GitLab - Package Updates
Pinned
GitLab
-
[1.95.1]
- Update GitLab to 17.4.2
-
[1.96.0]
- Update GitLab to 17.5.1
- Release announcement
-
[1.96.1]
- Update gitlab-foss to 17.5.2
- Full Changelog
- Fix group wiki activity events breaking the user feed
- Add param filtering to avoid error while saving project settings (merge request) GitLab Enterprise Edition
- Fix new project group templates pagination GitLab Enterprise Edition
- Update pdf worker file path in pdf viewer
- Add missing project_id for build_chat_data (merge request)
- Use custom adapter for parsing FogBugz XML (merge request)
- Removed id from authorize buttons and added specs (merge request)
- HTML injection in vulnerability Code flow leads to XSS on self hosted instances (merge request)
- Remove is-unsafe-link from product analytics tables to prevent XSS (merge request)
- Details of blocking merge request can be exposed via list (merge request)
- Prevent agent access via unconfirmed or disallowed group members (merge request)
- Remove permissions JSONB column from the condition
-
[1.96.2]
- Update gitlab-foss to 17.5.3
- Full Changelog
- Ensure auto_merge_enabled is set when validating merge trains GitLab Enterprise Edition
- Add size check for harbor registry (merge request)
- Adding JobArtifactReport class to pre-emptively validate job artifacts (merge request)
- Fix: unsubscribe from actioncable channel when PAT is revoked (merge request)
- Allow a LFS token to be used only for LFS related requests (merge request)
- Fix possible DOS with TOML file parsing (merge request)
- Move allow_access_with_scope to class level (merge request)
-
[1.97.0]
- Update gitlab-foss to 17.6.2
- Full Changelog
-
[1.98.0]
- Update gitlab-foss to 17.7.1
- Full Changelog
- Add a migration to regenerate CI job token signing key
- Fix CI job token signing key not always generated
- Prevent cyclic reference in work item hierarchy widget from frontend (merge request)
- Allow external_provider config take precedence over external_groups (merge request)
- Filter out sensitive parameters on Auth logs (merge request)
- Don't allow unauthorized users to close issues automatically (merge request)
- Add iteration autocomplete to RTE by @salihudickson (merge request) GitLab Enterprise Edition
-
[1.98.1]
- Update gitlab-foss to 17.7.2
- Full Changelog
- Fix handling of short gzip metadata files (merge request)
- Remove
download_codedependency from access to read merge requests (merge request)
-
[1.99.0]
- Update gitlab-foss to 17.8.1
- Full Changelog
- Fix protected variable exfiltration (merge request)
- Enhance rich viewer sanitization (merge request)
- Avoid recursive sidekiq calls on cyclic work item hierarchies (merge request)
- Respect the private profile constraints (merge request)
- Add more specs for most_recent_commit_sha method (merge request) GitLab Enterprise Edition
- Update runners owned by non-existent projects (merge request)
-
[1.99.1]
- Update gitlab-foss to 17.8.2
- Full Changelog
- Fix storing incorrect policy index in scan_result_policies GitLab Enterprise Edition
- Enable ai tracking even with feature flag disabled GitLab Enterprise Edition
- Fix Workhorse failing on 64-bit unaligned access on Raspberry Pi 32-bit
- Security Duo Chat Escape Unknown Domain Hyperlinks (merge request)
- Hide sensitive workhorse headers and fix route confusion between web and workhorse routes (merge request)
- Do not allow Planner role to update or delete incidents (merge request)
- Reduce memory allocations on create PAT endpoint (merge request)
- Prevent SSRF attacks for Workspaces (merge request)
- Prevent read code access when repository is disabled (merge request)
- Fixes XSS on the target branch in the merge request widget (merge request)
- Unsubscribe from actioncable channel when PAT is revoked (merge request)
-
[1.100.0]
- Update gitlab-foss to 17.9.0
- Full Changelog
- Allow adding comments on Wiki pages (merge request)
- Add integrity verification for remote CI includes (merge request)
- ActiveContext add preprocessors for references (merge request)
- ActiveContext postgres indexer (merge request)
- Add support for created_at on work_items create API (merge request)
- Add
Shared groupstab to group overview (merge request) - Model registry: Support loading runs (merge request)
- Add API endpoints for group level integrations (merge request)
- Admin Token API: Revoke Feature Flags Client token by @nwittstruck (merge request)
- Add pipeline analytics for groups on GraphQL (merge request)
- Add organization and job title to user synced attributes (merge request)
