**Note:** This file is automatically generated. Please see the [developer documentation](doc/development/changelog.md) for instructions on adding your own entry. ## 8.14.2 (2016-12-01) - Remove caching of events data. !6578 - Rephrase some system notes to be compatible with new system note style. !7692 - Pass tag SHA to post-receive hook when tag is created via UI. !7700 - Prevent error when submitting a merge request and pipeline is not defined. !7707 - Fixes system note style in commit discussion. !7721 - Use a Redis lease for updating authorized projects. !7733 - Refactor JiraService by moving code out of JiraService#execute method. !7756 - Update GitLab Workhorse to v1.0.1. !7759 - Fix pipelines info being hidden in merge request widget. !7808 - Fixed commit timeago not rendering after initial page. - Fix for error thrown in cycle analytics events if build has not started. - Fixed issue boards issue sorting when dragging issue into list. - Allow access to the wiki with git when repository feature disabled. - Fixed timeago not rendering when resolving a discussion. - Update Sidekiq-cron to fix compatibility issues with Sidekiq 4.2.1. - Timeout creating and viewing merge request for binary file. - Gracefully recover from Redis connection failures in Sidekiq initializer. ## 8.14.1 (2016-11-28) - Fix deselecting calendar days on contribution graph. !6453 (ClemMakesApps) - Update grape entity to 0.6.0. !7491 - If Build running change accept merge request when build succeeds button from orange to blue. !7577 - Changed import sources buttons to checkboxes. !7598 (Luke "Jared" Bennett) - Last minute CI Style tweaks for 8.14. !7643 - Fix exceptions when loading build trace. !7658 - Fix wrong template rendered when CI/CD settings aren't update successfully. !7665 - fixes last_deployment call environment is nil. !7671 - Sort builds by name within pipeline graph. !7681 - Correctly determine mergeability of MR with no discussions. - Sidekiq stats in the admin area will now show correctly on different platforms. (blackst0ne) - Fixed issue boards dragging card removing random issues. - Fix information disclosure in `Projects::BlobController#update`. - Fix missing access checks on issue lookup using IssuableFinder. - Replace issue access checks with use of IssuableFinder. - Non members cannot create labels through the API. - Fix cycle analytics plan stage when commits are missing. ## 8.14.0 (2016-11-22) - Use separate email-token for incoming email and revert back the inactive feature. !5914 - API: allow recursive tree request. !6088 (Rebeca Mendez) - Replace jQuery.timeago with timeago.js. !6274 (ClemMakesApps) - Add CI notifications. Who triggered a pipeline would receive an email after the pipeline is succeeded or failed. Users could also update notification settings accordingly. !6342 - Add button to delete all merged branches. !6449 (Toon Claes) - Finer-grained Git gargage collection. !6588 - Introduce better credential and error checking to `rake gitlab:ldap:check`. !6601 - Centralize LDAP config/filter logic. !6606 - Make system notes less intrusive. !6755 - Process commits using a dedicated Sidekiq worker. !6802 - Show random messages when the To Do list is empty. !6818 (Josep Llaneras) - Precalculate user's authorized projects in database. !6839 - Fix record not found error on NewNoteWorker processing. !6863 (Oswaldo Ferreira) - Show avatars in mention dropdown. !6865 - Fix expanding a collapsed diff when converting a symlink to a regular file. !6953 - Defer saving project services to the database if there are no user changes. !6958 - Omniauth auto link LDAP user falls back to find by DN when user cannot be found by UID. !7002 - Display "folders" for environments. !7015 - Make it possible to trigger builds from webhooks. !7022 (Dmitry Poray) - Fix showing pipeline status for a given commit from correct branch. !7034 - Add link to build pipeline within individual build pages. !7082 - Add api endpoint `/groups/owned`. !7103 (Borja Aparicio) - Add query param to filter users by external & blocked type. !7109 (Yatish Mehta) - Issues atom feed url reflect filters on dashboard. !7114 (Lucas Deschamps) - Add setting to only allow merge requests to be merged when all discussions are resolved. !7125 (Rodolfo Arruda) - Remove an extra leading space from diff paste data. !7133 (Hiroyuki Sato) - Fix trace patching feature - update the updated_at value. !7146 - Fix 404 on network page when entering non-existent git revision. !7172 (Hiroyuki Sato) - Rewrite git blame spinach feature tests to rspec feature tests. !7197 (Lisanne Fellinger) - Add api endpoint for creating a pipeline. !7209 (Ido Leibovich) - Allow users to subscribe to group labels. !7215 - Reduce API calls needed when importing issues and pull requests from GitHub. !7241 (Andrew Smith (EspadaV8)) - Only skip group when it's actually a group in the "Share with group" select. !7262 - Introduce round-robin project creation to spread load over multiple shards. !7266 - Ensure merge request's "remove branch" accessors return booleans. !7267 - Fix no "Register" tab if ldap auth is enabled (#24038). !7274 (Luc Didry) - Expose label IDs in API. !7275 (Rares Sfirlogea) - Fix invalid filename validation on eslint. !7281 - API: Ability to retrieve version information. !7286 (Robert Schilling) - Added ability to throttle Sidekiq Jobs. !7292 - Set default Sidekiq retries to 3. !7294 - Fix double event and ajax request call on MR page. !7298 (YarNayar) - Unify anchor link format for MR diff files. !7298 (YarNayar) - Require projects before creating milestone. !7301 (gfyoung) - Fix error when using invalid branch name when creating a new pipeline. !7324 - Return 400 when creating a system hook fails. !7350 (Robert Schilling) - Auto-close environment when branch is deleted. !7355 - Rework cache invalidation so only changed data is refreshed. !7360 - Navigation bar issuables counters reflects dashboard issuables counters. !7368 (Lucas Deschamps) - Fix cache for commit status in commits list to respect branches. !7372 - fixes 500 error on project show when user is not logged in and project is still empty. !7376 - Removed gray button styling from todo buttons in sidebars. !7387 - Fix project records with invalid visibility_level values. !7391 - Use 'Forking in progress' title when appropriate. !7394 (Philip Karpiak) - Fix error links in help index page. !7396 (Fu Xu) - Add support for reply-by-email when the email only contains HTML. !7397 - [Fix] Extra divider issue in dropdown. !7398 - Project download buttons always show. !7405 (Philip Karpiak) - Give search-input correct padding-right value. !7407 (Philip Karpiak) - Remove additional padding on right-aligned items in MR widget. !7411 (Didem Acet) - Fix issue causing Labels not to appear in sidebar on MR page. !7416 (Alex Sanford) - Allow mail_room idle_timeout option to be configurable. !7423 - Fix misaligned buttons on admin builds page. !7424 (Didem Acet) - Disable "Request Access" functionality by default for new projects and groups. !7425 - fix shibboleth misconfigurations resulting in authentication bypass. !7428 - Added Mattermost slash command. !7438 - Allow to connect Chat account with GitLab. !7450 - Make New Group form respect default visibility application setting. !7454 (Jacopo Beschi @jacopo-beschi) - Fix Error 500 when creating a merge request that contains an image that was deleted and added. !7457 - Fix labels API by adding missing current_user parameter. !7458 (Francesco Coda Zabetta) - Changed restricted visibility admin buttons to checkboxes. !7463 - Send credentials (currently for registry only) with build data to GitLab Runner. !7474 - Fix POST /internal/allowed to cope with gitlab-shell v4.0.0 project paths. !7480 - Adds es6-promise Polyfill. !7482 - Added colored labels to related MR list. !7486 (Didem Acet) - Use setter for key instead AR callback. !7488 (Semyon Pupkov) - Limit labels returned for a specific project as an administrator. !7496 - Change slack notification comment link. !7498 (Herbert Kagumba) - Allow registering users whose username contains dots. !7500 (Timothy Andrew) - Fix race condition during group deletion and remove stale records present due to this bug. !7528 (Timothy Andrew) - Check all namespaces on validation of new username. !7537 - Pass correct tag target to post-receive hook when creating tag via UI. !7556 - Add help message for configuring Mattermost slash commands. !7558 - Fix typo in Build page JavaScript. !7563 (winniehell) - Make job script a required configuration entry. !7566 - Fix errors happening when source branch of merge request is removed and then restored. !7568 - Fix a wrong "The build for this merge request failed" message. !7579 - Fix Margins look weird in Project page with pinned sidebar in project stats bar. !7580 - Fix regression causing bad error message to appear on Merge Request form. !7599 (Alex Sanford) - Fix activity page endless scroll on large viewports. !7608 - Fix 404 on some group pages when name contains dot. !7614 - Do not create a new TODO when failed build is allowed to fail. !7618 - Add deployment command to ChatOps. !7619 - Fix 500 error when group name ends with git. !7630 - Fix undefined error in CI linter. !7650 - Show events per stage on Cycle Analytics page. !23449 - Add JIRA remotelinks and prevent duplicated closing messages. - Fixed issue boards counter border when unauthorized. - Add placeholder for the example text for custom hex color on label creation popup. (Luis Alonso Chavez Armendariz) - Add an index for project_id in project_import_data to improve performance. - Fix broken commits search. - Assignee dropdown now searches author of issue or merge request. - Clicking "force remove source branch" label now toggles the checkbox again. - More aggressively preload on merge request and issue index pages. - Fix broken link to observatory cli on Frontend Dev Guide. (Sam Rose) - Fixing the issue of the project fork url giving 500 when not signed instead of being redirected to sign in page. (Cagdas Gerede) - Fix: Guest sees some repository details and gets 404. - Add logging for rack attack events to production.log. - Add environment info to builds page. - Allow commit note to be visible if repo is visible. - Bump omniauth-gitlab to 1.0.2 to fix incompatibility with omniauth-oauth2. - Redesign pipelines page. - Faster search inside Project. - Search for a filename in a project. - Allow sorting groups in the API. - Fix: Todos Filter Shows All Users. - Use the Gitlab Workhorse HTTP header in the admin dashboard. (Chris Wright) - Fixed multiple requests sent when opening dropdowns. - Added permissions per stage to cycle analytics endpoint. - Fix project Visibility Level selector not using default values. - Add events per stage to cycle analytics. - Allow to test JIRA service settings without having a repository. - Fix JIRA references for project snippets. - Allow enabling and disabling commit and MR events for JIRA. - simplify url generation. (Jarka Kadlecova) - Show correct environment log in admin/logs (@duk3luk3 !7191) - Fix Milestone dropdown not stay selected for `Upcoming` and `No Milestone` option !7117 - Diff collapse won't shift when collapsing. - Backups do not fail anymore when using tar on annex and custom_hooks only. !5814 - Adds user project membership expired event to clarify why user was removed (Callum Dryden) - Trim leading and trailing whitespace on project_path (Linus Thiel) - Prevent award emoji via notes for issues/MRs authored by user (barthc) - Adds support for the `token` attribute in project hooks API (Gauvain Pocentek) - Change auto selection behaviour of emoji and slash commands to be more UX/Type friendly (Yann Gravrand) - Adds an optional path parameter to the Commits API to filter commits by path (Luis HGO) - Fix Markdown styling inside reference links (Jan Zdráhal) - Create new issue board list after creating a new label - Fix extra space on Build sidebar on Firefox !7060 - Fail gracefully when creating merge request with non-existing branch (alexsanford) - Fix mobile layout issues in admin user overview page !7087 - Fix HipChat notifications rendering (airatshigapov, eisnerd) - Removed unneeded "Builds" and "Environments" link from project titles - Remove 'Edit' button from wiki edit view !7143 (Hiroyuki Sato) - Cleaned up global namespace JS !19661 (Jose Ivan Vargas) - Refactor Jira service to use jira-ruby gem - Improved todos empty state - Add hover to trash icon in notes !7008 (blackst0ne) - Hides project activity tabs when features are disabled - Only show one error message for an invalid email !5905 (lycoperdon) - Added guide describing how to upgrade PostgreSQL using Slony - Fix sidekiq stats in admin area (blackst0ne) - Added label description as tooltip to issue board list title - Created cycle analytics bundle JavaScript file - Make the milestone page more responsive (yury-n) - Hides container registry when repository is disabled - API: Fix booleans not recognized as such when using the `to_boolean` helper - Removed delete branch tooltip !6954 - Stop unauthorized users dragging on milestone page (blackst0ne) - Restore issue boards welcome message when a project is created !6899 - Check that JavaScript file names match convention !7238 (winniehell) - Do not show tooltip for active element !7105 (winniehell) - Escape ref and path for relative links !6050 (winniehell) - Fixed link typo on /help/ui to Alerts section. !6915 (Sam Rose) - Fix broken issue/merge request links in JIRA comments. !6143 (Brian Kintz) - Fix filtering of milestones with quotes in title (airatshigapov) - Fix issue boards dragging bug in Safari - Refactor less readable existance checking code from CoffeeScript !6289 (jlogandavison) - Update mail_room and enable sentinel support to Reply By Email (!7101) - Add task completion status in Issues and Merge Requests tabs: "X of Y tasks completed" (!6527, @gmesalazar) - Simpler arguments passed to named_route on toggle_award_url helper method - Fix typo in framework css class. !7086 (Daniel Voogsgerd) - New issue board list dropdown stays open after adding a new list - Fix: Backup restore doesn't clear cache - Optimize Event queries by removing default order - Add new icon for skipped builds - Show created icon in pipeline mini-graph - Remove duplicate links from sidebar - API: Fix project deploy keys 400 and 500 errors when adding an existing key. !6784 (Joshua Welsh) - Add Rake task to create/repair GitLab Shell hooks symlinks !5634 - Add job for removal of unreferenced LFS objects from both the database and the filesystem (Frank Groeneveld) - Replace jquery.cookie plugin with js.cookie !7085 - Use MergeRequestsClosingIssues cache data on Issue#closed_by_merge_requests method - Fix Sign in page 'Forgot your password?' link overlaps on medium-large screens - Show full status link on MR & commit pipelines - Fix documents and comments on Build API `scope` - Initialize Sidekiq with the list of queues used by GitLab - Refactor email, use setter method instead AR callbacks for email attribute (Semyon Pupkov) - Shortened merge request modal to let clipboard button not overlap - Adds JavaScript validation for group path editing field - In all filterable drop downs, put input field in focus only after load is complete (Ido @leibo) - Improve search query parameter naming in /admin/users !7115 (YarNayar) - Fix table pagination to be responsive - Fix applying GitHub-imported labels when importing job is interrupted - Allow to search for user by secondary email address in the admin interface(/admin/users) !7115 (YarNayar) - Updated commit SHA styling on the branches page. - Fix "Without projects" filter. !6611 (Ben Bodenmiller) - Fix 404 when visit /projects page ## 8.13.7 (2016-11-28) - fixes 500 error on project show when user is not logged in and project is still empty. !7376 - Update grape entity to 0.6.0. !7491 - Fix information disclosure in `Projects::BlobController#update`. - Fix missing access checks on issue lookup using IssuableFinder. - Replace issue access checks with use of IssuableFinder. - Non members cannot create labels through the API. ## 8.13.6 (2016-11-17) - Omniauth auto link LDAP user falls back to find by DN when user cannot be found by UID. !7002 - Fix Milestone dropdown not stay selected for `Upcoming` and `No Milestone` option. !7117 - Fix relative links in Markdown wiki when displayed in "Project" tab. !7218 - Fix no "Register" tab if ldap auth is enabled (#24038). !7274 (Luc Didry) - Fix cache for commit status in commits list to respect branches. !7372 - Fix issue causing Labels not to appear in sidebar on MR page. !7416 (Alex Sanford) - Limit labels returned for a specific project as an administrator. !7496 - Clicking "force remove source branch" label now toggles the checkbox again. - Allow commit note to be visible if repo is visible. - Fix project Visibility Level selector not using default values. ## 8.13.5 (2016-11-08) - Restore unauthenticated access to public container registries - Fix showing pipeline status for a given commit from correct branch. !7034 - Only skip group when it's actually a group in the "Share with group" select. !7262 - Introduce round-robin project creation to spread load over multiple shards. !7266 - Ensure merge request's "remove branch" accessors return booleans. !7267 - Ensure external users are not able to clone disabled repositories. - Fix XSS issue in Markdown autolinker. - Respect event visibility in Gitlab::ContributionsCalendar. - Honour issue and merge request visibility in their respective finders. - Disable reference Markdown for unavailable features. - Fix lightweight tags not processed correctly by GitTagPushService. !6532 - Allow owners to fetch source code in CI builds. !6943 - Return conflict error in label API when title is taken by group label. !7014 - Reduce the overhead to calculate number of open/closed issues and merge requests within the group or project. !7123 - Fix builds tab visibility. !7178 - Fix project features default values. !7181 ## 8.13.4 - Pulled due to packaging error. ## 8.13.3 (2016-11-02) - Removes any symlinks before importing a project export file. CVE-2016-9086 - Fixed Import/Export foreign key issue to do with project members. - Changed build dropdown list length to be 6,5 builds long in the pipeline graph ## 8.13.2 (2016-10-31) - Fix encoding issues on pipeline commits. !6832 - Use Hash rocket syntax to fix cycle analytics under Ruby 2.1. !6977 - Modify GitHub importer to be retryable. !7003 - Fix refs dropdown selection with special characters. !7061 - Fix horizontal padding for highlight blocks. !7062 - Pass user instance to `Labels::FindOrCreateService` or `skip_authorization: true`. !7093 - Fix builds dropdown overlapping bug. !7124 - Fix applying labels for GitHub-imported MRs. !7139 - Fix importing MR comments from GitHub. !7139 - Fix project member access for group links. !7144 - API: Fix booleans not recognized as such when using the `to_boolean` helper. !7149 - Fix and improve `Sortable.highest_label_priority`. !7165 - Fixed sticky merge request tabs when sidebar is pinned. !7167 - Only remove right connector of first build of last stage. !7179 ## 8.13.1 (2016-10-25) - Fix branch protection API. !6215 - Fix hidden pipeline graph on commit and MR page. !6895 - Fix Cycle analytics not showing correct data when filtering by date. !6906 - Ensure custom provider tab labels don't break layout. !6993 - Fix issue boards user link when in subdirectory. !7018 - Refactor and add new environment functionality to CI yaml reference. !7026 - Fix typo in project settings that prevents users from enabling container registry. !7037 - Fix events order in `users/:id/events` endpoint. !7039 - Remove extra line for empty issue description. !7045 - Don't append issue/MR templates to any existing text. !7050 - Fix error in generating labels. !7055 - Stop clearing the database cache on `rake cache:clear`. !7056 - Only show register tab if signup enabled. !7058 - Fix lightweight tags not processed correctly by GitTagPushService - Expire and build repository cache after project import. !7064 - Fix bug where labels would be assigned to issues that were moved. !7065 - Fix reply-by-email not working due to queue name mismatch. !7068 - Fix 404 for group pages when GitLab setup uses relative url. !7071 - Fix `User#to_reference`. !7088 - Reduce overhead of `LabelFinder` by avoiding `#presence` call. !7094 - Fix unauthorized users dragging on issue boards. !7096 - Only schedule `ProjectCacheWorker` jobs when needed. !7099 ## 8.13.0 (2016-10-22) - Fix save button on project pipeline settings page. (!6955) - All Sidekiq workers now use their own queue - Avoid race condition when asynchronously removing expired artifacts. (!6881) - Improve Merge When Build Succeeds triggers and execute on pipeline success. (!6675) - Respond with 404 Not Found for non-existent tags (Linus Thiel) - Truncate long labels with ellipsis in labels page - Improve tabbing usability for sign in page (ClemMakesApps) - Enforce TrailingSemicolon and EmptyLineBetweenBlocks in scss-lint - Adding members no longer silently fails when there is extra whitespace - Update runner version only when updating contacted_at - Add link from system note to compare with previous version - Use gitlab-shell v3.6.6 - Ignore references to internal issues when using external issues tracker - Ability to resolve merge request conflicts with editor !6374 - Add `/projects/visible` API endpoint (Ben Boeckel) - Fix centering of custom header logos (Ashley Dumaine) - Keep around commits only pipeline creation as pipeline data doesn't change over time - Update duration at the end of pipeline - ExpireBuildArtifactsWorker query builds table without ordering enqueuing one job per build to cleanup - Add group level labels. (!6425) - Add an example for testing a phoenix application with Gitlab CI in the docs (Manthan Mallikarjun) - Cancelled pipelines could be retried. !6927 - Updating verbiage on git basics to be more intuitive - Fix project_feature record not generated on project creation - Clarify documentation for Runners API (Gennady Trafimenkov) - Use optimistic locking for pipelines and builds - The instrumentation for Banzai::Renderer has been restored - Change user & group landing page routing from /u/:username to /:username - Added documentation for .gitattributes files - Move Pipeline Metrics to separate worker - AbstractReferenceFilter caches project_refs on RequestStore when active - Replaced the check sign to arrow in the show build view. !6501 - Add a /wip slash command to toggle the Work In Progress status of a merge request. !6259 (tbalthazar) - ProjectCacheWorker updates caches at most once per 15 minutes per project - Fix Error 500 when viewing old merge requests with bad diff data - Create a new /templates namespace for the /licenses, /gitignores and /gitlab_ci_ymls API endpoints. !5717 (tbalthazar) - Fix viewing merged MRs when the source project has been removed !6991 - Speed-up group milestones show page - Fix inconsistent options dropdown caret on mobile viewports (ClemMakesApps) - Extract project#update_merge_requests and SystemHooks to its own worker from GitPushService - Fix discussion thread from emails for merge requests. !7010 - Don't include archived projects when creating group milestones. !4940 (Jeroen Jacobs) - Add tag shortcut from the Commit page. !6543 - Keep refs for each deployment - Close open tooltips on page navigation (Linus Thiel) - Allow browsing branches that end with '.atom' - Log LDAP lookup errors and don't swallow unrelated exceptions. !6103 (Markus Koller) - Replace unique keyframes mixin with keyframe mixin with specific names (ClemMakesApps) - Add more tests for calendar contribution (ClemMakesApps) - Update Gitlab Shell to fix some problems with moving projects between storages - Cache rendered markdown in the database, rather than Redis - Add todo toggle event (ClemMakesApps) - Avoid database queries on Banzai::ReferenceParser::BaseParser for nodes without references - Simplify Mentionable concern instance methods - API: Ability to retrieve version information (Robert Schilling) - Fix permission for setting an issue's due date - API: Multi-file commit !6096 (mahcsig) - Unicode emoji are now converted to images - Revert "Label list shows all issues (opened or closed) with that label" - Expose expires_at field when sharing project on API - Fix VueJS template tags being rendered in code comments - Added copy file path button to merge request diff files - Fix issue with page scrolling to top when closing or pinning sidebar (lukehowell) - Add Issue Board API support (andrebsguedes) - Allow the Koding integration to be configured through the API - Add new issue button to each list on Issues Board - Execute specific named route method from toggle_award_url helper method - Added soft wrap button to repository file/blob editor - Update namespace validation to forbid reserved names (.git and .atom) (Will Starms) - Show the time ago a merge request was deployed to an environment - Add RTL support to markdown renderer (Ebrahim Byagowi) - Add word-wrap to issue title on issue and milestone boards (ClemMakesApps) - Fix todos page mobile viewport layout (ClemMakesApps) - Make issues search less finicky - Fix inconsistent highlighting of already selected activity nav-links (ClemMakesApps) - Remove redundant mixins (ClemMakesApps) - Added 'Download' button to the Snippets page (Justin DiPierro) - Add visibility level to project repository - Fix robots.txt disallowing access to groups starting with "s" (Matt Harrison) - Close open merge request without source project (Katarzyna Kobierska Ula Budziszewska) - Fix showing commits from source project for merge request !6658 - Fix that manual jobs would no longer block jobs in the next stage. !6604 - Add configurable email subject suffix (Fu Xu) - Use defined colour for a language when available !6748 (nilsding) - Added tooltip to fork count on project show page. (Justin DiPierro) - Use a ConnectionPool for Rails.cache on Sidekiq servers - Replace `alias_method_chain` with `Module#prepend` - Enable GitLab Import/Export for non-admin users. - Preserve label filters when sorting !6136 (Joseph Frazier) - MergeRequest#new form load diff asynchronously - Only update issuable labels if they have been changed - Take filters in account in issuable counters. !6496 - Use custom Ruby images to test builds (registry.dev.gitlab.org/gitlab/gitlab-build-images:*) - Replace static issue fixtures by script !6059 (winniehell) - Append issue template to existing description !6149 (Joseph Frazier) - Trending projects now only show public projects and the list of projects is cached for a day - Memoize Gitlab Shell's secret token (!6599, Justin DiPierro) - Revoke button in Applications Settings underlines on hover. - Use higher size on Gitlab::Redis connection pool on Sidekiq servers - Add missing values to linter !6276 (Katarzyna Kobierska Ula Budziszewska) - Revert avoid touching file system on Build#artifacts? - Stop using a Redis lease when updating the project activity timestamp whenever a new event is created - Add disabled delete button to protected branches (ClemMakesApps) - Add broadcast messages and alerts below sub-nav - Better empty state for Groups view - API: New /users/:id/events endpoint - Update ruby-prof to 0.16.2. !6026 (Elan Ruusamäe) - Replace bootstrap caret with fontawesome caret (ClemMakesApps) - Fix unnecessary escaping of reserved HTML characters in milestone title. !6533 - Add organization field to user profile - Change user pages routing from /u/:username/PATH to /users/:username/PATH. Old routes will redirect to the new ones for the time being. - Fix enter key when navigating search site search dropdown. !6643 (Brennan Roberts) - Fix deploy status responsiveness error !6633 - Make searching for commits case insensitive - Fix resolved discussion display in side-by-side diff view !6575 - Optimize GitHub importing for speed and memory - API: expose pipeline data in builds API (!6502, Guilherme Salazar) - Notify the Merger about merge after successful build (Dimitris Karakasilis) - Reduce queries needed to find users using their SSH keys when pushing commits - Prevent rendering the link to all when the author has no access (Katarzyna Kobierska Ula Budziszewska) - Fix broken repository 500 errors in project list - Fix the diff in the merge request view when converting a symlink to a regular file - Fix Pipeline list commit column width should be adjusted - Close todos when accepting merge requests via the API !6486 (tonygambone) - Ability to batch assign issues relating to a merge request to the author. !5725 (jamedjo) - Changed Slack service user referencing from full name to username (Sebastian Poxhofer) - Retouch environments list and deployments list - Add multiple command support for all label related slash commands !6780 (barthc) - Add Container Registry on/off status to Admin Area !6638 (the-undefined) - Add Nofollow for uppercased scheme in external urls !6820 (the-undefined) - Allow empty merge requests !6384 (Artem Sidorenko) - Grouped pipeline dropdown is a scrollable container - Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi) - Fixes padding in all clipboard icons that have .btn class - Fix a typo in doc/api/labels.md - Fix double-escaping in activities tab (Alexandre Maia) - API: all unknown routing will be handled with 404 Not Found - Add docs for request profiling - Delete dynamic environments - Fix buggy iOS tooltip layering behavior. - Make guests unable to view MRs on private projects - Fix broken Project API docs (Takuya Noguchi) - Migrate invalid project members (owner -> master) ## 8.12.9 (2016-11-07) - Fix XSS issue in Markdown autolinker ## 8.12.8 (2016-11-02) - Removes any symlinks before importing a project export file. CVE-2016-9086 - Fixed Import/Export foreign key issue to do with project members. ## 8.12.7 - Prevent running `GfmAutocomplete` setup for each diff note. !6569 - Fix long commit messages overflow viewport in file tree. !6573 - Use `gitlab-markup` gem instead of `github-markup` to fix `.rst` file rendering. !6659 - Prevent flash alert text from being obscured when container is fluid. !6694 - Fix due date being displayed as `NaN` in Safari. !6797 - Fix JS bug with select2 because of missing `data-field` attribute in select box. !6812 - Do not alter `force_remove_source_branch` options on MergeRequest unless specified. !6817 - Fix GFM autocomplete setup being called several times. !6840 - Handle case where deployment ref no longer exists. !6855 ## 8.12.6 - Update mailroom to 0.8.1 in Gemfile.lock !6814 ## 8.12.5 - Switch from request to env in ::API::Helpers. !6615 - Update the mail_room gem to 0.8.1 to fix a race condition with the mailbox watching thread. !6714 - Improve issue load time performance by avoiding ORDER BY in find_by call. !6724 - Add a new gitlab:users:clear_all_authentication_tokens task. !6745 - Don't send Private-Token (API authentication) headers to Sentry - Share projects via the API only with groups the authenticated user can access ## 8.12.4 - Fix "Copy to clipboard" tooltip to say "Copied!" when clipboard button is clicked. !6294 (lukehowell) - Fix padding in build sidebar. !6506 - Changed compare dropdowns to dropdowns with isolated search input. !6550 - Fix race condition on LFS Token. !6592 - Fix type mismatch bug when closing Jira issue. !6619 - Fix lint-doc error. !6623 - Skip wiki creation when GitHub project has wiki enabled. !6665 - Fix issues importing services via Import/Export. !6667 - Restrict failed login attempts for users with 2FA enabled. !6668 - Fix failed project deletion when feature visibility set to private. !6688 - Prevent claiming associated model IDs via import. - Set GitLab project exported file permissions to owner only - Improve the way merge request versions are compared with each other ## 8.12.3 - Update Gitlab Shell to support low IO priority for storage moves ## 8.12.2 - Fix Import/Export not recognising correctly the imported services. - Fix snippets pagination - Fix "Create project" button layout when visibility options are restricted - Fix List-Unsubscribe header in emails - Fix IssuesController#show degradation including project on loaded notes - Fix an issue with the "Commits" section of the cycle analytics summary. !6513 - Fix errors importing project feature and milestone models using GitLab project import - Make JWT messages Docker-compatible - Fix duplicate branch entry in the merge request version compare dropdown - Respect the fork_project permission when forking projects - Only update issuable labels if they have been changed - Fix bug where 'Search results' repeated many times when a search in the emoji search form is cleared (Xavier Bick) (@zeiv) - Fix resolve discussion buttons endpoint path - Refactor remnants of CoffeeScript destructured opts and super !6261 ## 8.12.1 - Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST - Fix issue with search filter labels not displaying ## 8.12.0 (2016-09-22) - Removes inconsistency regarding tagging immediatelly as merged once you create a new branch. !6408 - Update the rouge gem to 2.0.6, which adds highlighting support for JSX, Prometheus, and others. !6251 - Only check :can_resolve permission if the note is resolvable - Bump fog-aws to v0.11.0 to support ap-south-1 region - Add ability to fork to a specific namespace using API. (ritave) - Allow to set request_access_enabled for groups and projects - Cleanup misalignments in Issue list view !6206 - Only create a protected branch upon a push to a new branch if a rule for that branch doesn't exist - Add Pipelines for Commit - Prune events older than 12 months. (ritave) - Prepend blank line to `Closes` message on merge request linked to issue (lukehowell) - Fix issues/merge-request templates dropdown for forked projects - Filter tags by name !6121 - Update gitlab shell secret file also when it is empty. !3774 (glensc) - Give project selection dropdowns responsive width, make non-wrapping. - Fix note form hint showing slash commands supported for commits. - Make push events have equal vertical spacing. - API: Ensure invitees are not returned in Members API. - Preserve applied filters on issues search. - Add two-factor recovery endpoint to internal API !5510 - Pass the "Remember me" value to the U2F authentication form - Display stages in valid order in stages dropdown on build page - Only update projects.last_activity_at once per hour when creating a new event - Cycle analytics (first iteration) !5986 - Remove vendor prefixes for linear-gradient CSS (ClemMakesApps) - Move pushes_since_gc from the database to Redis - Limit number of shown environments on Merge Request: show only environments for target_branch, source_branch and tags - Add font color contrast to external label in admin area (ClemMakesApps) - Fix find file navigation links (ClemMakesApps) - Change logo animation to CSS (ClemMakesApps) - Instructions for enabling Git packfile bitmaps !6104 - Use Search::GlobalService.new in the `GET /projects/search/:query` endpoint - Fix long comments in diffs messing with table width - Add spec covering 'Gitlab::Git::committer_hash' !6433 (dandunckelman) - Fix pagination on user snippets page - Honor "fixed layout" preference in more places !6422 - Run CI builds with the permissions of users !5735 - Fix sorting of issues in API - Fix download artifacts button links !6407 - Sort project variables by key. !6275 (Diego Souza) - Ensure specs on sorting of issues in API are deterministic on MySQL - Added ability to use predefined CI variables for environment name - Added ability to specify URL in environment configuration in gitlab-ci.yml - Escape search term before passing it to Regexp.new !6241 (winniehell) - Fix pinned sidebar behavior in smaller viewports !6169 - Fix file permissions change when updating a file on the Gitlab UI !5979 - Added horizontal padding on build page sidebar on code coverage block. !6196 (Vitaly Baev) - Change merge_error column from string to text type - Fix issue with search filter labels not displaying - Reduce contributions calendar data payload (ClemMakesApps) - Show all pipelines for merge requests even from discarded commits !6414 - Replace contributions calendar timezone payload with dates (ClemMakesApps) - Changed MR widget build status to pipeline status !6335 - Add `web_url` field to issue, merge request, and snippet API objects (Ben Boeckel) - Enable pipeline events by default !6278 - Add pipeline email service !6019 - Move parsing of sidekiq ps into helper !6245 (pascalbetz) - Added go to issue boards keyboard shortcut - Expose `sha` and `merge_commit_sha` in merge request API (Ben Boeckel) - Emoji can be awarded on Snippets !4456 - Set path for all JavaScript cookies to honor GitLab's subdirectory setting !5627 (Mike Greiling) - Fix blame table layout width - Spec testing if issue authors can read issues on private projects - Fix bug where pagination is still displayed despite all todos marked as done (ClemMakesApps) - Request only the LDAP attributes we need !6187 - Center build stage columns in pipeline overview (ClemMakesApps) - Fix bug with tooltip not hiding on discussion toggle button - Rename behaviour to behavior in bug issue template for consistency (ClemMakesApps) - Fix bug stopping issue description being scrollable after selecting issue template - Remove suggested colors hover underline (ClemMakesApps) - Fix jump to discussion button being displayed on commit notes - Shorten task status phrase (ClemMakesApps) - Fix project visibility level fields on settings - Add hover color to emoji icon (ClemMakesApps) - Increase ci_builds artifacts_size column to 8-byte integer to allow larger files - Add textarea autoresize after comment (ClemMakesApps) - Do not write SSH public key 'comments' to authorized_keys !6381 - Add due date to issue todos - Refresh todos count cache when an Issue/MR is deleted - Fix branches page dropdown sort alignment (ClemMakesApps) - Hides merge request button on branches page is user doesn't have permissions - Add white background for no readme container (ClemMakesApps) - API: Expose issue confidentiality flag. (Robert Schilling) - Fix markdown anchor icon interaction (ClemMakesApps) - Test migration paths from 8.5 until current release !4874 - Replace animateEmoji timeout with eventListener (ClemMakesApps) - Show badges in Milestone tabs. !5946 (Dan Rowden) - Optimistic locking for Issues and Merge Requests (title and description overriding prevention) - Require confirmation when not logged in for unsubscribe links !6223 (Maximiliano Perez Coto) - Add `wiki_page_events` to project hook APIs (Ben Boeckel) - Remove Gitorious import - Loads GFM autocomplete source only when required - Fix issue with slash commands not loading on new issue page - Fix inconsistent background color for filter input field (ClemMakesApps) - Remove prefixes from transition CSS property (ClemMakesApps) - Add Sentry logging to API calls - Add BroadcastMessage API - Merge request tabs are fixed when scrolling page - Use 'git update-ref' for safer web commits !6130 - Sort pipelines requested through the API - Automatically expand hidden discussions when accessed by a permalink !5585 (Mike Greiling) - Fix issue boards loading on large screens - Change pipeline duration to be jobs running time instead of simple wall time from start to end !6084 - Show queued time when showing a pipeline !6084 - Remove unused mixins (ClemMakesApps) - Fix issue board label filtering appending already filtered labels - Add search to all issue board lists - Scroll active tab into view on mobile - Fix groups sort dropdown alignment (ClemMakesApps) - Add horizontal scrolling to all sub-navs on mobile viewports (ClemMakesApps) - Use JavaScript tooltips for mentions !5301 (winniehell) - Add hover state to todos !5361 (winniehell) - Fix icon alignment of star and fork buttons !5451 (winniehell) - Fix alignment of icon buttons !5887 (winniehell) - Added Ubuntu 16.04 support for packager.io (JonTheNiceGuy) - Fix markdown help references (ClemMakesApps) - Add last commit time to repo view (ClemMakesApps) - Fix accessibility and visibility of project list dropdown button !6140 - Fix missing flash messages on service edit page (airatshigapov) - Added project-specific enable/disable setting for LFS !5997 - Added group-specific enable/disable setting for LFS !6164 - Add optional 'author' param when making commits. !5822 (dandunckelman) - Don't expose a user's token in the `/api/v3/user` API (!6047) - Remove redundant js-timeago-pending from user activity log (ClemMakesApps) - Ability to manage project issues, snippets, wiki, merge requests and builds access level - Remove inconsistent font weight for sidebar's labels (ClemMakesApps) - Align add button on repository view (ClemMakesApps) - Fix contributions calendar month label truncation (ClemMakesApps) - Import release note descriptions from GitHub (EspadaV8) - Added tests for diff notes - Add pipeline events to Slack integration !5525 - Add a button to download latest successful artifacts for branches and tags !5142 - Remove redundant pipeline tooltips (ClemMakesApps) - Expire commit info views after one day, instead of two weeks, to allow for user email updates - Add delimiter to project stars and forks count (ClemMakesApps) - Fix badge count alignment (ClemMakesApps) - Remove green outline from `New branch unavailable` button on issue page !5858 (winniehell) - Fix repo title alignment (ClemMakesApps) - Change update interval of contacted_at - Add LFS support to SSH !6043 - Fix branch title trailing space on hover (ClemMakesApps) - Don't include 'Created By' tag line when importing from GitHub if there is a linked GitLab account (EspadaV8) - Award emoji tooltips containing more than 10 usernames are now truncated !4780 (jlogandavison) - Fix duplicate "me" in award emoji tooltip !5218 (jlogandavison) - Order award emoji tooltips in order they were added (EspadaV8) - Fix spacing and vertical alignment on build status icon on commits page (ClemMakesApps) - Update merge_requests.md with a simpler way to check out a merge request. !5944 - Fix button missing type (ClemMakesApps) - Gitlab::Checks is now instrumented - Move to project dropdown with infinite scroll for better performance - Fix leaking of submit buttons outside the width of a main container !18731 (originally by @pavelloz) - Load branches asynchronously in Cherry Pick and Revert dialogs. - Convert datetime coffeescript spec to ES6 (ClemMakesApps) - Add merge request versions !5467 - Change using size to use count and caching it for number of group members. !5935 - Replace play icon font with svg (ClemMakesApps) - Added 'only_allow_merge_if_build_succeeds' project setting in the API. !5930 (Duck) - Reduce number of database queries on builds tab - Wrap text in commit message containers - Capitalize mentioned issue timeline notes (ClemMakesApps) - Fix inconsistent checkbox alignment (ClemMakesApps) - Use the default branch for displaying the project icon instead of master !5792 (Hannes Rosenögger) - Adds response mime type to transaction metric action when it's not HTML - Fix hover leading space bug in pipeline graph !5980 - Avoid conflict with admin labels when importing GitHub labels - User can edit closed MR with deleted fork (Katarzyna Kobierska Ula Budziszewska) !5496 - Fix repository page ui issues - Avoid protected branches checks when verifying access without branch name - Add information about user and manual build start to runner as variables !6201 (Sergey Gnuskov) - Fixed invisible scroll controls on build page on iPhone - Fix error on raw build trace download for old builds stored in database !4822 - Refactor the triggers page and documentation !6217 - Show values of CI trigger variables only when clicked (Katarzyna Kobierska Ula Budziszewska) - Use default clone protocol on "check out, review, and merge locally" help page URL - Let the user choose a namespace and name on GitHub imports - API for Ci Lint !5953 (Katarzyna Kobierska Urszula Budziszewska) - Allow bulk update merge requests from merge requests index page - Ensure validation messages are shown within the milestone form - Add notification_settings API calls !5632 (mahcsig) - Remove duplication between project builds and admin builds view !5680 (Katarzyna Kobierska Ula Budziszewska) - Fix URLs with anchors in wiki !6300 (houqp) - Deleting source project with existing fork link will close all related merge requests !6177 (Katarzyna Kobierska Ula Budziszeska) - Return 204 instead of 404 for /ci/api/v1/builds/register.json if no builds are scheduled for a runner !6225 - Fix Gitlab::Popen.popen thread-safety issue - Add specs to removing project (Katarzyna Kobierska Ula Budziszewska) - Clean environment variables when running git hooks - Fix Import/Export issues importing protected branches and some specific models - Fix non-master branch readme display in tree view - Add UX improvements for merge request version diffs ## 8.11.11 (2016-11-07) - Fix XSS issue in Markdown autolinker ## 8.11.10 (2016-11-02) - Removes any symlinks before importing a project export file. CVE-2016-9086 ## 8.11.9 - Don't send Private-Token (API authentication) headers to Sentry - Share projects via the API only with groups the authenticated user can access ## 8.11.8 - Respect the fork_project permission when forking projects - Set a restrictive CORS policy on the API for credentialed requests - API: disable rails session auth for non-GET/HEAD requests - Escape HTML nodes in builds commands in CI linter ## 8.11.7 - Avoid conflict with admin labels when importing GitHub labels. !6158 - Restores `fieldName` to allow only string values in `gl_dropdown.js`. !6234 - Allow the Rails cookie to be used for API authentication. - Login/Register UX upgrade !6328 ## 8.11.6 - Fix unnecessary horizontal scroll area in pipeline visualizations. !6005 - Make merge conflict file size limit 200 KB, to match the docs. !6052 - Fix an error where we were unable to create a CommitStatus for running state. !6107 - Optimize discussion notes resolving and unresolving. !6141 - Fix GitLab import button. !6167 - Restore SSH Key title auto-population behavior. !6186 - Fix DB schema to match latest migration. !6256 - Exclude some pending or inactivated rows in Member scopes. ## 8.11.5 - Optimize branch lookups and force a repository reload for Repository#find_branch. !6087 - Fix member expiration date picker after update. !6184 - Fix suggested colors options for new labels in the admin area. !6138 - Optimize discussion notes resolving and unresolving - Fix GitLab import button - Fix confidential issues being exposed as public using gitlab.com export - Remove gitorious from import_sources. !6180 - Scope webhooks/services that will run for confidential issues - Remove gitorious from import_sources - Fix confidential issues being exposed as public using gitlab.com export - Use oj gem for faster JSON processing ## 8.11.4 - Fix resolving conflicts on forks. !6082 - Fix diff commenting on merge requests created prior to 8.10. !6029 - Fix pipelines tab layout regression. !5952 - Fix "Wiki" link not appearing in navigation for projects with external wiki. !6057 - Do not enforce using hash with hidden key in CI configuration. !6079 - Fix hover leading space bug in pipeline graph !5980 - Fix sorting issues by "last updated" doesn't work after import from GitHub - GitHub importer use default project visibility for non-private projects - Creating an issue through our API now emails label subscribers !5720 - Block concurrent updates for Pipeline - Don't create groups for unallowed users when importing projects - Fix issue boards leak private label names and descriptions - Fix broken gitlab:backup:restore because of bad permissions on repo storage !6098 (Dirk Hörner) - Remove gitorious. !5866 - Allow compare merge request versions ## 8.11.3 - Allow system info page to handle case where info is unavailable - Label list shows all issues (opened or closed) with that label - Don't show resolve conflicts link before MR status is updated - Fix IE11 fork button bug !5982 - Don't prevent viewing the MR when git refs for conflicts can't be found on disk - Fix external issue tracker "Issues" link leading to 404s - Don't try to show merge conflict resolution info if a merge conflict contains non-UTF-8 characters - Automatically expand hidden discussions when accessed by a permalink !5585 (Mike Greiling) - Issues filters reset button ## 8.11.2 - Show "Create Merge Request" widget for push events to fork projects on the source project. !5978 - Use gitlab-workhorse 0.7.11 !5983 - Does not halt the GitHub import process when an error occurs. !5763 - Fix file links on project page when default view is Files !5933 - Fixed enter key in search input not working !5888 ## 8.11.1 - Pulled due to packaging error. ## 8.11.0 (2016-08-22) - Use test coverage value from the latest successful pipeline in badge. !5862 - Add test coverage report badge. !5708 - Remove the http_parser.rb dependency by removing the tinder gem. !5758 (tbalthazar) - Add Koding (online IDE) integration - Ability to specify branches for Pivotal Tracker integration (Egor Lynko) - Fix don't pass a local variable called `i` to a partial. !20510 (herminiotorres) - Fix rename `add_users_into_project` and `projects_ids`. !20512 (herminiotorres) - Fix adding line comments on the initial commit to a repo !5900 - Fix the title of the toggle dropdown button. !5515 (herminiotorres) - Rename `markdown_preview` routes to `preview_markdown`. (Christopher Bartz) - Update to Ruby 2.3.1. !4948 - Add Issues Board !5548 - Allow resolving merge conflicts in the UI !5479 - Improve diff performance by eliminating redundant checks for text blobs - Ensure that branch names containing escapable characters (e.g. %20) aren't unescaped indiscriminately. !5770 (ewiltshi) - Convert switch icon into icon font (ClemMakesApps) - API: Endpoints for enabling and disabling deploy keys - API: List access requests, request access, approve, and deny access requests to a project or a group. !4833 - Use long options for curl examples in documentation !5703 (winniehell) - Added tooltip listing label names to the labels value in the collapsed issuable sidebar - Remove magic comments (`# encoding: UTF-8`) from Ruby files. !5456 (winniehell) - GitLab Performance Monitoring can now track custom events such as the number of tags pushed to a repository - Add support for relative links starting with ./ or / to RelativeLinkFilter (winniehell) - Allow naming U2F devices !5833 - Ignore URLs starting with // in Markdown links !5677 (winniehell) - Fix CI status icon link underline (ClemMakesApps) - The Repository class is now instrumented - Fix commit mention font inconsistency (ClemMakesApps) - Do not escape URI when extracting path !5878 (winniehell) - Fix filter label tooltip HTML rendering (ClemMakesApps) - Cache the commit author in RequestStore to avoid extra lookups in PostReceive - Expand commit message width in repo view (ClemMakesApps) - Cache highlighted diff lines for merge requests - Pre-create all builds for a Pipeline when the new Pipeline is created !5295 - Allow merge request diff notes and discussions to be explicitly marked as resolved - API: Add deployment endpoints - API: Add Play endpoint on Builds - Fix of 'Commits being passed to custom hooks are already reachable when using the UI' - Show wall clock time when showing a pipeline. !5734 - Show member roles to all users on members page - Project.visible_to_user is instrumented again - Fix awardable button mutuality loading spinners (ClemMakesApps) - Sort todos by date and priority - Add support for using RequestStore within Sidekiq tasks via SIDEKIQ_REQUEST_STORE env variable - Optimize maximum user access level lookup in loading of notes - Send notification emails to users newly mentioned in issue and MR edits !5800 - Add "No one can push" as an option for protected branches. !5081 - Improve performance of AutolinkFilter#text_parse by using XPath - Add experimental Redis Sentinel support !1877 - Rendering of SVGs as blobs is now limited to SVGs with a size smaller or equal to 2MB - Fix branches page dropdown sort initial state (ClemMakesApps) - Environments have an url to link to - Various redundant database indexes have been removed - Update `timeago` plugin to use multiple string/locale settings - Remove unused images (ClemMakesApps) - Get issue and merge request description templates from repositories - Enforce 2FA restrictions on API authentication endpoints !5820 - Limit git rev-list output count to one in forced push check - Show deployment status on merge requests with external URLs - Clean up unused routes (Josef Strzibny) - Fix issue on empty project to allow developers to only push to protected branches if given permission - API: Add enpoints for pipelines - Add green outline to New Branch button. !5447 (winniehell) - Optimize generating of cache keys for issues and notes - Fix repository push email formatting in Outlook - Improve performance of syntax highlighting Markdown code blocks - Update to gitlab_git 10.4.1 and take advantage of preserved Ref objects - Remove delay when hitting "Reply..." button on page with a lot of discussions - Retrieve rendered HTML from cache in one request - Fix renaming repository when name contains invalid chararacters under project settings - Upgrade Grape from 0.13.0 to 0.15.0. !4601 - Trigram indexes for the "ci_runners" table have been removed to speed up UPDATE queries - Fix devise deprecation warnings. - Check for 2FA when using Git over HTTP and only allow PersonalAccessTokens as password in that case !5764 - Update version_sorter and use new interface for faster tag sorting - Optimize checking if a user has read access to a list of issues !5370 - Store all DB secrets in secrets.yml, under descriptive names !5274 - Fix syntax highlighting in file editor - Support slash commands in issue and merge request descriptions as well as comments. !5021 - Nokogiri's various parsing methods are now instrumented - Add archived badge to project list !5798 - Add simple identifier to public SSH keys (muteor) - Admin page now references docs instead of a specific file !5600 (AnAverageHuman) - Fix filter input alignment (ClemMakesApps) - Include old revision in merge request update hooks (Ben Boeckel) - Add build event color in HipChat messages (David Eisner) - Make fork counter always clickable. !5463 (winniehell) - Document that webhook secret token is sent in X-Gitlab-Token HTTP header !5664 (lycoperdon) - Gitlab::Highlight is now instrumented - All created issues, API or WebUI, can be submitted to Akismet for spam check !5333 - Allow users to import cross-repository pull requests from GitHub - The overhead of instrumented method calls has been reduced - Remove `search_id` of labels dropdown filter to fix 'Missleading URI for labels in Merge Requests and Issues view'. !5368 (Scott Le) - Load project invited groups and members eagerly in `ProjectTeam#fetch_members` - Add pipeline events hook - Bump gitlab_git to speedup DiffCollection iterations - Rewrite description of a blocked user in admin settings. (Elias Werberich) - Make branches sortable without push permission !5462 (winniehell) - Check for Ci::Build artifacts at database level on pipeline partial - Convert image diff background image to CSS (ClemMakesApps) - Remove unnecessary index_projects_on_builds_enabled index from the projects table - Make "New issue" button in Issue page less obtrusive !5457 (winniehell) - Gitlab::Metrics.current_transaction needs to be public for RailsQueueDuration - Fix search for notes which belongs to deleted objects - Allow Akismet to be trained by submitting issues as spam or ham !5538 - Add GitLab Workhorse version to admin dashboard (Katarzyna Kobierska Ula Budziszewska) - Allow branch names ending with .json for graph and network page !5579 (winniehell) - Add the `sprockets-es6` gem - Improve OAuth2 client documentation (muteor) - Fix diff comments inverted toggle bug (ClemMakesApps) - Multiple trigger variables show in separate lines (Katarzyna Kobierska Ula Budziszewska) - Profile requests when a header is passed - Avoid calculation of line_code and position for _line partial when showing diff notes on discussion tab. - Speedup DiffNote#active? on discussions, preloading noteables and avoid touching git repository to return diff_refs when possible - Add commit stats in commit api. !5517 (dixpac) - Add CI configuration button on project page - Fix merge request new view not changing code view rendering style - edit_blob_link will use blob passed onto the options parameter - Make error pages responsive (Takuya Noguchi) - The performance of the project dropdown used for moving issues has been improved - Fix skip_repo parameter being ignored when destroying a namespace - Add all builds into stage/job dropdowns on builds page - Change requests_profiles resource constraint to catch virtually any file - Bump gitlab_git to lazy load compare commits - Reduce number of queries made for merge_requests/:id/diffs - Add the option to set the expiration date for the project membership when giving a user access to a project. !5599 (Adam Niedzielski) - Sensible state specific default sort order for issues and merge requests !5453 (tomb0y) - Fix bug where destroying a namespace would not always destroy projects - Fix RequestProfiler::Middleware error when code is reloaded in development - Allow horizontal scrolling of code blocks in issue body - Catch what warden might throw when profiling requests to re-throw it - Avoid commit lookup on diff_helper passing existing local variable to the helper method - Add description to new_issue email and new_merge_request_email in text/plain content type. !5663 (dixpac) - Speed up and reduce memory usage of Commit#repo_changes, Repository#expire_avatar_cache and IrkerWorker - Add unfold links for Side-by-Side view. !5415 (Tim Masliuchenko) - Adds support for pending invitation project members importing projects - Add pipeline visualization/graph on pipeline page - Update devise initializer to turn on changed password notification emails. !5648 (tombell) - Avoid to show the original password field when password is automatically set. !5712 (duduribeiro) - Fix importing GitLab projects with an invalid MR source project - Sort folders with submodules in Files view !5521 - Each `File::exists?` replaced to `File::exist?` because of deprecate since ruby version 2.2.0 - Add auto-completition in pipeline (Katarzyna Kobierska Ula Budziszewska) - Add pipelines tab to merge requests - Fix notification_service argument error of declined invitation emails - Fix a memory leak caused by Banzai::Filter::SanitizationFilter - Speed up todos queries by limiting the projects set we join with - Ensure file editing in UI does not overwrite commited changes without warning user - Eliminate unneeded calls to Repository#blob_at when listing commits with no path - Update gitlab_git gem to 10.4.7 - Simplify SQL queries of marking a todo as done ## 8.10.13 (2016-11-02) - Removes any symlinks before importing a project export file. CVE-2016-9086 ## 8.10.12 - Don't send Private-Token (API authentication) headers to Sentry - Share projects via the API only with groups the authenticated user can access ## 8.10.11 - Respect the fork_project permission when forking projects - Set a restrictive CORS policy on the API for credentialed requests - API: disable rails session auth for non-GET/HEAD requests - Escape HTML nodes in builds commands in CI linter ## 8.10.10 - Allow the Rails cookie to be used for API authentication. ## 8.10.9 - Exclude some pending or inactivated rows in Member scopes ## 8.10.8 - Fix information disclosure in issue boards. - Fix privilege escalation in project import. ## 8.10.7 - Upgrade Hamlit to 2.6.1. !5873 - Upgrade Doorkeeper to 4.2.0. !5881 ## 8.10.6 - Upgrade Rails to 4.2.7.1 for security fixes. !5781 - Restore "Largest repository" sort option on Admin > Projects page. !5797 - Fix privilege escalation via project export. - Require administrator privileges to perform a project import. ## 8.10.5 - Add a data migration to fix some missing timestamps in the members table. !5670 - Revert the "Defend against 'Host' header injection" change in the source NGINX templates. !5706 - Cache project count for 5 minutes to reduce DB load. !5746 & !5754 ## 8.10.4 - Don't close referenced upstream issues from a forked project. - Fixes issue with dropdowns `enter` key not working correctly. !5544 - Fix Import/Export project import not working in HA mode. !5618 - Fix Import/Export error checking versions. !5638 ## 8.10.3 - Fix Import/Export issue importing milestones and labels not associated properly. !5426 - Fix timing problems running imports on production. !5523 - Add a log message when a project is scheduled for destruction for debugging. !5540 - Fix hooks missing on imported GitLab projects. !5549 - Properly abort a merge when merge conflicts occur. !5569 - Fix importer for GitHub Pull Requests when a branch was removed. !5573 - Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured. !5584 - Trim extra displayed carriage returns in diffs and files with CRLFs. !5588 - Fix label already exist error message in the right sidebar. ## 8.10.2 - User can now search branches by name. !5144 - Page is now properly rendered after committing the first file and creating the first branch. !5399 - Add branch or tag icon to ref in builds page. !5434 - Fix backup restore. !5459 - Use project ID in repository cache to prevent stale data from persisting across projects. !5460 - Fix issue with autocomplete search not working with enter key. !5466 - Add iid to MR API response. !5468 - Disable MySQL foreign key checks before dropping all tables. !5472 - Ensure relative paths for video are rewritten as we do for images. !5474 - Ensure current user can retry a build before showing the 'Retry' button. !5476 - Add ENV variable to skip repository storages validations. !5478 - Added `*.js.es6 gitlab-language=javascript` to `.gitattributes`. !5486 - Don't show comment button in gutter of diffs on MR discussion tab. !5493 - Rescue Rugged::OSError (lock exists) when creating references. !5497 - Fix expand all diffs button in compare view. !5500 - Show release notes in tags list. !5503 - Fix a bug where forking a project from a repository storage to another would fail. !5509 - Fix missing schema update for `20160722221922`. !5512 - Update `gitlab-shell` version to 3.2.1 in the 8.9->8.10 update guide. !5516 ## 8.10.1 - Refactor repository storages documentation. !5428 - Gracefully handle case when keep-around references are corrupted or exist already. !5430 - Add detailed info on storage path mountpoints. !5437 - Fix Error 500 when creating Wiki pages with hyphens or spaces. !5444 - Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page. !5446 - Ignore invalid trusted proxies in X-Forwarded-For header. !5454 - Add links to the real markdown.md file for all GFM examples. !5458 ## 8.10.0 (2016-07-22) - Fix profile activity heatmap to show correct day name (eanplatter) - Speed up ExternalWikiHelper#get_project_wiki_path - Expose {should,force}_remove_source_branch (Ben Boeckel) - Add the functionality to be able to rename a file. !5049 - Disable PostgreSQL statement timeout during migrations - Fix projects dropdown loading performance with a simplified api cal. !5113 - Fix commit builds API, return all builds for all pipelines for given commit. !4849 - Replace Haml with Hamlit to make view rendering faster. !3666 - Refresh the branch cache after `git gc` runs - Allow to disable request access button on projects/groups - Refactor repository paths handling to allow multiple git mount points - Optimize system note visibility checking by memoizing the visible reference count. !5070 - Add Application Setting to configure default Repository Path for new projects - Delete award emoji when deleting a user - Remove pinTo from Flash and make inline flash messages look nicer. !4854 (winniehell) - Add an API for downloading latest successful build from a particular branch or tag. !5347 - Avoid data-integrity issue when cleaning up repository archive cache. - Add link to profile to commit avatar. !5163 (winniehell) - Wrap code blocks on Activies and Todos page. !4783 (winniehell) - Align flash messages with left side of page content. !4959 (winniehell) - Display tooltip for "Copy to Clipboard" button. !5164 (winniehell) - Use default cursor for table header of project files. !5165 (winniehell) - Store when and yaml variables in builds table - Display last commit of deleted branch in push events. !4699 (winniehell) - Escape file extension when parsing search results. !5141 (winniehell) - Add "passing with warnings" to the merge request pipeline possible statuses, this happens when builds that allow failures have failed. !5004 - Add image border in Markdown preview. !5162 (winniehell) - Apply the trusted_proxies config to the rack request object for use with rack_attack - Added the ability to block sign ups using a domain blacklist. !5259 - Upgrade to Rails 4.2.7. !5236 - Extend exposed environment variables for CI builds - Deprecate APIs "projects/:id/keys/...". Use "projects/:id/deploy_keys/..." instead - Add API "deploy_keys" for admins to get all deploy keys - Allow to pull code with deploy key from public projects - Use limit parameter rather than hardcoded value in `ldap:check` rake task (Mike Ricketts) - Add Sidekiq queue duration to transaction metrics. - Add a new column `artifacts_size` to table `ci_builds`. !4964 - Let Workhorse serve format-patch diffs - Display tooltip for mentioned users and groups. !5261 (winniehell) - Allow build email service to be tested - Added day name to contribution calendar tooltips - Refactor user authorization check for a single project to avoid querying all user projects - Make images fit to the size of the viewport. !4810 - Fix check for New Branch button on Issue page. !4630 (winniehell) - Fix GFM autocomplete not working on wiki pages - Fixed enter key not triggering click on first row when searching in a dropdown - Updated dropdowns in issuable form to use new GitLab dropdown style - Make images fit to the size of the viewport !4810 - Fix check for New Branch button on Issue page !4630 (winniehell) - Fix MR-auto-close text added to description. !4836 - Support U2F devices in Firefox. !5177 - Fix issue, preventing users w/o push access to sort tags. !5105 (redetection) - Add Spring EmojiOne updates. - Added Rake task for tracking deployments. !5320 - Fix fetching LFS objects for private CI projects - Add the new 2016 Emoji! Adds 72 new emoji including bacon, facepalm, and selfie. !5237 - Add syntax for multiline blockquote using `>>>` fence. !3954 - Fix viewing notification settings when a project is pending deletion - Updated compare dropdown menus to use GL dropdown - Redirects back to issue after clicking login link - Eager load award emoji on notes - Allow to define manual actions/builds on Pipelines and Environments - Fix pagination when sorting by columns with lots of ties (like priority) - The Markdown reference parsers now re-use query results to prevent running the same queries multiple times. !5020 - Updated project header design - Issuable collapsed assignee tooltip is now the users name - Fix compare view not changing code view rendering style - Exclude email check from the standard health check - Updated layout for Projects, Groups, Users on Admin area. !4424 - Fix changing issue state columns in milestone view - Update health_check gem to version 2.1.0 - Add notification settings dropdown for groups - Render inline diffs for multiple changed lines following eachother - Wildcards for protected branches. !4665 - Allow importing from Github using Personal Access Tokens. (Eric K Idema) - API: Expose `due_date` for issues (Robert Schilling) - API: Todos. !3188 (Robert Schilling) - API: Expose shared groups for projects and shared projects for groups. !5050 (Robert Schilling) - API: Expose `developers_can_push` and `developers_can_merge` for branches. !5208 (Robert Schilling) - Add "Enabled Git access protocols" to Application Settings - Diffs will create button/diff form on demand no on server side - Reduce size of HTML used by diff comment forms - Protected branches have a "Developers can Merge" setting. !4892 (original implementation by Mathias Vestergaard) - Fix user creation with stronger minimum password requirements. !4054 (nathan-pmt) - Only show New Snippet button to users that can create snippets. - PipelinesFinder uses git cache data - Track a user who created a pipeline - Actually render old and new sections of parallel diff next to each other - Throttle the update of `project.pushes_since_gc` to 1 minute. - Allow expanding and collapsing files in diff view. !4990 - Collapse large diffs by default (!4990) - Fix mentioned users list on diff notes - Add support for inline videos in GitLab Flavored Markdown. !5215 (original implementation by Eric Hayes) - Fix creation of deployment on build that is retried, redeployed or rollback - Don't parse Rinku returned value to DocFragment when it didn't change the original html string. - Check for conflicts with existing Project's wiki path when creating a new project. - Show last push widget in upstream after push to fork - Fix stage status shown for pipelines - Cache todos pending/done dashboard query counts. - Don't instantiate a git tree on Projects show default view - Bump Rinku to 2.0.0 - Remove unused front-end variable -> default_issues_tracker - ObjectRenderer retrieve renderer content using Rails.cache.read_multi - Better caching of git calls on ProjectsController#show. - Avoid to retrieve MR closes_issues as much as possible. - Hide project name in project activities. !5068 (winniehell) - Add API endpoint for a group issues. !4520 (mahcsig) - Add Bugzilla integration. !4930 (iamtjg) - Fix new snippet style bug (elliotec) - Instrument Rinku usage - Be explicit to define merge request discussion variables - Use cache for todos counter calling TodoService - Metrics for Rouge::Plugins::Redcarpet and Rouge::Formatters::HTMLGitlab - RailsCache metris now includes fetch_hit/fetch_miss and read_hit/read_miss info. - Allow [ci skip] to be in any case and allow [skip ci]. !4785 (simon_w) - Made project list visibility icon fixed width - Set import_url validation to be more strict - Memoize MR merged/closed events retrieval - Don't render discussion notes when requesting diff tab through AJAX - Add basic system information like memory and disk usage to the admin panel - Don't garbage collect commits that have related DB records like comments - Allow to setup event by channel on slack service - More descriptive message for git hooks and file locks - Aliases of award emoji should be stored as original name. !5060 (dixpac) - Handle custom Git hook result in GitLab UI - Allow to access Container Registry for Public and Internal projects - Allow '?', or '&' for label names - Support redirected blobs for Container Registry integration - Fix importer for GitHub Pull Requests when a branch was reused across Pull Requests - Add date when user joined the team on the member page - Fix 404 redirect after validation fails importing a GitLab project - Added setting to set new users by default as external. !4545 (Dravere) - Add min value for project limit field on user's form. !3622 (jastkand) - Reset project pushes_since_gc when we enqueue the git gc call - Add reminder to not paste private SSH keys. !4399 (Ingo Blechschmidt) - Collapsed diffs lines/size don't acumulate to overflow diffs. - Remove duplicate `description` field in `MergeRequest` entities (Ben Boeckel) - Style of import project buttons were fixed in the new project page. !5183 (rdemirbay) - Fix GitHub client requests when rate limit is disabled - Optimistic locking for Issues and Merge Requests (Title and description overriding prevention) - Redesign Builds and Pipelines pages - Change status color and icon for running builds - Fix commenting issue in side by side diff view for unchanged lines - Fix markdown rendering for: consecutive labels references, label references that begin with a digit or contains `.` - Project export filename now includes the project and namespace path - Fix last update timestamp on issues not preserved on gitlab.com and project imports - Fix issues importing projects from EE to CE - Fix creating group with space in group path - Improve cron_jobs loading error messages. !5318 / !5360 - Prevent toggling sidebar when clipboard icon clicked - Create Todos for Issue author when assign or mention himself (Katarzyna Kobierska) - Limit the number of retries on error to 3 for exporting projects - Allow empty repositories on project import/export - Render only commit message title in builds (Katarzyna Kobierska Ula Budziszewska) - Allow bulk (un)subscription from issues in issue index - Fix MR diff encoding issues exporting GitLab projects - Move builds settings out of project settings and rename Pipelines - Add builds badge to Pipelines settings page - Export and import avatar as part of project import/export - Fix migration corrupting import data for old version upgrades - Show tooltip on GitLab export link in new project page - Fix import_data wrongly saved as a result of an invalid import_url !5206 ## 8.9.11 - Respect the fork_project permission when forking projects - Set a restrictive CORS policy on the API for credentialed requests - API: disable rails session auth for non-GET/HEAD requests - Escape HTML nodes in builds commands in CI linter ## 8.9.10 - Allow the Rails cookie to be used for API authentication. ## 8.9.9 - Exclude some pending or inactivated rows in Member scopes ## 8.9.8 - Upgrade Doorkeeper to 4.2.0. !5881 ## 8.9.7 - Upgrade Rails to 4.2.7.1 for security fixes. !5781 - Require administrator privileges to perform a project import. ## 8.9.6 - Fix importing of events under notes for GitLab projects. !5154 - Fix log statements in import/export. !5129 - Fix commit avatar alignment in compare view. !5128 - Fix broken migration in MySQL. !5005 - Overwrite Host and X-Forwarded-Host headers in NGINX !5213 - Keeps issue number when importing from Gitlab.com - Add Pending tab for Builds (Katarzyna Kobierska, Urszula Budziszewska) ## 8.9.5 - Add more debug info to import/export and memory killer. !5108 - Fixed avatar alignment in new MR view. !5095 - Fix diff comments not showing up in activity feed. !5069 - Add index on both Award Emoji user and name. !5061 - Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiq. !5056 - Re-enable import button when import process fails due to namespace already being taken. !5053 - Fix snippets comments not displayed. !5045 - Fix emoji paths in relative root configurations. !5027 - Fix issues importing events in Import/Export. !4987 - Fixed 'use shortcuts' button on docs. !4979 - Admin should be able to turn shared runners into specific ones. !4961 - Update RedCloth to 4.3.2 for CVE-2012-6684. !4929 (Takuya Noguchi) - Improve the request / withdraw access button. !4860 ## 8.9.4 - Fix privilege escalation issue with OAuth external users. - Ensure references to private repos aren't shown to logged-out users. - Fixed search field blur not removing focus. !4704 - Resolve "Sub nav isn't showing on file view". !4890 - Fixes middle click and double request when navigating through the file browser. !4891 - Fixed URL on label button when filtering. !4897 - Fixed commit avatar alignment. !4933 - Do not show build retry link when build is active. !4967 - Fix restore Rake task warning message output. !4980 - Handle external issues in IssueReferenceFilter. !4988 - Expiry date on pinned nav cookie. !5009 - Updated breakpoint for sidebar pinning. !5019 ## 8.9.3 - Fix encrypted data backwards compatibility after upgrading attr_encrypted gem. !4963 - Fix rendering of commit notes. !4953 - Resolve "Pin should show up at 1280px min". !4947 - Switched mobile button icons to ellipsis and angle. !4944 - Correctly returns todo ID after creating todo. !4941 - Better debugging for memory killer middleware. !4936 - Remove duplicate new page btn from edit wiki. !4904 - Use clock_gettime for all performance timestamps. !4899 - Use memorized tags array when searching tags by name. !4859 - Fixed avatar alignment in new MR view. !4901 - Removed fade when filtering results. !4932 - Fix missing avatar on system notes. !4954 - Reduce overhead and optimize ProjectTeam#max_member_access performance. !4973 - Use update_columns to bypass all the dirty code on active_record. !4985 - Fix restore Rake task warning message output !4980 ## 8.9.2 - Fix visibility of snippets when searching. - Fix an information disclosure when requesting access to a group containing private projects. - Update omniauth-saml to 1.6.0 !4951 ## 8.9.1 - Refactor labels documentation. !3347 - Eager load award emoji on notes. !4628 - Fix some CI wording in documentation. !4660 - Document `GIT_STRATEGY` and `GIT_DEPTH`. !4720 - Add documentation for the export & import features. !4732 - Add some docs for Docker Registry configuration. !4738 - Ensure we don't send the "access request declined" email to access requesters on project deletion. !4744 - Display group/project access requesters separately in the admin area. !4798 - Add documentation and examples for configuring cloud storage for registry images. !4812 - Clarifies documentation about artifact expiry. !4831 - Fix the Network graph links. !4832 - Fix MR-auto-close text added to description. !4836 - Add documentation for award emoji now that comments can be awarded with emojis. !4839 - Fix typo in export failure email. !4847 - Fix header vertical centering. !4170 - Fix subsequent SAML sign ins. !4718 - Set button label when picking an option from status dropdown. !4771 - Prevent invalid URLs from raising exceptions in WikiLink Filter. !4775 - Handle external issues in IssueReferenceFilter. !4789 - Support for rendering/redacting multiple documents. !4828 - Update Todos documentation and screenshots to include new functionality. !4840 - Hide nav arrows by default. !4843 - Added bottom padding to label color suggestion link. !4845 - Use jQuery objects in ref dropdown. !4850 - Fix GitLab project import issues related to notes and builds. !4855 - Restrict header logo to 36px so it doesn't overflow. !4861 - Fix unwanted label unassignment. !4863 - Fix mobile Safari bug where horizontal nav arrows would flicker on scroll. !4869 - Restore old behavior around diff notes to outdated discussions. !4870 - Fix merge requests project settings help link anchor. !4873 - Fix 404 when accessing pipelines as guest user on public projects. !4881 - Remove width restriction for logo on sign-in page. !4888 - Bump gitlab_git to 10.2.3 to fix false truncated warnings with ISO-8559 files. !4884 - Apply selected value as label. !4886 - Change Retry to Re-deploy on Deployments page - Fix temp file being deleted after the request while importing a GitLab project. !4894 - Fix pagination when sorting by columns with lots of ties (like priority) - Implement Subresource Integrity for CSS and JavaScript assets. This prevents malicious assets from loading in the case of a CDN compromise. - Fix user creation with stronger minimum password requirements !4054 (nathan-pmt) - Fix a wrong MR status when merge_when_build_succeeds & project.only_allow_merge_if_build_succeeds are true. !4912 - Add SMTP as default delivery method to match gitlab-org/omnibus-gitlab!826. !4915 - Remove duplicate 'New Page' button on edit wiki page ## 8.9.0 (2016-06-22) - Fix group visibility form layout in application settings - Fix builds API response not including commit data - Fix error when CI job variables key specified but not defined - Fix pipeline status when there are no builds in pipeline - Fix Error 500 when using closes_issues API with an external issue tracker - Add more information into RSS feed for issues (Alexander Matyushentsev) - Bulk assign/unassign labels to issues. - Ability to prioritize labels !4009 / !3205 (Thijs Wouters) - Show Star and Fork buttons on mobile. - Performance improvements on RelativeLinkFilter - Fix endless redirections when accessing user OAuth applications when they are disabled - Allow enabling wiki page events from Webhook management UI - Bump rouge to 1.11.0 - Fix issue with arrow keys not working in search autocomplete dropdown - Fix an issue where note polling stopped working if a window was in the background during a refresh. - Pre-processing Markdown now only happens when needed - Make EmailsOnPushWorker use Sidekiq mailers queue - Redesign all Devise emails. !4297 - Don't show 'Leave Project' to group members - Fix wiki page events' webhook to point to the wiki repository - Add a border around images to differentiate them from the background. - Don't show tags for revert and cherry-pick operations - Show image ID on registry page - Fix issue todo not remove when leave project !4150 (Long Nguyen) - Allow customisable text on the 'nearly there' page after a user signs up - Bump recaptcha gem to 3.0.0 to remove deprecated stoken support - Fix SVG sanitizer to allow more elements - Allow forking projects with restricted visibility level - Added descriptions to notification settings dropdown - Improve note validation to prevent errors when creating invalid note via API - Reduce number of fog gem dependencies - Add number of merge requests for a given milestone to the milestones view. - Implement a fair usage of shared runners - Remove project notification settings associated with deleted projects - Fix 404 page when viewing TODOs that contain milestones or labels in different projects - Add a metric for the number of new Redis connections created by a transaction - Fix Error 500 when viewing a blob with binary characters after the 1024-byte mark - Redesign navigation for project pages - Fix images in sign-up confirmation email - Added shortcut 'y' for copying a files content hash URL #14470 - Fix groups API to list only user's accessible projects - Fix horizontal scrollbar for long commit message. - GitLab Performance Monitoring now tracks the total method execution time and call count per method - Add Environments and Deployments - Redesign account and email confirmation emails - Don't fail builds for projects that are deleted - Support Docker Registry manifest v1 - `git clone https://host/namespace/project` now works, in addition to using the `.git` suffix - Bump nokogiri to 1.6.8 - Use gitlab-shell v3.0.0 - Fixed alignment of download dropdown in merge requests - Upgrade to jQuery 2 - Adds selected branch name to the dropdown toggle - Add API endpoint for Sidekiq Metrics !4653 - Refactoring Award Emoji with API support for Issues and MergeRequests - Use Knapsack to evenly distribute tests across multiple nodes - Add `sha` parameter to MR merge API, to ensure only reviewed changes are merged - Don't allow MRs to be merged when commits were added since the last review / page load - Add DB index on users.state - Limit email on push diff size to 30 files / 150 KB - Add rake task 'gitlab:db:configure' for conditionally seeding or migrating the database - Changed the Slack build message to use the singular duration if necessary (Aran Koning) - Fix race condition on merge when build succeeds - Added shortcut to focus filter search fields and added documentation #18120 - Links from a wiki page to other wiki pages should be rewritten as expected - Add option to project to only allow merge requests to be merged if the build succeeds (Rui Santos) - Added navigation shortcuts to the project pipelines, milestones, builds and forks page. !4393 - Fix issues filter when ordering by milestone - Disable SAML account unlink feature - Added artifacts:when to .gitlab-ci.yml - this requires GitLab Runner 1.3 - Bamboo Service: Fix missing credentials & URL handling when base URL contains a path (Benjamin Schmid) - TeamCity Service: Fix URL handling when base URL contains a path - Todos will display target state if issuable target is 'Closed' or 'Merged' - Validate only and except regexp - Fix bug when sorting issues by milestone due date and filtering by two or more labels - POST to API /projects/:id/runners/:runner_id would give 409 if the runner was already enabled for this project - Add support for using Yubikeys (U2F) for two-factor authentication - Link to blank group icon doesn't throw a 404 anymore - Remove 'main language' feature - Toggle whitespace button now available for compare branches diffs #17881 - Pipelines can be canceled only when there are running builds - Allow authentication using personal access tokens - Use downcased path to container repository as this is expected path by Docker - Allow to use CI token to fetch LFS objects - Custom notification settings - Projects pending deletion will render a 404 page - Measure queue duration between gitlab-workhorse and Rails - Added Gfm autocomplete for labels - Added edit note 'up' shortcut documentation to the help panel and docs screenshot #18114 - Make Omniauth providers specs to not modify global configuration - Remove unused JiraIssue class and replace references with ExternalIssue. !4659 (Ilan Shamir) - Make authentication service for Container Registry to be compatible with < Docker 1.11 - Make it possible to lock a runner from being enabled for other projects - Add Application Setting to configure Container Registry token expire delay (default 5min) - Cache assigned issue and merge request counts in sidebar nav - Use Knapsack only in CI environment - Updated project creation page to match new UI #2542 - Cache project build count in sidebar nav - Add milestone expire date to the right sidebar - Manually mark a issue or merge request as a todo - Fix markdown_spec to use before instead of before(:all) to properly cleanup database after testing - Reduce number of queries needed to render issue labels in the sidebar - Improve error handling importing projects - Remove duplicated notification settings - Put project Files and Commits tabs under Code tab - Decouple global notification level from user model - Replace Colorize with Rainbow for coloring console output in Rake tasks. - Add workhorse controller and API helpers - An indicator is now displayed at the top of the comment field for confidential issues. - Show categorised search queries in the search autocomplete - RepositoryCheck::SingleRepositoryWorker public and private methods are now instrumented - Dropdown for `.gitlab-ci.yml` templates - Improve issuables APIs performance when accessing notes !4471 - Add sorting dropdown to tags page !4423 - External links now open in a new tab - Prevent default actions of disabled buttons and links - Markdown editor now correctly resets the input value on edit cancellation !4175 - Toggling a task list item in a issue/mr description does not creates a Todo for mentions - Improved UX of date pickers on issue & milestone forms - Cache on the database if a project has an active external issue tracker. - Put project Labels and Milestones pages links under Issues and Merge Requests tabs as subnav - GitLab project import and export functionality - All classes in the Banzai::ReferenceParser namespace are now instrumented - Remove deprecated issues_tracker and issues_tracker_id from project model - Allow users to create confidential issues in private projects - Measure CPU time for instrumented methods - Instrument private methods and private instance methods by default instead just public methods - Only show notes through JSON on confidential issues that the user has access to - Updated the allocations Gem to version 1.0.5 - The background sampler now ignores classes without names - Update design for `Close` buttons - New custom icons for navigation - Horizontally scrolling navigation on project, group, and profile settings pages - Hide global side navigation by default - Fix project Star/Unstar project button tooltip - Remove tanuki logo from side navigation; center on top nav - Include user relationships when retrieving award_emoji - Various associations are now eager loaded when parsing issue references to reduce the number of queries executed - Set inverse_of for Project/Service association to reduce the number of queries - Update tanuki logo highlight/loading colors - Remove explicit Gitlab::Metrics.action assignments, are already automatic. - Use Git cached counters for branches and tags on project page - Cache participable participants in an instance variable. - Filter parameters for request_uri value on instrumented transactions. - Remove duplicated keys add UNIQUE index to keys fingerprint column - ExtractsPath get ref_names from repository cache, if not there access git. - Show a flash warning about the error detail of XHR requests which failed with status code 404 and 500 - Cache user todo counts from TodoService - Ensure Todos counters doesn't count Todos for projects pending delete - Add left/right arrows horizontal navigation - Add tooltip to pin/unpin navbar - Add new sub nav style to Wiki and Graphs sub navigation ## 8.8.9 - Upgrade Doorkeeper to 4.2.0. !5881 ## 8.8.8 - Upgrade Rails to 4.2.7.1 for security fixes. !5781 ## 8.8.7 - Fix privilege escalation issue with OAuth external users. - Ensure references to private repos aren't shown to logged-out users. ## 8.8.6 - Fix visibility of snippets when searching. - Update omniauth-saml to 1.6.0 !4951 ## 8.8.5 - Import GitHub repositories respecting the API rate limit !4166 - Fix todos page throwing errors when you have a project pending deletion !4300 - Disable Webhooks before proceeding with the GitHub import !4470 - Fix importer for GitHub comments on diff !4488 - Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user !4498 - Fix incremental trace upload API when using multi-byte UTF-8 chars in trace !4541 - Prevent unauthorized access for projects build traces - Forbid scripting for wiki files - Only show notes through JSON on confidential issues that the user has access to - Banzai::Filter::UploadLinkFilter use XPath instead CSS expressions - Banzai::Filter::ExternalLinkFilter use XPath instead CSS expressions ## 8.8.4 - Fix LDAP-based login for users with 2FA enabled. !4493 - Added descriptions to notification settings dropdown - Due date can be removed from milestones ## 8.8.3 - Fix 404 page when viewing TODOs that contain milestones or labels in different projects. !4312 - Fixed JS error when trying to remove discussion form. !4303 - Fixed issue with button color when no CI enabled. !4287 - Fixed potential issue with 2 CI status polling events happening. !3869 - Improve design of Pipeline view. !4230 - Fix gitlab importer failing to import new projects due to missing credentials. !4301 - Fix import URL migration not rescuing with the correct Error. !4321 - Fix health check access token changing due to old application settings being used. !4332 - Make authentication service for Container Registry to be compatible with Docker versions before 1.11. !4363 - Add Application Setting to configure Container Registry token expire delay (default 5 min). !4364 - Pass the "Remember me" value to the 2FA token form. !4369 - Fix incorrect links on pipeline page when merge request created from fork. !4376 - Use downcased path to container repository as this is expected path by Docker. !4420 - Fix wiki project clone address error (chujinjin). !4429 - Fix serious performance bug with rendering Markdown with InlineDiffFilter. !4392 - Fix missing number on generated ordered list element. !4437 - Prevent disclosure of notes on confidential issues in search results. ## 8.8.2 - Added remove due date button. !4209 - Fix Error 500 when accessing application settings due to nil disabled OAuth sign-in sources. !4242 - Fix Error 500 in CI charts by gracefully handling commits with no durations. !4245 - Fix table UI on CI builds page. !4249 - Fix backups if registry is disabled. !4263 - Fixed issue with merge button color. !4211 - Fixed issue with enter key selecting wrong option in dropdown. !4210 - When creating a .gitignore file a dropdown with templates will be provided. !4075 - Fix concurrent request when updating build log in browser. !4183 ## 8.8.1 - Add documentation for the "Health Check" feature - Allow anonymous users to access a public project's pipelines !4233 - Fix MySQL compatibility in zero downtime migrations helpers - Fix the CI login to Container Registry (the gitlab-ci-token user) ## 8.8.0 (2016-05-22) - Implement GFM references for milestones (Alejandro Rodríguez) - Snippets tab under user profile. !4001 (Long Nguyen) - Fix error when using link to uploads in global snippets - Fix Error 500 when attempting to retrieve project license when HEAD points to non-existent ref - Assign labels and milestone to target project when moving issue. !3934 (Long Nguyen) - Use a case-insensitive comparison in sanitizing URI schemes - Toggle sign-up confirmation emails in application settings - Make it possible to prevent tagged runner from picking untagged jobs - Added `InlineDiffFilter` to the markdown parser. (Adam Butler) - Added inline diff styling for `change_title` system notes. (Adam Butler) - Project#open_branches has been cleaned up and no longer loads entire records into memory. - Escape HTML in commit titles in system note messages - Improve design of Pipeline View - Fix scope used when accessing container registry - Fix creation of Ci::Commit object which can lead to pending, failed in some scenarios - Improve multiple branch push performance by memoizing permission checking - Log to application.log when an admin starts and stops impersonating a user - Changing the confidentiality of an issue now creates a new system note (Alex Moore-Niemi) - Updated gitlab_git to 10.1.0 - GitAccess#protected_tag? no longer loads all tags just to check if a single one exists - Reduce delay in destroying a project from 1-minute to immediately - Make build status canceled if any of the jobs was canceled and none failed - Upgrade Sidekiq to 4.1.2 - Added /health_check endpoint for checking service status - Make 'upcoming' filter for milestones work better across projects - Sanitize repo paths in new project error message - Bump mail_room to 0.7.0 to fix stuck IDLE connections - Remove future dates from contribution calendar graph. - Support e-mail notifications for comments on project snippets - Fix API leak of notes of unauthorized issues, snippets and merge requests - Use ActionDispatch Remote IP for Akismet checking - Fix error when visiting commit builds page before build was updated - Add 'l' shortcut to open Label dropdown on issuables and 'i' to create new issue on a project - Update SVG sanitizer to conform to SVG 1.1 - Speed up push emails with multiple recipients by only generating the email once - Updated search UI - Added authentication service for Container Registry - Display informative message when new milestone is created - Sanitize milestones and labels titles - Support multi-line tag messages. !3833 (Calin Seciu) - Force users to reset their password after an admin changes it - Allow "NEWS" and "CHANGES" as alternative names for CHANGELOG. !3768 (Connor Shea) - Added button to toggle whitespaces changes on diff view - Backport GitHub Enterprise import support from EE - Create tags using Rugged for performance reasons. !3745 - Allow guests to set notification level in projects - API: Expose Issue#user_notes_count. !3126 (Anton Popov) - Don't show forks button when user can't view forks - Fix atom feed links and rendering - Files over 5MB can only be viewed in their raw form, files over 1MB without highlighting !3718 - Add support for supressing text diffs using .gitattributes on the default branch (Matt Oakes) - Add eager load paths to help prevent dependency load issues in Sidekiq workers. !3724 - Added multiple colors for labels in dropdowns when dups happen. - Show commits in the same order as `git log` - Improve description for the Two-factor Authentication sign-in screen. (Connor Shea) - API support for the 'since' and 'until' operators on commit requests (Paco Guzman) - Fix Gravatar hint in user profile when Gravatar is disabled. !3988 (Artem Sidorenko) - Expire repository exists? and has_visible_content? caches after a push if necessary - Fix unintentional filtering bug in Issue/MR sorted by milestone due (Takuya Noguchi) - Fix adding a todo for private group members (Ahmad Sherif) - Bump ace-rails-ap gem version from 2.0.1 to 4.0.2 which upgrades Ace Editor from 1.1.2 to 1.2.3 - Total method execution timings are no longer tracked - Allow Admins to remove the Login with buttons for OAuth services and still be able to import !4034. (Andrei Gliga) - Add API endpoints for un/subscribing from/to a label. !4051 (Ahmad Sherif) - Hide left sidebar on phone screens to give more space for content - Redesign navigation for profile and group pages - Add counter metrics for rails cache - Import pull requests from GitHub where the source or target branches were removed - All Grape API helpers are now instrumented - Improve Issue formatting for the Slack Service (Jeroen van Baarsen) - Fixed advice on invalid permissions on upload path !2948 (Ludovic Perrine) - Allows MR authors to have the source branch removed when merging the MR. !2801 (Jeroen Jacobs) - When creating a .gitignore file a dropdown with templates will be provided - Shows the issue/MR list search/filter form and corrects the mobile styling for guest users. #17562 ## 8.7.9 - Fix privilege escalation issue with OAuth external users. - Ensure references to private repos aren't shown to logged-out users. ## 8.7.8 - Fix visibility of snippets when searching. - Update omniauth-saml to 1.6.0 !4951 ## 8.7.7 - Fix import by `Any Git URL` broken if the URL contains a space - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files - Only show notes through JSON on confidential issues that the user has access to ## 8.7.6 - Fix links on wiki pages for relative url setups. !4131 (Artem Sidorenko) - Fix import from GitLab.com to a private instance failure. !4181 - Fix external imports not finding the import data. !4106 - Fix notification delay when changing status of an issue - Bump Workhorse to 0.7.5 so it can serve raw diffs ## 8.7.5 - Fix relative links in wiki pages. !4050 - Fix always showing build notification message when switching between merge requests !4086 - Fix an issue when filtering merge requests with more than one label. !3886 - Fix short note for the default scope on build page (Takuya Noguchi) ## 8.7.4 - Links for Redmine issue references are generated correctly again !4048 (Benedikt Huss) - Fix setting trusted proxies !3970 - Fix BitBucket importer bug when throwing exceptions !3941 - Use sign out path only if not empty !3989 - Running rake gitlab:db:drop_tables now drops tables with cascade !4020 - Running rake gitlab:db:drop_tables uses "IF EXISTS" as a precaution !4100 - Use a case-insensitive comparison in sanitizing URI schemes ## 8.7.3 - Emails, Gitlab::Email::Message, Gitlab::Diff, and Premailer::Adapter::Nokogiri are now instrumented - Merge request widget displays TeamCity build state and code coverage correctly again. - Fix the line code when importing PR review comments from GitHub. !4010 - Wikis are now initialized on legacy projects when checking repositories - Remove animate.css in favor of a smaller subset of animations. !3937 (Connor Shea) ## 8.7.2 - The "New Branch" button is now loaded asynchronously - Fix error 500 when trying to create a wiki page - Updated spacing between notification label and button - Label titles in filters are now escaped properly ## 8.7.1 - Throttle the update of `project.last_activity_at` to 1 minute. !3848 - Fix .gitlab-ci.yml parsing issue when hidde job is a template without script definition. !3849 - Fix license detection to detect all license files, not only known licenses. !3878 - Use the `can?` helper instead of `current_user.can?`. !3882 - Prevent users from deleting Webhooks via API they do not own - Fix Error 500 due to stale cache when projects are renamed or transferred - Update width of search box to fix Safari bug. !3900 (Jedidiah) - Use the `can?` helper instead of `current_user.can?` ## 8.7.0 (2016-04-22) - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented - Fix vulnerability that made it possible to gain access to private labels and milestones - The number of InfluxDB points stored per UDP packet can now be configured - Fix error when cross-project label reference used with non-existent project - Transactions for /internal/allowed now have an "action" tag set - Method instrumentation now uses Module#prepend instead of aliasing methods - Repository.clean_old_archives is now instrumented - Add support for environment variables on a job level in CI configuration file - SQL query counts are now tracked per transaction - The Projects::HousekeepingService class has extra instrumentation - All service classes (those residing in app/services) are now instrumented - Developers can now add custom tags to transactions - Loading of an issue's referenced merge requests and related branches is now done asynchronously - Enable gzip for assets, makes the page size significantly smaller. !3544 / !3632 (Connor Shea) - Add support to cherry-pick any commit into any branch in the web interface (Minqi Pan) - Project switcher uses new dropdown styling - Load award emoji images separately unless opening the full picker. Saves several hundred KBs of data for most pages. (Connor Shea) - Do not include award_emojis in issue and merge_request comment_count !3610 (Lucas Charles) - Restrict user profiles when public visibility level is restricted. - Add ability set due date to issues, sort and filter issues by due date (Mehmet Beydogan) - All images in discussions and wikis now link to their source files !3464 (Connor Shea). - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu) - Add setting for customizing the list of trusted proxies !3524 - Allow projects to be transfered to a lower visibility level group - Fix `signed_in_ip` being set to 127.0.0.1 when using a reverse proxy !3524 - Improved Markdown rendering performance !3389 - Make shared runners text in box configurable - Don't attempt to look up an avatar in repo if repo directory does not exist (Stan Hu) - API: Ability to subscribe and unsubscribe from issues and merge requests (Robert Schilling) - Expose project badges in project settings - Make /profile/keys/new redirect to /profile/keys for back-compat. !3717 - Preserve time notes/comments have been updated at when moving issue - Make HTTP(s) label consistent on clone bar (Stan Hu) - Add support for `after_script`, requires Runner 1.2 (Kamil Trzciński) - Expose label description in API (Mariusz Jachimowicz) - API: Ability to update a group (Robert Schilling) - API: Ability to move issues (Robert Schilling) - Fix Error 500 after renaming a project path (Stan Hu) - Fix a bug whith trailing slash in teamcity_url (Charles May) - Allow back dating on issues when created or updated through the API - Allow back dating on issue notes when created through the API - Propose license template when creating a new LICENSE file - API: Expose /licenses and /licenses/:key - Fix avatar stretching by providing a cropping feature - API: Expose `subscribed` for issues and merge requests (Robert Schilling) - Allow SAML to handle external users based on user's information !3530 - Allow Omniauth providers to be marked as `external` !3657 - Add endpoints to archive or unarchive a project !3372 - Fix a bug whith trailing slash in bamboo_url - Add links to CI setup documentation from project settings and builds pages - Display project members page to all members - Handle nil descriptions in Slack issue messages (Stan Hu) - Add automated repository integrity checks (OFF by default) - API: Expose open_issues_count, closed_issues_count, open_merge_requests_count for labels (Robert Schilling) - API: Ability to star and unstar a project (Robert Schilling) - Add default scope to projects to exclude projects pending deletion - Allow to close merge requests which source projects(forks) are deleted. - Ensure empty recipients are rejected in BuildsEmailService - Use rugged to change HEAD in Project#change_head (P.S.V.R) - API: Ability to filter milestones by state `active` and `closed` (Robert Schilling) - API: Fix milestone filtering by `iid` (Robert Schilling) - Make before_script and after_script overridable on per-job (Kamil Trzciński) - API: Delete notes of issues, snippets, and merge requests (Robert Schilling) - Implement 'Groups View' as an option for dashboard preferences !3379 (Elias W.) - Better errors handling when creating milestones inside groups - Fix high CPU usage when PostReceive receives refs/merge-requests/ - Hide `Create a group` help block when creating a new project in a group - Implement 'TODOs View' as an option for dashboard preferences !3379 (Elias W.) - Allow issues and merge requests to be assigned to the author !2765 - Make Ci::Commit to group only similar builds and make it stateful (ref, tag) - Gracefully handle notes on deleted commits in merge requests (Stan Hu) - Decouple membership and notifications - Fix creation of merge requests for orphaned branches (Stan Hu) - API: Ability to retrieve a single tag (Robert Schilling) - While signing up, don't persist the user password across form redisplays - Fall back to `In-Reply-To` and `References` headers when sub-addressing is not available (David Padilla) - Remove "Congratulations!" tweet button on newly-created project. (Connor Shea) - Fix admin/projects when using visibility levels on search (PotHix) - Build status notifications - Update email confirmation interface - API: Expose user location (Robert Schilling) - API: Do not leak group existence via return code (Robert Schilling) - ClosingIssueExtractor regex now also works with colons. e.g. "Fixes: #1234" !3591 - Update number of Todos in the sidebar when it's marked as "Done". !3600 - Sanitize branch names created for confidential issues - API: Expose 'updated_at' for issue, snippet, and merge request notes (Robert Schilling) - API: User can leave a project through the API when not master or owner. !3613 - Fix repository cache invalidation issue when project is recreated with an empty repo (Stan Hu) - Fix: Allow empty recipients list for builds emails service when pushed is added (Frank Groeneveld) - Improved markdown forms - Diff design updates (colors, button styles, etc) - Copying and pasting a diff no longer pastes the line numbers or +/- - Add null check to formData when updating profile content to fix Firefox bug - Disable spellcheck and autocorrect for username field in admin page - Delete tags using Rugged for performance reasons (Robert Schilling) - Add Slack notifications when Wiki is edited (Sebastian Klier) - Diffs load at the correct point when linking from from number - Selected diff rows highlight - Fix emoji categories in the emoji picker - API: Properly display annotated tags for GET /projects/:id/repository/tags (Robert Schilling) - Add encrypted credentials for imported projects and migrate old ones - Properly format all merge request references with ! rather than # !3740 (Ben Bodenmiller) - Author and participants are displayed first on users autocompletion - Show number sign on external issue reference text (Florent Baldino) - Updated print style for issues - Use GitHub Issue/PR number as iid to keep references - Import GitHub labels - Add option to filter by "Owned projects" on dashboard page - Import GitHub milestones - Execute system web hooks on push to the project - Allow enable/disable push events for system hooks - Fix GitHub project's link in the import page when provider has a custom URL - Add RAW build trace output and button on build page - Add incremental build trace update into CI API ## 8.6.9 - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files - Only show notes through JSON on confidential issues that the user has access to ## 8.6.8 - Prevent privilege escalation via "impersonate" feature - Prevent privilege escalation via notes API - Prevent privilege escalation via project webhook API - Prevent XSS via Git branch and tag names - Prevent XSS via custom issue tracker URL - Prevent XSS via `window.opener` - Prevent XSS via label drop-down - Prevent information disclosure via milestone API - Prevent information disclosure via snippet API - Prevent information disclosure via project labels - Prevent information disclosure via new merge request page ## 8.6.7 - Fix persistent XSS vulnerability in `commit_person_link` helper - Fix persistent XSS vulnerability in Label and Milestone dropdowns - Fix vulnerability that made it possible to enumerate private projects belonging to group ## 8.6.6 - Expire the exists cache before deletion to ensure project dir actually exists (Stan Hu). !3413 - Fix error on language detection when repository has no HEAD (e.g., master branch) (Jeroen Bobbeldijk). !3654 - Fix revoking of authorized OAuth applications (Connor Shea). !3690 - Fix error on language detection when repository has no HEAD (e.g., master branch). !3654 (Jeroen Bobbeldijk) - Issuable header is consistent between issues and merge requests - Improved spacing in issuable header on mobile ## 8.6.5 - Fix importing from GitHub Enterprise. !3529 - Perform the language detection after updating merge requests in `GitPushService`, leading to faster visual feedback for the end-user. !3533 - Check permissions when user attempts to import members from another project. !3535 - Only update repository language if it is not set to improve performance. !3556 - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu). !3583 - Unblock user when active_directory is disabled and it can be found !3550 - Fix a 2FA authentication spoofing vulnerability. ## 8.6.4 - Don't attempt to fetch any tags from a forked repo (Stan Hu) - Redesign the Labels page ## 8.6.3 - Mentions on confidential issues doesn't create todos for non-members. !3374 - Destroy related todos when an Issue/MR is deleted. !3376 - Fix error 500 when target is nil on todo list. !3376 - Fix copying uploads when moving issue to another project. !3382 - Ensuring Merge Request API returns boolean values for work_in_progress (Abhi Rao). !3432 - Fix raw/rendered diff producing different results on merge requests. !3450 - Fix commit comment alignment (Stan Hu). !3466 - Fix Error 500 when searching for a comment in a project snippet. !3468 - Allow temporary email as notification email. !3477 - Fix issue with dropdowns not selecting values. !3478 - Update gitlab-shell version and doc to 2.6.12. gitlab-org/gitlab-ee!280 ## 8.6.2 - Fix dropdown alignment. !3298 - Fix issuable sidebar overlaps on tablet. !3299 - Make dropdowns pixel perfect. !3337 - Fix order of steps to prevent PostgreSQL errors when running migration. !3355 - Fix bold text in issuable sidebar. !3358 - Fix error with anonymous token in applications settings. !3362 - Fix the milestone 'upcoming' filter. !3364 + !3368 - Fix comments on confidential issues showing up in activity feed to non-members. !3375 - Fix `NoMethodError` when visiting CI root path at `/ci`. !3377 - Add a tooltip to new branch button in issue page. !3380 - Fix an issue hiding the password form when signed-in with a linked account. !3381 - Add links to CI setup documentation from project settings and builds pages. !3384 - Fix an issue with width of project select dropdown. !3386 - Remove redundant `require`s from Banzai files. !3391 - Fix error 500 with cancel button on issuable edit form. !3392 + !3417 - Fix background when editing a highlighted note. !3423 - Remove tabstop from the WIP toggle links. !3426 - Ensure private project snippets are not viewable by unauthorized people. - Gracefully handle notes on deleted commits in merge requests (Stan Hu). !3402 - Fixed issue with notification settings not saving. !3452 ## 8.6.1 - Add option to reload the schema before restoring a database backup. !2807 - Display navigation controls on mobile. !3214 - Fixed bug where participants would not work correctly on merge requests. !3329 - Fix sorting issues by votes on the groups issues page results in SQL errors. !3333 - Restrict notifications for confidential issues. !3334 - Do not allow to move issue if it has not been persisted. !3340 - Add a confirmation step before deleting an issuable. !3341 - Fixes issue with signin button overflowing on mobile. !3342 - Auto collapses the navigation sidebar when resizing. !3343 - Fix build dependencies, when the dependency is a string. !3344 - Shows error messages when trying to create label in dropdown menu. !3345 - Fixes issue with assign milestone not loading milestone list. !3346 - Fix an issue causing the Dashboard/Milestones page to be blank. !3348 ## 8.6.0 (2016-03-22) - Add ability to move issue to another project - Prevent tokens in the import URL to be showed by the UI - Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu) - Add confidential issues - Bump gitlab_git to 9.0.3 (Stan Hu) - Fix diff image view modes (2-up, swipe, onion skin) not working (Stan Hu) - Support Golang subpackage fetching (Stan Hu) - Bump Capybara gem to 2.6.2 (Stan Hu) - New branch button appears on issues where applicable - Contributions to forked projects are included in calendar - Improve the formatting for the user page bio (Connor Shea) - Easily (un)mark merge request as WIP using link - Use specialized system notes when MR is (un)marked as WIP - Removed the default password from the initial admin account created during setup. A password can be provided during setup (see installation docs), or GitLab will ask the user to create a new one upon first visit. - Fix issue when pushing to projects ending in .wiki - Properly display YAML front matter in Markdown - Add support for wiki with UTF-8 page names (Hiroyuki Sato) - Fix wiki search results point to raw source (Hiroyuki Sato) - Don't load all of GitLab in mail_room - Add information about `image` and `services` field at `job` level in the `.gitlab-ci.yml` documentation (Pat Turner) - HTTP error pages work independently from location and config (Artem Sidorenko) - Update `omniauth-saml` to 1.5.0 to allow for custom response attributes to be set - Memoize @group in Admin::GroupsController (Yatish Mehta) - Indicate how much an MR diverged from the target branch (Pierre de La Morinerie) - Added omniauth-auth0 Gem (Daniel Carraro) - Add label description in tooltip to labels in issue index and sidebar - Strip leading and trailing spaces in URL validator (evuez) - Add "last_sign_in_at" and "confirmed_at" to GET /users/* API endpoints for admins (evuez) - Return empty array instead of 404 when commit has no statuses in commit status API - Decrease the font size and the padding of the `.anchor` icons used in the README (Roberto Dip) - Rewrite logo to simplify SVG code (Sean Lang) - Allow to use YAML anchors when parsing the `.gitlab-ci.yml` (Pascal Bach) - Ignore jobs that start with `.` (hidden jobs) - Hide builds from project's settings when the feature is disabled - Allow to pass name of created artifacts archive in `.gitlab-ci.yml` - Refactor and greatly improve search performance - Add support for cross-project label references - Ensure "new SSH key" email do not ends up as dead Sidekiq jobs - Update documentation to reflect Guest role not being enforced on internal projects - Allow search for logged out users - Allow to define on which builds the current one depends on - Allow user subscription to a label: get notified for issues/merge requests related to that label (Timothy Andrew) - Fix bug where Bitbucket `closed` issues were imported as `opened` (Iuri de Silvio) - Don't show Issues/MRs from archived projects in Groups view - Fix wrong "iid of max iid" in Issuable sidebar for some merged MRs - Fix empty source_sha on Merge Request when there is no diff (Pierre de La Morinerie) - Increase the notes polling timeout over time (Roberto Dip) - Add shortcut to toggle markdown preview (Florent Baldino) - Show labels in dashboard and group milestone views - Fix an issue when the target branch of a MR had been deleted - Add main language of a project in the list of projects (Tiago Botelho) - Add #upcoming filter to Milestone filter (Tiago Botelho) - Add ability to show archived projects on dashboard, explore and group pages - Remove fork link closes all merge requests opened on source project (Florent Baldino) - Move group activity to separate page - Create external users which are excluded of internal and private projects unless access was explicitly granted - Continue parameters are checked to ensure redirection goes to the same instance - User deletion is now done in the background so the request can not time out - Canceled builds are now ignored in compound build status if marked as `allowed to fail` - Trigger a todo for mentions on commits page - Let project owners and admins soft delete issues and merge requests ## 8.5.13 - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files ## 8.5.12 - Prevent privilege escalation via "impersonate" feature - Prevent privilege escalation via notes API - Prevent privilege escalation via project webhook API - Prevent XSS via Git branch and tag names - Prevent XSS via custom issue tracker URL - Prevent XSS via `window.opener` - Prevent information disclosure via snippet API - Prevent information disclosure via project labels - Prevent information disclosure via new merge request page ## 8.5.11 - Fix persistent XSS vulnerability in `commit_person_link` helper ## 8.5.10 - Fix a 2FA authentication spoofing vulnerability. ## 8.5.9 - Don't attempt to fetch any tags from a forked repo (Stan Hu). ## 8.5.8 - Bump Git version requirement to 2.7.4 ## 8.5.7 - Bump Git version requirement to 2.7.3 ## 8.5.6 - Obtain a lease before querying LDAP ## 8.5.5 - Ensure removing a project removes associated Todo entries - Prevent a 500 error in Todos when author was removed - Fix pagination for filtered dashboard and explore pages - Fix "Show all" link behavior ## 8.5.4 - Do not cache requests for badges (including builds badge) ## 8.5.3 - Flush repository caches before renaming projects - Sort starred projects on dashboard based on last activity by default - Show commit message in JIRA mention comment - Makes issue page and merge request page usable on mobile browsers. - Improved UI for profile settings ## 8.5.2 - Fix sidebar overlapping content when screen width was below 1200px - Don't repeat labels listed on Labels tab - Bring the "branded appearance" feature from EE to CE - Fix error 500 when commenting on a commit - Show days remaining instead of elapsed time for Milestone - Fix broken icons on installations with relative URL (Artem Sidorenko) - Fix issue where tag list wasn't refreshed after deleting a tag - Fix import from gitlab.com (KazSawada) - Improve implementation to check read access to forks and add pagination - Don't show any "2FA required" message if it's not actually required - Fix help keyboard shortcut on relative URL setups (Artem Sidorenko) - Update Rails to 4.2.5.2 - Fix permissions for deprecated CI build status badge - Don't show "Welcome to GitLab" when the search didn't return any projects - Add Todos documentation ## 8.5.1 - Fix group projects styles - Show Crowd login tab when sign in is disabled and Crowd is enabled (Peter Hudec) - Fix a set of small UI glitches in project, profile, and wiki pages - Restrict permissions on public/uploads - Fix the merge request side-by-side view after loading diff results - Fix the look of tooltip for the "Revert" button - Add when the Builds & Runners API changes got introduced - Fix error 500 on some merged merge requests - Fix an issue causing the content of the issuable sidebar to disappear - Fix error 500 when trying to mark an already done todo as "done" - Fix an issue where MRs weren't sortable - Issues can now be dragged & dropped into empty milestone lists. This is also possible with MRs - Changed padding & background color for highlighted notes - Re-add the newrelic_rpm gem which was removed without any deprecation or warning (Stan Hu) - Update sentry-raven gem to 0.15.6 - Add build coverage in project's builds page (Steffen Köhler) - Changed # to ! for merge requests in activity view ## 8.5.0 (2016-02-22) - Fix duplicate "me" in tooltip of the "thumbsup" awards Emoji (Stan Hu) - Cache various Repository methods to improve performance - Fix duplicated branch creation/deletion Webhooks/service notifications when using Web UI (Stan Hu) - Ensure rake tasks that don't need a DB connection can be run without one - Update New Relic gem to 3.14.1.311 (Stan Hu) - Add "visibility" flag to GET /projects api endpoint - Add an option to supply root email through an environmental variable (Koichiro Mikami) - Ignore binary files in code search to prevent Error 500 (Stan Hu) - Render sanitized SVG images (Stan Hu) - Support download access by PRIVATE-TOKEN header (Stan Hu) - Upgrade gitlab_git to 7.2.23 to fix commit message mentions in first branch push - Add option to include the sender name in body of Notify email (Jason Lee) - New UI for pagination - Don't prevent sign out when 2FA enforcement is enabled and user hasn't yet set it up - API: Added "merge_requests/:merge_request_id/closes_issues" (Gal Schlezinger) - Fix diff comments loaded by AJAX to load comment with diff in discussion tab - Fix relative links in other markup formats (Ben Boeckel) - Whitelist raw "abbr" elements when parsing Markdown (Benedict Etzel) - Fix label links for a merge request pointing to issues list - Don't vendor minified JS - Increase project import timeout to 15 minutes - Be more permissive with email address validation: it only has to contain a single '@' - Display 404 error on group not found - Track project import failure - Support Two-factor Authentication for LDAP users - Display database type and version in Administration dashboard - Allow limited Markdown in Broadcast Messages - Fix visibility level text in admin area (Zeger-Jan van de Weg) - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg) - Update the ExternalIssue regex pattern (Blake Hitchcock) - Remember user's inline/side-by-side diff view preference in a cookie (Kirill Katsnelson) - Optimized performance of finding issues to be closed by a merge request - Add `avatar_url`, `description`, `git_ssh_url`, `git_http_url`, `path_with_namespace` and `default_branch` in `project` in push, issue, merge-request and note webhooks data (Kirill Zaitsev) - Deprecate the `ssh_url` in favor of `git_ssh_url` and `http_url` in favor of `git_http_url` in `project` for push, issue, merge-request and note webhooks data (Kirill Zaitsev) - Deprecate the `repository` key in push, issue, merge-request and note webhooks data, use `project` instead (Kirill Zaitsev) - API: Expose MergeRequest#merge_status (Andrei Dziahel) - Revert "Add IP check against DNSBLs at account sign-up" - Actually use the `skip_merges` option in Repository#commits (Tony Chu) - Fix API to keep request parameters in Link header (Michael Potthoff) - Deprecate API "merge_request/:merge_request_id/comments". Use "merge_requests/:merge_request_id/notes" instead - Deprecate API "merge_request/:merge_request_id/...". Use "merge_requests/:merge_request_id/..." instead - Prevent parse error when name of project ends with .atom and prevent path issues - Discover branches for commit statuses ref-less when doing merge when succeeded - Mark inline difference between old and new paths when a file is renamed - Support Akismet spam checking for creation of issues via API (Stan Hu) - API: Allow to set or update a merge-request's milestone (Kirill Skachkov) - Improve UI consistency between projects and groups lists - Add sort dropdown to dashboard projects page - Fixed logo animation on Safari (Roman Rott) - Fix Merge When Succeeded when multiple stages - Hide remove source branch button when the MR is merged but new commits are pushed (Zeger-Jan van de Weg) - In seach autocomplete show only groups and projects you are member of - Don't process cross-reference notes from forks - Fix: init.d script not working on OS X - Faster snippet search - Added API to download build artifacts - Title for milestones should be unique (Zeger-Jan van de Weg) - Validate correctness of maximum attachment size application setting - Replaces "Create merge request" link with one to the "Merge Request" when one exists - Fix CI builds badge, add a new link to builds badge, deprecate the old one - Fix broken link to project in build notification emails - Ability to see and sort on vote count from Issues and MR lists - Fix builds scheduler when first build in stage was allowed to fail - User project limit is reached notice is hidden if the projects limit is zero - Add API support for managing runners and project's runners - Allow SAML users to login with no previous account without having to allow all Omniauth providers to do so. - Allow existing users to auto link their SAML credentials by logging in via SAML - Make it possible to erase a build (trace, artifacts) using UI and API - Ability to revert changes from a Merge Request or Commit - Emoji comment on diffs are not award emoji - Add label description (Nuttanart Pornprasitsakul) - Show label row when filtering issues or merge requests by label (Nuttanart Pornprasitsakul) - Add Todos ## 8.4.11 - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files ## 8.4.10 - Prevent privilege escalation via "impersonate" feature - Prevent privilege escalation via notes API - Prevent privilege escalation via project webhook API - Prevent XSS via Git branch and tag names - Prevent XSS via custom issue tracker URL - Prevent XSS via `window.opener` - Prevent information disclosure via snippet API - Prevent information disclosure via project labels - Prevent information disclosure via new merge request page ## 8.4.9 - Fix persistent XSS vulnerability in `commit_person_link` helper ## 8.4.8 - Fix a 2FA authentication spoofing vulnerability. ## 8.4.7 - Don't attempt to fetch any tags from a forked repo (Stan Hu). ## 8.4.6 - Bump Git version requirement to 2.7.4 ## 8.4.5 - No CE-specific changes ## 8.4.4 - Update omniauth-saml gem to 1.4.2 - Prevent long-running backup tasks from timing out the database connection - Add a Project setting to allow guests to view build logs (defaults to true) - Sort project milestones by due date including issue editor (Oliver Rogers / Orih) ## 8.4.3 - Increase lfs_objects size column to 8-byte integer to allow files larger than 2.1GB - Correctly highlight MR diff when MR has merge conflicts - Fix highlighting in blame view - Update sentry-raven gem to prevent "Not a git repository" console output when running certain commands - Add instrumentation to additional Gitlab::Git and Rugged methods for performance monitoring - Allow autosize textareas to also be manually resized ## 8.4.2 - Bump required gitlab-workhorse version to bring in a fix for missing artifacts in the build artifacts browser - Get rid of those ugly borders on the file tree view - Fix updating the runner information when asking for builds - Bump gitlab_git version to 7.2.24 in order to bring in a performance improvement when checking if a repository was empty - Add instrumentation for Gitlab::Git::Repository instance methods so we can track them in Performance Monitoring. - Increase contrast between highlighted code comments and inline diff marker - Fix method undefined when using external commit status in builds - Fix highlighting in blame view. ## 8.4.1 - Apply security updates for Rails (4.2.5.1), rails-html-sanitizer (1.0.3), and Nokogiri (1.6.7.2) - Fix redirect loop during import - Fix diff highlighting for all syntax themes - Delete project and associations in a background worker ## 8.4.0 (2016-01-22) - Allow LDAP users to change their email if it was not set by the LDAP server - Ensure Gravatar host looks like an actual host - Consider re-assign as a mention from a notification point of view - Add pagination headers to already paginated API resources - Properly generate diff of orphan commits, like the first commit in a repository - Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages - Autocomplete data is now always loaded, instead of when focusing a comment text area - Improved performance of finding issues for an entire group - Added custom application performance measuring system powered by InfluxDB - Add syntax highlighting to diffs - Gracefully handle invalid UTF-8 sequences in Markdown links (Stan Hu) - Bump fog to 1.36.0 (Stan Hu) - Add user's last used IP addresses to admin page (Stan Hu) - Add housekeeping function to project settings page - The default GitLab logo now acts as a loading indicator - Fix caching issue where build status was not updating in project dashboard (Stan Hu) - Accept 2xx status codes for successful Webhook triggers (Stan Hu) - Fix missing date of month in network graph when commits span a month (Stan Hu) - Expire view caches when application settings change (e.g. Gravatar disabled) (Stan Hu) - Don't notify users twice if they are both project watchers and subscribers (Stan Hu) - Remove gray background from layout in UI - Fix signup for OAuth providers that don't provide a name - Implement new UI for group page - Implement search inside emoji picker - Let the CI runner know about builds that this build depends on - Add API support for looking up a user by username (Stan Hu) - Add project permissions to all project API endpoints (Stan Hu) - Link to milestone in "Milestone changed" system note - Only allow group/project members to mention `@all` - Expose Git's version in the admin area (Trey Davis) - Add "Frequently used" category to emoji picker - Add CAS support (tduehr) - Add link to merge request on build detail page - Fix: Problem with projects ending with .keys (Jose Corcuera) - Revert back upvote and downvote button to the issue and MR pages - Swap position of Assignee and Author selector on Issuables (Zeger-Jan van de Weg) - Add system hook messages for project rename and transfer (Steve Norman) - Fix version check image in Safari - Show 'All' tab by default in the builds page - Add Open Graph and Twitter Card data to all pages - Fix API project lookups when querying with a namespace with dots (Stan Hu) - Enable forcing Two-factor authentication sitewide, with optional grace period - Import GitHub Pull Requests into GitLab - Change single user API endpoint to return more detailed data (Michael Potthoff) - Update version check images to use SVG - Validate README format before displaying - Enable Microsoft Azure OAuth2 support (Janis Meybohm) - Properly set task-list class on single item task lists - Add file finder feature in tree view (Kyungchul Shin) - Ajax filter by message for commits page - API: Add support for deleting a tag via the API (Robert Schilling) - Allow subsequent validations in CI Linter - Show referenced MRs & Issues only when the current viewer can access them - Fix Encoding::CompatibilityError bug when markdown content has some complex URL (Jason Lee) - Add API support for managing project's builds - Add API support for managing project's build triggers - Add API support for managing project's build variables - Allow broadcast messages to be edited - Autosize Markdown textareas - Import GitHub wiki into GitLab - Add reporters ability to download and browse build artifacts (Andrew Johnson) - Autofill referring url in message box when reporting user abuse. - Remove leading comma on award emoji when the user is the first to award the emoji (Zeger-Jan van de Weg) - Add build artifacts browser - Improve UX in builds artifacts browser - Increase default size of `data` column in `events` table when using MySQL - Expose button to CI Lint tool on project builds page - Fix: Creator should be added as a master of the project on creation - Added X-GitLab-... headers to emails from CI and Email On Push services (Anton Baklanov) - Add IP check against DNSBLs at account sign-up - Added cache:key to .gitlab-ci.yml allowing to fine tune the caching ## 8.3.10 - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files ## 8.3.9 - Prevent privilege escalation via "impersonate" feature - Prevent privilege escalation via notes API - Prevent privilege escalation via project webhook API - Prevent XSS via custom issue tracker URL - Prevent XSS via `window.opener` - Prevent information disclosure via project labels - Prevent information disclosure via new merge request page ## 8.3.8 - Fix persistent XSS vulnerability in `commit_person_link` helper ## 8.3.7 - Fix a 2FA authentication spoofing vulnerability. ## 8.3.6 - Don't attempt to fetch any tags from a forked repo (Stan Hu). ## 8.3.5 - Bump Git version requirement to 2.7.4 ## 8.3.4 - Use gitlab-workhorse 0.5.4 (fixes API routing bug) ## 8.3.3 - Preserve CE behavior with JIRA integration by only calling API if URL is set - Fix duplicated branch creation/deletion events when using Web UI (Stan Hu) - Add configurable LDAP server query timeout - Get "Merge when build succeeds" to work when commits were pushed to MR target branch while builds were running - Suppress e-mails on failed builds if allow_failure is set (Stan Hu) - Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu) - Better support for referencing and closing issues in Asana service (Mike Wyatt) - Enable "Add key" button when user fills in a proper key (Stan Hu) - Fix error in processing reply-by-email messages (Jason Lee) - Fix Error 500 when visiting build page of project with nil runners_token (Stan Hu) - Use WOFF versions of SourceSansPro fonts - Fix regression when builds were not generated for tags created through web/api interface - Fix: maintain milestone filter between Open and Closed tabs (Greg Smethells) - Fix missing artifacts and build traces for build created before 8.3 ## 8.3.2 - Disable --follow in `git log` to avoid loading duplicate commit data in infinite scroll (Stan Hu) - Add support for Google reCAPTCHA in user registration ## 8.3.1 - Fix Error 500 when global milestones have slashes (Stan Hu) - Fix Error 500 when doing a search in dashboard before visiting any project (Stan Hu) - Fix LDAP identity and user retrieval when special characters are used - Move Sidekiq-cron configuration to gitlab.yml ## 8.3.0 (2015-12-22) - Bump rack-attack to 4.3.1 for security fix (Stan Hu) - API support for starred projects for authorized user (Zeger-Jan van de Weg) - Add open_issues_count to project API (Stan Hu) - Expand character set of usernames created by Omniauth (Corey Hinshaw) - Add button to automatically merge a merge request when the build succeeds (Zeger-Jan van de Weg) - Add unsubscribe link in the email footer (Zeger-Jan van de Weg) - Provide better diagnostic message upon project creation errors (Stan Hu) - Bump devise to 3.5.3 to fix reset token expiring after account creation (Stan Hu) - Remove api credentials from link to build_page - Deprecate GitLabCiService making it to always be inactive - Bump gollum-lib to 4.1.0 (Stan Hu) - Fix broken group avatar upload under "New group" (Stan Hu) - Update project repositorize size and commit count during import:repos task (Stan Hu) - Fix API setting of 'public' attribute to false will make a project private (Stan Hu) - Handle and report SSL errors in Webhook test (Stan Hu) - Bump Redis requirement to 2.8 for Sidekiq 4 (Stan Hu) - Fix: Assignee selector is empty when 'Unassigned' is selected (Jose Corcuera) - WIP identifier on merge requests no longer requires trailing space - Add rake tasks for git repository maintainance (Zeger-Jan van de Weg) - Fix 500 error when update group member permission - Fix: As an admin, cannot add oneself as a member to a group/project - Trim leading and trailing whitespace of milestone and issueable titles (Jose Corcuera) - Recognize issue/MR/snippet/commit links as references - Backport JIRA features from EE to CE - Add ignore whitespace change option to commit view - Fire update hook from GitLab - Allow account unlock via email - Style warning about mentioning many people in a comment - Fix: sort milestones by due date once again (Greg Smethells) - Migrate all CI::Services and CI::WebHooks to Services and WebHooks - Don't show project fork event as "imported" - Add API endpoint to fetch merge request commits list - Don't create CI status for refs that doesn't have .gitlab-ci.yml, even if the builds are enabled - Expose events API with comment information and author info - Fix: Ensure "Remove Source Branch" button is not shown when branch is being deleted. #3583 - Run custom Git hooks when branch is created or deleted. - Fix bug when simultaneously accepting multiple MRs results in MRs that are of "merged" status, but not merged to the target branch - Add languages page to graphs - Block LDAP user when they are no longer found in the LDAP server - Improve wording on project visibility levels (Zeger-Jan van de Weg) - Fix editing notes on a merge request diff - Automatically select default clone protocol based on user preferences (Eirik Lygre) - Make Network page as sub tab of Commits - Add copy-to-clipboard button for Snippets - Add indication to merge request list item that MR cannot be merged automatically - Default target branch to patch-n when editing file in protected branch - Add Builds tab to merge request detail page - Allow milestones, issues and MRs to be created from dashboard and group indexes - Use new style for wiki - Use new style for milestone detail page - Fix sidebar tooltips when collapsed - Prevent possible XSS attack with award-emoji - Upgraded Sidekiq to 4.x - Accept COPYING,COPYING.lesser, and licence as license file (Zeger-Jan van de Weg) - Fix emoji aliases problem - Fix award-emojis Flash alert's width - Fix deleting notes on a merge request diff - Display referenced merge request statuses in the issue description (Greg Smethells) - Implement new sidebar for issue and merge request pages - Emoji picker improvements - Suppress warning about missing `.gitlab-ci.yml` if builds are disabled - Do not show build status unless builds are enabled and `.gitlab-ci.yml` is present - Persist runners registration token in database - Fix online editor should not remove newlines at the end of the file - Expose Git's version in the admin area - Show "New Merge Request" buttons on canonical repos when you have a fork (Josh Frye) ## 8.2.6 - Prevent unauthorized access to other projects build traces - Forbid scripting for wiki files ## 8.2.5 - Prevent privilege escalation via "impersonate" feature - Prevent privilege escalation via notes API - Prevent privilege escalation via project webhook API - Prevent XSS via `window.opener` - Prevent information disclosure via project labels - Prevent information disclosure via new merge request page ## 8.2.4 - Bump Git version requirement to 2.7.4 ## 8.2.3 - Fix application settings cache not expiring after changes (Stan Hu) - Fix Error 500s when creating global milestones with Unicode characters (Stan Hu) - Update documentation for "Guest" permissions - Properly convert Emoji-only comments into Award Emojis - Enable devise paranoid mode to prevent user enumeration attack - Webhook payload has an added, modified and removed properties for each commit - Fix 500 error when creating a merge request that removes a submodule ## 8.2.2 - Fix 404 in redirection after removing a project (Stan Hu) - Ensure cached application settings are refreshed at startup (Stan Hu) - Fix Error 500 when viewing user's personal projects from admin page (Stan Hu) - Fix: Raw private snippets access workflow - Prevent "413 Request entity too large" errors when pushing large files with LFS - Fix invalid links within projects dashboard header - Make current user the first user in assignee dropdown in issues detail page (Stan Hu) - Fix: duplicate email notifications on issue comments ## 8.2.1 - Forcefully update builds that didn't want to update with state machine - Fix: saving GitLabCiService as Admin Template ## 8.2.0 (2015-11-22) - Improved performance of finding projects and groups in various places - Improved performance of rendering user profile pages and Atom feeds - Expose build artifacts path as config option - Fix grouping of contributors by email in graph. - Improved performance of finding issues with/without labels - Fix Drone CI service template not saving properly (Stan Hu) - Fix avatars not showing in Atom feeds and project issues when Gravatar disabled (Stan Hu) - Added a GitLab specific profiling tool called "Sherlock" (see GitLab CE merge request #1749) - Upgrade gitlab_git to 7.2.20 and rugged to 0.23.3 (Stan Hu) - Improved performance of finding users by one of their Email addresses - Add allow_failure field to commit status API (Stan Hu) - Commits without .gitlab-ci.yml are marked as skipped - Save detailed error when YAML syntax is invalid - Since GitLab CI is enabled by default, remove enabling it by pushing .gitlab-ci.yml - Added build artifacts - Improved performance of replacing references in comments - Show last project commit to default branch on project home page - Highlight comment based on anchor in URL - Adds ability to remove the forked relationship from project settings screen. (Han Loong Liauw) - Improved performance of sorting milestone issues - Allow users to select the Files view as default project view (Cristian Bica) - Show "Empty Repository Page" for repository without branches (Artem V. Navrotskiy) - Fix: Inability to reply to code comments in the MR view, if the MR comes from a fork - Use git follow flag for commits page when retrieve history for file or directory - Show merge request CI status on merge requests index page - Send build name and stage in CI notification e-mail - Extend yml syntax for only and except to support specifying repository path - Enable shared runners to all new projects - Bump GitLab-Workhorse to 0.4.1 - Allow to define cache in `.gitlab-ci.yml` - Fix: 500 error returned if destroy request without HTTP referer (Kazuki Shimizu) - Remove deprecated CI events from project settings page - Use issue editor as cross reference comment author when issue is edited with a new mention. - Add graphs of commits ahead and behind default branch (Jeff Stubler) - Improve personal snippet access workflow (Douglas Alexandre) - [API] Add ability to fetch the commit ID of the last commit that actually touched a file - Fix omniauth documentation setting for omnibus configuration (Jon Cairns) - Add "New file" link to dropdown on project page - Include commit logs in project search - Add "added", "modified" and "removed" properties to commit object in webhook - Rename "Back to" links to "Go to" because its not always a case it point to place user come from - Allow groups to appear in the search results if the group owner allows it - Add email notification to former assignee upon unassignment (Adam Lieskovský) - New design for project graphs page - Remove deprecated dumped yaml file generated from previous job definitions - Show specific runners from projects where user is master or owner - MR target branch is now visible on a list view when it is different from project's default one - Improve Continuous Integration graphs page - Make color of "Accept Merge Request" button consistent with current build status - Add ignore white space option in merge request diff and commit and compare view - Ability to add release notes (markdown text and attachments) to git tags (aka Releases) - Relative links from a repositories README.md now link to the default branch - Fix trailing whitespace issue in merge request/issue title - Fix bug when milestone/label filter was empty for dashboard issues page - Add ability to create milestone in group projects from single form - Add option to create merge request when editing/creating a file (Dirceu Tiegs) - Prevent the last owner of a group from being able to delete themselves by 'adding' themselves as a master (James Lopez) - Add Award Emoji to issue and merge request pages ## 8.1.4 - Fix bug where manually merged branches in a MR would end up with an empty diff (Stan Hu) - Prevent redirect loop when home_page_url is set to the root URL - Fix incoming email config defaults - Remove CSS property preventing hard tabs from rendering in Chromium 45 (Stan Hu) ## 8.1.3 - Force update refs/merge-requests/X/head upon a push to the source branch of a merge request (Stan Hu) - Spread out runner contacted_at updates - Use issue editor as cross reference comment author when issue is edited with a new mention - Add Facebook authentication ## 8.1.2 - Fix cloning Wiki repositories via HTTP (Stan Hu) - Add migration to remove satellites directory - Fix specific runners visibility - Fix 500 when editing CI service - Require CI jobs to be named - Fix CSS for runner status - Fix CI badge - Allow developer to manage builds ## 8.1.1 - Removed, see 8.1.2 ## 8.1.0 (2015-10-22) - Ensure MySQL CI limits DB migrations occur after the fields have been created (Stan Hu) - Fix duplicate repositories in GitHub import page (Stan Hu) - Redirect to a default path if HTTP_REFERER is not set (Stan Hu) - Adds ability to create directories using the web editor (Ben Ford) - Cleanup stuck CI builds - Send an email to admin email when a user is reported for spam (Jonathan Rochkind) - Show notifications button when user is member of group rather than project (Grzegorz Bizon) - Fix bug preventing mentioned issued from being closed when MR is merged using fast-forward merge. - Fix nonatomic database update potentially causing project star counts to go negative (Stan Hu) - Don't show "Add README" link in an empty repository if user doesn't have access to push (Stan Hu) - Fix error preventing displaying of commit data for a directory with a leading dot (Stan Hu) - Speed up load times of issue detail pages by roughly 1.5x - Fix CI rendering regressions - If a merge request is to close an issue, show this on the issue page (Zeger-Jan van de Weg) - Add a system note and update relevant merge requests when a branch is deleted or re-added (Stan Hu) - Make diff file view easier to use on mobile screens (Stan Hu) - Improved performance of finding users by username or Email address - Fix bug where merge request comments created by API would not trigger notifications (Stan Hu) - Add support for creating directories from Files page (Stan Hu) - Allow removing of project without confirmation when JavaScript is disabled (Stan Hu) - Support filtering by "Any" milestone or issue and fix "No Milestone" and "No Label" filters (Stan Hu) - Improved performance of the trending projects page - Remove CI migration task - Improved performance of finding projects by their namespace - Add assignee data to Issuables' hook_data (Bram Daams) - Fix bug where transferring a project would result in stale commit links (Stan Hu) - Fix build trace updating - Include full path of source and target branch names in New Merge Request page (Stan Hu) - Add user preference to view activities as default dashboard (Stan Hu) - Add option to admin area to sign in as a specific user (Pavel Forkert) - Show CI status on all pages where commits list is rendered - Automatically enable CI when push .gitlab-ci.yml file to repository - Move CI charts to project graphs area - Fix cases where Markdown did not render links in activity feed (Stan Hu) - Add first and last to pagination (Zeger-Jan van de Weg) - Added Commit Status API - Added Builds View - Added when to .gitlab-ci.yml - Show CI status on commit page - Added CI_BUILD_TAG, _STAGE, _NAME and _TRIGGERED to CI builds - Show CI status on Your projects page and Starred projects page - Remove "Continuous Integration" page from dashboard - Add notes and SSL verification entries to hook APIs (Ben Boeckel) - Fix grammar in admin area "labels" .nothing-here-block when no labels exist. - Move CI runners page to project settings area - Move CI variables page to project settings area - Move CI triggers page to project settings area - Move CI project settings page to CE project settings area - Fix bug when removed file was not appearing in merge request diff - Show warning when build cannot be served by any of the available CI runners - Note the original location of a moved project when notifying users of the move - Improve error message when merging fails - Add support of multibyte characters in LDAP UID (Roman Petrov) - Show additions/deletions stats on merge request diff - Remove footer text in emails (Zeger-Jan van de Weg) - Ensure code blocks are properly highlighted after a note is updated - Fix wrong access level badge on MR comments - Hide password in the service settings form - Move CI webhooks page to project settings area - Fix User Identities API. It now allows you to properly create or update user's identities. - Add user preference to change layout width (Peter Göbel) - Use commit status in merge request widget as preferred source of CI status - Integrate CI commit and build pages into project pages - Move CI services page to project settings area - Add "Quick Submit" behavior to input fields throughout the application. Use Cmd+Enter on Mac and Ctrl+Enter on Windows/Linux. - Fix position of hamburger in header for smaller screens (Han Loong Liauw) - Fix bug where Emojis in Markdown would truncate remaining text (Sakata Sinji) - Persist filters when sorting on admin user page (Jerry Lukins) - Update style of snippets pages (Han Loong Liauw) - Allow dashboard and group issues/MRs to be filtered by label - Add spellcheck=false to certain input fields - Invalidate stored service password if the endpoint URL is changed - Project names are not fully shown if group name is too big, even on group page view - Apply new design for Files page - Add "New Page" button to Wiki Pages tab (Stan Hu) - Only render 404 page from /public - Hide passwords from services API (Alex Lossent) - Fix: Images cannot show when projects' path was changed - Let gitlab-git-http-server generate and serve 'git archive' downloads - Optimize query when filtering on issuables (Zeger-Jan van de Weg) - Fix padding of outdated discussion item. - Animate the logo on hover ## 8.0.5 - Correct lookup-by-email for LDAP logins - Fix loading spinner sometimes not being hidden on Merge Request tab switches ## 8.0.4 - Fix Message-ID header to be RFC 2111-compliant to prevent e-mails being dropped (Stan Hu) - Fix referrals for :back and relative URL installs - Fix anchors to comments in diffs - Remove CI token from build traces - Fix "Assign All" button on Runner admin page - Fix search in Files - Add full project namespace to payload of system webhooks (Ricardo Band) ## 8.0.3 - Fix URL shown in Slack notifications - Fix bug where projects would appear to be stuck in the forked import state (Stan Hu) - Fix Error 500 in creating merge requests with > 1000 diffs (Stan Hu) - Add work_in_progress key to MR webhooks (Ben Boeckel) ## 8.0.2 - Fix default avatar not rendering in network graph (Stan Hu) - Skip check_initd_configured_correctly on omnibus installs - Prevent double-prefixing of help page paths - Clarify confirmation text on user deletion - Make commit graphs responsive to window width changes (Stan Hu) - Fix top margin for sign-in button on public pages - Fix LDAP attribute mapping - Remove git refs used internally by GitLab from network graph (Stan Hu) - Use standard Markdown font in Markdown preview instead of fixed-width font (Stan Hu) - Fix Reply by email for non-UTF-8 messages. - Add option to use StartTLS with Reply by email IMAP server. - Allow AWS S3 Server-Side Encryption with Amazon S3-Managed Keys for backups (Paul Beattie) ## 8.0.1 - Improve CI migration procedure and documentation ## 8.0.0 (2015-09-22) - Fix Markdown links not showing up in dashboard activity feed (Stan Hu) - Remove milestones from merge requests when milestones are deleted (Stan Hu) - Fix HTML link that was improperly escaped in new user e-mail (Stan Hu) - Fix broken sort in merge request API (Stan Hu) - Bump rouge to 1.10.1 to remove warning noise and fix other syntax highlighting bugs (Stan Hu) - Gracefully handle errors in syntax highlighting by leaving the block unformatted (Stan Hu) - Add "replace" and "upload" functionalities to allow user replace existing file and upload new file into current repository - Fix URL construction for merge requests, issues, notes, and commits for relative URL config (Stan Hu) - Fix emoji URLs in Markdown when relative_url_root is used (Stan Hu) - Omit filename in Content-Disposition header in raw file download to avoid RFC 6266 encoding issues (Stan HU) - Fix broken Wiki Page History (Stan Hu) - Import forked repositories asynchronously to prevent large repositories from timing out (Stan Hu) - Prevent anchors from being hidden by header (Stan Hu) - Fix bug where only the first 15 Bitbucket issues would be imported (Stan Hu) - Sort issues by creation date in Bitbucket importer (Stan Hu) - Prevent too many redirects upon login when home page URL is set to external_url (Stan Hu) - Improve dropdown positioning on the project home page (Hannes Rosenögger) - Upgrade browser gem to 1.0.0 to avoid warning in IE11 compatibilty mode (Stan Hu) - Remove user OAuth tokens from the database and request new tokens each session (Stan Hu) - Restrict users API endpoints to use integer IDs (Stan Hu) - Only show recent push event if the branch still exists or a recent merge request has not been created (Stan Hu) - Remove satellites - Better performance for web editor (switched from satellites to rugged) - Faster merge - Ability to fetch merge requests from refs/merge-requests/:id - Allow displaying of archived projects in the admin interface (Artem Sidorenko) - Allow configuration of import sources for new projects (Artem Sidorenko) - Search for comments should be case insensetive - Create cross-reference for closing references on commits pushed to non-default branches (Maël Valais) - Ability to search milestones - Gracefully handle SMTP user input errors (e.g. incorrect email addresses) to prevent Sidekiq retries (Stan Hu) - Move dashboard activity to separate page (for your projects and starred projects) - Improve performance of git blame - Limit content width to 1200px for most of pages to improve readability on big screens - Fix 500 error when submit project snippet without body - Improve search page usability - Bring more UI consistency in way how projects, snippets and groups lists are rendered - Make all profiles and group public - Fixed login failure when extern_uid changes (Joel Koglin) - Don't notify users without access to the project when they are (accidentally) mentioned in a note. - Retrieving oauth token with LDAP credentials - Load Application settings from running database unless env var USE_DB=false - Added Drone CI integration (Kirill Zaitsev) - Allow developers to retry builds - Hide advanced project options for non-admin users - Fail builds if no .gitlab-ci.yml is found - Refactored service API and added automatically service docs generator (Kirill Zaitsev) - Added web_url key project hook_attrs (Kirill Zaitsev) - Add ability to get user information by ID of an SSH key via the API - Fix bug which IE cannot show image at markdown when the image is raw file of gitlab - Add support for Crowd - Global Labels that are available to all projects - Fix highlighting of deleted lines in diffs. - Project notification level can be set on the project page itself - Added service API endpoint to retrieve service parameters (Petheő Bence) - Add FogBugz project import (Jared Szechy) - Sort users autocomplete lists by user (Allister Antosik) - Webhook for issue now contains repository field (Jungkook Park) - Add ability to add custom text to the help page (Jeroen van Baarsen) - Add pg_schema to backup config - Fix references to target project issues in Merge Requests markdown preview and textareas (Francesco Levorato) - Redirect from incorrectly cased group or project path to correct one (Francesco Levorato) - Removed API calls from CE to CI ## 7.14.3 through 0.8.0 - See [changelogs/archive.md](changelogs/archive.md)