v14.20.0 - Configure a default ttl for personal access tokens !736 v14.19.0 - Bump go to 1.19.9 !730 - Update golang-crypto fork version !729 - Add build-package-and-qa job !728 - refactor: success api on acceptance tests !727 - Make the boringcrypto check POSIX shell compliant !725 - Fix CGO_CFLAGS to use output from `brew --prefix` !724 - Acceptance test for Geo Push !719 - Configure Gitaly storage acceptance tests !723 - Prepare for Go 1.19 FIPS support !721 - Make golang 1.19 the default !718 v14.18.0 - Perform HTTP request to primary on Geo push !716 - sshd: exclude gssapi when building without cgo !720 - Add DNS discovery support for Gitaly/Praefect !717 - Add bin/gitlab-sshd as an explicit Makefile target !714 v14.17.0 - Bump golang to 1.18.9 !712 v14.16.0 - feat: make retryable http default client !710 - Add support for the gssapi-with-mic auth method !682 - docs: Truncate pages, point users to GitLab repo !705 v14.15.0 - Incorporate older edits to README !696 - Upgrade to Ruby 3.x !706 - feat: retry on http error !703 v14.14.0 - Add developer documentation to sshd package !683 - Improve error message for Gitaly `LimitError`s !691 - Drop 1.16 compatibility in go.sum !692 - Bump x/text to 0.3.8 !692 - Update prometheus package to 1.13.1 !692 - Restrict IP access for PROXY protocol !693 - Fix broken Gitaly integration tests !694 - Clean up .gitlab-ci.yml file !695 - Use the images provided by Gitlab to run tests !698 - Use Ruby 2.7.7 as the default !699 - Use blocking reader to fix race in test !700 v14.13.0 - Update .tool-versions to Go 1.18.7 !688 - Remove secret from request headers !689 v14.12.0 - Trim secret before signing JWT tokens !686 - Bump .tool-versions to use Go 1.18.6 !685 - Update Gitaly to 15.4.0-rc2 !681 - Test against Golang v1.19 !680 v14.11.0 - Update Gitaly to v15 !676 - Fixed extra slashes in API request paths generated for geo !673 v14.10.0 - Implement Push Auth support for 2FA verification !454 v14.9.0 - Update LabKit library to v1.16.0 !668 v14.8.0 - go: Bump major version to v14 !666 - Pass original IP from PROXY requests to internal API calls !665 - Fix make install copying the wrong binaries !664 - gitlab-sshd: Add support for configuring host certificates !661 v14.7.4 - gitlab-sshd: Update crypto module to fix RSA keys with old gpg-agent !662 v14.7.3 - Ignore "not our ref" errors from gitlab-sshd error metrics !656 v14.7.2 - Exclude disallowed command from error rate !654 v14.7.1 - Log gitlab-sshd session level indicator errors !650 - Improve establish session duration metrics !651 v14.7.0 - Abort long-running unauthenticated SSH connections !647 - Close the connection when context is canceled !646 v14.6.1 - Return support for diffie-hellman-group14-sha1 !644 v14.6.0 - Exclude Gitaly unavailable error from error rate !641 - Downgrade auth EOF messages from warning to debug !641 - Display constistently in gitlab-sshd and gitlab-shell !641 - Downgrade host key mismatch messages from warning to debug !639 - Introduce a GitLab-SSHD server version during handshake !640 - Narrow supported kex algorithms !638 v14.5.0 - Make ProxyHeaderTimeout configurable !635 v14.4.0 - Allow configuring SSH server algorithms !633 - Update gitlab-org/golang-crypto module version !632 v14.3.1 - Exclude API errors from error rate !630 v14.3.0 - Remove deprecated bundler-audit !626 - Wait until all Gitaly sessions are executed !624 v14.2.0 - Implement ClientKeepAlive option !622 - build: bump go-proxyproto to 0.6.2 !610 v14.1.1 - Log the error that happens on sconn.Wait() !613 v14.1.0 - Make PROXY policy configurable !619 - Exclude authentication errors from apdex !611 - Fix check_ip argument when gitlab-sshd used with PROXY protocol !616 - Use labkit for FIPS check !607 v14.0.0 - Always use Gitaly sidechannel connections !567 v13.26.0 - Add JWT token to GitLab Rails request !596 - Drop go 1.16 support !601 - Remove `self_signed_cert` option !602 v13.25.2 - Revert "Abort long-running unauthenticated SSH connections" !605 - Bump Go to 1.17.9 for asdf users !600 v13.25.1 - Upgrade golang to 1.17.8 !591 - Add additional metrics to gitlab-sshd !593 - Add support for FIPS encryption !597 v13.25.0 - Fix connections duration metrics !588 - ci: start integrating go 1.18 into the CI pipelines !587 - Abort long-running unauthenticated SSH connections !582 v13.24.2 - Bump gitaly client !584 v13.24.1 - Default to info level for an empty log-level !579 - Update Gitaly dependency to v14.9.0-rc1 !578 - Reuse Gitaly connections and sidechannel !575 v13.24.0 - Upgrade golang to 1.17.7 !576 - Add more metrics for gitlab-sshd !574 - Move code guidelines to doc/beginners_guide.md !572 - Add docs for full feature list !571 - Add aqualls as codeowner for docs files !573 v13.23.2 - Bump labkit version to 1.12.0 !569 - Add title and correct copyright notice to license !568 - Bump go-proxyproto package !563 - Update Go to version 1.17.6 !562 v13.23.1 - Replace golang.org/x/crypto with gitlab-org/golang-crypto !560 v13.23.0 - Add support for SSHUploadPackWithSidechannel RPC !557 - Rate limiting documentation !556 v13.22.2 - Update to Ruby 2.7.5 !553 - Deprecate self_signed_cert config setting !552 - Send full git request/response in SSHD tests !550 - Suppress internal errors in client output !549 - Bump .tool_versions to use Go v1.16.12 !548 v13.22.1 - Remove SSL_CERT_DIR logging !546 v13.22.0 - Relax key and username matching for sshd !540 - Add logging to handler/exec.go and config/config.go !539 - Improve logging for non-git commands !538 - Update to Go v1.16.9 !537 - Reject non-proxied connections when proxy protocol is enabled !536 - Log command invocation !535 - Fix logging channel type !534 - Resolve an error-swallowing issue !533 - Add more logging to gitlab-sshd !531 - Respect log-level configuration again !530 - Improve err message given when Gitaly unavailable !526 - makefile: properly escape '$' in VERSION_STRING !525 - Add context fields to logging !524 - Extract server config related code out of sshd.go !523 - Add TestInvalidClientConfig and TestNewServerWithoutHosts for sshd.go !518 - Update Ruby version to 2.7.4 and add Go version 1.16.8 for tooling !517 v13.21.1 - Only validate SSL cert file exists if a value is supplied !527 v13.21.0 - Switch to labkit for logging system setup !504 - Remove some unreliable tests !503 - Make gofmt check fail if there are any matching files !500 - Update go-proxyproto to v0.6.0 !499 - Switch to labkit/log for logging functionality !498 - Unit tests for internal/sshd/connection.go !497 - Prometheus metrics for HTTP requests !496 - Refactor testhelper.PrepareTestRootDir using t.Cleanup !493 - Change default logging format to JSON !476 - Shutdown sshd gracefully !484 - Provide liveness and readiness probes !494 - Add tracing instrumentation to http client !495 - Log same correlation_id on auth keys check of ssh connections !501 - fix: validate client cert paths exist on disk before proceeding !508 - Modify regex to prevent partial matches v13.20.0 - Remove bin/authorized_keys !491 - Add a make install command !490 - Create PROCESS.md page with Security release process !488 - Fix the Geo SSH push proxy hanging !487 - Standardize logging timestamp format !485 v13.19.1 - Modify regex to prevent partial matches v13.19.0 - Don't finish the opentracing span early !466 - gitlab-sshd: Respect the ssl_cert_dir config !467 - Stop changing directory to the filesystem root !470 - Fix opentracing setup for gitlab-sshd !473 v13.18.1 - Modify regex to prevent partial matches v13.18.0 - Fix thread-safety issues in gitlab-shell !463 - gitlab-sshd: Support the PROXY protocol !461 - sshd: Recover from per-session and per-connection panics !464 v13.17.0 - Fix gitlab-shell panic when log file not writable !453 - Add monitoring endpoint to built-in SSH server !449 v13.16.1 - Read limited input when asking to generate new two-factor recovery codes v13.16.0 - RFC: Simple built-in SSH server !394 - Remove the session duration information from the output of 2fa_verify command !445 v13.15.1 - Read limited input when asking to generate new two-factor recovery codes v13.15.0 - Update httpclient.go with TLS 1.2 as minimum version !435 v13.14.1 - Read limited input when asking to generate new two-factor recovery codes v13.14.0 - Add 2fa_verify command !440 - Propagate client identity to gitaly !436 v13.13.1 - Read limited input when asking to generate new two-factor recovery codes v13.13.0 - GitLab API Client support for client certificates !432 v13.12.0 - Upgrade Bundler from 1.17.2 to 2.1.4 !428 - Log Content-Length bytes in API response !427 - Bump default Ruby version to v2.7.2 !426 v13.11.0 - Set SSL_CERT_DIR env var when building command !423 - Fix incorrect actor used to check permissions for SSH receive-pack !424 v13.10.0 - Add support for -version argument !421 v13.9.0 - Drop "generated random correlation ID" log message !417 - client: Allow User-Agent header to be overridden !418 v13.8.0 - Update Gitaly module dependency !414 - Make it possible to propagate correlation ID across processes !413 - Remove deprecated hooks dir !411 v13.7.0 - Fix gitlab-shell not handling relative URLs over UNIX sockets !406 v13.6.0 - Add support obtaining personal access tokens via SSH !397 v13.5.0 - Generate and log correlation IDs !400 v13.4.0 - Support ssl_cert_dir config setting !393 - Log SSH key details !398 - Log remote IP for executed commands !399 - Drop Go v1.12 support !401 v13.3.0 - Upgrade Ruby version to v2.6.6 !390 - Use default puma socket in example config !388 - Set client name when making requests to Gitaly !387 - Fix race conditions with logrus testing !385 v13.2.0 - Add HTTP status code to internal API logs !376 v13.1.0 - Ensure we are pasing the parsed secret !381 v13.0.0 - Move gitlabnet client into a publicly facing client package !377 v12.2.0 - Geo: Add custom action support for clone/pull !369 v12.1.0 - Log internal HTTP requests !366 - Log git-{upload-pack,receive-pack,upload-archive} requests !367 v12.0.0 - openssh: Accept GIT_PROTOCOL environment variable !364 v11.0.0 - Bump Ruby version to 2.6.5 !357 - Remove support for Custom data.info_message !356 v10.3.0 - Use correct git-lfs download or upload operation names !353 - Add support for Gitaly feature flags !351 - Make console messages consistent !334 v10.2.0 - Remove dead Ruby code and unused binaries !346 v10.1.0 - Remove feature flags and the fallback command !336 - Remove an obsolete section from config.yml.example !339 - Extend group IP restriction to Git activity !335 - Remove deprecated create-hooks script !342 - Rewrite `bin/check` in Go !341 v10.0.0 - Remove gitlab-keys script !329 v9.4.2 - Repurpose bin/authorized_keys script !330 v9.4.1 - Fix bug preventing gitlab-development-kit from updating !327 v9.4.0 - Enable all migration features by default !313 - Set Go111MODULE to 'off' during compilation !315 - Add Makefile for easier building and testing !310 - Resolve "Update .PHONY to have accurate list of targets" !316 - Update rubygems version on CI for go tests !320 - Support falling back to ruby version of checkers !318 - Implement AuthorizedKeys command !321 - Implement AuthorizedPrincipals command !322 - Replace symlinks with actual binaries !324 - Use go mod !323 v9.3.0 - Go implementation for git-receive-pack !300 - Go implementation for git-upload-pack !305 - Return Fallback cmd if feature is enabled, but unimplemented !306 - Go implementation for git-upload-archive !307 - Go implementation for LFS authenticate !308 - Respect GITLAB_SHELL_DIR in the Go version !309 v9.2.0 - Upgrade to Ruby 2.6.3 !298 v9.1.0 - Correctly determine the root directory for gitlab-shell !294 - Support calling internal api using HTTP !295 - Print keys in list-keys command !198 - Support calling internal API using HTTPS !297 v9.0.0 - Add a Go implementation of the "discover" command !283 - Add a Go implementation of the 2fa_recovery_codes" command !285 - Display console messages, if available !287 - Allow the post-receive hook to print warnings !288 - Remove hooks, they belong to Gitaly now !291 v8.7.1 - Fix unmarshalling JSON from the command line !280 v8.7.0 - Add distributed tracing to GitLab-Shell !277 v8.6.0 - Add support for using gl_project_path !275 - Provide expires_in for LFS if available !273 v8.5.0 - Bump gitaly-proto to v1.10.0 v8.4.4 - Pass push options along to gitlab-rails's post-receive endpoint v8.4.3 - Remove circular dependency between HTTPHelper and GitlabNet !258 v8.4.2 - Include LFS operation when requesting auth !254 v8.4.1 - Surface error message sent along with API Service Unavailable error to user v8.4.0 - Use Gitaly v2 auth scheme v8.3.3 - Release v8.3.3 as v8.3.2 tag is incorrect v8.3.2 - Ensure text/plain & text/html content types are handled !239 - Fix newlines not appearing between new log entries !242 v8.3.1 - No changes (version tag correction) v8.3.0 - Add custom action (e.g. proxying SSH push) support v8.2.1 - Fix HTTP status code handling for /api/v4/allowed API endpoint v8.2.0 - Pass custom git_config_options to Gitaly !221 - Add missing require statement in create-hooks !225 v8.1.1 - Fix two regressions in SSH certificate support (!226) v8.1.0 - Support Git v2 protocol (!217) v8.0.0 - SSH certificate support (!207) v7.2.0 - Update gitaly-proto to 0.109.0 (!216) v7.1.5 - Fix a NoMethodError in the pre-receive hook (!206) v7.1.4 - Don't truncate long strings in broadcast message (!202) v7.1.3 - Use username instead of full name for identifying users (!204) v7.1.2 - Add missing GitlabLogger#error method (!200) v7.1.1 - Flush log file after every write (!199) v7.1.0 - Migrate `git-upload-archive` to gitaly v7.0.0 - Switch to structured logging (!193) v6.0.4 - Don't delete GL_REPOSITORY environment variable from post-receive hook (!191) v6.0.3 - Print new project information in post-receive v6.0.2 - Use grpc-go 1.9.1 (!184) - Update gitaly-proto and gitaly libs (!185) v6.0.1 - Fix git push by removing a bad require in the pre-receive hook (!183) v6.0.0 - Remove bin/gitlab_projects (!180) - Remove direct redis integration (!181) - Remove support unhiding of all references for Geo nodes (!179) v5.11.0 - Introduce a more-complete implementation of bin/authorized_keys (!178) v5.10.3 - Remove unused redis bin configuration v5.10.2 - Print redirection message when pushing into renamed project v5.10.1 - Use 'git clone --no-local' when creating a fork (!176) v5.10.0 - Add a 'fork-repository' command that works with hashed storage (!174) v5.9.4 - Add relative git object dir envvars to check access request v5.9.3 - Expose GitLab username to hooks in `GL_USERNAME` environment variable v5.9.2 - Fix pre-receive error when gitlab doesn't have /internal/pre_receive (!169) v5.9.1 - Adds --force option to push branches v5.9.0 - Support new /internal/pre-receive API endpoint for post-receive operations - Support new /internal/post-receive API endpoint for post-receive operations - Support `redis` field on /internal/check API endpoint v5.8.1 - Support old versions of ruby without monotonic clock v5.8.0 - Fix SSH support for Git for Windows v2.14 v5.7.0 - Support unhiding of all refs via Gitaly v5.6.2 - Bump redis-rb library to 3.3.3 v5.6.1 - Fix setting permissions of SSH key tempfiles - Fix a missing constant error when using SSH authentication v5.6.0 - SSH authentication support v5.5.0 - Support unhiding of all references for Geo nodes v5.4.0 - Update Gitaly vendoring to use new RPC calls instead of old deprecated ones v5.3.1 - Gracefully handle internal API errors when getting merge request URLs v5.3.0 - Add ability to have git-receive-pack and git-upload-pack to go over Gitaly v5.2.1 - Revert changes in v5.2.0 v5.2.0 - Disable RubyGems to increase performance v5.1.1 - Revert "Remove old `project` parameter, use `gl_repository` instead" v5.1.0 - Add `gitlab-keys list-key-ids` subcommand for iterating over key IDs to find keys that should be deleted v5.0.6 - Remove old `project` parameter, use `gl_repository` instead - Use v4 of the GitLab REST API v5.0.5 - Use gl_repository if present when enqueing Sidekiq PostReceive jobs v5.0.4 - Handle GL_REPOSITORY env variable and use it in API calls and Sidekiq enqueuing v5.0.3 - Use recursive lookup for git repositories in the bin/create-hooks script v5.0.2 - Adds timeout option to push branches v5.0.1 - Fetch repositories with `--quiet` option by default v5.0.0 - Remove support for git-annex v4.1.1 - Send (a selection of) git environment variables while making the API call to `/allowed`, !112 v4.1.0 - Add support for global custom hooks and chained hook directories (Elan Ruusamäe, Dirk Hörner), !113, !111, !93, !89, #32 - Clear up text with merge request after new branch push (Lisanne Fellinger) v4.0.3 - Fetch repositories with `--prune` option by default v4.0.2 - Fix gitlab_custom_hook dependencies v4.0.1 - Add instrumentation to push hooks v4.0.0 - Use full repository path for API calls v3.6.6 - Re-use the default logger when logging metrics data v3.6.5 - Test against ruby 2.3 - Instrument GitLab Shell and log metrics data to a file v3.6.4 - Fix rsync with ionice command building - Fix short circuit logic between rsync with and without ionice for storage migrations v3.6.3 - Re-exposing GL_ID to custom hooks v3.6.2 - Enable GIT_TRACE/GIT_TRACE_PACKET/GIT_TRACE_PERFORMANCE by providing the git_trace_log_file config key v3.6.1 - Set a low IO priority for storage moves to lower performance impact v3.6.0 - Added full support for `git-lfs-authenticate` to properly handle LFS requests and pass them on to Workhorse v3.5.0 - Add option to recover 2FA via SSH v3.4.0 - Redis Sentinel support v3.3.3 - Print URL for new or existing merge request after push v3.3.2 - Improve authorized_keys check v3.3.1 - Manage authorized_keys permissions continuously v3.3.0 - Track ongoing push commands - Add command to move repositories between repository storages v3.2.1 - Allow gitlab-project's fork-project command to fork projects between different repository storages v3.2.0 - Allow GitLab Shell to check for allowed access based on the used Git protocol - Add an error message when using shell commands with incompatible GitLab versions v3.1.0 - Refactor repository paths handling to allow multiple git mount points v3.0.1 - Update PostReceive worker to provide enqueued_at time. v3.0.0 - Remove rm-tag command (Robert Schilling) - Remove create-branch and rm-branch commands (Robert Schilling) - Update PostReceive worker so it logs a unique JID in Sidekiq - Remove update-head command - Use Redis Ruby client instead of shelling out to redis-cli v2.7.2 - Do not prune objects during 'git gc' v2.7.1 - Add new command to list tags from a remote repo - Add the ability to fetch remote repo with or without tags v2.7.0 - Add support for ssh AuthorizedKeysCommand query by key v2.6.13 - Add push-branches command - Add delete-remote-branches command v2.6.12 - Fix git-annex issue not working using custom SSH port repositories v2.6.11 - Increase HTTP timeout and log request durations - Workaround for a Webrick issue on Ruby 2.2 - New optional `--force` parameter for `gitlab-projects fetch-remote` v2.6.10 - Add git gc for housekeeping v2.6.9 - Remove trailing slashes from gitlab_url v2.6.8 - Revert git-lfs-authenticate command from white list v2.6.7 - Exit with non-zero status when import-repository fails - Add fetch-remote command v2.6.6 - Do not clean LANG environment variable for the git hooks when working through the SSH-protocol - Add git-lfs-authenticate command to white list (this command is used by git-lfs for SSO authentication through SSH-protocol) - Handle git-annex and gcryptsetup v2.6.5 - Handle broken symlinks in create-hooks v2.6.4 - Remove keys from authorized_keys in-place - Increase batch_add_keys lock timeout to 300 seconds - If git-annex is enabled set GIT_ANNEX_SHELL_LIMITED variable v2.6.3 - Prevent keys with a very specific comment from accidentally being deleted. v2.6.2 - Include ecdsa keys in `gitlab_keys list-keys`. - Refactor logic around GL_ID v2.6.1 - Write errors to stderr to get git to abort and show them as such. v2.6.0 - Prevent character encoding issues by sending received changes as raw data. v2.5.4 - Remove recursive commands from bin/install v2.5.3 - Improve git-annex integration v2.5.2 - Safer line sub for git-annex command v2.5.1 - Expect broadcast message to return empty JSON if no message now v2.5.0 - Support git-annex tool (disabled by default) - Add rubocop (Ruby static code analyzer) for development v2.4.3 - Print broadcast message if one is available v2.4.2 - Pass git changes list as string instead of array v2.4.1 - Access token masking in url before loging v2.4.0 - Show error message when git push is rejected v2.2.0 - Support for custom hooks (Drew Blessing and Jose Kahan) v2.1.0 - Use secret token with GitLab internal API. Requires GitLab 7.5 or higher v2.0.1 - Send post-receive changes to redis as a string instead of array v2.0.0 - Works with GitLab v7.3+ - Replace raise with abort when checking path to prevent path exposure - Handle invalid number of arguments on remote commands - Replace update hook with pre-receive and post-receive hooks. - Symlink the whole hooks directory - Ignore missing repositories in create-hooks - Connect to Redis via sockets by default v1.9.7 - Increased test coverage - By default use direct unicorn connection (localhost:8080) - Fix wrong repo path send to GitLab by GitlabUpdate hook v1.9.6 - Explicitly require 'timeout' from the standard library v1.9.5 - Put authorized_keys.lock in the same directory as authorized_keys - Use lock file when add new entries to authorized_keys v1.9.4 - Use lock file when modify authorized_keys v1.9.3 - Ignore force push detection for new branch or branch remove push v1.9.2 - Add support for force push detection v1.9.1 - Update hook sends branch and tag name v1.9.0 - Call api in update hook for both ssdh and http push. Requires GitLab 6.7+ - Pass oldrev and newrev to api.allowed? v1.8.5 - Add `gitlab-keys batch-add-keys` subcommand for authorized_keys rebuilds v1.8.4 - Dont do import if repository exists v1.8.3 - Add timeout option for repository import v1.8.2 - Fix broken 1.8.1 v1.8.1 - Restrict Environment Variables - Add bin/create-hooks command - More safe shell execution v1.8.0 - Fix return values in GitlabKeys v1.7.9 - Fix escape of repository path for custom ssh port v1.7.8 - Escape repository path to prevent relative links (CVE-2013-4583) v1.7.7 - Separate options from arguments with -- (CVE-2013-4582) - Bypass shell and use stdlib JSON for GitlabUpdate (CVE-2013-4581) v1.7.6 - Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head v1.7.5 - Remove keys from authorized_keys using ruby instead of shell v1.7.4 - More protection against shell injection (CVE-2013-4546) v1.7.3 - Use Kernel#open to append lines to authorized_keys (CVE-2013-4490) v1.7.2 - More safe command execution v1.7.1 - Fixed issue when developers are able to push to protected branches that contain a '/' in the branch name. v1.7.0 - Clean authorized_keys file with `gitlab-keys clear` v1.6.0 - Create branch/tag functionality - Remove branch/tag functionality v1.5.0 - Logger - Ability to specify ca_file/ca_path - Update-head command for project - Better regexp for key_id inside shell v1.4.0 - Regex used in rm-key command was too lax v1.3.0 - Fork-project command - Custom redis configuration - Interpret login with deploy key as anonymous one v1.2.0 - Return non-zero result if gitlab-projects and gitlab-keys execution was not successful - http_settings configuration option added v1.1.0 - added mv-project feature - increased test coverage v1.0.4 - requires gitlab c9ca15e - don't use post-receive file any more. Make all updates in update - fixed issue with invalid GL_USER - use GL_ID instead of GL_USER