CHANGELOG-EE.md

Please view this file on the master branch, on stable branches it's out of date.

## 13.11.4 (2021-05-14)

- No changes.

## 13.11.3 (2021-04-30)

- No changes.

## 13.11.2 (2021-04-27)

### Security (1 change)

- Do not expose pull mirror username and password.


## 13.11.1 (2021-04-22)

### Fixed (2 changes)

- Geo - Sync incident metrics uploads. !59674
- Fix zero count of vulnerability severity count. !59680


## 13.11.0 (2021-04-22)

### Removed (3 changes)

- Remove /projects/:id/merge_requests/:merge_request_iid/approvers endpoint. !57344
- Remove deprecated project approvers update REST API endpoint. !57473
- Remove deployment_frequency_charts feature flag. !59289

### Fixed (96 changes, 42 of them are from the community)

- Make AutoDevOps browser performance job work when behind proxy. !48326 (Olaf Meeuwissen (@paddy-hack))
- Atomically select an available replica if all caught up. !49294
- Fix backward keyset pagination for epics start_date/end_date. !50579
- Expand left sidebar when viewing group iteration report. !56358
- Show loading spinner for security dashboard. !56493
- Geo: Fail syncs which exceed a timeout. !56538
- Fix DAST profiles summary for invalid profile ids. !56753
- Fix 500 error when refreshing Value Stream Analytics page with a default stage. !56761
- Update oncall schedule rotation names to truncate if they are too long. !56762
- Allow oncall schedule timezones to encode special characters correctly. !56792
- Allow oncall schedule to display description. !56796
- Set default cadences to non-automatic. !56842
- Hide "New issue" button from Auditors on project issues page. !56877
- Do not close modal when there are error messages. !56893
- Hide "Suggest wiki improvement" button from Auditors on project wiki page. !56897
- Do not clear the oncall schedule rotation form if there are validation errors. !56901
- Fix vulnerability exports when a finding is missing. !56903
- Hide "New merge request" button from Auditors on Code Review Analytics page. !56999
- Require permissions to read vulnerability counts. !57037
- Prevent deletion of groups with a subscription. !57170
- Allow SCIM deprovisioning for minimal access users. !57178
- Catch NoResponseError from Net::DNS in LoadBalancing::Resolver. !57187
- Fix styling for ellipsis in DAST Profiles. !57200
- Fix active state for license link in navigation bar. !57214
- Fix reindexing retry for the notes migration. !57248
- Make sure all ES indexes are created when setting server URL. !57253
- Give CI_JOB_TOKEN read access to public projects so public packages can be consumed. !57265
- Adds stage time calculation to VSA path navigation. !57451
- Prevent deletion of groups with a subscription via the API. !57533
- Adjust Button Size on License Compliance widget. !57592
- Count minimal access users in admin area group page. !57630
- Remove key parameter check when validating actor in personal access token API. !57675
- Fix the 'errors' attribute of the 'ScanType' on GraphQL API. !57882
- Fix inaccurate role classification in DB instrumentation. !57998
- Fix Rails/SaveBang rubocop offenses in ee/spec/requests. !58078 (Abdul Wadood @abdulwd)
- Fix Rails/SaveBang rubocop offenses in ee/spec/presenters. !58082 (Abdul Wadood @abdulwd)
- Fix Rails/SaveBang rubocop offenses in ee/spec/graphql. !58092 (Abdul Wadood @abdulwd)
- Fix Rails/SaveBang rubocop offenses in ee/spec/models/ci. !58109 (Abdul Wadood @abdulwd)
- Fix Rails/SaveBang rubocop offenses in ee/spec/models/. !58115 (Abdul Wadood @abdulwd)
- Fix removing labels when moving an epic between lists. !58145
- Remove push rules locks on group and project level. !58195
- Land on epics tab when searching within epics search context. !58201
- Remove mw-90p class from common.scss. !58205 (Takuya Noguchi)
- Fix header on group billing page. !58252
- Fix 500 error when cloning a wiki using the Kerberos clone button. !58270
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/workers. !58272 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/views. !58280 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/tasks. !58284 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee vulnerabilities services. !58305 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in timebox_report_service_spec.rb. !58317 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/status_page. !58320 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/security. !58323 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/search. !58326 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/merge_trains. !58333 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/issues. !58336 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/ide. !58341 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/groups. !58343 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/geo. !58348 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/epics. !58350 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/ee. !58351 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/ci. !58354 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/auto_merge. !58358 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/services/analytics. !58359 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/serializers. !58362 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/requests/projects. !58365 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/presenters. !58369 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/policies. !58371 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/models. !58376 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/migrations. !58378 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/mailers. !58379 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/lib/gitlab/geo. !58380 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/graphsql/resolvers. !58389 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/finders. !58394 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/features/projects. !58395 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/features/analytics. !58402 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/features/admin. !58403 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/controllers/registrations. !58408 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/controllers/ee/projects. !58414 (Abdul Wadood @abdulwd)
- Fix RSpec/EmptyLineAfterFinalLetItBe rubocop offenses in ee/spec/controllers/admin. !58417 (Abdul Wadood @abdulwd)
- Fix broken dismissal descriptions in vulnerability details view. !58431
- Throw an error when yaml mode contains unparsable attributes. !58457
- Add aria labels to icon-only buttons. !58460
- Clone issue card on move when necessary in epic swimlanes. !58644
- Fix access bug for DevOps Adoption page and free tier groups. !58684
- Render links in DAST scans errors. !58815
- Fix Group SAML disabled git enforcement text. !58825
- Use `getTopFrequentItems` in projects dropdown to show recently used. !58851
- Correcting typo on the Policies tab of the Threat Monitoring page. !58956 (Lindsay Kerr)
- Update Geo OAuth redirect URI to use the external primary URL even when an internal URL exists. !58966
- Fix the oncall schedule timeline width calc. !58973
- Reduce query timespan to one day in schedule daily view. !58974
- Make Zen Mode functional while editing Test Case description. !58984
- Navigate to Manage scans page after saving a DAST Scan. !59027
- Fix updating value stream without persisted stages. !59176
- Fix ElasticDeleteProjectWorker delete commits, index_status. !59457
- Fix zero count of vulnerability severity count. !59680

### Changed (47 changes, 2 of them are from the community)

- Move Notes (Comments) to dedicated ES index. !53013
- Add storage requirement option to Advanced Search notes migration. !55423
- Add vulnerability filter for scanner ID. !55909
- Add GraphQL field for vulnerability scanner ID. !56041
- Project Settings Operations header Status page expand/collapse on-click/on-tap. !56275 (Daniel Schömer)
- Return generic vulnerability details in the response of the vulnerability_finding endpoint. !56448
- Fix for licenses without an url in license issue body. !56534
- Set credential_inventory_gpg_keys feature-flag to enabled by default. !56764
- Allow details to be sorted chronologically in the performance bar. !56830
- Scroll to top of window when API Fuzzing configuration fails. !56890
- Sort issues in full codequality report by severity. !56892
- Update routes for DAST profiles to align with user interface. !56966
- Add last used to cluster token table. !57141
- Standardize input label for project-level MR rule for overriding approvers. !57194
- Display active integrations in separate table. !57198
- Update tab links for DAST Saved Scans. !57205
- Enable iteration lists and new create list form. !57439
- SSH key page text now reflects the expiration enforcement setting being used on the instance. !57494
- Policy Editor: switching the custom editor to Source Editor. !57508
- Create status filter on policy alerts. !57538
- Remove the api_fuzzing_configuration_ui feature flag. !57583
- Call out the inability to run on-demand scans without a repository being created. !57584
- API Fuzzing scanner port changed to non-privileged port. !57628
- Add Swimlanes loading skeleton. !57661
- Hide cluster agent UI if not enabled on GitLab.com. !57668
- Add billable_members_count to GraphQL Group type. !57712
- Update copies in API fuzzing configuration form. !57753
- Updated VSA stage table with simpler layout. !57792
- Replace deprecated buttons on epic list view. !57873
- Add error handling feedback inside purchase flow. !58084
- Add a delay before expanding epic within tree during drag and drop. !58282
- Make DevOps adoption updates weekly. !58474
- Replace deprecated button on iteration list view. !58503
- Expose vulnerability Scanner ID through GraphQL query. !58595
- Remove info message from legacy milestones. !58617
- Insert tips as comments in the YAML snippet. !58656
- Add tips about copied API Fuzzing configuration snippet in the pipeline editor. !58664
- Remove feature flag value_stream_analytics_extended_form. !58821
- Remove compliance framework administration abilities from subgroups. !58873
- Remove additional minutes when no minutes purchased. !59112 (Takuya Noguchi)
- Remove standalone_vuln_dependency_list Feature Flag. !59124
- Remove default stages definition from latest API Fuzzing CI template. !59154
- Update Product Planning Usage Ping metrics. !59171
- Set API Fuzzing version to 1.6 in CI template. !59181
- Update label color on Jira issues pages. !59226
- Change vulnerabilities GraphQL query to use GlobalID for scanner IDs. !59305
- MR Analyrics, add animation to MTTM stat. !59477

### Performance (20 changes)

- Force ApplicationRecord#with_fast_statement_timeout to use replicas. !56476
- Improve performance of indexing notes in Elasticsearch. !56808
- Improve performance of Elasticsearch notes permissions migration. !56823
- Improve computation of excess repository storage size. !57088
- Do not stick to primary after recording User#last_activity_on. !57212
- Skip ordering when using distinct in shared runners CTE query. !57312
- Do not stick to primary after log Jira DVCS usage. !57328
- Cache storage alert banner. !57350
- Reduce SQL requests number for epic issues. !57352
- Batch-load environments in EE pipelines. !57706
- Fix N+1 in /projects endpoint. !57746
- Remove N+1 DB queries from indexing issues in Elasticsearch. !57788
- Remove N+1 DB queries from indexing projects in Elasticsearch. !57794
- Fix blobs search N+1. !57826
- Cache open issues count in group sidebar. !58064
- Improve performance of on-call schedules SQL queries. !58209
- Reduce queries on group search API for blobs scope. !58495
- Fix more N+1 issues when indexing notes in Elasticsearch. !58751
- Fix N+1 query in Epics search for guest in private group. !58863
- Sync code owner approval rules asynchronously after creating merge request. !59395

### Added (47 changes)

- Beta version of DAST API scanner API Security. !51824
- Add confirmation modal for admin signup settings submit button, for cases where pending users could be approved by mistake. !55509
- Expose dismissal reason and dismissal descriptions in Vulnerability details view. !55525
- GraphQL - Allow to filter epics on epic lists. !56026
- Incident Management On-call Schedules. !56263
- Add reviewers detail to add merge request approver email. !56466
- Allow customers to extend or reactivate their trial on gitlab.com. !56471
- Add a form to generate API Fuzzing configuration YAML snippets. !56548
- Add upgrade link in user menu. !56591
- Add vulnerability management survey request banner. !56620
- Adds an overview stage to value stream analytics. !56621
- Display VSA navigation as a horizontal flow. !56632
- Add generic reports section and 'url' type to vulnerability details page. !56635
- Add git fetch counts for geo secondaries to usage ping. !56678
- New allowed_agents REST endpoint. !56700
- Add policy name filter to threat alerts. !56708
- Enable timeline on project security dashboard's trends chart. !56844
- Add integration to view Jira issue details within GitLab. !56942
- Add sitemap generation for Gitlab.com and gitlab-org namespace. !56947
- Pre-populate projects while adding issue to a project in epic tree. !56955
- Support epic board list negated filter params. !57001
- Update schedule grid to start at beginning of current week. !57004
- Update oncall rotation active period after schedule timezone update. !57069
- Add separate tab tracking for devops adoption. !57104
- Make epics searchable by my reaction emoji. !57190
- Fetch iterations by cadence id. !57572
- Include pipeline artifacts in Geo replication. !57741
- Provide option to disable project access token creation. !57756
- Add DORA 4 lead time charts to project-level CI/CD Analytics page. !57872
- Support negated filtering of issues by epic_id and weight in GraphQL. !58154
- Add environment scopes to group CI/CD variables. !58200
- Add recursive list rendering to generic vulnerability reports. !58206
- Add billable memberships API. !58506
- Update CiCdSettingsUpdate mutation to accept MR pipelines and merge trains. !58592
- Add support for array indexing to alert integration custom mappings. !58610
- Filter by epic in roadmap. !58642
- Add singular oncall rotation field to oncall schedules type. !58729
- Enable compliance pipeline configuration by default. !58826
- Support reaction emoji on Epics Roadmap. !58835
- Enable DAST on-demand scan authentication, request headers and excluded URLs. !58859
- Display ultimate or premium upgrade plan banner for jira issues. !58877
- Expose 'titleHtml' & 'descriptionHtml' in Epic type. !58990
- Set issue_perform_after_creation_tasks_async feature flag to default. !59040
- Implement use_replicas_for_read_queries. !59167
- Geo - Release the pipeline artifacts replication and verification. !59323
- GraphQL issue filters support 'current' iteration. Board issue filters support negated 'current' iteration. !59325
- Enable custom compliance frameworks.

### Other (34 changes, 2 of them are from the community)

- Change button to link on Agent table. !55887
- Track epic status change action on usage ping. !56246
- Use provide/inject for groupFullPath instead of props. !56472
- Track epic confidentiality change action on usage ping. !56483
- Track epic title and description changes via usage ping. !56489
- Record issues added to epic on usage ping. !56559
- Track epic labels change action on usage ping. !56571
- Track epic comment updated. !56610
- Track epic note destroyed. !56617
- Track epic start date set to fixed or inherited via usage ping. !56619
- Apply GitLab UI button and dropdown styles to buttons in ee/app/views/shared/epic directory. !56729
- Add daily quota limit to invitations API endpoint. !56781
- Change input type for telephone number field in the Trial flow. !56876
- Bootstrap button migration. !56968
- Skip onboarding experience for invited users. !57117
- Update localStorage key for On-demand scans form. !57224
- Add spacing between analyzer name and variables in SAST Configuration UI. !57226
- Add missing audit logging to invite service. !57358
- Review and revise Integrations/GitHub UI text. !57389
- Track epic due date set to fixed or inherited via usage ping. !57457
- Use provide/inject for vulnerabilities export endpoint. !57639
- Track epic change to fixed start/due dates via usage ping. !57672
- Use full date in billable members list. !57828
- Move to confirm from success variant for button in storage quotas page. !57862 (Yogi (@yo))
- Update URL for license FAQ. !58231 (Takuya Noguchi)
- Update out-of-storage banner title and button text. !58276
- Track issue removed from epic on usage ping. !58426
- Add load balancing Sidekiq metrics. !58473
- Updated UI text to match style guidelines. !58509
- Track epic issues moved between projects. !58590
- Add metric to track querying write ahead log on Request level. !58673
- Generic vulnerability reports: Remove extra margin between report columns. !58720
- Track epic destroyed action on usage ping. !59185
- Remove dast_branch_selection feature flag. !59349


## 13.10.4 (2021-04-27)

### Security (1 change)

- Do not expose pull mirror username and password.


## 13.10.3 (2021-04-13)

- No changes.

## 13.10.2 (2021-04-01)

- No changes.

## 13.10.1 (2021-03-31)

### Security (1 change)

- Escape HTML on scoped labels tooltip.


## 13.10.0 (2021-03-22)

### Removed (1 change)

- Remove the dast_saved_scans feature flag. !56540

### Fixed (39 changes)

- Fix updating of board's hide_backlog_list and hide_closed_list settings when on an unlicensed EE instance. !51561
- Return only supported issue types for selected Jira Project. !53705
- Fix incorrect IP address when creating ProtectedBranch audit event. !54292
- Add support for negated weight issue filtering. !54393
- Update details JSON Schema and GraphQL Schema for Vulnerability Finding. !54423
- Jira Issues List page shows Web URL links instead of API URL. !54434
- Add spacing to related Jira issues section. !54514
- Geo: Prioritize resyncing new failures over persistent failures. !54585
- Move action buttons to dropdown footer. !54767
- Geo: Add unique constraints to container repository and terraform state registries. !54841
- Exclude guests for trial ultimate licenses too. !54952
- Only set note visibility_level if associated to a project. !55111
- Fix scrolling issues with sticky status box. !55188
- Prevent rendering test cases as issues. !55410
- Fix wrong message for group vulnerability report when no vulnerabilities in projects. !55464
- Hide package list if license compliance has an entry with 0 packages. !55466
- Prevents HttpIntegration.payload_attribute_mapping from being reset when it was not a part of a GraphQL mutation input. !55511
- Counter badges are misaligned in License Compliance tabs. !55517
- Fix 500 error on group milestones page when milestones are associated to more than 3 releases. !55540
- Fix Jira icon in sidebar too huge during page load. !55598
- Fix alignment issues in vulnerability modals. !55716
- Do not display empty description template lists in the dropdown. !55762
- Geo: Fix syncing direct download remote stored Blob types. !55775
- Update alerts list to fail gracefully on GraphQL failure. !55817
- Allow project admin to read approval rules from archived projects. !55929
- Fix epics dropdown to work in project epic swimlanes. !55954
- Ensure task by type filters refresh the chart data. !55958
- Fix console-error on vulnerabilities report. !56076
- Refetch count list when vulnerabilities are updated. !56116
- Fix group code coverage table to show all projects correctly. !56124
- Fix dropdown z-index issue. !56125
- Fix DAST site profile form submission. !56135
- Correct billable users calculation on users statistics page. !56152
- Do not mark bot users as pending approval when User Cap is enabled. !56287
- Fix zero-downtime upgrade from 13.8.x to 13.9.3. !56352
- Use created in epics and MRs. !56391
- Fix subscription banner on New Project page. !56443
- Fetch only detected and confirmed vulnerabilities for project security status. !56533
- Replace stubbed dastProfiles.branch GraphQL field. !56604

### Changed (44 changes, 3 of them are from the community)

- Migrate lfs_object_registry to be compatible with Geo::ReplicableRegistry. !52636
- Send email when user cap is reached. !53489
- Add securityReportsUpToDateOnTargetBranch field to MergeRequestType to indicate if the security reports are up to date on the target branch. !53907
- GitLab EE Project Settings CI/CD headers expand/collapse on click / tap. !54115 (Daniel Schömer)
- Add ability to bulk update vulnerabilities. !54206
- Add external link to create jira issue button. !54310
- Update License Compliance and Dependency List Empty State Pages. !54314
- Lower SAML SSO session expiry to one day. !54374
- Add page specific styles to project discover security page. !54460
- Migrate Epic Events when using Group Migration. !54475
- Update AutoDevOps wording on secure config page. !54586
- Geo Status - Rename Attachments to Uploads. !54720
- Sort changed metrics first in metrics reports MR widget. !54729
- Remove services section from API Fuzzing CI template. !54746
- Add negated weight issue filtering on API. !54867
- Differentiate metrics and logs from replica/primary databases. !54885
- Show subscription expiration banner only for top-level group owners. !54908
- Trim-down "Skip Trial" link on the trial flow page. !54911
- Remove saml_group_links feature flag. !54986
- Exempt auditor from ip restriction. !55073
- Introduce disabled analyzer warning to SAST Config Page. !55172
- Restructure layout of Add/Update approval rule form. !55181
- Sort metrics report MR widget - changed, new, removed, unchanged. !55217
- Project Settings Repository Push Rules header expands/collapses on click / tap. !55235 (Daniel Schömer)
- Epic confidentiality widget. !55350
- Make vulnerability file path linkable in the vulnerability list. !55356
- Update css to make the vulnerability more prominent. !55389
- Add warning message to pipeline stage dropdowns in merge trains. !55437
- Remove scanner parameter from vulnerability_findings REST endpoint. !55453 (Thiago Figueiro @thiagocsf)
- Add docs link for license compliance mr widget. !55474
- Improve security dashboard/vulnerability report empty state messages. !55489
- Add name to agent token table. !55503
- Link cluster index page to cluster show page. !55536
- Default enable the extended VSA form. !55572
- Select security findings by their UUIDs instead of their positions in the report artifacts. !55643
- Restyle license compliance button on merge request widget. !55667
- Remove sast_configuration_ui feature flag. !55680
- Track group coverage usage ping event in Vue template. !55687
- Disable policy DAST scan profile modification. !55704
- Add pagination to agent token table. !55788
- Show CSV has been exported banner on export. !55965
- DevOps Adoption - Allow users to select multiple groups. !56073
- Advanced Search Migration to add permission data to notes documents. !56177
- Update the approvers rule removal modal button to use new danger variant. !56230

### Performance (4 changes)

- Use shards for Advanced Search indexing. !55047
- Pipline vulnerabilities loading performance improvements. !55692
- Spread shared runner minute reset to 8h. !55802
- Make StoreSecurityReportsWorker cpu-bound. !56149

### Added (49 changes)

- Restrict on-call to certain times during rotations via GraphQL. !52998
- Support /child quick action when creating epics. !53073
- Geo: adds database load balancing support to work on standby clusters. !53147
- Support OpenAPI v3 and Postman variables in API Fuzzing. !53646
- Add Geo node status metrics to usage ping. !53665
- Add iteration to the sidebar in epics swimlanes. !53695
- Add table to store secondary usage data. !53758
- User permission export (feature flag removed). !53789
- Add status filtering token support for Requirements. !54056
- Extend GraphQL Ci::PipelineType to include Security Report Findings. !54104
- Added cluster agent details page. !54106
- Expose details of blocking issues via GraphQL. !54152
- Geo: Release package file verification. !54361
- Advanced Search: Estimate Elasticsearch cluster size. !54430
- Add remove button to billable members. !54458
- Add event count column to threat alerts. !54616
- Add rake task to check pending Elasticsearch migrations. !54656
- Add pipeline security report summary. !54673
- Add label `x` to remove labels in iteration report. !54708
- Allow to filter requirements by missing status. !54711
- Cleanup ci_notification_dot experiment. !54721
- Include namespace storage stats in root statistics. !54788
- Include group wikis in Geo replication. !54914
- Allow only group trials. !54920
- Disable repository mirroring for hard failures. !54964
- Include wiki_size and storage_size in NamespaceStatistics. !54967
- Update NamespaceStatistics after wiki update. !54969
- Query group projects by code coverage with GraphQL. !55182
- Add purchase more storage button to storage usage quotas page. !55246
- Add last activity time column to seat usage table. !55321
- Add mutation to move epics between lists. !55467
- Introduce group-level API for DevOps adoption. !55479
- Update existing namespace statistics with wiki_size. !55487
- Social sign in options to trial registration. !55533
- Add remove Billable Member API endpoint. !55645
- Add support for updating default description templates for issues and merge requests via API. !55718
- Include detected vulnerability in finding state check. !55806
- Show 'Add Seats' Button on Billing Page. !55964
- Migrate group iterations when using Bulk Import. !56018
- Custom mapping for HTTP endpoints. !56021
- Create vulnerability issue link after merging the MR. !56038
- Add support for task lists within Test Case description. !56196
- Implement Group Wiki Geo replication. !56247
- Skip user limit validation when saving cloud licenses. !56260
- Add reviewers detail to approved and unapproved merge request emails. !56290
- Add toolbox for the trends chart in project security dashboard. !56316
- Add feature flag to block gitlab.com top-level group creation via api. !56360
- Release DAST Profile branch selection. !56442
- Add `scan` field into `SecurityReportSummarySectionType` GraphQL type. !56547

### Other (9 changes, 1 of them is from the community)

- Rename "CYCLE_ANALYTICS_*" variables in spec with "VSA_*". !52609 (Takuya Noguchi)
- Track epic creation action on usage ping. !53651
- Apply GitLab UI styles to registrations/ci_cd buttons. !54501
- Fix License Compliance widget button spacing. !54701
- Remove feature flag for Pipelines Security Summary. !54808
- Add new bulk create API endpoint for Devops adoption. !54813
- Add a separator between milestone and iteration dropdown in sidebars. !54895
- Update usage ping dictionary. !55024
- Delete redirect files. !56169


## 13.9.7 (2021-04-27)

### Security (1 change)

- Do not expose pull mirror username and password.


## 13.9.6 (2021-04-13)

- No changes.

## 13.9.5 (2021-03-31)

### Security (1 change)

- Escape HTML on scoped labels tooltip.


## 13.9.4 (2021-03-17)

- No changes.

## 13.9.3 (2021-03-08)

- No changes.

## 13.9.2 (2021-03-04)

- No changes.

## 13.9.1 (2021-02-23)

- No changes.

## 13.9.0 (2021-02-22)

### Removed (1 change)

- Remove reviewer_approval_rules feature flag. !53205

### Fixed (33 changes)

- Fix Jira issue list links when Jira runs on a subpath. !51797
- Fix epic assignment in the createIssue mutation. !51817
- Show Response fields for vulnerabilties sourced from DAST. !51948
- Display error message if group member can not be updated because their email does not match the list of allowed domains. !52014
- Fix JS error on welcome page. !52022
- Track code quality view event only once tab is active. !52140
- Fix Vuln detail and modal when reasonPhrase is empty string. !52156
- Fix duplicit epics on roadmap page when filtering by milestone. !52201
- Fix file templates return same content for templates with same name but from different projects. !52332
- Fixed bug that overwrote issue description changes from vulnerabilities. !52376
- Swimlanes - Support negated filters. !52449
- Fix line spacing in billing card header. !52521
- Change FAQ link on the billing page. !52577
- Properly populate descriptions in an issue created from a vulnerability. !52592
- Properly populate description in an issue created from a vulnerability. !52619
- Ignore connection error when changing the Elasticsearch Server URL. !52645
- Fix Epic autocomplete reference. !52663
- Fix search debounce for Swimlanes board assignees. !52786
- Remove LDAP "Edit Permissions" button for inherited group members. !52847
- Resolve Filter count does not get reflected in Test Cases. !52889
- Scope iteration report to subgroups. !52926
- Fixed iteration dropdown UI. !52987
- Fix approvals widget alignment issues. !53213
- Fix sub-group projects being locked after storage purchase. !53249
- Add license check for full code quality report. !53258
- Fix blank alert field when creating an issue from a vulnerability. !53656
- Fix invalid prop error for canEdit prop in issue sidebar when user cannot edit iteration. !53819
- Revert text back to Allow instead of Deny. Fixes fromEndpoints/toEndpoints format to keep it aligned with the allow all logic. The previous code was causing a allowing none while it should be allowing all. !53940
- Fix security dashboard for Safari (< 14.0). !54042
- Fix issue where maintainers could not set compliance framework for projects. !54071
- Fix buy more minutes link to wrong destination. !54080
- Advanced Search: fix project count_only queries. !54303
- Default maintenance_mode value to false if not explicitly set. !54428

### Changed (40 changes)

- New epic button in Epic Roadmap empty state should direct the user to a full epic creation page. !45948
- Move sast_reports and secret_detection_reports to CE. !48200
- Make the waiting period for deletion dynamic on project removal page. !50597
- Move Advanced Search Admin Settings to Top Level. !51026
- Add specific domain for threat management related alerts in order to tie the frontend and backend together. !51029
- Restore refresh_interval from settings after reindex. !51147
- Move all the changes related to Mutation.configureSast to CE. !51169
- Enable Merge Train checkbox based on Merge Pipelines checkbox. !51233
- Redirect user to previous page after DAST profiles creation. !51482
- Add iteration to bulk issue edit sidebar. !51657
- Use old purchase flow when user last name is blank. !51730
- Move empty state into the threat monitoring tabs. !51748
- Improve UX for DAST Profiles selector. !51957
- Add 12 month limit to MR Analytics. !52070
- Modify herders in exported requirements CSV file. !52118
- Issues created from Vulnerabilities set to Confidential by default. !52127
- Add feedback creation in controller. !52141
- Updated text and styling of the DAST-modal footer button. !52245
- Migrate health status dropdown to use gitlab ui. !52273
- Remove badges design from DAST validation statuses. !52301
- Process one record at a time in Bulk Import pipelines. !52330
- Feat(EpicSelect): Migrate epic select to internal GitLab UI compoenent. !52528
- Log token_id in project access token audit events instead of user_id. !52535
- BulkImports: Import Epic's labels. !52626
- Preserve Epic parent-child association when importing using Bulk Import. !52662
- Add last_activity_on attribute to Billable Members API. !52666
- Update Deployment Frequency graphs to always use UTC dates. !52919
- Remove target_name parameter from Elasticsearch rake tasks. !52958
- Update Issue Weights Paywall CTAs. !53117
- Add Event type to GraphQL and events to epics. !53152
- BulkImports: Associate mapped users to imported epics. !53296
- Disable ability for maintainers to change project compliance framework. !53370
- Add alert related labels to CiliumNetworkPolicies. The label will contain the project id and will be applicable to both new and existing policies. !53401
- Regularly reverify Packages on primary. !53470
- Allow token revocation for public projects only. !53734
- Use previous license term for seat overage. !53878
- Show loading state for vulnerability list when filter/sort is changed. !53934
- Strip trailing whitespace from DAST site validation HTTP response body. !53951
- Track elasticsearch_timed_out_count for all ES requests in log. !54180
- Start license_scanning job within its stage, and not when pipeline starts. !54234

### Performance (5 changes)

- Speed up roadmap show page by removing an extra epic count check. !51610
- Improve Advanced Search counts queries. !51971
- Resolve N+1 issue loading approval rules on the MR list. !52364
- Set 1s server side timeout on Elasticsearch counts. !53435
- Improve the performance of the Merge Request Analytics chart. !53704

### Added (45 changes, 1 of them is from the community)

- Add activity filter to security dashboards. !48196 (Kev @KevSlashNull)
- Add usage ping for user secure scans. !49444
- Add details to Vulnerability GraphQL. !49465
- Add description text to Deployment Frequency charts. !51250
- Capture metrics for group coverage project links. !51411
- Add route for threat monitoring alert details. !51417
- Audit events for project access tokens. !51660
- Update renew/upgrade banner with actionable links. !51705
- Adds API support for Group Deployment Frequency. !51938
- Display train badge for pipelines that are merge trains. !52137
- Add web_url to iterations API. !52178
- Add create epic board via GraphQL. !52258
- Add MTTM stat to MR Analytics. !52316
- Add URL Navigation to Pipeline Analytics Charts. !52338
- Log user instance request and rejection in Audit Events. !52543
- Implement "Security & Compliance" visibility settings. !52551
- Add blobPath field to VulnerabilityLocation types in GraphQL. !52599
- Add End of Availability banner for Bronze Plans for relevant users. !52607
- Add support for subgroup events in Group webhooks. !52658
- Track load performance widget expansions via usage ping. !52688
- Allows fields selection when exporting Requirements with GraphQL. !52706
- Support /parent_epic quick action when creating new epic. !52727
- Support setting customizable timeouts for git CLI 2FA via UI & API. !52769
- Forbid git pushes to group wikis when repo is read only. !52801
- Add award emoji to epics in GraphQL. !52922
- Add group repository storage move endpoints. !53016
- Add ability to enforce SSH key expiration (feature flag removed). !53035
- Add a meaningful error message for assigning confidential epics to issues. !53078
- Add support for revoking DAST site validations. !53134
- Add group wikis import/export functionality. !53247
- Replace text with links on Usage Quota page. !53279
- Add group-level CI/CD Analytics page with release stats. !53295
- Adds a historical coverage graph to the group repositories analytics page. !53319
- Dynamically rename plan title after EoA rollout date. !53473
- Optional enforcement of PAT expiration (feature flag removed). !53660
- Export only selected fields in requirements. !53707
- Change the GitLab Elasticsearch Indexer version to 2.9.0. !53764
- Allow to filter requirements by latest requirement test report status on GraphQL. !53767
- Enable threat_monitoring_alerts feature flag by default. !53776
- Release maintenance mode. !53895
- Add hasSecurityReports field to GraphQL MergeRequest type. !53925
- Add ability to save and manage DAST scans. !53942
- Add cancel button to On-demand scans form. !54050
- Dedupe vulnerability_findings for bandit and semgrep. !54181
- Ability to create a Jira issue for a vulnerability. !54182

### Other (9 changes, 2 of them are from the community)

- Geo: Add verification state fields to package file registry. !49737
- Update project's advanced settings UI text. !51442
- Convert path-lock unlock button to pajamas. !52276
- Adding audit event for default branch change. !52339 (Abdul Shaheed)
- Use plan name instead of plan code in new subscription app. !52414
- Replace OpenSSL constants with strings. !52431 (Takuya Noguchi)
- Add manual renew button to billings page. !52652
- Abstract out details of policy_helper. !52714
- Review UI text - repo push rules settings. !52797


## 13.8.8 (2021-04-13)

- No changes.

## 13.8.7 (2021-03-31)

### Security (1 change)

- Escape HTML on scoped labels tooltip.


## 13.8.6 (2021-03-17)

- No changes.

## 13.8.5 (2021-03-04)

- No changes.

## 13.8.4 (2021-02-11)

### Security (1 change)

- Geo: Pass GL-ID in a JWT token when proxy-push from secondary.


## 13.8.3 (2021-02-05)

### Fixed (2 changes)

- Fix Geo replication and verification status for replicables with no data to sync. !52253
- Handle network unreachable for ES settings check. !52586


## 13.8.2 (2021-02-01)

### Security (2 changes)

- Remove Kubernetes IP address from error messages returned in Threat Monitoring.
- Sanitize XSS in Epic milestone due date.


## 13.8.1 (2021-01-26)

### Fixed (2 changes)

- Fix rendering of requirements page for unauthenticated users. !52069
- Fix browser performance widget issue body. !52088


## 13.8.0 (2021-01-22)

### Fixed (24 changes, 3 of them are from the community)

- Hide "Health status" edit button when the user has no permission. !49535 (Kev @KevSlashNull)
- Remove quota data for subgroups. !50163
- Fix boards create and update mutation arguments list. !50266
- 50275 Update check for free plan with both code and null. !50275
- Fix roadmap topbar text in dark mode. !50357
- Fix issue with displaying solution actions. !50648
- Invalidate Elasticsearch cache when moving projects or groups. !50712
- DevOps Adoption: Clear form when creating a new segment. !50766
- Move ScanSecurityReportSecretsWorker to avoid race-condition. !50815
- Fix todo creation on epics when toggling tasks. !50827
- Do not store invalid security_findings into the database. !50868
- Fix subscribable banner on mobile. !50972 (Kev @KevSlashNull)
- Fix creating/editing requirements on mobile. !51062 (Kev @KevSlashNull)
- Fix on-demand scans profile selectors' title alignment. !51133
- Refresh VSA path navigation carousel when updating stage data. !51187
- Remove cached/memoized ES helper. !51310
- Fix alignment of vulnerability names in pipeline security tab. !51313
- Fix halted migrations unpausing. !51326
- BUFIX - whats new dropdown text wraps on ubuntu. !51510
- Rename Backlog list to Open for Swimlanes. !51539
- Geo: Sync expired artifacts. !51541
- Ensure that only top level groups are fetched for devops adoption. !51565
- Swimlanes - Creating an issue adds board scope to it. !51675
- Backfill projects in Elasticsearch when moved between groups. !51717

### Changed (30 changes, 1 of them is from the community)

- Advanced Search: Copy issues to new index. !48334
- Remove `store_security_findings` feature flag. !48357
- Display correct maximum users in admin dashboard for license of any duration. !49861
- Migrate vulnerability state management to GraphQL. !50034
- Add confirmedBy field to vulnerability object in GraphQL. !50144
- Add resolvedBy field to vulnerability object in GraphQL. !50145
- Geo: Update usages of files_max_capacity. !50190
- Display public emails for billable members. !50290
- Resolve the race-condition of ScanSecurityReportSecretsWorker. !50335
- Add advanced search by full path field. !50567
- Update devops adoption snapshots daily. !50568
- Improve DAST Profiles library designs. !50576
- Immediately calculate devops adoption data after segment creation. !50619
- Rename internal api endpoint in order align it with the new logic shared among agentk modules. !50703
- Add Pagination to Agent Cluster List. !50713
- API Fuzzing Request/Responses show empty body message. !50731
- Geo: Increase backoff cap for Job artifacts, LFS objects, and Uploads which are missing on primary. !50812
- Avoid scheduling mirrors for pending_delete projects. !50820
- Add support for SAST_EXCLUDED_ANALYZERS. !50872
- Update Styling of Security & Compliance Carousel. !50877
- Replace button in Threat Monitoring empty state with a link. !50894
- Automatically redirect users to SAML provider after 7 day expiration. !50914
- Remove "Showing 0 projects" from project selector on initial load. !51136 (Kev @KevSlashNull)
- Change the Group Analytics navigation link to go to the Value Stream Analytics page. !51165
- Adjust spacing in project MR settings form. !51184
- Improve DAST Profiles library for smaller devices. !51315
- Add retry ability for halted Elasticsearch migrations. !51335
- Add Beta feature warning to DevOps Adoption report, and restore feature flag. !51518
- Resolve Rename Segment to Group. !51574
- Enable auto-fix indicator feature. !51631

### Performance (1 change)

- CI minutes are spread across 8 hours instead of 3. !50265

### Added (27 changes)

- Edit issue title in swimlanes sidebar. !46404
- Add current iteration toggle to board config. !46514
- Track web performance widget expansions via usage ping. !46746
- Add `/reassign_reviewer` command. !47606
- Track full code quality report views via usage ping. !49079
- Add ID filter to Namespace -> ComplianceFramework GraphQL. !49108
- Add API Fuzzing Artifact Download in MR widget. !49780
- Clone epic data when cloning issues. !50097
- Add support for member update & destroy events in Group webhooks. !50217
- Add dismissedBy field to vulnerability object in GraphQL. !50285
- Allow Requirements to be exported as a CSV file. !50449
- Add GraphQL mutation to export Requirements. !50546
- Add `dismissal_reason` enum to `VulnerabilityDismiss` mutation on GraphQL API. !50688
- Add sorting by column in DevOps Adoption table. !50743
- Add author token filtering support for Test Cases. !50747
- Show Vulnerability reproduction asset downloads. !50748
- Capture generic metrics report views via usage ping. !50790
- Delete Elasticsearch migrations index in rake gitlab:elastic:delete_index. !50817
- Add ability to validate DAST site profiles. !50847
- Add ability to group issues by label within the iteration report. !51113
- Add confidential filter token in Roadmap. !51196
- Add deployment frequency charts to CI/CD Analytics page. !51338
- Capture unique user views of group repository analytics page. !51382
- Export requirements as a CSV. !51434
- Add metric image feature for Incidents. !51552
- Add group wikis to Gitlab Backup. !51590
- Add License subscription_id to Usage Ping. !51601

### Other (11 changes, 1 of them is from the community)

- Updated UI text to match style guidelines. !49871
- Track epic issue counts on usage ping. !50204
- Block /assign quick action for test cases. !50396
- Update issue description templates UI settings. !50421
- Block confidential quick action for test cases. !50460
- Update the create issue form and epic issue actions dropdowns to use our Pajamas compliant components. !50633
- Refactor folder structure for security dashboard GraphQL files. !51117 (Kev @KevSlashNull)
- Edit pipeline subscriptions UI text. !51177
- Update repository mirroring UI text. !51311
- Update what's new UI text. !51422
- Enable DevOps Adoption Report feature flag if any Segments already exist. !51602


## 13.7.9 (2021-03-17)

- No changes.

## 13.7.8 (2021-03-04)

- No changes.

## 13.7.7 (2021-02-11)

### Security (1 change)

- Geo: Pass GL-ID in a JWT token when proxy-push from secondary.


## 13.7.6 (2021-02-01)

### Security (2 changes)

- Remove Kubernetes IP address from error messages returned in Threat Monitoring.
- Sanitize XSS in Epic milestone due date.


## 13.7.5 (2021-01-25)

### Fixed (1 change)

- Ensure that only top level groups are fetched for devops adoption. !51565


## 13.7.4 (2021-01-13)

- No changes.

## 13.7.3 (2021-01-08)

- No changes.

## 13.7.2 (2021-01-07)

- No changes.

## 13.7.1 (2020-12-23)

### Fixed (3 changes)

- Fix DAST profiles deletion. !50271
- Geo: Fix LFS for location-aware Git URL. !50415
- Fix StoreReportService related to autofix. !50490


## 13.7.0 (2020-12-22)

### Removed (1 change)

- Remove vulnerability_special_references feature flag. !49131

### Fixed (28 changes)

- Realign audit logs/events date field. !47708
- Ensure we don't show warning when there are <1000 epics on a roadmap. !47884
- Fix missing padding in custody report dropdown. !47927
- Fix issue blocked-by modal. !48273
- Generate finding name from report data if message is missing. !48279
- Truncate vulnerability title if longer than 255 characters. !48327
- Use `master` when default branch is blank in security configuration. !48328
- Fix functionality to add comments in the vulnerability details page. !48375
- Geo Replicables - Fix missing help text. !48378
- Switch Search Elasticsearch index to use english stemmer. !48518
- Fix the user experience when the user is unauthorized or trying to subscribe for a non-existing group. !48626
- Vulnerability Report: Show identifiers without URL as plain-text instead of link. !48653
- Fix bug rendering labels in group wikis. !48763
- Fix Epic tabs when open registration alert is visible. !49150
- Fix Vuln details page request/response sections not appearing. !49166
- Include issue iid in default title for untitled incidents when created from alert via HTTP integration. !49274
- Ignore Issue and MR IID search out of range error. !49284
- Fix security dashboard breadcrumb on vulnerability details page. !49431
- Fix displaying merge request dependencies with no metrics. !49466
- Disable epic quick actions when creating new epics. !49470
- Fix invalid prop warning in On-demand scans. !49472
- Fix `Close epic` button not working on epic page. !49597
- Fix Jira issue list API calls when Jira server runs relative to a context path. !49623
- Fix group code coverage for default branch. !49630
- Fix sidebar navigation for On-demand scans. !49719
- Geo: Fix replication details nav links to show any that are enabled. !49731
- Improve response from Jira issue creation from vulnerability. !50150
- Fix group code coverage data csv. !50155

### Changed (39 changes)

- New epic button in epic list redirects the user to the new epic page. !37126
- Resolve Update MR form to use plural field names. !41402
- Improve compliance dashboard empty state message. !45273
- Migrate requirements tabs to gltab. !45736
- Expose latest snapshot for devops adoptions in GraphQL. !47388
- Add API Fuzzing job counts to telemetry pings. !47451
- Issues can be built with vulnerability information. !47528
- Remove projects_prometheus_active unused usage ping. !47792
- Removed On-demand landing page. !47867
- Fixed summary info for closed iterations. !47879
- New subscription purchase for trial namespaces follow new flow. !47880
- Update Screenshots on Security & Compliance Carousel. !47900
- Geo - Update Legacy Icons. !48058
- Separate on-demand scan template from DAST template. !48088
- Swap edit and delete button for DAST Profile library. !48124
- Move Project Export of templates into a separate sidekiq queue in order to make project creation from group level custom templates faster. !48134
- Show an error when failing to save a merge request dependency. !48237
- Only run fuzzing on commit events, not all events. !48264
- Do not display renewal banner if future dated license is applied. !48283
- Change Auto Remediation Text from Remediation Summary to Solution. !48678
- Return NONE for GraphQL DastSiteValidation type status when there is no DAST site validation. !48751
- Creating an issue from a vulnerability takes user to the new issue page. !48926
- Set retries of ScanSecurityReportSecretsWorker for max 3 days. !49022
- Add context to full code quality report. !49260
- Add confirmed_at field to vulnerability in GraphQL. !49376
- Add resolved_at field to vulnerability type in GraphQL. !49391
- Insert finding_uuid value into vulnerability_feedback when creating records. !49408
- On-demand scans: automatically select DAST profile when only one is available. !49435
- Added DAST path to display on vulnerabilities list. !49616
- Increase the Epic Nesting from 5 to 7. !49619
- Re-name Audit Log as Audit Events. !49635
- Drop matching_merge_request_db_sync feature flag. !49644
- Return the uuid attribute in the response of vulnerability_finding endpoint. !49742
- Return the finding_uuid attribute in the response of vulnerability_feedback endpoint. !49745
- Adjust Audit Events navigation and visibility. !49794
- Add dismissed_at field to vulnerability in GraphQL. !49797
- Reorder items on swimlanes sidebar. !49877
- Add `hideBacklogList` and `hideClosedList` and `iteration_id` to `createBoard` mutation input. !49947
- Automatic token revocation no longer restricted to gitlab.com. !50087

### Performance (9 changes, 4 of them are from the community)

- Remove show license timeout guard on ee. !47832
- Remove .issue-box from Issuable list Vue.js App. !47999 (Takuya Noguchi)
- Remove .issue-box element from Epics (list). !48000 (Takuya Noguchi)
- Remove .issue-box element from Requirements (list). !48001 (Takuya Noguchi)
- Improve query for fetching vulnerability scanners. !48144
- Avoid the use of Elasticsearch joins when searching for issues. !48583
- Avoid unnecessary Sidekiq retries for Security::TokenRevocationService. !48636
- Remove Bootstrap 4's Cards class name from Epics. !48856 (Takuya Noguchi)
- Enable query cache for load balancer. !49708

### Added (41 changes)

- Add Sidekiq job for importing csv requirements async. !46429
- Integrate RevocationAPI with BuildFinishedWorker. !46729
- Import requirements via CSV upload. !47064
- Show uploads size in storage usage breakdown. !47113
- Sync groups on sign-in for GitLab.com Group SAML. !47445
- Add compliance frameworks to namespaces in GraphQL API. !47779
- Added usage ping statistics about created requirement test reports. !47809
- Add get api endpoint for a single project approval rule. !47823
- Add vulnerability severities count to group report. !47861
- Add vulnerability severities count to instance report. !47863
- Introduce quality test cases. !47948
- Add compliance framework creation mutation. !48250
- Adds API support for Project Deployment Frequency. !48265
- Improve accessibility of keyboard navigation for Requirements. !48325
- Geo: Snippet replication using the new Geo framework for repositories. !48371
- Extend Vulnerability GraphQL API with External Issue Links. !48616
- Move iteration report summary stats underneath toggle buttons. !48659
- Remove audit_log_export_csv feature flag. !48669
- Add creating Vulnerability External Issue Link using GraphQL. !48687
- Expose normalizedTargetUrl on DastSiteProfile GraphQL type. !48727
- Add a form for inviting teammates to the Create group page. !48794
- Add field hasSolutions for Vulnerability GraphQL type. !48820
- Extend Gitlab::Codeowners to include a method for returning the sections only. !48898
- Add GraphQL mutation to destroy compliance framework. !48912
- Create a rake command to mark reindex job failed. !48938