Update CHANGELOG.md for 12.5.0

[ci skip]

CHANGELOG.md

@@ -2,6 +2,357 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.5.0
+
+### Security (15 changes)
+
+- Enable the HttpOnly flag for experimentation_subject_id cookie. !19189
+- Update incrementing of failed logins to be thread-safe. !19614
+- Sanitize all wiki markup formats with GitLab sanitization pipelines.
+- Sanitize search text to prevent XSS.
+- Remove deploy access level when project/group link is deleted.
+- Mask sentry auth token in Error Tracking dashboard.
+- Return 404 on LFS request if project doesn't exist.
+- Don't leak private members in project member autocomplete suggestions.
+- Require Maintainer permission on group where project is transferred to.
+- Don't allow maintainers of a target project to delete the source branch of a merge request from a fork.
+- Disallow unprivileged users from commenting on private repository commits.
+- Analyze incoming GraphQL queries and check for recursion.
+- Show cross-referenced label and milestones in issues' activities only to authorized users.
+- Do not display project labels that are not visible for user accessing group labels.
+- Standardize error response when route is missing.
+
+### Fixed (99 changes, 14 of them are from the community)
+
+- Fix incorrect selection of custom templates. !17205
+- Smaller width for design comments layout, truncate image title. !17547
+- Correctly cleanup orphan job artifacts. !17679 (Adam Mulvany)
+- Add Infinite scroll to Add Projects modal in the operations dashboard. !17842
+- Allow emojis to be linkable. !18014
+- Enable image link and lazy loading in AsciiDoc documents. !18164 (Guillaume Grossetie)
+- Expose prometheus status to monitor dashboard. !18289
+- Time limit the database lock when rebasing a merge request. !18481
+- Fix missing admin mode UI buttons on bigger screen sizes. !18585 (Diego Louzán)
+- Abort only MWPS when FF only merge is impossible. !18591
+- Remove pointer cursor from MemoryUsage chart on MR widget deployment. !18599
+- Fix keyboard shortcuts in header search autocomplete. !18685
+- Fix empty chart in collapsed sections. !18699
+- Fix error when viewing group billing page. !18740
+- Fix query validation in custom metrics form. !18769
+- Fix Gitaly call duration measurements. !18785
+- Resolve Error when uploading a few designs in a row. !18811
+- Block MR with OMIPS on skipped pipelines. !18838
+- Pipeline vulnerability dashboard sort vulnerabilities by severity then confidence. !18863
+- Remove empty Github service templates from database. !18868
+- Fix broken images when previewing markdown files in Web IDE. !18899
+- fixed #27164 Image cannot be collapsed on merge request changes tab. !18917 (Jannik Lehmann)
+- Let ANSI \r code replace the current job log line. !18933
+- Fix serverless function descriptions not showing on Knative 0.7. !18973
+- Fix "project or group was moved" alerts showing up in the wrong pages. !18985
+- Add missing breadcrumb in Project > Settings > Integrations. !18990
+- Fixed admin geo collapsed sidebar fly out not showing. !19012
+- Serialize short sha as nil if head commit is blank. !19014
+- Add max width on manifest file attachment input. !19028
+- Do not generate To-Dos additional when editing group mentions. !19037
+- Fix previewing quick actions for epics. !19042
+- Fix errors in GraphQL Todos API due to missing TargetTypeEnum values. !19052
+- Hashed Storage Migration: Handle failed attachment migrations with existing target path. !19061
+- Set shorter TTL for all unauthenticated requests. !19064
+- Fix Todo IDs in GraphQL API. !19068
+- Triggers the correct endpoint on licence approval. !19078
+- Fix search button height on 404 page. !19080
+- Fix Kubernetes help text link. !19121
+- Make `jobs/request` to be resillient. !19150
+- Disable pull mirror if repository is in read-only state. !19182
+- Only enable protected paths for POST requests. !19184
+- Enforce default, global project and snippet visibilities. !19188
+- Make Bitbucket Cloud superseded pull requests as closed. !19193
+- Fix crash when docker fails deleting tags. !19208
+- Fix environment name in rollback dialog. !19209
+- Fixed a typo in the "Keyboard Shortcuts" pop-up. !19217 (Manuel Stein)
+- Fix unable to expand or collapse files in merge request by clicking caret. !19222 (Brian T)
+- Allow release block edit button to be visible. !19226
+- Fix double escaping in /tableflip quick action. !19271 (Brian T)
+- Add missing bottom padding in CI/CD settings. !19284 (George Tsiolis)
+- Prevents console warning on design upload. !19297
+- Resolve: Web IDE does not create POSIX Compliant Files. !19339
+- Use initial commit SHA instead of branch id to request IDE files and contents. !19348 (David Palubin)
+- Resolve: Web IDE Throws Error When Viewing Diff for Renamed Files. !19348
+- Fix project service API 500 error. !19367
+- Fix cluster feature highlight popover image. !19372
+- Fix template selector filename bug. !19376
+- Fixes mobile styling issues on security modals. !19391
+- Only move repos for legacy project storage. !19410
+- Show correct total number of commit diff's changes. !19424
+- Increase the timeout for GitLab-managed cert-manager installation to 90 seconds (was 30 seconds). !19447
+- Fix uninitialized constant SystemDashboardService. !19453
+- Properly handle exceptions in StuckCiJobsWorker. !19465
+- Fix user popover not being displayed when the user has a status message. !19519
+- Update omniauth_openid_connect to v0.3.3. !19525
+- Fix project clone dropdown button width. !19551 (George Tsiolis)
+- Do not escape HTML tags in Ansi2json as they are escaped in the frontend. !19610
+- [Geo] Fix: undefined Gitlab::BackgroundMigration::PruneOrphanedGeoEvents. !19638
+- Revert btn-xs styling in projects scss. !19640
+- Fix canary badge and favicon inconsistency. !19645
+- Use fingerprint when comparing security reports in MR widget. !19654
+- Update GCP credit URLs. !19683
+- Update squash_commit_sha only on successful merge. !19688
+- Fix import of snippets having `award_emoji` (Project Export/Import). !19690
+- Allow admins to administer personal snippets. !19693 (Oren Kanner)
+- Re-add missing file sizes in 2-Up diff file viewer. !19710
+- Fix checking task item when previous tasks contain only spaces. !19724
+- Fix Bitbucket Cloud importer pull request state. !19734
+- Fix merge train is not refreshed when the system aborts/drops a merge request. !19763
+- Resolve Hide Delete selected in designs when viewing an old version. !19889
+- Use new trial registration URL in billing. !19978
+- Helm v2.16.1. !19981
+- Ensure milestone titles are never empty. !19985
+- Remove unused image/screenshot. !20030 (Lee Tickett)
+- Remove local qualifier from geo sync indicators. !20034 (Lee Tickett)
+- Fixed the scale of embedded videos to fit the page. !20056
+- Fix broken monitor cluster health dashboard. !20120
+- Fix expanding collapsed threads when reference link clicked. !20148
+- Fix sub group export to export direct children. !20172
+- Remove update hook from date filter to prevent js from getting stuck. !20215
+- Prevent Dropzone.js initialisation error by checking target element existence. !20256 (Fabio Huser)
+- Fix style reset in job log when empty ANSI sequence is encoutered. !20367
+- Add productivity analytics merge date filtering limit. !32052
+- Fix productivity analytics listing with multiple labels. !33182
+- Fix closed board list loading issue.
+- Apply correctly the limit of 10 designs per upload.
+- Only allow confirmed users to run pipelines.
+- Fix scroll to bottom with new job log.
+- Fixed protected branches flash styling.
+
+### Deprecated (2 changes)
+
+- Ignore deprecated column and remove references to it. !18911
+- Move some project routes under - scope. !19954
+
+### Changed (56 changes, 6 of them are from the community)
+
+- Upgrade design/copy for issue weights locked feature. !17352
+- Reduce new MR page redundancy by moving the source/target branch selector to the top. !17559
+- Replace raven-js with @sentry/browser. !17715
+- Ask if the user is setting up GitLab for a company during signup. !17999
+- When a user views a file's blame or blob and switches to a branch where the current file does not exist, they will now be redirected to the root of the repository. !18169 (Jesse Hall @jessehall3)
+- Propagate custom environment variables to SAST analyzers. !18193
+- Fix any approver project rule records. !18265
+- Minor UX improvements to Environments Dashboard page. !18280
+- Reduce the allocated IP for Cluster and Services. !18341
+- Update flash messages color sitewide. !18369
+- Add modsecurity template for ingress-controller. !18485
+- Hide projects without access to admin user when admin mode is disabled. !18530 (Diego Louzán)
+- Update Runners Settings Text + Link to Docs. !18534
+- Store Zoom URLs in a table rather than in the issue description. !18620
+- Improve admin dashboard features. !18666
+- Drop `id` column from `ci_build_trace_sections` table. !18741
+- Truncate recommended branch name to a sane length. !18821
+- Add support for YAML anchors in CI scripts. !18849
+- Save dashboard changes by the user into the vuex store. !18862
+- Update expired trial status copy. !18962
+- Can directly add approvers to approval rule. !18965
+- Rename Vulnerabilities API to Vulnerability Findings API. !19029
+- Improve clarity of text for merge train position. !19031
+- Updated Auto-DevOps to kubectl v1.13.12 and helm v2.15.1. !19054 (Leo Antunes)
+- Refactor maximum user counts in license. !19071 (briankabiro)
+- Change return type of getDateInPast to Date. !19081
+- Show approval required status in license compliance. !19114
+- Handle new Container Scanning report format. !19123
+- Allow container scanning to run offline by specifying the Clair DB image to use. !19161
+- Add maven cli opts flag to maven security analyzer (part of dependency scanning). !19174
+- Added report_type attribute to Vulnerabilities. !19179
+- Migrate enabled flag on grafana_integrations table. !19234
+- Improve handling of gpg-agent processes. !19311
+- Update help text of "Tag name" field on Edit Release page. !19321
+- Add user filtering to abuse reports page. !19365
+- Move add license button to project buttons. !19370
+- Update to Mermaid v8.4.2 to support more graph types. !19444
+- Move release meta-data into footer on Releases page. !19451
+- Expose subscribed field in issue lists queried with GraphQL. !19458 (briankabiro)
+- [Geo] Fix: rake gitlab:geo:check on the primary is cluttered. !19460
+- Hide trial banner for namespaces with expired trials. !19510
+- Hide repeated trial offers on self-hosted instances. !19511
+- Add loading icon to error tracking settings page. !19539
+- Upgrade to Gitaly v1.71.0. !19611
+- Make role required when editing profile. !19636
+- Made `name` optional parameter of Release entity. !19705
+- Vulnerabilities history chart - use sparklines. !19745
+- Add event tracking to container registry. !19772
+- Update SaaS trial header to include the tier Gold. !19970
+- Update start a trial option in top right drop down to include Gold. !19971
+- Improve merge request description placeholder. !20032 (Jacopo Beschi @jacopo-beschi)
+- Add backtrace to production_json.log. !20122
+- Change the default concurrency factor of merge train to 20. !20201
+- Upgrade to Gitaly v1.72.0.
+- Require explicit null parameters to remove pages domain certificate and allow to use Let's Encrypt certificates through API.
+- Replace wording trace with log.
+
+### Performance (13 changes)
+
+- Record latencies for Sidekiq failures. !18909
+- Fix N+1 for group container repositories view. !18979
+- Do not render links in commit message on blame page. !19128
+- Puma only: database connection pool now always >= number of worker threads. !19286
+- Run check_mergeability only if merge status requires it. !19364
+- Execute limited request for diff commits instead of preloading. !19485
+- Improve performance of admin/abuse_reports page. !19630
+- Remove N+1 DB calls from branches API. !19661
+- Improve performance of linking LFS objects during import. !19709
+- Optimize MergeRequest#mergeable_discussions_state? method. !19988
+- Add index for unauthenticated requests to projects API default endpoint. !19989
+- Add index for authenticated requests to projects API default endpoint. !19993
+- Increase PumaWorkerKiller memory limit in development environment. !20039
+
+### Added (83 changes, 8 of them are from the community)
+
+- Adds Application Settings and ui settings in the integration admin area for Pendo. !15086
+- Add endpoint for a group's vulnerable projects. !15317
+- Added new chart component to display an anomaly boundary. !16530
+- Add links to associated releases on the Milestones page. !16558
+- Merge Details Page and Edit Page for Page Domains. !16687
+- Share groups with groups. !17117
+- Add links to associated release(s) to the milestone detail page. !17278
+- New group path uniqueness check. !17394
+- Unify html email layout for member html emails. !17699 (Diego Louzán)
+- The Security Dashboard displays DAST vulnerabilities for all the scanned sites, not just the first. !17779
+- Create table for elastic stack. !18015
+- Allow to define a default CI configuration path for new projects. !18073 (Mathieu Parent)
+- Issues queried in GraphQL now sortable by due date. !18094
+- Add cleanup status to clusters. !18144
+- Added Tests tab to pipeline detail that contains a UI for browsing test reports produced by JUnit. !18255
+- Users can verify SAML configuration and view SamlResponse XML. !18362
+- Support Enable/Disable operations in Feature Flag API. !18368
+- Expose arbitrary job artifacts in Merge Request widget. !18385
+- Add project option for deleting source branch. !18408 (Zsolt Kovari)
+- Adds ability to set management project for cluster via API. !18429
+- Close issues on Prometheus alert recovery. !18431
+- Add ApplicationSetting for snowplow_iglu_registry_url. !18449
+- Allow Grafana charts to be embedded in Gitlab Flavored Markdown. !18486
+- Mark todo done by GraphQL API. !18581
+- Create a users_security_dashboard_projects table to store the projects a user has added to their personal security dashboard. !18708
+- New API endpoint for creating anonymous merge request discussions from Visual Review Tools. !18710
+- Enable the color chip in AsciiDoc documents. !18723
+- Add prevent_ldap_sign_in option so LDAP can be used exclusively for sync. !18749
+- Show inherited group variables in project view. !18759
+- Add "release" filter to issue search page. !18761
+- Search list of Sentry errors by title in Gitlab. !18772
+- Add migrations and changes for soft-delete for projects. !18791
+- Support for Crossplane as a managed app. !18797 (Mahendra Bagul)
+- Bump Auto-Deploy image to v0.3.0. !18809
+- Set X-GitLab-NotificationReason header if notification reason is explicit subscription. !18812
+- Add issues, MRs, participants, and labels tabs in group milestone page. !18818
+- Add ability to reorder projects on operations dashboard. !18855
+- Make `Job`, `Bridge` and `Default` inheritable. !18867
+- Show epic events on group activity page. !18869
+- Detail view of Sentry error in GitLab. !18878
+- Expose mergeable state of a merge request. !18888 (briankabiro)
+- Add ability to select a Cluster management project. !18928
+- Add a Slack slash command to add a comment to an issue. !18946
+- Added installation commands for npm and yarn packages to package detail page. !18999
+- Show start and end dates in Epics list page. !19006
+- Populate new pipeline CI vars from params. !19023
+- Add warnings about pages access control settings. !19067
+- Graphql mutation for (un)subscribing to an epic. !19083
+- API for stack trace & detail view of Sentry error in GitLab. !19137
+- Add grafana integration active status checkbox. !19255
+- GraphQL: Add Merge Request milestone mutation. !19257
+- Add MergeRequestSetAssignees GraphQL mutation. !19272
+- Add edit button to metrics dashboard. !19279
+- Add "release" filter to merge request search page. !19315
+- Add dead jobs to Sidekiq metrics API. !19350 (Marco Peterseil)
+- Add pipeline information to dependency list header. !19352
+- Build CI cache key from commit SHAs that changed given files. !19392
+- Adding support for searching tags using '^' and '$'. !19435 (Cauhx Milloy)
+- Sentry error stacktrace. !19492
+- Add an `error_code` attribute to the API response when a cherry-pick or revert fails. !19518
+- Add documentation for sign-in application setting. !19561 (Horatiu Eugen Vlad)
+- Create AWS EKS cluster. !19578
+- Add modsecurity logging sidecar to ingress controller. !19600
+- Add start a trial option in the top-right user dropdown. !19632
+- Manage and display labels from epic in the GraphQL API. !19642
+- Allow order_by updated_at in Deployments API. !19658
+- Add can_edit and project_blob_path to metrics_dashboard endpoint. !19663
+- Add usage ping data for project services. !19687
+- Graphql query for issues can now be sorted by relative_position. !19713
+- Add API endpoint to trigger Group Structure Export. !19779
+- Show Tree UI containing child Epics and Issues within an Epic. !19812
+- Enable environments dashboard by default. !19838
+- Update the DB schema to allow linking between Vulnerabilities and Issues. !19852
+- Add Group Audit Events API. !19868
+- Adds a copy button next to package metadata on the details page. !19881
+- GraphQL: Create MR mutations needed for the sidebar. !19913
+- Add id_before, id_after filter param to projects API. !19949
+- Add modsecurity feature flag to usage ping. !20194
+- Specify management project for a Kubernetes cluster. !20216
+- Upgrade pages to 1.12.0. !20217
+- Support template_project_id parameter in project creation API. !20258
+- Add heatmap chart support. !32424
+- Add template for Serverless Framework/JS. !33805
+
+### Other (59 changes, 26 of them are from the community)
+
+- Add EKS cluster count to usage data. !17059
+- Track the starting and stopping of the current signup flow and the experimental signup flow. !17521
+- Attribute Sidekiq workers according to their workloads. !18066
+- Add ApplicationSetting entries for EKS integration. !18307
+- Geo: Add resigns-related fields to Geo Node Status table. !18379
+- Allow adding requests to performance bar manually. !18464
+- Removes `export_designs` feature flag. !18507 (nate geslin)
+- Update AWS SDK to 2.11.374. !18601
+- Remove required dependecy of Postgresql for Gitaly. !18659
+- Add deployment_merge_requests table. !18755
+- Bump Gitaly to 1.70.0 and remove cache invalidation feature flag. !18766
+- Update gRPC to v1.24.0. !18837
+- Update GitLab Runner Helm Chart to 0.10.0. !18879
+- Adds a Sidekiq queue duration metric. !19005
+- Create explicit Default and Free plans. !19033
+- Improve instance mirroring help text. !19047
+- Add Codesandbox metrics to usage ping. !19075
+- Add internal_socket_dir to gitaly config in setup helper. !19170
+- Use Rails 5.2 Redis caching store. !19202
+- Update GitLab Runner Helm Chart to 0.10.1. !19232
+- Rename snowplow_site_id to snowplow_app_id in application_settings table. !19252
+- Removed IIFEs from network.js file. !19254 (nuwe1)
+- Remove IIFEs from project_select.js. !19288 (minghuan lei)
+- Remove IIFEs from merge_request.js. !19294 (minghuan lei)
+- Make snippet list easier to scan. !19490
+- Removed IIFEs from image_file.js. !19548 (nuwe1)
+- Fix api docs for deleting project cluster. !19558
+- Change blob edit view button styling. !19566
+- Include exception and backtrace in API logs. !19671
+- Add index on marked_for_deletion_at in projects table. !19788
+- Visual design for edit buttons in blob view. !19932
+- Refactor disabled sidebar notifications to Vue. !20007 (minghuan lei)
+- Remove IIFEs from branch_graph.js. !20008 (minghuan lei)
+- Remove IIFEs from new_branch_form.js. !20009 (minghuan lei)
+- Remove duplication from slugifyWithUnderscore function. !20016 (Arun Kumar Mohan)
+- Update registry.gitlab.com/gitlab-org/security-products/codequality to 12-5-stable. !20046 (Takuya Noguchi)
+- Add mb-2 class to global alerts. !20081 (2knal)
+- Remove var from syntax_highlight_spec.js. !20086 (Lee Tickett)
+- Remove var from merge_request_tabs_spec.js. !20087 (Lee Tickett)
+- Remove var from bootstrap_jquery_spec.js. !20089 (Lee Tickett)
+- Remove var from project_select.js. !20091 (Lee Tickett)
+- Remove var from new_commit_form.js. !20095 (Lee Tickett)
+- Remove var from issue.js. !20098 (Lee Tickett)
+- Remove var from new_branch_form.js. !20099 (Lee Tickett)
+- Remove var from tree.js. !20103 (Lee Tickett)
+- Remove var from line_highlighter.js. !20108 (Lee Tickett)
+- Remove var from preview_markdown.js. !20115 (Lee Tickett)
+- remove all references of BoardService in boards_selector.vue. !20147 (nuwe1)
+- Remove all references to BoardsService in index.vue. !20152 (nuwe1)
+- Remove var from labels_select.js. !20153 (Lee Tickett)
+- Remove all reference to BoardService in board_form.vue. !20158 (nuwe1)
+- Remove calendar icon from personal access tokens. !20183
+- Move margin-top from flash container to flash. !20211
+- Bump Auto DevOps deploy image to v0.7.0. !20250
+- Make 'Sidekiq::Testing.fake!' mode as default. !31662 (@blackst0ne)
+- Replace task-done icon with list-task icon to better align with other toolbar list icons.
+- Dependency Scanning template that doesn't rely on Docker-in-Docker.
+- Adding dropdown arrow icon and updated text alignment.
+- Change selects from default browser style to custom style.
+
+
 ## 12.4.3
 
 ### Fixed (2 changes)

changelogs/unreleased/10242-move-old-vulns-api-to-vuln-findings.yml

----
-title: Rename Vulnerabilities API to Vulnerability Findings API
-merge_request: 19029
-author:
-type: changed

changelogs/unreleased/11137-propagate-all-env-vars-to-sast-containers.yml

----
-title: Propagate custom environment variables to SAST analyzers
-merge_request: 18193
-author:
-type: changed

changelogs/unreleased/11930-handle-multiple-entries-dast-report.yml

----
-title: The Security Dashboard displays DAST vulnerabilities for all the scanned sites, not just the first
-merge_request: 17779
-author:
-type: added

changelogs/unreleased/12769-milestone-blank-name-causes-issues.yml

----
-title: Ensure milestone titles are never empty
-merge_request: 19985
-author:
-type: fixed

changelogs/unreleased/12881-security-dashboard-leveraging-sparklines-to-show-vulnerability-tren.yml

----
-title: Vulnerabilities history chart - use sparklines
-merge_request: 19745
-author:
-type: changed

changelogs/unreleased/13055-show-the-sync-information-for-design-repositories.yml

----
-title: 'Geo: Add resigns-related fields to Geo Node Status table'
-merge_request: 18379
-author:
-type: other

changelogs/unreleased/13135-call-to-validate_query-in-custom-metrics-form-is-not-retried.yml

----
-title: Fix query validation in custom metrics form
-merge_request: 18769
-author:
-type: fixed

changelogs/unreleased/13401-close-gitlab-issue-on-recovery-alerts-from-prometheus.yml

----
-title: Close issues on Prometheus alert recovery
-merge_request: 18431
-author:
-type: added

changelogs/unreleased/13492-design-comments-width.yml

----
-title: Smaller width for design comments layout, truncate image title
-merge_request: 17547
-author:
-type: fixed

changelogs/unreleased/13539-license-compliance-approval-required.yml

----
-title: Show approval required status in license compliance
-merge_request: 19114
-author:
-type: changed

changelogs/unreleased/14707-add-modsec-logging-sidecar-to-ingress-controller.yml

----
-title: Add modsecurity logging sidecar to ingress controller
-merge_request: 19600
-author:
-type: added

changelogs/unreleased/14770-ignore-deprecated-column-on-projects.yml

----
-title: Ignore deprecated column and remove references to it
-merge_request: 18911
-author:
-type: deprecated

changelogs/unreleased/18797-support-for-crossplane-as-a-managed-app.yml

----
-title: Support for Crossplane as a managed app
-merge_request: 18797
-author: Mahendra Bagul
-type: added

changelogs/unreleased/18986-allow-to-use-commit-sha-in-cache-key.yml

----
-title: Build CI cache key from commit SHAs that changed given files
-merge_request: 19392
-author:
-type: added

changelogs/unreleased/19054-upgrade-helm.yml

----
-title: 'Updated Auto-DevOps to kubectl v1.13.12 and helm v2.15.1'
-merge_request: 19054
-author: Leo Antunes
-type: changed

changelogs/unreleased/19445-native-group-milestone-page-needs-same-info-as-project-milestones.yml

----
-title: Add issues, MRs, participants, and labels tabs in group milestone page
-merge_request: 18818
-author:
-type: added

changelogs/unreleased/20081-add-mb-2-class-to-global-alerts.yml

----
-title: Add mb-2 class to global alerts
-merge_request: 20081
-author: 2knal
-type: other

changelogs/unreleased/22392-add-eks-clusters-to-usage-data.yml

----
-title: Add EKS cluster count to usage data
-merge_request: 17059
-author:
-type: other

changelogs/unreleased/22392-capture-aws-role-details.yml

----
-title: Add ApplicationSetting entries for EKS integration
-merge_request: 18307
-author:
-type: other

changelogs/unreleased/22392-eks-create-cluster-fe.yml

----
-title: Create AWS EKS cluster
-merge_request: 19578
-author:
-type: added

changelogs/unreleased/24082-double-escaping-in-tableflip-quick-action.yml

----
-title: Fix double escaping in /tableflip quick action
-merge_request: 19271
-author: Brian T
-type: fixed

changelogs/unreleased/24146-query-string-params.yml

----
-title: Populate new pipeline CI vars from params
-merge_request: 19023
-author:
-type: added

changelogs/unreleased/24172-group-vars.yml

----
-title: Show inherited group variables in project view
-merge_request: 18759
-author:
-type: added

changelogs/unreleased/24792-artifact-based-view-for-junit-xml.yml

----
-title: Added Tests tab to pipeline detail that contains a UI for browsing test reports
-  produced by JUnit
-merge_request: 18255
-author:
-type: added

changelogs/unreleased/25188-unable-to-expand-collapse-files-in-merge-request-by-clicking-caret.yml

----
-title: Fix unable to expand or collapse files in merge request by clicking caret
-merge_request: 19222
-author: Brian T
-type: fixed

changelogs/unreleased/26138-replace-raven-js-with-sentry-browser.yml

----
-title: Replace raven-js with @sentry/browser
-merge_request: 17715
-author:
-type: changed

changelogs/unreleased/26207-issue-board-loading-infinite-if-closing-the-closed-row.yml

----
-title: Fix closed board list loading issue
-merge_request:
-author:
-type: fixed

changelogs/unreleased/26380-personal-snippets.yml

----
-title: Allow admins to administer personal snippets
-merge_request: 19693
-author: Oren Kanner
-type: fixed

changelogs/unreleased/27034-new-branch-length.yml

----
-title: Truncate recommended branch name to a sane length
-merge_request: 18821
-author:
-type: changed

changelogs/unreleased/27433-fix-vulnerable-code-copied-from-devise.yml

----
-title: Update incrementing of failed logins to be thread-safe
-merge_request: 19614
-author:
-type: security

changelogs/unreleased/27464-misleading-input-controller-for-dates.yml

----
-title: Remove calendar icon from personal access tokens
-merge_request: 20183
-author:
-type: other

changelogs/unreleased/28258-fix-project-clone-dropdrown-button-width.yml

----
-title: Fix project clone dropdown button width
-merge_request: 19551
-author: George Tsiolis
-type: fixed

changelogs/unreleased/28302-move-add-license-button.yml

----
-title: Move add license button to project buttons
-merge_request: 19370
-author:
-type: changed

changelogs/unreleased/28336-dropdown-icon-missing-on-compare-page.yml

----
-title: Adding dropdown arrow icon and updated text alignment
-merge_request:
-author:
-type: other

changelogs/unreleased/28338-different-dropdown-styles-on-settings-page.yml

----
-title: Change selects from default browser style to custom style
-merge_request:
-author:
-type: other

changelogs/unreleased/28350-manifest-error-file-attach.yml

----
-title: Add max width on manifest file attachment input
-merge_request: 19028
-author:
-type: fixed

changelogs/unreleased/28801-fix-canary-inconsistency.yml

----
-title: Fix canary badge and favicon inconsistency
-merge_request: 19645
-author:
-type: fixed

changelogs/unreleased/28985-links-to-notes-in-collapsed-discussions-dont-work.yml

----
-title: Fix expanding collapsed threads when reference link clicked
-merge_request: 20148
-author:
-type: fixed

changelogs/unreleased/29121-rename-trace.yml

----
-title: Replace wording trace with log
-merge_request:
-author:
-type: changed

changelogs/unreleased/29451-webide-currentsha.yml

----
-title: 'Resolve: Web IDE Throws Error When Viewing Diff for Renamed Files'
-merge_request: 19348
-author:
-type: fixed

changelogs/unreleased/29713-graphql-add-issue-relative-position-sort-2.yml

----
-title: 'Graphql query for issues can now be sorted by relative_position'
-merge_request: 19713
-author:
-type: added

changelogs/unreleased/29986-remove-leaky-401-responses.yml

----
-title: Standardize error response when route is missing
-merge_request:
-author:
-type: security

changelogs/unreleased/30131-breadcrumb-back-to-integrations-not-correct.yml

----
-title: Add missing breadcrumb in Project > Settings > Integrations
-merge_request: 18990
-author:
-type: fixed

changelogs/unreleased/30161-expose-merge-request-status-in-api.yml

----
-title: Expose mergeable state of a merge request
-merge_request: 18888
-author: briankabiro
-type: added

changelogs/unreleased/30182-checkbox-with-no-text-causing-following-checkboxes-not-to-be-saved.yml

----
-title: Fix checking task item when previous tasks contain only spaces
-merge_request: 19724
-author:
-type: fixed

changelogs/unreleased/30229-gitlab-backgroundmigration-pruneorphanedgeoevents-did-you-mean-prun.yml

----
-title: "[Geo] Fix: undefined Gitlab::BackgroundMigration::PruneOrphanedGeoEvents"
-merge_request: 19638
-author:
-type: fixed

changelogs/unreleased/30533-asciidoc-image-link-lazy-loading.yml

----
-title: Enable image link and lazy loading in AsciiDoc documents
-merge_request: 18164
-author: Guillaume Grossetie
-type: fixed

changelogs/unreleased/30616-improve-merge-request-description-placeholder.yml

----
-title: Improve merge request description placeholder
-merge_request: 20032
-author: Jacopo Beschi @jacopo-beschi
-type: changed

changelogs/unreleased/30660-allow-to-enable-disable-auto-ssl-letsencrypt-support-via-api.yml

----
-title: Require explicit null parameters to remove pages domain certificate and allow to use Let's Encrypt certificates through API
-merge_request:
-author:
-type: changed

changelogs/unreleased/30695-remove-add-btn-in-approval-rule.yml

----
-title: Can directly add approvers to approval rule
-merge_request: 18965
-author:
-type: changed

changelogs/unreleased/30810-blob-view-buttons.yml

----
-title: Change blob edit view button styling
-merge_request: 19566
-author:
-type: other

changelogs/unreleased/31134-add-usage-ping-data-for-project-services.yml

----
-title: Add usage ping data for project services
-merge_request: 19687
-author:
-type: added

changelogs/unreleased/31184-refactor-disabled-sidebar-notification-to-vue.yml

----
-title: Refactor disabled sidebar notifications to Vue
-merge_request: 20007
-author: minghuan lei
-type: other

changelogs/unreleased/31222-follow-up-from-adjusts-snowplow-to-use-cookies-for-sessions.yml

----
-title: Rename snowplow_site_id to snowplow_app_id in application_settings table
-merge_request: 19252
-author:
-type: other

changelogs/unreleased/31309-add-ability-for-users-to-organize-projects-on-the-operations-dashbo.yml

----
-title: Add ability to reorder projects on operations dashboard
-merge_request: 18855
-author:
-type: added

changelogs/unreleased/31364-error-when-attempting-to-view-gitlab-com-group-billing-page.yml

----
-title: Fix error when viewing group billing page
-merge_request: 18740
-author:
-type: fixed

changelogs/unreleased/31390-remove-pointer-cursor-from-memory-usage-chart.yml

----
-title: Remove pointer cursor from MemoryUsage chart on MR widget deployment
-merge_request: 18599
-author:
-type: fixed

changelogs/unreleased/31411-add-loading-indicator-when-connecting-to-error-tracking-server.yml

----
-title: Add loading icon to error tracking settings page
-merge_request: 19539
-author:
-type: changed

changelogs/unreleased/31658-add-rollback-dialog-environment.yml

----
-title: Fix environment name in rollback dialog
-merge_request: 19209
-author:
-type: fixed

changelogs/unreleased/31843-contextual-documentation-to-help-users-download-npm-packages.yml

----
-title: Added installation commands for npm and yarn packages to package detail page
-merge_request: 18999
-author:
-type: added

changelogs/unreleased/31868-make-name-optional-parameter-of-release-entity.yml

----
-title: Made `name` optional parameter of Release entity
-merge_request: 19705
-author:
-type: changed

changelogs/unreleased/31912-epic-labels.yml

----
-title: Manage and display labels from epic in the GraphQL API
-merge_request: 19642
-author:
-type: added

changelogs/unreleased/31914-graphql-todos-mark-todo-as-done-pd.yml

----
-title: Mark todo done by GraphQL API
-merge_request: 18581
-author:
-type: added

changelogs/unreleased/31919-graphql-MR-assignee-mutation.yml

----
-title: Add MergeRequestSetAssignees GraphQL mutation
-merge_request: 19272
-author:
-type: added

changelogs/unreleased/31919-graphql-MR-label-mutation.yml

----
-title: 'GraphQL: Create MR mutations needed for the sidebar'
-merge_request: 19913
-author:
-type: added

changelogs/unreleased/31919-graphql-MR-sidebar-mutations.yml

----
-title: 'GraphQL: Add Merge Request milestone mutation'
-merge_request: 19257
-author:
-type: added

changelogs/unreleased/31964-make-snippet-list-easier-to-scan.yml

----
-title: Make snippet list easier to scan
-merge_request: 19490
-author:
-type: other

changelogs/unreleased/32052-add-pa-start-date-limit.yml

----
-title: Add productivity analytics merge date filtering limit
-merge_request: 32052
-author:
-type: fixed

changelogs/unreleased/32198-banner-alerting-of-project-move-is-showing-up-everywhere.yml

----
-title: Fix "project or group was moved" alerts showing up in the wrong pages
-merge_request: 18985
-author:
-type: fixed

changelogs/unreleased/32358-add-modsec-feature-flag-to-usage-ping.yml

----
-title: Add modsecurity feature flag to usage ping
-merge_request: 20194
-author:
-type: added

changelogs/unreleased/32367-hashed-storage-migration-handle-failed-attachment-migrations-wth-ex.yml

----
-title: 'Hashed Storage Migration: Handle failed attachment migrations with existing
-  target path'
-merge_request: 19061
-author:
-type: fixed

changelogs/unreleased/32398-geo-rake-gitlab-geo-check-on-the-primary-is-cluttered.yml

----
-title: "[Geo] Fix: rake gitlab:geo:check on the primary is cluttered"
-merge_request: 19460
-author:
-type: changed

changelogs/unreleased/32419-growth-conversion-experiment-test-new-admin-upgrade-design-copy-for.yml

----
-title: Upgrade design/copy for issue weights locked feature
-merge_request: 17352
-author:
-type: changed

changelogs/unreleased/32458-update-group-creation-url-so-it-is-always-unique-and-does-not-gener.yml

----
-title: New group path uniqueness check
-merge_request: 17394
-author:
-type: added

changelogs/unreleased/32464-backend-sentry-error-details.yml

----
-title: API for stack trace & detail view of Sentry error in GitLab
-merge_request: 19137
-author:
-type: added

changelogs/unreleased/32464-detail-view-of-sentry-error.yml

----
-title: Detail view of Sentry error in GitLab
-merge_request: 18878
-author:
-type: added

changelogs/unreleased/32534-gitlab-rake-gitlab-cleanup-orphan_job_artifact_files-dry_run-false-is-not-removing-artifacts.yml

----
-title: Correctly cleanup orphan job artifacts
-merge_request: 17679
-author: Adam Mulvany
-type: fixed

changelogs/unreleased/32562-dynamic-db-pool-size-in-puma.yml

----
-title: 'Puma only: database connection pool now always >= number of worker threads'
-merge_request: 19286
-author:
-type: performance

changelogs/unreleased/32685-remove-epics-tree-feature-flag.yml

----
-title: Show Tree UI containing child Epics and Issues within an Epic
-merge_request: 19812
-author:
-type: added

changelogs/unreleased/32935-preventing-accidental-project-deletion-db-changes.yml

----
-title: Add migrations and changes for soft-delete for projects
-merge_request: 18791
-author:
-type: added

changelogs/unreleased/32935-preventing-accidental-project-deletion-index.yml

----
-title: Add index on marked_for_deletion_at in projects table
-merge_request: 19788
-author:
-type: other

changelogs/unreleased/32951-secure-modal-mobile-issue.yml

----
-title: Fixes mobile styling issues on security modals
-merge_request: 19391
-author:
-type: fixed

changelogs/unreleased/32962-update-gcp-credit-url.yml

----
-title: Update GCP credit URLs
-merge_request: 19683
-author:
-type: fixed

changelogs/unreleased/33042-persist-zoom-meetings-added-to-issues-in-the-database-2.yml

----
-title: Store Zoom URLs in a table rather than in the issue description
-merge_request: 18620
-author:
-type: changed

changelogs/unreleased/33054-share_groups_with_groups.yml

----
-title: Share groups with groups
-merge_request: 17117
-author:
-type: added

changelogs/unreleased/33101-add-deployments-api-updated-after-param.yml

----
-title: Allow order_by updated_at in Deployments API
-merge_request: 19658
-author:
-type: added

changelogs/unreleased/33121-refactor-user-counts.yml

----
-title: Refactor maximum user counts in license
-merge_request: 19071
-author: briankabiro
-type: changed

changelogs/unreleased/33182-fix-productivity-analytics-multiple-labels-bug.yml

----
-title: Fix productivity analytics listing with multiple labels
-merge_request: 33182
-author:
-type: fixed

changelogs/unreleased/33268-updated-operations-metrics-charts-do-not-load-properly.yml

----
-title: Fix empty chart in collapsed sections
-merge_request: 18699
-author:
-type: fixed

changelogs/unreleased/33306-missing-field-discussions.yml

----
-title: Prevents console warning on design upload
-merge_request: 19297
-author:
-type: fixed

changelogs/unreleased/33460-webide-line-endings.yml

----
-title: 'Resolve: Web IDE does not create POSIX Compliant Files'
-merge_request: 19339
-author:
-type: fixed

changelogs/unreleased/33533-go-to-root-if-no-path-on-branch.yml

----
-title: When a user views a file's blame or blob and switches to a branch where the
-  current file does not exist, they will now be redirected to the root of the repository.
-merge_request: 18169
-author: Jesse Hall @jessehall3
-type: changed

changelogs/unreleased/33557-make-pages-settings-e-g-enablement-access-control-more-visible.yml

----
-title: Add warnings about pages access control settings
-merge_request: 19067
-author:
-type: added

changelogs/unreleased/33672-add-enable-checkbox-for-grafana-authentication-settings.yml

----
-title: Migrate enabled flag on grafana_integrations table
-merge_request: 19234
-author:
-type: changed

changelogs/unreleased/33805-add_serverless_framework_template.yml

----
-title: Add template for Serverless Framework/JS
-merge_request: 33805
-author:
-type: added

changelogs/unreleased/33896-security-dashboard-projects.yml

----
-title: Create a users_security_dashboard_projects table to store the projects a user has added to their personal security dashboard
-merge_request: 18708
-author:
-type: added

changelogs/unreleased/33897-make-arrow-buttons-work-within-search-box.yml

----
-title: Fix keyboard shortcuts in header search autocomplete
-merge_request: 18685
-author:
-type: fixed

changelogs/unreleased/33902-fix-private-group-todo-mentions.yml

----
-title: Do not generate To-Dos additional when editing group mentions
-merge_request: 19037
-author:
-type: fixed

changelogs/unreleased/34078-extend-audit-events-api-for-gitlab-com.yml

----
-title: Add Group Audit Events API
-merge_request: 19868
-author:
-type: added

changelogs/unreleased/34132-graphql-epic-subscribtions.yml

----
-title: Graphql mutation for (un)subscribing to an epic
-merge_request: 19083
-author:
-type: added

changelogs/unreleased/34149-hide-delete-selected-in-designs-when-viewing-an-old-version.yml

----
-title: Resolve Hide Delete selected in designs when viewing an old version
-merge_request: 19889
-author:
-type: fixed

changelogs/unreleased/34230-fix-popover-image.yml

----
-title: Fix cluster feature highlight popover image
-merge_request: 19372
-author:
-type: fixed

changelogs/unreleased/34258-embedding-sentry-stacktrace.yml

----
-title: Sentry error stacktrace
-merge_request: 19492
-author:
-type: added

changelogs/unreleased/34299-enable-color-chip-asciidoc.yml

----
-title: Enable the color chip in AsciiDoc documents
-merge_request: 18723
-author:
-type: added

changelogs/unreleased/34320-error-when-uploading-a-few-designs-in-a-row.yml

----
-title: Resolve Error when uploading a few designs in a row
-merge_request: 18811
-author:
-type: fixed

changelogs/unreleased/34335-move-subscribed-field-to-issue-type.yml

----
-title: Expose subscribed field in issue lists queried with GraphQL
-merge_request: 19458
-author: briankabiro
-type: changed

changelogs/unreleased/34372-serverless-function-description-does-not-show-up-for-newly-created-.yml

----
-title: Fix serverless function descriptions not showing on Knative 0.7
-merge_request: 18973
-author:
-type: fixed

changelogs/unreleased/34416-subscribed-notification-header.yml

----
-title: Set X-GitLab-NotificationReason header if notification reason is explicit subscription
-merge_request: 18812
-author:
-type: added

changelogs/unreleased/34423-user-popover-immediately-closed-when-hovering-over-certain-areas.yml

----
-title: Fix user popover not being displayed when the user has a status message
-merge_request: 19519
-author:
-type: fixed

changelogs/unreleased/34426-use-new-list-task-icon-in-text-editor.yml

----
-title: Replace task-done icon with list-task icon to better align with other toolbar
-  list icons
-merge_request:
-author:
-type: other

changelogs/unreleased/34431-add-report-type-vulnerabilities.yml

----
-title: Added report_type attribute to Vulnerabilities
-merge_request: 19179
-author:
-type: changed

changelogs/unreleased/34443-fix-template-bug.yml

----
-title: Fix template selector filename bug
-merge_request: 19376
-author:
-type: fixed

changelogs/unreleased/34519-move-planels-in-dashboard-save-to-the-vuex-store.yml

----
-title: Save dashboard changes by the user into the vuex store
-merge_request: 18862
-author:
-type: changed

changelogs/unreleased/34564-vulnerability-issue-links.yml

----
-title: Update the DB schema to allow linking between Vulnerabilities and Issues
-merge_request: 19852
-author:
-type: added

changelogs/unreleased/34577-add-dep-scanner-var-maven.yml

----
-title: Add maven cli opts flag to maven security analyzer (part of dependency scanning)
-merge_request: 19174
-author:
-type: changed

changelogs/unreleased/34606-Remove-IIFEs-from-merge_request-js.yml

----
-title: Remove IIFEs from merge_request.js
-merge_request: 19294
-author: minghuan lei
-type: other

changelogs/unreleased/34607-Remove-IIFEs-from-branch_graph-js.yml

----
-title: Remove IIFEs from branch_graph.js
-merge_request: 20008
-author: minghuan lei
-type: other

changelogs/unreleased/34610-Remove-IIFEs-from-new_branch_form-js.yml

----
-title: Remove IIFEs from new_branch_form.js
-merge_request: 20009
-author: minghuan lei
-type: other

changelogs/unreleased/34624-remove-IIFEs-from-project_select-js.yml

----
-title: Remove IIFEs from project_select.js
-merge_request: 19288
-author: minghuan lei
-type: other

changelogs/unreleased/34717-update-expired-trial-copy.yml

----
-title: Update expired trial status copy
-merge_request: 18962
-author:
-type: changed

changelogs/unreleased/34755-refactor-getdateinpast-to-return-date-object.yml

----
-title: Change return type of getDateInPast to Date
-merge_request: 19081
-author:
-type: changed

changelogs/unreleased/34757-bugfix-graphql-missing-todo-types.yml

----
-title: Fix errors in GraphQL Todos API due to missing TargetTypeEnum values
-merge_request: 19052
-author:
-type: fixed

changelogs/unreleased/34770-error-500-for-api-v4-projects-id-services-jira-nomethoderror-undefi.yml

----
-title: Fix project service API 500 error
-merge_request: 19367
-author:
-type: fixed

changelogs/unreleased/34779-editing-metric-dashboard-using-yml-file.yml

----
-title: Add edit button to metrics dashboard
-merge_request: 19279
-author:
-type: added

changelogs/unreleased/34827-delete-container-registry-tag-undefined-method-success-for-nil.yml

----
-title: Fix crash when docker fails deleting tags
-merge_request: 19208
-author:
-type: fixed

changelogs/unreleased/34850-fix-graphql-todo-ids.yml

----
-title: Fix Todo IDs in GraphQL API
-merge_request: 19068
-author:
-type: fixed

changelogs/unreleased/34855-dependency-list-is-not-up-to-date-frontend.yml

----
-title: Add pipeline information to dependency list header
-merge_request: 19352
-author:
-type: added

changelogs/unreleased/34944-fix-kubernetes-help-text-link.yml

----
-title: Fix Kubernetes help text link
-merge_request: 19121
-author:
-type: fixed

changelogs/unreleased/35217-add_fields_to_all_dashboards.yml

----
-title: Add can_edit and project_blob_path to metrics_dashboard endpoint
-merge_request: 19663
-author:
-type: added

changelogs/unreleased/35440-Hide-start-trial-buttons-for-expired-namespaces.yml

----
-title: Hide repeated trial offers on self-hosted instances
-merge_request: 19511
-author:
-type: changed

changelogs/unreleased/35440-for-com-namespaces-with-expired-trials-remove-start-trial-ctas.yml

----
-title: Hide trial banner for namespaces with expired trials
-merge_request: 19510
-author:
-type: changed

changelogs/unreleased/35528-add-ui-event-tracking-for-container-registry.yml

----
-title: Add event tracking to container registry
-merge_request: 19772
-author:
-type: changed

changelogs/unreleased/35534-broken-scroll-to-bottom.yml

----
-title: Fix scroll to bottom with new job log
-merge_request:
-author:
-type: fixed

changelogs/unreleased/35537-button-regression-fix.yml

----
-title: Revert btn-xs styling in projects scss
-merge_request: 19640
-author:
-type: fixed

changelogs/unreleased/35547-add-documentation-for-sign-in-application-setting.yml

----
-title: Add documentation for sign-in application setting
-merge_request: 19561
-author: Horatiu Eugen Vlad
-type: added

changelogs/unreleased/35618-add-clipboard-button-to-package-registry-information.yml

----
-title: Adds a copy button next to package metadata on the details page
-merge_request: 19881
-author:
-type: added

changelogs/unreleased/35637-add-start-a-trial-option-in-top-right-drop-down.yml

----
-title: Add start a trial option in the top-right user dropdown
-merge_request: 19632
-author:
-type: added

changelogs/unreleased/35709-update-squash-commit-sha-only-on-successful-merge.yml

----
-title: Update squash_commit_sha only on successful merge
-merge_request: 19688
-author:
-type: fixed

changelogs/unreleased/35731-fix-snippets-with-emoji-import.yml

----
-title: Fix import of snippets having `award_emoji` (Project Export/Import)
-merge_request: 19690
-author:
-type: fixed

changelogs/unreleased/35749-improve-performance-of-lfs_object-queries.yml

----
-title: Improve performance of linking LFS objects during import
-merge_request: 19709
-author:
-type: performance

changelogs/unreleased/35751-new-trial-flow-for-logged-in-user-should-not-take-them-to-the-custo.yml

----
-title: Use new trial registration URL in billing
-merge_request: 19978
-author:
-type: fixed

changelogs/unreleased/35908-embedded-videos-not-scaled-correctly.yml

----
-title: Fixed the scale of embedded videos to fit the page
-merge_request: 20056
-author:
-type: fixed

changelogs/unreleased/36113-visual-design-of-edit-and-web-ide-button-in-blob-view.yml

----
-title: Visual design for edit buttons in blob view
-merge_request: 19932
-author:
-type: other

changelogs/unreleased/36141-update-start-a-trial-option-in-top-right-drop-down-to-include-gold.yml

----
-title: Update start a trial option in top right drop down to include Gold
-merge_request: 19971
-author:
-type: changed

changelogs/unreleased/36142-update-saas-trial-header-to-include-the-tier-gold.yml

----
-title: Update SaaS trial header to include the tier Gold
-merge_request: 19970
-author:
-type: changed

changelogs/unreleased/36213-update-codequality-to-12-5.yml

----
-title: Update registry.gitlab.com/gitlab-org/security-products/codequality to 12-5-stable
-merge_request: 20046
-author: Takuya Noguchi
-type: other

changelogs/unreleased/36262-monitor-cluster-health-charts-does-not-load.yml

----
-title: Fix broken monitor cluster health dashboard
-merge_request: 20120
-author:
-type: fixed

changelogs/unreleased/36453-flashcontainer-causing-page-header-to-be-off-center.yml

----
-title: Move margin-top from flash container to flash
-merge_request: 20211
-author:
-type: other

changelogs/unreleased/36460-metrics-dashboard-fails-to-load-script-doesn-t-stop.yml

----
-title: Remove update hook from date filter to prevent js from getting stuck
-merge_request: 20215
-author:
-type: fixed

changelogs/unreleased/48-add-company-question-to-profile-information.yml

----
-title: Ask if the user is setting up GitLab for a company during signup
-merge_request: 17999
-author:
-type: changed

changelogs/unreleased/5366-display-anomaly-deviation-boundaries-on-dashboard-ce.yml

----
-title: Added new chart component to display an anomaly boundary
-merge_request: 16530
-author:
-type: added

changelogs/unreleased/63778-graphql-add-issue-due-date-sortring.yml

----
-title: 'Issues queried in GraphQL now sortable by due date'
-merge_request: 18094
-author:
-type: added

changelogs/unreleased/7104-show-timeframe-dates-in-epics-list.yml

----
-title: Show start and end dates in Epics list page
-merge_request: 19006
-author:
-type: added

changelogs/unreleased/7816-commits-diff-total-api.yml

----
-title: Show correct total number of commit diff's changes
-merge_request: 19424
-author:
-type: fixed

changelogs/unreleased/8199-epic-quick-actions-preview.yml

----
-title: Fix previewing quick actions for epics
-merge_request: 19042
-author:
-type: fixed

changelogs/unreleased/8558-bump-ado-image-for-modsec-secruleengine.yml

----
-title: Bump Auto-Deploy image to v0.3.0
-merge_request: 18809
-author:
-type: added

changelogs/unreleased/8558-use-custom-modsecurity-ingress-config.yml

----
-title: Add modsecurity template for ingress-controller
-merge_request: 18485
-author:
-type: changed

changelogs/unreleased/CauhxMilloy-gitlab-addStartEndMarkersForTagsSearch.yml

----
-title: Adding support for searching tags using '^' and '$'
-merge_request: 19435
-author: Cauhx Milloy
-type: added

changelogs/unreleased/Remove-IIFEs-from-image_file-js.yml

----
-title: Removed IIFEs from image_file.js
-merge_request: 19548
-author: nuwe1
-type: other

changelogs/unreleased/Remove-IIFEs-from-network-js.yml

----
-title: Removed IIFEs from network.js file
-merge_request: 19254
-author: nuwe1
-type: other

changelogs/unreleased/Update-boards-components-board_form-vue.yml

----
-title: Remove all reference to BoardService in board_form.vue
-merge_request: 20158
-author: nuwe1
-type: other

changelogs/unreleased/Update-boards-components-models-index-vue.yml

----
-title: Remove all references to BoardsService in index.vue
-merge_request: 20152
-author: nuwe1
-type: other

changelogs/unreleased/Update-boards_selector-vue-to-use-boardsStore.yml

----
-title: remove all references of BoardService in boards_selector.vue
-merge_request: 20147
-author: nuwe1
-type: other

changelogs/unreleased/ab-projects-api-indexes-authenticated.yml

----
-title: Add index for authenticated requests to projects API default endpoint
-merge_request: 19993
-author:
-type: performance

changelogs/unreleased/ab-projects-api-indexes.yml

----
-title: Add index for unauthenticated requests to projects API default endpoint
-merge_request: 19989
-author:
-type: performance

changelogs/unreleased/ab-projects-id-filter.yml

----
-title: Add id_before, id_after filter param to projects API
-merge_request: 19949
-author:
-type: added

changelogs/unreleased/add-dead-jobs-to-api-sidekiq-metrics.yml

----
-title: Add dead jobs to Sidekiq metrics API
-merge_request: 19350
-author: Marco Peterseil
-type: added

changelogs/unreleased/add-default-plan.yml

----
-title: Create explicit Default and Free plans
-merge_request: 19033
-author:
-type: other

changelogs/unreleased/add-inheritable-mixin.yml

----
-title: Make `Job`, `Bridge` and `Default` inheritable
-merge_request: 18867
-author:
-type: added

changelogs/unreleased/add-missing-bottom-padding-in-settings.yml

----
-title: Add missing bottom padding in CI/CD settings
-merge_request: 19284
-author: George Tsiolis
-type: fixed

changelogs/unreleased/add-pendo-snippet.yml

----
-title: Adds Application Settings and ui settings in the integration admin area for Pendo
-merge_request: 15086
-author:
-type: added

changelogs/unreleased/add-rails-parser-for-new-cs-report-format.yml

----
-title: Handle new Container Scanning report format
-merge_request: 19123
-author:
-type: changed

changelogs/unreleased/add-slack-slash-command-issue-comment.yml

----
-title: Add a Slack slash command to add a comment to an issue
-merge_request: 18946
-author:
-type: added

changelogs/unreleased/add-snowplow-iglu-registry-application-setting.yml

----
-title: Add ApplicationSetting for snowplow_iglu_registry_url
-merge_request: 18449
-author:
-type: added

changelogs/unreleased/ak-add-elastic-cluster-app.yml

-title: Create table for elastic stack.
-merge_request: 18015
-author:
-type: added

changelogs/unreleased/ak-fix-undefined-value.yml

----
-title: Fix uninitialized constant SystemDashboardService
-merge_request: 19453
-author:
-type: fixed

changelogs/unreleased/allow-adding-requests-to-performance-bar-manually.yml

----
-title: Allow adding requests to performance bar manually
-merge_request: 18464
-author:
-type: other

changelogs/unreleased/allow-container-scanning-to-run-offline.yml

----
-title: Allow container scanning to run offline by specifying the Clair DB image to use.
-merge_request: 19161
-author:
-type: changed

changelogs/unreleased/an-mark-jobs-as-latency-sensitive.yml

----
-title: Attribute Sidekiq workers according to their workloads
-merge_request: 18066
-author:
-type: other

changelogs/unreleased/an-sidekiq-records-failure-durations.yml

----
-title: Record latencies for Sidekiq failures
-merge_request: 18909
-author:
-type: performance

changelogs/unreleased/andr3-fix-designmanagement-upload-limit.yml

----
-title: Apply correctly the limit of 10 designs per upload
-merge_request:
-author:
-type: fixed

changelogs/unreleased/auto-deploy-image-0-7-0.yml

----
-title: Bump Auto DevOps deploy image to v0.7.0
-merge_request: 20250
-author:
-type: other

changelogs/unreleased/backstage-remove-export-designs-feature-flag.yml

----
-title: Removes `export_designs` feature flag
-merge_request: 18507
-author: nate geslin
-type: other

changelogs/unreleased/blackst0ne-make-sidekiq-testing-fake-default.yml

----
-title: Make 'Sidekiq::Testing.fake!' mode as default
-merge_request: 31662
-author: "@blackst0ne"
-type: other

changelogs/unreleased/bug-fix-27164-Image-cannot-be-collapsed-on-merge-request-changes-tab.yml

----
-title: 'fixed #27164 Image cannot be collapsed on merge request changes tab'
-merge_request: 18917
-author: Jannik Lehmann
-type: fixed

changelogs/unreleased/bvl-robust-gpg-homedir-cleanup.yml

----
-title: Improve handling of gpg-agent processes
-merge_request: 19311
-author:
-type: changed

changelogs/unreleased/change-default-factor-on-merge-train.yml

----
-title: Change the default concurrency factor of merge train to 20
-merge_request: 20201
-author:
-type: changed

changelogs/unreleased/chore-slugify-duplication-removal.yml

----
-title: Remove duplication from slugifyWithUnderscore function
-merge_request: 20016
-author: Arun Kumar Mohan
-type: other

changelogs/unreleased/cluster_management_projects_updating.yml

----
-title: Adds ability to set management project for cluster via API
-merge_request: 18429
-author:
-type: added

changelogs/unreleased/consider-location-fingerprint-in-mr-widget.yml

----
-title: Use fingerprint when comparing security reports in MR widget
-merge_request: 19654
-author:
-type: fixed

changelogs/unreleased/defect-diff-file-size.yml

----
-title: Re-add missing file sizes in 2-Up diff file viewer
-merge_request: 19710
-author:
-type: fixed

changelogs/unreleased/deployment-commit-tracking.yml

----
-title: Add deployment_merge_requests table
-merge_request: 18755
-author:
-type: other

changelogs/unreleased/do-not-abort-merge-trains-on-ff.yml

----
-title: Abort only MWPS when FF only merge is impossible
-merge_request: 18591
-author:
-type: fixed

changelogs/unreleased/drop-id-of-ci-trace-sectinos.yml

----
-title: Drop `id` column from `ci_build_trace_sections` table
-merge_request: 18741
-author:
-type: changed

changelogs/unreleased/dz-abuse-reports-filter.yml

----
-title: Add user filtering to abuse reports page
-merge_request: 19365
-author:
-type: changed

changelogs/unreleased/dz-add-indices-to-abuse-reports.yml

----
-title: Improve performance of admin/abuse_reports page
-merge_request: 19630
-author:
-type: performance

changelogs/unreleased/dz-fix-clusters-api-doc-2.yml

----
-title: Fix api docs for deleting project cluster
-merge_request: 19558
-author:
-type: other

changelogs/unreleased/dz-improve-admin-features.yml

----
-title: Improve admin dashboard features
-merge_request: 18666
-author:
-type: changed

changelogs/unreleased/dz-move-project-routes.yml

----
-title: Move some project routes under - scope
-merge_request: 19954
-author:
-type: deprecated

changelogs/unreleased/enable-environment-dashboard-on-prod.yml

----
-title: Enable environments dashboard by default
-merge_request: 19838
-author:
-type: added

changelogs/unreleased/enable-group-events.yml

----
-title: Show epic events on group activity page.
-merge_request: 18869
-author:
-type: added

changelogs/unreleased/environments-dashboard-ux-tweaks.yml

----
-title: Minor UX improvements to Environments Dashboard page
-merge_request: 18280
-author:
-type: changed

changelogs/unreleased/expose-artifacts-to-merge-request-widget.yml

----
-title: Expose arbitrary job artifacts in Merge Request widget
-merge_request: 18385
-author:
-type: added

changelogs/unreleased/fe-cluster-management-project.yml

----
-title: Add ability to select a Cluster management project
-merge_request: 18928
-author:
-type: added

changelogs/unreleased/feat-unify-html-email-layouts.yml

----
-title: Unify html email layout for member html emails
-merge_request: 17699
-author: Diego Louzán
-type: added

changelogs/unreleased/feature-cluster-cleanup-state-machine.yml

----
-title: Add cleanup status to clusters
-merge_request: 18144
-author:
-type: added

changelogs/unreleased/feature-reduce-cluster-ip-size.yml

----
-title: Reduce the allocated IP for Cluster and Services
-merge_request: 18341
-author:
-type: changed

changelogs/unreleased/fix-admin-mode-ui-buttons-missing-on-small-screens.yml

----
-title: Fix missing admin mode UI buttons on bigger screen sizes
-merge_request: 18585
-author: Diego Louzán
-type: fixed

changelogs/unreleased/fix-dropzone-no-element-exception.yml

----
-title: Prevent Dropzone.js initialisation error by checking target element existence
-merge_request: 20256
-author: Fabio Huser
-type: fixed

changelogs/unreleased/fix-job-log-style-reset.yml

----
-title: Fix style reset in job log when empty ANSI sequence is encoutered
-merge_request: 20367
-author:
-type: fixed

changelogs/unreleased/fix-merge-train-is-not-refreshed-when-aborted.yml

----
-title: Fix merge train is not refreshed when the system aborts/drops a merge request
-merge_request: 19763
-author:
-type: fixed

changelogs/unreleased/fix-stuck-ci-jobs-worker.yml

----
-title: Properly handle exceptions in StuckCiJobsWorker
-merge_request: 19465
-author:
-type: fixed

changelogs/unreleased/fix_group_container_repositories_n_1.yml

----
-title: Fix N+1 for group container repositories view
-merge_request: 18979
-author:
-type: performance

changelogs/unreleased/fj-24837-codesanbox-usage-ping.yml

----
-title: Add Codesandbox metrics to usage ping
-merge_request: 19075
-author:
-type: other

changelogs/unreleased/fj-32057-web-ide-preview-markdown-image-bug.yml

----
-title: Fix broken images when previewing markdown files in Web IDE
-merge_request: 18899
-author:
-type: fixed

changelogs/unreleased/gdk-672-bump-puma-killer-limits-for-dev.yml

----
-title: Increase PumaWorkerKiller memory limit in development environment
-merge_request: 20039
-author:
-type: performance

changelogs/unreleased/georgekoltsov-fix-group-export-descendants.yml

----
-title: Fix sub group export to export direct children
-merge_request: 20172
-author:
-type: fixed

changelogs/unreleased/georgekoltsov-group-structure-export-api-endp.yml

----
-title: Add API endpoint to trigger Group Structure Export
-merge_request: 19779
-author:
-type: added

changelogs/unreleased/gitaly-version-v1.71.0.yml

----
-title: Upgrade to Gitaly v1.71.0
-merge_request: 19611
-author:
-type: changed

changelogs/unreleased/gitlab_ci_path.yml

----
-title: Allow to define a default CI configuration path for new projects
-merge_request: 18073
-author: Mathieu Parent
-type: added

changelogs/unreleased/growth-91-when-users-update-their-profile-do-not-let-them-complete-the-up.yml

----
-title: Make role required when editing profile
-merge_request: 19636
-author:
-type: changed

changelogs/unreleased/harishsr-emoticon-commit-links.yml

----
-title: Allow emojis to be linkable
-merge_request: 18014
-author:
-type: fixed

changelogs/unreleased/helm-v2-16-1.yml

----
-title: Helm v2.16.1
-merge_request: 19981
-author:
-type: fixed

changelogs/unreleased/hide-projects-when-admin-mode-is-disabled.yml

----
-title: Hide projects without access to admin user when admin mode is disabled
-merge_request: 18530
-author: Diego Louzán
-type: changed

changelogs/unreleased/id-avoid-preloading-merge-request-commits.yml

----
-title: Execute limited request for diff commits instead of preloading
-merge_request: 19485
-author:
-type: performance

changelogs/unreleased/id-conditional-check-mergeability.yml

----
-title: Run check_mergeability only if merge status requires it
-merge_request: 19364
-author:
-type: performance

changelogs/unreleased/id-fix-any-approver-rule-for-projects.yml

----
-title: Fix any approver project rule records
-merge_request: 18265
-author:
-type: changed

changelogs/unreleased/id-nil-short-commit-sha.yml

----
-title: Serialize short sha as nil if head commit is blank
-merge_request: 19014
-author:
-type: fixed

changelogs/unreleased/id-optimize-mergeable-discussions-state.yml

----
-title: Optimize MergeRequest#mergeable_discussions_state? method
-merge_request: 19988
-author:
-type: performance

changelogs/unreleased/increase-certmanager-install-timeout.yml

----
-title: Increase the timeout for GitLab-managed cert-manager installation to 90 seconds
-  (was 30 seconds)
-merge_request: 19447
-author:
-type: fixed

changelogs/unreleased/infinite-scroll.yml

----
-title: Add Infinite scroll to Add Projects modal in the operations dashboard
-merge_request: 17842
-author:
-type: fixed

changelogs/unreleased/introduce-feature-flag-api-enable-disable.yml

----
-title: Support Enable/Disable operations in Feature Flag API
-merge_request: 18368
-author:
-type: added

changelogs/unreleased/issue-63160.yml

----
-title: Use initial commit SHA instead of branch id to request IDE files and contents
-merge_request: 19348
-author: David Palubin
-type: fixed

changelogs/unreleased/jc-add-internal-socket-dir-to-setup.yml

----
-title: Add internal_socket_dir to gitaly config in setup helper
-merge_request: 19170
-author:
-type: other

changelogs/unreleased/jc-dont-render-commit-links.yml

----
-title: Do not render links in commit message on blame page
-merge_request: 19128
-author:
-type: performance

changelogs/unreleased/jc-dont-try-to-movedirs-unless-legacy.yml

----
-title: Only move repos for legacy project storage
-merge_request: 19410
-author:
-type: fixed

changelogs/unreleased/jej-group-saml-test-button-shows-response.yml

----
-title: Users can verify SAML configuration and view SamlResponse XML
-merge_request: 18362
-author:
-type: added

changelogs/unreleased/jej-prevent-ldap-sign-in.yml

----
-title: Add prevent_ldap_sign_in option so LDAP can be used exclusively for sync
-merge_request: 18749
-author:
-type: added

changelogs/unreleased/jh_flash_messages_styling_22992.yml

----
-title: Update flash messages color sitewide
-merge_request: 18369
-author:
-type: changed

changelogs/unreleased/jivanvl-add-support-heatmap-charts.yml

----
-title: Add heatmap chart support
-merge_request: 32424
-author:
-type: added

changelogs/unreleased/jj-ramirez-master-patch-71805.yml

----
-title: Update Runners Settings Text + Link to Docs
-merge_request: 18534
-author:
-type: changed

changelogs/unreleased/jlenny-master-patch-21737.yml

----
-title: Improve clarity of text for merge train position
-merge_request: 19031
-author:
-type: changed

changelogs/unreleased/job-log-support-mac-line-break.yml

----
-title: Let ANSI \r code replace the current job log line
-merge_request: 18933
-author:
-type: fixed

changelogs/unreleased/jramsay-admin-mirror-helptext.yml

----
-title: Improve instance mirroring help text
-merge_request: 19047
-author:
-type: other

changelogs/unreleased/jramsay-configure-default-branch-deletion.yml

----
-title: Add project option for deleting source branch
-merge_request: 18408
-author: Zsolt Kovari
-type: added

changelogs/unreleased/lm-grafana-auth-checkbox.yml

----
-title: Add grafana integration active status checkbox
-merge_request: 19255
-author:
-type: added

changelogs/unreleased/lm-search-list-of-sentry-errors.yml

----
-title: Search list of Sentry errors by title in Gitlab
-merge_request: 18772
-author:
-type: added

changelogs/unreleased/maintenance-move-branch-selector-to-top.yml

----
-title: Reduce new MR page redundancy by moving the source/target branch selector to
-  the top
-merge_request: 17559
-author:
-type: changed

changelogs/unreleased/make-register-job-service-to-be-resillient.yml

----
-title: Make `jobs/request` to be resillient
-merge_request: 19150
-author:
-type: fixed

changelogs/unreleased/make_cluster_management_project_ff_default_enabled.yml

----
-title: Specify management project for a Kubernetes cluster
-merge_request: 20216
-author:
-type: added

changelogs/unreleased/mc-bug-omips-not-blocking-on-skipped-pipelines.yml

----
-title: Block MR with OMIPS on skipped pipelines.
-merge_request: 18838
-author:
-type: fixed

changelogs/unreleased/mc-feature-flatten-ci-scripts.yml

----
-title: Add support for YAML anchors in CI scripts.
-merge_request: 18849
-author:
-type: changed

changelogs/unreleased/mermaid-update.yml

----
-title: Update to Mermaid v8.4.2 to support more graph types
-merge_request: 19444
-author:
-type: changed

changelogs/unreleased/most-affected-projects.yml

----
-title: Add endpoint for a group's vulnerable projects
-merge_request: 15317
-author:
-type: added

changelogs/unreleased/nfriend-add-release-links-to-milestone-detail-page.yml

----
-title: Add links to associated release(s) to the milestone detail page
-merge_request: 17278
-author:
-type: added

changelogs/unreleased/nfriend-add-release-to-milestone-list-page.yml

----
-title: Add links to associated releases on the Milestones page
-merge_request: 16558
-author:
-type: added

changelogs/unreleased/nfriend-add-releases-filter-for-issues.yml

----
-title: Add "release" filter to issue search page
-merge_request: 18761
-author:
-type: added

changelogs/unreleased/nfriend-add-releases-filter-for-merge-requests.yml

----
-title: Add "release" filter to merge request search page
-merge_request: 19315
-author:
-type: added

changelogs/unreleased/nfriend-edit-release-ux-cleanup.yml

----
-title: Update help text of "Tag name" field on Edit Release page
-merge_request: 19321
-author:
-type: changed

changelogs/unreleased/nfriend-fix-edit_url-property.yml

----
-title: Allow release block edit button to be visible
-merge_request: 19226
-author:
-type: fixed

changelogs/unreleased/nfriend-move-release-data-into-footer.yml

----
-title: Move release meta-data into footer on Releases page
-merge_request: 19451
-author:
-type: changed

changelogs/unreleased/nicolasdular-confirm-email-before-ci-usage.yml

----
-title: Only allow confirmed users to run pipelines
-merge_request:
-author:
-type: fixed

changelogs/unreleased/osw-remove-n-plus-ones-from-branches-api-call.yml

----
-title: Remove N+1 DB calls from branches API
-merge_request: 19661
-author:
-type: performance

changelogs/unreleased/patch-35.yml

----
-title: Fix search button height on 404 page
-merge_request: 19080
-author:
-type: fixed

changelogs/unreleased/ph-fixAdminGeoSidebarFlyOut.yml

----
-title: Fixed admin geo collapsed sidebar fly out not showing
-merge_request: 19012
-author:
-type: fixed

changelogs/unreleased/ph-fixProtectedBranchesFlash.yml

----
-title: Fixed protected branches flash styling
-merge_request:
-author:
-type: fixed

changelogs/unreleased/pokstad1-gitaly-1-70-0.yml

----
-title: Bump Gitaly to 1.70.0 and remove cache invalidation feature flag
-merge_request: 18766
-author:
-type: other

changelogs/unreleased/record-sidekiq-queuing-latency.yml

----
-title: Adds a Sidekiq queue duration metric
-merge_request: 19005
-author:
-type: other

changelogs/unreleased/remove-dind-for-ds.yml

----
-title: Dependency Scanning template that doesn't rely on Docker-in-Docker
-merge_request:
-author:
-type: other

changelogs/unreleased/remove-domain-details.yml

----
-title: Merge Details Page and Edit Page for Page Domains
-merge_request: 16687
-author:
-type: added

changelogs/unreleased/remove-empty-github-service-templates.yml

----
-title: Remove empty Github service templates from database
-merge_request: 18868
-author:
-type: fixed

changelogs/unreleased/remove_local_qualifier_from_geo_sync_indicators.yml

----
-title: Remove local qualifier from geo sync indicators
-merge_request: 20034
-author: Lee Tickett
-type: fixed

changelogs/unreleased/remove_unused_image_screenshot.yml

----
-title: Remove unused image/screenshot
-merge_request: 20030
-author: Lee Tickett
-type: fixed

changelogs/unreleased/remove_var_from_bootstrap_jquery_spec_js.yml

----
-title: Remove var from bootstrap_jquery_spec.js
-merge_request: 20089
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_issue_js.yml

----
-title: Remove var from issue.js
-merge_request: 20098
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_labels_select_js.yml

----
-title: Remove var from labels_select.js
-merge_request: 20153
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_line_highlighter_js.yml

----
-title: Remove var from line_highlighter.js
-merge_request: 20108
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_merge_request_tabs_spec_js.yml

----
-title: Remove var from merge_request_tabs_spec.js
-merge_request: 20087
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_new_branch_Form_js.yml

----
-title: Remove var from new_branch_form.js
-merge_request: 20099
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_new_commit_form_js.yml

----
-title: Remove var from new_commit_form.js
-merge_request: 20095
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_preview_markdown_js.yml

----
-title: Remove var from preview_markdown.js
-merge_request: 20115
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_project_select_js.yml

----
-title: Remove var from project_select.js
-merge_request: 20091
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_syntax_highlight_spec_js.yml

----
-title: Remove var from syntax_highlight_spec.js
-merge_request: 20086
-author: Lee Tickett
-type: other

changelogs/unreleased/remove_var_from_tree_js.yml

----
-title: Remove var from tree.js
-merge_request: 20103
-author: Lee Tickett
-type: other

changelogs/unreleased/render-html-tags-in-job-log.yml

----
-title: Do not escape HTML tags in Ansi2json as they are escaped in the frontend
-merge_request: 19610
-author:
-type: fixed

changelogs/unreleased/retrigger-license-compliance.yml

----
-title: Triggers the correct endpoint on licence approval
-merge_request: 19078
-author:
-type: fixed

changelogs/unreleased/rs-change-service-failure-reasons.yml

----
-title: 'Add an `error_code` attribute to the API response when a cherry-pick or revert fails.'
-merge_request: 19518
-author:
-type: added

changelogs/unreleased/security-2914-labels-visible-despite-no-access-to-issues-repositories.yml

----
-title: Do not display project labels that are not visible for user accessing group labels
-merge_request:
-author:
-type: security

changelogs/unreleased/security-2920-fix-notes-with-label-cross-reference.yml

----
-title: Show cross-referenced label and milestones in issues' activities only to authorized users
-merge_request:
-author:
-type: security

changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml

----
-title: Analyze incoming GraphQL queries and check for recursion
-merge_request:
-author:
-type: security

changelogs/unreleased/security-65756-ex-admin-attacker-can-comment-in-internal.yml

----
-title: Disallow unprivileged users from commenting on private repository commits
-merge_request:
-author:
-type: security

changelogs/unreleased/security-bvl-validate-force-remove-branch-on-mrs.yml

----
-title: Don't allow maintainers of a target project to delete the source branch of
-  a merge request from a fork
-merge_request:
-author:
-type: security

changelogs/unreleased/security-developer-transfer-project.yml

----
-title: Require Maintainer permission on group where project is transferred to
-merge_request:
-author:
-type: security

changelogs/unreleased/security-hide-private-members-in-project-member-autocomplete.yml

----
-title: "Don't leak private members in project member autocomplete suggestions"
-type: security

changelogs/unreleased/security-id-fix-disclosure-of-private-repo-names.yml

----
-title: Return 404 on LFS request if project doesn't exist
-merge_request:
-author:
-type: security

changelogs/unreleased/security-mask-sentry-token-ce.yml

----
-title: Mask sentry auth token in Error Tracking dashboard
-author:
-type: security

changelogs/unreleased/security-remove-deploy-access-levels-on-project-group-link-deletion.yml

----
-title: Remove deploy access level when project/group link is deleted
-merge_request:
-author:
-type: security

changelogs/unreleased/security-stored-xss-using-find-file.yml

----
-title: Sanitize search text to prevent XSS
-merge_request:
-author:
-type: security

changelogs/unreleased/security-wiki-rdoc-content.yml

----
-title: Sanitize all wiki markup formats with GitLab sanitization pipelines
-merge_request:
-author:
-type: security

changelogs/unreleased/sh-add-api-exception-to-logs.yml

----
-title: Include exception and backtrace in API logs
-merge_request: 19671
-author:
-type: other

changelogs/unreleased/sh-add-exception-backtrace-production-log.yml

----
-title: Add backtrace to production_json.log
-merge_request: 20122
-author:
-type: changed

changelogs/unreleased/sh-bitbucket-importer-handle-superseded.yml

----
-title: Make Bitbucket Cloud superseded pull requests as closed
-merge_request: 19193
-author:
-type: fixed

changelogs/unreleased/sh-ensure-short-ttl-sessions.yml

----
-title: Set shorter TTL for all unauthenticated requests
-merge_request: 19064
-author:
-type: fixed

changelogs/unreleased/sh-gitaly-duration-measurement.yml

----
-title: Fix Gitaly call duration measurements
-merge_request: 18785
-author:
-type: fixed

changelogs/unreleased/sh-guard-repository-mirrors-read-only.yml

----
-title: Disable pull mirror if repository is in read-only state
-merge_request: 19182
-author:
-type: fixed

changelogs/unreleased/sh-set-admin-default-visibilities.yml

----
-title: Enforce default, global project and snippet visibilities
-merge_request: 19188
-author:
-type: fixed

changelogs/unreleased/sh-set-httponly-experimentation-subject-id.yml

----
-title: Enable the HttpOnly flag for experimentation_subject_id cookie
-merge_request: 19189
-author:
-type: security

changelogs/unreleased/sh-support-project-template-id-in-api.yml

----
-title: Support template_project_id parameter in project creation API
-merge_request: 20258
-author:
-type: added

changelogs/unreleased/sh-time-limit-merge-rebase-lock.yml

----
-title: Time limit the database lock when rebasing a merge request
-merge_request: 18481
-author:
-type: fixed

changelogs/unreleased/sh-update-aws-sdk.yml

----
-title: Update AWS SDK to 2.11.374
-merge_request: 18601
-author:
-type: other

changelogs/unreleased/sh-update-openid-connect.yml

----
-title: Update omniauth_openid_connect to v0.3.3
-merge_request: 19525
-author:
-type: fixed

changelogs/unreleased/sh-upgrade-grpc.yml

----
-title: Update gRPC to v1.24.0
-merge_request: 18837
-author:
-type: other

changelogs/unreleased/sh-use-rails-redis-store.yml

----
-title: Use Rails 5.2 Redis caching store
-merge_request: 19202
-author:
-type: other

changelogs/unreleased/sh-use-template-project-id.yml

----
-title: Fix incorrect selection of custom templates
-merge_request: 17205
-author:
-type: fixed

changelogs/unreleased/show-prometheus-is-updating.yml

----
-title: Expose prometheus status to monitor dashboard
-merge_request: 18289
-author:
-type: fixed

changelogs/unreleased/sort-vulnerabilities-for-pipeline-dashboard.yml

----
-title: Pipeline vulnerability dashboard sort vulnerabilities by severity then confidence
-merge_request: 18863
-author:
-type: fixed

changelogs/unreleased/stein_ma-gitlab-patch-32.yml

----
-title: Fixed a typo in the "Keyboard Shortcuts" pop-up
-merge_request: 19217
-author: Manuel Stein
-type: fixed

changelogs/unreleased/tr-remove-grafana-ff.yml

----
-title: Allow Grafana charts to be embedded in Gitlab Flavored Markdown
-merge_request: 18486
-author:
-type: added

changelogs/unreleased/tracking-experimental-signup-flow.yml

----
-title: Track the starting and stopping of the current signup flow and the experimental signup flow
-merge_request: 17521
-author:
-type: other

changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-10-0.yml

----
-title: Update GitLab Runner Helm Chart to 0.10.0
-merge_request: 18879
-author:
-type: other

changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-10-1.yml

----
-title: Update GitLab Runner Helm Chart to 0.10.1
-merge_request: 19232
-author:
-type: other

changelogs/unreleased/update-pages-1-12.yml

----
-title: Upgrade pages to 1.12.0
-merge_request: 20217
-author:
-type: added

changelogs/unreleased/visual-review-api.yml

----
-title: New API endpoint for creating anonymous merge request discussions from Visual Review Tools
-merge_request: 18710
-author:
-type: added

changelogs/unreleased/zj-pg-connection-ff-gitaly.yml

----
-title: Remove required dependecy of Postgresql for Gitaly
-merge_request: 18659
-author:
-type: other