Open Source News + Security Updates
This week, read about:
Podman and Buildah Vulnerability CVE-2024-1753
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
Angular 17.3.1
COMPILER
COMPILER-CLI
Apache Artemis 2.33.0
Bugs Fixed:
- ARTEMIS-4187 - SizeAwareMetric attribute inconsistency
- ARTEMIS-4527 - Redistributor race when consumerCount reaches 0 in cluster
- ARTEMIS-4532 - MQTT-to-core wildcard conversion is broken
- ARTEMIS-4585 - Mirror may fail with previously created SNF queues if metrics plugin is in use
- ARTEMIS-4588 - Queue Federation and large messages move slowdown
- ARTEMIS-4626 - AMQP Federation demand tracking can overcount demand
- ARTEMIS-4629 - Core bridge configuration validation errors
- ARTEMIS-4638 - Remove bashism from install validation script
- ARTEMIS-4639 - Artemis Cluster and NullpointerException in “sending topology”
- ARTEMIS-4642 - AMQP Federation demand tracking can under count demand in some narrow cases
- ARTEMIS-4646 - Unacknowledged MQTT message ID is reused after ID generator wraparound
- ARTEMIS-4647 - Use specified call-timeout on backup connector
- ARTEMIS-4649 - STOMP message IDs are not unique when same message is received on multiple subscriptions
- ARTEMIS-4652 - Rollback of XAResource implementation should never return XA_RETRY
- ARTEMIS-4664 - autoCreatedResource can get removed while receiving batch of messages
- ARTEMIS-4668 - Move AMQP Large Message File Handling away from Netty thread
- ARTEMIS-4670 - Slow performance with Core large messages and JDBC
- ARTEMIS-4676 - Use ActionContext consistently for logging in CLI commands
- ARTEMIS-4677 - Validate AutoCreate queues with Mirroring and Clustering
- ARTEMIS-4678 - JDBC User and password is not used by CLI Exporter
- ARTEMIS-4682 - JDBC Storage slow to reboot the server
- ARTEMIS-4684 - Internal queues should not have message redistributed
- ARTEMIS-4687 - Concurrent use of DocumentBuilder breaking Xpath filtering
- ARTEMIS-4689 - Import command should accept URL
- ARTEMIS-4691 - AMQ212037 warning when closing any in-vm connection
- ARTEMIS-4695 - Fix a few bugs found via static analysis
New Features:
- ARTEMIS-4648 - Support typed properties on CLI producer
- ARTEMIS-4650 - CLI command PWD showing current folders.
Improvements:
- ARTEMIS-1230 - Create Maven Bill of Materials (BOM)
- ARTEMIS-4579 - Add the FirstMessage API for scheduled messages
- ARTEMIS-4582 - add view and edit permissions to extend security-settings rbac for management operations
- ARTEMIS-4586 - Auto reload web binding SSL stores on change
- ARTEMIS-4587 - Config security setting plugins by using broker properties
- ARTEMIS-4627 - Oracle tests now can use publicly “maven central” available JDBC drivers.
- ARTEMIS-4637 - Allow unordered xml conf elements for clusters and bridges
- ARTEMIS-4641 - Allow AMQP federation to recover from missing or removed resources
- ARTEMIS-4651 - Performance improvements on Mirror and Paging
- ARTEMIS-4653 - AMQP Federation should apply queue consumer filters for demand
- ARTEMIS-4655 - Report logging metrics
- ARTEMIS-4657 - Support better correlation ID compatibility between JMS clients
- ARTEMIS-4658 - AMQP Federation should prevent reflection of multicast messages between nodes
- ARTEMIS-4679 - Config HA policy by using broker properties
- ARTEMIS-4686 - Reduce number of FilterImpl instances
- ARTEMIS-4690 - Remove deprecated StorageManager.addAddressSettings from codebase.
- ARTEMIS-4693 - Improve XPath filter performance
Tasks:
- ARTEMIS-4559 - Refactor HA docs & code/module naming
- ARTEMIS-4583 - remove artemis-server module test-jar, do some related cleanup
- ARTEMIS-4589 - consolidate utility code and remove test-jar usages within tests/ subtree
- ARTEMIS-4592 - Detect possible dependency updates
- ARTEMIS-4601 - Remove OpenTelemetry deps from main pom
- ARTEMIS-4640 - move extension added to aid ‘offline’ maven usage into a profile
- ARTEMIS-4644 - convert some broker-connection tests to use test peer
- ARTEMIS-4645 - Update AMQP broker connection tests to use better connector names
- ARTEMIS-4656 - Remove superfluous artemis-spring-integration module
- ARTEMIS-4665 - Fix intermittent failures in a few AMQP federation tests
- ARTEMIS-4669 - Clarify Large Messages around StorageManager usage
- ARTEMIS-4683 - Add additional examples for AMQP federation
Dependency Upgrades:
- ARTEMIS-4591 - Upgrade Netty to 4.1.106.Final
- ARTEMIS-4593 - Upgrade Caffeine to 3.1.8
- ARTEMIS-4594 - Upgrade Error Prone to 2.24.1
- ARTEMIS-4595 - Upgrade Guava to 33.0.0-jre
- ARTEMIS-4596 - Upgrade Commons Codec to 1.16.0
- ARTEMIS-4597 - Upgrade Commons IO to 2.15.1
- ARTEMIS-4598 - Upgrade Commons Logging to 1.3.0
- ARTEMIS-4599 - Upgrade PEM Keystore to 2.3.0
- ARTEMIS-4600 - Upgrade Micrometer to 1.12.2
- ARTEMIS-4602 - Upgrade Jetty to 10.0.20
- ARTEMIS-4603 - Upgrade JavaCC to 7.0.13
- ARTEMIS-4604 - Upgrade Commons DBCP2 to 2.11.0 and Commons Pool to 2.12.0
- ARTEMIS-4605 - Upgrade Commons Lang to 3.14.0
- ARTEMIS-4606 - Upgrade Commons Text to 1.11.0
- ARTEMIS-4607 - Upgrade Curator to 5.6.0
- ARTEMIS-4608 - Upgrade Derby to 10.15.2.0
- ARTEMIS-4609 - Upgrade Log4j to 2.22.1
- ARTEMIS-4610 - Upgrade ZooKeeper to 3.9.1
- ARTEMIS-4611 - Upgrade BouncyCastle to 1.77
- ARTEMIS-4612 - Upgrade EasyMock to 5.2.0
- ARTEMIS-4613 - Upgrade Jansi to 2.4.1
- ARTEMIS-4614 - Upgrade Jacoco to 0.8.11
- ARTEMIS-4615 - Upgrade JCTools to 4.0.2
- ARTEMIS-4616 - Upgrade JGroups to 5.3.2.Final
- ARTEMIS-4617 - Upgrade JLine to 3.25.1
- ARTEMIS-4618 - Upgrade JUnit to 5.10.1
- ARTEMIS-4619 - Upgrade Mockito to 5.10.0
- ARTEMIS-4620 - Upgrade OWASP to 9.0.9
- ARTEMIS-4621 - Upgrade PostgreSQL to 42.7.2
- ARTEMIS-4622 - Upgrade Selenium to 4.17.0
- ARTEMIS-4623 - Upgrade SLF4J to 2.0.11
- ARTEMIS-4624 - Upgrade TestContainers to 1.19.4
- ARTEMIS-4631 - Upgrade Spring to 5.3.33
- ARTEMIS-4632 - Upgrade Apache HTTP Client to 4.5.14
- ARTEMIS-4633 - Upgrade Apache HTTP Core to 4.4.16
- ARTEMIS-4634 - Upgrade Maven Plugin Annotations to 3.11.0
- ARTEMIS-4635 - Upgrade Arquillian & Weld dependencies
- ARTEMIS-4636 - Upgrade OpenWebBeans to 2.0.27
- ARTEMIS-4672 - Upgrade Netty to 4.107.Final
Docker Compose v2.26.0
What's Changed
Fixes:
Improvements:
Internal:
ETC-D v3.4.31
etcd server:
- Add [mvcc: print backend database size and size in use in compaction logs](https://github.com/etcd-io/etcd/pull/17436).
- Fix leases wrongly revoked by the leader by [ignoring old leader's leases revoking request](https://github.com/etcd-io/etcd/pull/17465).
- Fix [no progress notification being sent for watch that doesn't get any events](https://github.com/etcd-io/etcd/pull/17567).
- Fix [watch event loss after compaction](https://github.com/etcd-io/etcd/pull/17610).
Package `clientv3`:
- Add [client backoff and retry config options](https://github.com/etcd-io/etcd/pull/17369).
Dependencies:
- Upgrade [bbolt to 1.3.9](https://github.com/etcd-io/etcd/pull/17484).
- Compile binaries using [go 1.21.8](https://github.com/etcd-io/etcd/pull/17538).
- Upgrade [google.golang.org/protobuf to v1.33.0 to address CVE-2024-24786](https://github.com/etcd-io/etcd/pull/17554).
Others:
- [Make CGO_ENABLED configurable](https://github.com/etcd-io/etcd/pull/17422).
Fluentd 1.16.4
Bug Fix:
chunk bytes limit exceeds
errors are occurred.rotate_wait
state not being managed.Misc:
Gitlab v16.10.0
Added (115 changes)
- [Add drawer to list of linked policies](gitlab-org/gitlab@218016c38801cfeac1308385097dcd760182a378) ([merge request](gitlab-org/gitlab!147039)) **GitLab Enterprise Edition**
- [Command palette default opening state - part 3](gitlab-org/gitlab@a51d07342e3a7dc4da56ec84efec5191d8663640) ([merge request](gitlab-org/gitlab!142816))
- [Expose repository object format via GitInfo](gitlab-org/gitlab@4947d2c17a7118e392312f9d31fcf7c6799577e3) ([merge request](gitlab-org/gitlab!146485))
- [Add deprecated_policy field for approval policies](gitlab-org/gitlab@2e332564e7148343db00f79a4caafe672e206c87) ([merge request](gitlab-org/gitlab!146520))
- [Add approval rules drawer component](gitlab-org/gitlab@51b30ac3d7bb61ab5f43fc87a322560ea0167238) ([merge request](gitlab-org/gitlab!146502)) **GitLab Enterprise Edition**
- [Expose external issue links to Vulnerabilities if any](gitlab-org/gitlab@7a8d63cd7660e3bc2dcc1de307f556549c137876) ([merge request](gitlab-org/gitlab!146149)) **GitLab Enterprise Edition**
- [Add table to track CI component usage](gitlab-org/gitlab@3372a7566bfe2b0bea000e48fd0bffbaffb2db45) ([merge request](gitlab-org/gitlab!145881))
- [Add Pages URL anchor](gitlab-org/gitlab@6d5023141d9597087ffd353a2794102e52ec5e09) ([merge request](gitlab-org/gitlab!144281))
- [Update Jira::JqlBuilderService to support multiple project keys](gitlab-org/gitlab@4da23ca620a7219a43c81170496ef99ebc989efd) ([merge request](gitlab-org/gitlab!146916))
- [Add new achievement UI](gitlab-org/gitlab@a4bcf4e181d1458f8bcb504de2d7e95ee3a4136e) ([merge request](gitlab-org/gitlab!146273))
- [Protected containers: GraphQL query for container protection rules](gitlab-org/gitlab@1a773182a248eb646affd5334c6a6e1182828345) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146467))
- [Add runner creation metrics](gitlab-org/gitlab@dc17b7ad19792592b2e9078e49755a5da3356bc6) ([merge request](gitlab-org/gitlab!146063)) **GitLab Enterprise Edition**
- [Allow to enable/disable ClickHouse for analytics](gitlab-org/gitlab@f025888da096cace95cf86d5d20f3a52e0691eaa) ([merge request](gitlab-org/gitlab!145022)) **GitLab Enterprise Edition**
- [Adds Destroy action to delete models](gitlab-org/gitlab@1e487f60a57924b9c7dcbb1503af5e7478781a3a) ([merge request](gitlab-org/gitlab!144226))
- [Added event type filters for group audit event destinations](gitlab-org/gitlab@67cb59d71542f90b1e1fc62295747814fc16dd0c) ([merge request](gitlab-org/gitlab!144139)) **GitLab Enterprise Edition**
- [This MR adds alert banner](gitlab-org/gitlab@4d9836b4900ab7540c64e766ad6c18c0e9ce7011) ([merge request](gitlab-org/gitlab!146709)) **GitLab Enterprise Edition**
- [Create partitioned merge_request_diff_commits copy](gitlab-org/gitlab@1efd0bb9ea849e189d39940d0cd9a8878e20bf63) ([merge request](gitlab-org/gitlab!143869))
- [Allow toggling duo_features_enabled settings via REST API](gitlab-org/gitlab@8f960b374aea97fda31a3a2159ef26bb71e05bdd) ([merge request](gitlab-org/gitlab!146582)) **GitLab Enterprise Edition**
- [Document runner long polling configuration](gitlab-org/gitlab@4dbcfba63217807106534d88039015e07775cab9) ([merge request](gitlab-org/gitlab!146701))
- [Prepare async indices for dependency list aggregations](gitlab-org/gitlab@3d87873acd137f1610229114db9854c7ceeb3e68) ([merge request](gitlab-org/gitlab!146650))
- [Add GitHub integration's logo](gitlab-org/gitlab@bd5d604b677a23eac4a8d59ec99bdae991d81042) ([merge request](gitlab-org/gitlab!146614)) **GitLab Enterprise Edition**
- [Add Cloud Connector docs for new backends](gitlab-org/gitlab@8afdf975d407ab3a98d1bce2004366147e0b7b7b) ([merge request](gitlab-org/gitlab!146507))
- [Synchronously add indexes for new `vulnerability_occurrences` cols](gitlab-org/gitlab@fb7b7225e2058029b10d2f2e7b6d7f1f680a87b3) ([merge request](gitlab-org/gitlab!145782))
- [Backfill semvar columns of existing catalog versions](gitlab-org/gitlab@67dfcf8be9ec25bd6f496d36d5349de8da6ad4f4) ([merge request](gitlab-org/gitlab!146688))
- [Allow toggling duo_features_enabled on Groups via GraphQL](gitlab-org/gitlab@30b24fdead5bd9d48bafe9ce7066bb2d5ead14b8) ([merge request](gitlab-org/gitlab!146430)) **GitLab Enterprise Edition**
- [API customizations for service account user](gitlab-org/gitlab@da6541a26e55d761fc434596e6cbba63efd7cfc2) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144841))
- [Add diff_id to diff file links](gitlab-org/gitlab@81dce0361b9bfd951735a942ea40d3c4016dcb4c) ([merge request](gitlab-org/gitlab!146092))
- [Check duo_features_enabled setting by default](gitlab-org/gitlab@09581f30e9a9b9f2b42f3881a9a2d90ca8a1a3b8) ([merge request](gitlab-org/gitlab!146684)) **GitLab Enterprise Edition**
- [Add policy list when editing compliance framework](gitlab-org/gitlab@99fcb973a1e82fc567b1a0fbf7e7e22acf0af8b8) ([merge request](gitlab-org/gitlab!145312)) **GitLab Enterprise Edition**
- [Backfill has_issues for Vulnerability::Read rows with ExternalIssueLink](gitlab-org/gitlab@28ca07fe271a711692f7ac207118cf3309966140) ([merge request](gitlab-org/gitlab!146643))
- [Remove "dynamic_empty_tree_id" feature flag](gitlab-org/gitlab@f349b74184b4d5ab34c4da4262e4ba91894ba2b5) ([merge request](gitlab-org/gitlab!146609))
- [Adds /convert_to_ticket quick action](gitlab-org/gitlab@3bbe37bd14f9b3fa340f0b54e20a50e889b5f225) ([merge request](gitlab-org/gitlab!146492))
- [Adds activity page to Organization level](gitlab-org/gitlab@65045809d2d1a55942b5190dcdcc117e1ea6e665) ([merge request](gitlab-org/gitlab!146167))
- [Backfill archived and traversal_ids for vulnerability_reads](gitlab-org/gitlab@f032f04cc32f9d80688ac1192cc540c9c4d9962e) ([merge request](gitlab-org/gitlab!144765))
- [Cloud Connector: support extra claims in JWT](gitlab-org/gitlab@32202b2c6e104b239d2600ceee18b06a966f5406) ([merge request](gitlab-org/gitlab!146172)) **GitLab Enterprise Edition**
- [Add visibility filter in groups API](gitlab-org/gitlab@7f9aaa608595edbff92111607efbd6320ccd44b9) by @imskr ([merge request](gitlab-org/gitlab!146263))
- [Update JiraConnect app_descriptor](gitlab-org/gitlab@404abd1fc8fa1a620d60ef97df08024105fe35e9) ([merge request](gitlab-org/gitlab!142316))
- [Add user permission type for finding](gitlab-org/gitlab@41d142f4c6fc896f2849dddde18e61a14db9a312) ([merge request](gitlab-org/gitlab!144295)) **GitLab Enterprise Edition**
- [[Ban AI] Audit duo_features_enabled changes](gitlab-org/gitlab@dc3e1c3ed1bb7ccaf1f69877ff7586da6815f22a) ([merge request](gitlab-org/gitlab!145509)) **GitLab Enterprise Edition**
- [Add application limit on downstream pipelines](gitlab-org/gitlab@7dc888ebd2d890c70146079dfbe5bc7903953617) ([merge request](gitlab-org/gitlab!146112))
- [Show admin mode within active sessions view](gitlab-org/gitlab@5ea5889f554f334b54f9bd46f86401bceabb38ab) by @bufferoverflow ([merge request](gitlab-org/gitlab!145523))
- [Add support for templates in wikis](gitlab-org/gitlab@d469211260979df568fb488ea2cc202075071521) ([merge request](gitlab-org/gitlab!143314))
- [Add filter support for enterprise in GraphQL group members](gitlab-org/gitlab@1489b6e9b5fc89d3705308183afb3851913a6162) by @imskr ([merge request](gitlab-org/gitlab!145331))
- [Add service to send Arkose truth data](gitlab-org/gitlab@f3bbe9f5cc7781a6e7d9a30866125afb4b9e85db) ([merge request](gitlab-org/gitlab!145314))
- [Add php support for semgrep](gitlab-org/gitlab@cbb5b12d96def6ef5ef4d7029a96d24c1efb2fd6) ([merge request](gitlab-org/gitlab!143472))
- [Adds logo for DroneCI integration](gitlab-org/gitlab@3d856ecb91792afa226f5a189575261eae2638b6) ([merge request](gitlab-org/gitlab!146046))
- [Remove WIP feature flag](gitlab-org/gitlab@565d5f2aa37d75faa59fd1e737e5b2c9717f5e0b) ([merge request](gitlab-org/gitlab!146211)) **GitLab Enterprise Edition**
- [Add `initial` & `latest` pipeline IDs to `vulnerability_occurrences`](gitlab-org/gitlab@cd1bfa6961c32e265f91c3ba657c6697ad3c301b) ([merge request](gitlab-org/gitlab!144697))
- [Add Remove Group custom ability](gitlab-org/gitlab@627346a084944547289326590b19769f887412dd) ([merge request](gitlab-org/gitlab!145166)) **GitLab Enterprise Edition**
- [Add support for sorting GET /groups/:id/projects by star count](gitlab-org/gitlab@7463ec4e59365c06bd7907c6f02a3bb1b81c9cd0) by @imskr ([merge request](gitlab-org/gitlab!145308))
- [Configurable session cookie token prefix](gitlab-org/gitlab@3bae157050215d0b975c195c755905abc9dfeda0) ([merge request](gitlab-org/gitlab!145178))
- [Add CI_COMPONENT_FQDN variable and usage instructions](gitlab-org/gitlab@ae9f265a8f7cb4fcecccd550f9751861987abd04) ([merge request](gitlab-org/gitlab!145950))
- [Add table to support new group-agent authorization strategy for RD](gitlab-org/gitlab@23a95b2769cb26478cc989aa00c5e153c9c5d0be) ([merge request](gitlab-org/gitlab!145101))
- [feat: Protected packages: Update protection rules in project settings ui](gitlab-org/gitlab@22769e8b79e976f172d5a85df2eea7c30f9ee303) by @gerardo-navarro ([merge request](gitlab-org/gitlab!141792))
- [Expose groups and projects allow list counters on graphQL](gitlab-org/gitlab@534f1dadc8129774ac3fe2965971c6f83539d7a8) ([merge request](gitlab-org/gitlab!145067))
- [Add time tracking widget to the work item update mutation](gitlab-org/gitlab@e2d808d2f668e64ba9b02e41ecd07bbcf5a5885d) ([merge request](gitlab-org/gitlab!145146))
- [Show target branch of MRs in Global Search](gitlab-org/gitlab@44a47b5f1d72b0f390bdef005b4393613220c758) by @santigl ([merge request](gitlab-org/gitlab!145849))
- [Add at least one approval by non author SOC 2 adherence check](gitlab-org/gitlab@33b9f8c00d4843d1403a908081dd416bb2bfe80a) ([merge request](gitlab-org/gitlab!145302)) **GitLab Enterprise Edition**
- [Add occupies_seat column to member_roles table](gitlab-org/gitlab@918cc302556394795be586125f4b8a84ccc63255) ([merge request](gitlab-org/gitlab!143911)) **GitLab Enterprise Edition**
- [Add REST API to fetch project's groups allowlist](gitlab-org/gitlab@84e9f297b0cdc02a7a47a35debe062cab04c269f) ([merge request](gitlab-org/gitlab!145069))
- [Add starrers_path to Catalog::ResourceType](gitlab-org/gitlab@9693fc338b17876112599fc27b1869f1f72e2daa) ([merge request](gitlab-org/gitlab!145937))
- [Added documentation for workflow:auto_cancel:on_job_failure](gitlab-org/gitlab@f822691e9082800dda1150814b96bb7c2e5d50bd) by @zillemarco ([merge request](gitlab-org/gitlab!145709))
- [Add new checkbox for optional data in service ping](gitlab-org/gitlab@51a6985a9ba587e0f6a970595257d218f4eff7b4) ([merge request](gitlab-org/gitlab!141540))
- [Display message when git rate limited by failed auth attempts](gitlab-org/gitlab@0c6b22efc24069741349ee0411d06c97749b27fe) ([merge request](gitlab-org/gitlab!145624))
- [Add new generic worker to handle auto merges from events](gitlab-org/gitlab@c8d7ec7f16b10b4b33ab6cd60bde982238397ab2) ([merge request](gitlab-org/gitlab!145460))
- [This MR adds policy scope on project level](gitlab-org/gitlab@7a4df91eef1dc726024f52e005c7db8757ba9481) ([merge request](gitlab-org/gitlab!143877)) **GitLab Enterprise Edition**
- [Remove ci_data_ingestion_to_click_house feature flag](gitlab-org/gitlab@8dd9fe00ae6b56664c086f83a4f81518a0f99e92) ([merge request](gitlab-org/gitlab!145665))
- [Remove run_clickhouse_migrations_automatically feature flag](gitlab-org/gitlab@7173726fdf9f309f4a692415a3df091e118cabdd) ([merge request](gitlab-org/gitlab!145668))
- [Added code to queue member promotion request](gitlab-org/gitlab@e61033ad415476d4c2ebe9ab63b1b98edfa3b443) ([merge request](gitlab-org/gitlab!142202)) **GitLab Enterprise Edition**
- [Add deployments_count field](gitlab-org/gitlab@3f0759518670a098e2c142a78f74d5ca218b4715) ([merge request](gitlab-org/gitlab!145320))
- [Copy VSA query params to issue analytics link](gitlab-org/gitlab@4ab125b9f80b7d0734256adbc50004b3f363b725) ([merge request](gitlab-org/gitlab!145496)) **GitLab Enterprise Edition**
- [Add ops flag to disable cookie-based language switcher](gitlab-org/gitlab@2b891f71abd03ffb1ad52e19eb15505d6b60ba96) ([merge request](gitlab-org/gitlab!144484))
- [Added first part of the command palete update - part 2](gitlab-org/gitlab@85cfd7f1dd1ae5d5fc3c011748d43ee5f2ba6893) ([merge request](gitlab-org/gitlab!141256))
- [Add an avatar to security policy bot](gitlab-org/gitlab@948d1602cad9d38464162b61bf5e2357678c4298) ([merge request](gitlab-org/gitlab!145423)) **GitLab Enterprise Edition**
- [Add yaml_error_messages graphql field](gitlab-org/gitlab@90de1d0c38c4e07d017a79b705ce1e62fec9c9f8) ([merge request](gitlab-org/gitlab!145327))
- [Add VSA aggregation status to GraphQL](gitlab-org/gitlab@875ba7de9ecaf52239000d3ea52406f3b232514a) ([merge request](gitlab-org/gitlab!144961)) **GitLab Enterprise Edition**
- [Add ops FF to reduce the export batch size](gitlab-org/gitlab@b85c99b7982ca94b03416bee2f8ad2b6a313a906) ([merge request](gitlab-org/gitlab!145189))
- [Add Cloud Connector developer docs](gitlab-org/gitlab@33714cfd2ab38b440903e5545b4b0672423cfd9f) ([merge request](gitlab-org/gitlab!142426))
- [Add endpoint to update group approval rules](gitlab-org/gitlab@526caa76c9b984eafa9f69b00f4c449ceeea9e34) ([merge request](gitlab-org/gitlab!144927)) **GitLab Enterprise Edition**
- [Default enable collapse_generated_diff_files feature](gitlab-org/gitlab@5134fbf13ff9fe1fa5025bba8f97842371c039ea) ([merge request](gitlab-org/gitlab!145100))
- [Add option to sort ciCatalogResources by star count](gitlab-org/gitlab@54a1a80598d40ed4a642fffc80680f1a384c40f5) ([merge request](gitlab-org/gitlab!145351))
- [Add duo_features_enabled cascading setting](gitlab-org/gitlab@08b0a643cde3a0bb7bcfee114bdbf9b2afe8131c) ([merge request](gitlab-org/gitlab!144931)) **GitLab Enterprise Edition**
- [Bulk ingest archived and traversal_ids values for security reports](gitlab-org/gitlab@08f4b9c2b680d7bde0303186de589191c09bb1f1) ([merge request](gitlab-org/gitlab!144618)) **GitLab Enterprise Edition**
- [Add parallel_project_export feature flag](gitlab-org/gitlab@1209339688c917a967877e89fa5c591f4d22e01f) ([merge request](gitlab-org/gitlab!145165))
- [Update denoramlized vuln read archived when projects are archived](gitlab-org/gitlab@529826c7bb117cb6ccee4cd4952cc3207fe48736) ([merge request](gitlab-org/gitlab!144455)) **GitLab Enterprise Edition**
- [Prepare issues table to backfill work items for epics](gitlab-org/gitlab@b1cfb979498102d1261081f24cc844e0235909b6) ([merge request](gitlab-org/gitlab!145124))
- [Keep showing create issue loading spinner while redirecting](gitlab-org/gitlab@0929a192c02d5f3d8c7301d8a18021fa805b2a05) ([merge request](gitlab-org/gitlab!144991)) **GitLab Enterprise Edition**
- [Purge old `security_scans` records on self-hosted installations](gitlab-org/gitlab@1ee7388709bbc8d5450164bbb60708613633a64a) ([merge request](gitlab-org/gitlab!144456))
- [Add custom payload template to webhooks](gitlab-org/gitlab@f8cfcb4fc3425636f4aede663078ae2caa503969) by @Taucher2003 ([merge request](gitlab-org/gitlab!142738))
- [Adds association count on organization level](gitlab-org/gitlab@d88c728d00ac23636b3a9c42bea76cf0e4d4a3d8) ([merge request](gitlab-org/gitlab!144726))
- [Add migration to add count fields to projects](gitlab-org/gitlab@ca9ba8a38fe0abbc19803729d1c8ad935ce6705e) ([merge request](gitlab-org/gitlab!144557)) **GitLab Enterprise Edition**
- [Add metrics for keep-around ref creation](gitlab-org/gitlab@de7031379b6ddc73934261b6f4a478e7947cfa8b) ([merge request](gitlab-org/gitlab!144809))
- [Add remove_child quick action for work items](gitlab-org/gitlab@d4d761fc83660692d39b03c50b7ab2a18417503c) ([merge request](gitlab-org/gitlab!141354))
- [Support job:rules:interruptible in CI config](gitlab-org/gitlab@78bd296182b6a2f1dd38345cbcaf1e7d76e1cacf) ([merge request](gitlab-org/gitlab!144687))
- [Add semantic version validation for catalog versions](gitlab-org/gitlab@8af3ded67da2dade5e090bdf471ca55df59893a0) ([merge request](gitlab-org/gitlab!144052))
- [Adds attribution_notice to Bugzilla integration](gitlab-org/gitlab@966edeabb3eaa40438d4ff69bb7bb997071f69c5) ([merge request](gitlab-org/gitlab!144166))
- [Run security reports ingestion for pipeline blocked with manual jobs](gitlab-org/gitlab@a1c5d4fc156a47702dccdff5812b7e378a433ee9) ([merge request](gitlab-org/gitlab!143046)) **GitLab Enterprise Edition**
- [Add Kubernetes overview on the Environment details page](gitlab-org/gitlab@04addb05c22b46001c798a99068c720215fd1d54) ([merge request](gitlab-org/gitlab!144370))
- [Enable VSA cumulative duration calculation](gitlab-org/gitlab@dfbf02a0b78000ec9d9115b8953ac969f0038e3c) ([merge request](gitlab-org/gitlab!144838)) **GitLab Enterprise Edition**
- [Adds search support to user organizations GraphQL query](gitlab-org/gitlab@116d540354890c4280a59f9b072f980d1080a2dd) ([merge request](gitlab-org/gitlab!144338))
- [Add configuration settings for Arkose client API](gitlab-org/gitlab@2043fe594f2fa16696c6429805108b94224957c0) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144534))
- [WorkItems rolledup dates: make fixed dates nullable on graphql](gitlab-org/gitlab@e402022624f847d31a38b653f6fb383df5ea185a) ([merge request](gitlab-org/gitlab!144451)) **GitLab Enterprise Edition**
- [Add throttling to bulk assignments](gitlab-org/gitlab@13806020f9e3f8f852ae1efc08e09280f14497a3) ([merge request](gitlab-org/gitlab!144745)) **GitLab Enterprise Edition**
- [Reuse existing projects & groups resolvers for Organization](gitlab-org/gitlab@9658c87958a54735b77882e270e2ca07ec54a7c8) ([merge request](gitlab-org/gitlab!144716))
- [Cancel a pipeline when configured to auto cancel on first job failure](gitlab-org/gitlab@88df5f5092e722fa408690fe4a38ebf0b9eb71cb) by @zillemarco ([merge request](gitlab-org/gitlab!141812))
- [feat: Protected packages: Delete protection rules in project settings ui](gitlab-org/gitlab@604002909fa988169c4c847e1e9451f29c5bb1c5) by @gerardo-navarro ([merge request](gitlab-org/gitlab!140483))
- [Replace FKs for p_ci_job_artifacts](gitlab-org/gitlab@01b364b8f0ab992249b3fe0dbc86c53a4964f144) ([merge request](gitlab-org/gitlab!144569))
- [Validate the foreign key & add to routing table upstream_pipeline_id](gitlab-org/gitlab@082ef3ac9bcbfac4d2f6e2d0ffa2bb548452abcf) ([merge request](gitlab-org/gitlab!144418))
- [Sync create indexes and prepare FK for p_ci_builds commit_id](gitlab-org/gitlab@fb679799339293f95cbc897a46fb6a22e08b9db5) ([merge request](gitlab-org/gitlab!144416))
- [Prepare async index for p_ci_builds.runner_id and project_id](gitlab-org/gitlab@569927247f88d04f6743b069f7a23c82b8f12f48) ([merge request](gitlab-org/gitlab!144414))
- [Use built-in multiline block quotes from parser](gitlab-org/gitlab@64fd38a6ebad791151e4e763dc82fead384e60ec) ([merge request](gitlab-org/gitlab!144379))
- [Add application setting for limit of merge request approval policies](gitlab-org/gitlab@381185ae27da69df4f8f29a2722ff9dcf75585ef) ([merge request](gitlab-org/gitlab!143849)) **GitLab Enterprise Edition**
- [Enable project redirect when fetching CI components](gitlab-org/gitlab@02e8ddbc0be5e6f42190be2ef8d23c3fb43fe229) ([merge request](gitlab-org/gitlab!144234))
- [Add the ability to sort findings](gitlab-org/gitlab@21cda12ba051b1c0640f00b9514bffee3575ea5a) ([merge request](gitlab-org/gitlab!142773)) **GitLab Enterprise Edition**
- [Fix WorkItems::RolledupDatesFinder](gitlab-org/gitlab@c590f431e7a1c1b050af83998e0f2eda90d6e698) ([merge request](gitlab-org/gitlab!143853)) **GitLab Enterprise Edition**
Fixed (165 changes):
- [AdvisoryScanner recovers invalid version error](gitlab-org/gitlab@c85021c98817798ca2bf92555dd64f7de7fd70cf) ([merge request](gitlab-org/gitlab!147120)) **GitLab Enterprise Edition**
- [Add rake task to delete orphan artifact objects](gitlab-org/gitlab@e376ab7eba4f8d6fb16277e3c2b3dfd2e8b743b0) ([merge request](gitlab-org/gitlab!146093))
- [Fixed search input at small sizes](gitlab-org/gitlab@b0c6064fc61778f8bf6a578c5e7b7692f5d11ea7) ([merge request](gitlab-org/gitlab!147098))
- [Fix sidebar padding problem for issue lists](gitlab-org/gitlab@e97e31aa24678d314054bf6a2ad400f347b344a6) ([merge request](gitlab-org/gitlab!146954))
- [Fix incorrect dashboards link within onboarding flow](gitlab-org/gitlab@bf7e5046dfca54f7ac631707f7a93d46ad8b6c74) ([merge request](gitlab-org/gitlab!146967)) **GitLab Enterprise Edition**
- [Bulk deletes should respect search_index_all_projects FF](gitlab-org/gitlab@60ab1efa915c5b4f725c126256e9c129aab7f398) ([merge request](gitlab-org/gitlab!146999)) **GitLab Enterprise Edition**
- [Fix links to project issues redirect to wrong server](gitlab-org/gitlab@7d01bf2c60f617bdd56df43486ef12f23bad762e) by @lifez ([merge request](gitlab-org/gitlab!146433))
- [Truncate description and solution when ingesting Vulnerabilities](gitlab-org/gitlab@06391d0dc1b962811746d16f9556d7478eabd41e) ([merge request](gitlab-org/gitlab!146571)) **GitLab Enterprise Edition**
- [Fix a bug when mvn uses the dependency proxy with basic auth](gitlab-org/gitlab@5f517356a06b025239f910fc749775b5011867f4) ([merge request](gitlab-org/gitlab!146665))
- [Fix style problems for issues list on small screen](gitlab-org/gitlab@231127b6356687bf61d06ae25f823b528ba14a7a) ([merge request](gitlab-org/gitlab!146394))
- [Fix Repository analytics commit statistics failing to render](gitlab-org/gitlab@e9ba6a27a4b82c5ef0feae1a3702f2c400c460ed) ([merge request](gitlab-org/gitlab!146675))
- [Allow users to use _EXCLUDED_ANALYZERS variable in SEP](gitlab-org/gitlab@072cf3d3fae6ac9b0d97a0b44120d0833c6bc543) ([merge request](gitlab-org/gitlab!144243)) **GitLab Enterprise Edition**
- [Update pages ci templates - Hexo, Hugo, Hyde](gitlab-org/gitlab@fe427d85e54283b0475cb3116cafdfd3af62e7d3) ([merge request](gitlab-org/gitlab!146050))
- [Design management: Fix overflow of video](gitlab-org/gitlab@1269d6ad2d858b39e39d55dfdb7c8b4d946fac91) ([merge request](gitlab-org/gitlab!146903))
- [Limit security policy project resolver suggestions](gitlab-org/gitlab@cef98dcd59e0eac397c65985ce16a818451685d5) ([merge request](gitlab-org/gitlab!146892)) **GitLab Enterprise Edition**
- [Make sure spinner occupies enough vertical space](gitlab-org/gitlab@176e38e3b5d110433a44f0f0079f8261527b05b6) ([merge request](gitlab-org/gitlab!146535))
- [Issuable sidebar: Improve promotions and hide empty section](gitlab-org/gitlab@4ca9820861522c17264c7afd264f5c08b30b0d5d) ([merge request](gitlab-org/gitlab!146879))
- [Change bootstrap migration reset font weight bold value](gitlab-org/gitlab@c5f730ce559152349e9d0da3a3d14e24649369d9) ([merge request](gitlab-org/gitlab!146872))
- [Prevent mutating line endings](gitlab-org/gitlab@1aaf877acdf90e2aaf693da05851728a45df81ab) ([merge request](gitlab-org/gitlab!137641))
- [Resolve validation failing for theme_id when previous dark mode value 11](gitlab-org/gitlab@4526b9ebac1c98921365c27061b1e80bbb04fc1d) ([merge request](gitlab-org/gitlab!146845))
- [Add exit status when backup fail](gitlab-org/gitlab@d664f5b8d136fdf3005a3fdb4d22bbe6519f6156) by @lifez ([merge request](gitlab-org/gitlab!145943))
- [Clear search input when selecting or deselecting a reviewer](gitlab-org/gitlab@3adcfb3228272b5d995b7a394c96f41b13906042) ([merge request](gitlab-org/gitlab!145247))
- [Refactor Vue shared `SettingsBlock`](gitlab-org/gitlab@877bdbcad632b4e5164393181e44e5cb6a574530) ([merge request](gitlab-org/gitlab!146156)) **GitLab Enterprise Edition**
- [Clarify ambiguous instructions](gitlab-org/gitlab@6453121e844e17f7eca808b9c45a32993e1f0096) ([merge request](gitlab-org/gitlab!142782)) **GitLab Enterprise Edition**
- [Fix encoding error when downloading archive](gitlab-org/gitlab@f974d7b2a4a7485115eef8225851d37ae8ba60cf) ([merge request](gitlab-org/gitlab!146705))
- [Resolve Issue list page size control overlap](gitlab-org/gitlab@2308ffc9fa8895bf938bf1b9cf04fef15834cf99) ([merge request](gitlab-org/gitlab!145848))
- [Fix pagination in wiki pages and templates](gitlab-org/gitlab@c486b3fe6aa3b0ddaafa387009268b89004009fe) ([merge request](gitlab-org/gitlab!146468))
- [Ensure that scan-policies stage is added after .pre](gitlab-org/gitlab@48319b2baee8bbd64a90cd2d60daa914e03d983e) ([merge request](gitlab-org/gitlab!146096)) **GitLab Enterprise Edition**
- [Fix compliance framework graphql query to return correct policies](gitlab-org/gitlab@977713f1fc8ca310fd7c509abcba6d704a5549de) ([merge request](gitlab-org/gitlab!146238)) **GitLab Enterprise Edition**
- [Ensure scope validation only for classic pats](gitlab-org/gitlab@98a42cf48774b1f15e9b8d56ecc6f2e4300887cf) ([merge request](gitlab-org/gitlab!146532))
- [Reload HEAD diff when MR is marked as mergeable](gitlab-org/gitlab@804b8d9ccb92ec1d469fd04338d535eee34aeedc) ([merge request](gitlab-org/gitlab!146604))
- [Fix for avatar cache not clearing on update](gitlab-org/gitlab@4340c5ef62eedf10241e812243a08e85bfe9376c) ([merge request](gitlab-org/gitlab!122639))
- [Fix Issues Analytics first-of-month loading error](gitlab-org/gitlab@8337293db998ed3dca791bc95212f8f1e59381ac) ([merge request](gitlab-org/gitlab!146546)) **GitLab Enterprise Edition**
- [Fix namespace reset](gitlab-org/gitlab@5236a9e83069bd3af4a8baf88229ed8eb1a0dd0d) ([merge request](gitlab-org/gitlab!146540))
- [Prepare push rules for committer email change](gitlab-org/gitlab@19ea246eb99d09ab40a4155e01d101f942caa15e) ([merge request](gitlab-org/gitlab!146335))
- [Empty repo: Hide empty sidebar blocks](gitlab-org/gitlab@4a5bdc76a55db8cc1aabc965cb14d23132b81df5) ([merge request](gitlab-org/gitlab!146462))
- [Fix incorrect audit event name being logged when a user is rejected](gitlab-org/gitlab@472d22ef63d30097100634a5f42f02ad22221b76) ([merge request](gitlab-org/gitlab!146458)) **GitLab Enterprise Edition**
- [Style fixes for board top bar on small screens](gitlab-org/gitlab@94ce27a63db52aa2de4001c1fcf0893b72ea5020) ([merge request](gitlab-org/gitlab!146414)) **GitLab Enterprise Edition**
- [Emoji picker: Fix icon for legacy notes](gitlab-org/gitlab@f7de180b4ed8cca021ce5f83b3262a61621c2d13) ([merge request](gitlab-org/gitlab!146369))
- [Fix policy variables in scheduled pipelines](gitlab-org/gitlab@b091e4f849f6cf68c115504cd0844c2ae87a179c) ([merge request](gitlab-org/gitlab!146064)) **GitLab Enterprise Edition**
- [Enable feature flag "fetch_commits_for_bitbucket_server" by default](gitlab-org/gitlab@fd9256e60c83d23280cad631ca0350f028fe496c) ([merge request](gitlab-org/gitlab!146353))
- [Fix missing require for users development seed](gitlab-org/gitlab@8f6166dbd04aeebbedd23cc152413ab17a53254f) ([merge request](gitlab-org/gitlab!146351))
- [Fix finding modal when dismissed by is null](gitlab-org/gitlab@7be939041e81a5950c86bfacb39f35b86bfd34f8) ([merge request](gitlab-org/gitlab!146193)) **GitLab Enterprise Edition**
- [Fix user having custom role in multiple objects in a hierarchy](gitlab-org/gitlab@2a0fff1e1679df6aa3fae4aec1c9ba2490dfdbd5) ([merge request](gitlab-org/gitlab!144851)) **GitLab Enterprise Edition**
- [Use sentence case for DORA metrics titles](gitlab-org/gitlab@073fd7fcf5ae27dace77811f011258cb48e7c508) ([merge request](gitlab-org/gitlab!145867)) **GitLab Enterprise Edition**
- [Update pipeline_triggers plan limits to 25k for trials and opensource](gitlab-org/gitlab@2cecbcd8b82850f7607b4e9a85e76f50df8f98e1) ([merge request](gitlab-org/gitlab!145846))
- [This MR fixes header for security policies](gitlab-org/gitlab@96eac69ed540c700ac0af6cf4fea989cc7190d07) ([merge request](gitlab-org/gitlab!146277)) **GitLab Enterprise Edition**
- [Change "Create new Value Stream" to "New value Stream"](gitlab-org/gitlab@b0d79d1b864dd793b2f800ed589adab0bf42e358) ([merge request](gitlab-org/gitlab!146248)) **GitLab Enterprise Edition**
- [Fix DiffStatsType encoding error](gitlab-org/gitlab@077f497ee737c0e9615321f80d855afdcd79dc6d) ([merge request](gitlab-org/gitlab!145068))
- [Use user locale to display delimiters and separators in storage usage](gitlab-org/gitlab@d22bf9d9fc411948acf13d466baff2b949670cae) ([merge request](gitlab-org/gitlab!144565)) **GitLab Enterprise Edition**
- [Export & Import diff note's diff file](gitlab-org/gitlab@ab57d9055d0f457e50c3de4127b186574f996ef3) ([merge request](gitlab-org/gitlab!145967))
- [Handle version conflict errors in ElasticDeleteProjectWorker](gitlab-org/gitlab@fd99b56be44bdb74a8886cd2ca378b1fea800c3f) ([merge request](gitlab-org/gitlab!146068)) **GitLab Enterprise Edition**
- [Assignees widget dropdown reordering of selected users](gitlab-org/gitlab@f85f207eb67495cbe9331b555266e52bd100dfc4) ([merge request](gitlab-org/gitlab!145901))
- [Inspect start_branch_name if provided](gitlab-org/gitlab@54cf87270109b7d543f9f1a5c072effe54f5ab6b) ([merge request](gitlab-org/gitlab!139351))
- [Fix search within Environments folder](gitlab-org/gitlab@0e5e87e49c10e97969c7c187641f77878beb35db) ([merge request](gitlab-org/gitlab!146154))
- [Move focus to "What's new" drawer when opened](gitlab-org/gitlab@7e43fee0fc7df835a889c19eb3328b1a9ce7b7b7) ([merge request](gitlab-org/gitlab!144873))
- [Fix page overflow with long MR titles](gitlab-org/gitlab@4200b87ff685151ac389cf3241187fbcaa18a948) ([merge request](gitlab-org/gitlab!146103))
- [Release fetching all npm package tags](gitlab-org/gitlab@9031573c52bddcf17f20b8e563caf1c603d38565) ([merge request](gitlab-org/gitlab!144434))
- [Update Duo Pro Card to to show Add seats button for SM](gitlab-org/gitlab@6d19053750ea2f35f5bf2080fc6595981aed6aa3) ([merge request](gitlab-org/gitlab!145689)) **GitLab Enterprise Edition**
- [Supply the sequence name to the partitioning helper](gitlab-org/gitlab@644125eb09bbbc31dbbe52669527a8c13e478b3b) ([merge request](gitlab-org/gitlab!146065))
- [Fix autocomplete issue on design management comment form](gitlab-org/gitlab@b670c06fa8b594fd7155e492e3daa8580177dc31) ([merge request](gitlab-org/gitlab!146047))
- [Run specs with elastic_clean trait](gitlab-org/gitlab@cd71206c3b9f31199697d27806c111c206ba5d4f) ([merge request](gitlab-org/gitlab!145771))
- [Fix link to check out MRs locally](gitlab-org/gitlab@f7cca629e378d524cea27065f9530cf04c10bc9c) ([merge request](gitlab-org/gitlab!146041))
- [Do not raise CI lint exception if repository is empty](gitlab-org/gitlab@9a38817ff55f0f628238e0a76e20a59c1a20f066) ([merge request](gitlab-org/gitlab!145801))
- [Remove memoization for existing_sequence](gitlab-org/gitlab@ee5d8e912816d403f123eb1c0dd3824ceb2cfa16) ([merge request](gitlab-org/gitlab!146027))
- [Fixes missing "cancel" job button in admin jobs](gitlab-org/gitlab@2f8e8a1757733592d882c7d0224d4040cca6eaa1) ([merge request](gitlab-org/gitlab!146024))
- [Fix line highlighting](gitlab-org/gitlab@3df369cf54cb7c17c3a383545688ccc243d05106) ([merge request](gitlab-org/gitlab!146019))
- [Fix auth to dependency proxy with service account](gitlab-org/gitlab@9405a79b02255f917942442af1aff6454ffe15a0) ([merge request](gitlab-org/gitlab!146012))
- [Add SaaS check when fetching instance member roles](gitlab-org/gitlab@00a6aaff31941c18f979006d865cef3913458578) ([merge request](gitlab-org/gitlab!145094))
- [Proposed format changes for CI/CD Analytics](gitlab-org/gitlab@388ba9840241e7c233eba1e1e94e81ba5e45ed83) ([merge request](gitlab-org/gitlab!141307))
- [Include epic events on Profile page heat map](gitlab-org/gitlab@bc7602f7ca163ad03ec87889b37cabae071cf144) by @zzaakiirr ([merge request](gitlab-org/gitlab!138688))
- [Manage external issue tracker links to Vulnerabilities using events](gitlab-org/gitlab@a80b6a445c5171857fd97b1ba4874e42309e5370) ([merge request](gitlab-org/gitlab!145563)) **GitLab Enterprise Edition**
- [Change DuoChat z-index value to put it behind the feedback modal](gitlab-org/gitlab@96f283f2c5d4a06f1194cf90ebbc85f618c27180) ([merge request](gitlab-org/gitlab!145802)) **GitLab Enterprise Edition**
- [Check merge request's head_sha pipeline instead of latest](gitlab-org/gitlab@fd9980a6110598c4abc8f37db631e9674488ecfd) ([merge request](gitlab-org/gitlab!144919)) **GitLab Enterprise Edition**
- [Expose auth_method for remote mirrors via API](gitlab-org/gitlab@7d2177d947f48440211d49a3ac30c5405a369a21) ([merge request](gitlab-org/gitlab!75155))
- [Fix container repositories checksum mismatch errors](gitlab-org/gitlab@8a631409ceac9eaf66248741f7e31e2a47899c6d) ([merge request](gitlab-org/gitlab!145869)) **GitLab Enterprise Edition**
- [Make enum consistent to vulnerability enum](gitlab-org/gitlab@c9388aa1d7687098f0b5c82d7d444b54a5dafbc3) ([merge request](gitlab-org/gitlab!144849)) **GitLab Enterprise Edition**
- [Change query for assignee users to autocomplete query](gitlab-org/gitlab@49edefe573d4fbfb7d7cf8cd5e61b9a5aec95c00) ([merge request](gitlab-org/gitlab!145370))
- [Fix composability of `:published_event` with `:not_publish_event`](gitlab-org/gitlab@fe7cd8a3035beb4874f22df82e0bf59f34afdf86) ([merge request](gitlab-org/gitlab!144777))
- [Fixes duplicate users in search suggestions](gitlab-org/gitlab@384a98956d5ea3fe900a6854f7edf2edd66ba80f) ([merge request](gitlab-org/gitlab!145818))
- [Fix boolean and number input types](gitlab-org/gitlab@a4032ae6aef2e5dbd8a63b5a78fa3b334ab8e98f) ([merge request](gitlab-org/gitlab!145257))
- [Google Chat: Support inline replies](gitlab-org/gitlab@1ae2e61298b8a0463a570ff6ba16969356f87c82) by @robbie-demuth ([merge request](gitlab-org/gitlab!145187))
- [Web IDE Link: Hide button if empty](gitlab-org/gitlab@0daf8bf5c20d703cbf81c6c8799fee8bb13c0bef) ([merge request](gitlab-org/gitlab!145812))
- [Fix multi-line highlighting](gitlab-org/gitlab@34fa08685dbdaa41375ec5615609be7f925af4d3) ([merge request](gitlab-org/gitlab!144884))
- [Use `pre-wrap` to both preserve whitespace and wrap long lines](gitlab-org/gitlab@3e109880ebfee0754bb8172fe8dee15bf89a2b4f) ([merge request](gitlab-org/gitlab!145482))
- [Use sentence case for VSA Lifecycle metric titles](gitlab-org/gitlab@0040d58416ccc7a66e88c43b94d457b9f6cf56a1) ([merge request](gitlab-org/gitlab!145717)) **GitLab Enterprise Edition**
- [Fixes bug where Geo servers may leave orphaned Upload rep. stuck](gitlab-org/gitlab@c77566920dd7297a47b30942169b1b75f721ce87) ([merge request](gitlab-org/gitlab!142456)) **GitLab Enterprise Edition**
- [Update proxied request to use secondary for push_from_secondary](gitlab-org/gitlab@b93ec88eb37294778f70a8dc32cb8ce4aa665650) ([merge request](gitlab-org/gitlab!143980)) **GitLab Enterprise Edition**
- [Fix alert showing for unlimited schedules](gitlab-org/gitlab@b4e5516ce87a9d15393ea1ac984285c3687d143e) ([merge request](gitlab-org/gitlab!145695))
- [Add support for sidebar, example and openblock in AsciiDoc](gitlab-org/gitlab@ef0d0f9724d4cecb0ec5d0aa58b2dd9fb601841e) ([merge request](gitlab-org/gitlab!145379))
- [Fixed contributor count metric in VSD comparison table](gitlab-org/gitlab@328077d72a2cfa5fb2db63e4186ba59169317cd8) ([merge request](gitlab-org/gitlab!145682)) **GitLab Enterprise Edition**
- [Fix popover position for dependency list export](gitlab-org/gitlab@30ef0993c537c4d823df04ac774bc741fbd08fb9) ([merge request](gitlab-org/gitlab!145604)) **GitLab Enterprise Edition**
- [Increase packages_pypi_metadata keywords text limit](gitlab-org/gitlab@3b877ebf6a2e059e8b936a2fd3f69a64da1a4d94) ([merge request](gitlab-org/gitlab!144983))
- [Re-introduce drop user_interacted_projects table](gitlab-org/gitlab@574d864290ad35d20d33bce9198a6d22d9ce67c9) ([merge request](gitlab-org/gitlab!145260))
- [Do not remove indentation when pasting in code block](gitlab-org/gitlab@6c59aad2decc096a62deb2f2e515732499509160) ([merge request](gitlab-org/gitlab!143793))
- [Geo: Fix incorrect return values](gitlab-org/gitlab@f1a3391ad943e58217fc9e5a47794f217378d533) ([merge request](gitlab-org/gitlab!145616)) **GitLab Enterprise Edition**
- [Hide roles and permissions page from admin area when in SaaS mode](gitlab-org/gitlab@507361069cbadfe3766b748fe10242fde0aa264d) ([merge request](gitlab-org/gitlab!145262)) **GitLab Enterprise Edition**
- [Fix required approvals for mixed policies](gitlab-org/gitlab@86fc8568572466a532fe3971bb21d185e1c839f2) ([merge request](gitlab-org/gitlab!145572)) **GitLab Enterprise Edition**
- [Handle projects not found in Zoekt indexer worker](gitlab-org/gitlab@2c00ff21679c4287cef16853b86b62df8696b31d) ([merge request](gitlab-org/gitlab!145571)) **GitLab Enterprise Edition**
- [Handle a deletion of deployments for the removed repository](gitlab-org/gitlab@0c85dc6160d74f71ca0f2b81e6482ec86b61d772) ([merge request](gitlab-org/gitlab!145498))
- [Fix link anchors for synthetic system notes](gitlab-org/gitlab@ea1ffd2245d28861070dc1246b1b2ac3222983a5) ([merge request](gitlab-org/gitlab!145489))
- [Fix issue with uploading images sometimes](gitlab-org/gitlab@3c4c967a57ebf122be0d595a2c05ba9ce0f68029) ([merge request](gitlab-org/gitlab!144131))
- [Merge when checks pass should not need a pipeline to merge](gitlab-org/gitlab@5a9f0ac851aa4ba2e0b6ac7a2dbc5b381ca00f0c) ([merge request](gitlab-org/gitlab!144553))
- [Fix participants query in MR list page](gitlab-org/gitlab@a031162213a98d77dbd1089f2af1fc12dee7e4d8) ([merge request](gitlab-org/gitlab!145381))
- [Fix Container Registry Path](gitlab-org/gitlab@b77ae8639d0266b7a9364735f1cf3015cbcda68a) ([merge request](gitlab-org/gitlab!145389))
- [Job status: Add missing status text to GraphQL query](gitlab-org/gitlab@322aefda8599d1a915c6ab8db320daba1f2e0273) ([merge request](gitlab-org/gitlab!145139))
- [Improve show/hide logic of cube query generation frontend](gitlab-org/gitlab@2d149b9f695d86f5bec5f029a9de39ce99066f17) ([merge request](gitlab-org/gitlab!144415)) **GitLab Enterprise Edition**
- [Ensure errors.css is interpreted as UTF-8 encoding](gitlab-org/gitlab@b936a1d344d49bce1af09f92826dc152b77129d1) ([merge request](gitlab-org/gitlab!145363))
- [Keep code dropdown open when focusing clone inputs](gitlab-org/gitlab@d74e986b2ea8ae7be698b8583b5ef37fcabaf500) ([merge request](gitlab-org/gitlab!145304))
- [Fixed Shows branch name in non-blobs scopes](gitlab-org/gitlab@d60e1385ef64c13ff3aa50dc19a8cf624f3b0fac) ([merge request](gitlab-org/gitlab!142406))
- [Fix policy bot comment layout](gitlab-org/gitlab@8ba7c0fb55574c644db6fcfd5b023e93be69bcfb) ([merge request](gitlab-org/gitlab!145282)) **GitLab Enterprise Edition**
- [Fix overwriting the SOURCE_CODE variable in Code Quality](gitlab-org/gitlab@428327f364a601a9baff09be3fff6a1689e0fb0f) ([merge request](gitlab-org/gitlab!143018))
- [Emoji picker height in user edit profile page](gitlab-org/gitlab@88ac0ac0f404fd3525abedb57f6fe1779d15cf91) ([merge request](gitlab-org/gitlab!145240))
- [Fix highlight worker event ordering](gitlab-org/gitlab@a77f9e9ff46699fba0a95661d98f5bc75f33b206) ([merge request](gitlab-org/gitlab!145148))
- [Fix vulnerabilities seeder](gitlab-org/gitlab@cb8875c1aac0a1b7d7b4f01982de20aa0ba01640) ([merge request](gitlab-org/gitlab!145163))
- [Don't escape query in "Search or go to..." modal twice](gitlab-org/gitlab@d95bd7aa30d138d210f350201c34b52b799f5af6) by @syvb ([merge request](gitlab-org/gitlab!145158))
- [Mark issuable-resource-links as unique on create](gitlab-org/gitlab@463db89eb519aaddab6e64ada70b83a013be9a86) by @tomasz.skorupa ([merge request](gitlab-org/gitlab!143642)) **GitLab Enterprise Edition**
- [Fix queue purge security scans migration](gitlab-org/gitlab@426115c8c59e705c594777189fec6bba8e2886d0) ([merge request](gitlab-org/gitlab!145130))
- [Enable user/group pages access when namespace_in_path is enabled](gitlab-org/gitlab@5850113d14e830fe431a0d63dd42dd108f9a6d1e) ([merge request](gitlab-org/gitlab!144576))
- [Pipeline Status: Add aria-label](gitlab-org/gitlab@a50d244cf3a00c93be3c8094106282848bf87225) ([merge request](gitlab-org/gitlab!144969))
- [Adds the empty string fallback for organization description field](gitlab-org/gitlab@fa45b4f92de9e4448ce93a4f422f4544a6e3fa35) ([merge request](gitlab-org/gitlab!144896))
- [Check the actual bytesize of a Sentry JSON payload](gitlab-org/gitlab@48507d54bbfa735bd2847f35621c6d283ba6c332) ([merge request](gitlab-org/gitlab!112813))
- [Fix delete text on attach file toolbar button](gitlab-org/gitlab@60b5695e70f54bf34e4a37b95183cee0ceffc166) ([merge request](gitlab-org/gitlab!145034))
- [Profile page: Fix whitepsace issue](gitlab-org/gitlab@c7e996f8f952bcabf79dd36f808a813a3a40aa7b) ([merge request](gitlab-org/gitlab!144955))
- [Fix boolean and number input types](gitlab-org/gitlab@24dabbb7d60819b209d1563c0d60e748620ec6af) ([merge request](gitlab-org/gitlab!144065))
- [Make `/clear_weight` work when weight is 0](gitlab-org/gitlab@dcc5068812cdb5c849bc00a46b6122476eed4065) ([merge request](gitlab-org/gitlab!145002)) **GitLab Enterprise Edition**
- [Adds users_organization_path to the organization home page](gitlab-org/gitlab@32e24b3baad4766d5d2a90cdef030da0efb01407) ([merge request](gitlab-org/gitlab!144878))
- [Make bundler-checksum work with RubyGems 3.5.6](gitlab-org/gitlab@f0de0f34901266750794bebddb60b10e8d0d642a) ([merge request](gitlab-org/gitlab!144985))
- [Repository: Fix code owners question icon color](gitlab-org/gitlab@0994efe550d105aa35695dc3d316ba0e7c0051ad) ([merge request](gitlab-org/gitlab!144634)) **GitLab Enterprise Edition**
- [Board - Fix creating issue in board scoped to iteration](gitlab-org/gitlab@1101bb89195da41aaa5911c02816744b9eae6e4b) ([merge request](gitlab-org/gitlab!144689)) **GitLab Enterprise Edition**
- [Add conditional operator to check for descriptionVersion being null](gitlab-org/gitlab@7236bc723087c919d6e3371112fcc90a88015d38) ([merge request](gitlab-org/gitlab!144949))
- [Mark code_suggestions as ignored](gitlab-org/gitlab@1ee566f4caecd01b118b6909ec0041a3c110b7ef) ([merge request](gitlab-org/gitlab!144892))
- [Fix alert showing for guest/reporter](gitlab-org/gitlab@3b2bb2575bbc00ef5321cc6c9825398fecf9a8ce) ([merge request](gitlab-org/gitlab!144901))
- [Project list item: Fix avatar spacing and alignment](gitlab-org/gitlab@7d2a4cc4714d0b89c079cb65db02021967c6e686) ([merge request](gitlab-org/gitlab!144898))
- [Add a safeguard against non-matching diff discussion positions](gitlab-org/gitlab@a9b42a7e2785101d696b1ec5b354aea8c2f313d3) ([merge request](gitlab-org/gitlab!144865))
- [Prevent policy bot message on non-applicable branches](gitlab-org/gitlab@4b3f6a0657b1979cd6534e0e87f168eab72d6c3f) ([merge request](gitlab-org/gitlab!144863)) **GitLab Enterprise Edition**
- [Set correct state for Apply button after action](gitlab-org/gitlab@ca45668160caf3e27be3c3a48c5211731b55524b) ([merge request](gitlab-org/gitlab!144862)) **GitLab Enterprise Edition**
- [Scope rejected projects query for better performance](gitlab-org/gitlab@f1ce9c5b24f969fc3cf8d6a76eff3a5323292f96) ([merge request](gitlab-org/gitlab!144047)) **GitLab Enterprise Edition**
- [Hide "email a new issue" on archived issues lists](gitlab-org/gitlab@eaaf0f1247a129d4b9fc5082f768b98cb14fe2b2) ([merge request](gitlab-org/gitlab!144058))
- [Consider pipelines with supported sources for MR approval policy](gitlab-org/gitlab@0b08e35779b472f4dc0dd9270a1c917e09156541) ([merge request](gitlab-org/gitlab!144825)) **GitLab Enterprise Edition**
- [Fix Search::Zoekt.index? logic](gitlab-org/gitlab@c8f7bbc7848ea348f5688ce430616fedecc2c898) ([merge request](gitlab-org/gitlab!144592)) **GitLab Enterprise Edition**
- [Remove `gl-z-index-200` from inline findings icon](gitlab-org/gitlab@518a6557ee95299af1d99dc0e3481954a72b0bac) ([merge request](gitlab-org/gitlab!144771)) **GitLab Enterprise Edition**
- [Reintroduces error tracking approximate user count](gitlab-org/gitlab@f1ac7ef970c590d98f84428f5652c0255b847372) ([merge request](gitlab-org/gitlab!144384))
- [Rename security dashboard graphql error alert](gitlab-org/gitlab@c7e343d4a7b0ae11bb0edd5019e75067588f13f8) ([merge request](gitlab-org/gitlab!144775)) **GitLab Enterprise Edition**
- [Fix including CI files in pipeline execution policy](gitlab-org/gitlab@089e07e8439caab0a8d25235670cb19abbcf9e2c) ([merge request](gitlab-org/gitlab!144727)) **GitLab Enterprise Edition**
- [Ignore compliance CI config when source is on-demand DAST scan](gitlab-org/gitlab@7638eb2383826bf63fd19d08502ea76669a71a3b) ([merge request](gitlab-org/gitlab!144307)) **GitLab Enterprise Edition**
- [Merge request checks: Fix right alignment of actions](gitlab-org/gitlab@a8cb6a80e0b8690965f2eea0097e5897a2f2853c) ([merge request](gitlab-org/gitlab!144724))
- [Readme: Fix anchor overflow behavior when collapsed](gitlab-org/gitlab@98f6b8c22097e0d584356f946946ecb9b2671b35) ([merge request](gitlab-org/gitlab!144571))
- [Update pages ci templates - Doxygen](gitlab-org/gitlab@3ccebc465ca01fb8cd3fc89f620cbf12898e2584) ([merge request](gitlab-org/gitlab!144317))
- [Fix Geo: Personal snippets not syncing](gitlab-org/gitlab@14b1af7e3b39179375439e9fc888eadc2bd51b8d) ([merge request](gitlab-org/gitlab!143456)) **GitLab Enterprise Edition**
- [Vulnerability Details: Fix code-snippet rendering](gitlab-org/gitlab@62dc1de6a55d21daa3942bb192a7c23fe6bdc2e4) ([merge request](gitlab-org/gitlab!144444)) **GitLab Enterprise Edition**
- [This MR fixes alignment](gitlab-org/gitlab@1763ec36864731b13c539689a4286c130f483e3b) ([merge request](gitlab-org/gitlab!144348)) **GitLab Enterprise Edition**
- [Add error recovery for package metadata sync](gitlab-org/gitlab@501075e19485de53c93b0405c10cc0c15149fcc5) ([merge request](gitlab-org/gitlab!144090))
- [Readmore shadow: Fix darkmode](gitlab-org/gitlab@329bcd9481289403f255ad386b55b24b8557e037) ([merge request](gitlab-org/gitlab!144568))
- [Fix GitLab for Slack app disabled when uninstalled](gitlab-org/gitlab@7de79ac28efecdd4388b54a7bcea66e009b30cf3) ([merge request](gitlab-org/gitlab!144544))
- [Add spacing to "Awaiting user signup" badge](gitlab-org/gitlab@986a26854a510b25ec0e855228b07c146bfbd792) by @yonghyun.jin13 ([merge request](gitlab-org/gitlab!141181))
- [Fix the name of a missing svg for the tests reports](gitlab-org/gitlab@52121f27ea34d66d6823f171a72dc2a3175a39cb) ([merge request](gitlab-org/gitlab!144362))
- [Changes the empty state illustation from CI/CD Analytics](gitlab-org/gitlab@4e39718b157492c0a256e003ec912caab632c816) ([merge request](gitlab-org/gitlab!144487))
- [Fix error from using `inputs` in some cases](gitlab-org/gitlab@ba97ac19e27fb650c9cc33d72181bff666c2874d) ([merge request](gitlab-org/gitlab!144497))
- [Fix deny_all_requests_except_allowed of AddressableUrlValidator](gitlab-org/gitlab@3d9f595d1b1a4f057c37770ac2ee0312c0b6e8a7) ([merge request](gitlab-org/gitlab!144488))
- [Fix File Browser height update on merge request tab change](gitlab-org/gitlab@e23549d421fc5692abfa2763b85a5a25793f840e) ([merge request](gitlab-org/gitlab!144458))
- [Account for typed code block responses from the LLM](gitlab-org/gitlab@2028e11ad4ad51cc1ecee021816b9134936947e3) ([merge request](gitlab-org/gitlab!144358)) **GitLab Enterprise Edition**
- [Make variable value listbox searchable](gitlab-org/gitlab@9b91529d6a563c3f7ad3d6ebde84bfda1d67bd43) ([merge request](gitlab-org/gitlab!143529))
- [Hide exposed artifacts when there are none](gitlab-org/gitlab@650e8107815f8eb6479bc13882aefdd854ad8cf7) ([merge request](gitlab-org/gitlab!143698))
- [Fix permissions check for runner usage by project](gitlab-org/gitlab@f72ecedc94a50668080bff83ce05593aa2adc4f6) ([merge request](gitlab-org/gitlab!143352))
Changed (207 changes):
- [Change pipeline schedule button text](gitlab-org/gitlab@a2ea0248f57d9fb27a3f61d62d445592790efcca) ([merge request](gitlab-org/gitlab!147058))
- [Update MR empty states](gitlab-org/gitlab@d221a84ca42f98af1173ba65de862294197370a3) ([merge request](gitlab-org/gitlab!146708))
- [Updated the texts in the Protected environments under CI/CD Settings tab](gitlab-org/gitlab@b5ef5f805320d28a015d65a53e5d794b0aa40c0d) by @antonkalmykov ([merge request](gitlab-org/gitlab!147035)) **GitLab Enterprise Edition**
- [Projects: Improve pending deletion visibility and message](gitlab-org/gitlab@5b26f9c384db51533fe3ad69ea2e4d086062ca3e) ([merge request](gitlab-org/gitlab!146082))
- [Audit member access on destroy](gitlab-org/gitlab@38aacd015273bcfe45ea46f24c821de1c4ab73fd) ([merge request](gitlab-org/gitlab!146908)) **GitLab Enterprise Edition**
- [Design management add ability to toggle comments](gitlab-org/gitlab@e8e2aa5fbe895b3ce187bf3b9f08bf394b994760) ([merge request](gitlab-org/gitlab!146290))
- [Clarify audit event type script text](gitlab-org/gitlab@300e410878b6da70c6ff5ffe69580264b7a38706) ([merge request](gitlab-org/gitlab!146960))
- [Improve error message when job is missing an artifact](gitlab-org/gitlab@7639c2c7db731f1be98938d695ae9e1a9c3ad847) ([merge request](gitlab-org/gitlab!146941))
- [Disable release button for catalog resources](gitlab-org/gitlab@bf1f6ad7428842cf7d5784d13f29aaf783b415bc) ([merge request](gitlab-org/gitlab!145701))
- [Guided setup for Google Cloud IAM integration - 3](gitlab-org/gitlab@0f503f650d1dafcd70beb2dd4a10749f4ccbcc80) ([merge request](gitlab-org/gitlab!146174)) **GitLab Enterprise Edition**
- [This MR changed default state for policy scope](gitlab-org/gitlab@5fba32dab3df4627a93b7e975637662abb3b35a5) ([merge request](gitlab-org/gitlab!146210)) **GitLab Enterprise Edition**
- [Update todo and notifications for work items](gitlab-org/gitlab@25b37bd1f36113598ffaefd407f49218361a2c4b) ([merge request](gitlab-org/gitlab!145711))
- [Update commits empty state](gitlab-org/gitlab@88dd091d81f98187d9283d577e93f1df8e184489) ([merge request](gitlab-org/gitlab!146531))
- [Update kubernetes cluster empty state](gitlab-org/gitlab@ca986649138437d15b79ca4f804adf60c5756886) ([merge request](gitlab-org/gitlab!146358))
- [Added new columns and removed unwanted not null constraint](gitlab-org/gitlab@86f299d430d36db4a645c7c16bf8870896ee71f8) ([merge request](gitlab-org/gitlab!144882)) **GitLab Enterprise Edition**
- [Allow milestones to be specified by full path](gitlab-org/gitlab@d7d326b6d944bc30b0a33473a7e4eb24dcbefa3c) ([merge request](gitlab-org/gitlab!143859))
- [Assign default security policy stage](gitlab-org/gitlab@03591fa30b5c95e47a855593465cb0ff47457a9e) ([merge request](gitlab-org/gitlab!145914)) **GitLab Enterprise Edition**
- [Improve environments dashboard](gitlab-org/gitlab@40d007dd394da43c5b901db2cb315a8e45773c05) ([merge request](gitlab-org/gitlab!146258)) **GitLab Enterprise Edition**
- [Update frontend versioning](gitlab-org/gitlab@d3176d6895dc2cc27ce7dbd82e0de698480e2a75) ([merge request](gitlab-org/gitlab!146479))
- [Decouple dark color mode from navigation themes](gitlab-org/gitlab@66f9b887e601d888602aabe211454958616ffeb2) ([merge request](gitlab-org/gitlab!141459))
- [Update UI text](gitlab-org/gitlab@d7311e818cceba40f4496d8db7ef73f51fbc2b6d) by @jrachelr1 ([merge request](gitlab-org/gitlab!146432))
- [Modified source of the current scope](gitlab-org/gitlab@5d3c0e4371d195f77bb5c6c9f2f6fd2c7b1c17c3) ([merge request](gitlab-org/gitlab!146338))
- [Align merge request sticky header with static header](gitlab-org/gitlab@ab1a618aedbdc2c5ca6a778d599df8a8710c4c57) ([merge request](gitlab-org/gitlab!146809))
- [Change column null for `traversal_ids` of the `vulnerability_reads`](gitlab-org/gitlab@932600ee31623be2fe86ca92a19a45c971f36d9b) ([merge request](gitlab-org/gitlab!146800))
- [Migrate sbom_components.name so to match PEP 503](gitlab-org/gitlab@78b9a6025f5a61d2488ad1234fd9a2f914bea824) ([merge request](gitlab-org/gitlab!145700))
- [File header: Use variable instead of magic number](gitlab-org/gitlab@6b0d3eeed0afb8a0c839fb099c10b59eb69c7620) ([merge request](gitlab-org/gitlab!145229))
- [apps/pipeline_details: Copy full commit id](gitlab-org/gitlab@8c3b60c2108da8f72fad2f56ac660a567f7301cf) ([merge request](gitlab-org/gitlab!146052))
- [User profile sidebar: Fix alignment of user details](gitlab-org/gitlab@8a6ae0886b6b5ed81258765373acb183a2f5a6a5) ([merge request](gitlab-org/gitlab!146747))
- [Expose policy_scope in security policy graphql API](gitlab-org/gitlab@b052611c1d1b8a627622c165ec4482baae72a058) ([merge request](gitlab-org/gitlab!146562)) **GitLab Enterprise Edition**
- [Update compare empty state](gitlab-org/gitlab@728033c0efc1527cd05ec49b0af38012fef097da) ([merge request](gitlab-org/gitlab!146525))
- [Rename variable to CI_SERVER_FQDN to match expected value](gitlab-org/gitlab@ed5eb77c8cb130e573e0ad96961f4a778cb7e8d9) ([merge request](gitlab-org/gitlab!146461))
- [Remove cached_conflicts_with_types feature flag](gitlab-org/gitlab@ba3b70e080869ecbb7df80553f5fc7b83fb6200f) ([merge request](gitlab-org/gitlab!146738))
- [Correctly style labels in filtered search](gitlab-org/gitlab@890398b954a1efb9df5d71f715b195bc90ddc932) ([merge request](gitlab-org/gitlab!143780))
- [Update docs to clarify framework removal](gitlab-org/gitlab@fc75ad770f7e9158fe6a16f95f17fc5eeb21db9d) ([merge request](gitlab-org/gitlab!146704)) **GitLab Enterprise Edition**
- [Projects: Improve archived visibility and message](gitlab-org/gitlab@b1050e939f0d671bdf52b9a6eaaee1841a007f1d) ([merge request](gitlab-org/gitlab!145277))
- [Removes database migrations up to 16-1-stable-ee](gitlab-org/gitlab@c9d9a3bb5c6f249075f63c7d4fbd3feed9df1ab6) ([merge request](gitlab-org/gitlab!144364))
- [Update service desk empty state illustration](gitlab-org/gitlab@f47c45dfbeb001518aef3cd5bcecb30959d58ece) ([merge request](gitlab-org/gitlab!146549))
- [Update surface alerts empty state illustration](gitlab-org/gitlab@f8873fccddf20b5e6844aac99d534b10a8e47026) ([merge request](gitlab-org/gitlab!146534))
- [Guided setup for Google Cloud IAM integration - 2](gitlab-org/gitlab@3773915b528f23e3081555c67b4b15841712ba24) ([merge request](gitlab-org/gitlab!145543)) **GitLab Enterprise Edition**
- [Only show epic lane header shadow when it overlaps](gitlab-org/gitlab@d473fee4fd5cc144181037a76a0cc7f0f1fd51d2) ([merge request](gitlab-org/gitlab!146421)) **GitLab Enterprise Edition**
- [Use new ScalarValidator for variables CI keyword](gitlab-org/gitlab@65684085897b3c3daf717d3155936ffce6a26c7b) ([merge request](gitlab-org/gitlab!146503))
- [Billing page does not scale with large font sizes](gitlab-org/gitlab@eb845e4ae2d5806a4be249b42df0393a6359c36d) ([merge request](gitlab-org/gitlab!146668)) **GitLab Enterprise Edition**
- [Removes testable method from EWM](gitlab-org/gitlab@40e558363e07e6b3bca5e9303f65a3edfcc278ce) ([merge request](gitlab-org/gitlab!146636))
- [Change todo re-add button icon and title](gitlab-org/gitlab@918f2933adc729d6737aee5bc0167a10b59b91a4) ([merge request](gitlab-org/gitlab!146254))
- [Update Terraform modules empty state illustration](gitlab-org/gitlab@848d69f63b4c59ae51a71e92ffed80955b75a1c2) ([merge request](gitlab-org/gitlab!146487))
- [Remove merge_request_diff_generated_subscription feature flag](gitlab-org/gitlab@d3f0486be4473cbe3f93b21ca4a35902c81fe6c8) ([merge request](gitlab-org/gitlab!146580))
- [This MR adds validation for policy scope](gitlab-org/gitlab@5989bdd2b2e951bdb0663fb5b78866118e04e982) ([merge request](gitlab-org/gitlab!145871)) **GitLab Enterprise Edition**
- [Keeps compliance frameworks for project transfers](gitlab-org/gitlab@657c47cd46bfc9f3c12f3d0a3a34f1e8ea0f6fcf) ([merge request](gitlab-org/gitlab!146533)) **GitLab Enterprise Edition**
- [Update incident empty state illustration](gitlab-org/gitlab@781b87bc22f484156b1847bafbff537d8e81607c) ([merge request](gitlab-org/gitlab!146537))
- [Consolidate all google cloud support feature flags into one](gitlab-org/gitlab@aeb368e8f67d68274cdda70177328ddff424ddb6) ([merge request](gitlab-org/gitlab!145918)) **GitLab Enterprise Edition**
- [Guided setup for Google Cloud IAM integration - 1](gitlab-org/gitlab@efc4b630c9b912dc9415758dcca769d5f8d7d85a) ([merge request](gitlab-org/gitlab!146028)) **GitLab Enterprise Edition**
- [Update to redis-client v0.21.0](gitlab-org/gitlab@fccd704cd2409e0cb21db495b4dcc865162401ef) ([merge request](gitlab-org/gitlab!146506))
- [Update profile empty state](gitlab-org/gitlab@b7e7e087f28bbca8441106e8b5678c74307d14c8) ([merge request](gitlab-org/gitlab!146490))
- [Update UI text replacing 'catalog resource' with 'catalog project'](gitlab-org/gitlab@289eedc11b43c1cfcc96cfc7a07a1a4d563e38cc) ([merge request](gitlab-org/gitlab!146077))
- [Add environments empty state illustration](gitlab-org/gitlab@05b2c427d55fae41bac374f431eb308a4a1e3300) ([merge request](gitlab-org/gitlab!146323))
- [Swap columns auto_canceled_by for p_ci_builds](gitlab-org/gitlab@51a6865cd17c6bd49354426aab768e511a7b3d4b) ([merge request](gitlab-org/gitlab!144845))
- [Remove sort direction sync between columns on vulnerability report](gitlab-org/gitlab@ce614adbb30fc8c64fc1e8d7528d62ec981ead85) ([merge request](gitlab-org/gitlab!146466)) **GitLab Enterprise Edition**
- [Update dependency auto-deploy-image to v2.86.0](gitlab-org/gitlab@9089b269766ccfab11ef50cccef2e21984d3449b) ([merge request](gitlab-org/gitlab!146362))
- [Remove "ref_extract_sha256" feature flag](gitlab-org/gitlab@7e5ae6d6dac929cc94e4bb9df65c0285fe72456d) ([merge request](gitlab-org/gitlab!146355))
- [Backfill traversal_ids and archived to sbom_occurrences](gitlab-org/gitlab@6a422c6e02e16f3b8b6be544e07eb81ada7fe2d1) ([merge request](gitlab-org/gitlab!144802))
- [Update copy for trials/duo_pro/new](gitlab-org/gitlab@1fb2a8d3189d9c7b097a9684d14563fd46807220) ([merge request](gitlab-org/gitlab!145810)) **GitLab Enterprise Edition**
- [Add a link to the starrer's page on project stars in the CI/CD catalog](gitlab-org/gitlab@215ba918fad59d989c47b1cb4ca93e1796498b0c) by @antonkalmykov ([merge request](gitlab-org/gitlab!144781))
- [Expands adherence report group by dropdown](gitlab-org/gitlab@1e6a819972e5365c86f966bc01934d8f7302d350) ([merge request](gitlab-org/gitlab!144688)) **GitLab Enterprise Edition**
- [Update docs for security_approval_policies_limit application setting](gitlab-org/gitlab@247ef6ea819213983ad910d80cc443d7ef51c84f) ([merge request](gitlab-org/gitlab!146178))
- [Add safe rel attribute on links with target "_blank"](gitlab-org/gitlab@2e8037f5198072593a7c61148c8bc74b61c36cc7) ([merge request](gitlab-org/gitlab!145516))
- [Update MR sidebar reviewer status icons](gitlab-org/gitlab@de50202ed1aecc822791a6162f616bc00f303447) ([merge request](gitlab-org/gitlab!146237))
- [Expose policy_scope in policy graphql API](gitlab-org/gitlab@09e869ff19d792dbc8c4603e39af8a5b21e1a601) ([merge request](gitlab-org/gitlab!142248)) **GitLab Enterprise Edition**
- [Rename Google Artifact Registry integration](gitlab-org/gitlab@b5f665e86a79625852f29a2c66752cf2f7ff649e) ([merge request](gitlab-org/gitlab!145529)) **GitLab Enterprise Edition**
- [AI docs: explicitly mention use of HTTPS](gitlab-org/gitlab@006fe0e80023f3d354fa93865300a46484c44902) ([merge request](gitlab-org/gitlab!146194))
- [Default enable FF include_manual_to_pipeline_completion](gitlab-org/gitlab@b6d9b3e1626f5e8a27e674fb14f5ee1cc79f5e17) ([merge request](gitlab-org/gitlab!146100)) **GitLab Enterprise Edition**
- [Add image size recommendation to avatar settings](gitlab-org/gitlab@fd98b5647d244bb9ab0f8f81b486b137088a83f8) ([merge request](gitlab-org/gitlab!145418))
- [Allow adding an Organization to an User Namespace](gitlab-org/gitlab@65e4d11e147c09a70565993a1062cde1cfe23742) ([merge request](gitlab-org/gitlab!144049))
- [Allow /help to accept either page title in front matter or in Markdown](gitlab-org/gitlab@b13518baf1f74865bd811e9107d2dc0a7b55214e) ([merge request](gitlab-org/gitlab!145627))
- [Update scaler and overlay color on design detail](gitlab-org/gitlab@fc77cced42e59de58e4b29d753b0e4528d95e669) ([merge request](gitlab-org/gitlab!145153))
- [Link fast-forward Merge Requests to deployment](gitlab-org/gitlab@979a7f19da5834d6272bc2c94030ad37503c0a7f) ([merge request](gitlab-org/gitlab!145211))
- [Mark vulnerabilitiesRemoveAllFromProject mutation as stable](gitlab-org/gitlab@cd06c9a442a8340c4e4428381902fa75fed9ed0e) ([merge request](gitlab-org/gitlab!146125)) **GitLab Enterprise Edition**
- [Replace geo-replication-empty illustration](gitlab-org/gitlab@6e850f35e39c3547ab1528c0b0a40d2df75198a0) ([merge request](gitlab-org/gitlab!144665)) **GitLab Enterprise Edition**
- [This MR adds new properties for toggle_list](gitlab-org/gitlab@7f06af55b260c17627fe9794d5c77ac641caeccc) ([merge request](gitlab-org/gitlab!145548)) **GitLab Enterprise Edition**
- [Improve Google Cloud IAM integration UI text](gitlab-org/gitlab@2fdc58840c714e637caa4970871018799d1f7035) ([merge request](gitlab-org/gitlab!145535)) **GitLab Enterprise Edition**
- [Rollout zoekt_cache_search_responses feature](gitlab-org/gitlab@49d4a9163ba4a9e2b65ddfefc61c100532ce61b0) ([merge request](gitlab-org/gitlab!146085)) **GitLab Enterprise Edition**
- [This MR select all reset option](gitlab-org/gitlab@ade7828071bbd7f879a0948b6704f880b5215d5b) ([merge request](gitlab-org/gitlab!145874)) **GitLab Enterprise Edition**
- [Render project name with namespace in runner usage](gitlab-org/gitlab@8673d2b3d39c8de524920d18c548610f6775e5e7) ([merge request](gitlab-org/gitlab!145151)) **GitLab Enterprise Edition**
- [Design management - Move issue title](gitlab-org/gitlab@df0fec3009f0d89d0ff9cbb78e203936aa9ab02f) ([merge request](gitlab-org/gitlab!145878))
- [Change security pipeline execution policy stages strategy](gitlab-org/gitlab@8ac1d6f071f520f4329d76d9e6ee0e437d760cae) ([merge request](gitlab-org/gitlab!145136)) **GitLab Enterprise Edition**
- [Cleanup update_vuln_reads_traversal_ids_via_event FF](gitlab-org/gitlab@b073ad51ccb9470c4225457477f2279faa9c81cd) ([merge request](gitlab-org/gitlab!145430)) **GitLab Enterprise Edition**
- [Emphasize integration reset button](gitlab-org/gitlab@761185ebac73dceae5cc69c7f479e883a4f002c7) ([merge request](gitlab-org/gitlab!146045))
- [Activity feed: Make content better searchable](gitlab-org/gitlab@e408f410c069049f33bbe49255e295e858aeb4c6) ([merge request](gitlab-org/gitlab!145540))
- [Remove outdated illustrations](gitlab-org/gitlab@8b0acb8f862d8f13411bba5c26da7e32e72ceec8) ([merge request](gitlab-org/gitlab!146043))
- [Pipeline MiniGraph dropdown: Keep open when modifier is pressed](gitlab-org/gitlab@8920145ad81a08adc2a9693fdaec3d59643cedd4) ([merge request](gitlab-org/gitlab!146030))
- [Project/Group overview: Add settings link to kebab menu](gitlab-org/gitlab@57ebda215bbf27f2360a1b3a103cf38886bc969e) ([merge request](gitlab-org/gitlab!145239))
- [Add optional project labels to keep-around ref metrics](gitlab-org/gitlab@f54ae894c9f778a5a448312c49fe49b860d73ac9) ([merge request](gitlab-org/gitlab!145988))
- [Add option to keep shared groups when filtered by parent](gitlab-org/gitlab@d8e65143b0e464cfc0aa1a1d7c51250f331e48bc) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/141462)) **GitLab Enterprise Edition**
- [Use pluralized string for Job/Jobs count label on jobs/pipelines page](gitlab-org/gitlab@46bce5fdcbda80cbd8c028a8e966de4152f848b5) by @antonkalmykov ([merge request](gitlab-org/gitlab!145731))
- [Make the date format consistently across the CI/CD Catalog](gitlab org/gitlab@a6db118290802a2b0471362820ddd3a391668d57) by @antonkalmykov ([merge request](gitlab-org/gitlab!145729))
- [Redact SAMLResponse from logs](gitlab-org/gitlab@ec6757d64db8567ea0d486816067f62e489e8f7d) ([merge request](gitlab-org/gitlab!144732))
- [Darken light blue and green theme for contrast](gitlab-org/gitlab@cff5ca48903b919af5cbca744a4e25517e962617) ([merge request](gitlab-org/gitlab!145815))
- [Add illustration to Value Stream Analytics empty state](gitlab-org/gitlab@0225ddc22fd59537de8552bc354df8a622ad2722) ([merge request](gitlab-org/gitlab!145868))
- [Upgraded Web IDE to 0.0.1-dev-20240226152102](gitlab-org/gitlab@dac076d55d4c3e488080ef88deefd5cc12238d6d) ([merge request](gitlab-org/gitlab!145900))
- [Added namespace actor to PA billing feature flag](gitlab-org/gitlab@63b15bdab9aab6c041161adaf7fce4cc02942d52) ([merge request](gitlab-org/gitlab!145116)) **GitLab Enterprise Edition**
- [Update design management discussion as per new UX](gitlab-org/gitlab@b8ca254afd0ec5d357aecfdb894bf647c9c18d34) ([merge request](gitlab-org/gitlab!145011))
- [Add color_mode_id column to users table](gitlab-org/gitlab@2ff7f2616984e455fd00fa0e5d1f572874b7b77c) ([merge request](gitlab-org/gitlab!142772))
- [Allow /help to accept either index.md or _index.md as a docs index page](gitlab-org/gitlab@1be8d7c707febb07987558fce7e21efbcebf3c81) ([merge request](gitlab-org/gitlab!144419))
- [Update regex for normalize_pypi to align with](gitlab-org/gitlab@b191ad6ccf65e9756d646a301618b4c287c777f6) ([merge request](gitlab-org/gitlab!145393))
- [Cleanup free_user_cap_over_limit_email FF](gitlab-org/gitlab@6273551f112a258787c580fc6c39f9efd96b2fbe) ([merge request](gitlab-org/gitlab!145707)) **GitLab Enterprise Edition**
- [Add prefix to Operations::FeatureFlagsClient#token](gitlab-org/gitlab@0ef1fadd62b116373874995a179bdc1802f1cf00) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144703))
- [Use skeleton loader for artifacts loading state](gitlab-org/gitlab@02b44144c0dc937aff74649c3e8c4ceaab1a6fcd) ([merge request](gitlab-org/gitlab!143218))
- [Additional cleanup for external usernames on oAuth and LDAP sign up](gitlab-org/gitlab@fdba060146a5952726d02d036eca8581ba6b022e) ([merge request](gitlab-org/gitlab!145038))
- [Design management - Move todo button](gitlab-org/gitlab@26a73723334f87e2fbe2035fb1109dad41fa446e) ([merge request](gitlab-org/gitlab!145736))
- [Update Cloud Connector architecture blueprint](gitlab-org/gitlab@95a9b949b67aaadaca04868a52555b73631b8cf8) ([merge request](gitlab-org/gitlab!145220))
- [Replace manual and failed pipeline illustrations](gitlab-org/gitlab@3bad95bb777af89f264056ade339033669125225) ([merge request](gitlab-org/gitlab!145650)) **GitLab Enterprise Edition**
- [Enable continuous container scanning by default](gitlab-org/gitlab@f85b3bd21829762f56d404ef9fdab7670e9554dd) ([merge request](gitlab-org/gitlab!145723)) **GitLab Enterprise Edition**
- [Default enable FF search_index_all_projects](gitlab-org/gitlab@9172ba05d3613e967a468d4956a4298c182bdb69) ([merge request](gitlab-org/gitlab!145300)) **GitLab Enterprise Edition**
- [Replace milestone promotion banner with alert](gitlab-org/gitlab@c323a81ed4440b319b965ee2dfda30dc49e3c735) ([merge request](gitlab-org/gitlab!138597))
- [Update Rails to 7.0.8.1](gitlab-org/gitlab@92c0c5192703bbfa5ebdf36e6c9853d9268061f4) ([merge request](gitlab-org/gitlab!145667))
- [Update GITLAB_PAGES_VERSION](gitlab-org/gitlab@8bf8b553560e18925368a152322eb6a652a720fa) ([merge request](gitlab-org/gitlab!145634))
- [Update version outdated text](gitlab-org/gitlab@5cc715a24c1aba10c53d1db07f4bdbf5ae3cdc2a) ([merge request](gitlab-org/gitlab!145445))
- [Add approval group rule get endpoint](gitlab-org/gitlab@85492b1c18760a01bb15e94dc8b7096b3efab99b) ([merge request](gitlab-org/gitlab!144170)) **GitLab Enterprise Edition**
- [Reword Project.services field deprecation](gitlab-org/gitlab@13cb32e1248fec2221e9b36163b8ccbb7d4d0dec) ([merge request](gitlab-org/gitlab!145615))
- [Beautify groups](gitlab-org/gitlab@4019e3877369357157babc316f03e64290e25768) ([merge request](gitlab-org/gitlab!144921))
- [Use helpPagePath to Render terraform module registry links](gitlab-org/gitlab@4773c0f603cb93eb174be4fa1bbd3e698968ee03) by @jzeng88 ([merge request](gitlab-org/gitlab!145055))
- [Remove $white color to improve dark mode](gitlab-org/gitlab@b49bdefbcf5108f116d800bc34be4c170ccbc9ec) ([merge request](gitlab-org/gitlab!145590))
- [Update dependency auto-deploy-image to v2.85.0](gitlab-org/gitlab@834c41c7014781adfe7df55b3bd1ae1d50471f52) ([merge request](gitlab-org/gitlab!145557))
- [Remove backtrace silencer for app dir](gitlab-org/gitlab@9c6c0e73615151400634b5736edc0ac22783d007) ([merge request](gitlab-org/gitlab!145084))
- [Open Deployments tab when no K8s integration set for Environment](gitlab-org/gitlab@7b7cfa054db6acfbb187285a04720b1d7495e881) ([merge request](gitlab-org/gitlab!145287))
- [Enable custom_webhook_template by default](gitlab-org/gitlab@40d60e40802723553aad8c11ad01d7d1c5866014) by @Taucher2003 ([merge request](gitlab-org/gitlab!145514))
- [Profile page: Increase spacing after profile avatar](gitlab-org/gitlab@2528c9a773e7950e8d099cff1dd09e9125cdca03) ([merge request](gitlab-org/gitlab!145487))
- [Clean up successful free_trial_registration_redesign experiment](gitlab-org/gitlab@578e07da6d39d24e6af01fd3a9ef144e62e1b721) ([merge request](gitlab-org/gitlab!145235)) **GitLab Enterprise Edition**
- [Remove feature flag and update docs](gitlab-org/gitlab@1bf2cb1e157a8d45a3cd699ebd24970e64de1704) ([merge request](gitlab-org/gitlab!145366))
- [Add ability to unsubscribe from design management notifications](gitlab-org/gitlab@bb1596a3594d06ff28345bb21122274c89afb9a0) ([merge request](gitlab-org/gitlab!144247))
- [Make sign in tabs fully Pajamas compliant](gitlab-org/gitlab@e7e211edc7a9baf0067d25b6719cc24379e9588b) ([merge request](gitlab-org/gitlab!145238))
- [Remove Gitlab.com check for ContainerRepository#size](gitlab-org/gitlab@b6659019f631d443da33907a2d6910174fbb8b5a) ([merge request](gitlab-org/gitlab!144917))
- [Add Search::Zoekt::Task](gitlab-org/gitlab@9e53a29fe3878b86a826493e7e32fb32b889df04) ([merge request](gitlab-org/gitlab!143063))
- [This MR extend compliance framework list](gitlab-org/gitlab@7d458862e69543ddd175c9541ac4fd25280c3bc9) ([merge request](gitlab-org/gitlab!145051)) **GitLab Enterprise Edition**
- [GCP WLIF script improvements](gitlab-org/gitlab@562e2bcaf6234a20e0de1196497abe7f11d44ad9) ([merge request](gitlab-org/gitlab!144818)) **GitLab Enterprise Edition**
- [Show more specific error messages](gitlab-org/gitlab@80fa7fe57c2e8021a2970f0077df27711e54fbf6) ([merge request](gitlab-org/gitlab!145140))
- [Add logos to JetBrains integrations](gitlab-org/gitlab@1f32dccc4cc2f9f84391ff902050a3d6d0e4164d) ([merge request](gitlab-org/gitlab!145149))
- [Update default bot comment text when approvals required](gitlab-org/gitlab@3aec41edf9d4de5c306254dc602ad1fa8ac00e2d) ([merge request](gitlab-org/gitlab!143717)) **GitLab Enterprise Edition**
- [Clean up encoding_logs_tree FF](gitlab-org/gitlab@dafd046609ee79dac9531ddf0b73f002da8e28a8) ([merge request](gitlab-org/gitlab!145242))
- [Update column title](gitlab-org/gitlab@410d00f738fa70a525e79486cc4d8dd59b5e7199) ([merge request](gitlab-org/gitlab!145079))
- [Renaming column type to category for external audit event destinations](gitlab-org/gitlab@1fc1ae33e39862feeb6c7f01489b863f874a5f87) ([merge request](gitlab-org/gitlab!144994)) **GitLab Enterprise Edition**
- [Add additional analytics dashboard user events](gitlab-org/gitlab@4d33a2150ead4078cdab85a6094483e47f4db41e) ([merge request](gitlab-org/gitlab!144850)) **GitLab Enterprise Edition**
- [Moves full stop out of "Learn More" link](gitlab-org/gitlab@cfd3fce24eadce307bc880020ef315e643f0e302) by @r2abreu ([merge request](gitlab-org/gitlab!145192))
- [Replace cluster_popover illustration](gitlab-org/gitlab@68fdc2a29ec09b6faa15d3238fa8eecfd242b852) ([merge request](gitlab-org/gitlab!145185))
- [Declare service_access_tokens table clusterwide](gitlab-org/gitlab@97aaf7ac774249a34f29c8e58637bd8303a35383) ([merge request](gitlab-org/gitlab!145157))
- [Fix emoji picker](gitlab-org/gitlab@d1faa6d12980f407d5d72eadb2de86e244f52b18) ([merge request](gitlab-org/gitlab!144977))
- [Design management - Update layout of image preview](gitlab-org/gitlab@675403ae0874b08a0af73302d292d04ad81d90b5) ([merge request](gitlab-org/gitlab!144550))
- [Update branch rules via global id](gitlab-org/gitlab@a730a2af6201b7757f66101a50fa3cdf53cfbcd7) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144632)) **GitLab Enterprise Edition**
- [Fix pull lfs files issue](gitlab-org/gitlab@f913a7709d370f68fb2681958b5f81f73c1947b0) by @chaomao ([merge request](gitlab-org/gitlab!145114)) **GitLab Enterprise Edition**
- [Use entity full_path for page title / breadcrumbs](gitlab-org/gitlab@90a8358de64ed3091a0cb93898c7a11909528796) ([merge request](gitlab-org/gitlab!145112))
- [Clarified work items FF naming](gitlab-org/gitlab@81c20d2c9d2276f4ac8a8edfed6dce9799a4f12d) ([merge request](gitlab-org/gitlab!144141))
- [Epic boards - Display Ancestors in sidebar when subepics are allowed](gitlab-org/gitlab@a99ae25fc7522b34373d826fc2241d1be995e7a3) ([merge request](gitlab-org/gitlab!145092)) **GitLab Enterprise Edition**
- [Backfill non-instance admins into the organization users table](gitlab-org/gitlab@f784aa8c573f918c3e9249540a2577c0f007653c) ([merge request](gitlab-org/gitlab!144674))
- [Switch repository backups to use manifests only](gitlab-org/gitlab@81871c9a1451cce33eb2e078c57d8bc7618502c7) ([merge request](gitlab-org/gitlab!144677))
- [Remove the Kubernetes overview section from the Environments page](gitlab-org/gitlab@c4c98e8e0d3696574978b09ab62fec770c480ee7) ([merge request](gitlab-org/gitlab!144799))
- [Implement BranchRules::UpdateService](gitlab-org/gitlab@d4289fcb5e12358c9f3f5969031d6dd655f70fec) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144630))
- [Change route for /details to /failures with id](gitlab-org/gitlab@627d9b00ad48264b42b935698a8aa3e7ceccfce6) ([merge request](gitlab-org/gitlab!143904))
- [Add form validation for cube query generation input](gitlab-org/gitlab@6bd72dc87ef319444bc31429a14f5a5c8e1c4b81) ([merge request](gitlab-org/gitlab!144146)) **GitLab Enterprise Edition**
- [Update repositories analytics empty states](gitlab-org/gitlab@61fe290457749aa35d4afcd3d2149386b38aff0a) ([merge request](gitlab-org/gitlab!144794)) **GitLab Enterprise Edition**
- [Expand sidekiq queue_groups to default](gitlab-org/gitlab@658da0610c5b22b84f89452aec0441dc77819782) ([merge request](gitlab-org/gitlab!142577))
- [Change `vulnerabilities.finding_id` column to NOT NULL](gitlab-org/gitlab@34772c2ca6742c08b059bb93b9367d3a8c195695) ([merge request](gitlab-org/gitlab!140989)) **GitLab Enterprise Edition**
- [Pipeline MiniGraph: Migrate dropdown to GlDisclosureDropdown](gitlab-org/gitlab@677bf84e6da0b3c6044bcaac0d849fbe21b85d17) ([merge request](gitlab-org/gitlab!144606))
- [Changed Terraform Modules history wording](gitlab-org/gitlab@d333bad70a2fa12fabf667c833ff0c7c94f4d00d) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144945))
- [Fix bitbucket spread cal job](gitlab-org/gitlab@aeb47d1fb039c758ba36ffe4d0a2f93b1a149076) by @imskr ([merge request](gitlab-org/gitlab!143815))
- [Update dependency auto-deploy-image to v2.83.0](gitlab-org/gitlab@a0959e69590f3d7e507943f58cc48caa58c00058) ([merge request](gitlab-org/gitlab!144826))
- [Refactor compliance frameworks export backend](gitlab-org/gitlab@d08f0385ab3700c3a7db80664e7fd791bf9522c0) ([merge request](gitlab-org/gitlab!144915)) **GitLab Enterprise Edition**
- [Fix blurry avatar in profile](gitlab-org/gitlab@3c2337946dcbac75603a9475f899e072b23e4dbd) ([merge request](gitlab-org/gitlab!144448))
- [Clean up promote_ultimate_features experiment](gitlab-org/gitlab@872f590928af5451e6902a71d334b8c2b4a5bd4a) ([merge request](gitlab-org/gitlab!144513)) **GitLab Enterprise Edition**
- [Now allowing expired trials to see Trial Discover Page](gitlab-org/gitlab@fb0118da47716650afdc5d0dfce06a7987c4a3e8) ([merge request](gitlab-org/gitlab!144904)) **GitLab Enterprise Edition**
- [Route projects by root namespace id](gitlab-org/gitlab@6583846f71e2d30434058c0cf7bb1ec84f68ea08) ([merge request](gitlab-org/gitlab!143212)) **GitLab Enterprise Edition**
- [Open "Create Slack app" link in new tab](gitlab-org/gitlab@9cf51675f38552e621e6432fdf37f8768e7e41fe) ([merge request](gitlab-org/gitlab!144885))
- [api/runners: Expose `maintenance_note` in details and editing](gitlab-org/gitlab@7b1af91226ba2ce3f6db523f3fcc0254592b32e1) ([merge request](gitlab-org/gitlab!144482))
- [Code dropdown: Migrate to GlDisclosureDropdown](gitlab-org/gitlab@9ab2803420becc67589be5979439e6aaa469bf80) ([merge request](gitlab-org/gitlab!143324))
- [User profile: Show 7 achievements instead of 3](gitlab-org/gitlab@653d2949f79e40d77908a57b669a3ce67272e1cd) ([merge request](gitlab-org/gitlab!144453))
- [Reorders work item sidebar widgets](gitlab-org/gitlab@040e80bce5db879fca047e64d87125c1afd041ba) ([merge request](gitlab-org/gitlab!143707))
- [Adjust environment and sync status badges on environments page](gitlab-org/gitlab@2cda9c5802a9d3787c553f0d82ebe2dcf55c3c8d) by @antonkalmykov ([merge request](gitlab-org/gitlab!144486))
- [Use color for protected/default branches/tags (#439551)](gitlab-org/gitlab@9db61fa943bb55622860f78e25b7a0253425e45c) by @abh80 ([merge request](gitlab-org/gitlab!143398))
- [Use createdAt instead of releasedAt](gitlab-org/gitlab@cea397f6460ea5acd8369db9d3b8c27f6039d1a4) ([merge request](gitlab-org/gitlab!144789))
- [Update cube query generation UI](gitlab-org/gitlab@969ea9d1c16df9993158cd99f44477fe777d79c4) ([merge request](gitlab-org/gitlab!144148)) **GitLab Enterprise Edition**
- [Update sha method depending of release presence](gitlab-org/gitlab@7c3a7cdb23417751176cef593d7dd6d955558e69) ([merge request](gitlab-org/gitlab!144175))
- [Fixing rubocop exceptions in tests](gitlab-org/gitlab@3695ddb1f7399d32d919c2ca9508787905c5d388) ([merge request](gitlab-org/gitlab!144589))
- [Rename "Runner" header to "Runner configuration"](gitlab-org/gitlab@1a26aaa3f15259890741215076e3ce7dc8a36291) ([merge request](gitlab-org/gitlab!144216))
- [workhorse: Downgrade incomplete multipart uploads to 400 errors](gitlab-org/gitlab@f85f72255c9bd8d9d3f63a1aa3f2ceae495d0546) ([merge request](gitlab-org/gitlab!144710))
- [Remove redundant "runner statuses" popover in the runners list](gitlab-org/gitlab@7ef740fca0b92292b062bc9922a581b8df7a5d98) ([merge request](gitlab-org/gitlab!144343))
- [Sort personal projects on profile page by last_activity_at](gitlab-org/gitlab@eea414d5709cb8d25bc94ab80c96892ce9596ed6) ([merge request](gitlab-org/gitlab!144309))
- [Unify collapse\expand all unresolved threads action](gitlab-org/gitlab@04143ecfedde8b70727874f1e5175650df527616) ([merge request](gitlab-org/gitlab!136034))
- [Improve environments dashboard](gitlab-org/gitlab@3fb0db611b5faa615565d5cd9a839a33fac06a88) ([merge request](gitlab-org/gitlab!142747))
- [Enable `group_level_dependencies_filtering` by default](gitlab-org/gitlab@0b43ebd13a7afc20b94b546e14e8e05fd10de0b0) ([merge request](gitlab-org/gitlab!144668)) **GitLab Enterprise Edition**
- [Abbreviate long numbers in groups/projects list](gitlab-org/gitlab@8f5bdcbf015eb459418e341a56a27a4e892be1cf) ([merge request](gitlab-org/gitlab!144074))
- [Remove namespace validation for policy_scope](gitlab-org/gitlab@e29824a6b9a36a93f5ed0b8b2364a5671548292f) ([merge request](gitlab-org/gitlab!144491)) **GitLab Enterprise Edition**
- [Allow only top level groups for ApprovalGroupRules](gitlab-org/gitlab@e7928dc11522850791e753ca152ffe8255c29581) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144438)) **GitLab Enterprise Edition**
- [Dashboard: Use SingleStatComponent](gitlab-org/gitlab@ea8bcef820ac357c3766399ff076ed8a0e9af0d3) ([merge request](gitlab-org/gitlab!144447)) **GitLab Enterprise Edition**
- [Update redis-client to v0.20.0](gitlab-org/gitlab@099eb093032b3bfc1b8a59eb5eef0df2156e7bca) ([merge request](gitlab-org/gitlab!144620))
- [Use less ambiguous parameter names in CI lint API](gitlab-org/gitlab@043bc732c46c9453b52913fc2a824ede7e6aaf4e) ([merge request](gitlab-org/gitlab!143098))
- [Use Duo Chat for explain code feature](gitlab-org/gitlab@fe321c6b1c7c772f3f9079b6eedc51e6626c1afb) ([merge request](gitlab-org/gitlab!143217)) **GitLab Enterprise Edition**
- [Add tabs to Environment details page](gitlab-org/gitlab@6c021229c55cdf45c7787a59b139760e94a1397c) ([merge request](gitlab-org/gitlab!143865))
- [Truncate long dashboard descriptions on list page](gitlab-org/gitlab@8e4729ce031acfb431b039df5f84e720407a3155) ([merge request](gitlab-org/gitlab!144274)) **GitLab Enterprise Edition**
- [Populate topics slug column from name column](gitlab-org/gitlab@188e2c64cc2e4e4cc411783da74f64d70bfb7ce7) by @zzaakiirr ([merge request](gitlab-org/gitlab!141715))
- [Update layout and styling of billing/plan_component](gitlab-org/gitlab@7e3be144f84dfca7d2480a8faf2b174402d28902) ([merge request](gitlab-org/gitlab!142939)) **GitLab Enterprise Edition**
- [Update milestone banner illustration](gitlab-org/gitlab@b30970c3e092985a04bd66969fd16667dab25c1b) ([merge request](gitlab-org/gitlab!144044)) **GitLab Enterprise Edition**
- [Update alert settings tests](gitlab-org/gitlab@4dcfd3d40db22f6b416ee7d934eb181fd4085f35) ([merge request](gitlab-org/gitlab!144547))
- [Move color widget update to a callback](gitlab-org/gitlab@fb7759bfb3d57adf248e8c58a6446727c72b8b34) ([merge request](gitlab-org/gitlab!142335)) **GitLab Enterprise Edition**
- [Only allow group approval rules to be created by group admins](gitlab-org/gitlab@41196db8017bfc191ae11fdfd1b0eed2eeb78428) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144452)) **GitLab Enterprise Edition**
- [MR approval widget: Fix alignment](gitlab-org/gitlab@eb905a344ea9e7db5fce3d48756739bc2801a148) ([merge request](gitlab-org/gitlab!144465))
- [MR ready message: Fix alignments](gitlab-org/gitlab@ae428ea4f4c01475082013914b506a359a2a1b2f) ([merge request](gitlab-org/gitlab!144462))
- [Update UI text with purchasing instructions](gitlab-org/gitlab@f8a14f17473f072b95e7a5b49ae06b99505e8318) ([merge request](gitlab-org/gitlab!144275)) **GitLab Enterprise Edition**
- [Migrate todos empty state component](gitlab-org/gitlab@1f0909949255acc5404ee3d0c2a139d31ca70e90) ([merge request](gitlab-org/gitlab!144083))
- [Migrate applications empty state component](gitlab-org/gitlab@bf351b1f3a0d9585e2d8ab763b3f51a67f2318cc) ([merge request](gitlab-org/gitlab!144069))
Removed (24 changes):
- [Remove auto fix worker with migration](gitlab-org/gitlab@ed2b69bdf691791ef760b63889adf832bd609025) ([merge request](gitlab-org/gitlab!147051))
- [Remove issues_completed_analytics_feature_flag FF](gitlab-org/gitlab@d8e43c2d9945088cbb3392f1cf6765dfafd75569) ([merge request](gitlab-org/gitlab!146766))
- [Remove unused EOA bronze banner code and feature flag](gitlab-org/gitlab@0706b210dbac418f5243b7003d51b4d4c674c7e2) ([merge request](gitlab-org/gitlab!146309))
- [Remove use_primary_for_update_computations FF](gitlab-org/gitlab@c5b800f6712e0427e54a84542ad51024a94f96c1) ([merge request](gitlab-org/gitlab!146287))
- [Remove ci_catalog_components_tab](gitlab-org/gitlab@094eff85500582bd06f300ed0010542b93e13366) ([merge request](gitlab-org/gitlab!146224))
- [Remove obsolete logic behind a feature flag](gitlab-org/gitlab@91941eb9bae3996aad91b019b4f54a1101b7fc9a) ([merge request](gitlab-org/gitlab!146188))
- [Drop `third_party_ai_features_enabled` column](gitlab-org/gitlab@6622480255721cf65cc381fbb8c1a219f1138817) ([merge request](gitlab-org/gitlab!145210))
- [Remove delayed project/group columns](gitlab-org/gitlab@d8fcdb1c1e58f15ca522ceb7f6fda91dade2676c) by @imskr ([merge request](gitlab-org/gitlab!144347))
- [Geo DB migrations to remove force_to_redownload column from 5 tables](gitlab-org/gitlab@e35e9f05db2e24e3607aafa2affafb70072061f3) ([merge request](gitlab-org/gitlab!144824)) **GitLab Enterprise Edition**
- [Drop temporary index on vulnerabilities table](gitlab-org/gitlab@35a3978a5664f26ae22b4707f4ffcd3c9bc3f8c6) ([merge request](gitlab-org/gitlab!143338))
- [Drop project_repository_states table](gitlab-org/gitlab@f36ef30b0a65efc88a2157612e89df587e4bcb36) ([merge request](gitlab-org/gitlab!145195))
- [Remove build hooks worker and associated code](gitlab-org/gitlab@543286bcf0a5f48a8576ecd6900f8a3735583337) by @Varedis ([merge request](gitlab-org/gitlab!144965))
- [Remove old finding modal from MR security widget](gitlab-org/gitlab@889c831d5400dc9a24dc3d8d89a4a8d34aa678d4) ([merge request](gitlab-org/gitlab!144341)) **GitLab Enterprise Edition**
- [Remove deprecated /code_suggestions/tokens endpoint](gitlab-org/gitlab@2e6e1b2a4b094678605556ec5d2a75108ca087ce) ([merge request](gitlab-org/gitlab!145052)) **GitLab Enterprise Edition**
- [Remove the user_interacted_projects table](gitlab-org/gitlab@8a280cc82aac0bc2e1db8880afe78a6b2ee7b51e) by @missy-davies ([merge request](gitlab-org/gitlab!139630))
- [Remove license_compliance_widget_category feature flag](gitlab-org/gitlab@7f9371979d149406a9fa1c0926101de11b6a1730) ([merge request](gitlab-org/gitlab!144989))
- [Remove upload_ready from pages deployment](gitlab-org/gitlab@b377d57acc7546240614be2b49b850bd2914ca31) by @imskr ([merge request](gitlab-org/gitlab!144962))
- [Removing feature flag audit_events_streaming_namespace_filter](gitlab-org/gitlab@5771e1e6a0567a33f03024c0c650a9fd35349388) ([merge request](gitlab-org/gitlab!144043)) **GitLab Enterprise Edition**
- [refactor: Drop col 'package_name_pattern_ilike_query' Part 2](gitlab-org/gitlab@3ba3e9b1ad96291295e0f88e42fc5973682ba6ae) by @gerardo-navarro ([merge request](gitlab-org/gitlab!142303))
- [Remove deprecated BulkImports::StuckImportWorker](gitlab-org/gitlab@122b73c8668fed51502fd3fef0629d69186709d3) ([merge request](gitlab-org/gitlab!143806))
- [Drop product_analytics_events_experimental table](gitlab-org/gitlab@93093d2bf1f30059421fe181b54e1d06c7ead8f4) ([merge request](gitlab-org/gitlab!144626))
- [Remove ci_guard_for_catalog_resources ff](gitlab-org/gitlab@c78d549c9134e3ad881b9a1b188f0ed7f58ee155) ([merge request](gitlab-org/gitlab!144583))
- [Delete the usage_data_api feature flag](gitlab-org/gitlab@b9376c3aa14676463d0d82c3807ade22b966f7bb) ([merge request](gitlab-org/gitlab!143973))
- [Clean up SafelyChangeColumnDefault for CI models](gitlab-org/gitlab@f8c38e13fb26516855a3efc35de195e55962af11) by @imskr ([merge request](gitlab-org/gitlab!143058))
Security (15 changes):
- [Filter SAML saml_response](gitlab-org/gitlab@010d0a2266d27c6a53ccbbb008fb8fd9bba6f95b) ([merge request](gitlab-org/gitlab!146454))
- [Add client-side detection for GitLab tokens](gitlab-org/gitlab@74f56ea7291084db2cb54dd0335adfbdbac5c749) ([merge request](gitlab-org/gitlab!146757))
- [Reset approvals when reopening a MR](gitlab-org/gitlab@8ba5fe64e3d3b62fc8acbecbd2dd99df5694a8c7)
- [Restrict group token rotation for custom roles](gitlab-org/gitlab@18abfbc075083ec0921d47056c185f01478eaf0c)
- [Update rack to v2.2.8.1](gitlab-org/gitlab@4df84ee731b04079ccad24fb8327e0107abcb0eb) ([merge request](gitlab-org/gitlab!145473))
- [Ensure LDAP user cannot sign in with password](gitlab-org/gitlab@98fd29b8beb2d72adbb194f424eddbdd591a7e8d)
- [Invalidate markdown cache to clear up stored XSS](gitlab-org/gitlab@adec203de57cd370ee9985607919a3e48bc808d1)
- [Ensure LDAP users cannot reset local password to bypass LDAP](gitlab-org/gitlab@7a15c7669cbb8dc6bbd83ea0440b83fc9c8c7ca4)
- [Add a limit to CodeOwners reference extractor regex](gitlab-org/gitlab@17b51afe3c586b73d3933d93352ac722db6c2510)
- [Adds authorization for analytics settings](gitlab-org/gitlab@eaff749ab0ff501f1eae69ef7f3d5a141c02924c)
- [Fix Stored-XSS in user's profile page: Change markup used for pronouns](gitlab-org/gitlab@3672795fc9a3f5e4768320a53cad40d209afe3da)
- [Check project read access in Environments and Operations dashboard](gitlab-org/gitlab@b1a317f836d862f6c0872a3889a36285216f8482)
- [Disallow assigning higher role than current user](gitlab-org/gitlab@87273243752ebef58fda6bfdcb2be685e7318200)
- [Disallow users to modify deploy key title](gitlab-org/gitlab@200f3fe6905bb48dfd4517d98461ad935ec702c2)
- [Use merge_head_diff for codeowners when merge request is mergeable](gitlab-org/gitlab@7457a15973e913719461c0630d27c34b1dfae368)
Performance (16 changes):
- [Use the AvatarCache for commits/events](gitlab-org/gitlab@581403c153acbdc1d1e322cd29d65d5b892e27cf) ([merge request](gitlab-org/gitlab!144739))
- [Reduce N+1 queries when approvals by committers are not allowed](gitlab-org/gitlab@9e7ef142b35f44ae5d559be9411e7047b148de8f) ([merge request](gitlab-org/gitlab!146297)) **GitLab Enterprise Edition**
- [Fix N+1 problems in Groups API](gitlab-org/gitlab@b34d6d8baa9f1702c3ba65324dfefa59059319ef) ([merge request](gitlab-org/gitlab!145906)) **GitLab Enterprise Edition**
- [refactor: Debounce GET requests for notes after submitting MR review](gitlab-org/gitlab@624ee38a5be85050c3b25f5521f2d48b6e572dd4) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145177))
- [RegisterJobService will use partition pruning](gitlab-org/gitlab@ce908573c8a06bb242703bacf8148a72410f2d8d) ([merge request](gitlab-org/gitlab!145861))
- [Enable ci_parallel_remote_includes feature flag](gitlab-org/gitlab@fb8c2c6f5e500012cbea05e9af0912f68c870cf8) ([merge request](gitlab-org/gitlab!145784))
- [Remove duplicated indexes for source code](gitlab-org/gitlab@927cdb8b48303e59b64c576960393b998c0bb50d) ([merge request](gitlab-org/gitlab!145534))
- [Remove FF reading p_ci_pipeline_variables](gitlab-org/gitlab@383397e44a6a5f583bab1cfc4e8c6296c5f73991) ([merge request](gitlab-org/gitlab!145374))
- [Reduce N+1 queries when approvals by committers are not allowed](gitlab-org/gitlab@dcf09018965e1c356a8680fa77bedbcfbd9e1685) ([merge request](gitlab-org/gitlab!144860)) **GitLab Enterprise Edition**
- [Reduce N+1 queries when MRs has blocking MRs](gitlab-org/gitlab@ff912fd563fb49120ad8f9b061cc937228bea272) ([merge request](gitlab-org/gitlab!144944)) **GitLab Enterprise Edition**
- [Skip status preloads in pipeline lists](gitlab-org/gitlab@0a426914445e111a1243aff912e058f3801c860c) ([merge request](gitlab-org/gitlab!144783))
- [Cache private email regex for a request](gitlab-org/gitlab@46489a0f94596510475fe302fef714c43db15555) ([merge request](gitlab-org/gitlab!144644))
- [Remove unused index on ci_pipeline_metadata](gitlab-org/gitlab@bbb4eb3f5f65a30c6bfec7a4addf8cc6771c9dcf) ([merge request](gitlab-org/gitlab!140608))
- [Stop calculating if blob is binary on creation](gitlab-org/gitlab@df1a89383d09669270f1f98d5f13571124cb92a0) ([merge request](gitlab-org/gitlab!144115))
- [Removing FF track_ci_build_created_internal_event](gitlab-org/gitlab@1cba51150c772c0a6e07b471db6056a91f875c15) ([merge request](gitlab-org/gitlab!144091))
- [Preload downstream pipelines when serializing bridge jobs](gitlab-org/gitlab@45883cb4df3a2a62ab5e90f0f4c0917d7043c3f6) ([merge request](gitlab-org/gitlab!143546))
Other (120 changes):
- [Remove `compliance_framework_report_ui` feature flag](gitlab-org/gitlab@f613bc6d34c2d06c027b0ea9b423cfebed5c69cf) ([merge request](gitlab-org/gitlab!147042)) **GitLab Enterprise Edition**
- [refactor: Fix typo in code](gitlab-org/gitlab@696d38721bccfe93cb6fbfc4dad106291ab940b5) by @gerardo-navarro ([merge request](gitlab-org/gitlab!147081))
- [Revert "Merge branch..."](gitlab-org/gitlab@07745e093497fc85d43387112cd0decee98d975f) ([merge request](gitlab-org/gitlab!147061))
- [Update job_artifacts queries to use partition_id filter](gitlab-org/gitlab@3699e9824f98e9b462553413595848dadf8a4286) ([merge request](gitlab-org/gitlab!145522))
- [Fix Workhorse linter warnings](gitlab-org/gitlab@a7d7e7d52cca84a836d6d986189f982f7fe4de95) ([merge request](gitlab-org/gitlab!146871))
- [Revert changes to import stages](gitlab-org/gitlab@fe80668eb8b0ec3d57fb32891ddd204b1951b65c) ([merge request](gitlab-org/gitlab!146812))
- [Migrate table to gl-table](gitlab-org/gitlab@26bc530f6ea4685f515e5808392f697e65d2728e) by @hsbhangu ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145618)) **GitLab Enterprise Edition**
- [Enables lock_retries by default in migrations](gitlab-org/gitlab@65ad9d77344fee470c4f8f39344df805888df518) ([merge request](gitlab-org/gitlab!135808))
- [Add cell local schema](gitlab-org/gitlab@631e338e7f169493f0236a3d1e29bb677b8dd0d3) ([merge request](gitlab-org/gitlab!146496))
- [refactor: Fix rubocop todos for maven package files](gitlab-org/gitlab@d1f395b6288fb3655849b9bbade03729aa3e23ee) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145951))
- [Add missing sharding keys](gitlab-org/gitlab@121941b96e717d4a29a10b9bff1868345d473370) ([merge request](gitlab-org/gitlab!146607))
- [Clean up tmp FKs p_ci_stages](gitlab-org/gitlab@9fc2f3468fb97ca2714c39a21ec6c847d9403c0d) ([merge request](gitlab-org/gitlab!146598))
- [Add and validate FKs to p_ci_stages](gitlab-org/gitlab@0a63fc972c8ce42a02e90ad21421a021b04f1a80) ([merge request](gitlab-org/gitlab!146459))
- [Protected packages: Show alert message on fetching error](gitlab-org/gitlab@4aea495dcf70ab58860d5fd8e1d6af5306ac8bfb) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146473))
- [Clean up current_organization_middleware feature flag](gitlab-org/gitlab@8e9aecabb2ddedfec3695b1b08a58370a7d8103b) ([merge request](gitlab-org/gitlab!146527))
- [Validate uniqnuess of member role name](gitlab-org/gitlab@4af14e2cd1b78a7ac1fb72c93d29669b0a29c298) ([merge request](gitlab-org/gitlab!145294))
- [chore: Remove sidekiq_job_completion_metric_initialize feature flag](gitlab-org/gitlab@0ae3e714c0a3620460e463fb1b71f43f80027554) ([merge request](gitlab-org/gitlab!146497))
- [Improve handling group_path param](gitlab-org/gitlab@b04c7baf3c1100ef13a5df1d3d230e53ccc35442) ([merge request](gitlab-org/gitlab!145511))
- [Remove `security_findings_finder_lateral_join` FF](gitlab-org/gitlab@575962a50408eed8434414abaa5c4d24a9fc4381) ([merge request](gitlab-org/gitlab!145754)) **GitLab Enterprise Edition**
- [refactor: Fix rubocop issues in Pypi::CreatePackageService](gitlab-org/gitlab@726376b6dd7ddf062cb82bd9bbde35eb02c4605e) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146403))
- [Remove cron schedule for removed job](gitlab-org/gitlab@60525d4cc87554e7c0c456c6abd2c3d1202c919f) ([merge request](gitlab-org/gitlab!145938))
- [Protected packages: Return ServiceResponse for CreateMavenPackageService](gitlab-org/gitlab@951bc970ce553709d02cf81caada5a6b3cc51253) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145076))
- [Remove assign_compliance_project_service feature flag](gitlab-org/gitlab@212283a3a27ee58c0ff2ffc6a47e2325403044c8) ([merge request](gitlab-org/gitlab!146331)) **GitLab Enterprise Edition**
- [Add cluster wide schema](gitlab-org/gitlab@206a512b463161dc5f5e274563a6809bf0e10aeb) ([merge request](gitlab-org/gitlab!146345))
- [Remove resolve_organization_groups feature flag](gitlab-org/gitlab@863cfe276028e69d9f88007967e777d1b29a743f) ([merge request](gitlab-org/gitlab!146320))
- [Backup and remove orphaned notes](gitlab-org/gitlab@ffcb25747f5794aaec5f64bfd89c92c3727d4f15) ([merge request](gitlab-org/gitlab!146023))
- [Backfill onboarding_status_step_url from orginal column](gitlab-org/gitlab@2ad007b5c1af1a973603f45a7219b3cc964426f1) ([merge request](gitlab-org/gitlab!145041))
- [Remove project_path_sort feature flag](gitlab-org/gitlab@0fbb3b34f341c0a22b9e182e3a06d5ae26de3157) ([merge request](gitlab-org/gitlab!146179))
- [Add sharding keys for application_instrumentation](gitlab-org/gitlab@756debd91cb6298d779ae308cfcc790eb19c468c) ([merge request](gitlab-org/gitlab!143308))
- [refactor: Fix rubocop issues for Npm::CreatePackageService](gitlab-org/gitlab@d2f2ef494f0822c0efb0e2fc62c5fdd81822543c) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146098))
- [Use defined table header across the module](gitlab-org/gitlab@54781db8307169aaa0e5627fd675f9c991841e2e) ([merge request](gitlab-org/gitlab!145412)) **GitLab Enterprise Edition**
- [Replace FKs for p_ci_stages](gitlab-org/gitlab@f07c52a3db3199d3ae36542dab25d47615e367e3) ([merge request](gitlab-org/gitlab!145899))
- [Add database transaction duration to logs](gitlab-org/gitlab@c80306a326e55b131b919f7bac80bc3ba0bdf72a) ([merge request](gitlab-org/gitlab!145775))
- [Add cell scope with sharding key](gitlab-org/gitlab@a8dfef77479f503b243b288d4ae1468aa7150bd6) ([merge request](gitlab-org/gitlab!146039))
- [Add next desired sharding keys for dynamic_application_security_testing](gitlab-org/gitlab@966fbc0df2ba1b892fdcda464d644675f163165f) ([merge request](gitlab-org/gitlab!145249))
- [Add next desired sharding keys for code_review_workflow](gitlab-org/gitlab@b0c6247a455f8bbb46e95aa7aecab8562b9bf6f2) ([merge request](gitlab-org/gitlab!146029))
- [Update schemas and shared keys for source_code_management](gitlab-org/gitlab@dce38caea6e92d926c7640c7bb240dca5bd35be8) ([merge request](gitlab-org/gitlab!144014))
- [Use data-testid instead of js- class for project approvals](gitlab-org/gitlab@746490b79cd9c9ba299eb5c47dadf67f1c9f99d8) ([merge request](gitlab-org/gitlab!145236)) **GitLab Enterprise Edition**
- [Remove geo_proxy_check_pipeline_refs feature flag](gitlab-org/gitlab@92929c83dcd47dc2980d8c35fca7c7d7a5dd0dfb) ([merge request](gitlab-org/gitlab!145864)) **GitLab Enterprise Edition**
- [Add visibility_level to organizations](gitlab-org/gitlab@edd4f2c77d8e8edec18a9d2fdc1580715dd2a307) ([merge request](gitlab-org/gitlab!145606))
- [Migrate search empty states and update banner illustration](gitlab-org/gitlab@fe7193e9efc74e00e893b667b4c4647da7eedb43) ([merge request](gitlab-org/gitlab!145191))
- [Add self-managed migration](gitlab-org/gitlab@32ba10481eb050b79504d805e18fa75cffec1619) ([merge request](gitlab-org/gitlab!144953))
- [Add cluster_wide schema to add_ons](gitlab-org/gitlab@064e0550359b5cfcbaa185c4278f32df843488f3) ([merge request](gitlab-org/gitlab!145824))
- [Update remote mirror failure email](gitlab-org/gitlab@c6b5161e6e268ae49708537899f2d11b54461627) ([merge request](gitlab-org/gitlab!145808))
- [Change gitlab_schema for user_credit_card_validations](gitlab-org/gitlab@e82cebd9b483d332f539276808c24753dc98a48f) ([merge request](gitlab-org/gitlab!145426))
- [Add clusterwide schema](gitlab-org/gitlab@2f7151569970d3cc244051219b338ff1c861cd3e) ([merge request](gitlab-org/gitlab!145673))
- [Ensure ID uniqueness on p_ci_stages](gitlab-org/gitlab@13af4ccec70624cf816ee682df8f3f38db9b5cf3) ([merge request](gitlab-org/gitlab!145778))
- [Enforce not-null constraint vs_code_settings uuid](gitlab-org/gitlab@040e9503ad3e79c2378b1873eed894be9c2f57c5) ([merge request](gitlab-org/gitlab!145427))
- [Remove identity_verification_auto_ban feature flag](gitlab-org/gitlab@806a5188e05f82c746eb79390422acc0cc580ead) ([merge request](gitlab-org/gitlab!145781)) **GitLab Enterprise Edition**
- [Making a quick action spec rely less on the frontend](gitlab-org/gitlab@48ec55748fad7eb0084a2b894fd0dbadefb4d969) ([merge request](gitlab-org/gitlab!142236))
- [Update Transfer Data project blueprint with new Clickhouse fields](gitlab-org/gitlab@7217f644fbe19cac2d6429df626d6ad344ee40a2) ([merge request](gitlab-org/gitlab!145675))
- [Allowing cross db transactions and joins between clusterwide and main](gitlab-org/gitlab@d292da30656bb010d26d3b0da102f22b6886fb59) ([merge request](gitlab-org/gitlab!145669))
- [Add and backfill project_id for cluster_agent_tokens](gitlab-org/gitlab@485282ac8e4289f116c3fc77efee8b6850bd9968) ([merge request](gitlab-org/gitlab!144939))
- [Delete service_desk_vue_list feature flag](gitlab-org/gitlab@58efa1d0f78a48371a2378d269d12651471d87db) ([merge request](gitlab-org/gitlab!144782))
- [Remove cron schedule for removed job](gitlab-org/gitlab@e8b6e3c14032385defacd72255aba1114221e4fd) ([merge request](gitlab-org/gitlab!145633))
- [Create routing table for ci_stages](gitlab-org/gitlab@ba2318027315fd2cddcbc014e3c6ed5941c8a0d8) ([merge request](gitlab-org/gitlab!145217))
- [Remove cron schedule for removed job](gitlab-org/gitlab@69ee1ebf4ca5fc26347ea6e339e2d95f5ad90dc7) ([merge request](gitlab-org/gitlab!145248))
- [Fix secret config validation](gitlab-org/gitlab@3b20dc278580bfe138d461daad0582131b948763) by @alberts-gitlab ([merge request](gitlab-org/gitlab!145490))
- [Remove arkose_labs_oauth_signup_challenge feature flag](gitlab-org/gitlab@792f0612de2e77d81a0e16f4bc3da608cba7e915) ([merge request](gitlab-org/gitlab!145225)) **GitLab Enterprise Edition**
- [Allow to persist Clickhouse state](gitlab-org/gitlab@5c814099985ff577f48a597059f64e4d67df5174) ([merge request](gitlab-org/gitlab!144918))
- [Remove `sync_project_archival_status_to_sbom_occurrences` feature flag](gitlab-org/gitlab@107d31db9b8595f97f64c4908ab46e55309b6fc7) ([merge request](gitlab-org/gitlab!145419)) **GitLab Enterprise Edition**
- [Introduce empty_tree_id to correctly work with SHA256 repository](gitlab-org/gitlab@bfab8988d9cf7712dc8e6b6b217bb7c04dc21efe) ([merge request](gitlab-org/gitlab!144494))
- [Refactor planning component currency symbol](gitlab-org/gitlab@c675d2173a23bbfbb5883ef686e7fd833190e1f4) by @chaomao ([merge request](gitlab-org/gitlab!145378)) **GitLab Enterprise Edition**
- [Remove `group_level_dependencies_filtering` feature flag](gitlab-org/gitlab@500892480ccf798e07654b86e64b57b46902b35c) ([merge request](gitlab-org/gitlab!144672)) **GitLab Enterprise Edition**
- [test: Fix wrong param for shared example 'error service response'](gitlab-org/gitlab@9103ced153fa5c901deae045c14b5451ed5957d4) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145134))
- [Clean up tmp FKs p_ci_job_artifacts](gitlab-org/gitlab@e97208ffe95e4d29619061623b39177290cf32a2) ([merge request](gitlab-org/gitlab!145216))
- [Remove enable_new_sentry_clientside_integration](gitlab-org/gitlab@c54585488ccd84b2e0a738e41fea5c69a7068f5c) ([merge request](gitlab-org/gitlab!145276))
- [Add ClusterRepositoryCache class for migration](gitlab-org/gitlab@147ddbd512dc9e2ec5686e4d16bcd8168bebb242) ([merge request](gitlab-org/gitlab!144548))
- [Finalize backfill vs_code_settings column migrations](gitlab-org/gitlab@46a38c5d8ce1bf0a2d18d310ac94d10d5beab2de) ([merge request](gitlab-org/gitlab!145138))
- [Remove arkose_labs_trial_signup_challenge feature flag](gitlab-org/gitlab@1df16b97529aa3f0b0f0e2b86c11818e86af32cc) ([merge request](gitlab-org/gitlab!144834)) **GitLab Enterprise Edition**
- [Add next desired sharding keys for package_registry](gitlab-org/gitlab@ff7c2b5abd423d2333b7b908a16448da14c2dffd) ([merge request](gitlab-org/gitlab!145254))
- [Add next desired sharding keys for importers](gitlab-org/gitlab@76a2e668305ed30e3da9608f7af8d992552fd215) ([merge request](gitlab-org/gitlab!145252))
- [Add next desired sharding keys for feature_flags](gitlab-org/gitlab@818efece04995d92ffd2f7dfcee0db6b74a9111f) ([merge request](gitlab-org/gitlab!145251))
- [Add next desired sharding keys for source_code_management](gitlab-org/gitlab@3c42ee7b0207f258ef7c429315205adad5c8a62c) ([merge request](gitlab-org/gitlab!145250))
- [Cleanup bigint conversion for system_note_metadata](gitlab-org/gitlab@5c0539a14db6da96acdda5ed337afe9c9069353e) ([merge request](gitlab-org/gitlab!145125))
- [test: Refactor tests to leverage service response shared examples](gitlab-org/gitlab@175d0d1f31090dca7762005ebb8ab95a11edf428) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145156))
- [Drop use_sync_service_token_worker FF](gitlab-org/gitlab@eae7739ac1c5d0eee0e78f53cbb19e87f34816ae) ([merge request](gitlab-org/gitlab!144871))
- [Validate FKs p_ci_job_artifacts self managed](gitlab-org/gitlab@6f2cb0fa3d3537c7b70a028cd3e09ef1e7ac2fa8) ([merge request](gitlab-org/gitlab!145111))
- [Remove feature flag ci_workflow_auto_cancel_on_new_commit](gitlab-org/gitlab@2933c5f713b4fb5146b228bcf0dfcbc243d264cb) ([merge request](gitlab-org/gitlab!145144))
- [Prepare partitioning constraint for ci_stages](gitlab-org/gitlab@0bd2a03b743d0360a45f42685106a5004abdec6a) ([merge request](gitlab-org/gitlab!145109))
- [Add temporary index for locating orphaned notes](gitlab-org/gitlab@d562735b899e4840cb2297022d2ebb0d83e0f14d) ([merge request](gitlab-org/gitlab!143928))
- [Remove references to code suggestions group setting](gitlab-org/gitlab@11753521b2d89348558b147ca5982eafca2ea238) ([merge request](gitlab-org/gitlab!145043)) **GitLab Enterprise Edition**
- [Remove update_organization_users feature flag](gitlab-org/gitlab@ae9679c3c3abb92dd7f5902f48db040f802837de) ([merge request](gitlab-org/gitlab!144997))
- [Add self-managed migration](gitlab-org/gitlab@b23c24529147cfbf081d36798b821327be5f8289) ([merge request](gitlab-org/gitlab!142037))
- [Use UpdateService, add more spec coverage](gitlab-org/gitlab@6e0431b9e7ede3594f4032fa2a03bbe819b6fb7f) ([merge request](gitlab-org/gitlab!144800)) **GitLab Enterprise Edition**
- [Clean up self-hosted sent_notifications bigint](gitlab-org/gitlab@5c412bfd9627abd764725dee631cf4dbf37ef377) ([merge request](gitlab-org/gitlab!142965))
- [Add desired sharding keys for importers](gitlab-org/gitlab@989706b5b11fc621265f5947113f995ab3b5d7e7) ([merge request](gitlab-org/gitlab!144856))
- [Add desired sharding keys for team_planning](gitlab-org/gitlab@5b25063b60e1edf94d4300bdc4c87fb77526cdc2) ([merge request](gitlab-org/gitlab!144855))
- [Remove FF dependency_scanning_on_advisory_ingestion](gitlab-org/gitlab@43f385c185b094b8ec874d5c7123dcf9e78db63c) ([merge request](gitlab-org/gitlab!144546)) **GitLab Enterprise Edition**
- [Remove proxy-through-com logic for CS](gitlab-org/gitlab@b76a68ce0b1dd827107ad78124a7079565d09586) ([merge request](gitlab-org/gitlab!144721))
- [Add violation_data to scan_result_policy_violations](gitlab-org/gitlab@2210af36a7988cc2bfe9817851aa51c576603c2b) ([merge request](gitlab-org/gitlab!144504))
- [Update the Kaniko template to make the job be extendible](gitlab-org/gitlab@62fbbb77c3c81cbabed7199824c032c3125ed522) by @kjetilho ([merge request](gitlab-org/gitlab!144352))
- [Ensure uniqueness p_ci_job_artifacts IDs](gitlab-org/gitlab@7433b17f0f311d289aaa1577c4d9b9893674058a) ([merge request](gitlab-org/gitlab!144574))
- [Rename CreateEmptyEmbeddingsRecordsWorker](gitlab-org/gitlab@d8c24152743d7d5cc00c034ab9db9bcdb9db419a) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144374)) **GitLab Enterprise Edition**
- [Add transaction check to ExclusiveLease](gitlab-org/gitlab@21994f1f62f70a3afc55b505a980ab517a016aa3) ([merge request](gitlab-org/gitlab!143321))
- [Remove ignore_column for project_import_level](gitlab-org/gitlab@f4891f738ef3ff0b9787a991c9a2277badcc1e00) ([merge request](gitlab-org/gitlab!144662))
- [Remove security_policies_sync_preexisting_state feature flag](gitlab-org/gitlab@331e33a9347988917ba2137535799e783af19ca6) ([merge request](gitlab-org/gitlab!144531)) **GitLab Enterprise Edition**
- [Fixes for MR Widget implementation and tests to support Vue compat](gitlab-org/gitlab@2cd2f8a45d2adb65638ea55480ca9943be2610d7) ([merge request](gitlab-org/gitlab!143485))
- [Remove unused code](gitlab-org/gitlab@29bb77e3c5b39706df09cc9906548598fe12d998) ([merge request](gitlab-org/gitlab!144604))
- [Rename EMPTY_TREE_ID constant](gitlab-org/gitlab@4babc79beb27c03c56301e40a047a243a2d71dee) ([merge request](gitlab-org/gitlab!144579))
- [Remove feature flag "store_object_format"](gitlab-org/gitlab@727577987734e018c0baa1c63d799de726a9f5a2) ([merge request](gitlab-org/gitlab!144628))
- [Update "Duo Pro" copy to "GitLab Duo Pro" in UI](gitlab-org/gitlab@f5ef5367a2a7fc39cea07afdbb5acac7a32f3da6) ([merge request](gitlab-org/gitlab!144461)) **GitLab Enterprise Edition**
- [Add patch for find_or_create_by](gitlab-org/gitlab@18e1855d5fd5f7e22c58a40fdf6f16540291185d) ([merge request](gitlab-org/gitlab!144457))
- [Add desired sharding keys for security_policy_management](gitlab-org/gitlab@3abb5e86fbcc4a7a59c59c08b671cdf49f659c9b) ([merge request](gitlab-org/gitlab!144470))
- [Remove feature flag security_policies_unenforceable_rules_notification](gitlab-org/gitlab@ab7862f7585854e48ad7cf28e1f530b3c8b64f4e) ([merge request](gitlab-org/gitlab!144468)) **GitLab Enterprise Edition**
- [Finalize UpdateDelayedProjectRemovalToNullForUserNamespaces migration](gitlab-org/gitlab@71bb14cb07479c40b8986c68dd7c9a388d8c91b7) ([merge request](gitlab-org/gitlab!144361))
- [Cleanup geo_pipeline_replication feature flag](gitlab-org/gitlab@32fb7a3ccc2d97bfeb60048b8519272e66015bc2) ([merge request](gitlab-org/gitlab!144549)) **GitLab Enterprise Edition**
- [Include prepared_at in the MR hook data](gitlab-org/gitlab@9cc77b735f037c2bd849b9fb76ca3435d4343080) ([merge request](gitlab-org/gitlab!143998))
- [Cleanup search_filter_by_ability feature flag](gitlab-org/gitlab@71c98ac1a359d099528b89d41aa3022abe0def72) ([merge request](gitlab-org/gitlab!144537)) **GitLab Enterprise Edition**
- [Add desired sharding keys for package_registry](gitlab-org/gitlab@530a5b438891aedf7a92ae414bb81e5d4eb0adc6) ([merge request](gitlab-org/gitlab!144476))
- [Add desired sharding keys for feature_flags](gitlab-org/gitlab@5f02c416dd9bad120799a2076dc6e262513cf6ff) ([merge request](gitlab-org/gitlab!144475))
- [Add desired sharding keys for dynamic_application_security_testing](gitlab-org/gitlab@f719300dc0cbafcee93776fa9b66800f14243b38) ([merge request](gitlab-org/gitlab!144474))
- [Add desired sharding keys for geo_replication](gitlab-org/gitlab@e5583c5d337ab47b8021c50f43cb0c0aa59d582e) ([merge request](gitlab-org/gitlab!144471))
- [Remove ci_job_token_groups_allowlist feature flag](gitlab-org/gitlab@1e192a7dcd317594757abebcf4f9872315e924ac) ([merge request](gitlab-org/gitlab!144258))
- [Add desired sharding keys for secrets_management](gitlab-org/gitlab@21d4784a4cf8162625aaf8e613935a648de56989) ([merge request](gitlab-org/gitlab!144211))
- [Remove select_ancestors_of_paginated_items feature flag](gitlab-org/gitlab@2bb9c584820424e33bca0524ebe2d49bd4ea29e3) ([merge request](gitlab-org/gitlab!143636))
- [Add sharding keys for auto_devops](gitlab-org/gitlab@320db1b8da1692fc61bc89f1c4b4e23dc87d0f00) ([merge request](gitlab-org/gitlab!143307))
- [Add sharding keys for code_review_workflow](gitlab-org/gitlab@f0ad99cc932bd74a5d02de99ee62651b32a34af2) ([merge request](gitlab-org/gitlab!143310))
- [Add sharding keys for system_access](gitlab-org/gitlab@62c2fd4788e62e46f1469e2f18d178840e8e3df2) ([merge request](gitlab-org/gitlab!142501))
- [Add sharding keys for purchase](gitlab-org/gitlab@9c3843da74714c72483c17489d5d3d68ceffd2c8) ([merge request](gitlab-org/gitlab!142505))
Grafana v10.3.5
Features and enhancements:
- **Postgres:** Allow disabling SNI on SSL-enabled connections. [#84259], [@papagian]
Bug fixes:
- **Snapshots:** Require delete within same org . [#84707], [@ryantxu]
- **Elasticsearch:** Fix legend for alerting, expressions and previously frontend queries. [#84684], [@ivanahuckova]
- **Dashboard:** Fix issue where out-of-view shared query panels caused blank dependent panels. [#84196], [@kaydelaney]
- **Alerting:** Fix preview getting the correct queries from the form. [#81481], [@soniaAguilarPeiron]
v10.4.1
Features and enhancements:
- **Alerting:** Add "Keep Last State" backend functionality. [#84406], [@rwwiv]
- **Postgres:** Allow disabling SNI on SSL-enabled connections. [#84249], [@papagian]
- **DataQuery:** Track panel plugin id not type. [#83164], [@torkelo]
Bug fixes:
- **Elasticsearch:** Fix legend for alerting, expressions and previously frontend queries. [#84685], [@ivanahuckova]
- **Alerting:** Fix optional fields requiring validation rule. [#84595], [@gillesdemey]
- **ExtSvcAccounts:** FIX prevent service account deletion. [#84511], [@gamab]
- **Loki:** Fix null pointer exception in case request returned an error. [#84401], [@svennergr]
- **Dashboard:** Fix issue where out-of-view shared query panels caused blank dependent panels. [#84197], [@kaydelaney]
- **Auth:** Only call rotate token if we have a session expiry cookie. [#84181], [@kalleep]
- **Serviceaccounts:** Add ability to add samename SA for different orgs. [#83953], [@eleijonmarck]
- **GenAI:** Update the component only when the response is fully generated. [#83895], [@ivanortegaalba]
- **Tempo:** Better fallbacks for metrics query. [#83688], [@adrapereira]
- **Tempo:** Add template variable interpolation for filters. [#83667], [@joey-grafana]
- **Alerting:** Fix saving evaluation group. [#83234], [@soniaAguilarPeiron]
- **QueryVariableEditor:** Select a variable ds does not work. [#83181], [@ivanortegaalba]
- **Logs Panel:** Add option extra UI functionality for log context. [#83129], [@svennergr]
Jenkins 2.440.2
1. Add an Appearance category to the setup wizard. (pull 8822))
2. BootFailure subclasses can now override the Jenkins startup failure page. (pull 8442))
3. Reduce the window of time during which a crash may lead to an inconsistent state on Linux. (pull 8815))
4. Update the appearance of controls in header. (pull 8791))
5. Allow icon size to be changed in the node overview table. (pull 8802))
6. Remove code that may have caused an agent-side hang under a rare race condition. (Remoting PR 713))
7. Reduce the likelihood of thread creation errors on agents. (Remoting PR 717))
Jenkins 2.450
1. Add a computer icon legend and a new icon for agents that are not accepting tasks. (issue 69191))
2. Add components for dropdown items. Refer to the new Design Library Dropdowns page for implementation details. (pull 8827))
Prometheus v2.51.0
[CHANGE] Scraping: Do experimental timestamp alignment even if tolerance is bigger than 1% of scrape interval#13624,#13737
[FEATURE] Alerting: Relabel rules for AlertManagerConfig; allows routing alerts to different alertmanagers#12551,#13735
[FEATURE] API: add limit param to series, label-names and label-values APIs#13396
[FEATURE] UI (experimental native histograms): Add native histogram chart to Table view#13658
[FEATURE] Promtool: Add a "tsdb dump-openmetrics" to dump in OpenMetrics format.#13194
[FEATURE] PromQL (experimental native histograms): Add histogram_avg function#13467
[ENHANCEMENT] Rules: Evaluate independent rules concurrently#12946,#13527
[ENHANCEMENT] Scraping (experimental native histograms): Support exemplars#13488
[ENHANCEMENT] Remote Write: Disable resharding during active retry backoffs#13562
[ENHANCEMENT] Observability: Add native histograms to latency/duration metrics#13681
[ENHANCEMENT] Observability: Add 'type' label to prometheus_tsdb_head_out_of_order_samples_appended_total#13607
[ENHANCEMENT] API: Faster generation of targets into JSON#13469,#13484
[ENHANCEMENT] Scraping, API: Use faster compression library#10782
[ENHANCEMENT] OpenTelemetry: Performance improvements in OTLP parsing#13627
[ENHANCEMENT] PromQL: Optimisations to reduce CPU and memory#13448,#13536
[BUGFIX] PromQL: Constrain extrapolation in rate() to half of sample interval#13725
[BUGFIX] Remote Write: Stop slowing down when a new WAL segment is created#13583,#13628
[BUGFIX] PromQL: Fix wrongly scoped range vectors with @ modifier#13559
[BUGFIX] Kubernetes SD: Pod status changes were not discovered by Endpoints service discovery#13337
[BUGFIX] Azure SD: Fix 'error: parameter virtualMachineScaleSetName cannot be empty' (#13702)
[BUGFIX] Remote Write: Fix signing for AWS sigv4 transport#13497
[BUGFIX] Observability: Exemplars emitted by Prometheus use "trace_id" not "traceID"#13589
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Linux Kernel Vulnerabilities:
CVE-2024-2193
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed.
An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
Angular 17.3.0
COMPILER
COMPILER-CLI
CORE
HTTP
ROUTER
Activemq-6.1.0
Bug:
[AMQ-9399] - Clean-up OSGi headers for a couple modules
[AMQ-9405] - Supplied jetty.xml fails to load if ssl is enabled
[AMQ-9408] - Jolokia throws exception during Windows service startup
[AMQ-9418] - Support mapping jakarta -> javax exceptions in openwire
[AMQ-9419] - UnsupportedOperationException("createContext() is not supported")
[AMQ-9420] - KahaDB durable subscription stats can go negative on duplicate acks
[AMQ-9432] - WebSocket transports close connection after 30 seconds due to default Jetty idle timeout
[AMQ-9434] - Unable to start ActiveMQ on Linux when there is space in the folder path
[AMQ-9435] - KahaDB durable sub tracking breaks on duplicate messages
[AMQ-9436] - StoreQueueCursor creates different audits for persistent and non persistent cursors
New Feature:
[AMQ-9344] - Ability to configure a limit on uncommitted message count in a transaction
[AMQ-9397] - Update JDBC adapter mapping for MySQL 8 driver
Improvement:
[AMQ-9166] - Add destination field to Job
[AMQ-9431] - Don’t add Bouncycastle as Security Provider when found on the Classpath
[AMQ-9438] - FailoverTransport throws UnknowHostException on compareURIs
[AMQ-9450] - Expose Job Scheduler views with destination via JMX
Task:
[AMQ-9216] - Remove java.lang.SecurityManager usage from activemq-client as is removed in JDK 21
[AMQ-9299] - Unknown license gram dependency
[AMQ-9401] - Minor doc update referencing javax instead of jakarta
Dependency upgrade:
[AMQ-9396] - Upgrade to Spring 6.1.4
[AMQ-9402] - Upgrade to Shiro 1.13.0
[AMQ-9403] - Upgrade Jackson 2.16.0
[AMQ-9406] - Upgrade to Camel 4.2.0
[AMQ-9407] - Upgrade to log4j 2.22.0
[AMQ-9422] - 2024-01-29 Maven Plugin Updates
[AMQ-9423] - Upgrade Jetty 11.0.19
[AMQ-9424] - Upgrade Jackson 2.16.1
[AMQ-9425] - Upgrade slf4j 2.0.11
[AMQ-9426] - Upgrade jmdns 3.5.9
[AMQ-9427] - Upgrade log4j2 2.22.1
[AMQ-9428] - Upgrade commons-io 2.15.1
[AMQ-9429] - Upgrade commons-logging 1.3.0
[AMQ-9439] - Upgrade to log4j 2.23.0
[AMQ-9440] - Upgrade to Jetty 11.0.20
[AMQ-9443] - Upgrade to Camel 4.4.0
[AMQ-9446] - Upgrade to commons-lang 3.14.0
Ansible AWX 24.0.0
What's Changed:
AWX Operator:
Docker Compose v2.25.0
What's Changed
Fixes:
Improvements:
Internal:
Fluentd v1.16.4
Bug Fix:
* Fix to avoid processing discarded chunks in write_step_by_step. It fixes not to raise pile of IOError when many `chunk bytes limit exceeds` errors are occurred.
* in_tail: Fix tail watchers in `rotate_wait` state not being managed.
Misc:
* buffer: Avoid unnecessary log processing. It will improve performance.
Jenkins-2.449
1. Support Session ID for External Job Monitor to avoid HTTP 503 response. (pull 8825))
2. Allow recursive remote file copy even if local and remote nodes have incompatible character sets at binary level, e.g. ISO-8859-1 and CP-1047. (issue 72540))
3. Add "copy to clipboard" button to the build console output. (pull 8960))
4. Do not attempt to self-restart on operating systems where this is not supported. (issue 72833))
5. Fix a crash when restarting Jenkins on macOS. (issue 65911))
6. Update bundled Trilead API Plugin to 2.84.86.vf9c960e9b_458. (pull 9022))
7. Ensure threads in the Computer.threadPoolForRemotingexecutor service always have the Jenkins webapp ClassLoader set as the context ClassLoader to prevent random class loading issues when code is running in this ExecutorService. (issue 72796))
8. Add experimental APIs to control which agents are loaded and when. (pull 8979))
Kubernetes v1.27.12
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123771, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123765, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Storage]
Other (Cleanup or Flake):
- Build etcd image v3.5.12 (#123069, @bzsuni) [SIG API Machinery and Etcd]
Dependencies
Added:
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Kubernetes v1.28.8
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123772, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fix error when trying to expand a volume that does not require node expansion (#123055, @gnufied) [SIG Node and Storage]
- Fixed a bug that an init container with containerRestartPolicy with `Always` cannot update its state from terminated to non-terminated for the pod with restartPolicy with `Never` or `OnFailure`. (#123710, @gjkim42) [SIG Apps]
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Prevent watch cache starvation by moving its watch to separate RPC and add a SeparateCacheWatchRPC feature flag to disable this behavior (#123694, @mengqiy) [SIG API Machinery]
- Restore --verify-only function in code generation wrappers. (#123261, @skitt) [SIG API Machinery]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123764, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
Other (Cleanup or Flake):
- Build etcd image v3.5.12 (#123069, @bzsuni) [SIG API Machinery and Etcd]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Kubernetes v1.29.3
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123773, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fix error when trying to expand a volume that does not require node expansion (#123055, @gnufied) [SIG Node and Storage]
- Fixed a bug that an init container with containerRestartPolicy with `Always` cannot update its state from terminated to non-terminated for the pod with restartPolicy with `Never` or `OnFailure`. (#123709, @gjkim42) [SIG Apps]
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Prevent watch cache starvation by moving its watch to separate RPC and add a SeparateCacheWatchRPC feature flag to disable this behavior (#123693, @mengqiy) [SIG API Machinery]
- Restore --verify-only function in code generation wrappers. (#123261, @skitt) [SIG API Machinery]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123763, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
Other (Cleanup or Flake):
- Etcd: Update to version 3.5.12 (#123188, @bzsuni) [SIG API Machinery, Cloud Provider, Cluster Lifecycle and Testing]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Removed:
_Nothing has changed._
Kubernetes v1.26.15
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123762, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123767, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Storage]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
This week, read about:
Linux Kernel Vulnerabilities:
Angular 17.2.4
COMPILER-CLI
CORE:
Docker/compose 2.24.7
Fixes:
Improvements:
Internal:
Dependencies:
Changelog:
New Contributors:
Gitlab-foss 16.7.7
Fixed (1 change):
Security (1 change):
Fixed (3 changes):
Security (2 changes):
Fixed (2 changes):
Security (2 changes):
Grafana 10.3.4
Features and enhancements:
Bug fixes:
Breaking changes:
Features and enhancements:
Bug fixes
Breaking changes:
Plugin development fixes & changes:
Features and enhancements:
Bug fixes:
Features and enhancements:
Bug fixes:
Bug fixes:
Bug fixes:
Node.JS 21.7.1
Notable Changes:
Commits:
[0dfe810ac7] - benchmark: update iterations of benchmark/async_hooks/async-local- (Lei Shi) #51420
[625c9e0ac9] - benchmark: update iterations of benchmark/domain/domain-fn-args.js (Lei Shi) #51408
[7ff3551bad] - build: fix arm64 host cross-compilation in GN (Cheng Zhao) #51903
[fd86ea8b71] - Revert "build: workaround for node-core-utils" (Richard Lau) #51975
[23c32ab3a7] - build: respect the NODE env variable in Makefile (Antoine du Hamel) #51743
[9617adc064] - Revert "build: fix warning in cares under GN build" (Luigi Pinca) #51865
[5864534095] - deps: update nghttp2 to 1.60.0 (Node.js GitHub Bot) #51948
[fcf235d623] - doc: add policy for distribution (Geoffrey Booth) #51918
[87d2acc8b1] - doc: fix actual result of example is different in events (Deokjin Kim) #51925
[5908c121c6] - doc: clarify Corepack threat model (Antoine du Hamel) #51917
[20e0ba3b94] - doc,module: clarify hook chain execution sequence (Jacob Smith) #51884
[4d997971ac] - lib: make sure close net server (theanarkh) #51929
[fcc6d54aa3] - lib: return directly if udp socket close before lookup (theanarkh) #51914
[10aaabd158] - meta: bump github/codeql-action from 3.23.2 to 3.24.6 (dependabot[bot]) #51942
[78f38a0143] - meta: bump actions/upload-artifact from 4.3.0 to 4.3.1 (dependabot[bot]) #51941
[42ca5452c4] - meta: bump codecov/codecov-action from 4.0.1 to 4.1.0 (dependabot[bot]) #51940
[015a157375] - meta: bump actions/cache from 4.0.0 to 4.0.1 (dependabot[bot]) #51939
[e476cb4a32] - meta: bump actions/download-artifact from 4.1.1 to 4.1.3 (dependabot[bot]) #51938
[67e8001790] - meta: bump actions/setup-node from 4.0.1 to 4.0.2 (dependabot[bot]) #51937
[50343636e8] - src: fix --disable-single-executable-application (Joyee Cheung) #51808
[a48c9ca0db] - stream: do not defer construction by one microtick (Matteo Collina) #52005
[bee3b364f9] - test: add regression test for test_runner after hook (Colin Ihrig) #51998
[fff7f48f50] - test: reduce flakiness of test-runner-output (Antoine du Hamel) #51952
[57ba8f5acb] - test: fix flaky http-chunk-extensions-limit test (Ethan Arrowood) #51943
[9d2c03990a] - test: remove flaky designation (Luigi Pinca) #51736
[e992af81d3] - test: skip SEA tests when SEA generation fails (Joyee Cheung) #51887
[85aa6ca850] - Revert "test_runner: do not invoke after hook when test is empty" (Colin Ihrig) #5199
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Linux kernel vulnerabilities
Ansible-Core 2.16.4
Bugfixes:
Ansible AWX 23.9.0
What's Changed:
* Updated the release doc to check for awxkit tar files
* Removed `tower_legacy` module_utils that appears unused
* Added tests for websocket endpoints
* Disabled ``install_bundle`` endpoint for ingress node
* Updated release notes so they do not require maintenance
* Fixed problems with workflow nodes information section
* Labeled any changes to requirements folder with dependencies label
* Allowed dev image to build on fork
* Added YAML tab for Job Output event modal
* Added the ability to use awxkit with websocket custom URLs
* Fixed login rerouting on the user's current tab
* Fixed typo in French message
* Added new French translations on various UI screen messages
* Fixed error in French message translation of the User Details screen
* Added support for Terraform credentials in awxkit
* Added multi-arch build for AWX images in ghcr.io
* Fixed graphics, illustrations, tables, examples, and sizing associated with the Managing Capacity with Instances chapter of the *Administration Guide*
* Improved the performance for migration middleware
* Enhanced the dashboard Job Summary endpoint to contain canceled and error job counts
* Fixed ``project_update`` role/collection install
* Added ``# -*-coding:utf-8-*-`` to allow users to have Japanese, Chinese, and Korean characters in email messages
* Removed ability to use the bulky test-playbooks in tests where possible
* Sent ``QUIT`` to worker before terminating
* Fixed diagram for hop node in Instances chapter of the *Administration Guide* and added introduction text to LDAP chapter to fix formatting abnormality
* Fixed CVEs and bump receptorctl version
* Fixed ``ui_next`` banner in the AWX User Interface
* Published multi-arch manifest of AWX
* Published multi-arch for AWX execution environments
Jenkins 2.447
1. Use the symbol for parameters in build history of pending jobs. (pull 8977))
2. Do not show empty tooltips. (issue 71148))
3. Developer: Update Stapler from 1822.v120278426e1c to 1839.ved17667b_a_eb_5 to no longer generate line JavaScript with Stapler bound objects to improve compatibility with ContentSecurityPolicy Plugin. (Stapler 1839.ved17667b_a_eb_5 Release Notes))
Keycloak 24.0.0
Highlights:
The following are a few highlights of this feature;
All resolved issues
New features:
#15190 RestAPI endpoint "send-verify-email" sending execute actions email template. admin/api
#19586 @keycloak/keycloak-admin-client doesn't provide an ability to use optional client scope for access token admin/client-js
#23539 User profile attributes should only accept a single value unless configured otherwise user-profile
#25167 Implement POST logout in Keycloak JS adapter/javascript
#25446 CORS SPI oidc
#25676 Introduce new CLI config options for Infinispan remote store dist/quarkus
#25702 Encrypt network communication in JGroups dist/quarkus
#25733 Update Route53 HA guide to be compatible with ROSA and Openshift 4.14.x
#25903 Create new landing page for admin console
#25941 Issue Verifiable Credentials in the JWT-VC format core
#26028 Remove conditional statements about Windows / Linux from the docs docs
#26250 OAuth 2.0 Grant Type SPI oidc
#26455 Supported option to specify maximum threads used to handle HTTP requests dist/quarkus
#26456 Supported option to specify resource management for pods in Keycloak CR dist/quarkus
#26458 Support custom Infinispan configuration file in Keycloak CR operator
#26460 Supported option to specify site name for multi-site deployments dist/quarkus
#26500 Cookie Provider
#26936 Support EC Key-Imports for the JavaKeystoreKeyProvider
#27186 Meta description of admin-ui and account-ui cannot be changed in theme.properties
Enhancements:
#9508 Rename "Resident key" to "Discoverable Credential" docs
#9758 User attributes with a text more than 255 characters storage
#9784 Add truststore options to Keycloak CR operator
#10794 Support importing Kubernetes CA operator
#12009 Support for scope parameter in the refresh flow oidc
#12352 Align Operator config naming with Quarkus distribution operator
#12946 Add X509 thumbprint to JWT when using private_key_jwt oidc
#13250 --verbose option doesn't work in Quarkus distribution dist/quarkus
#15000 Add EdDSA/Ed25519 to WebAuthn Signature algorithms authentication/webauthn
#15714 Supporting EdDSA oidc
#16629 Increase the default iterations for Pbdkdf2-256/512 to match the updated OWASP recommendations authentication
#17574 Add failedLoginNotBefore field to existing brute force detection status API
#17735 Admin-UI: Show realm display name in realm drop down instead of realm id if available admin/ui
#19190 Add "amr" to already implemented "acr" support
#19285 Disable Groovy Closures when bootstrapping Picocli dist/quarkus
#20125 Role mapping tab no longer visible when using fine grained permissions after upgrade from 20.0.3 to 21.0.2 admin/ui
#21074 Identity providers: pagination in admin console
#21343 Upgrade welcome theme to PatternFly 5 welcome/ui
#21559 Provide raw OpenAPI specification alongside Keycloak Admin REST API html documentation
#21578 Scope parameter in Oauth 2.0 token exchange
#21771 List reload button for admin panel admin/ui
#22436 Query users by 'LDAP_ID' is not working ldap
#22922 Use Infinispan BOM instead of direct Infinispan dependencies storage
#23057 Localization tabs admin/ui
#23431 Allow user to select between `Forwarded` or `X-Forwarded-*` header
#23470 Docs: authorization_services/topics/service-authorization-obtaining-permission.adoc authorization-services
#23854 Use upstream Quarkus functionality for non-blocking probes dist/quarkus
#23878 User profile configuration scoped to user-federation provider user-profile
#23896 Changes in declarative user profile should result in admin events user-profile
#24094 Map Store Removal: Delete map profiles from testsuite storage
#24097 Map Store Removal: Delete container providers that were added to the base testsuite storage
#24102 Map Store Removal: Delete Profile.Feature.MAP_STORAGE and all its usages storage
#24103 Map Store Removal: Delete GlobalLockProvider storage
#24105 Map Store Removal: Rename Legacy* classes storage
#24107 Map Store Removal: Revert deprecated modules in model/legacy and rename "legacy" to "storage" storage
#24148 Add config property to specify a list of truststores
#24202 Cache stampede after client invalidation storage
#24245 Parse default UserProfile configuration in the build time
#24250 Allow selecting attributes from user profile when managing token mappers user-profile
#24344 Enhance error logs and error events during UserInfo endpoint and Token Introspection failure
#24412 Accessibility of 2FA method selection login/ui
#24422 UMA 2 not evaluating as expected when using permission tickets authorization-services
#24424 Query on update the ADFS FederationMetadata.xml on the keycloak instead of delete and recreating the IDP config #24310 saml
#24567 Map Store Removal: Revert changes related to map store in test classes in base testsuite storage
#24668 Features versioning
#24793 Map Store Removal: Remove `LockObjectsForModification` storage
#24798 Add truststores to keycloak cr
#24860 Initialize Infinispan earlier in the build chain dist/quarkus
#24926 Add polish translations admin/ui
#24995 Avoid deprecated API usage in testsuite/integration-arquillian/tests/base core
#25058 Add Polish Translations to Account UI account/ui
#25074 Update Kerberos provider for user-profile user-profile
#25075 Update SSSD provider for user-profile user-profile
#25103 Remove product from server info admin/ui
#25113 Add a test for the LoadBalancerCheck
#25146 Decouple "factory" methods from the "provider" methods on UserProfileProvider implementation user-profile
#25149 Replace the existing themes with the dynamic templates from user profile user-profile
#25236 Documentation about Australia Consumer Data Right security profile
#25238 Add missing Arabic messages
#25287 Upgrade Infinispan to 14.0.21.Final
#25288 Map Store Removal: Remove protostream dependency storage
#25300 Deprecate offline session preloading infinispan
#25308 Map Store Removal: Revert changes made to backchannelLogout storage
#25309 Map Store Removal: Remove ResponseSessionTask storage
#25314 Supporting OAuth 2.1 for confidential clients oidc
#25315 Client policies : executor for enforcing DPoP oidc
#25316 Supporting OAuth 2.1 for public clients oidc
#25328 Tests for client scopes/evaluate tab are missing
#25375 Extra tests for realm roles
#25388 Enable concurrent remote operations for Infinispan storage
#25403 Implements attributes field in KeycloakProfile interface admin/client-js
#25404 Adapt incremental build for latest changes in themes module ci
#25415 Describe how to use Infinispan Batch CRs for automation with the external Infinispan storage
#25416 Update UserProfileProvider.setConfiguration to accept UPConfig instead of String
#25487 Add extra tests for realm-settings in admin-ui
#25637 Client policies: executor for validate and match a redirect URI oidc
#25638 Keycloak native implementation of SD-JWT core
#25666 [Admin UI] Allow to customize built-in components administration UI via ConfiguredProvider
#25691 More info on UserProfileContext user-profile
#25738 Tooltips improvements when configuring user profile attribute user-profile
#25770 X509 client certificate login label extends out of form login/ui
#25823 Ability to declare a default "First broker login flow" per Realm
#25872 Make the `user` attribute available to the `idp-review-user-profile.ftl` template
#25882 RealmResourceProvider is not working as expected since version 23.0.0 core
#25897 Admin UI: Show realm display name on welcome page admin/ui
#25908 Could not format default value for log formats dist/quarkus
#25915 Make more clear in the documentation that the wait time is only increased on multiples of the max number of failures docs
#25935 Create Infinispan metrics with labels instead of long metric names
#25962 Missing localization of cs+sk messages
#25979 User profile attribute names with strange characters docs
#25985 Enable verify-profile required action by default user-profile
#26068 Reduce internal unsupported options in the Keycloak HA documentation
#26083 Change RHDG references to Infinispan
#26092 Do not use raw parameterized PropertyMapper dist/quarkus
#26146 Migration docs for https://github.com//issues/15190 docs
#26172 Permanently lock users out after X temporary lockouts during a brute force attack authentication
#26198 Comprehensive log for the LoggingDistTest and Quarkus IT testsuite
#26220 Don't differentiate Windows for getting started docs
#26223 Use `--http-max-queued-requests` option in Keycloak HA documentation docs
#26241 Do not use general debug log level for tests testsuite
#26315 Fully remove reasteasy-core
#26320 Allow formating numbers when rendering attributes user-profile
#26325 Remove unused HttpResponse.setWriteCookiesOnTransactionComplete
#26402 Improve wording in Concepts for configuring thread pools section in documentation
#26416 Remove support for old cookie path
#26430 Implement stricter controls at token endpoint for PKCE verification
#26457 Remove support for multiple AUTH_SESSION_ID cookies
#26469 Documentation for verify-profile required action enabled by default docs
#26485 Add missing Arabic translations translations
#26489 Ability to have alternative default user-profile configuration user-profile
#26530 Map Store Removal: Remove `RealmModel` from authorization services interfaces storage
#26552 Do we need to hide "required" settings for email? user-profile
#26570 Upgrade liquibase to 4.25.1
#26585 Improve UX of read-only attributes user-profile
#26587 Documentation for SuppressRefreshTokenRotationExecutor oidc
#26589 Allow Case-Insensitive Search on Provider Info Page in Admin UI admin/ui
#26598 Map Store Removal: deprecate model legacy module storage
#26626 Brute force detection should issue event for temporary lockout core
#26634 Documentation for default validation changes due user-profile enabled docs
#26683 Remove explicitly set `lit-element` version dist/quarkus
#26689 Update Maven dependency versions for docs docs
#26701 Upgrade to Quarkus 3.7.1 dist/quarkus
#26730 Add Multi-AZ Aurora DB to CI store-integration-tests
#26776 Update documentation to use new Infinispan configuration options
#26781 Update HA guide about non-blocking probes docs
#26810 Shorter lifespan for offline session cache entries in memory storage
#26812 Upgrade to embedded Infinispan 14.0.24 storage
#26819 Use version specific tag for Keycloak images in the docs docs
#26859 Upgrade to Quarkus 3.8 dist/quarkus
#26898 User profile: Add regression test for select inputs
#26910 Keycloak Operator should add service-ca.crt to the truststore operator
#26916 Upgrade to Quarkus 3.7.2 dist/quarkus
#26919 doc: add a clear mention in the documentation about the storage of the refresh and access token docs
#26921 Use latest OLM version for Operator CI testsuite
#26929 Ignore unrecognized truststore formats if `--truststore-paths` is a directory dist/quarkus
#26967 Aurora Postgres IT: Upload flaky and surefire test reports
#27036 Upgrade to Quarkus 3.7.3 dist/quarkus
#27048 Add Amazon Aurora PostgreSQL to the list of tested databases
#27078 Update Keycloak HA Guide new resource limit settings
#27084 Remove the preview note from Keycloak's HA guide
#27093 "Open ID Connect" in docs / UIs should be "OpenID Connect"
#27105 Add New User Registration Option on WebAuthn Authentication UI authentication/webauthn
#27121 Remove references to Quarkus docs and absolute URLs from HA Guide docs
#27123 Use AWS JDBC Wrapper in CI tests
#27125 Add warning about too long attribute values
#27143 Distinguish user registration action label from the security key registration action's one authentication/webauthn
#27147 Replace "Security Key" with "Passkey" in WebAuthn UIs and their documents authentication/webauthn
#27148 Allow overriding the default validators added to attributes user-profile
#27169 Tweak the default memory request and limit in the Operator operator
#27190 a11y improvements on login page
#27226 Upgrade to Quarkus 3.7.4 dist/quarkus
#27238 Add option to clients to use lightweight access token oidc
#27280 Upgrade to Infinispan 14.0.25
#27281 Allow option of using client_id instead of id_token_hint with RP-initiated logout in brokered IDP config/call. identity-brokering
#27315 Change docker image to container image
#27324 Remove RHSSO product documentation from upgrading guide docs
#27326 Edit Keycloak 24.0 release notes docs
#27327 Harmonize behaviour of different CertificateUtilsProvider implementations
#27440 Edit Keycloak 23.x Release Notes
#27452 Edit Keycloak 24 Upgrade guide
Bugs:
#9871 Remove Infinispan workarounds introduced to prevent deadlocks storage
#11178 Event for MISSING_REQUIRED_DESTINATION with idp brokering incorrectly says error is related to logout even for a login response saml
#13080 Encoded token stored as KC_RESTART cookie uses weak algorithm- HS256 authentication
#13368 Issue when using DenyAuthenticator in direct-grant flow authentication
#14448 Multiple failures in OfflineServletsAdapterTest (testServlet, testServletWithConsent, testServletWithRevoke) testsuite
#14581 HTTP Redirect 303 to wrong URL (in case port is not 80) when trailing slash is not added dist/quarkus
#14776 Mail verification isn't working for multiple accounts in one session (only on auto login by clicking the verification mail, not by logging in with the credentials) authentication
#16260 Incorrect handling of OptionParserException in kcadm admin/cli
#17155 UPDATED_PASSWORD user action shouldn't be triggered when login with linked IdP user-profile
#17449 Removing the Realm ID and saving causes the realm to be vanished from the list of the realms admin/api
#19183 token-exchange does apply clientScopes of the origin client token-exchange
#19294 Error on starting keycloak when foldername contains ")" using kc.bat. dist/quarkus
#19886 Allow configuration cookies with `SameSite=Strict` for better compliance with strict regulations and standards authentication
#20304 When choosing resources in scope-based permission, multiple resource can be selected but only one will be visable admin/ui
#20867 Control redirect after password reset core
#21127 During password reset, the baseURL is not shown on the info page after browser restart authentication
#21151 Realm import stack overflow import-export
#21409 Brute Force Detection is disabled when updating frontenUrl via admin client authentication
#21542 Context path missing in URL on OTP page to switch between QR code and manual code core
#21730 v 22.0.0 - when creating a new realm the registration flow does not have terms and conditions step core
#21951 Unable to use `<` as part of a password admin/cli
#22082 Flaky test: org.keycloak.testsuite.model.session.OfflineSessionPersistenceTest#testPersistenceClientSessionsMultipleNodes storage
#22401 Common resources in Welcome page didn't resolve correctly welcome/ui
#22431 Localization: Admin UI doesn't pick up message bundles from realms other than master admin/ui
#22507 User profile attributes not localized in account console V3 user-profile
#22540 Description of "Configuring sources for Keycloak" inconsistent / misleading docs
#22555 Docs: server_development/topics/identity-brokering.adoc docs
#22660 Implementing custom ClientAuthenticator loses access to Client Secret Input Field in the Admin UI admin/ui
#22691 Flaky test: org.keycloak.testsuite.forms.RecoveryAuthnCodesAuthenticatorTest#test03AuthenticateRecoveryAuthnCodes authentication
#22836 Invalid redirect uri when identity provider alias has spaces identity-brokering
#22904 Flaky test: org.keycloak.testsuite.model.session.OfflineSessionPersistenceTest#testPersistenceMultipleNodesClientSessionAtSameNode ci
#22958 KeycloakErrorHandler NullPointerException String.toLowe rCase() because message is null authentication
#23023 Undocumented change in priority of X-Forwarded-* headers as of Quarkus distribution core
#23056 Flaky test: org.keycloak.testsuite.admin.concurrency.ConcurrencyTest#testAllConcurrently storage
#23217 NoSuchFileException with ${kc.home.dir} on Windows dist/quarkus
#23229 Realm client update via PUT returns invalid registration_client_uri with duplicated client ID in address admin/api
#23268 New Install with MySQL failing with REALM_SOCIAL_CONFIG ADD issue storage
#23399 Audience is lost after refreshing a RPT authorization-services
#23683 Default-Value in UI for krbPrincipalAttribute is error prone admin/ui
#23699 Account v3 theme - Localization not working on account console account/ui
#23786 Failure: FipsDistTest ci
#23966 Group members are displayed incorrectly when using LDAP in READ_ONLY mode admin/api
#24082 Selected locale is not taking into accoun in `keycloak.v3 account` theme account/ui
#24141 LDAP user mapper for username: user appears twice in the GUI ldap
#24144 Unable to locate entity descriptor: org.keycloak.examples.domainextension.jpa.Company core
#24200 NPE in User Session Note mapper on Token Exchange token-exchange
#24219 admin-fine-grained-authz + client authorization settings requires view-client role admin/ui
#24323 Refresh request ignores scope parameter from refresh request oidc
#24353 Keycloak operator tries to manipulate Secret which is not managed by Keycloak operator
#24361 Adding scopes via registration_client_uri does not work when using Dynamic Client Registration admin/api
#24369 UpdateUserLocaleAction does not trigger EventType.UPDATE_PROFILE event user-profile
#24459 Keycloak fails to start when uninstalling custom provider dist/quarkus
#24464 Tabbing is not working in forms inside dropdown admin/ui
#24485 NullPointerException when key is not available in the database oidc
#24506 Reopening 2 - CVE-2023-21971 - Update Connector/J to 8.0.33 dependencies
#24508 Deadlock when pre-loading remote sessions from external Infinispan storage
#24595 Leaving Single Sign Out page open for too long and then confirming logout leads to error page authentication
#24626 Upgrade testsuite to use SpringBoot 2.7 ci
#24651 Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user. authorization-services
#24652 SAML decryption fails if keycloak.saml.deprecated.encryption flag is set saml
#24718 Mapper Option "Add to access token" Toggled Off Despite Claim Added to Token admin/ui
#24767 Improve LDAP Condition implementations ldap
#24783 Keycloak Admin UI - Help text not localized in Realm Events Setting UI admin/ui
#24923 Importing Keycloak breaks typescript in esModule adapter/javascript
#24960 OpenAPI spec doesn't match the admin API admin/api
#24961 Keycloak not able to handle multiple validating X509 certificates when public key are the same saml
#24980 The `DefaultActionToken` serializes a JSON Object with duplicate keys oidc
#24986 `getMultiPartFormParameters()` always returns `EmptyMultivaluedMap` after upgrade to Resteasy Reactive core
#25001 Client redirect_uri check must be compared using exact string matching oidc
#25016 Make password visibility css classes configurable for themes login/ui
#25033 Typo in the balloon help of SAML Username Template Importer core
#25041 Incomplete Spanish translations for Admin UI translations
#25051 Unexpected Application Error when clicking "Cancel" on user creation page admin/ui
#25054 Read Only Access of the realm users' "Role mapping" tab is broken for Admin Console admin/ui
#25060 fix debug log string core
#25078 Log Injection during WebAuthn authentication/registration authentication
#25096 Meaning of briefRepresentation query parameter is inverted in GroupResource.getSubGroups admin/api
#25110 User Profile attribute with "Options" shows options of another attribute if none set on it user-profile
#25111 RealmAdminResource.getGroupByPathGroup does not work with space in path parameter admin/api
#25173 Make sure username is lowercase when normalizing attributes user-profile
#25183 NullPointerException thrown for UPConfig.getGroups() user-profile
#25208 GH Actions -> Keycloak CI -> MSSQL docker images fails during startup ci
#25231 CIBA and PAR are broken since 23.0.0 (NPE) when using http protocol oidc
#25235 Unable to start after updating Docker container dist/quarkus
#25290 Social Login Tests unable to retrieve Federated Access Token from user session testsuite
#25294 Kerberos principal attribute not found on LDAP user - even if kerberos authentication is off ldap
#25322 Warning "Event object wasn't available in remote cache" when using remote store
#25392 Admin Console: Realm Dropdown should only show the realms the user has access to admin/ui
#25417 Avoid keycloak-admin-client in UI to call admin console UI extension admin/ui
#25423 Confusing error message by pr-backport.sh when not authenticated to gh ci
#25433 Key provider UI issue while saving - RSA admin/ui
#25449 Clean up translations for DE/EN/NL for a first test-run of Weblate translations
#25451 Admin cli failing when adding roles to a 3rd group in a list admin/cli
#25463 Unnecessary user profile metdata sent on user update user-profile
#25475 User Profile: If required roles ("user") and reqired scopes are set, the required scopes have no effect user-profile
#25502 Account v3 theme - theme.properties Custom theme scripts not loading account/ui
#25515 Deleting an atribute from the UI is reseting the unmanaged attribute policy user-profile
#25544 Post Logout Redirect URIs "+" behavior is inconsistent with other usages (i.e. Web Origins) oidc
#25565 OpenAPI: POST for /admin/realms response is 201 admin/api
#25566 Failure in SSSDUserProfileTest.test05MixedInternalDBUserProfile testsuite
#25584 iss not returned as query param in redirect to app when using "prompt=none" and user is not authenticated oidc
#25601 OpenAPI: POST /admin/realms/{realm}/clients response is 201 admin/api
#25604 OpenAPI: Client authz endpoints without responses admin/api
#25628 Translations missing in user details role mapping admin/ui
#25633 Parsing of labels issue IDs doesn't work with colons and the "fixes" keyword ci
#25636 "Disable realm?" displayed when disabling client admin/ui
#25642 Failure in KeycloakDistConfiguratorTest's 'missingHostname' check testsuite
#25649 OpenAPI: In ClientRepresentation the property oauth2DeviceAuthorizationGrantEnabled was not known by the API. admin/api
#25656 OpenAPI: POST /admin/realms/{realm}/clients-initial-access response is 201 admin/api
#25660 Incorrect version of the fix in release notes
#25677 Removing all group attributes no longer works with keycloak-admin-client (java) admin/client-java
#25679 `/admin/realms/{realm-name}/ui-ext/realms` endpoint leaks realms the user doesn't have access to see admin/ui
#25699 Flaky test Job URL missing on some runs ci
#25704 Custom Validator is never executed when UserProfileContext is UPDATE_EMAIL user-profile
#25714 Flaky test: org.keycloak.testsuite.adapter.servlet.OfflineServletsAdapterTest#testServlet ci
#25731 /admin/realms/{realm}/groups Endpoint is slow admin/api
#25746 Using kcadm.sh create components result to 400 Bad Request admin/cli
#25752 [CI] Store Model Tests failures - UserSessionProviderOfflineModelTest, OfflineSessionPersistenceTest, UserSessionInitializerTest storage
#25753 Backchannel logout token is missing the "exp" claim oidc
#25783 Since 23, start-dev command line arguments parsing is buggy dist/quarkus
#25789 User events: labels overlap content admin/ui
#25827 admin ui uses hyphen instead of dot as realm attribute separator admin/ui
#25853 Timeouts after upgrade of download action v4 ci
#25878 HTML emails in Catalan don't contain links translations
#25883 ldap-group-mapper fails when empty member: attribute is present ldap
#25891 Optimize handling of terms and conditions during registration core
#25892 Test suite depends on artifacts built only when distribution profile is active ci
#25909 Keycloak HA Guide uses token for cross-site setup that expires
#25912 LDAP federation reports "Creating new LDAP Store..." on every login ldap
#25927 UI crash after using breadcrumb group navigation during an active group search admin/ui
#25934 On invalid submission, IdpUsernamePasswordForm sends back the user to the standard UsernamePasswordForm template authentication
#25939 Declartive user profile. When multiple attributes with options validator are defined and 1 is selected on UI shown that 2 of them have values. user-profile
#25951 Masthead tests fail often admin/ui
#25961 Native SQL Schema names broken on MySQL storage
#25977 No error message displayed when trying to add read-only attribute to some user in `Attributes` tab user-profile
#25980 Force reauthentication is ignored during identity brokering when mapping between OIDC and SAML protocols saml
#25981 GitHub Status check is green if the build fails ci
#26021 `mvn clean` does not work in js directory account/ui
#26032 Duplicate tooltip/label for refresh button on device activity page account/ui
#26036 subgroups clickopen not working admin/ui
#26040 Subgroups-check is incorrect, and therefore subgroups are not clickable admin/ui
#26051 Name ID Format field is confusing for User Attribute Mapper For NameID saml
#26052 Configure OTP Form regenerates Secret on reload authentication
#26059 Attempting to update settings for realm with "dots" in the name fails due to client side validation admin/ui
#26060 Various Localization tab issues
#26075 Next time you start message references the wrong command dist/quarkus
#26088 Rest custom JAX-RS resource in kc 23: Method not allowed core
#26131 Localization: Realm overrides subtab admin/ui
#26132 Localization: Effective message bundles subtab admin/ui
#26148 Keycloak JavaScript CI: client_scopes_test.spec.ts ci
#26156 A11y critical violation in ProviderId form field admin/ui
#26168 KC_DB_DRIVER is not propagated properly admin/cli
#26177 Invalidate authentication session on repeated OTP failures authentication
#26180 Invalidate authentication session on repeated Recovery Code failures authentication
#26228 With fine grained permissions enabled, the grouptree rights check is not working correctly admin/ui
#26231 keycloak-admin-client missing recent changes to group query parameters admin/client-js
#26236 Ensure community-maintained translations are not part of product build account/ui
#26266 Importing Realm with declarative user profile attributes fails user-profile
#26281 Incorrect example in the Keycloak operator configuration operator
#26291 Workflow failure: FIPS IT - KcSamlEncryptedIdTest#testEncryptedElementIsReadableInDeprecatedMode ci
#26295 Incomplete Chinese Translation for Login Page translations
#26308 Error when migrating from a realm where the user profile component does not hold any entry in the configuration user-profile
#26323 Reset credentials action fails when triggered from first broker login flow identity-brokering
#26330 HTTP status code 413 Request Entity Too Large for large SAMLResponse since Keycloak 23 saml
#26334 Resource and permission titles missing for a new client admin/ui
#26335 Bind flow modal broken admin/ui
#26337 Write tests to cover binding a flow testsuite
#26350 Fix more A11y violations admin/ui
#26358 Apparently incorrect tooltip on "type" field for a "resource" in a client admin/ui
#26363 Search dialog for authorization policy is wrong? admin/ui
#26374 Workflow failure: Quarkus IT - FipsDistTest#testUnsupportedHttpsPkcs12KeyStoreInStrictMode ci
#26375 The role Unassign button enabled in admin console even if no roles are selected admin/ui
#26383 Labels for WebAuthN missing in Account Console account/ui
#26390 More A11y Violations Detected admin/ui
#26400 Workflow failure: Admin UI E2E - realm_test.spec.ts ci
#26407 Typo in disable dialog admin/ui
#26409 Duplicate `key` for credentials on sign in page account/ui
#26418 Failed to link identity broker to user with a verified email by IdP email verification flow identity-brokering
#26420 Labels for WebAuthN Passwordless missing in Account Console account/ui
#26427 Operator CSV uses wrong format for `createdAt` field operator
#26452 Row remains selected when "cancel" clicked on deleting translation in the Localization/Realm Overrides tab admin/ui
#26464 "Test connection" on LDAPS URI does not test TLS handshake admin/api
#26468 SPI-truststore-file-type option appears to be invalid docs
#26490 Update Keycloak sizing guide after change of default hashing configuration core
#26507 Failed to link the user with an existing read-token role from the federation provider when AddReadTokenRoleOnCreate was enabled for the IdP. storage
#26529 Workflow failure: Quarkus IT - FipsDistTest#testUnsupportedHttpsPkcs12KeyStoreInStrictMode ci
#26549 Mysterious settings changes due to Keycloak cluster changes admin/ui
#26564 Issues related to IDNHomographValidator user-profile
#26584 User details locale select broken in realm specific admin console admin/ui
#26588 Infinite loop during X509 authentication authentication
#26597 Keycloak UI meets "Internal Sever Error" after save "Refresh Token Max Reuse" number core
#26604 Arc container is null dist/quarkus
#26609 allow sending realm in request without changing the kc admin object admin/client-js
#26612 Wrong delete messages in Realm overrides admin/ui
#26618 CLIENT_ATTRIBUTES index idx_client_att_by_name_value no longer exists since KC 20 (postgres) storage
#26631 Keycloak HA guide with blank and callout docs
#26635 Account UI ships too much Beer in user attributes user-profile
#26636 Immediately reflect flow binding status on flow definition page in Admin UI when binding an auth flow admin/ui
#26643 Replace "message bundle" text to "translation" in realm overrides admin/ui
#26649 PhantomJS does not send secure cookies over http://localhost core
#26651 [keycloak.js] useNonce parameter is all-or-nothing adapter/javascript
#26653 Disallow removing required filters when searching for effective message bundle. admin/ui
#26665 Unable to modify access token lifespan at realm level. Keycloak stops working. core
#26668 Wrong help for "Create initial access token" expiration field admin/ui
#26686 Not possible to build documentation after quarkus upgrade docs
#26697 When creating a user federation mapper changing the type doesn't change User Roles Retrieve Strategy admin/ui
#26716 User Profile Applies Validation To Service Account Users user-profile
#26727 Auto layout of authenticator flow graph only applies the second time admin/ui
#26747 Tooltip for attribute name in user-profile configuration is incorrect user-profile
#26750 Empty error message when validation issue due the PersonNameProhibitedValidator validation user-profile
#26782 Accessing userinfo fails with CORS when token is expired or session is deleted oidc
#26790 Workflow failure: Operator IT on OpenShift ci
#26792 User profile 'uri' validator not working user-profile
#26816 Keycloak server admin docs needs change with the new hashing iteration changes docs
#26818 bug in operator example yaml operator
#26826 Freemarker erroneously escapes/sanitizes URL in template.ftl (&) login/ui
#26830 Duplicate "Refresh" buttons present in admin-ui admin/ui
#26834 Disabling "Reset OTP" in "Reset credentials" flow throws error on "forgot password" authentication
#26853 Fixing anchors in security apps guide in prod profile docs
#26856 Remove custom user attributes section in server developer guide user-profile
#26937 Once all default client scopes are deleted from the realm we can't create a new custom role. core
#26941 When loading entries from a remote store at startup, no lifespan or expiry is set core
#26951 Roles admin REST API for creating roles: Composite roles are expanded admin/api
#26983 Group not found in list after creation core
#27002 Refresh doesn't work in Localization/Effective message bundles admin/ui
#27005 Unable to approve/deny permission requests account/ui
#27031 Having read-only attributes stored at a user leads to validation warning on every login user-profile
#27095 Cache Keys for Group pagination and other entries cannot be invalidated and updated infinispan
#27120 Microsoft social login failure testsuite
#27133 Workflow failure: Keycloak CI - Store IT (aurora-postgres) ci
#27137 Users with fine-grained permissions can not create a user admin/ui
#27140 Locale selector is unnecessarily visible without rights to locales admin/ui
#27162 Default locale is set to null when not explicitly choosing a locale admin/ui
#27173 Newly created authentication subflow is always disabled admin/ui
#27234 Cannot update email in account console with `update-email` feature enabled account/ui
#27243 Account console not working when lightweight-access-tokens used oidc
#27271 AuthorityKeyIdentifierExtension should be calculated from caCert (if it present) in generateV3Certificate, not from subjPubKeyInfo core
#27284 FolderTheme does not support Locales with extensions core
#27290 AWS JDBC driver throws ConcurrentModificationException storage
#27297 Check for duplicated usernames and emails when Login with email option is enabled user-profile
#27316 Server admin guide not building downstream due to missing IDs docs
#27337 Workflow failure: Admin UI E2E - realm_settings_user_profile_enabled admin/ui
#27344 Secure Redirect URI executor issues oidc
#27345 Workflow failure: Keycloak CI - OAuth 2.0 Grant Type SPI ci
#27406 JavaDocs generation broken after removal of resteasy-core
#27409 Apply remote store workaround also for configuration via CLI options
#27412 OAuth 2.1 default profile lacks oauth-2-1-compliant setting for SecureRedirectUrisEnforcerExecutor oid
Wildfly 31.0.0.
Feature Request:
[WFLY-15405] - Add support for AMQP Connector in MP Reactive Messaging
[WFLY-18838] - Preview support for Jakarta MVC 2.1
[WFLY-18866] - Update WF feature pack to use preview stability level
Enhancement:
[WFLY-18383] - Quickstart for MicroProfile LRA
[WFLY-18460] - bmt Quickstart Common Enhancements CY2023Q3
[WFLY-18463] - ee-security Quickstart Common Enhancements CY2023Q3
[WFLY-18465] - ejb-remote Quickstart Common Enhancements CY2023Q3
[WFLY-18466] - ejb-security-context-propagation Quickstart Common Enhancements CY2023Q3
[WFLY-18467] - ejb-security-programmatic-auth Quickstart Common Enhancements CY2023Q3
[WFLY-18468] - ejb-throws-exception Quickstart Common Enhancements CY2023Q3
[WFLY-18469] - ejb-timer Quickstart Common Enhancements CY2023Q3
[WFLY-18473] - helloworld-jms Quickstart Common Enhancements CY2023Q3
[WFLY-18477] - helloworld-singleton Quickstart Common Enhancements CY2023Q3
[WFLY-18478] - helloworld-ws Quickstart Common Enhancements CY2023Q3
[WFLY-18405] - JCA: make sure WorkManager doesn't relate on jboss-threads executor's blocking API
[WFLY-18480] - hibernate Quickstart Common Enhancements CY2023Q3
[WFLY-18481] - http-custom-mechanism Quickstart Common Enhancements CY2023Q3
[WFLY-18482] - jaxrs-client Quickstart Common Enhancements CY2023Q3
[WFLY-18483] - jaxrs-jwt Quickstart Common Enhancements CY2023Q3
[WFLY-18484] - jaxws-ejb Quickstart Common Enhancements CY2023Q3
[WFLY-18485] - jaxws-retail Quickstart Common Enhancements CY2023Q3
[WFLY-18487] - jta-crash-rec Quickstart Common Enhancements CY2023Q3
[WFLY-18488] - jts Quickstart Common Enhancements CY2023Q3
[WFLY-18490] - logging Quickstart Common Enhancements CY2023Q3
[WFLY-18491] - mail Quickstart Common Enhancements CY2023Q3
[WFLY-18494] - microprofile-fault-tolerance Quickstart Common Enhancements CY2023Q3
[WFLY-18495] - microprofile-health Quickstart Common Enhancements CY2023Q3
[WFLY-18499] - microprofile-rest-client Quickstart Common Enhancements CY2023Q3
[WFLY-18502] - remote-helloworld-mdb Quickstart Common Enhancements CY2023Q3
[WFLY-18504] - servlet-async Quickstart Common Enhancements CY2023Q3
[WFLY-18505] - servlet-filterlistener Quickstart Common Enhancements CY2023Q3
[WFLY-18506] - servlet-security Quickstart Common Enhancements CY2023Q3
[WFLY-18508] - spring-resteasy Quickstart Common Enhancements CY2023Q3
[WFLY-18512] - todo-backend Quickstart Common Enhancements CY2023Q3
[WFLY-18513] - websocket-endpoint Quickstart Common Enhancements CY2023Q3
[WFLY-18514] - websocket-hello Quickstart Common Enhancements CY2023Q3
[WFLY-18544] - managed deployment in content repository duplicated in tmp/vfs/temp directory
[WFLY-18578] - Allow channel-based overriding of the org.jboss.as.product data
[WFLY-18644] - Remove xerces from distribution
[WFLY-18743] - Change NoAuditLogTestCase class to use the system default encoding to read the log file
[WFLY-18768] - Add Micrometer quickstart
[WFLY-18769] - Publish Quickstarts docs
[WFLY-18790] - Convert testsuite provisioning from galleon-maven-plugin to wildfly-maven-plugin
[WFLY-18792] - External configuration of channels to use when testing
[WFLY-18793] - Dynamic configuration of channels to use when testing
[WFLY-18819] - Quickstart READMEs XML snippets for server provisioning/bootable jar should not specify layers
[WFLY-18856] - Document stability levels
[WFLY-18890] - "docs/schema" does not contain "orm_3-1.xsd"
[WFLY-18901] - OpenShift CI support for MicroProfile LRA Quickstart
Bug:
[WFLY-14769] - Lookup of txn:LocalUserTransaction makes it possible to illegally use UserTransaction in a CMT context
[WFLY-16929] - ForwardedHandlerTestCase fails with security manager
[WFLY-17349] - WebJPATestCase intermittently fails
[WFLY-18009] - WildFly lacks support for LZ4 compression, which is needed by Kafka clients
[WFLY-18054] - Operations on any child resource of an Undertow servlet container fail with DuplicateServiceException
[WFLY-18215] - license correction for jipijapa-hibernate6 + wildfly-jpa
[WFLY-18240] - org.apache.activemq.artemis is required as an explicit dependency for some deployments
[WFLY-18384] - [CLUSTERING] File containing session data is never shrunk or deleted
[WFLY-18397] - Fix Standalone Old Faces 4.0 TCK 26 failures
[WFLY-18533] - Simplest JAXRS app is failing when deployed in server provisioned with jaxrs
[WFLY-18560] - Galleon layers reference javax API alias packages
[WFLY-18639] - Improve resiliency of reflection based-externalizers and marshallers
[WFLY-18653] - i18n of exception messages in ApplicationClientParsingDeploymentProcessor
[WFLY-18654] - i18n of exception message in WildFlyJobXmlResolver
[WFLY-18656] - i18n of exception messages in connector
[WFLY-18657] - i18n of exception messages in ee
[WFLY-18658] - i18n of exception messages in ejb3
[WFLY-18659] - i18n of exception messages in jpa
[WFLY-18660] - i18n of exception messages in messaging-activemq
[WFLY-18661] - i18n of exception messages in naming
[WFLY-18662] - i18n of exception messages in pojo
[WFLY-18663] - i18n of exception messages in sar
[WFLY-18665] - i18n of exception messages in webservices
[WFLY-18666] - i18n of exception messages in weld
[WFLY-18667] - i18n of exception messages in xts
[WFLY-18683] - Blocked JDBC store threads prevent shutdown
[WFLY-18694] - Broken link in Application Client documentation
[WFLY-18702] - In WildFly Preview jaxrs-server layer does not provision MP Rest Client
[WFLY-18703] - Misleading error message for XA DataSource class
[WFLY-18708] - Disable counter-productive "distributable" behavior in Mojarra
[WFLY-18718] - license.xml has different line endings when provisioned on Windows
[WFLY-18726] - Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions when started by ps1 script
[WFLY-18727] - ATTRIBUTE granularity distributed sessions should always replicate on setAttribute(...)
[WFLY-18733] - Deployments of SharedClientContextTestCase should be undeployed
[WFLY-18736] - Remove okhttp dependency
[WFLY-18740] - On cache writes, Infinispan store=hotrod throws ISE: Only byte[] instances are supported currently
[WFLY-18742] - Provisioning micrometer and opentelemetry layers issue
[WFLY-18746] - Revisit telemetry layers inclusion rules.
[WFLY-18756] - WildFly throws UnknownHostExceptions and XARecovery fails when Connected to an AMQ Cluster in OpenShift
[WFLY-18775] - Intermittent NPE in distributed timers TimerScheduler
[WFLY-18782] - Dependency tree - wildfly-model-test & commons-text should only be in test scope
[WFLY-18785] - Client fail rate degradation in tests with Oracle database: IJ000453: Unable to get managed connection for ... + StoreUnavailableException
[WFLY-18787] - WFLY-18683 fix causes marshalling errors when SQLExceptions are propagated to caller
[WFLY-18800] - Misleading example in "Configure Authentication with Certificates" section of Elytron security doc
[WFLY-18811] - Reduce visibility org.infinispan module to only those packages containing public API
[WFLY-18813] - Predicates not applied correctly to gzip filters
[WFLY-18814] - A typo in run-integration-tests-with-provisioned-server.adoc
[WFLY-18820] - Queue creation might fail if auto-create-addresses is set to false
[WFLY-18823] - Fix Flaky AbstractValidationUnitTest
[WFLY-18844] - Invalid XmlMerge output on Windows
[WFLY-18849] - Official installation modules can produce installations with a '.galleon/history' folder
[WFLY-18853] - QS websocket-hello, websocket-endpoint and servlet-async are missing wildfly-maven-plugin in pluginManagement section in pom.xml
[WFLY-18855] - MicroProfile spec support table is out of date
[WFLY-18868] - Ensure MMR delegates implement getStability()
[WFLY-18869] - max-active-sessions=-1 causes ISPN000424 error for distributable webapp
[WFLY-18873] - Missing client dependency in user BOM
[WFLY-18880] - missing dependency to org.wildfly.clustering.marshalling.spi in clustering.ee.cache module.xml
[WFLY-18882] - JCA: resource adapter subsystem dependency should be added based on capabilities
[WFLY-18883] - Install and Deploy fails. due to duplicated artifacts attached
[WFLY-18885] - Unable to look up deployed datasource when name differs from runtime-name
[WFLY-18887] - todo-backend quickstart CI test fails
[WFLY-18897] - testsuite manual-expansion is missing the parsson dependency.
[WFLY-18914] - Shared distributed session manager triggers duplicate expiration listeners
[WFLY-18922] - Give the Apache Lucene module access to jdk.management
[WFLY-18931] - Galleon layers doc does not list the microprofile-telemetry layer as a dependency of observability
[WFLY-18936] - NetworkHealthTestCase doesn't cleanup it's configuration affecting other tests
[WFLY-18941] - Update jipijapa EclipseLink reference in documentation as refers to transformed version
Components Upgrade:
[WFLY-18406] - Upgrade ironjacamar to 3.0.6.Final
[WFLY-18442] - Upgrade MP Config API to 3.1 (MP 6.1)
[WFLY-18443] - Upgrade MP Telemetry API to 1.1 (MP 6.1)
[WFLY-18555] - Upgrade to Hibernate 6.4.1.Final release
[WFLY-18630] - Upgrade Infinispan to 14.0.20.Final
[WFLY-18645] - Upgrade openjdk-orb to 10.0.0.Final
[WFLY-18646] - Upgrade Jastow to 2.2.7.Final
[WFLY-18647] - Upgrade HAL to 3.6.16.Final
[WFLY-18655] - Upgrade Eclipse ECJ to 3.32.0
[WFLY-18674] - Bump version.com.fasterxml.jackson from 2.15.2 to 2.15.3
[WFLY-18679] - Upgrade jaxbintros from 2.0.0 to 2.0.1
[WFLY-18682] - Upgrade WildFly Http Client to 2.0.5.Final
[WFLY-18685] - Upgrade santuario to 3.0.3 (addresses CVE-2023-44483)
[WFLY-18688] - Update JBeret to 2.1.3.Final
[WFLY-18690] - Upgrade the Jakarta XML Binding API to 4.0.1 and the Implementation to 4.0.4
[WFLY-18693] - Upgrade to SmallRye Reactive Messaging 4.11.0
[WFLY-18704] - Upgrade Artemis to 2.31.2 (resolves CVE-2023-46604)
[WFLY-18707] - Upgrade WildFly Core to 23.0.0.Beta1
[WFLY-18713] - Upgrade RESTEasy to 6.2.6.Final
[WFLY-18714] - Upgrade Galleon to 5.2.2.Final and Galleon plugins to 6.5.3.Final
[WFLY-18725] - Upgrade WildFly Http Client to 2.0.6.Final
[WFLY-18729] - Upgrade Netty from 4.1.100 to 4.1.104
[WFLY-18732] - Upgrade SmallRye Config to 3.4.3
[WFLY-18735] - Upgrade to SmallRye OpenTelemetry 2.6.0
[WFLY-18738] - Upgrade to Mojarra 4.0.5
[WFLY-18750] - Upgrade to MP Config 3.0.3
[WFLY-18751] - Upgrade RxJava to 3.1.8
[WFLY-18752] - Upgrade Jakarta JSTL Implementation to 3.0.1
[WFLY-18754] - Upgrade WSS4j from 3.0.1 to 3.0.2
[WFLY-18755] - Upgrade stax2-api from 4.2.1 to 4.2.2
[WFLY-18760] - Upgrade smallrye-open-api to 3.7.0
[WFLY-18767] - Upgrade Byteman to 4.0.22
[WFLY-18772] - Upgrade the WildFly Maven Plugin to 4.2.1
[WFLY-18774] - Upgrade Infinispan to 14.0.21.Final
[WFLY-18777] - Upgrade joda-time:joda-time from 2.12.1 to 2.12.5
[WFLY-18778] - Upgrade Jakarta JSP API to 3.1.1
[WFLY-18779] - Upgrade WildFly Core to 23.0.0.Beta2
[WFLY-18795] - Bump jakarta.enterprise.concurrent:jakarta.enterprise.concurrent-api from 3.0.2 to 3.0.3
[WFLY-18797] - Upgrade to SmallRye Config 3.4.4
[WFLY-18804] - Upgrade to Hibernate Search 7.0
[WFLY-18805] - Upgrade to Elasticsearch client 8.11
[WFLY-18806] - Upgrade to Lucene 9.8
[WFLY-18810] - Update Micrometer to 1.12.0
[WFLY-18826] - Upgrade smallrye-health to 4.0.4
[WFLY-18833] - Upgrade ironjacamar to 3.0.7.Final
[WFLY-18836] - Upgrade WildFly Core to 23.0.0.Beta3
[WFLY-18841] - Upgrade com.sun.xml.fastinfoset:FastInfoset from 2.1.0 to 2.1.1
[WFLY-18842] - Upgrade mod_cluster to 2.0.4.Final
[WFLY-18845] - Upgrade wildfly-transaction-client to 3.0.3.Final
[WFLY-18861] - Upgrade WildFly Core to 23.0.0.Beta4
[WFLY-18904] - Update ANTLR to 4.13.0 for Hibernate 6.4
[WFLY-18905] - Upgrade JBeret to 2.2.0.Final
[WFLY-18906] - Upgrade WildFly Core to 23.0.0.Beta5
[WFLY-18915] - Upgrade HAL to 3.6.17.Final
[WFLY-18916] - Upgrade RESTEasy from 6.2.6.Final to 6.2.7.Final
[WFLY-18917] - Upgrade RESTEasy MicroProfile from 2.1.4.Final to 2.1.5.Final
[WFLY-18923] - Upgrade to WildFly Glow 1.0.0.Beta5
[WFLY-18924] - Upgrade ironjacamar to 3.0.8.Final
[WFLY-18926] - Upgrade com.github.luben:zstd-jni from 1.5.2-1 to 1.5.5-11
[WFLY-18927] - Upgrade to Hibernate 6.4.2.Final release
[WFLY-18928] - Upgrade H2 to 2.2.224
[WFLY-18930] - Upgrade mvc-krazo integration to 0.8.2.Final
[WFLY-18934] - Upgrade WildFly Core to 23.0.0.Final
[WFLY-18940] - Upgrade WildFly Core to 23.0.1.Final
Task:
[WFLY-15723] - Some Java source files use Red Hat Middleware LLC in copyright header
[WFLY-17755] - Better handling of licenses
[WFLY-17772] - Migrate from Apache DS to Apache Kerby for Kerberos testing
[WFLY-18332] - Update LayersTestBase and LayersTestCase(s)
[WFLY-18430] - Rework Galleon provisioning in tests to not specify Galleon layers
[WFLY-18574] - Get todo-backend working on OpenShift CI
[WFLY-18651] - Remove org.wildfly.build plugins from the poms
[WFLY-18673] - Reduce the number of GitHub CI jobs that run
[WFLY-18677] - Disable testsuite/layers[-expansion] provisioning if -DskipTests is set
[WFLY-18687] - Some add-ons in Galleon layer metadata are missing a description
[WFLY-18689] - Quickstarts CI: input param to customize matrix.jdk
[WFLY-18691] - Add documentation for adding integrity checking for an existing filesystem realm to wildfly docs
[WFLY-18692] - Simplify helloworld, removing CDI
[WFLY-18697] - Switch ejb subsystem test dep from groovy-all to groovy
[WFLY-18699] - Adapt WildFly to use ModuleSpecification.getMutableUserDependencies returning a Collection interface
[WFLY-18709] - Drop obsolete workaround for WFLY-3044
[WFLY-18712] - Quickstarts CI support for non root deployment dir
[WFLY-18717] - Update the WildFly vs WildFly Preview document for current differences
[WFLY-18728] - Control the maven repos used by dependabot
[WFLY-18737] - Remove shopping-cart quickstart
[WFLY-18741] - Add a github action shared file to build and test WildFly
[WFLY-18757] - Update WildFly docs to add instructions for converting cli scripts generated by elytron-tool to be used in domain mode
[WFLY-18758] - Use PermissionUtils to create permissions.xml
[WFLY-18759] - Move MicroProfile tck artifacts from boms/common-expansion to boms/standard-test-expansion
[WFLY-18764] - Update HostExcludesTestCase configuration to work with WF31
[WFLY-18770] - Remove WFCORE-6591 workaround in LayersTestCase
[WFLY-18771] - Remove libthrift from dependencyManagement
[WFLY-18791] - Create channel and manifest artifacts for the three feature packs
[WFLY-18799] - Fix linking for distributed-realm and failover-realm so their documentation is rendered
[WFLY-18808] - Remove uses of deprecated ModuleSpecification API
[WFLY-18822] - Remove bean-validation-custom-constraint quickstart
[WFLY-18840] - Remove obsolete RedHat URLs
[WFLY-18850] - Rework testsuite/preview/basic
[WFLY-18852] - Clean up exclusions in galleon-shared/pom.xml
[WFLY-18854] - Classes still have LGPL header
[WFLY-18858] - Do not deploy channel manifests
[WFLY-18908] - Update version.org.eclipse.microprofile to 6.1
[WFLY-18920] - Remove DomainTestSupport.stop() method usage
Sub-task:
[WFLY-16887] - Modify description in jaxrs of subsystem to its correct sentence
[WFLY-16890] - Modify description in datasources of subsystem to its correct sentence
[WFLY-16895] - Modify description in ejb3 of subsystem to its correct sentence
[WFLY-17760] - Upgrade licenses-plugin to make use of known licenses
[WFLY-18562] - Reevalute test exclusions in the integration/basic module
[WFLY-18605] - Reevalute test exclusions in the integration/elytron module
[WFLY-18606] - Reevalute test exclusions in the integration/web module
[WFLY-18642] - Reevalute test exclusions in the integration/microprofile module
[WFLY-18788] - Replace Consumers/Functions with utility methods from wildfly-common
[WFLY-18871] - Replace capability name resolvers with versions from wildfly-controller
[WFLY-18879] - Consolidate CommandDispatcherFactory interfaces from API vs SPI modules
[WFLY-18893] - Pass Platform TCK Signature Tests on Java 21
Wildfly 31.0.0
Bug:
[WFLY-18700] - java.lang.OutOfMemoryError: Direct buffer memory
[WFLY-18959] - Mail Quickstart maven dependencies have wrong scope
[WFLY-18969] - Give the Apache Lucene module access to jdk.unsupported
[WFLY-19010] - SSL Client context not loaded with AMQP Connector used in bootable jar
[WFLY-19019] - Exception that happened during deployment is being hidden
[WFLY-19020] - JakartaEE application client: module "org.hibernate" is not added to classpath
[WFLY-19040] - Regression due to SSLHandshakeException affecting HotRod client when connecting to remote Infinispan
Task:
[WFLY-19029] - Hibernate ORM 6.4+ should export services to consumer classpath
Component upgrade:
[WFLY-18946] - Upgrade Infinispan to 14.0.22.Final
[WFLY-18977] - Upgrade jgroups-kubernetes to 2.0.2.Final
[WFLY-18989] - Upgrade to Hibernate 6.4.4.Final release
[WFLY-19003] - Upgrade Netty to 4.1.106
[WFLY-19032] - Upgrade Snappy Java to 1.1.10.5 (CVEs CVE-2023-34453, CVE-2023-34454, CVE-2023-34455, CVE-2023-43642)
[WFLY-19034] - Upgrade nimbus-jose-jwt to 9.37.3 [CVE-2023-52428]
[WFLY-19042] - Upgrade HAL to 3.7.0.Final (WildFly 31.0.1.Final)
[WFLY-19045] - Upgrade Infinispan to 14.0.24.Final
[WFLY-19046] - Upgrade JGroups to 5.2.22.Final
[WFLY-19048] - Upgrade WildFly Core to 23.0.2.Final
[WFLY-19058] - Upgrade WildFly Core to 23.0.3.Final
Enhancement:
[WFLY-18956] - Add sha1 to Quickstart's dist module
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Apache Spark 3.5.1
[SPARK-39910] - DataFrameReader API cannot read files from hadoop archives (.har)
[SPARK-40154] - PySpark: DataFrame.cache docstring gives wrong storage level
[SPARK-43393] - Sequence expression can overflow
[SPARK-44683] - Logging level isn't passed to RocksDB state store provider correctly
[SPARK-44805] - Data lost after union using spark.sql.parquet.enableNestedColumnVectorizedReader=true
[SPARK-44840] - array_insert() give wrong results for ngative index
[SPARK-44843] - flaky test: RocksDBStateStoreStreamingAggregationSuite
[SPARK-44880] - Remove unnecessary curly braces at the end of the thread locks info
[SPARK-44910] - Encoders.bean does not support superclasses with generic type arguments
[SPARK-44971] - [BUG Fix] PySpark StreamingQuerProgress fromJson
[SPARK-44973] - Fix ArrayIndexOutOfBoundsException in conv()
[SPARK-45014] - Clean up fileserver when cleaning up files, jars and archives in SparkContext
[SPARK-45057] - Deadlock caused by rdd replication level of 2
[SPARK-45072] - Fix Outerscopes for same cell evaluation
[SPARK-45075] - Alter table with invalid default value will not report error
[SPARK-45078] - The ArrayInsert function should make explicit casting when element type not equals derived component type
[SPARK-45081] - Encoders.bean does no longer work with read-only properties
[SPARK-45098] - Custom jekyll-rediect-from redirect.html template
[SPARK-45106] - percentile_cont gets internal error when user input fails runtime replacement's input type check
[SPARK-45117] - Implement missing otherCopyArgs for the MultiCommutativeOp expression
[SPARK-45124] - Do not use local user ID for Local Relations
[SPARK-45132] - Fix IDENTIFIER clause for functions
[SPARK-45142] - Specify the range for Spark Connect dependencies in pyspark base image
[SPARK-45167] - Python Spark Connect client does not call `releaseAll`
[SPARK-45171] - GenerateExec fails to initialize non-deterministic expressions before use
[SPARK-45182] - Ignore task completion from old stage after retrying indeterminate stages
[SPARK-45205] - Since version 3.2.0, Spark SQL has taken longer to execute "show paritions",probably because of changes introduced by SPARK-35278
[SPARK-45211] - Scala 2.13 daily test failed
[SPARK-45227] - Fix a subtle thread-safety issue with CoarseGrainedExecutorBackend where an executor process randomly gets stuck
[SPARK-45237] - Correct the default value of `spark.history.store.hybridStore.diskBackend` in `monitoring.md`
[SPARK-45255] - Spark connect client failing with java.lang.NoClassDefFoundError
[SPARK-45291] - Use unknown query execution id instead of no such app when id is invalid
[SPARK-45306] - Make `InMemoryColumnarBenchmark` use AQE-aware utils to collect plans
[SPARK-45311] - Encoder fails on many "NoSuchElementException: None.get" since 3.4.x, search for an encoder for a generic type, and since 3.5.x isn't "an expression encoder"
[SPARK-45346] - Parquet schema inference should respect case sensitive flag when merging schema
[SPARK-45371] - FIx shading problem in Spark Connect
[SPARK-45383] - Missing case for RelationTimeTravel in CheckAnalysis
[SPARK-45389] - Correct MetaException matching rule on getting partition metadata
[SPARK-45424] - Regression in CSV schema inference when timestamps do not match specified timestampFormat
[SPARK-45430] - FramelessOffsetWindowFunctionFrame fails when ignore nulls and offset > # of rows
[SPARK-45433] - CSV/JSON schema inference when timestamps do not match specified timestampFormat with only one row on each partition report error
[SPARK-45449] - Cache Invalidation Issue with JDBC Table
[SPARK-45473] - Incorrect error message for RoundBase
[SPARK-45484] - Fix the bug that uses incorrect parquet compression codec lz4raw
[SPARK-45498] - Followup: Ignore task completion from old stage after retrying indeterminate stages
[SPARK-45508] - Add "--add-opens=java.base/jdk.internal.ref=ALL-UNNAMED" so Platform can access cleaner on Java 9+
[SPARK-45543] - InferWindowGroupLimit causes bug if the other window functions haven't the same window frame as the rank-like functions
[SPARK-45561] - Convert TINYINT catalyst properly in MySQL Dialect
[SPARK-45580] - Subquery changes the output schema of the outer query
[SPARK-45584] - Execution fails when there are subqueries in TakeOrderedAndProjectExec
[SPARK-45592] - AQE and InMemoryTableScanExec correctness bug
[SPARK-45604] - Converting timestamp_ntz to array<timestamp_ntz> can cause NPE or SEGFAULT on parquet vectorized reader
[SPARK-45616] - Usages of ParVector are unsafe because it does not propagate ThreadLocals or SparkSession
[SPARK-45631] - Broken backward compatibility in PySpark: StreamingQueryListener due to the addition of onQueryIdle
[SPARK-45670] - SparkSubmit does not support --total-executor-cores when deploying on K8s
[SPARK-45678] - Cover BufferReleasingInputStream.available under tryOrFetchFailedException
[SPARK-45786] - Inaccurate Decimal multiplication and division results
[SPARK-45791] - Rename `SparkConnectSessionHodlerSuite.scala` to `SparkConnectSessionHolderSuite.scala`
[SPARK-45814] - ArrowConverters.createEmptyArrowBatch may cause memory leak
[SPARK-45847] - CliSuite flakiness due to non-sequential guarantee for stdout&stderr
[SPARK-45878] - ConcurrentModificationException in CliSuite
[SPARK-45883] - Upgrade ORC to 1.9.2
[SPARK-45896] - Expression encoding fails for Seq/Map of Option[Seq/Date/Timestamp/BigDecimal]
[SPARK-45920] - group by ordinal should be idempotent
[SPARK-45935] - Fix RST files link substitutions error
[SPARK-45943] - DataSourceV2Relation.computeStats throws IllegalStateException in test mode
[SPARK-45963] - Restore documentation for DSv2 API
[SPARK-46006] - YarnAllocator miss clean targetNumExecutorsPerResourceProfileId after YarnSchedulerBackend call stop
[SPARK-46014] - Run RocksDBStateStoreStreamingAggregationSuite on a dedicated JVM
[SPARK-46016] - Fix pandas API support list properly
[SPARK-46019] - Fix HiveThriftServer2ListenerSuite and ThriftServerPageSuite to create java.io.tmpdir if it doesn't exist
[SPARK-46033] - Fix flaky ArithmeticExpressionSuite
[SPARK-46062] - CTE reference node does not inherit the flag `isStreaming` from CTE definition node
[SPARK-46064] - EliminateEventTimeWatermark does not consider the fact that isStreaming flag can change for current child during resolution
[SPARK-46092] - Overflow in Parquet row group filter creation causes incorrect results
[SPARK-46189] - Various Pandas functions fail in interpreted mode
[SPARK-46239] - Hide Jetty info
[SPARK-46274] - Range operator computeStats() proper long conversions
[SPARK-46275] - Protobuf: Permissive mode should return null rather than struct with null fields
[SPARK-46330] - Loading of Spark UI blocks for a long time when HybridStore enabled
[SPARK-46339] - Directory with number name should not be treated as metadata log
[SPARK-46388] - HiveAnalysis misses pattern guard `query.resolved`
[SPARK-46396] - LegacyFastTimestampFormatter.parseOptional should not throw exception
[SPARK-46443] - Decimal precision and scale should decided by JDBC dialect.
[SPARK-46453] - SessionHolder doesn't throw exceptions from internalError()
[SPARK-46464] - Fix the scroll issue of tables when overflow
[SPARK-46466] - vectorized parquet reader should never do rebase for timestamp ntz
[SPARK-46478] - Revert SPARK-43049
[SPARK-46480] - Fix NPE when table cache task attempt
[SPARK-46514] - Fix HiveMetastoreLazyInitializationSuite
[SPARK-46535] - NPE when describe extended a column without col stats
[SPARK-46546] - Fix the formatting of tables in `running-on-yarn` pages
[SPARK-46562] - Remove retrieval of `keytabFile` from `UserGroupInformation` in `HiveAuthFactory`
[SPARK-46577] - HiveMetastoreLazyInitializationSuite leaks hive's SessionState
[SPARK-46590] - Coalesce partiton assert error after skew join optimization
[SPARK-46598] - OrcColumnarBatchReader should respect the memory mode when creating column vectors for the missing column
[SPARK-46602] - CREATE VIEW IF NOT EXISTS should never throw `TABLE_OR_VIEW_ALREADY_EXISTS` exception
[SPARK-46609] - avoid exponential explosion in PartitioningPreservingUnaryExecNode
[SPARK-46640] - RemoveRedundantAliases does not account for SubqueryExpression when removing aliases
[SPARK-46663] - Disable memory profiler for pandas UDFs with iterators
[SPARK-46676] - dropDuplicatesWithinWatermark throws error on canonicalizing plan
[SPARK-46684] - CoGroup.applyInPandas/Arrow should pass arguments properly
[SPARK-46700] - count the last spilling for the shuffle disk spilling bytes metric
[SPARK-46747] - Too Many Shared Locks due to PostgresDialect.getTableExistsQuery - LIMIT 1
[SPARK-46763] - ReplaceDeduplicateWithAggregate fails when non-grouping keys have duplicate attributes
[SPARK-46769] - Refine timestamp related schema inference
[SPARK-46779] - Grouping by subquery with a cached relation can fail
[SPARK-46786] - Fix MountVolumesFeatureStep to use ReadWriteOncePod instead of ReadWriteOnce
[SPARK-46794] - Incorrect results due to inferred predicate from checkpoint with subquery
[SPARK-46796] - RocksDB versionID Mismatch in SST files
[SPARK-46855] - Add `sketch` to the dependencies of the `catalyst` module in `module.py`
[SPARK-46861] - Avoid Deadlock in DAGScheduler
[SPARK-46862] - Incorrect count() of a dataframe loaded from CSV datasource
[SPARK-46893] - Remove inline scripts from UI descriptions
[SPARK-46945] - Add `spark.kubernetes.legacy.useReadWriteOnceAccessMode` for old K8s clusters
[SPARK-47019] - AQE dynamic cache partitioning causes SortMergeJoin to result in data loss
[SPARK-47022] - Fix `connect/client/jvm` to have explicit `commons-lang3` test dependency
[SPARK-47053] - Docker image for release has to bump versions of some python libraries for 3.5.1
New Feature
[SPARK-45360] - Initialize spark session builder configuration from SPARK_REMOTE
[SPARK-45706] - Makes entire Binder build fails fast during setting up
[SPARK-45735] - Reenable CatalogTests without Spark Connect
[SPARK-46732] - Propagate JobArtifactSet to broadcast execution thread
Apache Kafka 3.7.0
New Feature:
[KAFKA-9800] - [KIP-580] Client Exponential Backoff Implementation
[KAFKA-15215] - The default.dsl.store config is not compatible with custom state stores
[KAFKA-15428] - Cluster-wide dynamic log adjustments for Connect
[KAFKA-15445] - KIP-975: Docker Image for Apache Kafka
[KAFKA-15448] - Streams StandbyTaskUpdateListener
[KAFKA-15470] - Allow creating connectors in a stopped state
Improvement:
[KAFKA-9693] - Kafka latency spikes caused by log segment flush on roll
[KAFKA-10199] - Separate state restoration into separate threads
[KAFKA-14127] - KIP-858: Handle JBOD broker disk failure in KRaft
[KAFKA-14780] - Make RefreshingHttpsJwksTest#testSecondaryRefreshAfterElapsedDelay deterministic
[KAFKA-14855] - Harden integration testing logic for asserting that a connector is deleted
[KAFKA-14912] - Introduce a configuration for remote index cache size, preferably a dynamic config.
[KAFKA-15022] - Support rack aware task assignment in Kafka streams
[KAFKA-15046] - Produce performance issue under high disk load
[KAFKA-15047] - Handle rolling segments when the active segment's retention is breached incase of tiered storage is enabled.
[KAFKA-15141] - High CPU usage with log4j2
[KAFKA-15147] - Measure pending and outstanding Remote Segment operations
[KAFKA-15208] - Upgrade Jackson dependencies to version 2.16.0
[KAFKA-15241] - Compute tiered offset by keeping the respective epochs in scope.
[KAFKA-15248] - Add BooleanConverter to Kafka Connect
[KAFKA-15273] - Log common name of expired client certificate
[KAFKA-15315] - Use getOrDefault rather than get
[KAFKA-15401] - Segment with corrupted index should not be uploaded to remote storage
[KAFKA-15415] - In Java-client, backoff should be skipped for retried producer-batch to a new leader
[KAFKA-15418] - Update statement on decompression location
[KAFKA-15432] - RLM Stop partitions should not be invoked for non-tiered storage topics
[KAFKA-15464] - Allow dynamic reloading of certificates with different DN / SANs
[KAFKA-15471] - Allow independently stop KRaft controllers or brokers
[KAFKA-15476] - Improve checkstyle performance
[KAFKA-15485] - Support building with Java 21 (LTS release)
[KAFKA-15492] - Enable spotbugs when building with Java 21
[KAFKA-15493] - Ensure system tests work with Java 21
[KAFKA-15521] - Refactor build.gradle to align gradle swagger plugin with swagger dependencies
[KAFKA-15527] - Add reverseRange and reverseAll query over kv-store in IQv2
[KAFKA-15536] - dynamically resize remoteIndexCache
[KAFKA-15542] - Release member assignments on errors
[KAFKA-15563] - Provide informative error messages when Connect REST requests time out
[KAFKA-15566] - Flaky tests in FetchRequestTest.scala in KRaft mode
[KAFKA-15596] - Upgrade ZooKeeper to 3.8.3
[KAFKA-15629] - proposal to introduce IQv2 Query Types: TimestampedKeyQuery and TimestampedRangeQuery
[KAFKA-15685] - Add missing compatibility for MinGW and MSYS2 (windows)
[KAFKA-15769] - Fix wrong log with exception
[KAFKA-15774] - Respect default.dsl.store Configuration Without Passing it to StreamsBuilder
[KAFKA-15831] - List Client Metrics Configuration Resources
[KAFKA-15837] - Throw error on use of Consumer.poll(long timeout)
[KAFKA-15866] - Refactor OffsetFetchRequestState Error handling to be more consistent with OffsetCommitRequestState
[KAFKA-15868] - KIP-951 - Leader discovery optimisations for the client
[KAFKA-15906] - Emit offset syncs more often than offset.lag.max for low-throughput/finite partitions
[KAFKA-15922] - Add MetadataVersion for JBOD
[KAFKA-15971] - Re-enable consumer integration tests for new consumer
[KAFKA-15980] - Add KIP-1001 CurrentControllerId metric
[KAFKA-16007] - ZK migrations can be slow for large clusters
[KAFKA-16210] - Upgrade jose4j to 0.9.4
Bug:
[KAFKA-12679] - Rebalancing a restoring or running task may cause directory livelocking with newly created task
[KAFKA-13327] - Preflight validations of connectors leads to 500 responses
[KAFKA-13973] - block-cache-capacity metrics worth twice as much as normal
[KAFKA-13988] - Mirrormaker 2 auto.offset.reset=latest not working
[KAFKA-14067] - Sink connector override.consumer.group.id can conflict with worker group.id
[KAFKA-14616] - Topic recreation with offline broker causes permanent URPs
[KAFKA-14767] - Gradle build fails with missing commitId after git gc
[KAFKA-14927] - Prevent kafka-configs.sh from setting non-alphanumeric config key names
[KAFKA-15000] - High vulnerability PRISMA-2023-0067 reported in jackson-core
[KAFKA-15117] - SslTransportLayerTest.testValidEndpointIdentificationCN fails with Java 20 & 21
[KAFKA-15152] - Fix incorrect format specifiers when formatting string
[KAFKA-15221] - Potential race condition between requests from rebooted followers
[KAFKA-15230] - ApiVersions data between controllers is not reliable
[KAFKA-15311] - Fix docs about reverting to ZooKeeper mode during KRaft migration
[KAFKA-15372] - MM2 rolling restart can drop configuration changes silently
[KAFKA-15392] - RestServer starts but does not stop ServletContextHandler
[KAFKA-15412] - Reading an unknown version of quorum-state-file should trigger an error
[KAFKA-15465] - MM2 not working when its internal topics are pre-created on a cluster that disallows topic creation
[KAFKA-15473] - Connect connector-plugins endpoint shows duplicate plugins
[KAFKA-15481] - Concurrency bug in RemoteIndexCache leads to IOException
[KAFKA-15489] - split brain in KRaft cluster
[KAFKA-15491] - RackId doesn't exist error while running WordCountDemo
[KAFKA-15500] - Code bug in SslPrincipalMapper.java
[KAFKA-15502] - Handle large keystores in SslEngineValidator
[KAFKA-15507] - adminClient should not throw retriable exception when closing instance
[KAFKA-15510] - Follower's lastFetchedEpoch wrongly set when fetch response has no record
[KAFKA-15511] - Exception not handled correctly if indexFile is corrupted.
[KAFKA-15537] - Unsafe metadata.version downgrade is not supported
[KAFKA-15571] - StateRestoreListener#onRestoreSuspended is never called because wrapper DelegatingStateRestoreListener doesn't implement onRestoreSuspended
[KAFKA-15602] - Breaking change in 3.4.0 ByteBufferSerializer
[KAFKA-15605] - Topics marked for deletion in ZK are incorrectly migrated to KRaft
[KAFKA-15607] - Possible NPE is thrown in MirrorCheckpointTask
[KAFKA-15644] - Fix CVE-2023-4586 in netty:handler
[KAFKA-15653] - NPE in ChunkedByteStream
[KAFKA-15658] - Zookeeper.jar | CVE-2023-44981
[KAFKA-15680] - Partition-Count is not getting updated Correctly in the Incremental Co-operative Rebalancing(ICR) Mode of Rebalancing
[KAFKA-15689] - KRaftMigrationDriver not logging the skipped event when expected state is wrong
[KAFKA-15693] - Disabling scheduled rebalance delay in Connect can lead to indefinitely unassigned connectors and tasks
[KAFKA-15695] - Local log start offset is not updated on the follower after rebuilding remote log auxiliary state
[KAFKA-15704] - ControllerRegistrationRequest must set ZkMigrationReady field if appropriate
[KAFKA-15755] - LeaveGroupResponse v0-v2 should handle no members
[KAFKA-15771] - ProduceRequest#partitionSizes() is not an atomic operation
[KAFKA-15799] - ZK brokers incorrectly handle KRaft metadata snapshots
[KAFKA-15800] - Malformed connect source offsets corrupt other partitions with DataException
[KAFKA-15802] - Trying to access uncopied segments metadata on listOffsets
[KAFKA-15817] - Avoid reconnecting to the same IP address if multiple addresses are available
[KAFKA-15819] - KafkaServer leaks KafkaRaftManager when ZK migration enabled
[KAFKA-15824] - SubscriptionState's maybeValidatePositionForCurrentLeader should handle partition which isn't subscribed yet
[KAFKA-15825] - KRaft controller writes empty state to ZK after migration
[KAFKA-15836] - KafkaConsumer subscribes to multiple topics does not respect max.poll.records
[KAFKA-15860] - ControllerRegistration must be written out to the metadata image
[KAFKA-15888] - DistributedHerder log context should not use the same client ID for each Connect worker by default
[KAFKA-15890] - Consumer.poll with long timeout unaware of assigned partitions
[KAFKA-15904] - Downgrade tests are failing with directory.idÂ
[KAFKA-15932] - Flaky test - PlaintextConsumerTest.testSeek("kraft+kip-848","consumer")
[KAFKA-15946] - AsyncKafkaConsumer should retry commits on the application thread instead of auto-retry
[KAFKA-15965] - Test failure: org.apache.kafka.common.requests.BrokerRegistrationRequestTest
[KAFKA-15967] - Fix revocation in reconcilation logic
[KAFKA-15978] - New consumer sends OffsetCommit with empty member ID
[KAFKA-15986] - New consumer group protocol integration test failures
[KAFKA-16005] - ZooKeeper to KRaft migration rollback missing disabling controller and migration configuration on brokers
[KAFKA-16012] - Incomplete range assignment in consumer
[KAFKA-16015] - kafka-leader-election timeout values always overwritten by default values
[KAFKA-16017] - Checkpointed offset is incorrect when task is revived and restoring
[KAFKA-16029] - Investigate cause of "Unable to find FetchSessionHandler for node X" in logs
[KAFKA-16046] - Stream Stream Joins fail after restoration with deserialization exceptions
[KAFKA-16078] - Be more consistent about getting the latest MetadataVersion
[KAFKA-16085] - remote copy lag bytes/segments metrics don't update all topic value
[KAFKA-16094] - BrokerRegistrationRequest.logDirs field must be ignorable
[KAFKA-16101] - KRaft migration rollback documentation is incorrect
[KAFKA-16120] - Fix partition reassignment during ZK migration
[KAFKA-16131] - Repeated UnsupportedVersionException logged when running Kafka 3.7.0-RC2 KRaft cluster with metadata version 3.6
[KAFKA-16133] - Commits during reconciliation always time out
[KAFKA-16141] - StreamsStandbyTask##test_standby_tasks_rebalanceArguments:{ “metadata_quorumâ€: “ISOLATED_KRAFTâ€, “use_new_coordinatorâ€: false} fails consistently in 3.7
[KAFKA-16144] - Controller leader checkQuorum timer should skip only 1 controller case
[KAFKA-16157] - Topic recreation with offline disk doesn't update leadership/shrink ISR correctly
[KAFKA-16162] - New created topics are unavailable after upgrading to 3.7
[KAFKA-16216] - Reduce batch size for initial metadata load during ZK migration
[KAFKA-16221] - IllegalStateException from Producer
Elasticsearch 8.12.2
Bug fixes:
Application:
Authentication:
Downsampling:
ES|QL:
Indices APIs:
Ingest Node:
Machine Learning:
Network:
Search:
Snapshot/Restore:
Transform:
Jenkins 2.446
Community reported issues: 2×JENKINS-72759
Keycloak 23.0.7
Enhancements:
Bugs:
Kibana 8.12.2
Bug Fixes:
Alerting:
Elastic Security:
For the Elastic Security 8.12.2 release information, refer to Elastic Security Solution Release Notes.
Fleet:
Machine Learning:
Management:
Observability:
Plugins:
Prometheus 2.50.0 and 2.50.1
[BUGFIX – 2.25.1] API: Fix metadata API using wrong field names. #13633
[CHANGE] Remote Write: Error storage.ErrTooOldSample is now generating HTTP error 400 instead of HTTP error 500. #13335
[FEATURE] Remote Write: Drop old inmemory samples. Activated using the config entry sample_age_limit. #13002
[FEATURE] Experimental: Add support for ingesting zeros as created timestamps. (enabled under the feature-flag created-timestamp-zero-ingestion). #12733 #13279
[FEATURE] Promtool: Add analyze histograms command. #12331
[FEATURE] TSDB/compaction: Add a way to enable overlapping compaction. #13282 #13393 #13398
[FEATURE] Add automatic memory limit handling. Activated using the feature flag. auto-gomemlimit #13395
[ENHANCEMENT] Promtool: allow specifying multiple matchers in promtool tsdb dump. #13296
[ENHANCEMENT] PromQL: Restore more efficient version of NewPossibleNonCounterInfo annotation. #13022
[ENHANCEMENT] Kuma SD: Extend configuration to allow users to specify client ID. #13278
[ENHANCEMENT] PromQL: Use natural sort in sort_by_label and sort_by_label_desc. This is experimental. #13411
[ENHANCEMENT] Native Histograms: support native_histogram_min_bucket_factor in scrape_config. #13222
[ENHANCEMENT] Native Histograms: Issue warning if histogramRate is applied to the wrong kind of histogram. #13392
[ENHANCEMENT] TSDB: Make transaction isolation data structures smaller. #13015
[ENHANCEMENT] TSDB/postings: Optimize merge using Loser Tree. #12878
[ENHANCEMENT] TSDB: Simplify internal series delete function. #13261
[ENHANCEMENT] Agent: Performance improvement by making the global hash lookup table smaller. #13262
[ENHANCEMENT] PromQL: faster execution of metric functions, e.g. abs(), rate() #13446
[ENHANCEMENT] TSDB: Optimize label values with matchers by taking shortcuts. #13426
[ENHANCEMENT] Kubernetes SD: Check preconditions earlier and avoid unnecessary checks or iterations in kube_sd. #13408
[ENHANCEMENT] Promtool: Improve visibility for promtool test rules with JSON colored formatting. #13342
[ENHANCEMENT] Consoles: Exclude iowait and steal from CPU Utilisation. #9593
[ENHANCEMENT] Various improvements and optimizations on Native Histograms. #13267, #13215, #13276 #13289, #13340
[BUGFIX] Scraping: Fix quality value in HTTP Accept header. #13313
[BUGFIX] UI: Fix usage of the function time() that was crashing. #13371
[BUGFIX] Azure SD: Fix SD crashing when it finds a VM scale set. #13578
RabbitMQ 3.13.0
This release includes several new features, optimizations, internal changes in preparation for RabbitMQ 4.x, and an updated documentation website. The user-facing areas that have seen the biggest improvements in this release are:
Bug Fixes:
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Nginx 1.25.4
*) Security: when using HTTP/3 a segmentation fault might occur in a worker process while processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
*) Bugfix: connections with pending AIO operations might be closed prematurely during graceful shutdown of old worker processes.
*) Bugfix: socket leak alerts no longer logged when fast shutdown was requested after graceful shutdown of old worker processes.
*) Bugfix: a socket descriptor error, a socket leak, or a segmentation fault in a worker process (for SSL proxying) might occur if AIO was used in a subrequest.
*) Bugfix: a segmentation fault might occur in a worker process if SSL proxying was used along with the "image_filter" directive and errors with code 415 were redirected with the "error_page" directive.
*) Bugfixes and improvements in HTTP/3.
Cassandra 4.1.4
* Memoize Cassandra verion and add a backoff interval for failed schema pulls (CASSANDRA-18902)
* Fix StackOverflowError on ALTER after many previous schema changes (CASSANDRA-19166)
* Fixed the inconsistency between distributedKeyspaces and distributedAndLocalKeyspaces (CASSANDRA-18747)
* Internode legacy SSL storage port certificate is not hot reloaded on update (CASSANDRA-18681)
* Nodetool paxos-only repair is no longer incremental (CASSANDRA-18466)
* Waiting indefinitely on ReceivedMessage response in StreamSession#receive() can cause deadlock (CASSANDRA-18733)
* Allow empty keystore_password in encryption_options (CASSANDRA-18778)
* Skip ColumnFamilyStore#topPartitions initialization when client or tool mode (CASSANDRA-18697)
Merged from 4.0:
* Skip version check if an endpoint is dead state in Gossiper#upgradeFromVersionSupplier (CASSANDRA-19187)
* Fix Gossiper::hasMajorVersion3Nodes to return false during minor upgrade (CASSANDRA-18999)
* Revert unnecessary read lock acquisition when reading ring version in TokenMetadata introduced in CASSANDRA-16286 (CASSANDRA-19107)
* Support max SSTable size in sorted CQLSSTableWriter (CASSANDRA-18941)
* Fix nodetool repair_admin summarize-pending command to not throw exception (CASSANDRA-19014)
* Fix cassandra-stress in simplenative mode with prepared statements (CASSANDRA-18744)
* Fix filtering system ks sstables for relocation on startup (CASSANDRA-18963)
* Remove completed coordinator sessions (CASSANDRA-18903)
* Make StartupConnectivityChecker only run a connectivity check if there are no nodes which are running a version prior to Cassandra 4 (CASSANDRA-18968)
* Retrieve keyspaces metadata and schema version concistently in DescribeStatement (CASSANDRA-18921)
* Gossip NPE due to shutdown event corrupting empty statuses (CASSANDRA-18913)
* Fix closing iterator in SecondaryIndexBuilder (CASSANDRA-18361)
* Update hdrhistogram to 2.1.12 (CASSANDRA-18893)
* Improve performance of compactions when table does not have an index (CASSANDRA-18773)
* JMH improvements - faster build and async profiler (CASSANDRA-18871)
* Enable 3rd party JDK installations for Debian package (CASSANDRA-18844)
* Fix NTS log message when an unrecognized strategy option is passed (CASSANDRA-18679)
* Fix BulkLoader ignoring cipher suites options (CASSANDRA-18582)
* Migrate Python optparse to argparse (CASSANDRA-17914)
Merged from 3.11:
* Fix delayed SSTable release with unsafe_aggressive_sstable_expiration (CASSANDRA-18756)
* Revert CASSANDRA-18543 (CASSANDRA-18854)
* Fix NPE when using udfContext in UDF after a restart of a node (CASSANDRA-18739)
Merged from 3.0:
* Suppress CVE-2023-6378 (CASSANDRA-19142)
* Do not set RPC_READY to false on transports shutdown in order to not fail counter updates for deployments with coordinator and storage nodes with transports turned off (CASSANDRA-18935)
* Suppress CVE-2023-44487 (CASSANDRA-18943)
* Fix nodetool enable/disablebinary to correctly set rpc readiness in gossip (CASSANDRA-18935)
* Implement the logic in bin/stop-server (CASSANDRA-18838)
* Upgrade snappy-java to 1.1.10.4 (CASSANDRA-18878)
* Add cqlshrc.sample and credentials.sample into Debian package (CASSANDRA-18818)
* Refactor validation logic in StorageService.rebuild (CASSANDRA-18803)
* Make alternation of a user type validate the same way as creation of a user type does (CASSANDRA-18585)
* CQLSH emits a warning when the server version doesn't match (CASSANDRA-18745)
* Fix missing speculative retries in tablestats (CASSANDRA-18767)
* Fix Requires for Java for RPM package (CASSANDRA-18751)
* Fix CQLSH online help topic link (CASSANDRA-17534)
* Remove unused suppressions (CASSANDRA-18724)
Node.js 21.6.2
This is a security release.
Notable changes:
- CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
- CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
- CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High)
- CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High)
- CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
- CVE-2024-21891 - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
- CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
- CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
- undici version 5.28.3
- libuv version 1.48.0
- OpenSSL version 3.0.13+quic1
Angular 17.2.1
-fix broken version detection condition
Camel 4.4.0
BUG (36):
CAMEL-20401 camel-kudu: Potential NullPointerException on endpoint stop
CAMEL-20399 String to short type conversion fails
CAMEL-20394 camel-jbang wrong transformation when rests and routes tags are used together
CAMEL-20392 camel-jq - Inclined jq in simple language should keep quotes
CAMEL-20380 Kafka Batch Consumer: doesn't honor the poll timeout set
CAMEL-20378 Languages that can take source from header or property is not thread safe
CAMEL-20375 Camel-ical: Camel-20370 brought a NPE in some cases
CAMEL-20373 camel-kafka - KafkaIdempotentRepository may allow some duplicates after application restart
CAMEL-20370 dataformat configurer is not generated for camel-beanio
CAMEL-20362 Camel-Netty-HTTP: Headers validation should be enabled by default
CAMEL-20356 camel-core - LoggerHelper returns wrong name for source code line precise
CAMEL-20354 camel-jbang - Using camel run --source-dir component should be able to load from classpath
CAMEL-20352 camel.springboot.includeNonSingletons is not respected anymore: prototype Route Builders are always initialized.
CAMEL-20351 Camel Jbang execution from remote file doesn't work anymore
CAMEL-20350 camel-observation - Null values should be null instead of a string null literal value
CAMEL-20349 camel-salesforce: ClassCastException when a request is retried after a 401
CAMEL-20342 camel-openapi-java - NPE in OpenApiHelper
CAMEL-20340 camel-jbang - camel dependency list throws Exception for dataformats
CAMEL-20339 camel-yaml-dsl - Saga EIP with options causes NPE
CAMEL-20334 AWS S3 cloudevents data type does not set proper data Content-Type
CAMEL-20307 camel-quickfix -Queue Full
CAMEL-20301 Camel retains objects when restarting route via policy
CAMEL-20292 Probable bug in DependencyDownloaderConsole - inverted flags in output
CAMEL-20280 camel-jcache - JCachePolicy does not init bypassExpression
CAMEL-20262 camel-spring-boot - TomcatEmbeddedWebappClassLoader return nested instead file in jar file path
CAMEL-20254 camel-http - pre-emptive authentication breaks basic auth
CAMEL-20250 camel-kinesis: resume API fails to resume properly
CAMEL-20248 camel-salesforce: Most integration tests failing
CAMEL-20239 Camel-Azure-Files: The component doesn't set account parameter on the URI
CAMEL-20232 camel-core - Kamelets with Enrich and PollEnrich dynamic endpoints with template parameters
CAMEL-20218 KafkaIdempotentRepository cache incorrectly flagged as ready
CAMEL-20121 camel-smpp SMPPSession should be closed after receiving Unbind from peer
CAMEL-19849 camel-zipfile: fails to release exchange due to Exceptions
CAMEL-19262 camel-azure-eventbus - Apache Camel wrapper for Service Bus stops receiving message.
CAMEL-17722 MDC - custom properties in MDC Unit Of Work are not cleared at the end of route
CAMEL-17721 MDC - custom MDC property value is fixed to first assigned value by MDCUnitOfWork
DEPENDENCY UPGRADE (6):
CAMEL-20344 camel-spring-boot - Upgrade to 3.2.2
CAMEL-20278 Upgrade Wildfly Elytron to 2.x version
CAMEL-20116 Upgrade to Jackson BOM 2.16.0
CAMEL-19971 Camel-Consul: Consul-client repository is now read only
CAMEL-19722 camel-etcd3 - Upgrade jedtc to 0.7.6
CAMEL-19620 camel-coap - Upgrade to Californium Scandium 3.x
IMPROVEMENT (51):
CAMEL-20409 camel-core - ModelReifierFactory should detect custom on classpath
CAMEL-20403 Support Knative broker as source/sink in Pipe
CAMEL-20400 Support for Knative SinkBinding
CAMEL-20398 camel-kubernetes - Add option on component to create kubernetes client
CAMEL-20396 camel-kudu: Allow KuduClient to be autowired
CAMEL-20391 camel-core - All languages should support expression loaded from external resource
CAMEL-20387 camel-tracing - Use case insensitive headers
CAMEL-20386 camel-jq - Add @JQ for bean annotation
CAMEL-20382 camel-kafka - RecordMetadata header should be named like the other headers
CAMEL-20376 camel-xpath - XPath language add support for variables
CAMEL-20369 camel-beanio - Bring back beanio as v3
CAMEL-20365 camel-ftp - Add option to configure yes/no answer to create known host file
CAMEL-20364 camel-jms - Remove JMSCorrelationIDAsBytes header as its not needed
CAMEL-20363 camel-jms - Make getting JMSCorrelationID more robust for brokers that has bugs
CAMEL-20359 camel-groovy - Consistent name to refer to exchangeProperties
CAMEL-20358 camel-microprofile-config: CamelMicroProfilePropertiesSource should consider active profiles when loading properties
CAMEL-20355 Throttle EIP: milliseconds not available anymore
CAMEL-20346 camel-core - Simple language contains function can be improved
CAMEL-20345 camel-core - Simple binary operator in predicates better detected by predicate parser
CAMEL-20308 Change order of camel-spring-boot-bom and spring-boot-dependencies in dependencyManamgent
CAMEL-20306 Camel-CassandraQL: Add ObjectInputFilter String pattern parameter in CassandraAggregationRepository to be used in unmarshall operations
CAMEL-20303 Camel-Sql: Add ObjectInputFilter String pattern parameter in JdbcAggregationRepository to be used in unmarshall operations
CAMEL-20298 Enhancing JSONata Compatibility for Full Reference Port
CAMEL-20281 Camel-AWS Components: Make it possible to use AwsSessionCredentials to support temporary credentials
CAMEL-20275 components - Mark options that can are used for text inputs such as a SQL query
CAMEL-20274 camel-management - Add option to allow updating routes
CAMEL-20273 camel-jbang - Stub dataformat and language during export
CAMEL-20271 Camel-AWS-Cloudtrail: Improve consumers by adding more information as exchange headers
CAMEL-20258 [JBang] Use quartz out of the box for camel-cron
CAMEL-20253 camel-jbang - Add support for jolokia 2.x
CAMEL-20249 camel-jbang - Reload routes with micrometer should clean up old routes
CAMEL-20247 Rework Dynamic Router EIP Component
CAMEL-20246 camel-core - WireTap should not create correlated exchange copy
CAMEL-20245 camel-jbang - Startup should log http summary if already started such as when using supervised route controller
CAMEL-20243 camel-main - Move route controller options into its own group
CAMEL-20242 camel-routes health check reports UP right before routes were attempted to be setup when using supervising route controller
CAMEL-20241 camel-jbang - Pretty print xml body should not have noisy empty lines
CAMEL-20238 Add spring-boot-starter-jdbc dependency to camel-spring-jdbc-starter
CAMEL-20236 camel-salesforce: add missing properties to bulk 2.0 Job class
CAMEL-20233 camel-jbang - camel catalog other does not list kotlin-dsl
CAMEL-20231 camel-jasypt - make generators configurable
CAMEL-20230 camel-core - PollEnrich and Enrich EIP should eager start component if possible
CAMEL-20228 camel-jbang - camel export doesn't recognize component in pollenrich
CAMEL-20219 Add Protobuf data type transformer
CAMEL-20202 camel-azure - Consumers should avoid loading entire payload into memory
CAMEL-19956 camel-jbang - Run with custom log4j2.properties file
CAMEL-19413 camel-parquet-avro: add some defaulted values as options on dataformat to make it more configurable
CAMEL-19411 camel-kamelet - Should be using noErrorHandler
CAMEL-18969 Support mongodb connection string/uri to configure camel-mongodb component
CAMEL-18590 Camel-Azure components: Define a unique configuration for authentication
CAMEL-14028 Allow DataFormats to unmarshal known data formats without first converting to bytes
NEW FEATURE (25):
CAMEL-20408 camel-core - Tracer should include exchange variables
CAMEL-20406 camel-core - Route scoped variables
CAMEL-20379 [camel-test-infra-cli] Improve container configuration, adding external maven repositories
CAMEL-20338 Camel JMS producer should add headers
CAMEL-20336 Add a WebAssembly component and language
CAMEL-20333 Kotlin API
CAMEL-20289 camel-core - FluentProducerTemplate - Add withVariable and withProperty
CAMEL-20288 camel-core - Convert header and variable To another name
CAMEL-20286 camel-netty: add support for native transport over KQueue
CAMEL-20285 camel-json-validator: Add ability to configure ObjectMapper using endpoint properties
CAMEL-20277 camel-grpc: gRPC proxy with streaming
CAMEL-20270 Introduce plugins for Camel JBang
CAMEL-20251 Add Camel K commands to Camel JBang
CAMEL-20229 Camel-Azure-Storage-Queue: Add CloudEvents Data Type Transformer
CAMEL-20223 Camel-Spring-Boot: Camel Azure Key Vault should Support Azure Identity in the component and secrets function
CAMEL-20220 Camel Azure Key Vault: Support Azure Identity in the component and secrets function
CAMEL-19749 camel-core - Allow users to use variables in route to store data instead of headers
CAMEL-19241 Adding a Kafka Batch Consumer
CAMEL-18559 Components which do remote communication should be marked as such
CAMEL-18082 camel-jbang - Prompt mode for required values
CAMEL-17825 Hash generator in the Simple language
CAMEL-17719 camel-salesforce: allow to retrieve CDC json schema from meta service
CAMEL-16064 camel-kafka - Add batching consumer
CAMEL-15570 camel-jte - Template Engine component
CAMEL-15252 Google Pubsub Component manual acknowledgement mode
Tomcat 10.1.19
Catalina:
tomcat-enbed-core.jar
by removing reference to org.apache.catalina.ssi
package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt)\r\n
sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt)ApplicationHttpRequest
and ApplicationRequest
. (markt)Coyote:
null
value for a cookie attribute should remove the attribute. (markt)AsyncListener.onError()
has returned to the container, only container threads can access the AsyncContext
. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext
.SSLContext
instances configured on SSLHostConfigCertificate
instances. Based on pull request #673 provided by Hakan Altındağ. (markt)String
for request URI, HTTP header names and the request Content-Type
value to improve performance by reducing repeated byte[]
to String
conversions. (markt)Jasper:
WebSocket:
UpgradeProcessor
leak in some circumstances. (markt)Web Applications:
Other:
Docker compose 2.24.6
Fixes:
Internal:
Grafana 10.3.3
Bug fixes:
Kubernetes 1.29.2
Feature:
Bug or Regression:
PHP Interpreter 8.3.3
Core:
Fixed timer leak in zend-max-execution-timers builds.
Fixed bug GH-12349 (linking failure on ARM with mold).
Fixed bug GH-13097 (Anonymous class reference in trigger_error / thrown Exception).
Fixed bug GH-13177 (PHP 8.3.2: final private constructor not allowed when used in trait).
Fixed bug GH-13215 (GCC 14 build failure).
Curl:
Fix missing error check in curl_multi_init().
FPM:
Fixed bug GH-12996 (Incorrect SCRIPT_NAME with Apache ProxyPassMatch when plus in path).
GD:
Fixed bug GH-10344 (imagettfbbox(): Could not find/open font UNC path).
Fixed bug GH-10614 (imagerotate will turn the picture all black, when rotated 90).
LibXML:
Fix crashes with entity references and predefined entities.
MySQLnd:
Fixed bug GH-12107 (When running a stored procedure (that returns a result set) twice, PHP crashes).
Opcache:
Fixed bug GH-13145 (strtok() is not comptime).
Fixed type inference of range().
Fixed bug GH-13232 (Segmentation fault will be reported when JIT is off but JIT_debug is still on).
OpenSSL:
Fixed LibreSSL undefined reference when OPENSSL_NO_ENGINE not set. (David Carlier).
PDO_Firebird:
Fix GH-13119 (Changed to convert float and double values into strings using `H` format).
Phar:
Fixed bug #71465 (PHAR doesn't know about litespeed).
Fixed bug GH-13037 (PharData incorrectly extracts zip file).
Random:
Fixed bug GH-13138 (Randomizer::pickArrayKeys() does not detect broken engines).
Session:
Fixed bug GH-12504 (Corrupted session written when there's a fatal error in autoloader).
Standard:
Fixed bug GH-13094 (range(9.9, '0') causes segmentation fault).
Streams:
Fixed bug GH-13071 (Copying large files using mmap-able source streams may exhaust available memory and fail).
RabbitMQ 3.12.13
Core Broker
Bug Fixes:
CLI Tools
Enhancement:
GitHub issue: #10461
Bug Fixes:
Stream Plugin
Bug Fixes:
Management Plugin
Bug Fixes:
Shovel Plugin
Bug Fixes:
Federation Plugin
Bug Fixes:
Solr 9.5.0
New Features (3):
Improvements (24):
Optimizations (2):
Bug Fixes (11):
AWX 23.8.1
What's Changed:
AWX Operator:
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Apache Kafka 3.6.1
Improvement:
[KAFKA-15415] - In Java-client, backoff should be skipped for retried producer-batch to a new leader
[KAFKA-15596] - Upgrade ZooKeeper to 3.8.3
Bug:
[KAFKA-13973] - block-cache-capacity metrics worth twice as much as normal
[KAFKA-14767] - Gradle build fails with missing commitId after git gc
[KAFKA-15481] - Concurrency bug in RemoteIndexCache leads to IOException
[KAFKA-15491] - RackId doesn't exist error while running WordCountDemo
[KAFKA-15502] - Handle large keystores in SslEngineValidator
[KAFKA-15552] - Duplicate Producer ID blocks during ZK migration
[KAFKA-15571] - StateRestoreListener#onRestoreSuspended is never called because wrapper DelegatingStateRestoreListener doesn't implement onRestoreSuspended
[KAFKA-15602] - Breaking change in 3.4.0 ByteBufferSerializer
[KAFKA-15605] - Topics marked for deletion in ZK are incorrectly migrated to KRaft
[KAFKA-15607] - Possible NPE is thrown in MirrorCheckpointTask
[KAFKA-15644] - Fix CVE-2023-4586 in netty:handler
[KAFKA-15653] - NPE in ChunkedByteStream
[KAFKA-15658] - Zookeeper.jar | CVE-2023-44981
[KAFKA-15680] - Partition-Count is not getting updated Correctly in the Incremental Co-operative Rebalancing(ICR) Mode of Rebalancing
[KAFKA-15693] - Disabling scheduled rebalance delay in Connect can lead to indefinitely unassigned connectors and tasks
[KAFKA-15755] - LeaveGroupResponse v0-v2 should handle no members
[KAFKA-15771] - ProduceRequest#partitionSizes() is not an atomic operation
[KAFKA-15799] - ZK brokers incorrectly handle KRaft metadata snapshots
[KAFKA-15800] - Malformed connect source offsets corrupt other partitions with DataException
[KAFKA-15802] - Trying to access uncopied segments metadata on listOffsets
[KAFKA-15825] - KRaft controller writes empty state to ZK after migration
GitLab Security Release: 16.8.2, 16.7.5, 16.6.7
Table of fixes:
Title | Severity |
---|---|
Restrict group access token creation for custom roles | Medium |
Project maintainers can bypass group's scan result policy block_branch_modification setting | Medium |
ReDoS in CI/CD Pipeline Editor while verifying Pipeline syntax | Medium |
Resource exhaustion using GraphQL vulnerabilitiesCountByDay | Medium |
Elasticsearch 8.12.1
Bug fixes:
Allocation
Application
Data streams
Downsampling
ES|QL
Infra/Resiliency
Ingest Node
Machine Learning
Network
Search
Snapshot/Restore
TSDB
Transform
Kibana 8.12.1
Enhancements:
Elastic Security
Observability
Bug Fixes:
Alerting
APM
Dashboard
Elastic Security
Fleet
Lens & Visualizations
Machine Learning
Security
Plugins:
Http Filter - 1.5.1
Syslog_pri Filter - 3.2.1:
Logstash Integration - 1.0.2
PostgreSQL 16.2
E.1.2. Changes:
Sonatype Nexus Repository 3.65.0
NEXUS-34334:
NEXUS-34968:
NEXUS-36807:
NEXUS-39665:
NEXUS-39881:
NEXUS-40111:
NEXUS-40213:
NEXUS-40378:
NEXUS-40680:
NEXUS-40987:
NEXUS-40994:
NEXUS-41211:
This week, read about:
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
Full Changelog
EtcD 3.5.12
etcd server
Dependencies
Jenkins 2.443
Community reported issues: 2×JENKINS-72592
Keycloak 23.0.6
Bugs
AWX 23.7.0
What's Changed
As open source support experts, we monitor community projects to ensure our customers’ environments include the latest releases and are protected against emerging threats. We share what we learn about important open source news including software releases, trending topics, and other related information including upcoming OpenLogic events in our OpenUpdate Weekly newsletter.
Complete the form to receive an email message when we post a new OpenUpdate.
If you have any questions about the content in this week’s newsletter, or are interested in getting support for your open source software, please contact one of our experts.
Learn more about the content in this newsletter and how you can achieve your goals with your choice of open source software.