GitLab - Package updates

girish

You can use this thread to track updates to the GitLab package.

Please open issues in a separate topic instead of replying here.

girish

Pushed a new package v1.35.3 now that fixes email notifications in GitLab as well as updates it to use the new base image 2.0.0

girish

Package v1.36.0 released with GitLab 12.10.2

girish

Package v1.36.1 released with GitLab 12.10.3

girish

Package v1.36.3 released with GitLab to 12.10.5

girish

[1.36.4]

• Update GitLab to 12.10.6

girish

[1.37.0]

• Update GitLab to 13.0.5
• Full changelog
• Versioned Snippets
• Dark Theme in the Web IDE
• Review summary of terraform plan in Merge Requests
• GitLab HTTP Terraform state backend
• Exclude large files using Partial Clone
• Use variables to power metric dashboards
• Enable group-level default branch protection
• Export and Import Groups in the UI
• Use emojis in design comments to enhance feedback
• Improved Snippets editor
• WYSIWYG for the Static Site Editor

girish

[1.37.1]

• Update GitLab to 13.0.6

girish

[1.37.2]

• Update GitLab to 13.0.7
• Requires Cloudron 5.3

girish

[1.37.3]

• Update GitLab to 13.0.8

girish

[1.37.4]

• Update GitLab to 13.0.9

girish

[1.37.5]

• Update GitLab to 13.0.10

girish

IMPORTANT: this update is only available with Cloudron 5.5 (which is currently not released) since it requires Postgres 11.

[1.38.0]

• Update Gitlab to 13.1.5
• Release blog
• Manage IT Alerts in GitLab
• Accessibility Testing Merge Request Widget
• Mark any Design thread as resolved
• Merge Request Reviews moved to Core
• Code Intelligence
• Graph code coverage changes over time for a project
• Update git 2.27
• Update ruby to 2.6

girish

[1.39.0]

• Update GitLab to 13.2.4
• Release blog
• Streamline agile project planning and management
• Better collaboration for faster feedback
• Improved performance and efficiency

girish

[1.39.1]

• Update GitLab to 13.2.6
• Critical security release

girish

[1.40.0]

• Update GitLab to 13.3.1
• Release blog
• Create and manage IT Incidents in GitLab
• Multi-line comments for merge requests

girish

[1.40.1]

• Update GitLab to 13.3.3
• Release blog
• This is an important security release, please update ASAP
• Vendor Cross-Account Assume-Role Attack
• Stored XSS on the Vulnerability Page
• Outdated Job Token Can Be Reused to Access Unauthorized Resources
• File Disclosure Via Workhorse File Upload Bypass
• Unauthorized Maintainer Can Edit Group Badge
• Denial of Service Within Wiki Functionality
• Sign-in Vulnerable to Brute-force Attacks
• Invalidated Session Allows Account Access With an Old Password
• Blind SSRF Through Repository Mirroring

girish

[1.40.2]

• Update GitLab to 13.3.5
• Release blog
• Update the 2FA user check to use timestamps
• Coerce string object storage options to booleans
• Fix Jira importer user mapping limit
• Fix auto-deploy-image external chart dependencies
• Fix ActiveRecord::IrreversibleOrderError during restore from backup
• Add path helper method for vulnerability todo
• Fix hanging info/refs cache when error occurs

girish

[1.40.3]

• Update GitLab to 13.3.6

girish

[1.41.0]

• Update Gitlab to 13.4.1
• Release blog
• List and revoke Personal Access Tokens via API
• Revoke PATs for self-managed credential inventory
• Child pipelines can now trigger their own child pipelines
• Mark a to-do as Done in the Design View
• GitLab Runner 13.4 released

girish

[1.41.1]

• Update GitLab to 13.4.2
• Security release
• Fixes Potential Denial Of Service Via Update Release Links API

girish

[1.41.2]

• Update GitLab to 13.4.3

girish

[1.41.3]

• Update GitLab to 13.4.4

girish

[1.42.0]

• Update GitLab to 13.5.2
• Release announcement
• View cluster cost management data in GitLab
• Enable instance-level shared runners when viewing groups
• Trigger downstream or child pipelines with manual jobs

girish

[1.42.1]

• Update GitLab to 13.5.3

girish

[1.42.2]

• Update GitLab to 13.5.4

girish

[1.43.0]

• Update GitLab to 13.6.1
• Release announcement
• Display Code Quality severity ratings
• Group-level management of project integrations
• Fire Webhook on Feature Flag change
• Sort releases by name in UI
• Admin approval required by default for new user registrations
• Export merge requests as a CSV
• Improved user experience for the group member list
• Visualize users, projects, groups, issues, MRs, and pipeline activity
• Configure destination for images uploaded from the Static Site Editor
• Filter Merge Requests by environment and deployment times
• Improved Design Management notifications
• Issues and Merge Requests in VS Code
• Unique design identifier
• GitLab Runner 13.6

girish

[1.44.0]

• Setup new installations with admin email set to admin@cloudron.local

girish

[1.44.1]

• Update GitLab to 13.6.3
• Release announcement

girish

[1.44.2]

• disable changing of usernames by default
• Set trusted_proxies

girish

[1.45.0]

• Update GitLab to 13.7
• Release announcement
• Reviewers for Merge Requests
• Clone an issue with a quick action
• Show deployment status on the Environments page
• Improved group members list filtering and sorting
• Improved UI for project creation
• Choose to show one file at a time directly from merge requests

girish

[1.45.1]

• Update GitLab to 13.7.4
• GitLab Critical Security Release

girish

[1.46.0]

• Update GitLab to 13.8.1
• Release announcement
• Pipeline editor
• CI lint tool in the pipeline editor page
• CI/CD configuration validation in Pipeline Editor
• Visualization of pipeline configuration
• Click and drag multiline merge request comments

girish

[1.46.1]

• Update GitLab to 13.8.2
• Security release

girish

[1.47.0]

• Use base image 3.0

girish

[1.47.1]

• Update GitLab to 13.8.4
• Security release
• Denial of Service Attack on gitlab-shell
• Improper Certificate Validation for Fortinet OTP
• Resource exhaustion due to pending jobs
• Confidential issue titles were exposed
• Improper access control allowed demoted project members to access authored merge requests

girish

[1.48.0]

• Update GitLab to 13.9.3
• Release announcement
• Easily see repeat failed tests in Unit Test Reports
• Select CI/CD configuration from any job and reuse it
• Resource Group for multi-project and parent-child pipelines
• Follow user activity
• Markdown links for Feature Flags
• Request a follow-up review from a Reviewer

girish

[1.48.1]

• Update GitLab to 13.9.4
• Critial Security Release
• Remote code execution via unsafe user-controlled markdown rendering options

girish

[1.49.0]

• Update GitLab to 13.10.2
• Release announcement
• Create a release from an existing tag
• Define environment type in .gitlab-ci.yml
• Use 'parallel: matrix' with trigger jobs
• Clone project inside Visual Studio Code
• Automatically retarget merge requests
• Deep link directly to lines of
• Notify participants when merge request is marked ready

girish

[1.50.0]

• Make complete gitlab.yml config to /app/data/gitlab.yml

girish

[1.50.1]

• Update GitLab to 13.10.3
• Release announcement
• Security: Remote code execution when uploading specially crafted image files
• Security: Update Rexml to mitigate CVE-2021-28965

girish

[1.51.0]

• Update GitLab to 13.11.2
• Release announcement
• Re-authenticate for GitLab administration with Admin Mode
• Use multiple caches in the same job
• Optional DAG ('needs:') jobs in CI/CD pipelines
• Request a CVE ID from the GitLab UI
• Add standalone comments to merge request reviews

girish

[1.51.1]

• Update GitLab to 13.11.3
• Release announcement

girish

[1.51.2]

• Update GitLab to 13.11.4
• Release announcement
• Fix N+1 SQL queries in PipelinesController#show
• Omit trailing slash when proxying pre-authorized routes with no suffix
• Omit trailing slash when checking allowed requests in the read-only middleware

girish

[1.52.0]

• Update GitLab to 13.12
• Release announcement
• Easier pipeline management for enhanced usability
• Useful GitLab CI/CD information in the pipeline editor
• Support wildcards when including YAML CI/CD configuration files
• Show job dependencies in the pipeline graph
• Failed test screenshots in test report
• Added total group and project count to admin users table

girish

[1.52.1]

• Update GitLab to 13.12.3
• Release announcement

girish

[1.52.2]

• Update GitLab to 13.12.4

girish

[1.52.3]

• Update GitLab to 13.12.5

girish

[1.53.0]

• Update GitLab to 14.0
• Release announcement
• Streamlined top navigation menu
• Merge request reviews in VS Code
• Sidebar navigation redesign
• Edit wiki pages with the WYSIWYG Markdown editor
• Prepopulate the CI/CD pipeline editor with an initial template

girish

[1.53.1]

• Update GitLab to 14.0.6

girish

[1.54.0]

• Update GitLab to 14.1.1
• Release announcement
• Build, publish, and share Helm charts
• Create tables and upload images in the Wiki Content Editor
• Select project access token role
• Group Migration now includes Epics

girish

[1.54.1]

• Update GitLab to 14.1.2

girish

[1.54.2]

• Update GitLab to 14.1.3

girish

[1.55.0]

• Update GitLab to 14.2
• Release announcement
• Preview Markdown live while editing
• Use CI/CD variables in include statements in .gitlab-ci.yml
• Stageless pipelines
• Group Migration achieves parity with group import/export

girish

I had to revert 14.2. We hit a migration issue that other GitLab users have also hit - https://forum.gitlab.com/t/failed-upgrade-to-14-2-0-ce-post-installation-fail-on-pg-migrations/57513/3

girish

[1.55.1]

• Update GitLab to 14.2.2

girish

[1.55.2]

• Update GitLab to 14.2.3

girish

[1.55.3]

• Set gitaly-backup path. This is required for backup and restore to work

girish

[1.56.0]

• Update GitLab to 14.3
• Release announcement
• Edit a table’s structure visually in the new wiki editor
• Use variables in other variables
• GPG key displayed on a user’s profile page
• Filtering for project-level Value Stream Analytics
• OAuth access tokens issued with expiration by default
• Preview multimedia in the new Wiki editor

girish

[1.56.1]

• Update GitLab to 14.3.2