Fix access to job logs for anonymous users by @Taucher2003 (merge request)
- Allow self registered user to trigger user_create hook (merge request)
- Reset ci_deleted_objects#pick_up_at (merge request)
- Wrap source user reassignments in a lock (merge request)
- Fix #root_ancestor when parent_id is defined (merge request)
- Fix project_settings#has_vulnerabilities data inconsistency issue (merge request)
- Send correct namespace for the Flux resource (merge request)
- ansi2json: Handle multiple CRs in line endings by @lb90 (merge request)
- Pipeline Graph: Fix badge text color and card header in darkmode (merge request)
- Fix deeplink urls for migrated epics (merge request)
- Respect model registry and experiment visibility settings (merge request)
- Add
epic to confidentiality feature (merge request) GitLab Enterprise Edition
- Flash alerts: Fix sticky position (merge request)
- Reset group callout for all seats used banner when deleting a member (merge request) GitLab Enterprise Edition
- Fix min-width of user select dropdown (merge request)
- Remove bottom padding on images (merge request)
- Remove vertical scrollbar on GLQL tables (merge request)
- Fix for Personal Projects Settings bug (merge request)
- Separate UI and API checks for user impersonation (merge request) GitLab Enterprise Edition
- Fix policy violations not being deleted properly (merge request) GitLab Enterprise Edition
- Prevent registration group creation changing registration_type (merge request) GitLab Enterprise Edition
- Delete deployed Pages on Project archive (merge request)
- Link compliance frameworks with pipeline execution policies (merge request) GitLab Enterprise Edition
- Remove
go_get_handle_401_error feature flag (merge request)
- Clear draft on cancel (merge request)
- Fix project level value stream analytics default date (merge request)
- Distinct select style for user mentions in RTE (merge request)
- Only show custom emoji from current group in frequently used emoji (merge request)
- Update CycloneDX 1.5 json schema with upstream (merge request)
- Fixes package tag not being displayed (merge request)
- Groups Filter - Fix pagination tree view (merge request)
- Use error message from backend when updating member role (merge request) GitLab Enterprise Edition
- In Pages build use use_open_file instead of use_file (merge request)
- Allow Instance Admin to always create projects (merge request)
- Model Registry model versions empty state typo (merge request)
- Update haml markdown editor toolbar buttons to match Vue version (merge request)
- Recover destroyed ML model version packages (merge request)
- Fix broken wiki sidebar when slugs contain special characters (merge request)
- Drop project_id not null constraint ci_deleted_objects (merge request)
- Fix link color override with increasing specificity (merge request)
- Remove project_id FK constraint on terraform module metadata (merge request)
- Fix collapsed diff discussions expanding when adding a new discussion (merge request)
- Prevent deploy key access when owner is not a member of the project (merge request)
- Prevent approval rule from overlapping approvals count in drawer (merge request) GitLab Enterprise Edition
- Handle expired CI job artifacts with orphaned projects (merge request)
- Filter work item children and ancestors out of work item token input (merge request)
- PWA: Respect the screen rotation settings of the user device by @kurages (merge request)
- Fix flaky test (merge request)
- Do not fetch license on Duo page when SaaS (merge request) GitLab Enterprise Edition
- Fix Web IDE Oauth domain mismatch screen (merge request)
- Fix for Groups Duo Subscription Bug (merge request) GitLab Enterprise Edition
- Fix Helm chart appVersion not being quoted in index.yaml by @djhoese (merge request)
- Fix styling problems for Escalation policy rule controls (merge request) GitLab Enterprise Edition
- Allow
:admin_runners to clear runners cache (merge request) GitLab Enterprise Edition
- Projects::GraphsController#charts: fix URL generation (merge request)
- Handle existing resolved ocs vulns (merge request)
- Add migration for fixing organization_id inconsistencies (merge request)
- Only create system note on color change (merge request) GitLab Enterprise Edition
- Fix flaky logger spec (merge request) GitLab Enterprise Edition
- Skip status checks for empty diff hashes (merge request) GitLab Enterprise Edition
- Fix NRE when logged out and reading merge trains via GraphQL (merge request)
- Allow reviewer unassign via quick action at MR creation by @kingjan1999 (merge request)
- Fix counting new vulnerabilities in ingestion logic (merge request) GitLab Enterprise Edition
- Fixing pipeline config issue for multiple frameworks (merge request) GitLab Enterprise Edition
- Fix authorized find in project security exclusion mutations (merge request) GitLab Enterprise Edition
- Skip new branch name validation for some keypresses (merge request)
- Remove duplicate ci status (merge request)
- Make a Vulnerability a proper todo target (merge request) GitLab Enterprise Edition
- Add auth check to delete tag endpoint (merge request)
- Handle merge when checks pass correctly in the api (merge request)
- Fix timeline style in dark mode (merge request)
- Add sass file page_bundles/todos_vue.scss (merge request)
- Adjust wording for pipeline's license tab (merge request) GitLab Enterprise Edition
- Fix logged out header for auto color mode (merge request)
- Prevent 500 errors when evaluating empty changelog configs (merge request)
- Initial commit for hide duo chat (merge request)
- Improvements to markdown "Exit full screen" button (merge request)
- Prevent footnote backref from displaying as emoji (merge request)
- Fix draft not clearing after submitting description (merge request)
- Fix error when trying to access nil commit author (via GraphQL) (merge request)
- Filter out duplicate milestone results in filter search bar (merge request)
- Prevent links in project descriptions from making project rows too wide (merge request)
- Update access level for imported protected tags (merge request)
- Fix partitioning rollback for p_ci_pipelines (merge request)
- Allow to search for todos with commit target type (merge request)
- Todos: Add namespace and project target types to GraphQL (merge request)
- Grant Auditor users :read_package ability on the group-level (merge request) GitLab Enterprise Edition
- Fix decreasing the project vulnerability counts (merge request) GitLab Enterprise Edition
- Fix Zoekt global code search by @skel2007 (merge request) GitLab Enterprise Edition
- Design management: Highlight current user handle (merge request)
- Model Registry version compatability with mlflow endpoint (merge request)
- Restore border on pipelines table (merge request)
- Fix incorrect gitlab-shell-check filename (merge request)
- Enable external status checks mutation for Projects::AllBranchesRule (merge request) GitLab Enterprise Edition
- Sync pipeline iid with subscription (merge request)
- Fix misleading UI message (merge request) GitLab Enterprise Edition
- Broadcast message styles remove manual dark mode color override (merge request)
- Remove add child console error (merge request)
- Fix truncated messages for commits (merge request)
- Allow POST to jwt/auth during maintenance mode (merge request) GitLab Enterprise Edition
- Reschedule setting vulnerability counts for projects (merge request)
- Fix page jump when reacting to work item comments (merge request)
- Fix regression not allowing clearing out runner tags (merge request)
- Fix work item skeleton loaders for extra pages (merge request)
- Send null memberRoleId instead of undefined (merge request)
- Avoid database reconnections when host disconnected from load balancer (merge request)
- Fix framework link in policy migration merge request (merge request) GitLab Enterprise Edition
- Remove extra container classes on Auto DevOps banner (merge request)
- Check commit message for issue close pattern setting (merge request)
- Initially hide final alert on model registry artifact upload (merge request)
- Consider Duo Enterprise when counting Pro users (merge request) GitLab Enterprise Edition
- Fix ci_owned_runners returning other groups (merge request)
- Ensure pipeline job items in a stage have appropriate border radius (merge request)
- Do not parse SSE events if not streaming (merge request) GitLab Enterprise Edition
- Fix N+1 in cluster agents resolver (merge request)
- Fix bug where car left after branch deletion (merge request) GitLab Enterprise Edition
Changed (205 changes)
- Add page refresh when policy type is selected (merge request) GitLab Enterprise Edition
- Remove allow_cross_joins_across_databases in finding_signature.rb (merge request) GitLab Enterprise Edition
- GraphQL: Rename CiJobsDurationStatistics to CiDurationStatistics (merge request)
- Added feature flag gate (merge request) GitLab Enterprise Edition
- UI: Do not expire direct memberships in subgroups and projects by @nwittstruck (merge request)
- Separate notes from vulnerabilities update when dismissing (merge request) GitLab Enterprise Edition
- Update Load Performance Testing templates (merge request)
- Use file icon for uploads (merge request)
- Support pages deploy jobs with names other than "pages" (merge request)
- Remove
finding_resolver_use_pure_finder feature flag (merge request) GitLab Enterprise Edition
- Mark oauth_applications table as clusterwide (merge request)
- Remove references for editor field on workspaces (merge request) GitLab Enterprise Edition
- Add CI/CD Catalog wrapper to releases (merge request)
- Load first note on work items (merge request)
- Update copy for free registration paths (merge request) GitLab Enterprise Edition
- Handle mailmapped emails for ssh verified commits (merge request)
- Handle Work Item URLs in Duo Chat (merge request) GitLab Enterprise Edition
- Update license scanning documentation (merge request) GitLab Enterprise Edition
- Remove delete_otp_no_webauthn feature flag (merge request)
- Wikilinks now handle characters escpaed in title (merge request)
- Set vulnerability_exports table to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Adjust toggle behaviour for runner registration token setting at group by @antonkalmykov (merge request)
- Skip CS components when parsing licenses from SBOM (merge request)
- Update pipeline mini graph variables (merge request)
- Enable FF enable_add_on_users_filtering by default (merge request)
- Improve status dropdown description (merge request) GitLab Enterprise Edition
- Process security policies only when they are changed (merge request) GitLab Enterprise Edition
- Settings block: Move collapsible button to left (merge request)
- Display an icon for closed merge requests on branches page (merge request)
- Security dashboard: Update heading to use shared component (merge request)
- Display helper text for severity group (merge request) GitLab Enterprise Edition
- Initial commit for changing admin Duo Utilization routes (merge request) GitLab Enterprise Edition
- Improve documentation
spp_repository_pipeline_access settings (merge request)
- Synchronously add vulnerabilities_reads indexes (merge request)
- Remove
ai_merge_request_reader_for_chat feature flag (merge request) GitLab Enterprise Edition
- Allow top level group owners to create Service Accounts in Self-Managed (merge request) GitLab Enterprise Edition
- Update GlPagination to use design tokens (merge request)
- Artifacts page: Update heading to use shared component (merge request)
- Handle permanently available deprovision parameters (merge request) GitLab Enterprise Edition
- Include HTML layouts in project export and project transfer emails by @jimender2 (merge request)
- Fix sbom scanner to work with reported licenses (merge request) GitLab Enterprise Edition
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Fix Vue 3 failing test (merge request) GitLab Enterprise Edition
- Fix Vue 3 failing test (merge request) GitLab Enterprise Edition
- Duo Utilization routes setup (merge request) GitLab Enterprise Edition
- Link project_bot user deletion audit event to its resource if possible (merge request) GitLab Enterprise Edition
- Revise and update repository xray docs (merge request)
- Remove the beta badge for Secret push protection (merge request) GitLab Enterprise Edition
- Update push check and scanning gem to handle exclusions (merge request) GitLab Enterprise Edition
- Update extension for docs links in misc ruby files 2 (merge request) GitLab Enterprise Edition
- Add regex support for runner tag search (merge request)
- Hide bulk selection column when user doesn't allowed to delete artifacts by @antonkalmykov (merge request)
- CI/CD Admin: Use shared components (merge request)
- Changing RCA prompt to new prompt (merge request) GitLab Enterprise Edition
- Send trial_type param during trial generation (merge request) GitLab Enterprise Edition
- Add API support for webhook feature flag events (merge request)
- Hide blob ci status (merge request)
- Seperate gitlab_sec updates from gitlab_main transaction (merge request) GitLab Enterprise Edition
- Add conditional mapping for elasticsearch (merge request) GitLab Enterprise Edition
- Localize dates in UI (merge request)
- Convert ml_models.project_id constraint to cascade delete (merge request)
- Update extension for docs links in misc ruby files (merge request) GitLab Enterprise Edition
- Update Harbor Registry illustrations (merge request)
- Update extension for docs links in models and presenters (merge request)
- Switch to Duo Chat V2 (merge request)
- Remove security_policy_bot_shared_avatar feature flag (merge request)
- Update extension for docs links in ruby helpers (merge request)
- Add bold font for status filter (merge request) GitLab Enterprise Edition
- Remove group_access_request_webhooks feature flag by @Taucher2003 (merge request)
- Clarify 'GitLab' term in signup error message (merge request)
- Remove gl-new-card (merge request)
- Update extension for docs links in /lib ruby files (merge request)
- Fix
tag icon display in the project ref selector dropdown by @antonkalmykov (merge request)
- Use a default value for the parameter that will be parsed by JSON.parse by @antonkalmykov (merge request)
- Disable heap fragmentation memory watchdog check (merge request)
- Return all linked projects/namespaces when fetching policies (merge request) GitLab Enterprise Edition
- Fix Vue 3 failing test (merge request) GitLab Enterprise Edition
- Allow filtering users on backend in RTE (merge request)
- Add probe for checks in air-gapped instances (merge request) GitLab Enterprise Edition
- Add markdown version to redis cache key (merge request)
- Allow watermarks to move from high to low for zoekt indices (merge request) GitLab Enterprise Edition
- Change duo trials duration logic (merge request) GitLab Enterprise Edition
- This MR changes layout of filters (merge request) GitLab Enterprise Edition
- Add watermark enum to zoekt indices (merge request)
- Rename config_version field in workspaces table (merge request) GitLab Enterprise Edition
- Remove default for organization_id (merge request) GitLab Enterprise Edition
- Fixes a bug with the duo free access ending banner (merge request) GitLab Enterprise Edition
- Add storage watermark to zoekt indices (merge request) GitLab Enterprise Edition
- Add keyboard nav to boards (merge request) GitLab Enterprise Edition
- Migrate Admin group edit page to use SettingsSection component (merge request)
- Update kubernates empty states illustrations (merge request)
- Split AI impact dashboard table into multiple panels (merge request) GitLab Enterprise Edition
- Add handling big content for a drawer (merge request) GitLab Enterprise Edition
- Create work item: Add dividers to items in sidebar (merge request)
- Split the Value stream dashboard table into multiple panels (merge request) GitLab Enterprise Edition
- Update extension for docs links in ci ruby files (merge request)
- Add scheduling worker to update storage used on zoekt index (merge request) GitLab Enterprise Edition
- Add conditional mapping for elasticsearch (merge request) GitLab Enterprise Edition
- Add stat cards for filtering users (merge request)
- Change the order of fork information (merge request)
- Add an option to track_event API to send events to Snowplow (merge request)
- Discover Duo Pro: Migrate to regular card (merge request) GitLab Enterprise Edition
- Update Members page (merge request)
- Use POST request to force unsubscribe by email clients (merge request)
- Update Locked Files page (merge request)
- Drop randomization_seed from database load balancing log messages (merge request)
- Remove load_balancing_disconnect_without_verify feature flag (merge request)
- Add new list between two lists on a board (merge request)
- Make roles and permissions page visible to premium (merge request) GitLab Enterprise Edition
- Show specific OmniAuth buttons in signup page (merge request)
- Consider multiple target branch pipelines for license policy (merge request) GitLab Enterprise Edition
- This MR adds extra check for policy scope (merge request) GitLab Enterprise Edition
- Backfill PATs seven_days_notification_sent_at column (merge request)
- Add integration test for group scope (merge request) GitLab Enterprise Edition
- Update Escalation Policies empty state illustration (merge request)
- Format code blocks (merge request)
- Scope ComponentsResolver to Group or Project (merge request) GitLab Enterprise Edition
- Separate gitlab_main updates from gitlab_sec updates (merge request) GitLab Enterprise Edition
- Add errors to SecurityPolicyProjectCreated subscription (merge request) GitLab Enterprise Edition
- Simplify logic to exclude rules in Scan Execution Policies (merge request) GitLab Enterprise Edition
- Finalize UpdateWorkspacesConfigVersion3 migration (merge request)
- Make tag content more ergonomic on commit list pages (merge request)
- This MR updates linked SPP query (merge request) GitLab Enterprise Edition
- Adds to RedisStore sid (merge request)
- Create loose fkeys dast_profiles_schedulus.profile_id (merge request)
- This MR fix remove button layout (merge request) GitLab Enterprise Edition
- Raise error on lock retries exhaustion (merge request)
- Add watermark enum to zoekt indices (merge request)
- Add Changelog trailer (merge request)
- Add option to skip cache with zoekt scheduling service (merge request) GitLab Enterprise Edition
- Align time tracking link size (merge request)
- Show manifest media type for container registry image tag (merge request)
- Re-enable DocumentationLinks in haml-lint (merge request)
- Remove index from SBOM tables (merge request)
- Fix yaml support for monaco-editor with vite (merge request)
- Model Registry present latest SemVer instead of ID (merge request)
- Use a
label instead of strong tag in a CI job token allowlist form by @antonkalmykov (merge request)
- Small update to Linked widget help copy (merge request)
- Zoekt nodes skip tasks when over critical storage watermarks (merge request) GitLab Enterprise Edition
- Update container registry tags list toggle details icon (merge request)
- Switch from Rails.application.secrets to Rails.application.credentials (merge request)
- Ensure zoekt replica router returns distinct set of indices (merge request) GitLab Enterprise Edition
- Remove meta-programming from AutoMergeService (merge request)
- This MR fix remove button layout (merge request) GitLab Enterprise Edition
- Send add-on metrics during seat link sync (merge request) GitLab Enterprise Edition
- Set default true for pipeline mainteennce feature flag (merge request) GitLab Enterprise Edition
- Add link to error code to Duo Chat response (merge request) GitLab Enterprise Edition
- Avatar: Refactor img to use GlAvatar (merge request)
- Localize dates in UI (merge request)
- Remove legacy event tracking from Value Streams Dashboard (merge request) GitLab Enterprise Edition
- Add pages_domains not null constraint for project_id (merge request)
- Update pipeline migration UI text (merge request) GitLab Enterprise Edition
- Allow to select multiple groups with the same name in MR approval rules by @antonkalmykov (merge request)
- Use
GlTable for the deployment approval settings in the add rule modal by @antonkalmykov (merge request) GitLab Enterprise Edition
- This MR adds warning for invalid policies (merge request) GitLab Enterprise Edition
- Update approval_policy_rule_id fk to nullify on delete (merge request) GitLab Enterprise Edition
- Remove cache when zoekt replica search FF is changed (merge request)
- Clean up
scan_execution_policy_cache_ci_templates feature flag (merge request) GitLab Enterprise Edition
- Update Puma to 6.4.3 and patch PID reaper (merge request)
- Domain verification: Migrate to Crud (merge request)
- Let embedded videos be full width with max-width 100% (merge request)
- Remove default project_id from p_ci_finished_build_ch_sync_event (merge request) GitLab Enterprise Edition
- Update UI docs links in app/view/groups files (merge request)
- Update UI docs links in assorted files (merge request)
- Update UI docs links in app/views/shared files (merge request)
- Update UI docs links in app/view/projects files (merge request)
- Add comparison pipelines in bot comments for error cases (merge request) GitLab Enterprise Edition
- Fix Vue 3 failing test (merge request) GitLab Enterprise Edition
- Made Environments > Deployment details page mobile friendly by @antonkalmykov (merge request) GitLab Enterprise Edition
- Show group path in group selection dropdown in purchase flow (merge request) GitLab Enterprise Edition
- Renamed run pipeline button (merge request)
- ACTUALLY set the schema to gitlab_sec (merge request) GitLab Enterprise Edition
- Update pipeline migration text and link (merge request) GitLab Enterprise Edition
- Add an OPS FF to avoid flooding sentry with semver dialect errors (merge request) GitLab Enterprise Edition
- There were several problems here: (merge request) GitLab Enterprise Edition
- There were several problems here: (merge request) GitLab Enterprise Edition
- Remove beta mention in metadata database alert on registry pages (merge request)
- Fix zoekt replica group search (merge request) GitLab Enterprise Edition
- Clean up
ci_conditionals_reduce_gitaly_calls feature flag (merge request)
- Commits: Migrate non-compliant Avatar sizes (merge request)
- Show an empty state when Protected Environment has no approval rules by @antonkalmykov (merge request) GitLab Enterprise Edition
- Update UI docs links in application_settings files (merge request)
- Update ffi gem to v1.17.0 (merge request)
- Split remediations query from upload deletion for decomposition (merge request) GitLab Enterprise Edition
- Do not destroy empty ML model packages (merge request)
- Finalize migration NullifyOrganizationIdForSnippets (merge request)
- Add used_storage_bytes column to zoekt indices (merge request)
- Modify the way dividers are generated (merge request)
- Remove cross DB transaction against dast_site_profile (merge request) GitLab Enterprise Edition
- Remove feature flag zoekt_create_indexing_tasks (merge request) GitLab Enterprise Edition
- Watch for k8s events changes (merge request)
- Cleanup 'locked_paths_mergeability_check' FF (merge request)
- Enable summarize_notes_with_duo by default (merge request)
- Improve messaging for pending approval invited members (merge request) GitLab Enterprise Edition
- Add loader for pipeline actions (merge request)
- Hide failed jobs widget logic (merge request)
- Tranition vulnerability_state_transitions to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Localize dates within issues (merge request)
- Make pages_domains.project_id not nullable (merge request)
- Permanently delete project: Remove gl-new-card classes (merge request) GitLab Enterprise Edition
- Add popover for image and tag on vuln report page (merge request)
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Only notify user who started BulkImport (merge request)
- Update dependency ai-gateway to v1.18.0 (merge request)
- Change the UX of the create model button for Model registry (merge request)
Deprecated (6 changes)
- Deprecate Legacy Epics on GraphQL (merge request) GitLab Enterprise Edition
- Adds ContainerTagsExpirationPolicy graphql type (merge request)
- GraphQL: Deprecate CiRunnerUsageByProject.ciUsedMinutes (merge request)
- GraphQL: Deprecate CiRunnerUsage.ciUsedMinutes in favor of ciDuration (merge request)
- Initial checkin for Issue 479384 (merge request) GitLab Enterprise Edition
- Deprecate namespaces addOnPurchase GraphQL field (merge request) GitLab Enterprise Edition
Removed (40 changes)
- Removed include_manual_to_pipeline_completion flag (merge request)
- Clean up account_validation_email feature flag (merge request) GitLab Enterprise Edition
- Remove identifier_external_ids column from vulnerability_reads (merge request)
- Remove cross join allowances from vuln ingestion process (merge request) GitLab Enterprise Edition
- Model Registry removed Candidates tab (merge request)
- Remove flash background colors (merge request)
- Drop zoekt_shards table (merge request)
- Remove finalized BBM that contains cross join sec decomp can't support (merge request) GitLab Enterprise Edition
- Delete migration BackfillSbomOccurrencesTraversalIdsAndArchived (merge request)
- Remove Issue Analytics broken search filters (merge request)
- Remove BBM that cannot function post Sec Decomposition (merge request)
- Remove sec-decomposition related cross join supression (merge request) GitLab Enterprise Edition
- Remove sec-decomposition related cross join suppresion (merge request) GitLab Enterprise Edition
- Delete unused BBM code (merge request) GitLab Enterprise Edition
- Elasticsearch: Reindex to remove title completion (merge request) GitLab Enterprise Edition
- Remove no longer needed cross join suppressions (merge request)
- Remove unneeded transitional cross join suppresion (merge request) GitLab Enterprise Edition
- Remove unneeded cross db interaction suppressions (merge request) GitLab Enterprise Edition
- Remove unneeded cross join suppresion (merge request) GitLab Enterprise Edition
- Drop token_with_ivs table (merge request)
- Clean up migrated prompts for self-hosted code suggestions (merge request) GitLab Enterprise Edition
- Remove cross DB access suppression from remediation creation (merge request) GitLab Enterprise Edition
- Remove transitional cross DB warning suppresion (merge request) GitLab Enterprise Edition
- Place Product Analytics admin settings behind flag by @max.woolf (merge request) GitLab Enterprise Edition
- Remove faulty async index definitions (merge request)
- Remove possibly unnecessary cross join suppresion for vuln helper (merge request) GitLab Enterprise Edition
- Remove unneeded cross DB suppression (merge request) GitLab Enterprise Edition
- Remove unneeded cross join allowances (merge request) GitLab Enterprise Edition
- Delete the
emoji_webhooks feature flag (merge request)
- Remove ci_platform_metrics and related Sidekiq code (merge request)
- Remove early access checkbox (merge request) GitLab Enterprise Edition
- Remove transitional cross join allowances (merge request) GitLab Enterprise Edition
- Remove pipeline reference from state transition (merge request)
- Remove unneeded cross join allowance for sec decomposition (merge request) GitLab Enterprise Edition
- Remove DAG code (merge request)
- Remove unneeded transitional cross join suppresions (merge request) GitLab Enterprise Edition
- Drop namespace setting column toggle_security_policy_custom_ci (merge request)
- Remove ensure prepared worker (merge request)
- Remove validate_target_sha_in_user_commit_files feature flag (merge request)
- Remove ignore_columns for Packages::BuildInfo (merge request)
Security (13 changes)
- Prevent guest access to project templates
- Skip content when listing conflict files with types
- Do not create a pipeline on MR refresh if source branch was deleted
- Escape OAuth application name on authorize page
- Remove access to local requests via cube query service
- Prevent deploy keys from pushing code to an archived project
- Hide version info from unauthorized users
- Return for admin condition if user authentication with job token (merge request)
- External webhook token should be set
- Updates Summarize Comments LLM Prompt
- Hide system notes with invalid references
- Reset dependency proxy maven credentials when registry url is changed
- Implement input sanitization for SummarizeComments
Performance (11 changes)
- Update import_data sharding (merge request)
- Stop creating keep-arounds on merge base commits (merge request)
- Remove cancel_redundant_pipelines_without_hierarchy_cte feature flag (merge request)
- Use sticky data consistency for post receive worker (merge request)
- Enable CI variables optimization for pipeline creation (merge request)
- Add concurrency_limit to ProcessScanResultPolicyWorker (merge request) GitLab Enterprise Edition
- Move a field check into the query instead of the loop body (merge request)
- Add deduplication to SynScanPoliciesWorker (merge request) GitLab Enterprise Edition
- Limit count query in the events APIs (merge request)
- Remove increase_diff_file_performance feature flag (merge request)
- Cache Fog::Storage object for CI build chunks (merge request)
Other (146 changes)
- Add and backfill project_id for dast_site_profiles_builds (merge request)
- Add and backfill project_id for dast_profiles_pipelines (merge request)
- Clean up send_verification_code_to_secondary_email feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillBoardsEpicListsGroupId (merge request)
- Add expiration wording to duo pro and enterprise trial success (merge request) GitLab Enterprise Edition
- Remove in-app trials redirect to stored user location (merge request) GitLab Enterprise Edition
- Finalize BackfillComplianceFrameworkSecurityPoliciesNamespaceId (merge request)
- refactor: Protected badge as reusable component by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Do not subscribe to Users::ActivityEvent (merge request)
- Create partitions for p_ci_build_trace_metadata (merge request)
- Drop issues.correct_work_item_type_id foreign key (merge request)
- Backfill migration for vulnerability_reads identifier_names (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add db_config_database into marginalia comments (merge request)
- Avoid sidekiq warning for FlushCounterIncrementsWorker by @gerardo-navarro (merge request)
- Finalize migration BackfillBoardsEpicBoardPositionsGroupId (merge request)
- Track worker concurrency using Redis hash (merge request)
- Backfill issues.correct_work_item_type_id with correct value (merge request)
- Remove upcoming_reconciliations from spec (merge request)
- Quarantine a flaky test (merge request)
- Add trigger to update issues.correct_work_item_type_id (merge request)
- Reduce wait time for replica if worker urgency is high (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add and backfill project_id for packages_composer_metadata (merge request)
- Add and backfill project_id for dast_scanner_profiles_builds (merge request)
- Use routing table name for PipelineConfig model (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Move Cop/WithoutReactiveCache to gitlab-org/gitlab by @schurzi (merge request)
- Set
vulnerability_count of project_security_statistics records (merge request)
- Create partitions for p_ci_build_trace_metadata (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillAuditEventsStreamingHeadersGroupId (merge request)
- Correct tag name restrictions documentation (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillApprovalProjectRulesUsersProjectId (merge request)
- Protected containers: Align actor for feature flag by @gerardo-navarro (merge request)
- Add and backfill project_id for ci_secure_file_states (merge request)
- Add and backfill project_id for packages_pypi_metadata (merge request)
- Fix Style/SingleArgumentDig offences by @rutvikchandla3 (merge request)
- Add and backfill project_id for ci_pipeline_schedule_variables (merge request)
- Regenerate RuboCop TODO files (merge request)
- Add and backfill project_id for packages_rubygems_metadata (merge request)
- Quarantine a flaky test (merge request)
- Add initial schema for custom field configuration (merge request)
- Continue removal of Trial Abandonment worker (merge request) GitLab Enterprise Edition
- Cleanup of backend and E2E for
pipeline_security_dashboard_graphql (merge request)
- Solve null equality in BBM that deduplicates lfs_objects_projects (merge request)
- Add and backfill project_id for pages_domain_acme_orders (merge request)
- Remove .issuable-row background in milestone's page_bundles (merge request)
- Add foreign key constraint to
projects.organization_id (merge request)
- Add and backfill project_id for ci_resources (merge request)
- Quarantine a flaky test (merge request)
- Remove web_ide_oauth flag and its references (merge request)
- Finalize migration BackfillApprovalsProjectId (merge request)
- Finalize migration BackfillApprovalMergeRequestRuleSourcesProjectId (merge request)
- Change the duo pro discover page to match new wording and design (merge request) GitLab Enterprise Edition
- DB Docs are up to date (merge request)
- Add Duo Enterprise product interaction for seat assignment lead (merge request) GitLab Enterprise Edition
- Add and backfill project_id for packages_nuget_metadata (merge request)
- Remove the nodes which are offline for more than 12 hours (merge request) GitLab Enterprise Edition
- Add and backfill project_id for ci_builds_runner_session (merge request)
- Add and backfill project_id for pages_deployment_states (merge request)
- Add and backfill project_id for packages_rpm_metadata (merge request)
- Add and backfill project_id for approval_project_rules_protected_branche (merge request)
- Add and backfill project_id for packages_npm_metadata (merge request)
- Quarantine a flaky test (merge request)
- Remove pipeline_run_keyword feature flag (merge request)
- Add and backfill project_id for incident_management_pending_alert_escala (merge request)
- Introduce
project_security_statistics table (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillApprovalGroupRulesUsersGroupId (merge request)
- Quarantine a flaky test (merge request)
- Use defined constants for selector types (merge request) GitLab Enterprise Edition
- Finalize migration BackfillApprovalMergeRequestRulesProjectId (merge request)
- Finalize migration BackfillApprovalGroupRulesProtectedBranchesGroupId (merge request)
- Finalize migration BackfillAgentActivityEventsAgentProjectId (merge request)
- Fix Performance/RegexpMatch offenses by @bolah2009 (merge request) GitLab Enterprise Edition
- Fully deprecate legacy sidekiq workers for onboarding (merge request)
- Add metric to track when CVS cannot scan component (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add and backfill project_id for incident_management_timeline_event_tag_l (merge request)
- Add and backfill project_id for ci_unit_test_failures (merge request)
- Mark 20231016162120 as obsolete (merge request) GitLab Enterprise Edition
- Add issues.correct_work_item_type_id column (merge request)
- Add
work_item_types.correct_id column (merge request)
- Mark 20231019223356 as obsolete (merge request) GitLab Enterprise Edition
- Fix packages_packages definition file (merge request)
- Add emails notification for RewriteHistory worker (merge request)
- Add target_type to refine the query (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Drop database table compliance_checks (merge request)
- refactor: Fix rubocop offense Layout/space_inside_parens by @gerardo-navarro (merge request)
- Drop default for work_item_types.id (merge request)
- Change FF type and default enable flag (merge request) GitLab Enterprise Edition
- Redefine broken foreign keys on p_ci_pipelines (merge request)
- Add accessibility tests to todos filtering dashboard (merge request)
- Add and backfill project_id for milestone_releases (merge request)
- Mark 20231005103449 as obsolete (merge request) GitLab Enterprise Edition
- Rubocop fix by @arno_gr (merge request)
- Change default for org id (merge request) GitLab Enterprise Edition
- Fix the initial_indexing logic (merge request) GitLab Enterprise Edition
- Mark 20231130202203 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill project_id for incident_management_oncall_rotations (merge request)
- Add and backfill project_id for alert_management_alert_user_mentions (merge request)
- Remove
project_analytics_dashboard_dynamic_vsd feature flag (merge request) GitLab Enterprise Edition
- Add and backfill project_id for incident_management_escalation_rules (merge request)
- Remove unused code for build tags (merge request)
- Mark 20231004124852 as obsolete (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Mark 20240107132344 as obsolete (merge request) GitLab Enterprise Edition
- DB Docs are up to date (merge request)
- Audit list of classes in dashboard.scss by @NIKU-SINGH (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill project_id for alert_management_alert_metric_images (merge request)
- Mark 20240104134928 as obsolete (merge request) GitLab Enterprise Edition
- Partition ci_build_trace_metadata table - 4 (merge request)
- Add and backfill project_id for ci_job_artifact_states (merge request)
- Remove obsolete Advanced search migrations (merge request) GitLab Enterprise Edition
- Remove feature flag save_policy_violation_data (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Mark 20231213172132 as obsolete (merge request) GitLab Enterprise Edition
- Add index for component search on Occurrences table (merge request)
- Mark 20231130152447 as obsolete (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Remove & clean up set_sbom_report_ingestion_errors FF (merge request)
- Quarantine a flaky test (merge request)
- Adjust signup page items for more clarity (merge request) GitLab Enterprise Edition
- Removes Unused CSS class by @NIKU-SINGH (merge request)
17.4.6 (2024-12-10)
Fixed (2 changes)
- Add param filtering to avoid error while saving project settings (merge request) GitLab Enterprise Edition
- Fix 401 errors when installing the GitLab for Jira app
Security (11 changes)
- Add timeout around Parslet in template parser (merge request)
- Add authorization check to protectableBranches field (merge request)
- Check harbor name & digest for path traversal (merge request)
- Ignore titles for GFM links in rich text editor (merge request)
- Restrict user and group creation when same pages unique domain exist (merge request)
- DoS by repeatedly sending unauthenticated requests for diff-files of a commit or merge request (merge request)
- Add query to filter_parameters (merge request)
- Added invalid redirect fragment check (merge request)
- Make confidential threads unresolvable via new issue (merge request)
- Do not set session cookie for /v2 endpoints in the response (merge request)
- HTML injection in vulnerability details, leads to XSS on self hosted servers (merge request)
17.4.5 (2024-11-26)
Security (6 changes)
- Add size check for harbor registry (merge request)
- Adding JobArtifactReport class to pre-emptively validate job artifacts (merge request)
- Fix: unsubscribe from actioncable channel when PAT is revoked (merge request)
- Allow a LFS token to be used only for LFS related requests (merge request)
- Fix possible DOS with TOML file parsing (merge request)
- Move allow_access_with_scope to class level (merge request)
17.4.4 (2024-11-12)
Fixed (4 changes)
- Fix bug where car left after branch deletion GitLab Enterprise Edition
- Ensure auto_merge_enabled is set when validating merge trains GitLab Enterprise Edition
- Update pdf worker file path in pdf viewer
- Security patch upgrade alert: Only expose to admins
Security (6 changes)
- Use custom adapter for parsing FogBugz XML (merge request)
- Removed id from authorize buttons and added specs (merge request)
- HTML injection in vulnerability Code flow leads to XSS on self hosted instances (merge request)
- Remove is-unsafe-link from product analytics tables to prevent XSS (merge request)
- Details of blocking merge request can be exposed via list (merge request)
- Prevent agent access via unconfirmed or disallowed group members (merge request)
Performance (1 change)
17.4.3 (2024-10-22)
Fixed (1 change)
- Fix Zoekt global code search GitLab Enterprise Edition
Changed (1 change)
Security (2 changes)
- Fixed HTML injection in Global Search bug (merge request)
- Limit max size of manifest file upload (merge request)
17.4.2 (2024-10-09)
Fixed (1 change)
Security (8 changes)
- Do not create a pipeline on MR refresh if source branch was deleted (merge request)
- Escape OAuth application name on authorize page (merge request)
- Prevent guest access to project templates (merge request)
- Remove access to local requests via cube query service (merge request)
- External webhook token should be set (merge request)
- Skip content when listing conflict files with types (merge request)
- Hide version info from unauthorized users (merge request)
- Prevent deploy keys from pushing code to an archived project (merge request)
17.4.1 (2024-09-24)
Fixed (2 changes)
Security (3 changes)
- Implement input sanitization for SummarizeComments (merge request)
- Hide system notes with invalid references (merge request)
- Reset dependency proxy maven credentials when registry url is changed (merge request)
17.4.0 (2024-09-18)
Added (202 changes)
- Add and backfill project_id for p_ci_runner_machine_builds (merge request)
- Allow to configure K8s ns and flux resource path in API (merge request)
- Create add-on purchases when applying an offline license (merge request) GitLab Enterprise Edition
- Add Expand and Collapse all files buttons to merge requests (merge request)
- Add group scope to policy drawer (merge request) GitLab Enterprise Edition
- Add full path to expiring group token by @shangsuru (merge request)
- Add group policy scope for SPP (merge request) GitLab Enterprise Edition
- Add a batch migration to populate detumbled_email in emails table (merge request)
- Add AI vulnerability resolution badge (merge request) GitLab Enterprise Edition
- Add GraphQL fragment and queries for project security exclusions (merge request) GitLab Enterprise Edition
- Multiple artifact uploads to model registry model versions (merge request)
- Add ci_finished_pipelines_daily_mv ClickHouse materialized view (merge request)
- Bump devfile gem to 0.0.28.pre.alpha1 (merge request)
- Create add-on purchases when applying an offline license (merge request) GitLab Enterprise Edition
- Add Reachbility Coulmn to sbom occurancy (merge request) GitLab Enterprise Edition
- Audit when job token is used for authentication (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Adds audit events for self-hosted model creation (merge request)
- Bring back required instance ci template setting in database (merge request) GitLab Enterprise Edition
- Refactor Issuable reply hotkey (merge request)
- Make wiki sidebar resizable (merge request)
- Implement post-migration workflow message (merge request) GitLab Enterprise Edition
- Manage uploads API by secret and filename (merge request)
- Add new update_column_to action to Loose foreign keys (merge request)
- Add toggle for spp_repository_pipeline_access in project settings (merge request) GitLab Enterprise Edition
- Retry - add personal_namespace_id column to events (merge request)
- Add new column to events for self-managed only (merge request)
- Expose k8s ns and flux resource path in API (merge request)
- Add basic graphql resources for project security exclusions (merge request) GitLab Enterprise Edition
- Adds audit events for updating self-hosted models (merge request)
- Split AccessProbe to Access and Token probe (merge request) GitLab Enterprise Edition
- Create feature flag for controlling CVS for CS (merge request) GitLab Enterprise Edition
- Add Anthropic keys pattern to secret detection (merge request)
- Logs events for self-hosted model deletion (merge request)
- Expose abuse report notes in GraphQL endpoint (merge request)
- Make the project setting spp_repository_pipeline_access cascading (merge request) GitLab Enterprise Edition
- Add setting for projects to access SPP repository to fetch PEP configs (merge request) GitLab Enterprise Edition
- Set approval_policy_rule_id for approval rules and license policies (merge request) GitLab Enterprise Edition
- Add database columns for 7+30+60 day PAT expiry notification (merge request)
- Remove feature flag
pipeline_execution_policy_suffix (merge request) GitLab Enterprise Edition
- Show health status rollup data (merge request) GitLab Enterprise Edition
- Add linkable image to single vuln view (merge request)
- Implementation AiFeatureSettingUpdate GraphQL node (merge request) GitLab Enterprise Edition
- Add organization_id to sbom_component_versions (merge request) GitLab Enterprise Edition
- Prompt registry access for generate_issue_description (merge request) GitLab Enterprise Edition
- Add
has_vulnerability_resolution column to vulnerability_reads (merge request) GitLab Enterprise Edition
- Introduce duo pro seat assignment email for SM (merge request) GitLab Enterprise Edition
- Log authentications using CI job token (merge request)
- Logs events when changing feature config (merge request)
- Document receptive agents (merge request)
- Add bulk create or update service for add-on purchases for SaaS (merge request) GitLab Enterprise Edition
- Logs audit event for self-hosted models usage (merge request)
- Work Item rolled up count by type (merge request) GitLab Enterprise Edition
- Add webhook events for access requests by @Taucher2003 (merge request)
- Remove elastic_index_work_items ff (merge request) GitLab Enterprise Edition
- Delete Status Check (merge request) GitLab Enterprise Edition
- Add health_check rake task (merge request) GitLab Enterprise Edition
- Add not null constraint to p_ci_pipeline_variables#project_id (merge request)
- Re-queue BBM to backfill project_id for packages dependencies (merge request)
- Allow to configure cluster agent in Environments REST API (merge request)
- Add new permission for external status (merge request) GitLab Enterprise Edition
- Add Reachbility Coulmn to sbom occurancy (merge request) GitLab Enterprise Edition
- Add bulk create or update service for add-on purchases for SaaS (merge request) GitLab Enterprise Edition
- Add and backfill project_id for p_ci_pipeline_variables (merge request)
- Set project_id for existing orphaned packages dependencies (merge request)
- Adds audit events for MlModelVersion (merge request)
- Add method to move repository to namespace in API client (merge request)
- Adds audit events for ML Models (merge request)
- Expose cluster agent in Environments REST API (merge request)
- Feature to cancel machine learning artifact imports (merge request)
- Add featureFlags to GraphQL metadata field (merge request)
- Rename and add fields additional context api (merge request) GitLab Enterprise Edition
- Add Project.dependencies and Group.dependencies queries (merge request) GitLab Enterprise Edition
- Add branch rules alert on repo setting page (merge request)
- Adds CI pipeline for duo workflow execution (merge request) GitLab Enterprise Edition
- Allow projects API to receive order_by=star_count (merge request)
- GraphQL: Merge Request add field "Closed At" by @schurzi (merge request)
- Compute policy diff before persisting security policies (merge request) GitLab Enterprise Edition
- Backfill vulnerability_count background migration (merge request)
- Add EPSS field to Vulnerability type in GraphQL (merge request) GitLab Enterprise Edition
- Create Instance Integrations table (merge request)
- Added todos_vue_application feature flag by @zillemarco (merge request)
- Adding "approver" to merge request resolver (merge request) GitLab Enterprise Edition
- Release handle_vulnerability_external_issue_link_via_events feature (merge request) GitLab Enterprise Edition
- Add backticks to username mentions (merge request)
- Create database table to store group-level allowlist entries (merge request) GitLab Enterprise Edition
- Remove generic_extract_generic_package_model feature flag (merge request)
- Add prometheus metrics for scan execution policies (merge request) GitLab Enterprise Edition
- Create database table to store project-level allowlist entries (merge request) GitLab Enterprise Edition
- Add tag details to vuln list page (merge request) GitLab Enterprise Edition
- Add tracking and some ux element tweaks (merge request) GitLab Enterprise Edition
- Add managing protected branches as custom permission (merge request) GitLab Enterprise Edition
- Enable Advanced Context for Code Suggestions (merge request) GitLab Enterprise Edition
- Add API endpoint for token associations (merge request)
- Add Duo chat sub-feature to self-hosted models settings (merge request) GitLab Enterprise Edition
- Add project_id for ci_deleted_events (merge request)
- Add and backfill project_id for p_ci_job_annotations (merge request)
- Add personal_namespace_id column to events (merge request)
- Add web-commits/public-key endpoint to get signing public key (merge request)
- Add build_project_id column to p_ci_finished_build_ch_sync_events (merge request) GitLab Enterprise Edition
- Add VSA duration data series to GraphQL (merge request) GitLab Enterprise Edition
- Add gitlab:keep_around:orphaned raketask (merge request)
- Early access program group admin opt-in (merge request) GitLab Enterprise Edition
- Add static events to the workload details (merge request)
- Export detailed membership data (merge request) GitLab Enterprise Edition
- Show Progress percentage in rollup data (merge request)
- Add project level value streams dashboard (merge request) GitLab Enterprise Edition
- Add informational tooltips to AI Impact Analytics overview tiles (merge request) GitLab Enterprise Edition
- Support finding Sbom::Occurrences via dependency names (merge request) GitLab Enterprise Edition
- Add image and tag column (merge request)
- Edit branch rule status check (merge request) GitLab Enterprise Edition
- Add new status bar and pagination model (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add pipeline license count endpoint (merge request) GitLab Enterprise Edition
- Help center menu: Add privacy menu link (merge request)
- Adds
check_parent_organization_match validation (merge request)
- Add support for project traces via GraphQL (merge request) GitLab Enterprise Edition
- feat: Fix body response for error log (merge request) GitLab Enterprise Edition
- Add additional context to Duo Chat REST API (merge request) GitLab Enterprise Edition
- Add user mapping membership table and model (merge request)
- Add registry id to location (merge request) GitLab Enterprise Edition
- Add licensed filters to VSA (merge request) GitLab Enterprise Edition
- Add GQL interface for project observability logs (merge request) GitLab Enterprise Edition
- Implement REST API for cluster agent url configurations (merge request)
- Prepare the foreign keys for p_ci_pipelines (merge request)
- Release Jira Service Management feature (merge request)
- Context aware quote discussion hotkey (merge request)
- Index p_ci_finished_pipeline_ch_sync_events table (merge request)
- Add WorkItemBulkUpdate mutation (merge request)
- Enable auto merge of Merge Requests (merge request) GitLab Enterprise Edition
- Adds duo workflow events and metrics (merge request) GitLab Enterprise Edition
- Create partitioned table p_ci_pipelines and attach first partition (merge request)
- Allow labels search by exact title (merge request)
- Add upload zone (merge request)
- Remove FF: bulk_add_on_assignment_refresh_worker (merge request) GitLab Enterprise Edition
- Support for editing the model version description in the model registry (merge request)
- Add and backfill project_id for ci_job_variables (merge request)
- Add frontend support for markdown in ML Model Versions (merge request)
- Update AliasResolver to work with versions (merge request)
- Implement REST API for cluster agent url configurations (merge request)
- Show Terms of Service and Privacy Policy entry within Help if defined by @bufferoverflow (merge request)
- Ingest component licenses from CycloneDX SBOMs (merge request)
- Audit topic changes on projects (merge request) GitLab Enterprise Edition
- Add official CycloneDX 1.6 JSON schema (merge request)
- Implement internal REST API for receptive agents (merge request)
- Add API endpoint for bulk usage_data sending (merge request)
- Allow to fetch related items on VSA GraphQL query (merge request) GitLab Enterprise Edition
- Add Export Subscription History button to Usage Quotas Page (merge request) GitLab Enterprise Edition
- Fix pipeline error when invalid CI and using PEP (merge request) GitLab Enterprise Edition
- Display when locked account email verification code was sent (merge request)
- Notify on assignment rejection (merge request)
- Enable Direct Transfer UI when override flag is set (merge request)
- Add resend hook event api by @lifez (merge request)
- Add REST API invited groups in a group (merge request)
- Add project view to pages usage quotas (merge request) GitLab Enterprise Edition
- Add branch rules status check (merge request) GitLab Enterprise Edition
- Allow linking work items to a new work item via GraphQL (merge request)
- Prepare async partitioning constraint for ci_pipelines (merge request)
- Create ci_finished_pipelines_daily ClickHouse tables (merge request)
- Add
archived argument to projects GraphQL query (merge request)
- Set the detumble_email attribute before saving emails (merge request)
- This MR adds group policy scope (merge request) GitLab Enterprise Edition
- Add async destruction of billable members (merge request) GitLab Enterprise Edition
- Add reassignment error to Import::SourceUser (merge request)
- Link issue to metric on creation (merge request) GitLab Enterprise Edition
- Add table to store O11y trace-details when creating linked issues (merge request) GitLab Enterprise Edition
- Add published_by to CI Catalog Resource Version (merge request)
- Add endpoint with standard roles and members count for groups (merge request) GitLab Enterprise Edition
- Add GraphQL interface for linked metrics for issues (merge request) GitLab Enterprise Edition
- Release Admin Runners custom ability (merge request) GitLab Enterprise Edition
- Convert checklist item to child item in work items (merge request)
- Update GitLab Pages version (merge request)
- Exposed target path and access request data on todo GraphQL type by @zillemarco (merge request)
- Add end tutorial button to learn gitlab (merge request) GitLab Enterprise Edition
- Add Whats New section to DuoProDiscover page (merge request) GitLab Enterprise Edition
- Link issue to metric on creation (merge request) GitLab Enterprise Edition
- Support for editing the model description in the model registry (merge request)
- Add a user preference for enabling the DPoP feature per User (merge request)
- Add table to store O11y log-details when creating linked issues (merge request) GitLab Enterprise Edition
- Add backend support for markdown in ML Model Versions (merge request)
- Append year to date column headers in AI Impact table (merge request) GitLab Enterprise Edition
- Add org to sbom_components (merge request) GitLab Enterprise Edition
- Add migration to backfill project_id for packages dependencies (merge request)
- Feat: manual variables tab frontend part 2 (merge request)
- Add sharding key for personal access tokens (merge request)
- Replace gl-form-text with equivalents (merge request) GitLab Enterprise Edition
- Add migrations for import placeholder user limits (merge request)
- Add application setting for enabling receptive cluster agents (merge request)
- Add additional context to Duo Chat (merge request) GitLab Enterprise Edition
- Add Whats New section to DuoProDiscover page ... (merge request) GitLab Enterprise Edition
- Send Arkose truth data when auto-banning users (merge request)
- Add cached markdown fields to ML ModelVersion (merge request)
- Parse deprecatedProperties for SEP and add banner for custom scan (merge request) GitLab Enterprise Edition
- Validate FK for ci_pipelines.auto_canceled_by_id (merge request)
- Support for editing the model description in the GitLab model registry (merge request)
- Protected containers: Add DELETE REST API for container protection rules by @nwittstruck (merge request)
- Allow groups to disable password authentication for enterprise users (merge request) GitLab Enterprise Edition
- Add Idempotency-Key header to Webhooks by @van.m.anderson (merge request)
- Add helpers (un)prepare_partitioned_async_check_constraint_validation (merge request)
- Expose root_storage_statistics in REST API for top level groups by @nwittstruck (merge request)
- Validate FK for p_ci_builds.upstream_pipeline_id (merge request)
- Add
archived argument to projects GraphQL query (merge request)
Fixed (187 changes)
- Ensure that the titles of collapsed board lists are aligned (merge request)
- Remove unnecessary association validation (merge request) GitLab Enterprise Edition
- Restore backup log file (merge request)
- Preserve leading spaces in code (merge request)
- Add loading and empty state in commit refs (merge request)
- Fix timeline content dark mode rendering (merge request)
- Fix alignment of legacy system notes (merge request)
- Fix theme color theme highlighting (merge request)
- Applying Patch for Checkin (merge request)
- Fix broken docs link for container scanning (merge request)
- Fix ci_deleted_objects#pick_up_at (merge request)
- Make sure explain code button doesn't overlap sticky headers and nav (merge request) GitLab Enterprise Edition
- Fix admin user can create top level group UI (merge request)
- Set cron source to
schedule to ensure clean up on load (merge request)
- Use Gitaly::ListCommitsRequest in network graph to include tags (merge request)
- Initial checkin fix for adding back experiments (merge request)
- Do CommitTrailersFilter before ref filters (merge request)
- Avoid multiple submit of work item comment (merge request)
- Fix Issue entity undefined method `namespace' for nil:NilClass (merge request) GitLab Enterprise Edition
- Fix conflicts warning on work item description (merge request)
- Fix CI Catalog component table layout (merge request)
- Fix anthropic client to handle nil response (merge request) GitLab Enterprise Edition
- Ignore negative index policies and rules for security policies (merge request) GitLab Enterprise Edition
- Ensure file title wraps on merge conflict resolver screen (merge request)
- Update regex to capture edge cases (merge request)
- Handle a slow query for CodeNavigationPath (merge request)
- Remove extra avatar on image diff comments (merge request)
- Fix start and due dates widget when work item has a dates source (merge request)
- Use keyword_init: true in gitaly server.rb struct (merge request)
- Prevent footnote OL from being reorderable (merge request)
- Fix Duo for CLI policy to check instance setting for SM (merge request) GitLab Enterprise Edition
- Fix list item click event on the group-level Analytics Dashboards page (merge request) GitLab Enterprise Edition
- Fix leading of CiIcon text and make sure it is vertically centered (merge request)
- Remove gradient line at beginning and end of activity (merge request)
- Vulnerability: bugfix of add issues form disappearing (merge request)
- Fix deploy key truncation issue in drawer (merge request)
- Check if project is public before setting cache control to true (merge request)
- Show new notification button in work item sticky header when flag is on (merge request)
- Skip the indexing when the zoekt_repository is in failed state (merge request) GitLab Enterprise Edition
- Fix import of pipelines with negative duration to ClickHouse (merge request)
- Fixes logic to set labels filter base path (merge request)
- Fix layout of Comment type dropdown for small viewports (merge request)
- Fix disabled job action state (merge request)
- Create missing NPM metadata when package is deprecated (merge request)
- Update merge request overview tab changes count to use merge head (merge request)
- Fix overflow issues in branch rule deploy keys (merge request)
- Fix description issues with custom roles (merge request)
- Fixes create workflow param (merge request) GitLab Enterprise Edition
- Add search by parents for group links (merge request)
- Initial checkin for checkbox fix (merge request) GitLab Enterprise Edition
- Project, group description: highlighted-text style by @santigl (merge request)
- Fix layout of suggestion management buttons on mobile (merge request)
- Fix flaky specs for creating a work item with linked items (merge request)
- Fix reference serialization in RTE (merge request)
- Flush internal_id records on unique violations (merge request)
- Initial checkin of experiments setting fix (merge request) GitLab Enterprise Edition
- Prevent award tooltip being cut off in modals (merge request)
- Fix JobInjector error when stage does not exist for some jobs (merge request) GitLab Enterprise Edition
- Update Access data on sync even if data didn’t changed (merge request) GitLab Enterprise Edition
- Fix inputs in pipeline schedule ui not resizeable by @wilsonpinto (merge request)
- Reject OmniAuth sign in when email is too long (merge request)
- Add :clean_gitlab_redis_cache to server_spec.rb (merge request)
- Cover all scenarios when determining whether chid is within parent epic (merge request) GitLab Enterprise Edition
- Reduce workItemNotesByIid query complexity (merge request)
- Add default background color to timeline avatars (merge request)
- Do not update descriptionHtml if details blocks are changed (merge request)
- Fix missing
ci_cd_settings relation on project creation (merge request)
- GraphQL: Fix empty successful pipeline analytics (merge request)
- Mirror behavior of issuable header status in sticky header status (merge request)
- Remove derisk feature flag after rollout (merge request)
- Fix total issues chart (merge request) GitLab Enterprise Edition
- Blame: Fix text overflow and use small text (merge request)
- Fix sidebar flyout menu closing before cursor can reach it (merge request)
- Fix blame for sha256 repositories (merge request)
- Conditionally expose member's is using seat info (merge request) GitLab Enterprise Edition
- Group label events in deterministic order (merge request)
- Display exhaustive Licensee license list (merge request)
- Handle membership access requests for indirect members (merge request)
- Refactor IngestReportsService with execute strategy (merge request) GitLab Enterprise Edition
- Update schema processing for policy editor (merge request)
- Fix draft replies on regular comments on MR overview tab (merge request)
- Fix alignment of items in performance bar (merge request)
- Fix background avatar color and border on draft notes (merge request)
- Pages unique domain url update (merge request)
- Stop using kilobyte conversion for max highlight file size (merge request)
- Re-enable hand raise lead for SaaS usage quota page duo (merge request) GitLab Enterprise Edition
- Adjust background migration to new schema (merge request)
- Timeline avatars: Add default bg (merge request)
- Fix multiline discussion alignment (merge request)
- Fix 500 when passing non-string to inputs:regex (merge request)
- Fix group-level vulnerabilities GraphQL performance issue (merge request) GitLab Enterprise Edition
- Expand deeplinked resolved thread (merge request)
- Fixes link formatting in Matrix integration (merge request)
- Fix usage overview visualization flex layout (merge request) GitLab Enterprise Edition
- Fix issue where user could not assign runner to a project (merge request)
- Admin Code Suggestions - Add default injections (merge request) GitLab Enterprise Edition
- Fix line height of CI status badge in job header (merge request)
- Rescue TarInvalidError when uploading npm packages (merge request)
- Fix 403 error in external status endpoint for admin user (merge request) GitLab Enterprise Edition
- Fix undesired wrapping issue on related items attributes in Safari (merge request)
- Reset notification email to default when used email got deleted (merge request)
- Fix bug with label_name search filter (merge request) GitLab Enterprise Edition
- Shift anchor icon to the left for headers inside a summary tag (merge request)
- Personal access tokens: Open form if url params are set (merge request)
- Use current user instead of @user (merge request) GitLab Enterprise Edition
- Add markdown live preview test & fix mermaid graph not rendering on load (merge request)
- Fix size of comment counter badge (merge request)
- Trigger workItemUpdated subscription when related MR is updated (merge request)
- Fix 500 error when deleting pending user invite (merge request) GitLab Enterprise Edition
- Add payload errors in status check services (merge request) GitLab Enterprise Edition
- Fix previous/next button styles for date picker in dark mode (merge request)
- Fix synced attrs when creating linked LDAP user (merge request)
- Use LFS transformer to create a pointer (merge request)
- Fix missing milestone change system notes (merge request)
- Fix Duo Chat documentation question irrelevant ref (merge request) GitLab Enterprise Edition
- Override pushrule for security policy project (merge request) GitLab Enterprise Edition
- Check only top-level groups on sign-up form endpoint (merge request)
- Provide epics list path for labels in work item sidebar (merge request) GitLab Enterprise Edition
- Order on organizations table (merge request)
- Protect against a nil security_setting (merge request) GitLab Enterprise Edition
- Fix api_token update bug for self-hosted form (merge request)
- Change additional context to use indiff access (merge request) GitLab Enterprise Edition
- Adds a guard against missing projects in todos (merge request)
- Fix alignment of description diff history delete button (merge request)
- Show Coverage-Check rule on MR settings (merge request) GitLab Enterprise Edition
- Remove nil content from Duo Chat message history (merge request) GitLab Enterprise Edition
- Web IDE update URL when ref changes (merge request)
- Fix icon and alignment of weight widget in sidebar when locked (merge request) GitLab Enterprise Edition
- Fix issue when resizing images in RTE (merge request)
- Disable pipeline must succeed setting for security policy project (merge request) GitLab Enterprise Edition
- Fix sticky header on work items and legacy issuables (merge request)
- Asana integration: only close Asana task if closing keyword is followed by asana taskId identifier by @ivaneG (merge request)
- Fix icon and alignment of epic widget in sidebar when locked (merge request) GitLab Enterprise Edition
- Fix Git HTTP redirects not working with query parameter (merge request)
- Ensure discussion reply for linked comments has correct top padding (merge request)
- Fix gap between buttons in vulnerability report header (merge request) GitLab Enterprise Edition
- Require approvals for missing policy scans without target pipeline (merge request) GitLab Enterprise Edition
- MR header: Fix tooltip of copy branch name (merge request)
- Use default number of participants in work item sidebar widget (merge request)
- Work items: Fix huge gap when not yet edited (merge request)
- Deleted
vulnerability_remediations leave behind uploads records (merge request) GitLab Enterprise Edition
- Fix vulnerability report page activity docs (merge request) GitLab Enterprise Edition
- Author badges: Migrate non compliant badges (merge request)
- Fix a double-slash URL problem when MR URL ends with a trailing slash by @yasuk (merge request)
- Fix admin_mode enforcement in AdjournedGroupDeletionWorker (merge request) GitLab Enterprise Edition
- Fix Go Back functionality for duo pro access denied (merge request) GitLab Enterprise Edition
- Fix NoMethodError for blame (merge request)
- Always target correct pipeline for cancel (merge request)
- Fix the bug that replica respect zoekt_enabled_namespace search (merge request) GitLab Enterprise Edition
- Do not check for permissions when syncing children reordering (merge request) GitLab Enterprise Edition
- Fix timeout when checking group dependencies (merge request) GitLab Enterprise Edition
- Workhorse: fix unix socket path too long (merge request)
- Ensure levels is an array (merge request)
- Fix: Geo Replication Details incorrectly empty (merge request) GitLab Enterprise Edition
- Branch rule details: Fix spacing and make count optional (merge request)
- Fix vulnerabilities related issues widget (merge request) GitLab Enterprise Edition
- Update ee mutations specs (merge request)
- Load Participants seperately to speed up page load (merge request)
- Fix 'e' shortcut triggering unexpected edits by @salihudickson (merge request)
- Turn NotFound from Gitaly into 404 for InfoRefs (merge request)
- Fix audit flow when audit_log feature is disabled (merge request)
- Set project_id when deploy tokens are created for Auto DevOps (merge request)
- Fix selected emoji award button style (merge request)
- Remove invalid parents from the Commit object (merge request)
- Fix "Variable $refType of type RefType was provided invalid value" (merge request)
- Fix "continue editing" sticky header z-index (merge request)
- Update GitLab version in DELETE REST API docs for protected containers by @nwittstruck (merge request)
- Fix license check for reordering work items (merge request) GitLab Enterprise Edition
- Fix upgrading to versions > 17.0 without upgrading to 17.0 first (merge request)
- Fix inherited source filter for Pipeline execution policies (merge request) GitLab Enterprise Edition
- Fix loading child items that are also related (merge request)
- Update GitLab release version in Group REST API docs by @nwittstruck (merge request)
- Remove old finder not needed (merge request) GitLab Enterprise Edition
- Fix work item description quick actions (merge request)
- Update shortcut hint in the UI (merge request)
- Update graphql specs in prep for update (merge request)
- Update container scanning for registry docs link (merge request)
- Fix show SAML session expiration modal (merge request)
- Add GLFM support in single editor preview (merge request)
- Avoid errors from Analytics::DateFiller (merge request)
- Encode special characters in find file search (merge request)
- Remove rules_exist_expand_globs_early feature flag (merge request)
- Return 404 error when
ref_type + ref combination is incorrect (merge request)
- Migrate
.bold to .gl-font-bold in HAML files (merge request)
- Allow to edit files from a commit or tag with WebIDE (merge request)
- Ensure service accounts for GitLab.com groups restricted during trial (merge request) GitLab Enterprise Edition
- Display newline changes in description diff (merge request)
Changed (249 changes)
- Remove dast tables allow cross-joins (merge request) GitLab Enterprise Edition
- Add dynamic concurrency limit for create pipeline worker (merge request) GitLab Enterprise Edition
- Adjust error message on project not found for CI_JOB_TOKEN requests (merge request)
- Allow reporter+ to read analytics dashboards (merge request) GitLab Enterprise Edition
- Do not expire direct memberships in subgroups and projects by @nwittstruck (merge request)
- Add border to board card (merge request)
- Add dropdown popover for empty state (merge request) GitLab Enterprise Edition
- Enable summarize_notes_with_duo by default (merge request)
- Update dependency auto-deploy-image to v2.104.0 (merge request)
- Vulnerability Report: fix Jira error handling (merge request) GitLab Enterprise Edition
- Update @gitlab/web-ide package version (merge request)
- Lighten block quote shadow color in dark mode (merge request)
- Truncate p_ci_finished_build_ch_sync_events if ClickHouse unconfigured (merge request) GitLab Enterprise Edition
- Handle orphaned zoekt indices (merge request) GitLab Enterprise Edition
- Handle orphaned zoekt indices (merge request) GitLab Enterprise Edition
- Don't always set X-Gitlab-Duo-Seat-Count (merge request) GitLab Enterprise Edition
- Migrate "Abuse reports" empty result page to EmptyResult component (merge request)
- Remove allow_cross_joins_across_databases (merge request) GitLab Enterprise Edition
- Prefill policy editor using compliance pipelines migration params (merge request) GitLab Enterprise Edition
- Set vulnerability_mr_links project id to lfk (merge request) GitLab Enterprise Edition
- Update Container Registry cleanup policies time format (merge request)
- Added missing translations from GitLab UI (merge request)
- Transition dast_pre_scan_verifications to gitlab_sec (merge request) GitLab Enterprise Edition
- Deprecate legacy Geo Prometheus repository checks metrics (merge request) GitLab Enterprise Edition
- Remove legacy zoekt index code paths (merge request) GitLab Enterprise Edition
- Use small font for resolved text (merge request)
- Update fog-aws to v3.26.0 (merge request)
- This MR adds linked items dropdown (merge request) GitLab Enterprise Edition
- Remove superfluous HTML length validation refs (merge request)
- Stop tracking noisy InvalidConstraintError in sentry (merge request)
- Update UI docs links in CI files (merge request)
- Transition dast_profiles_pipelines to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Backfill
pipeline.project_id to dependency_list_export.project_id (merge request)
- Invert and Disable temporarily DocumentationLinks (merge request)
- Remove default organization_id from PAT (merge request)
- Delete inactive groups and projects access tokens after 30 days (merge request)
- Deprecate compliance-pipeline fields in graphql (merge request) GitLab Enterprise Edition
- Remove default value from raw_usage_data table (merge request)
- AI impact analytics: Rename
Duo seats: Assigned and used panel (merge request) GitLab Enterprise Edition
- Prevent line height from being forced into tabs (merge request)
- Extract RewriteHistory logic into a service (merge request) GitLab Enterprise Edition
- Allow for attachments in Model and Model Version descriptions (merge request)
- Update @gitlab/web-ide package version (merge request)
- Allow Conainer-Scanning to scan multiple containers in a pipeline by @Valkhof (merge request)
- Enable callers of client.tags for self-managed (merge request)
- Remove -v2 from all system note classes (merge request)
- Add support for WorkItem embeddings (merge request) GitLab Enterprise Edition
- Deprecate non-nullable
target field on Todo type (merge request)
- Limit value streams max size to prevent timeouts (merge request)
- Diff threads: Align toggle function with regular threads (merge request)
- Remove unused profile CSS, make activity line darker (merge request)
- Update fog-aws to v3.25.0 (merge request)
- Add organization id to topics (merge request)
- Update dependency auto-deploy-image to v2.103.0 (merge request)
- Simplify container registry feature spec by @sahilsarawagi (merge request)
- Added support for skip_authorization (merge request) GitLab Enterprise Edition
- This MR adds linked items dropdown (merge request) GitLab Enterprise Edition
- Update Topic empty states (merge request)
- Add requested changes and merge to relevant MR activity filters (merge request)
- Clarify when approval policy targets unprotected default branch (merge request) GitLab Enterprise Edition
- Transition dast_site_profile_secret_variables to gitlab_sec (merge request) GitLab Enterprise Edition
- Implement checking ref when rendering CI Config blob page (merge request)
- Concurrency limit: allow pausing workers (merge request)
- Migrate linked resources to Crud (merge request)
- Remove sharding_key_config for ml_candidate_ (merge request)
- Adjust DeployKeyItem to data it should receive (merge request)
- Move timezone selection position in the pipeline schedule form by @wilsonpinto (merge request)
- Limit scan execution policy actions to 8 (merge request) GitLab Enterprise Edition
- UI polish the GitLab Duo cards (merge request) GitLab Enterprise Edition
- Guard editing of branch protection (merge request)
- MR widget: Use regular chevron icons (merge request)
- Update GitLab Workhorse to AWS SDK for Go v2 (merge request)
- Add slim health status mode (merge request) GitLab Enterprise Edition
- Add callout in the admin area about OpenSSL v3 (merge request)
- Hide health status on child items when closed (merge request) GitLab Enterprise Edition
- Translate severity count limit (merge request) GitLab Enterprise Edition
- Fix design inconsistencies in work items child/linked widget item metadata (merge request)
- Add cached markdown fields for Model Registry (merge request)
- Resend email verification code if the current code has expired (merge request)
- Add optional ref parameter to Contributors API endpoint (merge request)
- Use white bg for light highlight theme gutter (merge request)
- Avatar: Refactor to use gl-avatar (merge request)
- Jira Cloud app only editable via API when active (merge request)
- Increase model registry description text limits (merge request)
- Updating features to be uppercase (merge request) GitLab Enterprise Edition
- refactor conan api to have V1 version by @ScanianJP (merge request) GitLab Enterprise Edition
- Exclude add-on purchases from active that are expiring today (merge request) GitLab Enterprise Edition
- Update container scanning for registry config (merge request) GitLab Enterprise Edition
- Remember user preference for showing labels on work item widgets (merge request)
- Validate and replace the fk referencing p_ci_pipelines (merge request)
- Add priority_searchable concern to select search type (merge request) GitLab Enterprise Edition
- Use more info for license add-on provisioning (merge request) GitLab Enterprise Edition
- Remove
security_report_schemas_rubygem feature flag (merge request)
- Add zoekt_cpu_to_tasks_ratio to Zoekt (merge request) GitLab Enterprise Edition
- Transition dast_site_profiles to gitlab_sec (merge request) GitLab Enterprise Edition
- Handle issue references when project is nil (merge request) GitLab Enterprise Edition
- Remove description and diff from descriptionVersion (merge request)
- Improve GQL query for fetching groups and projects (merge request)
- Seperates banners from alerts (merge request)
- Move shared note styles into new file (merge request)
- Increase default child items batch size to 50 (merge request)
- Don't show Terms and privacy on SaaS (merge request)
- Adjust private vizibility description (merge request)
- Expose ETag header of API requests to XHR requests (merge request)
- Add missing variables to Policy Editor UI (merge request) GitLab Enterprise Edition
- Add illustration to search result empty state by @jimender2 (merge request)
- Updating feature name to be uppercase (merge request)
- This MR adds link option (merge request) GitLab Enterprise Edition
- This MR updates wording for group policy scope (merge request) GitLab Enterprise Edition
- It raises an error on migration exhaustion (merge request)
- Add priority_searchable concern to select search type (merge request) GitLab Enterprise Edition
- Avoid gitaly calls when evaluating
exists conditional (merge request)
- Migrate explain_vulnerability to AIGW (merge request) GitLab Enterprise Edition
- Rollout the zoekt_tasks_processing_state FF (merge request) GitLab Enterprise Edition
- Cleanup the duo_pro_trial_expired_widget ff (merge request) GitLab Enterprise Edition
- Set vulnerability_mr_links project id to lfk (merge request) GitLab Enterprise Edition
- Decompose vulnerability_occurrence_identifiers to gitlab_sec (merge request) GitLab Enterprise Edition
- Add group scope option for policy drawer (merge request) GitLab Enterprise Edition
- Notes: Change visual order of replies (merge request)
- Change button appearance (merge request) GitLab Enterprise Edition
- Refactor draft notes CSS (merge request)
- Legacy license support for GitLab Duo (merge request) GitLab Enterprise Edition
- Allow files with spaces in their names for model registry (merge request)
- Adds filter empty state to milestone list (merge request)
- Decouple OccurrencesVulnerabilities & vulnerability_finding_pipeline (merge request) GitLab Enterprise Edition
- Update job item styling (merge request)
- Migrate remote_development_agent_configs table (merge request)
- GraphQL: Update merge train fields (merge request) GitLab Enterprise Edition
- Update fog-aws to v3.24.0 (merge request)
- Add migration to backfill project_id to security_scans (merge request)
- Remove expensive guard clause for callout reset (merge request) GitLab Enterprise Edition
- Update gpgme to v2.0.24 (merge request)
- Deploy keys: Migrate empty state (merge request)
- Current user: Change text color to orange to match system notes (merge request)
- Decompose vulnerability_remediations to gitlab_sec (merge request) GitLab Enterprise Edition
- Enable GraphQL Pipeline Security Tab by default (merge request) GitLab Enterprise Edition
- Swap out container scanning for registry card (merge request)
- Match the order from REST stage api to GQL stage api (merge request)
- Transition dast_site_profiles_builds to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Support expected_old_oid in user_commit_files (merge request)
- Add frontend validations for seat controls user cap option (merge request) GitLab Enterprise Edition
- Revert "Improve GQL query for fetching groups and projects" (merge request)
- Scope i18n strings that are incorrectly unscoped by @JonstonChan (merge request)
- This MR fixes layout issues (merge request) GitLab Enterprise Edition
- Enable post_receive_sync_refresh_cache feature flag by default (merge request)
- Restrict zoekt indices from having cascade deletes (merge request)
- Decompose vulnerability_occurrence pipelines (merge request) GitLab Enterprise Edition
- Remove unused DESCRIPTION_HTML_LENGTH_MAX (merge request)
- GitLab Duo Health Check - Collapsable status (merge request) GitLab Enterprise Edition
- Set detumbled_email address before saving emails (merge request)
- Remove legend values from DORA Performers Score chart (merge request) GitLab Enterprise Edition
- Cleanup bigint conversions for packages_build_infos (merge request)
- Secondary email removal: Use tertiary button with trash icon (merge request)
- Broaden the scope of lazyLoader (merge request)
- Rollout focusin feature in Dropdowns (merge request)
- Refactor CI Icons to be independent from GlBadge (merge request)
- Fix Layout/SpaceInLambdaLiteral offenses by @JonstonChan (merge request)
- Add loading row to pipelines table (merge request)
- Emphasize highlights that have vulnerabilities (merge request) GitLab Enterprise Edition
- Update design for vulnerability groups (merge request) GitLab Enterprise Edition
- Added unique index to import_source_users (merge request)
- Adds support for permalinks from description in Work Items (merge request)
- Decreases lock timeout for sliding list partition strategy (merge request)
- Use new CSS file for work items system notes (merge request)
- Update schema to classify clusterwide table (merge request)
- Rewrite system note CSS (merge request)
- Remove search_query_milestone_builder feature flag (merge request) GitLab Enterprise Edition
- Update duo pro docs for GDK setup (merge request)
- Migrate Operations dashboard cards (merge request)
- Change model used in git_command LLM endpoint (merge request) GitLab Enterprise Edition
- Rollout FF packages_dependency_proxy_pass_token_to_policy (merge request)
- Improve source column of membership table (merge request)
- Subscription table: Migrate to Crud (merge request) GitLab Enterprise Edition
- Allow configuring Duo Workflow Service URL in config/gitlab.yml (merge request)
- Modifying summarize tool to use claude 3 (merge request) GitLab Enterprise Edition
- Makes dashboard titles more general (merge request)
- Merge branch... (merge request)
- MS Teams update MessageCard format to adaptive by @ivaneG (merge request)
- Transition dast_site_s to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Hide Reset if integration not manually enabled (merge request)
- Secrets table: Migrate to Crud (merge request) GitLab Enterprise Edition
- Migrate WriteTests tool (merge request) GitLab Enterprise Edition
- Display current user's username in email verification page (merge request)
- Fix date flex wrapper for smaller breakpoints (merge request)
- Update labelling of empty MR approval rules (merge request) GitLab Enterprise Edition
- Add post trial ctas to duo pro usage tab (merge request) GitLab Enterprise Edition
- Tabs: Active item badge adjustment (merge request)
- Zoekt: Switch to tasks API by default (merge request) GitLab Enterprise Edition
- Swap primary key for ci_pipelines to include partition_id (merge request)
- Remove zoekt_new_concurrency_limit_logic FF (merge request) GitLab Enterprise Edition
- Read security report schemas from RubyGem (merge request)
- Add multiple frameworks filter (merge request) GitLab Enterprise Edition
- Add zoekt processing queue monitoring metric (merge request) GitLab Enterprise Edition
- Remove explain_vulnerability_tool feature flag (merge request) GitLab Enterprise Edition
- Configure LFK for vulnerability_statistics.project_id (merge request) GitLab Enterprise Edition
- Update code generation libraries prompt (merge request)
- Enable web_ide_oauth flag by default (merge request)
- Set vulnerability_finding_evidences to
gitlab_sec schema (merge request) GitLab Enterprise Edition
- Update GitLab Duo Chat icon (merge request) GitLab Enterprise Edition
- Remove activity border in work items (merge request)
- Allow changing child items batch size via query param (merge request)
- Split subtitle logic on GitLab Duo page (merge request) GitLab Enterprise Edition
- Filtering projects by all compliance frameworks (merge request) GitLab Enterprise Edition
- Replace work_item_iid query param with show (merge request)
- Update dependency auto-deploy-image to v2.102.0 (merge request)
- Adjust model names to map the exact model names (merge request) GitLab Enterprise Edition
- Change style and text of primary button in pipeline edit modal (merge request)
- feat: Set vulnerability_scanners to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Remove extra whitespace after placeholder in i18n text (merge request) GitLab Enterprise Edition
- Remove v12p1 elastic files (merge request) GitLab Enterprise Edition
- Clear new_user_signups_cap when seat_control is not user_cap (merge request) GitLab Enterprise Edition
- Update super sidebar theme styles (merge request)
- Migrate RefactorCode tool to AIGW (merge request) GitLab Enterprise Edition
- Send language server version in AI gateway requests (merge request) GitLab Enterprise Edition
- Remove feature flag locked_lfs_files_mergeability_check (merge request)
- Update self-managed product analytics onboarding flow (merge request) GitLab Enterprise Edition
- Related issues: Migrate to use crud component (merge request)
- Update CI_JOB_TOKEN error message on git repository requests (merge request)
- Moved epic assignees to work_items_beta FF (merge request) GitLab Enterprise Edition
- Requeue resolve vulnerabilities migration (merge request)
- Update dependency auto-deploy-image to v2.101.0 (merge request)
- This MR fixes initial user selection (merge request) GitLab Enterprise Edition
- PA UX Papercuts 17.4 (merge request)
- Mass permit expected foreign keys during decomposition process (merge request)
- Set vulnerability_finding_signatures schema to gitlab_sec (merge request) GitLab Enterprise Edition
- Move framework button to the top (merge request) GitLab Enterprise Edition
- Add View Details button to the popup (merge request) GitLab Enterprise Edition
- Use /epics path for epic work items (merge request) GitLab Enterprise Edition
- Add up and down votes to the work items list page (merge request)
- Remove ignore rules related to loose FKs for ci_pipelines (merge request)
- Use
Months layout and This year timeframe for scoped roadmap (merge request) GitLab Enterprise Edition
- Transition sbom_occurrences to the gitlab_sec schema (merge request) GitLab Enterprise Edition
- Adding not-null constraint on project_id for ci_pipelines (merge request)
- Switch Group Settings UI from User Cap to Seat Controls (merge request) GitLab Enterprise Edition
- Removing experimental RCA feature (merge request) GitLab Enterprise Edition
- Unbox Duo seat assignment (merge request) GitLab Enterprise Edition
- Use quarters layout and three years timeframe for scoped roadmap (merge request) GitLab Enterprise Edition
- Remove new-card classes from other instances (merge request)
- Add clone dashboard to analytics dashboards (merge request) GitLab Enterprise Edition
- Parse host and port from service URL (merge request) GitLab Enterprise Edition
- Allow environment alerts to display alerts from any source (merge request)
- Update json schema validator to return meaningful error messages (merge request)
- Enable the submit button after create access token (merge request)
- Add permission to cloudConnectorStatus GQL call (merge request) GitLab Enterprise Edition
- Avatar component: Update to use new design tokens for text (merge request)
- Align position and styling of general settings on group and project by @antonkalmykov (merge request) GitLab Enterprise Edition
- Allow Redis password to be specified in Workhorse URL (merge request)
- Migrate milestone labels GlCard to CrudComponent (merge request)
- Update dependency ai-gateway to v1.15.0 (merge request)
Deprecated (3 changes)
- Initial checkin for removing duo experimental settings (merge request) GitLab Enterprise Edition
- Include deprecation for owasp 2017 GraphQL argument values (merge request) GitLab Enterprise Edition
- Drop the following claude instant model (merge request) GitLab Enterprise Edition
Removed (43 changes)
- Remove needs tab (merge request)
- Remove confidence usage from Vulnerabilities::Finding (merge request) GitLab Enterprise Edition
- Removes finalize_after key from BBM dictionary (merge request)
- Chore: drop vertex_gitlab_docs db (merge request) GitLab Enterprise Edition
- Initial checkin of duo group settings FF removal (merge request)
- Remove Non DUO Chat explain vulnerability code (merge request) GitLab Enterprise Edition
- Remove ignore_columns for CommitStatus (merge request)
- Drop old upcoming_reconciliations endpoint (merge request) GitLab Enterprise Edition
- Remove deprecated getAddOnPurchase query (merge request) GitLab Enterprise Edition
- Remove explain this vulnerability section (merge request) GitLab Enterprise Edition
- Remove FF resolve_vulnerability_ai (merge request) GitLab Enterprise Edition
- Remove exclusive lock when updating statistics (merge request)
- Remove grafana embed and integration metrics (merge request)
- Remove elasticsearch call during initialize (merge request) GitLab Enterprise Edition
- Drop all deprecated metrics category tables (merge request)
- Remove job log from failed job widget (merge request)
- Ban AI remove Duo Admin Settings FF (merge request)
- Initial checkin of removal of duo project FF (merge request)
- removal: Feature flag controller_static_context removed (merge request)
- Ignore metadata settings fields in Metadatum by @oceane_scania (merge request)
- Remove getters setters user_preference (merge request)
- Removes reset_seat_banner_callouts feature flag (merge request) GitLab Enterprise Edition
- Cleanup legacy routes (merge request)
- Remove redundant index (merge request)
- Removes old/finalized batched background migration (merge request) GitLab Enterprise Edition
- Feat: remove vertex embeddings database (merge request) GitLab Enterprise Edition
- GraphQL: Remove deprecated values from CiRunnerStatus (merge request)
- Drop table ci_platform_metrics and model CiPlatformMetric (merge request)
- Remove async_merge_request_pipeline_creation (merge request)
- Remove pre_receive_secret_detection_beta_release feature flag (merge request) GitLab Enterprise Edition
- Remove data gathering of 2 obsolete AI events (merge request) GitLab Enterprise Edition
- Remove
vulnerability_reads indices using namespace_id (merge request)
- Remove bs-callout css (merge request)
- Remove duplicate index index_sbom_component_versions_on_component_id (merge request)
- Remove cloud_connector_status FF (merge request) GitLab Enterprise Edition
- Remove Resolve Vulnerability Vertex prompt (merge request) GitLab Enterprise Edition
- Remove Ci::PartitioningIdAnalyzer (merge request)
- Remove the unused FKs referencing ci_pipelines (merge request)
- Remove duplicate vulnerability management indices (merge request)
- Remove
explain_vulnerability_anthropic flag (merge request)
- Remove ignored
help_text and sign_in_text (merge request)
- Remove
project_level_sbom_occurrences feature flag (merge request) GitLab Enterprise Edition
- Delete the
blame_page_pagination feature flag (merge request)
Security (23 changes)
- Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos' into 'master'"
- Fix external wiki integration DoS by changing request to HEAD
- Redirect url in the link validated for being external
- Strip out Set-Cookie header from dependencyproxy auth response
- Fix open redirect due to additional slash added
- Prevent code injection in Product Analytics funnels YAML
- Add permissions check to project creations from a project template
- Fix the vulnerability in the glm_source parameter
- Fix credentials disclosure in mirroring failure
- Improve GraphQL log security
- Update edit permissions for DAST profiles
- Prevent users with admin_group_member custom ab. to manage custom roles
- Execute environment stop actions as the owner of the action
- Commit information visible through release atom endpoint for guest users
- Group Developers can view group runners
- Fixed frontend regex to parse URI
- Use session instead of params for identity linking
- Enforce Pipeline execution policy variables for template rules
- Restrict IPs for packages dependency proxy
- IP restriction to prevent all group permissions
- Do not run pipelines when resolving vulnerability
- Destroy associated releases when removing a tag via Git CLI
- Add Octokit::ResponseValidation middleware
Performance (3 changes)
- Use segmented export for group-level dependency list exports (merge request) GitLab Enterprise Edition
- Add composite index to SubscriptionAddOnPurchases (merge request)
- Drop composite index involving project_fingerprint (merge request)
Other (117 changes)
- Mark 20230928104245 as obsolete (merge request) GitLab Enterprise Edition
- Announce deprecation of field add_on_purchase under namespaces (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Reorg. of sidebar files (merge request)
- Quarantine a flaky test (merge request)
- Cleanup remote_development_namespace_agent_authorization feature flag (merge request)
- Add and backfill project_id for ml_candidate_metrics (merge request)
- Add and backfill project_id for alert_management_alert_assignees (merge request)
- Update status of namespace in URL path to GA from Beta (merge request)
- Cleanup project_daily_statistic_counter_attribute_fetch feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add
open_kubernetes_resource_details event (merge request)
- Add and backfill project_id for ml_candidate_params (merge request)
- Add new FK between p_ci_builds and p_ci_pipelines (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- fix: Use gitlab_sec for vuln_remediation bulk insert (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Improve github import docs (merge request)
- Revised index for owasp group level reports (merge request)
- Partition ci_pipelines_config table (merge request)
- Remove feature flag
not_found_response_for_go_get (merge request)
- Removes the extra docs and updates the original BBM dictionary (merge request)
- Upsert single upcoming_reconciliation (merge request) GitLab Enterprise Edition
- Convert integer ID columns to bigint (merge request)
- Use instance variable @namespace (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Make copy changes to trial registrations for duo enterprise (merge request) GitLab Enterprise Edition
- Improve error handling for the job logs app (merge request)
- Add learn duo pro discover link in expired duo pro trial widget (merge request) GitLab Enterprise Edition
- Clean up new_broadcast_message_dismissal (merge request)
- Implement change_allow_force_push tracking event (merge request)
- Quarantine a flaky test (merge request)
- Remove ci_new_query_for_running_stuck_jobs feature flag (merge request)
- Fix Layout/ArrayAlignment offense by @Deepak18-06 (merge request)
- Add an attribute truncate to do cleanup for the new node (merge request) GitLab Enterprise Edition
- Remove cncf logo from trial registrations (merge request) GitLab Enterprise Edition
- Improve Cypress test case names by @JonstonChan (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove actions and approval_settings from security_policies (merge request)
- Remove FF vulnerability_owasp_top_10_group (merge request) GitLab Enterprise Edition
- Desired sharding key to accept custom parent table primary key (merge request)
- Fix sidekiq warning in EventStore::Subscription by @gerardo-navarro (merge request)
- Enable ai impact analytics only for duo enterprise (merge request) GitLab Enterprise Edition
- Upgrade to graphql 2.3.14 (merge request)
- Quarantine a flaky test (merge request)
- Cleanup ensure_lfs_object_project_uniqueness FF (merge request)
- Reschedule DropWorkItemWidgetDefinitionsNamespaceId migration (merge request)
- chore: Fix typo regarding response and successful by @gerardo-navarro (merge request)
- Add and backfill organization_id for subscription_user_add_on_assignment (merge request)
- Removes
webui_members_inherited_users feature flag (merge request)
- Partition ci_builds_metadata table (merge request)
- Optimize ListConfigVariablesService (prefill variables service) (retry) (merge request)
- Fix flaky spec (merge request)
- Update vendored Laravel project to match project template by @JonstonChan (merge request)
- Update vendored Cluster Management project to match project template by @JonstonChan (merge request)
- Fix Layout/ArrayAlignment offenses by @sahilsarawagi (merge request)
- BBM to update owasp_top_10 with null values to -1 (merge request)
- Remove ci_partitioning_first_records feature flag (merge request)
- Cleanup write_to_ci_build_tags feature flag (merge request)
- Quarantine a flaky test (merge request)
- Backfill published_by_id of catalog_resource_versions (merge request)
- Cleanup allow git http fetch writes feature flag (merge request)
- Organize mocks into categories (merge request) GitLab Enterprise Edition
- Correct tests after migration to Crud and SettingsSection components (merge request)
- Update docs of
detailed_merge_status (merge request)
- Fix RSpec/ReturnFromStub offenses by @nathanpbrophy (merge request) GitLab Enterprise Edition
- Change trial group selection placeholder text (merge request) GitLab Enterprise Edition
- Add policy type to orchestration_policy_rule_schedule (merge request) GitLab Enterprise Edition
- Backfill p_ci_build_tags with data from taggings (merge request)
- Remove parallel_project_export feature flag (merge request)
- Partition ci_build_trace_metadata table (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Requeue migration to backfill sharding key for deploy_tokens (merge request)
- Delete orphaned deploy tokens (merge request)
- Drop unused onboarding_progresses columns (merge request)
- Validate p_ci_builds project_id not null constraint (merge request)
- GitLab Pages: Handle LetsEncrypt errors on ssl renewal by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Remove feature flag allow_ai_features_token_for_graphql_ai_features (merge request)
- Add identifier_names to vulnerability_reads (merge request)
- Add warning when external user accesses internal catalog project (merge request)
- Removing Clusterwide DB CI/CD Jobs (merge request)
- Add & backfill sharding keys for security_orchestration_policy_rule_sche (merge request)
- Finalize DeletePackagesComposerCacheFileRecords migration (merge request)
- refactor: Define spacing in parent element by @gerardo-navarro (merge request)
- Clean up ci_require_credit_card_on_free_plan feature flag (merge request) GitLab Enterprise Edition
- Add & backfill sharding keys for protected_environment_deploy_access_lev (merge request)
- Fix separation of duties link from UI to docs (merge request) GitLab Enterprise Edition
- Cleanup "use_pull_mirror_update_service" feature flag (merge request)
- Optimize ListConfigVariablesService (prefill variables service) (merge request)
- Add & backfill sharding keys for protected_environment_approval_rules (merge request)
- Update external status checks metrics (merge request)
- Add disable CI build for draft MR example by @lifez (merge request)
- Remove rely_on_work_item_type_seeder feature flag (merge request)
- Query using int when owasp_top_10 is none (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Validate FK for ci_daily_build_group_report_results.last_pipeline_id (merge request)
- Log headers from http-router (merge request)
- Refactors beyond identity page to remove GlNavItem (merge request)
- refactor: Use single quotes consistently in the files by @gerardo-navarro (merge request)
- Change owasp_top_10 column default to int on vulnerability_reads (merge request)
- Remove "disable_ssh_key_used_tracking" feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Deprecate BackupCustomHooks and RestoreCustomHooks RPCs (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
EE (1 change)
17.3.7 (2024-11-12)
Security (6 changes)
- Use custom adapter for parsing FogBugz XML (merge request)
- Removed id from authorize buttons and added specs (merge request)
- HTML injection in vulnerability Code flow leads to XSS on self hosted instances (merge request)
- Remove is-unsafe-link from product analytics tables to prevent XSS (merge request)
- Details of blocking merge request can be exposed via list (merge request)
- Prevent agent access via unconfirmed or disallowed group members (merge request)
17.3.6 (2024-10-22)
Security (2 changes)
- Fixed HTML injection in Global Search bug (merge request)
- Limit max size of manifest file upload (merge request)
17.3.5 (2024-10-09)
Fixed (1 change)
Security (8 changes)
- Do not create a pipeline on MR refresh if source branch was deleted (merge request)
- Escape OAuth application name on authorize page (merge request)
- Prevent guest access to project templates (merge request)
- Remove access to local requests via cube query service (merge request)
- External webhook token should be set (merge request)
- Skip content when listing conflict files with types (merge request)
- Hide version info from unauthorized users (merge request)
- Prevent deploy keys from pushing code to an archived project (merge request)
17.3.4 (2024-09-24)
Security (3 changes)
- Implement input sanitization for SummarizeComments (merge request)
- Hide system notes with invalid references (merge request)
- Reset dependency proxy maven credentials when registry url is changed (merge request)
17.3.3 (2024-09-16)
No changes.
17.3.2 (2024-09-11)
Fixed (3 changes)
- Update Access data on sync even if data didn’t changed
- Fix Sidekiq crashing when GITLAB_LOG_LEVEL set to debug
- Fix issue when resizing images in RTE
Changed (1 change)
Security (19 changes)
- Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-3' into '17-3-stable-ee'" (merge request)
- Fix the vulnerability in the glm_source parameter (merge request)
- Improve GraphQL log security (merge request)
- Add permissions check to project creations from a project template (merge request)
- Fix credentials disclosure in mirroring failure (merge request)
- Redirect url in the link validated for being external (merge request)
- [17.3] Update edit permissions for DAST profiles (merge request)
- Commit information visible through release atom endpoint for guest users (merge request)
- Execute environment stop actions as the owner of the action (merge request)
- Prevent code injection in Product Analytics funnels YAML (merge request)
- Prevent users with admin_group_member custom ab. to manage custom roles (merge request)
- Fixed frontend regex to parse URI (merge request)
- Use session instead of params for identity linking (merge request)
- Fix external wiki integration DoS by changing request to HEAD (merge request)
- Restrict IPs for packages dependency proxy (merge request)
- Strip out Set-Cookie header from dependencyproxy auth response (merge request)
- Fix open redirect due to additional slash added (merge request)
- Group Developers can view group runners (merge request)
- Enforce Pipeline execution policy variables for template rules (merge request)
17.3.1 (2024-08-20)
Fixed (3 changes)
- Merge branch '444926-fix-bug-in-resolve-vulnerabilities-migration' into 'master'
- Turn NotFound from Gitaly into 404 for InfoRefs
- Fix timeout when checking group dependencies GitLab Enterprise Edition
Changed (1 change)
- Include language server version in code suggestions GitLab Enterprise Edition
Security (4 changes)
- Do not run pipelines when resolving vulnerability (merge request)
- Add Octokit::ResponseValidation middleware (merge request)
- IP restriction to prevent all group permissions (merge request)
- Destroy associated releases when removing a tag via Git CLI (merge request)
17.3.0 (2024-08-14)
Added (143 changes)
- Trigger a Flux reconciliation from the cluster UI (merge request)
- Add REST API invited groups in a group (merge request)
- Sync finished pipelines to ClickHouse (merge request)
- Add subscription_history to Namespace GraphQL Type (merge request)
- Add common phrases copy to the password (merge request) GitLab Enterprise Edition
- Set project_id when creating Packages::Dependency (merge request)
- Extend deprecation properties with custom scan action (merge request) GitLab Enterprise Edition
- Protected containers: Badge "protected" in container registry list by @gerardo-navarro (merge request)
- Add a shared avatar image for security policy bots (merge request)
- Add backend support for multiple Vue list filters (merge request) GitLab Enterprise Edition
- Add EPSS to GitLab database (merge request) GitLab Enterprise Edition
- Script to update Topology Service Gem (merge request)
- Add TLS support for Redis Sentinel (merge request)
- Create events to measure Branch rule edit adoption (merge request) GitLab Enterprise Edition
- Allow the restriction of Kubernetes agent access to protected branches by @nwittstruck (merge request)
- Add compliance_checks and compliance_requirements tables (merge request)
- Cleanup sync_audit_events_to_new_tables feature flag (merge request)
- Add setting for max_artifact_archive_size_bytes by @danlamanna (merge request)
- Add MR mergeability check for locked paths (merge request)
- Refactor Modal form to use native submit (merge request)
- Adapt seat assignment logic for both Duo add-ons (merge request) GitLab Enterprise Edition
- Add GraphQL PMG to MR widget (merge request)
- Add field enterprise_users_extensions_marketplace_enabled for groups (merge request)
- Add CSV upload modal for user contribution reassignments (merge request)
- Frontend for zoekt search results - part 1 (merge request) GitLab Enterprise Edition
- Provide connect command for agent cluster (merge request)
- Async FK for p_ci_builds.upstream_pipeline_id (merge request)
- Async FK for ci_pipelines.auto_canceled_by_id (merge request)
- Clean up duo_chat_disabled_button feature flag (merge request) GitLab Enterprise Edition
- Add new internal API for credit card validation (merge request) GitLab Enterprise Edition
- Add MR mergeability check for locked LFS files (merge request)
- VSD Usage Overview - Display alert if background aggregations disabled (merge request) GitLab Enterprise Edition
- List owned runners via :admin_runners permission (merge request) GitLab Enterprise Edition
- Add endpoint with standard roles and members count for self-managed (merge request) GitLab Enterprise Edition
- Add work items hierarchy reorder mutation (merge request) GitLab Enterprise Edition
- Trigger workItemUpdated GQL subscription on MR update (merge request)
- Frontend for zoekt search results - part 1 (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Allow users to customize their JWT sub claim (merge request)
- Add the DB migration to backfill reserved_storage_bytes in zoekt_indices (merge request)
- Add show_on_profile to UserAchievement by @Taucher2003 (merge request)
- Add merge request dependency GET endpoints for REST (merge request)
- Add project_id to merge_request_diff_commits_b5377a7a34 (merge request)
- Add project_id to merge_request_diff_files_99208b8fac (merge request)
- Add GIN index to sbom_components (merge request)
- Add Duo Pro seats panel to AI impact analytics dashboard (merge request) GitLab Enterprise Edition
- Show SBOM reports ingestion errors on the project dependency list (merge request) GitLab Enterprise Edition
- Add code suggestions acceptance rate tile (merge request) GitLab Enterprise Edition
- Support custom Redis usernames (merge request)
- Make RCA generally available (merge request)
- Update GitLab Pages version (merge request)
- Add trendlines to the AI Impact analytics dashboard (merge request) GitLab Enterprise Edition
- Add new table to connect issues to metrics (merge request) GitLab Enterprise Edition
- Improve logging and Prometheus metrics of Workhorse endpoints (merge request)
- Add observability APIs (merge request)
- Adds the code suggestions unique users tile (merge request) GitLab Enterprise Edition
- Enable store_sbom_report_ingestion_errors FF by default (merge request) GitLab Enterprise Edition
- Update shared groups params (merge request)
- Remove feature flag wiki_redirection (merge request)
- Allow Duo add-on upgrade and downgrade for self-managed (merge request) GitLab Enterprise Edition
- Expose can_modify_blob_with_web_ide (merge request)
- Add merge trains viz link (merge request) GitLab Enterprise Edition
- Add style for
<mark> in rendered markdown (merge request)
- Add .NET tutorial for O11y usage (merge request)
- Update GitLab Pages version (merge request)
- Add project_id column to packages_dependencies table (merge request)
- Remove FF enterprise_disable_personal_access_tokens (merge request)
- Add terraform module graphql type (merge request)
- Added the countable connection to the todo type by @zillemarco (merge request)
- Protected containers: Badge "protected" in container detail page by @gerardo-navarro (merge request)
- Cloud Connector status: Add end-to-end probe (merge request) GitLab Enterprise Edition
- Cloud Connector: Add VerificationService (merge request) GitLab Enterprise Edition
- Added field to query memberApprovals for group/project (merge request) GitLab Enterprise Edition
- Add id attribute to uploads API (merge request)
- Do not allow creating epic notes when synced work item is locked (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add org to source package (merge request) GitLab Enterprise Edition
- Trigger
workItemUpdated with WorkItemAddClosingMergeRequest (merge request)
- Audit group modifications to CI_JOB_TOKEN (merge request) GitLab Enterprise Edition
- Add group settings sections to command mode results (merge request)
- Add support for xterm background colors (merge request)
- Add Arkose email intelligence service (merge request) GitLab Enterprise Edition
- Add contact support links in identity verification page (merge request) GitLab Enterprise Edition
- Add new merge trains link (merge request) GitLab Enterprise Edition
- Add drag and drop feature to work items page (merge request)
- Integrate Topology Service Gem into GitLab (merge request)
- Add Disable Personal Access Tokens setting to Admin Settings UI (merge request) GitLab Enterprise Edition
- Add job count metric for pipeline execution policy (merge request) GitLab Enterprise Edition
- Add Mattermost version 9.10 to releases table (merge request)
- Remove search_add_fork_filter_to_zoekt FF (merge request) GitLab Enterprise Edition
- Add mutation to convert note to thread (merge request)
- Filter merge requests by target branch (merge request) GitLab Enterprise Edition
- Add Virtual Registry cached responses table (merge request)
- Add models for Virtual Registries, part 1/2 (merge request)
- Add Duo Enterprise to cloud connector configuration (merge request) GitLab Enterprise Edition
- Set reserved_storage_bytes in the node_assignment (merge request) GitLab Enterprise Edition
- Add pull_frequency to control the tasks pulling frequency (merge request) GitLab Enterprise Edition
- Adds support for Matrix notification integration (merge request)
- Adds last_dormant_member_review_at to namespaces (merge request)
- Add "source" property of jobs to Jobs API, GraphQL (merge request)
- Add delete pod functionality (merge request)
- Allow custom roles to be assigned to invited groups (merge request) GitLab Enterprise Edition
- Remove wiki front matter related feature flags (merge request)
- Add approval policy rules and projects link table (merge request) GitLab Enterprise Edition
- Add Java Spring tutorial for o11y usages (merge request)
- Rollout code_suggestions_skip_dependency_descriptions ff (merge request) GitLab Enterprise Edition
- Persist all policy types for security policies (merge request) GitLab Enterprise Edition
- Support organization_path for determining current organization (merge request)
- Add delete pod functionality (merge request)
- Remove merge_trains_viz flag (merge request) GitLab Enterprise Edition
- Show SBOM reports ingestion errors on the vulnerability report (merge request) GitLab Enterprise Edition
- Reindex issues from database (merge request) GitLab Enterprise Edition
- Skip the tasks with same project_identifier (merge request) GitLab Enterprise Edition
- Schedule DORA DF score recalculation (merge request) GitLab Enterprise Edition
- Add Django tutorial for observability tooling (merge request)
- Show Flux resource details (merge request)
- Add CreateSecurityPolicyProjectAsync mutation (merge request) GitLab Enterprise Edition
- Emit audit event for agent creation and deletion (merge request) GitLab Enterprise Edition
- Add for_occurrences and with_advisory scopes (merge request) GitLab Enterprise Edition
- This MR adds new column to external status checks (merge request) GitLab Enterprise Edition
- Add the syntax decoration for multi_match (merge request) GitLab Enterprise Edition
- Add filtering by max role on members pages (merge request)
- Expose source_url in API::Entities::BulkImport (merge request)
- Update GitLab Pages version (merge request)
- Add metrics for pipeline execution policy usage (merge request) GitLab Enterprise Edition
- Add pagination support for Hierarchy widget (merge request)
- Add index for purl_type and package_name on (merge request)
- Feat: manual variables tab frontend part one (merge request)
- Release inheritance feature for Integrations API (merge request)
- Add filtering active and human users in GraphQL (merge request)
- Sync namespace_settings seat_control with new_user_signups_cap (merge request)
- Add job action mutations (merge request)
- Add nodejs tutorial to Observability docs (merge request)
- Add detumbled_email column to emails table (merge request)
- Deprecation alert for Needs tab (merge request)
- Adds fix slash command (merge request) GitLab Enterprise Edition
- Add org to sbom source (merge request) GitLab Enterprise Edition
- Add member_role_id to group_group_links (merge request)
- Add filters to import source users Graphql resolver (merge request)
- Added .cjs & .mjs matching to SAST CI templates (merge request)
- Access runners via
admin_runners permission (merge request) GitLab Enterprise Edition
- Add job action mutations (merge request)
- Add mergeTrainCar to MergeRequestType (merge request) GitLab Enterprise Edition
Fixed (143 changes)
- Revert "Refactor lavel filter to use labelName attr" (merge request) GitLab Enterprise Edition
- Fix empty dependency list page (merge request) GitLab Enterprise Edition
- Fix bug with pasting retina images (merge request)
- Hide invalid closing issues on merge request (merge request)
- Fix text on badge for health check (merge request) GitLab Enterprise Edition
- Kubernetes agent access for protected branches: Mention feature flag by @nwittstruck (merge request)
- Fix repo instructions border radius (merge request)
- Project Admin - Fix delete project after email message (merge request)
- Unify branch protection on rules details with repository settings (merge request) GitLab Enterprise Edition
- Fix wrong project in the connect command (merge request)
- Fix installable scope for inherited classes (merge request)
- Prevent re-enabling project sharing when user cap is set (merge request) GitLab Enterprise Edition
- Add Heading 5 and 6 to text style dropdown (merge request)
- Fix model artifact upload bug (merge request)
- Properly handle empty repository.ff_merge in FromTrainRef merge strategy (merge request) GitLab Enterprise Edition
- Update synthetic note (merge request)
- Frecent Items - Use fullPath over webUrl (merge request)
- Fix feature flag check for (merge request) GitLab Enterprise Edition
- Fix policy scope checker for multiple project compliance frameworks (merge request) GitLab Enterprise Edition
- Fix quick action urls in work items (merge request)
- Catch BlockedUrlError when dispatching external status check (merge request) GitLab Enterprise Edition
- Add correct check method for ga ai features (merge request) GitLab Enterprise Edition
- Add license check to cs for registry (merge request) GitLab Enterprise Edition
- Fix work item parent links namespace_id (merge request)
- Delete existing policy reads for invalidating policy edits (merge request) GitLab Enterprise Edition
- Fix removing conan manifest recipe file by cleanup policy (merge request)
- Fix timestamp values in Arkose Data Exchange payload (merge request) GitLab Enterprise Edition
- Handle invalid webhhook receiver gzip response (merge request)
- Adjust alignment of codeblock "Copy code" button (merge request)
- Make full log viewer section parsing more strict (merge request)
- Exclude deleted projects from GetProjectsQuery (merge request)
- Fix vulnerability statistics bug (merge request) GitLab Enterprise Edition
- Fix missing dependency project dropdown on narrow screen width (merge request) GitLab Enterprise Edition
- Backfill verification state table only for enabled replicators (merge request) GitLab Enterprise Edition
- Enable project_daily_statistic_counter_attribute_fetch FF by default (merge request)
- Mark projects as vulnerable in CVS logic (merge request) GitLab Enterprise Edition
- Fix train removal toast (merge request) GitLab Enterprise Edition
- Fix SBOM merge report service when merging tools of mixed structure (merge request) GitLab Enterprise Edition
- Fixes
output_safety in integrations (merge request)
- Fixes disable style ANSI sequences in full log viewer (merge request)
- Atomically refresh branch/tag cache in PostReceive (merge request)
- Handle error when create directory params are missing (merge request)
- Add a batch migration to nullify organization_id for Project snippets (merge request)
- Project Topics - Allow new topics created always (merge request)
- Fix broken docs links in the UI (merge request)
- Fix segmented export zero division error (merge request) GitLab Enterprise Edition
- Fix custom role name for admin user views (merge request) GitLab Enterprise Edition
- Break words in legacy user dropdown (merge request)
- Use generated identifier for chart range data (merge request) GitLab Enterprise Edition
- Allow to edit files from a commit or tag with WebIDE (merge request)
- Ensure DiffCollection is not empty when applying each_gitaly_patch (merge request)
- Fix cluster check metrics (merge request) GitLab Enterprise Edition
- Fix missing CSS variables in jira_connect app (merge request)
- Fix toggle replies widget regression (merge request)
- Update graphql specs in preparation of gem upgrade (merge request)
- Cleanup allow_custom_root_folder_name_in_npm_upload FF (merge request)
- Fix upload after comment preview bug (merge request)
- Do not index associated issues that are epic work item type (merge request) GitLab Enterprise Edition
- Re-add no-enforce-focus prop on checkout modal (merge request)
- Internationalize dates within issues (merge request)
- Fix tooltip for suggested similar issue state icon (merge request)
- Add a validation for default branch name in group settings (merge request)
- Mark project as vulnerable while creating vulnerabilities (merge request) GitLab Enterprise Edition
- Ignore not search params which are not hashes (merge request)
- Fix help icon shrinks when there are many code owners (merge request) GitLab Enterprise Edition
- Fix clear bug in create view for health status widget (merge request)
- Add clipboard btn hover state to checkout MR instructions (merge request)
- Fix Explain vulnerabilities with AI loading state (merge request)
- Fixes
output_safety in integrations (merge request)
- Use explicit rule names to avoid flaky specs (merge request) GitLab Enterprise Edition
- Fix GraphQL query returning less than expected projects (merge request)
- Update specs for upcoming graphql upgrade (merge request) GitLab Enterprise Edition
- Update publish a new release docs link (merge request)
- Make sure broadcast notifications do not affect broadcast message height (merge request)
- Reset request data on each filter (merge request)
- Fix Roadmap not loading when epics have private parents (merge request) GitLab Enterprise Edition
- Fix new epic work item email (merge request)
- Add missing breadcrumb items to several admin edit pages (merge request)
- Update graphql specs for coming upgrade (merge request)
- Fix badges in runners admin area (merge request)
- bug: Fix template error due to divided by zero by @gerardo-navarro (merge request)
- Use autolinker filter for commit descriptions (merge request)
- Drop sequences that should no longer exist in database (merge request)
- Ignore unknown sequences in sequence fix migration (merge request)
- Fixed Zoekt forks filter behavior (merge request)
- Scrub non-UTF characters from context chunk (merge request)
- Add support for redirects to go-get middleware (merge request)
- Update postgres_sequences view (merge request)
- Break words in code blocks in RTE (merge request)
- Fixes
output_safety in integrations (merge request)
- Fix project name truncation in dependency project count dropdown (merge request) GitLab Enterprise Edition
- Fix SQL query for finding sequences owned by table (merge request)
- Use a separate Redis key for rescheduling jobs (merge request)
- Prevent CS SBOM to be parsed as ready for License Scanning rules (merge request) GitLab Enterprise Edition
- Clear Gitlab::Geo.proxied_site memoization (merge request) GitLab Enterprise Edition
- Fix clear button in deprecated jQuery dropdown filter (merge request)
- Restrict project ID parameters for GAR setup scripts (merge request) GitLab Enterprise Edition
- Connect null data points in Value Stream Dashboard sparklines (merge request) GitLab Enterprise Edition
- Skip issue due date validation on work item epics (merge request) GitLab Enterprise Edition
- Update graphql specs in preparation of gem upgrade (merge request)
- Restore collapsible sections in job log viewer (merge request)
- Improve image resizing in rich text editor (merge request)
- Fix auditor permission in group VSA (merge request) GitLab Enterprise Edition
- Fixed empty tooltips in usage trends count charts (merge request)
- Keep hover effect on section title when flyout is hovered (merge request)
- Fix missing spdx licenses in the policy editor (merge request) GitLab Enterprise Edition
- Fix duplicated projects in listbox (merge request)
- Status badge: Fix use of icon (merge request)
- Fix bug with deployment score calculation (merge request) GitLab Enterprise Edition
- Fix approval policy to include group level protected branch (merge request) GitLab Enterprise Edition
- Fix publishing npm package with custom root folder name (merge request)
- Handle Browser::Error exception (merge request)
- Remove project_ref_name_in_variables FF (merge request)
- Fix missing/incorrect linked work items from other namespaces (merge request)
- Fix SBOM export when tools property has different structure (merge request) GitLab Enterprise Edition
- Fix PEP when SEC is available (merge request) GitLab Enterprise Edition
- Add validation for vulnerability identifiers (merge request) GitLab Enterprise Edition
- Improve printing functionality by @yanglb (merge request)
- Added Instance scope as valid audit entity type (merge request) GitLab Enterprise Edition
- fix: Only run advanced SAST job when Ultimate license present (merge request) GitLab Enterprise Edition
- Pipeline dropdown: Fix spacing and border-radius (merge request)
- Add copy timelog logic when moving issue (merge request)
- Use SpinnerComponent in users groups/projects view (merge request)
- Remove padding if sections settings have no border (merge request)
- Fix merge request list icon alignment in Safari (merge request)
- Updates container registry set up cleanup link (merge request)
- Fix invalid X-Next-Page header for the first page (merge request)
- Provide a full commit sha to
CommitReferences query (merge request)
- Remove full screen button at ML Model creation (merge request)
- Remove uplaods and redirects file results from wiki basic search (merge request)
- Ignore default before and after_script for Scan Execution Policies (merge request) GitLab Enterprise Edition
- Prevent dragging board list if not editable (merge request)
- Prevent export finalisation from overrunning the expected duration (merge request) GitLab Enterprise Edition
- Release jira_connect_proxy_create_branch (merge request)
- Display all seats user banner when there is an overage (merge request)
- Revert "Align the visual presentation of the action between groups and projects" (merge request)
- Your Work Projects - Fix improper index import (merge request)
- Make sure group path is used for getting list of frameworks (merge request) GitLab Enterprise Edition
- Fix pending members member link (merge request) GitLab Enterprise Edition
- Show download button in narrow viewports in repo directory view (merge request)
- Fix namespace path in pending members page (merge request) GitLab Enterprise Edition
- Use shared lock for SBoM ingestion and sync workers (merge request) GitLab Enterprise Edition
- Fix Changelog error on Non-encoded Commit Trailers (merge request)
Changed (226 changes)
- Ignore unused columns in onboarding_progress and remove all references (merge request)
- Enable self-managed UI bulk assignment/unassignment feature by default (merge request)
- Enable traversal_ids for all project search queries (merge request) GitLab Enterprise Edition
- Improve Cloud Connector status host probe (merge request) GitLab Enterprise Edition
- Transition dast_site_tokens to loose foreign keys (merge request)
- Lower sync event table partition cleanup threshold to 30 days (merge request)
- Hide search panel when user has no groups (merge request)
- Requeue backfilling of work_item_dates_sources (merge request)
- Show empty state also in workspace tab (merge request)
- Migrate title and cards in ssh key detail page (merge request)
- Add database index on emails to detumbled_email column (merge request)
- Find zoekt index through repository if exists (merge request) GitLab Enterprise Edition
- Groups Projects - Consistent pending delete alert (merge request)
- Makes job log color palettes consistent (merge request)
- Remove redirect to clear settings for self-managed provider (merge request) GitLab Enterprise Edition
- Scheduling service skips cache in non prod environments (merge request) GitLab Enterprise Edition
- Add framework id popover (merge request) GitLab Enterprise Edition
- Update redis-store gem and drop custom patch (merge request)
- Expose pre_receive_secret_detection_enabled in the API (merge request)
- Remove gl-new-card-body from terms card (merge request)
- Migrate branch rule details cards to crud components (merge request)
- Remove
Security::ReportFetchService and refactor tests (merge request) GitLab Enterprise Edition
- Default-enable Cloud Connector status FF (merge request) GitLab Enterprise Edition
- Enable rewrite_history_ui feature flag by default (merge request)
- Adjust the visual styling of health check (merge request) GitLab Enterprise Edition
- This MR adds an icon for disabled policies (merge request) GitLab Enterprise Edition
- This MR adds new badge to status check table (merge request) GitLab Enterprise Edition
- Quarantine spec for old background migration (merge request) GitLab Enterprise Edition
- Update terraform empty state illustration (merge request)
- Notifications page: Migrate components used (merge request)
- Update tags page (merge request)
- Update blocked and blocking icons based on new direction (merge request)
- Remove gl-new-card from permanent group deletion card (merge request)
- Move work item note loader above comment box (merge request)
- Remove gl-new-card from failed jobs card (merge request)
- Switch back to charlock_holmes gem (merge request)
- Set vulnerability_finding_links schema to
gitlab_sec (merge request) GitLab Enterprise Edition
- Replace subtle text color style with description label default style (merge request) GitLab Enterprise Edition
- Remove gl-new-card from pipeline editor card (merge request)
- Distinguish index on tags (merge request)
- Remove gl-new-card from group advanced settings (merge request)
- Rephrase policy bot message errors (merge request) GitLab Enterprise Edition
- Removes the note about billing quotas on the PA GitLab managed provider (merge request) GitLab Enterprise Edition
- Decrease space between log lines (merge request)
- Avoid TemplateFinder instantiations (merge request) GitLab Enterprise Edition
- Remove search_issue_refactor feature flag (merge request) GitLab Enterprise Edition
- Unbox the add license section (merge request) GitLab Enterprise Edition
- Move provider selection component error state inline (merge request) GitLab Enterprise Edition
- Add header to contributor analytics page (merge request)
- Sentence case access tokens (merge request)
- Refine the activation modal (merge request) GitLab Enterprise Edition
- Migrate terraform states GlCard to CrudComponent (merge request)
- Release page: Add page title and migrate to Crud (merge request)
- Sign-out deletes only GitLab site data, not all subdomains (merge request)
- Add email template for source_user rejects (merge request)
- Cleanup "add_validation_for_push_rules" feature flag (merge request) GitLab Enterprise Edition
- Make color palettes in logs consistent (merge request)
- Fix dark mode support in minimal and devise_empty (merge request)
- Replace click with select on add license (merge request) GitLab Enterprise Edition
- Migrate workspace variables card to CrudComponent (merge request)
- Remove new-card classes from legacy cards (merge request)
- Fetch product analytics project settings via GraphQL (merge request) GitLab Enterprise Edition
- Hide /type quick action on epic work items (merge request) GitLab Enterprise Edition
- Simplify atomic cache/tag clear code in PostReceive (merge request)
- Migrate dashboard projects to filtered search and sort (merge request)
- Refactor DuoChat error display (merge request) GitLab Enterprise Edition
- Fix broadcast message dismissals cookie not restoring upon login (merge request)
- Update review started icon in MR sidebar (merge request)
- feat: Transition sbom_component_versions to gitlab_sec schema (merge request) GitLab Enterprise Edition
- Deploy freeze table migration to Crud (merge request)
- Update visualization designer type selector (merge request) GitLab Enterprise Edition
- This MR updated dispatch service (merge request) GitLab Enterprise Edition
- Comments templates: Migrates components used (merge request)
- This MR adds new field to status check form (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.100.2 (merge request)
- Transition dast_site_tokens to loose foreign keys (merge request)
- Update CI/CD Details tab order (merge request)
- Use locale date format on the custom emoji page by @NIKU-SINGH (merge request)
- Migrate wiki history card to crud component (merge request)
- Migrate branch rules card to CrudComponent (merge request)
- Update work item parent labels (merge request)
- Show warnings for rendered as markdown (merge request)
- Update gitaly servers card to CrudComponent (merge request)
- Display error when LLM determines false positive (merge request) GitLab Enterprise Edition
- Update cleanup policies page (merge request)
- Migrate badges card to crud component (merge request)
- Add
fallback_behavior usage metrics (merge request) GitLab Enterprise Edition
- Update welcome page question order (merge request) GitLab Enterprise Edition
- Migrate secure files to cardcomponent (merge request)
- Update prompt for Duo Vulnerability Resolution (merge request) GitLab Enterprise Edition
- Reverse order of recent month columns in VSD (merge request) GitLab Enterprise Edition
- Update google-cloud-core and google-cloud-env gems (merge request)
- Migrate monitor alerts to crudcomponent (merge request)
- Duo Chat Retry Attempts Update (merge request) GitLab Enterprise Edition
- Does not load SSF data for disabled replicators (merge request) GitLab Enterprise Edition
- Update security policies graphql API to filter policies by scope (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.100.1 (merge request)
- Set vulnerability_flags schema to gitlab_sec (merge request) GitLab Enterprise Edition
- Update cached commit signatures when a gpg key is recreated (merge request)
- Reverify externally verified gpg keys (merge request)
- Add DuoChat helper menu (merge request) GitLab Enterprise Edition
- Fix issue on terms page with mermaid plots (merge request)
- Update user pages empty states in admin area (merge request)
- Add tmp index on vulnerability_reads for bbm (merge request) GitLab Enterprise Edition
- Update merge request template copy (merge request) GitLab Enterprise Edition
- General improvements in the terms pages (merge request)
- Change the alert message for the invalid invite (merge request)
- This MR updates approval selector (merge request) GitLab Enterprise Edition
- Migrate Analyze page headings (merge request)
- Update BBM status (merge request)
- Use
gl-text-subtle instead of gl-text-secondary in crud component (merge request)
- Migrate header components in tags and compare revisions (merge request)
- Add "Why GitLab Duo?" section to Duo Pro trial discover page (merge request) GitLab Enterprise Edition
- Refactors primary keys validations (merge request) GitLab Enterprise Edition
- Labels: Migrate label-badge (merge request)
- Remove MemberRole ignored columns (merge request) GitLab Enterprise Edition
- Issue closing pattern works with work items (merge request)
- Update runner edit form (merge request)
- ViewComponent documentation: Adds missing shared components (merge request)
- Humanize chart units for Value stream analytics (merge request) GitLab Enterprise Edition
- Hide pending todos authored by banned users (merge request)
- Hide rollup weight when null (merge request)
- Returning multiple compliance frameworks in project api (merge request) GitLab Enterprise Edition
- This MR adds new arguments for graphql mutation (merge request) GitLab Enterprise Edition
- Check for feature flag for user autocomplete in command palette (merge request)
- Put groups_direct field in CI JWT tokens behind feature flag (merge request)
- Sentence case pipeline editor (merge request)
- Issue Analytics: Migrate title and optimize loading state (merge request)
- Switching default_enabled: true for RCA troubleshoot (merge request) GitLab Enterprise Edition
- Ensure Current.organization is set in REST API (merge request)
- Add delimiter to label counters (merge request)
- Open k8s details drawer on the pod name click by @antonkalmykov (merge request)
- Set schema to gitlab_sec (merge request) GitLab Enterprise Edition
- Use header components and sentence case in code section (merge request)
- Update error pages (merge request)
- Pipeline mini graph clean up (merge request)
- Use page heading component for new snippet (merge request)
- Update pipeline editor to replace external link icon with catalog icon (merge request)
- Search bar: Migrate buttons to GlButton (merge request)
- Use CrudComponent for labels lists (merge request)
- Applys pending promotion requests (merge request) GitLab Enterprise Edition
- Move glab ask endpoint to AI gateway (merge request) GitLab Enterprise Edition
- Update stackprof to v0.2.26 (merge request)
- Remove add_gitlab_tier_cookie feature flag (merge request) GitLab Enterprise Edition
- This MR adds new field for update service (merge request) GitLab Enterprise Edition
- Applications group settings: Migrate components (merge request)
- Hooks: Update components (merge request)
- Redirect to group page upon user acceptance (merge request)
- User permissions for ML model registry & experiments (merge request)
- Update user achievements (merge request)
- Switch indexing button to background job (merge request) GitLab Enterprise Edition
- Set default state of web_ide_oauth flag to enabled (merge request)
- Migrates to use SettingsSection and Crud Components (merge request) GitLab Enterprise Edition
- Configure ignoring default before and after_script for policies (merge request) GitLab Enterprise Edition
- Remove updated at from work items (merge request)
- Replace toggle by radio buttons in the CI/CD settings by @antonkalmykov (merge request)
- Repository settings: Migrate components (merge request)
- Update help text for job token setting (merge request)
- Cleanup
prevent_registration_from_china feature flag (merge request) GitLab Enterprise Edition
- This MR adds new field for external_status_check model (merge request) GitLab Enterprise Edition
- Update OpenID and OAuth2 gems (merge request)
- Clean up SafelyChangeColumnDefault for policy concurrency (merge request) GitLab Enterprise Edition
- Update illustration for work item empty state (merge request)
- Remove default value from
organization_id field for snippets (merge request)
- Add approval rule: Move action buttons to content (merge request)
- Fix icons on commit page (merge request)
- Cleanup bigint conversions (merge request)
- Fix profile passed to API Security analyzer (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.100.0 (merge request)
- Lock logger version to 1.5.x series (merge request)
- Apply a daily limit for duplicate credit card validations (merge request)
- Remove gl-block class on badge (merge request)
- Validate presence of Organization on Namespace model (merge request)
- Shows releases on group milestones (merge request) GitLab Enterprise Edition
- Auto close issues for group level issues defaults to false (merge request)
- Analytics settings: Migrate to use SettingsSection (merge request)
- Use FrameworkBadge as item for the Frameworks Select (merge request) GitLab Enterprise Edition
- Extract authz classes to fetch permitted abilities (merge request) GitLab Enterprise Edition
- Remove deprecated observability_tracing feature flag (merge request)
- Enable sorting by published_at for self-managed (merge request)
- Clarifies the availability of dormant user feature (merge request)
- Remove
optimized_vulnerability_report_export feature flag (merge request) GitLab Enterprise Edition
- Update Duo Pro card on Usage Quotas page for trials (merge request) GitLab Enterprise Edition
- Show newest linked items first (merge request)
- Add ai_custom_models_prompts_migration FF (merge request) GitLab Enterprise Edition
- Migrate Integrations settings pages (merge request)
- Update source_users/show copy and UI (merge request)
- This MR updates dropdown text (merge request) GitLab Enterprise Edition
- Rename Gitlab::Geo. replication_enabled_replicator_classes by @sahilsarawagi (merge request)
- Reduce the verbosity of package_metadata logs (merge request)
- Add new child work items to the start (merge request)
- Update the tooltip text on the deployment limits message (merge request) GitLab Enterprise Edition
- Don't send commit messages from the FE if they're untouched (merge request)
- Update gems for Faraday 2 compatibility (merge request)
- Update dependency auto-deploy-image to v2.99.0 (merge request)
- Group: Migrate project settings (merge request)
- Backfill label_ids for merge request (merge request) GitLab Enterprise Edition
- Migrate axios call to GraphQL mutation for jobPlay by @missy-davies (merge request)
- Hides job logs timestamps on mobile size screens (merge request)
- Display current user's username in Identity Verification page (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v4.3.0 (merge request)
- Remove elastic_index_use_trigger_indexing FF (merge request) GitLab Enterprise Edition
- Set Claude 3.5 Sonnet as code generation default (merge request)
- Usage quotas: Use PageHeadingComponent for heading and description (merge request)
- Use tertiary button for admin area (merge request)
- Update project report for multi frameworks (merge request) GitLab Enterprise Edition
- Update link to the help page on Geo health help icon by @antonkalmykov (merge request) GitLab Enterprise Edition
- Fix double border at the 'Child items' widget on the Issues page by @antonkalmykov (merge request)
- Add new observability feature and policy (merge request)
- Set vulnerability_export_part schema to
gitlab_sec (merge request) GitLab Enterprise Edition
- CI/CD Settings: Migrates settings blocks to SettingsBlock (merge request)
- Filter merge requests by author (merge request) GitLab Enterprise Edition
- Project general settings: Add sr-only h1 (merge request)
- Update dependency ai-gateway to v1.12.0 (merge request)
- Sticky header color alignment between color modes (merge request)
- Change page title for subscription page (merge request) GitLab Enterprise Edition
- Update UI text for require auth in MR policies (merge request) GitLab Enterprise Edition
- Advanced Search: Index label_ids for merge requests (merge request) GitLab Enterprise Edition
- Update admin push rules (merge request)
- Show group stats when deleting from the Admin Area by @antonkalmykov (merge request)
- Remove code behind preserve_unchanged_markdown (merge request)
- Docs: Add Cloudflare IP range info for Duo (merge request) GitLab Enterprise Edition
- Update deploy keys pages (merge request)
- Finalizing batchedBackgroundMigration of CiPipelines (merge request)
- Make policy migration context aware (merge request) GitLab Enterprise Edition
- Delete requires_input.js behavior (merge request)
Deprecated (1 change)
Removed (30 changes)
- Remove required_instance_ci_template column (merge request)
- Remove link_existing_lfs_object feature flag (merge request)
- Revert index on web_hook_logs (merge request)
- Delete the
enable_environments_search_within_folder feature flag (merge request)
- Remove free-tier workspaces pages (merge request)
- Cleanup compliance_pipeline_in_policies feature flag (merge request) GitLab Enterprise Edition
- Delete the
changelog_commits_limitation feature flag (merge request)
- Deprecated and remove continuous vulnerability (merge request) GitLab Enterprise Edition
- Remove dependency list alerts (merge request) GitLab Enterprise Edition
- Delete the
json_wrapper_legacy_mode feature flag (merge request)
- Delete the
order_builds_for_group_runner feature flag (merge request)
- Remove gitlab_main_clusterwide and connection (merge request)
- Remove custom CI action from Scan execution policies UI (merge request) GitLab Enterprise Edition
- Removing unused project frameworks controller (merge request) GitLab Enterprise Edition
- Remove composer cache files related code and database records (merge request)
- Remove wiki_size index on project statistics (merge request)
- Remove packages_size index from project_statistics (merge request)
- Cleanup traces of old cron job (merge request)
- Remove cloud license promotion banner (merge request) GitLab Enterprise Edition
- Chore: remove the feature flag default (merge request) GitLab Enterprise Edition
- Remove simplified_badges feature flag (merge request)
- Remove custom CI action from processing (merge request) GitLab Enterprise Edition
- Clean up phone_verification_for_low_risk_users experiment (merge request) GitLab Enterprise Edition
- Remove store first reviwer assignment timestamp FF (merge request)
- Remove pipeline execution action experiment from group settings (merge request) GitLab Enterprise Edition
- Remove geo_use_clone_on_first_sync feature flag (merge request) GitLab Enterprise Edition
- Removes unused index on project statistics (merge request)
- Drop temporary index on
vulnerability_occurrences table (merge request)
- Remove Ramon related code (merge request) GitLab Enterprise Edition
- Remove unused arkose_labs_verify_api_url col from application_settings (merge request)
Security (22 changes)
- Filter parameters in Rack::Attack logs
- Fix Possible asciidoctor include:: directive DOS
- Show correct file content
- Fix the catastrophic backtracking
- Update audit payload
- Limit access to project accessed by Security Policy Bot
- Show alert about not rendering files due to path encoding
- Add a project scope to LfsTokens
- Security fixes for banzai pipeline part 2
- Remove xhtml extensions from snippets blobs
- Fix ReDoS in RefMatcher
- Enforce
require_password_to_approve MR approval policy property
- Remove verify authentication token skip in cdot proxy controller
- Fix ReDoS when parsing git push options
- Attribute BulkImport::Export to a particular user
- Refactor import_export_upload to be user-based
- Don't include project-level analytics settings in DOM
- Remove prohibited tags after import
- Fix for private dotenv artifacts not accessible to downstream jobs
- Do not allow script execution on dependency responses
- Fix for private txt artifacts being accessible through the artifacts/browse link
- Disable system hooks on GitLab.com (merge request)
Performance (10 changes)
- Add preloads to AddOnPurchasesResolver (merge request) GitLab Enterprise Edition
- Remove
segmented_vulnerability_report_export feature flag (merge request) GitLab Enterprise Edition
- Do not attempt to upsert existing cvs scanners (merge request)
- Only wait for contribution mapping related exports (merge request)
- Prevent timeouts in group autocomplete query (merge request)
- Skip updates for existing components and versions (merge request) GitLab Enterprise Edition
- Refactor Nuget SearchResultsPresenter (merge request)
- Adjust Bitbucket Cloud issues worker to be resumable by @ivantedja (merge request)
- Bulk insert CVS vulnerability scanners (merge request)
- Remove skip_sbom_occurrences_update_on_pipeline_id_change feature flag (merge request) GitLab Enterprise Edition
Other (124 changes)
- Remove double quotes (merge request) GitLab Enterprise Edition
- Remove group_multi_select_tokens feature flag (merge request)
- Backfill audit events into new audit events table (merge request)
- Improve documentation for the work items reordering mutation (merge request)
- Fix regex bug (merge request)
- Quarantine a flaky test (merge request)
- Add background migration for duplicates LFS object projects (merge request)
- Use Ci::Tag model for autocomplete search (merge request)
- Add PullMirrors::UpdateService (merge request) GitLab Enterprise Edition
- Alter webhook deleted audit event (merge request)
- Add & backfill multiple sharding keys for compliance_framework_security_ (merge request)
- Add resolve vulns migration (merge request)
- Add indexed_bytes in zoekt_nodes (merge request)
- Add the columns size_bytes and index_file_count (merge request)
- Remove ActsAsTaggableOn from DAST profiles (merge request)
- Remove redundant test (merge request)
- refactor: Avoid importing string literals in tests by @gerardo-navarro (merge request)
- Clean up pipeline_execution_policy_type feature flag from backend (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Enable ensure_lfs_object_project_uniqueness FF by default (merge request)
- Add dev widget to task work item type (merge request)
- Add migration for updating current value of max_yaml_size_bytes (merge request)
- Removes GlCarousel from the app (merge request) GitLab Enterprise Edition
- Validate migration schema message (merge request)
- Check if columns exist before running credit card hashing migration (merge request)
- Quarantine a flaky test (merge request)
- Replace
text-tertiary with gl-text-tertiary (merge request)
- Replace cdark with gl-text-default (merge request)
- Remove ci_canceling_status feature flag (merge request)
- Replace cgreen with gl-text-green-600 (merge request)
- Replace
bg-white with gl-bg-white (merge request)
- workhorse: refactor access to Gitaly Sidechannel (merge request)
- Support expected_old_oid for UserApplyPatch (merge request)
- Enhance hand raise modal button layout for mobile (merge request) GitLab Enterprise Edition
- Add NOT NULL for sharding key on deployment_approvals (merge request)
- Add the default value for reserved_storage_bytes (merge request)
- Add and backfill project_id for error_tracking_error_events (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Guard PAT last_used_at updates with exclusive lease (merge request)
- Add and backfill project_id for vulnerability_occurrence_pipelines (merge request)
- Replace
text-success with gl-text-success (merge request)
- Add and backfill project_id for vulnerability_occurrence_identifiers (merge request)
- Update default max_yaml_size_bytes to 2 MB (merge request)
- Quarantine a flaky test (merge request)
- Protected packages: Push protection for deploy token by @gerardo-navarro (merge request)
- Mark 20230724070100 as obsolete (merge request) GitLab Enterprise Edition
- Override for assign_resource_worker_deduplicate_until_executing (merge request)
- Remove unused text-metric class (merge request)
- Use
gl-fill-icon-subtle for close icon on Dismissible Container (merge request)
- Remove 'text-plain' util class from common.scss (merge request)
- Add and backfill project_id for packages_package_files (merge request)
- Add and backfill project_id for vulnerability_finding_links (merge request)
- Add jacoco file limit (merge request)
- Add and backfill project_id for approvals (merge request)
- Replace cgray with gl-text-primary (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Replace
bold class with gl-font-bold (merge request)
- Replace 'text-danger' with 'gl-text-danger' (merge request)
- Add and backfill project_id for merge_request_user_mentions (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill sharding keys for deploy_tokens (merge request)
- test: Add missing feature category by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Remove feature flag (merge request) GitLab Enterprise Edition
- Use tailwind util classes for semantic color usage in What's New (merge request)
- Add and backfill namespace_id for epic_issues (merge request)
- Use semantic link color in app/assets/stylesheets/errors.scss (merge request)
- Remove index_vulnerability_occurrences_on_primary_identifier_id (merge request)
- Quarantine a flaky test (merge request)
- Replace fgray with gl-fill-gray-500 and remove fwhite (merge request)
- Move PolicyScopeService to lib (merge request) GitLab Enterprise Edition
- Mark 20230823154049 as obsolete (merge request) GitLab Enterprise Edition
- Use semantic token in bootstrap_migration_reset.scss (merge request)
- Add advisory lock to lfs_objects_project model (merge request)
- Add regex argument (merge request) GitLab Enterprise Edition
- Remove unused fetch method and add Storybook entry (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill project_id for evidences (merge request)
- Use semantic tokens in broadcast_messages.scss (merge request)
- Use semantic tokens in calendar.scss (merge request)
- Use semantic tokens in app/assets/stylesheets/framework/blocks.scss (merge request)
- Mark 20230719211400 as obsolete (merge request) GitLab Enterprise Edition
- Add basic methods to abuse report note model (merge request)
- Mark 20230824114205 as obsolete (merge request) GitLab Enterprise Edition
- Backfills the user_details records for users that do not have one (merge request)
- Mark 20230908120634 as obsolete (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Mark 20230722212041 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230901120542 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230720000000 as obsolete (merge request) GitLab Enterprise Edition
- Refactor MirrorsController: move pull mirror code to EE (merge request) GitLab Enterprise Edition
- Mark 20230831152648 as obsolete (merge request) GitLab Enterprise Edition
- Remove the references of FF zoekt_exact_search (merge request)
- Add reserved_storage_bytes to zoekt_indices (merge request)
- Mark 20230911205548 as obsolete (merge request) GitLab Enterprise Edition
- Use semantic tokens in diff_file_component.scss (merge request)
- Use semantic tokens in app/assets/stylesheets/components/avatar.scss (merge request)
- Requeue partitioning backfill for build group reports (merge request)
- Implement index addition (merge request)
- Add and backfill group_id for approval_group_rules_protected_branches (merge request)
- Remove diff_preview_in_email feature flag (merge request)
- Remove move_issue_children feature flag (merge request)
- Remove NOT NULL on policy_id for scan_result_policy_violations (merge request)
- Add index for owasp_top_10 group level reports (merge request)
- Replace flag synced_epic_work_item_editable with work_item_epics (merge request) GitLab Enterprise Edition
- GitLab pages: Improve test pages_domain_spec.rb by @gerardo-navarro (merge request)
- Add p_ci_builds upstream_pipeline_partition_id (merge request)
- Quarantine a flaky test (merge request)
- Introduce lock-free rescheduling for duplicate job (merge request)
- Remove ignores for imported column (merge request)
- Add and backfill group_id for approval_group_rules_users (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Run cron job daily (merge request)
- Protected packages: Cleanup renaming of protected_up_to_access_level by @gerardo-navarro (merge request)
- Dynamically gets the column type for assertion (merge request)
- Quarantine a flaky test (merge request)
17.2.9 (2024-10-09)
Fixed (1 change)
Security (8 changes)
- Do not create a pipeline on MR refresh if source branch was deleted (merge request)
- Escape OAuth application name on authorize page (merge request)
- Prevent guest access to project templates (merge request)
- Remove access to local requests via cube query service (merge request)
- External webhook token should be set (merge request)
- Skip content when listing conflict files with types (merge request)
- Hide version info from unauthorized users (merge request)
- Prevent deploy keys from pushing code to an archived project (merge request)
17.2.8 (2024-09-24)
Security (3 changes)
- Implement input sanitization for SummarizeComments (merge request)
- Hide system notes with invalid references (merge request)
- Reset dependency proxy maven credentials when registry url is changed (merge request)
17.2.7 (2024-09-16)
No changes.
17.2.6 (2024-09-13)
No changes.
17.2.5 (2024-09-11)
Fixed (2 changes)
- Fix Sidekiq crashing when GITLAB_LOG_LEVEL set to debug
- Backport Fixes Geo Replication Details view GitLab Enterprise Edition
Changed (2 changes)
Security (19 changes)
- Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-2' into '17-2-stable-ee'" (merge request)
- Fix the vulnerability in the glm_source parameter (merge request)
- Improve GraphQL log security (merge request)
- Add permissions check to project creations from a project template (merge request)
- Fix credentials disclosure in mirroring failure (merge request)
- Redirect url in the link validated for being external (merge request)
- [17.2] Update edit permissions for DAST profiles (merge request)
- Commit information visible through release atom endpoint for guest users (merge request)
- Execute environment stop actions as the owner of the action (merge request)
- Prevent code injection in Product Analytics funnels YAML (merge request)
- Prevent users with admin_group_member custom ab. to manage custom roles (merge request)
- Fixed frontend regex to parse URI (merge request)
- Use session instead of params for identity linking (merge request)
- Fix external wiki integration DoS by changing request to HEAD (merge request)
- Restrict IPs for packages dependency proxy (merge request)
- Strip out Set-Cookie header from dependencyproxy auth response (merge request)
- Fix open redirect due to additional slash added (merge request)
- Group Developers can view group runners (merge request)
- Enforce Pipeline execution policy variables for template rules (merge request)
17.2.4 (2024-08-21)
Security (1 change)
17.2.3 (2024-08-20)
Fixed (3 changes)
- Turn NotFound from Gitaly into 404 for InfoRefs
- Fix empty dependency list page GitLab Enterprise Edition
- Properly handle empty repository.ff_merge in FromTrainRef merge strategy GitLab Enterprise Edition
Changed (1 change)
- Include language server version in code suggestions GitLab Enterprise Edition
Security (4 changes)
- Do not run pipelines when resolving vulnerability (merge request)
- Add Octokit::ResponseValidation middleware (merge request)
- IP restriction to prevent all group permissions (merge request)
- Destroy associated releases when removing a tag via Git CLI (merge request)
Other (1 change)
17.2.2 (2024-08-06)
Fixed (2 changes)
Changed (2 changes)
Security (13 changes)
- Show correct file content (merge request)
- Fix Possible asciidoctor include:: directive DOS (merge request)
- Filter parameters in Rack::Attack logs (merge request)
- Update audit payload (merge request)
- Limit access to project accessed by Security Policy Bot (merge request)
- Show alert about not rendering files due to path encoding (merge request)
- Fix the catastrophic backtracking (merge request)
- Security fixes for banzai pipeline part 2 (merge request)
- Remove xhtml extensions from snippets blobs (merge request)
- Add a project scope to LfsTokens (merge request)
- Fix ReDoS when parsing git push options (merge request)
- Fix ReDoS in RefMatcher (merge request)
- Enforce
require_password_to_approve MR approval policy property (merge request)
Other (1 change)
17.2.1 (2024-07-24)
Fixed (1 change)
- Fix PEP when SEC is available GitLab Enterprise Edition
Security (7 changes)
- Refactor import_export_upload to be user-based (merge request)
- Fix for private txt artifacts being accessible through the artifacts/browse link (merge request)
- Attribute BulkImport::Export to a particular user (merge request)
- Don't include project-level analytics settings in DOM (merge request)
- Fix for private dotenv artifacts not accessible to downstream jobs (merge request)
- Do not allow script execution on dependency responses (merge request)
- Remove prohibited tags after import (merge request)
17.2.0 (2024-07-17)
Added (159 changes)
- Add status to scan result policy violations (merge request) GitLab Enterprise Edition
- Add new run keyword under job (merge request)
- Protected containers: Add PATCH REST API for container protection rules by @nwittstruck (merge request)
- Added filters for multiple compliance frameworks (merge request) GitLab Enterprise Edition
- Add Duo Enterprise to provision service for add-ons (merge request) GitLab Enterprise Edition
- Add Duo Pro end trial widget (merge request) GitLab Enterprise Edition
- Add RoR tutorial to Observability docs (merge request)
- Enable container scanning for registry (merge request)
- Add willAutoCloseByMergeRequest field to work items API (merge request)
- Add Duo Enterprise to provision service for add-ons (merge request) GitLab Enterprise Edition
- Add models for Virtual Registries, part 1/2 (merge request)
- Add the API to return the multi_matches in a single file (merge request) GitLab Enterprise Edition
- Ensure uniqueness p_ci_job_annotation (merge request)
- Add job action button to PMG (merge request)
- Add migration to add seat control column to namespace settings table (merge request)
- Display ratios instead of counts in CI/CD Analytics (merge request)
- Add Importer User for imports user mapping (merge request)
- Workhorse: HTTP endpoint for bidirectional SSH git-receive-pack data (merge request) GitLab Enterprise Edition
- Add GraphQL API for Duo Pro seats assigned and used (merge request) GitLab Enterprise Edition
- Enable direct code completions by default (merge request) GitLab Enterprise Edition
- Added mutation for updating frameworks of projects (merge request) GitLab Enterprise Edition
- Updates AI merge commit message to be GA (merge request)
- Add gitlab-advanced-sast as a SAST job template (merge request) GitLab Enterprise Edition
- Update the search code according to the replica (merge request) GitLab Enterprise Edition
- Add the API to return the multi_matches in a single file (merge request) GitLab Enterprise Edition
- Add merge_request.squash git push option (merge request)
- Add by_pipeline_ids scope for occurrences (merge request)
- Release secret push protection for self-managed instances (merge request) GitLab Enterprise Edition
- Add ability to delete task list items (merge request)
- Enable store first reviewer FF by default (merge request)
- Add support for LDAP group sync with custom roles (merge request) GitLab Enterprise Edition
- Add delete mutation for deleting self-hosted models (merge request) GitLab Enterprise Edition
- Add REST API endpoints to manage uploads (merge request)
- This MR adds performance warning modal (merge request) GitLab Enterprise Edition
- Protected containers: New GraphQL field "protectionRuleExists" by @gerardo-navarro (merge request)
- Add ci_component_source_policy (merge request)
- Add support for comments in rich text editor (merge request)
- Add the API to return the multi_matches in a single file (merge request) GitLab Enterprise Edition
- Add reviewer first assigned at VSA stage event (merge request) GitLab Enterprise Edition
- Add page metadata to work items (merge request)
- Create p_ci_finished_pipeline_ch_sync_events table (merge request)
- Add Rake task to show token expiration info (merge request)
- Add and set uploaded_by_user_id on Upload records (merge request)
- Set first MR assigned for review timestamp metrics (merge request)
- Expose VSD overview counts for projects (merge request) GitLab Enterprise Edition
- Create country_access_logs table (merge request) GitLab Enterprise Edition
- Show real page title in wiki sidebar (merge request)
- GraphQL: Add PipelineAnalyticsPeriod type (merge request)
- CI/CD Catalog: Add description, type to components (merge request)
- Protected containers: POST REST API for container protection rules by @nwittstruck (merge request)
- Add Users::ActivityEvent and pub/sub logic (merge request)
- Add status column to duo workflows (merge request) GitLab Enterprise Edition
- Enables inheritance field param via the Integrations API (merge request)
- Add hasParent field to hierarchy widget (merge request)
- Add UI for CI_JOB_TOKEN permission settings (merge request)
- Document SPP known limitation (merge request)
- Remove ci_expand_variables_in_compare_to FF (merge request)
- Separate wiki page title and URL fields (merge request)
- Remove the
gitlab_duo_usage_menu_item feature flag (merge request) GitLab Enterprise Edition
- Remove references to hamilton_seat_management feature flag (merge request) GitLab Enterprise Edition
- Add FK to VSA stage event hashes organization_id (merge request)
- Release pipeline execution policy type (merge request) GitLab Enterprise Edition
- Update Analytics Dashboards' viewed/created/edited tracking events (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Add owners internal endpoint (merge request) GitLab Enterprise Edition
- Add banned/blocked indicator to card matches admin page (merge request) GitLab Enterprise Edition
- Recreate ci_finished_pipelines ClickHouse table (merge request)
- Add endpoint to update list of X-Ray dependencies (merge request) GitLab Enterprise Edition
- Add imported_from value to github importer (merge request)
- Create ci_finished_pipelines ClickHouse table (merge request)
- Add compliance center for premium customers (merge request) GitLab Enterprise Edition
- Add badge for feedback on new epics (merge request)
- Add a validation about project assignment to a replica (merge request) GitLab Enterprise Edition
- Add support for LDAP group sync with custom roles (merge request) GitLab Enterprise Edition
- Create audit event when deploying to protected environment (merge request) GitLab Enterprise Edition
- Add new namespaces/namespace_id route (merge request) GitLab Enterprise Edition
- Add support for groups in policy scope (merge request) GitLab Enterprise Edition
- Show TOC of a wiki page in sidebar (merge request)
- Add table to record placeholder contributions (merge request)
- Migration to populate vulnerability_reads.identifier_external_ids (merge request)
- Add runner fleet dashboard visit metric (merge request) GitLab Enterprise Edition
- Add more log fields in 401 Unauthorized requests (merge request)
- Add imported_from to bb cloud resources (merge request)
- Integration for Beyond Identity exclusions by groups (merge request)
- Add hybrid search query for issues (merge request) GitLab Enterprise Edition
- Add job item to pipeline mini graph (merge request)
- Add imported_from value to gitea imported resources (merge request)
- Add GraphQL API for AI Acceptance Rate (merge request) GitLab Enterprise Edition
- Create audit event for container repository tag deletion (merge request) GitLab Enterprise Edition
- Add tracking to metric drill-down links in VSD and AI Impact tables (merge request) GitLab Enterprise Edition
- Perform chat requests via new endpoint (merge request) GitLab Enterprise Edition
- Added mutation for updating MemberApprovals (merge request) GitLab Enterprise Edition
- Add new internal users endpoint (merge request) GitLab Enterprise Edition
- Add imported_from value to bb server resources (merge request)
- Add support for legacy epic references in workItemsByReference query (merge request) GitLab Enterprise Edition
- Add in pipeline stage dropdown (merge request)
- Add branch_filter_strategy to system, group and project hooks by @clxrx (merge request)
- Add duo enterprise add-on type (merge request) GitLab Enterprise Edition
- Add update mutation for the self-hosted models Vue client to leverage (merge request)
- Protected packages: Add label "protected" to package list on group level by @gerardo-navarro (merge request)
- Protected containers: Add GET to REST API for container protection rules by @nwittstruck (merge request)
- Add gitlab_sec db connection and application record (merge request)
- Fill out fields on InputType (merge request)
- Adds configurable default Service Desk ticket visibility (merge request)
- Add error message for failed association deletion (merge request)
- Allow
admin_runner to create a runner linked to a user (merge request) GitLab Enterprise Edition
- Allow push to the own repo using CI_JOB_TOKEN (merge request)
- Adds reusable SettingsSection component (merge request)
- Enable runner dashboard for groups (merge request) GitLab Enterprise Edition
- GraphQL: Add job execution status to runner manager (merge request)
- Auditing framework assign and unassign to a project (merge request) GitLab Enterprise Edition
- Add runner CSV export metrics at project and group level (merge request) GitLab Enterprise Edition
- WorkItems: Fix rolledup dates when removing child (merge request) GitLab Enterprise Edition
- feat: Add configuration for sec DB (merge request)
- GraphQL: API for retrieving most used runners (merge request) GitLab Enterprise Edition
- GraphQL: Add percentiles to QueueingHistoryTimeSeries (merge request) GitLab Enterprise Edition
- GraphQL: Add upgradeStatus field to RunnerType (merge request) GitLab Enterprise Edition
- Add support for Claude 3.5 Sonnet for code generation (merge request) GitLab Enterprise Edition
- Bump rouge to 4.3.0 with the new IEC 61131-3 Structured Text lexer by @bufferoverflow (merge request)
- Add secure schemas version 15.1.4 and 5.1.3 (merge request)
- Add metadata to group work item page (merge request)
- Add NOT NULL on merge_request_id (merge request)
- Add merge and closed user ids to MR metrics (merge request)
- Pass org in export part creation (merge request) GitLab Enterprise Edition
- Add support for child pipelines to SBOM ingestion (merge request) GitLab Enterprise Edition
- Add option to sort Pipeline Schedules to frontend by @schurzi (merge request)
- Add ability to create label in work item labels widget (merge request)
- Allow
admin_runner ability to change stale runner pruning setting (merge request) GitLab Enterprise Edition
- Adds type to issue webhook attributes (merge request)
- Add button for adding additional seats to error messages (merge request) GitLab Enterprise Edition
- Adds the CRUD Container component (merge request)
- Add variables field into PipelineType (merge request)
- Show latest version on version creation (merge request)
- Backfills gitlab group issue embeddings on gitlab.com (merge request) GitLab Enterprise Edition
- Enforce rate limits for notification emails (merge request)
- Release CI/CD popularity count and sort (merge request)
- Remove ci_expand_nested_resource_group_variables FF (merge request)
- Protected packages: REST API PATCH package protection rules by @nwittstruck (merge request)
- Add api to return group's shared groups by @imskr (merge request)
- Protected containers: Allow nil value for fields
minimum_access_level by @gerardo-navarro (merge request)
- Add maintenance mode banner to edit frameworks UI (merge request) GitLab Enterprise Edition
- Add cargo to supported sbom and sync types (merge request)
- Add disabled_direct_code_suggestions setting (merge request) GitLab Enterprise Edition
- AI impact analytics dashboard is now generally available (merge request) GitLab Enterprise Edition
- Adds inheritance settings to API::Integrations (merge request)
- Remove identity_verification_arkose_challenge feature flag (merge request) GitLab Enterprise Edition
- Added include_forked filter to the zoek search (merge request)
- Extend organization to snippets table (merge request)
- Include required backend data for the Project Header (merge request)
- Added create and delete apis for instance level namespace filters (merge request) GitLab Enterprise Edition
- Add approval_policy_rule_id index and foreign key (merge request)
- Add pod logs buttons (merge request)
- Add support for rendering readme in terraform package details page (merge request)
- Create container_repository_deletion_marked audit event (merge request) GitLab Enterprise Edition
- Protected packages: REST API POST package protection rule by @nwittstruck (merge request)
- Adjust logic to add org to export (merge request) GitLab Enterprise Edition
- Add mediaType as a field to Tag (merge request)
- Adds List-Unsubscribe-Post header to notification emails (merge request)
- Add member_role_id to ldap_group_links (merge request) GitLab Enterprise Edition
Fixed (162 changes)
- Exclude scripts from coherence check when publishing npm packages (merge request)
- Relax the version comparison for NPM uploads (merge request)
- Fix worker when record not found (merge request) GitLab Enterprise Edition
- Fix Content-Disposition not working for Azure in API download (merge request)
- Display error when delete framework fails (merge request) GitLab Enterprise Edition
- Cobertura parser: Extract filename OS-agnostically by @bmarconato (merge request)
- Fixed Productivity Analytics date range calculations (merge request) GitLab Enterprise Edition
- Fix IDE Duo Chat timeout (merge request) GitLab Enterprise Edition
- Support auth credentials from URI for pull mirror validation (merge request)
- Remove invalid foreign key fk_87f4cefcda_p (merge request)
- Fix calculations for predefined date ranges in Value Stream Analytics (merge request)
- Use sentence case for work items "Linked items" header (merge request)
- Fix custom emoji display (merge request)
- Fix pipeline subscription error flash message display (merge request) GitLab Enterprise Edition
- Remove zoekt dependency from elasticsearch (merge request) GitLab Enterprise Edition
- Fix custom role bug with requirements (merge request) GitLab Enterprise Edition
- Fix issues with quick action explanations (merge request)
- Fix notification emails not being sent when using external authorization by @pR0Ps (merge request)
- Clear seat assignments cache on bulk upsert (merge request) GitLab Enterprise Edition
- Fix how maven dependency proxy credentials are sent (merge request) GitLab Enterprise Edition
- Remove validation for ProtectedRef access levels (merge request)
- Make
complianceFrameworks field work for subgroups (merge request) GitLab Enterprise Edition
- Introduce dedup lock for rescheduling jobs (merge request)
- Fix GitHub Import when importing from GHE (merge request)
- Fix alignment of admin groups header (merge request)
- Parse the package.json file entirely for NPM uploads (merge request)
- Authenticate the GitLab Duo usage controller (merge request) GitLab Enterprise Edition
- Fix new issue note for group level issues (merge request)
- Remove milestone truncation on issues/merge requests dashboard (merge request)
- Protected packages: Npm package push protection for admin user by @gerardo-navarro (merge request)
- Work Item Epic feedback close on click (merge request)
- Fix work item sticky header (merge request)
- Fix bug with achievements path when feature flag not globally enabled (merge request)
- Protected packages: Fix documentation by @nwittstruck (merge request)
- Add workItemType check for weight widget for epics (merge request)
- Exclude disabled custom permissions (merge request) GitLab Enterprise Edition
- Prevent modal close on comment submission (merge request)
- Remove empty minimum_should_match from query (merge request) GitLab Enterprise Edition
- Prevent running scans from execution policies after downgrading license (merge request) GitLab Enterprise Edition
- Fix wildcard package.json search in npm upload (merge request)
- Fix sync failure retry backoff (merge request) GitLab Enterprise Edition
- Exclude last page link from projects/id/repository/commits endpoint (merge request)
- Unify spacing in group and project item components (merge request)
- Fix MR approval policy
prevent_pushing_and_force_pushing enforcement (merge request) GitLab Enterprise Edition
- Update static_holmes to v0.7.11 (merge request)
- Fix meta.root_namespace not logging for groups API requests (merge request)
- Remove
fix_sso_enforcement_for_web_activity feature flag (merge request) GitLab Enterprise Edition
- Fix layout of filtered search for pipelines page on mobile (merge request)
- Fix cached introspection query and graphql-explorer (merge request)
- Ignore object pool already exists creation errors (merge request)
- Fix approval policy type detection for policies list (merge request) GitLab Enterprise Edition
- Fix polling when retrying status check (merge request) GitLab Enterprise Edition
- Fix NoMethodError in PathLocksController (merge request) GitLab Enterprise Edition
- Protected packages: Remove developer as an example from documentation by @nwittstruck (merge request)
- Ignore selected project if adding epic (merge request)
- Remove Bad spacing in pending comment by @Deepak18-06 (merge request) GitLab Enterprise Edition
- Fix merge train merge availability when pipeline is canceling (merge request) GitLab Enterprise Edition
- Fix broken schema path (merge request) GitLab Enterprise Edition
- Fix incorrect retry warning when merge trains are enabled (merge request) GitLab Enterprise Edition
- Fix Zoekt exact match (merge request) GitLab Enterprise Edition
- Forking project to groups with restricted visibility levels by @gerardo-navarro (merge request)
- Title returns a default value if no advisory title (merge request) GitLab Enterprise Edition
- When activity token is cleared set query to all values (merge request) GitLab Enterprise Edition
- Fix issues mailer for group level issues (merge request)
- Display unverified badge for signed commits without a signature (merge request)
- Fix related items header in dark mode (merge request)
- Reduce getPipelineDetails query complexity below 200 (merge request)
- Fix issue description task actions focus bug (merge request)
- Reset form error when tokens change after submission failure (merge request)
- Do not create empty rule for branch specific rules (merge request) GitLab Enterprise Edition
- Reinstate dt disabled message (merge request)
- Fix submit keyboard shortcut on commit page (merge request)
- Remove custom CSS to fix modal background color (merge request)
- Fix badge issues and sticky header (merge request)
- Skip approval updates for merged MRs (merge request) GitLab Enterprise Edition
- Fix ambiguous namespace_id in query (merge request)
- Pass session_id to nested sidekiq calls (merge request) GitLab Enterprise Edition
- Prevent redudant finalisations of segmented exports (merge request) GitLab Enterprise Edition
- Allow Developers to create projects from templates (merge request)
- Fix flaky test in SyncFunnelsWorker by @max.woolf (merge request) GitLab Enterprise Edition
- Fix URL generation for links with spaces (merge request)
- Fix Link header for Tree API requests (merge request)
- Fix issue creation on board with scope set to No iteration (merge request) GitLab Enterprise Edition
- Fix setting the
organization_id for vulnerability exports (merge request) GitLab Enterprise Edition
- Field needs to be called Url (merge request)
- Fix bulk_import history prop type check (merge request)
- Upgrade graphql-client GEM (merge request)
- Fix Milestone collapsed sidebar, adjust some aspects of issue sidebar (merge request)
- Add safeguard for author (merge request) GitLab Enterprise Edition
- Geo: Update the host to build the replication details links by @antonkalmykov (merge request) GitLab Enterprise Edition
- Add missing "Deploy Keys" breadcrumb item (merge request)
- Allow viewing hook logs with admin_hook permission (merge request) GitLab Enterprise Edition
- Recreate records when moving issues (merge request) GitLab Enterprise Edition
- Authenticate agent requests using Gitlab-Agentk-Api-Request header (merge request)
- Fix Verification concurrency limit (merge request) GitLab Enterprise Edition
- SSO enforcement for web activity should only apply to current_user (merge request) GitLab Enterprise Edition
- Display the number of rules for a given branch only (merge request) GitLab Enterprise Edition
- Fix sticky header badges shrinking (merge request)
- Fix DML not allowed error when creating views (merge request)
- Use pajamas default left and right spacings on Roadmap page (merge request) GitLab Enterprise Edition
- Fix orphaned work item parent links (merge request) GitLab Enterprise Edition
- Add jwt for jira connect branches (merge request)
- Do not wrap flex parent of verified badge and commit copy button (merge request)
- Protected packages: NPM push protection for deploy token by @gerardo-navarro (merge request)
- Use universal_stylesheet_link_tag in app layout head haml (merge request)
- Improve error message when setting parent of a work item (merge request)
- Fix search bar accessibility issues (merge request)
- Allow to set "No one" level for branch protection defaults (merge request)
- Fix MailRoom not loading in Omnibus (merge request)
- Change fixture order (merge request)
- Don't trigger edit wiki shortcut when using search (merge request)
- Include action in webhook test payloads (merge request)
- Fix issue using multiple contact quick actions at the same time (merge request)
- Correct finalize migration for BackfillEpicBasicFieldsToWorkItemRecord (merge request)
- Remove extra gap when 0 roadmap epics have children (merge request) GitLab Enterprise Edition
- Fix finding name in regards to image name (merge request) GitLab Enterprise Edition
- Validate provided group parameters (merge request) GitLab Enterprise Edition
- Vertically align group and project header (merge request)
- Fix undefined method error for invalid ref (merge request)
- Fix NoMethodError for Files API (merge request)
- Do not show minimal access role as option (merge request)
- Include pagination values in request (merge request)
- DAST Scan library: Fix Tailwind classname (merge request)
- Fix line number for larger numbers (merge request)
- Fix 500 on Changelog config (merge request)
- Fix spacing info popover icon on dependencies table (merge request) GitLab Enterprise Edition
- Revert "Merge branch '430915-enhance-permission-selector' into 'master'" (merge request) GitLab Enterprise Edition
- Do not show cluster image scanning vulnerabilities on development tab (merge request) GitLab Enterprise Edition
- Cap vulnerability report tab count if it exceeds cap count limit (merge request) GitLab Enterprise Edition
- Enable the query workItemsByReference to accept a group path (merge request) GitLab Enterprise Edition
- Improve work item query when sorting by updated_at (merge request)
- Don't introduce Unicode null character while escaping it (merge request) GitLab Enterprise Edition
- Fix related work item links syncing (merge request) GitLab Enterprise Edition
- Fix extra blank space above drawer work item attributes sidebar (merge request)
- Only enumerate commits in pre-receive check if push came from Web (merge request)
- Fix layout of issue list top area on small viewports (merge request)
- Fix the workItemType to be valid (merge request)
- Ensure all analytics breadcrumbs display (merge request) GitLab Enterprise Edition
- Fix missing forked_from_project in projects API for unauth users by @_ZN3val (merge request)
- Fixes notebook markdown failing to render (merge request)
- Fixed Numpad enter key event (merge request)
- Fix error message when adding confidential epic to public issue (merge request) GitLab Enterprise Edition
- Include empty groups in mentions autocomplete (merge request)
- Fix Bitbucket importer MR reviewers (merge request)
- Use widget presence check for rendering Hierarchy widget (merge request) GitLab Enterprise Edition
- Skip IP lookups in validating URLs on certain conditions (merge request)
- Add missing ResourceLinkEvent#synthetic_note_class (merge request)
- Fix missing require_reauthentication_to_approve in API (merge request) GitLab Enterprise Edition
- Fix Inactive Project Deletion reset deletion date by @Deepak18-06 (merge request)
- Remove the
deduplicate_security_report_ingestion_jobs FF (merge request) GitLab Enterprise Edition
- Apply
gl-break-word to test file name in Pipeline test suite detail (merge request)
- Remove null bytes when importing diffs (merge request)
- Fix resolving namespace conflicts on creating internal user (merge request)
- Fix redirect to docs.gitlab.com when no custom doc_url is configured (merge request)
- Quarantine metrics_test_fetches_top_job_data (merge request)
- Fix rename functionality using "Edit single file" (merge request)
- Resolve pagination issue (merge request)
- Read more: Fix background color in darkmode (merge request)
- Use LocalStorage for frequently used emoji (merge request)
- Fix alignment of commit in admin jobs page (merge request)
- Fix kubernetes tabs (merge request)
- Skip conflict check when adding to merge train on pipeline success (merge request) GitLab Enterprise Edition
Changed (231 changes)
- Change schema for sbom_sources (merge request)
- Disables remaining prometheus integration endpoints (merge request)
- Change format of iteration dates (merge request) GitLab Enterprise Edition
- Use sentence case for security and compliance (merge request)
- Rename DAG feature to needs (merge request)
- Clarifies error text for confidentiality (merge request)
- Improve AI impact analytics dashboard trend indicator tooltips (merge request) GitLab Enterprise Edition
- Update admin health check page UI (merge request)
- Update scheduled_scans_max_concurrency for self-managed (merge request) GitLab Enterprise Edition
- Defaulting Duo Chat to use Sonnet 3.5 and updating related documentation (merge request) GitLab Enterprise Edition
- Cleanup telesign_high_risk_cc_validation feature flag (merge request) GitLab Enterprise Edition
- Updating LooseForeignKey cleaner service to not raise (merge request)
- Backfill zoekt replicas on zoekt indices (merge request)
- Use sentence case for Admin area (merge request)
- Use group organization for import user personal namespace (merge request)
- Update background jobs header (merge request)
- Remove pages from navigation when disabled in settings by @Taucher2003 (merge request)
- Remove view summary experiment label (merge request) GitLab Enterprise Edition
- This MR adds new option for group dropdown (merge request) GitLab Enterprise Edition
- Migrate os sbom occurrences to correct components (merge request)
- Use monospace font for code inputs in Pages setup (merge request)
- Add or text between conditions sections for scan result policy by @jzeng88 (merge request) GitLab Enterprise Edition
- Move CI lint button (merge request)
- Separate terminated workspaces into a new tabbed list view (merge request) GitLab Enterprise Edition
- Summarize issues using Anthropic (merge request)
- Add details to client-side secret detection warnings (merge request)
- Enforce job uniqueness with pipeline execution policies (merge request) GitLab Enterprise Edition
- Use sentence case for audit events (merge request)
- Renames TanukiBot to GenerateEmbeddingsCompletionsService (merge request) GitLab Enterprise Edition
- Merge notes unification FF under more generic unification FF (merge request)
- Author admin permissions for PersonalSnippet notes (merge request)
- Merge Request auto close issues now checked on merge (merge request)
- Verify replicable after create/update (merge request) GitLab Enterprise Edition
- Add Notify mutation to resend email (merge request)
- feat: Decompose sbom_source_packages from sbom_occurrences (merge request) GitLab Enterprise Edition
- Use Duo for summarize comments (merge request)
- GraphQL: Rename CiRunnerJobExecutionStatus RUNNING to ACTIVE (merge request)
- Update health check page (merge request)
- Update usage trends feature to sentence case (merge request)
- Use sentence case for background migrations (merge request)
- Used new process to gen gitleaks.toml (merge request)
- Merge labels unification FF under more generic unification FF (merge request)
- Show selected work item labels at top of the list (merge request)
- Migrate groups dashboard to filtered search and sort (merge request)
- Use Active badge instead of Running badge in runners list (merge request)
- Update admin background jobs page (merge request)
- Add license type to overview (merge request) GitLab Enterprise Edition
- Update dependency ai-gateway to v1.10.0 (merge request)
- Add title and subtitle on the standalone GitLab Duo settings page (merge request) GitLab Enterprise Edition
- Exclude archived projects from dependency list search filter (merge request) GitLab Enterprise Edition
- Hide Service Desk from navigation if disabled in settings by @Taucher2003 (merge request)
- Remove Gitlab.com check for last_published_at (merge request)
- Always allow license sorting for group dependency list (merge request) GitLab Enterprise Edition
- Update spam logs UI (merge request)
- feat: Add doorkeeper device auth support by @johnwparent (merge request)
- Explain quick actions inline in RTE (merge request)
- Add linked projects to framework (merge request) GitLab Enterprise Edition
- Enable submit button by default (merge request) GitLab Enterprise Edition
- AI impact analytics dashboard: Add tooltip when there is no % change (merge request) GitLab Enterprise Edition
- Remove search_merge_request_query_builder FF (merge request) GitLab Enterprise Edition
- Move merge request files now shown warning to diff panel (merge request)
- Notify Admin re: the hierarchy limits in displaying Group(s) statistics (merge request)
- Allow filtering Resource Access Tokens by state in the REST API (merge request)
- Add
seats_in_use to GitlabSubscriptionHistory trarcked attributes (merge request) GitLab Enterprise Edition
- Sets elaticsearch_issue_upsert flag as default enabled (merge request) GitLab Enterprise Edition
- Add placeholder data to member tabs (merge request)
- Prohibit "default" as compliance framework name (merge request) GitLab Enterprise Edition
- Backfilling null project_id for p_ci_builds (merge request)
- Switch deployment approvals group view to Vue (merge request) GitLab Enterprise Edition
- Update protected environments to handle group view (merge request) GitLab Enterprise Edition
- Add trial and update users_over_license_count in CurrentLicenseType (merge request) GitLab Enterprise Edition
- List selector component for groups can fetch project only groups (merge request) GitLab Enterprise Edition
- Update admin credentials page (merge request)
- Update Tools Injector Image, PAT scope with additional ENV (merge request)
- Update Cloud Connector architecture docs (merge request) GitLab Enterprise Edition
- Update admin background migrations (merge request)
- Clarify CI Job Token wording (merge request)
- Adds info alert about cleanup policy regexp anchors (merge request)
- Remove unicode_escaped_blob feature flag (merge request)
- Update admin topic page (merge request)
- Added Promotion Management for CreatorService (merge request) GitLab Enterprise Edition
- Allow access token access to usage_data API (merge request)
- Default cube analytics queries to the last 7 days (merge request) GitLab Enterprise Edition
- Refactors QueueExistingMemberService (merge request) GitLab Enterprise Edition
- Enable custom dashboards by default on projects (merge request) GitLab Enterprise Edition
- Fixing target_table_name for build_name foreign key (merge request)
- Make filter based visualization designer generally available (merge request) GitLab Enterprise Edition
- Ignore
confidence column on Security::Finding (merge request) GitLab Enterprise Edition
- Remove DuoChat from Help center (merge request) GitLab Enterprise Edition
- Remove wiki sidebar limit (merge request)
- Improve token access add form (merge request)
- Move create repo position (merge request)
- Fix CI icons shape (merge request)
- Support expanding references for work items (merge request)
- Align the visual presentation of the action between groups and projects by @antonkalmykov (merge request) GitLab Enterprise Edition
- Update admin project layout (merge request)
- Align admin users account content (merge request)
- Clean up signup_intent_step_one experiment (merge request) GitLab Enterprise Edition
- Show wiki sidebar on a 404 page (merge request)
- This MR adds validation for policy action (merge request) GitLab Enterprise Edition
- Update welcome screen (merge request)
- Update users page for admin view (merge request)
- Update concurrency_limit for CreatePipelineWorker (merge request) GitLab Enterprise Edition
- Added Finder, and correponding scope (merge request) GitLab Enterprise Edition
- Zoekt: Add ctags support (merge request) GitLab Enterprise Edition
- Remove creating framework at sub-group level (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint for
remote_mirrors.project_id (merge request)
- Add
taskCompletionStatus to the work item UI (merge request)
- Update semver_dialects gem version (merge request)
- Default enable FF group_level_vulnerability_report_grouping (merge request)
- Update abuse reports list view (merge request)
- Use SettingsBlockComponent for admin push rules (merge request)
- Sync epic work items to legacy epic by default (merge request) GitLab Enterprise Edition
- Add organization_id to stage event hashes table (merge request)
- Admin groups: Improve display of content (merge request) GitLab Enterprise Edition
- Update PMG architecture blueprint (merge request)
- Fix required approvers validation (merge request) GitLab Enterprise Edition
- Update graphiql-rails gem (merge request)
- Modified UX of command palette (merge request)
- Admin settings: Migrate network settings to SettingsBlock (merge request)
- Migrate oauth applications to use CRUD container (merge request)
- Migrate broadcast messages page (merge request)
- Remove the data preview option from the visualization desinger (merge request) GitLab Enterprise Edition
- Update dependency ai-gateway to v1.8.0 (merge request)
- Extract SSoT for pipeline sources for which SEP should be enforced (merge request) GitLab Enterprise Edition
- Move Mermaid too large alert to the beginning (merge request)
- Update bulk create service for custom software licenses (merge request) GitLab Enterprise Edition
- Raising error in mutation when more than 1 frameowrks for project (merge request) GitLab Enterprise Edition
- Update vendor/spdx.json to v3.24 (merge request)
- Add search_type param to SearchService (merge request)
- Update wording for pipeline deprecation banner (merge request) GitLab Enterprise Edition
- Route resolve vulnerability through the Anthropic client (merge request) GitLab Enterprise Edition
- Add read_runners custom ability (merge request) GitLab Enterprise Edition
- Migrates deploy keys to use CRUD container (merge request)
- Allow blob window size to be specified (merge request)
- Remove ":" for drawer title: overwritten part by @jzeng88 (merge request) GitLab Enterprise Edition
- Adds snowplow form error events (merge request) GitLab Enterprise Edition
- Adjust layout of iteration report issues table (merge request) GitLab Enterprise Edition
- Remove "+" icon and add word "new" to button by @jzeng88 (merge request) GitLab Enterprise Edition
- Update admin groups layout (merge request)
- Add support for parsing CI log timestamps (merge request)
- Reduce the amount of variants for GitLab UI badges (merge request)
- Duo Chat cancel button integration (merge request) GitLab Enterprise Edition
- Remove "scan" word from execution variable by @jzeng88 (merge request) GitLab Enterprise Edition
- Update admin product analytics settings (merge request)
- Allow assigning compliance frameworks at sub-group level (merge request) GitLab Enterprise Edition
- Migrate CI/CD Variables settings to CRUD container (merge request)
- Update admin license and compliance layout (merge request)
- Remove drill-down link for code suggestions usage metric (merge request) GitLab Enterprise Edition
- Change History links to 'View import history' buttons (merge request)
- Update tools injector image (merge request) GitLab Enterprise Edition
- Admin labels: Migrate to use CRUD container (merge request)
- Admin settings: Migrate reporting section to use SettingsBlock (merge request)
- Admin settings: Migrates repository page to use SettingsBlock (merge request)
- Admin settings: Migrate analytics section to use SettingsBlock (merge request)
- Admin settings: Migrate preferences to use SettingsBlock (merge request)
- Admin settings: Migrate metrics settings to use SettingsBlock (merge request)
- Admin settings: Migrate templates section to use SettingsBlock (merge request)
- Admin settings: Migrate CI/CD settings to use SettingsBlock (merge request)
- Admin settings: Migrate settings blocks of general settings (merge request)
- Update GitLab Pages version (merge request)
- Pipeline graph dropdowns: Use GlBadge for indicating jobs (merge request)
- Update projects page for admin view (merge request)
- Require user to solve Arkose challenge on every PN verification attempt (merge request) GitLab Enterprise Edition
- Migrates File Hooks to use CRUD Component (merge request)
- Admin settings: Migrate advanced search to use SettingsBlock (merge request)
- This MR updated approve layout (merge request) GitLab Enterprise Edition
- Conditionally handle AuthorizationsChangedEvent when policies exists (merge request) GitLab Enterprise Edition
- Add report_type to Approval Rules APIs by @PatrickRice (merge request) GitLab Enterprise Edition
- Update locked application setting popover (merge request)
- Enable assign resource v2 by default (merge request)
- Update admin geo page (merge request)
- Refetch job list when an artifactless job remains (merge request)
- Add start trial CTA to duo pro usage tab (merge request) GitLab Enterprise Edition
- Provide consistent interface across scopes (merge request) GitLab Enterprise Edition
- Update snippets empty state (merge request)
- Remove ignored
toggle_security_policies_policy_scope setting (merge request)
- Update naming of duo group settings (merge request)
- Add UserStarredProjectsResolver sort argument by @jzeng88 (merge request)
- Migrates gl-display-inline-flex to gl-inline-flex (merge request)
- Multiple frameworks labels (merge request) GitLab Enterprise Edition
- Add permissions checking to AI Impact Dashboard (merge request) GitLab Enterprise Edition
- Admin settings: Migrate security settings to use SettingsBlock (merge request)
- Externalize strings on ldap_group_links by @MAlvarez32 (merge request)
- Improve usability of environment folders by @antonkalmykov (merge request)
- Display capped results for large datasets (merge request) GitLab Enterprise Edition
- Update GitLab logo on deploy page (merge request)
- Update groups page for admin view (merge request)
- Update admin subscription page UI (merge request) GitLab Enterprise Edition
- Add placeholder actions to table (merge request)
- Update visualization type selection with validation state (merge request) GitLab Enterprise Edition
- User friendly date formatting in Container tags_list_row by @Saurabh-Daware (merge request)
- Remove extra space in board cards (merge request)
- Check deploy_key exists during ProtectedRefDeployKeyAccess#valid? (merge request)
- Implement AR validations for ProtectedRefAccess (merge request) GitLab Enterprise Edition
- This MR updates yaml schema (merge request) GitLab Enterprise Edition
- Remove showcase_free_security_features experiment (merge request) GitLab Enterprise Edition
- Reverse make_synced_work_item_read_only FF check logic (merge request) GitLab Enterprise Edition
- Renamed autocomplete scopes to use plural form (merge request)
- Show dependency location count if
occurrenceCount field is present (merge request) GitLab Enterprise Edition
- This MR removes loading state (merge request) GitLab Enterprise Edition
- Add concurrency_limit to AddApproversToRulesWorker (merge request) GitLab Enterprise Edition
- Update gitaly servers page (merge request)
- Update trial terms (merge request)
- Enable zoekt_exact_search by default (merge request) GitLab Enterprise Edition
- Remove ai_claude_3_for_docs feature flag (merge request) GitLab Enterprise Edition
- Increase max body limit for AI GW requests (merge request) GitLab Enterprise Edition
- Remove GCP WLIF setup script API endpoint (merge request) GitLab Enterprise Edition
- Drop ci_job_artifacts_use_primary_to_authenticate feature flag (merge request)
- This MR updates yaml schema (merge request) GitLab Enterprise Edition
- Adds Zoekt::Replica (merge request)
- Update admin system info page (merge request)
- Replace approval modal with link to approval page (merge request)
- This MR refactors multi select text (merge request) GitLab Enterprise Edition
- This MR updated user approver dropdown (merge request) GitLab Enterprise Edition
- Remove :notify_owners_of_finished_dt FF (merge request)
- Cleanup the duo_pro_trials feature flag (merge request) GitLab Enterprise Edition
- Change unit primitive for text embeddings (merge request) GitLab Enterprise Edition
- Extend error-alert Vue component with buttons (merge request) GitLab Enterprise Edition
- Add external Stripe IDs to CreditCardValidation (merge request) GitLab Enterprise Edition
- Improve compliance center for subgroups (merge request) GitLab Enterprise Edition
- Use static AWS credentials for indexer if set (merge request) GitLab Enterprise Edition
- Remove transaction opening for non-basic search count (merge request)
- Remove overflow:hidden from card component (merge request)
- Display usage quota tab during duo pro trial even group on free plan (merge request) GitLab Enterprise Edition
- Allow self-signed CC tokens in development (merge request) GitLab Enterprise Edition
- Add NOT NULL constraint to ci_runner_namespaces.namespace_id (merge request)
- Add NOT NULL constraint to ci_runner_projects.project_id (merge request)
- Update create label UI in labels widget (merge request)
- Change help link text copy (merge request)
- Update dependency auto-build-image to v4.2.0 (merge request)
Removed (22 changes)
- Remove triggers and old columns for bigint p_ci_builds (merge request)
- Removes storage_size index on project statistics (merge request)
- Remove MR review summaries table (merge request)
- Drop
index_vulnerability_occurrences_for_issue_links_migration (merge request)
- Reverts 112527 as no longer required (merge request)
- Remove EnsureStageService and prep for removal of
stage (merge request)
- Drop legacy geo_repositories_changed_events table (merge request)
- Remove SafelyChangeColumnDefault include (merge request)
- Remove
issues_mrs_empty_state feature (merge request) GitLab Enterprise Edition
- Remove create_user_details_all_user_creation feature flag (merge request)
- Remove the template auto fill AI feature (merge request)
- Removes project stats index on packages size (merge request)
- Chore: Remove the ai editor assistant feature flag (merge request) GitLab Enterprise Edition
- Removes storage size idx on project_statistics (merge request)
- Drop unused DAST tables (merge request) GitLab Enterprise Edition
- Removes project stats index on wiki size (merge request)
- Remove track_ai_metrics_in_usage_data feature flag (merge request)
- Removes index on project_statistics async (merge request)
- Remove obsolete codeSuggestionsUsageRate field (merge request) GitLab Enterprise Edition
- Remove sep batching configuration (merge request) GitLab Enterprise Edition
- Removes temp index from project statistics (merge request)
- Cleanup prominent_create_board_btn feature flag (merge request)
Security (23 changes)
- Check npm package name, version and scripts coherence
- Disallow serving Pages over disabled custom domains with deployments
- Prevent privilege escalation via custom role
- Check if user has ban_group_member access before banning in namespace
- Check for create_deploy_token policy before creating deploy token
- Prevent using quick actions for some bot users
- Disable raw HTML for quick action pipeline
- Disable quick actions unless description changed
- Remove comment support from shrug and tableflip
- Pass SSO session data to Sidekiq
- Do not run a new pipeline on re-target
- Remove search results from public projects with unauthorized repos
- Reject deletion of security policy project approval rules
- Add limits on autolinker regex
- Fix for Private job artifacts can be accessed by any user
- Prevent non-members from using promote_to quick action for quick actions
- Fix the catastrophic backtracking in openapi regex
- Use permitted_params for standalone and multiplex queries
- Fix clickjacking on OAuth application page
- Remove collapseLongCommitList method
- Security fixes for banzai pipeline
- Hide branch merge request if merge requests are private
- Mitigate ReDoS attacks via
method_call_regex
Performance (3 changes)
- Parse affected ranges only once (merge request)
- Adjust Bitbucket server importer to be resumable by @ivantedja (merge request)
- Remove group-level vulnerability report performance improvements FF (merge request) GitLab Enterprise Edition
Other (150 changes)
- Finalize DeleteOrphansApprovalMergeRequestRules2 (merge request)
- Update display_work_item_epic_issue_sidebar to work_item_epics (merge request) GitLab Enterprise Edition
- Remove bitbucket_cloud_convert_mentions_to_users ff (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove filter_deleted_groups feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove unused index with namespace_id on vulnerability_reads (merge request)
- Sync approval settings for groups for reauth setting (merge request)
- Remove self_managed_code_suggestions feature flag (merge request) GitLab Enterprise Edition
- Create table p_ci_build_tags (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove reference to BBD ODS FF (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Remove
rewrite_sbom_occurrences_query feature flag (merge request) GitLab Enterprise Edition
- Fix forgotten ability (merge request) GitLab Enterprise Edition
- Fix <Layouts/LineLength> offenses by @Rohit.Kala (merge request)
- Fix flaky test "#protected_branch_exists?" (merge request)
- Implement delete car mutation (merge request) GitLab Enterprise Edition
- Rollout Filtered Search on Vulnerability Report (merge request) GitLab Enterprise Edition
- Fix pipeline schedule error handling (merge request)
- Remove temp index by @TamsilAmani (merge request)
- Add a
pending_delete column to mark namespaces deleted by user (merge request)
- Add partitioned FK from ci_pipeline_artifacts to ci_pipelines (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration CreateComplianceStandardsAdherence (merge request)
- Rspec Test order: run test in random order by @Deepak18-06 (merge request)
- Quarantine a flaky test (merge request)
- Refactor SAX document to cobertura (merge request)
- Release jira_connect_remove_branches (merge request)
- Finalize BackfillWorkItemHierarchyForEpics migration (merge request)
- Improve accessibility of remove icon buttons (merge request)
- Persist all policies instead of active policies (merge request) GitLab Enterprise Edition
- Remove set_ip_address feature flag (merge request)
- Finalize re-syncing basic epic attribute migration (merge request)
- Finalize BackfillEpicDatesToWorkItemDatesSources (merge request)
- Enable parallel_project_export feature flag (merge request)
- Add weight widget definition options (merge request)
- Add partitioned FK from p_ci_builds_execution_configs to ci_pipelines (merge request)
- Sync create index and swap columns (merge request)
- Fix Style/Lambda offenses by @Deepak18-06 (merge request) GitLab Enterprise Edition
- Add index for listing uploads (merge request)
- Quarantine a flaky test (merge request)
- Protected packages: Batch load matching protection rules by @gerardo-navarro (merge request)
- Extend a troubleshooting section to cover Xcode SSH keys problem (merge request)
- Add partitioned FK from ci_pipeline_chat_data to ci_pipelines (merge request)
- Rspec Test Order:Run spec/graphql/types in random order by @Deepak18-06 (merge request)
- Add partitioned FK from ci_pipelines_config to ci_pipelines (merge request)
- Finalize backfilling of related epic links on issue links (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/LineBreakAfterFinalMixin offenses by @m.bortlik (merge request)
- Protected containers: Enable multi-line errors in GraphQL API by @gerardo-navarro (merge request)
- Fix Layout/ExtraSpacing offenses by @miha-prehcm (merge request)
- Add partitioned FK from ci_pipeline_messages to ci_pipelines (merge request)
- Add partitioned FK from ci_pipeline_metadata to ci_pipelines (merge request)
- Mark 20230615101400 as obsolete (merge request) GitLab Enterprise Edition
- Change table ownership (merge request)
- Add and backfill group_id for packages_debian_group_architectures (merge request)
- Add partitioned FK from p_ci_pipeline_variables to ci_pipelines (merge request)
- Regenerate rubocop todo files (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Prepare ci_pipelines.autocancel_by_id for composite primary key (merge request)
- Finalize BackfillEpicIssuesIntoWorkItemParentLinks migration (merge request)
- refactor: Increase test code quality for package controller test by @gerardo-navarro (merge request)
- Add partitioned FK from ci_sources_pipelines to ci_pipelines (merge request)
- Remove default values for ci_sources_projects#partition_id (merge request)
- Add and backfill group_id for packages_debian_group_components (merge request)
- Add spec to verify FeatureFlagReferenceFilter N+1 by @jzeng88 (merge request)
- Finalize migration ConvertCreditCardValidationDataToHashes (merge request)
- Add test for N+1 query for VulnerabilityReferenceFilter by @jzeng88 (merge request) GitLab Enterprise Edition
- Rspec Test Order:Run spec in random order by @Deepak18-06 (merge request)
- Revert "Merge branch 'bwill/optimize-top-bound-lineage-search' into 'master'" (merge request)
- Mark 20230719094243 as obsolete (merge request) GitLab Enterprise Edition
- Resolve Layout/ArgumentAlignment offenses 76 by @gauravmarwal (merge request)
- Create Dependencies::DependencyListExport::Part model (merge request)
- Add and backfill project_id for packages_debian_project_architectures (merge request)
- Add partitioned FK from p_ci_stages to ci_pipelines (merge request)
- Add partitioned FK from p_ci_builds to ci_pipelines (merge request)
- Mark 20230719144243 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230628094243 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230702000000 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230711140500 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill project_id for packages_debian_project_components (merge request)
- Mark 20230719142200 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230703112233 as obsolete (merge request) GitLab Enterprise Edition
- Remove ignored MemberRole columns (merge request)
- Set internal bots profiles to be private and confirmed (merge request)
- Finalize migration BackfillSbomOccurrencesTraversalIdsAndArchived (merge request)
- Mark 20230628094700 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill project_id for ml_candidate_metadata (merge request)
- Add and backfill project_id for packages_dependency_links (merge request)
- Add not null constraint (merge request) GitLab Enterprise Edition
- refactor: Apply best practices to feature test new project by @gerardo-navarro (merge request)
- Rspec Test order: run test in random order by @Deepak18-06 (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Mark 20230710142700 as obsolete (merge request) GitLab Enterprise Edition
- Remove initialize_processable from Seed::Build by @Deepak18-06 (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove unused deployments indexes on .com (merge request)
- Implement cars resolver (merge request) GitLab Enterprise Edition
- Add and backfill project_id for ml_model_metadata (merge request)
- Add and backfill project_id for merge_requests_closing_issues (merge request)
- Add and backfill project_id for vulnerability_external_issue_links (merge request)
- Add and backfill project_id for packages_conan_metadata (merge request)
- Finalize migration BackfillProjectStatisticsStorageSizeWithRecentSize (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Check for N+1 in IssueReferenceFilter by @Deepak18-06 (merge request)
- Drop
security_findings_confidence_idx index from security_findings (merge request)
- Add and backfill project_id for packages_maven_metadata (merge request)
- Add and backfill project_id for vulnerability_finding_evidences (merge request)
- Add and backfill project_id for merge_request_reviewers (merge request)
- Finalize migration BackfillUsersColorModeId (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Merge ExtractsRef into ExtractsPath (merge request)
- Add new column to store organization project & group sorting options (merge request)
- Remove imported column from relevant tables (merge request)
- Add and backfill namespace_id for vulnerability_finding_signatures (merge request)
- Add post_migrate to remove invalid record (merge request) GitLab Enterprise Edition
- Remove default values ci_pipeline_messages#partition_id (merge request)
- Drop merge_requests_closing_issues.closes_work_item column (merge request)
- Resolve Layout/ArgumentAlignment offenses 88 by @gauravmarwal (merge request)
- Add a new model that will handle abuse report notes (merge request)
- Add and backfill project_id for protected_tag_create_access_levels (merge request)
- Add and backfill project_id for vulnerability_findings_remediations (merge request)
- refactor: Remove rubocop issues by @gerardo-navarro (merge request)
- Change catalog resource last 30-day count updated_at (merge request)
- Finalize BackfillPartitionIdCiPipelineMessage (merge request)
- Protected packages: Shorten GraphQL field
protectionRuleExists Part 3 by @gerardo-navarro (merge request)
- Add and backfill project_id for vulnerability_flags (merge request)
- Add and backfill project_id for merge_request_context_commits (merge request)
- Add and backfill namespace_id for issue_links (merge request)
- Add and backfill group_id for related_epic_links (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove "use_remote_mirror_destroy_service" feature flag (merge request)
- Protected containers: Cleanup renaming of protected_up_to_access_level by @gerardo-navarro (merge request)
17.1.8 (2024-09-16)
No changes.
17.1.7 (2024-09-11)
Fixed (2 changes)
- Fix Sidekiq crashing when GITLAB_LOG_LEVEL set to debug
- Backport Fixes Geo Replication Details view GitLab Enterprise Edition
Changed (1 change)
Security (18 changes)
- Revert 'security-psk-fix-external-wiki-integration-dos-17-1' into '17-1" (merge request)
- Fix the vulnerability in the glm_source parameter (merge request)
- Improve GraphQL log security (merge request)
- Add permissions check to project creations from a project template (merge request)
- Fix credentials disclosure in mirroring failure (merge request)
- Redirect url in the link validated for being external (merge request)
- [17.1] Update edit permissions for DAST profiles (merge request)
- Commit information visible through release atom endpoint for guest users (merge request)
- Execute environment stop actions as the owner of the action (merge request)
- Prevent code injection in Product Analytics funnels YAML (merge request)
- Prevent users with admin_group_member custom ab. to manage custom roles (merge request)
- Fixed frontend regex to parse URI (merge request)
- Use session instead of params for identity linking (merge request)
- Fix external wiki integration DoS by changing request to HEAD (merge request)
- Restrict IPs for packages dependency proxy (merge request)
- Strip out Set-Cookie header from dependencyproxy auth response (merge request)
- Fix open redirect due to additional slash added (merge request)
- Group Developers can view group runners (merge request)
17.1.6 (2024-08-21)
Security (1 change)
17.1.5 (2024-08-20)
Fixed (1 change)
- Properly handle empty repository.ff_merge in FromTrainRef merge strategy GitLab Enterprise Edition
Changed (1 change)
- Include language server version in code suggestions GitLab Enterprise Edition
Security (4 changes)
- Do not run pipelines when resolving vulnerability (merge request)
- Add Octokit::ResponseValidation middleware (merge request)
- IP restriction to prevent all group permissions (merge request)
- Destroy associated releases when removing a tag via Git CLI (merge request)
17.1.4 (2024-08-06)
Changed (2 changes)
Security (13 changes)
- Show correct file content (merge request)
- Fix Possible asciidoctor include:: directive DOS (merge request)
- Filter parameters in Rack::Attack logs (merge request)
- Update audit payload (merge request)
- Limit access to project accessed by Security Policy Bot (merge request)
- Show alert about not rendering files due to path encoding (merge request)
- Fix the catastrophic backtracking (merge request)
- Security fixes for banzai pipeline part 2 (merge request)
- Remove xhtml extensions from snippets blobs (merge request)
- Add a project scope to LfsTokens (merge request)
- Fix ReDoS when parsing git push options (merge request)
- Fix ReDoS in RefMatcher (merge request)
- Enforce
require_password_to_approve MR approval policy property (merge request)
17.1.3 (2024-07-24)
Fixed (2 changes)
- Fix wildcard search for package.json in npm upload
- Ignore object pool already exists creation errors
Security (7 changes)
- Refactor import_export_upload to be user-based (merge request)
- Fix for private txt artifacts being accessible through the artifacts/browse link (merge request)
- Attribute BulkImport::Export to a particular user (merge request)
- Don't include project-level analytics settings in DOM (merge request)
- Fix for private dotenv artifacts not accessible to downstream jobs (merge request)
- Do not allow script execution on dependency responses (merge request)
- Remove prohibited tags after import (merge request)
17.1.2 (2024-07-09)
Fixed (2 changes)
Security (9 changes)
- Disallow serving Pages over disabled custom domains with deployments (merge request)
- Check npm package name, version and scripts coherence (merge request)
- Check for create_deploy_token policy before creating deploy token (merge request)
- Check if user has ban_group_member access before banning in namespace (merge request)
- Prevent privilege escalation via custom role (merge request)
- Prevent using quick actions for some bot users (merge request)
- Disable raw HTML for quick action pipeline (merge request)
- Disable quick actions unless description changed (merge request)
- Remove comment support from shrug and tableflip (merge request)
17.1.1 (2024-06-25)
Fixed (1 change)
Security (14 changes)
- Security fixes for banzai pipeline (merge request)
- Fix the catastrophic backtracking in openapi regex (merge request)
- Use permitted_params for standalone and multiplex queries (merge request)
- Fix for Private job artifacts can be accessed by any user (merge request)
- Remove search results from public projects with unauthorized repos (merge request)
- Do not run a new pipeline on re-target (merge request)
- Add limits on autolinker regex (merge request)
- Fix clickjacking on OAuth application page (merge request)
- Hide branch merge request if merge requests are private (merge request)
- Remove collapseLongCommitList method (merge request)
- Pass SSO session data to Sidekiq (merge request)
- Prevent non-members from using promote_to quick action for quick actions (merge request)
- Reject deletion of security policy project approval rules (merge request)
- Mitigate ReDoS attacks via
method_call_regex (merge request)
17.1.0 (2024-06-19)
Added (180 changes)
- Allow
admin_runner ability to change shared runner setting (merge request) GitLab Enterprise Edition
- Update services to create custom software license (merge request) GitLab Enterprise Edition
- Protected containers: Add help text for repository path pattern input by @gerardo-navarro (merge request)
- Move document for CS for registry (merge request) GitLab Enterprise Edition
- Add new duo pro discover page (merge request) GitLab Enterprise Edition
- Changed association of frameworks with projects (merge request) GitLab Enterprise Edition
- Add support for new placeholders by @TamsilAmani (merge request)
- Add
admin_runners custom ability (merge request) GitLab Enterprise Edition
- Add worker to aggregate last 30-day catalog resource usage data (merge request)
- Add cargo to supported sbom and sync types (merge request)
- Add project settings sections to command mode results (merge request)
- Configuring Topology Service in Rails (merge request)
- Add ML Model filters to the "package files" screen (merge request)
- Include SAST Advanced in configuration UI allowlist (merge request)
- Group level work items support group level references (merge request)
- Add search in wiki sidebar (merge request)
- Render icons beside suggestions (merge request)
- Display temporary extension expiration banner (merge request) GitLab Enterprise Edition
- Add logs header details (merge request)
- Cleanup index terraform module archive FF (merge request)
- Create new custom Permission: read_crm_contact by @ChaelCodes (merge request) GitLab Enterprise Edition
- Use custom models for duo chat features (merge request) GitLab Enterprise Edition
- Add ssh-upload-pack endpoint to handle Git over SSH requests (merge request) GitLab Enterprise Edition
- Add embedding reference and call it on condition (merge request) GitLab Enterprise Edition
- Add related issues to Merge Request API by @zzaakiirr (merge request)
- Add partition_id to Ci::Sources::Project (merge request)
- Expose configuration in API and UI (merge request)
- Filter projects by marked for deletion by @imskr (merge request) GitLab Enterprise Edition
- Add urls to generated changelogs by @Taucher2003 (merge request)
- Add count field to WorkItemConnection (merge request)
- Progress bar & status to model artifact importer (merge request)
- Exposed note body first line on GraphQL by @zillemarco (merge request)
- Add external MR diffs to
gitlab-backup task by @zzaakiirr (merge request)
- Add support for rendering icons (merge request)
- Add identifier_external_ids column to vulnerability_reads (merge request)
- Protected packages: Label "protected" for package detail page on group by @gerardo-navarro (merge request)
- Clean up duo_chat_display_source feature flag (merge request) GitLab Enterprise Edition
- Adds sort by publish date for container registry tags list (merge request)
- GraphQL changes to fetch vulnerability severities count with limits (merge request) GitLab Enterprise Edition
- Allow actor override when GitHub and BBS disabled (merge request)
- Early access program participation checkbox (merge request) GitLab Enterprise Edition
- Add approval_policy_rule_id to approval rules and related tables (merge request)
- Add organization to vuln export for sharding (merge request) GitLab Enterprise Edition
- Add verified creator badge (merge request)
- Protected packages: REST API GET package protection rules by @nwittstruck (merge request)
- Improves empty state on model registry model page (merge request)
- Add star count as sorting option for CICD Catalog (merge request)
- Validate form input for version and model name (merge request)
- Create partitions for new audit event tables (merge request)
- Add support for Redis extra config command to ActionCable (merge request)
- Filter projects by marked for deletion by @imskr (merge request) GitLab Enterprise Edition
- Allow selecting project for project level items (merge request)
- Protected containers: Update protection rules in project settings ui by @gerardo-navarro (merge request)
- Handle declined event for bitbucket server importer by @ivantedja (merge request)
- Adding gcp audit event destination validator (merge request) GitLab Enterprise Edition
- Add pmg README.md (merge request)
- Add
admin_runners custom ability (merge request) GitLab Enterprise Edition
- Add support for Sentinel usernames in Workhorse (merge request)
- Default enable diff_preview_in_email (merge request)
- Add CVS for CS document (merge request) GitLab Enterprise Edition
- Add security policies projects join table (merge request) GitLab Enterprise Edition
- Display timestamp in log lines (merge request)
- GraphQL: Add fullPath argument in runnerUsage query (merge request) GitLab Enterprise Edition
- Add sorting by
component_name to dependency list aggregations (merge request)
- Backfill work_item_dates_sources with epic dates data (merge request)
- Add confirmation message on manual job with confirmation message by @lifez (merge request)
- Remove
repository_tree_gitaly_pagination feature flag (merge request)
- Add source code to
/explain_vulnerability tool (merge request) GitLab Enterprise Edition
- Add Restore Pages Deployment Mutation (merge request)
- Enable integration API for admin integrations custom ability (merge request) GitLab Enterprise Edition
- Add PagesDeployment to deletePagesDeployment Mutation (merge request)
- Adjust the mistral promprt for 22b (merge request) GitLab Enterprise Edition
- GraphQL: Add fullPath argument in runnerUsageByProject query (merge request) GitLab Enterprise Edition
- Filter by marked_for_deletion_on in groups graphql by @imskr (merge request) GitLab Enterprise Edition
- Add support for latest_tag by @TamsilAmani (merge request)
- Add PagesDeployments to Project type (merge request)
- Enable show_container_registry_tag_signatures feature flag by default (merge request) GitLab Enterprise Edition
- Add admin integrations custom permission (merge request) GitLab Enterprise Edition
- Improve observability by various Git LFS metrics (merge request)
- Add GraphQL mutation
projectTextReplace (merge request)
- Adds published message for each container registry image repository (merge request)
- Create separate elastic queue for embeddings (merge request) GitLab Enterprise Edition
- Log token info for GraphQL requests (merge request)
- Add Limit for CVS for CS (merge request) GitLab Enterprise Edition
- Add a new task initial_indexing for Zoekt::SchedulingService (merge request) GitLab Enterprise Edition
- Add option to add custom html header tags via gitlab.yml config by @bufferoverflow (merge request)
- Add support for custom headers in webhook API by @Taucher2003 (merge request)
- Audit when product analytics settings are changed (merge request) GitLab Enterprise Edition
- Protected packages: REST API DELETE package protection rules by @nwittstruck (merge request)
- Remove single_relation_import feature flag (merge request)
- Add audit event for web hook creation (merge request) GitLab Enterprise Edition
- Include custom role name in members exports (merge request) GitLab Enterprise Edition
- GraphQL: Add runnerManager field to CiJob (merge request)
- GraphQL: Add managers field to CiRunner (merge request)
- Add trigram indexes on email column by @zzaakiirr (merge request)
- Add partition_id to Ci::PipelineMessage (merge request)
- Backfilling of work_item_parent_links from epics parent_id (merge request)
- Introduce ci_pipeline_variables_minimum_role (merge request)
- Finalize BackfillPartitionIdCiDailyBuildGroupReportResult (merge request)
- Created blueprint for pipeline mini graph (merge request)
- Add explain vulnerability tool (merge request) GitLab Enterprise Edition
- Add a cleanup worker for removable add-on purchases (merge request) GitLab Enterprise Edition
- Add WorkItemAddClosingMergeRequest mutation to GQL API (merge request)
- Audit when product analytics settings are changed (merge request) GitLab Enterprise Edition
- Filter groups by marked_for_deletion_on by @imskr (merge request)
- Add spec for the
handleClusterError helper by @antonkalmykov (merge request)
- Add resolver for product analytics project settings (merge request) GitLab Enterprise Edition
- Update doc for single_relation_import flag status (merge request)
- Add API-Security CI template (merge request) GitLab Enterprise Edition
- Add index for sorting by highest severity (merge request)
- Add projects dropdown to work_item_links_form component (merge request)
- Adds support for dynamic schemas with date range filters (merge request) GitLab Enterprise Edition
- Include none argument owasp_top_10 filter (merge request) GitLab Enterprise Edition
- Filter the pods list be clicking at the pod stat (merge request)
- feature: Create a new model and version and upload artifacts (merge request)
- Send configured API key to AI Gateway (merge request) GitLab Enterprise Edition
- Adds a mergeTrainIndex field to merge requests (merge request) GitLab Enterprise Edition
- Introduce data source for overtime DORA metrics (merge request) GitLab Enterprise Edition
- Add partition_id to Ci::DailyBuildGroupReportResult (merge request)
- feature: Create new model version & import artifacts (merge request)
- Adds last_activity_on to Members table (merge request)
- Add capability to support error codes on Duo Chat backend (merge request) GitLab Enterprise Edition
- [Feature Flag] Cleans up large_ipynb_diffs (merge request)
- Backfill related epic links to issue links (merge request)
- Add security policy scheduled scans concurrency limit (merge request) GitLab Enterprise Edition
- Add graphql mutation endpoint to run VerifyNamespaceService (merge request) GitLab Enterprise Edition
- Add not valid foreign key to namespaces.parent_id (merge request)
- Expose Vulnerabilities::StateTransition ID in GraphQL (merge request) GitLab Enterprise Edition
- Extend label GraphQL search with field list (merge request)
- Add GraphQL filters by deployments (merge request)
- Add migration helpers (un)prepare_partitioned_async_index (merge request)
- Add calendar endpoint for PATs (merge request)
- Audit event tables (merge request)
- Add two options to configure target availability check in API Security (merge request)
- Add project level filter (merge request) GitLab Enterprise Edition
- Create a GraphQL query for contributed projects by @yasuk (merge request)
- Simplify wiki print functionality (merge request)
- Create car type (merge request) GitLab Enterprise Edition
- Displays the last published date for container repository (merge request)
- Render solution html in vulnerability modal (merge request) GitLab Enterprise Edition
- Downscale pasted retina images (merge request)
- Add delete_user ability to OrganizationUser permission type (merge request)
- Add hand raise lead to the duo pro trial widget popover (merge request) GitLab Enterprise Edition
- Validate work item presence in epics (merge request)
- Add pipeline validator to check identity verification (merge request) GitLab Enterprise Edition
- Remove
google_cloud_support_feature_flag feature flag (merge request)
- Add Rake task to update project storage (merge request)
- Update type of subscription_add_on_purchases started_at column (merge request) GitLab Enterprise Edition
- Add GraphQL mutation
projectBlobsRemove (merge request)
- Add BulkImport cancel API for instance admins (merge request)
- Add AI telemetry endpoint (merge request) GitLab Enterprise Edition
- Allow adding members by username by @imskr (merge request)
- Trigger GraphQl subscription when WorkItem hierarchy change (merge request)
- feature: Delete model version (merge request)
- Sync unique index creation for ci_pipelines.partition_id (merge request)
- Create audit events when deployments are approved or rejected (merge request) GitLab Enterprise Edition
- Upload artifacts to an existing machine learning model version (merge request)
- Support directory structure in generic package registry (merge request)
- Add pipeline validator to check identity verification (merge request) GitLab Enterprise Edition
- Release Silent Admin Exports feature (merge request)
- Added the featureFlagEnabled query field (merge request)
- Create migration to add started_at to subscription_add_on_purchases (merge request) GitLab Enterprise Edition
- Add new option to filter projects in GraphQL (merge request)
- Zoekt: Add callback service (merge request) GitLab Enterprise Edition
- Use the zoekt_settings in the Admin settings (merge request)
- Sync funnels when config project changes (merge request) GitLab Enterprise Edition
- Add X-Gitlab-Version to Cloud Connector headers (merge request) GitLab Enterprise Edition
- Run migrations in milestone order (merge request)
- Skip audit event on download of export, if silent (merge request)
- Redirect wiki pages on renaming them (merge request)
- Add GraphQL mutation for product analytics project settings (merge request) GitLab Enterprise Edition
- Add initial duo pro trial status popover (merge request) GitLab Enterprise Edition
- Feature to delete artifacts from a model version (merge request)
- Add a new IndexingTaskWorker (merge request) GitLab Enterprise Edition
- Adds custom API server support for Telegram (merge request)
- Backend code for self-hosted LLM server instance configuration (merge request)
- Add API for trigger group test webhook by @lifez (merge request) GitLab Enterprise Edition
- Prepare async index for ci_pipelines.partition_id related (merge request)
- Add manage_merge_request_settings custom permission (merge request)
- Add custom software licenses table (merge request) GitLab Enterprise Edition
Fixed (191 changes)
- Check email confirmation status of active users (merge request) GitLab Enterprise Edition
- Fix the multiple zoekt_tasks creation for delete_repo (merge request) GitLab Enterprise Edition
- Force UTF-8 encoding on CSV export files (merge request) GitLab Enterprise Edition
- Ensure Workhorse log writers are closed to avoid Goroutine leaks (merge request)
- Update replication troubleshooting snippets (merge request) GitLab Enterprise Edition
- Fix fork badge always shown in pipelines page (merge request)
- Increase JWT expiration from 1 to 10 mins (merge request) GitLab Enterprise Edition
- Fixed issue with command palette shortcut (merge request)
- Remove performance bar from jira connect (merge request)
- Update Bitbucket Cloud Importer to map users by uuid (merge request)
- Fix product analytics manager offering UI (merge request) GitLab Enterprise Edition
- Implement segmented vulnerability export mechanism for large groups (merge request) GitLab Enterprise Edition
- Create worker to store security reports by project (merge request) GitLab Enterprise Edition
- Work item hierarchy change system notes use full references (merge request)
- Allow labels to be specified with absolute path (merge request)
- Change FF to beta and default enable (merge request) GitLab Enterprise Edition
- Show wiki sidebar content in history and changes (merge request)
- Increase SQL query threashold on work_items test (merge request)
- MR widget: Fix alignment (merge request)
- Wiki: Fix last edited author (merge request)
- Remove unused issue card weight filtering functionality (merge request)
- Fix publishing npm package with custom root folder name (merge request)
- Fixed overflowing layout on the compare revisions page by @zillemarco (merge request)
- Wiki: Fix header spacings on published pages and create page (merge request)
- Delete project_ref_name_in_pipeline feature flag (merge request)
- Wrap wiki history commit message (merge request)
- Fix approvals text alignment (merge request)
- Use gl-background-color-default for .gl-new-card-add-form background (merge request)
- Sync updated_at attribute when updating epic (merge request) GitLab Enterprise Edition
- Fix inviting members with a custom role (merge request) GitLab Enterprise Edition
- Remove the archived projects from the security dashboard (merge request) GitLab Enterprise Edition
- Remove branch on jira when deleted on gitlab (merge request)
- Update "shared runners enabled" setting on subgroup builds (merge request)
- Ignore wiki links that have missing href (merge request)
- Hide Exact code search in preferences when zoekt setting is disabled (merge request) GitLab Enterprise Edition
- This MR fixes project selection (merge request) GitLab Enterprise Edition
- fix: Add zero-padded mapping for OWASP 2021 vuln categories (merge request) GitLab Enterprise Edition
- Fix links and tree drag and drop on FF (merge request)
- Update Merge train system note (merge request)
- Fix calculating direct_members count (merge request) GitLab Enterprise Edition
- Fix the limit logic for containing refs requests (merge request)
- Add reject_non_dco_commits to push rules REST API (merge request) GitLab Enterprise Edition
- Use primary DB for authenticating artifacts downloads (merge request)
- Cleanup ci_runner_projects records with null project_id (merge request)
- Cleanup ci_runner_namespaces records with null namespace_id (merge request)
- Take broadcast message height into account in board height (merge request)
- Use blue color for subscribed state and active todo (merge request)
- Fix Epics::UpdateService to only sync changed attributes (merge request) GitLab Enterprise Edition
- Respect carraige return in new job log viewer (merge request)
- Update an expired test certificate (merge request)
- Do not error when assigning issue to same epic (merge request) GitLab Enterprise Edition
- Restrict GraphQL API to only documented token types (merge request)
- Fix fullPath for cross projects work items (merge request)
- This MR fix bottom loader (merge request) GitLab Enterprise Edition
- Fix missing filename when downloading generic package in release page (merge request)
- Verify the namespace_id on duo pro trial service layer (merge request) GitLab Enterprise Edition
- Add spacing between framework pill and title in adherence list (merge request)
- Execute the task even the repo is not found (merge request) GitLab Enterprise Edition
- Update ShortcutsBlob data (merge request)
- Show correct policies subheader for a group (merge request) GitLab Enterprise Edition
- Fixes incorrect wrapping in styled log lines (merge request)
- Wiki sidebar: Fix hover in Darkmode (merge request)
- Add analyze_interval for IntRangeStrategy (merge request)
- Add frontend scripts to assets hash calculation (merge request)
- Fix loading spinner spacing on child issues and epics (merge request) GitLab Enterprise Edition
- Parses job log logs when lines gets split in chunks (merge request)
- Remove card border for issue boards (merge request)
- Enable extra slug sanitization on user provisioning (merge request)
- Accept integer parameter in runner_type for GetUsageServiceBase (merge request) GitLab Enterprise Edition
- Adds ancestors on the index Explore>Groups page (merge request)
- Update MemberRoles::RolesFinder and Members::UpdateService (merge request)
- Modify machine learning version input description (merge request)
- Fixes issue with valid Notebooks not diffing (merge request)
- Fix merge request padding (merge request)
- Remove the user_detail creation derisk feature flag (merge request)
- Fix ancestor widget appearance in Epic sidebar (merge request) GitLab Enterprise Edition
- Allow more wiki types to be searchable (merge request) GitLab Enterprise Edition
- Fixes auditing non-changing fields for product analytics (merge request) GitLab Enterprise Edition
- Fix vertical spacing of collapse MR sidebar btn (merge request)
- Forbid branch protection updates with blocking policy in place (merge request) GitLab Enterprise Edition
- Ensure complete messages are not passed to DuoChat in chunks (merge request) GitLab Enterprise Edition
- Fix nav control layout for new dropdowns (merge request)
- Fix upgrade message link in operations dashboard (merge request)
- Delegate GroupHook URL validation to base class (merge request) GitLab Enterprise Edition
- Fix the other icons being shown in loading state (merge request)
- Fix serialization error on CI Lint with including a CI component (merge request)
- Fix code reloading for Sidekiq in development (merge request)
- Fix button spacing and updating UI text to use sentence case (merge request) GitLab Enterprise Edition
- Fix protected branches deploy key selection for FOSS (merge request)
- Remove the experiment_features_enabled check (merge request) GitLab Enterprise Edition
- Fix visualization designer showing confirm modal after saving (merge request) GitLab Enterprise Edition
- Update StuckExportJobsWorker to not fail parallel export jobs (merge request)
- Vite config: Fix open in editor url (merge request)
- Expose 'Is using seat' badge for Auditors (merge request) GitLab Enterprise Edition
- Differentiate vulnerability security scanner (merge request) GitLab Enterprise Edition
- Use compact pagination on explore page when total pages is unavailable (merge request)
- Exclude child pipelines from tag and branch query (merge request)
- Fix registry list extra padding between list items (merge request)
- Include Group Links in access level check (merge request) GitLab Enterprise Edition
- Fix work items showing icons and actions when not found (merge request)
- Fix missing BATCH_SIZE constant (merge request)
- Fix ActiveModel::UnknownAttributeError for
initialize_with_readme (merge request)
- Add a check to use the different URL for namespace (merge request) GitLab Enterprise Edition
- Fix misleading error message when assigining sec policy project (merge request) GitLab Enterprise Edition
- Group visibility levels: Show all radio button with correct attributes by @gerardo-navarro (merge request)
- Fix display of performance bar in relative root installations (merge request)
- Fix Cloud Connector service catalog is stale (merge request)
- Use
safe_params to persevere sort params (merge request)
- Use localstorage to remember swimlane state for boards (merge request)
- Generic Registry: Fix a bug when downloading files with sign symbol (merge request)
- List all users in the Admin > Users (merge request)
- Do not allow creating Service Accounts for a subgroup (merge request) GitLab Enterprise Edition
- Fix child pipeline badge is broken in CI header (merge request)
- Fix Firefox Drag and Drop on epic lists (merge request) GitLab Enterprise Edition
- Fixes typo for CS JOB (merge request) GitLab Enterprise Edition
- Fix @ autocomplete when search requests overlap (merge request)
- Allow branch protection updates via API with
block_branch_modification (merge request) GitLab Enterprise Edition
- Set height: auto only on images with both dimension set (merge request)
- Move modal and drawer out of container style (merge request)
- Import fork MR when target branch couldn't be created (merge request)
- Fix doc link to project topics (merge request)
- Add default branch to branches API cache_context (merge request)
- Fix gitlab:db:decomposition:migrate task (merge request)
- Fix dark mode hover for admin/credentials row user email (merge request) GitLab Enterprise Edition
- Set imported from value for project export import (merge request)
- Include headers in LfsDownloadObject (merge request)
- Set height: auto on images (merge request)
- Fix registry search sorting layout in mobile screen sizes (merge request)
- Parameterize path after regex validation failure (merge request)
- Use text-subtle instead of a disabled class for badge img empty (merge request)
- A11y fix: make sure "+" button can be focused in wiki sidebar (merge request)
- Fix "shared_audit_event_id_seq" already exists (merge request)
- Fix batched finish worker reenqueue delay (merge request)
- Ignore imported column in relevant models (merge request)
- Show current wiki page as active (merge request)
- Fix default branch protection settings (merge request)
- Use label text color for remove button icon in MR filter bar token (merge request)
- Avoid idling in transaction when exporting with Parallel Project Export (merge request)
- Only lookup by username if ops flag is enabled (merge request)
- Roadmap - Fix alignment of epics with no start date (merge request) GitLab Enterprise Edition
- Filter labels already applied out of recently used suggestions (merge request)
- Fix broken link in CI Catalog verified badge (merge request)
- Fix webhooks temporary disabled too long, too fast (merge request)
- Update member roles REST API doc (merge request)
- Handle project creation error on git push (merge request)
- Fix roadmap settings drawer offset height (merge request) GitLab Enterprise Edition
- Fix access levels for default branch protection (merge request)
- Disable promote button for in flight request (merge request)
- Fix insert table box in rich text editor (merge request)
- Ensure label text color is used for label filter in MR search bar (merge request)
- Do not allow group Owners create Service accounts on Self-managed (merge request) GitLab Enterprise Edition
- Fix an overwrite bug in the gcs metrics concern (merge request)
- Skip pre-receive SD on deletes (merge request) GitLab Enterprise Edition
- Fix board swimlanes headers background (merge request)
- Prevent error in copy_metadata quick action (merge request)
- Update imported value when cloning and moving issues (merge request)
- Fix an N+1 situation (merge request)
- Move Direct Transfer project entities creation to a later stage (merge request)
- Reset project counters after relation import (merge request)
- MR commit message: Fix existing message dropdown selection (merge request)
- Restrict
repository_object_format update for PUT projects/:id (merge request)
- Correctly handle nil assignee arguments (merge request)
- Fix dropdown behavior in ProtectedBranchHelpers to fix flaky test (merge request)
- Fix hidden code navigation tabs (merge request)
- Fix error when calling GQL ciConfig endpoint with include:component (merge request)
- Ensure BLPOP/BRPOP returns nil instead of raising ReadTimeoutError (merge request)
- Use consistent encoding with startup js to fetch commit data (merge request)
- Expose project settings in REST API only for maintainer+ users (merge request)
- Fix approval policy to include group level protected branch (merge request) GitLab Enterprise Edition
- Fix N+1 query in /api/v4/projects/:id/jobs endpoint (merge request)
- Only include the duo pro widget data if ultimate trial is absent (merge request) GitLab Enterprise Edition
- Fix counts for Search Within filter on issues list (merge request)
- Fix instance templates pagination (merge request) GitLab Enterprise Edition
- MR: Show sidebar expand button on md breakpoint (merge request)
- Make pending invitations search case insensitive (merge request)
- Fixes "retryable" value for merge train pipelines as JSON (merge request) GitLab Enterprise Edition
- Change column default when the connections match (merge request)
- Link squashed, fast-forwarded merge requests to deployments (merge request)
- Fix broken DORA performers score Storybook story (merge request) GitLab Enterprise Edition
- Resolve flash of light styles when using auto color mode (merge request)
- Increase Atlassian token constraint (merge request)
- Fix webhook warning permission check (merge request) GitLab Enterprise Edition
- Bugfix file type icon resizes (merge request)
- Fix Sidekiq migration timeout (merge request)
- Fix OpenTofu CI/CD template backport (merge request)
- Fix collapsing sections in job log viewer (merge request)
- Project transfer fix for ES indexing (merge request) GitLab Enterprise Edition
- Support Epic -> WorkItem sync of imported_from (merge request) GitLab Enterprise Edition
- Right align snippet comment actions dropdown (merge request)
- Fix blob viewer line numbers (merge request)
- Fix flow metrics handling of null assignees (merge request)
Changed (308 changes)
- Improve Analytics dashboards schema errors (merge request) GitLab Enterprise Edition
- Drop beta tag on Duo Pro promotion (merge request)
- Dont identify a user using a deploy key (merge request)
- Always show project count for group dependency list (merge request) GitLab Enterprise Edition
- Add the proper empty state when wiki page not found (merge request)
- Re-sync basic epic fields to work items (merge request)
- Declare
StoreSecurityReportsByProjectWorker memory-bound (merge request) GitLab Enterprise Edition
- Rename
work_items_mvc_2 to work_items_alpha (merge request)
- Rename for reauthentication vs just password (merge request) GitLab Enterprise Edition
- Reset input field when closing the modal to delete merged branches (merge request)
- Display easy to read error messages for Duo Chat (merge request) GitLab Enterprise Edition
- Work items: Migrate headline to use type scale (merge request)
- Improve VSD warning messages for failed API requests (merge request) GitLab Enterprise Edition
- Replace funnel name attribute with file name (merge request) GitLab Enterprise Edition
- Update wiki page titles (merge request)
- Update analytics settings page with link to dashboards page (merge request) GitLab Enterprise Edition
- Add padding to OWASP identifiers (merge request) GitLab Enterprise Edition
- Fixes incorrect params passed to Workato (merge request) GitLab Enterprise Edition
- Changes for project owners to receive email notifications (merge request)
- Check for related_epics ff when linking epics (merge request) GitLab Enterprise Edition
- Improve markdown syntax highlighting (merge request)
- Enable user searching by partial email for admins by @zzaakiirr (merge request)
- Update PMG architecture blueprint (merge request)
- Fix spacing of new wiki form help text (merge request)
- Fixed search page flicker (merge request)
- Improve the look of the token access table (merge request)
- Doc(Feature rollout): extend of monitoring (merge request)
- Don't show viewed file tooltip on scroll (merge request)
- Issuable: Migrate title (merge request)
- Changes model candidates to use ml_model packages (merge request)
- Handle errors in different formats (merge request) GitLab Enterprise Edition
- Configure the Claude 3 Haiku model for VE (merge request) GitLab Enterprise Edition
- Added create method in MemberApproval, modified promotion mgmt util (merge request) GitLab Enterprise Edition
- Wiki: Clean up code for injecting props (merge request)
- Merge request: Migrate headline to use type scale (merge request)
- Issuables: Update alignment of open and closed status badge icons (merge request)
- Route LLM requests to AI Gateway (merge request)
- Remove
prevent_issue_epic_search feature flag (merge request) GitLab Enterprise Edition
- Update bulk assign service to include iterable triggers (merge request) GitLab Enterprise Edition
- Add links to description in AI impact analytics dashboard (merge request) GitLab Enterprise Edition
- Validate that all or no analytics settings are defined (merge request) GitLab Enterprise Edition
- Replace issues.milestone_id index by a [milestone_id, id] (merge request)
- Save sidebar entries collapsed state (merge request)
- Search flyout: Bump project avatar size to 32 (merge request)
- Rename /explain_vulnerability Duo slash command (merge request) GitLab Enterprise Edition
- Remove
security_policies_unassign_redundant_policy_projects FF (merge request)
- Auto-select the current project (merge request)
- Remove search_query_builder feature flag (merge request) GitLab Enterprise Edition
- Wiki custom sidebar: Store pages state in localStorage (merge request)
- Reduce runner stale timeout from 3 months to 7 days (merge request)
- SPP no secrets no message docs update (merge request)
- Update beta documentation (merge request)
- Improve TOC functionality in rich text editor (merge request)
- Update dependency ai-gateway to v1.7.0 (merge request)
- Update docs path to secret push protection (merge request)
- Break out downstream pipelines (merge request)
- Show alert on web IDE start error (merge request)
- Updated popover text of system_id column on runner page by @catinbag (merge request)
- Wiki: Create & edit sidebar changes (merge request)
- Migrates gl-display-block to gl-block (merge request)
- Wiki: Show more actions dropdown on pages (merge request)
- Change gitlab:elastic:index to async worker (merge request) GitLab Enterprise Edition
- Hide create wiki page button if inadequate permissions (merge request)
- Removes alpha from CI Catalog fields (merge request)
- Increase prominence of the context header (merge request)
- Add possibility to change allowed to merge groups (merge request) GitLab Enterprise Edition
- Show additional error details from CubeJS 400 responses (merge request) GitLab Enterprise Edition
- chore: Remove the following gitlab embeddings rake task (merge request) GitLab Enterprise Edition
- Make locking message consistent (merge request)
- Update PMG architecture blueprint (merge request)
- Add Google Cloud IAM integration metrics to Service Ping (merge request) GitLab Enterprise Edition
- Change title for bulk seat assignment/removal (merge request) GitLab Enterprise Edition
- Add page counter to wiki sidebar (merge request)
- Adds a new client that uses basic auth to fetch from prometheus (merge request)
- Migrate d-block to gl-block (merge request)
- Fix hr color in navigation sidebar on darkmode (merge request)
- Overhaul OAuth page (merge request)
- Wiki history: Use card container (merge request)
- Add jira client call (merge request)
- Only show "Merge request was removed from train" for open MRs (merge request) GitLab Enterprise Edition
- Wiki templates: Remove limited container (merge request)
- Remove FF allow_user_variables_by_minimum_role (merge request)
- Revert MR https://gitlab.com/gitlab-org/gitlab/-/merge_requests/154228 (merge request)
- Migrates gl-sm-display- classes to Tailwind (merge request)
- Update dependency ai-gateway to v1.6.1 (merge request)
- Update PreventIndexCreation rule (merge request)
- Move all elastic rake tasks to service (merge request) GitLab Enterprise Edition
- Wiki: Adds in-page editing functionality (merge request)
- Update Rails to 7.0.8.4 (merge request)
- Update pmg query (merge request)
- Refactor groups API by @imskr (merge request) GitLab Enterprise Edition
- Use sentence case for edit page, remove hr (merge request)
- Wiki sidebar: Change alignment of sidebar header (merge request)
- Add connection mode column to cluster agents (merge request)
- Allow retry of merge train pipeline while its running (merge request)
- Rename doc page to secret push protection (merge request)
- Add polling to jobs tabs on pipeline (merge request)
- Add WorkItems reference (merge request) GitLab Enterprise Edition
- No longer require magic username for Git over HTTPS with OAuth token by @hickford (merge request)
- Show collapsed directory when custom wiki sidebar exists (merge request)
- Add hasChildrenWithinTimeframe field to epics (merge request) GitLab Enterprise Edition
- Add a param to indicate the purchase request is from GitLab.com (merge request) GitLab Enterprise Edition
- Migrate gl-lg-display-* classes to Tailwind (merge request)
- Update GitLab Pages version (merge request)
- Migrate d-flex to gl-flex (merge request)
- Update pmg architecture blueprint (merge request)
- Replace
gl-white-space-normal class (merge request)
- Migrates gl-display-none! to !gl-hidden (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v4.1.0 (merge request)
- Rollout github_import_lock_user_finder feature flag (merge request)
- Display username when advising of LFS lock (merge request)
- Rename CI and pipeline minute to compute minute (merge request)
- Replace "via" with "with" in email copy and event timeline (merge request)
- Bumping PAT last used timestamp will not trigger sticky writes (merge request)
- Rename Migration/BackgroundMigrationBaseClass rubocop rule by @zzaakiirr (merge request)
- Make page breadcrumbs auto-adjust to available width (merge request)
- Add edit to edit page breadcrumb (merge request)
- Consolidate Board scope for i18n (merge request)
- Update product analytics onboarding permissions (merge request) GitLab Enterprise Edition
- Add a banner informing about token expiration (merge request)
- This MR removed feature flag (merge request) GitLab Enterprise Edition
- Wiki: Migrate content to Vue (merge request)
- Remove DORA Performers Score panel from built-in project VSD (merge request) GitLab Enterprise Edition
- Enable filtered search on Vulnerability Report (merge request) GitLab Enterprise Edition
- Migrate your work pages to use new typescale (merge request)
- Migrates gl-md-display-* classes to Tailwind (merge request)
- Separate pipeline stages files (merge request)
- Tailwind: Migrate heading utility classes (merge request)
- Fix approval groups finder (merge request) GitLab Enterprise Edition
- Remove Attributes column from Inherited CI/CD Variables table (merge request)
- Skip timestamps in log if present when generating HTML (merge request)
- Avoid overflows (merge request) GitLab Enterprise Edition
- Show toast message when merge request is removed from train (merge request) GitLab Enterprise Edition
- Add Jenkins migration callout (merge request)
- Clarifies issue list error state (merge request)
- Fix alignment of wiki sitemap and templates pages (merge request)
- Rename "Limit access..." to "Grant access..." (merge request)
- Align notes on mobile (merge request)
- Replace gl-line-clamp with the Tailwind equivalent (merge request)
- Update file index.md (merge request)
- Add tracking event for Compute Minutes/Storage checkout page views (merge request) GitLab Enterprise Edition
- Update @gitlab/web-ide and gitlab-vscode-extension (merge request)
- Improve analytics dashboards descriptions (merge request) GitLab Enterprise Edition
- WorkItemAddClosingMergeRequest mutation allows URLs and full references (merge request)
- Replace 'gl-overflow-wrap-anywhere' to Tailwind equivalent (merge request)
- Add iid to work item title (merge request)
- Persist scan execution policies to database (merge request) GitLab Enterprise Edition
- Productize trial_disover_page experiment (merge request) GitLab Enterprise Edition
- Move legacy pipeline mini graph (merge request)
- Update "Upgrade your plan to improve repositories" banner (merge request)
- Reduce number of tokens sent for RCA (merge request) GitLab Enterprise Edition
- Change issues from index to upsert for Elasticsearch (merge request) GitLab Enterprise Edition
- refactor: Introduce a Vue-based UI for Pages (merge request)
- Pipeline graph: Improves accessibility when using keyboard (merge request)
- Update dependency auto-deploy-image to v2.93.0 (merge request)
- Improve UX for 404 error for Duo Pro trial page (merge request) GitLab Enterprise Edition
- Update GitLab Pages version (merge request)
- Consolidate iteration filters for issues (merge request) GitLab Enterprise Edition
- Update breaking changes banner (merge request) GitLab Enterprise Edition
- Include session_cookie_token_prefix in KAS session cookie (merge request)
- Add alignment to prevent button height to grow (merge request)
- Rate limit project / group notifications per user (merge request)
- Allow redirecting wiki directories on rename (merge request)
- Add NOT NULL constraint to "path_locks.project_id" (merge request)
- Add metric start date tooltip to AI Impact Dashboard (merge request) GitLab Enterprise Edition
- Create parent links for imported epics (merge request)
- Migrate d-inline-block to gl-inline-block (merge request)
- Docs(Epic Header): add entry to describe counts (merge request) GitLab Enterprise Edition
- Update page title of history page (merge request)
- Move AI Powered Features by @jzeng88 (merge request)
- Remove Kotlin and Scala from MR pipelines by @l.s.andringa1 (merge request) GitLab Enterprise Edition
- Scaffold component for visualization designer overhaul (merge request) GitLab Enterprise Edition
- Replace curl with gcloud commands in GAM integration (merge request)
- Add enum to graphql mutation (merge request) GitLab Enterprise Edition
- Remove beta notice for import with projects (merge request)
- Feat(Purchase): remove key_contacts_management_v2 (merge request) GitLab Enterprise Edition
- Value stream dashboard label filter no longer matches description (merge request) GitLab Enterprise Edition
- Convert GraphQL fullPath fields to ID types (merge request)
- Change removal milestone of ZenTao to 18.0 (merge request)
- Update UI of the MR approval rules banner (merge request) GitLab Enterprise Edition
- Remove "New list button has moved" popover (merge request)
- Change gl-overflow-wrap-break to gl-break-words (merge request)
- Update button and footer description on company form (merge request) GitLab Enterprise Edition
- Help page: Fix badge alignment and migrate headline class (merge request)
- Cascade duo_features_enabled on save (merge request) GitLab Enterprise Edition
- Update software license policies table (merge request) GitLab Enterprise Edition
- Convert GraphQL IID fields from ID to String types (merge request)
- Apply one rate limit to all webhook test endpoints (merge request)
- Remove collapsed description field for snippets form (merge request)
- Increase WorkItem max children (merge request)
- Add allowed to merge drawer (merge request)
- Diff: use own class for setting max-width (merge request)
- Remove font weight 100 and 300 (merge request) GitLab Enterprise Edition
- Fix for broadcast messages not staying dismissed by @robyrne (merge request)
- Early access program tracking by namespace settings (merge request)
- Change 'warning' banner to 'info' on the Terraform state page by @antonkalmykov (merge request)
- Migrate d-none to gl-hidden (merge request)
- Moved MememberManagement namespaced files to GitlabSubscriptions (merge request) GitLab Enterprise Edition
- Update ruby-lsp to v0.16.7 and prism to v0.29.0 (merge request)
- Use Duo icon and label in editor (merge request) GitLab Enterprise Edition
- Wiki create/edit form cleanup (merge request)
- Remove "Already signed in with SAML" (merge request) GitLab Enterprise Edition
- Update in-progress product analytics onboarding state (merge request) GitLab Enterprise Edition
- Cleanup FF saas_user_caps (merge request) GitLab Enterprise Edition
- Pages: Update UI (merge request)
- Drop default value for p_ci_builds.auto_canceled_by_partition_id (merge request)
- Link to deployment details page for waiting-for-approval jobs (merge request) GitLab Enterprise Edition
- Allow instance adminstrators to link work items (merge request)
- Regenerate OpenAPI documentation of REST API (merge request)
- Move board delete to board configuration modal (merge request)
- Align wording between group and project restore confirmation by @antonkalmykov (merge request) GitLab Enterprise Edition
- Update dependency auto-deploy-image to v2.91.0 (merge request)
- Remove beta status from AI impact analytics dashboard (merge request) GitLab Enterprise Edition
- Wiki: Clone repository changes (merge request)
- Drop redudnant vuln_reads indices, improve unnested_in_filters (merge request)
- Remove invalid remote mirror records without "project_id" (merge request)
- Add epics.issue_id NOT NULL constraint (merge request) GitLab Enterprise Edition
- Add allowedParentTypes to Hierarchy widget (merge request)
- Update visualization designer to preview code in YAML (merge request) GitLab Enterprise Edition
- Add routing field to issues index (merge request) GitLab Enterprise Edition
- Enable use of #deduplicated_size for self-managed (merge request)
- Add feedback mechanism for AI cube query generation (merge request) GitLab Enterprise Edition
- Update error message and layout (merge request)
- Remove Scala and Kotlin from Spotbugs job in Static Analysis CI template (merge request) GitLab Enterprise Edition
- Downcase invite emails as the service layer (merge request)
- Use sentence case for edit snippet title (merge request)
- Remove FF mark_cvs_vulnerabilities_as_resolved (merge request) GitLab Enterprise Edition
- Update neighbor gem to 0.3.2 (merge request)
- Updating ci_pipeline_schedule_variables with sharding key (merge request)
- Make GITLAB_LOG_LEVEL affect more logs (merge request)
- Update edit wiki page and template titles (merge request)
- Move wiki edited by text below title (merge request)
- Add ci_integration_jenkins model function (merge request)
- Remove unused indices on sbom_occurrences (merge request)
- Update GitLab Pages version (merge request)
- Update wiki sidebar (merge request)
- Add frontend URL validation for uploading metrics images (edit modal) by @antonkalmykov (merge request)
- Add allowed to merge drawer (merge request)
- Feat(Epic Header and Board): Align presentation (merge request) GitLab Enterprise Edition
- Using self-hosted llm models name as differentiator (merge request) GitLab Enterprise Edition
- Ignore additional registry migration fields (merge request)
- Wiki: Update docs (merge request)
- Only query the fields needed (merge request)
- Wiki: Move template link to kebab menu (merge request)
- Remove permission check skipping (merge request) GitLab Enterprise Edition
- Improve Analytics dashboards schema errors (merge request) GitLab Enterprise Edition
- Add aria label to labels search (merge request)
- Update redis-client to v0.22.2 (merge request)
- Do not perform git housekeeping when repository does not exist (merge request) GitLab Enterprise Edition
- Update wiki templates layout (merge request)
- Show edit pending comment button on mobile (merge request)
- Excludes pre-release versions from
latest and shorthand (merge request)
- Change included text for GitLab Duo generated commit message (merge request)
- Remove enter key listener on states table actions form by @archish27 (merge request)
- Remove duplicated indexes in post migration (merge request)
- Make media and list items draggable (merge request)
- Hide RCA button on the job logs page (merge request)
- Change edit board to "Configure board" (merge request)
- Remove duo chat ga flag (merge request) GitLab Enterprise Edition
- Wiki page: Add delete option to kebab menu (merge request)
- Updated error text for incorrect branch name when creating by @catinbag (merge request)
- Handle product analytics urls endding with slash (merge request) GitLab Enterprise Edition
- Add Search reference (merge request) GitLab Enterprise Edition
- Add query builder format class (merge request) GitLab Enterprise Edition
- Update product analytics onboarding flow settings clearing (merge request) GitLab Enterprise Edition
- Updated the Upgrade GitLab Runner link by @catinbag (merge request)
- Remove epic work item sync feature flags (merge request) GitLab Enterprise Edition
- Create wikis without content (merge request)
- Replace approval selectors with User/Group selectors (merge request) GitLab Enterprise Edition
- Add new page button to wiki sitemap (merge request)
- Wiki edit page: Move delete button to action row (merge request)
- AI Generate commit message: Change text of button (merge request)
- Remove static webhook feature flags (merge request)
- Export private emails in seat usage quota export (merge request) GitLab Enterprise Edition
- Update ES sizing for single node clusters (merge request) GitLab Enterprise Edition
- Display custom role title in invitation emails (merge request)
- Add imported badge to design notes (merge request)
- Move board optons into dropdown and change config button (merge request)
- Change logic for beyond identity GPG keys alert message (merge request)
- Only return ID from Elasticsearch response (merge request) GitLab Enterprise Edition
- Move update trigger to pop up modal by @missy-davies (merge request)
- Use confirm variant for new wiki template (merge request)
- Used gitlab ui utilities in feature flag form by @catinbag (merge request)
- Add link to the project in the self-managed provider card (merge request) GitLab Enterprise Edition
- Externalize interpret_service_spec by @jzeng88 (merge request)
- Disable Rails console's IRB's autocompletion by default (merge request)
- Add indicator when Cube query is loading slow (merge request) GitLab Enterprise Edition
- Release compliance frameworks report csv feature (merge request) GitLab Enterprise Edition
- Make edited text always gray (merge request)
- Update styling of framework report drawer (merge request) GitLab Enterprise Edition
- Clean up duo_chat_ga_alert flag and feature (merge request) GitLab Enterprise Edition
- Remove saml_reload feature flag (merge request)
- Clean up duo_pro_trial_alert feature flag by @robyrne (merge request) GitLab Enterprise Edition
- Updates GitLab Pages version (merge request)
- Swap columns trigger_request_id and erased_by_id for p_ci_builds (merge request)
- Implement a web hook create service (merge request) GitLab Enterprise Edition
- Improve CI/CD lead time analytics rendering of small values (merge request) GitLab Enterprise Edition
- Minor UX updates to explore projects (merge request)
- Restrict accesss requests when group has reached member limit (merge request) GitLab Enterprise Edition
- Migrate d-inline to gl-inline (merge request)
- Remove log_execution_time_path_traversal_middleware feature flag (merge request)
- Remove rate_limit_oauth_api feature flag (merge request)
- Migrates d-inline-flex go gl-inline-flex (merge request)
- Remove
use_database_for_dependency_export feature flag (merge request) GitLab Enterprise Edition
- Default group_multi_select_tokens feature flag to true (merge request)
- Change gl-word-break-word to gl-break-anywhere (merge request)
- Append a percentage symbol to the end of work item progress (merge request) GitLab Enterprise Edition
- Simplify text of Google Cloud runner registration (merge request)
Removed (29 changes)
- Remove
confidence parameter from vulnerability_findings API (merge request) GitLab Enterprise Edition
- Remove deprecated ci_runners columns (merge request)
- Revert MR button in forked project issues (merge request)
- Remove combined_analytics_dashboards feature flag (merge request) GitLab Enterprise Edition
- Remove code_suggestion_events_in_click_house FF (merge request) GitLab Enterprise Edition
- Removes the cascade_duo_features_enabled_setting feature flag (merge request)
- Remove BBM job classes up to 16.3 (merge request)
- Remove temporary duo pro settings banners (merge request)
- Cleanup product_analytics_admin_settings flag (merge request)
- Remove unused Geo::RepositoriesChangedEvent (merge request) GitLab Enterprise Edition
- Remove ai_tracking_data_gathering feature flag (merge request) GitLab Enterprise Edition
- Cleanup product_analytics_beta_optin flag (merge request)
- Removes temporary index on project_statistics (merge request)
- Remove migration columns in container repository (merge request)
- Removed product analytics dashboard feature flag by @archish27 (merge request)
- Remove backfill_workspace_personal_access_token_spec (merge request)
- Remove migration-related columns from settings (merge request)
- Remove gitops Deprecation Alert (merge request)
- Remove AI experimentation endpoints (merge request) GitLab Enterprise Edition
- Remove ignore columns rule for legacy event-related tables (merge request) GitLab Enterprise Edition
- Remove use_or_default_operator feature flag (merge request) GitLab Enterprise Edition
- Renamed relatedMergeRequests field on WorkItem Development widget (merge request)
- Remove unused code (merge request) GitLab Enterprise Edition
- Remove browse template button from the pipeline editor by @yonghyun.jin13 (merge request)
- Remove all code related to clusters/integrations (merge request)
- Remove the BuildSuccessWorker (merge request)
- Remove approval_rules_drawer feature flag (merge request)
- Remove integer column and trigger function for ci_pipelines (merge request)
- Remove use_faster_code_owner_file_exist_check feature flag (merge request) GitLab Enterprise Edition
Security (21 changes)
- Verify Asana access token when testing Asana integration
- Bump KAS version
- Improve go_package_regex to prevent ReDoS attacks
- XSS and content injection raw XHTML files on IOS devices
- Fix ReDoS in CI Interpolation
- Set IP address in sidekiq (merge request)
- Prevent PDF.js from evaluating scripts (merge request)
- Add text limit to ci_runners text fields (merge request)
- Caching test_report api response to reduce calculations (merge request)
- Fail create commit status on pipeline_id / sha mismatch (merge request)
- Restrict access to Secure artifacts to developer role (merge request)
- Use UntrustedRegexp for gollum pattern (merge request)
- Patch @gitlab/web-ide to fix XSS webWorkerExtensionHostIframe.html (merge request)
- Prevent PDF.js from evaluating scripts (merge request)
- Add text limit to ci_runners text fields (merge request)
- Caching test_report api response to reduce calculations (merge request)
- Fail create commit status on pipeline_id / sha mismatch (merge request)
- Update KAS version (merge request)
- Restrict access to Secure artifacts to developer role (merge request)
- Use UntrustedRegexp for gollum pattern (merge request)
- Patch @gitlab/web-ide to fix XSS webWorkerExtensionHostIframe.html (merge request)
Performance (10 changes)
- Add index to package files on package_id, status and file extension (merge request)
- Improves groups controller specs (merge request)
- Memoize common rules:changes evaluations in pipeline creation (merge request)
- Enable and remove ci_rules_exists_pattern_matches_cache (merge request)
- Fix N+1 problem in the pipeline bridges API endpoint (merge request)
- Skip groups query in @ autocomplete if not needed (merge request)
- Delay devise login lock settings (merge request)
- Optimize todos query when filtering by group (merge request)
- Add index to package files on file_name and file_sha256 (merge request)
- Analyze partitioned tables every 3 days (merge request)
Other (334 changes)
- Add the zoekt application setting zoekt_auto_index_root_namespace (merge request) GitLab Enterprise Edition
- Add and backfill project_id for external_status_checks_protected_branche (merge request)
- Add and backfill project_id for merge_request_review_llm_summaries (merge request)
- Protected packages + containers: Set alpha for GraphQL protection rules by @gerardo-navarro (merge request)
- Backfilling ci_pipelines project_id (merge request)
- Prepare async creation for merge_requests.head_pipeline_id (merge request)
- Add and backfill project_id for vulnerability_issue_links (merge request)
- Fix some Style/EmptyMethod offenses by @phot0n (merge request)
- Drop FF respawn_assign_resource_worker (merge request)
- Removes extra period from FK docs (merge request)
- Adds a note about using BIGINT Fks (merge request)
- Define events and metrics for Find file instrumentation (merge request)
- Add sharding-key on upcoming_reconciliations (merge request) GitLab Enterprise Edition
- Remove duplicated index from boards_epic_board_recent_visits (merge request)
- Add and backfill project_id for operations_strategies_user_lists (merge request)
- Add and backfill project_id for sbom_occurrences_vulnerabilities (merge request)
- Add and backfill project_id for packages_debian_project_distribution_key (merge request)
- Add and backfill project_id for merge_request_blocks (merge request)
- Add and backfill group_id for epic_user_mentions (merge request)
- Include accessibility tests for classing and rapid diffs (merge request)
- Remove overage_members_modal feature flag (merge request)
- Implement train_type (merge request) GitLab Enterprise Edition
- Add and backfill project_id for status_check_responses (merge request)
- Add and backfill project_id for release_links (merge request)
- Fix missing
traversal_ids for vulnerability_reads records (merge request)
- refactor: Apply best practices to visibility helper test by @gerardo-navarro (merge request)
- refactor: Protected packages: Collection of wording changes by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill group_id for packages_debian_group_distribution_keys (merge request)
- Add and backfill project_id for merge_request_assignment_events (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill project_id for packages_debian_publications (merge request)
- Remove
index_identities_on_provider DB index (merge request)
- Quarantine a flaky test (merge request)
- Improve UI text in custom notification settings (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Protected packages: Use positive logic to protected_up_to_access_level by @gerardo-navarro (merge request)
- Add and backfill project_id for dast_site_validations (merge request)
- Add and backfill project_id for vulnerability_merge_request_links (merge request)
- Add and backfill project_id for operations_feature_flags_issues (merge request)
- Docs: Support mutual TLS in GitLab Pages with GitLab API (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add a metric ZoektSearchEnabledMetric (merge request) GitLab Enterprise Edition
- Release augmenting package registry GCS signed URLs with metadata (merge request)
- Remove column default (merge request) GitLab Enterprise Edition
- Add and backfill project_id for dast_pre_scan_verifications (merge request)
- Draft: Add sharding key tracking issues for security_policy_management (merge request)
- Resolve Layout/ArgumentAlignment offenses 82 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove duplicated index from boards_epic_user_preferences (merge request)
- Remove duplicated index from board_user_preferences (merge request)
- Mark 20230426195404 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill project_id for vulnerability_state_transitions (merge request)
- Add and backfill project_id for merge_request_assignees (merge request)
- Add and backfill project_id for dast_site_profile_secret_variables (merge request)
- Mark 20230518064300 as obsolete (merge request) GitLab Enterprise Edition
- Add and backfill project_id for terraform_state_versions (merge request)
- Add and backfill project_id for project_relation_exports (merge request)
- Add organization_id column (merge request) GitLab Enterprise Edition
- Draft: Add sharding key tracking issues for requirements_management (merge request)
- Draft: Add sharding key tracking issues for incident_management (merge request)
- Add and backfill project_id for draft_notes (merge request)
- Draft: Add sharding key tracking issues for geo_replication (merge request)
- Remove ai_gateway_docs_search flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Draft: Add sharding key tracking issues for continuous_delivery (merge request)
- Draft: Add sharding key tracking issues for integrations (merge request)
- Add and backfill project_id for vulnerability_user_mentions (merge request)
- Add and backfill project_id for operations_strategies (merge request)
- Add and backfill project_id for dast_profiles_tags (merge request)
- Remove untrusted Bitbucket identities and related fallback (merge request)
- Resolve Layout/ArgumentAlignment offenses 68 by @gauravmarwal (merge request)
- Drop unused
index_vulnerability_occurrences_on_project_fingerprint (merge request)
- Use normal font weight for board view dropdown toggles (merge request)
- Make approver to-do and email consistent (merge request) GitLab Enterprise Edition
- Remove
tree method from ExtractsRef (merge request)
- Updated documentation & fixed rate limit user by @archish27 (merge request)
- Resolve Layout/ArgumentAlignment offenses 65 by @gauravmarwal (merge request)
- Protected container: Add help page for protected containers by @gerardo-navarro (merge request)
- Add and backfill project_id for ml_experiment_metadata (merge request)
- Add and backfill namespace_id for user_achievements (merge request)
- Remove use_ids_for_markdown_upload_urls flag (merge request)
- Remove default values ci_daily_build_group_report_results#partition_id (merge request)
- Update feature category for MergeWorker (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Refactor ExtractsRef to use RefExtractor logic (merge request)
- Remove obsolete Advanced search migrations (merge request) GitLab Enterprise Edition
- Remove FF auto_merge_when_incomplete_pipeline_succeeds (merge request)
- Remove unnecessary allows between gitlab_schemas (merge request)
- Add and backfill project_id for packages_build_infos (merge request)
- Add a new FF disable_zoekt_search_for_saas (merge request) GitLab Enterprise Edition
- Add and backfill namespace_id for design_management_versions (merge request)
- Draft: Add sharding key tracking issues for release_evidence (merge request)
- Remove "use_remote_service_update_service" feature flag (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillDeploymentApprovalsProjectId (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/FirstArrayElementIndentation 1 offenses by @archish27 (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add and backfill project_id for wiki_page_slugs (merge request)
- Quarantine a flaky test (merge request)
- Drop temp_index_on_notes_with_null_noteable_type from notes table (merge request)
- Resolve Layout/ArgumentAlignment offenses 75 by @gauravmarwal (merge request)
- Protected packages: Add help text for name pattern input by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request) GitLab Enterprise Edition
- Add and backfill project_id for remote_development_agent_configs (merge request)
- Add and backfill project_id for dora_daily_metrics (merge request)
- Resolve Layout/ArgumentAlignment offenses 73 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize migration BackfillClusterAgentTokensProjectId (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add not null constraint for releases.project_id (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 4 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Draft: Add sharding key tracking issues for code_review_workflow (merge request)
- Add and backfill agent_project_id for agent_activity_events (merge request)
- Draft: Add sharding key tracking issues for cell (merge request)
- Backfill epic_issues records into work_items (merge request)
- Resolve Layout/ArgumentAlignment offenses 79 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 86 by @gauravmarwal (merge request)
- Fix Layout/SpaceInLambdaLiteral 8 offenses by @archish27 (merge request)
- Remove unnecessary allows between gitlab_schemas (merge request)
- Add and backfill group_id for boards_epic_user_preferences (merge request)
- Fix Layout/MultilineOperationIndentation 3 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 6 offenses by @archish27 (merge request)
- Draft: Add sharding key tracking issues for system_access (merge request)
- Use RemoteMirrors::DestroyService for push mirror deletion (merge request)
- Draft: Add sharding key tracking issues for importers (merge request)
- Remove unused approval auto merge worker (merge request)
- Resolve Layout/ArgumentAlignment offenses 71 by @gauravmarwal (merge request)
- Fix Lint/SymbolConversion 1 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Remove duplicated index from board_project_recent_visits (merge request)
- Fix Layout/SpaceInLambdaLiteral 4 offenses by @archish27 (merge request)
- Fix Lint/SymbolConversion 3 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Lint/SymbolConversion 8 offenses by @archish27 (merge request)
- Consolidate MWCP feature flags into 1 (merge request)
- Resolve Layout/ArgumentAlignment offenses 74 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 85 by @gauravmarwal (merge request)
- Cleanup approval_policy_parent_child_pipeline feature flag (merge request) GitLab Enterprise Edition
- Remove remove_refactor_auto_merge feature flag (merge request)
- Draft: Add sharding key tracking issues for devops_reports (merge request)
- DROP temp_notes_backup table (merge request)
- Draft: Add sharding key tracking issues for team_planning (merge request)
- Validate notes.noteable_type NOT NULL constraint SYNC (merge request)
- Resolve Layout/ArgumentAlignment offenses 80 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 78 by @gauravmarwal (merge request)
- Fix Layout/SpaceInLambdaLiteral 7 offenses by @archish27 (merge request)
- Resolve Layout/ArgumentAlignment offenses 72 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 66 by @gauravmarwal (merge request)
- Add sharding key tracking issues for continuous_integration (merge request)
- Fix Layout/SpaceInLambdaLiteral 22 offenses by @archish27 (merge request)
- Add and backfill group_id for boards_epic_lists (merge request)
- Draft: Add sharding key tracking issues for build_artifacts (merge request)
- Fix Layout/FirstArrayElementIndentation 4 offenses by @archish27 (merge request)
- Add sharding key for VSA tables (merge request)
- Fix Layout/FirstArrayElementIndentation 2 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 10 offenses by @archish27 (merge request)
- Finalize migration BackfillCatalogResourceVersionSemVer (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 11 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 11 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Make copy for entering URLs consistent (merge request) GitLab Enterprise Edition
- Drop the temporary index from
vulnerability_reads table (merge request)
- Draft: Add sharding key tracking issues for secrets_management (merge request)
- Add and backfill namespace_id for design_management_repositories (merge request)
- Add and backfill namespace_id for design_management_designs (merge request)
- Fix Layout/SpaceInLambdaLiteral 5 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 14 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInLambdaLiteral 2 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 9 offenses by @archish27 (merge request)
- Draft: Add sharding key tracking issues for portfolio_management (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Clean up ai_chat_enabled_namespace_ids feature flag (merge request)
- Draft: Add sharding key tracking issues for audit_events (merge request)
- Quarantine a flaky test (merge request)
- Resolve Layout/FirstHashElementIndentation 3 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Fix Lint/AmbiguousRegexpLiteral 2 offenses by @archish27 (merge request)
- Add and backfill group_id for audit_events_streaming_event_type_filters (merge request)
- Clean up arkose_labs_phone_verification_challenge FF (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Add and backfill group_id for audit_events_streaming_headers (merge request)
- Mark 20230530500000 as obsolete (merge request) GitLab Enterprise Edition
- Draft: Add sharding key tracking issues for user_profile (merge request)
- Update capitalization of beta and experiment in ui (merge request)
- Finalize migration BackfillNugetNormalizedVersion (merge request)
- Add and backfill group_id for boards_epic_board_labels (merge request)
- Fix Layout/ArgumentAlignment offenses 44 by @gauravmarwal (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Remove the use_only_onboarding_status_db_value feature flag (merge request) GitLab Enterprise Edition
- Resolve Layout/ArgumentAlignment offenses 49 by @gauravmarwal (merge request) GitLab Enterprise Edition
- Draft: Add sharding key tracking issues for package_registry (merge request)
- Resolve Layout/ArgumentAlignment offenses 70 by @gauravmarwal (merge request)
- Add and backfill group_id for boards_epic_board_positions (merge request)
- Update validations for Push Mirrors (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/SpaceInLambdaLiteral 16 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Finalize issue search data backfill migration (merge request)
- Resolve Layout/FirstHashElementIndentation 2 by @gauravmarwal (merge request)
- Ignore manually created MergeRequestsClosinIssues records (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 8 offenses by @archish27 (merge request)
- Resolve Layout/ArgumentAlignment offenses 67 by @gauravmarwal (merge request)
- Mark 20230519142363 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230428500000 as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230613555555 as obsolete (merge request) GitLab Enterprise Edition
- Quarantine protected_branches_access_control_ce_shared_examples.rb (merge request)
- Draft: Add sharding key tracking issues for feature_flags (merge request)
- Extract GitLab-Shell JWT token verification into a class (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add sharding key tracking issues for source_code_management (merge request)
- Mark 20230503064300 as obsolete (merge request) GitLab Enterprise Edition
- Remove Message about moved Pages Menu entry (merge request)
- Draft: Add sharding key tracking issues for purchase (merge request)
- Draft: Add sharding key tracking issues for metrics (merge request)
- Draft: Add sharding key tracking issues for consumables_cost_management (merge request)
- Draft: Add sharding key tracking issues for groups_and_projects (merge request)
- Draft: Add sharding key tracking issues for compliance_management (merge request)
- Fix Layout/SpaceInLambdaLiteral 12 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/SpaceInLambdaLiteral 23 offenses by @archish27 (merge request)
- Remove or_issuable_queries feature flag (merge request)
- Mark 20230519500012 as obsolete (merge request) GitLab Enterprise Edition
- Remove
k8s_watch_api feature flag (merge request)
- Mark 20230427555555 as obsolete (merge request) GitLab Enterprise Edition
- Fix Layout/MultilineOperationIndentation 1 offenses by @archish27 (merge request)
- Remove alpha label (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Remove feature flag "use_remote_mirror_create_service" (merge request)
- Protected packages: Shorten GraphQL field
protectionRuleExists Part 2 by @gerardo-navarro (merge request)
- Fix Layout/ArgumentAlignment offenses 16 by @gauravmarwal (merge request)
- Fix Layout/SpaceInLambdaLiteral 17 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Finalize BackupAndRemoveNotesWithNullNoteableType migration (merge request)
- Fix Layout/SpaceInLambdaLiteral 9 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 19 offenses by @archish27 (merge request)
- Fix Layout/LineContinuationLeadingSpace 3 by @archish27 (merge request)
- Fix Lint/DeprecatedConstants Layout/FirstArgumentIndentation offenses by @archish27 (merge request)
- Add sync index and swap columns (merge request)
- Fix Lint/AmbiguousRegexpLiteral 4 offenses by @archish27 (merge request)
- Remove duplicated index from alert_management_http_integrations (merge request)
- Fix Layout/MultilineOperationIndentation 4 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInsideParens offenses 5 by @archish27 (merge request) GitLab Enterprise Edition
- Draft: Add sharding key tracking issues for seat_cost_management (merge request)
- Fix Layout/SpaceInLambdaLiteral 6 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 21 offenses by @archish27 (merge request)
- Finalize migration BackfillArchivedAndTraversalIdsToVulnerabilityReads (merge request)
- Draft: Add sharding key tracking issues for global_search (merge request)
- Fix Layout/SpaceInsideParens offenses 4 by @archish27 (merge request) GitLab Enterprise Edition
- Update Node-Express template with an updated code (merge request)
- Add and backfill project_id for approval_project_rules_users (merge request)
- Finalize BackfillEpicBasicFieldsToWorkItemRecord background migration (merge request)
- Draft: Add sharding key tracking issues for deployment_management (merge request)
- Draft: Add sharding key tracking issues for release_orchestration (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Resolve Layout/FirstHashElementIndentation 14 by @gauravmarwal (merge request)
- Resolve Layout/FirstHashElementIndentation 1 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 87 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 84 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Resolve Layout/ArgumentAlignment offenses 81 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 77 by @gauravmarwal (merge request)
- Resolve Layout/ArgumentAlignment offenses 69 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove disable_developer_access_to_admin_vulnerability feature flag (merge request) GitLab Enterprise Edition
- Remove autovacuum skip for ci_builds related BBMs (merge request)
- Remove pool_key label in connection pool metrics (merge request)
- Fix Layout/ArgumentAlignment offenses 4 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/ArgumentAlignment offenses 11 by @gauravmarwal (merge request)
- Add and backfill project_id for approval_merge_request_rules (merge request)
- Fix Lint/SymbolConversion 4 offenses by @archish27 (merge request)
- Fix Layout/FirstArrayElementIndentation 2 offenses by @archish27 (merge request) GitLab Enterprise Edition
fix (1 change)
17.0.8 (2024-09-16)
No changes.
17.0.7 (2024-09-10)
Fixed (2 changes)
- Fix Sidekiq crashing when GITLAB_LOG_LEVEL set to debug (merge request)
- Backport Fixes Geo Replication Details view (merge request) GitLab Enterprise Edition
17.0.6 (2024-08-06)
Changed (1 change)
Security (13 changes)
- Show correct file content (merge request)
- Fix Possible asciidoctor include:: directive DOS (merge request)
- Filter parameters in Rack::Attack logs (merge request)
- Update audit payload (merge request)
- Limit access to project accessed by Security Policy Bot (merge request)
- Show alert about not rendering files due to path encoding (merge request)
- Fix the catastrophic backtracking (merge request)
- Security fixes for banzai pipeline part 2 (merge request)
- Remove xhtml extensions from snippets blobs (merge request)
- Add a project scope to LfsTokens (merge request)
- Fix ReDoS when parsing git push options (merge request)
- Fix ReDoS in RefMatcher (merge request)
- Enforce
require_password_to_approve MR approval policy property (merge request)
17.0.5 (2024-07-24)
Added (1 change)
Fixed (1 change)
Security (7 changes)
- Refactor import_export_upload to be user-based (merge request)
- Fix for private txt artifacts being accessible through the artifacts/browse link (merge request)
- Attribute BulkImport::Export to a particular user (merge request)
- Don't include project-level analytics settings in DOM (merge request)
- Fix for private dotenv artifacts not accessible to downstream jobs (merge request)
- Do not allow script execution on dependency responses (merge request)
- Remove prohibited tags after import (merge request)
17.0.4 (2024-07-09)
Fixed (1 change)
Security (9 changes)
- Disallow serving Pages over disabled custom domains with deployments (merge request)
- Check npm package name, version and scripts coherence (merge request)
- Check for create_deploy_token policy before creating deploy token (merge request)
- Check if user has ban_group_member access before banning in namespace (merge request)
- Prevent privilege escalation via custom role (merge request)
- Prevent using quick actions for some bot users (merge request)
- Disable raw HTML for quick action pipeline (merge request)
- Disable quick actions unless description changed (merge request)
- Remove comment support from shrug and tableflip (merge request)
17.0.3 (2024-06-25)
Fixed (5 changes)
- Only enumerate commits in pre-receive check if push came from Web
- Only allow documented token types for GraphQL authentication
- Fix error when calling GQL ciConfig endpoint with include:component
- Update an expired test certificate
- Fix missing filename when downloading generic package in release page
Changed (1 change)
Security (14 changes)
- Security fixes for banzai pipeline (merge request)
- Fix the catastrophic backtracking in openapi regex (merge request)
- Use permitted_params for standalone and multiplex queries (merge request)
- Fix for Private job artifacts can be accessed by any user (merge request)
- Remove search results from public projects with unauthorized repos (merge request)
- Do not run a new pipeline on re-target (merge request)
- Add limits on autolinker regex (merge request)
- Fix clickjacking on OAuth application page (merge request)
- Hide branch merge request if merge requests are private (merge request)
- Remove collapseLongCommitList method (merge request)
- Pass SSO session data to Sidekiq (merge request)
- Prevent non-members from using promote_to quick action for quick actions (merge request)
- Reject deletion of security policy project approval rules (merge request)
- Mitigate ReDoS attacks via
method_call_regex (merge request)
17.0.2 (2024-06-11)
Fixed (1 change)
- Fix instance templates pagination GitLab Enterprise Edition
Changed (1 change)
Security (4 changes)
- XSS and content injection raw XHTML files on IOS devices (merge request)
- Improve go_package_regex to prevent ReDoS attacks (merge request)
- Fix ReDoS in CI Interpolation (merge request)
- Verify Asana access token when testing Asana integration (merge request)
17.0.1 (2024-05-21)
Fixed (2 changes)
- Don't fail so loudly if default work item type is invalid
- Ensure BLPOP/BRPOP returns nil instead of raising ReadTimeoutError
Security (7 changes)
- Prevent PDF.js from evaluating scripts (merge request)
- Caching test_report api response to reduce calculations (merge request)
- Restrict access to Secure artifacts to developer role (merge request)
- Fail create commit status on pipeline_id / sha mismatch (merge request)
- Use UntrustedRegexp for gollum pattern (merge request)
- Patch @gitlab/web-ide to fix XSS webWorkerExtensionHostIframe.html (merge request)
- Add text limit to ci_runners text fields (merge request)
17.0.0 (2024-05-15)
Added (164 changes)
- Add more actions to work item sticky header (merge request)
- Expose webhook name and description fields in API (merge request)
- Expose VSA metrics via GraphQL (merge request)
- Update project policy to use admin_push_rules (merge request) GitLab Enterprise Edition
- Document migration to multiple databases for Streaming Replication setup (merge request)
- Auto assign the new members a duo pro seat (merge request) GitLab Enterprise Edition
- Augment GCS signed URLs with GitLab metadata for package registry (merge request)
- Add automatic color mode (merge request)
- Enable ai_gateway_docs_search as beta feature (merge request) GitLab Enterprise Edition
- Set imported_from for Direct Transfer objects (merge request)
- Adding create and delete apis for group namespace filters (merge request) GitLab Enterprise Edition
- Cleanup default_branch_protection_defaults feature flag (merge request)
- Warn when pages multiple deployments is disabled (merge request) GitLab Enterprise Edition
- Add admin_web_hook ability to custom roles (merge request) GitLab Enterprise Edition
- Add new params in protected branch creation (merge request) GitLab Enterprise Edition
- Add reassigned_by_user to import_source_users (merge request)
- Migrate Value streams dashboard to shared analytics dashboards (merge request)
- Enable approval_policy_disable_bot_comment by default (merge request) GitLab Enterprise Edition
- Add creator relationship to namespaces (merge request)
- Add mutation for clearing project runner cache (merge request)
- Enables external participants for Service Desk (merge request)
- Add tooltip with raw counts to AI usage rate values in AI Impact table (merge request) GitLab Enterprise Edition
- Expose imported status for relevant entities (merge request)
- Update project_saved_replies_flag to default
true (merge request) GitLab Enterprise Edition
- Delete users unconfirmed secondary emails after 3 days (merge request)
- Add labels and assignees widgets to work items create mutation (merge request)
- Allow additional parameter: published_at for sorting (merge request)
- Expose last_published_at field from API (merge request)
- Add a worker to remove stuck canceling jobs (merge request)
- Bypass secrets check via push option (merge request)
- Implement default branch protection defaults (merge request)
- Adds Phorge logo (merge request)
- Organization owner project permissions (merge request)
- Add BranchRuleExternalStatusCheckDestroy mutation (merge request) GitLab Enterprise Edition
- Adds templating functionality to new participant email (merge request)
- Add gql option to ciCatalogResources to sort by usage (merge request)
- Adding aws audit event destination validator (merge request) GitLab Enterprise Edition
- Protected packages: Show protection info in package detail page by @gerardo-navarro (merge request)
- Add scan result policy deprecated warning (merge request) GitLab Enterprise Edition
- Add imported_from column (merge request)
- Backfill work items for epics (merge request)
- Clean up auto_request_phone_number_verification_exemption feature flag (merge request) GitLab Enterprise Edition
- Support rules:exists subkeys
paths, project, and ref (merge request)
- Allow group owners to enable duo pro auto assign (merge request) GitLab Enterprise Edition
- Roll out deployment details page (merge request)
- Add validation error to input (merge request) GitLab Enterprise Edition
- Protected packages: Use icon only for delete rule button by @gerardo-navarro (merge request)
- Adds
Beta badge for analytics dashboards (merge request) GitLab Enterprise Edition
- Secrets push check uses project level settings (merge request)
- This MR adds drawer for pipeline execution (merge request) GitLab Enterprise Edition
- Index
vulnerability_reads for common group-level queries (merge request)
- Add status to Ci::Partition (merge request)
- Make view Jira issues configurable via API by @ivantedja (merge request)
- Add Update avatar api endpoint for current user by @lifez (merge request)
- Add audit event for deleting web hooks (merge request) GitLab Enterprise Edition
- Add silent_admin_exports_enabled setting (merge request)
- Allow groups to be added to the inbound allowlist (merge request)
- Support deep linking to search results on the CI/CD catalogue page by @espadav8 (merge request)
- Add setting for enabling CS for Registry (merge request) GitLab Enterprise Edition
- Create BranchRuleExternalStatusCheckUpdate mutation (merge request) GitLab Enterprise Edition
- Added validation of http destinations (merge request) GitLab Enterprise Edition
- Add empty states for deployment approvals (merge request) GitLab Enterprise Edition
- Finalize
BackfillVulnerabilityReadsClusterAgent migration (merge request)
- Add achievementsPath to NamespaceType for graphql by @ChaelCodes (merge request)
- Add UI components for Beyond Identity check exclusions (merge request)
- Add
status field to CustomizableDashboard GraphQL API (merge request) GitLab Enterprise Edition
- Add support for ordering group runners by most active (merge request)
- Added CreateService (merge request) GitLab Enterprise Edition
- Add manual_confirmation by @lifez (merge request)
- Frontend work for regex filter on Zoekt code search (merge request)
- Remove "update_changelog_logic" FF (merge request)
- Limit the number of active versioned pages deployments (merge request)
- Added model for instance namespace filters (merge request) GitLab Enterprise Edition
- Sort labels by relevance on search (merge request)
- Add VerifyNamespaceService to change validation_level (merge request)
- Synch add tmp indexes for
vulnerability_occurrences backfill (merge request)
- Adds support to filter packages by status (merge request)
- Rate limit internal X-Ray scan API endpoint (merge request) GitLab Enterprise Edition
- Clean up arkose_labs_signup_data_exchange feature flag (merge request) GitLab Enterprise Edition
- Create partitioned merge_request_diff_files_* table (merge request)
- Add pipeline source check for security_policy_default (merge request) GitLab Enterprise Edition
- This MR adds pipeline execution queries (merge request) GitLab Enterprise Edition
- Adds system note when external participant unsubscribes (merge request)
- Add Bitbucket Cloud Import API (merge request)
- Add enable_auto_assign_gitlab_duo_pro_seats setting (merge request) GitLab Enterprise Edition
- Add support to list child pipelines in project (merge request)
- Default enable approval_policy_parent_child_pipeline (merge request) GitLab Enterprise Edition
- Finish value stream stages read GraphQL API (merge request) GitLab Enterprise Edition
- Support X-Original-To headers for email ingestion (merge request)
- Support banned projects in VisibilityIcon component by @espadav8 (merge request)
- Move Analytics settings to a new admin settings section (merge request) GitLab Enterprise Edition
- This MR adds new resolver (merge request) GitLab Enterprise Edition
- Add ID of runner owner group in ci_running_builds (merge request)
- Add REST API endpoints to list, create, delete instance member roles (merge request) GitLab Enterprise Edition
- Refactor refresh user assignments jobs (merge request) GitLab Enterprise Edition
- Allow fetching related merge requests on a WorkItem (merge request)
- feat: Add throttle app settings for unauthenticated GIT HTTP requests by @gerardo-navarro (merge request)
- Prepare async index for p_ci_builds.user_id (merge request)
- Add GraphQL API for policy violations (merge request) GitLab Enterprise Edition
- Add missing arguments for creating a work item epic (merge request)
- Reconcile Seat Overage (merge request) GitLab Enterprise Edition
- Early Access Program tracking init (merge request)
- Add full log viewer (merge request)
- Add frontend for user registration restrictions (merge request) GitLab Enterprise Edition
- Create index on user_add_on_assignments (merge request)
- Updated requesting changes blocking behaviour (merge request)
- Add limit warning message (merge request) GitLab Enterprise Edition
- Add admin compliance framework as custom ability (merge request) GitLab Enterprise Edition
- Add solution_html to PipelineSecurityReportFindingType (merge request) GitLab Enterprise Edition
- Show which group user approved for (merge request) GitLab Enterprise Edition
- Add new fields for orchestration helper (merge request) GitLab Enterprise Edition
- Document pitfalls with upgrading PostgreSQL across glibc versions (merge request)
- Improve backup logging by log levels by @imskr (merge request)
- Added create and delete api for instance level event filters (merge request) GitLab Enterprise Edition
- Sync create indexes and validate fks for ci_pipelines bigint id (merge request)
- Allow users to select which group to approve as (merge request) GitLab Enterprise Edition
- This MR adds new humanization rules (merge request) GitLab Enterprise Edition
- Add actions dropdown to work item links (merge request)
- Add functions to search for merge_user in merge request view by @schurzi (merge request)
- Saved MemberRoleId when passed (merge request) GitLab Enterprise Edition
- Track Secret Detection vulnerabilities as they move within the file (merge request) GitLab Enterprise Edition
- Add weight to iteration issue list (merge request) GitLab Enterprise Edition
- Use Progressive Web App (PWA) icon as apple-touch-icon if defined by @bufferoverflow (merge request)
- Expose trigger short token to CI by @kevin.gosa (merge request)
- Support GitLab flavored markdown in finding modal description (merge request) GitLab Enterprise Edition
- Add secure schemas version 15.1.0 (merge request)
- Extracted Billable code to a shared util file (merge request) GitLab Enterprise Edition
- GraphQL: Add upgradeStatus field to RunnerManagerType (merge request) GitLab Enterprise Edition
- Support epoch millis when ingesting alerts (merge request)
- Audit Event when merge request approval setting is updated (merge request) GitLab Enterprise Edition
- Add REST API to update pages settings by @jzeng88 (merge request) GitLab Enterprise Edition
- Obfuscate external participants emails in system notes (merge request)
- Protected packages: Delete protection rules in project settings ui by @gerardo-navarro (merge request)
- Jira issues - Display error message returned from jira response (merge request)
- Expose auto_stop_at in Environments api by @devDavidBox (merge request)
- Show admin mode within active sessions view (remove feature flag) by @bufferoverflow (merge request)
- Add new panel title interpolation options to analytics dashboards (merge request) GitLab Enterprise Edition
- Add imported column to resources (merge request)
- Add support for showing a popover for milestones in GFM (merge request)
- Exposed web_path on the MR GraphQL type by @zillemarco (merge request)
- Expose project/namespace IDs in
internal/allowed response (merge request)
- Add edit button to policies list in edit screen (merge request) GitLab Enterprise Edition
- Added MemberApprovalFinder (merge request) GitLab Enterprise Edition
- Remove the
tailwind_all_the_way feature flag (merge request)
- Added keyboard shortcut (merge request)
- Add a branch check for default security policy config (merge request) GitLab Enterprise Edition
- Prepare async index for p_ci_builds.project_id (merge request)
- Add confirmation when closing blocked work items (merge request)
- Add setting for enabling CS for Registry (merge request) GitLab Enterprise Edition
- Add feature flag for stopping CH data ingestion (merge request) GitLab Enterprise Edition
- Prepare async indexes and fks for ci_pipelines.id_convert_to_bigint (merge request)
- Sync create indexes p_ci_builds runner_id (merge request)
- Add median time to merge metric to VSD (merge request) GitLab Enterprise Edition
- Add milestone and iteration to board card (merge request)
- Added possibility to sort todos from GraphQL by @zillemarco (merge request)
- Always submit note via key shortcut with shift (merge request)
- Adds a new keep file to remove duplicated indexes (merge request)
- Add migration for semver_prefixed column (merge request)
- Use object exist check for codeowners file (merge request) GitLab Enterprise Edition
- Show warning when a group webhook is disabled (merge request)
- Add error to indicate email is linked to an account pending deletion (merge request)
- Remove exempt_paid_namespace_members_...from_identity_verification FF (merge request) GitLab Enterprise Edition
- Remove internal_events_for_product_analytics FF (merge request)
- GraphQL: Add queuedDuration field to CiJobsStatistics (merge request) GitLab Enterprise Edition
Fixed (161 changes)
- Trigger epic dates update when adding or removing a child epic (merge request) GitLab Enterprise Edition
- Fix default protected branch settings for user namespace (merge request)
- Fix a dependency proxy upload premature interruption in workhorse (merge request)
- Fixes requested access users when excluding guests (merge request) GitLab Enterprise Edition
- Add break-all class to stages dropdown (merge request)
- Normalize golang component name when looking up their license (merge request)
- Fix code suggestions and diagrams in rich text (merge request)
- Merge commit message: Use monospace font (merge request)
- Fix custom dashboards not saving on non-"main" branch (merge request) GitLab Enterprise Edition
- Exclude ci_secure_files from Workhorse-accelerated types (merge request)
- Fix license approval policy for pre-existing license_state (merge request) GitLab Enterprise Edition
- Rescue errors in ActionCable #connect (merge request)
- Hide download button on blob viewer (merge request)
- Fix text on vulnerability report alert (merge request) GitLab Enterprise Edition
- Fix NoMethodError for BranchesController (merge request)
- Prevent WebIDE from crashing on message (merge request)
- Add requested_path to readmeHtml field resolver (merge request)
- Handle dashboard pointer in sync funnels worker (merge request) GitLab Enterprise Edition
- Fix blob border radius (merge request)
- Add word break to the job log sidebar (merge request)
- Release calling after_script on cancel (merge request)
- Reject zero-length component names and versions (merge request) GitLab Enterprise Edition
- Correctly handle empty default branch protection defaults (merge request)
- Fix alignment in rolled up dates widget (merge request)
- Exclude YAML languages in the wiki search results (merge request) GitLab Enterprise Edition
- Fix escaping dismissal descriptions on MR widget (merge request) GitLab Enterprise Edition
- Update fetch path of raw logs (merge request)
- Handle an empty "subjectAltName" field for X.509 certificates (merge request)
- Calculate correct access level of members invited through group (merge request)
- High contrast mode fixes for topbar and sidebar navigation (merge request)
- Fix milestone dropdown on incident sidebar (merge request)
- Preserve approval rules when role changes (merge request)
- Allow auto merge on created and blocked pipelines (merge request)
- Fix 500 errors when viewing empty CI artifacts image (merge request)
- Fix notice for projects (merge request) GitLab Enterprise Edition
- Upgrade to semver_dialects 3.0.0 (merge request) GitLab Enterprise Edition
- SSO enforcement: Sessionless activity does not need to be allowed for Owner without session (merge request) GitLab Enterprise Edition
- Add apk to supported package managers (merge request) GitLab Enterprise Edition
- Handle window popstate events for registry search (merge request)
- Release raising permissions of group APIs to owner for package settings (merge request)
- Load the system cert pool when dialing websocket channels in workhorse by @jlsalmon (merge request)
- Fixed flaky billable member spec (merge request) GitLab Enterprise Edition
- Fix broken link to CI troubleshooting doc from merge requests (merge request)
- Cancel outdated deployments for jobs with resource groups (merge request)
- Fix race condition when changing dashboard filters quickly (merge request) GitLab Enterprise Edition
- gitlab-zip-metadata: Ensure 0-byte files have a size field (merge request)
- Disable sidekiq shard validation for /admin/sidekiq path (merge request)
- Show global search filter button when sidebar is auto collapsed (merge request)
- Update pipeline_triggers plan limits to 25k for Premium and Ultimate (merge request)
- Fix handling of analytics visualizations with hyphens (merge request) GitLab Enterprise Edition
- Prevent board epic lane header from moving before sticky (merge request) GitLab Enterprise Edition
- Adjust left and right margins of board top bar and content (merge request)
- Allow developers to create an issue for a vulnerability (merge request) GitLab Enterprise Edition
- Fix board epic swimlane header background in dark mode (merge request) GitLab Enterprise Edition
- Improve issue searches for URLs (merge request)
- Upgrade to grpc v1.63.0 (merge request)
- Ignore tag pipelines for MR approval policies (merge request) GitLab Enterprise Edition
- Rescue from validation errors when uploading terraform modules (merge request)
- Allow access to roles/permissions page via read_member_role permission (merge request) GitLab Enterprise Edition
- Ensure assignee array has values before passing argument to finder (merge request)
- Fix dark mode search token coloring and dropdown active/hover colors (merge request)
- Casts finalized_by migration version to an integer (merge request)
- Do not overwrite findings_by_commits hash (merge request)
- Allow admins to be able to link issues (merge request)
- Changed the email validation for only encoded chars (merge request)
- Fix resetting approvals when pipeline is manual (merge request) GitLab Enterprise Edition
- Use tmpdir for relation import extraction (merge request)
- Consume response stream to finish when calling UserMergeBranch (merge request)
- Fix style of search tokens in dark mode (merge request)
- Fix pattern matching for
prevent_pushing_and_force_pushing (merge request) GitLab Enterprise Edition
- Align project avatar to the top by @grace-chung (merge request)
- Fix loading state for group invite modal (merge request) GitLab Enterprise Edition
- Schedule Dora updates after MR linking process (merge request) GitLab Enterprise Edition
- Sync approval rules even when security_scans are duplicated (merge request) GitLab Enterprise Edition
- Account for protected branches without backing git refs (merge request) GitLab Enterprise Edition
- Include template in deprecated flafinder-sast job (merge request)
- Add AzureRM support to orphan artifacts cleanup (merge request)
- Fix work item child status icon color (merge request)
- Use locale-specific formatting for numbers in the AI Impact Dashboard (merge request) GitLab Enterprise Edition
- Allows ml_model pending destruction (merge request)
- Fixes issue with registry search query params when removed (merge request)
- MR list: Fix overlapping search icon (merge request)
- Create refs/merge-requests/:iid/head refs for imported merge requests (merge request)
- Fixed MR list layout on mobile by @zillemarco (merge request)
- Apply truncation to other Pypi metadatum fields (merge request)
- Legacy HAML filtered search: Fix reset search (merge request)
- Zoekt search enable should respect expiriment setting (merge request) GitLab Enterprise Edition
- Replace markdown escpae filters (merge request)
- Allow Developers to create external issue links for vulnerabilities (merge request) GitLab Enterprise Edition
- Always return the direct member of an object that requests it (merge request)
- Fix blurry avatars in Members list (merge request)
- Branch target settings: Change spacing of table row (merge request) GitLab Enterprise Edition
- Avoid sub-group destruction in group link synchronization (merge request)
- Fix project_path sorting scopes in Packages::Package model (merge request)
- Fix flaky test in Epics > User uses quick actions (merge request) GitLab Enterprise Edition
- Fix bug of coverage check approval rules (merge request)
- Decouple read_vulnerability from read_dependency (merge request) GitLab Enterprise Edition
- Update XRay Add-On Access check (merge request) GitLab Enterprise Edition
- Show zero based coverage (merge request)
- Only allow documented token types for GraphQL authentication (merge request)
- Fix inherited member source not visible to subgroup members (merge request)
- Fix bug preventing instance settings being inherited by project (merge request) GitLab Enterprise Edition
- Fix empty CommitMessage error (merge request)
- Pass correct reference for modal work item (merge request)
- Fix trailing slash in Maven dependency proxy upstream URL (merge request)
- Reject git LFS push when the namespace is over the free tier user limit (merge request) GitLab Enterprise Edition
- Fix broadcast message text in darkmode (merge request)
- Do not move "You" to front of emoji award list (merge request)
- Zoekt: Fix exact search mode (merge request) GitLab Enterprise Edition
- fix: Avoids whitespace when displaying the version number by @gerardo-navarro (merge request)
- Fix type error when the file_name is not set (merge request)
- Resolve query performance regression on sbom reports (merge request) GitLab Enterprise Edition
- Add fullPath to CatalogResource graphl query (merge request)
- Fixes N+1 on ExperimentsController (merge request)
- Fixed drawer view with two column (merge request)
- Resolve homepage tooltip covering sidebar contents (merge request)
- Pipeline: Fix dropdown item focus in darkmode (merge request)
- Fix vulnerability list table head (merge request) GitLab Enterprise Edition
- Improve extra_slug_path_sanitization account creation (merge request)
- Truncate/Wrap around exit codes larger than 32767 (merge request)
- Render alert when raw text search attempted in Issue Analytics (merge request) GitLab Enterprise Edition
- Clear license caches before license reset in seat link sync (merge request) GitLab Enterprise Edition
- Let merge request sidebar scroll (merge request)
- Non-admins can change "Allow runner registration token" (merge request)
- Migrate deprecated dropdown in pipeline deployment widget (merge request)
- Package detail: Assets table adjustments (merge request)
- Fix N+1 queries with autocomplete recent items (merge request) GitLab Enterprise Edition
- Let sidekiq handle retries (merge request) GitLab Enterprise Edition
- Fix math block alert rendering (merge request)
- Add missing handler for protected branches Deploy key (merge request)
- Fix todo count going from 99+ down to 98 (merge request)
- Fixes deleting last page of package assets deleting entire package (merge request)
- Allow incomplete bucket for Secure Files in object storage config (merge request)
- Package registry detail page: Use secondary text for help text (merge request)
- Skip license capacity check for security policy bot user (merge request) GitLab Enterprise Edition
- Fix box-shadow colors in Tailwind (merge request)
- Fixes missing webUrl on associated projects (merge request) GitLab Enterprise Edition
- Add gl-text-left to stage name in job (merge request)
- Fix Usage Overview panel title's popover positioning (merge request) GitLab Enterprise Edition
- Only add to merge train if not already there (merge request) GitLab Enterprise Edition
- Fix bottom popover arrow color (merge request) GitLab Enterprise Edition
- Fix toggle behavior for board iteration and label edits (merge request) GitLab Enterprise Edition
- Work items widgets: Fix alignments of items (merge request)
- Add jitter to StoreSecurityReportsWorker lock retries (merge request) GitLab Enterprise Edition
- Fix link to self-hosted docs in sidebar help menu (merge request)
- Fix prominent create board button alignment (merge request)
- Fix error for truncated height (merge request)
- Fix incorrect
locked state for missing group settings (merge request) GitLab Enterprise Edition
- Fix FetchPolicyApproversService for ComplianceFramework (merge request) GitLab Enterprise Edition
- Use new math ability of markdown parser (merge request)
- Update split i18n strings to be more translatable (merge request)
- Fix built-in shadows in empty state dashboard SVGs (merge request)
- Fixing Flaky Test in ConsistencyCheckService (merge request)
- Fix LFS token check & add test for specific case by @kevin.gosa (merge request)
- When localStorage draft exists for comment reply, show it on load (merge request)
- Fix missing webUrl for associated framework projects (merge request) GitLab Enterprise Edition
- Update fog-google to v1.24.1 (merge request)
- Return Snippet.none when not referencing a project (merge request)
- Remove "fork_targets_finder_with_parents" feature flag (merge request)
- Fix downstream pipeline background color in dark mode (merge request)
- Remove lazy_merge_request_committers feature flag (merge request)
Changed (228 changes)
- Show project that invited group users on usage quota > seats page (merge request)
- Make default admin email not a known value (merge request)
- Fix(Confirm Order): handle 3DS failure (merge request) GitLab Enterprise Edition
- Add a generic error message when the error response is not of JSON type by @antonkalmykov (merge request)
- Use Claude 3 for some parts of Duo Chat (merge request) GitLab Enterprise Edition
- Add visual indicators for some items (merge request)
- Remove 'Get Started' page during registration (merge request) GitLab Enterprise Edition
- Use full-width for both inline and side-by-side diffs in compare (merge request)
- Update empty settings search result page (merge request)
- Remove :jira_multiple_project_keys feature flag (merge request)
- Remove role=button from related issues input (merge request)
- Add logging for keep-around references (merge request)
- Update how header anchors ids are generated (merge request)
- Remove use_database_for_dependencies_api feature flag (merge request) GitLab Enterprise Edition
- Update global search comments results UI (merge request)
- Update "removal" language to "deletion" for groups by @antonkalmykov (merge request) GitLab Enterprise Edition
- Allow overriding restricted variables from Scan Execution Policy (merge request) GitLab Enterprise Edition
- Improves alert message when multiple error packages exist (merge request)
- Adds logo for Pumble integration (merge request)
- Disable runner registration tokens on self-managed instances (merge request)
- Swap primary key with bigint column for ci_pipelines (merge request)
- Remove feature flag from downstream pipeline (merge request)
- Clean up cs_connect_with_sales feature and productize feature (merge request) GitLab Enterprise Edition
- Remove FF "allow_nokogiri_parse_huge_xml" (merge request)
- Changed timelogCreate mutation to not require the spentAt field by @zillemarco (merge request)
- Release changing npm package upload from sync to async (merge request)
- Updating ci_build and pipeline tracking data_category (merge request)
- Makes issue list title inline (merge request)
- Updating help text for Ci/Cd (merge request)
- Use database for dependency exports (merge request) GitLab Enterprise Edition
- Remove double border on todo row hover (merge request)
- Skip committer email checks for commits signed by GitLab (merge request)
- Replace gl-word-break-all to gl-break-all (merge request)
- Upgrade to semgrep v5 (merge request) GitLab Enterprise Edition
- Edit scheduled policy to inform that scan executes around provided time (merge request) GitLab Enterprise Edition
- Auto expand merge commit message field (merge request)
- Refactor text-gl-muted and use gl-text-secondary instead (merge request)
- Disable deprecated SAST analyzers for 17.0 release (merge request) GitLab Enterprise Edition
- MR commit message: Add AI icon to generate commit message feature (merge request)
- Add link to log viewer for long logs (merge request)
- Remove remove_jwks_endpoint FF (merge request)
- Remove Feature Flag remove_shared_jwts (merge request)
- Merge request widget: Fix action button height (merge request)
- Releases: Migrate item to use GlCard (merge request)
- Set Claude 3 sonnet as code generation default (merge request) GitLab Enterprise Edition
- Merge request list: Add new MR and more actions to Vue FF (merge request)
- Simplify UI text of Google Artifact Management (merge request) GitLab Enterprise Edition
- Upgrade DAST to use version 5 (merge request)
- Don't upsert work item types if not found in the DB (merge request)
- Sync indexes and swap columns user_id for p_ci_builds (merge request)
- Breadcrumbs text made more intuitive on new entities pages in Groups by @catinbag (merge request)
- Fix alignment for global search filter row (merge request)
- Added Branches page link to New Branch page breadcrumbs by @catinbag (merge request)
- Override bootstrap margin (merge request)
- Remove FF activity_filter_has_mr (merge request) GitLab Enterprise Edition
- Renames invite_email quickaction to add_email (merge request)
- Ignore migration-related fields in app settings (merge request)
- Update parent link validate_max_children validation (merge request)
- Remove link icons from search code results (merge request)
- Disable runner registration tokens for all groups on .com (merge request)
- Default-enable
fallback_behavior flags (merge request) GitLab Enterprise Edition
- Adds WAL receiver saturation indicator (merge request)
- Update global search milestone results page (merge request)
- Groups and Projects - Update invite tab name (merge request)
- Add batched migration to remove namespace from OS components (merge request)
- Remove overflow:hidden from gl-card (merge request)
- Rename report abuse to administrator to report abuse in dropdowns (merge request) GitLab Enterprise Edition
- Ignore migration columns in container repository (merge request)
- Update empty search result (merge request)
- This MR updates text rendering (merge request) GitLab Enterprise Edition
- Update license_finder to v7.1.0 (merge request)
- Create new group settings page for analytics (merge request) GitLab Enterprise Edition
- Remove overflow shadow in favor of border on readme (merge request)
- Show most recent contact in runner details (merge request)
- Modify breadcrumbs text by @jzeng88 (merge request)
- Move repository cleanup under maintenance section (merge request)
- Update time tracking report (merge request)
- Update illustrations for a chart with no jobs (merge request)
- Update quick action language (merge request)
- Protected containers: Use icon only for delete rule button by @gerardo-navarro (merge request)
- Add "Imported" badge to Notes (merge request)
- Prevented jobs allowed to fail from cancelling the pipeline by @zillemarco (merge request)
- Added highlighting of incorrect branch name on new branch page by @catinbag (merge request)
- Update terraform states UI (merge request)
- Removed published data for error packages by @jzeng88 (merge request)
- Remove experiment flag from Analytics GraphQL (merge request) GitLab Enterprise Edition
- Update Usage Overview panel to support subgroups (merge request) GitLab Enterprise Edition
- Move Zoekt to Search::Zoekt namespace by @jzeng88 (merge request) GitLab Enterprise Edition
- Remove overflow:hidden from gl-card (merge request)
- Enable /confidential quickaction for tasks (merge request)
- Remove extra borders around filter (merge request)
- Secret detection CLI message update (merge request)
- Add modal for epic work item creation (merge request) GitLab Enterprise Edition
- Update component include to use $CI_SERVER_FQDN (merge request)
- Apply rate limit to project hook test API endpoint (merge request)
- Removes "new" badge next to fleet dashboard link (merge request)
- Remove the left and right borders from the registry search block by @antonkalmykov (merge request)
- Update schema for clusterwide tables in threat insights (merge request)
- Update constants in catalog (merge request)
- Update major version to 5 for DAST API/API Fuzzing (merge request)
- Reset pagination on grouping change (merge request) GitLab Enterprise Edition
- Use "Previous" instead of "Prev" in pagination (merge request)
- Make metadata processing optional for Secure Files (merge request)
- Remove
admin_user_filtered_nav feature flag (merge request)
- Log zoekt node name in scheduling service (merge request) GitLab Enterprise Edition
- Merge request list: Migrate actions to Vue (merge request)
- Sync indexes and swap columns project_id for p_ci_builds (merge request)
- Sync indexes and swap columns project_id for p_ci_builds
- Update dependency auto-build-image to v4 (merge request)
- Move new list button out of board header into board content (merge request)
- Used constant for CSS classes in pipeline_failed_jobs_widget test by @catinbag (merge request)
- Restrict member roles REST API (merge request) GitLab Enterprise Edition
- Used gitlab-ui classes for time_ago in pipelines_page by @catinbag (merge request)
- Update the global search users results page (merge request)
- Add support for DAST 5 to DAST templates (merge request)
- Use database for dependencies API (merge request) GitLab Enterprise Edition
- Clean up epics/issues/MR search results (merge request)
- Refactor argument splat for edit framework handler (merge request) GitLab Enterprise Edition
- Pipeline Graph page: Improve repsonsive behavior of dropdown (merge request)
- Update milestone labels tab (merge request)
- Pipeline MiniGraph: Update tooltip content and direction (merge request)
- Add new illustrations to product analytics onboarding flow (merge request) GitLab Enterprise Edition
- Add "Imported" badge to Snippet header (merge request)
- Update
flux_resource_path (merge request)
- Update ProjectPipelinesResolver preloads (merge request) GitLab Enterprise Edition
- Added margin top to pipeline tabs (merge request)
- Always allow reading external pipeline builds (merge request)
- Update permissions to relate issues (merge request) GitLab Enterprise Edition
- Check membership with all_group_members (merge request) GitLab Enterprise Edition
- Add "Imported" badge to designs (merge request)
- User profile readme: Add ability to use hash scrollTo event (merge request)
- Move platform selection to runners "register" step (merge request)
- Remove FF activity_filter_has_remediations (merge request) GitLab Enterprise Edition
- Change project_level_sbom_occurrences default (merge request) GitLab Enterprise Edition
- Removes link to log viewer (merge request)
- Improve registry search query params generation (merge request)
- Update syntax options drawer title (merge request)
- Align presentation of pending deletion tab by @r2abreu (merge request) GitLab Enterprise Edition
- Add frontend validation for framework names (merge request) GitLab Enterprise Edition
- Only show project limits alert on affected project (merge request) GitLab Enterprise Edition
- Remove purchase_code_suggestions feature flag (merge request) GitLab Enterprise Edition
- Highlight search text on the global search result page (merge request)
- Remove start_pre_import method (merge request) GitLab Enterprise Edition
- Fix(Purchase addon): handle errors in the frontend (merge request) GitLab Enterprise Edition
- Fix(Purchase): handle 3DS error in the frontend (merge request) GitLab Enterprise Edition
- Swap columns runner_id for p_ci_builds (merge request)
- Issue list: Update search bar (merge request)
- Return or display Gitlab version if GITLAB_KAS_VERSION is a SHA (merge request)
- Render Storage Usage Quotas for Profile in CE (merge request)
- Fix bottom border for the last commit block (merge request)
- Update grpc to v1.62.0 and gitlab-labkit to v0.32.0 by @gitlab-dependency-update-bot (merge request)
- Update multiple entries in a single input guidance text (merge request)
- Replace "Play" with "Run" in pipeline action button titles (merge request)
- Add "Imported" text to User profile activity (merge request)
- Branch Rules: Allow to merge section with edit (merge request)
- Replace references to deprecated runner fields (merge request)
- Update badges on project security configuration page (merge request)
- Milestone header: Migrate kebab menu to GlDisclosureDropdown (merge request)
- Merge request: Show code dropdown on small screens (merge request)
- Remove usage of
latest for non catalog resource projects (merge request)
- Remove lock icon from admin mode setting (merge request)
- GraphQL: Rename RunnerMembershipFilter to CiRunnerMembershipFilter (merge request)
- GraphQL: Change CiRunnerType.projects default sort order (merge request)
- Upgrade Secret Detection Analyzer to v6 in CI templates (merge request)
- Allow migrations to be skipped on condition (merge request) GitLab Enterprise Edition
- Update dependency auto-build-image to v3 (merge request)
- Add new stream only audit event for repo download of public projects (merge request) GitLab Enterprise Edition
- Migrate explore search and sort to filtered search bar (merge request)
- Update time tracking UI (merge request)
- Change to work item namespace query (merge request)
- Add "Imported" badge to epic header (merge request) GitLab Enterprise Edition
- Change Duo Chat default final error message to be more friendly (merge request) GitLab Enterprise Edition
- Remove connecting lines in group list (merge request)
- Remove 'and' from component list (merge request)
- Capture running builds on non-shared runners (merge request)
- Update Usage Overview panel to support subgroups (merge request) GitLab Enterprise Edition
- Add "Imported" badge to MR header (merge request)
- Update analytics docs links for some metrics (merge request)
- Support JOB-TOKEN authentication header for generic packages (merge request)
- Format dates on analytics dashboards (merge request) GitLab Enterprise Edition
- Add imported badge on issue page (merge request)
- Fix display Mermaid plots in project CI/CD setting pages by @dannyelcf (merge request)
- Fix hover underline in comments icon in list view (merge request)
- Hide archived filter toggle with selected project (merge request)
- Display commit title instead of message (merge request)
- Update dependency auto-build-image to v2.1.0 (merge request)
- Upgrade Container Scanning to v7 (merge request)
- Upgrade to Gemnasium v5 (merge request) GitLab Enterprise Edition
- Package registry list: Change metadata appearance (merge request)
- Use GITLAB_LOG_LEVEL for Geo logs (merge request) GitLab Enterprise Edition
- Unblock fail-open
license_scanning rules without target pipeline (merge request) GitLab Enterprise Edition
- Update description field component (merge request)
- Update URLs for Terraform module registry pages by @jzeng88 (merge request)
- Change unneeded js test attribute to data attribute by @bahek2462774 (merge request)
- Remove restrict_member_roles feature-flag (merge request) GitLab Enterprise Edition
- Redesign create custom role permissions list (merge request) GitLab Enterprise Edition
- Add Duo Chat GA alert (merge request) GitLab Enterprise Edition
- Turn off the Trial Abandonment Survey sent from the GitLab application (merge request) GitLab Enterprise Edition
- Cleanup Feature Flag: usage_quotas_for_all_editions (merge request)
- Add
fallback_behavior property to MR approval policies (merge request) GitLab Enterprise Edition
- Move close action first (merge request)
- Use GITLAB_LOG_LEVEL for Sidekiq server logs (merge request)
- Protected packages: Use icon only for remove action (merge request)
- Remove :new_pipeline_graph FF (merge request)
- Update dependency auto-deploy-image to v2.90.0 (merge request)
- Remove duo_chat_current_resource_by_default feature flag (merge request)
- Pipeline graph items: Change tooltip orientation, content (merge request)
- Save resource verification level on publish (merge request)
- Add limitation for semi-linear/ff merge trains (merge request) GitLab Enterprise Edition
- Make basic information section expanded by default (merge request) GitLab Enterprise Edition
- Update "View raw" link (merge request)
- Move harbor integration sidemenu entry from operate to deploy (merge request)
- Show alert when project transfer is still running (merge request)
- Adjust the update password page (merge request)
- Register Sidekiq queues only from routing rules (merge request)
- Update compliance framework badge (merge request) GitLab Enterprise Edition
- MR sidebar: Put loading icon after participants title (merge request)
- Fix flaky test by sorting dependencies (merge request) GitLab Enterprise Edition
- Allow migrations to be skipped on condition (merge request) GitLab Enterprise Edition
- Cleanup gitlab_duo_chat_requests_to_ai_gateway feature flag (merge request)
- Bringing back ability to use iterations in incidents by @SlickDomique (merge request) GitLab Enterprise Edition
- Remove unnecessary div for vulnerability modal footer (merge request) GitLab Enterprise Edition
- Relax constraints when consolidated object storage settings is enabled (merge request)
- Pipeline Graph Drodpown: Use fluidWidth (merge request)
- Adjust border radius of collapsed conflicted file (merge request)
- Remove usages of
sub-header-block by @espadav8 (merge request)
- GraphQL: Rename CiRunnerUpgradeStatusType to CiRunnerUpgradeStatus (merge request)
- Update advice for QA selectors in rubocop output (merge request)
Deprecated (5 changes)
- Return an empty
pipelines in the package REST API payload (merge request)
- Disable the migration MigrateZoektSettingsInApplicationSettings (merge request)
- Sunset deprecated args for UpdateRepositoryStorageWorker#perform (merge request)
- REST: Deprecate runner details API fields (merge request)
- Remove CreateEmptyEmbeddingsRecordsWorker class by @jzeng88 (merge request) GitLab Enterprise Edition
Removed (59 changes)
- Remove license compliance app (merge request) GitLab Enterprise Edition
- Remove unused code_suggesitons project setting (merge request)
- Remove security_policies_breaking_changes feature flag (merge request) GitLab Enterprise Edition
- Remove confidential attribute from Note (merge request)
- Drop table geo_hashed_storage_migrated_events (merge request)
- Remove usages of deprecated runner fields (merge request)
- Remove compliance framework from settings (merge request) GitLab Enterprise Edition
- Remove Facebook OmniAuth integration (merge request)
- Delete temporary_storage_increase feature flag (merge request) GitLab Enterprise Edition
- Remove Twitter OmniAuth integration (merge request)
- Remove deprecated canDestroy and canDelete GraphQL fields (merge request)
- Remove loading status spinner for hand raise lead button (merge request) GitLab Enterprise Edition
- Remove min and max_concurrency option in Sidekiq cluster (merge request)
- Remove deprecate_unified_approval_rules feature flag (merge request)
- Remove beta badge (merge request)
- Remove unused FK(s) on geo_event_log table (merge request)
- Remove calls to the import API endpoints (merge request)
- Remove dead code from details page (merge request)
- Remove unused Dependency Scanning jobs (merge request)
- Remove ScanResultPolicy.groupApprovers graphql field (merge request) GitLab Enterprise Edition
- Remove deprecated Geo prometheus metrics (merge request) GitLab Enterprise Edition
- Drop path column (merge request)
- Remove Dependency Scanning artifact from CS template (merge request)
- Remove deprecated GitLab Agent GitOps docs (merge request)
- Remove migration worker files and update queues yml (merge request)
- Replace flawfinder analyzer with semgrep (merge request)
- Remove list_repos Rake task (merge request)
- Remove total_weight from BoardList type (merge request) GitLab Enterprise Edition
- Goodbye sentry-raven (merge request)
- Removes old funnels endpoint (merge request) GitLab Enterprise Edition
- Remove visual review tools (merge request)
- Remove required pipeline configuration feature (merge request) GitLab Enterprise Edition
- Remove vendored omniauth-azure-oauth2 by @bufferoverflow (merge request)
- Remove support for match_on_inclusion (merge request) GitLab Enterprise Edition
- GraphQL: Remove deprecated CiRunnerType fields (merge request)
- Remove License Scanning CI templates (merge request) GitLab Enterprise Edition
- Remove onboarding_step_url column from user_details (merge request) GitLab Enterprise Edition
- GraphQL: Remove deprecated DISABLED_WITH_OVERRIDE value (merge request)
- Remove support for newly_detected vulnerability status (merge request) GitLab Enterprise Edition
- Remove VSA cumulative duration FF (merge request) GitLab Enterprise Edition
- Replace NodeJS and PHPCS analyzer with semgrep (merge request)
- Remove cadence_validation feature flag (merge request) GitLab Enterprise Edition
- Remove :simplified_labels FF (merge request)
- Remove networkpolicies field from ProjectType (merge request) GitLab Enterprise Edition
- Remove
message field from Vulnerability GraphQL type (merge request) GitLab Enterprise Edition
- Remove deprecated DORA API fields (merge request) GitLab Enterprise Edition
- Drop diff summaries table (merge request)
- Remove min and max_concurrency option in Sidekiq cluster (merge request)
- Clean up duo_pro_trials_for_free_plans feature flag (merge request) GitLab Enterprise Edition
- Dropping unsused table external_approval_rules_protected_branches (merge request)
- Remove queue selector and negate options from Sidekiq cluster CLI (merge request)
- Remove shared avatar for security policy bots (merge request) GitLab Enterprise Edition
- Remove legacy replication details routes redirection (merge request) GitLab Enterprise Edition
- Remove current_stage argument from EntityWorker (merge request)
- Remove deprecated confidence field from GraphQL (merge request) GitLab Enterprise Edition
- Remove GraphQL field
hasSolutions from VulnerabilityType (merge request) GitLab Enterprise Edition
- Remove ci_catalog_create_metadata feature flag (merge request)
- Remove the feature flag filter_saml_response (merge request)
- Remove auto_fix for security settings (merge request)
Security (18 changes)
- Prevent deploy token bypass for external authentication (Part 2) (merge request)
- Fix confidentiality check optimization
- Enforce per_page validation for Branches/TagsFinders
- Prevent namespace banned users from reading project todos
- Validate request origin before MR approval
- ReDoS in GitRefsFinder when using wildcards in branch search
- Update GITHUB_MEDIA_CDN to avoid SSRF when importing from Github
- Require confirmation before linking JWT identity
- ReDos in escape and commit reference filters
- Check request size before updating user pins
- Update BaseMessage::RELATIVE_LINK_REGEX regex
- Update Integrations::Discord::ATTACHMENT_REGEX regex
- Fix guest access for setting time estimate on issues (merge request)
- Forbid untrusted sign-ins to GitLab with Bitbucket and fix related uid
- fix: Validate security report version against schema during parsing
- Validation for encoded formatting characters
- Protect against ReDoS in FileFinder with wildcard filters
- Ensure PAT scope is validated everywhere for GraphQL/ActionCable
Performance (9 changes)
- Improve ServiceHook and SystemHook specs (merge request)
- Remove pipelines schedules delay feature flag (merge request)
- Remove ExclusiveLease on setting last_activity_on (merge request)
- Release avoiding copy operation in terraform modules upload (merge request)
- Remove index index_vulnerabilities_on_detected_at_and_id by @jzeng88 (merge request)
- Use backend filtering for @ autocomplete (merge request)
- Don't update
vulnerability_reads records unnecessarily (merge request) GitLab Enterprise Edition
- Direct answering instead of using IssueReader (merge request) GitLab Enterprise Edition
- Add limit to RelatedPipelinesFinder (merge request) GitLab Enterprise Edition
Other (191 changes)
- Fix Layout/LineContinuationLeadingSpace 1 by @archish27 (merge request) GitLab Enterprise Edition
- Document
bounded_contexts.yml in Software Design Guides (merge request)
- Protected packages: Shorten GraphQL field for by @gerardo-navarro (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/ArgumentAlignment offenses 25 by @gauravmarwal (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 17 offenses by @archish27 (merge request)
- Removes database migrations up to 16-2-stable-ee (merge request)
- Refactor "(s)" in quick actions (merge request)
- Protected packages: Scope feature flag check to project by @gerardo-navarro (merge request)
- Drop duplicate index on p_ci_runner_machine_builds (merge request)
- Fix Layout/MultilineOperationIndentation 2 offenses by @archish27 (merge request)
- Remove resolve_all_organization_groups feature flag (merge request)
- Quarantine a flaky test (merge request)
- Drop unused index on ci_pipelines_config (merge request)
- Fix Layout/SpaceInLambdaLiteral 3 offenses by @archish27 (merge request)
- Enable
webui_members_inherited_users feature flag by default (merge request)
- Fix Layout/ArgumentAlignment offenses 30 by @gauravmarwal (merge request)
- Docs: Update default auth_redirect_uri (merge request)
- Remove ci_create_partitions_102 feature flag (merge request)
- Remove duplicated index from abuse_reports (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove useless method from Issuable::DestroyService by @zzaakiirr (merge request)
- Fix workhorse linter warnings (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add new invite_email column index on members for new query (merge request)
- Remove duplicated index from board_group_recent_visits (merge request)
- Allow CORS for /oauth/token/info (merge request)
- Fix Layout/ArgumentAlignment offenses 23 by @gauravmarwal (merge request)
- Fix Layout/SpaceInsideParens offenses 5 by @archish27 (merge request) GitLab Enterprise Edition
- Track redirection counts within a Redis pipeline (merge request)
- Fix Layout/SpaceInsideParens offenses 2 by @archish27 (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Fix Layout/ArgumentAlignment offenses 31 by @gauravmarwal (merge request)
- Use Gitlab::Redis::ClusterUtil in redis cache store patch (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Add icon to issues on child epics when filtering epics (merge request) GitLab Enterprise Edition
- Remove cron job details for CreateEmptyEmbeddingsRecordsWorker (merge request)
- Fix Layout/ArgumentAlignment offenses 2 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 21 by @gauravmarwal (merge request)
- Mark 20230415500000 MigrateWikisToSeparateIndex migration as obsolete (merge request) GitLab Enterprise Edition
- Mark AddHashedRootNamespaceIdToIssues as obsolete (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 14 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 19 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 29 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 8 by @gauravmarwal (merge request)
- Add specs for Gitlab::VulnerabilityScanning::SecurityScanner by @jzeng88 (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove FF check when creating synced work items (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 13 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 6 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 18 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 27 by @gauravmarwal (merge request)
- Fix Layout/LineContinuationLeadingSpace 4 offenses by @archish27 (merge request)
- Schedule async indexes (merge request)
- Release FF environment_stop_actions_include_all_finished_deployments (merge request)
- Remove obsolete Advanced search migrations (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceBeforeBlockBraces Layout/TrailingWhitespace offenses by @archish27 (merge request)
- Fix Layout/SpaceInsideParens offenses 1 by @archish27 (merge request)
- Add and backfill project_id for approval_merge_request_rule_sources (merge request)
- Move emails_disabled inversion to REST API (merge request)
- Mark 20230320011400 AddHashedRootNamespaceIdToCommits as obsolete (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Remove duplicated code from MirrorsController#update (merge request) GitLab Enterprise Edition
- Remove unused code from MergeRequest model (merge request)
- Rubocop: Fixes warning for GraphQL/resolver_method_length by @nwittstruck (merge request)
- Add trigger function reset (merge request)
- Finalize migration BackfillHasRemediationsOfVulnerabilityReads (merge request)
- Add sharding key tracking issues for Threat Insights (merge request)
- Update trigger function for merge_request_metrics (merge request)
- Populate Ci::Partition first record (merge request)
- Remove MR locked state index synchronously (merge request)
- Fix Layout/MultilineOperationIndentation 5 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousRegexpLiteral 6 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousRegexpLiteral 5 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousRegexpLiteral 3 offenses by @archish27 (merge request)
- Fix Lint/AmbiguousRegexpLiteral 1 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInLambdaLiteral 18 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 15 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInLambdaLiteral 13 offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInLambdaLiteral 10 offenses by @archish27 (merge request)
- Fix Layout/SpaceInLambdaLiteral 1 offenses by @archish27 (merge request)
- Fix Lint/SymbolConversion 9 offenses by @archish27 (merge request)
- Fix Lint/SymbolConversion 7 offenses by @archish27 (merge request)
- Fix Lint/SymbolConversion 2 offenses by @archish27 (merge request) GitLab Enterprise Edition
- docs: Add missing access levels for
minimum_access_level_for_x fields by @gerardo-navarro (merge request)
- Fix Layout/ArgumentAlignment offenses 28 by @gauravmarwal (merge request)
- Use Pajamas input for approval count (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 26 by @gauravmarwal (merge request)
- Initial commit of
bounded_contexts.yml file (merge request)
- Fix Lint/AmbiguousOperatorPrecedence 7 offenses by @archish27 (merge request)
- Fix Layout/ArgumentAlignment offenses 22 by @gauravmarwal (merge request)
- Mark BackfillWikiPermissionsInMainIndex search migration as obsolete (merge request) GitLab Enterprise Edition
- Fix Rails/NegateInclude 1 by @archish27 (merge request) GitLab Enterprise Edition
- Switch merge_request_metrics pipeline_id to bigint (merge request)
- Fix Layout/ArgumentAlignment offenses 20 by @gauravmarwal (merge request)
- Switch merge_trains pipeline_id to bigint (merge request)
- Lint fixes OrAssignmentToConstant RedundantStringCoercion EnvMocking by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 17 by @gauravmarwal (merge request)
- Update epic deletion confirmation (merge request)
- Fix Layout/ArgumentAlignment offenses 15 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 12 by @gauravmarwal (merge request)
- Mark 20230325200700 search migration as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230321202400 search migration as obsolete (merge request) GitLab Enterprise Edition
- Mark 20230321091100 search migration as obsolete (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 10 by @gauravmarwal (merge request)
- Mark 20230316150000 search migration as obsolete (merge request) GitLab Enterprise Edition
- Fix Layout/ArgumentAlignment offenses 7 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 5 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses 3 by @gauravmarwal (merge request)
- Fix Layout/ArgumentAlignment offenses by @gauravmarwal (merge request)
- Fix Style/RedundantInterpolation offenses by @archish27 (merge request)
- Fix Layout/SpaceInsideBlockBraces offenses by @gauravmarwal (merge request)
- Add Sidekiq shard-awareness validator (merge request) GitLab Enterprise Edition
- Quarantine a flaky test (merge request)
- Allow MultiStore to be initialised with Redis clients (merge request)
- Add and backfill project_id for wiki_repository_states (merge request)
- Fix Layout/HashAlignment Layout/LeadingCommentSpace offenses by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/LineContinuationLeadingSpace 2 by @archish27 (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInsideParens offenses 7 by @archish27 (merge request) GitLab Enterprise Edition
- Delete FF (merge request)
- Use Pajamas components for approval password form (merge request) GitLab Enterprise Edition
- Fix Layout/SpaceInsideParens offenses 3 by @archish27 (merge request)
- Remove container_scanning_continuous_vulnerability_scans flag (merge request)
- Remove ExtractsPath module from ProjectsController (merge request)
- Fix Layout/LeadingCommentSpace offenses by @archish27 (merge request)
- Clean up linked_work_items feature flag (merge request)
- Mark 20230307102400 advanced search migration as obsolete (merge request) GitLab Enterprise Edition
- Update Pages without wildcard DNS docs (merge request)
- Fix Style/HashAsLastArrayItem Offenses (merge request)
- Remove a MR index with state_id, iid synchronously (merge request)
- Include itemprop attribute in project avatar component by @espadav8 (merge request)
- Draft: Add sharding key tracking issues for design_management (merge request)
- Fix Lin/AmbiguousRange Offenses (merge request)
- Fix RSpec/HooksBeforeExamples Offenses (merge request)
- Change maxWorkers configuration (merge request)
- Add DEV flag for jest (merge request)
- Protected containers: Use service response shared examples in tests by @gerardo-navarro (merge request)
- Swap packages_build_infos pipeline_id to bigint (merge request)
- Swap vulnerability_feedback pipeline_id to bigint (merge request)
- Add JSON validation spec for zoekt/node.rb by @jzeng88 (merge request) GitLab Enterprise Edition
- Finalize migration BackfillHasMergeRequestOfVulnerabilityReads (merge request)
- Apply Sidekiq sharding router to Sidekiq::Job::Setter (merge request)
- Remove the temporary patch for "listing commits failed" error (merge request)
- Fix warning by adding feature category to pipeline specs by @b310-jannik (merge request)
- refactor: Rename names of attributes related to access levels by @gerardo-navarro (merge request)
- Add desired sharding keys for metrics (merge request)
- Update MAX_RUN_TIME to match max HTTP request time (merge request) GitLab Enterprise Edition
- Add and backfill namespace_id for work_item_parent_links (merge request)
- Add and backfill project_id for workspace_variables (merge request)
- Remove create_vulnerability_jira_issue_via_graphql feature flag (merge request) GitLab Enterprise Edition
- Remove feature flag for custom webhook templates by @kevin.gosa (merge request)
- Revert "Merge branch '434291-refactor-pat-policy' into 'master'" (merge request)
- Remove custom_webhook_headers feature flag by @Taucher2003 (merge request)
- Quarantine a flaky test (merge request)
- Remove
group_user_saml feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Introduce service "RemoteMirrors::CreateService" (merge request) GitLab Enterprise Edition
- Release FF link_fast_forward_merge_requests_to_deployment (merge request)
- Cleanup add_policy_approvers_to_rules feature flag (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Quarantine a flaky test (merge request)
- Remove
inputs from catalog_resource_components (merge request)
- Add relaxed sharding keys for runner (merge request)
- Quarantine a flaky test (merge request)
- Include psudonymised user id into X Ray scan req (merge request) GitLab Enterprise Edition
- Migrate self-managed custom roles to the instance-level roles (merge request)
- Feature cleanup flag wiki_content_background_job by @ivantedja (merge request)
16.11.10 through 16.0.0
15.11.13 through 15.0.0
14.10.5 through 14.0.0
13.12.15 through 13.0.0
12.10.14 through 12.0.0
11.11.8 through 11.0.0
10.8.6 through 10.0.0
9.5.10 through 0.8.0