diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 133 |
1 files changed, 65 insertions, 68 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index e379c23ee3c..6b446b3533b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,10 @@ entry. ## 12.2.3 +- No changes. + +## 12.2.2 + ### Security (22 changes) - Ensure only authorised users can create notes on Merge Requests and Issues. @@ -54,11 +58,16 @@ entry. - Fix SSRF via DNS rebinding in Kubernetes Integration. -## 12.2.2 +## 12.2.1 -- Unreleased due to QA failure. +### Fixed (2 changes) -## 12.2.1 +- Fix for embedded metrics undefined params. !31975 +- Fix "ERR value is not an integer or out of range" errors. !32126 + +### Performance (1 change) + +- Fix Gitaly N+1 calls with listing issues/MRs via API. !31938 ### Fixed (3 changes) @@ -721,16 +730,16 @@ entry. ### Security (10 changes) +- Prevent bypass of restriction disabling web password sign in. - Hide confidential issue title on unsubscribe for anonymous users. +- Resolve: Milestones leaked via search API. - Fix url redaction for issue links. +- Add extra fields for handling basic auth on import by url page. - Fix confidential issue label disclosure on milestone view. - Filter relative links in wiki for XSS. +- Prevent invalid branch for merge request. - Prevent XSS injection in note imports. -- Resolve: Milestones leaked via search API. -- Prevent bypass of restriction disabling web password sign in. -- Add extra fields for handling basic auth on import by url page. - Protect Gitlab::HTTP against DNS rebinding attack. -- Prevent invalid branch for merge request. ### Removed (5 changes, 1 of them is from the community) @@ -740,7 +749,7 @@ entry. - Make Kubernetes service templates readonly. !29044 - Remove Content-Type override for Mattermost OAuth login. (Harrison Healey) -### Fixed (116 changes, 28 of them are from the community) +### Fixed (115 changes, 28 of them are from the community) - Fix col-sm-* in forms to keep layout. !24885 (Takuya Noguchi) - Avoid 500 when rendering users ATOM data. !25408 @@ -753,7 +762,6 @@ entry. - Bring secondary button styles up to design standard. !27920 - Use FindOrCreateService to create labels and check for existing ones. !27987 (Matt Duren) - Fix "too many loops" error by handling gracefully cron schedules for non existent days. !28002 -- Handle errors in successful notes reply. !28082 - Fix 500 error when accessing charts with an anonymous user. !28091 (Diego Silva) - Allow user to set primary email first when 2FA is required. !28097 (Kartikey Tanna) - Auto-DevOps: allow to disable rollout status check. !28130 (Sergej Nikolaev <kinolaev@gmail.com>) @@ -850,14 +858,14 @@ entry. - Move Dropdown to Stick to MR View App Button. !29767 - Fix IDE commit using latest ref in branch and overriding contents. !29769 - Revert concurrent pipeline creation for pipeline schedules. !29794 -- Fix layout of group milestone header. -- Fix remote mirrors not updating after tag push. +- Fix border radii on diff files and repo files. - Fix padding of unclickable pipeline dropdown items to match links. +- Fix pipeline schedules when owner is nil. +- Fix remote mirrors not updating after tag push. +- Fix layout of group milestone header. +- Fixed show whitespace button not refetching diff content. - Change resolve button text to mark comment as resolved. - Align system note within discussion with other notes. -- Fix border radii on diff files and repo files. -- Fixed show whitespace button not refetching diff content. -- Fix pipeline schedules when owner is nil. ### Changed (35 changes, 13 of them are from the community) @@ -957,9 +965,9 @@ entry. - Link to an external dashboard from metrics dashboard. !29369 - Add labels to note event payload. !29384 (Sujay Patel) - Add Join meeting button to issues with Zoom links. !29454 -- Make task completion status available via GraphQL. - Add backtraces to Peek performance bar for SQL calls. - Added diff suggestion feature discovery popover. +- Make task completion status available via GraphQL. ### Other (62 changes, 14 of them are from the community) @@ -1014,17 +1022,17 @@ entry. - Changed the 'Created' label to 'Last Updated' on the container registry table to more accurately reflect what the date represents. !29464 - Update GitLab Pages to v1.6.1. !29559 - Indent collapsible sections. !29804 -- Group download buttons into a .btn-group. -- Change default color of award emoji button. -- Use blue for activity stream links; use monospace font for commit sha. +- Use grid and correct border radius for status badge. - Remove fixed height from MR diff headers. -- Moves the table pagination shared component. -- Add warning that gitlab-secrets isn't included in backup. -- Update merge request tabs so they no longer scroll. +- Use blue for activity stream links; use monospace font for commit sha. +- Moves snowplow to CE repo. - Reduce height of issue board input to align with buttons. +- Change default color of award emoji button. +- Group download buttons into a .btn-group. +- Add warning that gitlab-secrets isn't included in backup. - Increase height of move issue dropdown. -- Use grid and correct border radius for status badge. -- Moves snowplow to CE repo. +- Update merge request tabs so they no longer scroll. +- Moves the table pagination shared component. ## 11.11.8 @@ -1093,7 +1101,7 @@ entry. - Destroy project remote mirrors instead of disabling. !27087 -### Fixed (74 changes, 19 of them are from the community) +### Fixed (75 changes, 19 of them are from the community) - Don't create a temp reference for branch comparisons within project. !24038 - Fix some label links not appearing on group labels page and label title being a link on project labels page. !24060 (Tanya Pazitny) @@ -1154,6 +1162,7 @@ entry. - Fix uploading of LFS tracked file through UI. !28052 - Render Next badge only for gitlab.com. !28056 - Fix update head pipeline process of Pipelines for merge requests. !28057 +- Handle errors in successful notes reply. !28082 - Fix visual issues in set status modal. !28147 - Use a path for the related merge requests endpoint. !28171 - disable SSH key validation in key details view. !28180 (Roger Meier) @@ -1164,10 +1173,10 @@ entry. - Fix project visibility level validation. !28305 (Peter Marko) - Fix incorrect prefix used in new uploads for personal snippets. !28337 - Fix Rugged get_tree_entries recursive flag not working. !28494 -- Fixes next badge being always visible. - Next badge must visible when canary flag is true. -- Adds arrow icons to select option in CI/CD settings. - Vertically aligns the play button for stages. +- Fixes next badge being always visible. +- Adds arrow icons to select option in CI/CD settings. - Allow replying to individual notes from API. ### Changed (19 changes, 3 of them are from the community) @@ -1234,10 +1243,10 @@ entry. - Leave project/group from access granted email. !27892 - Allow Sentry client-side DSN to be passed on gitlab.yml. !27967 - GraphQL: improve evaluation of query complexity based on arguments and query limits. !28017 -- Adds badge for Canary environment and help link. - Support negative matches. -- Show category icons in user popover. - Added Omniauth UltraAuth strategy to GitLab. (Kartikey Tanna) +- Adds badge for Canary environment and help link. +- Show category icons in user popover. ### Other (29 changes, 8 of them are from the community) @@ -1267,9 +1276,22 @@ entry. - Remove the note in the docs that multi-line suggestions are not yet available. !28119 (hardysim) - Update gitlab-shell to v9.1.0. !28184 - Add EE fixtures to SeedFu list. !28241 +- Add some frozen string to spec/**/*.rb. (gfyoung) - Replaces CSS with BS4 utility class for pipeline schedules. - Creates a vendors folder for external CSS. -- Add some frozen string to spec/**/*.rb. (gfyoung) + +### Performance (1 change) + +- Add improvements to global search of issues and merge requests. !27817 + + +## 11.10.7 (2019-06-26) + +### Fixed (3 changes) + +- Remove a default git depth in Pipelines for merge requests. !28926 +- Fix label click scrolling to top. !29202 +- Fix scrolling to top on assignee change. !29500 ## 11.10.8 (2019-06-27) @@ -1309,7 +1331,6 @@ entry. - Fix input group height. - ## 11.10.4 (2019-05-01) ### Fixed (12 changes) @@ -1685,31 +1706,11 @@ entry. ## 11.9.3 (2019-03-27) -### Security (8 changes) - -- Disallow guest users from accessing Releases. -- Fix PDF.js vulnerability. -- Hide "related branches" when user does not have permission. -- Fix XSS in resolve conflicts form. -- Added rake task for removing EXIF data from existing uploads. -- Return cached languages if they've been detected before. -- Disallow updating namespace when updating a project. -- Use UntrustedRegexp for matching refs policy. - +- No changes. ## 11.9.2 (2019-03-26) -### Security (8 changes) - -- Disallow guest users from accessing Releases. -- Fix PDF.js vulnerability. -- Hide "related branches" when user does not have permission. -- Fix XSS in resolve conflicts form. -- Added rake task for removing EXIF data from existing uploads. -- Return cached languages if they've been detected before. -- Disallow updating namespace when updating a project. -- Use UntrustedRegexp for matching refs policy. - +- No changes. ## 11.9.1 (2019-03-25) @@ -2324,16 +2325,7 @@ entry. ## 11.7.8 (2019-03-26) -### Security (7 changes) - -- Disallow guest users from accessing Releases. -- Fix PDF.js vulnerability. -- Hide "related branches" when user does not have permission. -- Fix XSS in resolve conflicts form. -- Added rake task for removing EXIF data from existing uploads. -- Disallow updating namespace when updating a project. -- Use UntrustedRegexp for matching refs policy. - +- No changes. ## 11.7.7 (2019-03-19) @@ -2343,7 +2335,7 @@ entry. - Fixed ability to see private groups by users not belonging to given group. -## 11.7.5 (2019-02-06) +## 11.7.5 (2019-02-05) ### Fixed (8 changes) @@ -2582,10 +2574,9 @@ entry. ## 11.6.11 (2019-04-23) -### Security (2 changes) +### Security (1 change) - Fixed ability to see private groups by users not belonging to given group. -- Fix XSS in resolve conflicts form. ### Fixed (2 changes) @@ -2631,6 +2622,13 @@ entry. - Fix leaking private repository information in API. +## 11.6.9 (2019-02-04) + +### Security (1 change) + +- Use sanitized user status message for user popover. + + ## 11.6.8 (2019-01-30) - No changes. @@ -3155,7 +3153,6 @@ entry. - Fix a race condition intermittently breaking GitLab startup. !23028 - Adds margin after a deleted branch name in the activity feed. !23038 - Ignore environment validation failure. !23100 -- Fixes broken borders for reports section in MR widget. - Adds CI favicon back to jobs page. - Redirect to the pipeline builds page when a build is canceled. (Eva Kadlecova) - Fixed diff stats not showing when performance bar is enabled. @@ -3164,12 +3161,13 @@ entry. - Fix bug causing not all emails to show up in commit email selectbox. - Remove duplicate escape in job sidebar. - Fixing styling issues on the scheduled pipelines page. +- Fixes broken test in master. - Renders stuck block when runners are stuck. - Removes extra border from test reports in the merge request widget. +- Fixes broken borders for reports section in MR widget. - Only render link to branch when branch still exists in pipeline page. - Fixed source project not filtering in merge request creation compare form. - Do not reload self on hooks when creating deployment. -- Fixes broken test in master. ### Changed (38 changes, 12 of them are from the community) @@ -9627,4 +9625,3 @@ entry. ## 8.15.8 through 0.8.0 - See [changelogs/archive.md](changelogs/archive.md) - |