CHANGELOG 142 KB
Newer Older
1 2
Please view this file on the master branch, on stable branches it's out of date.

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
3 4
v 8.9.0 (unreleased)

5 6
v 8.8.2 (unreleased)
  - Fix Error 500 when accessing application settings due to nil disabled OAuth sign-in sources
7
  - Fix Error 500 in CI charts by gracefully handling commits with no durations
8

Robert Speicher's avatar
Robert Speicher committed
9 10 11
v 8.8.1
  - Add documentation for the "Health Check" feature
  - Allow anonymous users to access a public project's pipelines
12
  - Fix MySQL compatibility in zero downtime migrations helpers
13
  - Fix the CI login to Container Registry (the gitlab-ci-token user)
14

Robert Speicher's avatar
Robert Speicher committed
15
v 8.8.0
Douwe Maan's avatar
Douwe Maan committed
16
  - Implement GFM references for milestones (Alejandro Rodríguez)
17
  - Snippets tab under user profile. !4001 (Long Nguyen)
18
  - Fix error when using link to uploads in global snippets
19
  - Fix Error 500 when attempting to retrieve project license when HEAD points to non-existent ref
Long Nguyen's avatar
Long Nguyen committed
20
  - Assign labels and milestone to target project when moving issue. !3934 (Long Nguyen)
21
  - Use a case-insensitive comparison in sanitizing URI schemes
22
  - Toggle sign-up confirmation emails in application settings
23
  - Make it possible to prevent tagged runner from picking untagged jobs
24 25
  - Added `InlineDiffFilter` to the markdown parser. (Adam Butler)
  - Added inline diff styling for `change_title` system notes. (Adam Butler)
26
  - Project#open_branches has been cleaned up and no longer loads entire records into memory.
27
  - Escape HTML in commit titles in system note messages
Kamil Trzcinski's avatar
Kamil Trzcinski committed
28
  - Fix scope used when accessing container registry
29
  - Fix creation of Ci::Commit object which can lead to pending, failed in some scenarios
30
  - Improve multiple branch push performance by memoizing permission checking
31
  - Log to application.log when an admin starts and stops impersonating a user
32
  - Changing the confidentiality of an issue now creates a new system note (Alex Moore-Niemi)
Yorick Peterse's avatar
Yorick Peterse committed
33 34
  - Updated gitlab_git to 10.1.0
  - GitAccess#protected_tag? no longer loads all tags just to check if a single one exists
35
  - Reduce delay in destroying a project from 1-minute to immediately
36
  - Make build status canceled if any of the jobs was canceled and none failed
Stan Hu's avatar
Stan Hu committed
37
  - Upgrade Sidekiq to 4.1.2
DJ Mountney's avatar
DJ Mountney committed
38
  - Added /health_check endpoint for checking service status
39
  - Make 'upcoming' filter for milestones work better across projects
40
  - Sanitize repo paths in new project error message
41
  - Bump mail_room to 0.7.0 to fix stuck IDLE connections
42
  - Remove future dates from contribution calendar graph.
43
  - Support e-mail notifications for comments on project snippets
44
  - Fix API leak of notes of unauthorized issues, snippets and merge requests
45
  - Use ActionDispatch Remote IP for Akismet checking
46
  - Fix error when visiting commit builds page before build was updated
Alfredo Sumaran's avatar
Alfredo Sumaran committed
47
  - Add 'l' shortcut to open Label dropdown on issuables and 'i' to create new issue on a project
48
  - Update SVG sanitizer to conform to SVG 1.1
49
  - Speed up push emails with multiple recipients by only generating the email once
Phil Hughes's avatar
Phil Hughes committed
50
  - Updated search UI
Kamil Trzcinski's avatar
Kamil Trzcinski committed
51
  - Added authentication service for Container Registry
52
  - Display informative message when new milestone is created
53
  - Sanitize milestones and labels titles
54
  - Support multi-line tag messages. !3833 (Calin Seciu)
55
  - Force users to reset their password after an admin changes it
56
  - Allow "NEWS" and "CHANGES" as alternative names for CHANGELOG. !3768 (Connor Shea)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
57
  - Added button to toggle whitespaces changes on diff view
58
  - Backport GitHub Enterprise import support from EE
59
  - Create tags using Rugged for performance reasons. !3745
Felipe Artur's avatar
Felipe Artur committed
60
  - Allow guests to set notification level in projects
61
  - API: Expose Issue#user_notes_count. !3126 (Anton Popov)
62
  - Don't show forks button when user can't view forks
63
  - Fix atom feed links and rendering
64
  - Files over 5MB can only be viewed in their raw form, files over 1MB without highlighting !3718
65
  - Add support for supressing text diffs using .gitattributes on the default branch (Matt Oakes)
66
  - Add eager load paths to help prevent dependency load issues in Sidekiq workers. !3724
Jacob Schatz's avatar
Jacob Schatz committed
67
  - Added multiple colors for labels in dropdowns when dups happen.
Sean McGivern's avatar
Sean McGivern committed
68
  - Show commits in the same order as `git log`
69
  - Improve description for the Two-factor Authentication sign-in screen. (Connor Shea)
70
  - API support for the 'since' and 'until' operators on commit requests (Paco Guzman)
71
  - Fix Gravatar hint in user profile when Gravatar is disabled. !3988 (Artem Sidorenko)
72
  - Expire repository exists? and has_visible_content? caches after a push if necessary
73
  - Fix unintentional filtering bug in Issue/MR sorted by milestone due (Takuya Noguchi)
74
  - Fix adding a todo for private group members (Ahmad Sherif)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
75
  - Bump ace-rails-ap gem version from 2.0.1 to 4.0.2 which upgrades Ace Editor from 1.1.2 to 1.2.3
76
  - Total method execution timings are no longer tracked
Andrei Gliga's avatar
Andrei Gliga committed
77
  - Allow Admins to remove the Login with buttons for OAuth services and still be able to import !4034. (Andrei Gliga)
78
  - Add API endpoints for un/subscribing from/to a label. !4051 (Ahmad Sherif)
79 80
  - Hide left sidebar on phone screens to give more space for content
  - Redesign navigation for profile and group pages
81
  - Add counter metrics for rails cache
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
82
  - Import pull requests from GitHub where the source or target branches were removed
83
  - All Grape API helpers are now instrumented
84
  - Improve Issue formatting for the Slack Service (Jeroen van Baarsen)
Ludovic Perrine's avatar
Ludovic Perrine committed
85
  - Fixed advice on invalid permissions on upload path !2948 (Ludovic Perrine)
86
  - Allows MR authors to have the source branch removed when merging the MR. !2801 (Jeroen Jacobs)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
87
  - When creating a .gitignore file a dropdown with templates will be provided
88

89 90
v 8.7.6
  - Fix links on wiki pages for relative url setups. !4131 (Artem Sidorenko)
Rémy Coutable's avatar
Rémy Coutable committed
91 92
  - Fix import from GitLab.com to a private instance failure. !4181
  - Fix external imports not finding the import data. !4106
James Lopez's avatar
James Lopez committed
93

Timothy Andrew's avatar
Timothy Andrew committed
94 95
v 8.7.5
  - Fix relative links in wiki pages. !4050
Yorick Peterse's avatar
Yorick Peterse committed
96 97
  - Fix always showing build notification message when switching between merge requests !4086
  - Fix an issue when filtering merge requests with more than one label. !3886
98
  - Fix short note for the default scope on build page (Takuya Noguchi)
Timothy Andrew's avatar
Timothy Andrew committed
99

100
v 8.7.4
101 102 103 104 105 106 107
  - Links for Redmine issue references are generated correctly again !4048 (Benedikt Huss)
  - Fix setting trusted proxies !3970
  - Fix BitBucket importer bug when throwing exceptions !3941
  - Use sign out path only if not empty !3989
  - Running rake gitlab:db:drop_tables now drops tables with cascade !4020
  - Running rake gitlab:db:drop_tables uses "IF EXISTS" as a precaution !4100
  - Use a case-insensitive comparison in sanitizing URI schemes
108

109 110
v 8.7.3
  - Emails, Gitlab::Email::Message, Gitlab::Diff, and Premailer::Adapter::Nokogiri are now instrumented
111
  - Merge request widget displays TeamCity build state and code coverage correctly again.
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
112
  - Fix the line code when importing PR review comments from GitHub. !4010
113
  - Wikis are now initialized on legacy projects when checking repositories
114
  - Remove animate.css in favor of a smaller subset of animations. !3937 (Connor Shea)
115

Yorick Peterse's avatar
Yorick Peterse committed
116
v 8.7.2
117
  - The "New Branch" button is now loaded asynchronously
118
  - Fix error 500 when trying to create a wiki page
Yorick Peterse's avatar
Yorick Peterse committed
119
  - Updated spacing between notification label and button
120
  - Label titles in filters are now escaped properly
121 122

v 8.7.1
123
  - Throttle the update of `project.last_activity_at` to 1 minute. !3848
124 125 126
  - Fix .gitlab-ci.yml parsing issue when hidde job is a template without script definition. !3849
  - Fix license detection to detect all license files, not only known licenses. !3878
  - Use the `can?` helper instead of `current_user.can?`. !3882
127
  - Prevent users from deleting Webhooks via API they do not own
128
  - Fix Error 500 due to stale cache when projects are renamed or transferred
129
  - Update width of search box to fix Safari bug. !3900 (Jedidiah)
130
  - Use the `can?` helper instead of `current_user.can?`
131 132

v 8.7.0
133
  - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented
134
  - Fix vulnerability that made it possible to gain access to private labels and milestones
135
  - The number of InfluxDB points stored per UDP packet can now be configured
136
  - Fix error when cross-project label reference used with non-existent project
137
  - Transactions for /internal/allowed now have an "action" tag set
138
  - Method instrumentation now uses Module#prepend instead of aliasing methods
139
  - Repository.clean_old_archives is now instrumented
140
  - Add support for environment variables on a job level in CI configuration file
141
  - SQL query counts are now tracked per transaction
Rémy Coutable's avatar
Rémy Coutable committed
142 143 144 145
  - The Projects::HousekeepingService class has extra instrumentation
  - All service classes (those residing in app/services) are now instrumented
  - Developers can now add custom tags to transactions
  - Loading of an issue's referenced merge requests and related branches is now done asynchronously
146
  - Enable gzip for assets, makes the page size significantly smaller. !3544 / !3632 (Connor Shea)
Robert Speicher's avatar
Robert Speicher committed
147
  - Add support to cherry-pick any commit into any branch in the web interface (Minqi Pan)
Rémy Coutable's avatar
Rémy Coutable committed
148
  - Project switcher uses new dropdown styling
149
  - Load award emoji images separately unless opening the full picker. Saves several hundred KBs of data for most pages. (Connor Shea)
150
  - Do not include award_emojis in issue and merge_request comment_count !3610 (Lucas Charles)
Felipe Artur's avatar
Felipe Artur committed
151
  - Restrict user profiles when public visibility level is restricted.
Rémy Coutable's avatar
Rémy Coutable committed
152
  - Add ability set due date to issues, sort and filter issues by due date (Mehmet Beydogan)
153
  - All images in discussions and wikis now link to their source files !3464 (Connor Shea).
154
  - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu)
155
  - Add setting for customizing the list of trusted proxies !3524
Felipe Artur's avatar
Felipe Artur committed
156
  - Allow projects to be transfered to a lower visibility level group
157
  - Fix `signed_in_ip` being set to 127.0.0.1 when using a reverse proxy !3524
Rémy Coutable's avatar
Rémy Coutable committed
158
  - Improved Markdown rendering performance !3389
159
  - Make shared runners text in box configurable
160
  - Don't attempt to look up an avatar in repo if repo directory does not exist (Stan Hu)
161
  - API: Ability to subscribe and unsubscribe from issues and merge requests (Robert Schilling)
162
  - Expose project badges in project settings
163
  - Make /profile/keys/new redirect to /profile/keys for back-compat. !3717
164
  - Preserve time notes/comments have been updated at when moving issue
Rémy Coutable's avatar
Rémy Coutable committed
165
  - Make HTTP(s) label consistent on clone bar (Stan Hu)
166
  - Add support for `after_script`, requires Runner 1.2 (Kamil Trzciński)
167
  - Expose label description in API (Mariusz Jachimowicz)
168
  - API: Ability to update a group (Robert Schilling)
169
  - API: Ability to move issues (Robert Schilling)
170
  - Fix Error 500 after renaming a project path (Stan Hu)
171
  - Fix a bug whith trailing slash in teamcity_url (Charles May)
172
  - Allow back dating on issues when created or updated through the API
173
  - Allow back dating on issue notes when created through the API
174 175
  - Propose license template when creating a new LICENSE file
  - API: Expose /licenses and /licenses/:key
Alfredo Sumaran's avatar
Alfredo Sumaran committed
176
  - Fix avatar stretching by providing a cropping feature
177
  - API: Expose `subscribed` for issues and merge requests (Robert Schilling)
Patricio Cano's avatar
Patricio Cano committed
178
  - Allow SAML to handle external users based on user's information !3530
Patricio Cano's avatar
Patricio Cano committed
179
  - Allow Omniauth providers to be marked as `external` !3657
180
  - Add endpoints to archive or unarchive a project !3372
181
  - Fix a bug whith trailing slash in bamboo_url
182
  - Add links to CI setup documentation from project settings and builds pages
183
  - Display project members page to all members
184
  - Handle nil descriptions in Slack issue messages (Stan Hu)
185
  - Add automated repository integrity checks (OFF by default)
Robert Schilling's avatar
Robert Schilling committed
186
  - API: Expose open_issues_count, closed_issues_count, open_merge_requests_count for labels (Robert Schilling)
187
  - API: Ability to star and unstar a project (Robert Schilling)
188
  - Add default scope to projects to exclude projects pending deletion
189
  - Allow to close merge requests which source projects(forks) are deleted.
190
  - Ensure empty recipients are rejected in BuildsEmailService
P.S.V.R's avatar
P.S.V.R committed
191
  - Use rugged to change HEAD in Project#change_head (P.S.V.R)
192
  - API: Ability to filter milestones by state `active` and `closed` (Robert Schilling)
193
  - API: Fix milestone filtering by `iid` (Robert Schilling)
194
  - Make before_script and after_script overridable on per-job (Kamil Trzciński)
Robert Schilling's avatar
Robert Schilling committed
195
  - API: Delete notes of issues, snippets, and merge requests (Robert Schilling)
196
  - Implement 'Groups View' as an option for dashboard preferences !3379 (Elias W.)
Felipe Artur's avatar
Felipe Artur committed
197
  - Better errors handling when creating milestones inside groups
198
  - Fix high CPU usage when PostReceive receives refs/merge-requests/<id>
199
  - Hide `Create a group` help block when creating a new project in a group
200
  - Implement 'TODOs View' as an option for dashboard preferences !3379 (Elias W.)
201
  - Allow issues and merge requests to be assigned to the author !2765
Kamil Trzcinski's avatar
Kamil Trzcinski committed
202
  - Make Ci::Commit to group only similar builds and make it stateful (ref, tag)
203
  - Gracefully handle notes on deleted commits in merge requests (Stan Hu)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
204
  - Decouple membership and notifications
205
  - Fix creation of merge requests for orphaned branches (Stan Hu)
Robert Schilling's avatar
Robert Schilling committed
206
  - API: Ability to retrieve a single tag (Robert Schilling)
207
  - While signing up, don't persist the user password across form redisplays
Rémy Coutable's avatar
Rémy Coutable committed
208
  - Fall back to `In-Reply-To` and `References` headers when sub-addressing is not available (David Padilla)
209
  - Remove "Congratulations!" tweet button on newly-created project. (Connor Shea)
PotHix's avatar
PotHix committed
210
  - Fix admin/projects when using visibility levels on search (PotHix)
211
  - Build status notifications
Phil Hughes's avatar
Phil Hughes committed
212
  - Update email confirmation interface
Robert Schilling's avatar
Robert Schilling committed
213
  - API: Expose user location (Robert Schilling)
214
  - API: Do not leak group existence via return code (Robert Schilling)
Jacob Schatz's avatar
Jacob Schatz committed
215
  - ClosingIssueExtractor regex now also works with colons. e.g. "Fixes: #1234" !3591
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
216
  - Update number of Todos in the sidebar when it's marked as "Done". !3600
Timothy Andrew's avatar
Timothy Andrew committed
217
  - Sanitize branch names created for confidential issues
218
  - API: Expose 'updated_at' for issue, snippet, and merge request notes (Robert Schilling)
219
  - API: User can leave a project through the API when not master or owner. !3613
220
  - Fix repository cache invalidation issue when project is recreated with an empty repo (Stan Hu)
221
  - Fix: Allow empty recipients list for builds emails service when pushed is added (Frank Groeneveld)
Phil Hughes's avatar
Phil Hughes committed
222
  - Improved markdown forms
223 224 225
  - Diff design updates (colors, button styles, etc)
  - Copying and pasting a diff no longer pastes the line numbers or +/-
  - Add null check to formData when updating profile content to fix Firefox bug
Arinde Eniola's avatar
Arinde Eniola committed
226
  - Disable spellcheck and autocorrect for username field in admin page
Robert Schilling's avatar
Robert Schilling committed
227
  - Delete tags using Rugged for performance reasons (Robert Schilling)
Sebastian Klier's avatar
Sebastian Klier committed
228
  - Add Slack notifications when Wiki is edited (Sebastian Klier)
Phil Hughes's avatar
Phil Hughes committed
229 230
  - Diffs load at the correct point when linking from from number
  - Selected diff rows highlight
Valery Sizov's avatar
Valery Sizov committed
231
  - Fix emoji categories in the emoji picker
232
  - API: Properly display annotated tags for GET /projects/:id/repository/tags (Robert Schilling)
James Lopez's avatar
James Lopez committed
233
  - Add encrypted credentials for imported projects and migrate old ones
234
  - Properly format all merge request references with ! rather than # !3740 (Ben Bodenmiller)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
235
  - Author and participants are displayed first on users autocompletion
BaldinoF's avatar
BaldinoF committed
236
  - Show number sign on external issue reference text (Florent Baldino)
Phil Hughes's avatar
Phil Hughes committed
237
  - Updated print style for issues
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
238
  - Use GitHub Issue/PR number as iid to keep references
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
239
  - Import GitHub labels
Alfredo Sumaran's avatar
Alfredo Sumaran committed
240
  - Add option to filter by "Owned projects" on dashboard page
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
241
  - Import GitHub milestones
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
242
  - Execute system web hooks on push to the project
243
  - Allow enable/disable push events for system hooks
244
  - Fix GitHub project's link in the import page when provider has a custom URL
Tomasz Maczukin's avatar
Tomasz Maczukin committed
245
  - Add RAW build trace output and button on build page
Tomasz Maczukin's avatar
Tomasz Maczukin committed
246
  - Add incremental build trace update into CI API
Rémy Coutable's avatar
Rémy Coutable committed
247

248 249 250 251 252 253 254 255 256 257 258 259 260
v 8.6.8
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent XSS via label drop-down
  - Prevent information disclosure via milestone API
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

261
v 8.6.7
Robert Speicher's avatar
Robert Speicher committed
262 263
  - Fix persistent XSS vulnerability in `commit_person_link` helper
  - Fix persistent XSS vulnerability in Label and Milestone dropdowns
264 265
  - Fix vulnerability that made it possible to enumerate private projects belonging to group

266
v 8.6.6
Rémy Coutable's avatar
Rémy Coutable committed
267 268 269
  - Expire the exists cache before deletion to ensure project dir actually exists (Stan Hu). !3413
  - Fix error on language detection when repository has no HEAD (e.g., master branch) (Jeroen Bobbeldijk). !3654
  - Fix revoking of authorized OAuth applications (Connor Shea). !3690
Jeroen Bobbeldijk's avatar
Jeroen Bobbeldijk committed
270
  - Fix error on language detection when repository has no HEAD (e.g., master branch). !3654 (Jeroen Bobbeldijk)
Phil Hughes's avatar
Phil Hughes committed
271 272
  - Issuable header is consistent between issues and merge requests
  - Improved spacing in issuable header on mobile
273

274 275 276 277 278 279 280 281
v 8.6.5
  - Fix importing from GitHub Enterprise. !3529
  - Perform the language detection after updating merge requests in `GitPushService`, leading to faster visual feedback for the end-user. !3533
  - Check permissions when user attempts to import members from another project. !3535
  - Only update repository language if it is not set to improve performance. !3556
  - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu). !3583
  - Unblock user when active_directory is disabled and it can be found !3550
  - Fix a 2FA authentication spoofing vulnerability.
282

Rémy Coutable's avatar
Rémy Coutable committed
283 284
v 8.6.4
  - Don't attempt to fetch any tags from a forked repo (Stan Hu)
285
  - Redesign the Labels page
Rémy Coutable's avatar
Rémy Coutable committed
286

Rémy Coutable's avatar
Rémy Coutable committed
287 288
v 8.6.3
  - Mentions on confidential issues doesn't create todos for non-members. !3374
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
289 290
  - Destroy related todos when an Issue/MR is deleted. !3376
  - Fix error 500 when target is nil on todo list. !3376
Rémy Coutable's avatar
Rémy Coutable committed
291 292 293 294
  - Fix copying uploads when moving issue to another project. !3382
  - Ensuring Merge Request API returns boolean values for work_in_progress (Abhi Rao). !3432
  - Fix raw/rendered diff producing different results on merge requests. !3450
  - Fix commit comment alignment (Stan Hu). !3466
295
  - Fix Error 500 when searching for a comment in a project snippet. !3468
Rémy Coutable's avatar
Rémy Coutable committed
296 297 298
  - Allow temporary email as notification email. !3477
  - Fix issue with dropdowns not selecting values. !3478
  - Update gitlab-shell version and doc to 2.6.12. gitlab-org/gitlab-ee!280
299

Rémy Coutable's avatar
Rémy Coutable committed
300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320
v 8.6.2
  - Fix dropdown alignment. !3298
  - Fix issuable sidebar overlaps on tablet. !3299
  - Make dropdowns pixel perfect. !3337
  - Fix order of steps to prevent PostgreSQL errors when running migration. !3355
  - Fix bold text in issuable sidebar. !3358
  - Fix error with anonymous token in applications settings. !3362
  - Fix the milestone 'upcoming' filter. !3364 + !3368
  - Fix comments on confidential issues showing up in activity feed to non-members. !3375
  - Fix `NoMethodError` when visiting CI root path at `/ci`. !3377
  - Add a tooltip to new branch button in issue page. !3380
  - Fix an issue hiding the password form when signed-in with a linked account. !3381
  - Add links to CI setup documentation from project settings and builds pages. !3384
  - Fix an issue with width of project select dropdown. !3386
  - Remove redundant `require`s from Banzai files. !3391
  - Fix error 500 with cancel button on issuable edit form. !3392 + !3417
  - Fix background when editing a highlighted note. !3423
  - Remove tabstop from the WIP toggle links. !3426
  - Ensure private project snippets are not viewable by unauthorized people.
  - Gracefully handle notes on deleted commits in merge requests (Stan Hu). !3402
  - Fixed issue with notification settings not saving. !3452
321

Rémy Coutable's avatar
Rémy Coutable committed
322 323 324 325 326 327 328 329 330 331 332 333 334 335
v 8.6.1
  - Add option to reload the schema before restoring a database backup. !2807
  - Display navigation controls on mobile. !3214
  - Fixed bug where participants would not work correctly on merge requests. !3329
  - Fix sorting issues by votes on the groups issues page results in SQL errors. !3333
  - Restrict notifications for confidential issues. !3334
  - Do not allow to move issue if it has not been persisted. !3340
  - Add a confirmation step before deleting an issuable. !3341
  - Fixes issue with signin button overflowing on mobile. !3342
  - Auto collapses the navigation sidebar when resizing. !3343
  - Fix build dependencies, when the dependency is a string. !3344
  - Shows error messages when trying to create label in dropdown menu. !3345
  - Fixes issue with assign milestone not loading milestone list. !3346
  - Fix an issue causing the Dashboard/Milestones page to be blank. !3348
Rémy Coutable's avatar
Rémy Coutable committed
336 337

v 8.6.0
338
  - Add ability to move issue to another project
James Lopez's avatar
James Lopez committed
339
  - Prevent tokens in the import URL to be showed by the UI
340
  - Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu)
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
341
  - Add confidential issues
Stan Hu's avatar
Stan Hu committed
342
  - Bump gitlab_git to 9.0.3 (Stan Hu)
343
  - Fix diff image view modes (2-up, swipe, onion skin) not working (Stan Hu)
344
  - Support Golang subpackage fetching (Stan Hu)
Stan Hu's avatar
Stan Hu committed
345
  - Bump Capybara gem to 2.6.2 (Stan Hu)
346
  - New branch button appears on issues where applicable
347
  - Contributions to forked projects are included in calendar
348
  - Improve the formatting for the user page bio (Connor Shea)
349
  - Easily (un)mark merge request as WIP using link
350
  - Use specialized system notes when MR is (un)marked as WIP
351 352 353
  - Removed the default password from the initial admin account created during
    setup. A password can be provided during setup (see installation docs), or
    GitLab will ask the user to create a new one upon first visit.
James Lopez's avatar
James Lopez committed
354
  - Fix issue when pushing to projects ending in .wiki
Rémy Coutable's avatar
Rémy Coutable committed
355
  - Properly display YAML front matter in Markdown
356
  - Add support for wiki with UTF-8 page names (Hiroyuki Sato)
357
  - Fix wiki search results point to raw source (Hiroyuki Sato)
358
  - Don't load all of GitLab in mail_room
Rémy Coutable's avatar
Rémy Coutable committed
359
  - Add information about `image` and `services` field at `job` level in the `.gitlab-ci.yml` documentation (Pat Turner)
360
  - HTTP error pages work independently from location and config (Artem Sidorenko)
361
  - Update `omniauth-saml` to 1.5.0 to allow for custom response attributes to be set
362
  - Memoize @group in Admin::GroupsController (Yatish Mehta)
363
  - Indicate how much an MR diverged from the target branch (Pierre de La Morinerie)
364
  - Added omniauth-auth0 Gem (Daniel Carraro)
365
  - Add label description in tooltip to labels in issue index and sidebar
366
  - Strip leading and trailing spaces in URL validator (evuez)
367
  - Add "last_sign_in_at" and "confirmed_at" to GET /users/* API endpoints for admins (evuez)
368
  - Return empty array instead of 404 when commit has no statuses in commit status API
369
  - Decrease the font size and the padding of the `.anchor` icons used in the README (Roberto Dip)
Sean Lang's avatar
Sean Lang committed
370
  - Rewrite logo to simplify SVG code (Sean Lang)
371 372
  - Allow to use YAML anchors when parsing the `.gitlab-ci.yml` (Pascal Bach)
  - Ignore jobs that start with `.` (hidden jobs)
373
  - Hide builds from project's settings when the feature is disabled
374
  - Allow to pass name of created artifacts archive in `.gitlab-ci.yml`
375
  - Refactor and greatly improve search performance
376
  - Add support for cross-project label references
377
  - Ensure "new SSH key" email do not ends up as dead Sidekiq jobs
378
  - Update documentation to reflect Guest role not being enforced on internal projects
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
379
  - Allow search for logged out users
380
  - Allow to define on which builds the current one depends on
381
  - Allow user subscription to a label: get notified for issues/merge requests related to that label (Timothy Andrew)
382
  - Fix bug where Bitbucket `closed` issues were imported as `opened` (Iuri de Silvio)
Rubén Dávila's avatar
Rubén Dávila committed
383
  - Don't show Issues/MRs from archived projects in Groups view
384
  - Fix wrong "iid of max iid" in Issuable sidebar for some merged MRs
385
  - Fix empty source_sha on Merge Request when there is no diff (Pierre de La Morinerie)
Alfredo Sumaran's avatar
Alfredo Sumaran committed
386
  - Increase the notes polling timeout over time (Roberto Dip)
387
  - Add shortcut to toggle markdown preview (Florent Baldino)
388
  - Show labels in dashboard and group milestone views
389
  - Fix an issue when the target branch of a MR had been deleted
tiagonbotelho's avatar
tiagonbotelho committed
390
  - Add main language of a project in the list of projects (Tiago Botelho)
391
  - Add #upcoming filter to Milestone filter (Tiago Botelho)
392
  - Add ability to show archived projects on dashboard, explore and group pages
393
  - Remove fork link closes all merge requests opened on source project (Florent Baldino)
394
  - Move group activity to separate page
395
  - Create external users which are excluded of internal and private projects unless access was explicitly granted
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
396
  - Continue parameters are checked to ensure redirection goes to the same instance
397
  - User deletion is now done in the background so the request can not time out
Geoffrey Lalonde's avatar
Geoffrey Lalonde committed
398
  - Canceled builds are now ignored in compound build status if marked as `allowed to fail`
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
399
  - Trigger a todo for mentions on commits page
400
  - Let project owners and admins soft delete issues and merge requests
Rémy Coutable's avatar
Rémy Coutable committed
401

402 403 404 405 406 407 408 409 410 411 412
v 8.5.12
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

413 414 415
v 8.5.11
  - Fix persistent XSS vulnerability in `commit_person_link` helper

416 417 418
v 8.5.10
  - Fix a 2FA authentication spoofing vulnerability.

Rémy Coutable's avatar
Rémy Coutable committed
419 420 421
v 8.5.9
  - Don't attempt to fetch any tags from a forked repo (Stan Hu).

422 423 424
v 8.5.8
  - Bump Git version requirement to 2.7.4

Douwe Maan's avatar
Douwe Maan committed
425
v 8.5.7
426
  - Bump Git version requirement to 2.7.3
Rémy Coutable's avatar
Rémy Coutable committed
427

Rémy Coutable's avatar
Rémy Coutable committed
428 429 430
v 8.5.6
  - Obtain a lease before querying LDAP

Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
431
v 8.5.5
Rémy Coutable's avatar
Rémy Coutable committed
432 433 434 435
  - Ensure removing a project removes associated Todo entries
  - Prevent a 500 error in Todos when author was removed
  - Fix pagination for filtered dashboard and explore pages
  - Fix "Show all" link behavior
Rémy Coutable's avatar
Rémy Coutable committed
436

437
v 8.5.4
438 439
  - Do not cache requests for badges (including builds badge)

Rémy Coutable's avatar
Rémy Coutable committed
440 441
v 8.5.3
  - Flush repository caches before renaming projects
442
  - Sort starred projects on dashboard based on last activity by default
Rubén Dávila's avatar
Rubén Dávila committed
443
  - Show commit message in JIRA mention comment
444
  - Makes issue page and merge request page usable on mobile browsers.
Phil Hughes's avatar
Phil Hughes committed
445
  - Improved UI for profile settings
Rémy Coutable's avatar
Rémy Coutable committed
446

Robert Speicher's avatar
Robert Speicher committed
447 448
v 8.5.2
  - Fix sidebar overlapping content when screen width was below 1200px
Rémy Coutable's avatar
Rémy Coutable committed
449 450
  - Don't repeat labels listed on Labels tab
  - Bring the "branded appearance" feature from EE to CE
Robert Speicher's avatar
Robert Speicher committed
451
  - Fix error 500 when commenting on a commit
Rémy Coutable's avatar
Rémy Coutable committed
452
  - Show days remaining instead of elapsed time for Milestone
453
  - Fix broken icons on installations with relative URL (Artem Sidorenko)
Rémy Coutable's avatar
Rémy Coutable committed
454
  - Fix issue where tag list wasn't refreshed after deleting a tag
Kazuki Sawada's avatar
Kazuki Sawada committed
455
  - Fix import from gitlab.com (KazSawada)
Rémy Coutable's avatar
Rémy Coutable committed
456 457
  - Improve implementation to check read access to forks and add pagination
  - Don't show any "2FA required" message if it's not actually required
458
  - Fix help keyboard shortcut on relative URL setups (Artem Sidorenko)
Rémy Coutable's avatar
Rémy Coutable committed
459 460
  - Update Rails to 4.2.5.2
  - Fix permissions for deprecated CI build status badge
461
  - Don't show "Welcome to GitLab" when the search didn't return any projects
Rémy Coutable's avatar
Rémy Coutable committed
462
  - Add Todos documentation
Rémy Coutable's avatar
Rémy Coutable committed
463 464 465

v 8.5.1
  - Fix group projects styles
466
  - Show Crowd login tab when sign in is disabled and Crowd is enabled (Peter Hudec)
Rémy Coutable's avatar
Rémy Coutable committed
467 468 469 470 471 472 473 474 475 476
  - Fix a set of small UI glitches in project, profile, and wiki pages
  - Restrict permissions on public/uploads
  - Fix the merge request side-by-side view after loading diff results
  - Fix the look of tooltip for the "Revert" button
  - Add when the Builds & Runners API changes got introduced
  - Fix error 500 on some merged merge requests
  - Fix an issue causing the content of the issuable sidebar to disappear
  - Fix error 500 when trying to mark an already done todo as "done"
  - Fix an issue where MRs weren't sortable
  - Issues can now be dragged & dropped into empty milestone lists. This is also
Rémy Coutable's avatar
Rémy Coutable committed
477
    possible with MRs
Rémy Coutable's avatar
Rémy Coutable committed
478 479 480
  - Changed padding & background color for highlighted notes
  - Re-add the newrelic_rpm gem which was removed without any deprecation or warning (Stan Hu)
  - Update sentry-raven gem to 0.15.6
481
  - Add build coverage in project's builds page (Steffen Köhler)
482
  - Changed # to ! for merge requests in activity view
483 484

v 8.5.0
485
  - Fix duplicate "me" in tooltip of the "thumbsup" awards Emoji (Stan Hu)
Rémy Coutable's avatar
Rémy Coutable committed
486
  - Cache various Repository methods to improve performance
ashleys's avatar
ashleys committed
487
  - Fix duplicated branch creation/deletion Webhooks/service notifications when using Web UI (Stan Hu)
488
  - Ensure rake tasks that don't need a DB connection can be run without one
489
  - Update New Relic gem to 3.14.1.311 (Stan Hu)
490
  - Add "visibility" flag to GET /projects api endpoint
491
  - Add an option to supply root email through an environmental variable (Koichiro Mikami)
492
  - Ignore binary files in code search to prevent Error 500 (Stan Hu)
Stan Hu's avatar
Stan Hu committed
493
  - Render sanitized SVG images (Stan Hu)
494
  - Support download access by PRIVATE-TOKEN header (Stan Hu)
495
  - Upgrade gitlab_git to 7.2.23 to fix commit message mentions in first branch push
496
  - Add option to include the sender name in body of Notify email (Jason Lee)
497
  - New UI for pagination
Robert Speicher's avatar
Robert Speicher committed
498 499
  - Don't prevent sign out when 2FA enforcement is enabled and user hasn't yet
    set it up
500
  - API: Added "merge_requests/:merge_request_id/closes_issues" (Gal Schlezinger)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
501
  - Fix diff comments loaded by AJAX to load comment with diff in discussion tab
502
  - Fix relative links in other markup formats (Ben Boeckel)
503
  - Whitelist raw "abbr" elements when parsing Markdown (Benedict Etzel)
504
  - Fix label links for a merge request pointing to issues list
505
  - Don't vendor minified JS
506
  - Increase project import timeout to 15 minutes
507
  - Be more permissive with email address validation: it only has to contain a single '@'
508
  - Display 404 error on group not found
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
509
  - Track project import failure
510
  - Support Two-factor Authentication for LDAP users
511
  - Display database type and version in Administration dashboard
512
  - Allow limited Markdown in Broadcast Messages
513
  - Fix visibility level text in admin area (Zeger-Jan van de Weg)
Robert Speicher's avatar
Robert Speicher committed
514
  - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
Robert Speicher's avatar
Robert Speicher committed
515
  - Update the ExternalIssue regex pattern (Blake Hitchcock)
Robert Speicher's avatar
Robert Speicher committed
516
  - Remember user's inline/side-by-side diff view preference in a cookie (Kirill Katsnelson)
517
  - Optimized performance of finding issues to be closed by a merge request
518 519 520 521 522
  - Add `avatar_url`, `description`, `git_ssh_url`, `git_http_url`, `path_with_namespace`
    and `default_branch` in `project` in push, issue, merge-request and note webhooks data (Kirill Zaitsev)
  - Deprecate the `ssh_url` in favor of `git_ssh_url` and `http_url` in favor of `git_http_url`
    in `project` for push, issue, merge-request and note webhooks data (Kirill Zaitsev)
  - Deprecate the `repository` key in push, issue, merge-request and note webhooks data, use `project` instead (Kirill Zaitsev)
523
  - API: Expose MergeRequest#merge_status (Andrei Dziahel)
524
  - Revert "Add IP check against DNSBLs at account sign-up"
525
  - Actually use the `skip_merges` option in Repository#commits (Tony Chu)
526
  - Fix API to keep request parameters in Link header (Michael Potthoff)
527 528
  - Deprecate API "merge_request/:merge_request_id/comments". Use "merge_requests/:merge_request_id/notes" instead
  - Deprecate API "merge_request/:merge_request_id/...". Use "merge_requests/:merge_request_id/..." instead
James Lopez's avatar
James Lopez committed
529
  - Prevent parse error when name of project ends with .atom and prevent path issues
530
  - Discover branches for commit statuses ref-less when doing merge when succeeded
531
  - Mark inline difference between old and new paths when a file is renamed
Douglas Barbosa Alexandre's avatar
Douglas Barbosa Alexandre committed
532
  - Support Akismet spam checking for creation of issues via API (Stan Hu)
533
  - API: Allow to set or update a merge-request's milestone (Kirill Skachkov)
534
  - Improve UI consistency between projects and groups lists
535
  - Add sort dropdown to dashboard projects page
536
  - Fixed logo animation on Safari (Roman Rott)
537
  - Fix Merge When Succeeded when multiple stages
538
  - Hide remove source branch button when the MR is merged but new commits are pushed (Zeger-Jan van de Weg)
539
  - In seach autocomplete show only groups and projects you are member of
James Lopez's avatar
James Lopez committed
540
  - Don't process cross-reference notes from forks
541
  - Fix: init.d script not working on OS X
Valery Sizov's avatar
Valery Sizov committed
542
  - Faster snippet search
543
  - Added API to download build artifacts
544
  - Title for milestones should be unique (Zeger-Jan van de Weg)
545
  - Validate correctness of maximum attachment size application setting
546
  - Replaces "Create merge request" link with one to the "Merge Request" when one exists
547
  - Fix CI builds badge, add a new link to builds badge, deprecate the old one
548
  - Fix broken link to project in build notification emails
549
  - Ability to see and sort on vote count from Issues and MR lists
550
  - Fix builds scheduler when first build in stage was allowed to fail
551
  - User project limit is reached notice is hidden if the projects limit is zero
Tomasz Maczukin's avatar
Tomasz Maczukin committed
552
  - Add API support for managing runners and project's runners
553 554 555
  - Allow SAML users to login with no previous account without having to allow
    all Omniauth providers to do so.
  - Allow existing users to auto link their SAML credentials by logging in via SAML
556
  - Make it possible to erase a build (trace, artifacts) using UI and API
Rubén Dávila's avatar
Rubén Dávila committed
557
  - Ability to revert changes from a Merge Request or Commit
558
  - Emoji comment on diffs are not award emoji
Tap's avatar
Tap committed
559 560
  - Add label description (Nuttanart Pornprasitsakul)
  - Show label row when filtering issues or merge requests by label (Nuttanart Pornprasitsakul)
561
  - Add Todos
562

563 564 565 566 567 568 569 570 571 572 573
v 8.4.10
  - Prevent privilege escalation via "impersonate" feature
  - Prevent privilege escalation via notes API
  - Prevent privilege escalation via project webhook API
  - Prevent XSS via Git branch and tag names
  - Prevent XSS via custom issue tracker URL
  - Prevent XSS via `window.opener`
  - Prevent information disclosure via snippet API
  - Prevent information disclosure via project labels
  - Prevent information disclosure via new merge request page

574 575 576
v 8.4.9
  - Fix persistent XSS vulnerability in `commit_person_link` helper

577 578 579
v 8.4.8
  - Fix a 2FA authentication spoofing vulnerability.

580 581 582 583 584 585
v 8.4.7
  - Don't attempt to fetch any tags from a forked repo (Stan Hu).

v 8.4.6
  - Bump Git version requirement to 2.7.4

Robert Speicher's avatar
Robert Speicher committed
586 587 588
v 8.4.5
  - No CE-specific changes

Robert Speicher's avatar
Robert Speicher committed
589 590
v 8.4.4
  - Update omniauth-saml gem to 1.4.2
Robert Speicher's avatar
Robert Speicher committed
591 592
  - Prevent long-running backup tasks from timing out the database connection
  - Add a Project setting to allow guests to view build logs (defaults to true)
593
  - Sort project milestones by due date including issue editor (Oliver Rogers / Orih)
Robert Speicher's avatar
Robert Speicher committed
594

595
v 8.4.3
Robert Speicher's avatar
Robert Speicher committed
596 597 598 599 600 601
  - Increase lfs_objects size column to 8-byte integer to allow files larger
    than 2.1GB
  - Correctly highlight MR diff when MR has merge conflicts
  - Fix highlighting in blame view
  - Update sentry-raven gem to prevent "Not a git repository" console output
    when running certain commands
Robert Speicher's avatar
Robert Speicher committed
602 603 604
  - Add instrumentation to additional Gitlab::Git and Rugged methods for
    performance monitoring
  - Allow autosize textareas to also be manually resized
605

Robert Speicher's avatar
Robert Speicher committed
606
v 8.4.2
Robert Speicher's avatar
Robert Speicher committed
607 608 609
  - Bump required gitlab-workhorse version to bring in a fix for missing
    artifacts in the build artifacts browser
  - Get rid of those ugly borders on the file tree view
610
  - Fix updating the runner information when asking for builds
Robert Speicher's avatar
Robert Speicher committed
611 612 613 614
  - Bump gitlab_git version to 7.2.24 in order to bring in a performance
    improvement when checking if a repository was empty
  - Add instrumentation for Gitlab::Git::Repository instance methods so we can
    track them in Performance Monitoring.
Robert Speicher's avatar
Robert Speicher committed
615
  - Increase contrast between highlighted code comments and inline diff marker
616
  - Fix method undefined when using external commit status in builds
Douwe Maan's avatar
Douwe Maan committed
617
  - Fix highlighting in blame view.
618

Robert Speicher's avatar
Robert Speicher committed
619 620 621 622 623
v 8.4.1
  - Apply security updates for Rails (4.2.5.1), rails-html-sanitizer (1.0.3),
    and Nokogiri (1.6.7.2)
  - Fix redirect loop during import
  - Fix diff highlighting for all syntax themes
Josh Frye's avatar
Josh Frye committed
624
  - Delete project and associations in a background worker
Robert Speicher's avatar
Robert Speicher committed
625

626
v 8.4.0
627
  - Allow LDAP users to change their email if it was not set by the LDAP server
628
  - Ensure Gravatar host looks like an actual host
629
  - Consider re-assign as a mention from a notification point of view
630
  - Add pagination headers to already paginated API resources
631
  - Properly generate diff of orphan commits, like the first commit in a repository
632
  - Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages
Robert Speicher's avatar
Robert Speicher committed
633 634 635
  - Autocomplete data is now always loaded, instead of when focusing a comment text area
  - Improved performance of finding issues for an entire group
  - Added custom application performance measuring system powered by InfluxDB
Robert Speicher's avatar
Robert Speicher committed
636
  - Add syntax highlighting to diffs
637
  - Gracefully handle invalid UTF-8 sequences in Markdown links (Stan Hu)
Stan Hu's avatar
Stan Hu committed
638
  - Bump fog to 1.36.0 (Stan Hu)
639
  - Add user's last used IP addresses to admin page (Stan Hu)
640
  - Add housekeeping function to project settings page
641
  - The default GitLab logo now acts as a loading indicator
642
  - Fix caching issue where build status was not updating in project dashboard (Stan Hu)
ashleys's avatar
ashleys committed
643
  - Accept 2xx status codes for successful Webhook triggers (Stan Hu)
644
  - Fix missing date of month in network graph when commits span a month (Stan Hu)
645
  - Expire view caches when application settings change (e.g. Gravatar disabled) (Stan Hu)
646
  - Don't notify users twice if they are both project watchers and subscribers (Stan Hu)
Robert Speicher's avatar
Robert Speicher committed
647
  - Remove gray background from layout in UI
648
  - Fix signup for OAuth providers that don't provide a name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
649
  - Implement new UI for group page
Valery Sizov's avatar
Valery Sizov committed
650
  - Implement search inside emoji picker
651
  - Let the CI runner know about builds that this build depends on
652
  - Add API support for looking up a user by username (Stan Hu)
653
  - Add project permissions to all project API endpoints (Stan Hu)
Douwe Maan's avatar
Douwe Maan committed
654
  - Link to milestone in "Milestone changed" system note
655
  - Only allow group/project members to mention `@all`
Robert Speicher's avatar
Robert Speicher committed
656
  - Expose Git's version in the admin area (Trey Davis)
657
  - Add "Frequently used" category to emoji picker
658
  - Add CAS support (tduehr)
Robert Speicher's avatar
Robert Speicher committed
659
  - Add link to merge request on build detail page
660
  - Fix: Problem with projects ending with .keys (Jose Corcuera)
661
  - Revert back upvote and downvote button to the issue and MR pages
Robert Speicher's avatar
Robert Speicher committed
662
  - Swap position of Assignee and Author selector on Issuables (Zeger-Jan van de Weg)
663
  - Add system hook messages for project rename and transfer (Steve Norman)
664
  - Fix version check image in Safari
665
  - Show 'All' tab by default in the builds page
666
  - Add Open Graph and Twitter Card data to all pages
667
  - Fix API project lookups when querying with a namespace with dots (Stan Hu)
668
  - Enable forcing Two-factor authentication sitewide, with optional grace period
Robert Speicher's avatar
Robert Speicher committed
669 670
  - Import GitHub Pull Requests into GitLab
  - Change single user API endpoint to return more detailed data (Michael Potthoff)
671
  - Update version check images to use SVG
672
  - Validate README format before displaying
673
  - Enable Microsoft Azure OAuth2 support (Janis Meybohm)
674
  - Properly set task-list class on single item task lists