GitLab - Package Updates

girish

You can use this thread to track updates to the GitLab package.

Please open issues in a separate topic instead of replying here.

girish

Pushed a new package v1.35.3 now that fixes email notifications in GitLab as well as updates it to use the new base image 2.0.0

girish

Package v1.36.0 released with GitLab 12.10.2

girish

Package v1.36.1 released with GitLab 12.10.3

girish

Package v1.36.3 released with GitLab to 12.10.5

girish

[1.36.4]

• Update GitLab to 12.10.6

girish

[1.37.0]

• Update GitLab to 13.0.5
• Full changelog
• Versioned Snippets
• Dark Theme in the Web IDE
• Review summary of terraform plan in Merge Requests
• GitLab HTTP Terraform state backend
• Exclude large files using Partial Clone
• Use variables to power metric dashboards
• Enable group-level default branch protection
• Export and Import Groups in the UI
• Use emojis in design comments to enhance feedback
• Improved Snippets editor
• WYSIWYG for the Static Site Editor

girish

[1.37.1]

• Update GitLab to 13.0.6

girish

[1.37.2]

• Update GitLab to 13.0.7
• Requires Cloudron 5.3

girish

[1.37.3]

• Update GitLab to 13.0.8

girish

[1.37.4]

• Update GitLab to 13.0.9

girish

[1.37.5]

• Update GitLab to 13.0.10

girish

IMPORTANT: this update is only available with Cloudron 5.5 (which is currently not released) since it requires Postgres 11.

[1.38.0]

• Update Gitlab to 13.1.5
• Release blog
• Manage IT Alerts in GitLab
• Accessibility Testing Merge Request Widget
• Mark any Design thread as resolved
• Merge Request Reviews moved to Core
• Code Intelligence
• Graph code coverage changes over time for a project
• Update git 2.27
• Update ruby to 2.6

girish

[1.39.0]

• Update GitLab to 13.2.4
• Release blog
• Streamline agile project planning and management
• Better collaboration for faster feedback
• Improved performance and efficiency

girish

[1.39.1]

• Update GitLab to 13.2.6
• Critical security release

girish

[1.40.0]

• Update GitLab to 13.3.1
• Release blog
• Create and manage IT Incidents in GitLab
• Multi-line comments for merge requests

girish

[1.40.1]

• Update GitLab to 13.3.3
• Release blog
• This is an important security release, please update ASAP
• Vendor Cross-Account Assume-Role Attack
• Stored XSS on the Vulnerability Page
• Outdated Job Token Can Be Reused to Access Unauthorized Resources
• File Disclosure Via Workhorse File Upload Bypass
• Unauthorized Maintainer Can Edit Group Badge
• Denial of Service Within Wiki Functionality
• Sign-in Vulnerable to Brute-force Attacks
• Invalidated Session Allows Account Access With an Old Password
• Blind SSRF Through Repository Mirroring

girish

[1.40.2]

• Update GitLab to 13.3.5
• Release blog
• Update the 2FA user check to use timestamps
• Coerce string object storage options to booleans
• Fix Jira importer user mapping limit
• Fix auto-deploy-image external chart dependencies
• Fix ActiveRecord::IrreversibleOrderError during restore from backup
• Add path helper method for vulnerability todo
• Fix hanging info/refs cache when error occurs

girish

[1.40.3]

• Update GitLab to 13.3.6

girish

[1.41.0]

• Update Gitlab to 13.4.1
• Release blog
• List and revoke Personal Access Tokens via API
• Revoke PATs for self-managed credential inventory
• Child pipelines can now trigger their own child pipelines
• Mark a to-do as Done in the Design View
• GitLab Runner 13.4 released