12.6.0-ce.0

12.6.0

Security (4 changes)

• Update Rugged to v0.28.4.1. !21869
• Update maven_file_name_regex for full string match.
• Add maven file_name regex validation on incoming files.
• Update Workhorse and Gitaly to fix a security issue.

Removed (1 change)

• Remove downstream pipeline connecting lines. !21196

Fixed (101 changes, 16 of them are from the community)

• Fix delete user dialog bypass caused by hitting enter. !17343
• Fix broken UI on Environment folder. !17427 (Takuya Noguchi)
• Fix award emoji tooltip being escaped twice if multiple people voted. !19273 (Brian T)
• Use cascading deletes for deleting oauth_openid_requests upon deleting an oauth_access_grant. !19617
• Update merging an MR behavior on the API when pipeline fails. !19641 (briankabiro)
• Vertically align collapse button on epic sidebar. !19656
• Fix projects list to show info in user's locale. !20015 (Arun Kumar Mohan)
• Update padding for cluster alert warning. !20036 (George Tsiolis)
• Show correct warning on issue when project is archived. !20078
• Resets aria-describedby on mouseleave. !20092 (carolcarvalhosa)
• Allow patch notes on repo tags page to word wrap. !20135
• Remove Release edit url for users not allowed to update a release. !20136
• Fix group managed accounts members cleanup. !20157
• Epic tree bug fixes. !20209
• Add missing external-link icon for Crossplane managed app. !20283
• Fixes MR approvers tooltip wrong color. !20287 (Dheeraj Joshi)
• Ignore empty MR diffs when migrating to external storage. !20296
• Add link color to design comments. !20302
• Fix graph groups in monitor dashboard that are hidden on load. !20312
• Update Container Registry naming restrictions to allow for sequential '-'. !20318
• Fixed monitor charts from throwing error when zoomed. !20331
• Validate the merge sha before merging, confirming that the merge will only contain what the user saw. !20348
• Change container registry column name from Tag ID to Image ID. !20349
• Fix dropdown location on the monitoring charts. !20400
• Fixed project import from export ignoring namespace selection. !20405
• Backup: Disable setting of ACL for Google uploads. !20407
• Fix documentation link from empty environment dashboard. !20415
• Move persistent_ref.create into run_after_commit. !20422
• Update external link to provider in cluster settings. !20425
• Fix issue trying to edit weight with collapsed sidebar as guest. !20431
• Handle empty stacktrace and entries with no code. !20458
• Refactor the Deployment model so state machine events are used by both CI and the API. !20474
• Guest users should not delete project snippets they created. !20477
• Accept user-defined dashboard uids in Grafana embeds. !20486
• Fix multi select input padding in project and group user select. !20520 (Kevin Lee)
• Use correct fragment identifier for vulnerability help path. !20524
• Fix group search in groups dropdown. !20535
• Fix removing of child epics that belong to subgroups. !20610
• Fix opening Sentry error details in new tab. !20611
• Ensure next unresolved discussion button takes user to the right place. !20620
• Allow Gitlab GKE clusters to access Google Cloud Registry private images. !20662 (Tan Yee Jian)
• Fix cron parsing for Daylight Savings. !20667
• Fix incorrect new branch name from issue. !20677 (Lee Tickett)
• Improve the way the metrics dashboard waits for data. !20687
• Remove destroy_personal_snippet ability. !20717
• Try longer to clean up after using a gpg-keychain and raise exption if the cleanup fails. !20718
• Fix tooltip hovers in environments table. !20737
• Remove DB transaction from Rebase operation. !20739
• Improve UX for vulnerability dismissal note. !20768
• Fix change to default foreground and backgorund colors in job log. !20787
• Display Labels item in sidebar when Issues are disabled. !20817
• Junit success percentage no longer displays 100% if there are failures. !20835
• Ensure to check create_personal_snippet ability. !20838
• Fix a display bug in the fork removal description message. !20843
• Validate unique environment scope for instance clusters. !20886
• Add empty region when group metrics are missing. !20900
• Adjust issue metrics first_mentioned_in_commit_at calculation. !20923
• Update copy on managed namespace prefixes. !20935
• Add protected branch permission check to run downstream pipelines. !20964
• Fix assignee url in issue board sidebar. !20992 (Lee Tickett)
• Retrieve issues from subgroups when rendering group milestone. !21024
• Adds 409 when user cannot be soft deleted through the API. !21037
• Respect the timezone reported from Gitaly. !21066
• Fix Container repositories can not be replicated when s3 is used. !21068
• Remove redundant toast.scss file and variables. !21105
• Respect snippet query params when displaying embed urls. !21131
• Remove action buttons from designs tab if there are no designs. !21186
• Correctly return stripped PGP text. !21187 (Roger Meier)
• Fix error when linking already linked issue to epic. !21213
• Do not attribute unverified commit e-mails to GitLab users. !21214
• Add nonunique indexes to Labels. !21230
• Fix snippet routes. !21248
• Fix Zoom Quick Action server error when creating a GitLab Issue. !21262
• Rename snippet refactored routes. !21267
• Validate connection section in direct upload config. !21270
• Fix pipeline retry in a CI DAG. !21296
• Authenticate runner requests in Rack::Attack. !21311
• Fix top border of README file header in file list. !21314
• Fix forking a deduplicated project after it was moved to a different shard. !21339
• Fix misaligned approval tr. !21368 (Lee Tickett)
• Fix crash registry contains helm charts. !21381
• Web IDE: Fix the console error that happens when discarding a newly added/uploaded file. !21537
• Authenticate requests with job token as basic auth header for request limiting. !21562
• Fix Single-File-Editor-Layout breaking when branch name is too long. !21577 (Roman Kuba)
• Fix top border of README in vue_file_list. !21578 (Hector Bustillos)
• Stage dropdown lists style corrections. !21607 (Hector Bustillos)
• Change commit_id type on commit_user_mentions table. !21651
• Do not clean the prometheus metrics directory for sidekiq. !21671
• !21542 Part 1: Add new utils for Web IDE store. !21673
• Update auto-deploy-image to v0.8.3. !21696
• Match external user new snippet button visibility to permissions. !21718
• Links to design comments now lead to specific note. !21724
• Re-enable the cloud run feature. !21762
• Ensure forks count cache refresh for source project. !21771
• Fix padding on the design comments. !21839
• Fix "Discard all" for new and renamed files. !21854
• Fix project file finder url encoding file path separators. !21861
• Ensure namespace is present for Managed-Cluster-Applications CI template. !21903
• Rename common template jobs in sast and ds. !22084
• Fixed query behind release filter on merge request search page. !38244
• Activate projects Prometheus service integration when Prometheus managed application is installed on shared cluster.

Deprecated (4 changes)

• Drop deprecated column from projects table. !18914
• Limit number of projects displayed in GET /groups/:id API. !20023
• Move operations project routes under - scope. !20456
• Move wiki routing under /-/ scope. !21185

Changed (60 changes, 10 of them are from the community)

• Use better context-specific empty state screens for the Security Dashboards. !18382
• Add evidence collection for Releases. !18874
• Update information and button text for deployment footer. !18918
• Move merge request description into discussions tab. !18940
• Keep details in MR when changing target branch. !19138
• Make internal projects poolable. !19295 (briankabiro)
• Enable support for multiple content query in GraphQL Todo API. !19576
• Allow merge without refresh when new commits are pushed. !19725
• Correct link to Merge trains documentation on MR widget. !19726
• Preserve merge train history. !19864
• Support go-source meta tag for godoc.org. !19888 (Ethan Reesor (@Firelizzard))
• Display a better message when starting a discussion on a deleted comment. !20031 (Jacopo Beschi @jacopo-beschi)
• Add sort param to error tracking issue index. !20101
• Add template repository usage to the usage ping. !20126 (minghuan lei)
• Convert flash epic error to form validation error. !20130
• Add 'download' button to Performance Bar. !20205 (Will Chandler)
• SaaS trial copy shows plan. !20207
• Add rbac access to knative-serving namespace deployments to get knative version information. !20244
• Unlock button changed from Icon to String. !20307
• Upgrade to Gitaly v1.72.0. !20313
• Increase upper limit of start_in attribute to 1 week. !20323 (Will Layton)
• Add CI variable to show when Auto-DevOps is explicitly enabled. !20332
• Hashed Storage attachments migration: exclude files in object storage as they are all hashed already. !20338
• Removes caching for design tab discusisons. !20374
• Fixes to inconsistent margins/sapcing in the project detail page. !20395
• Changes to how the search term is styled in the results. !20416
• Move confidence column in the security dashboard. !20435 (Dheeraj Joshi)
• Upgrade to Gitaly v1.73.0. !20443
• Replacing incorrect icon in security dashboard. !20510
• Rework pod logs navigation scheme. !20578
• Reduce start a trial rocket emoji size. !20579
• Upgrade auto-deploy-image for helm default values file. !20588
• Exposed deployment build manual actions for merge request page. !20615
• Upgrade to Gitaly v1.74.0. !20706
• Fetches initial merge request widget data async. !20719
• Add service desk information to project graphQL endpoint. !20722
• Add admin mode controller path to Rack::Attack defaults. !20735 (Diego Louzán)
• Add more filters to SnippetsFinder. !20767
• Clean up the ...

12.4.2-ce.0

Merge pull request #24 from pozgo/develop

12.4.2-ce.0

12.0.2-ce.0

Merge pull request #23 from pozgo/develop

Updated to 12.0.2

11.10.1-ce.0

Merge pull request #22 from pozgo/develop

11.10.1-ce0

11.8.0-ce.0

11.8.0 (2019-02-22)

Security (7 changes, 1 of them is from the community)

• Sanitize user full name to clean up any URL to prevent mail clients from auto-linking URLs. !2793
• Update Helm to 2.12.2 to address Helm client vulnerability. !24418 (Takuya Noguchi)
• Use sanitized user status message for user popover.
• Validate bundle files before unpacking them.
• Alias GitHub and BitBucket OAuth2 callback URLs.
• Fixed XSS content in KaTex links.
• Disallows unauthorized users from accessing the pipelines section.

Removed (2 changes, 1 of them is from the community)

• Removed deprecated Redcarpet markdown engine.
• Remove Cancel all jobs button in general jobs list view. (Jordi Llull)

Fixed (84 changes, 20 of them are from the community)

• Fix ambiguous brackets in task lists. !18514 (Jared Deckard [email protected])
• Fix lost line number when navigating to a specific line in a protected file before authenticating. !19165 (Scott Escue)
• Fix suboptimal handling of checkbox and radio input events causing group general settings submit button to stay disabled after changing its visibility. !23022
• Fix upcoming milestones filter not including group milestones. !23098 (Heinrich Lee Yu)
• Update runner admin page to make description field larger. !23593 (Sascha Reynolds)
• Fix Bitbucket Server import not allowing personal projects. !23601
• Fix bug causing repository mirror settings UI to break. !23712
• Fix foreground color for labels to ensure consistency of label appearance. !23873 (Nathan Friend)
• Resolve In Merge Request diff screen, master is not a hyperlink. !23874
• Show the correct error page when access is denied. !23932
• Increase reliability and performance of toggling task items. !23938
• Modify file restore to rectify tar issue. !24000
• Fix default visibility_level for new projects. !24120 (Fabian Schneider @fabsrc)
• Footnotes now render properly in markdown. !24168
• Emoji and cancel button are taller than input in set user status modal. !24173 (Dhiraj Bodicherla)
• Adjusts duplicated line when commenting on unfolded diff lines (in the bottom). !24201
• Adjust height of "Add list" dropdown in issue boards. !24227
• Improves restriction of multiple Kubernetes clusters through API. !24251
• Fix files/blob api endpoints content disposition. !24267
• Cleanup stale +deleted repo paths on project removal (adjusts project removal bug). !24269
• Handle regular job dependencies next to parallelized job dependencies. !24273
• Proper align Projects dropdown on issue boards page. !24277 (Johann Hubert Sonntagbauer)
• Resolve When merging an MR, the squash checkbox isnt always supported. !24296
• Fix Bitbucket Server importer error handling. !24343
• Fix syntax highlighting for suggested changes preview. !24358
• API: Support dots in wiki slugs. !24383 (Robert Schilling)
• Show CI artifact file size with 3 significant digits on 'browse job artifacts' page. !24387
• API: Support username with dots. !24395 (Robert Schilling)
• API: Fix default_branch_protection admin setting. !24398 (Robert Schilling)
• Remove unwanted margin above suggested changes. !24419
• Prevent checking protected_ref? for ambiguous refs. !24437
• Update metrics environment dropdown to show complete option set. !24441
• Fix empty labels of CI builds for gitlab-pages on pipeline page. !24451
• Do not run spam checks on confidential issues. !24453
• Upgrade KaTeX to version 0.10.0. !24478 (Andrew Harmon)
• Avoid overwriting default jaeger values with nil. !24482
• Display SAML failure messages instead of expecting CSRF token. !24509
• Adjust vertical alignment for project visibility icons. !24511 (Martin Hobert)
• Load initUserInternalRegexPlaceholder only when required. !24522
• Hashed Storage: AfterRenameService was receiving the wrong old_path under some circunstances. !24526
• Resolve Runners IPv6 address overlaps other values. !24531
• Fix 404s with snippet uploads in object storage. !24550
• Fixed oversized custom project notification selector dropdown. !24557
• Allow users with full private access to read private personal snippets. !24560
• Resolve Pipeline stages job action button icon is not aligned. !24577
• Fix cluster page non-interactive on form validation error. !24583
• Fix 404s for snippet uploads when relative URL root used. !24588
• Fix markdown table border. !24601
• Fix CSS grid on a new Project/Group Milestone. !24614 (Takuya Noguchi)
• Prevent unload when Recaptcha is open. !24625
• Clean up unicorn sampler metric labels. !24626 (bjk-gitlab)
• Support bamboo api polymorphism. !24680 (Alex Lossent)
• Ensure Cert Manager works with Auto DevOps URLs greater than 64 bytes. !24683
• Fix failed LDAP logins when nil user_id present. !24749
• fix display comment avatars issue in IE 11. !24777 (Gokhan Apaydin)
• Fix template labels not being created on new projects. !24803
• Fix cluster installation processing spinner. !24814
• Append prioritized label before pagination. !24815
• Resolve UI bug adding group members with lower permissions. !24820
• Make ActionController::Parameters serializable for sidekiq jobs. !24864
• Fix Jira Service password validation on project integration services. !24896 (Daniel Juarez)
• Fix potential Addressable::URI::InvalidURIError. !24908
• Update Workhorse to v8.2.0. !24909
• Encode Content-Disposition filenames. !24919
• Avoid race conditions when creating GpgSignature. !24939
• Create the source branch for a GitHub import. !25064
• Fix suggested changes syntax highlighting. !25116
• Fix counts in milestones dashboard. !25230
• Fixes incorrect TLD validation errors for Kubernetes cluster domain. !25262
• Fix 403 errors when adding an assignee list in project boards. !25263
• Prevent Auto DevOps from trying to deploy without a domain name. !25308
• Fix uninitialized constant with GitLab Pages.
• Increase line height of project summaries. (gfyoung)
• Remove extra space between MR tab bar and sticky file headers.
• Correct spacing for comparison page.
• Update CI YAML param table with include.
• Return bottom border on MR Tabs.
• Fixes z-index and margins of archived alert in job page.
• Fixes archived sticky top bar without perfomance bar.
• Fixed rebase button not showing in merge request widget.
• Fixed double tooltips on note awards buttons.
• Allow suggestions to be copied and pasted as GFM.
• Fix bug that caused Suggestion Markdown toolbar button to insert snippet with leading +/-/.
• Moved primary button for labels to follow the design patterns used on rest of the site. (Martin Hobert)

Changed (37 changes, 11 of them are from the community)

• Change spawning of tooltips to be top by default. !21223
• Standardize filter value capitlization in filter bar in both issues and boards pages. !23846 (obahareth)
• Refresh group overview to match project overview. !23866
• Build number does not need to be tweaked anymore for the TeamCity integration to work properly. !23898
• Added empty project illustration and updated text to user profile overview. !23973 (Fernando Arias)
• Modified Knative list view to provide more details. !24072 (Chris Baumbauer)
• Move cancel & new issue button on job page. !24074
• Make issuable empty states actionable. !24077
• Fix code search when text is larger than max gRPC message size. !24111
• Update string structure for available group runners. !24187 (George Tsiolis)
• Remove multilingual translation from the word "in" in the job details sidebar. !24192 (Nathan Friend)
• Fix duplicate project disk path in BackfillLegacyProjectRepositories. !24213
• Ensured links to a comment or system note anchor resolves to the right note if a user has a discussion filter. !24228
• Remove expansion hover animation from pipeline status icon buttons. !24268 (Nathan Friend)
• Redesigned related merge requests in issue page. !24270
• Return the maximum group access level in the projects API. !24403
• Update project topics styling to use badges design. !24415
• Display "commented" only for commit discussions on merge requests. !24427
• Upgrade js-regex gem to version 3.1. !24433 (rroger)
• Prevent Sidekiq arguments over 10 KB in size from being logged to JSON. !24493
• Added Avatar in the settings sidebar. !24515 (Yoginth)
• Refresh empty states for profile page tabs. !24549
• remove red/green colors from diff view of no-color syntax theme. !24582 (khm)
• Get remote IP address of runner. !24624
• Update last_activity_on for Users on some main GET endpoints. !24642
• Update metrics dashboard graph design. !24653
• Update to GitLab SVG icon from Font Awesome in profile for location and work. !24671 (Yoginth)
• Add template for Android with Fastlane. !24722
• Display timestamps to messages printed by gitlab:backup:restore rake tasks. (Will Chandler)
• Show MR statistics in diff comparisons.
• Make possible to toggle file tree while scrolling through diffs.
• Use delete instead of remove when referring to git branch -D.
• Add folder header to files in merge request tree list.
• Added fuzzy file finder to merge requests.
• Collapse directory structure in merge request file tree.
• Adds skeleton loading to releases page.
• Support multiple outputs in jupyter notebooks.

Performance (8 changes, 1 of them is from the community)

• Remove unused button classes btn-create and comment-btn. !23232 (George Tsiolis)
• [API] Omit X-Total and X-Total-Pages headers when items count is more than 10,000. !23931
• Improve efficiency of GitHub importer by reducing amount of locks needed. !24102
• Improve milestone queries using subqueries instead of separate queries for ids. !24325
• Efficiently remove expired artifacts in ExpireBuildArtifactsWorker. !24450
• Eliminate N+1 queries in /api/groups/:id. !24513
• Use deployment relation to get an environment name. !24890
• Do not reload daemon if confi...

11.7.5-ce.0

11.7.5 (2019-02-06)

Fixed (8 changes)

• Fix import handling errors in Bitbucket Server importer. !24499
• Adjusts suggestions unable to be applied. !24603
• Fix 500 errors with legacy appearance logos. !24615
• Fix form functionality for edit tag page. !24645
• Update Workhorse to v8.0.2. !24870
• Downcase aliased OAuth2 callback providers. !24877
• Fix Detect Host Keys not working. !24884
• Changed external wiki query method to prevent attribute caching. !24907

11.7.2-ce.0

11.7.2 (2019-01-29)

Fixed (1 change)

• Fix uninitialized constant with GitLab Pages.

11.7.1-ce.0

11.7.1 (2019-01-28)

Security (24 changes)

• Make potentially malicious links more visible in the UI and scrub RTLO chars from links. !2770
• Don't process MR refs for guests in the notes. !2771
• Sanitize user full name to clean up any URL to prevent mail clients from auto-linking URLs. !2828
• Fixed XSS content in KaTex links.
• Disallows unauthorized users from accessing the pipelines section.
• Verify that LFS upload requests are genuine.
• Extract GitLab Pages using RubyZip.
• Prevent awarding emojis to notes whose parent is not visible to user.
• Prevent unauthorized replies when discussion is locked or confidential.
• Disable git v2 protocol temporarily.
• Fix showing ci status for guest users when public pipline are not set.
• Fix contributed projects info still visible when user enable private profile.
• Add subresources removal to member destroy service.
• Add more LFS validations to prevent forgery.
• Use common error for unauthenticated users when creating issues.
• Fix slow regex in project reference pattern.
• Fix private user email being visible in push (and tag push) webhooks.
• Fix wiki access rights when external wiki is enabled.
• Group guests are no longer able to see merge requests they don't have access to at group level.
• Fix path disclosure on project import error.
• Restrict project import visibility based on its group.
• Expose CI/CD trigger token only to the trigger owner.
• Notify only users who can access the project on project move.
• Alias GitHub and BitBucket OAuth2 callback URLs.

11.7.0-ce.0

11.7.0 (2019-01-22)

Security (14 changes, 1 of them is from the community)

• Escape label and milestone titles to prevent XSS in GFM autocomplete. !2693
• Bump Ruby on Rails to 5.0.7.1. !23396 (@blackst0ne)
• Delete confidential todos for user when downgraded to Guest.
• Project guests no longer are able to see refs page.
• Set URL rel attribute for broken URLs.
• Prevent leaking protected variables for ambiguous refs.
• Authorize before reading job information via API.
• Allow changing group CI/CD settings only for owners.
• Fix SSRF with import_url and remote mirror url.
• Don't expose cross project repositories through diffs when creating merge reqeusts.
• Validate bundle files before unpacking them.
• Issuable no longer is visible to users when project can't be viewed.
• Escape html entities in LabelReferenceFilter when no label found.
• Prevent private snippets from being embeddable.

Removed (3 changes, 1 of them is from the community)

• Removes all instances of deprecated Gitlab Upgrader calls. !23603 (@jwolen)
• Removed discard draft comment button form notes. !24185
• Remove migration to backfill project_repositories for legacy storage projects. !24299

Fixed (42 changes, 7 of them are from the community)

• Prevent awards emoji being updated when updating status. !23470
• Allow merge after rebase without page refresh on FF repositories. !23572
• Prevent admins from attempting hashed storage migration on read only DB. !23597
• Correct the ordering of metrics on the performance dashboard. !23630
• Display empty files properly on MR diffs. !23671 (Sean Nichols)
• Allow GitHub imports via token even if OAuth2 provider not configured. !23703
• Update header navigation theme colors. !23734 (George Tsiolis)
• Fix login box bottom margins on signin page. !23739 (@GEAR54)
• Return an ApplicationSetting in CurrentSettings. !23766
• Fix bug commenting on LFS images. !23812
• Only prompt user once when navigating away from file editor. !23820 (Sam Bigelow)
• Display commit ID for discussions made on merge request commits. !23837
• Stop autofocusing on diff comment after initial mount. !23849
• Fix object storage not working properly with Google S3 compatibility. !23858
• Fix project calendar feed when sorted by priority. !23870
• Fix edit button disappearing in issue title. !23948 (Ruben Moya)
• Aligns build loader animation with the job log. !23959
• Allow 'rake gitlab:cleanup:remote_upload_files' to read bucket files without having permissions to see all buckets. !23981
• Correctly externalize pipeline tags. !24028
• Fix error when creating labels in a new issue in the boards page. !24039 (Ruben Moya)
• Use 'parsePikadayDate' to parse due date string. !24045
• Fix commit SHA not showing in merge request compare dropdown. !24084
• Remove top margin in modal header titles. !24108
• Drop Webhooks from project import/export config. !24121
• Only validate project visibility when it has changed. !24142
• Resolve About this feature link should open in new window. !24149
• Add syntax highlighting to suggestion diff. !24156
• Fix Bitbucket Server import only including first 25 pull requests. !24178
• Enable caching for records which primary key is not id. !24245
• Adjust applied suggestion reverting previous changes. !24250
• Fix unexpected exception by failure of finding an actual head pipeline. !24257
• Fix broken templated "Too many changes to show" text. !24282
• Fix requests profiler in admin page not rendering HTML properly. !24291
• Fix no avatar not showing in user selection box. !24346
• Upgrade to gitaly 1.12.1. !24361
• Fix runner eternal loop when update job result. !24481
• Fix notification email for image diff notes.
• Fixed merge request diffs empty states.
• Fixed diff suggestions removing dashes.
• Don't hide CI dropdown behind diff summary. (gfyoung)
• Fix spacing on discussions.
• Fixes missing margin in releases block.

Changed (22 changes, 8 of them are from the community)

• Show clusters of ancestors in cluster list page. !22996
• Remove unnecessary line before reply holder. !23092 (George Tsiolis)
• Make the Pages permission setting more clear. !23146
• Disable merging of labels with same names. !23265
• Allow basic authentication on go get middleware. !23497 (Morty Choi @mortyccp)
• No longer require email subaddressing for issue creation by email. !23523
• Adjust padding of .dropdown-title to comply with design specs. !23546
• Make commit IDs in merge request discussion header monospace. !23562
• Update environments breadcrumb. !23751 (George Tsiolis)
• Add date range in milestone change email notifications. !23762
• Require Knative to be installed only on an RBAC kubernetes cluster. !23807 (Chris Baumbauer)
• Fix label and header styles in the job details sidebar. !23816 (Nathan Friend)
• Add % prefix to milestone reference links. !23928
• Reorder sidebar menu item for group clusters. !24001 (George Tsiolis)
• Support CURD operation for Links as one of the Release assets. !24056
• Upgrade Omniauth and JWT gems to switch away from Google+ API. !24068
• Renames Milestone sort into Milestone due date. !24080 (Jacopo Beschi @jacopo-beschi)
• Discussion filter only displayed in discussions tab for merge requests. !24082
• Make RBAC enabled default for new clusters. !24119
• Hashed Storage: Only set as read_only when starting the per-project migration. !24128
• Knative version bump 0.1.3 -> 0.2.2. (Chris Baumbauer)
• Show message on non-diff discussions.

Performance (7 changes)

• Fix some N+1 queries related to Admin Dashboard, User Dashboards and Activity Stream. !23034
• Add indexes to speed up CI query. !23188
• Improve the loading time on merge request's discussion page by caching diff highlight. !23857
• Cache avatar URLs and paths within a request. !23950
• Improve snippet search performance by removing duplicate counts. !23952
• Skip per-commit validations already evaluated. !23984
• Fix timeout issues retrieving branches via API. !24034

Added (29 changes, 6 of them are from the community)

• Handle ci.skip push option. !15643 (Jonathon Reinhart)
• Add NGINX 0.16.0 and above metrics. !22133
• Add project milestone link. !22552
• Support tls communication in gitaly. !22602
• Add option to make ci variables protected by default. !22744 (Alexis Reigel)
• Add project identifier as List-Id email Header to ease filtering. !22817 (Olivier Crête)
• Add markdown helper buttons to file editor. !23480
• Allow to include templates in gitlab-ci.yml. !23495
• Extend override check to also check arity. !23498 (Jacopo Beschi @jacopo-beschi)
• Add importing of issues from CSV file. !23532
• Add submit feedback link to help dropdown. !23547
• Send a notification email to project maintainers when a mirror update fails. !23595
• Restore Object Pools when restoring an object pool. !23682
• Creates component for release block. !23697
• Configure Auto DevOps deployed applications with secrets from prefixed CI variables. !23719
• Add name, author_id, and sha to releases table. !23763
• Display a list of Sentry Issues in GitLab. !23770
• Releases API. !23795
• Creates frontend app for releases. !23796
• Add new pipeline variable CI_COMMIT_SHORT_SHA. !23822
• Create system notes on issue / MR creation when labels, milestone, or due date is set. !23859
• Adds API documentation for releases. !23901
• Add API Support for Kubernetes integration. !23922
• Expose CI/CD predefined variable CI_API_V4_URL. !23936
• Add Knative metrics to Prometheus. !23972 (Chris Baumbauer)
• Use reports syntax for Dependency scanning in Auto DevOps. !24081
• Allow to include files from another projects in gitlab-ci.yml. !24101
• User Popovers for Commit Infos, Member Lists and Snippets. !24132
• Add no-color theme for syntax highlighting. (khm)

Other (45 changes, 30 of them are from the community)

• Redesign project lists UI. !22682
• [Rails5.1] Update functional specs to use new keyword format. !23095 (@blackst0ne)
• Update a condition to visibility a merge request collaboration message. !23104 (Harry Kiselev)
• Remove framework/mobile.scss. !23301 (Takuya Noguchi)
• Passing the separator argument as a positional parameter is deprecated. !23334 (Jasper Maes)
• Clarifies docs about CI allow_failure. !23367 (C.J. Jameson)
• Refactor issuable sidebar to use serializer. !23379
• Refactor the logic of updating head pipelines for merge requests. !23502
• Allow user to add Kubernetes cluster for clusterable when there are ancestor clusters. !23569
• Adds explanatory text to input fields on user profile settings page. !23673
• Externalize strings from /app/views/shared/notes. !23696 (Tao Wang)
• Remove rails 4 support in CI, Gemfiles, bin/ and config/. !23717 (Jasper Maes)
• Fix calendar events fetching error on private profile page. !23718 (Harry Kiselev)
• Update GitLab Workhorse to v8.0.0. !23740
• Hide confidential events in the API. !23746
• Changed Userpopover Fixtures and shadow color. !23768
• Fix deprecation: Passing conditions to delete_all is deprecated. !23817 (Jasper Maes)
• Fix deprecation: Passing ActiveRecord::Base objects to sanitize_sql_hash_for_assignment. !23818 (Jasper Maes)
• Remove rails4 specific code. !23847 (Jasper Maes)
• Remove deprecated ActionDispatch::ParamsParser. !23848 (Jasper Maes)
• Fix deprecation: Comparing equality between ActionController::Parameters and a Hash is deprecated. !23855 (Jasper Maes)
• Fix deprecation: Directly inheriting from ActiveRecord::Migration is deprecated. !23884 (Jasper Maes)
• Fix deprecation: alias_method_chain is deprecated. Please, use Module#prepend instead. !23887 (Jasper Maes)
• Update specs to exclude possible false positive pass. !23893 (@blackst0ne)
• Passing an argument to force an association to reload is now deprecated. !23894 (Jasper Maes)
• ActiveRecord::Migr...

11.6.5-ce.0

11.6.5 (2019-01-17)

Fixed (5 changes)

• Add syntax highlighting to suggestion diff. !24156
• Fix broken templated "Too many changes to show" text. !24282
• Fix requests profiler in admin page not rendering HTML properly. !24291
• Fix no avatar not showing in user selection box. !24346
• Fixed diff suggestions removing dashes.