CHANGELOG 137 KB
Newer Older
1 2
Please view this file on the master branch, on stable branches it's out of date.

3
v 8.8.0 (unreleased)
4
  - Project#open_branches has been cleaned up and no longer loads entire records into memory.
5
  - Make build status canceled if any of the jobs was canceled and none failed
6
  - Remove future dates from contribution calendar graph.
7
  - Support e-mail notifications for comments on project snippets
8
  - Use ActionDispatch Remote IP for Akismet checking
9
  - Fix error when visiting commit builds page before build was updated
Alfredo Sumaran's avatar
Alfredo Sumaran committed
10
  - Add 'l' shortcut to open Label dropdown on issuables and 'i' to create new issue on a project
Phil Hughes's avatar
Phil Hughes committed
11
  - Updated search UI
12
  - Display informative message when new milestone is created
13
  - Sanitize milestones and labels titles
14
  - Allow "NEWS" and "CHANGES" as alternative names for CHANGELOG. !3768 (Connor Shea)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
15
  - Added button to toggle whitespaces changes on diff view
16
  - Backport GitLab Enterprise support from EE
17
  - Create tags using Rugged for performance reasons. !3745
18
  - Files over 5MB can only be viewed in their raw form, files over 1MB without highlighting !3718
19
  - Add support for supressing text diffs using .gitattributes on the default branch (Matt Oakes)
Jacob Schatz's avatar
Jacob Schatz committed
20
  - Added multiple colors for labels in dropdowns when dups happen.
21
  - Improve description for the Two-factor Authentication sign-in screen. (Connor Shea)
22
  - API support for the 'since' and 'until' operators on commit requests (Paco Guzman)
23
  - Fix Gravatar hint in user profile when Gravatar is disabled. !3988 (Artem Sidorenko)
24
  - Expire repository exists? and has_visible_content? caches after a push if necessary
25

26 27 28
v 8.7.3
  - Emails, Gitlab::Email::Message, Gitlab::Diff, and Premailer::Adapter::Nokogiri are now instrumented

Yorick Peterse's avatar
Yorick Peterse committed
29
v 8.7.2
30
  - The "New Branch" button is now loaded asynchronously
31
  - Fix error 500 when trying to create a wiki page
Yorick Peterse's avatar
Yorick Peterse committed
32
  - Updated spacing between notification label and button
33 34

v 8.7.1
35
  - Throttle the update of `project.last_activity_at` to 1 minute. !3848
36 37 38
  - Fix .gitlab-ci.yml parsing issue when hidde job is a template without script definition. !3849
  - Fix license detection to detect all license files, not only known licenses. !3878
  - Use the `can?` helper instead of `current_user.can?`. !3882
39
  - Prevent users from deleting Webhooks via API they do not own
40
  - Fix Error 500 due to stale cache when projects are renamed or transferred
41
  - Update width of search box to fix Safari bug. !3900 (Jedidiah)
42
  - Use the `can?` helper instead of `current_user.can?`
43 44

v 8.7.0
45
  - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented
46
  - Fix vulnerability that made it possible to gain access to private labels and milestones
47
  - The number of InfluxDB points stored per UDP packet can now be configured
48
  - Fix error when cross-project label reference used with non-existent project
49
  - Transactions for /internal/allowed now have an "action" tag set
50
  - Method instrumentation now uses Module#prepend instead of aliasing methods
51
  - Repository.clean_old_archives is now instrumented
52
  - Add support for environment variables on a job level in CI configuration file
53
  - SQL query counts are now tracked per transaction
Rémy Coutable's avatar
Rémy Coutable committed
54 55 56 57
  - The Projects::HousekeepingService class has extra instrumentation
  - All service classes (those residing in app/services) are now instrumented
  - Developers can now add custom tags to transactions
  - Loading of an issue's referenced merge requests and related branches is now done asynchronously
58
  - Enable gzip for assets, makes the page size significantly smaller. !3544 / !3632 (Connor Shea)
Robert Speicher's avatar
Robert Speicher committed
59
  - Add support to cherry-pick any commit into any branch in the web interface (Minqi Pan)
Rémy Coutable's avatar
Rémy Coutable committed
60
  - Project switcher uses new dropdown styling
61
  - Load award emoji images separately unless opening the full picker. Saves several hundred KBs of data for most pages. (Connor Shea)
62
  - Do not include award_emojis in issue and merge_request comment_count !3610 (Lucas Charles)
Felipe Artur's avatar
Felipe Artur committed
63
  - Restrict user profiles when public visibility level is restricted.
Rémy Coutable's avatar
Rémy Coutable committed
64
  - Add ability set due date to issues, sort and filter issues by due date (Mehmet Beydogan)
65
  - All images in discussions and wikis now link to their source files !3464 (Connor Shea).
66
  - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu)
67
  - Add setting for customizing the list of trusted proxies !3524
Felipe Artur's avatar
Felipe Artur committed
68
  - Allow projects to be transfered to a lower visibility level group
69
  - Fix `signed_in_ip` being set to 127.0.0.1 when using a reverse proxy !3524
Rémy Coutable's avatar
Rémy Coutable committed
70
  - Improved Markdown rendering performance !3389
71
  - Make shared runners text in box configurable
72
  - Don't attempt to look up an avatar in repo if repo directory does not exist (Stan Hu)
73
  - API: Ability to subscribe and unsubscribe from issues and merge requests (Robert Schilling)
74
  - Expose project badges in project settings
75
  - Make /profile/keys/new redirect to /profile/keys for back-compat. !3717
76
  - Preserve time notes/comments have been updated at when moving issue
Rémy Coutable's avatar
Rémy Coutable committed
77
  - Make HTTP(s) label consistent on clone bar (Stan Hu)
78
  - Add support for `after_script`, requires Runner 1.2 (Kamil Trzciński)
79
  - Expose label description in API (Mariusz Jachimowicz)
80
  - API: Ability to update a group (Robert Schilling)
81
  - API: Ability to move issues (Robert Schilling)
82
  - Fix Error 500 after renaming a project path (Stan Hu)
83
  - Fix a bug whith trailing slash in teamcity_url (Charles May)
84
  - Allow back dating on issues when created or updated through the API
85
  - Allow back dating on issue notes when created through the API
86 87
  - Propose license template when creating a new LICENSE file
  - API: Expose /licenses and /licenses/:key
Alfredo Sumaran's avatar
Alfredo Sumaran committed
88
  - Fix avatar stretching by providing a cropping feature
89
  - API: Expose `subscribed` for issues and merge requests (Robert Schilling)
Patricio Cano's avatar
Patricio Cano committed
90
  - Allow SAML to handle external users based on user's information !3530
Patricio Cano's avatar
Patricio Cano committed
91
  - Allow Omniauth providers to be marked as `external` !3657
92
  - Add endpoints to archive or unarchive a project !3372
93
  - Fix a bug whith trailing slash in bamboo_url
94
  - Add links to CI setup documentation from project settings and builds pages
95
  - Display project members page to all members
96
  - Handle nil descriptions in Slack issue messages (Stan Hu)
97
  - Add automated repository integrity checks (OFF by default)
Robert Schilling's avatar
Robert Schilling committed
98
  - API: Expose open_issues_count, closed_issues_count, open_merge_requests_count for labels (Robert Schilling)
99
  - API: Ability to star and unstar a project (Robert Schilling)
100
  - Add default scope to projects to exclude projects pending deletion
101
  - Allow to close merge requests which source projects(forks) are deleted.
102
  - Ensure empty recipients are rejected in BuildsEmailService
P.S.V.R's avatar
P.S.V.R committed
103
  - Use rugged to change HEAD in Project#change_head (P.S.V.R)
104
  - API: Ability to filter milestones by state `active` and `closed` (Robert Schilling)
105
  - API: Fix milestone filtering by `iid` (Robert Schilling)
106
  - Make before_script and after_script overridable on per-job (Kamil Trzciński)
Robert Schilling's avatar
Robert Schilling committed
107
  - API: Delete notes of issues, snippets, and merge requests (Robert Schilling)
108
  - Implement 'Groups View' as an option for dashboard preferences !3379 (Elias W.)
Felipe Artur's avatar
Felipe Artur committed
109
  - Better errors handling when creating milestones inside groups
110
  - Fix high CPU usage when PostReceive receives refs/merge-requests/<id>
111
  - Hide `Create a group` help block when creating a new project in a group
112
  - Implement 'TODOs View' as an option for dashboard preferences !3379 (Elias W.)
113
  - Allow issues and merge requests to be assigned to the author !2765
Kamil Trzcinski's avatar
Kamil Trzcinski committed
114
  - Make Ci::Commit to group only similar builds and make it stateful (ref, tag)
115
  - Gracefully handle notes on deleted commits in merge requests (Stan Hu)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
116
  - Decouple membership and notifications
117
  - Fix creation of merge requests for orphaned branches (Stan Hu)
Robert Schilling's avatar
Robert Schilling committed
118
  - API: Ability to retrieve a single tag (Robert Schilling)
119
  - While signing up, don't persist the user password across form redisplays
Rémy Coutable's avatar
Rémy Coutable committed
120
  - Fall back to `In-Reply-To` and `References` headers when sub-addressing is not available (David Padilla)
121
  - Remove "Congratulations!" tweet button on newly-created project. (Connor Shea)
PotHix's avatar
PotHix committed
122
  - Fix admin/projects when using visibility levels on search (PotHix)
123
  - Build status notifications
Phil Hughes's avatar
Phil Hughes committed
124
  - Update email confirmation interface
Robert Schilling's avatar
Robert Schilling committed
125
  - API: Expose user location (Robert Schilling)
126
  - API: Do not leak group existence via return code (Robert Schilling)
Jacob Schatz's avatar
Jacob Schatz committed
127
  - ClosingIssueExtractor regex now also works with colons. e.g. "Fixes: #1234" !3591
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
128
  - Update number of Todos in the sidebar when it's marked as "Done". !3600
Timothy Andrew's avatar
Timothy Andrew committed
129
  - Sanitize branch names created for confidential issues
130
  - API: Expose 'updated_at' for issue, snippet, and merge request notes (Robert Schilling)
131
  - API: User can leave a project through the API when not master or owner. !3613
132
  - Fix repository cache invalidation issue when project is recreated with an empty repo (Stan Hu)
133
  - Fix: Allow empty recipients list for builds emails service when pushed is added (Frank Groeneveld)
Phil Hughes's avatar
Phil Hughes committed
134
  - Improved markdown forms
135 136 137
  - Diff design updates (colors, button styles, etc)
  - Copying and pasting a diff no longer pastes the line numbers or +/-
  - Add null check to formData when updating profile content to fix Firefox bug
Arinde Eniola's avatar
Arinde Eniola committed
138
  - Disable spellcheck and autocorrect for username field in admin page
Robert Schilling's avatar
Robert Schilling committed
139
  - Delete tags using Rugged for performance reasons (Robert Schilling)
Sebastian Klier's avatar
Sebastian Klier committed
140
  - Add Slack notifications when Wiki is edited (Sebastian Klier)
Phil Hughes's avatar
Phil Hughes committed
141 142
  - Diffs load at the correct point when linking from from number
  - Selected diff rows highlight
Valery Sizov's avatar
Valery Sizov committed
143
  - Fix emoji categories in the emoji picker
144
  - API: Properly display annotated tags for GET /projects/:id/repository/tags (Robert Schilling)
James Lopez's avatar
James Lopez committed
145
  - Add encrypted credentials for imported projects and migrate old ones
146
  - Properly format all merge request references with ! rather than # !3740 (Ben Bodenmiller)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
147
  - Author and participants are displayed first on users autocompletion
BaldinoF's avatar
BaldinoF committed
148
  - Show number sign on external issue reference text (Florent Baldino)
Phil Hughes's avatar
Phil Hughes committed
149
  - Updated print style for issues
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
150
  - Use GitHub Issue/PR number as iid to keep references
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
151
  - Import GitHub labels
Alfredo Sumaran's avatar
Alfredo Sumaran committed
152
  - Add option to filter by "Owned projects" on dashboard page
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
153
  - Import GitHub milestones
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
154
  - Execute system web hooks on push to the project
155
  - Allow enable/disable push events for system hooks
156
  - Fix GitHub project's link in the import page when provider has a custom URL
Tomasz Maczukin's avatar
Tomasz Maczukin committed
157
  - Add RAW build trace output and button on build page
Tomasz Maczukin's avatar
Tomasz Maczukin committed
158
  - Add incremental build trace update into CI API
Rémy Coutable's avatar
Rémy Coutable committed
159

160 161 162 163 164 165 166 167 168 169 170 171 172
v 8.6.8
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent XSS via label drop-down
  - Prevent information disclosure via milestone API
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

173
v 8.6.7
Robert Speicher's avatar
Robert Speicher committed
174 175
  - Fix persistent XSS vulnerability in `commit_person_link` helper
  - Fix persistent XSS vulnerability in Label and Milestone dropdowns
176 177
  - Fix vulnerability that made it possible to enumerate private projects belonging to group

178
v 8.6.6
Rémy Coutable's avatar
Rémy Coutable committed
179 180 181
  - Expire the exists cache before deletion to ensure project dir actually exists (Stan Hu). !3413
  - Fix error on language detection when repository has no HEAD (e.g., master branch) (Jeroen Bobbeldijk). !3654
  - Fix revoking of authorized OAuth applications (Connor Shea). !3690
Jeroen Bobbeldijk's avatar
Jeroen Bobbeldijk committed
182
  - Fix error on language detection when repository has no HEAD (e.g., master branch). !3654 (Jeroen Bobbeldijk)
Phil Hughes's avatar
Phil Hughes committed
183 184
  - Issuable header is consistent between issues and merge requests
  - Improved spacing in issuable header on mobile
185

186 187 188 189 190 191 192 193
v 8.6.5
  - Fix importing from GitHub Enterprise. !3529
  - Perform the language detection after updating merge requests in `GitPushService`, leading to faster visual feedback for the end-user. !3533
  - Check permissions when user attempts to import members from another project. !3535
  - Only update repository language if it is not set to improve performance. !3556
  - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu). !3583
  - Unblock user when active_directory is disabled and it can be found !3550
  - Fix a 2FA authentication spoofing vulnerability.
194

Rémy Coutable's avatar
Rémy Coutable committed
195 196
v 8.6.4
  - Don't attempt to fetch any tags from a forked repo (Stan Hu)
197
  - Redesign the Labels page
Rémy Coutable's avatar
Rémy Coutable committed
198

Rémy Coutable's avatar
Rémy Coutable committed
199 200
v 8.6.3
  - Mentions on confidential issues doesn't create todos for non-members. !3374
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
201 202
  - Destroy related todos when an Issue/MR is deleted. !3376
  - Fix error 500 when target is nil on todo list. !3376
Rémy Coutable's avatar
Rémy Coutable committed
203 204 205 206
  - Fix copying uploads when moving issue to another project. !3382
  - Ensuring Merge Request API returns boolean values for work_in_progress (Abhi Rao). !3432
  - Fix raw/rendered diff producing different results on merge requests. !3450
  - Fix commit comment alignment (Stan Hu). !3466
207
  - Fix Error 500 when searching for a comment in a project snippet. !3468
Rémy Coutable's avatar
Rémy Coutable committed
208 209 210
  - Allow temporary email as notification email. !3477
  - Fix issue with dropdowns not selecting values. !3478
  - Update gitlab-shell version and doc to 2.6.12. gitlab-org/gitlab-ee!280
211

Rémy Coutable's avatar
Rémy Coutable committed
212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232
v 8.6.2
  - Fix dropdown alignment. !3298
  - Fix issuable sidebar overlaps on tablet. !3299
  - Make dropdowns pixel perfect. !3337
  - Fix order of steps to prevent PostgreSQL errors when running migration. !3355
  - Fix bold text in issuable sidebar. !3358
  - Fix error with anonymous token in applications settings. !3362
  - Fix the milestone 'upcoming' filter. !3364 + !3368
  - Fix comments on confidential issues showing up in activity feed to non-members. !3375
  - Fix `NoMethodError` when visiting CI root path at `/ci`. !3377
  - Add a tooltip to new branch button in issue page. !3380
  - Fix an issue hiding the password form when signed-in with a linked account. !3381
  - Add links to CI setup documentation from project settings and builds pages. !3384
  - Fix an issue with width of project select dropdown. !3386
  - Remove redundant `require`s from Banzai files. !3391
  - Fix error 500 with cancel button on issuable edit form. !3392 + !3417
  - Fix background when editing a highlighted note. !3423
  - Remove tabstop from the WIP toggle links. !3426
  - Ensure private project snippets are not viewable by unauthorized people.
  - Gracefully handle notes on deleted commits in merge requests (Stan Hu). !3402
  - Fixed issue with notification settings not saving. !3452
233

Rémy Coutable's avatar
Rémy Coutable committed
234 235 236 237 238 239 240 241 242 243 244 245 246 247
v 8.6.1
  - Add option to reload the schema before restoring a database backup. !2807
  - Display navigation controls on mobile. !3214
  - Fixed bug where participants would not work correctly on merge requests. !3329
  - Fix sorting issues by votes on the groups issues page results in SQL errors. !3333
  - Restrict notifications for confidential issues. !3334
  - Do not allow to move issue if it has not been persisted. !3340
  - Add a confirmation step before deleting an issuable. !3341
  - Fixes issue with signin button overflowing on mobile. !3342
  - Auto collapses the navigation sidebar when resizing. !3343
  - Fix build dependencies, when the dependency is a string. !3344
  - Shows error messages when trying to create label in dropdown menu. !3345
  - Fixes issue with assign milestone not loading milestone list. !3346
  - Fix an issue causing the Dashboard/Milestones page to be blank. !3348
Rémy Coutable's avatar
Rémy Coutable committed
248 249

v 8.6.0
250
  - Add ability to move issue to another project
James Lopez's avatar
James Lopez committed
251
  - Prevent tokens in the import URL to be showed by the UI
252
  - Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu)
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
253
  - Add confidential issues
Stan Hu's avatar
Stan Hu committed
254
  - Bump gitlab_git to 9.0.3 (Stan Hu)
255
  - Fix diff image view modes (2-up, swipe, onion skin) not working (Stan Hu)
256
  - Support Golang subpackage fetching (Stan Hu)
Stan Hu's avatar
Stan Hu committed
257
  - Bump Capybara gem to 2.6.2 (Stan Hu)
258
  - New branch button appears on issues where applicable
259
  - Contributions to forked projects are included in calendar
260
  - Improve the formatting for the user page bio (Connor Shea)
261
  - Easily (un)mark merge request as WIP using link
262
  - Use specialized system notes when MR is (un)marked as WIP
263 264 265
  - Removed the default password from the initial admin account created during
    setup. A password can be provided during setup (see installation docs), or
    GitLab will ask the user to create a new one upon first visit.
James Lopez's avatar
James Lopez committed
266
  - Fix issue when pushing to projects ending in .wiki
Rémy Coutable's avatar
Rémy Coutable committed
267
  - Properly display YAML front matter in Markdown
268
  - Add support for wiki with UTF-8 page names (Hiroyuki Sato)
269
  - Fix wiki search results point to raw source (Hiroyuki Sato)
270
  - Don't load all of GitLab in mail_room
Rémy Coutable's avatar
Rémy Coutable committed
271
  - Add information about `image` and `services` field at `job` level in the `.gitlab-ci.yml` documentation (Pat Turner)
272
  - HTTP error pages work independently from location and config (Artem Sidorenko)
273
  - Update `omniauth-saml` to 1.5.0 to allow for custom response attributes to be set
274
  - Memoize @group in Admin::GroupsController (Yatish Mehta)
275
  - Indicate how much an MR diverged from the target branch (Pierre de La Morinerie)
276
  - Added omniauth-auth0 Gem (Daniel Carraro)
277
  - Add label description in tooltip to labels in issue index and sidebar
278
  - Strip leading and trailing spaces in URL validator (evuez)
279
  - Add "last_sign_in_at" and "confirmed_at" to GET /users/* API endpoints for admins (evuez)
280
  - Return empty array instead of 404 when commit has no statuses in commit status API
281
  - Decrease the font size and the padding of the `.anchor` icons used in the README (Roberto Dip)
Sean Lang's avatar
Sean Lang committed
282
  - Rewrite logo to simplify SVG code (Sean Lang)
283 284
  - Allow to use YAML anchors when parsing the `.gitlab-ci.yml` (Pascal Bach)
  - Ignore jobs that start with `.` (hidden jobs)
285
  - Hide builds from project's settings when the feature is disabled
286
  - Allow to pass name of created artifacts archive in `.gitlab-ci.yml`
287
  - Refactor and greatly improve search performance
288
  - Add support for cross-project label references
289
  - Ensure "new SSH key" email do not ends up as dead Sidekiq jobs
290
  - Update documentation to reflect Guest role not being enforced on internal projects
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
291
  - Allow search for logged out users
292
  - Allow to define on which builds the current one depends on
293
  - Allow user subscription to a label: get notified for issues/merge requests related to that label (Timothy Andrew)
294
  - Fix bug where Bitbucket `closed` issues were imported as `opened` (Iuri de Silvio)
Rubén Dávila's avatar
Rubén Dávila committed
295
  - Don't show Issues/MRs from archived projects in Groups view
296
  - Fix wrong "iid of max iid" in Issuable sidebar for some merged MRs
297
  - Fix empty source_sha on Merge Request when there is no diff (Pierre de La Morinerie)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
298
  - Increase the notes polling timeout over time (Roberto Dip)
299
  - Add shortcut to toggle markdown preview (Florent Baldino)
300
  - Show labels in dashboard and group milestone views
301
  - Fix an issue when the target branch of a MR had been deleted
tiagonbotelho's avatar
tiagonbotelho committed
302
  - Add main language of a project in the list of projects (Tiago Botelho)
303
  - Add #upcoming filter to Milestone filter (Tiago Botelho)
304
  - Add ability to show archived projects on dashboard, explore and group pages
305
  - Remove fork link closes all merge requests opened on source project (Florent Baldino)
306
  - Move group activity to separate page
307
  - Create external users which are excluded of internal and private projects unless access was explicitly granted
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
308
  - Continue parameters are checked to ensure redirection goes to the same instance
309
  - User deletion is now done in the background so the request can not time out
Geoffrey Lalonde's avatar
Geoffrey Lalonde committed
310
  - Canceled builds are now ignored in compound build status if marked as `allowed to fail`
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
311
  - Trigger a todo for mentions on commits page
312
  - Let project owners and admins soft delete issues and merge requests
Rémy Coutable's avatar
Rémy Coutable committed
313

314 315 316 317 318 319 320 321 322 323 324
v 8.5.12
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

325 326 327
v 8.5.11
  - Fix persistent XSS vulnerability in `commit_person_link` helper

328 329 330
v 8.5.10
  - Fix a 2FA authentication spoofing vulnerability.

Rémy Coutable's avatar
Rémy Coutable committed
331 332 333
v 8.5.9
  - Don't attempt to fetch any tags from a forked repo (Stan Hu).

334 335 336
v 8.5.8
  - Bump Git version requirement to 2.7.4

Douwe Maan's avatar
Douwe Maan committed
337
v 8.5.7
338
  - Bump Git version requirement to 2.7.3
Rémy Coutable's avatar
Rémy Coutable committed
339

Rémy Coutable's avatar
Rémy Coutable committed
340 341 342
v 8.5.6
  - Obtain a lease before querying LDAP

Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
343
v 8.5.5
Rémy Coutable's avatar
Rémy Coutable committed
344 345 346 347
  - Ensure removing a project removes associated Todo entries
  - Prevent a 500 error in Todos when author was removed
  - Fix pagination for filtered dashboard and explore pages
  - Fix "Show all" link behavior
Rémy Coutable's avatar
Rémy Coutable committed
348

349
v 8.5.4
350 351
  - Do not cache requests for badges (including builds badge)

Rémy Coutable's avatar
Rémy Coutable committed
352 353
v 8.5.3
  - Flush repository caches before renaming projects
354
  - Sort starred projects on dashboard based on last activity by default
Rubén Dávila's avatar
Rubén Dávila committed
355
  - Show commit message in JIRA mention comment
356
  - Makes issue page and merge request page usable on mobile browsers.
Phil Hughes's avatar
Phil Hughes committed
357
  - Improved UI for profile settings
Rémy Coutable's avatar
Rémy Coutable committed
358

Robert Speicher's avatar
Robert Speicher committed
359 360
v 8.5.2
  - Fix sidebar overlapping content when screen width was below 1200px
Rémy Coutable's avatar
Rémy Coutable committed
361 362
  - Don't repeat labels listed on Labels tab
  - Bring the "branded appearance" feature from EE to CE
Robert Speicher's avatar
Robert Speicher committed
363
  - Fix error 500 when commenting on a commit
Rémy Coutable's avatar
Rémy Coutable committed
364
  - Show days remaining instead of elapsed time for Milestone
365
  - Fix broken icons on installations with relative URL (Artem Sidorenko)
Rémy Coutable's avatar
Rémy Coutable committed
366
  - Fix issue where tag list wasn't refreshed after deleting a tag
Kazuki Sawada's avatar
Kazuki Sawada committed
367
  - Fix import from gitlab.com (KazSawada)
Rémy Coutable's avatar
Rémy Coutable committed
368 369
  - Improve implementation to check read access to forks and add pagination
  - Don't show any "2FA required" message if it's not actually required
370
  - Fix help keyboard shortcut on relative URL setups (Artem Sidorenko)
Rémy Coutable's avatar
Rémy Coutable committed
371 372
  - Update Rails to 4.2.5.2
  - Fix permissions for deprecated CI build status badge
373
  - Don't show "Welcome to GitLab" when the search didn't return any projects
Rémy Coutable's avatar
Rémy Coutable committed
374
  - Add Todos documentation
Rémy Coutable's avatar
Rémy Coutable committed
375 376 377

v 8.5.1
  - Fix group projects styles
378
  - Show Crowd login tab when sign in is disabled and Crowd is enabled (Peter Hudec)
Rémy Coutable's avatar
Rémy Coutable committed
379 380 381 382 383 384 385 386 387 388
  - Fix a set of small UI glitches in project, profile, and wiki pages
  - Restrict permissions on public/uploads
  - Fix the merge request side-by-side view after loading diff results
  - Fix the look of tooltip for the "Revert" button
  - Add when the Builds & Runners API changes got introduced
  - Fix error 500 on some merged merge requests
  - Fix an issue causing the content of the issuable sidebar to disappear
  - Fix error 500 when trying to mark an already done todo as "done"
  - Fix an issue where MRs weren't sortable
  - Issues can now be dragged & dropped into empty milestone lists. This is also
Rémy Coutable's avatar
Rémy Coutable committed
389
    possible with MRs
Rémy Coutable's avatar
Rémy Coutable committed
390 391 392
  - Changed padding & background color for highlighted notes
  - Re-add the newrelic_rpm gem which was removed without any deprecation or warning (Stan Hu)
  - Update sentry-raven gem to 0.15.6
393
  - Add build coverage in project's builds page (Steffen Köhler)
394
  - Changed # to ! for merge requests in activity view
395 396

v 8.5.0
397
  - Fix duplicate "me" in tooltip of the "thumbsup" awards Emoji (Stan Hu)
Rémy Coutable's avatar
Rémy Coutable committed
398
  - Cache various Repository methods to improve performance
ashleys's avatar
ashleys committed
399
  - Fix duplicated branch creation/deletion Webhooks/service notifications when using Web UI (Stan Hu)
400
  - Ensure rake tasks that don't need a DB connection can be run without one
401
  - Update New Relic gem to 3.14.1.311 (Stan Hu)
402
  - Add "visibility" flag to GET /projects api endpoint
403
  - Add an option to supply root email through an environmental variable (Koichiro Mikami)
404
  - Ignore binary files in code search to prevent Error 500 (Stan Hu)
Stan Hu's avatar
Stan Hu committed
405
  - Render sanitized SVG images (Stan Hu)
406
  - Support download access by PRIVATE-TOKEN header (Stan Hu)
407
  - Upgrade gitlab_git to 7.2.23 to fix commit message mentions in first branch push
408
  - Add option to include the sender name in body of Notify email (Jason Lee)
409
  - New UI for pagination
Robert Speicher's avatar
Robert Speicher committed
410 411
  - Don't prevent sign out when 2FA enforcement is enabled and user hasn't yet
    set it up
412
  - API: Added "merge_requests/:merge_request_id/closes_issues" (Gal Schlezinger)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
413
  - Fix diff comments loaded by AJAX to load comment with diff in discussion tab
414
  - Fix relative links in other markup formats (Ben Boeckel)
415
  - Whitelist raw "abbr" elements when parsing Markdown (Benedict Etzel)
416
  - Fix label links for a merge request pointing to issues list
417
  - Don't vendor minified JS
418
  - Increase project import timeout to 15 minutes
419
  - Be more permissive with email address validation: it only has to contain a single '@'
420
  - Display 404 error on group not found
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
421
  - Track project import failure
422
  - Support Two-factor Authentication for LDAP users
423
  - Display database type and version in Administration dashboard
424
  - Allow limited Markdown in Broadcast Messages
425
  - Fix visibility level text in admin area (Zeger-Jan van de Weg)
Robert Speicher's avatar
Robert Speicher committed
426
  - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
Robert Speicher's avatar
Robert Speicher committed
427
  - Update the ExternalIssue regex pattern (Blake Hitchcock)
Robert Speicher's avatar
Robert Speicher committed
428
  - Remember user's inline/side-by-side diff view preference in a cookie (Kirill Katsnelson)
429
  - Optimized performance of finding issues to be closed by a merge request
430 431 432 433 434
  - Add `avatar_url`, `description`, `git_ssh_url`, `git_http_url`, `path_with_namespace`
    and `default_branch` in `project` in push, issue, merge-request and note webhooks data (Kirill Zaitsev)
  - Deprecate the `ssh_url` in favor of `git_ssh_url` and `http_url` in favor of `git_http_url`
    in `project` for push, issue, merge-request and note webhooks data (Kirill Zaitsev)
  - Deprecate the `repository` key in push, issue, merge-request and note webhooks data, use `project` instead (Kirill Zaitsev)
435
  - API: Expose MergeRequest#merge_status (Andrei Dziahel)
436
  - Revert "Add IP check against DNSBLs at account sign-up"
437
  - Actually use the `skip_merges` option in Repository#commits (Tony Chu)
438
  - Fix API to keep request parameters in Link header (Michael Potthoff)
439 440
  - Deprecate API "merge_request/:merge_request_id/comments". Use "merge_requests/:merge_request_id/notes" instead
  - Deprecate API "merge_request/:merge_request_id/...". Use "merge_requests/:merge_request_id/..." instead
James Lopez's avatar
James Lopez committed
441
  - Prevent parse error when name of project ends with .atom and prevent path issues
442
  - Discover branches for commit statuses ref-less when doing merge when succeeded
443
  - Mark inline difference between old and new paths when a file is renamed
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
444
  - Support Akismet spam checking for creation of issues via API (Stan Hu)
445
  - API: Allow to set or update a merge-request's milestone (Kirill Skachkov)
446
  - Improve UI consistency between projects and groups lists
447
  - Add sort dropdown to dashboard projects page
448
  - Fixed logo animation on Safari (Roman Rott)
449
  - Fix Merge When Succeeded when multiple stages
450
  - Hide remove source branch button when the MR is merged but new commits are pushed (Zeger-Jan van de Weg)
451
  - In seach autocomplete show only groups and projects you are member of
James Lopez's avatar
James Lopez committed
452
  - Don't process cross-reference notes from forks
453
  - Fix: init.d script not working on OS X
Valery Sizov's avatar
Valery Sizov committed
454
  - Faster snippet search
455
  - Added API to download build artifacts
456
  - Title for milestones should be unique (Zeger-Jan van de Weg)
457
  - Validate correctness of maximum attachment size application setting
458
  - Replaces "Create merge request" link with one to the "Merge Request" when one exists
459
  - Fix CI builds badge, add a new link to builds badge, deprecate the old one
460
  - Fix broken link to project in build notification emails
461
  - Ability to see and sort on vote count from Issues and MR lists
462
  - Fix builds scheduler when first build in stage was allowed to fail
463
  - User project limit is reached notice is hidden if the projects limit is zero
Tomasz Maczukin's avatar
Tomasz Maczukin committed
464
  - Add API support for managing runners and project's runners
465 466 467
  - Allow SAML users to login with no previous account without having to allow
    all Omniauth providers to do so.
  - Allow existing users to auto link their SAML credentials by logging in via SAML
468
  - Make it possible to erase a build (trace, artifacts) using UI and API
Rubén Dávila's avatar
Rubén Dávila committed
469
  - Ability to revert changes from a Merge Request or Commit
470
  - Emoji comment on diffs are not award emoji
Tap's avatar
Tap committed
471 472
  - Add label description (Nuttanart Pornprasitsakul)
  - Show label row when filtering issues or merge requests by label (Nuttanart Pornprasitsakul)
473
  - Add Todos
474

475 476 477 478 479 480 481 482 483 484 485
v 8.4.10
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

486 487 488
v 8.4.9
  - Fix persistent XSS vulnerability in `commit_person_link` helper

489 490 491
v 8.4.8
  - Fix a 2FA authentication spoofing vulnerability.

492 493 494 495 496 497
v 8.4.7
  - Don't attempt to fetch any tags from a forked repo (Stan Hu).

v 8.4.6
  - Bump Git version requirement to 2.7.4

Robert Speicher's avatar
Robert Speicher committed
498 499 500
v 8.4.5
  - No CE-specific changes

Robert Speicher's avatar
Robert Speicher committed
501 502
v 8.4.4
  - Update omniauth-saml gem to 1.4.2
Robert Speicher's avatar
Robert Speicher committed
503 504
  - Prevent long-running backup tasks from timing out the database connection
  - Add a Project setting to allow guests to view build logs (defaults to true)
505
  - Sort project milestones by due date including issue editor (Oliver Rogers / Orih)
Robert Speicher's avatar
Robert Speicher committed
506

507
v 8.4.3
Robert Speicher's avatar
Robert Speicher committed
508 509 510 511 512 513
  - Increase lfs_objects size column to 8-byte integer to allow files larger
    than 2.1GB
  - Correctly highlight MR diff when MR has merge conflicts
  - Fix highlighting in blame view
  - Update sentry-raven gem to prevent "Not a git repository" console output
    when running certain commands
Robert Speicher's avatar
Robert Speicher committed
514 515 516
  - Add instrumentation to additional Gitlab::Git and Rugged methods for
    performance monitoring
  - Allow autosize textareas to also be manually resized
517

Robert Speicher's avatar
Robert Speicher committed
518
v 8.4.2
Robert Speicher's avatar
Robert Speicher committed
519 520 521
  - Bump required gitlab-workhorse version to bring in a fix for missing
    artifacts in the build artifacts browser
  - Get rid of those ugly borders on the file tree view
522
  - Fix updating the runner information when asking for builds
Robert Speicher's avatar
Robert Speicher committed
523 524 525 526
  - Bump gitlab_git version to 7.2.24 in order to bring in a performance
    improvement when checking if a repository was empty
  - Add instrumentation for Gitlab::Git::Repository instance methods so we can
    track them in Performance Monitoring.
Robert Speicher's avatar
Robert Speicher committed
527
  - Increase contrast between highlighted code comments and inline diff marker
528
  - Fix method undefined when using external commit status in builds
Douwe Maan's avatar
Douwe Maan committed
529
  - Fix highlighting in blame view.
530

Robert Speicher's avatar
Robert Speicher committed
531 532 533 534 535
v 8.4.1
  - Apply security updates for Rails (4.2.5.1), rails-html-sanitizer (1.0.3),
    and Nokogiri (1.6.7.2)
  - Fix redirect loop during import
  - Fix diff highlighting for all syntax themes
Josh Frye's avatar
Josh Frye committed
536
  - Delete project and associations in a background worker
Robert Speicher's avatar
Robert Speicher committed
537

538
v 8.4.0
539
  - Allow LDAP users to change their email if it was not set by the LDAP server
540
  - Ensure Gravatar host looks like an actual host
541
  - Consider re-assign as a mention from a notification point of view
542
  - Add pagination headers to already paginated API resources
543
  - Properly generate diff of orphan commits, like the first commit in a repository
544
  - Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages
Robert Speicher's avatar
Robert Speicher committed
545 546 547
  - Autocomplete data is now always loaded, instead of when focusing a comment text area
  - Improved performance of finding issues for an entire group
  - Added custom application performance measuring system powered by InfluxDB
Robert Speicher's avatar
Robert Speicher committed
548
  - Add syntax highlighting to diffs
549
  - Gracefully handle invalid UTF-8 sequences in Markdown links (Stan Hu)
Stan Hu's avatar
Stan Hu committed
550
  - Bump fog to 1.36.0 (Stan Hu)
551
  - Add user's last used IP addresses to admin page (Stan Hu)
552
  - Add housekeeping function to project settings page
553
  - The default GitLab logo now acts as a loading indicator
554
  - Fix caching issue where build status was not updating in project dashboard (Stan Hu)
ashleys's avatar
ashleys committed
555
  - Accept 2xx status codes for successful Webhook triggers (Stan Hu)
556
  - Fix missing date of month in network graph when commits span a month (Stan Hu)
557
  - Expire view caches when application settings change (e.g. Gravatar disabled) (Stan Hu)
558
  - Don't notify users twice if they are both project watchers and subscribers (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
559
  - Remove gray background from layout in UI
560
  - Fix signup for OAuth providers that don't provide a name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
561
  - Implement new UI for group page
Valery Sizov's avatar
Valery Sizov committed
562
  - Implement search inside emoji picker
563
  - Let the CI runner know about builds that this build depends on
564
  - Add API support for looking up a user by username (Stan Hu)
565
  - Add project permissions to all project API endpoints (Stan Hu)
Douwe Maan's avatar
Douwe Maan committed
566
  - Link to milestone in "Milestone changed" system note
567
  - Only allow group/project members to mention `@all`
Robert Speicher's avatar
Robert Speicher committed
568
  - Expose Git's version in the admin area (Trey Davis)
569
  - Add "Frequently used" category to emoji picker
570
  - Add CAS support (tduehr)
Robert Speicher's avatar
Robert Speicher committed
571
  - Add link to merge request on build detail page
572
  - Fix: Problem with projects ending with .keys (Jose Corcuera)
573
  - Revert back upvote and downvote button to the issue and MR pages
Robert Speicher's avatar
Robert Speicher committed
574
  - Swap position of Assignee and Author selector on Issuables (Zeger-Jan van de Weg)
575
  - Add system hook messages for project rename and transfer (Steve Norman)
576
  - Fix version check image in Safari
577
  - Show 'All' tab by default in the builds page
578
  - Add Open Graph and Twitter Card data to all pages
579
  - Fix API project lookups when querying with a namespace with dots (Stan Hu)
580
  - Enable forcing Two-factor authentication sitewide, with optional grace period
Robert Speicher's avatar
Robert Speicher committed
581 582
  - Import GitHub Pull Requests into GitLab
  - Change single user API endpoint to return more detailed data (Michael Potthoff)
583
  - Update version check images to use SVG
584
  - Validate README format before displaying
585
  - Enable Microsoft Azure OAuth2 support (Janis Meybohm)
586
  - Properly set task-list class on single item task lists
587
  - Add file finder feature in tree view (Kyungchul Shin)
588
  - Ajax filter by message for commits page
Robert Schilling's avatar
Robert Schilling committed
589
  - API: Add support for deleting a tag via the API (Robert Schilling)
590
  - Allow subsequent validations in CI Linter
591
  - Show referenced MRs & Issues only when the current viewer can access them
Jason Lee's avatar
Jason Lee committed
592
  - Fix Encoding::CompatibilityError bug when markdown content has some complex URL (Jason Lee)
Tomasz Maczukin's avatar
Tomasz Maczukin committed
593
  - Add API support for managing project's builds
Tomasz Maczukin's avatar
Tomasz Maczukin committed
594
  - Add API support for managing project's build triggers
Tomasz Maczukin's avatar
Tomasz Maczukin committed
595
  - Add API support for managing project's build variables
Robert Speicher's avatar
Robert Speicher committed
596
  - Allow broadcast messages to be edited
Robert Speicher's avatar
Robert Speicher committed
597
  - Autosize Markdown textareas
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
598
  - Import GitHub wiki into GitLab
599
  - Add reporters ability to download and browse build artifacts (Andrew Johnson)
Robert Speicher's avatar
Robert Speicher committed
600
  - Autofill referring url in message box when reporting user abuse.
601
  - Remove leading comma on award emoji when the user is the first to award the emoji (Zeger-Jan van de Weg)
602 603
  - Add build artifacts browser
  - Improve UX in builds artifacts browser
Robert Speicher's avatar
Robert Speicher committed
604
  - Increase default size of `data` column in `events` table when using MySQL
605
  - Expose button to CI Lint tool on project builds page
606
  - Fix: Creator should be added as a master of the project on creation
Robert Speicher's avatar
Robert Speicher committed
607
  - Added X-GitLab-... headers to emails from CI and Email On Push services (Anton Baklanov)
608
  - Add IP check against DNSBLs at account sign-up
609
  - Added cache:key to .gitlab-ci.yml allowing to fine tune the caching
610

611 612 613 614 615 616 617 618 619
v 8.3.9
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

620 621 622
v 8.3.8
  - Fix persistent XSS vulnerability in `commit_person_link` helper

623 624 625
v 8.3.7
  - Fix a 2FA authentication spoofing vulnerability.

626 627 628 629 630 631
v 8.3.6
  - Don't attempt to fetch any tags from a forked repo (Stan Hu).

v 8.3.5
  - Bump Git version requirement to 2.7.4

Jacob Vosmaer's avatar
Jacob Vosmaer committed
632 633 634
v 8.3.4
  - Use gitlab-workhorse 0.5.4 (fixes API routing bug)

Robert Speicher's avatar
Robert Speicher committed
635
v 8.3.3
636
  - Preserve CE behavior with JIRA integration by only calling API if URL is set
637
  - Fix duplicated branch creation/deletion events when using Web UI (Stan Hu)
638
  - Add configurable LDAP server query timeout
639
  - Get "Merge when build succeeds" to work when commits were pushed to MR target branch while builds were running
640
  - Suppress e-mails on failed builds if allow_failure is set (Stan Hu)
641
  - Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
642
  - Better support for referencing and closing issues in Asana service (Mike Wyatt)
Robert Speicher's avatar
Robert Speicher committed
643
  - Enable "Add key" button when user fills in a proper key (Stan Hu)
644
  - Fix error in processing reply-by-email messages (Jason Lee)
645
  - Fix Error 500 when visiting build page of project with nil runners_token (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
646
  - Use WOFF versions of SourceSansPro fonts
647
  - Fix regression when builds were not generated for tags created through web/api interface
648
  - Fix: maintain milestone filter between Open and Closed tabs (Greg Smethells)
649
  - Fix missing artifacts and build traces for build created before 8.3
650

Robert Speicher's avatar
Robert Speicher committed
651
v 8.3.2
652
  - Disable --follow in `git log` to avoid loading duplicate commit data in infinite scroll (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
653
  - Add support for Google reCAPTCHA in user registration
654

655
v 8.3.1
656
  - Fix Error 500 when global milestones have slashes (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
657 658 659
  - Fix Error 500 when doing a search in dashboard before visiting any project (Stan Hu)
  - Fix LDAP identity and user retrieval when special characters are used
  - Move Sidekiq-cron configuration to gitlab.yml
660

Robert Speicher's avatar
Robert Speicher committed
661
v 8.3.0
662
  - Bump rack-attack to 4.3.1 for security fix (Stan Hu)
663
  - API support for starred projects for authorized user (Zeger-Jan van de Weg)
Stan Hu's avatar
Stan Hu committed
664
  - Add open_issues_count to project API (Stan Hu)
Stan Hu's avatar
Stan Hu committed
665
  - Expand character set of usernames created by Omniauth (Corey Hinshaw)
Douwe Maan's avatar
Douwe Maan committed
666
  - Add button to automatically merge a merge request when the build succeeds (Zeger-Jan van de Weg)
667
  - Add unsubscribe link in the email footer (Zeger-Jan van de Weg)
668
  - Provide better diagnostic message upon project creation errors (Stan Hu)
669
  - Bump devise to 3.5.3 to fix reset token expiring after account creation (Stan Hu)
Kamil Trzcinski's avatar
Kamil Trzcinski committed
670 671
  - Remove api credentials from link to build_page
  - Deprecate GitLabCiService making it to always be inactive
672
  - Bump gollum-lib to 4.1.0 (Stan Hu)
Stan Hu's avatar
Stan Hu committed
673
  - Fix broken group avatar upload under "New group" (Stan Hu)
674
  - Update project repositorize size and commit count during import:repos task (Stan Hu)
675
  - Fix API setting of 'public' attribute to false will make a project private (Stan Hu)
ashleys's avatar
ashleys committed
676
  - Handle and report SSL errors in Webhook test (Stan Hu)
677
  - Bump Redis requirement to 2.8 for Sidekiq 4 (Stan Hu)
678
  - Fix: Assignee selector is empty when 'Unassigned' is selected (Jose Corcuera)
679
  - WIP identifier on merge requests no longer requires trailing space
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
680
  - Add rake tasks for git repository maintainance (Zeger-Jan van de Weg)
681
  - Fix 500 error when update group member permission
682
  - Fix: As an admin, cannot add oneself as a member to a group/project
683
  - Trim leading and trailing whitespace of milestone and issueable titles (Jose Corcuera)
Douwe Maan's avatar
Douwe Maan committed
684
  - Recognize issue/MR/snippet/commit links as references
Drew Blessing's avatar
Drew Blessing committed
685
  - Backport JIRA features from EE to CE
686
  - Add ignore whitespace change option to commit view
Valery Sizov's avatar
Valery Sizov committed
687
  - Fire update hook from GitLab
Drew Blessing's avatar
Drew Blessing committed
688
  - Allow account unlock via email
689
  - Style warning about mentioning many people in a comment
Greg Smethells's avatar
Greg Smethells committed
690
  - Fix: sort milestones by due date once again (Greg Smethells)
691
  - Migrate all CI::Services and CI::WebHooks to Services and WebHooks
692
  - Don't show project fork event as "imported"
693
  - Add API endpoint to fetch merge request commits list
694
  - Don't create CI status for refs that doesn't have .gitlab-ci.yml, even if the builds are enabled
695
  - Expose events API with comment information and author info
696
  - Fix: Ensure "Remove Source Branch" button is not shown when branch is being deleted. #3583
Douwe Maan's avatar
Douwe Maan committed
697
  - Run custom Git hooks when branch is created or deleted.
698
  - Fix bug when simultaneously accepting multiple MRs results in MRs that are of "merged" status, but not merged to the target branch
699
  - Add languages page to graphs
700
  - Block LDAP user when they are no longer found in the LDAP server
701
  - Improve wording on project visibility levels (Zeger-Jan van de Weg)
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
702
  - Fix editing notes on a merge request diff
703
  - Automatically select default clone protocol based on user preferences (Eirik Lygre)
704
  - Make Network page as sub tab of Commits
705
  - Add copy-to-clipboard button for Snippets
Douwe Maan's avatar
Douwe Maan committed
706 707 708 709 710 711 712
  - Add indication to merge request list item that MR cannot be merged automatically
  - Default target branch to patch-n when editing file in protected branch
  - Add Builds tab to merge request detail page
  - Allow milestones, issues and MRs to be created from dashboard and group indexes
  - Use new style for wiki
  - Use new style for milestone detail page
  - Fix sidebar tooltips when collapsed
713
  - Prevent possible XSS attack with award-emoji
Gabriel Mazetto's avatar
Gabriel Mazetto committed
714
  - Upgraded Sidekiq to 4.x
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
715
  - Accept COPYING,COPYING.lesser, and licence as license file (Zeger-Jan van de Weg)
Valery Sizov's avatar
Valery Sizov committed
716
  - Fix emoji aliases problem
Grzegorz Bizon's avatar
Grzegorz Bizon committed
717
  - Fix award-emojis Flash alert's width
718
  - Fix deleting notes on a merge request diff