OpenUpdate - May 2, 2023
Stay Informed
This week, read about:
Security Based Updates
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Non-Security Based Updates
Angular 17.3.6
CORE:
- (fix - 826861b1fa) | DeferBlockFixture.render should not wait for stability (#55271)
- (fix - 5cf14da35c) | makeActivatedRouteinject correct instance inside@deferblocks (#55374)
- (fix - 8979fba2c5) | skip defer timers on the server (#55480)
Ansible v2.15.11
Bugfixes:
- Fixes permission for cache json file from 600 to 644 (https://github.com/ansible/ansible/issues/82683).
- allow_duplicates - fix evaluating if the current role allows duplicates instead of using the initial value from the duplicate's cached role.
- ansible-test ansible-doc sanity test - do not remove underscores from plugin names in collections before calling ``ansible-doc`` (https://github.com/ansible/ansible/pull/82574).
- dnf5 - replace removed API calls
- unarchive modules now uses zipinfo options without relying on implementation defaults, making it more compatible with all OS/distributions.
- winrm - Do not raise another exception during cleanup when a task is timed out - https://github.com/ansible/ansible/issues/81095
Ansible: v2.14.16
Bugfixes:
- ansible-test ansible-doc sanity test - do not remove underscores from plugin names in collections before calling ``ansible-doc`` (https://github.com/ansible/ansible/pull/82574).
- winrm - Do not raise another exception during cleanup when a task is timed out - https://github.com/ansible/ansible/issues/81095
Ansible AWX 24.3.0
What's Changed:
* Cleaned the PostgreSQL 15 volume (@AlanCoding https://github.com/ansible/awx/pull/15083)
* Updated Galaxy collection CI checks with and without redirects (@TheRealHaoLiu https://github.com/ansible/awx/pull/15086)
* Allowed for manually restarting promote workflow (@shanemcd https://github.com/ansible/awx/pull/15095)
* Fixed awxkit uploads when re-running promote workflow (@shanemcd https://github.com/ansible/awx/pull/15096)
* Reverted accidental line deletion in the .workflows' ``promote.yml`` file (@shanemcd https://github.com/ansible/awx/pull/15097)
* Moved named URL init out of Middleware init (@chrismeyersfsu https://github.com/ansible/awx/pull/15085)
* Implemented optional URL prefix the Django way (@chrismeyersfsu https://github.com/ansible/awx/pull/15080)
* Fixed failure from DAB (@AlanCoding https://github.com/ansible/awx/pull/15102)
* Replaced role system (RBAC) with permissions-based database roles (@AlanCoding https://github.com/ansible/awx/pull/14905)
* Stored molecule debug output to GitHub artifacts (@TheRealHaoLiu https://github.com/ansible/awx/pull/15107)
* Used latest ``awx-ee`` in devel CI (@TheRealHaoLiu https://github.com/ansible/awx/pull/15098)
* Updated the requirements by using the released version of django-radius (@AlanCoding https://github.com/ansible/awx/pull/15103)
* Updated LDAP/SAML config dump commands (@jessicamack https://github.com/ansible/awx/pull/15106)
* Added a new attribute to the Terraform credential plugin which allows pushing of the Google GCE credentials file (@abikouo https://github.com/ansible/awx/pull/15055)
* Fixed missing ``fstring`` from wsrelay logging (@lucas-benedito https://github.com/ansible/awx/pull/15094)
* Fixed wsrelay connection leak (@TheRealHaoLiu https://github.com/ansible/awx/pull/15113)
* Removed repetitive words in the Issues template, _AWX Administration Guide_, and the docker-compose README file (@hugehope https://github.com/ansible/awx/pull/15101)
* Updated the example commands in the [Token-Based Authentication](https://ansible.readthedocs.io/projects/awx/en/latest/administration/oauth2_token_auth.html) chapter of the _AWX Administration Guide_ to omit using ``-X`` when not needed, and not defaulting to demonstrating ``-k`` (@jpmens https://github.com/ansible/awx/pull/15054)
* Updated the Makefile to use ``$(shell ...)`` to filter the redis docker volumes (@jbradberry https://github.com/ansible/awx/pull/15115)
* Fixed instance peering pagination (@fosterseth https://github.com/ansible/awx/pull/15108)
* Backported previously approved corrections in the _AWX Administration Guide_ and _AWX User Guide_ (@tvo318 https://github.com/ansible/awx/pull/15121)
New Contributors:
* @hugehope made their first contribution in https://github.com/ansible/awx/pull/15101
**Full Changelog**: https://github.com/ansible/awx/compare/24.2.0...24.3.0
Known Issues:
* Existing ``/api/v2/roles/`` type endpoints will be missing system auditor & admin roles
* Organization auditors will lose view permission to job templates that use inventories in their organization, but existing permissions are preserved via a data migration
* Existing role-related endpoints are marked as deprecated and a new set of endpoints for DB-backed role management are introduced
* #15137
* #15136
AWX Operator:
Released with AWX Operator [v2.16.0](https://github.com/ansible/awx-operator/releases/tag/2.16.0)
Docker Compose v2.27.0
What's Changed
Improvements:
- Introduce --abort-on-container-failure (11680)
- Introduce --all-resources to not exclude resources not used by services (11702)
- Introduce support for build.entitlements (11708)
Fixes:
- Don't use ansi espace sequence when disabled (11682)
- Ignore missing containers when compose down/stop -p (11692)
- Read COMPOSE_REMOVE_ORPHANS from .env file (11714)
- Always kills the containers on second Ctrl-C on docker compose up (11718)
- Fix progress timer and spinner (11725)
- Capture exit code for container being stopped, and return according to --exit-code-from (11715)
- Don't clear line when navigation is disabled (11733)
- Check container_name is not in use by another service we will create (11713)
- Do not try to create file shares for non-directories (11738)
- Remove overly-aggressive feature flag check (11748)
- Avoid to try to close channel twice after hitting Ctrl-C on compose up (11719)
- Fix support for --flag=value syntax in compatibility mode (11752)
- Fix menu print when logs/menu number of lines change (11765)
Internal:
- Remove dead url reference. (11700)
- Fix typo in comment (11744)
- Fix flaky cascade failure test (11739)
Dependencies:
- Bump Golang version to 1.21.9 (11684)
- Bump engine and cli to v26.0.1 (11736)
- Bump compose-go version to v2.1.0 (11756)
- Update to Moby v26.1 & buildx v0.14 (11750)
- Bump Buildkit to 0.13.1 (11762)
ETC-D v3.4.32
etcd server:
- Fix [LeaseTimeToLive returns error if leader changed](https://github.com/etcd-io/etcd/pull/17705).
- Fix [ignore raft messages if member id mismatch](https://github.com/etcd-io/etcd/pull/17814).
- Update [the compaction log when bootstrap](https://github.com/etcd-io/etcd/pull/17831).
- [Allow new server to join 3.5 cluster if `next-cluster-version-compatible=true`](https://github.com/etcd-io/etcd/pull/17665)
- [Allow updating the cluster version when downgrading from 3.5](https://github.com/etcd-io/etcd/pull/17821).
- Fix [Revision decreasing after panic during compaction](https://github.com/etcd-io/etcd/pull/17864)
Package `clientv3`:
- Add [requests retry when receiving ErrGPRCNotSupportedForLearner and endpoints > 1](https://github.com/etcd-io/etcd/pull/17692).
- Fix [initialization for epMu in client context](https://github.com/etcd-io/etcd/pull/17714).
Dependencies:
- Compile binaries using [go 1.21.9](https://github.com/etcd-io/etcd/pull/17709).
Gitlab FOSS v16.9.6
Security (5 changes):
- [Validation for encoded formatting characters](gitlab-org/security/gitlab@de8dc151e5ef3f07cf50839e50645df6ec12f5a5) ([merge request](gitlab-org/security/gitlab!3951))
- [Forbid untrusted sign-ins to GitLab with Bitbucket and fix related uid](gitlab-org/security/gitlab@94496a91c17a0f73202cd5c55abc93395825c68c) ([merge request](gitlab-org/security/gitlab!3985))
- [Ensure PAT scope is validated everywhere for GraphQL/ActionCable](gitlab-org/security/gitlab@0dccf32b71614584e05a8590b21a902220e8c701) ([merge request](gitlab-org/security/gitlab!3977))
- [Protect against ReDoS in FileFinder with wildcard filters](gitlab-org/security/gitlab@60a7418ec10f7c6f4ef9bcc75b2fec71255ddcc3) ([merge request](gitlab-org/security/gitlab!3961))
- [fix: Validate security report version against schema during parsing](gitlab-org/security/gitlab@ce709ff78fd8f18024383085d6ac0bf43fa2efbb) ([merge request](gitlab-org/security/gitlab!3957))
Gitlab FOSS v16.10.4
Fixed (1 change):
- [Update vulnerability_reads scanner in the ingestion pipeline](gitlab-org/security/gitlab@14b8876233e5dd29149426fd88bab0fc4f014d46) **GitLab Enterprise Edition**
Security (5 changes):
- [Validation for encoded formatting characters](gitlab-org/security/gitlab@4cd13c705ce1a94152fb2fd6fcaa77e90e6441e5) ([merge request](gitlab-org/security/gitlab!3950))
- [Forbid untrusted sign-ins to GitLab with Bitbucket and fix related uid](gitlab-org/security/gitlab@5d3c3a599cc5560dea2236474309537536428cdc) ([merge request](gitlab-org/security/gitlab!3984))
- [Ensure PAT scope is validated everywhere for GraphQL/ActionCable](gitlab-org/security/gitlab@079dfee8cff9da9075eec7c03ce002e87eeebfff) ([merge request](gitlab-org/security/gitlab!3976))
- [Protect against ReDoS in FileFinder with wildcard filters](gitlab-org/security/gitlab@0e7e54050f1c4829b1d55aac85bd4e9cd96f1580) ([merge request](gitlab-org/security/gitlab!3960))
- [fix: Validate security report version against schema during parsing](gitlab-org/security/gitlab@217040b1062caad501d60af387c47cff758788a1) ([merge request](gitlab-org/security/gitlab!3956))
Gitlab FOSS v16.11.1
Security (5 changes):
- [Validation for encoded formatting characters](gitlab-org/security/gitlab@fc42e4b96ae1ac3cd766569d62d025cbf23ef16c) ([merge request](gitlab-org/security/gitlab!3979))
- [Forbid untrusted sign-ins to GitLab with Bitbucket and fix related uid](gitlab-org/security/gitlab@ef083c319e67072029787cd5c6a588562984a58c) ([merge request](gitlab-org/security/gitlab!3983))
- [Ensure PAT scope is validated everywhere for GraphQL/ActionCable](gitlab-org/security/gitlab@1847435210161d95b9c5fcd079380e7f2892195f) ([merge request](gitlab-org/security/gitlab!3975))
- [Protect against ReDoS in FileFinder with wildcard filters](gitlab-org/security/gitlab@dc16f3baa640ca8d5b223782ef3d58369423a1dd) ([merge request](gitlab-org/security/gitlab!3969))
- [fix: Validate security report version against schema during parsing](gitlab-org/security/gitlab@55e58d49051aa42938ec1d159b5e7eb3c47d2eb1) ([merge request](gitlab-org/security/gitlab!3967))
Jenkins-2.455
1. Remove ASM dependencies from core. (issue 73046))
Node.js v22.0.0
We're excited to announce the release of Node.js 22! Highlights include require()ing ESM graphs, WebSocket client, updates of the V8 JavaScript engine, and more! As a reminder, Node.js 22 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months. We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications.
Other Notable Changes:
- * \[[`25c79f3331`](https://github.com/nodejs/node/commit/25c79f3331)] - **esm**: drop support for import assertions (Nicolò Ribaudo) [#52104](https://github.com/nodejs/node/pull/52104)
- * \[[`818c10e86d`](https://github.com/nodejs/node/commit/818c10e86d)] - **lib**: improve perf of `AbortSignal` creation (Raz Luvaton) [#52408](https://github.com/nodejs/node/pull/52408)
- * \[[`4f68c7c1c9`](https://github.com/nodejs/node/commit/4f68c7c1c9)] - **watch**: mark as stable (Moshe Atlow) [#52074](https://github.com/nodejs/node/pull/52074)
- * \[[`02b0bc01fe`](https://github.com/nodejs/node/commit/02b0bc01fe)] - **(SEMVER-MAJOR)** **deps**: update V8 to 12.4.254.14 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`c975384264`](https://github.com/nodejs/node/commit/c975384264)] - **(SEMVER-MAJOR)** **lib**: enable WebSocket by default (Aras Abbasi) [#51594](https://github.com/nodejs/node/pull/51594)
- * \[[`1abff07392`](https://github.com/nodejs/node/commit/1abff07392)] - **(SEMVER-MAJOR)** **stream**: bump default highWaterMark (Robert Nagy) [#52037](https://github.com/nodejs/node/pull/52037)
- * \[[`1a5acd0638`](https://github.com/nodejs/node/commit/1a5acd0638)] - **(SEMVER-MAJOR)** **v8**: enable maglev on supported architectures (Keyhan Vakil) [#51360](https://github.com/nodejs/node/pull/51360)
- * \[[`128c60d906`](https://github.com/nodejs/node/commit/128c60d906)] - **(SEMVER-MINOR)** **cli**: implement `node --run <script-in-package-json>` (Yagiz Nizipli) [#52190](https://github.com/nodejs/node/pull/52190)
- * \[[`151d365ad1`](https://github.com/nodejs/node/commit/151d365ad1)] - **(SEMVER-MINOR)** **fs**: expose glob and globSync (Moshe Atlow) [#51912](https://github.com/nodejs/node/pull/51912)
- * \[[`5f7fad2605`](https://github.com/nodejs/node/commit/5f7fad2605)] - **(SEMVER-MINOR)** **module**: support require()ing synchronous ESM graphs (Joyee Cheung) [#51977](https://github.com/nodejs/node/pull/51977)
Semver-Major Commits:
- * \[[`2b1e7c2fcb`](https://github.com/nodejs/node/commit/2b1e7c2fcb)] - **(SEMVER-MAJOR)** **build**: compile with C++20 support on Windows (StefanStojanovic) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`12d00f1479`](https://github.com/nodejs/node/commit/12d00f1479)] - **(SEMVER-MAJOR)** **build**: reset embedder string to "-node.0" (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`5f08e11a3c`](https://github.com/nodejs/node/commit/5f08e11a3c)] - **(SEMVER-MAJOR)** **build**: reset embedder string to "-node.0" (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`94f0369d1d`](https://github.com/nodejs/node/commit/94f0369d1d)] - **(SEMVER-MAJOR)** **build**: reset embedder string to "-node.0" (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`58674cd1d8`](https://github.com/nodejs/node/commit/58674cd1d8)] - **(SEMVER-MAJOR)** **build**: reset embedder string to "-node.0" (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`60e836427e`](https://github.com/nodejs/node/commit/60e836427e)] - **(SEMVER-MAJOR)** **console**: treat non-strings as separate argument in console.assert() (Jacob Hummer) [#49722](https://github.com/nodejs/node/pull/49722)
- * \[[`d62ab3a1ef`](https://github.com/nodejs/node/commit/d62ab3a1ef)] - **(SEMVER-MAJOR)** **crypto**: runtime deprecate hmac constructor (Marco Ippolito) [#52071](https://github.com/nodejs/node/pull/52071)
- * \[[`de0602d190`](https://github.com/nodejs/node/commit/de0602d190)] - **(SEMVER-MAJOR)** **crypto**: runtime deprecate Hash constructor (Marco Ippolito) [#51880](https://github.com/nodejs/node/pull/51880)
- * \[[`215f4d04b7`](https://github.com/nodejs/node/commit/215f4d04b7)] - **(SEMVER-MAJOR)** **crypto**: move createCipher and createDecipher to eol (Marco Ippolito) [#50973](https://github.com/nodejs/node/pull/50973)
- * \[[`30801b8aaf`](https://github.com/nodejs/node/commit/30801b8aaf)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick cd10ad7cdbe5 (Joyee Cheung) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`521b629ab1`](https://github.com/nodejs/node/commit/521b629ab1)] - **(SEMVER-MAJOR)** **deps**: V8: revert CL 5331688 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`3795e97e6c`](https://github.com/nodejs/node/commit/3795e97e6c)] - **(SEMVER-MAJOR)** **deps**: patch V8 to support compilation with MSVC (StefanStojanovic) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`5bde9e677d`](https://github.com/nodejs/node/commit/5bde9e677d)] - **(SEMVER-MAJOR)** **deps**: silence internal V8 deprecation warning (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`46e628c6f2`](https://github.com/nodejs/node/commit/46e628c6f2)] - **(SEMVER-MAJOR)** **deps**: patch V8 to avoid duplicated zlib symbol (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`f824e40a82`](https://github.com/nodejs/node/commit/f824e40a82)] - **(SEMVER-MAJOR)** **deps**: remove usage of a C++20 feature from V8 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`d2c84c9a13`](https://github.com/nodejs/node/commit/d2c84c9a13)] - **(SEMVER-MAJOR)** **deps**: avoid compilation error with ASan (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`95d6045bdb`](https://github.com/nodejs/node/commit/95d6045bdb)] - **(SEMVER-MAJOR)** **deps**: disable V8 concurrent sparkplug compilation (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`00f55f5743`](https://github.com/nodejs/node/commit/00f55f5743)] - **(SEMVER-MAJOR)** **deps**: silence irrelevant V8 warning (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`764085aa66`](https://github.com/nodejs/node/commit/764085aa66)] - **(SEMVER-MAJOR)** **deps**: always define V8\_EXPORT\_PRIVATE as no-op (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`02b0bc01fe`](https://github.com/nodejs/node/commit/02b0bc01fe)] - **(SEMVER-MAJOR)** **deps**: update V8 to 12.4.254.14 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`0ec50a19dd`](https://github.com/nodejs/node/commit/0ec50a19dd)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick cd10ad7cdbe5 (Joyee Cheung) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`021b0b7dee`](https://github.com/nodejs/node/commit/021b0b7dee)] - **(SEMVER-MAJOR)** **deps**: V8: backport c4be0a97f981 (Richard Lau) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`681aaf85c7`](https://github.com/nodejs/node/commit/681aaf85c7)] - **(SEMVER-MAJOR)** **deps**: silence internal V8 deprecation warning (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`c563a1c4e4`](https://github.com/nodejs/node/commit/c563a1c4e4)] - **(SEMVER-MAJOR)** **deps**: patch V8 to support compilation with MSVC (Stefan Stojanovic) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`11e94b9987`](https://github.com/nodejs/node/commit/11e94b9987)] - **(SEMVER-MAJOR)** **deps**: patch V8 to avoid duplicated zlib symbol (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`856163e23c`](https://github.com/nodejs/node/commit/856163e23c)] - **(SEMVER-MAJOR)** **deps**: remove usage of a C++20 feature from V8 (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`b530214127`](https://github.com/nodejs/node/commit/b530214127)] - **(SEMVER-MAJOR)** **deps**: avoid compilation error with ASan (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`8054f69dd9`](https://github.com/nodejs/node/commit/8054f69dd9)] - **(SEMVER-MAJOR)** **deps**: disable V8 concurrent sparkplug compilation (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`dee908be42`](https://github.com/nodejs/node/commit/dee908be42)] - **(SEMVER-MAJOR)** **deps**: silence irrelevant V8 warning (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`cf069414ee`](https://github.com/nodejs/node/commit/cf069414ee)] - **(SEMVER-MAJOR)** **deps**: always define V8\_EXPORT\_PRIVATE as no-op (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`cc5792dd85`](https://github.com/nodejs/node/commit/cc5792dd85)] - **(SEMVER-MAJOR)** **deps**: update V8 to 12.3.219.16 (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`61a0d3b4c4`](https://github.com/nodejs/node/commit/61a0d3b4c4)] - **(SEMVER-MAJOR)** **deps**: V8: backport c4be0a97f981 (Richard Lau) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`f55380a725`](https://github.com/nodejs/node/commit/f55380a725)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick f8d5e576b814 (Richard Lau) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`b9d806a2dd`](https://github.com/nodejs/node/commit/b9d806a2dd)] - **(SEMVER-MAJOR)** **deps**: patch V8 to support compilation with MSVC (StefanStojanovic) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`63b58bc17b`](https://github.com/nodejs/node/commit/63b58bc17b)] - **(SEMVER-MAJOR)** **deps**: patch V8 to avoid duplicated zlib symbol (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`86056353c4`](https://github.com/nodejs/node/commit/86056353c4)] - **(SEMVER-MAJOR)** **deps**: remove usage of a C++20 feature from V8 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`2e0efc1c8d`](https://github.com/nodejs/node/commit/2e0efc1c8d)] - **(SEMVER-MAJOR)** **deps**: avoid compilation error with ASan (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`59e6f62e34`](https://github.com/nodejs/node/commit/59e6f62e34)] - **(SEMVER-MAJOR)** **deps**: disable V8 concurrent sparkplug compilation (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`0423f7e27e`](https://github.com/nodejs/node/commit/0423f7e27e)] - **(SEMVER-MAJOR)** **deps**: silence irrelevant V8 warning (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`f36620806d`](https://github.com/nodejs/node/commit/f36620806d)] - **(SEMVER-MAJOR)** **deps**: always define V8\_EXPORT\_PRIVATE as no-op (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`09a8440b45`](https://github.com/nodejs/node/commit/09a8440b45)] - **(SEMVER-MAJOR)** **deps**: update V8 to 12.2.281.27 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`0da3beebfc`](https://github.com/nodejs/node/commit/0da3beebfc)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick de611e69ad51 (Keyhan Vakil) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`b982335637`](https://github.com/nodejs/node/commit/b982335637)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick 0fd478bcdabd (Joyee Cheung) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`481a90116c`](https://github.com/nodejs/node/commit/481a90116c)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick 0f9ebbc672c7 (Chengzhong Wu) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`782addbdc3`](https://github.com/nodejs/node/commit/782addbdc3)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick 8f0b94671ddb (Lu Yahan) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`b682e7f540`](https://github.com/nodejs/node/commit/b682e7f540)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick f7d000a7ae7b (Luke Albao) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`a60090c52f`](https://github.com/nodejs/node/commit/a60090c52f)] - **(SEMVER-MAJOR)** **deps**: V8: cherry-pick 25902244ad1a (Joyee Cheung) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`8441d1fc18`](https://github.com/nodejs/node/commit/8441d1fc18)] - **(SEMVER-MAJOR)** **deps**: patch V8 to avoid duplicated zlib symbol (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`e8e9bbd7a9`](https://github.com/nodejs/node/commit/e8e9bbd7a9)] - **(SEMVER-MAJOR)** **deps**: remove usage of a C++20 feature from V8 (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`785d5cd006`](https://github.com/nodejs/node/commit/785d5cd006)] - **(SEMVER-MAJOR)** **deps**: avoid compilation error with ASan (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`7071c1dafd`](https://github.com/nodejs/node/commit/7071c1dafd)] - **(SEMVER-MAJOR)** **deps**: disable V8 concurrent sparkplug compilation (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`d1d60b297d`](https://github.com/nodejs/node/commit/d1d60b297d)] - **(SEMVER-MAJOR)** **deps**: silence irrelevant V8 warning (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`5b240c62f9`](https://github.com/nodejs/node/commit/5b240c62f9)] - **(SEMVER-MAJOR)** **deps**: always define V8\_EXPORT\_PRIVATE as no-op (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`d8c97e4857`](https://github.com/nodejs/node/commit/d8c97e4857)] - **(SEMVER-MAJOR)** **deps**: update V8 to 11.9.169.7 (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`b9df88a8c2`](https://github.com/nodejs/node/commit/b9df88a8c2)] - **(SEMVER-MAJOR)** **doc**: runtime deprecate flag --trace-atomics-wait (marco-ippolito) [#51179](https://github.com/nodejs/node/pull/51179)
- * \[[`9ba5df30b4`](https://github.com/nodejs/node/commit/9ba5df30b4)] - **(SEMVER-MAJOR)** **doc**: bump FreeBSD experimental support to 13.2 (Michaël Zasso) [#51231](https://github.com/nodejs/node/pull/51231)
- * \[[`900d79caf2`](https://github.com/nodejs/node/commit/900d79caf2)] - **(SEMVER-MAJOR)** **doc**: add migration paths for deprecated utils (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`8206f6bb7f`](https://github.com/nodejs/node/commit/8206f6bb7f)] - **(SEMVER-MAJOR)** **fs**: runtime deprecate fs.Stats constructor (Marco Ippolito) [#52067](https://github.com/nodejs/node/pull/52067)
- * \[[`c14133503a`](https://github.com/nodejs/node/commit/c14133503a)] - **(SEMVER-MAJOR)** **fs**: use private fields instead of symbols for `Dir` (Jungku Lee) [#51037](https://github.com/nodejs/node/pull/51037)
- * \[[`abbdc3efaa`](https://github.com/nodejs/node/commit/abbdc3efaa)] - **(SEMVER-MAJOR)** **fs**: make stats date fields lazy (Yagiz Nizipli) [#50908](https://github.com/nodejs/node/pull/50908)
- * \[[`4b76ccea95`](https://github.com/nodejs/node/commit/4b76ccea95)] - **(SEMVER-MAJOR)** **http**: preserve raw header duplicates in writeHead after setHeader calls (Tim Perry) [#50394](https://github.com/nodejs/node/pull/50394)
- * \[[`c975384264`](https://github.com/nodejs/node/commit/c975384264)] - **(SEMVER-MAJOR)** **lib**: enable WebSocket by default (Aras Abbasi) [#51594](https://github.com/nodejs/node/pull/51594)
- * \[[`351495e938`](https://github.com/nodejs/node/commit/351495e938)] - **(SEMVER-MAJOR)** **lib,test**: handle new Iterator global (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`a8b21fdc90`](https://github.com/nodejs/node/commit/a8b21fdc90)] - **(SEMVER-MAJOR)** **process**: wait for `'exit'` before printing result (Antoine du Hamel) [#52172](https://github.com/nodejs/node/pull/52172)
- * \[[`582ff5037c`](https://github.com/nodejs/node/commit/582ff5037c)] - **(SEMVER-MAJOR)** **src**: update NODE\_MODULE\_VERSION to 127 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`c5c4b50260`](https://github.com/nodejs/node/commit/c5c4b50260)] - **(SEMVER-MAJOR)** **src**: update NODE\_MODULE\_VERSION to 126 (Michaël Zasso) [#52293](https://github.com/nodejs/node/pull/52293)
- * \[[`d248639285`](https://github.com/nodejs/node/commit/d248639285)] - **(SEMVER-MAJOR)** **src**: use supported API to get stalled TLA messages (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`d34b02db4c`](https://github.com/nodejs/node/commit/d34b02db4c)] - **(SEMVER-MAJOR)** **src**: update default V8 platform to override functions with location (Etienne Pierre-Doray) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`d9c47e9b5f`](https://github.com/nodejs/node/commit/d9c47e9b5f)] - **(SEMVER-MAJOR)** **src**: add missing TryCatch (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`5cddd3b2d8`](https://github.com/nodejs/node/commit/5cddd3b2d8)] - **(SEMVER-MAJOR)** **src**: update NODE\_MODULE\_VERSION to 124 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`1528846ada`](https://github.com/nodejs/node/commit/1528846ada)] - **(SEMVER-MAJOR)** **src**: use non-deprecated v8::Uint8Array::kMaxLength (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`7166986626`](https://github.com/nodejs/node/commit/7166986626)] - **(SEMVER-MAJOR)** **src**: adapt to v8::Exception API change (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`4782818020`](https://github.com/nodejs/node/commit/4782818020)] - **(SEMVER-MAJOR)** **src**: use non-deprecated version of CreateSyntheticModule (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`2cff0ce411`](https://github.com/nodejs/node/commit/2cff0ce411)] - **(SEMVER-MAJOR)** **src**: update NODE\_MODULE\_VERSION to 122 (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`1abff07392`](https://github.com/nodejs/node/commit/1abff07392)] - **(SEMVER-MAJOR)** **stream**: bump default highWaterMark (Robert Nagy) [#52037](https://github.com/nodejs/node/pull/52037)
- * \[[`9efc84a2cb`](https://github.com/nodejs/node/commit/9efc84a2cb)] - **(SEMVER-MAJOR)** **test**: mark test-worker-arraybuffer-zerofill as flaky (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`84c2e712eb`](https://github.com/nodejs/node/commit/84c2e712eb)] - **(SEMVER-MAJOR)** **test**: mark some GC-related tests as flaky (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`cdc4437b87`](https://github.com/nodejs/node/commit/cdc4437b87)] - **(SEMVER-MAJOR)** **test**: allow slightly more diff in memory leak test (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`515b007fae`](https://github.com/nodejs/node/commit/515b007fae)] - **(SEMVER-MAJOR)** **test**: replace always-opt flag with alway-turbofan (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`2341805eb2`](https://github.com/nodejs/node/commit/2341805eb2)] - **(SEMVER-MAJOR)** **test**: remove tests that create very large buffers (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`941cef5636`](https://github.com/nodejs/node/commit/941cef5636)] - **(SEMVER-MAJOR)** **test**: adapt to new V8 trusted memory spaces (Michaël Zasso) [#50115](https://github.com/nodejs/node/pull/50115)
- * \[[`29de7f82cd`](https://github.com/nodejs/node/commit/29de7f82cd)] - **(SEMVER-MAJOR)** **test\_runner**: omit filtered test from output (Colin Ihrig) [#52221](https://github.com/nodejs/node/pull/52221)
- * \[[`00dc6d9d97`](https://github.com/nodejs/node/commit/00dc6d9d97)] - **(SEMVER-MAJOR)** **test\_runner**: improve `--test-name-pattern` to allow matching single test (Michał Drobniak) [#51577](https://github.com/nodejs/node/pull/51577)
- * \[[`5def8019d5`](https://github.com/nodejs/node/commit/5def8019d5)] - **(SEMVER-MAJOR)** **tools**: update V8 gypfiles for 12.4 (Michaël Zasso) [#52465](https://github.com/nodejs/node/pull/52465)
- * \[[`c22793d050`](https://github.com/nodejs/node/commit/c22793d050)] - **(SEMVER-MAJOR)** **tools**: roughly port v8\_abseil to gyp (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`ffb0302f0c`](https://github.com/nodejs/node/commit/ffb0302f0c)] - **(SEMVER-MAJOR)** **tools**: update V8 gypfiles for 12.2 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`aadea12440`](https://github.com/nodejs/node/commit/aadea12440)] - **(SEMVER-MAJOR)** **tools**: update V8 gypfiles for 12.1 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`7784773967`](https://github.com/nodejs/node/commit/7784773967)] - **(SEMVER-MAJOR)** **tools**: update V8 gypfiles for 12.0 (Michaël Zasso) [#51362](https://github.com/nodejs/node/pull/51362)
- * \[[`9fe0424baa`](https://github.com/nodejs/node/commit/9fe0424baa)] - **(SEMVER-MAJOR)** **trace\_events**: use private fields instead of symbols for `Tracing` (Jungku Lee) [#51180](https://github.com/nodejs/node/pull/51180)
- * \[[`e96cd25007`](https://github.com/nodejs/node/commit/e96cd25007)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.log (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`6cf20d5e43`](https://github.com/nodejs/node/commit/6cf20d5e43)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isUndefined (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`09e424921f`](https://github.com/nodejs/node/commit/09e424921f)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isSymbol (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`80b6bfd4e9`](https://github.com/nodejs/node/commit/80b6bfd4e9)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isString (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`d419edded9`](https://github.com/nodejs/node/commit/d419edded9)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isRegExp (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`e0b8de78ed`](https://github.com/nodejs/node/commit/e0b8de78ed)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isPrimitive (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`5478e1129a`](https://github.com/nodejs/node/commit/5478e1129a)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isObject (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`b05b1dd541`](https://github.com/nodejs/node/commit/b05b1dd541)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isNumber (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`5af9bf5f6a`](https://github.com/nodejs/node/commit/5af9bf5f6a)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isNullOrUndefined (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`860a10e10e`](https://github.com/nodejs/node/commit/860a10e10e)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isNull (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`70330f5c2b`](https://github.com/nodejs/node/commit/70330f5c2b)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isFunction (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`7c69c33acc`](https://github.com/nodejs/node/commit/7c69c33acc)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isError (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`a0c5b871a9`](https://github.com/nodejs/node/commit/a0c5b871a9)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isDate (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`3c670cb15d`](https://github.com/nodejs/node/commit/3c670cb15d)] - **(SEMVER-MAJOR)** **util**: runtime deprecation util.isBuffer (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`c17a448ca9`](https://github.com/nodejs/node/commit/c17a448ca9)] - **(SEMVER-MAJOR)** **util**: runtime deprecation util.isBoolean (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`fbb2f891aa`](https://github.com/nodejs/node/commit/fbb2f891aa)] - **(SEMVER-MAJOR)** **util**: runtime deprecate util.isArray (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`22d8062e42`](https://github.com/nodejs/node/commit/22d8062e42)] - **(SEMVER-MAJOR)** **util**: runtime deprecation util.\_extend (Marco Ippolito) [#50488](https://github.com/nodejs/node/pull/50488)
- * \[[`1a5acd0638`](https://github.com/nodejs/node/commit/1a5acd0638)] - **(SEMVER-MAJOR)** **v8**: enable maglev on supported architectures (Keyhan Vakil) [#51360](https://github.com/nodejs/node/pull/51360)
Wildfly 32.0.0.Final
RELEASE NOTES - WILDFLY - VERSION 32.0.0.FINAL
For the most up-to-date list of all issues resolved, including those resolved as fixed in WildFly 32 after the release date, see the release notes in JIRA. For all changes since WildFly 31.0.0.Final, see the full changelog. Changes in the underlying WildFly Core 24 releases are listed in the WildFly Core JIRA. In addition to the JIRA-focused notes above, we also provide GitHub generated release notes, which provide links to relevant pull requests.
FEATURE REQUEST:
[WFLY-13762] - [Community] SSLContext to support delegation to alternate instances based on peer information.
[WFLY-16532] - [Preview] elytron-oidc-client: add ability to configure additional scope for authentication request
[WFLY-18163] - Make it possible to use JaasSecurityRealm via a custom-realm resource
[WFLY-18185] - Documentation for possibility of the caching realm to authenticate users with underlying realm when credential verification with cached credential fails
[WFLY-19021] - [Community] WildFly provisioning to support WildFly stability
[WFLY-19062] - [Preview] Integrate the mvc-krazo subsystem into the wildfly feature pack
[WFLY-19116] - [Experimental] Provide a cool boot message
[WFLY-19130] - [Community] Publish Wildfly channel and manifest during project build
ENHANCEMENT:
[WFLY-18073] - Integrate OWASP dependency check plugin into WildFly build
[WFLY-18462] - Remove contacts-jquerymobile Quickstart
[WFLY-18464] - ejb-multi-server Quickstart Common Enhancements CY2023Q3
[WFLY-18475] - helloworld-mutual-ssl-secured Quickstart Common Enhancements CY2023Q3
[WFLY-18476] - helloworld-mutual-ssl Quickstart Common Enhancements CY2023Q3
[WFLY-18503] - security-domain-to-domain Quickstart Common Enhancements CY2023Q3
[WFLY-18515] - Remove outdated wsat-simple Quickstart
[WFLY-18516] - Remove outdaded wsba-coordinator-completion-simple Quickstart
[WFLY-18517] - Remove outdated wsba-participant-completion-simple Quickstart
[WFLY-18955] - micrometer Galleon layer should contain rules to be discovered
[WFLY-18956] - Add sha1 to Quickstart's dist module
[WFLY-19000] - Add note to Quickstarts READMEs about Bootable Jar usage on OpenShift
[WFLY-19015] - Micrometer and Opentelemetry Quickstarts should use the MicroProfile BOM instead of non-user expansion BOM
[WFLY-19029] - Hibernate ORM 6.4+ should export services to consumer classpath
[WFLY-19073] - $JBOSS_HOME/docs/schema/jboss-app_* contain wrong links inside the documentation elements
[WFLY-19077] - Add maven central to archetype poms that declared JBoss Nexus as a repository
[WFLY-19178] - Rationalize order of 'Subsystem configurations' content in the Admin Guide
[WFLY-19179] - Move the 'Management API Reference' to the last spot in the Admin Guide
[WFLY-19184] - Make use of jakarta.annotation.ManagedBean optional
BUG:
[WFLY-11244] - RemoteStatefulEJBConcurrentFailoverTestCase fails intermittently again (more frequent after Infinispan 9.4.0 upgrade)
[WFLY-13957] - ManagedExecutorServiceMetricsTestCase.testActiveRequests fails intermittently
[WFLY-15426] - ReliableServiceTestCase fails after migration from Apache JAXP implementations to JDK provided JAXP implementations
[WFLY-16584] - Servlet's default character encoding setting is not working.
[WFLY-17893] - Jacorb subsystem migrate operation does not include a migration warn if the 'client' or 'identity' security were used
[WFLY-18080] - Regular failures of FaultToleranceMicrometerIntegrationTestCase
[WFLY-18664] - i18n of exception messages in transactions
[WFLY-18700] - java.lang.OutOfMemoryError: Direct buffer memory
[WFLY-18765] - Missing Locale parameter while calling toUpperCase and toLowerCase methods
[WFLY-18776] - Incorrect link in the documentation pointing to Keycloak documentation
[WFLY-18821] - Wildfly 30: form with enctype="multipart/form-data" does not support large input data (16425 bytes)
[WFLY-18913] - Restore the ignored service-name attribute in the opentelemetry subsystem
[WFLY-18921] - Undertow subsystem tests use invalid configuration
[WFLY-18952] - Migrate operations for MP OpenTracing and MP Metrics are failing
[WFLY-18957] - MicroProfile LRA is missing in the Getting Started Guide's MicroProfile spec table
[WFLY-18959] - Mail Quickstart maven dependencies have wrong scope
[WFLY-18969] - Give the Apache Lucene module access to jdk.unsupported
[WFLY-18972] - JDR not collecting server manifest.yaml
[WFLY-18983] - Galleon layers documentation doesn't cover 'metrics' and 'health'
[WFLY-18984] - The jaxrs-server layer should not result in MicroProfile REST Client or Config provisioning
[WFLY-18987] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null)
[WFLY-19010] - SSL Client context not loaded with AMQP Connector used in bootable jar
[WFLY-19016] - org.infinispan module does not export required package org.infinispan.util.function
[WFLY-19019] - Exception that happened during deployment is being hidden
[WFLY-19020] - JakartaEE application client: module "org.hibernate" is not added to classpath
[WFLY-19023] - Reactive messaging modules depend on javax api alias modules
[WFLY-19036] - Duplicate declaration of org.apache.kerby:kerb-server-api-all dependency
[WFLY-19040] - Regression due to SSLHandshakeException affecting HotRod client when connecting to remote Infinispan
[WFLY-19044] - Welcome page points to old user forum
[WFLY-19071] - Fixing Apache Artemis 2.32 upgrade dependencies
[WFLY-19072] - Fixing AddressSettings default values
[WFLY-19083] - Missing goal verify in the MicroprofileHealt QS in integration testing profile
[WFLY-19087] - External messaging resources can't be updated
[WFLY-19089] - Exception javax/management/openmbean/CompositeData using AMQP-client in Wildfly built-in Artemis ActiveMQ server
[WFLY-19098] - galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)
[WFLY-19100] - Datasource subsystem fails to parse 5.0 and 6.0 configurations
[WFLY-19110] - Connector: restore application security configuration
[WFLY-19115] - Platform Mail TCK tests fail on Java 21
[WFLY-19132] - MSC000004: Failure during stop of service jboss.undertow.filter.load-balancer.service: NPE
[WFLY-19133] - Using Undertow mod_cluster filter with legacy security realms should throw an OperationFailedException
[WFLY-19140] - Clustering testsuite failures when using -Dts.bootable.preview
[WFLY-19145] - The wildfly-glow-arquillian-plugin config doesn't account for WildFly Preview
[WFLY-19150] - Incorrect dropping of 'server.jvm.args' meant to be passed to Arquillian
[WFLY-19151] - Several metrics are not loaded correctly from their MBean
[WFLY-19167] - war containing JDBC drivers deploys an extra driver
[WFLY-19170] - The wildfly-preview feature pack doesn't run at preview stability OOTB
[WFLY-19183] - Bootable jar testing fails with WildFly Preview in the testsuite/integration/microprofile module
[WFLY-19187] - Fix missed JMX bean name
[WFLY-19189] - Invalid Glow verbosity config in microprofile-tck
[WFLY-19201] - Fix the maven warn about duplicate plugin declaration
[WFLY-19209] - The jaxrs subsystem should not assume that simply have the org.wildfly.microprofile.config means the microprofile-rest-client layer is present
[WFLY-19219] - ManagementOnlyModeTestCase is broken because Manual model OIDC tests
[WFLY-19220] - WildFly needs to pass the "old" Faces 4.0 TCK tests in jakarta-faces-tck-4.0.3.zip
[WFLY-19222] - The internal.channel.profile is broken
[WFLY-19231] - Upgrade mvc-krazo to 1.0.0.Final
[WFLY-19249] - Strange bolding in Admin Guide 'Managed Domain Configuration Files'
[WFLY-19250] - Duplicate Admin Guide 'Default Native Interface Security' sections
[WFLY-19262] - hibernate.type.json_format_mapper error
[WFLY-19270] - Shared CI to build and test WildFly issue with Windows and JDK11
COMPONENT UPGRADE:
[WFLY-18520] - Upgrade CXF to 4.0.4(resolve CVE-2024-28752)
[WFLY-18716] - Upgrade Mojarra to 4.0.6
[WFLY-18946] - Upgrade Infinispan to 14.0.22.Final
[WFLY-18958] - Upgrade JGroups to 5.2.20.Final
[WFLY-18970] - Upgrade ASM to 9.6
[WFLY-18971] - Upgrade ByteBuddy to 1.14.11
[WFLY-18977] - Upgrade jgroups-kubernetes to 2.0.2.Final
[WFLY-18978] - Update JBeret to 2.2.1.Final
[WFLY-18980] - Upgrade SmallRye Config to 3.5.2
[WFLY-18981] - Upgrade SmallRye Reactive Messaging to 4.16.0
[WFLY-18982] - Upgrade Apache Artemis to 2.32.0
[WFLY-18989] - Upgrade to Hibernate 6.4.4.Final release
[WFLY-19001] - Upgrade joda-time from 2.12.5 to 2.12.6
[WFLY-19003] - Upgrade Netty to 4.1.106
[WFLY-19005] - Upgrade to SmallRye Mutiny 2.5.6
[WFLY-19014] - Upgrade jboss-ejb-client to 5.0.6.Final
[WFLY-19022] - Upgrade testcontainers to 1.19.5
[WFLY-19028] - Upgrade openjdk-orb to 10.1.0.Final
[WFLY-19031] - Upgrade RESTEasy from 6.2.7.Final to 6.2.8.Final
[WFLY-19032] - Upgrade Snappy Java to 1.1.10.5 (CVEs CVE-2023-34453, CVE-2023-34454, CVE-2023-34455, CVE-2023-43642)
[WFLY-19034] - Upgrade nimbus-jose-jwt to 9.37.3 [CVE-2023-52428]
[WFLY-19035] - Upgrade wildfly-http-client to 2.0.7.Final
[WFLY-19037] - Upgrade WildFly Core to 24.0.0.Beta1
[WFLY-19041] - Upgrade HAL to 3.7.0.Final
[WFLY-19045] - Upgrade Infinispan to 14.0.24.Final
[WFLY-19046] - Upgrade JGroups to 5.2.22.Final
[WFLY-19052] - Upgrade SmallRye Config from 3.5.2 to 3.5.4
[WFLY-19053] - Update VertX Kafka client from 4.4.6 to 4.4.8
[WFLY-19054] - Update Vert.x from from 4.5.1 to 4.5.3
[WFLY-19055] - Update SmallRye Reactive Messaging from 4.16.0 to 4.16.2
[WFLY-19056] - Upgrade Narayana to 7.0.1.Final
[WFLY-19059] - Update resteasy-spring to 3.1.2.Final
[WFLY-19076] - Upgrade WildFly Core to 24.0.0.Beta2
[WFLY-19079] - Upgrade Infinispan to 14.0.26.Final
[WFLY-19084] - Upgrade smallrye-open-api to 3.10.0
[WFLY-19088] - Upgrade Apache James Mime4j to 0.8.10 for CVE-2024-21742
[WFLY-19090] - Upgrade Jakarta Activation from 2.1.2 to 2.1.3
[WFLY-19091] - Upgrade Angus Activation from 2.0.1 to 2.0.2
[WFLY-19092] - Upgrade Jakarta Mail from 2.1.2 to 2.1.3
[WFLY-19094] - Upgrade Angus Mail to from 2.0.2 to 2.0.3
[WFLY-19095] - Update Micrometer to 1.12.4
[WFLY-19096] - Upgrade to SmallRye Mutiny 2.5.7
[WFLY-19097] - Upgrade Netty to 4.1.107
[WFLY-19104] - Upgrade to WildFly Galleon Plugins 7.0.0.Beta4
[WFLY-19105] - Upgrade to Hibernate Search 7.1
[WFLY-19106] - Upgrade to Lucene 9.9
[WFLY-19107] - Upgrade to Elasticsearch client 8.12
[WFLY-19108] - Upgrade org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6
[WFLY-19109] - Upgrade com.fasterxml.jackson from 2.15.3 to 2.15.4
[WFLY-19118] - Upgrade SmallRye Config from 3.4.3 to 3.6.1
[WFLY-19119] - Upgrade SmallRye Reactive Messaging to 4.18.0 and Kafka Client to 3.7.0
[WFLY-19123] - Upgrade wildfly-transaction-client to 3.0.5.Final
[WFLY-19129] - Upgrade JGroups to 5.2.23.Final
[WFLY-19135] - Bump version.org.testcontainers from 1.19.6 to 1.19.7
[WFLY-19137] - Use deployment-transformer-feature-pack transformer
[WFLY-19146] - Upgrade Jakarta XML Bind API to 4.0.2
[WFLY-19159] - Upgrade to SmallRye Reactive Messaging 4.19.0
[WFLY-19168] - Upgrade WildFly Core to 24.0.0.Beta3
[WFLY-19169] - Upgrade the WildFly Maven Plugin to 5.0.0.Beta4
[WFLY-19173] - Upgrade Infinispan to 14.0.27.Final
[WFLY-19174] - Upgrade jbossws-cxf to 7.1.0.Final
[WFLY-19181] - Upgrade to Galleon 6.0.0.Beta5 and Galleon Plugins 7.0.0.Beta6
[WFLY-19193] - Bump version.io.netty from 4.1.107.Final to 4.1.108.Final fixes CVE-2024-29025
[WFLY-19199] - Bump org.owasp:dependency-check-maven from 9.0.9 to 9.0.10
[WFLY-19200] - Upgrade to Galleon 6.0.0.Beta6 and Galleon Plugins 7.0.0.Beta7
[WFLY-19211] - Upgrade ironjacamar to 3.0.9.Final
[WFLY-19230] - Update Mojarra to 4.0.7
[WFLY-19240] - Upgrade WildFly Preview to Jakarta Annotation 3.0.0
[WFLY-19241] - Upgrade WildFly Preview to Jakarta Interceptor 2.2.0
[WFLY-19242] - Upgrade the wildfly-maven-plugin from 5.0.0.Beta4 to 5.0.0.Final
[WFLY-19243] - Upgrade the galleon-maven-plugin from 6.0.0.Beta6 to 6.0.0.Final
[WFLY-19244] - Upgrade wildfly-glow from 1.0.0.Beta13 to 1.0.0.Final
[WFLY-19245] - Upgrade WildFly Galleons plugins from 7.0.0.Beta7 to 7.0.0.Final
[WFLY-19246] - Upgrade the wildfly-jar-maven-plugin from 11.0.0.Beta1 to 11.0.0.Final
[WFLY-19256] - Update Jakarta CDI to 4.1.0 in WildFly Preview
[WFLY-19258] - Upgrade testsuite/integration/legacy to Netty 4.0.19.Final
[WFLY-19259] - Update Jakarta EL to 6.0.0 in WildFly Preview
[WFLY-19272] - Upgrade WildFly Core to 24.0.0.Final
TASK:
WFLY-15178] - Rework ParseAndMarshalModelsTestCase
[WFLY-17740] - Add missing @fallback test in MicroProfile Fault Tolerance quickstart
[WFLY-17784] - Add a test case that makes use of a virtual-security-domain with MP-JWT
[WFLY-18174] - Change the default jakarta.faces.FACELETS_BUFFER_SIZE size to -1
[WFLY-18218] - Add contributing and other community documents to widfly-bom-builder-plugin
[WFLY-18297] - Reevalute test exclusions in the WildFly Preview maven profiles
[WFLY-18559] - Fix or remove org.jboss.as.test.smoke.jsf.JSFTestCase
[WFLY-18748] - Document how to optimize cloud clustering configuration created by our tooling to be scalable
[WFLY-18786] - Add tests for SetRequestInformationCallbackMechanismFactory
[WFLY-18932] - Update the WildFly vs WildFly Preview document for current differences
[WFLY-18937] - Add git log data to the shared-wildfly-build.yml output
[WFLY-18942] - Fix automated testing of Micrometer QS under OpenShift
[WFLY-18943] - Fix automated testing of OpenTelemetry QS under OpenShift
[WFLY-18964] - Upgrade to Galleon 6 Beta2, upgrade all provisioning tooling
[WFLY-18966] - Upgrade licenses plugin, update licenses
[WFLY-18967] - Require SE 17+ to build, 17 to deploy, but SE 11 source/target/release level
[WFLY-18975] - Remove stray System.out in SessionExpirationScheduler
[WFLY-18985] - Update WildFly docs to include reload operation required to valid key-store attributes update on Filesystem Security Realm
[WFLY-18997] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security'
[WFLY-19025] - Update LayersTestCase(s) to reflect WFCORE-6456
[WFLY-19026] - Update LayerTestBase assertions
[WFLY-19030] - Update HostExcludesTestCase configuration to work with WF32
[WFLY-19049] - Use testcontainers to start Mail server for running mail tests
[WFLY-19061] - Add comments to wildfly-feature-pack-build.xml files explaining the package-schemas element
[WFLY-19064] - Update the EE 11 preview to use current EE 11 releases
[WFLY-19065] - Make the ee subsystem dependency on the JBoss fork of Jakarta EL optional
[WFLY-19070] - Remove the unsupported compensations API
[WFLY-19078] - [Preview] Update the elytron-oidc-client subsystem parser to enumerate schema versions
[WFLY-19093] - Jakarta Mail no longer needs to find implementations on the Thread Context Class Loader
[WFLY-19101] - Add test checking for X-Content-Type-Options header in management console
[WFLY-19114] - Resolve WildFly-specific EE 10 TCK 10 failures on Java 21
[WFLY-19127] - shared-wildfly-build-and-test workflow file should allow for a branch/tag
[WFLY-19131] - Clustering TS: disable color output logging from nodes
[WFLY-19141] - Use SE 17 as the base JDK in GitHub Actions
[WFLY-19142] - Update the OIDC tests to use the 24.0.1 version of quay.io/keycloak/keycloak
[WFLY-19161] - Add documentation for configuration file aliases (WFCORE-4868)
[WFLY-19163] - Create testsuite/preview/manualmode
[WFLY-19165] - Update SpnegoMechTestCase to use org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory
[WFLY-19177] - Update elytron-oidc-client subsystem transformer to add a transformer from model version 2 to model version 3
[WFLY-19186] - Add CODEOWNERS to quickstart
[WFLY-19195] - Integrate EE 11 branch into main
[WFLY-19197] - Update ExpressionsTestCase for elytron-oidc-client to use the stability associated with the currently tested schema
[WFLY-19202] - Don't run layers tests against WFP on SE < 17
[WFLY-19207] - Add the KeycloakConfiguration test class inside testsuite/integration/manualmode to the allowlist for gitleaks
[WFLY-19224] - Suppress CVE-2023-1973 from being reported against Undertow
[WFLY-19225] - CVE-2023-6236: Add tests for multi-tenancy to ensure that a valid token from one tenant cannot be used to access another tenant
[WFLY-19226] - CVE-2024-1233: Add documentation for the new wildfly.elytron.jwt.allowed.jku.values.<realm-name> system property
[WFLY-19232] - Update ElytronOidcSubsystemSchema to only add the Scope attribute to Preview:2.0 schema version or later
[WFLY-19236] - [SCA Suppressions] Update CPE exclusion now org.wildfly.galleon-pluginstransformer has become org/wildfly/deployment/transformer/transformer
[WFLY-19237] - [SCA Suppressions] Add a suppression for CVE-2024-23080
[WFLY-19265] - Ensure OidcWithMultiTenancyTest runs successfully with the security manager enabled and gets skipped if Docker isn't available
SUB-TASK:
[WFLY-18604] - Reevalute test exclusions in the integration/clustering module
[WFLY-18681] - Reevalute test exclusions in the testsuite/domain module
[WFLY-18874] - Replace service value captor abstractions from wildfly-clustering-common with variants from wildfly-subsystem
[WFLY-18895] - Pass Standalone Mail TCK tests on Java 21
[WFLY-18988] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in Undertow subsystem
[WFLY-18990] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in JSF subsystem
[WFLY-18991] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in EJB subsystem
[WFLY-18992] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in EE subsystem
[WFLY-18993] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from JCA subsystem
[WFLY-18994] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from JGroups subsystem
[WFLY-18995] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from Infinispan subsystem
[WFLY-18996] - Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in batch-jberet subsystem
[WFLY-19006] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in connector subsystem
[WFLY-19007] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in ejb3 subsystem
[WFLY-19008] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in ee subsystem
[WFLY-19009] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in undertow subsystem
[WFLY-19012] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in webservices subsystem
[WFLY-19051] - Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in messaging subsystem
WHAT'S CHANGED:
WFLY-18946 Upgrade Infinispan to 14.0.22.Final by @pferraro in #17555
WFLY-18958 Upgrade JGroups to 5.2.20.Final by @dependabot in #17554
WFLY-18975 Remove stray System.out in SessionExpirationScheduler by @pferraro in #17575
[WFLY-18952] Migrate operations for MP OpenTracing and MP Metrics are failing by @jasondlee in #17559
[WFLY-18765] Add Locale parameter while calling toUpperCase and toLowerCase methods by @soul2zimate in #17422
WFLY-18080 Fix FaultToleranceMicrometerIntegrationTestCase to lookup Micrometer Counters with a specific Tags by @rhusar in #17573
WFLY-18966: bump licenses-plugin to 2.4.1.Final, delete unneeded entries by @michpetrov in #17571
Bump org.apache.groovy:groovy from 4.0.17 to 4.0.18 by @dependabot in #17553
[WFLY-18970] Upgrade ASM to 9.6 by @ropalka in #17568
[WFLY-18984] Remove the microprofile-rest-client dependency from the … by @jamezp in #17579
WFLY-18994 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from JGroups subsystem by @pferraro in #17586
WFLY-18995 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from Infinispan subsystem by @pferraro in #17587
WFLY-18993 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from JCA subsystem by @pferraro in #17585
[WFLY-18980][WFLY-18981] Upgrade SR Config (3.5.2) and Reactive Messaging (4.16.0) by @kabir in #17577
WFLY-18978 Update JBeret to 2.2.1.Final by @liweinan in #17576
[WFLY-18972] collect installation manifest files by @bmaxwell in #17570
WFCORE-6668 Ensure read-feature-description results contain stability as reported by associated description for use by WildFly Glow by @pferraro in #17589
WFLY-18992 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in EE subsystem by @pferraro in #17584
[WFLY-18937] Add git log data to the shared-wildfly-build.yml output by @soul2zimate in #17548
Revert "[WFLY-15426] Temporarily disabling WS RM test" by @bstansberry in #17535
[WFLY-19001]:Upgrade joda-time from 2.12.5 to 2.12.6 by @jimma in #17592
[WFLY-18971] Upgrade ByteBuddy to 1.14.11 by @ropalka in #17569
Fix for WFLY-18964, Upgrade to Galleon 6 Beta2, upgrade all provisioning tooling by @jfdenise in #17563
WFLY-19003 Bump version.io.netty from 4.1.104.Final to 4.1.106.Final by @dependabot in #17539
WFLY-18996 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in batch-jberet subsystem by @pferraro in #17588
[WFLY-18786] Add tests for SetRequestInformationCallbackMechanismFactory by @Skyllarr in #17449
[WFLY-18776]: Incorrect link in the documentation pointing to Keycloak documentation by @harshittiwariii in #17608
Bump org.asciidoctor:asciidoctor-maven-plugin from 2.2.4 to 2.2.5 by @dependabot in #17607
[WFLY-18969] Give the Apache Lucene module access to jdk.unsupported by @ropalka in #17566
[WFLY-19013] Upgrade wildfly-transaction-client to 3.0.4.Final by @tadamski in #17604
[WFLY-19005] Bump version.io.smallrye.smallrye-mutiny from 2.5.1 to 2.5.6 by @dependabot in #17593
WFLY-18080 Fix FaultToleranceMicrometerIntegrationTestCase to check for Docker being available which is a requirement of the MicrometerSetupTask by @rhusar in #17610
WFLY-18989 Upgrade to Hibernate 6.4.4.Final release by @scottmarlow in #17609
[WFLY-19022] Upgrade testcontainers to 1.19.5 by @darranl in #17612
[WFLY-19008] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in ee subsystem by @soul2zimate in #17603
[WFLY-19010] Elytron registry is in common module by @kabir in #17602
[WFLY-18982]: Upgrade Apache Artemis to 2.32.0 by @ehsavoie in #17578
[WFLY-19009] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in undertow subsystem by @soul2zimate in #17600
[WFLY-18997] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in connector subsystem by @soul2zimate in #17598
[WFLY-18604][WFLY-18681] re-evaluated test exclusions for ts.preview and ts.bootable.preview profiles by @istudens in #17331
WFLY-18874 Replace service value captor abstractions from wildfly-clustering-common with variants from wildfly-subsystem by @pferraro in #17509
[WFLY-19023] Use jakarta module dependencies in the reactive messagin… by @bstansberry in #17617
WFLY-18988 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) from Undertow subsystem by @pferraro in #17581
[WFLY-19028] Upgrade openjdk-orb to 10.1.0.Final by @tadamski in #17620
[WFLY-16854] Fix servlet picking up response and request encoding from web.xml by @xjusko in #17590
[WFLY-19026] Update LayerTestBase assertions by @bstansberry in #17618
WFLY-19020 Application client applications should be able to deploy persistence units by @scottmarlow in #17616
WFLY-19019: Do not hide exceptions of failed deployments in case undeploy also failed by @kevinferrare in #17611
[WFLY-19032] Upgrade snappy-java to 1.1.10.5 by @darranl in #17629
WFLY-18990 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in JSF subsystem by @pferraro in #17582
[WFLY-19034] Upgrade nimbus-jose-jwt to 9.37.3 by @darranl in #17635
[WFLY-19036] Remove duplicated org.apache.kerby:kerb-server-api-all d… by @yersan in #17638
WFLY-19029 Hibernate ORM 6.4+ should export services to consumer classpath by @Sanne in #17591
[WFLY-19037] Upgrade WildFly Core to 24.0.0.Beta1 by @yersan in #17639
[WFLY-18163] Make it possible to use JaasSecurityRealm via a custom-realm resource by @Skyllarr in #17622
[WFLY-18163] Make it possible to use JaasSecurityRealm via a custom-realm resource by @fjuma in #17637
[WFLY-19041] Upgrade HAL to 3.7.0.Final by @hpehl in #17640
WFLY-19040 Configure SNI hostnames per cluster if possible by @pferraro in #17643
WFLY-18977 Upgrade jgroups-kubernetes to 2.0.2.Final by @rhusar in #17633
WFLY-19045, WFLY-19046 Upgrade Infinispan to 14.0.24.Final, JGroups to 5.2.22.Final by @pferraro in #17646
[WFLY-19012] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in webservices subsystem by @soul2zimate in #17601
[WFLY-19007] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in ejb3 subsystem by @soul2zimate in #17599
Bump org.asciidoctor:asciidoctor-maven-plugin from 2.2.5 to 2.2.6 by @dependabot in #17623
[WFLY-19051] Remove Stage.RUNTIME uses of capability 'org.wildfly.legacy-security' in messaging subsystem by @soul2zimate in #17652
Bump version.org.wildfly.glow from 1.0.0.Beta7 to 1.0.0.Beta9 by @dependabot in #17651
[WFLY-18985] Update WildFly docs to include reload operation required to valid key-store attributes update on Filesystem Security Realm by @lvydra in #17580
[WFLY-19014][WFLY-19035] Upgrade jboss-ejb-client to 5.0.6.Final, wildfly-http-client to 2.0.7.Final by @tadamski in #17605
Add precision to a system property note in the admin guide by @mr1chter in #17628
[WFLY-19054]Bump version.io.vertx.vertx from 4.5.1 to 4.5.3 by @dependabot in #17594
[WFLY-19052] Bump version.io.smallrye.smallrye-config from 3.5.2 to 3.5.4 by @dependabot in #17606
[WFLY-18559] Fix or remove org.jboss.as.test.smoke.jsf.JSFTestCase by @jasondlee in #17659
Bump version.org.eclipse.jetty from 9.4.53.v20231009 to 9.4.54.v20240208 by @dependabot in #17662
[WFLY-19055] Bump version.io.smallrye.smallrye-reactive-messaging from 4.16.0 to 4.16.2 by @dependabot in #17613
WFLY-19044: Fixing the User Forum link on the welcome page by @awesomebjt in #17673
WFLY-18991 Remove illegal uses of Operation.hasOptionalCapability(String, null, null) in EJB subsystem by @pferraro in #17583
[WFLY-19076] Upgrade WildFly Core to 24.0.0.Beta2 by @yersan in #17679
Fix GH nick typo in wildfly-bot.yml by @xstefank in #17678
WFLY-19084 Upgrade smallrye-open-api to 3.10.0 by @pferraro in #17681
[WFLY-18174] Change the default jakarta.faces.FACELETS_BUFFER_SIZE size to -1 by @jasondlee in #17661
WFLY-19056 Upgrade Narayana to 7.0.1.Final by @marcosgopen in #17654
[WFLY-19089]: Exception javax/management/openmbean/CompositeData usin… by @ehsavoie in #17684
[WFLY-19088] Upgrade Apache James Mime4j to 0.8.10 for CVE-2024-21742 by @darranl in #17682
Fix for WFLY-19021, WildFly provisioning to support WildFly stability by @jfdenise in #17645
Bump version.org.testcontainers from 1.19.5 to 1.19.6 by @dependabot in #17690
[WFLY-19096] Bump version.io.smallrye.smallrye-mutiny from 2.5.6 to 2.5.7 by @dependabot in #17691
[WFLY-19059] Update resteasy-spring to 3.1.2.Final by @liweinan in #17656
[WFLY-19025] Update LayersTestCase(s) to reflect WFCORE-6456 by @bstansberry in #17650
[WFLY-19053]Bump io.vertx:vertx-kafka-client from 4.4.6 to 4.4.8 by @dependabot in #17614
[WFLY-18185] Community documentation for caching realm allowing authentication with externally updated credential by @Skyllarr in #17053
[WFLY-19097] Bump version.io.netty from 4.1.106.Final to 4.1.107.Final by @dependabot in #17634
[WFLY-19108] Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6 by @dependabot in #17696
Fix for WFLY-19104, Upgrade to WildFly Galleon Plugins 7.0.0.Beta4 by @jfdenise in #17699
Bump org.apache.groovy:groovy from 4.0.18 to 4.0.19 by @dependabot in #17695
WFLY-19098 galleon: custom provisioning creates unsecured http-invoker by @xstefank in #17693
[WFLY-19100] Fixes Datasource subsystem 5.0 and 6.0 parsing by @emmartins in #17697
WFLY-19129 Upgrade JGroups to 5.2.23.Final by @pferraro in #17715
[WFLY-19090][WFLY-19091][WFLY-19092][WFLY-19093][WFLY-19094] Upgrade Jakarta Activation, Jakarta Mail and Angus implementations by @yersan in #17685
Fix for WFLY-19127, shared-wildfly-build-and-test workflow file should allow for a branch/tag by @jfdenise in #17725
[WFLY-19135] Bump version.org.testcontainers from 1.19.6 to 1.19.7 by @dependabot in #17710
[WFLY-13957] use assertStatsAttribute in ManagedExecutorServiceMetric… by @emmartins in #17722
WFLY-18716 Upgrade Mojarra to 4.0.6 by @pferraro in #17716
[WFLY-19095] Update Micrometer to 1.12.4 by @jasondlee in #17704
[WFLY-19123] Upgrade wildfly-transaction-client to 3.0.5.Final by @tadamski in #17713
[WFLY-19073] fix schema link jboss-app_7_0.xsd by @baranowb in #17671
WFLY-19071/WFLY-19072: Fixing AddressSettings default values and Artemis 2.32 dependencies by @ehsavoie in #17670
[WFLY-19087]: External messaging resources can't be updated. by @ehsavoie in #17694
WFLY-11244 Unignore RemoteStatefulEJBConcurrentFailoverTestCase by @rhusar in #17723
WFLY-18921 Undertow subsystem tests use invalid configuration by @pferraro in #17529
WFCORE-6650 Implement DeploymentUnit.getStability() introduced via wildfly-core 24.0.0.Beta2. by @pferraro in #17702
[WFLY-15178] Enable the legacy ParseAndMarshalModelsTestCase's by @jamezp in #17726
WFLY-19133 Using Undertow mod_cluster filter with legacy security realms should throw an OperationFailedException + cleanup unused log messages by @rhusar in #17720
WFLY-19131 Clustering TS: disable color output logging from nodes by @rhusar in #17718
WFLY-19132 MSC000004: Failure during stop of service jboss.undertow.filter.load-balancer.service: NPE by @pferraro in #17719
WFLY-19105 Upgrade to Hibernate Search 7.1 (WFLY-19107 Upgrade to Elasticsearch client 8.12/ WFLY-19106 Upgrade to Lucene 9.9) by @marko-bekhta in #17700
Merge main into EE11 by @bstansberry in #17675
Ignore intermittently failing DistributedTimerServiceTestCase by @bstansberry in #17727
[WFLY-19118][WFLY-19119] Upgrade SmallRye Config to 3.6.1 and SmallRye Reactive Messaging to 4.18.0 by @kabir in #17712
[WFLY-19146] Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2 by @dependabot in #17706
Fix for WFLY-19021, WildFly provisioning to support WildFly stability (continuing) by @jfdenise in #17736
[WFLY-19140] For tests disabled with -Dts.bootable, disable them with… by @bstansberry in #17731
WFLY-19142 Update the OIDC tests to use the 24.0.1 version of quay.io/keycloak/keycloak by @xstefank in #17730
[WFLY-19109] Bump version.com.fasterxml.jackson from 2.15.3 to 2.15.4 by @dependabot in #17653
Bump com.squareup.okio:okio from 1.17.2 to 1.17.6 by @dependabot in #17724
WFLY-19070 Remove the narayana compensations module by @TomasHofman in #17669
[WFLY-19150] Clean up server.jvm.args handling by @bstansberry in #17740
[WFLY-19145] When provisioning a wildfly-preview based server for tests, use wildfly-test-feature-pack-preview for test-specific content by @bstansberry in #17732
[WFLY-19061] Document the meaning of wildfly-feature-pack-build.xml/p… by @bstansberry in #17657
WFLY-19079 Upgrade Infinispan to 14.0.26.Final by @pferraro in #17680
[WFLY-19165] Update SpnegoMechTestCase to use org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory by @fjuma in #17755
[WFLY-19031] Upgrade RESTEasy to 6.2.8.Final. by @jamezp in #17754
Bump version.org.wildfly.glow from 1.0.0.Beta9 to 1.0.0.Beta11 by @dependabot in #17748
Bump org.apache.groovy:groovy from 4.0.19 to 4.0.20 by @dependabot in #17745
[WFLY-19110] Connector: restore application security configuration by @tadamski in #17701
[WFLY-18520]:Upgrade CXF to 4.0.4 by @jimma in #17758
[WFLY-19158][WFLY-19159] Upgrade to SR Config 3.7.1 and Reactive Messaging 4.19.0 by @kabir in #17749
[WFLY-19116]: Experimental - Provide a cool boot banner. by @ehsavoie in #17703
[WFLY-19168] Upgrade WildFly core to 24.0.0.Beta3 by @darranl in #17761
[WFLY-19169] Upgrade the WildFly Maven Plugin to 5.0.0.Beta4 by @bstansberry in #17762
[WFLY-19170] Make WildFly Preview run at preview stability OOTB by @bstansberry in #17764
[WFLY-19174]:Upgrade jbossws-cxf to 7.1.0.Final by @jimma in #17768
[WFLY-19141] Step 2 -- Switch JRE tests to build with SE 17 by @bstansberry in #17757
[WFLY-19141] Step 1 -- switch simple workflows to build with JDK 17 by @bstansberry in #17756
[WFLY-19151] Several metrics are not loaded correctly from their MBean by @jasondlee in #17759
[WFLY-19049] Use testcontainers to start Mail server for running mail… by @yersan in #17721
[WFLY-19141] Switch to using SE 17 for GH workflow builds by @bstansberry in #17729
[WFLY-19101] Add test checking for X-Content-Type-Options header in management console by @soul2zimate in #17765
Fix for WFLY-19181, Upgrade to Galleon 6.0.0.Beta5 and Galleon Plugins 7.0.0.Beta6 by @jfdenise in #17770
[WFLY-18967] Require SE 17+ to build, 17 to deploy, but SE 11 source/… by @bstansberry in #17735
[WFLY-19145] Ensure the test feature pack is built before testsuite t… by @bstansberry in #17774
[WFLY-19183] Remove wildlfy-jar-maven-plugin config cruft by @bstansberry in #17775
Bump version.org.wildfly.glow from 1.0.0.Beta11 to 1.0.0.Beta12 by @dependabot in #17771
Ee11 testsuite by @bstansberry in #17741
[WFLY-19187] Fix missed JMX bean name by @jasondlee in #17776
[WFLY-19189] Use the correct config property for verbose output by @bstansberry in #17779
[WFLY-19173] ugraded Infinispan to 14.0.27.Final by @istudens in #17767
[WFLY-19193] Bump version.io.netty from 4.1.107.Final to 4.1.108.Final by @dependabot in #17747
[WFLY-18073] Add the OWASP dependency-check plugin to the WildFly build. by @darranl in #17686
[WFLY-18955] micrometer Galleon layer should contain rules to be discovered by @jasondlee in #17658
[WFLY-19064] Update EE 11 components to late March releases by @bstansberry in #17777
[WFLY-19064][WFLY-19065] Update the EE 11 preview to use current EE 11 releases by @bstansberry in #17677
[WFLY-18913] Restore the ignored service-name attribute in the opentelemetry subsystem by @jasondlee in #17632
[WFLY-13762] [Community] Tests for SSLContext to support delegation to alternate instances based on peer information. by @Skyllarr in #13687
[WFLY-19130] Create and publish WildFly channels by @spyrkob in #17746
[WFLY-19062] Add preview stability support for Jakarta MVC to standard WildFly by @bstansberry in #17766
[WFLY-19199] Bump org.owasp:dependency-check-maven from 9.0.9 to 9.0.10 by @dependabot in #17782
Fix for WFLY-19200, Upgrade to Galleon 6.0.0.Beta6 and Galleon Plugins 7.0.0.Beta7 by @jfdenise in #17788
[WFLY-19202] Require SE 17+ to run testsuite/integration/preview subm… by @bstansberry in #17789
[WFLY-19062] Don't hard code wildfly-preview-feature-pack when testing the mvc-krazo layer in testsuite/layers-expansion by @bstansberry in #17791
[WFLY-19195] Integrate EE 11 branch into main by @bstansberry in #17784
Pulls by @bstansberry in #17792
WFLY-16532 [Preview] elytron-oidc-client: add ability to configure additional scope for authentication request by @PrarthonaPaul in #17790
[WFLY-19207] Add the KeycloakConfiguration test class inside testsuit… by @PrarthonaPaul in #17793
Fix for WFLY-19137, Use deployment-transformer-feature-pack transformer by @jfdenise in #17806
[WFLY-19219] Use a specific server for manual mode OIDC tests by @yersan in #17804
[WFLY-19201] Fix the maven warn about duplicate plugin declaration by @bstansberry in #17786
[WFLY-19211] Upgrade ironjacamar to 3.0.9.Final by @tadamski in #17798
[WFLY-19224] Suppress CVE-2023-1973 as WildFly no longer uses Undertow's authentication mechanisms. by @darranl in #17810
Bump version.org.wildfly.glow from 1.0.0.Beta12 to 1.0.0.Beta13 by @dependabot in #17802
[WFLY-19209] Do not attempt to use the RESTEasy MicroProfile Configur… by @jamezp in #17797
[WFLY-19237] Add a suppression for CVE-2024-23080 by @darranl in #17819
[WFLY-19230] Upgrade to Mojarra 4.0.7 by @scottmarlow in #17814
[WFLY-19236] Update the suppression of the CPE mapping for the org.wildfly.deployment:transformer component. by @darranl in #17818
[WFLY-19167] war containing JDBC drivers deploys an extra driver by @gaol in #17760
[WFLY-18664] Fix i18n of exception messages in transactions by @soul2zimate in #17311
[WFLY-19240][WFLY-19241] EE 11 final spec upgrades by @bstansberry in #17820
[WFLY-19242 - WFLY-19246] Galleon based component upgrades by @jamezp in #17822
[WFLY-19226] Add documentation for the new wildfly.elytron.jwt.allowed.jku.values. system property for CVE-2024-1233 by @fjuma in #17812
[WFLY-19176][Preview] Update elytron-oidc-client scope related tests to use optional client scopes for multipleClientScopes test by @PrarthonaPaul in #17808
WFLY-19161: add documentation for configuration file aliases by @michpetrov in #17751
WFLY-19232 Update ElytronOidcSubsystemSchema to only add the Scope attribute to Preview:2.0 schema version or later by @PrarthonaPaul in #17816
WFLY-18748 Document how to optimize cloud clustering configuration created by our tooling to be scalable by @rhusar in #17432
[WFLY-19231] Upgrade mvc-krazo-feature-pack to 1.0.0.Final by @bstansberry in #17823
[WFLY-19258] Upgrade testsuite/integration/legacy to Netty 4.0.19.Final by @bstansberry in #17829
[WFLY-19256][WFLY-19259] Move CDI and EL to final releases in WildFly Preview by @bstansberry in #17830
[WFLY-18932] Update the WildFly vs WildFly Preview document for curre… by @bstansberry in #17825
WFLY-19021, community doc. Document usage of Galleon stability properties by @jfdenise in #17801
WFLY-19016 org.infinispan module needs to export org.infinispan.util.function package for use with SerializableFunctions. by @pferraro in #17827
[WFLY-19178][WFLY-19179][WFLY-19249][WFLY-19250] Admin guide improvements by @bstansberry in #17826
[WFLY-19177] [preview] Update elytron-oidc-client subsystem transformer to add a transformer from model version 3 to model version 2 by @PrarthonaPaul in #17803
[WFLY-19222] Use the correct GAV for the internal channel by @bstansberry in #17805
WFLY-19262 hibernate.type.json_format_mapper error by @scottmarlow in #17835
[WFLY-18957][WFLY-18983] Layers documentation fixes. by @bstansberry in #17837
[WFLY-19272] Upgrade WildFly Core to 24.0.0.Final by @yersan in #17841
Fix for WFLY-19270, Shared CI to build and test WildFly issue with Windows and JDK11 by @jfdenise in #17839
[WFLY-19172][WFLY-19225][WFLY-17784] Aggregate PR by @bstansberry in #17842
[WFLY-17784] Add tests for identity propagation with MP-JWT by @fjuma in #17456
[WFLY-19225] Add tests for multi-tenancy to ensure that a valid token from one tenant cannot be used to access another tenant for CVE-2023-6236 by @fjuma in #17811
OpenUpdate - April 25, 2024
Stay Informed
This week, read about:
Security Based Updates
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Non-Security Based Updates
Angular 17.3.5
- refactor(compiler-cli): move config initialization into constructor
- docs(core): add missing space
- build(http): Mark the http tests as flaky because of one particular
- build: update io_bazel_rules_sass digest to c3f163f
- docs: add team docs for when to use dev preview and experimental
- docs: fix repeated note in "Add an Input to the component" section
- build(docs-infra): fix playground lezer parsing
- docs: use 17.3.x branch for aio quick start
-release: bump Angular DevTools version to 1.0.13
Ansible v2.16.6
Porting Guide
Bug Fixes:
- Consolidated the list of internal static vars, centralized them as constant and completed from some missing entries.
- Fix check for missing _sub_plugin attribute in older connection plugins (https://github.com/ansible/ansible/pull/82954)
- Fixes permission for cache json file from 600 to 644 (https://github.com/ansible/ansible/issues/82683).
- Slight optimization to hostvars (instantiate template only once per host, vs per call to var).
- allow_duplicates - fix evaluating if the current role allows duplicates instead of using the initial value from the duplicate's cached role.
- ansible-config will now properly template defaults before dumping them.
- ansible-test ansible-doc sanity test - do not remove underscores from plugin names in collections before calling ``ansible-doc`` (https://github.com/ansible/ansible/pull/82574).
- async - Fix bug that stopped running async task in ``--check`` when ``check_mode: False`` was set as a task attribute - https://github.com/ansible/ansible/issues/82811
- blockinfile - when ``create=true`` is used with a filename without path, the module crashed (https://github.com/ansible/ansible/pull/81638).
- dnf - fix an issue when cached RPMs were left in the cache directory even when the keepcache setting was unset (https://github.com/ansible/ansible/issues/81954)
- dnf5 - replace removed API calls
- facts - add a generic detection for VMware in product name.
- fetch - add error message when using ``dest`` with a trailing slash that becomes a local directory - https://github.com/ansible/ansible/issues/82878
- find - do not fail on Permission errors (https://github.com/ansible/ansible/issues/82027).
- unarchive modules now uses zipinfo options without relying on implementation defaults, making it more compatible with all OS/distributions.
- winrm - Do not raise another exception during cleanup when a task is timed out - https://github.com/ansible/ansible/issues/81095
Gitlab FOSS v16.11.0
Added (121 changes):
- [Add skip secret detection audit event](gitlab-org/gitlab@e5b10f3c044a8992907f2dcc598123d798be9c7e) ([merge request](gitlab-org/gitlab!147855)) **GitLab Enterprise Edition**
- [Added added_approver to the todo action enum in GraphQL](gitlab-org/gitlab@0f2966c47ed9f5e042b8fb633ce454aa4592aa35) by @zillemarco ([merge request](gitlab-org/gitlab!148831))
- [Add setting for enabling pre-receive SD](gitlab-org/gitlab@dc4f895086986077fafc660537060d78546826b2) ([merge request](gitlab-org/gitlab!148332)) **GitLab Enterprise Edition**
- [Added pending member for project listing page](gitlab-org/gitlab@dcbb5001eca02fd8aa6d8dbd06a401fc49716988) ([merge request](gitlab-org/gitlab!146678)) **GitLab Enterprise Edition**
- [Merge branch 'add-support-for-v-prefix' into 'master' ](gitlab-org/gitlab@e5bcb9dc8a57d7bdcf6fc5ed4d9a34590fdf7348) ([merge request](gitlab-org/gitlab!148706))
- [Simplifies SemanticVersionable concern](gitlab-org/gitlab@f7353bc52a84f417ccc032ae4ba45e1058c14c50) ([merge request](gitlab-org/gitlab!148706))
- [Added model for external_status_checks_protected_branches](gitlaborg/gitlab@2647e53b6725a9c90e032488401d4b1d2827571e) ([merge request](gitlab-org/gitlab!149046)) **GitLab Enterprise Edition**
- [Update URL with cursor to load a specific page](gitlab-org/gitlab@4c7fb3d5d2853424555c64e23ebbe1ccb79dee0f) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/148593)) **GitLab Enterprise Edition**
- [Added update api for instance level audit streaming](gitlab-org/gitlab@444a1b0312439545bd7ca7bd50136047c8db9c6f) ([merge request](gitlab-org/gitlab!149104)) **GitLab Enterprise Edition**
- [Add endpoint for checking relation import status](gitlab-org/gitlab@f450696483846a1cd7da2f2e8315e52df979cd75) ([merge request](gitlab-org/gitlab!147775))
- [Utilize show_diff_preview_in_email column](gitlab-org/gitlab@614f6d5d7d2c0358ebf5425e76d4f3062009be6c) by @joe-snyder ([merge request](gitlab-org/gitlab!98547))
- [Add API for trigger project webhook](gitlab-org/gitlab@b9bf0c33d5139823dada3a401a2607fa3856b6b5) by @lifez ([merge request](gitlab-org/gitlab!147656))
- [Add displaying list of linked policies to framework table](gitlab-org/gitlab@4528caee6d01cfb2e2c6b4f739cf7da3ed63a81f) ([merge request](gitlab-org/gitlab!149324)) **GitLab Enterprise Edition**
- [Change admin users search filter](gitlab-org/gitlab@60cb8a9b7be5eed84f1a2bf9d41c5e3a5620099a) by @bahek2462774 ([merge request](gitlab-org/gitlab!144907))
- [Protected packages: Show protected label in packages list](gitlaborg/gitlab@42a2d94bac523ec8cbd000609c49a38b84a72b46) by @gerardo-navarro ([merge request](gitlab-org/gitlab!141134))
- [Added delete api for instance level audit streaming](gitlab-org/gitlab@e81b3ef2809032b87bbdb1c3a662c256182aadad) ([merge request](gitlab-org/gitlab!149101)) **GitLab Enterprise Edition**
- [Update query for elevated_guests to use occupies_seat](gitlab-org/gitlab@0c7f5da4f50c6034cb018eca9378623869c5df53) ([merge request](gitlab-org/gitlab!148653)) **GitLab Enterprise Edition**
- [Frontend work for regex filter on Zoekt code search](gitlab-org/gitlab@bc2d7efa52429cabfd2cdd7a414c1aaf579a9728) ([merge request](gitlab-org/gitlab!144625))
- [Enabled product_analytics_billing by default](gitlab-org/gitlab@e4fbfd31e5ebe071a848a6c38c00bc9e355133fc) ([merge request](gitlab-org/gitlab!149243)) **GitLab Enterprise Edition**
- Added update api for group audit event destinations](gitlab-org/gitlab@a08acfeab8dc426b96563d9a7ae26203af0d1ac2) ([merge request](gitlab-org/gitlab!148388)) **GitLab Enterprise Edition**
- [Remove experiment flag for product analytics](gitlab-org/gitlab@1fb7122f8e60a51e9e0f31213cbf29f1b467b21d) ([merge request](gitlab-org/gitlab!148983)) **GitLab Enterprise Edition**
- [Add co_authored_by placeholder to suggestions template](gitlab-org/gitlab@be6287b6c6e3280b26750842090563b531301183) ([merge request](gitlab-org/gitlab!148890))
- [New tests for project dropdown actions](gitlab-org/gitlab@61fc9592e2483aa2ba1577acc6d26b4e751c6915) by @espadav8 ([merge request](gitlab-org/gitlab!148750))
- [Obfuscate external participants emails in system notes](gitlab-org/gitlab@db7f244e226dfe2959034713daffa4b5511865fc) ([merge request](gitlab-org/gitlab!141612))
- [Update group policy to use admin_push_rules](gitlab-org/gitlab@ca6de0c1c208df53f13b08d024deafe4312853c6) ([merge request](gitlab-org/gitlab!147974)) **GitLab Enterprise Edition**
- [Added delete api for group audit event destinations](gitlab-org/gitlab@12d3cc288b8178cee1de4c8ac0bc9c89a514ece2) ([merge request](gitlab-org/gitlab!148738)) **GitLab Enterprise Edition**
- [Add top-level namespace to Usage Overview panel](gitlab-org/gitlab@3b8fbd9853cf73845a7dd95b7b11f4eb1bbeb1f5) ([merge request](gitlab-org/gitlab!148597)) **GitLab Enterprise Edition**
- [Add pre_receive_secret_detection_enabled param](gitlab-org/gitlab@875dfd8dbdd324b75e4fbc940381abd26cc28534) ([merge request](gitlab-org/gitlab!149160))
- [Protected containers: Create protection rules in project setting ui](gitlab-org/gitlab@aef987b99cf9d7e53a114f0d9d705e2304844e33) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146523))
- [Add catalog component usage tracking in pipeline sequence](gitlab-org/gitlab@a0f6fd925367eb55a428a2687203888f6d6af64c) ([merge request](gitlab-org/gitlab!149138))
- [Implement the ability to use shorthand for semantic versions](gitlab-org/gitlab@ae5f0b35997e69ba646fb5cb4b5ce11ab73a8370) ([merge request](gitlab-org/gitlab!147910))
- [Add client for generating vertex embedding](gitlab-org/gitlab@d142f59a3c45d286fa15c61b5d28f2d5327ca501) ([merge request](gitlab-org/gitlab!148483)) **GitLab Enterprise Edition**
- [Expose metadata fields on Milestone type](gitlab-org/gitlab@3e5d0ab7f83a6f5562512bc465285b3883af15f9) ([merge request](gitlab-org/gitlab!148927))
- [Document encryption support for Google Cloud Storage (GCS)](gitlab-org/gitlab@63e1b9dfd82aa5527006ed97c9b37dc4ea0031b7) ([merge request](gitlab-org/gitlab!148994))
- [This MR adds new filter option](gitlab-org/gitlab@e62883d3d8504032bcf92805555e30ba7e20636b) ([merge request](gitlab-org/gitlab!148675)) **GitLab Enterprise Edition**
- [Added list api for listing instance level audit event destinations](gitlab-org/gitlab@86186adc05d92bc5a9a88f275c33d543cba424e3) ([merge request](gitlab-org/gitlab!148839)) **GitLab Enterprise Edition**
- [Added create api for instance audit event streaming destinations](gitlab-org/gitlab@20ec713cb27b4e8701317e2211b39f6daf960e02) ([merge request](gitlab-org/gitlab!148383)) **GitLab Enterprise Edition**
- [Adds "Allow runner registration token" setting to top-level group(gitlab org/gitlab@29df08fb36a5c6b2626a021f5f2a3696cd637506) ([merge request](gitlab-org/gitlab!148557))
- [Rollout new custom roles UI](gitlab-org/gitlab@e82557fd72bbdcb1eeab09499d12b84e91071bde) ([merge request](gitlab-org/gitlab!148468)) **GitLab Enterprise Edition**
- [This MR adds new policy type](gitlab-org/gitlab@34203ec1278f48992af196a9f717620962886916) ([merge request](gitlab-org/gitlab!148600)) **GitLab Enterprise Edition**
- [Add referrer_type filtering to containerRepository tags GraphQL query](gitlab-org/gitlab@4720e1cbb764c3807dc881dc06a145e4ba19d2c5) ([merge request](gitlab-org/gitlab!147277))
- [Enable `group_saved_replies_flag` by default](gitlab-org/gitlab@04f93bbecb93e9a73d891611d258b76d9c4e3251) ([merge request](gitlab-org/gitlab!148958))
- [Add manage security policy as custom ability](gitlab-org/gitlab@b6a8cf2d72af8ee4a64612711111586b4cafdad6) ([merge request](gitlab-org/gitlab!148371)) **GitLab Enterprise Edition**
- [Initialize bigint conversion for vulnerability_occurrence_pipelines](gitlab-org/gitlab@bd40369ab79962a83a19e852ab3624b958507a36) ([merge request](gitlab-org/gitlab!148735))
- [Initialize bigint conversion for merge_trains](gitlab-org/gitlab@343e2b965acfdcbcb6d70b7f74dbfcf8b3fc55ed) ([merge request](gitlab-org/gitlab!148730))
- [Initialize bigint conversion for merge_trains](gitlab-org/gitlab@09fcf24f778807dc4097b17b9088499a9a32234b) ([merge request](gitlab-org/gitlab!148786))
- [Initialize bigint conversion for packages_build_infos](gitlab-org/gitlab@c65891c9240d56b53f391e0666631cb84a2e14b3) ([merge request](gitlab-org/gitlab!148791))
- [Initialize bigint conversion for vulnerability_feedback](gitlab-org/gitlab@390b83d1b1280f8657d96f7ef7cacf8fa709118f) ([merge request](gitlab-org/gitlab!148790))
- [Add a new worker to process the pipeline creation for sep](gitlab-org/gitlab@0185a66f0b645ad9625ea94d3ec7299d8959175b) ([merge request](gitlab-org/gitlab!147691)) **GitLab Enterprise Edition**
- [Removed auto_cancel_pipeline_on_job_failure feature flag](gitlab-org/gitlab@5e80edd594717e6a91c65223bd24b2bc716dbf0d) by @zillemarco ([merge request](gitlab-org/gitlab!148515))
- [Add runner creation status](gitlab-org/gitlab@6faa548186a248a22a3686d8e125a4ca1d204f56) by @imskr ([merge request](gitlab-org/gitlab!144842))
- [Add close on escape support](gitlab-org/gitlab@89c281d7077c29a6ec4a2a62443008e6ce8f2071) ([merge request](gitlab-org/gitlab!148852)) **GitLab Enterprise Edition**
- [Initialize bigint conversion for merge_requests](gitlab-org/gitlab@3c7e1f1157c6608ca54f1c19fada2fb4f5c48015) ([merge request](gitlab-org/gitlab!148788))
- [Add accessLevel & isLastOrganizationOwner fields to organizationUser](gitlab-org/gitlab@2acf4411a1396b9f00b36e2c2b4f74de47de4785) ([merge request](gitlab-org/gitlab!148148))
- [Improve the performance of group-level vulnerability export](gitlab-org/gitlab@3c0c31802ca926ade373a71c6c356085eeb254e0) ([merge request](gitlab-org/gitlab!147365))
- [Enable Custom Webhook Headers feature](gitlab-org/gitlab@e05517344b269d3fe0f200f87ba7901d3852468e) by @Taucher2003 ([merge request](gitlab-org/gitlab!148690))
- [Consider child pipelines for MR approval policies](gitlab-org/gitlab@5ba4ebdcd7c9de8296df6535c92b135465061069) ([merge request](gitlab-org/gitlab!147710)) **GitLab Enterprise Edition**
- [Add development widget (feature flags)](gitlab-org/gitlab@5dc384fd05ab651525ecc922ab6f62dba3569d93) ([merge request](gitlab-org/gitlab!148215)) **GitLab Enterprise Edition**
- [Beyond Identity: Add option to exclude service accounts](gitlab-org/gitlab@da808914d9bf0afbc194e428f1396a054303366a) ([merge request](gitlab-org/gitlab!148590))
- [Add verified badge](gitlab-org/gitlab@89e089bbf086ca7d98cdc7d88ab4f5d007fa4127) ([merge request](gitlab-org/gitlab!147384))
- [Add runner wait time stats by namespace](gitlab-org/gitlab@0f7fece2f8d894cb670859298fd2c6caca2e0541) ([merge request](gitlab-org/gitlab!147148)) **GitLab Enterprise Edition**
- [Support minimal access base for custom roles](gitlab-org/gitlab@95ffa5f8d64aae0cd99c7014488c57bbfc23ddc4) ([merge request](gitlab-org/gitlab!148390))
- [Add object_attributes.action for note webhooks](gitlab-org/gitlab@abc1b67b29fc9c2a1cf7f4454b55ee527021631d) ([merge request](gitlab-org/gitlab!147856))
- [Add cadence validation for sep creation](gitlab-org/gitlab@d8732ca1a7ce25be3d06a01879ed11895b126a35) ([merge request](gitlab-org/gitlab!148096)) **GitLab Enterprise Edition**
- [Enable combined analytics dashboards by default](gitlab-org/gitlab@0675178be05bcbe8236b6b74b74684eaa950bbaf) ([merge request](gitlab-org/gitlab!148559)) **GitLab Enterprise Edition**
- [Create and list apis for group audit events](gitlab-org/gitlab@f5bafe4a48bc98901b4e709bfadad3adfedb5379) ([merge request](gitlab-org/gitlab!147888)) **GitLab Enterprise Edition**
- [Default enable producy analytics admin settings FF](gitlab-org/gitlab@0c4927326f9bbacd66653adf39b3832b37e711f3) ([merge request](gitlab-org/gitlab!148539)) **GitLab Enterprise Edition**
- [Enabling FF ci_retry_on_exit_codes on SM](gitlab-org/gitlab@24590f014becc7a09566dcc384dc0dfc7657239d) ([merge request](gitlab-org/gitlab!148189))
- [Add API endpoint to return current SSO session expiry time](gitlab-org/gitlab@a5f5dde09f72743021ca1f5aa2560aaa227f69b6) ([merge request](gitlab-org/gitlab!146011)) **GitLab Enterprise Edition**
- [Add REST API endpoint to sync push mirrors](gitlab-org/gitlab@1ab7f8dfad9608b4f5455f2c0d80c6a52c2d6fb5) ([merge request](gitlab-org/gitlab!148186))
- [Rollout security_policies_policy_scope_project by default](gitlab-org/gitlab@dcbcf0bdb1a8be2268339148dc2fdcecde39a551) ([merge request](gitlab-org/gitlab!148407)) **GitLab Enterprise Edition**
- [Add custom webhook headers](gitlab-org/gitlab@1504f88df5a07db69abeef68edcf9c4ec5a63fcd) by @Taucher2003 ([merge request](gitlab-org/gitlab!146702))
- [Remomve FF for search_add_archived_filter_to_zoekt](gitlab-org/gitlab@c2b5997f9b1e6d7326cacf73d591927c740538da) ([merge request](gitlab-org/gitlab!148107)) **GitLab Enterprise Edition**
- [Enalbed the global Duo Chat button](gitlab-org/gitlab@e3c4da4f8b7186e628f7dc8fea9e0bbf6ee2af82) ([merge request](gitlab-org/gitlab!148402)) **GitLab Enterprise Edition**
- [Validate check null constraint for vulnerability_reads#traversal_ids](gitlab-org/gitlab@e59b81bac5ad2b16797694870ef10e12095db594) ([merge request](gitlab-org/gitlab!148386))
- [Switch Groups UX to emails_enabled](gitlab-org/gitlab@77b46f4a8ccb8901e04b50a378d10d5284d4f00b) by @joe-snyder ([merge request](gitlab-org/gitlab!135959)) **GitLab Enterprise Edition**
- [New Audit Event when approval rule is updated](gitlab-org/gitlab@45d8bc02374aefcf852f1a61b8849a11db930b6f) ([merge request](gitlab-org/gitlab!146819)) **GitLab Enterprise Edition**
- [Add list of tag in external pipeline validation api](gitlab-org/gitlab@0db47b7ac6a22038a0298ac9314389db4650ab4c) by @lifez ([merge request](gitlab-org/gitlab!148318))
- [This MR adds breaking changes icon](gitlab-org/gitlab@3574df9f1f482529b31ae657476f1a1d0885757d) ([merge request](gitlab-org/gitlab!146921)) **GitLab Enterprise Edition**
- [Add user count to Usage Overview panel on Value Streams Dashboard](gitlab-org/gitlab@b52185cfd145cfa9165bd68e07d5be1e32fd0cd7) ([merge request](gitlab-org/gitlab!148254)) **GitLab Enterprise Edition**
- [Update JiraConnect app_descriptor](gitlab-org/gitlab@d4e186f8744231fc4c9c5139394446017d4034f0) ([merge request](gitlab-org/gitlab!148251))
- [Finalize BackfillHasIssuesForExternalIssueLinks background migration](gitlab-org/gitlab@af5f897a532475711837ea27d3b8d32260d6c216) ([merge request](gitlab-org/gitlab!148244))
- [Enable create_vulnerability_jira_issue_via_graphql by default](gitlab-org/gitlab@acab556c474c16825ea0da33449e2403f2a87b4b) ([merge request](gitlab-org/gitlab!148239)) **GitLab Enterprise Edition**
- [feat: Protected containers: Protection rules in project settings ui](gitlab-org/gitlab@794768d4aa5ca2347b9c7c20aca303ee487b5d0b) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146436))
- [Add a new column zoekt_settings in the application_settings](gitlab-org/gitlab@54abc04448244b588436065b6d807fe91af51a8c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147914))
- [Add a shared avatar image for security policy bots](gitlab-org/gitlab@799dd2d015217e47d82c9a3bfb7432e8bbc014c9) ([merge request](gitlab-org/gitlab!146942))
- [Add Create New Merge Request button to issues in forked projects](gitlab-org/gitlab@a3d260fd772c7d407c8f363e849d1b9cb8e25886) ([merge request](gitlab-org/gitlab!147355))
- [Accept generation_type parameter](gitlab-org/gitlab@682b3e557d9e76385799d13b8fac1a9a43e82ab4) ([merge request](gitlab-org/gitlab!147421)) **GitLab Enterprise Edition**
- [Add autocomplete support for wiki pages](gitlab-org/gitlab@27c318f7b83312cd6ec2a04704414ccbe6139556) ([merge request](gitlab-org/gitlab!143654))
- [Introduces hidden variable to group and ci variables](gitlab-org/gitlab@8ecd09100a7e8af196c3ec4bef8db0ab9a106fa3) ([merge request](gitlab-org/gitlab!141926))
- [Enable GitLab for Slack app for Instances and Groups](gitlab-org/gitlab@aca445a970e6cfccfe43566f34192835becec2af) ([merge request](gitlab-org/gitlab!147820))
- [Add indirect membership API endpoint](gitlab-org/gitlab@35586c95a5c16dad059058c36f143fa956032e3a) ([merge request](gitlab-org/gitlab!145227)) **GitLab Enterprise Edition**
- [Expose `created_at` field in Tags API](gitlab-org/gitlab@dea10fa96631eecb3834a7fdf1a9b1eacacc61da) ([merge request](gitlab-org/gitlab!147785))
- [Add topic support for Telegram](gitlab-org/gitlab@e6152b6d9b87bc5ba9f26f6d239b4f7c4cfc52a3) ([merge request](gitlab-org/gitlab!147734))
- [Wait for ClickHouse workers before running migrations](gitlab-org/gitlab@9060b40f86cd60cd38b488914d017d3509ab9243) ([merge request](gitlab-org/gitlab!147925))
- [Add `default_branch` attribute to Groups API](gitlab-org/gitlab@86ffba7a79ef7d6625062b2787be1551ea90dbd5) ([merge request](gitlab-org/gitlab!145803))
- [Add post migration to set value of occupies_seat column](gitlab-org/gitlab@abdb1960504d0a5b89ad7b16dcd44143a8d259d9) ([merge request](gitlab-org/gitlab!146293))
- [Add setting for pre-receive secret detection](gitlab-org/gitlab@631340d934a92d4eee47b762882b255eb739046f) ([merge request](gitlab-org/gitlab!147831)) **GitLab Enterprise Edition**
- [Remove feature toggle for policy scope](gitlab-org/gitlab@8c61aded645b4d1935d2d15e22c135a679e214f2) ([merge request](gitlab-org/gitlab!145997)) **GitLab Enterprise Edition**
- [Add '/clear' to Duo Chat commands in addition to '/clean'](gitlab-org/gitlab@b7beb41ec62dad5e59b543aaa455ba96472550b6) ([merge request](gitlab-org/gitlab!147380)) **GitLab Enterprise Edition**
- [Add setting for enabling CS for Registry](gitlab-org/gitlab@31a3e10652e98f380970e1fa88873ff643b1758d) ([merge request](gitlab-org/gitlab!147409)) **GitLab Enterprise Edition**
- [AddOnPurchase process trial attribute](gitlab-org/gitlab@318753cfb1c1f2dc35e400b53d74d116c3986a96) ([merge request](gitlab-org/gitlab!147522)) **GitLab Enterprise Edition**
- [Add detailed view for pods and services](gitlab-org/gitlab@07057f76bd480726d0db5ef84af5c7dbd9db55de) ([merge request](gitlab-org/gitlab!147553))
- [Add array types to CI inputs](gitlab-org/gitlab@853153958068f8586bee2bfb6dca6a8c64925e3e) ([merge request](gitlab-org/gitlab!145954))
- [Add full_path GQL field to ResourceType](gitlab-org/gitlab@c5c9e4a7c30f20c642d239e1f11945de8dbe2fcd) ([merge request](gitlab-org/gitlab!147623))
- [Add report abuse button](gitlab-org/gitlab@a82ef82275695877f23351a4192763ec71e91d69) ([merge request](gitlab-org/gitlab!143692))
- [Add access keyword in artifacts](gitlab-org/gitlab@9fa22477401fa7257391a7fab5a3b8bc683b9488) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145206))
- [Finalize PurgeSecurityScansWithEmptyFindingData migration](gitlab-org/gitlab@c5b2254257272ad4906664d98c019257a0ce06e3) ([merge request](gitlab-org/gitlab!147426))
- [Work item two column loading skeleton](gitlab-org/gitlab@5c5d2ec1acf231d51a1bef7a65753deeefbcfb29) ([merge request](gitlab-org/gitlab!146615))
- [Add trial column to subscription_add_on_purchases table](gitlab-org/gitlab@e64f8868f576f4616df91b101db9b9b2c1186089) ([merge request](gitlab-org/gitlab!147422)) **GitLab Enterprise Edition**
- [Add migration to index all projects](gitlab-org/gitlab@a81fb1fa887c886c053e08893a04cdb7abe4584d) ([merge request](gitlab-org/gitlab!145131)) **GitLab Enterprise Edition**
- [Add usage_count columns to catalog tables](gitlab-org/gitlab@92fa72a80a427e1c374d111eab00fc2191180b07) ([merge request](gitlab-org/gitlab!147293))
- [Add a worker Zoekt::MarkReadyWorker](gitlab-org/gitlab@8b48c1465f408d915b60474a1bf38de04904e89c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/146475)) **GitLab Enterprise Edition**
- [Validate the foreign key & add to routing table commit_id](gitlab-org/gitlab@e88832c384b363628b9f8cc26446c51e413160a1) ([merge request](gitlab-org/gitlab!146964))
- [Add avatar to new achievement form](gitlab-org/gitlab@91bd29352ce7830664da5d16cd8b1a23980f9cdd) ([merge request](gitlab-org/gitlab!147040))
- [Add humanized role to removal events in audit details](gitlab-org/gitlab@bb18b60933e840a4f3179bab6d77d7fd8c108506) ([merge request](gitlab-org/gitlab!147435)) **GitLab Enterprise Edition**
- [Added model for instance level event type filters](gitlab-org/gitlab@585a40d553de3ea560447813e7fb79434d7afe3c) ([merge request](gitlab-org/gitlab!145421)) **GitLab Enterprise Edition**
- [Add frontend filter for zoekt code search](gitlab-org/gitlab@752200fdf1126146712847c1075b0a4c2d061bd1) ([merge request](gitlab-org/gitlab!147014)) **GitLab Enterprise Edition**
- [Add `spec` column to `catalog_resource_components`](gitlab-org/gitlab@c7cf6d3080559a2231dfd1b3ac01d0a5c14fab64) ([merge request](gitlab-org/gitlab!146674))
- [Make `traversal_ids` column nullable if it's already not](gitlab-org/gitlab@155267bfa51e8d5e2efd45dc9e850eb7d774e0bb) ([merge request](gitlab-org/gitlab!147326))
- [Add not valid null check constraint for `traversal_ids`](gitlab-org/gitlab@4255ad3962ac3cf3572dc4d088514ab6c4ed1aa3) ([merge request](gitlab-org/gitlab!147276))
Fixed (141 changes):
- [Update pages ci templates - Gatsby](gitlab-org/gitlab@f309140b1c746dbf93ba0e5d75342348760f64fe) ([merge request](gitlab-org/gitlab!148120))
- [Consider merge request pipelines for license approval policies](gitlab-org/gitlab@334e560a3649c8071429023e4b745761311dbfcf) ([merge request](gitlab-org/gitlab!149192)) **GitLab Enterprise Edition**
- [Disable personal access tokens for enterprise users](gitlab-org/gitlab@cbf59303e43effeabe2d1fa7abe3df631cdff9dd) ([merge request](gitlab-org/gitlab!148415)) **GitLab Enterprise Edition**
- [Fix ArgumentError in ProjectApprovalRules API](gitlab-org/gitlab@e2d0c77bb4bc7045851c35c9f27b75a18a1a9b0b) ([merge request](gitlab-org/gitlab!149106)) **GitLab Enterprise Edition**
- [Add row gap between rows of codeowner approver avatars](gitlab-org/gitlab@57816fbf3da86695403517b75f5d6542ab0be68c) ([merge request](gitlab-org/gitlab!149008)) **GitLab Enterprise Edition**
- [Fix hover state of emoji on snippets](gitlab-org/gitlab@f0154f2277fb93bcadec376de10c1977d5e7cdfa) ([merge request](gitlab-org/gitlab!149153))
- [Hide `New subgroup` button if visibility is restricted](gitlab-org/gitlab@97b12dbf8ea56eb4fdc96a8b775ac319f6bdb957) ([merge request](gitlab-org/gitlab!148758))
- [Ensure command pallet search respects current ref](gitlab-org/gitlab@4db0a566751b3e28166813f6d14b81f8d0f30c82) ([merge request](gitlab-org/gitlab!149084))
- [Escape markdown characters for Telegram integration](gitlab-org/gitlab@545fb61ba96dd21754e929fdb3f6de8d123671d2) ([merge request](gitlab-org/gitlab!148703))
- [Fix job log link regex](gitlab-org/gitlab@bdbcbb71363fbe9b6503c87dec979de2ab1838c1) ([merge request](gitlab-org/gitlab!148891))
- [Fix undefined method error when package.json is malformed](gitlab-org/gitlab@0e4e9aba50543be7b283ad3bc2d5753c2db8f931) ([merge request](gitlab-org/gitlab!149148))
- [Remove unnecessary md header divider when previewing](gitlab-org/gitlab@4692a59fc53bfb1fc1dd2a4d11a498838218e1df) ([merge request](gitlab-org/gitlab!149012))
- [Fix NoMethodError when an array parameter has an invalid format](gitlab-org/gitlab@920437053ace6d4d6625c60caa860305983d46dc) ([merge request](gitlab-org/gitlab!148962)) **GitLab Enterprise Edition**
- [MR approval widget: Align text correctly](gitlab-org/gitlab@4218a8b5430990ca3e2c4008140e36a55dcb6487) ([merge request](gitlab-org/gitlab!149056))
- [[Batched Migration] Fix corrupted scanner_ids of vulnerability_reads](gitlab-org/gitlab@fc5abd0b3f19b5aaa009704bd9f586f457801537) ([merge request](gitlab-org/gitlab!148807)) **GitLab Enterprise Edition**
- [Temporarily restore old breadcrumbs UX](gitlab-org/gitlab@ae8f680b61091bddb1abd86624cdc36126e6ba6c) ([merge request](gitlab-org/gitlab!148673))
- [Avoid bad MIN query plan during batch count](gitlab-org/gitlab@786631a70c5e96948be2bb96a9e62b76b41de516) ([merge request](gitlab-org/gitlab!148608)) **GitLab Enterprise Edition**
- [Show status, milestone and statistics on service desk issue list](gitlab-org/gitlab@135ed3c1ad3e8a035b633f3555cce54c7607ab5b) ([merge request](gitlab-org/gitlab!148895))
- [Clean up instrumentation key in analytics controller](gitlab-org/gitlab@15067f062f8123521d576b4c39e4c659a0eba78d) ([merge request](gitlab-org/gitlab!148840)) **GitLab Enterprise Edition**
- [MR widget approvals: Auto update approvals](gitlab-org/gitlab@fa3bfef9a940b60742d5d7d20fda0b2640bc2ae1) ([merge request](gitlab-org/gitlab!148379))
- [Let sub group api update default branch protection defaults](gitlab-org/gitlab@eafcf0f24fcd4f7a6eaa5b3e4e552cfbccdcd12e) ([merge request](gitlab-org/gitlab!148566))
- [Fix migration error when updating from GitLab 16.9 to 16.10](gitlab-org/gitlab@d2f0aaf37ececcd92b0c1eab73129532c92fb71a) ([merge request](gitlab-org/gitlab!148135))
- [MR sidebar: Fix reviewers loading icon position](gitlab-org/gitlab@af34d0b62b56e6d3b94b70ab28a277d9ea07a919) ([merge request](gitlab-org/gitlab!148950))
- [MR approval in MR list: Fix display of total approvals](gitlab-org/gitlab@5b91c9e43f813c100dab62bb8df1861c0a831452) ([merge request](gitlab-org/gitlab!148941)) **GitLab Enterprise Edition**
- [Skip license capacity check for security policy bot user](gitlab-org/gitlab@33345f3c5ed65a5f4920a1f5c68e5b84582ae6aa) ([merge request](gitlab-org/gitlab!148893)) **GitLab Enterprise Edition**
- [Preserve indirect memberships](gitlab-org/gitlab@bd9dae0c2b320cc75a99b720e1733b5894ef66a2) ([merge request](gitlab-org/gitlab!148220))
- [Fix border radius on MR diffs](gitlab-org/gitlab@f384129183453962a28da05cdc901d3986a9f737) ([merge request](gitlab-org/gitlab!148716))
- [Adapt Graphql path depending on GitHub API endpoint](gitlab-org/gitlab@f3b9cd839825c0b5200870f1f76735ff433a0e5d) by @daniel.marks ([merge request](gitlab-org/gitlab!147143))
- [Migrate sbom_occurrences.component_name to match](gitlab-org/gitlab@85faa73c55cc3aa61b41a0afdbbb3442edff3fd7) ([merge request](gitlab-org/gitlab!146776))
- [Fix pipeline complete condition and include manual state](gitlab-org/gitlab@5713bf9fbb108efd38808ed8a955c2e79370f240) ([merge request](gitlab-org/gitlab!148866)) **GitLab Enterprise Edition**
- [Use 2x image source for avatars smaller than 96px](gitlab-org/gitlab@7fefa86be66444f85e1229b96a7feb2b960b17b5) ([merge request](gitlab-org/gitlab!148333))
- [Prevent access to achievements for private groups](gitlab-org/gitlab@664430132351ea6aa881d78ae3ccb0f19f7a369b) ([merge request](gitlab-org/gitlab!147319))
- [This MR fix scope column in policy list](gitlab-org/gitlab@ec655265e05b1924ebc9ce50ea5d758f2877fb60) ([merge request](gitlab-org/gitlab!148842)) **GitLab Enterprise Edition**
- [Fix missing validation for Branches::CreateService](gitlab-org/gitlab@b458ed5ee901060552dd2d2ab80d04fc3a773faa) ([merge request](gitlab-org/gitlab!148689))
- [Make milestone titles unique in group hierarchy](gitlab-org/gitlab@aa5a790f9e3de50a049a1fd52d46a7e1f3c142a9) ([merge request](gitlab-org/gitlab!142857))
- [Correct parse the `canEdit` permission for project dropdown items](gitlab-org/gitlab@310ceeea42b8586001d948f54a56c08f2547c644) by @espadav8 ([merge request](gitlab-org/gitlab!148659))
- [Fix 500 error in Commits API when the repository is empty](gitlab-org/gitlab@778793d50837ca778541931827fe08cdc823765f) ([merge request](gitlab-org/gitlab!148405))
- [MR widget: Fix alignment of approval button and text](gitlab-org/gitlab@07cbdc49f8fb6097db11417a32208a5881220cf3) ([merge request](gitlab-org/gitlab!148631))
- [Fix "Import with projects" button not showing](gitlab-org/gitlab@fd2d9482bc2104f0df61c338ae6a415642a8f894) ([merge request](gitlab-org/gitlab!148613))
- [Fix board scope assignee dropdown results](gitlab-org/gitlab@4ff3dcf5d4fdc51928bfe339271df898146dfe7a) ([merge request](gitlab-org/gitlab!148377)) **GitLab Enterprise Edition**
- [Invert emails_disabled into emails_enabled](gitlab-org/gitlab@e6f3c8ddaeb34ee8526645418eaf61935308038c) ([merge request](gitlab-org/gitlab!148577))
- [Use locale-specific formatting for VSD table numbers](gitlab-org/gitlab@4b71d52baa05867abafcff3e03f5ad417d9dc4e0) ([merge request](gitlab-org/gitlab!148331)) **GitLab Enterprise Edition**
- [Correct diff colors & highlighting for none theme](gitlab-org/gitlab@8391bb3e6461fbf508bb965a7e98b33115e79cda) by @jameschensmith ([merge request](gitlab-org/gitlab!148538))
- [Disable sending of Link header in preload_link_tag](gitlab-org/gitlab@76fe184e4281812a9f819c2b3a2c4c3a89b356f1) ([merge request](gitlab-org/gitlab!148280))
- [Fix job sidebar when artifact access is restricted](gitlab-org/gitlab@e9cee36e9a051a782b8e47f8ecf5b43d6bc6d111) ([merge request](gitlab-org/gitlab!148453))
- [This is a small breaking change, and while it's not being done in the](gitlab-org/gitlab@1e9e6d5fcd5913ca79505fff4dc1dd1a44f99935) by @gitlab-dependency-update-bot ([merge request](gitlab-org/gitlab!147619))
- [Fix the test report modal](gitlab-org/gitlab@c9808da3a3bff4e6ad8e052391500c8128b84799) ([merge request](gitlab-org/gitlab!148440))
- [Fix handling of DAGs within a stage in AtomicProcessingService ](gitlab-org/gitlab@9ceb88fe5421afa87af290da78f419032325d746) ([merge request](gitlab-org/gitlab!148211))
- [Fix Duo Chat Popover Design Managment overlapping Bug](gitlab-org/gitlab@843bb55409348cc91e2d0ebb74094917e3823d3c) ([merge request](gitlab-org/gitlab!148434))
- [Fix epic links in issue sidebar changing to work item link](gitlab-org/gitlab@d7ac773456fd49792073024a505a4dc24cbc3888) ([merge request](gitlab-org/gitlab!148420))
- [Fix NoMethodError for tags#date](gitlab-org/gitlab@96858a07cc2046162dc7c15e5a95de33ba5f9c23) ([merge request](gitlab-org/gitlab!148413))
- [Support large wiki content in webhooks](gitlab-org/gitlab@3e38cff3a36d741b89b59859317cf8d6b3916917) by @ivantedja ([merge request](gitlab-org/gitlab!146973))
- [Fix included avatar in the code copy](gitlab-org/gitlab@fd451c621adcd6f59f03c636b665f3bf8b9c0cca) ([merge request](gitlab-org/gitlab!148243))
- [Use a correct link to group templates docs](gitlab-org/gitlab@30669dff2c937c78033b3de578d0d9c4bfb4e1cb) ([merge request](gitlab-org/gitlab!148374)) **GitLab Enterprise Edition**
- [Fix URL validator for mirror services when using localhost](gitlab-org/gitlab@310317f36d14efe8b424b1fdcb5fe00abdae1395) ([merge request](gitlab-org/gitlab!148368))
- [Expose `branches_to_be_notified` field for Telegram API](gitlab-org/gitlab@7bf6d3eee9c8a33f73a7b1f4e2a29268aa9d68b7) ([merge request](gitlab-org/gitlab!148281))
- [Fix duplicate "Job suceeded lines"](gitlab-org/gitlab@e86eddfe31a4e1ba25e4ca271c6c2d693f72e69a) ([merge request](gitlab-org/gitlab!148255))
- [WIP OVERWRITE LATER](gitlab-org/gitlab@81a73d56889b006adc1d36d60e04dbabb08e37c2) ([merge request](gitlab-org/gitlab!148262))
- [Fail sync when a primary connection is unvailable](gitlab-org/gitlab@756f9cdb1518ded4c2f53e9971ba38634d1f129c) ([merge request](gitlab-org/gitlab!148105)) **GitLab Enterprise Edition**
- [Trigger Epic events after transaction has been finished](gitlab-org/gitlab@4eab137d71d3e4d7785efcea963088567c9b6e9f) ([merge request](gitlab-org/gitlab!147677)) **GitLab Enterprise Edition**
- [Update vulnerability_reads scanner in the ingestion pipeline](gitlab-org/gitlab@287fd2d24d774cde7293e803a2cdc7f2c4dcf7ff) ([merge request](gitlab-org/gitlab!148016)) **GitLab Enterprise Edition**
- [Strip keywords from chat final answer](gitlab-org/gitlab@ca76cb9a231b8842bfad0b90a624558da584fbc3) ([merge request](gitlab-org/gitlab!148177)) **GitLab Enterprise Edition**
- [Fix native browser navigation in MR single-file mode](gitlab-org/gitlab@95c6310bc3d409db219246bc8c96fed684ca6f34) ([merge request](gitlab-org/gitlab!147413))
- [Fixes race condition for GFM rendering on issuable description](gitlab-org/gitlab@89a1fbb0cd5749991ca77cd0ce84747097a69613) ([merge request](gitlab-org/gitlab!148150))
- [Branches list: Fix focus states](gitlab-org/gitlab@be5f35c4998e8e50461075b9cbcf84bcf4009763) ([merge request](gitlab-org/gitlab!148057))
- [Fix cache timeout for commands](gitlab-org/gitlab@7655608a37274a2836fb1b799eeb886e0ebc65c3) ([merge request](gitlab-org/gitlab!147368))
- [Fix wiki URLs for wiki webhooks](gitlab-org/gitlab@dc6f269ba62b3e8ab95aca104179007d969bb8cb) by @ivantedja ([merge request](gitlab-org/gitlab!147822))
- [Fix size of design management todo button](gitlab-org/gitlab@8cec5771e1d853effa09babb9cbc9f7e3f2b007b) ([merge request](gitlab-org/gitlab!147941))
- [Strip cookies for asset requests in development and test](gitlab-org/gitlab@58a4a2cb5fb3ee1e205df5c314cb48a64f4cfb97) ([merge request](gitlab-org/gitlab!148117))
- [Remove echarts <5.x workaround in lead_time_charts](gitlab-org/gitlab@71b3002dbf56cc48fc0f2433ae8647688a36056f) ([merge request](gitlab-org/gitlab!148116)) **GitLab Enterprise Edition**
- [Fix styling of Incident timeline tab in dark mode](gitlab-org/gitlab@14bff2aa8bad57734a74f1210312337f6081d5f5) ([merge request](gitlab-org/gitlab!147852))
- [Fixes a horizontal scrolling issue for json tables](gitlab-org/gitlab@d38662cb71260969cd10d98cc3d0651a9cc5f9d4) by @fagerburg ([merge request](gitlab-org/gitlab!147286))
- [Fix blurry avatars when size < 48](gitlab-org/gitlab@d9d6391d1330e749500446b0e295106a61321716) ([merge request](gitlab-org/gitlab!147821))
- [Fix the deprecated_properties method](gitlab-org/gitlab@c2c641f183d38ccfca4be64a3463f2e342eec11a) ([merge request](gitlab-org/gitlab!147958)) **GitLab Enterprise Edition**
- [Pipeline Sec: Fix issue with deleted Jira issue](gitlab-org/gitlab@4e7bf39e3087bccc23b14780afeb07afc22d9e22) ([merge request](gitlab-org/gitlab!148007)) **GitLab Enterprise Edition**
- [Fix component include path rendered in the components tab](gitlab-org/gitlab@79a10b4eca5b2ed002105bd5ad91ffc8e3501163) ([merge request](gitlab-org/gitlab!147998))
- [Fix handling of DAGs within a stage in AtomicProcessingService](gitlab-org/gitlab@44911410286607e47a98e885744b06ec87d6c865) ([merge request](gitlab-org/gitlab!147875))
- [Fix handleLocationHash behavior for MRs and issuables](gitlab-org/gitlab@ab1e57d6c1d78d3efa69dde14bd66c7d39e5cbd6) ([merge request](gitlab-org/gitlab!147711))
- [Fix commit status API incorrectly overwriting MR head pipeline](gitlab-org/gitlab@6a4c87d6db68e2536b90b38c1e11f9a158bd7480) ([merge request](gitlab-org/gitlab!147212))
- [Pipeline Sec: Fix Jira issue creation](gitlab-org/gitlab@da3b8c10a91c3152af0b00048ebcc2b9c4c7c765) ([merge request](gitlab-org/gitlab!147647)) **GitLab Enterprise Edition**
- [Handle null owner when indexing projects](gitlab-org/gitlab@059908f552762fbc26bc8d62f383770cfc02f926) ([merge request](gitlab-org/gitlab!147951)) **GitLab Enterprise Edition**
- [Add search functionality to sub group autocomplete](gitlab-org/gitlab@5172a9247bc4fc7b5192247db7dfd27be4d94dce) ([merge request](gitlab-org/gitlab!147578)) **GitLab Enterprise Edition**
- [Initialize hiding tooltip for links with tooltips when clicked](gitlab-org/gitlab@4fd57f617d97c9764e11c4c89c03e399fc1a3507) ([merge request](gitlab-org/gitlab!147947))
- [Fix design management notification buttons feature flag](gitlab-org/gitlab@61e6d9765c2b4ecbcc236ec9f6ed5590037958fe) ([merge request](gitlab-org/gitlab!147945))
- [ActionController::UrlGenerationError for old path redirects](gitlab-org/gitlab@4b37f666e26e3f382a88e5e4872ae2de9d2399e9) ([merge request](gitlab-org/gitlab!147933))
- [Use vue routes for group custom Value Stream Dashboard](gitlab-org/gitlab@8b431614f3d6e8a254eef23dde703a0f35dc10d0) ([merge request](gitlab-org/gitlab!147842)) **GitLab Enterprise Edition**
- [Set `traversal_ids` and `archived` attributes always](gitlab-org/gitlab@589b246fa034fd339aefb746ac1de972409d843b) ([merge request](gitlab-org/gitlab!147082)) **GitLab Enterprise Edition**
- [Fix 500 error for erroneous content in markdown footnotes](gitlab-org/gitlab@8d061c5813ad28eea8afd6bdf15d098ad720a7a1) ([merge request](gitlab-org/gitlab!147922))
- [Update pages ci templates - Nanoc](gitlab-org/gitlab@f6e2b4f9edf9a1ceba5428f0dd435caac0f10242) ([merge request](gitlab-org/gitlab!147722))
- [Fix start_is_fixed and due_date_is_fixed default](gitlab-org/gitlab@2a2405c48f9081c415ba9623d653a85995a4ef69) ([merge request](gitlab-org/gitlab!147119)) **GitLab Enterprise Edition**
- [Skip migration when the partitioned FK exists](gitlab-org/gitlab@cb88e677ff9397c1b825d38381f987465fc76b1c) ([merge request](gitlab-org/gitlab!147878))
- [Handle missing pipeline user name in terraform registry UI](gitlab-org/gitlab@db119bed67e45bb7779aaf187b3af77fbe8af7e7) ([merge request](gitlab-org/gitlab!147865))
- [Reset pagination page](gitlab-org/gitlab@e164ef2015c9388d00bd3b4f9842fc747a779bb1) ([merge request](gitlab-org/gitlab!147832))
- [Fix leave action label for project members](gitlab-org/gitlab@f8bb6dd151393ff9e2b0e59921204fa7665b2a41) ([merge request](gitlab-org/gitlab!147692))
- [Replace space with HTML entity](gitlab-org/gitlab@eae79bfd94be8cb6d9a05adf2dd1fad284180116) ([merge request](gitlab-org/gitlab!147805)) **GitLab Enterprise Edition**
- [Apply inline validation to admin deletion protection settings](gitlab-org/gitlab@f5733cdc6a4a32780a0e1803d5bc447d1564f1c0) ([merge request](gitlab-org/gitlab!147299)) **GitLab Enterprise Edition**
- [Fix webhook test send wrong object kind for tag_push_event](gitlab-org/gitlab@ecc33395ae61141eb8d09245350ede435a070058) by @lifez ([merge request](gitlab-org/gitlab!147634))
- [Use semaphore for storing security reports](gitlab-org/gitlab@fea7c1843b08a9377a96f0a15e071b560867948c) ([merge request](gitlab-org/gitlab!147816)) **GitLab Enterprise Edition**
- [Fix character escaping in fork divergence message](gitlab-org/gitlab@0699d4ed2e2e61da32798d73a62ff79dbeadf073) ([merge request](gitlab-org/gitlab!147808))
- [Zoekt: Retry indexing if too many requests](gitlab-org/gitlab@0f2ecf22b24826efe5b30168acd9b5ee612ceda9) ([merge request](gitlab-org/gitlab!147776)) **GitLab Enterprise Edition**
- [Update pages ci templates - Lektor](gitlab-org/gitlab@89756d0a3c14b24dac2cc3b5e0a4d801b49ee876) ([merge request](gitlab-org/gitlab!147491))
- [Fix focus state for dark mode rounded bottom markdown input](gitlab-org/gitlab@ce00c22b4ba4a87d03fe57c9bb0bcfae35eb4a9d) ([merge request](gitlab-org/gitlab!147476))
- [Fix invalid CI input array type default value](gitlab-org/gitlab@3070c59f634ba8357fc9bcf32dcd763f1bfb0cd5) ([merge request](gitlab-org/gitlab!147681))
- [Update redis-client to v0.21.1](gitlab-org/gitlab@2e2191cb4f7ef4fdb4f7088377483beab31e0714) ([merge request](gitlab-org/gitlab!147675))
- [Include all changes made to issuable in hook data](gitlab-org/gitlab@9f0fd32b7039d6ba23b8829a1792490fbfc15626) ([merge request](gitlab-org/gitlab!147033))
- [Fix markdown header for uses with restricted items](gitlab-org/gitlab@be9c2c1e736c48341a7446829c101b6738b46e71) ([merge request](gitlab-org/gitlab!147481))
- [Fix VSD column names not matching the date range](gitlab-org/gitlab@45b59e2e3f52cfd953f51dd3e9c463d9ea2c7323) ([merge request](gitlab-org/gitlab!147668)) **GitLab Enterprise Edition**
- [Fix apparent spacing of issuable sidebar content](gitlab-org/gitlab@6502a266e8918d606b2266bae7edd21138a6c613) ([merge request](gitlab-org/gitlab!147294))
- [Pass plan when create trials](gitlab-org/gitlab@5f8421ffd418ea5fcf6141d8a731afce3d9dba4a) ([merge request](gitlab-org/gitlab!147635)) **GitLab Enterprise Edition**
- [Remove `ci_fix_input_types` feature flag](gitlab-org/gitlab@bcd12f77cd3875df3a87add7eed73a94ddda46da) ([merge request](gitlab-org/gitlab!146897))
- [Fix import of Gitea projects with a dot in owner name or project name](gitlab-org/gitlab@8c3c45e68887a072ac12ae3280bb5b0b489ba215) by @Cerdic ([merge request](gitlab-org/gitlab!146168))
- [Strip namespaces from OS component names](gitlab-org/gitlab@4f416b69ff375b7f200eb903ae37855d3a3cb9e9) ([merge request](gitlab-org/gitlab!145613)) **GitLab Enterprise Edition**
- [Fix check for adminPath in home_panel.vue](gitlab-org/gitlab@5d16553bf2053166eedd63a6cf96f9bfc0f42f10) ([merge request](gitlab-org/gitlab!147562))
- [Keep scope conditions for associations](gitlab-org/gitlab@0ce8a7ae2f050ed3b4b2ec190e98edf31e049c62) ([merge request](gitlab-org/gitlab!147550))
- [Fix the case when mirror trigger builds is not set](gitlab-org/gitlab@9bc3be7276d094256814b2b16e78a3c9ed520f2f) ([merge request](gitlab-org/gitlab!147545)) **GitLab Enterprise Edition**
- [Fix new project group templates pagination](gitlab-org/gitlab@2c5f068a0ab0e187cc564fda6a4765431d8a6a24) ([merge request](gitlab-org/gitlab!147534)) **GitLab Enterprise Edition**
- [Fixes update analytics dashboards project settings](gitlab-org/gitlab@f095431a0d6bbeca0a94b3b4b515ac8e440bbb41) ([merge request](gitlab-org/gitlab!147533)) **GitLab Enterprise Edition**
- [Change CRM Contacts help icon color](gitlab-org/gitlab@337c6ce961bc7bd1a514d3cbfc6b98068a8f08fd) ([merge request](gitlab-org/gitlab!147331))
- [Fix line width which separating the timeline events](gitlab-org/gitlab@fc17d327787945dc7d7a493c65ce30ce8a7d5cc1) by @antonkalmykov ([merge request](gitlab-org/gitlab!147037))
- [Pipeline Sec Report: handle Jira issues](gitlab-org/gitlab@e80220aa097b1ff7e304c5669da175773d1121e0) ([merge request](gitlab-org/gitlab!147102)) **GitLab Enterprise Edition**
- [Enable 'self' in Content-Security-Policy worker-src directive](gitlab-org/gitlab@52ec8103551d0b5fbcaf3d1b02cbcaa9ffe441a1) ([merge request](gitlab-org/gitlab!147472))
- [Ensure labels in inapplicable task list items are crossed out](gitlab-org/gitlab@4b6db3fe08157be75d3a286e6f1557ef864caacc) ([merge request](gitlab-org/gitlab!147361))
- [Delete callback should use namespace_id](gitlab-org/gitlab@2e0540f4a5b45f9245103f3fa17356c24e885192) ([merge request](gitlab-org/gitlab!147459)) **GitLab Enterprise Edition**
- [Fix the permission check for pull mirroring](gitlab-org/gitlab@4249c03c44f11d49b4c201c5b1247513cffd0c43) ([merge request](gitlab-org/gitlab!146899)) **GitLab Enterprise Edition**
- [Update pages ci templates - JBake, Jekyll, Jigsaw](gitlab-org/gitlab@74943a41a628eb764472c0fd3809e46c4bb1095d) ([merge request](gitlab-org/gitlab!146529))
- [Fix Vite HMR Content Security Policy rules](gitlab-org/gitlab@25f1a1d56fc1b814ff921535ef333997fae038a2) ([merge request](gitlab-org/gitlab!147366))
- [Fix breadcrumb style broken in external_file page](gitlab-org/gitlab@2316e9dcb069aac982fba0133b41a300a4feefe3) ([merge request](gitlab-org/gitlab!143597))
- [Remove indentation logic to fix Objective child list](gitlab-org/gitlab@72e68aec2d83e5f17b599691190a8c7bfcaa4474) ([merge request](gitlab-org/gitlab!147391))
- [Adjust border radius of rounded note input](gitlab-org/gitlab@928efabcb3b056876cb6c57d5251372d7b6ab130) ([merge request](gitlab-org/gitlab!147385))
- [Project item template: Fix alignment of CI/CD Catalog badge](gitlab-org/gitlab@ed2a3f707a789699f6ee402644572f9744aef9d7) ([merge request](gitlab-org/gitlab!147416))
- [Return 401 when user sign ins but password authentication is not allowed](gitlab-org/gitlab@2fc17dcf0951ab65e7962ef1bbc3d47a5dd1b4f2) ([merge request](gitlab-org/gitlab!147343))
- [Fix autocomplete for long items](gitlab-org/gitlab@6afbbc07bbf56afed66be66b1cded2a413bed70e) ([merge request](gitlab-org/gitlab!147337))
- [Fix scheduling service statement timeout](gitlab-org/gitlab@f3611dd958710be31e1d39d723d8c07bc130f393) ([merge request](gitlab-org/gitlab!147328)) **GitLab Enterprise Edition**
- [Make the recently added not null migration no-op](gitlab-org/gitlab@9025c5e6f7f024288497f64a8f00e364ff1d96e8) ([merge request](gitlab-org/gitlab!147264))
- [Fix the deprecated_properties method](gitlab-org/gitlab@fbed1c09ebb3a46e8403e992300986f4b9dba2e7) ([merge request](gitlab-org/gitlab!147281)) **GitLab Enterprise Edition**
- [Allow reset password when password auth is partially disabled](gitlab-org/gitlab@9198967aa9291c96da56547a853f101334be87d8) ([merge request](gitlab-org/gitlab!147198))
- [Upgrade gitlab-fog-azure-rm to v1.9.1](gitlab-org/gitlab@e3a40763932e46429ce3e826356badccf654bf60) ([merge request](gitlab-org/gitlab!147219))
- [Fix commit markdown parsing with word boundaries](gitlab-org/gitlab@9fc957662b0b2692306cc66cec89cdb4abbf1074) ([merge request](gitlab-org/gitlab!147185))
- [Record unassignment notes for removed member](gitlab-org/gitlab@40f479d5fdc34e1886d6aaca2d8e0b4cfaf12286) by @euko ([merge request](gitlab-org/gitlab!146735))
- [Fix Gitlab::HTTP_V2 allowed_internal_uris https scheme](gitlab-org/gitlab@c67777cf68bae073be21610e387e458b9de08d58) ([merge request](gitlab-org/gitlab!146919))
- [Transfer group labels](gitlab-org/gitlab@4011fd1f703072aaf5e2e21573246ae0071ebcb6) by @euko ([merge request](gitlab-org/gitlab!146727))
Changed (167 changes):
- [Place relation import endpoint behind feature flag](gitlab-org/gitlab@32fa8cc96bc1866a3a2e1be517dddc0b5bb4eeec) ([merge request](gitlab-org/gitlab!149444))
- [Add Google Artifact Registry count to Service Ping](gitlab-org/gitlab@fb05c4f181c1ddd5bed877219abb0db97612a31d) ([merge request](gitlab-org/gitlab!148414)) **GitLab Enterprise Edition**
- [Enable approval rues drawer feature flag](gitlab-org/gitlab@24c5aabcfb278469bcc956ae76f618066318272f) ([merge request](gitlab-org/gitlab!149045))
- [Not throwing error when token not present](gitlab-org/gitlab@b5d98289e3724bc9bd3f7782a7a99e2fcf90907d) ([merge request](gitlab-org/gitlab!149392))
- [Add help text for agent selector on env settings page](gitlab-org/gitlab@e949eae157b441f2593195d384359a8fee83b8e6) by @jzeng88 ([merge request](gitlab-org/gitlab!149033))
- [Improve system note messaging for assumed merges](gitlab-org/gitlab@74389c2bcd8fafb3324f1459a4b0dde111636f2c) ([merge request](gitlab-org/gitlab!148147))
- [Export for the new frameworks report (frontend)](gitlab-org/gitlab@50dd9ced39e545544a5d75f11001512c0241a7b7) ([merge request](gitlab-org/gitlab!146740)) **GitLab Enterprise Edition**
- [Redirect profile ssh keys to user settings](gitlab-org/gitlab@c1544549d186064042ebdbc5d842ece1b06c1457) ([merge request](gitlab-org/gitlab!148081)) **GitLab Enterprise Edition**
- [Fix deprecated properties method for multiple policies](gitlab-org/gitlab@1cdb8a3b5087fd46891e9c74ad232214a9521c7e) ([merge request](gitlab-org/gitlab!149264)) **GitLab Enterprise Edition**
- [Enable moving issue children by default](gitlab-org/gitlab@10fa5542b53ff7e08d95b81f8d0cf60a52f6a5c0) ([merge request](gitlab-org/gitlab!149156))
- [Redirect profile gpg keys to user settings](gitlab-org/gitlab@9870ed2063627121b5bb39760e080cb10ba585d7) ([merge request](gitlab-org/gitlab!148528))
- [Enable epic_color_highlight feature flag by default](gitlab-org/gitlab@a16fce87696a265f2ad8dcc136996eda03bbf99a) ([merge request](gitlab-org/gitlab!149147)) **GitLab Enterprise Edition**
- [Display descendant policies in compliance framework report](gitlab-org/gitlab@60f154d4d3397f29754bdfbc440e1ff8839576fb) ([merge request](gitlab-org/gitlab!149116)) **GitLab Enterprise Edition**
- [Allow relation tree restorer to import single relation](gitlab-org/gitlab@485fd4aaa0a12565e6283aeb92e8fe165e969da2) ([merge request](gitlab-org/gitlab!147904))
- [Enable analytics dashboards animations and floating panels](gitlab-org/gitlab@fa00531c81e38d1190ced75830ff1dd7cc4281f5) ([merge request](gitlab-org/gitlab!149081)) **GitLab Enterprise Edition**
- [Update feature flag modal text](gitlab-org/gitlab@2b12f90a49a2fd657f19aac06999e2727226750c) ([merge request](gitlab-org/gitlab!149261))
- [This MR updates copy for pipeline execution type](gitlab-org/gitlab@7a3d9c2f87c0238d1275d1f97279b7297ffb61d1) ([merge request](gitlab-org/gitlab!149187)) **GitLab Enterprise Edition**
- [Add pagination for the approval rules in the `Merge requests` settings](gitlab-org/gitlab@487e19f41dc759770bfcb32949a385fe5831d727) by @antonkalmykov ([merge request](gitlab-org/gitlab!148824)) **GitLab Enterprise Edition**
- [Remove orphaned indices for a namespace](gitlab-org/gitlab@831bcba18bd90a6487706032e70371102ee4305d) ([merge request](gitlab-org/gitlab!147482)) **GitLab Enterprise Edition**
- [Update dependency auto-deploy-image to v2.89.0](gitlab-org/gitlab@63927f21846020d245304dc862db5f7301093804) ([merge request](gitlab-org/gitlab!149236))
- [Hide the `created_by` attribute from group/project non-admins](gitlab-org/gitlab@6acf810b4ca85ff48aba72c3e8296054abfb86a3) ([merge request](gitlab-org/gitlab!147870))
- [Limit counters on group deletion](gitlab-org/gitlab@9c060bc84c6ebfd01fb1d227e40ffb3bb20c5094) ([merge request](gitlab-org/gitlab!148575))
- [Remove Beta Labels from DuoChat Callout and Sidebar](gitlab-org/gitlab@206234fc578c9ccf64b9c452ae9064cd70aca586) ([merge request](gitlab-org/gitlab!149177)) **GitLab Enterprise Edition**
- [Add unicode_escaped_blob field](gitlab-org/gitlab@0a06e1dcb2474f866e2f335cee2d0cb3c6886db3) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/139090))
- [Swap pipeline columns for p_ci_builds](gitlab-org/gitlab@44449068f2b450e2cbaa8feae58f819275bdb3f5) ([merge request](gitlab-org/gitlab!146759))
- [Add info about release notes for policy rename](gitlab-org/gitlab@21782f49f506e21424294ef9ae73ad0bb3d2235a) ([merge request](gitlab-org/gitlab!148144)) **GitLab Enterprise Edition**
- [MR widget: Use secondary text style for merge train message](gitlab-org/gitlab@d79f1d4a3da2ff601038c0432a101320307d577c) ([merge request](gitlab-org/gitlab!149131)) **GitLab Enterprise Edition**
- [Snippets: Move embed and clone to actions](gitlab-org/gitlab@3d46019e187930303752f7cdec0e4ca7b9786688) ([merge request](gitlab-org/gitlab!147996))
- [MR list: Show self approval](gitlab-org/gitlab@eec8884f56aa7276e391c24d8e67c8ec457a001c) ([merge request](gitlab-org/gitlab!149092))
- [Update design of the pipeline graph](gitlab-org/gitlab@8a05ff09c54f5a840816308468fab1046be712ea) ([merge request](gitlab-org/gitlab!149068))
- [Pipeline overview page: Migrate dropdown to GlDisclosureDropdown](gitlab-org/gitlab@a45e646fe225ee4a9cbb6ae0546d614803dac5fd) ([merge request](gitlab-org/gitlab!147273))
- [Reduce sbom_occurrences table writes](gitlab-org/gitlab@f1e0086cfba47720fd5a07ea38c9a9c9640b4da5) ([merge request](gitlab-org/gitlab!148868)) **GitLab Enterprise Edition**
- [Added information to product analytics docs](gitlab-org/gitlab@6e8750493f2418655d88f21d778a95529326aab3) ([merge request](gitlab-org/gitlab!148601)) **GitLab Enterprise Edition**
- [Add the container to the cadence validation ff check](gitlab-org/gitlab@47ae7f5dce7b4bcf3cf91bd89c026ad697eab088) ([merge request](gitlab-org/gitlab!148892)) **GitLab Enterprise Edition**
- [Fix project overview bugs](gitlab-org/gitlab@cabb403855e5ae6a8d4f1f700a7425376a24b7a4) ([merge request](gitlab-org/gitlab!148953))
- [Allow relation tree restorer to import single relation](gitlab-org/gitlab@ff17628fb19918ed0cf774fd5f48ab55101b740c) ([merge request](gitlab-org/gitlab!147913))
- [Remove `scan_result_policies_block_unprotecting_branches` feature flag](gitlab-org/gitlab@9056627110b4ac647b32ddf6810f20c4b7333855) ([merge request](gitlab-org/gitlab!148549)) **GitLab Enterprise Edition**
- [Left-align activity timestamps on mobile](gitlab-org/gitlab@30c223251024930c15fad63342595d8b8e3c35b9) ([merge request](gitlab-org/gitlab!148711))
- [Remove the need for SaaS to configure Product Analytics](gitlab-org/gitlab@85eb339cec332c1392d753fd789bd937d70388c7) ([merge request](gitlab-org/gitlab!147833))
- [Add action menu to milestone row on milestones page](gitlab-org/gitlab@d9895d13de20db638e261cac294152df83b98341) ([merge request](gitlab-org/gitlab!148219))
- [Move viewed file tooltip to the left; only show on hover](gitlab-org/gitlab@11105fe52389dfb17a10e39ea4b7b4995c5ee440) ([merge request](gitlab-org/gitlab!148558))
- [Capture running builds on non-shared runners](gitlab-org/gitlab@d299c78fa96ee76d16a95524cf04cf5f8bc0c708) ([merge request](gitlab-org/gitlab!147943))
- [Update epics foreign key on parent_id to nullify on delete](gitlab-org/gitlab@c6e4f7e2c0add5e048a32bd73e5113387add0ff5) ([merge request](gitlab-org/gitlab!148522))
- [Merge request list: Improve approvals](gitlab-org/gitlab@443aab39ec9ac0a79299b6947cda09d9194d594b) ([merge request](gitlab-org/gitlab!148364))
- [Add metadata database alert to registry pages in the UI](gitlab-org/gitlab@062eea6b2627d81ff3f8fb2ef36178f0e45d68bc) ([merge request](gitlab-org/gitlab!147503))
- [Enable `security_policies_unassign_redundant_policy_projects` FF](gitlab-org/gitlab@3c0bbcf05586a51dded19fe27d396ded619be706) ([merge request](gitlab-org/gitlab!148741)) **GitLab Enterprise Edition**
- [Add a `personal` argument to `Query.projects`](gitlab-org/gitlab@2ae86907e57e69350029b9cd11f5219172542355) by @yasuk ([merge request](gitlab-org/gitlab!148393))
- [Combine snippet embed and clone buttons into single code dropdown](gitlab-org/gitlab@4b8561afa2018da16348d43eb277cad8953b437b) ([merge request](gitlab-org/gitlab!147719))
- [Drop workhorse_google_client feature flag](gitlab-org/gitlab@2715b0369da54560ccdc51f524f3187228620713) ([merge request](gitlab-org/gitlab!148755))
- [Update text in deployment approval modal](gitlab-org/gitlab@5951bfd01255d5d0b9b1370317830cde22230238) ([merge request](gitlab-org/gitlab!148588)) **GitLab Enterprise Edition**
- [Distribute scheduled pipelines from Scan Execution Policy](gitlab-org/gitlab@7c1cac1a853639ab9a047f2d44ac39befe117ae1) ([merge request](gitlab-org/gitlab!145993)) **GitLab Enterprise Edition**
- [Update DevOps Reports illustrations](gitlab-org/gitlab@bfb5623d0b7ac5860f94c786c46cba71d6748fc0) ([merge request](gitlab-org/gitlab!148530)) **GitLab Enterprise Edition**
- [Update DevOps Adoption empty state illustration](gitlab-org/gitlab@f5df939dbb72e467918ea00eab9a269840c510ca) ([merge request](gitlab-org/gitlab!148546)) **GitLab Enterprise Edition**
- [Update ES shard size rake task and guidelines](gitlab-org/gitlab@9f48a818e5c0724bc5201c20ad68b7ad77e2cadb) ([merge request](gitlab-org/gitlab!146108)) **GitLab Enterprise Edition**
- [Update release empty state illustration](gitlab-org/gitlab@ab374d34bb7948dca1da5023ef301b8b2b8627de) ([merge request](gitlab-org/gitlab!148526))
- [Add sales call to action when onboarding without purchase](gitlab-org/gitlab@7355dafcd25f41bea162fec4c3ee0dfe8ac4daf4) ([merge request](gitlab-org/gitlab!148439)) **GitLab Enterprise Edition**
- [Moves ml_experiment_tracking to group::mlops](gitlab-org/gitlab@a398f1a46638db397f1772498e9f5026a3b85339) ([merge request](gitlab-org/gitlab!148533))
- [Truncate individual names](gitlab-org/gitlab@804f6efec7ef7c89405026f9a51c7c5d0e04e343) ([merge request](gitlab-org/gitlab!144369))
- [Replace GlAvatar with ProjectAvatar in GroupItems](gitlab-org/gitlab@7bcb4defeab1ac52da0e58d8256e8b9d5027668a) by @espadav8 ([merge request](gitlab-org/gitlab!148464))
- [Adjust default_enabled to true for wiki_content_background_job flag](gitlab-org/gitlab@672d92d44977ef0c1e8eaae7ecb85629f743e79a) by @ivantedja ([merge request](gitlab-org/gitlab!148616))
- [Remove sub-header background from Compare revisions form](gitlab-org/gitlab@bbcf8f8cb4c63cfa0f4472edec747dfae0420ac2) by @espadav8 ([merge request](gitlab-org/gitlab!148614))
- [Search iterations in descending order](gitlab-org/gitlab@17b0039b731cf31a7046720ecfe5d788b3fa070d) ([merge request](gitlab-org/gitlab!148465)) **GitLab Enterprise Edition**
- [Allow admins to disable runner registration token](gitlab-org/gitlab@7e4b4f7d0375b4d8a53ceb2705bc8280b3aae999) ([merge request](gitlab-org/gitlab!147559))
- [Update issue filter search illustration](gitlab-org/gitlab@a23f546fc0c705257782abdac946b64451e8fa03) ([merge request](gitlab-org/gitlab!148521))
- [Trigger search file modal when searching](gitlab-org/gitlab@d421d9cb81acaf422ecb04468450d23c03be74aa) ([merge request](gitlab-org/gitlab!148025))
- [Cleanup web_ide_settings_sync feature flag](gitlab-org/gitlab@512cf3f80903e3288400ca93b71a73012299b32c) ([merge request](gitlab-org/gitlab!148365))
- [Update color and spacing of releases page](gitlab-org/gitlab@09fc52c7762f812780bb35269be5de844e14a06e) ([merge request](gitlab-org/gitlab!148474))
- [Make merge conflict file stand out more](gitlab-org/gitlab@fae96877f76f666ba5c33552f22a28c2b9804eef) ([merge request](gitlab-org/gitlab!147654))
- [Update the cadence documentation for sep](gitlab-org/gitlab@2605c360256f47423ba2975003307dfa85a330ce) ([merge request](gitlab-org/gitlab!148109))
- [Add alphabetical sort for branch names](gitlab-org/gitlab@4a0c51d52c0ff087c553328034c11b0c7b0d7060) by @gauravmarwal ([merge request](gitlab-org/gitlab!147034))
- [Enable product_analytics_beta_option by default](gitlab-org/gitlab@3122e16371dc4e2e9330698d87f94cd6b5323add) ([merge request](gitlab-org/gitlab!148422))
- [Make product_analytics_dashboards default enabled](gitlab-org/gitlab@104c9d4aef2c258181c15287589c8d4983be4637) ([merge request](gitlab-org/gitlab!148381))
- [Add a validation to the scan execution policy cadence](gitlab-org/gitlab@3a3160b708ae1e67ef4a5ea738e447e9fc5b09d1) ([merge request](gitlab-org/gitlab!147576)) **GitLab Enterprise Edition**
- [Update MR changes empty state](gitlab-org/gitlab@d19cd4d747086f4677358fa7ea05484f659535fd) ([merge request](gitlab-org/gitlab!148051))
- [Adds logo to MattermostSlashCommands](gitlab-org/gitlab@558a96afcba39e3d57af296cea1ec4d714adb4e3) ([merge request](gitlab-org/gitlab!148373))
- [Update analytics dashboard observability](gitlab-org/gitlab@0f0627036905f892fe8b0cbb2afe459813ecbeb4) ([merge request](gitlab-org/gitlab!147163)) **GitLab Enterprise Edition**
- [Keep compliance frameworks for project transfers](gitlab-org/gitlab@b81b52b2c67664dd1dc941ab0e431d59d7869288) ([merge request](gitlab-org/gitlab!148142)) **GitLab Enterprise Edition**
- [This MR adds scope column to policies list](gitlab-org/gitlab@9d50f342072abdfe87a44b80c8eb5ef9662c118e) ([merge request](gitlab-org/gitlab!145047)) **GitLab Enterprise Edition**
- [Refactor BulkIndexer to able to handle other document references](gitlab-org/gitlab@2da4b1ca443ede7a42ecafbafbf1d37e9b6cfd45) ([merge request](gitlab-org/gitlab!146491)) **GitLab Enterprise Edition**
- [Add Mattermost logo](gitlab-org/gitlab@f3bd984876b13ea6328327f36314167cef9c0051) ([merge request](gitlab-org/gitlab!147893))
- [Blocks unprovisioned access to product analytics apis](gitlab-org/gitlab@f58377548fa9370b80861dcf52d3ec48fbf8d484) ([merge request](gitlab-org/gitlab!147841)) **GitLab Enterprise Edition**
- [Add empty state for sidebar CRM widget](gitlab-org/gitlab@b764d0da8be493cfd4ff961b659fc982e827f55e) ([merge request](gitlab-org/gitlab!147694))
- [Snippets delete modal improvements](gitlab-org/gitlab@0898b4148bc60063d3785eb2273247d67b6689c8) ([merge request](gitlab-org/gitlab!148044))
- [This MR adds branch exceptions selector](gitlab-org/gitlab@2c9b4b8a89f12fe9bb6a6f1f0053cedde65dbe6c) ([merge request](gitlab-org/gitlab!141650)) **GitLab Enterprise Edition**
- [Move Google Cloud instructions to reduce duplication](gitlab-org/gitlab@9ac8d4aa4d79650640828f28e46b5e721ae5a9a1) ([merge request](gitlab-org/gitlab!148190))
- [Adding alert for duo pro trials for existing users](gitlab-org/gitlab@f43b7f57087aaf6b9e2bbd94aeb057e5c494e9bd) ([merge request](gitlab-org/gitlab!148012)) **GitLab Enterprise Edition**
- [Deprecate security_auto_fix from graphql type](gitlab-org/gitlab@a69eb00b15bf14aae02ae885c9aefcee38cd5e9f) ([merge request](gitlab-org/gitlab!147157))
- [Show package processing error message returned from API](gitlab-org/gitlab@03da4ea38f9d5acec50d9499c9e27193b70d3810) ([merge request](gitlab-org/gitlab!147026))
- [Add columns for require_reauthentication_to_approve](gitlab-org/gitlab@24c9690f099da9fead2a364b87aef39cc08fc851) ([merge request](gitlab-org/gitlab!146374))
- [MR more actions dropdown: Improve alignment on small viewports](gitlab-org/gitlab@e8950e4bc438552fa65da59ed6b22d08bb30423d) ([merge request](gitlab-org/gitlab!148000))
- [Issuables: Improve more actions on smaller devices](gitlab-org/gitlab@1cbafae293a2d030eca6b5c36119d070e849c04b) ([merge request](gitlab-org/gitlab!147999))
- [Update CreateIssueForm to support Japanese IME](gitlab-org/gitlab@b1a1cf97ed248a5d20e926b7e629aff1ccb489e0) ([merge request](gitlab-org/gitlab!147814)) **GitLab Enterprise Edition**
- [Snippets page: Adjust header elements to match issuables](gitlab-org/gitlab@228280f9ef67c19f739f5113367457c2cfdc6419) ([merge request](gitlab-org/gitlab!147451))
- [Change button text from "Create/add new role" to "Create role"](gitlab-org/gitlab@da8245685deb6715a760d2c7dcc43cb1d123b86e) ([merge request](gitlab-org/gitlab!147507)) **GitLab Enterprise Edition**
- [Collapse sidebar on ESC key if in overlay mode](gitlab-org/gitlab@fdc93c8c76210fb393cd469fbc2223a9f76ca12d) ([merge request](gitlab-org/gitlab!147001))
- [Stop calling the migration's workers and update them to no-op](gitlab-org/gitlab@511b7db63830f0370845f950816c90b6d45d69fe) ([merge request](gitlab-org/gitlab!147228))
- [Unify the more actions kebab menu tooltip behavior](gitlab-org/gitlab@aa4126f55207d6849c97ffce972fd4a7ad840b32) ([merge request](gitlab-org/gitlab!147540))
- [Snippets page: Migrates dropdown to GlDisclosureDropdown](gitlab-org/gitlab@c475073d10e440e33bf4929ec911201eecd4336a) ([merge request](gitlab-org/gitlab!147518))
- [Update dependency auto-deploy-image to v2.88.0](gitlab-org/gitlab@a69a8c5cfba9d2949d266f358a772c008dbf4ec3) ([merge request](gitlab-org/gitlab!147935))
- [Improve UX feedback when project deploy feature flags limit is reached](gitlab-org/gitlab@584c89afc0260ae41f48a6b96f91c7e0931b75af) by @antonkalmykov ([merge request](gitlab-org/gitlab!147446))
- [Add provider selection in product analytics onboarding](gitlab-org/gitlab@1940cd0405f1cb0f9747f3f25c8cfeb1c889dd21) ([merge request](gitlab-org/gitlab!145880)) **GitLab Enterprise Edition**
- [Add descendant filter to security policies graphql query](gitlab-org/gitlab@15ac762e945f3e1488c059eb57302139bba077f0) ([merge request](gitlab-org/gitlab!145825)) **GitLab Enterprise Edition**
- [Clarify supported signed commits types](gitlab-org/gitlab@d9d9f2115fdb93ced6c7713da36cb2c4a11328ab) ([merge request](gitlab-org/gitlab!147556)) **GitLab Enterprise Edition**
- [Edit branch rule name](gitlab-org/gitlab@2ac027412c70a4a76c037c7d06518155a32d5eb3) ([merge request](gitlab-org/gitlab!147308))
- [Improve license matching when evaluating policies](gitlab-org/gitlab@40c4f39deecdb36b7ffa2dd49981b1c10a11b926) ([merge request](gitlab-org/gitlab!147598)) **GitLab Enterprise Edition**
- [Update project and group transfer modal text](gitlab-org/gitlab@c2515558105c95c1220b41a500ec422eb4f8e441) ([merge request](gitlab-org/gitlab!146938))
- [Updated gitlab-ui and refactored duo chat](gitlab-org/gitlab@0e4cea3574e69fe33f2c546d16ad2712666d9006) ([merge request](gitlab-org/gitlab!147802)) **GitLab Enterprise Edition**
- [This MR adds policy scope to a drawer](gitlab-org/gitlab@9ae60e3cf90df6e51e89325d36e6684fcd2428be) ([merge request](gitlab-org/gitlab!145567)) **GitLab Enterprise Edition**
- [Add empty state for discussion in sidebar](gitlab-org/gitlab@5a172ca1a1db009c5d50bc4b3ca8148aca8ee837) ([merge request](gitlab-org/gitlab!147642))
- [Remove namespace alias from DORA performance counts](gitlab-org/gitlab@a6287c22842e298fd8865016112f4e40dbb54c3d) by @jzeng88 ([merge request](gitlab-org/gitlab!147400)) **GitLab Enterprise Edition**
- [Update importers to use application settings to limit number of jobs](gitlab-org/gitlab@3254590fd2105fcd995f0ccb5e0b3e214c9a59c6) ([merge request](gitlab-org/gitlab!143875))
- [Add placeholder and validation for linkedin profile input](gitlab-org/gitlab@0381be4712ae81e508abe78b292c6fc1fabef6b1) ([merge request](gitlab-org/gitlab!147288))
- [Set AddOnPurchase trail value in CreateService](gitlab-org/gitlab@13174ab1ce2ee8a94cee7b3b8cfba5ee0b4ab221) ([merge request](gitlab-org/gitlab!147764)) **GitLab Enterprise Edition**
- [Use static_holmes instead of charlock_holmes](gitlab-org/gitlab@4f5136b7735810d03ce9aa20b5257ccec446808a) ([merge request](gitlab-org/gitlab!147721))
- [Make consistent padding in the package asset table row](gitlab-org/gitlab@925520fe0473c090a78cdc89baee0c41176a62cc) by @antonkalmykov ([merge request](gitlab-org/gitlab!147211))
- [Add groups_direct field in JWT for Vault integration](gitlab-org/gitlab@3b628813eff7ddd1ef085708e2fb63df3536d899) by @alexandru.jieanu ([merge request](gitlab-org/gitlab!146881))
- [Export for the new frameworks report (backend)](gitlab-org/gitlab@3bac11cb79bf24c72b15082fe484a06edc411936) ([merge request](gitlab-org/gitlab!144815)) **GitLab Enterprise Edition**
- [This MR changes key name for license rule](gitlab-org/gitlab@9a8e4548524fe903b5b988e1e0aba048d3a0a535) ([merge request](gitlab-org/gitlab!147184)) **GitLab Enterprise Edition**
- [Well segment: Change border color to default gray-100](gitlab-org/gitlab@8fa2fbf74694b5932162f222cb3409baaf4b4b2c) ([merge request](gitlab-org/gitlab!147674))
- [Reorganization project overview page](gitlab-org/gitlab@f0af2950542c1329cafa13342cf6b86bde3f2d03) ([merge request](gitlab-org/gitlab!145678))
- [Fix formatting of issue summaries](gitlab-org/gitlab@8622a816cd7cfc298cce6e28d79525dbf80de204) ([merge request](gitlab-org/gitlab!147466)) **GitLab Enterprise Edition**
- [Use textarea for collapsed snippet description](gitlab-org/gitlab@e637e32fb073ff0cd16a7f4f6d472ffa02415845) ([merge request](gitlab-org/gitlab!147585))
- [Disable file path input until project is selected](gitlab-org/gitlab@8fe848cbafaf0b786efffa28a2b4c5814fdcf652) ([merge request](gitlab-org/gitlab!147307))
- [Fix and refactor snippets list view](gitlab-org/gitlab@ee9bb496ca85487ded7e6599c608bc596cc39b1b) ([merge request](gitlab-org/gitlab!147580))
- [Update markdown styles for quoted lists](gitlab-org/gitlab@58ad2dbb905877f7d1934798c6e630c50722ef6f) ([merge request](gitlab-org/gitlab!147646))
- [Upgrade Elasticsearch version to 8.11.4](gitlab-org/gitlab@04103822e6731f1f69d806f5e0378425472b3231) ([merge request](gitlab-org/gitlab!147527))
- [Hide invited group name and source from project/group non-admins](gitlab-org/gitlab@a984f85ae821842538743d453fd3c26c79b2a636) ([merge request](gitlab-org/gitlab!147629))
- [Show Duo Pro button for ultimate trial](gitlab-org/gitlab@1a126e4bbf21e6056919d0d9e35302971025e22d) ([merge request](gitlab-org/gitlab!147548)) **GitLab Enterprise Edition**
- [Remove claude 2.1 feature flag](gitlab-org/gitlab@04c4cec133da5f095ddccc6b80304f01fd55bc58) ([merge request](gitlab-org/gitlab!147253))
- [Delete redundant policy configurations on assignment](gitlab-org/gitlab@bd8219a5ff8924b192e830bd0d9b0828f16d749c) ([merge request](gitlab-org/gitlab!143668)) **GitLab Enterprise Edition**
- [Add $gl-padding margin bottom to <summary> in open <details>](gitlab-org/gitlab@32c118ce721f62f18cafea19fa615e1e3cb51dbd) ([merge request](gitlab-org/gitlab!147492))
- [Remove CI_COMPONENT_FQDN variable](gitlab-org/gitlab@c5497cf4aa3287d5cd2d817db2e8b09e07f03c0c) ([merge request](gitlab-org/gitlab!146797))
- [Updates model registry table docs with correct schema](gitlab-org/gitlab@aa3c9018fb4dbd623fc8cdbcb55a5a791d45d250) ([merge request](gitlab-org/gitlab!146898))
- [Migrate button-class-vue in todo.vue](gitlab-org/gitlab@69ef496e2898633f7884b94f160f5553450bd3e1) ([merge request](gitlab-org/gitlab!147203))
- [Cleanup snippets edit page](gitlab-org/gitlab@fe21c3ef651f3d5d508d1d179ed2f1a02d5997c9) ([merge request](gitlab-org/gitlab!147442))
- [Update deprecation milestone for job token setting](gitlab-org/gitlab@6097ab4273c38d2b7625e79107940e282108c90c) ([merge request](gitlab-org/gitlab!147320))
- [Change username validation message](gitlab-org/gitlab@cbafeab9d89686143a214b0f632b322eb0274ae6) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147213)) **GitLab Enterprise Edition**
- [Backport Work Item copy changes to legacy issuables](gitlab-org/gitlab@ca1533961fe1ff8a841ebb1e36f4ea3b6638b079) ([merge request](gitlab-org/gitlab!147369))
- [Updating tab title](gitlab-org/gitlab@f1d14b00ecadcc50cadb3024ff9640d5d21a7af9) ([merge request](gitlab-org/gitlab!147094))
- [Display project and subgroup counters when deleting group](gitlab-org/gitlab@1b001708ad7aacdee9c7f537ceacf314ed7c315d) ([merge request](gitlab-org/gitlab!145838))
- [Issuables: Mark destructive action (delete) as such](gitlab-org/gitlab@8f64896cfa3c2b55442762864d90b9cf56111b8a) ([merge request](gitlab-org/gitlab!147441))
- [Migrates user access badge to use GlBadge](gitlab-org/gitlab@0afdd01a0e777d74960ca04349bf1ba01ce0c03b) ([merge request](gitlab-org/gitlab!147437))
- - [Add logging for JWT errors](gitlab-org/gitlab@bbad75c4d5811a645fca9a71b70b637820da729b) ([merge request](gitlab-org/gitlab!147234))
- [Add thread count and remove participants from sidebar](gitlab-org/gitlab@80ea76d941891c82d7239ed2996f7d2db9aff364) ([merge request](gitlab-org/gitlab!146037))
- [User profile: Hide sidebar if user is blocked](gitlab-org/gitlab@366b3ce92586831e4ea910ac960332c4ae403649) ([merge request](gitlab-org/gitlab!147354))
- [Improved CI YAML schema tests](gitlab-org/gitlab@097f279544068ada7441e865b1f5819ff1b97b8e) by @zillemarco ([merge request](gitlab-org/gitlab!139716))
- [Fix runner form headings to match Pajamas](gitlab-org/gitlab@be576ce1ed8e7b68eff6563d1571bd8c29957b36) ([merge request](gitlab-org/gitlab!146383))
- [Display created and finshed pipeline times](gitlab-org/gitlab@d0c74ae64c7a80223183186099ec6efd6a2fbb21) ([merge request](gitlab-org/gitlab!147060))
- [Use standardized panel errors for Value stream dashboard](gitlab-org/gitlab@86a9a9194dd2a61263440f31441c177ad3e3990a) ([merge request](gitlab-org/gitlab!147287)) **GitLab Enterprise Edition**
- [Add tooltip to snippet visibility icon](gitlab-org/gitlab@442bba2c81e87e6126a1fd74133194494a4dbfa4) ([merge request](gitlab-org/gitlab!147295))
- [Migrates code dropdown to Vue](gitlab-org/gitlab@60a1a8f38183f774e12fbc7d3a265bae05a6e62f) ([merge request](gitlab-org/gitlab!146633))
- [Cleaned up code_suggestions_ga_owner_alert feature flag](gitlab-org/gitlab@032cc3a042653d306ab8636d5dea204145073e43) ([merge request](gitlab-org/gitlab!146322)) **GitLab Enterprise Edition**
- [Improve loading states of sidebar items](gitlab-org/gitlab@beef7d7944736f4401c48eea519c27c5cae137e8) ([merge request](gitlab-org/gitlab!147330))
- [Log if pipeline creation limit might be exceeded](gitlab-org/gitlab@c1e13cf9138c4dc3ecd117739bedf1f6cda00385) ([merge request](gitlab-org/gitlab!147306))
- [Show deployment count](gitlab-org/gitlab@a5ca23c5cf5b6d515865c1c5051d3cf92b49dfcb) ([merge request](gitlab-org/gitlab!147280))
- [Refactor enterprise_user trait into factory](gitlab-org/gitlab@a18dd07b682299c653d63f44d30cc238441974f0) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145626)) **GitLab Enterprise Edition**
- [Update dependency auto-deploy-image to v2.87.0](gitlab-org/gitlab@aa08f973bcfcaa3f61cc0aa632d3698c0a8f3751) ([merge request](gitlab-org/gitlab!147272))
- [Change username text color to use same across UI](gitlab-org/gitlab@18f99db2f182da23df0e4c31903159eb14e1db7c) ([merge request](gitlab-org/gitlab!147260))
- [Remove feature flag fetch_tags_from_registry_api](gitlab-org/gitlab@0e2677a0f6be7b37324b4db1a6fdcc39bd8eb1da) ([merge request](gitlab-org/gitlab!147233))
- [Remove api: API::Internal::ContainerRegistry::Migration](gitlab-org/gitlab@00886957027172084f211dff4d6a18ab0271b68e) ([merge request](gitlab-org/gitlab!147229))
- [Do not expand CI predefined `TRIGGER_PAYLOAD` variable](gitlab-org/gitlab@e91bece35975a4f2e5e0da30eec651a125d76da6) by @vytautasbert ([merge request](gitlab-org/gitlab!146242))
- [Block compliance fraework removal when there are linked policies](gitlab-org/gitlab@e417b94198995f065763e1d80e7d62da381417db) ([merge request](gitlab-org/gitlab!147041)) **GitLab Enterprise Edition**
- [Raise atom feed title length limit to 160 characters](gitlab-org/gitlab@fbddd8ad18df8794627ebb20279ac3315bbc5f72) by @kxxt ([merge request](gitlab-org/gitlab!145730))
- [Fix pagination issue on adherences report](gitlab-org/gitlab@7d8bf7fe05c5bf658ada58ff15408396db3dd653) ([merge request](gitlab-org/gitlab!147022)) **GitLab Enterprise Edition**
- [Trim further file content for code suggestions](gitlab-org/gitlab@abbfb78f8ec921a4cde20340e79d03da1e1cbe17) ([merge request](gitlab-org/gitlab!146977)) **GitLab Enterprise Edition**
- [Update milestone icon](gitlab-org/gitlab@0ef8adbdf7769f36c4747a3d3e9069a001bd14ff) ([merge request](gitlab-org/gitlab!146828)) **GitLab Enterprise Edition**
- [Reject project CI jobs on reserved policy stages](gitlab-org/gitlab@82a6d2066bbc73c5ee41be5ca630bd4101ec0ed4) ([merge request](gitlab-org/gitlab!146307)) **GitLab Enterprise Edition**
Deprecated (1 change):
- [Deprecate GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN](gitlab-org/gitlab@b35c2cc49458a06c641f150802faa3604ae98cc4) ([merge request](gitlab-org/gitlab!148310))
Removed (19 changes):
- Remove about section](gitlab-org/gitlab@62fbee1ba9a04453909b25e24f4f7e5db0694d74) ([merge request](gitlab-org/gitlab!147948))
- [Remove CH analytics related feature flags](gitlab-org/gitlab@7f85033ebb8d6b46203a94626e2cab7cc145824e) ([merge request](gitlab-org/gitlab!148651)) **GitLab Enterprise Edition**
- [Remove modify_auto_fix_setting](gitlab-org/gitlab@67de5f0af68d99b3104e25004b9bb2930a89dc55) ([merge request](gitlab-org/gitlab!149286))
- [Remove beta badge](gitlab-org/gitlab@5cab24cfce096bb3203a8ffa1285ff11582fa353) ([merge request](gitlab-org/gitlab!149018))
- [Clean up default_to_import_tab experiment](gitlab-org/gitlab@163a262210660a0ce2328f9976e20ca46ebce1f7) ([merge request](gitlab-org/gitlab!149130))
- [Remove ff and policy information related to](gitlab-org/gitlab@00a8ca95ce9890bd44a2e077728f83550e5bc805) ([merge request](gitlab-org/gitlab!147202))
- [Remove the backend changes for automatic diff summary](gitlab-org/gitlab@397e3d8c6e6177b10b62d5507177ac2edb8e0155) ([merge request](gitlab-org/gitlab!148122))
- [Remove ignore column rule from GeoNodeStatus](gitlab-org/gitlab@9bc24bb9d4a09ff63bc9d31af8a353f93b87d1b2) ([merge request](gitlab-org/gitlab!148335)) **GitLab Enterprise Edition**
- [Remove runner registration compatibility alert](gitlab-org/gitlab@5213b04f44787bf348ed19e94ef2f38b50eb7785) ([merge request](gitlab-org/gitlab!148152))
- [refactor: Drop col 'package_name_pattern_ilike_query' Part 3](gitlab-org/gitlab@afc688f79144701a6f0c215c2f96fbd850f7aefc) by @gerardo-navarro ([merge request](gitlab-org/gitlab!142305))
- [Remove CI text interpolation code](gitlab-org/gitlab@96f86196a6571c751433fd7eda099446ce9a4ece) ([merge request](gitlab-org/gitlab!147803))
- [Clean up auto_fix related action and services](gitlab-org/gitlab@b8898d459cec9ae3122e698d446738b7f44ed200) ([merge request](gitlab-org/gitlab!147161)) **GitLab Enterprise Edition**
- [Remove final mentions of Ai::SyncServiceTokenWorker](gitlab-org/gitlab@f0a6080f0dd86678283a0e15c24bc6c2f24d44c7) ([merge request](gitlab-org/gitlab!147452)) **GitLab Enterprise Edition**
- [Remove github_import_extended_events feature flag](gitlab-org/gitlab@6052e8d7e8973b20a27a3575f732b4f04d02628a) ([merge request](gitlab-org/gitlab!146695))
- [CI/CD Catalog experiment badge](gitlab-org/gitlab@e249ed0e906fdc5d029a1db6b0ef38ca5baa8e1b) ([merge request](gitlab-org/gitlab!147630))
- [Remove CH materialized view rebuilding FFs](gitlab-org/gitlab@e593b34b6a5aa9e00be73d40cffd42cdb257dda7) ([merge request](gitlab-org/gitlab!146592))
- [Remove latest_version from Ci::Catalog::ResourceType](gitlab-org/gitlab@917b922b5f351a748e72fb00a49b6cf2d84b71c0) ([merge request](gitlab-org/gitlab!146913))
- [Remove frontend code for security_auto_fix with](gitlab-org/gitlab@f4d3dd1222a472ae144a87eed37462d1284de5bb) ([merge request](gitlab-org/gitlab!147078)) **GitLab Enterprise Edition**
- [Remove ignore column](gitlab-org/gitlab@fe8ca866391350852803c8b6670a9c0de18cd09f) by @imskr ([merge request](gitlab-org/gitlab!147250))
Security (7 changes):
- [Fix stored xss using the gollum filter](gitlab-org/gitlab@8240472c85efd51938ad064ab5cc4a39e374d0c8) ([merge request](gitlab-org/gitlab!149158))
- [Update Gitlab::Regex::Packages#slack_link_regex](gitlab-org/gitlab@ea5f384a4e51d16b1fe00ba9233abc09fb2b92d6) ([merge request](gitlab-org/gitlab!149158))
- [Fix XSS in autocomplete in rich text editor](gitlab-org/gitlab@d3ca8e6cc9cc98a48d53d7f968cd922ded0d74f8) ([merge request](gitlab-org/gitlab!149158))
- [Correctly parse attachments for junit result](gitlab-org/gitlab@9a0357ac244a3c7282d73864d5792d1aff3f48dd) ([merge request](gitlab-org/gitlab!149158))
- [Fix stored xss in wikis using the abstract_reference_filter](gitlab-org/gitlab@4ba8bee6bb39fb830c592c57d5d4595411c8a9ad)
- [Limit the number of emojis we will transform](gitlab-org/gitlab@ce5a24e34504c1f4b4408c83ebb801a055809bea)
- [Remove `unsafe-inline` from CSP](gitlab-org/gitlab@a7a302b7484d972fa85e2003a799349c541077b4) ([merge request](gitlab-org/gitlab!147268))
Performance (8 changes):
- [Preload `vulnerability_reads` for vulnerability records](gitlab-org/gitlab@a36e652efbb76203555cc3b5afd72d225eb5b047) ([merge request](gitlab-org/gitlab!149304)) **GitLab Enterprise Edition**
- [Preload releases for Tags API](gitlab-org/gitlab@5a78293c8227686315b62b1f429f7b6669b9f24f) ([merge request](gitlab-org/gitlab!140484))
- [Added index for member_approval on member_namespace_id and status](gitlab-org/gitlab@7377e5a0e2dac6b06feddd21bafa197a22cdd182) ([merge request](gitlab-org/gitlab!149044))
- [Release skipping copy operation in generic packages upload](gitlab-org/gitlab@3e0dd0a3cafab219b5e7aa2d23995433db470fe3) ([merge request](gitlab-org/gitlab!148947))
- [Enable and remove the FF ci_rule_exists_extension_optimization](gitlab-org/gitlab@ccdac7fcf341030e2d3cdeaa2aad1c54cd2fb2c7) ([merge request](gitlab-org/gitlab!148682))
- [Avoid duplicated keys in ProtectedBranches cache](gitlab-org/gitlab@75183a5901df5b550879a78ba04a15470f1c01a7) ([merge request](gitlab-org/gitlab!148172))
- [Use replica DB to read ContainerRepository requiring_cleanup ids](gitlab-org/gitlab@5b757f6da9638f94570c8a5f4ef464f329d1637f) ([merge request](gitlab-org/gitlab!147074))
- [Optimize performance of ambiguous ref detection](gitlab-org/gitlab@e38ec0f827400093797c9608d2d9a86931c4c531) ([merge request](gitlab-org/gitlab!147557))
Other (113 changes):
- [Removed Tanukibot from Translations](gitlab-org/gitlab@a2c915e9cc23c1767618404fc13c4f01ce75ceb3) by @NIKU-SINGH ([merge request](gitlab-org/gitlab!149328)) **GitLab Enterprise Edition**
- [Drop a partial index we no longer need](gitlab-org/gitlab@ce5d50df74794888b895388028da95c07f0b135f) ([merge request](gitlab-org/gitlab!149218))
- [Add relaxed sharding keys for groups_and_projects](gitlab-org/gitlab@7d37ac964b121056ef24c01cf03b9f89fcd2e9ae) ([merge request](gitlab-org/gitlab!149299))
- [Update artifact_state to include partition_id filter for job_artifacts](gitlab-org/gitlab@d370ffc255670587ba9091ba9bfc4841d5cdfc80) ([merge request](gitlab-org/gitlab!146305))
- [Remove identity_verification feature flag](gitlab-org/gitlab@be6f616110a4a36515ade286d91abe773a6d1902) ([merge request](gitlab-org/gitlab!148888))
- [Enable save_policy_violation_data by default](gitlab-org/gitlab@557fffb41124987e98cc62c1eb572235ba4d050c) ([merge request](gitlab-org/gitlab!149388)) **GitLab Enterprise Edition**
- [Add relaxed sharding keys for source_code_management](gitlab-org/gitlab@7e8e7d61321969a5c5f14cbd6eb921bcff8099dd) ([merge request](gitlab-org/gitlab!148951))
- [Add relaxed sharding keys for continuous_delivery](gitlab-org/gitlab@d087a3dfd833081f3270473cd4584912ea70fbea) ([merge request](gitlab-org/gitlab!149294))
- [Add Sidekiq shard-support for active jobs](gitlab-org/gitlab@cf10df05928636cca210560cafeb34428fb24348) ([merge request](gitlab-org/gitlab!148637))
- [Update status of namespace in URL path to Beta from Experiment](gitlab-org/gitlab@0f30d0144634ee1a65435d1d697340c1fbc0ee8b) ([merge request](gitlab-org/gitlab!148621))
- [Add relaxed sharding keys for vulnerability_management](gitlab-org/gitlab@7324229b273d51b04e2da297247fb4d38aa58b1e) ([merge request](gitlab-org/gitlab!149297))
- [Add relaxed sharding keys for devops_reports](gitlab-org/gitlab@cc6cb9bd1b9b2ff48cdababaa5d9b6ae6d781e5d) ([merge request](gitlab-org/gitlab!149298))
- [Add relaxed sharding keys for importers](gitlab-org/gitlab@cd15a5948cf911d3bcfa2c45cffc515f8a774546) ([merge request](gitlab-org/gitlab!149295))
- [Quarantine a flaky test](gitlab-org/gitlab@8577724795dad8de0558c351c0f45718f2dfab18) ([merge request](gitlab-org/gitlab!149287))
- [Quarantine a flaky test](gitlab-org/gitlab@5136480176a92b5afc9e88d26fad2cbd91651120) ([merge request](gitlab-org/gitlab!149292))
- [Support classic tokens only](gitlab-org/gitlab@795bd63fa964fc8a1e5fbea8e750a089689ff2b5) ([merge request](gitlab-org/gitlab!148398))
- [Adjust UI to new designs](gitlab-org/gitlab@99ca6307e61a75506a55b22bebea2400695614bc) ([merge request](gitlab-org/gitlab!148696))
- [Revert 'ci-rules-exists-add-paths-project-ref'](gitlab-org/gitlab@89133ab27ace8fdc455833baee5b94de72af89f0) ([merge request](gitlab-org/gitlab!149266))
- [Return all visible groups for the Organization.groups GraphQL query](gitlab-org/gitlab@f579c7fcd8eb13002dd5bba358dce02c0e0d87a1) ([merge request](gitlab-org/gitlab!146600))
- [Globally enabled the Duo Chat callout](gitlab-org/gitlab@645c1f1637c4ad230d849cac5b94850af1b1f68d) ([merge request](gitlab-org/gitlab!149059)) **GitLab Enterprise Edition**
- [Remove feature flags related to FF merge trains](gitlab-org/gitlab@4c024b8c82abad6925577e14137ae728f151cbba) ([merge request](gitlab-org/gitlab!148964))
- [Remove sbom_occurrences_vulnerabilities feature flag](gitlab-org/gitlab@29145495ac2a7262425944cfa657835bd3216cbd) ([merge request](gitlab-org/gitlab!148998)) **GitLab Enterprise Edition**
- [Remove the FF ci_parallel_remote_includes](gitlab-org/gitlab@3a2c20f792893ac9fa3a6537083026187e488f24) ([merge request](gitlab-org/gitlab!149134))
- [Protected packages: Use namespace for external string](gitlab-org/gitlab@bf7fbf998ab2ec2edb6dea7e02f8d0108f320c6e) by @gerardo-navarro ([merge request](gitlab-org/gitlab!149113))
- [Protected packages + containers: Adjust style and wording in settings UI](gitlab-org/gitlab@b7cb3e617114b9cc7535d3e552bad150bd446d84) by @gerardo-navarro ([merge request](gitlab-org/gitlab!148704))
- [Quarantine a flaky test](gitlab-org/gitlab@20de72ec85589163c98b843003b9ffda698574a2) ([merge request](gitlab-org/gitlab!149078))
- [Quarantine a flaky test](gitlab-org/gitlab@848d093630c75c294736e364c1d1ce2595ff5342) ([merge request](gitlab-org/gitlab!149064))
- [Quarantine a flaky test](gitlab-org/gitlab@56c4817c4b1a22c24b36f8519e6d69b6186dc27f) ([merge request](gitlab-org/gitlab!149075))
- [Quarantine a flaky test](gitlab-org/gitlab@6907a2cefc9e54be0721f6c7c493d090de827d7e) ([merge request](gitlab-org/gitlab!149065))
- [Quarantine a flaky test](gitlab-org/gitlab@c3bba73c876e2f91efd0f182af9ab295597506b4) ([merge request](gitlab-org/gitlab!149074))
- [Quarantine a flaky test](gitlab-org/gitlab@eb62b4a7d6caa65593dd13a47815e945c6c293f5) ([merge request](gitlab-org/gitlab!149072))
- [Quarantine a flaky test](gitlab-org/gitlab@47f8bc50e897cdf9bdfa2c95ade96282eae72c5d) ([merge request](gitlab-org/gitlab!149071))
- [Add and backfill project_id for deployment_approvals](gitlab-org/gitlab@c2e7da79997c9367ec37e6beda269ced8b533498) ([merge request](gitlab-org/gitlab!149031))
- [Drop an unnecessary index on merge_requests](gitlab-org/gitlab@cc96c157f239907b0103c55898578f400c7790a3) ([merge request](gitlab-org/gitlab!148490))
- [Clean up dora_performers_score_panel feature flag](gitlab-org/gitlab@b37063a371e3348712fdd6818a30d74c78df6c72) ([merge request](gitlab-org/gitlab!148973)) **GitLab Enterprise Edition**
- [Add relaxed sharding keys for system_access](gitlab-org/gitlab@44c0956d60b63ab5e0775a900eb6476e2f18aecf) ([merge request](gitlab-org/gitlab!148949))
- [Add a migration to backfill zoekt_settings in application_settings](gitlab-org/gitlab@100e7f8746da72119163a57a195ca56d160f3905) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/148014)) **GitLab Enterprise Edition**
- [Add relaxed sharding keys for pipeline_composition](gitlab-org/gitlab@6dafca0da880249bba35e5f6c75ddbc8b8263bde) ([merge request](gitlab-org/gitlab!148948))
- [Add sharding keys for continuous_delivery](gitlab-org/gitlab@fe492cd4c24684a5d190639526c1f282c9cd6b7c) ([merge request](gitlab-org/gitlab!142493))
- [Add closes_work_item column to merge_requests_closing_issues](gitlab-org/gitlab@39fd40250ec4d7100df419293b15a5e46191ae79) ([merge request](gitlab-org/gitlab!148763))
- [Remove FF search_add_archived_filter_to_zoekt](gitlab-org/gitlab@ce8c1e208f45cbe24595f151fd8c1d257f0310c9) ([merge request](gitlab-org/gitlab!148551)) **GitLab Enterprise Edition**
- [Fix Style/KeywordParametersOrder offenses](gitlab-org/gitlab@79b0fd0a7f4eabdebe91da01fa356af1cdc71119) by @harryminsky ([merge request](gitlab-org/gitlab!148567)) **GitLab Enterprise Edition**
- [Fix Lint/RedundantDirGlobSort offenses](gitlab-org/gitlab@2b1829232ccfb3101b8681bc545b5ba14ba58f58) ([merge request](gitlab-org/gitlab!148582))
- [Quarantine a flaky test](gitlab-org/gitlab@783ea4eaefe32a6fecfdda723c1b996c8c100c17) ([merge request](gitlab-org/gitlab!148856))
- [Add relaxed sharding keys for release_orchestration](gitlab-org/gitlab@2274785bd784dfb4fda398d5b906be82a81678db) ([merge request](gitlab-org/gitlab!148836))
- [Add relaxed sharding keys for continuous_integration](gitlab-org/gitlab@2af79b9748da46d525b6b7e1531d1a7d58fd3a29) ([merge request](gitlab-org/gitlab!148835))
- [Explicitly pass organization when a user namespace is created](gitlab-org/gitlab@f3d0799e44b372dbb63954212343acf7345189d9) ([merge request](gitlab-org/gitlab!148818))
- [Remove collapse_generated_diff_files FF](gitlab-org/gitlab@58a9c214ba078bce15bd6fcf420bbebd08c36899) ([merge request](gitlab-org/gitlab!148478))
- [Remove search_index_all_projects FF](gitlab-org/gitlab@d50f4f1ca6f352b367a20696f7264bf8a1302ceb) ([merge request](gitlab-org/gitlab!148111)) **GitLab Enterprise Edition**
- [Remove a partial index with locked_state on merge_requests](gitlab-org/gitlab@c4f4e335df8228984b785ac456f58bb9178df0db) ([merge request](gitlab-org/gitlab!148646))
- [Remove usages of FullPath and SetFullPath RPCs](gitlab-org/gitlab@32393507bd640aec2b5078ee7e76f45244689b3c) ([merge request](gitlab-org/gitlab!147651))
- [Move ref validation to services](gitlab-org/gitlab@147d4fd4def3b5f591178b1c171910079b09f17e) ([merge request](gitlab-org/gitlab!146764))
- [Add development widget to work item types](gitlab-org/gitlab@7c2ea75132f59b0fb5599cf1011f608674b3c32a) ([merge request](gitlab-org/gitlab!148119))
- [Create events definitions and reference them on UI elements](gitlab-org/gitlab@be2fa80363a086d046b3f03b326b5351620cad63) ([merge request](gitlab-org/gitlab!147673))
- [Refactor LfsStorageController#upload_finalize into service](gitlab-org/gitlab@5bd8976a7d7e5f5153c92c10a1a238de74435c7c) by @missy-davies ([merge request](gitlab-org/gitlab!139729))
- [Add relaxed sharding keys for team_planning](gitlab-org/gitlab@950f0665725a64db412262b59900fbd6de058a1e) ([merge request](gitlab-org/gitlab!148672))
- [Enforce not-null constraint vs_code_settings version](gitlab-org/gitlab@d73d7b283386ed5a9ba291b2b3f49d0661e66a90) ([merge request](gitlab-org/gitlab!148648))
- [Migrate inputs to spec on CI components table](gitlab-org/gitlab@9ff7f0872dbd089f16e89fc1bcb151021466e4ee) ([merge request](gitlab-org/gitlab!148547))
- [Remove "fetch_commits_for_bitbucket_server" feature flag](gitlab-org/gitlab@c971bda0141b79005afe97e89a1f8081e54e2416) ([merge request](gitlab-org/gitlab!148657))
- [Remove security_policies_policy_scope feature flag](gitlab-org/gitlab@ccdd99f9601cba26f0d3775bfda3c5067f59cf46) ([merge request](gitlab-org/gitlab!147386)) **GitLab Enterprise Edition**
- [Move right side panel into its own component](gitlab-org/gitlab@e9c465a377e4c9d13ed8dcad0b25b05d4c21f4d0) by @espadav8 ([merge request](gitlab-org/gitlab!148461))
- [Remove use_registration_type_db_value feature flag](gitlab-org/gitlab@a1e3f2bff8b28359cbc714eb3803e6d7a22de95f) ([merge request](gitlab-org/gitlab!148595)) **GitLab Enterprise Edition**
- [Add next desired sharding keys for code_review_workflow](gitlab-org/gitlab@e7a83dda1616fbd0dae531f7cd25c425b3319f48) ([merge request](gitlab-org/gitlab!148532))
- [Add next desired sharding keys for incident_management](gitlab-org/gitlab@d981c6f7d9ac6d13ba0807e116855887ccae9382) ([merge request](gitlab-org/gitlab!148531))
- [Add next desired sharding keys for portfolio_management](gitlab-org/gitlab@460a1b05e7bc6ea480499133dbbdb15361d8a23f) ([merge request](gitlab-org/gitlab!148529))
- [Finalize backfill vs_code_settings table migration](gitlab-org/gitlab@d105097d252eb65e2c7609808df660b4dbb925f1) ([merge request](gitlab-org/gitlab!148367))
- [Remove arkose_labs_signup_challenge feature flag](gitlab-org/gitlab@4276f0048ac1d060e1d8536eddf45c2cc5f2ca98) ([merge request](gitlab-org/gitlab!147767))
- [Protected containers: Resolve duplicate test assertions](gitlab-org/gitlab@9cc4b1b0ce27055df79ef4731a2072f40233ed95) by @gerardo-navarro ([merge request](gitlab-org/gitlab!148252))
- [Add desired sharding keys for geo_replication](gitlab-org/gitlab@fa96b612b05f861721c277c887e9885f5504a1c3) ([merge request](gitlab-org/gitlab!148061))
- [Remove `group_analytics_dashboards` feature flag](gitlab-org/gitlab@9c38ad6deef6d8123896eadfaa1aa702fa6196a6) ([merge request](gitlab-org/gitlab!147013)) **GitLab Enterprise Edition**
- [Add storage_shard label by decomposing instrumentation class name](gitlab-org/gitlab@f698dae407cebe4e12a62dca39028279ebe98897) ([merge request](gitlab-org/gitlab!147746))
- [Remove feature flag use_partition_id_filter_on_ci_job_artifacts](gitlab-org/gitlab@a58b1c3ad28329bc40f1df414356f511c676abd2) ([merge request](gitlab-org/gitlab!148029))
- [Finalize migration BackfillDefaultOrganizationUsers](gitlab-org/gitlab@295e8510ca9389c3156b54ba18d08d802d1c3a0b) ([merge request](gitlab-org/gitlab!147516))
- [Protected containers: Adjust error message in docker client](gitlab-org/gitlab@13417ca9003d59e0536e2ad166029b4a9ed0d731) by @gerardo-navarro ([merge request](gitlab-org/gitlab!148087))
- [Add desired sharding keys for audit_events](gitlab-org/gitlab@547eb9efc2f01024ffdc35535c710bad8018ecce) ([merge request](gitlab-org/gitlab!148067))
- [Add desired sharding keys for package_registry](gitlab-org/gitlab@ed4cebb62545b275b0bb1823ff96618c134579b7) ([merge request](gitlab-org/gitlab!148065))
- [Add desired sharding keys for team_planning](gitlab-org/gitlab@8be2b931e341e36db286aef9a9a5fade4b54f204) ([merge request](gitlab-org/gitlab!148063))
- [Add desired sharding keys for portfolio_management](gitlab-org/gitlab@4a121810e6d3f98175d7e85c7328e89f7fd775ec) ([merge request](gitlab-org/gitlab!148060))
- [Add desired sharding keys for incident_management](gitlab-org/gitlab@7ea185c0efb61a38cfb6e821e3e8219af2ece4c1) ([merge request](gitlab-org/gitlab!148043))
- [Add desired sharding keys for service_desk](gitlab-org/gitlab@464b55c52ee5afd640d1d2524d1655e2e69247c0) ([merge request](gitlab-org/gitlab!148041))
- Add desired sharding keys for error_tracking](gitlab-org/gitlab@dabaf4a1de77a57f791bddb5f7770e5262073a67) ([merge request](gitlab-org/gitlab!148038))
- [Add desired sharding keys for metrics](gitlab-org/gitlab@8e885408fcb425c643961244624ee41cc38d2a54) ([merge request](gitlab-org/gitlab!148035))
- [Update schema for clusterwide tables in web_ide](gitlab-org/gitlab@cfd0ed92e464eb15bf047db4b697558f133a94a2) ([merge request](gitlab-org/gitlab!147982))
- [Update schema for clusterwide tables in team_planning](gitlab-org/gitlab@52e858a8f4c94b26e724854b61fa2fb5259d81df) ([merge request](gitlab-org/gitlab!147981))
- [Update schema for clusterwide tables in importers](gitlab-org/gitlab@c4fdf02c1044f544504563674a2ee7c2bb6c6e54) ([merge request](gitlab-org/gitlab!147980))
- [Update schema for clusterwide tables in system_access](gitlab-org/gitlab@883691365e1b424f33b10091f572551837153d50) ([merge request](gitlab-org/gitlab!147979))
- [Update schema for clusterwide tables in user_profile](gitlab-org/gitlab@22bbf1c56bdf44f55adfa6f3d9f426eb098b3aee) ([merge request](gitlab-org/gitlab!147978))
- [Update schema for clusterwide tables in deployment_management](gitlab-org/gitlab@b0854c4e78023392c85ac0a39b1912307783030a) ([merge request](gitlab-org/gitlab!147972))
- [Use PipelineTriggers::DestroyService across endpoints](gitlab-org/gitlab@85bded241311852974738edb35559141009c92a9) by @missy-davies ([merge request](gitlab-org/gitlab!136163))
- [Add missing attributes in the search/count endpoint](gitlab-org/gitlab@f93369b84e4dd53e1d084d322a5e534c899fd38b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147796))
- [Update artifacts queries to use partition_id filter](gitlab-org/gitlab@bf891b816aacf233a9280ebd2b4928391131eafe) ([merge request](gitlab-org/gitlab!147126))
- [Adds sharding_key to internal_ids](gitlab-org/gitlab@9f9e531d020e8f89afc5c85dd1030f6b9f10db5c) ([merge request](gitlab-org/gitlab!147705))
- [Add sharding keys for error_tracking](gitlab-org/gitlab@54ec24bb31ae92b19a8237d8aedd275bbd43870c) ([merge request](gitlab-org/gitlab!147788))
- [Add sharding keys for metrics](gitlab-org/gitlab@a50560611537ba8df6d3758cdc727eea59151733) ([merge request](gitlab-org/gitlab!147787))
- [Add sharding keys for navigation](gitlab-org/gitlab@9c99f8829d400e748a409e679194222c8c8f36f9) ([merge request](gitlab-org/gitlab!147784))
- [Add sharding keys for service_desk](gitlab-org/gitlab@5f7162a6fbf5cd4172e54f1c54b333a58e70ab67) ([merge request](gitlab-org/gitlab!147783))
- [Add sharding keys for incident_management](gitlab-org/gitlab@3ae59207a80b6e46b8c6232d3513d8ece0aaff07) ([merge request](gitlab-org/gitlab!147779))
- [Remove epic_events_on_contributions_calendar feature flag](gitlab-org/gitlab@3f985a78b205ffb208ea5a1dc0e38c8a9f06e084) ([merge request](gitlab-org/gitlab!147760))
- [Use partitioned foreign key between ci_builds and ci_stages](gitlab-org/gitlab@6a18d4996153cecada618bfd35c36a9eea070b72) ([merge request](gitlab-org/gitlab!147648))
- [Use routing tables for ci_job_artifacts and ci_stages ](gitlab-org/gitlab@001e895189c01640f729f104430596055cfbb919) ([merge request](gitlab-org/gitlab!147438))
- [Add relation import tracker and table](gitlab-org/gitlab@6591d0b946a8dcc069b3c8250291aec1e235732a) ([merge request](gitlab-org/gitlab!146778))
- [Show alert to explain where code suggestions moved](gitlab-org/gitlab@d293a5a61db21f431772a12d99b786afd0fcbad3) ([merge request](gitlab-org/gitlab!144807)) **GitLab Enterprise Edition**
- [Adding p_ci_build_names table and model](gitlab-org/gitlab@af1699a0822078be97696954a5df78127a9f79e6) ([merge request](gitlab-org/gitlab!146555))
- [Refactor push_rules_helpers_spec.rb to improve tests speed](gitlab-org/gitlab@baa2641e1d44660613148e85216d6ce5d9ebe779) ([merge request](gitlab-org/gitlab!147571)) **GitLab Enterprise Edition**
- [Update indentation on yaml docs](gitlab-org/gitlab@d0f731e72094927a87411b152486e69f55700bcd) ([merge request](gitlab-org/gitlab!147564))
- [Adjust naming in admin network settings](gitlab-org/gitlab@39219aedd2a6c92964d9949ffed00060721c5c18) by @gerardo-navarro ([merge request](gitlab-org/gitlab!147536))
- [refactor: Add feature category for rack attack tests](gitlab-org/gitlab@adf26bc8186ac36c44c5044bdcdd5cd59212c5cd) by @gerardo-navarro ([merge request](gitlab-org/gitlab!147530))
- [Finalize migration BackfillDefaultOrganizationOwnersAgain](gitlab-org/gitlab@918153f76698b529d56f79f6768333189b2013d2) ([merge request](gitlab-org/gitlab!147514))
- [Remove "external_pipeline_validation_service_url" feature flag](gitlab-org/gitlab@95259cdfe652b81023988a868827c7d21faa9cd3) ([merge request](gitlab-org/gitlab!147407))
- [Port the project admin button to Vue](gitlab-org/gitlab@62bdb1e1a41db8e3161146f43724e43743e5e150) by @espadav8 ([merge request](gitlab-org/gitlab!144736))
- [Drop promote_ultimate_features_at column](gitlab-org/gitlab@b5dbcc83686be21fbf90d176bfd07707f21d1518) ([merge request](gitlab-org/gitlab!145706))
- [Finalize the backfill migration for onboarding status step url](gitlab-org/gitlab@f986c1b1cf00968ff106136893bfe68d47895c69) ([merge request](gitlab-org/gitlab!147278))
- [Remove ClusterRepositoryCache migration helper class](gitlab-org/gitlab@f71a7a94ce8d70d9d378ebc225b802b58f0ae006) ([merge request](gitlab-org/gitlab!147244))
Jenkins 2.440.3
1. Add an Appearance category to the setup wizard. (pull 8822))
2. BootFailure subclasses can now override the Jenkins startup failure page. (pull 8442))
3. Reduce the window of time during which a crash may lead to an inconsistent state on Linux. (pull 8815))
4. Update the appearance of controls in header. (pull 8791))
5. Allow icon size to be changed in the node overview table. (pull 8802))
6. Remove code that may have caused an agent-side hang under a rare race condition. (Remoting PR 713))
7. Reduce the likelihood of thread creation errors on agents. (Remoting PR 717))
Jenkins 2.454
1. Support symbols in the newJob page. (issue 72947))
2. Create-item button is no longer disabled when a duplicate name is present. (issue 73007))
3. Fix the appearance of badges. (pull 9155))
4. After reconfiguring a static inbound agent in the GUI using fields such as WebSocket, deprecated in 2.440.x, the suggested launch instructions would incorrectly include tunnel (issue 73011))
5. Fix the WorkspaceCleanupThread to consider workspaces with suffixes even if the original is nonexistent. Reduce the number of remoting calls made by WorkspaceCleanupThread. (issue 65829))
6. If the variant plugin is installed at the same time as a plugin that has an OptionalExtension, these extensions would not be correctly discovered until the next scan for new Extensions. (issue 72998))
7. Installed plugin view no longer jumps during first load. (issue 69588))
Kubernetes v1.30.0
Changes by Kind
Deprecation:
- kubectl: Removed the deprecated flag `prune-whitelist` for apply. Please use the flag `prune-allowlist` instead. (#120246, @pacoxu)
- The deprecated `SecurityContextDeny` admission plugin, which has been deprecated since `v1.27`, has been removed. It is recommended to use the Pod Security Admission plugin instead, which has been available since v1.25. Refer to the Kubernetes documentation for more information. (#122612, @mtardy)
API Change:
- Added (alpha) support for the `managedBy` field on Jobs. Jobs with a custom value of this field - any value other than `kubernetes.io/job-controller` - were skipped by the job controller, and their reconciliation was delegated to an external controller, indicated by the value of the field. Jobs that didn't have this field at all, or where the field value was the reserved string `kubernetes.io/job-controller`, were reconciled by the built-in job controller. (#123273, @mimowo)
- Added alpha-level support for the SuccessPolicy in Jobs. (#123412, @tenzen-y)
- Added the `CEL` library for IP Addresses and CIDRs. This was made available for use starting from version `1.31`. (#121912, @JoelSpeed)
- Allowed container runtimes to fix an image garbage collection bug by adding an `image_id` field to the CRI Container message. (#123508, @saschagrunert)
- Dynamic Resource Allocation: DRA drivers can now use "structured parameters" to let the scheduler handle claim allocation. (#123516, @pohly)
- Fixed accidental enablement of the new alpha `optionalOldSelf` API field in `CustomResourceDefinition` validation rules, which should only have been allowed to be set when the `CRDValidationRatcheting` feature gate is enabled. (#122329, @jpbetz)
- Implemented the `prescore` extension point for the `volumeBinding` plugin. It now returns skip if it doesn't do anything in Score. (#115768, @AxeZhan)
- Kubelet would fail if NodeSwap was used with LimitedSwap and cgroupv1 node. (#123738, @kannon92)
- Promoted `AdmissionWebhookMatchConditions` to GA. The feature is now stable, and the feature gate is now locked to default. (#123560, @ivelichkovich)
- Structured Authentication Configuration now supports `DiscoveryURL`. If specified, `discoveryURL` overrides the URL used to fetch discovery information. This is for scenarios where the well-known and jwks endpoints are hosted at a different location than the issuer (such as locally in the cluster). (#123527, @aramase)
- The `StorageVersionMigration` API, previously available as a Custom Resource Definition (CRD), is now a built-in API in Kubernetes. (#123344, @nilekhc)
- When configuring a JWT authenticator: If `username.expression` used 'claims.email', then 'claims.email_verified' must have been used in `username.expression` or `extra[*].valueExpression` or `claimValidationRules[*].expression`. An example claim validation rule expression that matches the validation automatically applied when `username.claim` is set to 'email' is 'claims.?email_verified.orValue(true)'. (#123737, @enj)
- `readOnly` volumes now support recursive read-only mounts for kernel versions >= 5.12." (#123180, @AkihiroSuda)
- cri-api: Implemented KEP-3857: Recursive Read-only (RRO) mounts. (#123272, @AkihiroSuda)
- kube-apiserver: the AuthenticationConfiguration type accepted in `--authentication-config` files has been promoted to `apiserver.config.k8s.io/v1beta1`. (#123696, @aramase)
- kubelet allowed specifying a custom root directory for pod logs (instead of the default /var/log/pods) using the `podLogsDir` key in kubelet configuration. (#112957, @mxpv)
- resource.k8s.io/ResourceClaim (alpha API): The strategic merge patch strategy for the `status.reservedFor` array was changed so that a strategic-merge-patch can now add individual entries. This change may break clients using strategic merge patch to update status, which rely on the previous behavior (replacing the entire array). (#122276, @pohly)
- Added a CBOR implementation of `runtime.Serializer`. Until CBOR graduates to Alpha, API servers will refuse to start if configured with CBOR support. (#122881, @benluddy)
- Added a alpha feature, behind the `RelaxedEnvironmentVariableValidation` feature gate. When that gate is enabled, Kubernetes allows almost all printable ASCII characters to be used in the names of environment variables for containers in Pods. (#123385, @HirazawaUi)
- Added a new (alpha) field, `trafficDistribution`, to the Service `spec` to express preferences for traffic distribution to endpoints. Enabled through the `ServiceTrafficDistribution` feature gate. (#123487, @gauravkghildiyal)
- Added audienceMatchPolicy field to AuthenticationConfiguration and support for configuring multiple audiences. The "audienceMatchPolicy" can be empty (or unset) when a single audience is specified in the "audiences" field. The "audienceMatchPolicy" must be set to "MatchAny" when multiple audiences are specified in the "audiences" field. (#123165, @aramase)
- Added consistent vanity import to files and provided tooling for verifying and updating them. (#120642, @jcchavezs)
- Added the `disable-force-detach` CLI option for `kube-controller-manager`. By default, it's set to `false`. When enabled, it prevents force detaching volumes based on maximum unmount time and node status. If activated, the non-graceful node shutdown feature must be used to recover from node failure. Additionally, if a pod needs to be forcibly terminated at the risk of corruption, the appropriate VolumeAttachment object must be deleted. (#120344, @rohitssingh)
- Added to `MutableFeatureGate` the ability to override the default setting of feature gates, to allow default-enabling a feature on a component-by-component basis instead of for all affected components simultaneously. (#122647, @benluddy)
- Aggregated discovery supports both `v2beta1` and v2 types and feature is promoted to GA. (#122882, @Jefftree)
- Alpha support for field selectors on custom resources has been added. With the `CustomResourceFieldSelectors` feature gate enabled, the CustomResourceDefinition API now allows specifying `selectableFields`. Listing a field there enables filtering custom resources for that CustomResourceDefinition in list or watch requests. (#122717, @jpbetz)
- AppArmor profiles can now be configured through fields on the `PodSecurityContext` and container `SecurityContext`. The beta AppArmor annotations are deprecated, and AppArmor status is no longer included in the node ready condition. (#123435, @tallclair)
- Contextual logging is now in beta and enabled by default. Check out the KEP and official documentation for more details. (#122589, @pohly)
- Enabled concurrent log rotation in kubelet. You can now configure the maximum number of concurrent rotations with the `containerLogMaxWorkers` setting, and adjust the monitoring interval with `containerLogMonitorInterval`. (#114301, @harshanarayana)
- Graduated pod scheduling gates to general availability. The `PodSchedulingReadiness` feature gate no longer has any effect, and the `.spec.schedulingGates` field is always available within the Pod and PodTemplate APIs. (#123575, @Huang-Wei)
- Graduated support for `minDomains` in pod topology spread constraints, to general availability.The `MinDomainsInPodTopologySpread` feature gate no longer has any effect, and the field is always available within the Pod and PodTemplate APIs. (#123481, @sanposhiho)
- In kubelet configuration, the `.memorySwap.swapBehavior` field now accepts a new value `NoSwap`, which becomes the default if unspecified. The previously accepted `UnlimitedSwap` value has been dropped. (#122745, @kannon92)
- Kube-apiserver: the AuthorizationConfiguration type accepted in `--authorization-config` files has been promoted to `apiserver.config.k8s.io/v1beta1`. (#123640, @liggitt)
- OIDC authentication will now fail if the username asserted based on a CEL expression config is the empty string. Previously the request would be authenticated with the username set to the empty string. (#123568, @enj)
- Removed note that `hostAliases` are not supported on hostNetwork Pods from the PodSpec API. The feature has been supported since v1.8. (#122422, @neolit123)
- Structured Authentication Configuration now supports configuring multiple JWT authenticators. The maximum allowed JWT authenticators in the authentication configuration is 64. (#123431, @aramase)
- Text logging in Kubernetes components now uses textlogger. The same split streams of info and error log entries with buffering of info entries is now also supported for text output (off by default, alpha feature). Previously, this was only supported for JSON. Performance is better also without split streams. (#114672, @pohly)
- The API server now detects and fails on startup if there are conflicting issuers between JWT authenticators and service account configurations. Previously, such configurations would run but could be inconsistently effective depending on the credential. (#123561, @enj)
- The JWT authenticator configuration set via the `--authentication-config` flag is now dynamically reloaded as the file changes on disk. (#123525, @enj)
- The `StructuredAuthenticationConfiguration` feature is now beta and enabled. (#123719, @enj)
- The `kube_codegen` tool now ignores the vendor folder during code generation.
- (#122729, @jparrill)
- The kubernetes repo now uses Go workspaces. This should not impact end users at all, but does have impact for developers of downstream projects. Switching to workspaces caused some breaking changes in the flags to the various k8s.io/code-generator tools. Downstream consumers should look at staging/src/k8s.io/code-generator/kube_codegen.shto see the changes. (#123529, @thockin)
- Updated an audit annotation key used bythe `…/serviceaccounts/<name>/token` resource handler. The annotation used to persist the issued credential identifier is now `authentication.kubernetes.io/issued-credential-id`. (#123098, @munnerz) [SIG Auth]
- Users are now allowed to mutate `FSGroupPolicy` and `PodInfoOnMount` in `CSIDriver.Spec`. (#116209, @haoruan)
- ValidatingAdmissionPolicy was promoted to GA and will be `enabled` by default. (#123405, @cici37)
- When scheduling a mix of pods using `ResourceClaims` and others that don't, scheduling a pod with `ResourceClaims` has a lower impact on scheduling latency. (#121876, @pohly)
- When working with client-go events, it's now recommended to use `NewEventBroadcasterAdapterWithContext` instead of `NewEventBroadcasterAdapter` if contextual logging support is needed. (#122142, @pohly)
Feature:
- Added Timezone column in the output of the 'kubectl get cronjob' command. (#122231, @ardaguclu)
- Added `WatchListClient` feature gate to `client-go`. When enabled, it allows the client to receive a stream of individual items instead of chunking from the server. (#122571, @p0lyn0mial)
- Added the `apiserver_watch_cache_read_wait` metric to measure the watch cache impact on request latency.
- (#123190, @padlar)
- Allowed scheduling framework plugins that implement `io.Closer` to be gracefully closed.
- (#122498, @Gekko0114)
- Bumped cAdvisor to `v0.49.0`.
- (#123599, @bobbypage)
- Changed `--nodeport-addresses` behavior to default to "primary node IP(s) only" rather than "all node IPs".
- (#122724, @nayihz)
- In the Pod API, setting the alpha `procMount` field to `Unmasked` in a container now required setting `spec.hostUsers=false` as well.
- (#123520, @haircommander)
- Informers now supports adding Indexers after the informer starts.
- (#117046, @howardjohn)
- Printed more information when `kubectl describe` a `VolumeAttributesClass`. (#122640, @carlory)
- Promoted the `CRDValidationRatcheting` feature gate to beta and made it enabled by default. (#121461, @alexzielenski)
- Scheduler now skips the `NodeAffinity Score` plugin when it has nothing to do with a Pod. You might have noticed an increase in the metric `plugin_execution_duration_seconds` for `extension_point=score` and `plugin=NodeAffinity`, because the plugin only runs when it's relevant. (#117024, @sanposhiho)
- Some interfaces' signatures in the scheduler were updated: - PluginsRunner: used NodeInfo in `RunPreScorePlugins` and `RunScorePlugins`. - PreScorePlugin: used NodeInfo in `PreScore`. - Extender: used NodeInfo in `Filter` and `Prioritize`. (#121954, @AxeZhan)
- The watch cache now waits until it is at least as fresh as the given requestedWatchRV if sendInitialEvents was requested. (#122830, @p0lyn0mial)
- Updated `ImageGCMaxAge` behavior in the kubelet to wait the `MaxAge` duration after the kubelet has restarted before garbage collecting. (#123343, @haircommander)
- Updated `distroless-iptables` to `v0.5.0`, debian-base to `bookworm-v1.0.1`, and setcap to `bookworm-v1.0.1`. (#123170, @cpanato)
- `NewVolumeManagerReconstruction` feature is now GA. (#123442, @jsafrane)
- `kubectl describe`: Added Suspend to job and Node-Selectors and Tolerations to pod template output. (#122618, @ivanvc)
- `kubectl get job` now displays the status for the listed jobs. (#123226, @ivanvc)
- etcd: Built image for `v3.5.11`. (#122233, @mzaian)
- kube-apiserver now reloads the `--authorization-config` file when it changes. Reloads increment the `apiserver_authorization_config_controller_automatic_reload_last_timestamp_seconds` timestamp metric, with `status="success"` for successful reloads and `status="failed"` for failed reloads. Failed reloads keep using the previously loaded authorization configuration. (#121946, @liggitt)
- kube-apiserver now reported the following metrics for authorization webhook match conditions: - `apiserver_authorization_match_condition_evaluation_errors_total` counter metric labeled by authorizer type and name - `apiserver_authorization_match_condition_exclusions_total` counter metric labeled by authorizer type and name - `apiserver_authorization_match_condition_evaluation_seconds` histogram metric labeled by authorizer type and name. (#123611, @ritazh)
- kube-apiserver: JWT authenticator now reports the following metrics: - apiserver_authentication_config_controller_automatic_reloads_total - apiserver_authentication_config_controller_automatic_reload_last_timestamp_seconds (#123793, @aramase)
- kube-apiserver: The StructuredAuthorizationConfiguration feature gate has been promoted to beta and now allows the use of the `--authorization-configuration` flag. (#123641, @liggitt)
- kube-scheduler implemented scheduling hints for the `NodeUnschedulable` plugin. The scheduling hints allowed the scheduler to only retry scheduling a Pod that had been previously rejected by the `NodeSchedulable` plugin if a new Node or a Node update had set `.spec.unschedulable` to false. (#122334, @carlory)
- kubeadm: Added better handling of errors during unmount when calling `kubeadm reset`. When failing to unmount directories under `/var/run/kubelet`, kubeadm will now throw an error instead of showing a warning and continuing to clean up said directory. In such situations, it is better for you to inspect the problem and resolve it manually. Then, you can call `kubeadm reset` again to complete the cleanup. (#122530, @neolit123)
- kubeadm: Added support for machine-readable output with `-o yaml` and `-o json` to the command `kubeadm certs check-expiration`. This change is introduced in a new API: ``` kind: CertificateExpirationInfo apiVersion: output.kubeadm.k8s.io/v1alpha3 ``` The existing non-structured formatting is preserved. The output API version v1alpha2 is now deprecated and will be removed in a future release. Please migrate to using v1alpha3. (#123372, @carlory)
- kubeadm: added the `WaitForAllControlPlaneComponents` feature gate. It could be used to tell kubeadm to wait for all control plane components to be ready when running "kubeadm init" or "kubeadm join --control-plane". Previously, kubeadm only waited for the kube-apiserver. The "kubeadm join" workflow now includes a new experimental phase called "wait-control-plane". This phase was marked as non-experimental when WaitForAllControlPlaneComponents became GA. Accordingly, a "kubeadm init" phase "wait-control-plane" was also available once WaitForAllControlPlaneComponents became GA. These phases could be skipped if the user preferred not to wait for the control plane components. (#123341, @neolit123)
- kubectl `port-forward` over websockets (tunneling SPDY) can now be enabled using an `Alpha` feature flag environment variable: KUBECTL_PORT_FORWARD_WEBSOCKETS=true. The API Server being communicated to must *also* have an `Alpha` feature flag enabled: PortForwardWebsockets. (#123413, @seans3)
- A new flag called `custom` has been introduced in `kubectl debug`, allowing users to customize pre-defined profiles. (#120346, @ardaguclu)
- A new kubelet metric `image_pull_duration_seconds` was added. The metric tracks the duration (in seconds) it takes for an image to be pulled, including the time spent in the waiting queue of image puller. The metric is broken down by bucketed image size. (#121719, @ruiwen-zhao)
- A new metric `lifecycle_handler_sleep_terminated_total` is added to record how many times LifecycleHandler sleep got unexpectedly terminated. (#122456, @AxeZhan)
- Added `client-go` support for upgrading subresource fields from client-side to server-side management. (#123484, @erikgb)
- Added `exec-interactive-mode` and `exec-provide-cluster-info` flags in kubectl config set-credentials command. (#122023, @ardaguclu)
- Added `process_start_time_seconds` to `/metrics/slis` endpoint of all components. (#122750, @richabanker)
- Added a "reason" field to the "image_garbage_collected_total" metric, allowing administrators to differentiate between images that were collected for reasons "age" vs "space". (#123345, @haircommander)
- Added a new metric `apiserver_encryption_config_controller_automatic_reloads_total` to measure the total number of API server encryption configuration reload successes and failures. This metric now contains the `status` label with a value that is either `success` or `failure`. Deprecated the metrics `apiserver_encryption_config_controller_automatic_reload_success_total` and `apiserver_encryption_config_controller_automatic_reload_failure_total`. Please use `apiserver_encryption_config_controller_automatic_reloads_total` instead. (#123179, @aramase)
- Added feature gate `MutatingAdmissionPolicy` for enabling mutation policy in admission chain. (#123425, @cici37)
- Added kubelet metrics to track the memory manager allocation and pinning. (#121778, @Tal-or)
- Added the `access_mode` label to `volume_manager_selinux_*` metrics. (#123667, @jsafrane)
- Enhanced cloud provider integrations to support optional, per-Node custom labels that can be supplied and applied to Nodes by the node controller. These extra labels will only be applied where the cloud provider integration supports this feature. (#123223, @mmerkes)
- Graduated "Forensic Container Checkpointing" (KEP #2008) from Alpha to Beta. (#123215, @adrianreber)
- Graduated HorizontalPodAutoscaler support for per-container metrics to stable. (#123482, @sanposhiho)
- Graduated support for passing dual-stack `kubelet --node-ip` values when using a cloud provider. The feature is now GA, and the `CloudDualStackNodeIPs` feature gate is always enabled. (#123134, @danwinship)
- In the PriorityLevelConfiguration object, the `nominalConcurrencyShares` field now accepts a zero value in both the `flowcontrol.apiserver.k8s.io/v1` and `flowcontrol.apiserver.k8s.io/v1beta3` APIs. (#123001, @tkashem)
- Introduced a feature gate mechanism to `client-go`. Depending on the actual implementation, users can control features via environmental variables or command line options. (#122555, @p0lyn0mial)
- Introduced a new alpha feature gate, `SELinuxMount`, which can now be enabled to accelerate SELinux relabeling. (#123157, @jsafrane)
- Kube-apiserver now reports latency metric for JWT authenticator authenticate token decisions in the `apiserver_authentication_jwt_authenticator_latency_seconds` metric, labeled by jwtIssuer hash and result. (#123225, @aramase)
- Kube-apiserver now reports metrics for authorization decisions in the `apiserver_authorization_decisions_total` metric, labeled by authorizer type, name, and decision. (#123333, @liggitt)
- Kube-apiserver: Authorization webhooks now report the following metrics:
- apiserver_authorization_webhook_evaluations_total
- apiserver_authorization_webhook_duration_seconds
- apiserver_authorization_webhook_evaluations_fail_open_total (#123639, @liggitt)
- Kube-controller-manager: increased the global level for broadcaster's logging to 3 so that users can ignore event messages by lowering the logging level. It reduces information noise. (#122293, @mengjiao-liu)
- Kube-scheduler implemented scheduling hints for the `NodeAffinity` plugin. The scheduling hints allowed the scheduler to only retry scheduling a Pod that had been previously rejected by the `NodeAffinity` plugin if a new Node or a Node update matched the Pod's node affinity. (#122309, @carlory)
- Kube-scheduler implemented scheduling hints for the `NodeResourceFit` plugin. The scheduling hints allowed the scheduler to only retry scheduling a Pod that had been previously rejected by the `NodeResourceFit` plugin if a new Node or a Node update matched the Pod's resource requirements or if an old pod update or delete matched the Pod's resource requirements. (#119177, @carlory)
- Kube-scheduler now retries scheduling Pods rejected by the PodTopologySpread plugin when related Pods are created, deleted, updated, or when a node matches the specified topologyKey. (#122195, @nayihz)
- Kubeadm now prints all the kubelets and nodes that need to be upgraded when running "upgrade plan". (#123578, @carlory)
- Kubectl debug now includes the sysadmin profile. (#119200, @eiffel-fl)
- Kubelet now supports configuring the IDs used to create user namespaces. (#123593, @giuseppe)
- Kubernetes is now built with Go `1.21.6`. (#122705, @cpanato)
- Kubernetes is now built with Go `1.22.1`. (#123750, @cpanato)
- Kubernetes is now built with Go `1.22`. (#123217, @cpanato)
- Kubernetes is now built with go `1.22rc2`. (#122889, @cpanato)
- LoadBalancerIPMode feature is now marked as Beta. (#123418, @rikatz)
- Node information is now embedded into Pod-bound service account tokens as additional metadata. The 'JTI' field is set in issued service account tokens, and this information is embedded as `authentication.kubernetes.io/credential-id` in the user's ExtraInfo. (#123135, @munnerz)
- Node podresources API now includes init containers with containerRestartPolicy of `Always` when `SidecarContainers` feature is enabled. (#120718, @gjkim42)
- Promoted `KubeProxyDrainingTerminatingNodes` to `Beta`. (#122914, @alexanderConstantinescu)
- Promoted feature gate `StableLoadBalancerNodeSet` to `GA` . (#122961, @alexanderConstantinescu)
- Promoted the `ImageMaximumGCAge` feature to beta. (#123424, @haircommander)
- Promoted the `status.hostIPs` field for Pods to general availability.
- The `PodHostIPs` feature gate no longer has any effect, and the `status.hostIPs` field is always available within the Pod API. (#122870, @wzshiming)
- RemoteCommand feature gates for kubectl exec, cp, and attach over WebSockets are now enabled by default (Beta):
- Server-side feature gate: `TranslateStreamCloseWebsocketRequests`
- Client-side (kubectl) feature gate: `KUBECTL_REMOTE_COMMAND_WEBSOCKETS`
- To disable RemoteCommand over WebSockets for kubectl, the environment variable feature gate must be explicitly set to `false`: `KUBECTL_REMOTE_COMMAND_WEBSOCKETS=false`. (#123281, @seans3)
- Revised node selection based on container image location. The kube-scheduler now considers whether nodes have the required images available for init containers, and for sidecar containers if the cluster has 'SidecarContainers' enabled. (#123366, @kerthcet)
- Scheduler extender `ignorable` option now handles errors for both filter and bind phases. (#122503, @sunbinnnnn)
- The NodeLogQuery feature has been promoted to beta. No functional changes have been made from the alpha version. (#123205, @aravindhp)
- The `apiserver.latency.k8s.io/decode-response-object` annotation was added to the audit log to record the decoding time. (#121512, @HirazawaUi)
- The drop-in kubelet configuration directory feature has been targeted for Beta. (#122907, @sohankunkerkar)
- The kubelet now rejects creating the pod if `hostUserns=false` and the CRI runtime does not support user namespaces. (#123216, @giuseppe)
- The scheduler now retries Pods, which are failed by `nodevolumelimits` due to not found PVCs, only when new PVCs are added. (#121952, @sanposhiho)
- Updated `kubedns` and `nodelocaldns` to release version `1.22.28`. (#121908, @mzaian)
- Users can now traverse all the pods that are in the scheduler and waiting in the permit stage through method `IterateOverWaitingPods`. In other words, all waitingPods in scheduler can be obtained from any profiles. Before this commit, each profile could only obtain `waitingPods` within that profile (#122946, @NoicFank)
- ValidatingAdmissionPolicy now exclude TokenReview, SelfSubjectReview, LocalSubjectAccessReview, and SubjectAccessReview from all versions of authentication.k8s.io and authorization.k8s.io group. (#123543, @jiahuif)
- When a PreFilterResult filters out certain Nodes, the scheduling framework now categorizes them as rejected via `UnschedulableAndUnresolvable`. Consequently, these nodes are excluded from the candidates for the preemption process. Additionally, this update corrects how the scheduling framework handles the Unschedulable status from PreFilter. Previously, if PreFilter returned `Unschedulable`, it could lead to an unexpected abortion in the preemption process, which shouldn't occur in the default scheduler but might occur in schedulers with custom plugins. (#119779, @sanposhiho)
- When the `RetryGenerateName` feature gate is enabled on the kube-apiserver, create requests using generateName are retried automatically by the apiserver when the generated name conflicts with an existing resource name, up to a max limit of 7 retries.This feature is in alpha. (#122887, @jpbetz)
- `ValidatingAdmissionPolicy` now supports type checking policies that utilize variables. (#123083, @jiahuif)
Documentation:
- Added a new internal metric `kubelet_first_network_pod_start_sli_duration_second` in the kubelet that allowed developers to understand the source of the latency problems on node startups.(#121720, @aojea)
- A deprecated flag `--pod-max-in-unschedulable-pods-duration` was initially planned to be removed in v1.26, but we had to change this plan. We found an issue in which Pods can be stuck in the unschedulable pod pool for 5 min, and using this flag is the only workaround for this issue.
- This issue only could happen if you use custom plugins or if you change plugin set being used in your scheduler via the scheduler config. (#122013, @sanposhiho)
- Modified the error message of `unmanagedFatal` to enhance clarity while preserving grammatical consistency with `unmanagedWarning`. This improvement ensures a more understandable prompt for users. (#120159, @Ithrael)
Failing Test:
- Reverted the change to "support sharing waitingPods across different scheduler profiles". (#124001, @kerthcet)
Bug or Regression:
- Added `imagefs.inodesfree` to default `EvictionHard` settings. (#121834, @vaibhav2107)
- Changed the API server so that for admission webhooks that have a URL matching the hostname 'localhost' or a loopback IP address, the connection supports HTTP/2 where it could be negotiated. (#122558, @linxiulei)
- Fixed CEL estimated cost for expressions that perform operations on the result of `map()` operations (e.g., `.map(...).exists(...)` ) to have the correct estimated cost instead of an unbounded cost. (#123562, @jpbetz)
- Fixed a `1.27.0+` regression in kubeadm: The kubelet patch configuration will not be uploaded into the `kube-system/kubelet-config` ConfigMap anymore. (#123093, @SataQiu)
- Fixed a bug in `ValidatingAdmissionPolicy` that caused policies using CRD parameters to fail to synchronize. (#123003, @alexzielenski)
- Fixed a non-recursive list returning "resource version too high" error when consistent listing from cache is enabled. (#123674, @serathius)
- Fixed a regression in `kube-proxy` introduced in version `1.26.0+` to make externalIPs workwith externalTrafficPolicy: Local. (#121919, @uablrek)
- Fixed a regression in migration of in-tree vSphere volumes to the CSI driver introduced in version `1.29.0`+. (#122341, @jsafrane)
- Fixed a regression since `1.24` in the scheduling framework when overriding MultiPoint plugins (e.g. default plugins). The incorrect loop logic might have led to a plugin being loaded multiple times, consequently preventing any Pod from being scheduled, which was unexpected. (#122068, @caohe)
- Fixed an issue where `AvailableBytes` sometimes did not report correctly on WindowsNodes when the `PodAndContainerStatsFromCRI` feature was enabled. (#122846, @marosset)
- Fixed an issue where mount points could become local without calling `NodePublishVolume` after node rebooting. (#119923, @cvvz)
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane)
- Fixed error handling in `EnsureAdminClusterRoleBindingImpl`. (#122893, @danwinship)
- Fixed incorrect error logging for `syncCronJob`. (#122493, @mengjiao-liu)
- Fixed the deprecated version for `pod_scheduling_duration_seconds` that caused the metric to be hidden by default in `1.29`. (#123038, @alculquicondor)
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92)
- Improved scheduler performance when no scoring plugins were defined. (#122058, @aleksandra-malinowska)
- Improved scheduler performance when no scoring plugins were defined. (#122435, @aleksandra-malinowska)
- Improved scheduler performance when no scoring plugins were defined. (#123384, @aleksandra-malinowska)
- In kubeadm, in the new output API 'output.kubeadm.k8s.io/v1alpha3', the UpgradePlan structure that is used when calling 'kubeadm upgrade plan ... -o yaml|json' was modified to include a list of multiple available upgrades. (#123461, @carlory)
- Made decoding etcd's response respect the timeout context. (#121815, @HirazawaUi)
- Previously, the scheduling queue didn't notice any extenders' failures, potentially resulting in missed cluster events and Pods rejected by Extenders being stuck in the unschedulable pod pool for up to 5 minutes in the worst-case scenario. Now, the scheduling queue notices extenders' failures and requeues Pods rejected by Extenders appropriately. (#122022, @sanposhiho)
- QueueingHint implementation for `NodeAffinity` was reverted because potential scenarios were found where events that make Pods schedulable could be missed. (#122285, @sanposhiho)
- Removed the incorrect warning event `FileSystemResizeFailed` during pod creation if it uses a readonly volume and the capacity of the volume is greater than or equal to its requested storage. (#122508, @carlory)
- Restored the `--verify-only` function in code generation wrappers. (#123261, @skitt)
- Reverted the `EventedPLEG` feature (beta, but disabled by default) back to alpha due to a known issue. (#122697, @pacoxu)
- Used `errors.Is()` to handle errors returned by `LookPath()`. (#122600, @lzhecheng)
- kube-proxy: Fixed `LoadBalancerSourceRanges` not working for `nftables` mode. (#122614, @tnqn)
- kubeadm: fixed a bug where "kubeadm upgrade plan -o yaml|json" included unneeded output and was missing component config information. (#123492, @carlory)
- Added metric name along with the utilization information when running `kubectl get hpa`. (#122804, @sreeram-venkitesh)
- Addressed an issue where a JWT authenticator set up via `--authentication-config` would encounter failures in verifying tokens not signed with RS256. (#123282, @enj)
- DRA: ResourceClaim and PodSchedulingContext status updates no longer allow changing object meta data. (#123730, @pohly)
- Enabled deletion of pods that use raw block volumes on node reboot. (#122211, @gnufied)
- Etcd: Updated to `v3.5.11`. (#122393, @mzaian)
- Fixed Pod stuck in `Terminating` because of `GenerateUnmapVolumeFunc` missing `globalUnmapPath` when kubelet tries to clean up all volumes that failed reconstruction. (#123032, @carlory)
- Fixed Windows credential provider, cannot find binary. Windows credential provider binary path may have ".exe" suffix so it is better to use `LookPath()` to support it flexibly. (#120291, @lzhecheng)
- Fixed `kubectl explain` to show enum for field types if they were defined. (#123023, @ah8ad3)
- Fixed a bug in kubeadm where the `--rootfs` global flag didn't work with "kubeadm upgrade node" for control plane nodes. (#123077, @neolit123)
- Fixed a bug that an init container with containerRestartPolicy with `Always` cannot update its state from terminated to non-terminated for the pod with restartPolicy with `Never` or `OnFailure`. (#123323, @gjkim42)
- Fixed a bug where `kubectl` drain would consider a pod as having been deleted if an error occurs while calling the API. (#122574, @brianpursley)
- Fixed a potential data race in DRA with no known real-world implications. (#123222, @pohly)
- Fixed a race condition in the iptables mode of kube-proxy in `1.27` and later that could result in some updates getting lost (e.g., when a service gets a new endpoint, the rules for the new endpoint might not be added until much later). (#122204, @danwinship)
- Fixed a regression in "kubeadm init" where a user-specified --kubeconfig file was being ignored. (#122735, @avorima)
- Fixed a regression in kubectl version `1.29.0` where the `--attach` flag was not honored. (#122447, @ardaguclu)
- Fixed an error when trying to expand a volume that does not require node expansion. (#123055, @gnufied)
- Fixed an issue calculating total CPU usage reported for Windows nodes. (#122999, @marosset)
- Fixed an issue to ignore unnecessary node events and improve daemonset controller performance. (#121669, @xigang)
- Fixed an issue where the `configmap`, `secret`, `projected`, and `downwardAPI` volume types didn't create user-visible files after a kubelet restart. This fix ensures data persistence and accessibility after restarts. (#122807, @carlory)
- Fixed bug where health check could pass while APIServices are missing from aggregated discovery. (#122883, @Jefftree)
- Fixed bug where providing a FieldPath to a CRD Validation Rule would erroneously affect the reported field path of other unrelated CRD Validation Rules on the same schema. (#123475, @alexzielenski)
- Fixed enabling consistent list from watch cache that used to work for resourceVersion=0 (#123676, @serathius)
- Fixed node lifecycle controller panic when conditionType ready is been patch `nil` by mistake. (#122874, @fusida)
- Fixed panic of Evented `PLEG` during kubelet start-up. (#122475, @pacoxu)
- Fixed resource deletion failure caused by quota calculation error when `InPlacePodVerticalScaling` is turned on. (#122701, @carlory)
- For statically provisioned PVs, if their volume source is of CSI type or they have a migrated annotation, when they are deleted, the PersistentVolume controller won't change their phase to the Failed state. With this patch, the external provisioner can remove the finalizer in the next reconcile loop. Unfortunately, if a previously existing PV has the Failed state, this patch won't take effect. Users are required to remove the finalizer manually. (#122030, @carlory)
- Improved the efficiency of NodeAdded QueueingHint by registering UpdateNodeTaint event for plugins that have NodeAdded event but don't have UpdateNodeTaint event. This ensures better requeuing efficiency and prevents Pods from being stuck in the unschedulable pod pool. (#122292, @sanposhiho)
- JWTs used in service account and OIDC authentication are now strictly parsed to confirm that they use compact serialization. Other encodings were not previously accepted, but would result in different unspecific errors. (#123540, @enj)
- Kube-apiserver: Fixed a `1.27`+ regression in watch stability by serving watch requests without a `resourceVersion` from the watch cache by default, as in <`1.27` (disabling the change in PR 115096 by default). This mitigates the impact of an etcd watch bug (https://github.com/etcd-io/etcd/pull/17555). If the 1.27 change in PR 115096 to serve these requests from underlying storage is still desired despite the impact on watch stability, it can be re-enabled with a `WatchFromStorageWithoutResourceVersion` feature gate. (#123935, @serathius)
- Kubeadm: avoided uploading a defaulted flag value "--authorization-mode=Node,RBAC" for the kube-apiserver in the ClusterConfiguration stored in the "kube-system/kubeadm-config" ConfigMap. "Node,RBAC" are already the kubeadm defaults for this flag, so this action is redundant. (#123555, @neolit123)
- Kubeadm: fixed a bug during kubeadm upgrade, where it is not possible to mount a new device and create a symbolic link for /etc/kubernetes (or a sub-directory) so that kubeadm stores its information on the mounted device. (#123406, @SataQiu)
- Kubeadm: the `kubelet-finalize` phase of `kubeadm init` no longer requires the kubelet kubeconfig to have a specific authinfo. (#123171, @vrutkovs)
- OpenAPI V2 will no longer publish aggregated API server OpenAPI for group versions that do not match the APIService specified group version. (#123570, @Jefftree)
- Patched a leak of a discovery document that would occur when an Aggregated APIService changed its Spec.Service field and did not change it back. (#123517, @Jefftree)
- Prevented watch cache starvation by moving its watch to separate RPC. Added a `SeparateCacheWatchRPC` feature flag to disable this behavior. (#123532, @serathius)
- Reverted the `QueueingHint` implementation for `NodeUnschedulable` due to potential scenarios where events that make Pods schedulable could be missed. (#122288, @sanposhiho)
- The PersistentVolume controller no longer automatically assigns a default `StorageClass` to Persistent Volume Claims (PVCs) with an empty `storageClassName`. (#122704, @carlory)
- The initialization of nodes using external cloud providers now waits for the providerID value to be available before untainting it. This ensures that nodes are not declared Ready without necessary information such as the providerID and zone labels, which are required for integrations like load balancers to function correctly. Cloud providers that do not implement the GetInstanceProviderID method will not require the providerID to be set and will not fail to initialize the node for backward compatibility. (#123713, @aojea)
- Updated google.golang.org/protobuf to `v1.33.0` to resolve `CVE-2024-24786`. (#123758, @liggitt)
- Updated the sample-apiserver manifest example to include correct RBAC configurations. (#123479, @Jefftree)
- When initializing nodes using external cloud-providers, the process now waits for the providerID value to be available before declaring the node ready. This ensures that nodes are not marked as Ready prematurely due to communication errors with the cloud-provider. The providerID and zone labels are necessary for integrations such as load balancers to function correctly. Users can choose to opt out of this behavior by setting the feature flag OptionalProviderID in the cloud-controller-manager. (#123331, @aojea)
- When using `kubectl logs <pod-name>` and the pod is not found, the error message now includes the namespace. Previously, the message would be "Error from server (NotFound): pods "my-pod-name" not found". Now, it reflects the namespace in the message as follows: "Error from server (NotFound): pods "my-pod-name" not found in namespace "default"". (#120111, @newtondev)
- When using a claim with immediate allocation and a pod referencing that claim couldn't get scheduled, the scheduler incorrectly may have tried to deallocate that claim. (#122415, @pohly)
- kubeadam][structured authz] avoided setting default `--authorization-mode` when `--authorization-config` is provided ([#123654, @LiorLieberman)
- `ValidateVolumeAttributesClassUpdate` also validates new VolumeAttributesClass object. (#122449, @carlory)
Other (Cleanup or Flake):
- Accepted zero as a default value for `kubectl create` token duration. (#123565, @ah8ad3)
- Cleanup: removed `getStorageAccountName` warning messages. (#121983, @andyzhangx)
- Client-go: Optimized leaders renewing leases by updating leader lock optimistically without getting the record from the API server first. Also, a new metric `leader_election_slowpath_total` was added to allow users to monitor how many leader elections are updated non-optimistically. (#122069, @linxiulei)
- Locked the GA feature-gate `ConsistentHTTPGetHandlers` to default. (#122578, @carlory)
- Migrated `client-go/metadata` to contextual logging. (#122225, @ricardoapl)
- Removed the GA feature gate `RemoveSelfLink`. (#122468, @carlory)
- Removed the generally available feature gate `ExpandedDNSConfig`. (#122086, @bzsuni)
- Removed the generally available feature gate `KubeletPodResourcesGetAllocatable`. (#122138, @ii2day)
- Removed the generally available feature gate `KubeletPodResources`. (#122139, @bzsuni)
- Removed the generally available feature gate `MinimizeIPTablesRestore`. (#122136, @ty-dc)
- The GA feature-gate `APISelfSubjectReview` has been removed, and the feature is unconditionally enabled. (#122032, @carlory)
- Updated `etcd` to version `3.5.12`. (#123150, @bzsuni)
- Updated cri-tools to `v1.29.0`. (#122271, @saschagrunert)
- Upgraded metrics server to `v0.7.0`. (#123504, @pacoxu)
- `kubeadm completion` error message now displayed supported shell types when an invalid shell was specified (#122477, @SataQiu)
- kubeadm: ensured that a variety of API server requests were retried during "init", "join", "upgrade", "reset" workflows. Prior to this change, some API server requests, such as creating or updating ConfigMaps, were "one-shot" - i.e., they could fail if the API server dropped connectivity for a very short period of time. (#123271, @neolit123)
- kubeadm: improved the overall logic, error handling, and output messages when waiting for the kubelet and API server `/healthz` endpoints to return `OK`. The kubelet and API server checks no longer ran in parallel, but one after another (in serial). (#121958, @neolit123)
- Added an optimization to reduce stack memory usage for watch requests. It can be disabled with the feature gate: `APIServingWithRoutine=false` (#120902, @linxiulei)
- Added warning for `PV` on reclaim policy when it is `Recycle`. (#122339, @carlory)
- Deprecated the `azureFile` in-tree storage plugin. (#122576, @carlory)
- Etcd image `v3.5.12` has been built. (#123069, @bzsuni)
- Fixed a bug in scheduler requeueing where registered wildcard cluster event sources didn't work. (#123117, @kerthcet)
- Kubeadm: the `bridge-nf-call-iptables=1` and `bridge-nf-call-ip6tables=1` preflight checks are removed since not all the network implementations require this setting, network plugins are responsible for setting this correctly depending on whether or not they connect containers to Linux bridges or use some other mechanism. (#123464, @SataQiu)
- Kubeadm: used `ttlSecondsAfterFinished` to automatically clean up the `upgrade-health-check` Job that runs during upgrade preflighting. (#122079, @carlory)
- Migrated the kube-proxy to use contextual logging. (#122197, @fatsheep9146)
- Promoted feature-gate `LegacyServiceAccountTokenCleanUp` to GA and locked it to default. (#122635, @carlory)
- Removed GA featuregate about `ExperimentalHostUserNamespaceDefaultingGate` in `1.30`. (#122088, @bzsuni)
- Removed the GA feature gate for `IPTablesOwnershipCleanup` in version `1.30`. (#122137, @bzsuni)
- Removed the generally available feature gate `ProxyTerminatingEndpoints`. (#122134, @ty-dc)
- The `--cidr-allocator-type` option set to `CloudAllocator` for `kube-controller-manager` will be deprecated and removed in a future release. Users are advised to transition to and explore the available options provided by their external cloud provider. (#123011, @dims)
- The feature gate `LegacyServiceAccountTokenTracking` (GA since 1.28) is now removed because the feature is unconditionally enabled. (#122409, @Rei1010)
- The in-tree cloud provider for Azure has now been removed. Please use the external cloud provider and CSI driver from https://github.com/kubernetes/cloud-provider-azure instead. (#122857, @nilo19)
- The in-tree cloud provider for vSphere has been deprecated and removed. Users are advised to utilize the external cloud provider and CSI driver available at https://github.com/kubernetes/cloud-provider-vsphere. (#122937, @dims)
- Updated `kube-dns` to `v1.22.27`. (#121736, @ty-dc)
- Updated cni-plugins to version `v1.4.0`. (#122178, @saschagrunert)
- Updated kubedns and nodelocaldns to version `v1.23.0`. (#123310, @bzsuni)
- `kube-proxy` nftables mode is now compatible with kernel `5.4`. (#122296, @tnqn)
- Renamed Label cluster to `storage_cluster_id` for `apiserver_storage_size_bytes metric` (#124283, dims)
- Bumped the stability level of apiserver_storage_size_bytes to `STABLE` (#123342, @logicalhan)
Uncategorized:
- Fixed an issue where `kubectl apply` could panic when imported as a library. (#122346, @Jefftree)
Dependencies
Added:
- github.com/fxamacker/cbor/v2: v2.6.0
- github.com/pkg/diff: 20ebb0f
- github.com/x448/float16: v0.8.4
- golang.org/x/telemetry: b75ee88
- k8s.io/gengo/v2: 51d4e06
- sigs.k8s.io/knftables: v0.0.14
Changed:
- github.com/docker/docker: v20.10.24+incompatible → v20.10.27+incompatible
- github.com/go-logr/logr: v1.3.0 → v1.4.1
- github.com/go-logr/zapr: v1.2.3 → v1.3.0
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- github.com/google/cadvisor: v0.48.1 → v0.49.0
- github.com/google/cel-go: v0.17.7 → v0.17.8
- github.com/onsi/ginkgo/v2: v2.13.0 → v2.15.0
- github.com/onsi/gomega: v1.29.0 → v1.31.0
- github.com/opencontainers/runc: v1.1.10 → v1.1.12
- go.uber.org/atomic: v1.10.0 → v1.7.0
- go.uber.org/goleak: v1.2.1 → v1.3.0
- go.uber.org/zap: v1.19.0 → v1.26.0
- golang.org/x/crypto: v0.14.0 → v0.21.0
- golang.org/x/mod: v0.12.0 → v0.15.0
- golang.org/x/net: v0.17.0 → v0.23.0
- golang.org/x/sync: v0.3.0 → v0.6.0
- golang.org/x/sys: v0.13.0 → v0.18.0
- golang.org/x/term: v0.13.0 → v0.18.0
- golang.org/x/text: v0.13.0 → v0.14.0
- golang.org/x/tools: v0.12.0 → v0.18.0
- google.golang.org/protobuf: v1.31.0 → v1.33.0
- k8s.io/klog/v2: v2.110.1 → v2.120.1
- k8s.io/kube-openapi: 2dd684a → 70dd376
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.28.0 → v0.29.0
Removed:
- github.com/Azure/azure-sdk-for-go: v68.0.0+incompatible
- github.com/Azure/go-autorest/autorest/adal: v0.9.23
- github.com/Azure/go-autorest/autorest/date: v0.3.0
- github.com/Azure/go-autorest/autorest/mocks: v0.4.2
- github.com/Azure/go-autorest/autorest/to: v0.4.0
- github.com/Azure/go-autorest/autorest/validation: v0.3.1
- github.com/Azure/go-autorest/autorest: v0.11.29
- github.com/Azure/go-autorest/logger: v0.2.1
- github.com/Azure/go-autorest/tracing: v0.6.0
- github.com/Azure/go-autorest: v14.2.0+incompatible
- github.com/a8m/tree: 10a5fd5
- github.com/benbjohnson/clock: v1.1.0
- github.com/danwinship/knftables: v0.0.13
- github.com/dnaeon/go-vcr: v1.2.0
- github.com/dougm/pretty: 2ee9d74
- github.com/gofrs/uuid: v4.4.0+incompatible
- github.com/rasky/go-xdr: 4930550
- github.com/rubiojr/go-vhd: 02e2102
- github.com/vmware/govmomi: v0.30.6
- github.com/vmware/vmw-guestinfo: 25eff15
- k8s.io/gengo: 9cce18d
Kubernetes v1.29.4
Important Security Information:
- This release contains changes that address the following vulnerabilities:
- ### CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
- A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.
Affected Versions:
- kube-apiserver v1.29.0 - v1.29.3
- kube-apiserver v1.28.0 - v1.28.8
- kube-apiserver <= v1.27.12
Fixed Versions:
- kube-apiserver v1.29.4
- kube-apiserver v1.28.9
- kube-apiserver v1.27.13
- This vulnerability was reported by tha3e1vl.
- **CVSS Rating:** Low (2.7) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Changes by Kind
Feature:
- Kubernetes is now built with go 1.21.9
- update debian-base to bookworm-v1.0.2 (#124197, @cpanato) [SIG API Machinery, Architecture, Cloud Provider, Release, Storage and Testing]
Bug or Regression:
- Fix pod restart after node reboot when NewVolumeManagerReconstruction feature gate is enabled and SELinuxMountReadWriteOncePod disabled (#124140, @bertinatto) [SIG Node]
- Golang.org/x/net is bumped to v0.23.0 to address CVE-2023-45288 (#124180, @MadhavJivrajani) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
- Kube-apiserver: fixes a 1.27+ regression in watch stability by serving watch requests without a resourceVersion from the watch cache by default, as in <1.27 (disabling the change in #115096 by default). This mitigates the impact of an etcd watch bug (https://github.com/etcd-io/etcd/pull/17555). If the 1.27 change in #115096 to serve these requests from underlying storage is still desired despite the impact on watch stability, it can be re-enabled with a `WatchFromStorageWithoutResourceVersion` feature gate. (#123973, @serathius) [SIG API Machinery]
- Kubeadm: fix panic in the command "kubeadm certs check-expiration" when "/etc/kubernetes/pki" exists but cannot be read. (#124124, @carlory) [SIG Cluster Lifecycle]
- NONE (#124327, @ritazh) [SIG Auth]
- OpenAPI V2 will no longer publish aggregated apiserver OpenAPI for group-versions not matching the APIService specified group version (#123624, @Jefftree) [SIG API Machinery and Testing]
Dependencies
Added:
Changed:
- golang.org/x/crypto: v0.16.0 → v0.21.0
- golang.org/x/net: v0.19.0 → v0.23.0
- golang.org/x/sys: v0.15.0 → v0.18.0
- golang.org/x/term: v0.15.0 → v0.18.0
Removed:
Kubernetes v1.28.9
Important Security Information:
- This release contains changes that address the following vulnerabilities:
- ### CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
- A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.
Affected Versions:
- kube-apiserver v1.29.0 - v1.29.3
- kube-apiserver v1.28.0 - v1.28.8
- kube-apiserver <= v1.27.12
Fixed Versions:
- kube-apiserver v1.29.4
- kube-apiserver v1.28.9
- kube-apiserver v1.27.13
- This vulnerability was reported by tha3e1vl.
- **CVSS Rating:** Low (2.7) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Changes by Kind
Feature:
- Kubernetes is now built with go 1.21.9
- update debian-base/set-cap to bookworm-v1.0.2 (#124198, @cpanato) [SIG API Machinery, Architecture, Release and Testing]
Bug or Regression:
- Fix pod restart after node reboot when NewVolumeManagerReconstruction feature gate is enabled and SELinuxMountReadWriteOncePod disabled (#124141, @bertinatto) [SIG Node]
- Golang.org/x/net is bumped to v0.23.0 to address CVE-2023-45288 (#124179, @MadhavJivrajani) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
- Kube-apiserver: fixes a 1.27+ regression in watch stability by serving watch requests without a resourceVersion from the watch cache by default, as in <1.27 (disabling the change in #115096 by default). This mitigates the impact of an etcd watch bug (https://github.com/etcd-io/etcd/pull/17555). If the 1.27 change in #115096 to serve these requests from underlying storage is still desired despite the impact on watch stability, it can be re-enabled with a `WatchFromStorageWithoutResourceVersion` feature gate. (#124006, @serathius) [SIG API Machinery]
- Kubeadm: fix panic in the command "kubeadm certs check-expiration" when "/etc/kubernetes/pki" exists but cannot be read. (#124124, @carlory) [SIG Cluster Lifecycle]
- NONE (#124326, @ritazh) [SIG Auth]
- OpenAPI V2 will no longer publish aggregated apiserver OpenAPI for group-versions not matching the APIService specified group version (#123625, @Jefftree) [SIG API Machinery and Testing]
Dependencies
Added:
Changed:
- golang.org/x/crypto: v0.16.0 → v0.21.0
- golang.org/x/net: v0.19.0 → v0.23.0
- golang.org/x/sys: v0.15.0 → v0.18.0
- golang.org/x/term: v0.15.0 → v0.18.0
Kubernetes v1.27.13
Important Security Information:
- This release contains changes that address the following vulnerabilities:
- ### CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
- A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.
Affected Versions:
- kube-apiserver v1.29.0 - v1.29.3
- kube-apiserver v1.28.0 - v1.28.8
- kube-apiserver <= v1.27.12
Fixed Versions:
- kube-apiserver v1.29.4
- kube-apiserver v1.28.9
- kube-apiserver v1.27.13
- This vulnerability was reported by tha3e1vl.
- **CVSS Rating:** Low (2.7) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Changes by Kind
Feature:
- Kubernetes is now built with go 1.21.9 (#124199, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fix pod restart after node reboot when NewVolumeManagerReconstruction feature gate is enabled and SELinuxMountReadWriteOncePod disabled (#124142, @bertinatto) [SIG Node]
- Golang.org/x/net is bumped to v0.23.0 to address CVE-2023-45288 (#124178, @MadhavJivrajani) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Storage]
- Kube-apiserver: fixes a 1.27+ regression in watch stability by serving watch requests without a resourceVersion from the watch cache by default, as in <1.27 (disabling the change in #115096 by default). This mitigates the impact of an etcd watch bug (https://github.com/etcd-io/etcd/pull/17555). If the 1.27 change in #115096 to serve these requests from underlying storage is still desired despite the impact on watch stability, it can be re-enabled with a `WatchFromStorageWithoutResourceVersion` feature gate. (#124007, @serathius) [SIG API Machinery]
- Kubeadm: fix panic in the command "kubeadm certs check-expiration" when "/etc/kubernetes/pki" exists but cannot be read. (#124124, @carlory) [SIG Cluster Lifecycle]
- NONE (#124325, @ritazh) [SIG Auth]
Dependencies
Added:
Changed:
- golang.org/x/crypto: v0.16.0 → v0.21.0
- golang.org/x/net: v0.19.0 → v0.23.0
- golang.org/x/sys: v0.15.0 → v0.18.0
- golang.org/x/term: v0.15.0 → v0.18.0
nginx 1.25.5
*) Feature: virtual servers in the stream module.
*) Feature: the ngx_stream_pass_module.
*) Feature: the "deferred", "accept_filter", and "setfib" parameters of the "listen" directive in the stream module.
*) Feature: cache line size detection for some architectures.
*) Feature: support for Homebrew on Apple Silicon.
*) Bugfix: Windows cross-compilation bugfixes and improvements.
*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
OpenUpdate - April 18, 2024
Stay Informed
This week, read about:
Security Based Updates
Apache HTTPD 2.4.59
*) SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS bymemory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
*) SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.
*) SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.|
*) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris <enorris etsy.com>]
*) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
*) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi <tachihara AT hotmail.com>]
*) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere]
*) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton]
*) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
*) mod_http2: v2.0.26 with the following fixes:
- Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272.
- Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix.
*) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov <aegorenkov.91 gmail.com>]
*) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton]
*) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso <mpreziuso kaosdynamics.com>]
*) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic]
*) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic]
*) core: Allow mod_env to override system environment vars. [Joe Orton]
*) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton]
*) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva]
*) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton]
*) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic]
*) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
*) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic]
*) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic]
*) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy.
Nodejs 21.7.3
This is a security release.
Notable Changes:
* CVE-2024-27980 - Command injection via args parameter of `child_process.spawn` without shell option enabled on Windows
v20.12.2
This is a security release.
Notable Changes:
* CVE-2024-27980 - Command injection via args parameter of `child_process.spawn` without shell option enabled on Windows
v18.20.2
This is a security release.
Notable Changes:
* CVE-2024-27980 - Command injection via args parameter of `child_process.spawn` without shell option enabled on Windows
https://nodejs.org/en/blog/vulnerability/april-2024-security-releases-2
Security Based Updates
Angular 17.3.4
COMMON:
(fix - 53427d875d) | invalid ImageKit quality parameter (#55193)
(fix - 766548c3ec) | skip transfer cache on client (#55012)
Apache/ActiveMQ 6.1.2
Bug:
[AMQ-9330] - Polling empty queue via REST returns 500 Server Error
[AMQ-9430] - ActiveMQ 5.18.3 (Classic) and Java 17: runtimeConfigurationPlugin causes ClassNotFoundException
[AMQ-9470] - ActiveMQ JMX / Jolokia - Log4j reloadLog4jProperties yields NoSuchMethodExpection
[AMQ-9473] - Client SSL Socket configuration fails while settings parameters
[AMQ-9475] - ConsumerControl commands for wildcard consumers should not auto-create destinations
[AMQ-9477] - Secure Jolokia/API by default
Improvement:
[AMQ-9469] - Removing JRMS dependency from assembly POM
Task:
[AMQ-9474] - Update activemq-osgi import for Spring 6
Apparmor 4.0.1
Highlighted new features
- profile flags
- prompt
- audit.XXX
- attach_disconnected.path
- prefix
- access, kill, prompt, complain
- block prefxes
- audit ctl
- conditionals
- owner applies to more rules
- user
-
- profile attachments
- boolean policy operations
- policy overlays
- fine grained mediation
- ipv4
- ipv6
- af_unix revisions
- mqueue
- exec dominance
- rule priority
- capability improvements
- rlimit improvements
- change_profile changes
- policy restrictions
- link
- mount
- move/rename
- subtree
- overlap attachment???
- conditionals
- compare funs
- used in preamble
- labels with rules
- abi changes
- rules not in policy abi can be used - warns
- raw text policy
- aa_load
Ansible awx 24.2.0
What's Changed:
- Added ``resource`` and ``ansible_id`` to serializers (@AlanCoding https://github.com/ansible/awx/pull/15020)
- Fixed WebSocket Relay by setting the autocommit to ``True`` so job output and status will load properly (@chrismeyersfsu https://github.com/ansible/awx/pull/15043)
- Updated playbooks to use Fully Qualified Collection Names (FQCN) (@maxamillion https://github.com/ansible/awx/pull/15029)
- Fixed REST API Help button broken reference to API documentation URL (@PabloHiro https://github.com/ansible/awx/pull/14992)
- Changed ``awx.awx.application`` to output the OAuth2 client secret if one was generated (@jbradberry https://github.com/ansible/awx/pull/15045)
- Updated parameters to pass with quotes so that each directory will not be interpreted as a separate command line flag (@chrismeyersfsu https://github.com/ansible/awx/pull/15037)
- Loosened up webhook body check on notification templates (@dmzoneill https://github.com/ansible/awx/pull/14995)
- Re-parented DAB views from AWX base (@AlanCoding https://github.com/ansible/awx/pull/15019)
- Clarified in the release_process.md document on how release announcements should be done (@gundalow https://github.com/ansible/awx/pull/15041)
- Added link to service-index URL (@AlanCoding https://github.com/ansible/awx/pull/14984)
- Removed JSON formatter for job lifecycle (@chrismeyersfsu https://github.com/ansible/awx/pull/15034)
- Updated WebSocket Relay to make database password optional for (@TheRealHaoLiu https://github.com/ansible/awx/pull/15046)
- Updated ``DOCKER_COMPOSE`` command to ``docker compose`` b9@TheRealHaoLiu https://github.com/ansible/awx/pull/15056)
- Updated the ``awx-manage`` script to make use of ``importlib`` (@jbradberry https://github.com/ansible/awx/pull/15015)
- Added tags and ``skip_tags`` option to ``awx.awx.workflow_launch`` (@Tompage1994 https://github.com/ansible/awx/pull/15011)
- Renamed container hostname from ``awx_1`` to ``awx-1`` (@chrismeyersfsu https://github.com/ansible/awx/pull/15060)
- Rounded out options URL prefix edge cases (@chrismeyersfsu https://github.com/ansible/awx/pull/15061)
- Added documentation for Terraform credential and inventory source in the _AWX User Guide_ (@tvo318 https://github.com/ansible/awx/pull/15004)
- Removed unnecessary ``drf_reverse`` overwrite (@chrismeyersfsu https://github.com/ansible/awx/pull/15078)
- Published AMD64 and ARM64 AWX image (@TheRealHaoLiu https://github.com/ansible/awx/pull/15053)
- **Full Changelog**: https://github.com/ansible/awx/compare/24.1.0...24.2.0
AWX Operator:
- Released with AWX Operator [v2.15.0](https://github.com/ansible/awx-operator/releases/2.15.0)
Gitlab /Gitlab-foss
16.10.3:
No changes.
16.10.2 (2024-04-09)
Fixed (1 change):
- [Fix URL validator for mirror services when using localhost](gitlab-org/security/gitlab@82ee9dbd7b4f52507563a509eaa8d2e4839b2e58)
Security (3 changes):
- [Update Gitlab::Regex::Packages#slack_link_regex](gitlab-org/security/gitlab@25d2355e4cd84a5c1005f1769624e83bfc6d63c2) ([merge request](gitlab-org/security/gitlab!3945))
- [Fix XSS in autocomplete in rich text editor](gitlab-org/security/gitlab@dc132c61a896afc1b63ce9cf31b69797eecf95ce) ([merge request](gitlab-org/security/gitlab!3946))
- [Correctly parse attachments for junit result](gitlab-org/security/gitlab@e729252188fd47950e27abe14bad
Grafana 10.4.2
Bug fixes:
- **Angular deprecation:** Prefer local "angularDetected" value to the remote one. [#85631], [@xnyo]
- **AuthProxy:** Fix missing session for ldap auth proxy users. [#85237], [@Jguer]
- **Alerting:** Fix receiver inheritance when provisioning a notification policy. [#85192], [@julienduchesne]
- **CloudMonitoring:** Only run query if filters are complete. [#85016], [@aangelisc]
Jenkins 2.453
1. Major overhaul of the entire Swedish translation. (pull 9069))
2. Improve the edit build information page. (pull 9132))
3. Refresh the 'New item' page. (pull 9111))
4. Refresh the style of alerts. (pull 9115))
5. Adjust side panel sizes for certain screens like iPad Pro. (issue 70246))
Prometheus v2.51.2
Bugfix release.
[BUGFIX] Notifier: could hang when using relabeling on alerts #13861
OpenUpdate - April 11, 2024
Stay Informed
This week, read about:
Key Security, Maintenance, and Features Releases
Security Based Updates
Secret Backdoor Found in XZ Utils Library CVE-2024-3094
- Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.
- The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils versions 5.6.0 (released February 24) and 5.6.1 (released March 9).
CVE-2024-1086
A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14.
NodeJS Security release v18.x, v20.x and 21.x
Updates are now available for the v18.x, v20.x and 21.x Node.js release lines for the following issues. This security release includes the following dependency updates to address public vulnerabilities:
- llhttp version 9.2.1 on 21.x, 20.x, and 18.x
- undici version 6.11.1 on 21.x
- undici version 5.28.4 on 18.x and 20.x
- HTTP Request Smuggling via Content Length Obfuscation - (CVE-2024-27982) - (Medium)
- Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash (CVE-2024-27983) - (High)
Non-Security Based Updates
Angular 17.3.3
CORE:
- (fix - 158ceaf062) | handleChainedInjectors in injector debug utils (#55144)
- (fix - 4d043992e5) | test cleanup should not throw if Zone is not present (#55096)
MIGRATIONS:
- (fix - 949dec26b8) | avoid conflicts with some greek letters in control flow migration (#55113)
ActiveMQ 5.18.4
Bugs:
[AMQ-8049] - Failed to start Apache ActiveMQ (mKahaDB / JMX)
[AMQ-9376] - Fix concurrent modification in ActiveMQServiceFactory
[AMQ-9383] - Websocket transport options do not get applied
[AMQ-9408] - Jolokia throws exception during Windows service startup
[AMQ-9418] - Support mapping jakarta -> javax exceptions in openwire
[AMQ-9420] - KahaDB durable subscription stats can go negative on duplicate acks
[AMQ-9434] - Unable to start ActiveMQ on Linux when there is space in the folder path
[AMQ-9435] - KahaDB durable sub tracking breaks on duplicate messages
[AMQ-9436] - StoreQueueCursor creates different audits for persistent and non persistent cursors
[AMQ-9452] - StatisticsPlugin - field firstMessageTimestamp is not produced for AuthorizationDestinationFilter
[AMQ-9459] - Add appropriate JVM Args to allow access to sun.nio.* classes
New Features:
[AMQ-9344] - Ability to configure a limit on uncommitted message count in a transaction
[AMQ-9397] - Update JDBC adapter mapping for MySQL 8 driver
Improvements:
[AMQ-9166] - Add destination field to Job
[AMQ-9296] - Add authentications support in ActiveMQ docker images
[AMQ-9431] - Don’t add Bouncycastle as Security Provider when found on the Classpath
[AMQ-9438] - FailoverTransport throws UnknowHostException on compareURIs
[AMQ-9450] - Expose Job Scheduler views with destination via JMX
[AMQ-9461] - webconsole - Upgrade (c) year from 2023 to 2024
Tasks:
[AMQ-9299] - Unknown license gram dependency
Dependency Upgrade:
[AMQ-9357] - Upgrade to log4j 2.21.1
[AMQ-9374] - Upgrade to commons-io 2.15.0
[AMQ-9378] - Upgrade to commons-dbcp2 2.11.0
[AMQ-9380] - Upgrade to maven-plugin-plugin 3.10.1
[AMQ-9381] - Upgrade to maven-surefire-plugin 3.2.1
[AMQ-9382] - Upgrade to dependency-check-maven 8.4.2
[AMQ-9402] - Upgrade to Shiro 1.13.0
[AMQ-9403] - Upgrade Jackson 2.16.0
[AMQ-9422] - 2024-01-29 Maven Plugin Updates
[AMQ-9424] - Upgrade Jackson 2.16.1
[AMQ-9425] - Upgrade slf4j 2.0.11
[AMQ-9426] - Upgrade jmdns 3.5.9
[AMQ-9427] - Upgrade log4j2 2.22.1
[AMQ-9428] - Upgrade commons-io 2.15.1
[AMQ-9429] - Upgrade commons-logging 1.3.0
[AMQ-9439] - Upgrade to log4j 2.23.0
[AMQ-9446] - Upgrade to commons-lang 3.14.0
[AMQ-9453] - Upgrade to Spring 5.3.33
[AMQ-9458] - Upgrade to Jetty 9.4.54.v20240208
[AMQ-9462] - Upgrade to Jackson 2.16.2
[AMQ-9464] - Upgrade to commons-dbcp2 2.12.0
[AMQ-9465] - Upgrade to slf4j 2.0.12
[AMQ-9466] - Upgrade to log4j 2.23.1
ActiveMQ 6.1.1
Bugs:
[AMQ-9452] - StatisticsPlugin - field firstMessageTimestamp is not produced for AuthorizationDestinationFilter
[AMQ-9459] - Add appropriate JVM Args to allow access to sun.nio.* classes
[AMQ-9460] - Running activemq-classic via docker does not allow access to web console
[AMQ-9471] - Cannot change max heapsize in apache/activemq-classic docker container
Improvements:
[AMQ-9461] - webconsole - Upgrade (c) year from 2023 to 2024
Tasks:
[AMQ-9456] - Remove activemq-client-jakarta module
Dependency Upgrades:
[AMQ-9454] - Upgrade to Spring 6.1.5
[AMQ-9462] - Upgrade to Jackson 2.16.2
[AMQ-9463] - Upgrade to Camel 4.4.1
[AMQ-9464] - Upgrade to commons-dbcp2 2.12.0
[AMQ-9465] - Upgrade to slf4j 2.0.12
[AMQ-9466] - Upgrade to log4j 2.23.1
Jenkins 2.452
1. Remove People view. Administrators can install the new People View plugin to restore this functionality. (issue 18884, pull 9060, People View plugin))
2. Update Apache Mina in the CLI from 2.11.0 to 2.12.1. (pull 9089))
3. Developer: Provide current administrative monitor as a context object when loading its description. (pull 9071))
Nodejs v20.12.1
Notable Changes:
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4
Nodejs v18.20.1
Notable Changes:
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4
Nodejs v21.7.2
Notable changes:
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium)
* llhttp version 9.2.1
* undici version 6.11.1
OpenUpdate - April 4, 2024
Stay Informed
This week, read about:
Key Security, Maintenance, and Features Releases
Security Based Updates
Secret Backdoor Found in XZ Utils Library CVE-2024-3094
Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.
The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils versions 5.6.0 (released February 24) and 5.6.1 (released March 9).
CVE-2024-1086
A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14.
Non-Security Based Updates
Angular 17.3.2
COMPILER:
- (fix - 2b7bad5151) | invoke method-based tracking function with context (#54960)
COMPILER-CLI:
- (fix - b478dfbfda) | report errors when initializer APIs are used on private fields (#55070)
CORE:
- (fix - 708ba8115f) | establish proper injector resolution order for@deferblocks (#55079)
HTTP:
- (fix - cb433af0e1) | include transferCache when cloning HttpRequest (#54939)
- (fix - 64f202cab9) | manage different body types for caching POST requests (#54980)
MIGRATIONS:
- (fix - 2f9d94bc4a) | account for variables in imports initializer (#55081)
ROUTER:
- (fix - 365fd50407) | RouterLinkActive will always remove active classes when links are not active (#54982)
Ansible v2.16.5
Minor Changes:
- ansible-test - Add a work-around for permission denied errors when using ``pytest >= 8`` on multi-user systems with an installed version of ``ansible-test``.
Bug Fixes:
- Fix an issue when setting a plugin name from an unsafe source resulted in ``ValueError: unmarshallable object`` (https://github.com/ansible/ansible/issues/82708)
- Harden python templates for respawn and ansiballz around str literal quoting
- ansible-test - The ``libexpat`` package is automatically upgraded during remote bootstrapping to maintain compatibility with newer Python packages.
- template - Fix error when templating an unsafe string which corresponds to an invalid type in Python (https://github.com/ansible/ansible/issues/82600).
- winrm - does not hang when attempting to get process output when stdin write failed.
Ansible v2.15.10
Minor Changes:
- ansible-test - Add a work-around for permission denied errors when using ``pytest >= 8`` on multi-user systems with an installed version of ``ansible-test``.
Bug fixes:
- Fix an issue when setting a plugin name from an unsafe source resulted in ``ValueError: unmarshallable object`` (https://github.com/ansible/ansible/issues/82708)
- ansible-test - The ``libexpat`` package is automatically upgraded during remote bootstrapping to maintain compatibility with newer Python packages.
- winrm - does not hang when attempting to get process output when stdin write failed.
Ansible v2.14.15
Minor Changes:
- ansible-test - Add a work-around for permission denied errors when using ``pytest >= 8`` on multi-user systems with an installed version of ``ansible-test``.
Bug Fixes:
- Fix an issue when setting a plugin name from an unsafe source resulted in ``ValueError: unmarshallable object`` (https://github.com/ansible/ansible/issues/82708)
- ansible-test - The ``libexpat`` package is automatically upgraded during remote bootstrapping to maintain compatibility with newer Python packages.
Ansible awx 24.1.0
What's Changed:
- Updated Python from version 3.9 to 3.11 (@dmzoneill #14771)
- Skipped replicas test for awx-operator (@TheRealHaoLiu #14987)
- Updated the dependencies versions in both the Makefile and requirements file to match (@CFSNM #14986)
- Fixed unformatted pop-up help text when peers for instances are changed (@dmzoneill #14990)
- Fixed ``awx-manage run_wsrelay`` to not start the metrics server if ``--status`` is passed in (@TheRealHaoLiu #14997)
- Moved TCP keepalive settings out from ``settings.DATABASE`` to ``settings.LISTENER_DATABASES`` and to no longer be respected by wsrelay (@TheRealHaoLiu #14998)
- Fixed failing bulk launch job due to create partition race (@TheRealHaoLiu #15000)
- Added ``dump_auth_config`` management cmd (for SAML and LDAP) (@TheRealHaoLiu #14947)
- Backported various miscellaneous doc cleanup fixes from product-docs repo (@tvo318 #14980)
- Added setting for configuring optional URL prefix for ``/api`` (@TheRealHaoLiu #14939)
- Added various Setting modifications to address UI_NEXT requests (@TheRealHaoLiu #14996)
- Updated editable dependencies in the ``docker-compose`` development environment (@TheRealHaoLiu #14979)
- Fixed extra variables to no longer reset on schedule edit (@mabashian #15008)
- Updated complex/mapping format for ``first_found`` and including ``skip: True`` and removed the ``<project_path>/requirements.yml`` paths from consideration as collection requirements (@sivel #15017)
- Fixed Keycloak documentation previously broken by recent PostgreSQL 15 change and ``docker-compose`` network change (@TheRealHaoLiu #15024)
- Fixed wsrelay not retry to establish database connections (@TheRealHaoLiu #15031)
- Updated wsrelay to stop on keyboard interruptions and to restart for any other failure reason (@TheRealHaoLiu 15036)
Docker-compose v2.26.1
Fixes:
- Include image pull failure reason in output (#11555)
- Fix crash when running up with --no-build and --watch (#11664)
- Fix crash when no TTY available and menu enabled (#11672)
- Improve legibility of menu actions (#11671)
Internal:
- Bump opencontainers/image-spec to 1.1.0 (#11657)
Changelog:
- Pull: include error message in warnings/errors by @felixfontein in #11555
- build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 by @dependabot in #11657
- Handle --no-build and --watch args by @jhrotko in #11664
- Change menu information text to dim by @jhrotko in #11671
- Does not start menu manager if there is no tty on up by @jhrotko in #11672
etcd v3.5.13
etcd server:
- Fix leases wrongly revoked by the leader by [ignoring old leader's leases revoking request](https://github.com/etcd-io/etcd/pull/17425).
- Fix [no progress notification being sent for watch that doesn't get any events](https://github.com/etcd-io/etcd/pull/17566).
- Fix [watch event loss after compaction](https://github.com/etcd-io/etcd/pull/17612).
Package `clientv3`:
- Add [client backoff and retry config options](https://github.com/etcd-io/etcd/pull/17363).
- [Ignore SetKeepAlivePeriod errors on OpenBSD](https://github.com/etcd-io/etcd/pull/17387).
- [Support unix/unixs socket in client or peer URLs](https://github.com/etcd-io/etcd/pull/15940)
gRPC Proxy:
- Add [three flags (see below) for grpc-proxy](https://github.com/etcd-io/etcd/pull/17447)
- `--dial-keepalive-time`
- `--dial-keepalive-timeout`
- `--permit-without-stream`
Dependencies:
- Upgrade [bbolt to v1.3.9](https://github.com/etcd-io/etcd/pull/17483).
- Compile binaries using [go 1.21.8](https://github.com/etcd-io/etcd/pull/17537).
- Upgrade [google.golang.org/protobuf to v1.33.0 to address CVE-2024-24786](https://github.com/etcd-io/etcd/pull/17553).
Others:
- [Make CGO_ENABLED configurable](https://github.com/etcd-io/etcd/pull/17421).
fluentd v1.16.5
Bug Fix:
* Buffer: Fix emit error of v1.16.4 sometimes failing to process large data exceeding chunk size limit
Gitlab v16.8.5
Security (2 changes):
- [Limit the number of emojis we will transform](gitlab-org/security/gitlab@8d949c60d508b6cf3d558fc4f906c82b03e06748) ([merge request](gitlab-org/security/gitlab!3925))
- [Fix stored xss in wikis using the abstract_reference_filter](gitlab-org/security/gitlab@39a9847874a56baabacfba4d832b6d30ca388baf) ([merge request](gitlab-org/security/gitlab!3922))
Gitlab v16.9.3
Fixed (1 change):
- [Fix new project group templates pagination](gitlab-org/security/gitlab@93a68da5a3ddc7f2f5f44658a163198a8c5da240) **GitLab Enterprise Edition**
Security (2 changes):
- Limit the number of emojis we will transform](gitlab-org/security/gitlab@41ec64318e92b428edf9796b2777dc1d8b9b3bc2) ([merge request](gitlab-org/security/gitlab!3926))
- [Fix stored xss in wikis using the abstract_reference_filter](gitlab-org/security/gitlab@a39b0ea96cf309dfc2d8a3a73ea4a047567bd0a1) ([merge request](gitlab-org/security/gitlab!3921))
Gitlab v16.10.1
Fixed (2 changes):
- [Update redis-client to v0.21.1](gitlab-org/security/gitlab@c9d6f434dbc8d5ca244d0c00d8c5cf0d9092df39)
- [Fix new project group templates pagination](gitlab-org/security/gitlab@956b01c404e55bc92276ab7d21c63a09bc3edfb5) **GitLab Enterprise Edition**
Security (3 changes):
- [Merge branch 'dchevalier2-master-patch-88770' into 'master'](gitlab-org/security/gitlab@9e621975bf405f2e66541faebf11b06a31360b5d) ([merge request](gitlab-org/security/gitlab!3936))
- [Limit the number of emojis we will transform](gitlab-org/security/gitlab@e935e1cc26a06990832781b30827d5afa53d0194) ([merge request](gitlab-org/security/gitlab!3927))
- [Fix stored xss in wikis using the abstract_reference_filter](gitlab-org/security/gitlab@d1bad1a4847917d5f10c883d0d2f627088a00ca5) ([merge request](gitlab-org/security/gitlab!3929))
Jenkins 2.451
1. Add specific temporary files to the Debian package for better support of Unix domain sockets. Require Debian 10 and Ubuntu 20.04 as the minimum supported versions for Debian packages. (packaging), Packaging issue 455))
2. Translate the Appearance link to Turkish. (pull 9067))
3. Translate description of the Plain text markup formatter to Turkish. (pull 9062))
Nodejs 20.12.0
Notable Changes:
- crypto: implement crypto.hash()
- This patch introduces a helper crypto.hash() that computes a digest from the input at one shot. This can be 1.2-2x faster than the object-based createHash() for smaller inputs (<= 5MB) that are readily available (not streamed) and incur less memory overhead since no intermediate objects will be created.
```js
const crypto = require('node:crypto');
// Hashing a string and return the result as a hex-encoded string.
const string = 'Node.js';
// 10b3493287f831e81a438811a1ffba01f8cec4b7
console.log(crypto.hash('sha1', string));
```
Contributed by Joyee Cheung in [#51044](https://github.com/nodejs/node/pull/51044).
Loading and parsing environment variables:
- `process.loadEnvFile(path)`:
- Use this function to load the `.env` file. If no path is specified, it automatically loads the .env file in the current directory. Example: `process.loadEnvFile()`.
- Load a specific .env file by specifying its path. Example: `process.loadEnvFile('./development.env')`.
- `util.parseEnv(content)`:
- Use this function to parse an existing string containing environment variable assignments.
- Example usage: `require('node:util').parseEnv('HELLO=world')`.
- Contributed by Yagiz Nizipli in [#51476](https://github.com/nodejs/node/pull/51476).
New connection attempt events:
Three new events were added in the `net.createConnection` flow:
- `connectionAttempt`: Emitted when a new connection attempt is established. In case of Happy Eyeballs, this might emitted multiple times.
- `connectionAttemptFailed`: Emitted when a connection attempt failed. In case of Happy Eyeballs, this might emitted multiple times.
- `connectionAttemptTimeout`: Emitted when a connection attempt timed out. In case of Happy Eyeballs, this will not be emitted for the last attempt. This is not emitted at all if Happy Eyeballs is not used.
Additionally, a previous bug has been fixed where a new connection attempt could have been started after a previous one failed and after the connection was destroyed by the user. This led to a failed assertion.
Contributed by Paolo Insogna in [#51045](https://github.com/nodejs/node/pull/51045).
Permission Model changes:
- Node.js 20.12.0 comes with several fixes for the experimental permission model and two new semver-minor commits. We're adding a new flag `--allow-addons` to enable addon usage when using the Permission Model.
```console
$ node --experimental-permission --allow-addons
```
Contributed by Rafael Gonzaga in [#51183](https://github.com/nodejs/node/pull/51183)
And relative paths are now supported through the `--allow-fs-*` flags. Therefore, with this release one can use:
```console
$ node --experimental-permission --allow-fs-read=./index.js
```
To give only read access to the entrypoint of the application.
Contributed by Rafael Gonzaga and Carlos Espa in [#50758](https://github.com/nodejs/node/pull/50758).
sea: support embedding assets
Users can now include assets by adding a key-path dictionary to the configuration as the `assets` field. At build time, Node.js would read the assets from the specified paths and bundle them into the preparation blob. In the generated executable, users can retrieve the assets using the `sea.getAsset()` and `sea.getAssetAsBlob()` API.
```json
{
"main": "/path/to/bundled/script.js",
"output": "/path/to/write/the/generated/blob.blob",
"assets": {
"a.jpg": "/path/to/a.jpg",
"b.txt": "/path/to/b.txt"
}
}
```
The single-executable application can access the assets as follows:
```cjs
const { getAsset } = require('node:sea');
// Returns a copy of the data in an ArrayBuffer
const image = getAsset('a.jpg');
// Returns a string decoded from the asset as UTF8.
const text = getAsset('b.txt', 'utf8');
// Returns a Blob containing the asset without copying.
const blob = getAssetAsBlob('a.jpg');
```
Contributed by Joyee Cheung in [#50960](https://github.com/nodejs/node/pull/50960).
Support configurable snapshot through `--build-snapshot-config` flag We are adding a new flag `--build-snapshot-config` to configure snapshots through a custom JSON configuration file.
```console
$ node --build-snapshot-config=/path/to/myconfig.json
```
When using this flag, additional script files provided on the command line will not be executed and instead be interpreted as regular command line arguments.
These changes were contributed by Joyee Cheung and Anna Henningsen in [#50453](https://github.com/nodejs/node/pull/50453)
Text Styling:
- `util.styleText(format, text)`: This function returns a formatted text considering the `format` passed.
- A new API has been created to format text based on `util.inspect.colors`, enabling you to style text in different colors (such as red, blue, ...) and emphasis (italic, bold, ...).
```cjs
const { styleText } = require('node:util');
const errorMessage = styleText('red', 'Error! Error!');
console.log(errorMessage);
```
Contributed by Rafael Gonzaga in [#51850](https://github.com/nodejs/node/pull/51850).
vm: support using the default loader to handle dynamic import()
This patch adds support for using `vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER` as the `importModuleDynamically` option in all vm APIs that take this option except `vm.SourceTextModule`. This allows users to have a shortcut to support dynamic `import()` in the compiled code without missing the compilation cache if they don't need customization of the loading process. We emit an experimental warning when the `import()` is actually handled by the default loader through this option instead of requiring `--experimental-vm-modules`.
```js
const { Script, constants } = require('node:vm');
const { resolve } = require('node:path');
const { writeFileSync } = require('node:fs');
// Write test.js and test.txt to the directory where the current script
// being run is located.
writeFileSync(resolve(__dirname, 'test.mjs'),
'export const filename = "./test.json";');
writeFileSync(resolve(__dirname, 'test.json'),
'{"hello": "world"}');
// Compile a script that loads test.mjs and then test.json
// as if the script is placed in the same directory.
const script = new Script(
`(async function() {
const { filename } = await import('./test.mjs');
return import(filename, { with: { type: 'json' } })
})();`,
{
filename: resolve(__dirname, 'test-with-default.js'),
importModuleDynamically: constants.USE_MAIN_CONTEXT_DEFAULT_LOADER,
});
// { default: { hello: 'world' } }
script.runInThisContext().then(console.log);
```
Root certificates updated to NSS 3.98
Certificates added:
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
Certificates removed:
- Security Communication Root CA
Updated Dependencies:
- acorn updated to 8.11.3.
- ada updated to 2.7.6.
- base64 updated to 0.5.2.
- brotli updated to 1.1.0.
- c-ares updated to 1.27.0.
- corepack updated to 0.25.2.
- ICU updated to 74.2. Includes CLDR 44.1 and Unicode 15.1.
- nghttp2 updated to 1.60.0.
- npm updated to 10.5.0. Fixes a regression in signals not being passed onto child processes.
- simdutf8 updated to 4.0.8.
- Timezone updated to 2024a.
- zlib updated to 1.3.0.1-motley-40e35a7.
Other notable changes:
- [4f49e9d000] - **(SEMVER-MINOR)** **build**: build opt to set local location of headers (Michael Dawson) [#51525](https://github.com/nodejs/node/pull/51525)
- [ccdb01187b] - **doc**: add zcbenz to collaborators (Cheng Zhao) [#51812](https://github.com/nodejs/node/pull/51812)
- [481af53aea] - **doc**: add lemire to collaborators (Daniel Lemire) [#51572](https://github.com/nodejs/node/pull/51572)
- [5ba4d96525] - **(SEMVER-MINOR)** **http2**: add h2 compat support for appendHeader (Tim Perry) [#51412](https://github.com/nodejs/node/pull/51412)
- [0861498e8b] - **(SEMVER-MINOR)** **http2**: add server handshake utility (snek) [#51172](https://github.com/nodejs/node/pull/51172)
- [6b08d006ee] - **(SEMVER-MINOR)** **http2**: receive customsettings (Marten Richter) [#51323](https://github.com/nodejs/node/pull/51323)
- [7894989bf0] - **(SEMVER-MINOR)** **lib**: move encodingsMap to internal/util (Joyee Cheung) [#51044](https://github.com/nodejs/node/pull/51044)
- [a58c98ea85] - **(SEMVER-MINOR)** **src**: print string content better in BlobDeserializer (Joyee Cheung) [#50960](https://github.com/nodejs/node/pull/50960)
- [c3c0a3ee5c] - **(SEMVER-MINOR)** **src**: support multi-line values for .env file (IlyasShabi) [#51289](https://github.com/nodejs/node/pull/51289)
- [2a921966c6] - **(SEMVER-MINOR)** **src**: do not coerce dotenv paths (Tobias Nießen) [#51425](https://github.com/nodejs/node/pull/51425)
- [0dee86f295] - **(SEMVER-MINOR)** **src**: support configurable snapshot (Joyee Cheung) [#50453](https://github.com/nodejs/node/pull/50453)
- [ade6614067] - **(SEMVER-MINOR)** **stream**: add support for `deflate-raw` format to webstreams compression (Damian Krzeminski) [#50097](https://github.com/nodejs/node/pull/50097)
- [fe922f05e4] - **(SEMVER-MINOR)** **timers**: export timers.promises (Marco Ippolito) [#51246](https://github.com/nodejs/node/pull/51246)
Prometheus 2.51.1
[BUGFIX] PromQL: Re-instate validation of label_join destination label#13803
[BUGFIX] Scraping (experimental native histograms): Fix handling of the min bucket factor on sync of targets#13846
[BUGFIX] PromQL: Some queries could return the same series twice (library use only)#13845
OpenUpdate - March 28, 2024
Stay Informed
This week, read about:
Key Security, Maintenance, and Features Releases
Security Based Updates
Podman and Buildah Vulnerability CVE-2024-1753
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
Non-Security Based Updates
Angular 17.3.1
COMPILER
- (fix - c0788200e2) | capture data bindings for content projection purposes in blocks (#54876)
COMPILER-CLI
- (fix - 99e9474aa2) | symbol feature detection for the compiler (#54711)
Apache Artemis 2.33.0
Bugs Fixed:
- ARTEMIS-4187 - SizeAwareMetric attribute inconsistency
- ARTEMIS-4527 - Redistributor race when consumerCount reaches 0 in cluster
- ARTEMIS-4532 - MQTT-to-core wildcard conversion is broken
- ARTEMIS-4585 - Mirror may fail with previously created SNF queues if metrics plugin is in use
- ARTEMIS-4588 - Queue Federation and large messages move slowdown
- ARTEMIS-4626 - AMQP Federation demand tracking can overcount demand
- ARTEMIS-4629 - Core bridge configuration validation errors
- ARTEMIS-4638 - Remove bashism from install validation script
- ARTEMIS-4639 - Artemis Cluster and NullpointerException in “sending topology”
- ARTEMIS-4642 - AMQP Federation demand tracking can under count demand in some narrow cases
- ARTEMIS-4646 - Unacknowledged MQTT message ID is reused after ID generator wraparound
- ARTEMIS-4647 - Use specified call-timeout on backup connector
- ARTEMIS-4649 - STOMP message IDs are not unique when same message is received on multiple subscriptions
- ARTEMIS-4652 - Rollback of XAResource implementation should never return XA_RETRY
- ARTEMIS-4664 - autoCreatedResource can get removed while receiving batch of messages
- ARTEMIS-4668 - Move AMQP Large Message File Handling away from Netty thread
- ARTEMIS-4670 - Slow performance with Core large messages and JDBC
- ARTEMIS-4676 - Use ActionContext consistently for logging in CLI commands
- ARTEMIS-4677 - Validate AutoCreate queues with Mirroring and Clustering
- ARTEMIS-4678 - JDBC User and password is not used by CLI Exporter
- ARTEMIS-4682 - JDBC Storage slow to reboot the server
- ARTEMIS-4684 - Internal queues should not have message redistributed
- ARTEMIS-4687 - Concurrent use of DocumentBuilder breaking Xpath filtering
- ARTEMIS-4689 - Import command should accept URL
- ARTEMIS-4691 - AMQ212037 warning when closing any in-vm connection
- ARTEMIS-4695 - Fix a few bugs found via static analysis
New Features:
- ARTEMIS-4648 - Support typed properties on CLI producer
- ARTEMIS-4650 - CLI command PWD showing current folders.
Improvements:
- ARTEMIS-1230 - Create Maven Bill of Materials (BOM)
- ARTEMIS-4579 - Add the FirstMessage API for scheduled messages
- ARTEMIS-4582 - add view and edit permissions to extend security-settings rbac for management operations
- ARTEMIS-4586 - Auto reload web binding SSL stores on change
- ARTEMIS-4587 - Config security setting plugins by using broker properties
- ARTEMIS-4627 - Oracle tests now can use publicly “maven central” available JDBC drivers.
- ARTEMIS-4637 - Allow unordered xml conf elements for clusters and bridges
- ARTEMIS-4641 - Allow AMQP federation to recover from missing or removed resources
- ARTEMIS-4651 - Performance improvements on Mirror and Paging
- ARTEMIS-4653 - AMQP Federation should apply queue consumer filters for demand
- ARTEMIS-4655 - Report logging metrics
- ARTEMIS-4657 - Support better correlation ID compatibility between JMS clients
- ARTEMIS-4658 - AMQP Federation should prevent reflection of multicast messages between nodes
- ARTEMIS-4679 - Config HA policy by using broker properties
- ARTEMIS-4686 - Reduce number of FilterImpl instances
- ARTEMIS-4690 - Remove deprecated StorageManager.addAddressSettings from codebase.
- ARTEMIS-4693 - Improve XPath filter performance
Tasks:
- ARTEMIS-4559 - Refactor HA docs & code/module naming
- ARTEMIS-4583 - remove artemis-server module test-jar, do some related cleanup
- ARTEMIS-4589 - consolidate utility code and remove test-jar usages within tests/ subtree
- ARTEMIS-4592 - Detect possible dependency updates
- ARTEMIS-4601 - Remove OpenTelemetry deps from main pom
- ARTEMIS-4640 - move extension added to aid ‘offline’ maven usage into a profile
- ARTEMIS-4644 - convert some broker-connection tests to use test peer
- ARTEMIS-4645 - Update AMQP broker connection tests to use better connector names
- ARTEMIS-4656 - Remove superfluous artemis-spring-integration module
- ARTEMIS-4665 - Fix intermittent failures in a few AMQP federation tests
- ARTEMIS-4669 - Clarify Large Messages around StorageManager usage
- ARTEMIS-4683 - Add additional examples for AMQP federation
Dependency Upgrades:
- ARTEMIS-4591 - Upgrade Netty to 4.1.106.Final
- ARTEMIS-4593 - Upgrade Caffeine to 3.1.8
- ARTEMIS-4594 - Upgrade Error Prone to 2.24.1
- ARTEMIS-4595 - Upgrade Guava to 33.0.0-jre
- ARTEMIS-4596 - Upgrade Commons Codec to 1.16.0
- ARTEMIS-4597 - Upgrade Commons IO to 2.15.1
- ARTEMIS-4598 - Upgrade Commons Logging to 1.3.0
- ARTEMIS-4599 - Upgrade PEM Keystore to 2.3.0
- ARTEMIS-4600 - Upgrade Micrometer to 1.12.2
- ARTEMIS-4602 - Upgrade Jetty to 10.0.20
- ARTEMIS-4603 - Upgrade JavaCC to 7.0.13
- ARTEMIS-4604 - Upgrade Commons DBCP2 to 2.11.0 and Commons Pool to 2.12.0
- ARTEMIS-4605 - Upgrade Commons Lang to 3.14.0
- ARTEMIS-4606 - Upgrade Commons Text to 1.11.0
- ARTEMIS-4607 - Upgrade Curator to 5.6.0
- ARTEMIS-4608 - Upgrade Derby to 10.15.2.0
- ARTEMIS-4609 - Upgrade Log4j to 2.22.1
- ARTEMIS-4610 - Upgrade ZooKeeper to 3.9.1
- ARTEMIS-4611 - Upgrade BouncyCastle to 1.77
- ARTEMIS-4612 - Upgrade EasyMock to 5.2.0
- ARTEMIS-4613 - Upgrade Jansi to 2.4.1
- ARTEMIS-4614 - Upgrade Jacoco to 0.8.11
- ARTEMIS-4615 - Upgrade JCTools to 4.0.2
- ARTEMIS-4616 - Upgrade JGroups to 5.3.2.Final
- ARTEMIS-4617 - Upgrade JLine to 3.25.1
- ARTEMIS-4618 - Upgrade JUnit to 5.10.1
- ARTEMIS-4619 - Upgrade Mockito to 5.10.0
- ARTEMIS-4620 - Upgrade OWASP to 9.0.9
- ARTEMIS-4621 - Upgrade PostgreSQL to 42.7.2
- ARTEMIS-4622 - Upgrade Selenium to 4.17.0
- ARTEMIS-4623 - Upgrade SLF4J to 2.0.11
- ARTEMIS-4624 - Upgrade TestContainers to 1.19.4
- ARTEMIS-4631 - Upgrade Spring to 5.3.33
- ARTEMIS-4632 - Upgrade Apache HTTP Client to 4.5.14
- ARTEMIS-4633 - Upgrade Apache HTTP Core to 4.4.16
- ARTEMIS-4634 - Upgrade Maven Plugin Annotations to 3.11.0
- ARTEMIS-4635 - Upgrade Arquillian & Weld dependencies
- ARTEMIS-4636 - Upgrade OpenWebBeans to 2.0.27
- ARTEMIS-4672 - Upgrade Netty to 4.107.Final
Docker Compose v2.26.0
What's Changed
Fixes:
- Reduce timeout of the Otel tracing command by @glours in #11534
- Fix compose config --format json by @ndeloof in #11630
- Fix documentation on default build image name (change to correct separator). by @sebastian-correa in #11635
Improvements:
- Mutagen synchronized file share integration by @milas in #11614
- Add support for annotations by @ndeloof in #11645
- Introduce config --variables to list compose model variables by @ndeloof in #11643
- Add navigation menu with in compose up (attached) by @jhrotko in #11605
Internal:
- Bump compose-go to v2.0.2 by @ndeloof in #11650
- Bump docker v26.0.0 by @ndeloof in #11652
ETC-D v3.4.31
etcd server:
- Add [mvcc: print backend database size and size in use in compaction logs](https://github.com/etcd-io/etcd/pull/17436).
- Fix leases wrongly revoked by the leader by [ignoring old leader's leases revoking request](https://github.com/etcd-io/etcd/pull/17465).
- Fix [no progress notification being sent for watch that doesn't get any events](https://github.com/etcd-io/etcd/pull/17567).
- Fix [watch event loss after compaction](https://github.com/etcd-io/etcd/pull/17610).
Package `clientv3`:
- Add [client backoff and retry config options](https://github.com/etcd-io/etcd/pull/17369).
Dependencies:
- Upgrade [bbolt to 1.3.9](https://github.com/etcd-io/etcd/pull/17484).
- Compile binaries using [go 1.21.8](https://github.com/etcd-io/etcd/pull/17538).
- Upgrade [google.golang.org/protobuf to v1.33.0 to address CVE-2024-24786](https://github.com/etcd-io/etcd/pull/17554).
Others:
- [Make CGO_ENABLED configurable](https://github.com/etcd-io/etcd/pull/17422).
Fluentd 1.16.4
Bug Fix:
- #4342 Fix to avoid processing discarded chunks in write_step_by_step.
It fixes not to raise pile of IOError when many chunk bytes limit exceeds
errors are occurred. - #4334 in_tail: Fix tail watchers in
rotate_wait
state not being managed.
Misc:
- #4331 buffer: Avoid unnecessary log processing. It will improve performance.
Gitlab v16.10.0
Added (115 changes)
- [Add drawer to list of linked policies](gitlab-org/gitlab@218016c38801cfeac1308385097dcd760182a378) ([merge request](gitlab-org/gitlab!147039)) **GitLab Enterprise Edition**
- [Command palette default opening state - part 3](gitlab-org/gitlab@a51d07342e3a7dc4da56ec84efec5191d8663640) ([merge request](gitlab-org/gitlab!142816))
- [Expose repository object format via GitInfo](gitlab-org/gitlab@4947d2c17a7118e392312f9d31fcf7c6799577e3) ([merge request](gitlab-org/gitlab!146485))
- [Add deprecated_policy field for approval policies](gitlab-org/gitlab@2e332564e7148343db00f79a4caafe672e206c87) ([merge request](gitlab-org/gitlab!146520))
- [Add approval rules drawer component](gitlab-org/gitlab@51b30ac3d7bb61ab5f43fc87a322560ea0167238) ([merge request](gitlab-org/gitlab!146502)) **GitLab Enterprise Edition**
- [Expose external issue links to Vulnerabilities if any](gitlab-org/gitlab@7a8d63cd7660e3bc2dcc1de307f556549c137876) ([merge request](gitlab-org/gitlab!146149)) **GitLab Enterprise Edition**
- [Add table to track CI component usage](gitlab-org/gitlab@3372a7566bfe2b0bea000e48fd0bffbaffb2db45) ([merge request](gitlab-org/gitlab!145881))
- [Add Pages URL anchor](gitlab-org/gitlab@6d5023141d9597087ffd353a2794102e52ec5e09) ([merge request](gitlab-org/gitlab!144281))
- [Update Jira::JqlBuilderService to support multiple project keys](gitlab-org/gitlab@4da23ca620a7219a43c81170496ef99ebc989efd) ([merge request](gitlab-org/gitlab!146916))
- [Add new achievement UI](gitlab-org/gitlab@a4bcf4e181d1458f8bcb504de2d7e95ee3a4136e) ([merge request](gitlab-org/gitlab!146273))
- [Protected containers: GraphQL query for container protection rules](gitlab-org/gitlab@1a773182a248eb646affd5334c6a6e1182828345) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146467))
- [Add runner creation metrics](gitlab-org/gitlab@dc17b7ad19792592b2e9078e49755a5da3356bc6) ([merge request](gitlab-org/gitlab!146063)) **GitLab Enterprise Edition**
- [Allow to enable/disable ClickHouse for analytics](gitlab-org/gitlab@f025888da096cace95cf86d5d20f3a52e0691eaa) ([merge request](gitlab-org/gitlab!145022)) **GitLab Enterprise Edition**
- [Adds Destroy action to delete models](gitlab-org/gitlab@1e487f60a57924b9c7dcbb1503af5e7478781a3a) ([merge request](gitlab-org/gitlab!144226))
- [Added event type filters for group audit event destinations](gitlab-org/gitlab@67cb59d71542f90b1e1fc62295747814fc16dd0c) ([merge request](gitlab-org/gitlab!144139)) **GitLab Enterprise Edition**
- [This MR adds alert banner](gitlab-org/gitlab@4d9836b4900ab7540c64e766ad6c18c0e9ce7011) ([merge request](gitlab-org/gitlab!146709)) **GitLab Enterprise Edition**
- [Create partitioned merge_request_diff_commits copy](gitlab-org/gitlab@1efd0bb9ea849e189d39940d0cd9a8878e20bf63) ([merge request](gitlab-org/gitlab!143869))
- [Allow toggling duo_features_enabled settings via REST API](gitlab-org/gitlab@8f960b374aea97fda31a3a2159ef26bb71e05bdd) ([merge request](gitlab-org/gitlab!146582)) **GitLab Enterprise Edition**
- [Document runner long polling configuration](gitlab-org/gitlab@4dbcfba63217807106534d88039015e07775cab9) ([merge request](gitlab-org/gitlab!146701))
- [Prepare async indices for dependency list aggregations](gitlab-org/gitlab@3d87873acd137f1610229114db9854c7ceeb3e68) ([merge request](gitlab-org/gitlab!146650))
- [Add GitHub integration's logo](gitlab-org/gitlab@bd5d604b677a23eac4a8d59ec99bdae991d81042) ([merge request](gitlab-org/gitlab!146614)) **GitLab Enterprise Edition**
- [Add Cloud Connector docs for new backends](gitlab-org/gitlab@8afdf975d407ab3a98d1bce2004366147e0b7b7b) ([merge request](gitlab-org/gitlab!146507))
- [Synchronously add indexes for new `vulnerability_occurrences` cols](gitlab-org/gitlab@fb7b7225e2058029b10d2f2e7b6d7f1f680a87b3) ([merge request](gitlab-org/gitlab!145782))
- [Backfill semvar columns of existing catalog versions](gitlab-org/gitlab@67dfcf8be9ec25bd6f496d36d5349de8da6ad4f4) ([merge request](gitlab-org/gitlab!146688))
- [Allow toggling duo_features_enabled on Groups via GraphQL](gitlab-org/gitlab@30b24fdead5bd9d48bafe9ce7066bb2d5ead14b8) ([merge request](gitlab-org/gitlab!146430)) **GitLab Enterprise Edition**
- [API customizations for service account user](gitlab-org/gitlab@da6541a26e55d761fc434596e6cbba63efd7cfc2) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144841))
- [Add diff_id to diff file links](gitlab-org/gitlab@81dce0361b9bfd951735a942ea40d3c4016dcb4c) ([merge request](gitlab-org/gitlab!146092))
- [Check duo_features_enabled setting by default](gitlab-org/gitlab@09581f30e9a9b9f2b42f3881a9a2d90ca8a1a3b8) ([merge request](gitlab-org/gitlab!146684)) **GitLab Enterprise Edition**
- [Add policy list when editing compliance framework](gitlab-org/gitlab@99fcb973a1e82fc567b1a0fbf7e7e22acf0af8b8) ([merge request](gitlab-org/gitlab!145312)) **GitLab Enterprise Edition**
- [Backfill has_issues for Vulnerability::Read rows with ExternalIssueLink](gitlab-org/gitlab@28ca07fe271a711692f7ac207118cf3309966140) ([merge request](gitlab-org/gitlab!146643))
- [Remove "dynamic_empty_tree_id" feature flag](gitlab-org/gitlab@f349b74184b4d5ab34c4da4262e4ba91894ba2b5) ([merge request](gitlab-org/gitlab!146609))
- [Adds /convert_to_ticket quick action](gitlab-org/gitlab@3bbe37bd14f9b3fa340f0b54e20a50e889b5f225) ([merge request](gitlab-org/gitlab!146492))
- [Adds activity page to Organization level](gitlab-org/gitlab@65045809d2d1a55942b5190dcdcc117e1ea6e665) ([merge request](gitlab-org/gitlab!146167))
- [Backfill archived and traversal_ids for vulnerability_reads](gitlab-org/gitlab@f032f04cc32f9d80688ac1192cc540c9c4d9962e) ([merge request](gitlab-org/gitlab!144765))
- [Cloud Connector: support extra claims in JWT](gitlab-org/gitlab@32202b2c6e104b239d2600ceee18b06a966f5406) ([merge request](gitlab-org/gitlab!146172)) **GitLab Enterprise Edition**
- [Add visibility filter in groups API](gitlab-org/gitlab@7f9aaa608595edbff92111607efbd6320ccd44b9) by @imskr ([merge request](gitlab-org/gitlab!146263))
- [Update JiraConnect app_descriptor](gitlab-org/gitlab@404abd1fc8fa1a620d60ef97df08024105fe35e9) ([merge request](gitlab-org/gitlab!142316))
- [Add user permission type for finding](gitlab-org/gitlab@41d142f4c6fc896f2849dddde18e61a14db9a312) ([merge request](gitlab-org/gitlab!144295)) **GitLab Enterprise Edition**
- [[Ban AI] Audit duo_features_enabled changes](gitlab-org/gitlab@dc3e1c3ed1bb7ccaf1f69877ff7586da6815f22a) ([merge request](gitlab-org/gitlab!145509)) **GitLab Enterprise Edition**
- [Add application limit on downstream pipelines](gitlab-org/gitlab@7dc888ebd2d890c70146079dfbe5bc7903953617) ([merge request](gitlab-org/gitlab!146112))
- [Show admin mode within active sessions view](gitlab-org/gitlab@5ea5889f554f334b54f9bd46f86401bceabb38ab) by @bufferoverflow ([merge request](gitlab-org/gitlab!145523))
- [Add support for templates in wikis](gitlab-org/gitlab@d469211260979df568fb488ea2cc202075071521) ([merge request](gitlab-org/gitlab!143314))
- [Add filter support for enterprise in GraphQL group members](gitlab-org/gitlab@1489b6e9b5fc89d3705308183afb3851913a6162) by @imskr ([merge request](gitlab-org/gitlab!145331))
- [Add service to send Arkose truth data](gitlab-org/gitlab@f3bbe9f5cc7781a6e7d9a30866125afb4b9e85db) ([merge request](gitlab-org/gitlab!145314))
- [Add php support for semgrep](gitlab-org/gitlab@cbb5b12d96def6ef5ef4d7029a96d24c1efb2fd6) ([merge request](gitlab-org/gitlab!143472))
- [Adds logo for DroneCI integration](gitlab-org/gitlab@3d856ecb91792afa226f5a189575261eae2638b6) ([merge request](gitlab-org/gitlab!146046))
- [Remove WIP feature flag](gitlab-org/gitlab@565d5f2aa37d75faa59fd1e737e5b2c9717f5e0b) ([merge request](gitlab-org/gitlab!146211)) **GitLab Enterprise Edition**
- [Add `initial` & `latest` pipeline IDs to `vulnerability_occurrences`](gitlab-org/gitlab@cd1bfa6961c32e265f91c3ba657c6697ad3c301b) ([merge request](gitlab-org/gitlab!144697))
- [Add Remove Group custom ability](gitlab-org/gitlab@627346a084944547289326590b19769f887412dd) ([merge request](gitlab-org/gitlab!145166)) **GitLab Enterprise Edition**
- [Add support for sorting GET /groups/:id/projects by star count](gitlab-org/gitlab@7463ec4e59365c06bd7907c6f02a3bb1b81c9cd0) by @imskr ([merge request](gitlab-org/gitlab!145308))
- [Configurable session cookie token prefix](gitlab-org/gitlab@3bae157050215d0b975c195c755905abc9dfeda0) ([merge request](gitlab-org/gitlab!145178))
- [Add CI_COMPONENT_FQDN variable and usage instructions](gitlab-org/gitlab@ae9f265a8f7cb4fcecccd550f9751861987abd04) ([merge request](gitlab-org/gitlab!145950))
- [Add table to support new group-agent authorization strategy for RD](gitlab-org/gitlab@23a95b2769cb26478cc989aa00c5e153c9c5d0be) ([merge request](gitlab-org/gitlab!145101))
- [feat: Protected packages: Update protection rules in project settings ui](gitlab-org/gitlab@22769e8b79e976f172d5a85df2eea7c30f9ee303) by @gerardo-navarro ([merge request](gitlab-org/gitlab!141792))
- [Expose groups and projects allow list counters on graphQL](gitlab-org/gitlab@534f1dadc8129774ac3fe2965971c6f83539d7a8) ([merge request](gitlab-org/gitlab!145067))
- [Add time tracking widget to the work item update mutation](gitlab-org/gitlab@e2d808d2f668e64ba9b02e41ecd07bbcf5a5885d) ([merge request](gitlab-org/gitlab!145146))
- [Show target branch of MRs in Global Search](gitlab-org/gitlab@44a47b5f1d72b0f390bdef005b4393613220c758) by @santigl ([merge request](gitlab-org/gitlab!145849))
- [Add at least one approval by non author SOC 2 adherence check](gitlab-org/gitlab@33b9f8c00d4843d1403a908081dd416bb2bfe80a) ([merge request](gitlab-org/gitlab!145302)) **GitLab Enterprise Edition**
- [Add occupies_seat column to member_roles table](gitlab-org/gitlab@918cc302556394795be586125f4b8a84ccc63255) ([merge request](gitlab-org/gitlab!143911)) **GitLab Enterprise Edition**
- [Add REST API to fetch project's groups allowlist](gitlab-org/gitlab@84e9f297b0cdc02a7a47a35debe062cab04c269f) ([merge request](gitlab-org/gitlab!145069))
- [Add starrers_path to Catalog::ResourceType](gitlab-org/gitlab@9693fc338b17876112599fc27b1869f1f72e2daa) ([merge request](gitlab-org/gitlab!145937))
- [Added documentation for workflow:auto_cancel:on_job_failure](gitlab-org/gitlab@f822691e9082800dda1150814b96bb7c2e5d50bd) by @zillemarco ([merge request](gitlab-org/gitlab!145709))
- [Add new checkbox for optional data in service ping](gitlab-org/gitlab@51a6985a9ba587e0f6a970595257d218f4eff7b4) ([merge request](gitlab-org/gitlab!141540))
- [Display message when git rate limited by failed auth attempts](gitlab-org/gitlab@0c6b22efc24069741349ee0411d06c97749b27fe) ([merge request](gitlab-org/gitlab!145624))
- [Add new generic worker to handle auto merges from events](gitlab-org/gitlab@c8d7ec7f16b10b4b33ab6cd60bde982238397ab2) ([merge request](gitlab-org/gitlab!145460))
- [This MR adds policy scope on project level](gitlab-org/gitlab@7a4df91eef1dc726024f52e005c7db8757ba9481) ([merge request](gitlab-org/gitlab!143877)) **GitLab Enterprise Edition**
- [Remove ci_data_ingestion_to_click_house feature flag](gitlab-org/gitlab@8dd9fe00ae6b56664c086f83a4f81518a0f99e92) ([merge request](gitlab-org/gitlab!145665))
- [Remove run_clickhouse_migrations_automatically feature flag](gitlab-org/gitlab@7173726fdf9f309f4a692415a3df091e118cabdd) ([merge request](gitlab-org/gitlab!145668))
- [Added code to queue member promotion request](gitlab-org/gitlab@e61033ad415476d4c2ebe9ab63b1b98edfa3b443) ([merge request](gitlab-org/gitlab!142202)) **GitLab Enterprise Edition**
- [Add deployments_count field](gitlab-org/gitlab@3f0759518670a098e2c142a78f74d5ca218b4715) ([merge request](gitlab-org/gitlab!145320))
- [Copy VSA query params to issue analytics link](gitlab-org/gitlab@4ab125b9f80b7d0734256adbc50004b3f363b725) ([merge request](gitlab-org/gitlab!145496)) **GitLab Enterprise Edition**
- [Add ops flag to disable cookie-based language switcher](gitlab-org/gitlab@2b891f71abd03ffb1ad52e19eb15505d6b60ba96) ([merge request](gitlab-org/gitlab!144484))
- [Added first part of the command palete update - part 2](gitlab-org/gitlab@85cfd7f1dd1ae5d5fc3c011748d43ee5f2ba6893) ([merge request](gitlab-org/gitlab!141256))
- [Add an avatar to security policy bot](gitlab-org/gitlab@948d1602cad9d38464162b61bf5e2357678c4298) ([merge request](gitlab-org/gitlab!145423)) **GitLab Enterprise Edition**
- [Add yaml_error_messages graphql field](gitlab-org/gitlab@90de1d0c38c4e07d017a79b705ce1e62fec9c9f8) ([merge request](gitlab-org/gitlab!145327))
- [Add VSA aggregation status to GraphQL](gitlab-org/gitlab@875ba7de9ecaf52239000d3ea52406f3b232514a) ([merge request](gitlab-org/gitlab!144961)) **GitLab Enterprise Edition**
- [Add ops FF to reduce the export batch size](gitlab-org/gitlab@b85c99b7982ca94b03416bee2f8ad2b6a313a906) ([merge request](gitlab-org/gitlab!145189))
- [Add Cloud Connector developer docs](gitlab-org/gitlab@33714cfd2ab38b440903e5545b4b0672423cfd9f) ([merge request](gitlab-org/gitlab!142426))
- [Add endpoint to update group approval rules](gitlab-org/gitlab@526caa76c9b984eafa9f69b00f4c449ceeea9e34) ([merge request](gitlab-org/gitlab!144927)) **GitLab Enterprise Edition**
- [Default enable collapse_generated_diff_files feature](gitlab-org/gitlab@5134fbf13ff9fe1fa5025bba8f97842371c039ea) ([merge request](gitlab-org/gitlab!145100))
- [Add option to sort ciCatalogResources by star count](gitlab-org/gitlab@54a1a80598d40ed4a642fffc80680f1a384c40f5) ([merge request](gitlab-org/gitlab!145351))
- [Add duo_features_enabled cascading setting](gitlab-org/gitlab@08b0a643cde3a0bb7bcfee114bdbf9b2afe8131c) ([merge request](gitlab-org/gitlab!144931)) **GitLab Enterprise Edition**
- [Bulk ingest archived and traversal_ids values for security reports](gitlab-org/gitlab@08f4b9c2b680d7bde0303186de589191c09bb1f1) ([merge request](gitlab-org/gitlab!144618)) **GitLab Enterprise Edition**
- [Add parallel_project_export feature flag](gitlab-org/gitlab@1209339688c917a967877e89fa5c591f4d22e01f) ([merge request](gitlab-org/gitlab!145165))
- [Update denoramlized vuln read archived when projects are archived](gitlab-org/gitlab@529826c7bb117cb6ccee4cd4952cc3207fe48736) ([merge request](gitlab-org/gitlab!144455)) **GitLab Enterprise Edition**
- [Prepare issues table to backfill work items for epics](gitlab-org/gitlab@b1cfb979498102d1261081f24cc844e0235909b6) ([merge request](gitlab-org/gitlab!145124))
- [Keep showing create issue loading spinner while redirecting](gitlab-org/gitlab@0929a192c02d5f3d8c7301d8a18021fa805b2a05) ([merge request](gitlab-org/gitlab!144991)) **GitLab Enterprise Edition**
- [Purge old `security_scans` records on self-hosted installations](gitlab-org/gitlab@1ee7388709bbc8d5450164bbb60708613633a64a) ([merge request](gitlab-org/gitlab!144456))
- [Add custom payload template to webhooks](gitlab-org/gitlab@f8cfcb4fc3425636f4aede663078ae2caa503969) by @Taucher2003 ([merge request](gitlab-org/gitlab!142738))
- [Adds association count on organization level](gitlab-org/gitlab@d88c728d00ac23636b3a9c42bea76cf0e4d4a3d8) ([merge request](gitlab-org/gitlab!144726))
- [Add migration to add count fields to projects](gitlab-org/gitlab@ca9ba8a38fe0abbc19803729d1c8ad935ce6705e) ([merge request](gitlab-org/gitlab!144557)) **GitLab Enterprise Edition**
- [Add metrics for keep-around ref creation](gitlab-org/gitlab@de7031379b6ddc73934261b6f4a478e7947cfa8b) ([merge request](gitlab-org/gitlab!144809))
- [Add remove_child quick action for work items](gitlab-org/gitlab@d4d761fc83660692d39b03c50b7ab2a18417503c) ([merge request](gitlab-org/gitlab!141354))
- [Support job:rules:interruptible in CI config](gitlab-org/gitlab@78bd296182b6a2f1dd38345cbcaf1e7d76e1cacf) ([merge request](gitlab-org/gitlab!144687))
- [Add semantic version validation for catalog versions](gitlab-org/gitlab@8af3ded67da2dade5e090bdf471ca55df59893a0) ([merge request](gitlab-org/gitlab!144052))
- [Adds attribution_notice to Bugzilla integration](gitlab-org/gitlab@966edeabb3eaa40438d4ff69bb7bb997071f69c5) ([merge request](gitlab-org/gitlab!144166))
- [Run security reports ingestion for pipeline blocked with manual jobs](gitlab-org/gitlab@a1c5d4fc156a47702dccdff5812b7e378a433ee9) ([merge request](gitlab-org/gitlab!143046)) **GitLab Enterprise Edition**
- [Add Kubernetes overview on the Environment details page](gitlab-org/gitlab@04addb05c22b46001c798a99068c720215fd1d54) ([merge request](gitlab-org/gitlab!144370))
- [Enable VSA cumulative duration calculation](gitlab-org/gitlab@dfbf02a0b78000ec9d9115b8953ac969f0038e3c) ([merge request](gitlab-org/gitlab!144838)) **GitLab Enterprise Edition**
- [Adds search support to user organizations GraphQL query](gitlab-org/gitlab@116d540354890c4280a59f9b072f980d1080a2dd) ([merge request](gitlab-org/gitlab!144338))
- [Add configuration settings for Arkose client API](gitlab-org/gitlab@2043fe594f2fa16696c6429805108b94224957c0) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144534))
- [WorkItems rolledup dates: make fixed dates nullable on graphql](gitlab-org/gitlab@e402022624f847d31a38b653f6fb383df5ea185a) ([merge request](gitlab-org/gitlab!144451)) **GitLab Enterprise Edition**
- [Add throttling to bulk assignments](gitlab-org/gitlab@13806020f9e3f8f852ae1efc08e09280f14497a3) ([merge request](gitlab-org/gitlab!144745)) **GitLab Enterprise Edition**
- [Reuse existing projects & groups resolvers for Organization](gitlab-org/gitlab@9658c87958a54735b77882e270e2ca07ec54a7c8) ([merge request](gitlab-org/gitlab!144716))
- [Cancel a pipeline when configured to auto cancel on first job failure](gitlab-org/gitlab@88df5f5092e722fa408690fe4a38ebf0b9eb71cb) by @zillemarco ([merge request](gitlab-org/gitlab!141812))
- [feat: Protected packages: Delete protection rules in project settings ui](gitlab-org/gitlab@604002909fa988169c4c847e1e9451f29c5bb1c5) by @gerardo-navarro ([merge request](gitlab-org/gitlab!140483))
- [Replace FKs for p_ci_job_artifacts](gitlab-org/gitlab@01b364b8f0ab992249b3fe0dbc86c53a4964f144) ([merge request](gitlab-org/gitlab!144569))
- [Validate the foreign key & add to routing table upstream_pipeline_id](gitlab-org/gitlab@082ef3ac9bcbfac4d2f6e2d0ffa2bb548452abcf) ([merge request](gitlab-org/gitlab!144418))
- [Sync create indexes and prepare FK for p_ci_builds commit_id](gitlab-org/gitlab@fb679799339293f95cbc897a46fb6a22e08b9db5) ([merge request](gitlab-org/gitlab!144416))
- [Prepare async index for p_ci_builds.runner_id and project_id](gitlab-org/gitlab@569927247f88d04f6743b069f7a23c82b8f12f48) ([merge request](gitlab-org/gitlab!144414))
- [Use built-in multiline block quotes from parser](gitlab-org/gitlab@64fd38a6ebad791151e4e763dc82fead384e60ec) ([merge request](gitlab-org/gitlab!144379))
- [Add application setting for limit of merge request approval policies](gitlab-org/gitlab@381185ae27da69df4f8f29a2722ff9dcf75585ef) ([merge request](gitlab-org/gitlab!143849)) **GitLab Enterprise Edition**
- [Enable project redirect when fetching CI components](gitlab-org/gitlab@02e8ddbc0be5e6f42190be2ef8d23c3fb43fe229) ([merge request](gitlab-org/gitlab!144234))
- [Add the ability to sort findings](gitlab-org/gitlab@21cda12ba051b1c0640f00b9514bffee3575ea5a) ([merge request](gitlab-org/gitlab!142773)) **GitLab Enterprise Edition**
- [Fix WorkItems::RolledupDatesFinder](gitlab-org/gitlab@c590f431e7a1c1b050af83998e0f2eda90d6e698) ([merge request](gitlab-org/gitlab!143853)) **GitLab Enterprise Edition**
Fixed (165 changes):
- [AdvisoryScanner recovers invalid version error](gitlab-org/gitlab@c85021c98817798ca2bf92555dd64f7de7fd70cf) ([merge request](gitlab-org/gitlab!147120)) **GitLab Enterprise Edition**
- [Add rake task to delete orphan artifact objects](gitlab-org/gitlab@e376ab7eba4f8d6fb16277e3c2b3dfd2e8b743b0) ([merge request](gitlab-org/gitlab!146093))
- [Fixed search input at small sizes](gitlab-org/gitlab@b0c6064fc61778f8bf6a578c5e7b7692f5d11ea7) ([merge request](gitlab-org/gitlab!147098))
- [Fix sidebar padding problem for issue lists](gitlab-org/gitlab@e97e31aa24678d314054bf6a2ad400f347b344a6) ([merge request](gitlab-org/gitlab!146954))
- [Fix incorrect dashboards link within onboarding flow](gitlab-org/gitlab@bf7e5046dfca54f7ac631707f7a93d46ad8b6c74) ([merge request](gitlab-org/gitlab!146967)) **GitLab Enterprise Edition**
- [Bulk deletes should respect search_index_all_projects FF](gitlab-org/gitlab@60ab1efa915c5b4f725c126256e9c129aab7f398) ([merge request](gitlab-org/gitlab!146999)) **GitLab Enterprise Edition**
- [Fix links to project issues redirect to wrong server](gitlab-org/gitlab@7d01bf2c60f617bdd56df43486ef12f23bad762e) by @lifez ([merge request](gitlab-org/gitlab!146433))
- [Truncate description and solution when ingesting Vulnerabilities](gitlab-org/gitlab@06391d0dc1b962811746d16f9556d7478eabd41e) ([merge request](gitlab-org/gitlab!146571)) **GitLab Enterprise Edition**
- [Fix a bug when mvn uses the dependency proxy with basic auth](gitlab-org/gitlab@5f517356a06b025239f910fc749775b5011867f4) ([merge request](gitlab-org/gitlab!146665))
- [Fix style problems for issues list on small screen](gitlab-org/gitlab@231127b6356687bf61d06ae25f823b528ba14a7a) ([merge request](gitlab-org/gitlab!146394))
- [Fix Repository analytics commit statistics failing to render](gitlab-org/gitlab@e9ba6a27a4b82c5ef0feae1a3702f2c400c460ed) ([merge request](gitlab-org/gitlab!146675))
- [Allow users to use _EXCLUDED_ANALYZERS variable in SEP](gitlab-org/gitlab@072cf3d3fae6ac9b0d97a0b44120d0833c6bc543) ([merge request](gitlab-org/gitlab!144243)) **GitLab Enterprise Edition**
- [Update pages ci templates - Hexo, Hugo, Hyde](gitlab-org/gitlab@fe427d85e54283b0475cb3116cafdfd3af62e7d3) ([merge request](gitlab-org/gitlab!146050))
- [Design management: Fix overflow of video](gitlab-org/gitlab@1269d6ad2d858b39e39d55dfdb7c8b4d946fac91) ([merge request](gitlab-org/gitlab!146903))
- [Limit security policy project resolver suggestions](gitlab-org/gitlab@cef98dcd59e0eac397c65985ce16a818451685d5) ([merge request](gitlab-org/gitlab!146892)) **GitLab Enterprise Edition**
- [Make sure spinner occupies enough vertical space](gitlab-org/gitlab@176e38e3b5d110433a44f0f0079f8261527b05b6) ([merge request](gitlab-org/gitlab!146535))
- [Issuable sidebar: Improve promotions and hide empty section](gitlab-org/gitlab@4ca9820861522c17264c7afd264f5c08b30b0d5d) ([merge request](gitlab-org/gitlab!146879))
- [Change bootstrap migration reset font weight bold value](gitlab-org/gitlab@c5f730ce559152349e9d0da3a3d14e24649369d9) ([merge request](gitlab-org/gitlab!146872))
- [Prevent mutating line endings](gitlab-org/gitlab@1aaf877acdf90e2aaf693da05851728a45df81ab) ([merge request](gitlab-org/gitlab!137641))
- [Resolve validation failing for theme_id when previous dark mode value 11](gitlab-org/gitlab@4526b9ebac1c98921365c27061b1e80bbb04fc1d) ([merge request](gitlab-org/gitlab!146845))
- [Add exit status when backup fail](gitlab-org/gitlab@d664f5b8d136fdf3005a3fdb4d22bbe6519f6156) by @lifez ([merge request](gitlab-org/gitlab!145943))
- [Clear search input when selecting or deselecting a reviewer](gitlab-org/gitlab@3adcfb3228272b5d995b7a394c96f41b13906042) ([merge request](gitlab-org/gitlab!145247))
- [Refactor Vue shared `SettingsBlock`](gitlab-org/gitlab@877bdbcad632b4e5164393181e44e5cb6a574530) ([merge request](gitlab-org/gitlab!146156)) **GitLab Enterprise Edition**
- [Clarify ambiguous instructions](gitlab-org/gitlab@6453121e844e17f7eca808b9c45a32993e1f0096) ([merge request](gitlab-org/gitlab!142782)) **GitLab Enterprise Edition**
- [Fix encoding error when downloading archive](gitlab-org/gitlab@f974d7b2a4a7485115eef8225851d37ae8ba60cf) ([merge request](gitlab-org/gitlab!146705))
- [Resolve Issue list page size control overlap](gitlab-org/gitlab@2308ffc9fa8895bf938bf1b9cf04fef15834cf99) ([merge request](gitlab-org/gitlab!145848))
- [Fix pagination in wiki pages and templates](gitlab-org/gitlab@c486b3fe6aa3b0ddaafa387009268b89004009fe) ([merge request](gitlab-org/gitlab!146468))
- [Ensure that scan-policies stage is added after .pre](gitlab-org/gitlab@48319b2baee8bbd64a90cd2d60daa914e03d983e) ([merge request](gitlab-org/gitlab!146096)) **GitLab Enterprise Edition**
- [Fix compliance framework graphql query to return correct policies](gitlab-org/gitlab@977713f1fc8ca310fd7c509abcba6d704a5549de) ([merge request](gitlab-org/gitlab!146238)) **GitLab Enterprise Edition**
- [Ensure scope validation only for classic pats](gitlab-org/gitlab@98a42cf48774b1f15e9b8d56ecc6f2e4300887cf) ([merge request](gitlab-org/gitlab!146532))
- [Reload HEAD diff when MR is marked as mergeable](gitlab-org/gitlab@804b8d9ccb92ec1d469fd04338d535eee34aeedc) ([merge request](gitlab-org/gitlab!146604))
- [Fix for avatar cache not clearing on update](gitlab-org/gitlab@4340c5ef62eedf10241e812243a08e85bfe9376c) ([merge request](gitlab-org/gitlab!122639))
- [Fix Issues Analytics first-of-month loading error](gitlab-org/gitlab@8337293db998ed3dca791bc95212f8f1e59381ac) ([merge request](gitlab-org/gitlab!146546)) **GitLab Enterprise Edition**
- [Fix namespace reset](gitlab-org/gitlab@5236a9e83069bd3af4a8baf88229ed8eb1a0dd0d) ([merge request](gitlab-org/gitlab!146540))
- [Prepare push rules for committer email change](gitlab-org/gitlab@19ea246eb99d09ab40a4155e01d101f942caa15e) ([merge request](gitlab-org/gitlab!146335))
- [Empty repo: Hide empty sidebar blocks](gitlab-org/gitlab@4a5bdc76a55db8cc1aabc965cb14d23132b81df5) ([merge request](gitlab-org/gitlab!146462))
- [Fix incorrect audit event name being logged when a user is rejected](gitlab-org/gitlab@472d22ef63d30097100634a5f42f02ad22221b76) ([merge request](gitlab-org/gitlab!146458)) **GitLab Enterprise Edition**
- [Style fixes for board top bar on small screens](gitlab-org/gitlab@94ce27a63db52aa2de4001c1fcf0893b72ea5020) ([merge request](gitlab-org/gitlab!146414)) **GitLab Enterprise Edition**
- [Emoji picker: Fix icon for legacy notes](gitlab-org/gitlab@f7de180b4ed8cca021ce5f83b3262a61621c2d13) ([merge request](gitlab-org/gitlab!146369))
- [Fix policy variables in scheduled pipelines](gitlab-org/gitlab@b091e4f849f6cf68c115504cd0844c2ae87a179c) ([merge request](gitlab-org/gitlab!146064)) **GitLab Enterprise Edition**
- [Enable feature flag "fetch_commits_for_bitbucket_server" by default](gitlab-org/gitlab@fd9256e60c83d23280cad631ca0350f028fe496c) ([merge request](gitlab-org/gitlab!146353))
- [Fix missing require for users development seed](gitlab-org/gitlab@8f6166dbd04aeebbedd23cc152413ab17a53254f) ([merge request](gitlab-org/gitlab!146351))
- [Fix finding modal when dismissed by is null](gitlab-org/gitlab@7be939041e81a5950c86bfacb39f35b86bfd34f8) ([merge request](gitlab-org/gitlab!146193)) **GitLab Enterprise Edition**
- [Fix user having custom role in multiple objects in a hierarchy](gitlab-org/gitlab@2a0fff1e1679df6aa3fae4aec1c9ba2490dfdbd5) ([merge request](gitlab-org/gitlab!144851)) **GitLab Enterprise Edition**
- [Use sentence case for DORA metrics titles](gitlab-org/gitlab@073fd7fcf5ae27dace77811f011258cb48e7c508) ([merge request](gitlab-org/gitlab!145867)) **GitLab Enterprise Edition**
- [Update pipeline_triggers plan limits to 25k for trials and opensource](gitlab-org/gitlab@2cecbcd8b82850f7607b4e9a85e76f50df8f98e1) ([merge request](gitlab-org/gitlab!145846))
- [This MR fixes header for security policies](gitlab-org/gitlab@96eac69ed540c700ac0af6cf4fea989cc7190d07) ([merge request](gitlab-org/gitlab!146277)) **GitLab Enterprise Edition**
- [Change "Create new Value Stream" to "New value Stream"](gitlab-org/gitlab@b0d79d1b864dd793b2f800ed589adab0bf42e358) ([merge request](gitlab-org/gitlab!146248)) **GitLab Enterprise Edition**
- [Fix DiffStatsType encoding error](gitlab-org/gitlab@077f497ee737c0e9615321f80d855afdcd79dc6d) ([merge request](gitlab-org/gitlab!145068))
- [Use user locale to display delimiters and separators in storage usage](gitlab-org/gitlab@d22bf9d9fc411948acf13d466baff2b949670cae) ([merge request](gitlab-org/gitlab!144565)) **GitLab Enterprise Edition**
- [Export & Import diff note's diff file](gitlab-org/gitlab@ab57d9055d0f457e50c3de4127b186574f996ef3) ([merge request](gitlab-org/gitlab!145967))
- [Handle version conflict errors in ElasticDeleteProjectWorker](gitlab-org/gitlab@fd99b56be44bdb74a8886cd2ca378b1fea800c3f) ([merge request](gitlab-org/gitlab!146068)) **GitLab Enterprise Edition**
- [Assignees widget dropdown reordering of selected users](gitlab-org/gitlab@f85f207eb67495cbe9331b555266e52bd100dfc4) ([merge request](gitlab-org/gitlab!145901))
- [Inspect start_branch_name if provided](gitlab-org/gitlab@54cf87270109b7d543f9f1a5c072effe54f5ab6b) ([merge request](gitlab-org/gitlab!139351))
- [Fix search within Environments folder](gitlab-org/gitlab@0e5e87e49c10e97969c7c187641f77878beb35db) ([merge request](gitlab-org/gitlab!146154))
- [Move focus to "What's new" drawer when opened](gitlab-org/gitlab@7e43fee0fc7df835a889c19eb3328b1a9ce7b7b7) ([merge request](gitlab-org/gitlab!144873))
- [Fix page overflow with long MR titles](gitlab-org/gitlab@4200b87ff685151ac389cf3241187fbcaa18a948) ([merge request](gitlab-org/gitlab!146103))
- [Release fetching all npm package tags](gitlab-org/gitlab@9031573c52bddcf17f20b8e563caf1c603d38565) ([merge request](gitlab-org/gitlab!144434))
- [Update Duo Pro Card to to show Add seats button for SM](gitlab-org/gitlab@6d19053750ea2f35f5bf2080fc6595981aed6aa3) ([merge request](gitlab-org/gitlab!145689)) **GitLab Enterprise Edition**
- [Supply the sequence name to the partitioning helper](gitlab-org/gitlab@644125eb09bbbc31dbbe52669527a8c13e478b3b) ([merge request](gitlab-org/gitlab!146065))
- [Fix autocomplete issue on design management comment form](gitlab-org/gitlab@b670c06fa8b594fd7155e492e3daa8580177dc31) ([merge request](gitlab-org/gitlab!146047))
- [Run specs with elastic_clean trait](gitlab-org/gitlab@cd71206c3b9f31199697d27806c111c206ba5d4f) ([merge request](gitlab-org/gitlab!145771))
- [Fix link to check out MRs locally](gitlab-org/gitlab@f7cca629e378d524cea27065f9530cf04c10bc9c) ([merge request](gitlab-org/gitlab!146041))
- [Do not raise CI lint exception if repository is empty](gitlab-org/gitlab@9a38817ff55f0f628238e0a76e20a59c1a20f066) ([merge request](gitlab-org/gitlab!145801))
- [Remove memoization for existing_sequence](gitlab-org/gitlab@ee5d8e912816d403f123eb1c0dd3824ceb2cfa16) ([merge request](gitlab-org/gitlab!146027))
- [Fixes missing "cancel" job button in admin jobs](gitlab-org/gitlab@2f8e8a1757733592d882c7d0224d4040cca6eaa1) ([merge request](gitlab-org/gitlab!146024))
- [Fix line highlighting](gitlab-org/gitlab@3df369cf54cb7c17c3a383545688ccc243d05106) ([merge request](gitlab-org/gitlab!146019))
- [Fix auth to dependency proxy with service account](gitlab-org/gitlab@9405a79b02255f917942442af1aff6454ffe15a0) ([merge request](gitlab-org/gitlab!146012))
- [Add SaaS check when fetching instance member roles](gitlab-org/gitlab@00a6aaff31941c18f979006d865cef3913458578) ([merge request](gitlab-org/gitlab!145094))
- [Proposed format changes for CI/CD Analytics](gitlab-org/gitlab@388ba9840241e7c233eba1e1e94e81ba5e45ed83) ([merge request](gitlab-org/gitlab!141307))
- [Include epic events on Profile page heat map](gitlab-org/gitlab@bc7602f7ca163ad03ec87889b37cabae071cf144) by @zzaakiirr ([merge request](gitlab-org/gitlab!138688))
- [Manage external issue tracker links to Vulnerabilities using events](gitlab-org/gitlab@a80b6a445c5171857fd97b1ba4874e42309e5370) ([merge request](gitlab-org/gitlab!145563)) **GitLab Enterprise Edition**
- [Change DuoChat z-index value to put it behind the feedback modal](gitlab-org/gitlab@96f283f2c5d4a06f1194cf90ebbc85f618c27180) ([merge request](gitlab-org/gitlab!145802)) **GitLab Enterprise Edition**
- [Check merge request's head_sha pipeline instead of latest](gitlab-org/gitlab@fd9980a6110598c4abc8f37db631e9674488ecfd) ([merge request](gitlab-org/gitlab!144919)) **GitLab Enterprise Edition**
- [Expose auth_method for remote mirrors via API](gitlab-org/gitlab@7d2177d947f48440211d49a3ac30c5405a369a21) ([merge request](gitlab-org/gitlab!75155))
- [Fix container repositories checksum mismatch errors](gitlab-org/gitlab@8a631409ceac9eaf66248741f7e31e2a47899c6d) ([merge request](gitlab-org/gitlab!145869)) **GitLab Enterprise Edition**
- [Make enum consistent to vulnerability enum](gitlab-org/gitlab@c9388aa1d7687098f0b5c82d7d444b54a5dafbc3) ([merge request](gitlab-org/gitlab!144849)) **GitLab Enterprise Edition**
- [Change query for assignee users to autocomplete query](gitlab-org/gitlab@49edefe573d4fbfb7d7cf8cd5e61b9a5aec95c00) ([merge request](gitlab-org/gitlab!145370))
- [Fix composability of `:published_event` with `:not_publish_event`](gitlab-org/gitlab@fe7cd8a3035beb4874f22df82e0bf59f34afdf86) ([merge request](gitlab-org/gitlab!144777))
- [Fixes duplicate users in search suggestions](gitlab-org/gitlab@384a98956d5ea3fe900a6854f7edf2edd66ba80f) ([merge request](gitlab-org/gitlab!145818))
- [Fix boolean and number input types](gitlab-org/gitlab@a4032ae6aef2e5dbd8a63b5a78fa3b334ab8e98f) ([merge request](gitlab-org/gitlab!145257))
- [Google Chat: Support inline replies](gitlab-org/gitlab@1ae2e61298b8a0463a570ff6ba16969356f87c82) by @robbie-demuth ([merge request](gitlab-org/gitlab!145187))
- [Web IDE Link: Hide button if empty](gitlab-org/gitlab@0daf8bf5c20d703cbf81c6c8799fee8bb13c0bef) ([merge request](gitlab-org/gitlab!145812))
- [Fix multi-line highlighting](gitlab-org/gitlab@34fa08685dbdaa41375ec5615609be7f925af4d3) ([merge request](gitlab-org/gitlab!144884))
- [Use `pre-wrap` to both preserve whitespace and wrap long lines](gitlab-org/gitlab@3e109880ebfee0754bb8172fe8dee15bf89a2b4f) ([merge request](gitlab-org/gitlab!145482))
- [Use sentence case for VSA Lifecycle metric titles](gitlab-org/gitlab@0040d58416ccc7a66e88c43b94d457b9f6cf56a1) ([merge request](gitlab-org/gitlab!145717)) **GitLab Enterprise Edition**
- [Fixes bug where Geo servers may leave orphaned Upload rep. stuck](gitlab-org/gitlab@c77566920dd7297a47b30942169b1b75f721ce87) ([merge request](gitlab-org/gitlab!142456)) **GitLab Enterprise Edition**
- [Update proxied request to use secondary for push_from_secondary](gitlab-org/gitlab@b93ec88eb37294778f70a8dc32cb8ce4aa665650) ([merge request](gitlab-org/gitlab!143980)) **GitLab Enterprise Edition**
- [Fix alert showing for unlimited schedules](gitlab-org/gitlab@b4e5516ce87a9d15393ea1ac984285c3687d143e) ([merge request](gitlab-org/gitlab!145695))
- [Add support for sidebar, example and openblock in AsciiDoc](gitlab-org/gitlab@ef0d0f9724d4cecb0ec5d0aa58b2dd9fb601841e) ([merge request](gitlab-org/gitlab!145379))
- [Fixed contributor count metric in VSD comparison table](gitlab-org/gitlab@328077d72a2cfa5fb2db63e4186ba59169317cd8) ([merge request](gitlab-org/gitlab!145682)) **GitLab Enterprise Edition**
- [Fix popover position for dependency list export](gitlab-org/gitlab@30ef0993c537c4d823df04ac774bc741fbd08fb9) ([merge request](gitlab-org/gitlab!145604)) **GitLab Enterprise Edition**
- [Increase packages_pypi_metadata keywords text limit](gitlab-org/gitlab@3b877ebf6a2e059e8b936a2fd3f69a64da1a4d94) ([merge request](gitlab-org/gitlab!144983))
- [Re-introduce drop user_interacted_projects table](gitlab-org/gitlab@574d864290ad35d20d33bce9198a6d22d9ce67c9) ([merge request](gitlab-org/gitlab!145260))
- [Do not remove indentation when pasting in code block](gitlab-org/gitlab@6c59aad2decc096a62deb2f2e515732499509160) ([merge request](gitlab-org/gitlab!143793))
- [Geo: Fix incorrect return values](gitlab-org/gitlab@f1a3391ad943e58217fc9e5a47794f217378d533) ([merge request](gitlab-org/gitlab!145616)) **GitLab Enterprise Edition**
- [Hide roles and permissions page from admin area when in SaaS mode](gitlab-org/gitlab@507361069cbadfe3766b748fe10242fde0aa264d) ([merge request](gitlab-org/gitlab!145262)) **GitLab Enterprise Edition**
- [Fix required approvals for mixed policies](gitlab-org/gitlab@86fc8568572466a532fe3971bb21d185e1c839f2) ([merge request](gitlab-org/gitlab!145572)) **GitLab Enterprise Edition**
- [Handle projects not found in Zoekt indexer worker](gitlab-org/gitlab@2c00ff21679c4287cef16853b86b62df8696b31d) ([merge request](gitlab-org/gitlab!145571)) **GitLab Enterprise Edition**
- [Handle a deletion of deployments for the removed repository](gitlab-org/gitlab@0c85dc6160d74f71ca0f2b81e6482ec86b61d772) ([merge request](gitlab-org/gitlab!145498))
- [Fix link anchors for synthetic system notes](gitlab-org/gitlab@ea1ffd2245d28861070dc1246b1b2ac3222983a5) ([merge request](gitlab-org/gitlab!145489))
- [Fix issue with uploading images sometimes](gitlab-org/gitlab@3c4c967a57ebf122be0d595a2c05ba9ce0f68029) ([merge request](gitlab-org/gitlab!144131))
- [Merge when checks pass should not need a pipeline to merge](gitlab-org/gitlab@5a9f0ac851aa4ba2e0b6ac7a2dbc5b381ca00f0c) ([merge request](gitlab-org/gitlab!144553))
- [Fix participants query in MR list page](gitlab-org/gitlab@a031162213a98d77dbd1089f2af1fc12dee7e4d8) ([merge request](gitlab-org/gitlab!145381))
- [Fix Container Registry Path](gitlab-org/gitlab@b77ae8639d0266b7a9364735f1cf3015cbcda68a) ([merge request](gitlab-org/gitlab!145389))
- [Job status: Add missing status text to GraphQL query](gitlab-org/gitlab@322aefda8599d1a915c6ab8db320daba1f2e0273) ([merge request](gitlab-org/gitlab!145139))
- [Improve show/hide logic of cube query generation frontend](gitlab-org/gitlab@2d149b9f695d86f5bec5f029a9de39ce99066f17) ([merge request](gitlab-org/gitlab!144415)) **GitLab Enterprise Edition**
- [Ensure errors.css is interpreted as UTF-8 encoding](gitlab-org/gitlab@b936a1d344d49bce1af09f92826dc152b77129d1) ([merge request](gitlab-org/gitlab!145363))
- [Keep code dropdown open when focusing clone inputs](gitlab-org/gitlab@d74e986b2ea8ae7be698b8583b5ef37fcabaf500) ([merge request](gitlab-org/gitlab!145304))
- [Fixed Shows branch name in non-blobs scopes](gitlab-org/gitlab@d60e1385ef64c13ff3aa50dc19a8cf624f3b0fac) ([merge request](gitlab-org/gitlab!142406))
- [Fix policy bot comment layout](gitlab-org/gitlab@8ba7c0fb55574c644db6fcfd5b023e93be69bcfb) ([merge request](gitlab-org/gitlab!145282)) **GitLab Enterprise Edition**
- [Fix overwriting the SOURCE_CODE variable in Code Quality](gitlab-org/gitlab@428327f364a601a9baff09be3fff6a1689e0fb0f) ([merge request](gitlab-org/gitlab!143018))
- [Emoji picker height in user edit profile page](gitlab-org/gitlab@88ac0ac0f404fd3525abedb57f6fe1779d15cf91) ([merge request](gitlab-org/gitlab!145240))
- [Fix highlight worker event ordering](gitlab-org/gitlab@a77f9e9ff46699fba0a95661d98f5bc75f33b206) ([merge request](gitlab-org/gitlab!145148))
- [Fix vulnerabilities seeder](gitlab-org/gitlab@cb8875c1aac0a1b7d7b4f01982de20aa0ba01640) ([merge request](gitlab-org/gitlab!145163))
- [Don't escape query in "Search or go to..." modal twice](gitlab-org/gitlab@d95bd7aa30d138d210f350201c34b52b799f5af6) by @syvb ([merge request](gitlab-org/gitlab!145158))
- [Mark issuable-resource-links as unique on create](gitlab-org/gitlab@463db89eb519aaddab6e64ada70b83a013be9a86) by @tomasz.skorupa ([merge request](gitlab-org/gitlab!143642)) **GitLab Enterprise Edition**
- [Fix queue purge security scans migration](gitlab-org/gitlab@426115c8c59e705c594777189fec6bba8e2886d0) ([merge request](gitlab-org/gitlab!145130))
- [Enable user/group pages access when namespace_in_path is enabled](gitlab-org/gitlab@5850113d14e830fe431a0d63dd42dd108f9a6d1e) ([merge request](gitlab-org/gitlab!144576))
- [Pipeline Status: Add aria-label](gitlab-org/gitlab@a50d244cf3a00c93be3c8094106282848bf87225) ([merge request](gitlab-org/gitlab!144969))
- [Adds the empty string fallback for organization description field](gitlab-org/gitlab@fa45b4f92de9e4448ce93a4f422f4544a6e3fa35) ([merge request](gitlab-org/gitlab!144896))
- [Check the actual bytesize of a Sentry JSON payload](gitlab-org/gitlab@48507d54bbfa735bd2847f35621c6d283ba6c332) ([merge request](gitlab-org/gitlab!112813))
- [Fix delete text on attach file toolbar button](gitlab-org/gitlab@60b5695e70f54bf34e4a37b95183cee0ceffc166) ([merge request](gitlab-org/gitlab!145034))
- [Profile page: Fix whitepsace issue](gitlab-org/gitlab@c7e996f8f952bcabf79dd36f808a813a3a40aa7b) ([merge request](gitlab-org/gitlab!144955))
- [Fix boolean and number input types](gitlab-org/gitlab@24dabbb7d60819b209d1563c0d60e748620ec6af) ([merge request](gitlab-org/gitlab!144065))
- [Make `/clear_weight` work when weight is 0](gitlab-org/gitlab@dcc5068812cdb5c849bc00a46b6122476eed4065) ([merge request](gitlab-org/gitlab!145002)) **GitLab Enterprise Edition**
- [Adds users_organization_path to the organization home page](gitlab-org/gitlab@32e24b3baad4766d5d2a90cdef030da0efb01407) ([merge request](gitlab-org/gitlab!144878))
- [Make bundler-checksum work with RubyGems 3.5.6](gitlab-org/gitlab@f0de0f34901266750794bebddb60b10e8d0d642a) ([merge request](gitlab-org/gitlab!144985))
- [Repository: Fix code owners question icon color](gitlab-org/gitlab@0994efe550d105aa35695dc3d316ba0e7c0051ad) ([merge request](gitlab-org/gitlab!144634)) **GitLab Enterprise Edition**
- [Board - Fix creating issue in board scoped to iteration](gitlab-org/gitlab@1101bb89195da41aaa5911c02816744b9eae6e4b) ([merge request](gitlab-org/gitlab!144689)) **GitLab Enterprise Edition**
- [Add conditional operator to check for descriptionVersion being null](gitlab-org/gitlab@7236bc723087c919d6e3371112fcc90a88015d38) ([merge request](gitlab-org/gitlab!144949))
- [Mark code_suggestions as ignored](gitlab-org/gitlab@1ee566f4caecd01b118b6909ec0041a3c110b7ef) ([merge request](gitlab-org/gitlab!144892))
- [Fix alert showing for guest/reporter](gitlab-org/gitlab@3b2bb2575bbc00ef5321cc6c9825398fecf9a8ce) ([merge request](gitlab-org/gitlab!144901))
- [Project list item: Fix avatar spacing and alignment](gitlab-org/gitlab@7d2a4cc4714d0b89c079cb65db02021967c6e686) ([merge request](gitlab-org/gitlab!144898))
- [Add a safeguard against non-matching diff discussion positions](gitlab-org/gitlab@a9b42a7e2785101d696b1ec5b354aea8c2f313d3) ([merge request](gitlab-org/gitlab!144865))
- [Prevent policy bot message on non-applicable branches](gitlab-org/gitlab@4b3f6a0657b1979cd6534e0e87f168eab72d6c3f) ([merge request](gitlab-org/gitlab!144863)) **GitLab Enterprise Edition**
- [Set correct state for Apply button after action](gitlab-org/gitlab@ca45668160caf3e27be3c3a48c5211731b55524b) ([merge request](gitlab-org/gitlab!144862)) **GitLab Enterprise Edition**
- [Scope rejected projects query for better performance](gitlab-org/gitlab@f1ce9c5b24f969fc3cf8d6a76eff3a5323292f96) ([merge request](gitlab-org/gitlab!144047)) **GitLab Enterprise Edition**
- [Hide "email a new issue" on archived issues lists](gitlab-org/gitlab@eaaf0f1247a129d4b9fc5082f768b98cb14fe2b2) ([merge request](gitlab-org/gitlab!144058))
- [Consider pipelines with supported sources for MR approval policy](gitlab-org/gitlab@0b08e35779b472f4dc0dd9270a1c917e09156541) ([merge request](gitlab-org/gitlab!144825)) **GitLab Enterprise Edition**
- [Fix Search::Zoekt.index? logic](gitlab-org/gitlab@c8f7bbc7848ea348f5688ce430616fedecc2c898) ([merge request](gitlab-org/gitlab!144592)) **GitLab Enterprise Edition**
- [Remove `gl-z-index-200` from inline findings icon](gitlab-org/gitlab@518a6557ee95299af1d99dc0e3481954a72b0bac) ([merge request](gitlab-org/gitlab!144771)) **GitLab Enterprise Edition**
- [Reintroduces error tracking approximate user count](gitlab-org/gitlab@f1ac7ef970c590d98f84428f5652c0255b847372) ([merge request](gitlab-org/gitlab!144384))
- [Rename security dashboard graphql error alert](gitlab-org/gitlab@c7e343d4a7b0ae11bb0edd5019e75067588f13f8) ([merge request](gitlab-org/gitlab!144775)) **GitLab Enterprise Edition**
- [Fix including CI files in pipeline execution policy](gitlab-org/gitlab@089e07e8439caab0a8d25235670cb19abbcf9e2c) ([merge request](gitlab-org/gitlab!144727)) **GitLab Enterprise Edition**
- [Ignore compliance CI config when source is on-demand DAST scan](gitlab-org/gitlab@7638eb2383826bf63fd19d08502ea76669a71a3b) ([merge request](gitlab-org/gitlab!144307)) **GitLab Enterprise Edition**
- [Merge request checks: Fix right alignment of actions](gitlab-org/gitlab@a8cb6a80e0b8690965f2eea0097e5897a2f2853c) ([merge request](gitlab-org/gitlab!144724))
- [Readme: Fix anchor overflow behavior when collapsed](gitlab-org/gitlab@98f6b8c22097e0d584356f946946ecb9b2671b35) ([merge request](gitlab-org/gitlab!144571))
- [Update pages ci templates - Doxygen](gitlab-org/gitlab@3ccebc465ca01fb8cd3fc89f620cbf12898e2584) ([merge request](gitlab-org/gitlab!144317))
- [Fix Geo: Personal snippets not syncing](gitlab-org/gitlab@14b1af7e3b39179375439e9fc888eadc2bd51b8d) ([merge request](gitlab-org/gitlab!143456)) **GitLab Enterprise Edition**
- [Vulnerability Details: Fix code-snippet rendering](gitlab-org/gitlab@62dc1de6a55d21daa3942bb192a7c23fe6bdc2e4) ([merge request](gitlab-org/gitlab!144444)) **GitLab Enterprise Edition**
- [This MR fixes alignment](gitlab-org/gitlab@1763ec36864731b13c539689a4286c130f483e3b) ([merge request](gitlab-org/gitlab!144348)) **GitLab Enterprise Edition**
- [Add error recovery for package metadata sync](gitlab-org/gitlab@501075e19485de53c93b0405c10cc0c15149fcc5) ([merge request](gitlab-org/gitlab!144090))
- [Readmore shadow: Fix darkmode](gitlab-org/gitlab@329bcd9481289403f255ad386b55b24b8557e037) ([merge request](gitlab-org/gitlab!144568))
- [Fix GitLab for Slack app disabled when uninstalled](gitlab-org/gitlab@7de79ac28efecdd4388b54a7bcea66e009b30cf3) ([merge request](gitlab-org/gitlab!144544))
- [Add spacing to "Awaiting user signup" badge](gitlab-org/gitlab@986a26854a510b25ec0e855228b07c146bfbd792) by @yonghyun.jin13 ([merge request](gitlab-org/gitlab!141181))
- [Fix the name of a missing svg for the tests reports](gitlab-org/gitlab@52121f27ea34d66d6823f171a72dc2a3175a39cb) ([merge request](gitlab-org/gitlab!144362))
- [Changes the empty state illustation from CI/CD Analytics](gitlab-org/gitlab@4e39718b157492c0a256e003ec912caab632c816) ([merge request](gitlab-org/gitlab!144487))
- [Fix error from using `inputs` in some cases](gitlab-org/gitlab@ba97ac19e27fb650c9cc33d72181bff666c2874d) ([merge request](gitlab-org/gitlab!144497))
- [Fix deny_all_requests_except_allowed of AddressableUrlValidator](gitlab-org/gitlab@3d9f595d1b1a4f057c37770ac2ee0312c0b6e8a7) ([merge request](gitlab-org/gitlab!144488))
- [Fix File Browser height update on merge request tab change](gitlab-org/gitlab@e23549d421fc5692abfa2763b85a5a25793f840e) ([merge request](gitlab-org/gitlab!144458))
- [Account for typed code block responses from the LLM](gitlab-org/gitlab@2028e11ad4ad51cc1ecee021816b9134936947e3) ([merge request](gitlab-org/gitlab!144358)) **GitLab Enterprise Edition**
- [Make variable value listbox searchable](gitlab-org/gitlab@9b91529d6a563c3f7ad3d6ebde84bfda1d67bd43) ([merge request](gitlab-org/gitlab!143529))
- [Hide exposed artifacts when there are none](gitlab-org/gitlab@650e8107815f8eb6479bc13882aefdd854ad8cf7) ([merge request](gitlab-org/gitlab!143698))
- [Fix permissions check for runner usage by project](gitlab-org/gitlab@f72ecedc94a50668080bff83ce05593aa2adc4f6) ([merge request](gitlab-org/gitlab!143352))
Changed (207 changes):
- [Change pipeline schedule button text](gitlab-org/gitlab@a2ea0248f57d9fb27a3f61d62d445592790efcca) ([merge request](gitlab-org/gitlab!147058))
- [Update MR empty states](gitlab-org/gitlab@d221a84ca42f98af1173ba65de862294197370a3) ([merge request](gitlab-org/gitlab!146708))
- [Updated the texts in the Protected environments under CI/CD Settings tab](gitlab-org/gitlab@b5ef5f805320d28a015d65a53e5d794b0aa40c0d) by @antonkalmykov ([merge request](gitlab-org/gitlab!147035)) **GitLab Enterprise Edition**
- [Projects: Improve pending deletion visibility and message](gitlab-org/gitlab@5b26f9c384db51533fe3ad69ea2e4d086062ca3e) ([merge request](gitlab-org/gitlab!146082))
- [Audit member access on destroy](gitlab-org/gitlab@38aacd015273bcfe45ea46f24c821de1c4ab73fd) ([merge request](gitlab-org/gitlab!146908)) **GitLab Enterprise Edition**
- [Design management add ability to toggle comments](gitlab-org/gitlab@e8e2aa5fbe895b3ce187bf3b9f08bf394b994760) ([merge request](gitlab-org/gitlab!146290))
- [Clarify audit event type script text](gitlab-org/gitlab@300e410878b6da70c6ff5ffe69580264b7a38706) ([merge request](gitlab-org/gitlab!146960))
- [Improve error message when job is missing an artifact](gitlab-org/gitlab@7639c2c7db731f1be98938d695ae9e1a9c3ad847) ([merge request](gitlab-org/gitlab!146941))
- [Disable release button for catalog resources](gitlab-org/gitlab@bf1f6ad7428842cf7d5784d13f29aaf783b415bc) ([merge request](gitlab-org/gitlab!145701))
- [Guided setup for Google Cloud IAM integration - 3](gitlab-org/gitlab@0f503f650d1dafcd70beb2dd4a10749f4ccbcc80) ([merge request](gitlab-org/gitlab!146174)) **GitLab Enterprise Edition**
- [This MR changed default state for policy scope](gitlab-org/gitlab@5fba32dab3df4627a93b7e975637662abb3b35a5) ([merge request](gitlab-org/gitlab!146210)) **GitLab Enterprise Edition**
- [Update todo and notifications for work items](gitlab-org/gitlab@25b37bd1f36113598ffaefd407f49218361a2c4b) ([merge request](gitlab-org/gitlab!145711))
- [Update commits empty state](gitlab-org/gitlab@88dd091d81f98187d9283d577e93f1df8e184489) ([merge request](gitlab-org/gitlab!146531))
- [Update kubernetes cluster empty state](gitlab-org/gitlab@ca986649138437d15b79ca4f804adf60c5756886) ([merge request](gitlab-org/gitlab!146358))
- [Added new columns and removed unwanted not null constraint](gitlab-org/gitlab@86f299d430d36db4a645c7c16bf8870896ee71f8) ([merge request](gitlab-org/gitlab!144882)) **GitLab Enterprise Edition**
- [Allow milestones to be specified by full path](gitlab-org/gitlab@d7d326b6d944bc30b0a33473a7e4eb24dcbefa3c) ([merge request](gitlab-org/gitlab!143859))
- [Assign default security policy stage](gitlab-org/gitlab@03591fa30b5c95e47a855593465cb0ff47457a9e) ([merge request](gitlab-org/gitlab!145914)) **GitLab Enterprise Edition**
- [Improve environments dashboard](gitlab-org/gitlab@40d007dd394da43c5b901db2cb315a8e45773c05) ([merge request](gitlab-org/gitlab!146258)) **GitLab Enterprise Edition**
- [Update frontend versioning](gitlab-org/gitlab@d3176d6895dc2cc27ce7dbd82e0de698480e2a75) ([merge request](gitlab-org/gitlab!146479))
- [Decouple dark color mode from navigation themes](gitlab-org/gitlab@66f9b887e601d888602aabe211454958616ffeb2) ([merge request](gitlab-org/gitlab!141459))
- [Update UI text](gitlab-org/gitlab@d7311e818cceba40f4496d8db7ef73f51fbc2b6d) by @jrachelr1 ([merge request](gitlab-org/gitlab!146432))
- [Modified source of the current scope](gitlab-org/gitlab@5d3c0e4371d195f77bb5c6c9f2f6fd2c7b1c17c3) ([merge request](gitlab-org/gitlab!146338))
- [Align merge request sticky header with static header](gitlab-org/gitlab@ab1a618aedbdc2c5ca6a778d599df8a8710c4c57) ([merge request](gitlab-org/gitlab!146809))
- [Change column null for `traversal_ids` of the `vulnerability_reads`](gitlab-org/gitlab@932600ee31623be2fe86ca92a19a45c971f36d9b) ([merge request](gitlab-org/gitlab!146800))
- [Migrate sbom_components.name so to match PEP 503](gitlab-org/gitlab@78b9a6025f5a61d2488ad1234fd9a2f914bea824) ([merge request](gitlab-org/gitlab!145700))
- [File header: Use variable instead of magic number](gitlab-org/gitlab@6b0d3eeed0afb8a0c839fb099c10b59eb69c7620) ([merge request](gitlab-org/gitlab!145229))
- [apps/pipeline_details: Copy full commit id](gitlab-org/gitlab@8c3b60c2108da8f72fad2f56ac660a567f7301cf) ([merge request](gitlab-org/gitlab!146052))
- [User profile sidebar: Fix alignment of user details](gitlab-org/gitlab@8a6ae0886b6b5ed81258765373acb183a2f5a6a5) ([merge request](gitlab-org/gitlab!146747))
- [Expose policy_scope in security policy graphql API](gitlab-org/gitlab@b052611c1d1b8a627622c165ec4482baae72a058) ([merge request](gitlab-org/gitlab!146562)) **GitLab Enterprise Edition**
- [Update compare empty state](gitlab-org/gitlab@728033c0efc1527cd05ec49b0af38012fef097da) ([merge request](gitlab-org/gitlab!146525))
- [Rename variable to CI_SERVER_FQDN to match expected value](gitlab-org/gitlab@ed5eb77c8cb130e573e0ad96961f4a778cb7e8d9) ([merge request](gitlab-org/gitlab!146461))
- [Remove cached_conflicts_with_types feature flag](gitlab-org/gitlab@ba3b70e080869ecbb7df80553f5fc7b83fb6200f) ([merge request](gitlab-org/gitlab!146738))
- [Correctly style labels in filtered search](gitlab-org/gitlab@890398b954a1efb9df5d71f715b195bc90ddc932) ([merge request](gitlab-org/gitlab!143780))
- [Update docs to clarify framework removal](gitlab-org/gitlab@fc75ad770f7e9158fe6a16f95f17fc5eeb21db9d) ([merge request](gitlab-org/gitlab!146704)) **GitLab Enterprise Edition**
- [Projects: Improve archived visibility and message](gitlab-org/gitlab@b1050e939f0d671bdf52b9a6eaaee1841a007f1d) ([merge request](gitlab-org/gitlab!145277))
- [Removes database migrations up to 16-1-stable-ee](gitlab-org/gitlab@c9d9a3bb5c6f249075f63c7d4fbd3feed9df1ab6) ([merge request](gitlab-org/gitlab!144364))
- [Update service desk empty state illustration](gitlab-org/gitlab@f47c45dfbeb001518aef3cd5bcecb30959d58ece) ([merge request](gitlab-org/gitlab!146549))
- [Update surface alerts empty state illustration](gitlab-org/gitlab@f8873fccddf20b5e6844aac99d534b10a8e47026) ([merge request](gitlab-org/gitlab!146534))
- [Guided setup for Google Cloud IAM integration - 2](gitlab-org/gitlab@3773915b528f23e3081555c67b4b15841712ba24) ([merge request](gitlab-org/gitlab!145543)) **GitLab Enterprise Edition**
- [Only show epic lane header shadow when it overlaps](gitlab-org/gitlab@d473fee4fd5cc144181037a76a0cc7f0f1fd51d2) ([merge request](gitlab-org/gitlab!146421)) **GitLab Enterprise Edition**
- [Use new ScalarValidator for variables CI keyword](gitlab-org/gitlab@65684085897b3c3daf717d3155936ffce6a26c7b) ([merge request](gitlab-org/gitlab!146503))
- [Billing page does not scale with large font sizes](gitlab-org/gitlab@eb845e4ae2d5806a4be249b42df0393a6359c36d) ([merge request](gitlab-org/gitlab!146668)) **GitLab Enterprise Edition**
- [Removes testable method from EWM](gitlab-org/gitlab@40e558363e07e6b3bca5e9303f65a3edfcc278ce) ([merge request](gitlab-org/gitlab!146636))
- [Change todo re-add button icon and title](gitlab-org/gitlab@918f2933adc729d6737aee5bc0167a10b59b91a4) ([merge request](gitlab-org/gitlab!146254))
- [Update Terraform modules empty state illustration](gitlab-org/gitlab@848d69f63b4c59ae51a71e92ffed80955b75a1c2) ([merge request](gitlab-org/gitlab!146487))
- [Remove merge_request_diff_generated_subscription feature flag](gitlab-org/gitlab@d3f0486be4473cbe3f93b21ca4a35902c81fe6c8) ([merge request](gitlab-org/gitlab!146580))
- [This MR adds validation for policy scope](gitlab-org/gitlab@5989bdd2b2e951bdb0663fb5b78866118e04e982) ([merge request](gitlab-org/gitlab!145871)) **GitLab Enterprise Edition**
- [Keeps compliance frameworks for project transfers](gitlab-org/gitlab@657c47cd46bfc9f3c12f3d0a3a34f1e8ea0f6fcf) ([merge request](gitlab-org/gitlab!146533)) **GitLab Enterprise Edition**
- [Update incident empty state illustration](gitlab-org/gitlab@781b87bc22f484156b1847bafbff537d8e81607c) ([merge request](gitlab-org/gitlab!146537))
- [Consolidate all google cloud support feature flags into one](gitlab-org/gitlab@aeb368e8f67d68274cdda70177328ddff424ddb6) ([merge request](gitlab-org/gitlab!145918)) **GitLab Enterprise Edition**
- [Guided setup for Google Cloud IAM integration - 1](gitlab-org/gitlab@efc4b630c9b912dc9415758dcca769d5f8d7d85a) ([merge request](gitlab-org/gitlab!146028)) **GitLab Enterprise Edition**
- [Update to redis-client v0.21.0](gitlab-org/gitlab@fccd704cd2409e0cb21db495b4dcc865162401ef) ([merge request](gitlab-org/gitlab!146506))
- [Update profile empty state](gitlab-org/gitlab@b7e7e087f28bbca8441106e8b5678c74307d14c8) ([merge request](gitlab-org/gitlab!146490))
- [Update UI text replacing 'catalog resource' with 'catalog project'](gitlab-org/gitlab@289eedc11b43c1cfcc96cfc7a07a1a4d563e38cc) ([merge request](gitlab-org/gitlab!146077))
- [Add environments empty state illustration](gitlab-org/gitlab@05b2c427d55fae41bac374f431eb308a4a1e3300) ([merge request](gitlab-org/gitlab!146323))
- [Swap columns auto_canceled_by for p_ci_builds](gitlab-org/gitlab@51a6865cd17c6bd49354426aab768e511a7b3d4b) ([merge request](gitlab-org/gitlab!144845))
- [Remove sort direction sync between columns on vulnerability report](gitlab-org/gitlab@ce614adbb30fc8c64fc1e8d7528d62ec981ead85) ([merge request](gitlab-org/gitlab!146466)) **GitLab Enterprise Edition**
- [Update dependency auto-deploy-image to v2.86.0](gitlab-org/gitlab@9089b269766ccfab11ef50cccef2e21984d3449b) ([merge request](gitlab-org/gitlab!146362))
- [Remove "ref_extract_sha256" feature flag](gitlab-org/gitlab@7e5ae6d6dac929cc94e4bb9df65c0285fe72456d) ([merge request](gitlab-org/gitlab!146355))
- [Backfill traversal_ids and archived to sbom_occurrences](gitlab-org/gitlab@6a422c6e02e16f3b8b6be544e07eb81ada7fe2d1) ([merge request](gitlab-org/gitlab!144802))
- [Update copy for trials/duo_pro/new](gitlab-org/gitlab@1fb2a8d3189d9c7b097a9684d14563fd46807220) ([merge request](gitlab-org/gitlab!145810)) **GitLab Enterprise Edition**
- [Add a link to the starrer's page on project stars in the CI/CD catalog](gitlab-org/gitlab@215ba918fad59d989c47b1cb4ca93e1796498b0c) by @antonkalmykov ([merge request](gitlab-org/gitlab!144781))
- [Expands adherence report group by dropdown](gitlab-org/gitlab@1e6a819972e5365c86f966bc01934d8f7302d350) ([merge request](gitlab-org/gitlab!144688)) **GitLab Enterprise Edition**
- [Update docs for security_approval_policies_limit application setting](gitlab-org/gitlab@247ef6ea819213983ad910d80cc443d7ef51c84f) ([merge request](gitlab-org/gitlab!146178))
- [Add safe rel attribute on links with target "_blank"](gitlab-org/gitlab@2e8037f5198072593a7c61148c8bc74b61c36cc7) ([merge request](gitlab-org/gitlab!145516))
- [Update MR sidebar reviewer status icons](gitlab-org/gitlab@de50202ed1aecc822791a6162f616bc00f303447) ([merge request](gitlab-org/gitlab!146237))
- [Expose policy_scope in policy graphql API](gitlab-org/gitlab@09e869ff19d792dbc8c4603e39af8a5b21e1a601) ([merge request](gitlab-org/gitlab!142248)) **GitLab Enterprise Edition**
- [Rename Google Artifact Registry integration](gitlab-org/gitlab@b5f665e86a79625852f29a2c66752cf2f7ff649e) ([merge request](gitlab-org/gitlab!145529)) **GitLab Enterprise Edition**
- [AI docs: explicitly mention use of HTTPS](gitlab-org/gitlab@006fe0e80023f3d354fa93865300a46484c44902) ([merge request](gitlab-org/gitlab!146194))
- [Default enable FF include_manual_to_pipeline_completion](gitlab-org/gitlab@b6d9b3e1626f5e8a27e674fb14f5ee1cc79f5e17) ([merge request](gitlab-org/gitlab!146100)) **GitLab Enterprise Edition**
- [Add image size recommendation to avatar settings](gitlab-org/gitlab@fd98b5647d244bb9ab0f8f81b486b137088a83f8) ([merge request](gitlab-org/gitlab!145418))
- [Allow adding an Organization to an User Namespace](gitlab-org/gitlab@65e4d11e147c09a70565993a1062cde1cfe23742) ([merge request](gitlab-org/gitlab!144049))
- [Allow /help to accept either page title in front matter or in Markdown](gitlab-org/gitlab@b13518baf1f74865bd811e9107d2dc0a7b55214e) ([merge request](gitlab-org/gitlab!145627))
- [Update scaler and overlay color on design detail](gitlab-org/gitlab@fc77cced42e59de58e4b29d753b0e4528d95e669) ([merge request](gitlab-org/gitlab!145153))
- [Link fast-forward Merge Requests to deployment](gitlab-org/gitlab@979a7f19da5834d6272bc2c94030ad37503c0a7f) ([merge request](gitlab-org/gitlab!145211))
- [Mark vulnerabilitiesRemoveAllFromProject mutation as stable](gitlab-org/gitlab@cd06c9a442a8340c4e4428381902fa75fed9ed0e) ([merge request](gitlab-org/gitlab!146125)) **GitLab Enterprise Edition**
- [Replace geo-replication-empty illustration](gitlab-org/gitlab@6e850f35e39c3547ab1528c0b0a40d2df75198a0) ([merge request](gitlab-org/gitlab!144665)) **GitLab Enterprise Edition**
- [This MR adds new properties for toggle_list](gitlab-org/gitlab@7f06af55b260c17627fe9794d5c77ac641caeccc) ([merge request](gitlab-org/gitlab!145548)) **GitLab Enterprise Edition**
- [Improve Google Cloud IAM integration UI text](gitlab-org/gitlab@2fdc58840c714e637caa4970871018799d1f7035) ([merge request](gitlab-org/gitlab!145535)) **GitLab Enterprise Edition**
- [Rollout zoekt_cache_search_responses feature](gitlab-org/gitlab@49d4a9163ba4a9e2b65ddfefc61c100532ce61b0) ([merge request](gitlab-org/gitlab!146085)) **GitLab Enterprise Edition**
- [This MR select all reset option](gitlab-org/gitlab@ade7828071bbd7f879a0948b6704f880b5215d5b) ([merge request](gitlab-org/gitlab!145874)) **GitLab Enterprise Edition**
- [Render project name with namespace in runner usage](gitlab-org/gitlab@8673d2b3d39c8de524920d18c548610f6775e5e7) ([merge request](gitlab-org/gitlab!145151)) **GitLab Enterprise Edition**
- [Design management - Move issue title](gitlab-org/gitlab@df0fec3009f0d89d0ff9cbb78e203936aa9ab02f) ([merge request](gitlab-org/gitlab!145878))
- [Change security pipeline execution policy stages strategy](gitlab-org/gitlab@8ac1d6f071f520f4329d76d9e6ee0e437d760cae) ([merge request](gitlab-org/gitlab!145136)) **GitLab Enterprise Edition**
- [Cleanup update_vuln_reads_traversal_ids_via_event FF](gitlab-org/gitlab@b073ad51ccb9470c4225457477f2279faa9c81cd) ([merge request](gitlab-org/gitlab!145430)) **GitLab Enterprise Edition**
- [Emphasize integration reset button](gitlab-org/gitlab@761185ebac73dceae5cc69c7f479e883a4f002c7) ([merge request](gitlab-org/gitlab!146045))
- [Activity feed: Make content better searchable](gitlab-org/gitlab@e408f410c069049f33bbe49255e295e858aeb4c6) ([merge request](gitlab-org/gitlab!145540))
- [Remove outdated illustrations](gitlab-org/gitlab@8b0acb8f862d8f13411bba5c26da7e32e72ceec8) ([merge request](gitlab-org/gitlab!146043))
- [Pipeline MiniGraph dropdown: Keep open when modifier is pressed](gitlab-org/gitlab@8920145ad81a08adc2a9693fdaec3d59643cedd4) ([merge request](gitlab-org/gitlab!146030))
- [Project/Group overview: Add settings link to kebab menu](gitlab-org/gitlab@57ebda215bbf27f2360a1b3a103cf38886bc969e) ([merge request](gitlab-org/gitlab!145239))
- [Add optional project labels to keep-around ref metrics](gitlab-org/gitlab@f54ae894c9f778a5a448312c49fe49b860d73ac9) ([merge request](gitlab-org/gitlab!145988))
- [Add option to keep shared groups when filtered by parent](gitlab-org/gitlab@d8e65143b0e464cfc0aa1a1d7c51250f331e48bc) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/141462)) **GitLab Enterprise Edition**
- [Use pluralized string for Job/Jobs count label on jobs/pipelines page](gitlab-org/gitlab@46bce5fdcbda80cbd8c028a8e966de4152f848b5) by @antonkalmykov ([merge request](gitlab-org/gitlab!145731))
- [Make the date format consistently across the CI/CD Catalog](gitlab org/gitlab@a6db118290802a2b0471362820ddd3a391668d57) by @antonkalmykov ([merge request](gitlab-org/gitlab!145729))
- [Redact SAMLResponse from logs](gitlab-org/gitlab@ec6757d64db8567ea0d486816067f62e489e8f7d) ([merge request](gitlab-org/gitlab!144732))
- [Darken light blue and green theme for contrast](gitlab-org/gitlab@cff5ca48903b919af5cbca744a4e25517e962617) ([merge request](gitlab-org/gitlab!145815))
- [Add illustration to Value Stream Analytics empty state](gitlab-org/gitlab@0225ddc22fd59537de8552bc354df8a622ad2722) ([merge request](gitlab-org/gitlab!145868))
- [Upgraded Web IDE to 0.0.1-dev-20240226152102](gitlab-org/gitlab@dac076d55d4c3e488080ef88deefd5cc12238d6d) ([merge request](gitlab-org/gitlab!145900))
- [Added namespace actor to PA billing feature flag](gitlab-org/gitlab@63b15bdab9aab6c041161adaf7fce4cc02942d52) ([merge request](gitlab-org/gitlab!145116)) **GitLab Enterprise Edition**
- [Update design management discussion as per new UX](gitlab-org/gitlab@b8ca254afd0ec5d357aecfdb894bf647c9c18d34) ([merge request](gitlab-org/gitlab!145011))
- [Add color_mode_id column to users table](gitlab-org/gitlab@2ff7f2616984e455fd00fa0e5d1f572874b7b77c) ([merge request](gitlab-org/gitlab!142772))
- [Allow /help to accept either index.md or _index.md as a docs index page](gitlab-org/gitlab@1be8d7c707febb07987558fce7e21efbcebf3c81) ([merge request](gitlab-org/gitlab!144419))
- [Update regex for normalize_pypi to align with](gitlab-org/gitlab@b191ad6ccf65e9756d646a301618b4c287c777f6) ([merge request](gitlab-org/gitlab!145393))
- [Cleanup free_user_cap_over_limit_email FF](gitlab-org/gitlab@6273551f112a258787c580fc6c39f9efd96b2fbe) ([merge request](gitlab-org/gitlab!145707)) **GitLab Enterprise Edition**
- [Add prefix to Operations::FeatureFlagsClient#token](gitlab-org/gitlab@0ef1fadd62b116373874995a179bdc1802f1cf00) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144703))
- [Use skeleton loader for artifacts loading state](gitlab-org/gitlab@02b44144c0dc937aff74649c3e8c4ceaab1a6fcd) ([merge request](gitlab-org/gitlab!143218))
- [Additional cleanup for external usernames on oAuth and LDAP sign up](gitlab-org/gitlab@fdba060146a5952726d02d036eca8581ba6b022e) ([merge request](gitlab-org/gitlab!145038))
- [Design management - Move todo button](gitlab-org/gitlab@26a73723334f87e2fbe2035fb1109dad41fa446e) ([merge request](gitlab-org/gitlab!145736))
- [Update Cloud Connector architecture blueprint](gitlab-org/gitlab@95a9b949b67aaadaca04868a52555b73631b8cf8) ([merge request](gitlab-org/gitlab!145220))
- [Replace manual and failed pipeline illustrations](gitlab-org/gitlab@3bad95bb777af89f264056ade339033669125225) ([merge request](gitlab-org/gitlab!145650)) **GitLab Enterprise Edition**
- [Enable continuous container scanning by default](gitlab-org/gitlab@f85b3bd21829762f56d404ef9fdab7670e9554dd) ([merge request](gitlab-org/gitlab!145723)) **GitLab Enterprise Edition**
- [Default enable FF search_index_all_projects](gitlab-org/gitlab@9172ba05d3613e967a468d4956a4298c182bdb69) ([merge request](gitlab-org/gitlab!145300)) **GitLab Enterprise Edition**
- [Replace milestone promotion banner with alert](gitlab-org/gitlab@c323a81ed4440b319b965ee2dfda30dc49e3c735) ([merge request](gitlab-org/gitlab!138597))
- [Update Rails to 7.0.8.1](gitlab-org/gitlab@92c0c5192703bbfa5ebdf36e6c9853d9268061f4) ([merge request](gitlab-org/gitlab!145667))
- [Update GITLAB_PAGES_VERSION](gitlab-org/gitlab@8bf8b553560e18925368a152322eb6a652a720fa) ([merge request](gitlab-org/gitlab!145634))
- [Update version outdated text](gitlab-org/gitlab@5cc715a24c1aba10c53d1db07f4bdbf5ae3cdc2a) ([merge request](gitlab-org/gitlab!145445))
- [Add approval group rule get endpoint](gitlab-org/gitlab@85492b1c18760a01bb15e94dc8b7096b3efab99b) ([merge request](gitlab-org/gitlab!144170)) **GitLab Enterprise Edition**
- [Reword Project.services field deprecation](gitlab-org/gitlab@13cb32e1248fec2221e9b36163b8ccbb7d4d0dec) ([merge request](gitlab-org/gitlab!145615))
- [Beautify groups](gitlab-org/gitlab@4019e3877369357157babc316f03e64290e25768) ([merge request](gitlab-org/gitlab!144921))
- [Use helpPagePath to Render terraform module registry links](gitlab-org/gitlab@4773c0f603cb93eb174be4fa1bbd3e698968ee03) by @jzeng88 ([merge request](gitlab-org/gitlab!145055))
- [Remove $white color to improve dark mode](gitlab-org/gitlab@b49bdefbcf5108f116d800bc34be4c170ccbc9ec) ([merge request](gitlab-org/gitlab!145590))
- [Update dependency auto-deploy-image to v2.85.0](gitlab-org/gitlab@834c41c7014781adfe7df55b3bd1ae1d50471f52) ([merge request](gitlab-org/gitlab!145557))
- [Remove backtrace silencer for app dir](gitlab-org/gitlab@9c6c0e73615151400634b5736edc0ac22783d007) ([merge request](gitlab-org/gitlab!145084))
- [Open Deployments tab when no K8s integration set for Environment](gitlab-org/gitlab@7b7cfa054db6acfbb187285a04720b1d7495e881) ([merge request](gitlab-org/gitlab!145287))
- [Enable custom_webhook_template by default](gitlab-org/gitlab@40d60e40802723553aad8c11ad01d7d1c5866014) by @Taucher2003 ([merge request](gitlab-org/gitlab!145514))
- [Profile page: Increase spacing after profile avatar](gitlab-org/gitlab@2528c9a773e7950e8d099cff1dd09e9125cdca03) ([merge request](gitlab-org/gitlab!145487))
- [Clean up successful free_trial_registration_redesign experiment](gitlab-org/gitlab@578e07da6d39d24e6af01fd3a9ef144e62e1b721) ([merge request](gitlab-org/gitlab!145235)) **GitLab Enterprise Edition**
- [Remove feature flag and update docs](gitlab-org/gitlab@1bf2cb1e157a8d45a3cd699ebd24970e64de1704) ([merge request](gitlab-org/gitlab!145366))
- [Add ability to unsubscribe from design management notifications](gitlab-org/gitlab@bb1596a3594d06ff28345bb21122274c89afb9a0) ([merge request](gitlab-org/gitlab!144247))
- [Make sign in tabs fully Pajamas compliant](gitlab-org/gitlab@e7e211edc7a9baf0067d25b6719cc24379e9588b) ([merge request](gitlab-org/gitlab!145238))
- [Remove Gitlab.com check for ContainerRepository#size](gitlab-org/gitlab@b6659019f631d443da33907a2d6910174fbb8b5a) ([merge request](gitlab-org/gitlab!144917))
- [Add Search::Zoekt::Task](gitlab-org/gitlab@9e53a29fe3878b86a826493e7e32fb32b889df04) ([merge request](gitlab-org/gitlab!143063))
- [This MR extend compliance framework list](gitlab-org/gitlab@7d458862e69543ddd175c9541ac4fd25280c3bc9) ([merge request](gitlab-org/gitlab!145051)) **GitLab Enterprise Edition**
- [GCP WLIF script improvements](gitlab-org/gitlab@562e2bcaf6234a20e0de1196497abe7f11d44ad9) ([merge request](gitlab-org/gitlab!144818)) **GitLab Enterprise Edition**
- [Show more specific error messages](gitlab-org/gitlab@80fa7fe57c2e8021a2970f0077df27711e54fbf6) ([merge request](gitlab-org/gitlab!145140))
- [Add logos to JetBrains integrations](gitlab-org/gitlab@1f32dccc4cc2f9f84391ff902050a3d6d0e4164d) ([merge request](gitlab-org/gitlab!145149))
- [Update default bot comment text when approvals required](gitlab-org/gitlab@3aec41edf9d4de5c306254dc602ad1fa8ac00e2d) ([merge request](gitlab-org/gitlab!143717)) **GitLab Enterprise Edition**
- [Clean up encoding_logs_tree FF](gitlab-org/gitlab@dafd046609ee79dac9531ddf0b73f002da8e28a8) ([merge request](gitlab-org/gitlab!145242))
- [Update column title](gitlab-org/gitlab@410d00f738fa70a525e79486cc4d8dd59b5e7199) ([merge request](gitlab-org/gitlab!145079))
- [Renaming column type to category for external audit event destinations](gitlab-org/gitlab@1fc1ae33e39862feeb6c7f01489b863f874a5f87) ([merge request](gitlab-org/gitlab!144994)) **GitLab Enterprise Edition**
- [Add additional analytics dashboard user events](gitlab-org/gitlab@4d33a2150ead4078cdab85a6094483e47f4db41e) ([merge request](gitlab-org/gitlab!144850)) **GitLab Enterprise Edition**
- [Moves full stop out of "Learn More" link](gitlab-org/gitlab@cfd3fce24eadce307bc880020ef315e643f0e302) by @r2abreu ([merge request](gitlab-org/gitlab!145192))
- [Replace cluster_popover illustration](gitlab-org/gitlab@68fdc2a29ec09b6faa15d3238fa8eecfd242b852) ([merge request](gitlab-org/gitlab!145185))
- [Declare service_access_tokens table clusterwide](gitlab-org/gitlab@97aaf7ac774249a34f29c8e58637bd8303a35383) ([merge request](gitlab-org/gitlab!145157))
- [Fix emoji picker](gitlab-org/gitlab@d1faa6d12980f407d5d72eadb2de86e244f52b18) ([merge request](gitlab-org/gitlab!144977))
- [Design management - Update layout of image preview](gitlab-org/gitlab@675403ae0874b08a0af73302d292d04ad81d90b5) ([merge request](gitlab-org/gitlab!144550))
- [Update branch rules via global id](gitlab-org/gitlab@a730a2af6201b7757f66101a50fa3cdf53cfbcd7) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144632)) **GitLab Enterprise Edition**
- [Fix pull lfs files issue](gitlab-org/gitlab@f913a7709d370f68fb2681958b5f81f73c1947b0) by @chaomao ([merge request](gitlab-org/gitlab!145114)) **GitLab Enterprise Edition**
- [Use entity full_path for page title / breadcrumbs](gitlab-org/gitlab@90a8358de64ed3091a0cb93898c7a11909528796) ([merge request](gitlab-org/gitlab!145112))
- [Clarified work items FF naming](gitlab-org/gitlab@81c20d2c9d2276f4ac8a8edfed6dce9799a4f12d) ([merge request](gitlab-org/gitlab!144141))
- [Epic boards - Display Ancestors in sidebar when subepics are allowed](gitlab-org/gitlab@a99ae25fc7522b34373d826fc2241d1be995e7a3) ([merge request](gitlab-org/gitlab!145092)) **GitLab Enterprise Edition**
- [Backfill non-instance admins into the organization users table](gitlab-org/gitlab@f784aa8c573f918c3e9249540a2577c0f007653c) ([merge request](gitlab-org/gitlab!144674))
- [Switch repository backups to use manifests only](gitlab-org/gitlab@81871c9a1451cce33eb2e078c57d8bc7618502c7) ([merge request](gitlab-org/gitlab!144677))
- [Remove the Kubernetes overview section from the Environments page](gitlab-org/gitlab@c4c98e8e0d3696574978b09ab62fec770c480ee7) ([merge request](gitlab-org/gitlab!144799))
- [Implement BranchRules::UpdateService](gitlab-org/gitlab@d4289fcb5e12358c9f3f5969031d6dd655f70fec) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144630))
- [Change route for /details to /failures with id](gitlab-org/gitlab@627d9b00ad48264b42b935698a8aa3e7ceccfce6) ([merge request](gitlab-org/gitlab!143904))
- [Add form validation for cube query generation input](gitlab-org/gitlab@6bd72dc87ef319444bc31429a14f5a5c8e1c4b81) ([merge request](gitlab-org/gitlab!144146)) **GitLab Enterprise Edition**
- [Update repositories analytics empty states](gitlab-org/gitlab@61fe290457749aa35d4afcd3d2149386b38aff0a) ([merge request](gitlab-org/gitlab!144794)) **GitLab Enterprise Edition**
- [Expand sidekiq queue_groups to default](gitlab-org/gitlab@658da0610c5b22b84f89452aec0441dc77819782) ([merge request](gitlab-org/gitlab!142577))
- [Change `vulnerabilities.finding_id` column to NOT NULL](gitlab-org/gitlab@34772c2ca6742c08b059bb93b9367d3a8c195695) ([merge request](gitlab-org/gitlab!140989)) **GitLab Enterprise Edition**
- [Pipeline MiniGraph: Migrate dropdown to GlDisclosureDropdown](gitlab-org/gitlab@677bf84e6da0b3c6044bcaac0d849fbe21b85d17) ([merge request](gitlab-org/gitlab!144606))
- [Changed Terraform Modules history wording](gitlab-org/gitlab@d333bad70a2fa12fabf667c833ff0c7c94f4d00d) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144945))
- [Fix bitbucket spread cal job](gitlab-org/gitlab@aeb47d1fb039c758ba36ffe4d0a2f93b1a149076) by @imskr ([merge request](gitlab-org/gitlab!143815))
- [Update dependency auto-deploy-image to v2.83.0](gitlab-org/gitlab@a0959e69590f3d7e507943f58cc48caa58c00058) ([merge request](gitlab-org/gitlab!144826))
- [Refactor compliance frameworks export backend](gitlab-org/gitlab@d08f0385ab3700c3a7db80664e7fd791bf9522c0) ([merge request](gitlab-org/gitlab!144915)) **GitLab Enterprise Edition**
- [Fix blurry avatar in profile](gitlab-org/gitlab@3c2337946dcbac75603a9475f899e072b23e4dbd) ([merge request](gitlab-org/gitlab!144448))
- [Clean up promote_ultimate_features experiment](gitlab-org/gitlab@872f590928af5451e6902a71d334b8c2b4a5bd4a) ([merge request](gitlab-org/gitlab!144513)) **GitLab Enterprise Edition**
- [Now allowing expired trials to see Trial Discover Page](gitlab-org/gitlab@fb0118da47716650afdc5d0dfce06a7987c4a3e8) ([merge request](gitlab-org/gitlab!144904)) **GitLab Enterprise Edition**
- [Route projects by root namespace id](gitlab-org/gitlab@6583846f71e2d30434058c0cf7bb1ec84f68ea08) ([merge request](gitlab-org/gitlab!143212)) **GitLab Enterprise Edition**
- [Open "Create Slack app" link in new tab](gitlab-org/gitlab@9cf51675f38552e621e6432fdf37f8768e7e41fe) ([merge request](gitlab-org/gitlab!144885))
- [api/runners: Expose `maintenance_note` in details and editing](gitlab-org/gitlab@7b1af91226ba2ce3f6db523f3fcc0254592b32e1) ([merge request](gitlab-org/gitlab!144482))
- [Code dropdown: Migrate to GlDisclosureDropdown](gitlab-org/gitlab@9ab2803420becc67589be5979439e6aaa469bf80) ([merge request](gitlab-org/gitlab!143324))
- [User profile: Show 7 achievements instead of 3](gitlab-org/gitlab@653d2949f79e40d77908a57b669a3ce67272e1cd) ([merge request](gitlab-org/gitlab!144453))
- [Reorders work item sidebar widgets](gitlab-org/gitlab@040e80bce5db879fca047e64d87125c1afd041ba) ([merge request](gitlab-org/gitlab!143707))
- [Adjust environment and sync status badges on environments page](gitlab-org/gitlab@2cda9c5802a9d3787c553f0d82ebe2dcf55c3c8d) by @antonkalmykov ([merge request](gitlab-org/gitlab!144486))
- [Use color for protected/default branches/tags (#439551)](gitlab-org/gitlab@9db61fa943bb55622860f78e25b7a0253425e45c) by @abh80 ([merge request](gitlab-org/gitlab!143398))
- [Use createdAt instead of releasedAt](gitlab-org/gitlab@cea397f6460ea5acd8369db9d3b8c27f6039d1a4) ([merge request](gitlab-org/gitlab!144789))
- [Update cube query generation UI](gitlab-org/gitlab@969ea9d1c16df9993158cd99f44477fe777d79c4) ([merge request](gitlab-org/gitlab!144148)) **GitLab Enterprise Edition**
- [Update sha method depending of release presence](gitlab-org/gitlab@7c3a7cdb23417751176cef593d7dd6d955558e69) ([merge request](gitlab-org/gitlab!144175))
- [Fixing rubocop exceptions in tests](gitlab-org/gitlab@3695ddb1f7399d32d919c2ca9508787905c5d388) ([merge request](gitlab-org/gitlab!144589))
- [Rename "Runner" header to "Runner configuration"](gitlab-org/gitlab@1a26aaa3f15259890741215076e3ce7dc8a36291) ([merge request](gitlab-org/gitlab!144216))
- [workhorse: Downgrade incomplete multipart uploads to 400 errors](gitlab-org/gitlab@f85f72255c9bd8d9d3f63a1aa3f2ceae495d0546) ([merge request](gitlab-org/gitlab!144710))
- [Remove redundant "runner statuses" popover in the runners list](gitlab-org/gitlab@7ef740fca0b92292b062bc9922a581b8df7a5d98) ([merge request](gitlab-org/gitlab!144343))
- [Sort personal projects on profile page by last_activity_at](gitlab-org/gitlab@eea414d5709cb8d25bc94ab80c96892ce9596ed6) ([merge request](gitlab-org/gitlab!144309))
- [Unify collapse\expand all unresolved threads action](gitlab-org/gitlab@04143ecfedde8b70727874f1e5175650df527616) ([merge request](gitlab-org/gitlab!136034))
- [Improve environments dashboard](gitlab-org/gitlab@3fb0db611b5faa615565d5cd9a839a33fac06a88) ([merge request](gitlab-org/gitlab!142747))
- [Enable `group_level_dependencies_filtering` by default](gitlab-org/gitlab@0b43ebd13a7afc20b94b546e14e8e05fd10de0b0) ([merge request](gitlab-org/gitlab!144668)) **GitLab Enterprise Edition**
- [Abbreviate long numbers in groups/projects list](gitlab-org/gitlab@8f5bdcbf015eb459418e341a56a27a4e892be1cf) ([merge request](gitlab-org/gitlab!144074))
- [Remove namespace validation for policy_scope](gitlab-org/gitlab@e29824a6b9a36a93f5ed0b8b2364a5671548292f) ([merge request](gitlab-org/gitlab!144491)) **GitLab Enterprise Edition**
- [Allow only top level groups for ApprovalGroupRules](gitlab-org/gitlab@e7928dc11522850791e753ca152ffe8255c29581) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144438)) **GitLab Enterprise Edition**
- [Dashboard: Use SingleStatComponent](gitlab-org/gitlab@ea8bcef820ac357c3766399ff076ed8a0e9af0d3) ([merge request](gitlab-org/gitlab!144447)) **GitLab Enterprise Edition**
- [Update redis-client to v0.20.0](gitlab-org/gitlab@099eb093032b3bfc1b8a59eb5eef0df2156e7bca) ([merge request](gitlab-org/gitlab!144620))
- [Use less ambiguous parameter names in CI lint API](gitlab-org/gitlab@043bc732c46c9453b52913fc2a824ede7e6aaf4e) ([merge request](gitlab-org/gitlab!143098))
- [Use Duo Chat for explain code feature](gitlab-org/gitlab@fe321c6b1c7c772f3f9079b6eedc51e6626c1afb) ([merge request](gitlab-org/gitlab!143217)) **GitLab Enterprise Edition**
- [Add tabs to Environment details page](gitlab-org/gitlab@6c021229c55cdf45c7787a59b139760e94a1397c) ([merge request](gitlab-org/gitlab!143865))
- [Truncate long dashboard descriptions on list page](gitlab-org/gitlab@8e4729ce031acfb431b039df5f84e720407a3155) ([merge request](gitlab-org/gitlab!144274)) **GitLab Enterprise Edition**
- [Populate topics slug column from name column](gitlab-org/gitlab@188e2c64cc2e4e4cc411783da74f64d70bfb7ce7) by @zzaakiirr ([merge request](gitlab-org/gitlab!141715))
- [Update layout and styling of billing/plan_component](gitlab-org/gitlab@7e3be144f84dfca7d2480a8faf2b174402d28902) ([merge request](gitlab-org/gitlab!142939)) **GitLab Enterprise Edition**
- [Update milestone banner illustration](gitlab-org/gitlab@b30970c3e092985a04bd66969fd16667dab25c1b) ([merge request](gitlab-org/gitlab!144044)) **GitLab Enterprise Edition**
- [Update alert settings tests](gitlab-org/gitlab@4dcfd3d40db22f6b416ee7d934eb181fd4085f35) ([merge request](gitlab-org/gitlab!144547))
- [Move color widget update to a callback](gitlab-org/gitlab@fb7759bfb3d57adf248e8c58a6446727c72b8b34) ([merge request](gitlab-org/gitlab!142335)) **GitLab Enterprise Edition**
- [Only allow group approval rules to be created by group admins](gitlab-org/gitlab@41196db8017bfc191ae11fdfd1b0eed2eeb78428) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144452)) **GitLab Enterprise Edition**
- [MR approval widget: Fix alignment](gitlab-org/gitlab@eb905a344ea9e7db5fce3d48756739bc2801a148) ([merge request](gitlab-org/gitlab!144465))
- [MR ready message: Fix alignments](gitlab-org/gitlab@ae428ea4f4c01475082013914b506a359a2a1b2f) ([merge request](gitlab-org/gitlab!144462))
- [Update UI text with purchasing instructions](gitlab-org/gitlab@f8a14f17473f072b95e7a5b49ae06b99505e8318) ([merge request](gitlab-org/gitlab!144275)) **GitLab Enterprise Edition**
- [Migrate todos empty state component](gitlab-org/gitlab@1f0909949255acc5404ee3d0c2a139d31ca70e90) ([merge request](gitlab-org/gitlab!144083))
- [Migrate applications empty state component](gitlab-org/gitlab@bf351b1f3a0d9585e2d8ab763b3f51a67f2318cc) ([merge request](gitlab-org/gitlab!144069))
Removed (24 changes):
- [Remove auto fix worker with migration](gitlab-org/gitlab@ed2b69bdf691791ef760b63889adf832bd609025) ([merge request](gitlab-org/gitlab!147051))
- [Remove issues_completed_analytics_feature_flag FF](gitlab-org/gitlab@d8e43c2d9945088cbb3392f1cf6765dfafd75569) ([merge request](gitlab-org/gitlab!146766))
- [Remove unused EOA bronze banner code and feature flag](gitlab-org/gitlab@0706b210dbac418f5243b7003d51b4d4c674c7e2) ([merge request](gitlab-org/gitlab!146309))
- [Remove use_primary_for_update_computations FF](gitlab-org/gitlab@c5b800f6712e0427e54a84542ad51024a94f96c1) ([merge request](gitlab-org/gitlab!146287))
- [Remove ci_catalog_components_tab](gitlab-org/gitlab@094eff85500582bd06f300ed0010542b93e13366) ([merge request](gitlab-org/gitlab!146224))
- [Remove obsolete logic behind a feature flag](gitlab-org/gitlab@91941eb9bae3996aad91b019b4f54a1101b7fc9a) ([merge request](gitlab-org/gitlab!146188))
- [Drop `third_party_ai_features_enabled` column](gitlab-org/gitlab@6622480255721cf65cc381fbb8c1a219f1138817) ([merge request](gitlab-org/gitlab!145210))
- [Remove delayed project/group columns](gitlab-org/gitlab@d8fcdb1c1e58f15ca522ceb7f6fda91dade2676c) by @imskr ([merge request](gitlab-org/gitlab!144347))
- [Geo DB migrations to remove force_to_redownload column from 5 tables](gitlab-org/gitlab@e35e9f05db2e24e3607aafa2affafb70072061f3) ([merge request](gitlab-org/gitlab!144824)) **GitLab Enterprise Edition**
- [Drop temporary index on vulnerabilities table](gitlab-org/gitlab@35a3978a5664f26ae22b4707f4ffcd3c9bc3f8c6) ([merge request](gitlab-org/gitlab!143338))
- [Drop project_repository_states table](gitlab-org/gitlab@f36ef30b0a65efc88a2157612e89df587e4bcb36) ([merge request](gitlab-org/gitlab!145195))
- [Remove build hooks worker and associated code](gitlab-org/gitlab@543286bcf0a5f48a8576ecd6900f8a3735583337) by @Varedis ([merge request](gitlab-org/gitlab!144965))
- [Remove old finding modal from MR security widget](gitlab-org/gitlab@889c831d5400dc9a24dc3d8d89a4a8d34aa678d4) ([merge request](gitlab-org/gitlab!144341)) **GitLab Enterprise Edition**
- [Remove deprecated /code_suggestions/tokens endpoint](gitlab-org/gitlab@2e6e1b2a4b094678605556ec5d2a75108ca087ce) ([merge request](gitlab-org/gitlab!145052)) **GitLab Enterprise Edition**
- [Remove the user_interacted_projects table](gitlab-org/gitlab@8a280cc82aac0bc2e1db8880afe78a6b2ee7b51e) by @missy-davies ([merge request](gitlab-org/gitlab!139630))
- [Remove license_compliance_widget_category feature flag](gitlab-org/gitlab@7f9371979d149406a9fa1c0926101de11b6a1730) ([merge request](gitlab-org/gitlab!144989))
- [Remove upload_ready from pages deployment](gitlab-org/gitlab@b377d57acc7546240614be2b49b850bd2914ca31) by @imskr ([merge request](gitlab-org/gitlab!144962))
- [Removing feature flag audit_events_streaming_namespace_filter](gitlab-org/gitlab@5771e1e6a0567a33f03024c0c650a9fd35349388) ([merge request](gitlab-org/gitlab!144043)) **GitLab Enterprise Edition**
- [refactor: Drop col 'package_name_pattern_ilike_query' Part 2](gitlab-org/gitlab@3ba3e9b1ad96291295e0f88e42fc5973682ba6ae) by @gerardo-navarro ([merge request](gitlab-org/gitlab!142303))
- [Remove deprecated BulkImports::StuckImportWorker](gitlab-org/gitlab@122b73c8668fed51502fd3fef0629d69186709d3) ([merge request](gitlab-org/gitlab!143806))
- [Drop product_analytics_events_experimental table](gitlab-org/gitlab@93093d2bf1f30059421fe181b54e1d06c7ead8f4) ([merge request](gitlab-org/gitlab!144626))
- [Remove ci_guard_for_catalog_resources ff](gitlab-org/gitlab@c78d549c9134e3ad881b9a1b188f0ed7f58ee155) ([merge request](gitlab-org/gitlab!144583))
- [Delete the usage_data_api feature flag](gitlab-org/gitlab@b9376c3aa14676463d0d82c3807ade22b966f7bb) ([merge request](gitlab-org/gitlab!143973))
- [Clean up SafelyChangeColumnDefault for CI models](gitlab-org/gitlab@f8c38e13fb26516855a3efc35de195e55962af11) by @imskr ([merge request](gitlab-org/gitlab!143058))
Security (15 changes):
- [Filter SAML saml_response](gitlab-org/gitlab@010d0a2266d27c6a53ccbbb008fb8fd9bba6f95b) ([merge request](gitlab-org/gitlab!146454))
- [Add client-side detection for GitLab tokens](gitlab-org/gitlab@74f56ea7291084db2cb54dd0335adfbdbac5c749) ([merge request](gitlab-org/gitlab!146757))
- [Reset approvals when reopening a MR](gitlab-org/gitlab@8ba5fe64e3d3b62fc8acbecbd2dd99df5694a8c7)
- [Restrict group token rotation for custom roles](gitlab-org/gitlab@18abfbc075083ec0921d47056c185f01478eaf0c)
- [Update rack to v2.2.8.1](gitlab-org/gitlab@4df84ee731b04079ccad24fb8327e0107abcb0eb) ([merge request](gitlab-org/gitlab!145473))
- [Ensure LDAP user cannot sign in with password](gitlab-org/gitlab@98fd29b8beb2d72adbb194f424eddbdd591a7e8d)
- [Invalidate markdown cache to clear up stored XSS](gitlab-org/gitlab@adec203de57cd370ee9985607919a3e48bc808d1)
- [Ensure LDAP users cannot reset local password to bypass LDAP](gitlab-org/gitlab@7a15c7669cbb8dc6bbd83ea0440b83fc9c8c7ca4)
- [Add a limit to CodeOwners reference extractor regex](gitlab-org/gitlab@17b51afe3c586b73d3933d93352ac722db6c2510)
- [Adds authorization for analytics settings](gitlab-org/gitlab@eaff749ab0ff501f1eae69ef7f3d5a141c02924c)
- [Fix Stored-XSS in user's profile page: Change markup used for pronouns](gitlab-org/gitlab@3672795fc9a3f5e4768320a53cad40d209afe3da)
- [Check project read access in Environments and Operations dashboard](gitlab-org/gitlab@b1a317f836d862f6c0872a3889a36285216f8482)
- [Disallow assigning higher role than current user](gitlab-org/gitlab@87273243752ebef58fda6bfdcb2be685e7318200)
- [Disallow users to modify deploy key title](gitlab-org/gitlab@200f3fe6905bb48dfd4517d98461ad935ec702c2)
- [Use merge_head_diff for codeowners when merge request is mergeable](gitlab-org/gitlab@7457a15973e913719461c0630d27c34b1dfae368)
Performance (16 changes):
- [Use the AvatarCache for commits/events](gitlab-org/gitlab@581403c153acbdc1d1e322cd29d65d5b892e27cf) ([merge request](gitlab-org/gitlab!144739))
- [Reduce N+1 queries when approvals by committers are not allowed](gitlab-org/gitlab@9e7ef142b35f44ae5d559be9411e7047b148de8f) ([merge request](gitlab-org/gitlab!146297)) **GitLab Enterprise Edition**
- [Fix N+1 problems in Groups API](gitlab-org/gitlab@b34d6d8baa9f1702c3ba65324dfefa59059319ef) ([merge request](gitlab-org/gitlab!145906)) **GitLab Enterprise Edition**
- [refactor: Debounce GET requests for notes after submitting MR review](gitlab-org/gitlab@624ee38a5be85050c3b25f5521f2d48b6e572dd4) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145177))
- [RegisterJobService will use partition pruning](gitlab-org/gitlab@ce908573c8a06bb242703bacf8148a72410f2d8d) ([merge request](gitlab-org/gitlab!145861))
- [Enable ci_parallel_remote_includes feature flag](gitlab-org/gitlab@fb8c2c6f5e500012cbea05e9af0912f68c870cf8) ([merge request](gitlab-org/gitlab!145784))
- [Remove duplicated indexes for source code](gitlab-org/gitlab@927cdb8b48303e59b64c576960393b998c0bb50d) ([merge request](gitlab-org/gitlab!145534))
- [Remove FF reading p_ci_pipeline_variables](gitlab-org/gitlab@383397e44a6a5f583bab1cfc4e8c6296c5f73991) ([merge request](gitlab-org/gitlab!145374))
- [Reduce N+1 queries when approvals by committers are not allowed](gitlab-org/gitlab@dcf09018965e1c356a8680fa77bedbcfbd9e1685) ([merge request](gitlab-org/gitlab!144860)) **GitLab Enterprise Edition**
- [Reduce N+1 queries when MRs has blocking MRs](gitlab-org/gitlab@ff912fd563fb49120ad8f9b061cc937228bea272) ([merge request](gitlab-org/gitlab!144944)) **GitLab Enterprise Edition**
- [Skip status preloads in pipeline lists](gitlab-org/gitlab@0a426914445e111a1243aff912e058f3801c860c) ([merge request](gitlab-org/gitlab!144783))
- [Cache private email regex for a request](gitlab-org/gitlab@46489a0f94596510475fe302fef714c43db15555) ([merge request](gitlab-org/gitlab!144644))
- [Remove unused index on ci_pipeline_metadata](gitlab-org/gitlab@bbb4eb3f5f65a30c6bfec7a4addf8cc6771c9dcf) ([merge request](gitlab-org/gitlab!140608))
- [Stop calculating if blob is binary on creation](gitlab-org/gitlab@df1a89383d09669270f1f98d5f13571124cb92a0) ([merge request](gitlab-org/gitlab!144115))
- [Removing FF track_ci_build_created_internal_event](gitlab-org/gitlab@1cba51150c772c0a6e07b471db6056a91f875c15) ([merge request](gitlab-org/gitlab!144091))
- [Preload downstream pipelines when serializing bridge jobs](gitlab-org/gitlab@45883cb4df3a2a62ab5e90f0f4c0917d7043c3f6) ([merge request](gitlab-org/gitlab!143546))
Other (120 changes):
- [Remove `compliance_framework_report_ui` feature flag](gitlab-org/gitlab@f613bc6d34c2d06c027b0ea9b423cfebed5c69cf) ([merge request](gitlab-org/gitlab!147042)) **GitLab Enterprise Edition**
- [refactor: Fix typo in code](gitlab-org/gitlab@696d38721bccfe93cb6fbfc4dad106291ab940b5) by @gerardo-navarro ([merge request](gitlab-org/gitlab!147081))
- [Revert "Merge branch..."](gitlab-org/gitlab@07745e093497fc85d43387112cd0decee98d975f) ([merge request](gitlab-org/gitlab!147061))
- [Update job_artifacts queries to use partition_id filter](gitlab-org/gitlab@3699e9824f98e9b462553413595848dadf8a4286) ([merge request](gitlab-org/gitlab!145522))
- [Fix Workhorse linter warnings](gitlab-org/gitlab@a7d7e7d52cca84a836d6d986189f982f7fe4de95) ([merge request](gitlab-org/gitlab!146871))
- [Revert changes to import stages](gitlab-org/gitlab@fe80668eb8b0ec3d57fb32891ddd204b1951b65c) ([merge request](gitlab-org/gitlab!146812))
- [Migrate table to gl-table](gitlab-org/gitlab@26bc530f6ea4685f515e5808392f697e65d2728e) by @hsbhangu ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145618)) **GitLab Enterprise Edition**
- [Enables lock_retries by default in migrations](gitlab-org/gitlab@65ad9d77344fee470c4f8f39344df805888df518) ([merge request](gitlab-org/gitlab!135808))
- [Add cell local schema](gitlab-org/gitlab@631e338e7f169493f0236a3d1e29bb677b8dd0d3) ([merge request](gitlab-org/gitlab!146496))
- [refactor: Fix rubocop todos for maven package files](gitlab-org/gitlab@d1f395b6288fb3655849b9bbade03729aa3e23ee) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145951))
- [Add missing sharding keys](gitlab-org/gitlab@121941b96e717d4a29a10b9bff1868345d473370) ([merge request](gitlab-org/gitlab!146607))
- [Clean up tmp FKs p_ci_stages](gitlab-org/gitlab@9fc2f3468fb97ca2714c39a21ec6c847d9403c0d) ([merge request](gitlab-org/gitlab!146598))
- [Add and validate FKs to p_ci_stages](gitlab-org/gitlab@0a63fc972c8ce42a02e90ad21421a021b04f1a80) ([merge request](gitlab-org/gitlab!146459))
- [Protected packages: Show alert message on fetching error](gitlab-org/gitlab@4aea495dcf70ab58860d5fd8e1d6af5306ac8bfb) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146473))
- [Clean up current_organization_middleware feature flag](gitlab-org/gitlab@8e9aecabb2ddedfec3695b1b08a58370a7d8103b) ([merge request](gitlab-org/gitlab!146527))
- [Validate uniqnuess of member role name](gitlab-org/gitlab@4af14e2cd1b78a7ac1fb72c93d29669b0a29c298) ([merge request](gitlab-org/gitlab!145294))
- [chore: Remove sidekiq_job_completion_metric_initialize feature flag](gitlab-org/gitlab@0ae3e714c0a3620460e463fb1b71f43f80027554) ([merge request](gitlab-org/gitlab!146497))
- [Improve handling group_path param](gitlab-org/gitlab@b04c7baf3c1100ef13a5df1d3d230e53ccc35442) ([merge request](gitlab-org/gitlab!145511))
- [Remove `security_findings_finder_lateral_join` FF](gitlab-org/gitlab@575962a50408eed8434414abaa5c4d24a9fc4381) ([merge request](gitlab-org/gitlab!145754)) **GitLab Enterprise Edition**
- [refactor: Fix rubocop issues in Pypi::CreatePackageService](gitlab-org/gitlab@726376b6dd7ddf062cb82bd9bbde35eb02c4605e) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146403))
- [Remove cron schedule for removed job](gitlab-org/gitlab@60525d4cc87554e7c0c456c6abd2c3d1202c919f) ([merge request](gitlab-org/gitlab!145938))
- [Protected packages: Return ServiceResponse for CreateMavenPackageService](gitlab-org/gitlab@951bc970ce553709d02cf81caada5a6b3cc51253) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145076))
- [Remove assign_compliance_project_service feature flag](gitlab-org/gitlab@212283a3a27ee58c0ff2ffc6a47e2325403044c8) ([merge request](gitlab-org/gitlab!146331)) **GitLab Enterprise Edition**
- [Add cluster wide schema](gitlab-org/gitlab@206a512b463161dc5f5e274563a6809bf0e10aeb) ([merge request](gitlab-org/gitlab!146345))
- [Remove resolve_organization_groups feature flag](gitlab-org/gitlab@863cfe276028e69d9f88007967e777d1b29a743f) ([merge request](gitlab-org/gitlab!146320))
- [Backup and remove orphaned notes](gitlab-org/gitlab@ffcb25747f5794aaec5f64bfd89c92c3727d4f15) ([merge request](gitlab-org/gitlab!146023))
- [Backfill onboarding_status_step_url from orginal column](gitlab-org/gitlab@2ad007b5c1af1a973603f45a7219b3cc964426f1) ([merge request](gitlab-org/gitlab!145041))
- [Remove project_path_sort feature flag](gitlab-org/gitlab@0fbb3b34f341c0a22b9e182e3a06d5ae26de3157) ([merge request](gitlab-org/gitlab!146179))
- [Add sharding keys for application_instrumentation](gitlab-org/gitlab@756debd91cb6298d779ae308cfcc790eb19c468c) ([merge request](gitlab-org/gitlab!143308))
- [refactor: Fix rubocop issues for Npm::CreatePackageService](gitlab-org/gitlab@d2f2ef494f0822c0efb0e2fc62c5fdd81822543c) by @gerardo-navarro ([merge request](gitlab-org/gitlab!146098))
- [Use defined table header across the module](gitlab-org/gitlab@54781db8307169aaa0e5627fd675f9c991841e2e) ([merge request](gitlab-org/gitlab!145412)) **GitLab Enterprise Edition**
- [Replace FKs for p_ci_stages](gitlab-org/gitlab@f07c52a3db3199d3ae36542dab25d47615e367e3) ([merge request](gitlab-org/gitlab!145899))
- [Add database transaction duration to logs](gitlab-org/gitlab@c80306a326e55b131b919f7bac80bc3ba0bdf72a) ([merge request](gitlab-org/gitlab!145775))
- [Add cell scope with sharding key](gitlab-org/gitlab@a8dfef77479f503b243b288d4ae1468aa7150bd6) ([merge request](gitlab-org/gitlab!146039))
- [Add next desired sharding keys for dynamic_application_security_testing](gitlab-org/gitlab@966fbc0df2ba1b892fdcda464d644675f163165f) ([merge request](gitlab-org/gitlab!145249))
- [Add next desired sharding keys for code_review_workflow](gitlab-org/gitlab@b0c6247a455f8bbb46e95aa7aecab8562b9bf6f2) ([merge request](gitlab-org/gitlab!146029))
- [Update schemas and shared keys for source_code_management](gitlab-org/gitlab@dce38caea6e92d926c7640c7bb240dca5bd35be8) ([merge request](gitlab-org/gitlab!144014))
- [Use data-testid instead of js- class for project approvals](gitlab-org/gitlab@746490b79cd9c9ba299eb5c47dadf67f1c9f99d8) ([merge request](gitlab-org/gitlab!145236)) **GitLab Enterprise Edition**
- [Remove geo_proxy_check_pipeline_refs feature flag](gitlab-org/gitlab@92929c83dcd47dc2980d8c35fca7c7d7a5dd0dfb) ([merge request](gitlab-org/gitlab!145864)) **GitLab Enterprise Edition**
- [Add visibility_level to organizations](gitlab-org/gitlab@edd4f2c77d8e8edec18a9d2fdc1580715dd2a307) ([merge request](gitlab-org/gitlab!145606))
- [Migrate search empty states and update banner illustration](gitlab-org/gitlab@fe7193e9efc74e00e893b667b4c4647da7eedb43) ([merge request](gitlab-org/gitlab!145191))
- [Add self-managed migration](gitlab-org/gitlab@32ba10481eb050b79504d805e18fa75cffec1619) ([merge request](gitlab-org/gitlab!144953))
- [Add cluster_wide schema to add_ons](gitlab-org/gitlab@064e0550359b5cfcbaa185c4278f32df843488f3) ([merge request](gitlab-org/gitlab!145824))
- [Update remote mirror failure email](gitlab-org/gitlab@c6b5161e6e268ae49708537899f2d11b54461627) ([merge request](gitlab-org/gitlab!145808))
- [Change gitlab_schema for user_credit_card_validations](gitlab-org/gitlab@e82cebd9b483d332f539276808c24753dc98a48f) ([merge request](gitlab-org/gitlab!145426))
- [Add clusterwide schema](gitlab-org/gitlab@2f7151569970d3cc244051219b338ff1c861cd3e) ([merge request](gitlab-org/gitlab!145673))
- [Ensure ID uniqueness on p_ci_stages](gitlab-org/gitlab@13af4ccec70624cf816ee682df8f3f38db9b5cf3) ([merge request](gitlab-org/gitlab!145778))
- [Enforce not-null constraint vs_code_settings uuid](gitlab-org/gitlab@040e9503ad3e79c2378b1873eed894be9c2f57c5) ([merge request](gitlab-org/gitlab!145427))
- [Remove identity_verification_auto_ban feature flag](gitlab-org/gitlab@806a5188e05f82c746eb79390422acc0cc580ead) ([merge request](gitlab-org/gitlab!145781)) **GitLab Enterprise Edition**
- [Making a quick action spec rely less on the frontend](gitlab-org/gitlab@48ec55748fad7eb0084a2b894fd0dbadefb4d969) ([merge request](gitlab-org/gitlab!142236))
- [Update Transfer Data project blueprint with new Clickhouse fields](gitlab-org/gitlab@7217f644fbe19cac2d6429df626d6ad344ee40a2) ([merge request](gitlab-org/gitlab!145675))
- [Allowing cross db transactions and joins between clusterwide and main](gitlab-org/gitlab@d292da30656bb010d26d3b0da102f22b6886fb59) ([merge request](gitlab-org/gitlab!145669))
- [Add and backfill project_id for cluster_agent_tokens](gitlab-org/gitlab@485282ac8e4289f116c3fc77efee8b6850bd9968) ([merge request](gitlab-org/gitlab!144939))
- [Delete service_desk_vue_list feature flag](gitlab-org/gitlab@58efa1d0f78a48371a2378d269d12651471d87db) ([merge request](gitlab-org/gitlab!144782))
- [Remove cron schedule for removed job](gitlab-org/gitlab@e8b6e3c14032385defacd72255aba1114221e4fd) ([merge request](gitlab-org/gitlab!145633))
- [Create routing table for ci_stages](gitlab-org/gitlab@ba2318027315fd2cddcbc014e3c6ed5941c8a0d8) ([merge request](gitlab-org/gitlab!145217))
- [Remove cron schedule for removed job](gitlab-org/gitlab@69ee1ebf4ca5fc26347ea6e339e2d95f5ad90dc7) ([merge request](gitlab-org/gitlab!145248))
- [Fix secret config validation](gitlab-org/gitlab@3b20dc278580bfe138d461daad0582131b948763) by @alberts-gitlab ([merge request](gitlab-org/gitlab!145490))
- [Remove arkose_labs_oauth_signup_challenge feature flag](gitlab-org/gitlab@792f0612de2e77d81a0e16f4bc3da608cba7e915) ([merge request](gitlab-org/gitlab!145225)) **GitLab Enterprise Edition**
- [Allow to persist Clickhouse state](gitlab-org/gitlab@5c814099985ff577f48a597059f64e4d67df5174) ([merge request](gitlab-org/gitlab!144918))
- [Remove `sync_project_archival_status_to_sbom_occurrences` feature flag](gitlab-org/gitlab@107d31db9b8595f97f64c4908ab46e55309b6fc7) ([merge request](gitlab-org/gitlab!145419)) **GitLab Enterprise Edition**
- [Introduce empty_tree_id to correctly work with SHA256 repository](gitlab-org/gitlab@bfab8988d9cf7712dc8e6b6b217bb7c04dc21efe) ([merge request](gitlab-org/gitlab!144494))
- [Refactor planning component currency symbol](gitlab-org/gitlab@c675d2173a23bbfbb5883ef686e7fd833190e1f4) by @chaomao ([merge request](gitlab-org/gitlab!145378)) **GitLab Enterprise Edition**
- [Remove `group_level_dependencies_filtering` feature flag](gitlab-org/gitlab@500892480ccf798e07654b86e64b57b46902b35c) ([merge request](gitlab-org/gitlab!144672)) **GitLab Enterprise Edition**
- [test: Fix wrong param for shared example 'error service response'](gitlab-org/gitlab@9103ced153fa5c901deae045c14b5451ed5957d4) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145134))
- [Clean up tmp FKs p_ci_job_artifacts](gitlab-org/gitlab@e97208ffe95e4d29619061623b39177290cf32a2) ([merge request](gitlab-org/gitlab!145216))
- [Remove enable_new_sentry_clientside_integration](gitlab-org/gitlab@c54585488ccd84b2e0a738e41fea5c69a7068f5c) ([merge request](gitlab-org/gitlab!145276))
- [Add ClusterRepositoryCache class for migration](gitlab-org/gitlab@147ddbd512dc9e2ec5686e4d16bcd8168bebb242) ([merge request](gitlab-org/gitlab!144548))
- [Finalize backfill vs_code_settings column migrations](gitlab-org/gitlab@46a38c5d8ce1bf0a2d18d310ac94d10d5beab2de) ([merge request](gitlab-org/gitlab!145138))
- [Remove arkose_labs_trial_signup_challenge feature flag](gitlab-org/gitlab@1df16b97529aa3f0b0f0e2b86c11818e86af32cc) ([merge request](gitlab-org/gitlab!144834)) **GitLab Enterprise Edition**
- [Add next desired sharding keys for package_registry](gitlab-org/gitlab@ff7c2b5abd423d2333b7b908a16448da14c2dffd) ([merge request](gitlab-org/gitlab!145254))
- [Add next desired sharding keys for importers](gitlab-org/gitlab@76a2e668305ed30e3da9608f7af8d992552fd215) ([merge request](gitlab-org/gitlab!145252))
- [Add next desired sharding keys for feature_flags](gitlab-org/gitlab@818efece04995d92ffd2f7dfcee0db6b74a9111f) ([merge request](gitlab-org/gitlab!145251))
- [Add next desired sharding keys for source_code_management](gitlab-org/gitlab@3c42ee7b0207f258ef7c429315205adad5c8a62c) ([merge request](gitlab-org/gitlab!145250))
- [Cleanup bigint conversion for system_note_metadata](gitlab-org/gitlab@5c0539a14db6da96acdda5ed337afe9c9069353e) ([merge request](gitlab-org/gitlab!145125))
- [test: Refactor tests to leverage service response shared examples](gitlab-org/gitlab@175d0d1f31090dca7762005ebb8ab95a11edf428) by @gerardo-navarro ([merge request](gitlab-org/gitlab!145156))
- [Drop use_sync_service_token_worker FF](gitlab-org/gitlab@eae7739ac1c5d0eee0e78f53cbb19e87f34816ae) ([merge request](gitlab-org/gitlab!144871))
- [Validate FKs p_ci_job_artifacts self managed](gitlab-org/gitlab@6f2cb0fa3d3537c7b70a028cd3e09ef1e7ac2fa8) ([merge request](gitlab-org/gitlab!145111))
- [Remove feature flag ci_workflow_auto_cancel_on_new_commit](gitlab-org/gitlab@2933c5f713b4fb5146b228bcf0dfcbc243d264cb) ([merge request](gitlab-org/gitlab!145144))
- [Prepare partitioning constraint for ci_stages](gitlab-org/gitlab@0bd2a03b743d0360a45f42685106a5004abdec6a) ([merge request](gitlab-org/gitlab!145109))
- [Add temporary index for locating orphaned notes](gitlab-org/gitlab@d562735b899e4840cb2297022d2ebb0d83e0f14d) ([merge request](gitlab-org/gitlab!143928))
- [Remove references to code suggestions group setting](gitlab-org/gitlab@11753521b2d89348558b147ca5982eafca2ea238) ([merge request](gitlab-org/gitlab!145043)) **GitLab Enterprise Edition**
- [Remove update_organization_users feature flag](gitlab-org/gitlab@ae9679c3c3abb92dd7f5902f48db040f802837de) ([merge request](gitlab-org/gitlab!144997))
- [Add self-managed migration](gitlab-org/gitlab@b23c24529147cfbf081d36798b821327be5f8289) ([merge request](gitlab-org/gitlab!142037))
- [Use UpdateService, add more spec coverage](gitlab-org/gitlab@6e0431b9e7ede3594f4032fa2a03bbe819b6fb7f) ([merge request](gitlab-org/gitlab!144800)) **GitLab Enterprise Edition**
- [Clean up self-hosted sent_notifications bigint](gitlab-org/gitlab@5c412bfd9627abd764725dee631cf4dbf37ef377) ([merge request](gitlab-org/gitlab!142965))
- [Add desired sharding keys for importers](gitlab-org/gitlab@989706b5b11fc621265f5947113f995ab3b5d7e7) ([merge request](gitlab-org/gitlab!144856))
- [Add desired sharding keys for team_planning](gitlab-org/gitlab@5b25063b60e1edf94d4300bdc4c87fb77526cdc2) ([merge request](gitlab-org/gitlab!144855))
- [Remove FF dependency_scanning_on_advisory_ingestion](gitlab-org/gitlab@43f385c185b094b8ec874d5c7123dcf9e78db63c) ([merge request](gitlab-org/gitlab!144546)) **GitLab Enterprise Edition**
- [Remove proxy-through-com logic for CS](gitlab-org/gitlab@b76a68ce0b1dd827107ad78124a7079565d09586) ([merge request](gitlab-org/gitlab!144721))
- [Add violation_data to scan_result_policy_violations](gitlab-org/gitlab@2210af36a7988cc2bfe9817851aa51c576603c2b) ([merge request](gitlab-org/gitlab!144504))
- [Update the Kaniko template to make the job be extendible](gitlab-org/gitlab@62fbbb77c3c81cbabed7199824c032c3125ed522) by @kjetilho ([merge request](gitlab-org/gitlab!144352))
- [Ensure uniqueness p_ci_job_artifacts IDs](gitlab-org/gitlab@7433b17f0f311d289aaa1577c4d9b9893674058a) ([merge request](gitlab-org/gitlab!144574))
- [Rename CreateEmptyEmbeddingsRecordsWorker](gitlab-org/gitlab@d8c24152743d7d5cc00c034ab9db9bcdb9db419a) by @jzeng88 ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144374)) **GitLab Enterprise Edition**
- [Add transaction check to ExclusiveLease](gitlab-org/gitlab@21994f1f62f70a3afc55b505a980ab517a016aa3) ([merge request](gitlab-org/gitlab!143321))
- [Remove ignore_column for project_import_level](gitlab-org/gitlab@f4891f738ef3ff0b9787a991c9a2277badcc1e00) ([merge request](gitlab-org/gitlab!144662))
- [Remove security_policies_sync_preexisting_state feature flag](gitlab-org/gitlab@331e33a9347988917ba2137535799e783af19ca6) ([merge request](gitlab-org/gitlab!144531)) **GitLab Enterprise Edition**
- [Fixes for MR Widget implementation and tests to support Vue compat](gitlab-org/gitlab@2cd2f8a45d2adb65638ea55480ca9943be2610d7) ([merge request](gitlab-org/gitlab!143485))
- [Remove unused code](gitlab-org/gitlab@29bb77e3c5b39706df09cc9906548598fe12d998) ([merge request](gitlab-org/gitlab!144604))
- [Rename EMPTY_TREE_ID constant](gitlab-org/gitlab@4babc79beb27c03c56301e40a047a243a2d71dee) ([merge request](gitlab-org/gitlab!144579))
- [Remove feature flag "store_object_format"](gitlab-org/gitlab@727577987734e018c0baa1c63d799de726a9f5a2) ([merge request](gitlab-org/gitlab!144628))
- [Update "Duo Pro" copy to "GitLab Duo Pro" in UI](gitlab-org/gitlab@f5ef5367a2a7fc39cea07afdbb5acac7a32f3da6) ([merge request](gitlab-org/gitlab!144461)) **GitLab Enterprise Edition**
- [Add patch for find_or_create_by](gitlab-org/gitlab@18e1855d5fd5f7e22c58a40fdf6f16540291185d) ([merge request](gitlab-org/gitlab!144457))
- [Add desired sharding keys for security_policy_management](gitlab-org/gitlab@3abb5e86fbcc4a7a59c59c08b671cdf49f659c9b) ([merge request](gitlab-org/gitlab!144470))
- [Remove feature flag security_policies_unenforceable_rules_notification](gitlab-org/gitlab@ab7862f7585854e48ad7cf28e1f530b3c8b64f4e) ([merge request](gitlab-org/gitlab!144468)) **GitLab Enterprise Edition**
- [Finalize UpdateDelayedProjectRemovalToNullForUserNamespaces migration](gitlab-org/gitlab@71bb14cb07479c40b8986c68dd7c9a388d8c91b7) ([merge request](gitlab-org/gitlab!144361))
- [Cleanup geo_pipeline_replication feature flag](gitlab-org/gitlab@32fb7a3ccc2d97bfeb60048b8519272e66015bc2) ([merge request](gitlab-org/gitlab!144549)) **GitLab Enterprise Edition**
- [Include prepared_at in the MR hook data](gitlab-org/gitlab@9cc77b735f037c2bd849b9fb76ca3435d4343080) ([merge request](gitlab-org/gitlab!143998))
- [Cleanup search_filter_by_ability feature flag](gitlab-org/gitlab@71c98ac1a359d099528b89d41aa3022abe0def72) ([merge request](gitlab-org/gitlab!144537)) **GitLab Enterprise Edition**
- [Add desired sharding keys for package_registry](gitlab-org/gitlab@530a5b438891aedf7a92ae414bb81e5d4eb0adc6) ([merge request](gitlab-org/gitlab!144476))
- [Add desired sharding keys for feature_flags](gitlab-org/gitlab@5f02c416dd9bad120799a2076dc6e262513cf6ff) ([merge request](gitlab-org/gitlab!144475))
- [Add desired sharding keys for dynamic_application_security_testing](gitlab-org/gitlab@f719300dc0cbafcee93776fa9b66800f14243b38) ([merge request](gitlab-org/gitlab!144474))
- [Add desired sharding keys for geo_replication](gitlab-org/gitlab@e5583c5d337ab47b8021c50f43cb0c0aa59d582e) ([merge request](gitlab-org/gitlab!144471))
- [Remove ci_job_token_groups_allowlist feature flag](gitlab-org/gitlab@1e192a7dcd317594757abebcf4f9872315e924ac) ([merge request](gitlab-org/gitlab!144258))
- [Add desired sharding keys for secrets_management](gitlab-org/gitlab@21d4784a4cf8162625aaf8e613935a648de56989) ([merge request](gitlab-org/gitlab!144211))
- [Remove select_ancestors_of_paginated_items feature flag](gitlab-org/gitlab@2bb9c584820424e33bca0524ebe2d49bd4ea29e3) ([merge request](gitlab-org/gitlab!143636))
- [Add sharding keys for auto_devops](gitlab-org/gitlab@320db1b8da1692fc61bc89f1c4b4e23dc87d0f00) ([merge request](gitlab-org/gitlab!143307))
- [Add sharding keys for code_review_workflow](gitlab-org/gitlab@f0ad99cc932bd74a5d02de99ee62651b32a34af2) ([merge request](gitlab-org/gitlab!143310))
- [Add sharding keys for system_access](gitlab-org/gitlab@62c2fd4788e62e46f1469e2f18d178840e8e3df2) ([merge request](gitlab-org/gitlab!142501))
- [Add sharding keys for purchase](gitlab-org/gitlab@9c3843da74714c72483c17489d5d3d68ceffd2c8) ([merge request](gitlab-org/gitlab!142505))
Grafana v10.3.5
Features and enhancements:
- **Postgres:** Allow disabling SNI on SSL-enabled connections. [#84259], [@papagian]
Bug fixes:
- **Snapshots:** Require delete within same org . [#84707], [@ryantxu]
- **Elasticsearch:** Fix legend for alerting, expressions and previously frontend queries. [#84684], [@ivanahuckova]
- **Dashboard:** Fix issue where out-of-view shared query panels caused blank dependent panels. [#84196], [@kaydelaney]
- **Alerting:** Fix preview getting the correct queries from the form. [#81481], [@soniaAguilarPeiron]
v10.4.1
Features and enhancements:
- **Alerting:** Add "Keep Last State" backend functionality. [#84406], [@rwwiv]
- **Postgres:** Allow disabling SNI on SSL-enabled connections. [#84249], [@papagian]
- **DataQuery:** Track panel plugin id not type. [#83164], [@torkelo]
Bug fixes:
- **Elasticsearch:** Fix legend for alerting, expressions and previously frontend queries. [#84685], [@ivanahuckova]
- **Alerting:** Fix optional fields requiring validation rule. [#84595], [@gillesdemey]
- **ExtSvcAccounts:** FIX prevent service account deletion. [#84511], [@gamab]
- **Loki:** Fix null pointer exception in case request returned an error. [#84401], [@svennergr]
- **Dashboard:** Fix issue where out-of-view shared query panels caused blank dependent panels. [#84197], [@kaydelaney]
- **Auth:** Only call rotate token if we have a session expiry cookie. [#84181], [@kalleep]
- **Serviceaccounts:** Add ability to add samename SA for different orgs. [#83953], [@eleijonmarck]
- **GenAI:** Update the component only when the response is fully generated. [#83895], [@ivanortegaalba]
- **Tempo:** Better fallbacks for metrics query. [#83688], [@adrapereira]
- **Tempo:** Add template variable interpolation for filters. [#83667], [@joey-grafana]
- **Alerting:** Fix saving evaluation group. [#83234], [@soniaAguilarPeiron]
- **QueryVariableEditor:** Select a variable ds does not work. [#83181], [@ivanortegaalba]
- **Logs Panel:** Add option extra UI functionality for log context. [#83129], [@svennergr]
Jenkins 2.440.2
1. Add an Appearance category to the setup wizard. (pull 8822))
2. BootFailure subclasses can now override the Jenkins startup failure page. (pull 8442))
3. Reduce the window of time during which a crash may lead to an inconsistent state on Linux. (pull 8815))
4. Update the appearance of controls in header. (pull 8791))
5. Allow icon size to be changed in the node overview table. (pull 8802))
6. Remove code that may have caused an agent-side hang under a rare race condition. (Remoting PR 713))
7. Reduce the likelihood of thread creation errors on agents. (Remoting PR 717))
Jenkins 2.450
1. Add a computer icon legend and a new icon for agents that are not accepting tasks. (issue 69191))
2. Add components for dropdown items. Refer to the new Design Library Dropdowns page for implementation details. (pull 8827))
Prometheus v2.51.0
[CHANGE] Scraping: Do experimental timestamp alignment even if tolerance is bigger than 1% of scrape interval#13624,#13737
[FEATURE] Alerting: Relabel rules for AlertManagerConfig; allows routing alerts to different alertmanagers#12551,#13735
[FEATURE] API: add limit param to series, label-names and label-values APIs#13396
[FEATURE] UI (experimental native histograms): Add native histogram chart to Table view#13658
[FEATURE] Promtool: Add a "tsdb dump-openmetrics" to dump in OpenMetrics format.#13194
[FEATURE] PromQL (experimental native histograms): Add histogram_avg function#13467
[ENHANCEMENT] Rules: Evaluate independent rules concurrently#12946,#13527
[ENHANCEMENT] Scraping (experimental native histograms): Support exemplars#13488
[ENHANCEMENT] Remote Write: Disable resharding during active retry backoffs#13562
[ENHANCEMENT] Observability: Add native histograms to latency/duration metrics#13681
[ENHANCEMENT] Observability: Add 'type' label to prometheus_tsdb_head_out_of_order_samples_appended_total#13607
[ENHANCEMENT] API: Faster generation of targets into JSON#13469,#13484
[ENHANCEMENT] Scraping, API: Use faster compression library#10782
[ENHANCEMENT] OpenTelemetry: Performance improvements in OTLP parsing#13627
[ENHANCEMENT] PromQL: Optimisations to reduce CPU and memory#13448,#13536
[BUGFIX] PromQL: Constrain extrapolation in rate() to half of sample interval#13725
[BUGFIX] Remote Write: Stop slowing down when a new WAL segment is created#13583,#13628
[BUGFIX] PromQL: Fix wrongly scoped range vectors with @ modifier#13559
[BUGFIX] Kubernetes SD: Pod status changes were not discovered by Endpoints service discovery#13337
[BUGFIX] Azure SD: Fix 'error: parameter virtualMachineScaleSetName cannot be empty' (#13702)
[BUGFIX] Remote Write: Fix signing for AWS sigv4 transport#13497
[BUGFIX] Observability: Exemplars emitted by Prometheus use "trace_id" not "traceID"#13589
OpenUpdate - March 21, 2024
Stay Informed
This week, read about:
Key Security, Maintenance, and Features Releases
Security Based Updates
Updates to the OpenLogic CentOS Repository
*) OpenLogic’s Enterprise Linux Team has recently published the following updates:
- CentOS 6 - expat-2.0.1-13_ol004.el6 for CVE-2022-40674
- CentOS 6 - python-2.6.6-68_ol001.el6 for CVE-2023-24329
We recommend that you update your CentOS 6 systems to ensure proper timekeeping. As usual, please ensure that you test these updates before deploying to production. If you don't currently have CentOS repo access, please reach out to your Perforce/OpenLogic salesperson … you may already be entitled to access with your existing support contract!
Linux Kernel Vulnerabilities:
- CVE-2023-52440 - Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability
- CVE-2023-52441 - Linux Kernel ksmbd Negotiate Request Out-Of-Bounds Read Information Disclosure Vulnerability
- CVE-2023-52442 - Linux Kernel ksmbd Chained Request Improper Input Validation Information Disclosure Vulnerability
CVE-2024-2193
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed.
An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
Non-Security Based Updates
Angular 17.3.0
COMPILER
- (feat - 1a6beae8a2) | Enable template pipeline by default. (#54571)
- (fix - f386a04c9d) | handle two-way bindings to signal-based template variables in instruction generation (#54714)
- (fix - 1f129f114e) | not catching for loop empty tracking expressions (#54772)
COMPILER-CLI
- (fix - 12dc4d074e) | account for as expression in docs extraction (#54414)
- (fix - da7fbb40f0) | detect when the linker is working in unpublished angular and widen supported versions (#54439)
- (fix - 492e03f699) | flag two-way bindings to non-signal values in templates (#54714)
- (fix - 5afa4f0ec1) | supportModuleWithProvidersliteral detection withtypeof(#54650)
CORE
- (feat - 331b16efd2) | add API to inject attributes on the host node (#54604)
- (feat - fb540e169a) | add migration for invalid two-way bindings (#54630)
- (feat - c687b8f453) | expose newoutput()API (#54650)
- (feat - c809069f21) | introduceoutputFromObservable()interop function (#54650)
- (feat - aff65fd1f4) | introduceoutputToObservableinterop helper (#54650)
- (feat - 974958913c) | support TypeScript 5.4 (#54414)
- (fix - 39a50f9a8d) | ensure all initializer functions run in an injection context (#54761)
- (fix - 243ccce624) | exclude class attribute intended for projection matching from directive matching (#54800)
- (fix - 2909e9817d) | prevent infinite loops in clobbered elements check (#54425)
- (fix - 7243c704cf) | return a readonly signal onasReadonly. (#54706)
- (perf - bb35414a38) | speed up retrieval ofDestroyRefinEventEmitter(#54748)
HTTP
- (fix - 8d37ed035c) | exclude caching for authenticated HTTP requests (#54746)
ROUTER
- (feat - c1c7384e02) | Add reusable types for router guards (#54580)
- (fix - 7225485311) | Navigations triggered by cancellation events should cancel previous navigation (#54710)
Activemq-6.1.0
Bug:
[AMQ-9399] - Clean-up OSGi headers for a couple modules
[AMQ-9405] - Supplied jetty.xml fails to load if ssl is enabled
[AMQ-9408] - Jolokia throws exception during Windows service startup
[AMQ-9418] - Support mapping jakarta -> javax exceptions in openwire
[AMQ-9419] - UnsupportedOperationException("createContext() is not supported")
[AMQ-9420] - KahaDB durable subscription stats can go negative on duplicate acks
[AMQ-9432] - WebSocket transports close connection after 30 seconds due to default Jetty idle timeout
[AMQ-9434] - Unable to start ActiveMQ on Linux when there is space in the folder path
[AMQ-9435] - KahaDB durable sub tracking breaks on duplicate messages
[AMQ-9436] - StoreQueueCursor creates different audits for persistent and non persistent cursors
New Feature:
[AMQ-9344] - Ability to configure a limit on uncommitted message count in a transaction
[AMQ-9397] - Update JDBC adapter mapping for MySQL 8 driver
Improvement:
[AMQ-9166] - Add destination field to Job
[AMQ-9431] - Don’t add Bouncycastle as Security Provider when found on the Classpath
[AMQ-9438] - FailoverTransport throws UnknowHostException on compareURIs
[AMQ-9450] - Expose Job Scheduler views with destination via JMX
Task:
[AMQ-9216] - Remove java.lang.SecurityManager usage from activemq-client as is removed in JDK 21
[AMQ-9299] - Unknown license gram dependency
[AMQ-9401] - Minor doc update referencing javax instead of jakarta
Dependency upgrade:
[AMQ-9396] - Upgrade to Spring 6.1.4
[AMQ-9402] - Upgrade to Shiro 1.13.0
[AMQ-9403] - Upgrade Jackson 2.16.0
[AMQ-9406] - Upgrade to Camel 4.2.0
[AMQ-9407] - Upgrade to log4j 2.22.0
[AMQ-9422] - 2024-01-29 Maven Plugin Updates
[AMQ-9423] - Upgrade Jetty 11.0.19
[AMQ-9424] - Upgrade Jackson 2.16.1
[AMQ-9425] - Upgrade slf4j 2.0.11
[AMQ-9426] - Upgrade jmdns 3.5.9
[AMQ-9427] - Upgrade log4j2 2.22.1
[AMQ-9428] - Upgrade commons-io 2.15.1
[AMQ-9429] - Upgrade commons-logging 1.3.0
[AMQ-9439] - Upgrade to log4j 2.23.0
[AMQ-9440] - Upgrade to Jetty 11.0.20
[AMQ-9443] - Upgrade to Camel 4.4.0
[AMQ-9446] - Upgrade to commons-lang 3.14.0
Ansible AWX 24.0.0
What's Changed:
- Made JWT the first auth class and default (@chrismeyersfsu https://github.com/ansible/awx/pull/14932)
- Added missing AWS secret management lookup credentials to the Credentials section of the *User Guide* (@tvo318 https://github.com/ansible/awx/pull/14933)
- Removed Podman to use Docker again in the collection CI (@CFSNM https://github.com/ansible/awx/pull/14938)
- Converted Swagger release fixture to an environment variable (@TheRealHaoLiu https://github.com/ansible/awx/pull/14940)
- Removed ``mock.patch`` to no longer fail when ran with the VSCode debugger (@chrismeyersfsu https://github.com/ansible/awx/pull/14941)
- Integrated resources API from ``django-ansible-base`` into AWX (@jessicamack https://github.com/ansible/awx/pull/14896)
- Fixed test that fails on rerun due to expecting exact IDs (@TheRealHaoLiu https://github.com/ansible/awx/pull/14943)
- Added test for utils method ``is_testing`` (@AlanCoding https://github.com/ansible/awx/pull/14935)
- Allowed for manually starting workflow to build devel images (@shanemcd https://github.com/ansible/awx/pull/14955)
- Disallowed auto-reload explicitly STOPPED processes in the development environment (@TheRealHaoLiu https://github.com/ansible/awx/pull/14958)
- Added terraform state inventory source (@hakbailey https://github.com/ansible/awx/pull/14840)
- Bumped Axios UI dependency to 1.6.z (@mabashian https://github.com/ansible/awx/pull/14954)
- Added pip>=21.3 to dev requirement to install ``django-ansible-base`` in editable mode (@TheRealHaoLiu https://github.com/ansible/awx/pull/14961)
- Implemented project pulling from Azure DevOps using Service Principals (@puiterwijk https://github.com/ansible/awx/pull/14628)
- Fixed ``awx-autoreload`` in development environments (@TheRealHaoLiu https://github.com/ansible/awx/pull/14968)
- Fixed incorrect sentence conjugation in inventory help texts (@dmzoneill https://github.com/ansible/awx/pull/14946)
- Added the ability to run AWX components in the VSCode debugger (@TheRealHaoLiu https://github.com/ansible/awx/pull/14942)
- Upgraded to PostgreSQL 15 (@john-westcott-iv https://github.com/ansible/awx/pull/14230)
- Reverted the implementation for project pulling from Azure DevOps using Service Principals (@TheRealHaoLiu https://github.com/ansible/awx/pull/14977)
- Replaced string validation using comparisons of English literals with error/op codes validation and comparisons (@dmzoneill https://github.com/ansible/awx/pull/14910)
- Aligned Orign and Host header in AWX settings and docker-compose templates (@chrismeyersfsu https://github.com/ansible/awx/pull/14970)
- Pruned dangle image periodically (@TheRealHaoLiu https://github.com/ansible/awx/pull/14957)
AWX Operator:
- Released with AWX Operator [v2.13.1](https://github.com/ansible/awx-operator/releases/2.13.1)
Docker Compose v2.25.0
What's Changed
Fixes:
- Restore config hebaviour until --no-interpolate is set #11604
- Fix service name shell completion in #11559
Improvements:
- Add --watch flag to up (#11525)
Internal:
- Detect Docker Desktop #11593
- Bump compose-go v2.0.0 #11623
Fluentd v1.16.4
Bug Fix:
* Fix to avoid processing discarded chunks in write_step_by_step. It fixes not to raise pile of IOError when many `chunk bytes limit exceeds` errors are occurred.
* in_tail: Fix tail watchers in `rotate_wait` state not being managed.
Misc:
* buffer: Avoid unnecessary log processing. It will improve performance.
Jenkins-2.449
1. Support Session ID for External Job Monitor to avoid HTTP 503 response. (pull 8825))
2. Allow recursive remote file copy even if local and remote nodes have incompatible character sets at binary level, e.g. ISO-8859-1 and CP-1047. (issue 72540))
3. Add "copy to clipboard" button to the build console output. (pull 8960))
4. Do not attempt to self-restart on operating systems where this is not supported. (issue 72833))
5. Fix a crash when restarting Jenkins on macOS. (issue 65911))
6. Update bundled Trilead API Plugin to 2.84.86.vf9c960e9b_458. (pull 9022))
7. Ensure threads in the Computer.threadPoolForRemotingexecutor service always have the Jenkins webapp ClassLoader set as the context ClassLoader to prevent random class loading issues when code is running in this ExecutorService. (issue 72796))
8. Add experimental APIs to control which agents are loaded and when. (pull 8979))
Kubernetes v1.27.12
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123771, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123765, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Storage]
Other (Cleanup or Flake):
- Build etcd image v3.5.12 (#123069, @bzsuni) [SIG API Machinery and Etcd]
Dependencies
Added:
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Kubernetes v1.28.8
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123772, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fix error when trying to expand a volume that does not require node expansion (#123055, @gnufied) [SIG Node and Storage]
- Fixed a bug that an init container with containerRestartPolicy with `Always` cannot update its state from terminated to non-terminated for the pod with restartPolicy with `Never` or `OnFailure`. (#123710, @gjkim42) [SIG Apps]
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Prevent watch cache starvation by moving its watch to separate RPC and add a SeparateCacheWatchRPC feature flag to disable this behavior (#123694, @mengqiy) [SIG API Machinery]
- Restore --verify-only function in code generation wrappers. (#123261, @skitt) [SIG API Machinery]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123764, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
Other (Cleanup or Flake):
- Build etcd image v3.5.12 (#123069, @bzsuni) [SIG API Machinery and Etcd]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Kubernetes v1.29.3
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123773, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Fix error when trying to expand a volume that does not require node expansion (#123055, @gnufied) [SIG Node and Storage]
- Fixed a bug that an init container with containerRestartPolicy with `Always` cannot update its state from terminated to non-terminated for the pod with restartPolicy with `Never` or `OnFailure`. (#123709, @gjkim42) [SIG Apps]
- Fixed cleanup of Pod volume mounts when a file was used as a subpath. (#123052, @jsafrane) [SIG Node]
- Fixed the disruption controller's PDB status synchronization to maintain all PDB conditions during an update. (#122056, @dhenkel92) [SIG Apps]
- Fixes an issue calculating total CPU usage reported for Windows nodes (#122999, @marosset) [SIG Node and Windows]
- Prevent watch cache starvation by moving its watch to separate RPC and add a SeparateCacheWatchRPC feature flag to disable this behavior (#123693, @mengqiy) [SIG API Machinery]
- Restore --verify-only function in code generation wrappers. (#123261, @skitt) [SIG API Machinery]
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123763, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
Other (Cleanup or Flake):
- Etcd: Update to version 3.5.12 (#123188, @bzsuni) [SIG API Machinery, Cloud Provider, Cluster Lifecycle and Testing]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
Removed:
_Nothing has changed._
Kubernetes v1.26.15
Feature:
- Kubernetes is now built with go 1.21.8
- Update distroless-iptables to v0.4.6 (#123762, @cpanato) [SIG Release and Testing]
Bug or Regression:
- Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786 (#123767, @liggitt) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Storage]
Dependencies
Added:
_Nothing has changed._
Changed:
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- google.golang.org/protobuf: v1.31.0 → v1.33.0
OpenUpdate - March 14, 2024
Stay Informed
This week, read about:
Key Security, Maintenance, and Features Releases
Security Based Updates
Linux Kernel Vulnerabilities:
- CVE-2023-52440 - Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability
- CVE-2023-52441 - Linux Kernel ksmbd Negotiate Request Out-Of-Bounds Read Information Disclosure Vulnerability
- CVE-2023-52442 - Linux Kernel ksmbd Chained Request Improper Input Validation Information Disclosure Vulnerability
Non-Security Based Updates
Angular 17.2.4
COMPILER-CLI
- (fix - 917b9bdd2e) | unwrap expressions with type parameters in query read property (#54647)
CORE:
- (fix - 586cc24a10) | apply TestBed provider overrides to@deferdependencies (#54667)
- (fix - b558a01c84) | generic inference for signal inputs may break with--strictFunctionTypes(#54652)
- (fix - 443e5f1591) | return a readonly signal onasReadonly. (#54719)
- (fix - ffbafc7d4a) | untrack various core operations (#54614)
Docker/compose 2.24.7
Fixes:
- Ensure stable priority sort order for networks (#11510, #11429, compose-spec/compose-go#580)
- Fix interpolation with curly braces (e.g. JSON) in default values (compose-spec/compose-go#581)
- Fix validation for non-unique container_name values (compose-spec/compose-go#583, compose-spec/compose-go#585)
- Fix validation for develop.watch (#11507, compose-spec/compose-go#586)
- Fix environment loading for include (#11509, compose-spec/compose-go#582)
- Fix panic when merging labels/networks (#11520, compose-spec/compose-go#584)
- Support --no-path-resolution when using include (#11508, compose-spec/compose-go#579)
- Fix missing project name errors (#11450, compose-spec/compose-go#578)
- Force plain progress mode when ANSI disabled (#11514)
- Fix --no-interpolate flag on config (#11556)
- Workaround for file lock issues with Watch mode on Windows (#11513)
- Fix duplicate exit code status messages (#11562)
- Respect COMPOSE_REMOVE_ORPHANS on up (#11462)
Improvements:
- dd --watch flag to up (#11525)
- Optimize order of scale down when removing replicas (#11473)
Internal:
- Generate test summaries in CI (#11558)
Dependencies:
- Docker v24.0.5 (#11566)
- Go 1.21.8 (#11578)
- compose-go v2.0.0-rc8 (#11536)
Changelog:
- discard stdout for laaarge log test by @ndeloof in #11505
- sort containers to optimize scale down by @ndeloof in #11473
- ci: bump engine version to 25.0.3 by @laurazard in #11512
- Issue-11374: Modified compose up command to respect COMPOSE_REMOVE_ORPHANS environment variable by @batcity in #11462
- when ran with ANSI disabled, force progress=plain by @ndeloof in #11514
- Apply --quiet-pull option when creating dependencies from run command by @glours in #11523
- use a dedicated compose file for --quiet-pull e2e test by @glours in #11537
- bump compose-go to version v2.0.0-rc.8 by @glours in #11536
- Double check watch pid if detected as still running on Windows by @glours in #11513
- get log to manage attach by @ndeloof in #11542
- Remove docker cli step in ci.yml by @jhrotko in #11549
- restore support for config --no-interpolate by @ndeloof in #11556
- introduce --watch by @ndeloof in #11525
- avoid duplicated "xx exited with code 0" message by @ndeloof in #11562
- make code simpler by @ndeloof in #11535
- wip add test summary in ci by @jhrotko in #11558
- ci(deps): bump moby/moby & docker/cli to v25.0.4 by @milas in #11566
- chore(deps): upgrade go to 1.21.8 by @milas in #11578
New Contributors:
- @batcity made their first contribution in #11462
Gitlab-foss 16.7.7
Fixed (1 change):
- [Use the backup database connection while restoring timeouts](gitlab-org/security/gitlab@796d1a2904fee95a7a1f9f4eb7bcfb4f431bf720)
Security (1 change):
- [Reset approvals when reopening a MR](gitlab-org/security/gitlab@4be38a72793e54c0f7f653be0e2b744d22dc1e0e) ([merge request](gitlab-org/security/gitlab!3829))
Fixed (3 changes):
- [Backport 145801 (Fix CI linter error when repository is empty) to 16.8](gitlab-org/security/gitlab@0cf6a481f8555cf6c94d1b8b6bbc74af5a29c99f)
- [Fix container repositories checksum mismatch errors](gitlab-org/security/gitlab@3ac997e5fe461b828dcc5ef3990ec88e24d1ffb2) **GitLab Enterprise Edition**
- [Use the backup database connection while restoring timeouts](gitlab-org/security/gitlab@d5376ee9362c5a14e921f4f5fd54a1214480551f)
Security (2 changes):
- [Restrict group token rotation for custom roles](gitlab-org/security/gitlab@fb35694c0a16a12cd62b2737937e4d20e04e155f) ([merge request](gitlab-org/security/gitlab!3904))
- [Reset approvals when reopening a MR](gitlab-org/security/gitlab@717aa058de09f0357914f0f8dce84340f10bfb45) ([merge request](gitlab-org/security/gitlab!3828))
Fixed (2 changes):
- [Backport 145801 (Fix CI linter error when repository is empty) to 16.9](gitlab-org/security/gitlab@3387113650f62739955a47de59f7c17dbe7e9509)
- [Fix container repositories checksum mismatch errors](gitlab-org/security/gitlab@7dce926636d80e26c4e99ac74c09c3795063151a) **GitLab Enterprise Edition**
Security (2 changes):
- [Restrict group token rotation for custom roles](gitlab-org/security/gitlab@c7eafe2b214d8a5c739fe116899540133daebef3) ([merge request](gitlab-org/security/gitlab!3905))
- Reset approvals when reopening a MR](gitlab-org/security/gitlab@4c3fbb6674de3dfc01332a25959167ba1085e5bb) ([merge request](gitlab-org/security/gitlab!3897))
Grafana 10.3.4
Features and enhancements:
- Chore: Improve domain validation for Google OAuth - Backport 83229 to v10.3.x. [#83725], [@linoman]
Bug fixes:
- LDAP: Fix LDAP users authenticated via auth proxy not being able to use LDAP active sync. [#83750], [@Jguer]
- Tempo: Add template variable interpolation for filters . [#83706], [@joey-grafana]
- Elasticsearch: Fix adhoc filters not applied in frontend mode. [#83596], [@svennergr]
- Dashboards: Fixes issue where panels would not refresh if time range updated while in panel view mode. [#83525], [@kaydelaney]
- Auth: Fix email verification bypass when using basic authentication. [#83484]
- AuthProxy: Invalidate previous cached item for user when changes are made to any header. [#83203], [@klesh]
- LibraryPanels/RBAC: Fix issue where folder scopes weren't being correctly inherited. [#82902], [@kaydelaney]
- LibraryPanels: Fix issue with repeated library panels. [#82259], [@kaydelaney]
- Plugins: Don't auto prepend app sub url to plugin asset paths. [#82147], [@wbrowne]
- Elasticsearch: Set middlewares from Grafana's `httpClientProvider`. [#81929], [@svennergr]
- Folders: Fix failure to update folder in SQLite. [#81862], [@papagian]
- Loki/Elastic: Assert queryfix value to always be string. [#81463], [@svennergr]
Breaking changes:
- We're adding a between the response of the ID token HD parameter and the list of allowed domains. This feature can be disabled through the configuration toggle `validate_hd `. Anyone using the legacy Google OAuth configuration should disable this validation if the ID Token response doesn't have the HD parameter. Issue [#83725]
Features and enhancements:
- Chore: Improve domain validation for Google OAuth - Backport 83229 to v10.4.x. [#83726], [@linoman]
- DataQuery: Track panel plugin id not type. [#83164], [@torkelo]
- AuthToken: Remove client token rotation feature toggle. [#82886], [@kalleep]
- Plugins: Enable feature toggle angularDeprecationUI by default. [#82880], [@xnyo]
- Table Component: Improve text-wrapping behavior of cells. [#82872], [@ahuarte47]
- Alerting: Dry-run legacy upgrade on startup. [#82835], [@JacobsonMT]
- Tempo: Upgrade @grafana/lezer-traceql patch version to use trace metrics syntax. [#82532], [@joey-grafana]
- Logs Panel: Add CSV to download options. [#82480], [@gtk-grafana]
- Folders: Switch order of the columns in folder table indexes so that org_id becomes first. [#82454], [@papagian]
- Logs panel: Table UI - Guess string field types. [#82397], [@gtk-grafana]
- Alerting: Send alerts to APIv2 when using the Alertmanager contact point. [#82373], [@grobinson-grafana]
- Alerting: Emit warning when creating or updating unusually large groups. [#82279], [@alexweav]
- Keybindings: Change 'h' to 'mod+h' to open help modal. [#82253], [@tskarhed]
- Chore: Update arrow and prometheus dependencies. [#82215], [@ryantxu]
- Alerting: Enable group-level rule evaluation jittering by default, remove feature toggle. [#82212], [@alexweav]
- Loki Log Context: Always show label filters with at least one parsed label. [#82211], [@svennergr]
- Logs Panel: Table UI - better default column spacing. [#82205], [@gtk-grafana]
- RBAC: Migration to remove the scope from permissions where action is alert.instances:read. [#82202], [@IevaVasiljeva]
- JWT Authentication: Add support for specifying groups in auth.jwt for teamsync. [#82175], [@Jguer]
- Alerting: GA alertingPreviewUpgrade and enable by default. [#82038], [@JacobsonMT]
- Elasticsearch: Apply ad-hoc filters to annotation queries. [#82032], [@mikelv92]
- Alerting: Show legacy provisioned alert rules warning. [#81902], [@gillesdemey]
- Tempo: Support TraceQL metrics queries. [#81886], [@adrapereira]
- Tempo: Support backtick strings. [#81802], [@fabrizio-grafana]
- Dashboards: Remove `advancedDataSourcePicker` feature toggle. [#81790], [@Sergej-Vlasov]
- CloudWatch: Remove references to pkg/infra/metrics. [#81744], [@iwysiu]
- Licensing: Redact license when overriden by env variable. [#81726], [@leandro-deveikis]
- Explore: Disable cursor sync. [#81698], [@ifrost]
- Tempo: Add custom headers middleware for grpc client. [#81693], [@aocenas]
- Chore: Update test database initialization. [#81673], [@DanCech]
- Elasticsearch: Implement CheckHealth method in the backend. [#81671], [@mikelv92]
- Tooltips: Hide dimension configuration when tooltip mode is hidden. [#81627], [@codeincarnate]
- Alerting: Show warning when cp does not exist and invalidate the form. [#81621], [@soniaAguilarPeiron]
- User: Add uid colum to user table. [#81615], [@ryantxu]
- Cloudwatch: Remove core imports from infra/log. [#81543], [@njvrzm]
- Alerting: Add pagination and improved search for notification policies. [#81535], [@soniaAguilarPeiron]
- Alerting: Move action buttons in the alert list view. [#81341], [@soniaAguilarPeiron]
- Grafana/ui: Add deprecation notices to the legacy layout components. [#81328], [@Clarity-89]
- Cloudwatch: Deprecate cloudwatchNewRegionsHandler feature toggle and remove core imports from featuremgmt. [#81310], [@njvrzm]
- Candlestick: Add tooltip options. [#81307], [@adela-almasan]
- Folders: Forbid performing operations on folders via dashboards HTTP API. [#81264], [@undef1nd]
- Feature Management: Move awsDatasourcesNewFormStyling to Public Preview. [#81257], [@idastambuk]
- Alerting: Update API to use folders' full paths. [#81214], [@yuri-tceretian]
- Datasources: Add concurrency number to the settings. [#81212], [@itsmylife]
- CloudWatch: Remove dependencies on grafana/pkg/setting. [#81208], [@iwysiu]
- Logs: Table UI - Allow users to resize field selection section. [#81201], [@gtk-grafana]
- Dashboards: Remove emptyDashboardPage feature flag. [#81188], [@Sergej-Vlasov]
- Cloudwatch: Import httpClient from grafana-plugin-sdk-go instead of grafana/infra. [#81187], [@idastambuk]
- Logs: Table UI - Enable feature flag by default . [#81185], [@gtk-grafana]
- Tempo: Improve tags UX. [#81166], [@joey-grafana]
- Table: Cell inspector auto-detecting JSON. [#81152], [@gtk-grafana]
- Grafana/ui: Add Space component. [#81145], [@Clarity-89]
- Grafana/ui: Add deprecation notice to the Form component. [#81068], [@Clarity-89]
- Alerting: Swap order between Annotations and Labels step in the alert rule form. [#81060], [@soniaAguilarPeiron]
- Plugins: Change managedPluginsInstall to public preview. [#81053], [@oshirohugo]
- Tempo: Add span, trace vars to trace to metrics interpolation. [#81046], [@joey-grafana]
- Tempo: Support multiple filter expressions for service graph queries. [#81037], [@domasx2]
- Alerting: Support for simplified notification settings in rule API. [#81011], [@yuri-tceretian]
- Plugins: Add fuzzy search to plugins catalogue. [#81001], [@Ukochka]
- CloudWatch: Only override contextDialer when using PDC. [#80992], [@leandro-deveikis]
- Alerting: Add a feature flag to periodically save states. [#80987], [@JohnnyQQQQ]
- RBAC: Return the underlying error instead of internal server or bad request for managed permission endpoints. [#80974], [@IevaVasiljeva]
- Correlations: Enable correlations feature toggle by default. [#80881], [@ifrost]
- Transformations: Focus search input on drawer open. [#80859], [@codeincarnate]
- Packaging: Use the GRAFANA_HOME variable in postinst script on Debian. [#80853], [@denisse-dev]
- Visualizations: Hue gradient mode now applies to the line color . [#80805], [@torkelo]
- Drawer: Resizable via draggable edge . [#80796], [@torkelo]
- Alerting: Add setting to distribute rule group evaluations over time. [#80766], [@alexweav]
- Logs Panel: Permalink . [#80764], [@gtk-grafana]
- VizTooltips: Copy to clipboard functionality. [#80761], [@adela-almasan]
- AuthN: Support reloading SSO config after the sso settings have changed. [#80734], [@mgyongyosi]
- Logs Panel: Add total count to logs volume panel in explore. [#80730], [@gtk-grafana]
- Caching: Remove useCachingService feature toggle. [#80695], [@mmandrus]
- Table: Support showing data links inline. . [#80691], [@ryantxu]
- Storage: Add support for sortBy selector. [#80680], [@DanCech]
- Alerting: Add metric counting rule groups per org. [#80669], [@alexweav]
- RBAC: Cover plugin routes. [#80578], [@gamab]
- Profiling: Import godeltaprof/http/pprof. [#80509], [@korniltsev]
- Tempo: Add warning message when scope missing in TraceQL. [#80472], [@joey-grafana]
- Cloudwatch: Move getNextRefIdChar util from app/core/utils to @grafana/data. [#80471], [@idastambuk]
- DataFrame: Add optional unique id definition. [#80428], [@aocenas]
- Canvas: Add element snapping and alignment. [#80407], [@nmarrs]
- Logs: Add show context to dashboard panel. [#80403], [@svennergr]
- Canvas: Support context menu in panel edit mode. [#80335], [@nmarrs]
- VizTooltip: Add sizing options. [#80306], [@Develer]
- Plugins: Parse defaultValues correctly for nested options. [#80302], [@oshirohugo]
- Geomap: Support geojson styling properties. [#80272], [@drew08t]
- Runtime: Add property for disabling caching. [#80245], [@aangelisc]
- Alerting: Log scheduler maxAttempts, guard against invalid retry counts, log retry errors. [#80234], [@alexweav]
- Alerting: Improve integration with dashboards. [#80201], [@konrad147]
- Transformations: Use an explicit join seperator when converting from an array to string field. [#80169], [@ryantxu]
- Build: Update plugin IDs list in build and release process. [#80160], [@fabrizio-grafana]
- NestedFolders: Support Shared with me folder for showing items you've been granted access to. [#80141], [@joshhunt]
- Log Context: Add highlighted words to log rows. [#80119], [@svennergr]
- Tempo: Add `}` when `{` is inserted automatically. [#80113], [@harrymaurya05]
- Time Range: Copy-paste Time Range. [#80107], [@harisrozajac]
- PanelContext: Remove deprecated onSplitOpen. [#80087], [@harisrozajac]
- Docs: Add HAProxy rewrite information considering `serve_from_sub_path` setting. [#80062], [@simPod]
- Table: Keep expanded rows persistent when data changes if it has unique ID. [#80031], [@aocenas]
- SSO Config: Add generic OAuth. [#79972], [@Clarity-89]
- FeatureFlags: Remove the unsupported/undocumented option to read flags from a file. [#79959], [@ryantxu]
- Transformations: Add Group to Nested Tables Transformation. [#79952], [@codeincarnate]
- Cloudwatch Metrics: Adjust error handling. [#79911], [@idastambuk]
- Tempo: Decouple Tempo from Grafana core. [#79888], [@fabrizio-grafana]
- Table Panel: Filter column values with operators or expressions. [#79853], [@ahuarte47]
- Chore: Generate shorter UIDs. [#79843], [@ryantxu]
- Alerting: MuteTiming service return errutil + GetTiming by name. [#79772], [@yuri-tceretian]
- Azure Monitor: Add select all subscription option for ARG queries. [#79582], [@alyssabull]
- Alerting: Enable sending notifications to a specific topic on Telegram. [#79546], [@th0th]
- Logs Panel: Table UI - Reordering table columns via drag-and-drop. [#79536], [@gtk-grafana]
- Cloudwatch: Add AWS/EMRServerless and AWS/KafkaConnect Metrics . [#79532], [@DugeraProve]
- Transformations: Move transformation help to drawer component. [#79247], [@codeincarnate]
- Stat: Support no value in spark line. [#78986], [@FOWind]
- NodeGraph: Use layered layout instead of force based layout. [#78957], [@aocenas]
- Alerting: Create alertingQueryOptimization feature flag for alert query optimization. [#78932], [@JacobsonMT]
- Dashboard: New EmbeddedDashboard runtime component . [#78916], [@torkelo]
- Alerting: Show warning when query optimized. [#78751], [@JacobsonMT]
- Alerting: Add support for TTL for pushover for Mimir Alertmanager. [#78687], [@gillesdemey]
- Grafana/ui: Enable removing values in multiselect opened state. [#78662], [@FOWind]
- SQL datasources: Consistent interval handling. [#78517], [@gabor]
- Alerting: During legacy migration reduce the number of created silences. [#78505], [@JacobsonMT]
- UI: New share button and toolbar reorganize. [#77563], [@evictorero]
- Alerting: Update rule API to address folders by UID. [#74600], [@papagian]
- Reports: Add uid column to the database.
- Plugins: Add metrics for cloud plugin install.
- RBAC: Make seeding resilient to failed plugin loading.
- Plugins: Support disabling caching at a plugin instance level.
Bug fixes
- GenAI: Update the component only when the response is fully generated. [#83895], [@ivanortegaalba]
- LDAP: Fix LDAP users authenticated via auth proxy not being able to use LDAP active sync. [#83751], [@Jguer]
- Tempo: Better fallbacks for metrics query. [#83688], [@adrapereira]
- Tempo: Add template variable interpolation for filters. [#83667], [@joey-grafana]
- Elasticsearch: Fix adhoc filters not applied in frontend mode. [#83597], [@svennergr]
- AuthProxy: Invalidate previous cached item for user when changes are made to any header. [#83287], [@klesh]
- Alerting: Fix saving evaluation group. [#83234], [@soniaAguilarPeiron]
- QueryVariableEditor: Select a variable ds does not work. [#83181], [@ivanortegaalba]
- Logs Panel: Add option extra UI functionality for log context. [#83129], [@svennergr]
- Auth: Fix email verification bypass when using basic authentication. [#82914], [@volcanonoodle]
- LibraryPanels/RBAC: Fix issue where folder scopes weren't being correctly inherited. [#82700], [@kaydelaney]
- Table Panel: Fix display of ad-hoc filter actions. [#82442], [@codeincarnate]
- Loki: Update `@grafana/lezer-logql` to `0.2.3` containing fix for ip label name. [#82378], [@ivanahuckova]
- Alerting: Fix slack double pound and email summary. [#82333], [@gillesdemey]
- Elasticsearch: Fix resource calls for paths that include `:`. [#82327], [@ivanahuckova]
- Alerting: Return provenance of notification templates. [#82274], [@julienduchesne]
- LibraryPanels: Fix issue with repeated library panels. [#82255], [@kaydelaney]
- Loki: Fix fetching of values for label if no previous equality operator. [#82251], [@ivanahuckova]
- Alerting: Fix data races and improve testing. [#81994], [@diegommm]
- chore: Fix typo in GraphTresholdsStyleMode enum. [#81960], [@paulJonesCalian]
- CloudWatch: Fix code editor not resizing on mount when content height is > 200px. [#81911], [@kevinwcyu]
- FieldOptions: Revert scalable unit option as we already support this via custom prefix/suffixes . [#81893], [@torkelo]
- Browse Dashboards: Imported dashboards now display immediately in the dashboard list. [#81819], [@ashharrison90]
- Elasticsearch: Set middlewares from Grafana's `httpClientProvider`. [#81814], [@svennergr]
- Folders: Fix failure to update folder in SQLite. [#81795], [@papagian]
- Plugins: Never disable add new data source for core plugins. [#81774], [@oshirohugo]
- Alerting: Fixes for pending period. [#81718], [@gillesdemey]
- Alerting: Fix editing group of nested folder. [#81665], [@gillesdemey]
- Plugins: Don't auto prepend app sub url to plugin asset paths. [#81658], [@wbrowne]
- Alerting: Fix inconsistent AM raw config when applied via sync vs API. [#81655], [@JacobsonMT]
- Alerting: Fix support check for export with modifications. [#81602], [@gillesdemey]
- Alerting: Fix selecting empty contact point value for notification policy inheritance. [#81482], [@gillesdemey]
- Alerting: Fix child provisioned polices not being rendered as provisioned. [#81449], [@soniaAguilarPeiron]
- Tempo: Fix durations in TraceQL. [#81418], [@fabrizio-grafana]
- Logs: Fix toggleable filters to be applied for specified query. [#81368], [@ivanahuckova]
- Loki: Fix label not being added to all subexpressions. [#81360], [@svennergr]
- Loki/Elastic: Assert queryfix value to always be string. [#81349], [@svennergr]
- Tempo: Add query ref in the query editor. [#81343], [@joey-grafana]
- Transformations: Use the display name of the original y field for the predicted field of the regression analysis transformation. [#81332], [@oscarkilhed]
- Field: Fix perf regression in getUniqueFieldName. [#81323], [@leeoniya]
- Alerting: Fix scheduler to group folders by the unique key . [#81303], [@yuri-tceretian]
- Alerting: Fix migration edge-case race condition for silences. [#81206], [@JacobsonMT]
- Explore: Set default time range to now-1h. [#81135], [@ifrost]
- Elasticsearch: Fix URL creation and allowlist for `/_mapping` requests. [#80970], [@svennergr]
- Postgres: Handle single quotes in table names in the query editor. [#80951], [@gabor]
- Folders: Fix creating/updating a folder whose title has leading and trailing spaces. [#80909], [@papagian]
- Loki: Fix missing timerange in query builder values request. [#80829], [@svennergr]
- Elasticsearch: Fix showing of logs when `__source` is log message field. [#80804], [@ivanahuckova]
- Pyroscope: Fix stale value for query in query editor. [#80753], [@joey-grafana]
- Stat: Fix data links that refer to fields. [#80693], [@ajwerner]
- RBAC: Clean up data source permissions after data source deletion. [#80654], [@IevaVasiljeva]
- Alerting: Fix MuteTiming Get API to return provenance status. [#80494], [@yuri-tceretian]
- Tempo: Fix regression caused by #79938. [#80465], [@fabrizio-grafana]
- Alerting: Fix preview getting the correct queries from the form. [#80458], [@soniaAguilarPeiron]
- Alerting: Fix firing alerts title when showing active in Insights panel. [#80414], [@soniaAguilarPeiron]
- Postgres: Fix enabling the socks proxy. [#80361], [@gabor]
- Alerting: Fix group filter. [#80358], [@soniaAguilarPeiron]
- Alerting: Increase size of kvstore value type for MySQL to LONGTEXT. [#80331], [@JacobsonMT]
- Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL. [#80329], [@alexweav]
- Loki: Fix bug duplicating parsed labels across multiple log lines. [#80292], [@svennergr]
- Alerting: Fix NoData & Error alerts not resolving when rule is reset. [#80184], [@JacobsonMT]
- Loki: Fix metric time splitting to split starting with the start time. [#80085], [@svennergr]
- Rendering: Fix streaming panels always reaching timeout. [#80022], [@AgnesToulet]
- Plugins: Fix colon in CallResource URL returning an error when creating plugin resource request. [#79746], [@GiedriusS]
- PDF: Fix initialization when SMTP is disabled.
- PDF: Fix repeated panels placement issue.
- Report CSV: Fix timeout with streaming panels.
- RBAC: Avoid repopulating removed basic role permissions if the permission scope has changed.
Breaking changes:
- We're adding a between the response of the ID token HD parameter and the list of allowed domains. This feature can be disabled through the configuration toggle `validate_hd `. Anyone using the legacy Google OAuth configuration should disable this validation if the ID Token response doesn't have the HD parameter. Issue [#83726]
- If you use an automated provisioning for custom roles, and have provisioned a role that includes permission with action `alert.instances:read` and some scope, you will need to update the permission in your provisioning files by removing the scope. Issue [#82202]
- **The following breaking change occurs only when feature flag `nestedFolders` is enabled.**
- If the folder title contains the symbol `/` the notifications created from the rules that are placed in that folder will contain an escape sequence for that symbol in the label `grafana_folder`.
- For example, the folder title is `Grafana / Folder`. Currently the label `grafana_folder` will contain the title as it is. If PR is merged - the label value will be `Grafana \/ Folder`.
- This can break notifications if notification policies have matches that match that label and folder. Issue [#81214]
- `PanelContext.onSplitOpen` is removed. In the context of Explore, plugins should use `field.getLinks` to get a list of data link models. Issue [#80087]
- The unstable alert rule API has been changed and now expects a folder UID instead of the folder title as namespace path parameter.
- I addition to this, the responses that used to return the folder title now return `<folder parent UID>/<folder title>` to uniquely identify them.
- Any consumers of the specific API should be appropriately adapted. Issue [#74600]
Plugin development fixes & changes:
- Grafana/UI: Add new Splitter component . [#82357], [@torkelo]
Features and enhancements:
- Bump go-git to v5.11.0. [#83711], [@papagian]
- Plugins: Bump otelgrpc instrumentation to 0.47.0. [#83674], [@wbrowne]
Bug fixes:
- Auth: Fix email verification bypass when using basic authentication. [#83494]
Features and enhancements:
- Alerting: Add setting to distribute rule group evaluations over time. [#81404], [@alexweav]
Bug fixes:
- Cloudwatch: Fix errors while loading queries/datasource on Safari. [#83842], [@kevinwcyu]
- Elasticsearch: Fix adhoc filters not applied in frontend mode. [#83595], [@svennergr]
- Auth: Fix email verification bypass when using basic authentication. [#83489]
- Alerting: Fix queries and expressions in rule view details. [#82875], [@soniaAguilarPeiron]
- Plugins: Don't auto prepend app sub url to plugin asset paths. [#82146], [@wbrowne]
- Folders: Fix failure to update folder in SQLite. [#81861], [@papagian]
Bug fixes:
- Auth: Fix email verification bypass when using basic authentication. [#83492]
Bug fixes:
- Auth: Fix email verification bypass when using basic authentication. [#83493]
Jenkins 2.448
- NonPipeline builds interrupted by a controller restart will now be marked as aborted rather than failed. (pull 8986))
- Proxy configuration saved via the GUI always configured an authenticator even if the username was blank. (pull 8990))
- Restore functionality of some dropdown list form fields outside configuration forms (issue 72759))
- Customization of agent log files did not work for inbound agents. (issue 72799))
- Setting a proper owner for Jenkins.clouds after Jenkins.load (pull 8976))
Node.JS 21.7.1
Notable Changes:
- This release reverts #51389, which landed in Node.js 21.7.0. It is a documented feature that t.after() hooks are run even if a test has no subtests. The hook can be used to clean up the test itself.
Commits:
[0dfe810ac7] - benchmark: update iterations of benchmark/async_hooks/async-local- (Lei Shi) #51420
[625c9e0ac9] - benchmark: update iterations of benchmark/domain/domain-fn-args.js (Lei Shi) #51408
[7ff3551bad] - build: fix arm64 host cross-compilation in GN (Cheng Zhao) #51903
[fd86ea8b71] - Revert "build: workaround for node-core-utils" (Richard Lau) #51975
[23c32ab3a7] - build: respect the NODE env variable in Makefile (Antoine du Hamel) #51743
[9617adc064] - Revert "build: fix warning in cares under GN build" (Luigi Pinca) #51865
[5864534095] - deps: update nghttp2 to 1.60.0 (Node.js GitHub Bot) #51948
[fcf235d623] - doc: add policy for distribution (Geoffrey Booth) #51918
[87d2acc8b1] - doc: fix actual result of example is different in events (Deokjin Kim) #51925
[5908c121c6] - doc: clarify Corepack threat model (Antoine du Hamel) #51917
[20e0ba3b94] - doc,module: clarify hook chain execution sequence (Jacob Smith) #51884
[4d997971ac] - lib: make sure close net server (theanarkh) #51929
[fcc6d54aa3] - lib: return directly if udp socket close before lookup (theanarkh) #51914
[10aaabd158] - meta: bump github/codeql-action from 3.23.2 to 3.24.6 (dependabot[bot]) #51942
[78f38a0143] - meta: bump actions/upload-artifact from 4.3.0 to 4.3.1 (dependabot[bot]) #51941
[42ca5452c4] - meta: bump codecov/codecov-action from 4.0.1 to 4.1.0 (dependabot[bot]) #51940
[015a157375] - meta: bump actions/cache from 4.0.0 to 4.0.1 (dependabot[bot]) #51939
[e476cb4a32] - meta: bump actions/download-artifact from 4.1.1 to 4.1.3 (dependabot[bot]) #51938
[67e8001790] - meta: bump actions/setup-node from 4.0.1 to 4.0.2 (dependabot[bot]) #51937
[50343636e8] - src: fix --disable-single-executable-application (Joyee Cheung) #51808
[a48c9ca0db] - stream: do not defer construction by one microtick (Matteo Collina) #52005
[bee3b364f9] - test: add regression test for test_runner after hook (Colin Ihrig) #51998
[fff7f48f50] - test: reduce flakiness of test-runner-output (Antoine du Hamel) #51952
[57ba8f5acb] - test: fix flaky http-chunk-extensions-limit test (Ethan Arrowood) #51943
[9d2c03990a] - test: remove flaky designation (Luigi Pinca) #51736
[e992af81d3] - test: skip SEA tests when SEA generation fails (Joyee Cheung) #51887
[85aa6ca850] - Revert "test_runner: do not invoke after hook when test is empty" (Colin Ihrig) #5199