Stay Informed

This week, read about:

Cybercriminals Quickly Exploit CrowdStrike Chaos.
Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool.
OpenELA Liberates Red Hat Enterprise Linux Source Code.
Linux Kernel 6.10 Officially Rolls Out: Here's What's New and Improved.
Best Practices For Keeping Your Linux Server Secure.
OpenJDK Spring 2024 Release Downloads Are Now Available on OpenLogic.
We Have the Latest Versions of OpenJDK Versions 8, 11, and 17 Now Available.

Non-Security Based Updates

Angular 18.1.1
Common:
(fix - a1cb9dfc0d] | Don't run preconnect assertion on the server. (#56213)

Compiler:
(fix - daf0317bdc] | JIT mode incorrectly interpreting host directive configuration in partial compilation (#57002) |
(fix - d7dca6dbb6] | use strict equality for 'code' comparison (#56944)

Compiler-cli:
(fix - c94a897248] | avoid emitting references to typecheck files in TS 5.4 (#56961)

Core:
(fix - 5682527d94] | not all callbacks running when registered at the same time (#56981)

Migrations:
(fix - b666d2c20f] | fix common module removal (#56968)

Angular 17.3.12
Compiler:
(fix - 327bae473b] | JIT mode incorrectly interpreting host directive configuration in partial compilation (#57002) (#57003) |

Apache/Activemq 5.18.5
Bug:
[AMQ-9330] - Polling empty queue via REST returns 500 Server Error
[AMQ-9430] - ActiveMQ 5.18.3 (Classic) and Java 17: runtimeConfigurationPlugin causes ClassNotFoundException
[AMQ-9473] - Client SSL Socket configuration fails while settings parameters
[AMQ-9475] - ConsumerControl commands for wildcard consumers should not auto-create destinations
[AMQ-9481] - Concurrent access error attempting to consume messages via REST API in 5.18.2 or higher
[AMQ-9504] - activemq multikahadb persistence adapter with topic wildcard filtered adapter and per destination filtered adapter causes broker failure on restart
[AMQ-9520] - CVE-2024-22262 - Spring Framework URL Parsing with Host Validation in Web
[AMQ-9531] - CLI export NoClassDefFoundError

New Feature:
[AMQ-9455] - DestinationPolicy to support MessageInterceptorStrategy
[AMQ-9484] - Support exporting kahadb messages from a queue with an offset

Improvement:
[AMQ-9533] - Add activemq-protobuf based backup command

Task:
[AMQ-9534] - 5.18.x backport fixes for recover message with offset

Dependency Upgrade:
[AMQ-9489] - Upgrade to commons-io 2.16.1
[AMQ-9498] - Upgrade to maven-xbean-plugin 4.25
[AMQ-9507] - Upgrade to commons-daemon 1.4.0
[AMQ-9508] - Upgrade to commons-logging 1.3.3
[AMQ-9518] - Upgrade to Jetty 9.4.55.v20240627
[AMQ-9523] - Upgrade Jackson 2.17.2
[AMQ-9529] - Upgrade to Spring 5.3.37
[AMQ-9535] - Upgrade slf4j 2.0.13

Ansible v2.16.9
Porting Guide
Bug Fixes:
- dnf, dnf5 - fix for installing a set of packages by specifying them using a wildcard character (https://github.com/ansible/ansible/issues/83373)
- linear strategy now provides a properly templated task name to the v2_runner_on_started callback event.
- templating hostvars under native jinja will not cause serialization errors anymore.

Ansible v2.17.2
Porting Guide
Bugfixes:
- Fix a traceback when an environment variable contains certain special characters (https://github.com/ansible/ansible/issues/83498)
- dnf - reverted incomplete fix from 2.17.2rc1 (https://github.com/ansible/ansible/pull/83504)
- dnf, dnf5 - fix for installing a set of packages by specifying them using a wildcard character (https://github.com/ansible/ansible/issues/83373)
- linear strategy now provides a properly templated task name to the v2_runner_on_started callback event.
- package_facts - ignore warnings sent by apk on stderr (https://github.com/ansible/ansible/issues/83501).
- replace - Updated before/after example (https://github.com/ansible/ansible/issues/83390).
- templating hostvars under native jinja will not cause serialization errors anymore.

Apache/Tomee 10.0.0-M2
Sub-Tasks:
[TOEE-3965] - Fix TomEE :: Examples :: JSF2/CDI/BV/JPA/DeltaSpike
[TOMEE-4158] - Jakarta Bean Validation TCK
[TOMEE-4164] - Jakarta JSON Binding TCK
[TOMEE-4165] - Jakarta JSON Processing TCK
[TOMEE-4166] - Jakarta RESTFul Web Services TCK
[TOMEE-4325] - JAX-RS TCK: Signature Tests

Bugs:
[TOMEE-4320] - TomEE 10 leaks jakarta.json from Smallrye into /lib
[TOMEE-4332] - Using JAX-RS endpoints with a Spring Application fails
[TOMEE-4333] - NotSerializableException with @Inject HttpServletRequest
[TOMEE-4347] - Smallrye MP Extension are activated even if tomee.mp.scan="none"
[TOMEE-4355] - mojarra faces.js is truncated
[TOMEE-4368] - Typo in "openejb.placehodler.delimiter"

New Feature:
[TOMEE-4351] - Jakarta Security 3.0

Improvements:
[TOMEE-4342] - ApplicationComposer should inject declared custom resources into tests
[TOMEE-4350] - mp-jwt: Add qualifier for produced Jsonb
[TOMEE-4357] - Add a Jandex index cache to TomEEMicroProfileListener

Tasks:
[TOMEE-4318] - Switch Java Baseline to 17
[TOMEE-4330] - ActiveMQ 6.1.2
[TOMEE-4331] - BatchEE 2.0.0
[TOMEE-4344] - MP6: OpenAPI 3.1
[TOMEE-4366] - Remove "groovy-spock" Example

Dependency Upgrades:
[TOMEE-4113] - Update to MP Metrics 5 / SmallRye Metrics 5
[TOMEE-4317] - ActiveMQ 6.1.0
[TOMEE-4319] - CXF 4.1.0-SNAPSHOT
[TOMEE-4326] - XBeans 4.25
[TOMEE-4328] - TomEE 10.1.23
[TOMEE-4334] - Tomcat 10.1.24
[TOMEE-4335] - Jetty 11.0.20
[TOMEE-4337] - bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar
[TOMEE-4338] - Xalan 2.7.3
[TOMEE-4339] - Compress 1.16.0
[TOMEE-4340] - Jose JWT 9.39.1 (Test)
[TOMEE-4341] - Angus Activation 2.0.2
[TOMEE-4345] - Commons Logging 1.3.2
[TOMEE-4346] - Commons Lang 3.14.0
[TOMEE-4348] - Smallrye Config 3.8.2
[TOMEE-4349] - ECJ 3.37.0
[TOMEE-4352] - Tomcat 10.1.25
[TOMEE-4353] - Temporarily switch to CXF 4.1.0 fork version to have a stable version for a possible TomEE 10-M2 release.
[TOMEE-4356] - Mojarra 4.0.7
[TOMEE-4359] - ActiveMQ 6.1.2
[TOMEE-4360] - ECJ 3.38.0
[TOMEE-4361] - Jackson 2.17.2
[TOMEE-4362] - Commons IO 2.16.1
[TOMEE-4363] - DBCP 2.12.0
[TOMEE-4364] - Downgrade Mojarra to 4.0.0 (cf. TOMEE-4355)
[TOMEE-4365] - EclipseLink 4.0.3
[TOMEE-4367] - Hibernate Validator 8.0.1.Final
[TOMEE-4369] - HSQLDB 2.7.3

Docker/Compose v2.29.0
What's Changed
Improvements:
* Add JSON stream progress writer [(11478)]
* Add `--prune` option to docker-compose `watch` command [(11932)]

Fixes:
* Exclude unnecessary resources after services have been selected [(11978)]
* Empty env variable with no value must be unset in container[(11965)](
* Restore setEnvWithDotEnv [(11974)]

Internal:
* Test with docker engine v27.0.3 [(11927)]
* Remove COMPOSE_MENU env from e2e tests [(11654)]
* Add stale workflow [(11968)]
* Change time before closing stale [(11979)]
* Fix: typos [(11632)]

Dependencies:
* Build(deps): bump docker/cli, docker/docker v27.0.2 [(11938)]
* Build(deps): docker/cli, docker/docker v27.0.3[(11951)]
* Build(deps): bump compose-go to v2.1.4, buildx to v0.16.0, containerd to v1.7.19 and buildx to v0.15.0[(11987)]

New Contributors:
* @idsulik made their first contribution in
* @testwill made their first contribution in

Etcd-io/Etcd v3.5.15
etcd server:
- Fix [add prometheus metric registration for metric `etcd_disk_wal_write_duration_seconds`](18174).
- Add [Support multiple values for allowed client and peer TLS identities](18160)
- Fix [noisy logs from simple auth token expiration by reducing log level to debug](18245)
- [Differentiate the warning message for rejected client and peer connections](18319)

Package clientv3:
- [Print gRPC metadata in guaranteed order using the official go fmt pkg](18312).

Dependencies:
- Compile binaries using [go 1.21.12](18271).
- [Fully address CVE-2023-45288 and fix govulncheck CI check](18170)

Gitlab-foss v17.2.0
Added (159 changes):

- [Add status to scan result policy violations](0a0ae8f1088928daa6b432d9179b0daf9a6feba1) ([merge request](158203)) **GitLab Enterprise Edition**
- [Add new run keyword under job](928bb79fccefe9d52ae30272bc333116b9ca3f1e) ([merge request](146333))
- [Protected containers: Add PATCH REST API for container protection rules](481080c01de97ded95e7d5182a6f2302aaac89cc) by @nwittstruck ([merge request](158756))
- [Added filters for multiple compliance frameworks](280906c08eb0df45e8fd89dd6e957ded70fbed04) ([merge request](158229)) **GitLab Enterprise Edition**
- [Add Duo Enterprise to provision service for add-ons](f053e045f3eb066c3c6a2b4f915616554ea07126) ([merge request](158969)) **GitLab Enterprise Edition**
- [Add Duo Pro end trial widget](bf8e86288372c1c18335105d11dbfefc511016bf) ([merge request](155614)) **GitLab Enterprise Edition**
- [Add RoR tutorial to Observability docs](25c507c7a5c10fd111407225d6735692a7d17ba5) ([merge request](158625))
- [Enable container scanning for registry](ccda3ca324318a8825fa032e1a2b853a95929e13) ([merge request](156247))
- [Add willAutoCloseByMergeRequest field to work items API](8ea220794cd74f59876a798cdf58ba294af3836f) ([merge request](158145))
- [Add Duo Enterprise to provision service for add-ons](ecf4a2c3df04db0105966313e3f4d5b8c81a2963) ([merge request](158963)) **GitLab Enterprise Edition**
- [Add models for Virtual Registries, part 1/2](a7638db2d3bea91d1db1219df57add5986d11169) ([merge request](156930))
- [Add the API to return the multi_matches in a single file](c90c284bc2e9a0f304ab6410866ab0a49862eec1) ([merge request](155984)) **GitLab Enterprise Edition**
- [Ensure uniqueness p_ci_job_annotation](760b22da62461eebaae7325c7651cf040349a97a) ([merge request](159071))
- [Add job action button to PMG](f3a916e6ba9ee27b345526914a3652fe2915b8fd) ([merge request](159004))
- [Add migration to add seat control column to namespace settings table](deb3e5bda554bbbfd9341a91e9221b569852627e) ([merge request](158819))
- [Display ratios instead of counts in CI/CD Analytics](9cbe9da793af51cb171289f8f505581ec3494988) ([merge request](158957))
- [Add Importer User for imports user mapping](9051ecf67b14924bea3b8df52e24dad141e03b5d) ([merge request](157979))
- [Workhorse: HTTP endpoint for bidirectional SSH git-receive-pack data](bd2f882c422de105ff2bba6b8011fd6270f65651) ([merge request](155590)) **GitLab Enterprise Edition**
- [Add GraphQL API for Duo Pro seats assigned and used](16bed9c42c1bcb03d5a6e0c1591e92ce8b7a5fbe) ([merge request](157936)) **GitLab Enterprise Edition**
- [Enable direct code completions by default](257c07f0bc44606e4ef54f4ba1fc6bbb26cbf83b) ([merge request](158733)) **GitLab Enterprise Edition**
- [Added mutation for updating frameworks of projects](9f9fdd2b4e329b02695880734b534f38cb5593b5) ([merge request](157893)) **GitLab Enterprise Edition**
- [Updates AI merge commit message to be GA](d207449f66baa0c31943c4a28164683f2bca11fb) ([merge request](158339))
- [Add gitlab-advanced-sast as a SAST job template](c5a2613a6dc4158a71f78a085e80af28b3c8314c) ([merge request](158533)) **GitLab Enterprise Edition**
- [Update the search code according to the replica](1e93b4695a64366da9ac8afa62a4fb425eb4a867) ([merge request](158371)) **GitLab Enterprise Edition**
- [Add the API to return the multi_matches in a single file](9ed731cf614b1fc0d2a345791a096d6c08c93eda) ([merge request](155984)) **GitLab Enterprise Edition**
- [Add merge_request.squash git push option](6db3affce8e9bf36aef55a632ae18f3850cfbf24) ([merge request](158778))
- [Add by_pipeline_ids scope for occurrences](056008f7418e1b45d2c616bf7da4e09dfea309f1) ([merge request](158790))
- [Release secret push protection for self-managed instances](b214790b5a358248b38bec911b97fefa0c27f6d4) ([merge request](156907)) **GitLab Enterprise Edition**
- [Add ability to delete task list items](1b12e01908c312b302096c591266b73afd56471b) ([merge request](158243))
- [Enable store first reviewer FF by default](a167164de15c9c7212ad83bba26c1b863e4b869a) ([merge request](158919))
- [Add support for LDAP group sync with custom roles](03c57818738fd8628a7e6561b07483bea7c0b56d) ([merge request](157145)) **GitLab Enterprise Edition**
- [Add delete mutation for deleting self-hosted models](55f5a09298d0b5bae2a8bddb920ae1a9f4abe53c) ([merge request](158319)) **GitLab Enterprise Edition**
- [Add REST API endpoints to manage uploads](65fc96866782de44427e17c7f21964775e4dbd36) ([merge request](157066))
- [This MR adds performance warning modal](6e684693e4cc527976c8f8509e84b7c8f7b9a32c) ([merge request](157745)) **GitLab Enterprise Edition**
- [Protected containers: New GraphQL field "protectionRuleExists"](25615f524198cb6e08afabf6e22120d146b1e901) by @gerardo-navarro ([merge request](156741))
- [Add ci_component_source_policy](ae3418523c5b20c57becd3426a54fda7240eeb12) ([merge request](157351))
- [Add support for comments in rich text editor](2b7c21095ada7258e98ecbdf308e978332e18de1) ([merge request](158618))
- [Add the API to return the multi_matches in a single file](975ea866d9f8ff1376f25849286f573ad1d2aacf) ([merge request](155984)) **GitLab Enterprise Edition**
- [Add reviewer first assigned at VSA stage event](dcb264ff24fa7822062c736d27fc1f28a3de4900) ([merge request](158716)) **GitLab Enterprise Edition**
- [Add page metadata to work items](d889cbd4339e228193c7011973cf7821aa76b150) ([merge request](157456))
- [Create p_ci_finished_pipeline_ch_sync_events table](9a4b6ad800019e49efc1c4d4f0bc92591b30c33f) ([merge request](158060))
- [Add Rake task to show token expiration info](f05e2dcd79b4d0d90074aad4db7dab87da2dc5ec) ([merge request](157855))
- [Add and set uploaded_by_user_id on Upload records](0321e29e47e24f0b6eeff464a1e16740fbf72ffc) ([merge request](157574))
- [Set first MR assigned for review timestamp metrics](c9a1d1bcc59979f4e7968d89e1281fc1254219b3) ([merge request](158422))
- [Expose VSD overview counts for projects](aa767f85cd6f5e9ada27dc560160614047ec9942) ([merge request](158017)) **GitLab Enterprise Edition**
- [Create country_access_logs table](8e35bd87d23d60547907918f6a938cab88b614a5) ([merge request](157480)) **GitLab Enterprise Edition**
- [Show real page title in wiki sidebar](6c14327fd2fe5d69bf42c90ddb18f477bafa99f4) ([merge request](158679))
- [GraphQL: Add PipelineAnalyticsPeriod type](baba2199561365b0cd95b025d6a63f147be9871b) ([merge request](157293))
- [CI/CD Catalog: Add description, type to components](410bc05a2315afe16dbffefa8b32c7b4a6c376ab) ([merge request](157985))
- [Protected containers: POST REST API for container protection rules](afee9075d1387525ad6138eb9a7ee69f8ec777cc) by @nwittstruck ([merge request](157925))
- [Add Users::ActivityEvent and pub/sub logic](8fcab5a27db9a4d127c0165e83b32a0e4f938a7c) ([merge request](155559))
- [Add status column to duo workflows](7d0440e97dd609453f5a1d87450a413a5c4c5906) ([merge request](158036)) **GitLab Enterprise Edition**
- [Enables inheritance field param via the Integrations API](dc7b1b96f97e4d9f361f98f698922259b5d27362) ([merge request](158218))
- [Add hasParent field to hierarchy widget](96e70f6c713e829baf7a2ff0ed252206e34e7bdb) ([merge request](156041))
- [Add UI for CI_JOB_TOKEN permission settings](0a663c231314259a70a74acebeec62bb05115939) ([merge request](156752))
- [Document SPP known limitation](c6aa84da756e078b228b4dd78cc9ec5233d11b87) ([merge request](157699))
- [Remove ci_expand_variables_in_compare_to FF](b3358f2d75daeb810eb06e4b473249de2fb0e8ec) ([merge request](158183))
- [Separate wiki page title and URL fields](a8f32279fcf6e17d747b8648d705d37af5abfc3e) ([merge request](150646))
- [Remove the `gitlab_duo_usage_menu_item` feature flag](6b8de4adb6b8387ef65e34f22a4162ebbcd225b8) ([merge request](158388)) **GitLab Enterprise Edition**
- [Remove references to hamilton_seat_management feature flag](00fee8b1853ac7af78c799054052e983bd894402) ([merge request](156961)) **GitLab Enterprise Edition**
- [Add FK to VSA stage event hashes organization_id](44e0f713faa6ef866ed829b523921b9bc1d95929) ([merge request](158322))
- [Release pipeline execution policy type](c7f9bb825eb2db6c480e557f0af92470c3618eea) ([merge request](158338)) **GitLab Enterprise Edition**
- [Update Analytics Dashboards' viewed/created/edited tracking events](f1bf9efbb2e0c358efa133e521352e10ff4155e8) ([merge request](157680)) **GitLab Enterprise Edition**
- [Update GitLab Pages version](81abcdb13c823e82e5d416df6ed2f9aa1f93e59f) ([merge request](158248))
- [Add owners internal endpoint](0e45f6bdf283916ff5a2f8f70195a0b99a5a62cd) ([merge request](157620)) **GitLab Enterprise Edition**
- [Add banned/blocked indicator to card matches admin page](43ac9f69a4fa42b4720183096ec39d49504a2e95) ([merge request](157220)) **GitLab Enterprise Edition**
- [Recreate ci_finished_pipelines ClickHouse table](3db8c2909e09590b47d148a24fb938cb4fb16acc) ([merge request](158246))
- [Add endpoint to update list of X-Ray dependencies](22f296b34c92e85c1f417f25faa87323daca4b9c) ([merge request](156179)) **GitLab Enterprise Edition**
- [Add imported_from value to github importer](a29fc47f948df472a21f5a7f056eb3703905f7d5) ([merge request](157760))
- [Create ci_finished_pipelines ClickHouse table](da90a98e359c6eb0ae7f053bdf26de6929200e34) ([merge request](158078))
- [Add compliance center for premium customers](6e68bc862fbcfd78620732995bafe0af5edf36ab) ([merge request](156632)) **GitLab Enterprise Edition**
- [Add badge for feedback on new epics](e542ebca350e494f7e1b131f164ccc2a726a3424) ([merge request](157324))
- [Add a validation about project assignment to a replica](6ffd1aaa10b9f23a2d0668882369ece60e2400f5) ([merge request](157758)) **GitLab Enterprise Edition**
- [Add support for LDAP group sync with custom roles](b426f3af63b07e64310f92733107b7891a47db52) ([merge request](155680)) **GitLab Enterprise Edition**
- [Create audit event when deploying to protected environment](87909ef70f040653c8be4c2dd226dd5580568fa1) ([merge request](156111)) **GitLab Enterprise Edition**
- [Add new namespaces/namespace_id route](8410d97a8c10317b4e776303cc0e5abfbe5f84c8) ([merge request](157341)) **GitLab Enterprise Edition**
- [Add support for groups in policy scope](62cd071153e3cf03a5878da052fbab99817f428b) ([merge request](157083)) **GitLab Enterprise Edition**
- [Show TOC of a wiki page in sidebar](2e9921fc57e378437db033ae6f4efeca75d6bba5) ([merge request](154050))
- [Add table to record placeholder contributions](347fe084d384dd850dec45dc76d48af6bdd2b8cb) ([merge request](156241))
- [Migration to populate vulnerability_reads.identifier_external_ids](07a5d22507ca7b7d9c072398c9e93d7e2de388d3) ([merge request](157639))
- [Add runner fleet dashboard visit metric](99554f12c4eb77ffd328de84a73392f0a8bcbe6b) ([merge request](157589)) **GitLab Enterprise Edition**
- [Add more log fields in 401 Unauthorized requests](eaa8ab73884b9504156e2e2aef1a8c506dbb3f86) ([merge request](157277))
- [Add imported_from to bb cloud resources](2b2a583c8e96454a5ccc12f4ff27445b8bcc0e9a) ([merge request](157582))
- [Integration for Beyond Identity exclusions by groups](5f0492a248e962139237fb40f023ed6f4f1b48ba) ([merge request](153957))
- [Add hybrid search query for issues](b48f5b540741be978869c50c585794f659724edd) ([merge request](156904)) **GitLab Enterprise Edition**
- [Add job item to pipeline mini graph](724852d20740a65a61eeafc6b95c97810c11ee7a) ([merge request](157798))
- [Add imported_from value to gitea imported resources](0a1528a6cbcecc4d071fe04fa517334ff8864ba9) ([merge request](157333))
- [Add GraphQL API for AI Acceptance Rate](ba677efb561d0984af5c850ef7b1536702ca4bd2) ([merge request](157035)) **GitLab Enterprise Edition**
- [Create audit event for container repository tag deletion](0c61c1eb09e9c76acf4093c2c25e3427f119a7b2) ([merge request](156066)) **GitLab Enterprise Edition**
- [Add tracking to metric drill-down links in VSD and AI Impact tables](85ee54f6b8a3a59e516d35be7c9e05e9055f48bc) ([merge request](157363)) **GitLab Enterprise Edition**
- [Perform chat requests via new endpoint](139b88d87cf26a25c24848d2e807aa66c88afa56) ([merge request](150529)) **GitLab Enterprise Edition**
- [Added mutation for updating MemberApprovals](cbcd2bf16233b16ac9065ec7889abeae21711630) ([merge request](155284)) **GitLab Enterprise Edition**
- [Add new internal users endpoint](eece4b86cca0ddb603540d54667c8fb0e752800c) ([merge request](156759)) **GitLab Enterprise Edition**
- [Add imported_from value to bb server resources](5a6b7359beade96a4110126c70ffaef2bd575cc8) ([merge request](157507))
- [Add support for legacy epic references in workItemsByReference query](4be3f387fa992071c0a0d82cf1af7739b58696f9) ([merge request](157787)) **GitLab Enterprise Edition**
- [Add in pipeline stage dropdown](a55564a041751e6fed4b0accfa84053a7439bdc6) ([merge request](157506))
- [Add branch_filter_strategy to system, group and project hooks](a120d1f89e4920634c58dc444ec4ac83f2d5454c) by @clxrx ([merge request](145970))
- [Add duo enterprise add-on type](b4de88cb4d1366991b7ecddca4459ee84983e16a) ([merge request](157730)) **GitLab Enterprise Edition**
- [Add update mutation for the self-hosted models Vue client to leverage](1e3ae1075a486c6cd85c93145336f3c6ea6d3d62) ([merge request](156899))
- [Protected packages: Add label "protected" to package list on group level](63e733df54f0a5ad24f67115d4b83aa53d26d979) by @gerardo-navarro ([merge request](154809))
- [Protected containers: Add GET to REST API for container protection rules](215c18a415bc2dfbafb6bb81a3f5a404e8b2d5b2) by @nwittstruck ([merge request](155798))
- [Add gitlab_sec db connection and application record](c93d2b4e1112ed682c4690fe0c19b78a5dd51141) ([merge request](157462))
- [Fill out fields on InputType](92da7caa9f4148d1d611e3f1e6eda5a24d8f6164) ([merge request](156328))
- [Adds configurable default Service Desk ticket visibility](39be1cc96b11451030e06efea06d956f220b796c) ([merge request](156884))
- [Add error message for failed association deletion](a6408f97c1af7e54d63a26edcd65d0fd27a6dd21) ([merge request](157625))
- [Allow `admin_runner` to create a runner linked to a user](98564f789a47c63a33387ebdd4a8e262d8da377c) ([merge request](156559)) **GitLab Enterprise Edition**
- [Allow push to the own repo using CI_JOB_TOKEN](5c8b0440f95ab67f5503220ba63173f248c9054c) ([merge request](154111))
- [Adds reusable SettingsSection component](d66062058592ca8b25f10395546706f8a44e39ae) ([merge request](157270))
- [Enable runner dashboard for groups](2dbe985b8822a3a5f56da73e4f30387710b7eb2e) ([merge request](157423)) **GitLab Enterprise Edition**
- [GraphQL: Add job execution status to runner manager](8036c15b59b4194ef3c4dfe491c0f5200ced13bb) ([merge request](157429))
- [Auditing framework assign and unassign to a project](01e758131649a64b9e925bedf933c5b3d311b501) ([merge request](156605)) **GitLab Enterprise Edition**
- [Add runner CSV export metrics at project and group level](c2c334e0f211370dbde828ca05b8c55321df3ab6) ([merge request](157197)) **GitLab Enterprise Edition**
- [WorkItems: Fix rolledup dates when removing child](dfc2d692cfc9da9d5b3470d9b90aaa390729bcc1) ([merge request](157334)) **GitLab Enterprise Edition**
- [feat: Add configuration for sec DB](faf789e010b264e31c6db729be8cdff9ed325421) ([merge request](156952))
- [GraphQL: API for retrieving most used runners](1ea8a9d0c44968bc38e64dc6e6dbe85dd0abd9c8) ([merge request](157436)) **GitLab Enterprise Edition**
- [GraphQL: Add percentiles to QueueingHistoryTimeSeries](2dec0f10284ab11266564c511632ecfb0ba6a67f) ([merge request](157435)) **GitLab Enterprise Edition**
- [GraphQL: Add upgradeStatus field to RunnerType](6ecc972d8b5e75a8ac580eca16d9fa2297750b94) ([merge request](157434)) **GitLab Enterprise Edition**
- [Add support for Claude 3.5 Sonnet for code generation](b793848806ec66dbf779d000d6c4adb94565dc36) ([merge request](157336)) **GitLab Enterprise Edition**
- [Bump rouge to 4.3.0 with the new IEC 61131-3 Structured Text lexer](e8289a931d6cf482c1feac3c0e4a9af9f9b643c2) by @bufferoverflow ([merge request](157252))
- [Add secure schemas version 15.1.4 and 5.1.3](f37ff659e20c823989d6f78f2d7b343b57c785c2) ([merge request](157282))
- [Add metadata to group work item page](1d065451d1b6677b8e9e2c16f6032ebfd4865e45) ([merge request](157049))
- [Add NOT NULL on merge_request_id](fe28d0267fdc2230d59a00cb7841cf17f65d23d4) ([merge request](156170))
- [Add merge and closed user ids to MR metrics](c9b115a010ad681eb1c57ce31fb333ebdc25e843) ([merge request](157206))
- [Pass org in export part creation](2e8c605e61e1e3ae7a13828ede9e541ec7e44266) ([merge request](157074)) **GitLab Enterprise Edition**
- [Add support for child pipelines to SBOM ingestion](6eab3a93690af0b73d4dd32e431a19c6bacedd78) ([merge request](151814)) **GitLab Enterprise Edition**
- [Add option to sort Pipeline Schedules to frontend](3573dec857ad905f2de64ee3498ddab78cc5aec4) by @schurzi ([merge request](157224))
- [Add ability to create label in work item labels widget](d327d4ce3ffc63c8b3ba63b1d1742c2324cd6031) ([merge request](156524))
- [Allow `admin_runner` ability to change stale runner pruning setting](d903b29f8a0c48475c6045349c4964c1381f9801) ([merge request](155497)) **GitLab Enterprise Edition**
- [Adds type to issue webhook attributes](e6e6017ad32d0b74b224dfaffabaae3db832be84) ([merge request](156760))
- [Add button for adding additional seats to error messages](a1c37cf4c5ff40506c0043a752aec1d2fc5e8412) ([merge request](155737)) **GitLab Enterprise Edition**
- [Adds the CRUD Container component](313ca91904b092475e4d62ff90a90dbe17ca9c01) ([merge request](156749))
- [Add variables field into PipelineType](a6d441fc18e1df2c8c5bd9e44ae5bd6cf3d93a01) ([merge request](155418))
- [Show latest version on version creation](752ff4db28ec6c38eff135bc99953d8173388ddb) ([merge request](155978))
- [Backfills gitlab group issue embeddings on gitlab.com](9101e4229aba3224e4916b5557f8d0766885ad4c) ([merge request](154940)) **GitLab Enterprise Edition**
- [Enforce rate limits for notification emails](4d990b60e1a4341add14437d24398a07b3ce6a7b) ([merge request](156945))
- [Release CI/CD popularity count and sort](ccc6b38cb6dc01f9f9c2f2b6d168a10c92218095) ([merge request](156654))
- [Remove ci_expand_nested_resource_group_variables FF](cb194188d3540d141d4d21aa679c3bb9485db840) ([merge request](157146))
- [Protected packages: REST API PATCH package protection rules](883ad288d8a131398c8c744432aba919d2278866) by @nwittstruck ([merge request](153577))
- [Add api to return group's shared groups](a015acefff8c8bceaca21193a8c576bf5fe8ec11) by @imskr ([merge request](155251))
- [Protected containers: Allow nil value for fields `minimum_access_level`](430374098a1e8b078f38585219ba012fb914f996) by @gerardo-navarro ([merge request](146997))
- [Add maintenance mode banner to edit frameworks UI](d67604b6a6b900bfda49002d8b3690afaa384239) ([merge request](155887)) **GitLab Enterprise Edition**
- [Add cargo to supported sbom and sync types](114c6191291c84bb3f2fe0a37701ab9604389cf7) ([merge request](156072))
- [Add disabled_direct_code_suggestions setting](57c2bf6c68e86711699c76c41ff9717c69d0f22c) ([merge request](156147)) **GitLab Enterprise Edition**
- [AI impact analytics dashboard is now generally available](b23a75f987231d1b882e6460a57109230c604dfb) ([merge request](154148)) **GitLab Enterprise Edition**
- [Adds inheritance settings to API::Integrations](56a2f1da6ead60b6ae42633a6263595813576c3e) ([merge request](154915))
- [Remove identity_verification_arkose_challenge feature flag](b882650e842bc4b82b7af44507418bd414da396b) ([merge request](156862)) **GitLab Enterprise Edition**
- [Added include_forked filter to the zoek search](dda457f63b5b0546ca9e3ab449e0dc902156655c) ([merge request](154099))
- [Extend organization to snippets table](1b14e34b38fb9b26c3737a93c189804464ca88fe) ([merge request](155580))
- [Include required backend data for the Project Header](28c0badf0bead0768a092fb298d1b8cc39162548) ([merge request](156049))
- [Added create and delete apis for instance level namespace filters](cd588f8794c57f1b87f899429ff5febdb43f6699) ([merge request](153156)) **GitLab Enterprise Edition**
- [Add approval_policy_rule_id index and foreign key](05c2f382674e5951bdd4eb771a14bb203eb286ca) ([merge request](155256))
- [Add pod logs buttons](7446d3fe32cbb1cb9876714805125640fc5b19cf) ([merge request](156544))
- [Add support for rendering readme in terraform package details page](67d63b74dff09e7a4fefdfe5e8e77e74bf073bdf) ([merge request](155025))
- [Create container_repository_deletion_marked audit event](130adeb5bea20ed3934820fd223c58e045110342) ([merge request](152967)) **GitLab Enterprise Edition**
- [Protected packages: REST API POST package protection rule](07af56ad982ac40656fdd907f6626f2bb4f93b1e) by @nwittstruck ([merge request](153571))
- [Adjust logic to add org to export](1b9cea92f6e3cb3317c36388acffd109638b835f) ([merge request](156367)) **GitLab Enterprise Edition**
- [Add mediaType as a field to Tag](8bfa8d8f130ca74127e99f85e99c5c5f1bcb3d9c) ([merge request](156303))
- [Adds List-Unsubscribe-Post header to notification emails](2f6f362ae293171da5882592ef93f2e5e99ca585) ([merge request](156414))
- [Add member_role_id to ldap_group_links](83684890db91add42b8651f0562a7d9a7a868152) ([merge request](155676)) **GitLab Enterprise Edition**

Fixed (162 changes):

- [Exclude scripts from coherence check when publishing npm packages](9a6daba70e91fbcc0b46cc5bd50e37de63a58eee) ([merge request](159427))
- [Relax the version comparison for NPM uploads](450f299f822649d8772b88d516cd982d46a81bde) ([merge request](159327))
- [Fix worker when record not found](ce9477c4c6d2a78d1b270eb4453e5157bbc8170a) ([merge request](158973)) **GitLab Enterprise Edition**
- [Fix Content-Disposition not working for Azure in API download](b3c547feccf134234284514d641b2dea42bd50d1) ([merge request](159292))
- [Display error when delete framework fails](571492480ace5b8e3ad5dbb5fd6df29dd0473545) ([merge request](159207)) **GitLab Enterprise Edition**
- [Cobertura parser: Extract filename OS-agnostically](ad34f313de7ae59910f3b0bbeff6da89ee5199eb) by @bmarconato ([merge request](159263))
- [Fixed Productivity Analytics date range calculations](3e6f3a9a0f612d1b73a17487fa265a3a7f8505e6) ([merge request](158664)) **GitLab Enterprise Edition**
- [Fix IDE Duo Chat timeout](bb885d2da7e208424e3f9100b5de78ae5c03a5b3) ([merge request](159201)) **GitLab Enterprise Edition**
- [Support auth credentials from URI for pull mirror validation](9d5f6d4bd03ef6cc8282ea539b3a50e7383b42f5) ([merge request](158076))
- [Remove invalid foreign key fk_87f4cefcda_p](8ff55f5255757dcca5f7ec776720f8e6c4e40d62) ([merge request](158585))
- [Fix calculations for predefined date ranges in Value Stream Analytics](1a0f0fabf271268e7272d01ba3370985915c34e6) ([merge request](156355))
- [Use sentence case for work items "Linked items" header](8cd3212b168810bda633c8078250aadc4050ce8c) ([merge request](159148))
- [Fix custom emoji display](d4d9005c15a6c1d97812b0daf667d4aa2d0a2499) ([merge request](159136))
- [Fix pipeline subscription error flash message display](e21661bfde2afabe49af4e86384eb203664678af) ([merge request](158151)) **GitLab Enterprise Edition**
- [Remove zoekt dependency from elasticsearch](cb1027397db9249bd359adec7cdc5b6fb8ea5101) ([merge request](157921)) **GitLab Enterprise Edition**
- [Fix custom role bug with requirements](9f1ddccc5712bf0a346952d666fbf71da675d3ca) ([merge request](157115)) **GitLab Enterprise Edition**
- [Fix issues with quick action explanations](025d14c15e7ec0c1dfe813730a9194cf2f16b410) ([merge request](158990))
- [Fix notification emails not being sent when using external authorization](6a140058c3e0fb99eaeb1298a357200e319e6d67) by @pR0Ps ([merge request](110709))
- [Clear seat assignments cache on bulk upsert](068b498bc5072b95c4d7a88db3bb0fad9723f820) ([merge request](159065)) **GitLab Enterprise Edition**
- [Fix how maven dependency proxy credentials are sent](9bc5abe412a364eeb46f811f9b77092839ee3ed1) ([merge request](158593)) **GitLab Enterprise Edition**
- [Remove validation for ProtectedRef access levels](42d475a1314f2301c24501f3b7e2e1e3b4f89bf0) ([merge request](158296))
- [Make `complianceFrameworks` field work for subgroups](3cf82399f3ee900869dfc75f0b9142cf7feb87d6) ([merge request](159055)) **GitLab Enterprise Edition**
- [Introduce dedup lock for rescheduling jobs](7e469afe690bb59b45456dcb426242e0d07279a2) ([merge request](158329))
- [Fix GitHub Import when importing from GHE](ea2d574785ac7f080577c64b37864b8c4e214eb5) ([merge request](158503))
- [Fix alignment of admin groups header](decf1f008d63edd582b5bf6fbc1627269cb209c0) ([merge request](158805))
- [Parse the package.json file entirely for NPM uploads](6d91ce9ca96b68f720e232582b3ab6d4cdb7f5b8) ([merge request](158978))
- [Authenticate the GitLab Duo usage controller](2540a50b105bf4971a1501e16d594548ea3b9491) ([merge request](158758)) **GitLab Enterprise Edition**
- [Fix new issue note for group level issues](f41a2e170fc0df8969e4404f992994b97e25963e) ([merge request](158496))
- [Remove milestone truncation on issues/merge requests dashboard](1d6db3dcc9deda7d456735ab2e0920c52bf9e2cc) ([merge request](158375))
- [Protected packages: Npm package push protection for admin user](7622de8c7eb77596cd4486e16cbe3887e9a6cf5c) by @gerardo-navarro ([merge request](156439))
- [Work Item Epic feedback close on click](a83a354db835594945f3b6a68cd7a53144725aa0) ([merge request](158900))
- [Fix work item sticky header](57fd28472e239445bc8a12fc0722857c42adbc36) ([merge request](158896))
- [Fix bug with achievements path when feature flag not globally enabled](951b4aa67a1ebbb4124274b46456dee1f243c095) ([merge request](158895))
- [Protected packages: Fix documentation](327f7009058a3dfe11dfc652b27bed787e0a084e) by @nwittstruck ([merge request](158894))
- [Add workItemType check for weight widget for epics](a14fc4ee58210c2accd95c141625d8fdcc2db81f) ([merge request](158878))
- [Exclude disabled custom permissions](94a33e125508a13734a62a39ae702e5ce560dba4) ([merge request](158848)) **GitLab Enterprise Edition**
- [Prevent modal close on comment submission](eb2277960ec3bf66623fa1d77670fc451823f2f2) ([merge request](158478))
- [Remove empty minimum_should_match from query](731a7e4953bcc2575d2cb7bd6a7708c1d9d5df2a) ([merge request](158645)) **GitLab Enterprise Edition**
- [Prevent running scans from execution policies after downgrading license](2f6536064b1d214c268ac78d53e10cbad97ce123) ([merge request](158817)) **GitLab Enterprise Edition**
- [Fix wildcard package.json search in npm upload](917899322e2074f2cd4468a6f5ec3b120e0d6ede) ([merge request](158806))
- [Fix sync failure retry backoff](75b31d017ab5f8bb420e7bb23279131b81d5c590) ([merge request](157805)) **GitLab Enterprise Edition**
- [Exclude last page link from projects/id/repository/commits endpoint](f1eca9272f911e1c4c0f2b4e2a67f0c53cc3e4d9) ([merge request](158278))
- [Unify spacing in group and project item components](aadf1e2079cf96c17de27253d8e07d4f8304f3d1) ([merge request](158639))
- [Fix MR approval policy `prevent_pushing_and_force_pushing` enforcement](b479126b59dd39b1fc0d738665044ece0e4c8110) ([merge request](158435)) **GitLab Enterprise Edition**
- [Update static_holmes to v0.7.11](6cacaf56940ab272c34a515f2fbaa8f9c388ae8c) ([merge request](158714))
- [Fix meta.root_namespace not logging for groups API requests](8413bde199dbe4395ceb599cb88aa5d4ffb91f13) ([merge request](158671))
- [Remove `fix_sso_enforcement_for_web_activity` feature flag](29f566014199d4ca90feb26a1dcae982743a82f8) ([merge request](158655)) **GitLab Enterprise Edition**
- [Fix layout of filtered search for pipelines page on mobile](5085921f9bebccf2b8f03c2be711b02805581216) ([merge request](158649))
- [Fix cached introspection query and graphql-explorer](5bab3b90d3d440ae5ee44e8fb937a81deca0c7fc) ([merge request](158260))
- [Ignore object pool already exists creation errors](cd5c559d81fcbeed4781666eea23ff88624e52a6) ([merge request](158412))
- [Fix approval policy type detection for policies list](9464813b2a7dcd480f6304f8f1963e5127aae7f2) ([merge request](158528)) **GitLab Enterprise Edition**
- [Fix polling when retrying status check](9c9a7427d39481ae993fba572b379634b7ead720) ([merge request](158527)) **GitLab Enterprise Edition**
- [Fix NoMethodError in PathLocksController](6b66490ff71e4aa311afe05e541ac69854e6c565) ([merge request](158434)) **GitLab Enterprise Edition**
- [Protected packages: Remove developer as an example from documentation](7d191795eb9413b998d73b1985c02997d999cd88) by @nwittstruck ([merge request](158433))
- [Ignore selected project if adding epic](3fe3078b6fce5c41c1431c15ef3c053f1b07ef30) ([merge request](158241))
- [Remove Bad spacing in pending comment](641ecd1b8134c1d0af00f7a2f9094f4ec07a44af) by @Deepak18-06 ([merge request](158429)) **GitLab Enterprise Edition**
- [Fix merge train merge availability when pipeline is canceling](99dfd60511346c843950c911c482b08e19644904) ([merge request](158126)) **GitLab Enterprise Edition**
- [Fix broken schema path](e94b26c861f80efd63361f15da8964a6d62c3093) ([merge request](157228)) **GitLab Enterprise Edition**
- [Fix incorrect retry warning when merge trains are enabled](7e576e008ef04bf7bcefe917e4c33256caa17196) ([merge request](158283)) **GitLab Enterprise Edition**
- [Fix Zoekt exact match](d893df66119a92d4b0bb89c73c841050a4af14b9) ([merge request](158379)) **GitLab Enterprise Edition**
- [Forking project to groups with restricted visibility levels](fb0a1bf330d184eb0b5901b7a3e39a2c7f273d52) by @gerardo-navarro ([merge request](157202))
- [Title returns a default value if no advisory title](31ba4d52d0a7e0a39b454dc8177175fa2e40158d) ([merge request](155841)) **GitLab Enterprise Edition**
- [When activity token is cleared set query to all values](e26eeb648b8249684aec6d8d2f461eaa8ebc472f) ([merge request](158098)) **GitLab Enterprise Edition**
- [Fix issues mailer for group level issues](b474a0465bbe9c8818a11ea32e8985e33db66cf2) ([merge request](156360))
- [Display unverified badge for signed commits without a signature](1aceccdb4b372a16a7e8cb71c26666388fa5c7b2) ([merge request](153407))
- [Fix related items header in dark mode](298622b5f009c518701835a3f79fee3d13f73fab) ([merge request](158169))
- [Reduce getPipelineDetails query complexity below 200](42a009b95acd9df7f78f42eb7afcf6ba9789ec3e) ([merge request](158158))
- [Fix issue description task actions focus bug](0ab321a080cde133f39971dfc6cb2c96085a1a75) ([merge request](157495))
- [Reset form error when tokens change after submission failure](365f13032ca4c186aebfaee78de9cdf407a3631a) ([merge request](157792))
- [Do not create empty rule for branch specific rules](e765f4ea1ad6b6f9d97a835e7f4c8eba0985a6d8) ([merge request](157723)) **GitLab Enterprise Edition**
- [Reinstate dt disabled message](2f8110a741e85ee65f73e6c738260b6475d08fe4) ([merge request](156744))
- [Fix submit keyboard shortcut on commit page](ff4782d2fd23b5d4ce7cb240e783d9fccc9b3f3b) ([merge request](157998))
- [Remove custom CSS to fix modal background color](caf6a6e388a98c71a3331ee70b9155222dc94a4a) ([merge request](158064))
- [Fix badge issues and sticky header](99e5372454a66afa98e65a9b26f00a6438135c0a) ([merge request](158047))
- [Skip approval updates for merged MRs](bc90a50bc57f11bc252cbc57e7ff4f887d5571c5) ([merge request](158042)) **GitLab Enterprise Edition**
- [Fix ambiguous namespace_id in query](2f9aa3a181ff09af45b226f72d0e6d1847b481f0) ([merge request](157780))
- [Pass session_id to nested sidekiq calls](08a9a012054dbd9fdafc48e74165f992e3523255) ([merge request](157566)) **GitLab Enterprise Edition**
- [Prevent redudant finalisations of segmented exports](e51c3bbbadb487a4d64508314fda4a152279706e) ([merge request](157695)) **GitLab Enterprise Edition**
- [Allow Developers to create projects from templates](52e43952ea7987940fb07724589b1f6caf8930ce) ([merge request](157401))
- [Fix flaky test in SyncFunnelsWorker](a2e34f649d3c3c3dfe22721013ee2f2385a5f07d) by @max.woolf ([merge request](157763)) **GitLab Enterprise Edition**
- [Fix URL generation for links with spaces](23293597ecf724218349450527a1f64f87611d59) ([merge request](157942))
- [Fix Link header for Tree API requests](2ef5030ba61668fc00ff83cb088d30902af0f60b) ([merge request](157914))
- [Fix issue creation on board with scope set to No iteration](bba2d2b4d030f1ad420ae3472612d0301749255b) ([merge request](157892)) **GitLab Enterprise Edition**
- [Fix setting the `organization_id` for vulnerability exports](bb6b92a2d7ab40e5df07bf8b02b0f5f036bf96fb) ([merge request](157889)) **GitLab Enterprise Edition**
- [Field needs to be called Url](bd553868ae635267f1615927ca7a6656406d16df) ([merge request](157884))
- [Fix bulk_import history prop type check](abae316f7bcefaa01afce3bfdf55e6bbff9bf337) ([merge request](157856))
- [Upgrade graphql-client GEM](8ddbcd44cde498b7fb21bf29b550a4a0bc0a1c60) ([merge request](157772))
- [Fix Milestone collapsed sidebar, adjust some aspects of issue sidebar](947b0449ac1bc882b14c4ed90d3e82dcefc1ce42) ([merge request](157676))
- [Add safeguard for author](f63aa04e88334c28958abbfdda1157214cdec008) ([merge request](157814)) **GitLab Enterprise Edition**
- [Geo: Update the host to build the replication details links](9e244068428fa02253cac7edf0514f4338d6d562) by @antonkalmykov ([merge request](157671)) **GitLab Enterprise Edition**
- [Add missing "Deploy Keys" breadcrumb item](fbe188dc81095116f8d7306e7abf10cc6968ff82) ([merge request](157445))
- [Allow viewing hook logs with admin_hook permission](4d52095187268809685043493e3b322fb437e22a) ([merge request](153806)) **GitLab Enterprise Edition**
- [Recreate records when moving issues](d4b0a967100e83bd22392105f4a46f215fa8f880) ([merge request](157332)) **GitLab Enterprise Edition**
- [Authenticate agent requests using Gitlab-Agentk-Api-Request header](cdaca4495de42c17d34f7b06928e52d2f53d08ff) ([merge request](157703))
- [Fix Verification concurrency limit](58c8f5c0cfaffb54698df5f8bfabe8a05ce29924) ([merge request](157553)) **GitLab Enterprise Edition**
- [SSO enforcement for web activity should only apply to current_user](72c0ce28c980e39c825604fb1ee1f2c593f13ac8) ([merge request](156934)) **GitLab Enterprise Edition**
- [Display the number of rules for a given branch only](6a4e41dda7ef955a29ef1d5b20b1b49cc3efbbe1) ([merge request](157292)) **GitLab Enterprise Edition**
- [Fix sticky header badges shrinking](df2dfef866565edf5c05496548d2dd0321782c5b) ([merge request](157580))
- [Fix DML not allowed error when creating views](c87295b3a65e6d95b9fb3b50917781347b877589) ([merge request](156986))
- [Use pajamas default left and right spacings on Roadmap page](cd64bfb1757fba9f5a5179ce3fe3f1f9a230060c) ([merge request](156550)) **GitLab Enterprise Edition**
- [Fix orphaned work item parent links](811dafe0d4ace122674f20f364f552f6d473d809) ([merge request](156657)) **GitLab Enterprise Edition**
- [Add jwt for jira connect branches](dba8992cad989ff4717058a1c945db8a2b1f3d0a) ([merge request](149377))
- [Do not wrap flex parent of verified badge and commit copy button](db8a0c4c742223639196f18672b44a339dfe3b1f) ([merge request](156673))
- [Protected packages: NPM push protection for deploy token](c6931921bb6dad26cad0c2868dab57744c4e9e84) by @gerardo-navarro ([merge request](156610))
- [Use universal_stylesheet_link_tag in app layout head haml](2b5f004d4e2a91f7b6f8ed611734e672afea37d4) ([merge request](157356))
- [Improve error message when setting parent of a work item](b933e6349919b84a1f6f2571d175eabbf344bd08) ([merge request](154557))
- [Fix search bar accessibility issues](ad6f231039e87dd6c6096eccd2c33e0de39f1166) ([merge request](155091))
- [Allow to set "No one" level for branch protection defaults](097cfcc599122e4c43f022f51096ce38713077bf) ([merge request](157315))
- [Fix MailRoom not loading in Omnibus](802a87d2fea4603d3eb4ac3848ae7c0a83cf14c3) ([merge request](157339))
- [Change fixture order](2f51e7f4d1383039ebe0c9a391f9453897b9420a) ([merge request](157309))
- [Don't trigger edit wiki shortcut when using search](0e2078fec2a8f2ad9e1adcd0be99fb96ec7f8e35) ([merge request](157303))
- [Include action in webhook test payloads](3eac576afdfc3a72e1c2750b9640bbcef390a1cd) ([merge request](156856))
- [Fix issue using multiple contact quick actions at the same time](6965459cba26119b6c0909d6f026dfde6a985312) ([merge request](157299))
- [Correct finalize migration for BackfillEpicBasicFieldsToWorkItemRecord](44d3563325e6e58248b92dcdcba75dd114aa6c32) ([merge request](157295))
- [Remove extra gap when 0 roadmap epics have children](d2e4c436b848c40d75087a08a294c7752a9cf0b6) ([merge request](156694)) **GitLab Enterprise Edition**
- [Fix finding name in regards to image name](6fc93a0fc23ce1b3b21630b7225997181a5c24e4) ([merge request](157070)) **GitLab Enterprise Edition**
- [Validate provided group parameters](97775beb0d5ebcd535758ee2d9033e4ecf7b1a87) ([merge request](156977)) **GitLab Enterprise Edition**
- [Vertically align group and project header](642efcacfc1806a09fae2dfcafb7ee3471b6af63) ([merge request](157097))
- [Fix undefined method error for invalid ref](34aed5beeb5dd85fb0236cf80635dfb6a082529a) ([merge request](157180))
- [Fix NoMethodError for Files API](756ab645265f272b30afc340cc26427f5cd77dcf) ([merge request](157193))
- [Do not show minimal access role as option](38f785705ef873e7b869f5f76a288f709ce21181) ([merge request](156882))
- [Include pagination values in request](d48821a5f2aff9acb63a7a8ca47c043fecfbfd1b) ([merge request](157158))
- [DAST Scan library: Fix Tailwind classname](26a52654f5b5ab7530f6b52096e9b0d4db3787f4) ([merge request](157170))
- [Fix line number for larger numbers](6308ab66ca7ab4bb90d3659cc98e8cd58dc557be) ([merge request](156820))
- [Fix 500 on Changelog config](fbf5c11464a6a462542a3ee7e273dc8a846c7be1) ([merge request](156938))
- [Fix spacing info popover icon on dependencies table](64b8b263e68d19e57113c708da2250cc365e0588) ([merge request](157148)) **GitLab Enterprise Edition**
- [Revert "Merge branch '430915-enhance-permission-selector' into 'master'"](642d945976e52049db6115742a57cce413a881c8) ([merge request](157142)) **GitLab Enterprise Edition**
- [Do not show cluster image scanning vulnerabilities on development tab](08d6018da94e28bb4371be7974a486b5795848ca) ([merge request](157018)) **GitLab Enterprise Edition**
- [Cap vulnerability report tab count if it exceeds cap count limit](f355e1e6b328ee9853ba646fe7f2d358515ddb20) ([merge request](157116)) **GitLab Enterprise Edition**
- [Enable the query workItemsByReference to accept a group path](1332f34e8f9acc5e3809e0ae8f7f7a2ea2ea9ca1) ([merge request](156881)) **GitLab Enterprise Edition**
- [Improve work item query when sorting by updated_at](d0a53cb7cb857d799536aeb00e4d97b3c4ba09e4) ([merge request](157075))
- [Don't introduce Unicode null character while escaping it](cecc43e3618913788465fd9c9689fd6ee321ff32) ([merge request](157060)) **GitLab Enterprise Edition**
- [Fix related work item links syncing](e111fd6754d54c0c9946db008113ec83344d36a2) ([merge request](157045)) **GitLab Enterprise Edition**
- [Fix extra blank space above drawer work item attributes sidebar](c44960893e0942a16034e7a194e2bb50407fb6cf) ([merge request](155156))
- [Only enumerate commits in pre-receive check if push came from Web](ce85e857b4542999907b7826ce66e4daab26c59d) ([merge request](156965))
- [Fix layout of issue list top area on small viewports](24bcaba38df863e2a6ab609655f97e08b46a3f61) ([merge request](156972))
- [Fix the workItemType to be valid](0662cbfcbabbf54a1f4f65435f1919474460dce9) ([merge request](156879))
- [Ensure all analytics breadcrumbs display](8917292f05cc9f9edeabba64d382491360c76dca) ([merge request](156454)) **GitLab Enterprise Edition**
- [Fix missing forked_from_project in projects API for unauth users](ebc53851c0b9e0d627eb84a628612e79480ddf85) by @_ZN3val ([merge request](154289))
- [Fixes notebook markdown failing to render](ae191bc941275d408475271473b03117167b6a2f) ([merge request](156908))
- [Fixed Numpad enter key event](b855762ffefb354ce697c47c843ee9c776646824) ([merge request](156636))
- [Fix error message when adding confidential epic to public issue](95ede989758b6db216d0afe82c3189d6bfb5e5eb) ([merge request](152972)) **GitLab Enterprise Edition**
- [Include empty groups in mentions autocomplete](38c719cc94eee2165cbae364c1a45780ed960866) ([merge request](156795))
- [Fix Bitbucket importer MR reviewers](dbc9b292da6686335baf1ce784840fb26ee008fe) ([merge request](156383))
- [Use widget presence check for rendering Hierarchy widget](f449e168011917d571fc018e7ed0c4c2bb79509f) ([merge request](156836)) **GitLab Enterprise Edition**
- [Skip IP lookups in validating URLs on certain conditions](e8190bd3d0ad87b98f920f144e098a6a2e08cca0) ([merge request](156547))
- [Add missing ResourceLinkEvent#synthetic_note_class](e55071ecfb409e1b7561c0b68f33b6eb90c0d317) ([merge request](156204))
- [Fix missing require_reauthentication_to_approve in API](a0a0f4a5900f5db22d3f2d9c68bf1423910742f0) ([merge request](156554)) **GitLab Enterprise Edition**
- [Fix Inactive Project Deletion reset deletion date](a5268a1b0b0991464c82aacda538c9054612516e) by @Deepak18-06 ([merge request](156036))
- [Remove the `deduplicate_security_report_ingestion_jobs` FF](e5c3e03ae4c6cd916fce92d1d06bbd9317ed42fd) ([merge request](156374)) **GitLab Enterprise Edition**
- [Apply `gl-break-word` to test file name in Pipeline test suite detail](da5605827e28ce50d88c3c3f7b59459a36ca1d0d) ([merge request](156668))
- [Remove null bytes when importing diffs](c3a333d5d4995108be679b2a90762f55cd3b70a7) ([merge request](156659))
- [Fix resolving namespace conflicts on creating internal user](46c2d55b45babf686012ab40077353bb319eb868) ([merge request](156643))
- [Fix redirect to docs.gitlab.com when no custom doc_url is configured](44e5d9c9cb3ece3351ca73514b0138011f15e25b) ([merge request](156642))
- [Quarantine metrics_test_fetches_top_job_data](b6984b9f600cebee691c81aae8c3f7b798ac4db3) ([merge request](156606))
- [Fix rename functionality using "Edit single file"](cd94fc7b67c1e46e4879c4f935ba2f74b3e798c0) ([merge request](156512))
- [Resolve pagination issue](8bf5e49bd5c9d21ab9229505f4893d192d9e3718) ([merge request](156391))
- [Read more: Fix background color in darkmode](ab86f679430f905647da84f3cd026eea4fd40a6d) ([merge request](156483))
- [Use LocalStorage for frequently used emoji](b464009dd1682e3946a94b2a504944fdb66b143c) ([merge request](156569))
- [Fix alignment of commit in admin jobs page](d630ecb9c8fe9013fced4e2c0df5a4594f56e0a6) ([merge request](156565))
- [Fix kubernetes tabs](33cf2695a8c4f0980fd11c556cf5766c9cd9b850) ([merge request](156508))
- [Skip conflict check when adding to merge train on pipeline success](ff44e19a433d6e2e00be36fd600b59ecf40f9d19) ([merge request](156079)) **GitLab Enterprise Edition**

Changed (231 changes):

- [Change schema for sbom_sources](f3b79455de4cc16d95579f0448e33be91ae72e89) ([merge request](158597))
- [Disables remaining prometheus integration endpoints](216e81eca14044b99eeb1bf5dca27dec3b8f3e8a) ([merge request](158356))
- [Change format of iteration dates](b95bd4c7ae6032fffcd6f58f324c1daf00226402) ([merge request](155894)) **GitLab Enterprise Edition**
- [Use sentence case for security and compliance](02c120454f547a081a5e6482e81df0f3ab2bc761) ([merge request](159260))
- [Rename DAG feature to needs](805a9f5fb0237f935a7ac5da0917296d061c22a5) ([merge request](157899))
- [Clarifies error text for confidentiality](121f9773af11ff71f5272699bfae03bc3e203ad3) ([merge request](159024))
- [Improve AI impact analytics dashboard trend indicator tooltips](7e0f21055af23dad7badfabc991a5b5c97ec30ec) ([merge request](159128)) **GitLab Enterprise Edition**
- [Update admin health check page UI](11a7b3adc2ed5928562c96b73a56ce9924cd0a78) ([merge request](158355))
- [Update scheduled_scans_max_concurrency for self-managed](67dd42dbe5df22c7fa7b2a68bb6d9f7901961032) ([merge request](157828)) **GitLab Enterprise Edition**
- [Defaulting Duo Chat to use Sonnet 3.5 and updating related documentation](9607104202f2614c09b189dc9678060ccee1906f) ([merge request](159248)) **GitLab Enterprise Edition**
- [Cleanup telesign_high_risk_cc_validation feature flag](8c8d22d2462b3984cac418ba6b2c155e47a4f8ab) ([merge request](159279)) **GitLab Enterprise Edition**
- [Updating LooseForeignKey cleaner service to not raise](c17516763c4ea1e8cee50b697f3f874f93877fb0) ([merge request](154185))
- [Backfill zoekt replicas on zoekt indices](11a0e166b214ca057de5b47d58ff57efefe59507) ([merge request](157849))
- [Use sentence case for Admin area](f7dd3d965a91736f4b8ca7edd8d3a1c227f860d3) ([merge request](158935))
- [Use group organization for import user personal namespace](ee2aa8f23885690452627c428ba162d7d648d351) ([merge request](159222))
- [Update background jobs header](9f3f0235736b4fe1121e5f098ec489d3fecdf3e7) ([merge request](158983))
- [Remove pages from navigation when disabled in settings](c81e6fbd69ba5f5532e0b54f3dc716ec96e0f6d9) by @Taucher2003 ([merge request](158488))
- [Remove view summary experiment label](09bdb4dcd7d7ed97b5a2f518426e81795a5c3e37) ([merge request](159139)) **GitLab Enterprise Edition**
- [This MR adds new option for group dropdown](65b61d7c3b887c1f1b9d5de95c1f547b48b829ef) ([merge request](158080)) **GitLab Enterprise Edition**
- [Migrate os sbom occurrences to correct components](6015871347123c24c1566e4c0165af887d256675) ([merge request](152585))
- [Use monospace font for code inputs in Pages setup](26a838eeb8563805216faf1ac983d4aa2f0b996f) ([merge request](158673))
- [Add or text between conditions sections for scan result policy](dbf35f870009a38f88b5fa2fb5e3092d6edcdb0e) by @jzeng88 ([merge request](158508)) **GitLab Enterprise Edition**
- [Move CI lint button](8063ab8e34e1c569dee7c828144ac9b407ff057a) ([merge request](158827))
- [Separate terminated workspaces into a new tabbed list view](9557c80c736627e0fb28a3dbc078a94f6eb3e429) ([merge request](153322)) **GitLab Enterprise Edition**
- [Summarize issues using Anthropic](2885c45ff2feb15c7333342dd0548fdd31a59dd3) ([merge request](159133))
- [Add details to client-side secret detection warnings](908d14efd49f636e1fc6a3163dd77d3765e69149) ([merge request](156503))
- [Enforce job uniqueness with pipeline execution policies](382207a516c91312c9b481f3cf4e17c1e55a3016) ([merge request](158949)) **GitLab Enterprise Edition**
- [Use sentence case for audit events](4231b823a9c173089c4257384e053ad8aeafb09f) ([merge request](158996))
- [Renames TanukiBot to GenerateEmbeddingsCompletionsService](77db17e1db5c7d3c2d99abf8aba67137d8c633ab) ([merge request](158209)) **GitLab Enterprise Edition**
- [Merge notes unification FF under more generic unification FF](270a0d9df6d76d86ad4ef7ea2ad6f46754d12bc1) ([merge request](158764))
- [Author admin permissions for PersonalSnippet notes](e78544866cec31950d38ba39b540335eca466a30) ([merge request](158715))
- [Merge Request auto close issues now checked on merge](22905c5f0808e2b20ecb9d0daadc4cf8227a63be) ([merge request](158395))
- [Verify replicable after create/update](358f6dae5e65de9194b313dd5458faadc3bafef3) ([merge request](157697)) **GitLab Enterprise Edition**
- [Add Notify mutation to resend email](2b510a42398afbf069c7fe4b4245e80b49f7bf73) ([merge request](159073))
- [feat: Decompose sbom_source_packages from sbom_occurrences](b90f4b6e36209c7aa009ecdf5fb916f3518fc02c) ([merge request](158143)) **GitLab Enterprise Edition**
- [Use Duo for summarize comments](49499622ba1f4dd3231bff134a329e4c85bf4201) ([merge request](156650))
- [GraphQL: Rename CiRunnerJobExecutionStatus RUNNING to ACTIVE](b27d0d92dce5dd10d2986b666c6cd46e4662880e) ([merge request](159002))
- [Update health check page](35b777c4e28d6c5e6cb2dc1aaeaf8a01686237e2) ([merge request](158986))
- [Update usage trends feature to sentence case](c4ea05a622c8d3d21e99bd25eb5b49f15c2e00cd) ([merge request](158979))
- [Use sentence case for background migrations](d4a6eea7c63e694cb3b25f22f1156c9062f44614) ([merge request](158981))
- [Used new process to gen gitleaks.toml](bc1ca822c2d863df8935121782ce15863f759ade) ([merge request](158259))
- [Merge labels unification FF under more generic unification FF](ca57ef643232626642582c2051cc5bdab533049e) ([merge request](158643))
- [Show selected work item labels at top of the list](02b81f94c42213d9d9b21ec10be89cc43d558c3d) ([merge request](158005))
- [Migrate groups dashboard to filtered search and sort](a46b96c154fb88eb533cf9f59fe44a8ed974f0cd) ([merge request](157667))
- [Use Active badge instead of Running badge in runners list](12fbcaa099cb483fc19b8338ee3303b2e6e949dc) ([merge request](157935))
- [Update admin background jobs page](653a55a2906304bd647a25a75d0dcdb414d070d8) ([merge request](158351))
- [Add license type to overview](228878e85b2515faf21c2d188a2db31118d60860) ([merge request](158245)) **GitLab Enterprise Edition**
- [Update dependency ai-gateway to v1.10.0](72ad1b5a449a65297b73e45666960010926f78c1) ([merge request](158590))
- [Add title and subtitle on the standalone GitLab Duo settings page](7229273fd5694916aad10cd94512564efa90ce2f) ([merge request](158482)) **GitLab Enterprise Edition**
- [Exclude archived projects from dependency list search filter](504cbe3f2d1627e270d63b643e476dfbd0d28bf6) ([merge request](158799)) **GitLab Enterprise Edition**
- [Hide Service Desk from navigation if disabled in settings](b93b46a577c2bc952a0dfabbb824d33d0b6dcf40) by @Taucher2003 ([merge request](158483))
- [Remove Gitlab.com check for last_published_at](73a027be56a2f1c12b10dd1cd29e60f00fa9c82f) ([merge request](156423))
- [Always allow license sorting for group dependency list](5271ec0ec5c4faf627cbd36c4ac2437c5e239758) ([merge request](158684)) **GitLab Enterprise Edition**
- [Update spam logs UI](1ab4f62f1cd09b8c88a64a738a7a0bdf02a41085) ([merge request](156950))
- [feat: Add doorkeeper device auth support](b33cfbc4d56c1ae808949012dc1dc791b6467080) by @johnwparent ([merge request](155622))
- [Explain quick actions inline in RTE](c4fcb325c334eaa81cd6b2952a34190b3fd1ad60) ([merge request](158367))
- [Add linked projects to framework](be668ec4482846931c6da8d3a6de058c292e169c) ([merge request](158403)) **GitLab Enterprise Edition**
- [Enable submit button by default](dedda453d11fcf5590723c3dc5dbb684c8a7f6b9) ([merge request](158249)) **GitLab Enterprise Edition**
- [AI impact analytics dashboard: Add tooltip when there is no % change](f3447df4b029a9fdb443c409326a62ec8d0e6e48) ([merge request](158376)) **GitLab Enterprise Edition**
- [Remove search_merge_request_query_builder FF](f3326fa520bfff0751a1821f3c70277e50b1946d) ([merge request](158135)) **GitLab Enterprise Edition**
- [Move merge request files now shown warning to diff panel](39f82a3a72ddd33f9f2be15342588f5266d66994) ([merge request](157597))
- [Notify Admin re: the hierarchy limits in displaying Group(s) statistics](47cea8c39958630931cfa294b280eb433cafa64b) ([merge request](155554))
- [Allow filtering Resource Access Tokens by state in the REST API](c78720efd9285328a5a653820ed3509a0b29e41b) ([merge request](158155))
- [Add `seats_in_use` to GitlabSubscriptionHistory trarcked attributes](a2b3e7bdd7123e46836c4df94efcfcfe84151e07) ([merge request](157311)) **GitLab Enterprise Edition**
- [Sets elaticsearch_issue_upsert flag as default enabled](9b81c92337a7d933b221f2a9b253ec6633834b34) ([merge request](158194)) **GitLab Enterprise Edition**
- [Add placeholder data to member tabs](6b4f5fae5a564da827b00f47c4de69be52ae1248) ([merge request](158569))
- [Prohibit "default" as compliance framework name](9828c418eb60a7fb5a79e46de4dee70b80bd3099) ([merge request](149548)) **GitLab Enterprise Edition**
- [Backfilling null project_id for p_ci_builds](bb06971eb127222b320b8950583c136fc8fe77f7) ([merge request](158480))
- [Switch deployment approvals group view to Vue](402b8f34d28c6481031de9121c4a1ed00c60d952) ([merge request](158052)) **GitLab Enterprise Edition**
- [Update protected environments to handle group view](52452c34b9d2073acdc982461b3c5873d99ffa19) ([merge request](157686)) **GitLab Enterprise Edition**
- [Add trial and update users_over_license_count in CurrentLicenseType](a576f08847f6b2db61cfc18c66f66281c1b45c9f) ([merge request](155473)) **GitLab Enterprise Edition**
- [List selector component for groups can fetch project only groups](18b39712043b895b1b980a681c355c2fc899ff36) ([merge request](158253)) **GitLab Enterprise Edition**
- [Update admin credentials page](b3b59e785ea9a6f389cfe121e0d2a93cdb0d0ab6) ([merge request](158451))
- [Update Tools Injector Image, PAT scope with additional ENV](228a9ccdab705a96e7513fb8f049e455dcdf07f7) ([merge request](156714))
- [Update Cloud Connector architecture docs](16dddfacbef791ac45712e3a10ad543b2ea21349) ([merge request](157911)) **GitLab Enterprise Edition**
- [Update admin background migrations](618e7c72b88d42275ae53b5dba5e05deccf67ece) ([merge request](158349))
- [Clarify CI Job Token wording](cc67e266a9502e95f1b0cd7dbf3f9741362e9332) ([merge request](156989))
- [Adds info alert about cleanup policy regexp anchors](597e1c2d15f0e533f431a5c7eaf815dc06016f0d) ([merge request](157888))
- [Remove unicode_escaped_blob feature flag](b97da58a57d56c8116b342ae1959be8afb825597) ([merge request](158370))
- [Update admin topic page](3a6f47bc121c454f6d0b778790b1eef7e93b177e) ([merge request](157848))
- [Added Promotion Management for CreatorService](326329a5d856609a1f9e97aec9caa363af67f209) ([merge request](156891)) **GitLab Enterprise Edition**
- [Allow access token access to usage_data API](4bcea84dfecd37e25c532c53bb571ed5634255ea) ([merge request](158085))
- [Default cube analytics queries to the last 7 days](ff012ea2897764f741c1dc268daf13f61f86e45c) ([merge request](158206)) **GitLab Enterprise Edition**
- [Refactors QueueExistingMemberService](61f33606c8661f1cd64c27d8bbd5d0c539941de7) ([merge request](156801)) **GitLab Enterprise Edition**
- [Enable custom dashboards by default on projects](80138e0b971eda439ad9f9a38197f7d74c8b6884) ([merge request](157917)) **GitLab Enterprise Edition**
- [Fixing target_table_name for build_name foreign key](e77f8bc31e151f1180045bcf88f21126062a36a4) ([merge request](158300))
- [Make filter based visualization designer generally available](698ef8c44436233ddfa77335ebbdf4291ceb7283) ([merge request](158072)) **GitLab Enterprise Edition**
- [Ignore `confidence` column on Security::Finding](4003634ceb0ed0e4301adb861d0249478559689a) ([merge request](158035)) **GitLab Enterprise Edition**
- [Remove DuoChat from Help center](db279dde3ea6c08a74a5bd0e66c42277af6b7452) ([merge request](157759)) **GitLab Enterprise Edition**
- [Remove wiki sidebar limit](6fe5c48e96617b5a201e2ce5bb7df0e8359f9f23) ([merge request](158084))
- [Improve token access add form](baabb747fcf91b4c303eb31fcbe372d61e3ac6e4) ([merge request](151730))
- [Move create repo position](1178913de16f344a5486106377b31f70dd3ebe22) ([merge request](157707))
- [Fix CI icons shape](4b3a40e406c3138882bb52c6d880b21a90271524) ([merge request](158204))
- [Support expanding references for work items](603ece973f525e7609f42e6f84304fc69b36089d) ([merge request](157963))
- [Align the visual presentation of the action between groups and projects](08c107ecde68b41339eb711c2b7d0a610904b376) by @antonkalmykov ([merge request](157727)) **GitLab Enterprise Edition**
- [Update admin project layout](e76d5ba332f8599570560c66fb7c854d23eaf5ec) ([merge request](157529))
- [Align admin users account content](e33210ac0324bffa770e5a573d6472ce0e9d8a76) ([merge request](158067))
- [Clean up signup_intent_step_one experiment](78d7591000f0ab105df35017e0a7c608633751d2) ([merge request](157181)) **GitLab Enterprise Edition**
- [Show wiki sidebar on a 404 page](164db2e91935ac1469f42e1a6597e28408900217) ([merge request](158088))
- [This MR adds validation for policy action](f14353e720e45e59f698309cb8a9c885b53ccac1) ([merge request](156528)) **GitLab Enterprise Edition**
- [Update welcome screen](aa1f14c90596e595426c7c841041156fcc5ab47e) ([merge request](156514))
- [Update users page for admin view](f55b68653c9c39e9c172e1ea069f637507977ad8) ([merge request](157314))
- [Update concurrency_limit for CreatePipelineWorker](169acd04ead7833127f0340dc3330d0de65704f4) ([merge request](158075)) **GitLab Enterprise Edition**
- [Added Finder, and correponding scope](7269bbba6850f4e791eebc969853b7fe669f1401) ([merge request](154555)) **GitLab Enterprise Edition**
- [Zoekt: Add ctags support](fa8d2e1db1ccdc39b6de6b5f1955ae29e7eef992) ([merge request](158049)) **GitLab Enterprise Edition**
- [Remove creating framework at sub-group level](cde82e647ab065dd61fbc8c8e67aa9e42a89e0a5) ([merge request](157868)) **GitLab Enterprise Edition**
- [Add NOT NULL constraint for `remote_mirrors.project_id`](19daf7b6c5386dc282490f9240708d64ef778e76) ([merge request](153959))
- [Add `taskCompletionStatus` to the work item UI](22a7a948a5a87db3440efee764734ab8674daddf) ([merge request](156589))
- [Update semver_dialects gem version](9cfb70e0df3503e4d3d83faa343ffb647ae5503f) ([merge request](157521))
- [Default enable FF group_level_vulnerability_report_grouping](3f5973054c408d9abe137cf150d54d43985f72d0) ([merge request](157949))
- [Update abuse reports list view](3a15b7fa01bb2baaaffcfc735b81f2c3c7991ee1) ([merge request](157681))
- [Use SettingsBlockComponent for admin push rules](a79bec61becdd9d306e9ec835cd690b050226a11) ([merge request](157611))
- [Sync epic work items to legacy epic by default](f2c68d054ae098cf54d37421f0952d838fad5ecd) ([merge request](157789)) **GitLab Enterprise Edition**
- [Add organization_id to stage event hashes table](16494994cb8544388fd068b9b0396f3a63c8ac12) ([merge request](156621))
- [Admin groups: Improve display of content](8014ea9fcbd2232da04fcdf02f3e35c6aedccf98) ([merge request](157420)) **GitLab Enterprise Edition**
- [Update PMG architecture blueprint](d782d03cb892334bd1e7142ac1569d4c98b14a16) ([merge request](157806))
- [Fix required approvers validation](388f43277c5f82ea00a37ee2e155a8154c1490f6) ([merge request](157777)) **GitLab Enterprise Edition**
- [Update graphiql-rails gem](313046daf347a0455ca7eab430fcb3b8b5d08af3) ([merge request](135010))
- [Modified UX of command palette](4c2f759439605e210980ef1816b756bd2f7e2d08) ([merge request](157015))
- [Admin settings: Migrate network settings to SettingsBlock](4a7b408efa1375c8d5196b288d2d323c4579f835) ([merge request](157051))
- [Migrate oauth applications to use CRUD container](b5348d678230f1201ec50b71077e939b0e3411fa) ([merge request](156903))
- [Migrate broadcast messages page](093159d629902435e92561d9bcceb5771ca4576c) ([merge request](156895))
- [Remove the data preview option from the visualization desinger](644d80d912d522194ede40687430430008e9b24f) ([merge request](157744)) **GitLab Enterprise Edition**
- [Update dependency ai-gateway to v1.8.0](9fbdaef10c2324ea2453e2f87be57f1cde0f06a5) ([merge request](157736))
- [Extract SSoT for pipeline sources for which SEP should be enforced](c716fd84ceb2db0556918e14dfbe63911d0fec08) ([merge request](157588)) **GitLab Enterprise Edition**
- [Move Mermaid too large alert to the beginning](2c21c66ee910b4e07e8a978a0b06609dcfc9564d) ([merge request](157735))
- [Update bulk create service for custom software licenses](31025b8cb969cc45ce7f11c1b1b75d714b1c770e) ([merge request](155588)) **GitLab Enterprise Edition**
- [Raising error in mutation when more than 1 frameowrks for project](cdad457636d8d7ad0de5ed065ac0fb4efa1460fb) ([merge request](155854)) **GitLab Enterprise Edition**
- [Update vendor/spdx.json to v3.24](74af77ec2263d9ff12164933cae35c086d40aaf1) ([merge request](157653))
- [Add search_type param to SearchService](065d10f065ed76394a7e0f17ae8d4c7605911d90) ([merge request](157022))
- [Update wording for pipeline deprecation banner](d89e8c6510b3fef6c3404374e29357d542181e95) ([merge request](157595)) **GitLab Enterprise Edition**
- [Route resolve vulnerability through the Anthropic client](854029222599e6288722b294811274872738796a) ([merge request](156671)) **GitLab Enterprise Edition**
- [Add read_runners custom ability](a0f8c3098e87b8fa09bca3ca6838511a07efdd28) ([merge request](156798)) **GitLab Enterprise Edition**
- [Migrates deploy keys to use CRUD container](6652d0ef24c4eafd866011a267ba3eb2b35263e4) ([merge request](156909))
- [Allow blob window size to be specified](1b472b9a753771ec77bddc3e67cbf2aa7b9785a5) ([merge request](157168))
- [Remove ":" for drawer title: overwritten part](12a479b2f361049980afc7c4da9f01a77d23f11a) by @jzeng88 ([merge request](157550)) **GitLab Enterprise Edition**
- [Adds snowplow form error events](2546c6284592d4649a6e66f84603f0969e63a9a2) ([merge request](157543)) **GitLab Enterprise Edition**
- [Adjust layout of iteration report issues table](0028e3fc79a7bfeb4c62be91c25261327bcd54c1) ([merge request](157377)) **GitLab Enterprise Edition**
- [Remove "+" icon and add word "new" to button](e01d8f7eaac2dddfa4cf5a3a94028d122a1d7dd9) by @jzeng88 ([merge request](157394)) **GitLab Enterprise Edition**
- [Update admin groups layout](a1af6477a95333aaf63f46a4a884e8b7840df809) ([merge request](157201))
- [Add support for parsing CI log timestamps](76f92b62bbb4c378212372cec41c7704039c7164) ([merge request](155695))
- [Reduce the amount of variants for GitLab UI badges](499a179102694e0ac7c2e1a7d45a207641dbd151) ([merge request](156880))
- [Duo Chat cancel button integration](3f12dc8a3d330d357d5e142b25c53457f8b694ed) ([merge request](156880)) **GitLab Enterprise Edition**
- [Remove "scan" word from execution variable](e2026f16ed7890dd76181d805b71fd29878e3718) by @jzeng88 ([merge request](156415)) **GitLab Enterprise Edition**
- [Update admin product analytics settings](d713b19f316db1a69a9a49aa4e8c2ea32380fb7e) ([merge request](157088))
- [Allow assigning compliance frameworks at sub-group level](08c7ab96dc50691819a0a98da0d9177dc2e595fb) ([merge request](157412)) **GitLab Enterprise Edition**
- [Migrate CI/CD Variables settings to CRUD container](caba42c7f858e66f859270803669c72672a8c3cd) ([merge request](157276))
- [Update admin license and compliance layout](384c5ef0f03a996bd73fb8dc887ae0a06d733d0f) ([merge request](157095))
- [Remove drill-down link for code suggestions usage metric](8a9b34bb78361f818b4fd8ca6b91c1ad4fa12285) ([merge request](156984)) **GitLab Enterprise Edition**
- [Change History links to 'View import history' buttons](609af389f719a76b4c758ec5e0bf668088167961) ([merge request](156373))
- [Update tools injector image](8cb33746ed2a41060e51ab226309da5516be40ea) ([merge request](156918)) **GitLab Enterprise Edition**
- [Admin labels: Migrate to use CRUD container](6fb5e3e24e9d2fce5978d1898c8a9455549ec2ca) ([merge request](156923))
- [Admin settings: Migrate reporting section to use SettingsBlock](ac82c7fdcb612e8ebbc5bb7704478bae7051a618) ([merge request](157047))
- [Admin settings: Migrates repository page to use SettingsBlock](058017c2bfd57cecaaa34d031eaafb89ac92360c) ([merge request](157039))
- [Admin settings: Migrate analytics section to use SettingsBlock](a0c84238d13d5bd3eec550898a2084690ffef4b3) ([merge request](157054))
- [Admin settings: Migrate preferences to use SettingsBlock](1443c2bef7c0598888ae3480cd95380f7d939517) ([merge request](157053))
- [Admin settings: Migrate metrics settings to use SettingsBlock](af2e67d8ce93db82586ef8aac4ea088efda73aa2) ([merge request](157050))
- [Admin settings: Migrate templates section to use SettingsBlock](9ceddc16cd553a45aaecdc2c4399d6399f18e7d7) ([merge request](157048))
- [Admin settings: Migrate CI/CD settings to use SettingsBlock](6ea284f56c218f06f6400c43cc434197c565ec6d) ([merge request](157040))
- [Admin settings: Migrate settings blocks of general settings](f73caead94a079d98b9c487b87e513a98240f24b) ([merge request](157033))
- [Update GitLab Pages version](3c6a6b7270d07856a38dcef472640ece462b2337) ([merge request](156723))
- [Pipeline graph dropdowns: Use GlBadge for indicating jobs](cfcab231757af7fa07ccd5e23fd617140e1013c0) ([merge request](156160))
- [Update projects page for admin view](30ee894176c4fc42b1c943a4a222a3f395c2bc00) ([merge request](156790))
- [Require user to solve Arkose challenge on every PN verification attempt](8d9db028c231f4dc594e78dd5ac35cc69701fcca) ([merge request](156865)) **GitLab Enterprise Edition**
- [Migrates File Hooks to use CRUD Component](39b218efe1edae7ca6d05e28d39cf45840a16593) ([merge request](156900))
- [Admin settings: Migrate advanced search to use SettingsBlock](25f6ce6fc714129beeb1d5c4070fbc35d16ce717) ([merge request](157038))
- [This MR updated approve layout](5d184548cc8224176f0764a9b0e32001b817418c) ([merge request](156628)) **GitLab Enterprise Edition**
- [Conditionally handle AuthorizationsChangedEvent when policies exists](0b94a9895a58607246b47258cf641ae1d72240e4) ([merge request](156775)) **GitLab Enterprise Edition**
- [Add report_type to Approval Rules APIs](e67fbe0b7de9bc40c9de2c8218faba608b8ba592) by @PatrickRice ([merge request](155772)) **GitLab Enterprise Edition**
- [Update locked application setting popover](48b93da24c1cf9c143e73a29bc5c6e2f5176c866) ([merge request](156926))
- [Enable assign resource v2 by default](3bdac40f8c0ebd77a7e4a14fcae063e45bcfb312) ([merge request](157156))
- [Update admin geo page](2008e21509833c30718c592e8798352493ae7cf8) ([merge request](157080))
- [Refetch job list when an artifactless job remains](6e4e17193691300e40f99298bd5cf18221fc3bda) ([merge request](127632))
- [Add start trial CTA to duo pro usage tab](2149ae090f50d351e95b2d5d015af779b7c2ac8d) ([merge request](155902)) **GitLab Enterprise Edition**
- [Provide consistent interface across scopes](3128f3d5f86b11b24d0d0cc7bf37a8de17c90281) ([merge request](144067)) **GitLab Enterprise Edition**
- [Update snippets empty state](637554379ce6e03928dada47d8260792bb4047f9) ([merge request](156785))
- [Remove ignored `toggle_security_policies_policy_scope` setting](e105c938a7cd849decb95798ecdc0d044725cbd0) ([merge request](153266))
- [Update naming of duo group settings](3a979af4ccba5da09b2d97bc5ccd90dd632d512f) ([merge request](157010))
- [Add UserStarredProjectsResolver sort argument](077ca496eaadc0a9383a552ed32294233de2f7e7) by @jzeng88 ([merge request](153651))
- [Migrates gl-display-inline-flex to gl-inline-flex](3aa4f990bde82a9c6fb59d7c726a02bddc693cea) ([merge request](154887))
- [Multiple frameworks labels](ca5a43e01aadde03cf32218f62f7e56eb5709f05) ([merge request](156570)) **GitLab Enterprise Edition**
- [Add permissions checking to AI impact dashboard](23bf0938f52424ec382ba745b57375234b769949) ([merge request](156555)) **GitLab Enterprise Edition**
- [Admin settings: Migrate security settings to use SettingsBlock](467df2db45835010a9b4210982fe662f2f30e8b4) ([merge request](157043))
- [Externalize strings on ldap_group_links](2fcc3e2fd12ea0c6813e7c88a1548c90cecf24e0) by @MAlvarez32 ([merge request](155271))
- [Improve usability of environment folders](076d3d3a212c3a93ec60863090c3a0fa185ecd05) by @antonkalmykov ([merge request](157104))
- [Display capped results for large datasets](d1d8005ef78e12f960dcf5ddde6b9dcc2266087d) ([merge request](156026)) **GitLab Enterprise Edition**
- [Update GitLab logo on deploy page](f3f6e87a1ef799024b4a9e76f88afe9f3cc384d7) ([merge request](156261))
- [Update groups page for admin view](64125d73f2485bdb6f2400e2db99df134975ce8e) ([merge request](156800))
- [Update admin subscription page UI](0f48e27e338908ff0935c6024de2bbf8db037560) ([merge request](156839)) **GitLab Enterprise Edition**
- [Add placeholder actions to table](dd77d0d5f36c2cffba601a0544ea28727ee5b13a) ([merge request](156533))
- [Update visualization type selection with validation state](f7e5cdd2aa4d7eabb99d4490976844d6a111e369) ([merge request](156976)) **GitLab Enterprise Edition**
- [User friendly date formatting in Container tags_list_row](8721191f9f5f3c314d84e28f5e25682abf3116b7) by @Saurabh-Daware ([merge request](156376))
- [Remove extra space in board cards](49d00c28e62c0550838cb12734651b3f54788d42) ([merge request](156113))
- [Check deploy_key exists during ProtectedRefDeployKeyAccess#valid?](d9c9f033c8be3e9ee9e6ad3ca21f8f623f6f046d) ([merge request](155745))
- [Implement AR validations for ProtectedRefAccess](849784e42d78d25aa83e9c83b787c98178cad254) ([merge request](156002)) **GitLab Enterprise Edition**
- [This MR updates yaml schema](154b2da8aefb489cae1d42cf3afd04a89138fa3d) ([merge request](156363)) **GitLab Enterprise Edition**
- [Remove showcase_free_security_features experiment](e9eea5f2cff7648915c6bdec58af9ceae9a56e00) ([merge request](156803)) **GitLab Enterprise Edition**
- [Reverse make_synced_work_item_read_only FF check logic](1046966e152bed6adfbb147d248ce92ae8694472) ([merge request](156648)) **GitLab Enterprise Edition**
- [Renamed autocomplete scopes to use plural form](cb4d38de54c7cf1fd8bf3804a1e9675b5f379b9c) ([merge request](156492))
- [Show dependency location count if `occurrenceCount` field is present](44bc09dbc7339fe9c056153808fa60660a6a3f84) ([merge request](156557)) **GitLab Enterprise Edition**
- [This MR removes loading state](e7880922f54023e32063fcf0e97ef1783497ce6e) ([merge request](156793)) **GitLab Enterprise Edition**
- [Add concurrency_limit to AddApproversToRulesWorker](790ff68c27495f69be533660910df98909476b33) ([merge request](156778)) **GitLab Enterprise Edition**
- [Update gitaly servers page](db83949fb9ab1e1355cbc9648dd42ab8b014f123) ([merge request](156536))
- [Update trial terms](a6d5bc395710a1bf7c45ed4f95aad72937ba5a01) ([merge request](156341))
- [Enable zoekt_exact_search by default](741fb8a8dc06422f09a4c75c6146a311182f63b4) ([merge request](156748)) **GitLab Enterprise Edition**
- [Remove ai_claude_3_for_docs feature flag](4935a53bca171971c5844a53544725a704bc073e) ([merge request](155281)) **GitLab Enterprise Edition**
- [Increase max body limit for AI GW requests](fa2732f43cd308e3a178332a14223a05162aa8b4) ([merge request](156738)) **GitLab Enterprise Edition**
- [Remove GCP WLIF setup script API endpoint](b637037095f224eee419ef8518db13d7a6704525) ([merge request](156699)) **GitLab Enterprise Edition**
- [Drop ci_job_artifacts_use_primary_to_authenticate feature flag](3157d57733edbeff16488d545e497d26503c0c0b) ([merge request](156697))
- [This MR updates yaml schema](26ea84d39e87d36f0b0b97b7b1b6f85d79f9b1c2) ([merge request](156325)) **GitLab Enterprise Edition**
- [Adds Zoekt::Replica](888775a1207cfeae18dafc62ceaf8ff1d9f2ba00) ([merge request](155317))
- [Update admin system info page](13f5c11eed8a8386b76c705105f88f6ea460b3a4) ([merge request](156567))
- [Replace approval modal with link to approval page](9d00cfb79edfdbac48142147eb24694049813a3a) ([merge request](156656))
- [This MR refactors multi select text](944cd45e0b61a39408b79b72f8766fe31f16c387) ([merge request](156641)) **GitLab Enterprise Edition**
- [This MR updated user approver dropdown](283832501708409b15b210c260749a04bfb8a7d1) ([merge request](155611)) **GitLab Enterprise Edition**
- [Remove :notify_owners_of_finished_dt FF](6f1cfc427a1ef7a22e5afce825bf545e9934cc47) ([merge request](156633))
- [Cleanup the duo_pro_trials feature flag](172f26857626b38e114792d8a6d0f425d934bc83) ([merge request](156132)) **GitLab Enterprise Edition**
- [Change unit primitive for text embeddings](e90f96b6b63e907bfb6ecec11e6351b1ed2682e7) ([merge request](155835)) **GitLab Enterprise Edition**
- [Extend error-alert Vue component with buttons](4a97c359cc09a20e3764ed25001083b34eba0483) ([merge request](156206)) **GitLab Enterprise Edition**
- [Add external Stripe IDs to CreditCardValidation](7bc3183c75dab0616a6fe2431d9820eacbdcec76) ([merge request](156505)) **GitLab Enterprise Edition**
- [Improve compliance center for subgroups](d57d6295907736e3c4d99b22ee3a8c026b358c31) ([merge request](156260)) **GitLab Enterprise Edition**
- [Use static AWS credentials for indexer if set](14207a5ebee99111fc8696c2ee7d6925acbc2005) ([merge request](155960)) **GitLab Enterprise Edition**
- [Remove transaction opening for non-basic search count](dcf811f417b7910c7aaaf5ff1c08dd77e118bfa1) ([merge request](156321))
- [Remove overflow:hidden from card component](8af3832ba271bbb766c2b0a19c8a1f2cd3ab892f) ([merge request](156548))
- [Display usage quota tab during duo pro trial even group on free plan](5dbeb1485d4fd777104bf72cc87160d9f3a9f879) ([merge request](155767)) **GitLab Enterprise Edition**
- [Allow self-signed CC tokens in development](c7c60323dd09e415533b737d01c92548f375dc95) ([merge request](156496)) **GitLab Enterprise Edition**
- [Add NOT NULL constraint to ci_runner_namespaces.namespace_id](ba16f8e7548147c4b74867458e11efa361d09457) ([merge request](156318))
- [Add NOT NULL constraint to ci_runner_projects.project_id](412604bf443e427faf57497cb1858bd1d1f4fe92) ([merge request](156314))
- [Update create label UI in labels widget](920e418ac45df7b2d8b95f135f34b3a7b2d0fca4) ([merge request](156056))
- [Change help link text copy](6e7ed1176ae2236ae74ffc6645645eeb084e4fbe) ([merge request](156029))
- [Update dependency auto-build-image to v4.2.0](62133c84cd65559717213f735d36e9d92382689c) ([merge request](155945))

Removed (22 changes):

- [Remove triggers and old columns for bigint p_ci_builds](944155c2596919d5d70ab5491116cd43f5a1bf93) ([merge request](158711))
- [Removes storage_size index on project statistics](6c685a9fb1b35e46d3e2f8354d25fc8f815773cc) ([merge request](158616))
- [Remove MR review summaries table](0b13bb2a53ad6ec8320e1c71934401a818762713) ([merge request](157572))
- [Drop `index_vulnerability_occurrences_for_issue_links_migration`](518ad733fb27471edaf7fc15605a0bc9a2962135) ([merge request](158736))
- [Reverts 112527 as no longer required](3336394f92d8916175b7c4679d4bbf7de54dc300) ([merge request](158609))
- [Remove EnsureStageService and prep for removal of `stage`](f6aaabeff28e897d7f91aa5aed448e7b82f91160) ([merge request](156892))
- [Drop legacy geo_repositories_changed_events table](876d67fadd97b5124f4c54fd2988eaf873c05e53) ([merge request](158660))
- [Remove SafelyChangeColumnDefault include](37bf0d05bc6d949e59371706b5901429bb061e5b) ([merge request](154212))
- [Remove `issues_mrs_empty_state` feature](e63ee4fb40f484ddc6c04876a3ec31c074b3b52c) ([merge request](156693)) **GitLab Enterprise Edition**
- [Remove create_user_details_all_user_creation feature flag](7eeb9d74630925207a3699e6f6cc83fceb0b8e3c) ([merge request](157958))
- [Remove the template auto fill AI feature](15db60a024c937a52036e64b78f5403320194f7e) ([merge request](156766))
- [Removes project stats index on packages size](7feef107a4e051799be9f632f55a08265acf8ca3) ([merge request](156008))
- [Chore: Remove the ai editor assistant feature flag](ae1fd20a598a2c4515ae3ad9f2b456831dd6cb3e) ([merge request](157837)) **GitLab Enterprise Edition**
- [Removes storage size idx on project_statistics](8ff61ea7a5debf8979fe9fc7c87127b125b09c8b) ([merge request](156005))
- [Drop unused DAST tables](c76555c4a9840b72384ecc428f4222cc107d8232) ([merge request](153443)) **GitLab Enterprise Edition**
- [Removes project stats index on wiki size](e6a2a5a4e31ae200530dc7434c90a3734db06b00) ([merge request](156010))
- [Remove track_ai_metrics_in_usage_data feature flag](d426fa2fe74208662ca3d8c0a3c93e24f9501743) ([merge request](157196))
- [Removes index on project_statistics async](12ffa83842508c0be03fef1842b17beb3bcdd074) ([merge request](155999))
- [Remove obsolete codeSuggestionsUsageRate field](19d17c281d9b76756b1dd86e7e2e149c89067d9f) ([merge request](156750)) **GitLab Enterprise Edition**
- [Remove sep batching configuration](3030bb11d7535ca2950429fe573dedc0e09634b6) ([merge request](156835)) **GitLab Enterprise Edition**
- [Removes temp index from project statistics](158acf6c0a54d5bb79530f7e43822e2bddaa89a5) ([merge request](155997))
- [Cleanup prominent_create_board_btn feature flag](43d17697e2b38cf7f8f0d23b7e1800f7d040d167) ([merge request](156324))

Security (23 changes):

- [Check npm package name, version and scripts coherence](14ce36e7045252dd74dc59a71a5acc348ceadf13)
- [Disallow serving Pages over disabled custom domains with deployments](08a5faf3c92d34407a96b03d6a44c12db00ee1f2)
- [Prevent privilege escalation via custom role](30cc4e834c300d18d4e30f052de18f999065ae85)
- [Check if user has ban_group_member access before banning in namespace](81594e06ccef46c19dbb2b9e760d3422a9bdf4eb)
- [Check for create_deploy_token policy before creating deploy token](38d7fcbde55100c6eb63a1c8babd379cb4d205a3)
- [Prevent using quick actions for some bot users](a08eaa3dac0eb76fd4135eda412572f24fb28578)
- [Disable raw HTML for quick action pipeline](049504cecf622189f69b14dbc8895e6f36af0af4)
- [Disable quick actions unless description changed](3d20fd45ec2b24ff02a06eea0ef1558f522a211d)
- [Remove comment support from shrug and tableflip](8cf683d6f1cea2ac3f0975bcf7d6e156f40a37ba)
- [Pass SSO session data to Sidekiq](c7eabd8a76e035e439d27734310dd3d6c83bc2c0)
- [Do not run a new pipeline on re-target](7db0608a8e0e76c3a697edf052a9e603367161b0)
- [Remove search results from public projects with unauthorized repos](d38ed3d433f51060c7c7daa793ce9aaf14beb513)
- [Reject deletion of security policy project approval rules](69d6113572c1515f46ddfb1990aa746ae123c518)
- [Add limits on autolinker regex](74014108b6811c8ea40813e0981915115742a1d4)
- [Fix for Private job artifacts can be accessed by any user](50bd3b7b0cdcedf7efdf3b8b1d8808a4e0aaab76)
- [Prevent non-members from using promote_to quick action for quick actions](ff425064c3d22341d520fff8abf829a812c5c14f)
- [Fix the catastrophic backtracking in openapi regex](faa5c6e04b47aa618ef2fdf7b1242272896d134c)
- [Use permitted_params for standalone and multiplex queries](b5afa91ae27c8d9b11461ebeb03b25a230f5bc54)
- [Fix clickjacking on OAuth application page](5073499734aa260dc96a6329ff913ae72a3e2e62)
- [Remove collapseLongCommitList method](4c970a3095e06a3406bb0cbcc2286d637ee3128c)
- [Security fixes for banzai pipeline](b32d3189758c48afc0621a806645cb20f83b9864)
- [Hide branch merge request if merge requests are private](c376da8991401b8748048cc11e6bdbd61c253724)
- [Mitigate ReDoS attacks via `method_call_regex`](ee4cac0f6ca99cbf90724d75d42a9e03137e5ddc)

Performance (3 changes):

- [Parse affected ranges only once](e6867b4399e085f47f76d96501d1e5b72db6ee87) ([merge request](158842))
- [Adjust Bitbucket server importer to be resumable](47b0c08f41b8ed39c57959f8bb6523cfc213da6f) by @ivantedja ([merge request](156797))
- [Remove group-level vulnerability report performance improvements FF](f4fb8398fbbc1d36811634c9fe5777c26cd80daa) ([merge request](157786)) **GitLab Enterprise Edition**

Other (150 changes):

- [Finalize DeleteOrphansApprovalMergeRequestRules2](a92c8f39a61117bf3962689bce8fb77d3c846e76) ([merge request](159017))
- [Update display_work_item_epic_issue_sidebar to work_item_epics](2cbeed7a47a56f659f0defe1e99f90bdc5f5aa07) ([merge request](158613)) **GitLab Enterprise Edition**
- [Remove bitbucket_cloud_convert_mentions_to_users ff](368af21b0ecc97e0c5fb334724b7306bd8f33a20) ([merge request](157957))
- [Quarantine a flaky test](e6f582894a15d68d96b1da99e1f8377d884a4f1d) ([merge request](159033))
- [Quarantine a flaky test](c51b47f0d371e8b75a74367d7ffa1099762eceab) ([merge request](158874))
- [Remove filter_deleted_groups feature flag](8e97da759c8330158fa467313e414adb766f1f15) ([merge request](159214))
- [Quarantine a flaky test](aae6917b0dcc8bafeaafe62a3ce96c420429c92f) ([merge request](159184))
- [Quarantine a flaky test](2df953b7f5176226d1301c0874786523b21f2d75) ([merge request](159178))
- [Remove unused index with namespace_id on vulnerability_reads](9f2e060a8daa90b8f9ed517eccec76ca6ca0f46d) ([merge request](158941))
- [Sync approval settings for groups for reauth setting](2d483935d991f72bb0f712ae77ac2b1569a20144) ([merge request](158648))
- [Remove self_managed_code_suggestions feature flag](0b19feae781cfbc6127f2cc1cc2f0685b8ae35cb) ([merge request](158440)) **GitLab Enterprise Edition**
- [Create table p_ci_build_tags](fd0f7a053d2c4953a57bc48ad54290313ba2e60e) ([merge request](158327))
- [Quarantine a flaky test](8e737f615f3165c284ab24b6fab14067a7bf9fe2) ([merge request](158710))
- [Quarantine a flaky test](a1d73b25b38a1921b1a27bb9b80b37eab21e9eb9) ([merge request](159034))
- [Quarantine a flaky test](f0ec39f8a3d7e47a98ccca9f6da9955277de3535) ([merge request](159031))
- [Quarantine a flaky test](1344908bc4b839baefee9c2d8833ffb00d3bf9bf) ([merge request](159030))
- [Remove reference to BBD ODS FF](e248a83b765bbdd5fe0c313581445575b3d287ad) ([merge request](157902)) **GitLab Enterprise Edition**
- [Quarantine a flaky test](614e6402a938a00524dd7317776a1d5e827fb6d9) ([merge request](158871))
- [Remove `rewrite_sbom_occurrences_query` feature flag](915bf7b04257f005312f43ba893f5b8b99486855) ([merge request](158772)) **GitLab Enterprise Edition**
- [Fix forgotten ability](739a6964a41bfb3ee735a8721a8417aa872973b5) ([merge request](158698)) **GitLab Enterprise Edition**
- [Fix <Layouts/LineLength> offenses](290db2121b2155f3517861c3e6556a0f823851d8) by @Rohit.Kala ([merge request](158783))
- [Fix flaky test "#protected_branch_exists?"](9fbc1dfd6a04e8a0f4af63e0ac91fc3cbf7cfaa7) ([merge request](158779))
- [Implement delete car mutation](97e567c212d65890952bd6232a6b747ff72c58b3) ([merge request](156488)) **GitLab Enterprise Edition**
- [Rollout Filtered Search on Vulnerability Report](3870780a825594d474d7b33523821f9b2eae13e4) ([merge request](157172)) **GitLab Enterprise Edition**
- [Fix pipeline schedule error handling](4c0152e2428685af535cdc56e57d36eb565f9fb2) ([merge request](158436))
- [Remove temp index](f7211e0c62b1533f0fb16d69cdda8ff82ba5199c) by @TamsilAmani ([merge request](139271))
- [Add a `pending_delete` column to mark namespaces deleted by user](03871fbcbed7cde24eb2d80eb2ddd8b7b9126603) ([merge request](158309))
- [Add partitioned FK from ci_pipeline_artifacts to ci_pipelines](16d0cd7c4edec447d52562d72a8fb7844ad51797) ([merge request](158086))
- [Quarantine a flaky test](b81f0aadb99a88ecfbdd0367da33411390280df1) ([merge request](158506))
- [Quarantine a flaky test](018d27c0cfa54483ff0de92581bbae897a6de4b8) ([merge request](158507))
- [Quarantine a flaky test](4dd720ee04b03cf4676f936df292c40ac90f318d) ([merge request](158558))
- [Finalize migration CreateComplianceStandardsAdherence](8d280d0605411dda077e329b5962be8670346d65) ([merge request](158148))
- [Rspec Test order: run test in random order](41360018cefed51bc0edaf49b888929922b2e9c5) by @Deepak18-06 ([merge request](157845))
- [Quarantine a flaky test](20e296a10c1787ce22c5082c357bfcc28b606919) ([merge request](158181))
- [Refactor SAX document to cobertura](60b7d09861b6afe93d5c796123e3c4d312e03bdc) ([merge request](158341))
- [Release jira_connect_remove_branches](8f2d020a40dbc523afc86291c25f27b12938434f) ([merge request](158224))
- [Finalize BackfillWorkItemHierarchyForEpics migration](44702df1c97d0e01c7eb8a25141f16789f2d030d) ([merge request](157981))
- [Improve accessibility of remove icon buttons](5c9976313973900497654370de97221c8a1d3153) ([merge request](157929))
- [Persist all policies instead of active policies](dd249a70ec5b944371e27ff517b650877b2b91b7) ([merge request](156735)) **GitLab Enterprise Edition**
- [Remove set_ip_address feature flag](f3bdbedf8b6ba727c706e4102ecce306d8c02216) ([merge request](158418))
- [Finalize re-syncing basic epic attribute migration](6e7cd743b12fcd155634d82af2247360ac4e23ef) ([merge request](158384))
- [Finalize BackfillEpicDatesToWorkItemDatesSources](71eefb084e9c9cd34d8687ab693ebde92c87d936) ([merge request](158037))
- [Enable parallel_project_export feature flag](64374dc941d86a0e9845cc34d5bb3a4b0963f08f) ([merge request](158369))
- [Add weight widget definition options](7c85c228ee21072c318e3117535c1543a316947f) ([merge request](157705))
- [Add partitioned FK from p_ci_builds_execution_configs to ci_pipelines](faf68ca11c79289938d08e2ca1e7800ac2489c43) ([merge request](157908))
- [Sync create index and swap columns](8852ca7059369db1a5449e96ec48a496cb5f801f) ([merge request](149671))
- [Fix Style/Lambda offenses](cf3980a5712da1d17bb3c6409cc129533ebb5418) by @Deepak18-06 ([merge request](157265)) **GitLab Enterprise Edition**
- [Add index for listing uploads](f07a817427e63a9fec4816204d00c04bccd4f9d6) ([merge request](157139))
- [Quarantine a flaky test](e9abb2af481bee29ca0bda114ba340348c4ff0f6) ([merge request](158178))
- [Protected packages: Batch load matching protection rules](463982894a3ac7ee871f373c98c4f45c0cf5fe72) by @gerardo-navarro ([merge request](154595))
- [Extend a troubleshooting section to cover Xcode SSH keys problem](f54883e42feb25cca1d1cd8932384f336d9d4efb) ([merge request](158215))
- [Add partitioned FK from ci_pipeline_chat_data to ci_pipelines](cdfec4f6b7e4953d18beac1e7eeaf48480b8a0b0) ([merge request](157938))
- [Rspec Test Order:Run spec/graphql/types in random order](0cf119cc43ce8facb883ed33e1eaeb2e323f2d4b) by @Deepak18-06 ([merge request](158172))
- [Add partitioned FK from ci_pipelines_config to ci_pipelines](b42f9a1e167f103a2cd118f678df685677da66d7) ([merge request](158065))
- [Finalize backfilling of related epic links on issue links](e0fda69bb3a89228d860fb81d0381dabbb0df482) ([merge request](157492))
- [Quarantine a flaky test](7fa3c9217a0b0c0e5d5f1a9a1c14d58d40a89642) ([merge request](158174))
- [Quarantine a flaky test](569ec66e5b1866de254374383fdd83c4e9987625) ([merge request](158008))
- [Quarantine a flaky test](1c1ac1e3efe1d68fb304225a18d599c69a3585d2) ([merge request](157711))
- [Fix Layout/LineBreakAfterFinalMixin offenses](a710a4065fd660008138594cc603b8fa8f9c6364) by @m.bortlik ([merge request](158123))
- [Protected containers: Enable multi-line errors in GraphQL API](f11d937169c2b061ae65d0d3444a6d7264239417) by @gerardo-navarro ([merge request](148838))
- [Fix Layout/ExtraSpacing offenses](c71dfae62eb6bc9ed9e682b1d0c64b0486cf9482) by @miha-prehcm ([merge request](158083))
- [Add partitioned FK from ci_pipeline_messages to ci_pipelines](2cb83573d6127c0b15344a24156e8dee4c7a9d05) ([merge request](158065))
- [Add partitioned FK from ci_pipeline_metadata to ci_pipelines](15d7fadcc85054caf17d76d0d940c1b9f24e6f8e) ([merge request](158065))
- [Mark 20230615101400 as obsolete](65ecf2b70c32c4f4b41a20cc54c4a984aa9bc9ec) ([merge request](157366)) **GitLab Enterprise Edition**
- [Change table ownership](d12b8a7105d8f17550ce5a2e221c328e0fa78983) ([merge request](158030))
- [Add and backfill group_id for packages_debian_group_architectures](38dba13a0c77b1d814d231a0764fca724cba077e) ([merge request](158027))
- [Add partitioned FK from p_ci_pipeline_variables to ci_pipelines](f0d1874de344f6b6ef6fc7dc139cd9013ab75b60) ([merge request](157747))
- [Regenerate rubocop todo files](bb1b277f6d338ea63d81c6f836d5249a04e9ab2c) ([merge request](157740))
- [Quarantine a flaky test](c0871506caa5e628605add1bf040546d7b788468) ([merge request](157246))
- [Quarantine a flaky test](c4b1fc1e8a5a275135f27061235dfa825c12f488) ([merge request](156993))
- [Quarantine a flaky test](fb5441026837dd5bbaa048136e8d44e6e6180b6c) ([merge request](157712))
- [Prepare ci_pipelines.autocancel_by_id for composite primary key](818302e3c6bd466acafdfa5062d74e84c98d53cb) ([merge request](157619))
- [Finalize BackfillEpicIssuesIntoWorkItemParentLinks migration](95898c8f7b2329fb0c854c8a5b179496dea9391d) ([merge request](157974))
- [refactor: Increase test code quality for package controller test](b40706054a43e93f17016061d1d5b34265abe29c) by @gerardo-navarro ([merge request](149383))
- [Add partitioned FK from ci_sources_pipelines to ci_pipelines](3d19f526f0deee5ef049df819f92fbe82493fef8) ([merge request](157947))
- [Remove default values for ci_sources_projects#partition_id](84427538e86c952dd4da3e6121795925ee0ef83d) ([merge request](157909))
- [Add and backfill group_id for packages_debian_group_components](a610218dd24bd0589ffb8d197fbd79254829f5f0) ([merge request](157905))
- [Add spec to verify FeatureFlagReferenceFilter N+1](6a57b5d86957ca675debd1f684c7629dbadcb30f) by @jzeng88 ([merge request](157866))
- [Finalize migration ConvertCreditCardValidationDataToHashes](c55d426e46aebcd4dd786a7705668bac8b0b1d45) ([merge request](157836))
- [Add test for N+1 query for VulnerabilityReferenceFilter](ae717f7d3b513c9cc94a0051905a25f31b0e6778) by @jzeng88 ([merge request](157853)) **GitLab Enterprise Edition**
- [Rspec Test Order:Run spec in random order](32dd8048a8ecdb4397502171130fbb2b4d101696) by @Deepak18-06 ([merge request](157844))
- [Revert "Merge branch 'bwill/optimize-top-bound-lineage-search' into 'master'"](05d6aa37ff18eb424567b3631bce94ca12a2d7c2) ([merge request](157799))
- [Mark 20230719094243 as obsolete](04189615cbf59008f3faca617333ab94523b3a91) ([merge request](157373)) **GitLab Enterprise Edition**
- [Resolve Layout/ArgumentAlignment offenses 76](0780a7089def55a53cfabbd815b1c9258d50ece8) by @gauravmarwal ([merge request](151273))
- [Create Dependencies::DependencyListExport::Part model](611693796c17c26017925e8284024a286f7d5923) ([merge request](157638))
- [Add and backfill project_id for packages_debian_project_architectures](31b760f990afd45856d6b9b453e2cce0437d8ff7) ([merge request](157767))
- [Add partitioned FK from p_ci_stages to ci_pipelines](764b3d35fdfda65d8f53a69764cd43618e478c63) ([merge request](157753))
- [Add partitioned FK from p_ci_builds to ci_pipelines](e70f1a202ee685a29473b7c19a7af1f5d6f9bf57) ([merge request](157750))
- [Mark 20230719144243 as obsolete](69194636e77626e80f69f41b626da7fea2e712a9) ([merge request](157375)) **GitLab Enterprise Edition**
- [Mark 20230628094243 as obsolete](69ebc4a04186d13151807c587d53ccc8aca3bb83) ([merge request](157367)) **GitLab Enterprise Edition**
- [Mark 20230702000000 as obsolete](af4b7fb6a2d92fa6e0521809cca5a7891d186d69) ([merge request](157369)) **GitLab Enterprise Edition**
- [Mark 20230711140500 as obsolete](aeb55e4c74b5cf5382377d23d30462139cfda6fe) ([merge request](157372)) **GitLab Enterprise Edition**
- [Add and backfill project_id for packages_debian_project_components](3a2d5db6f51b0bf98b3a3e53bb0ded82ee92e206) ([merge request](157626))
- [Mark 20230719142200 as obsolete](a884e64586bfe172d2d7fd17628172a33856c71a) ([merge request](157374)) **GitLab Enterprise Edition**
- [Mark 20230703112233 as obsolete](4c875ae756b3849756fe1385a8cb84db743d4ecd) ([merge request](157370)) **GitLab Enterprise Edition**
- [Remove ignored MemberRole columns](6bb23bcf406e5e7956d66b3c4ac28ddc04be7ee4) ([merge request](156264))
- [Set internal bots profiles to be private and confirmed](f7602f946c819b60e3a54826caa84ee146262826) ([merge request](157557))
- [Finalize migration BackfillSbomOccurrencesTraversalIdsAndArchived](dda5e8c948fa9fb5c481a8673dc81c2bde079d5b) ([merge request](157235))
- [Mark 20230628094700 as obsolete](7e1286ec975ad0f14341be82b52fc934800309b9) ([merge request](157368)) **GitLab Enterprise Edition**
- [Add and backfill project_id for ml_candidate_metadata](c3e5edf00691b71c71b7531e067713fa72f0cd3e) ([merge request](157484))
- [Add and backfill project_id for packages_dependency_links](0fc3dbc2be113adb6e36dd330f4a01c67dad708c) ([merge request](157483))
- [Add not null constraint](49fee3d2b8383a6731771126f24298279d6edd2b) ([merge request](156893)) **GitLab Enterprise Edition**
- [refactor: Apply best practices to feature test new project](65cbde5ccd5684f04d803bc83b95c2625cf591ba) by @gerardo-navarro ([merge request](154086))
- [Rspec Test order: run test in random order](58eafbe8bd0ec62cf1654ba691faf9f965b0b419) by @Deepak18-06 ([merge request](157178))
- [Quarantine a flaky test](664b950a95565920a92202dfe46f0d7ee8996dce) ([merge request](156997))
- [Quarantine a flaky test](dd31ad79eab6af213aa840eb093df5bceab693cd) ([merge request](157395))
- [Mark 20230710142700 as obsolete](25bd3ba8c783dcc885d6373cc09400a659cfe888) ([merge request](157371)) **GitLab Enterprise Edition**
- [Remove initialize_processable from Seed::Build](38fd3829c473eca7f851eb38110e4c993fd72ff6) by @Deepak18-06 ([merge request](157260))
- [Quarantine a flaky test](b39d6cf95cd307b3fad5de9b36fc8d201f3b0bf8) ([merge request](157247))
- [Quarantine a flaky test](5c6062bae55449c954f9eb37e11f0d811f740efa) ([merge request](157245))
- [Remove unused deployments indexes on .com](f8389ff2d52178bd0be63dabb5dc95f8135c3c3b) ([merge request](157136))
- [Implement cars resolver](041224188e2c073a4023d81c7331ee0594b1ed5c) ([merge request](156145)) **GitLab Enterprise Edition**
- [Add and backfill project_id for ml_model_metadata](f8cdfcee0b0276be4099c34512572aebb224f1cc) ([merge request](157191))
- [Add and backfill project_id for merge_requests_closing_issues](1ec02dca526dc018a2de5d978b28afc10dd6f362) ([merge request](157186))
- [Add and backfill project_id for vulnerability_external_issue_links](4228c0d5f787b0fac105895bf845fb04d7877e98) ([merge request](157179))
- [Add and backfill project_id for packages_conan_metadata](11ecfcd0a9bb13be235e91949bfacfa2d933a74d) ([merge request](156254))
- [Finalize migration BackfillProjectStatisticsStorageSizeWithRecentSize](34511dfdee1149d549f9ce5aea44afa3c0afa98f) ([merge request](155152))
- [Quarantine a flaky test](2642174f2cc89fb8fe8f94f2cb4808328078c3da) ([merge request](157005))
- [Quarantine a flaky test](aff7cb9815d4497d005185efba1bd7fd6ddceb1b) ([merge request](157107))
- [Check for N+1 in IssueReferenceFilter](a39910d8e7deed3e4f60ee7e014467c0271e6ddc) by @Deepak18-06 ([merge request](157110))
- [Drop `security_findings_confidence_idx` index from `security_findings`](2809cb8dd101755f59ae19ef2d87d93900baaa52) ([merge request](157071))
- [Add and backfill project_id for packages_maven_metadata](a03846af1541deaab1ebc9341d12193231f1d879) ([merge request](157034))
- [Add and backfill project_id for vulnerability_finding_evidences](8709db853647b5d2afa117c34d1ffda55dde47d1) ([merge request](157032))
- [Add and backfill project_id for merge_request_reviewers](ddd51bad31a2ab6ede4eb532a2e11e907291dccc) ([merge request](157031))
- [Finalize migration BackfillUsersColorModeId](570f26edab95ec24120e8fdbde7f6d4ca33ff1bc) ([merge request](157013))
- [Quarantine a flaky test](2d68f1a36f6e899d587eda74156571128c95d5c8) ([merge request](156994))
- [Quarantine a flaky test](4081d47da3c5a1d96f79a0ace12ac792711392d9) ([merge request](156992))
- [Merge ExtractsRef into ExtractsPath](6a6aa68de80b2abaf8fd0329000d423d04ff5805) ([merge request](155245))
- [Add new column to store organization project & group sorting options](9f8081fe25dc8f3a11c628b3bc83768bbc1debab) ([merge request](154899))
- [Remove imported column from relevant tables](42623a62be2315ad601e1fb88f314a29c649a7b5) ([merge request](156540))
- [Add and backfill namespace_id for vulnerability_finding_signatures](0586512f2b76761a30f551a508e1ff7738c071d5) ([merge request](156794))
- [Add post_migrate to remove invalid record](1107cd52bf22de3fcd2e7cb1f400d858b136217e) ([merge request](156518)) **GitLab Enterprise Edition**
- [Remove default values ci_pipeline_messages#partition_id](ea6d8bc0acb8e1f4866d08738c8fdb219cd0f94f) ([merge request](155397))
- [Drop merge_requests_closing_issues.closes_work_item column](9f920558b3a917d2775a608f75864ec666893f17) ([merge request](156677))
- [Resolve Layout/ArgumentAlignment offenses 88](6f30b452ccb6c137340cf5d4694f5c71f680b631) by @gauravmarwal ([merge request](151289))
- [Add a new model that will handle abuse report notes](33f329bec6779bb8a50f6aac28e4859483e973ac) ([merge request](156146))
- [Add and backfill project_id for protected_tag_create_access_levels](35ec77d7d15cb131bde663ac124c5e9e5cc7326a) ([merge request](156637))
- [Add and backfill project_id for vulnerability_findings_remediations](a03c4ff338e3aaa2cf601301d9058a5d3a427256) ([merge request](156634))
- [refactor: Remove rubocop issues](dba1531363d33bef26bed333ffb28507dbbab9a4) by @gerardo-navarro ([merge request](154189))
- [Change catalog resource last 30-day count updated_at](91194027ef72015493c3c8288506a333683c9bdf) ([merge request](156575))
- [Finalize BackfillPartitionIdCiPipelineMessage](d2591c0ed7caa0e5bfc012eb5b9859a7afe8d4b9) ([merge request](155219))
- [Protected packages: Shorten GraphQL field `protectionRuleExists` Part 3](13e610a4c2437d24597338829f43b5fcfd1c9217) by @gerardo-navarro ([merge request](152376))
- [Add and backfill project_id for vulnerability_flags](a5d8dae907e70bee6d66d67a2c55eef3e4a04fce) ([merge request](156323))
- [Add and backfill project_id for merge_request_context_commits](b1860549c3328b6c864c99ad1f952297e18ca643) ([merge request](156255))
- [Add and backfill namespace_id for issue_links](d0c9b0f5fe1c316a51b209a8f0679de24c52bc2e) ([merge request](156257))
- [Add and backfill group_id for related_epic_links](69d1111d555041a6d3b1086b5cbdaae119c2d33c) ([merge request](156251))
- [Quarantine a flaky test](f1913e6a3bfa16d996c053073e3b3dca2fb5ff1f) ([merge request](155940))
- [Quarantine a flaky test](121d4e81b497b6795650aef58122a92222d91894) ([merge request](155349))
- [Remove "use_remote_mirror_destroy_service" feature flag](74e1e921d003960afd6f259384aee2dfec18f30e) ([merge request](155852))
- [Protected containers: Cleanup renaming of protected_up_to_access_level](4606b5ef64f75acdd581258a0b93034195626e83) by @gerardo-navarro ([merge request](146177))

Jenkins 2.468
Major features and improvements:
* [JENKINS-69869] - Categorize the user properties (#7268) @Wadeck

Changes for plugin developers:
* Allow administrative monitors to be displayed for users with `Overall/MANAGE` permission (#9437) @Vlatombe
All contributors: @Vlatombe, @Wadeck, @basil, @dependabot, @dependabot[bot], @jenkins-release-bot, @jglick, @renovate and @renovate[bot]

Kubernetes v1.27.16
Important Security Information:
This release contains changes that address the following vulnerabilities:

CVE-2024-5321: Incorrect permissions on Windows containers logs A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

**Affected Versions**:

- kubelet <= 1.27.15
- kubelet <= 1.28.11
- kubelet <= 1.29.6
- kubelet <= 1.30.2

**Fixed Versions**:

- kubelet 1.27.16
- kubelet 1.28.12
- kubelet 1.29.7
- kubelet 1.30.3

This vulnerability was reported by Paulo Gomes @pjbgf from SUSE. **CVSS Rating:** Medium (6.1) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Changes by Kind
Feature:

- Kubernetes is now built with go 1.22.4 (#125701, @cpanato) [SIG Release and Testing]
- Kubernetes is now built with go 1.22.5 (#125898, @cpanato) [SIG Release and Testing]

Bug or Regression:

- NONE (#126126, @cji) [SIG Node and Windows]

Dependencies
Added:

_Nothing has changed._

Changed:

_Nothing has changed._

Removed:

_Nothing has changed._

Kubernetes v1.29.7
Important Security Information:
This release contains changes that address the following vulnerabilities:

CVE-2024-5321: Incorrect permissions on Windows containers logs A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

**Affected Versions**:

- kubelet <= 1.27.15
- kubelet <= 1.28.11
- kubelet <= 1.29.6
- kubelet <= 1.30.2

**Fixed Versions**:

- kubelet 1.27.16
- kubelet 1.28.12
- kubelet 1.29.7
- kubelet 1.30.3

This vulnerability was reported by Paulo Gomes @pjbgf from SUSE. **CVSS Rating:** Medium (6.1) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Changes by Kind
Feature:

- Kubernetes is now built with go 1.22.4 (#125668, @cpanato) [SIG Release and Testing]
- Kubernetes is now built with go 1.22.5 (#125896, @cpanato) [SIG Release and Testing]

Bug or Regression:

- Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. (#125970, @carlory) [SIG Node]
- Drop additional rule requirement (cronjobs/finalizers) in the roles who use kubectl create cronjobs to be backwards compatible (#124883, @ardaguclu) [SIG CLI]
- Fix a bug that Pods could stuck in the unschedulable pod pool if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods. DRA plugin is the only plugin that meets the criteria of the bug in in-tree, and hence if you have `DynamicResourceAllocation` feature flag enabled, your DRA Pods could be affected by this bug. (#125644, @sanposhiho) [SIG Scheduling and Testing]
- Fix endpoints status out-of-sync when the pod state changes rapidly (#125675, @tnqn) [SIG Apps, Network and Testing]
- For statically provisioned PVs, if its volume source is CSI type or it has migrated annotation, when it's deleted, the PersisentVolume controller won't changes its phase to the Failed state. With this patch, the external provisioner can remove the finalizer in next reconcile loop. Unfortunately if the provious existing pv has the Failed state, this patch won't take effort. It requires users to remove finalizer. (#126044, @carlory) [SIG Apps and Storage]
- Kubeadm: do not exit with an error if the "super-admin.conf" cannot create a ClusterRoleBinding for the "cluster-admin" user, due to the ClusterRoleBInding already existing. (#125821, @neolit123) [SIG Cluster Lifecycle]
- NONE (#126128, @cji) [SIG Node and Windows]

Dependencies
Added:

_Nothing has changed._

Changed:

_Nothing has changed._

Removed:

_Nothing has changed._

Kubernetes v1.28.12
Important Security Information:
This release contains changes that address the following vulnerabilities:

CVE-2024-5321: Incorrect permissions on Windows containers logs A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

**Affected Versions**:

- kubelet <= 1.27.15
- kubelet <= 1.28.11
- kubelet <= 1.29.6
- kubelet <= 1.30.2

**Fixed Versions**:

- kubelet 1.27.16
- kubelet 1.28.12
- kubelet 1.29.7
- kubelet 1.30.3

This vulnerability was reported by Paulo Gomes @pjbgf from SUSE. **CVSS Rating:** Medium (6.1) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Changes by Kind
Feature:

- Kubernetes is now built with go 1.22.4 (#125670, @cpanato) [SIG Release and Testing]
- Kubernetes is now built with go 1.22.5 (#125897, @cpanato) [SIG Release and Testing]

Bug or Regression:

- Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. (#125970, @carlory) [SIG Node]
- Fix a bug that Pods could stuck in the unschedulable pod pool if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods. DRA plugin is the only plugin that meets the criteria of the bug in in-tree, and hence if you have `DynamicResourceAllocation` feature flag enabled, your DRA Pods could be affected by this bug. (#125645, @sanposhiho) [SIG Scheduling]
- Fix endpoints status out-of-sync when the pod state changes rapidly (#125675, @tnqn) [SIG Apps, Network and Testing]
- For statically provisioned PVs, if its volume source is CSI type or it has migrated annotation, when it's deleted, the PersisentVolume controller won't changes its phase to the Failed state. With this patch, the external provisioner can remove the finalizer in next reconcile loop. Unfortunately if the provious existing pv has the Failed state, this patch won't take effort. It requires users to remove finalizer. (#126045, @carlory) [SIG Apps and Storage]
- NONE (#126127, @cji) [SIG Node and Windows]

Dependencies
Added:

_Nothing has changed._

Changed:

_Nothing has changed._

Removed:

_Nothing has changed._

Kubernetes v1.30.3
Important Security Information:

This release contains changes that address the following vulnerabilities:
### CVE-2024-5321: Incorrect permissions on Windows containers logs
A security issue was discovered in Kubernetes clusters with Windows nodes
where BUILTIN\Users may be able to read container logs and NT
AUTHORITY\Authenticated Users may be able to modify container logs.

**Affected Versions**:

- kubelet <= 1.27.15
- kubelet <= 1.28.11
- kubelet <= 1.29.6
- kubelet <= 1.30.2

**Fixed Versions**:

- kubelet 1.27.16
- kubelet 1.28.12
- kubelet 1.29.7
- kubelet 1.30.3

This vulnerability was reported by Paulo Gomes @pjbgf from SUSE. **CVSS Rating:** Medium (6.1) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Changes by Kind
Feature:

- Kubernetes is now built with go 1.22.5 (#125895, @cpanato) [SIG Release and Testing]

Bug or Regression:

- Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. (#125970, @carlory) [SIG Node]
- Fix a bug that Pods could stuck in the unschedulable pod pool if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods. DRA plugin is the only plugin that meets the criteria of the bug in in-tree, and hence if you have `DynamicResourceAllocation` feature flag enabled, your DRA Pods could be affected by this bug. (#125643, @sanposhiho) [SIG Scheduling and Testing]
- Fix endpoints status out-of-sync when the pod state changes rapidly (#125675, @tnqn) [SIG Apps, Network and Testing]
- For statically provisioned PVs, if its volume source is CSI type or it has migrated annotation, when it's deleted, the PersisentVolume controller won't changes its phase to the Failed state. With this patch, the external provisioner can remove the finalizer in next reconcile loop. Unfortunately if the provious existing pv has the Failed state, this patch won't take effort. It requires users to remove finalizer. (#126043, @carlory) [SIG Apps and Storage]
- Job: Fix a bug that the SuccessCriteriaMet could be added to the Job with successPolicy regardless of the featureGate enabling (#125455, @tenzen-y) [SIG Apps]
- NONE (#126129, @cji) [SIG Node and Windows]

Dependencies
Added:

_Nothing has changed._

Changed:

_Nothing has changed._

Removed:

_Nothing has changed._

Nodejs/Node v22.5.1
Notable Changes:
This release fixes a regression introduced in Node.js 22.5.0. The problem is known to display the following symptoms:
* Crash with `FATAL ERROR: v8::Object::GetCreationContextChecked No creation context available` [#53902]
* npm errors with `npm error Exit handler never called!` [npm/cli#7657]
* yarn hangs or outputs `Usage Error: Couldn't find the node_modules state file - running an install might help (findPackageLocation)` [yarnpkg/berry#6398]

Commits:
* [`e2deeedc6e`] - _**Revert**_ "**fs**: add v8 fast api to closeSync" (Aviv Keller) [#53904]

Nodejs/Node v22.5.0
Notable Changes:

* [`1367c5558e`] - **(SEMVER-MINOR)** **http**: expose websockets (Natalia Venditto) [#53721]
* [`b31394920d`] - **(SEMVER-MINOR)** **lib**: add `node:sqlite` module (Colin Ihrig) [#53752]
* [`aa7df9551d`] - **module**: add `__esModule` to `require()`'d ESM (Joyee Cheung) [#52166]
* [`8743c4d65a`] - **(SEMVER-MINOR)** **path**: add `matchesGlob` method (Aviv Keller) [#52881]
* [`77936c3d24`] - **(SEMVER-MINOR)** **process**: port on-exit-leak-free to core (Vinicius Lourenço) [#53239]
* [`82d88a83f8`] - **(SEMVER-MINOR)** **stream**: pipeline wait for close before calling the callback (jakecastelli) [#53462]
* [`3a0fcbb17a`] - **test\_runner**: support glob matching coverage files (Aviv Keller) [#53553]
* [`22ca334090`] - **(SEMVER-MINOR)** **worker**: add `postMessageToThread` (Paolo Insogna) [#53682]
### Commits
* [`eb4e370933`] - **benchmark**: add require-esm benchmark (Joyee Cheung) [#52166]
* [`4d4a8338db`] - **benchmark**: add cpSync benchmark (Yagiz Nizipli) [#53612]
* [`3d60b38afa`] - **build**: fix build warning of c-ares under GN build (Cheng) [#53750]
* [`a45c801048`] - **build**: fix build error in sqlite under GN build (Cheng) [#53686]
* [`40032eb623`] - **build**: add gn files for deps/nbytes (Cheng) [#53685]
* [`082799debb`] - **build**: fix mac build error of c-ares under GN (Cheng) [#53687]
* [`b05394ea6a`] - **build**: add version-specific library path for AIX (Richard Lau) [#53585]
* [`6237172eaf`] - **cli**: update `node.1` to reflect Atom's sunset (Aviv Keller) [#53734]
* [`5697938cb7`] - **crypto**: avoid std::function (Tobias Nießen) [#53683]
* [`3cc01aa314`] - **crypto**: make deriveBits length parameter optional and nullable (Filip Skokan) [#53601]
* [`f82e20fdea`] - **crypto**: avoid taking ownership of OpenSSL objects (Tobias Nießen) [#53460]
* [`ad1e5610ec`] - **deps**: update googletest to 4b21f1a (Node.js GitHub Bot) [#53842]
* [`d285d610a0`] - **deps**: update minimatch to 10.0.1 (Node.js GitHub Bot) [#53841]
* [`70f5209c9f`] - **deps**: update corepack to 0.29.2 (Node.js GitHub Bot) [#53838]
* [`4930e12a45`] - **deps**: update simdutf to 5.3.0 (Node.js GitHub Bot) [#53837]
* [`d346833364`] - **deps**: update ada to 2.9.0 (Node.js GitHub Bot) [#53748]
* [`ab8abb5367`] - **deps**: upgrade npm to 10.8.2 (npm team) [#53799]
* [`1ad664905a`] - **deps**: update nbytes and add update script (Yagiz Nizipli) [#53790]
* [`a66f11e798`] - **deps**: update googletest to 34ad51b (Node.js GitHub Bot) [#53157]
* [`9bf61d6a0d`] - **deps**: update googletest to 305e5a2 (Node.js GitHub Bot) [#53157]
* [`8542ace488`] - **deps**: V8: cherry-pick 9ebca66a5740 (Chengzhong Wu) [#53755]
* [`29a734c21d`] - **deps**: V8: cherry-pick e061cf9970d9 (Joyee Cheung) [#53755]
* [`c7624af44a`] - **deps**: update c-ares to v1.32.1 (Node.js GitHub Bot) [#53753]
* [`bbcec9e129`] - **deps**: update minimatch to 9.0.5 (Node.js GitHub Bot) [#53646]
* [`76032fd980`] - **deps**: update c-ares to v1.32.0 (Node.js GitHub Bot) [#53722]
* [`26386046ad`] - **doc**: move MylesBorins to emeritus (Myles Borins) [#53760]
* [`362875bda0`] - **doc**: add Rafael to the last security release (Rafael Gonzaga) [#53769]
* [`a1a5ad848d`] - **doc**: use mock.callCount() in examples (Sébastien Règne) [#53754]
* [`bb960c5471`] - **doc**: clarify authenticity of plaintexts in update (Tobias Nießen) [#53784]
* [`5dd3018eb4`] - **doc**: add option to have support me link (Michael Dawson) [#53312]
* [`0f95ad3d7d`] - **doc**: add OpenSSL security level to TLS docs (Afanasii Kurakin) [#53647]
* [`2d92ec2831`] - **doc**: update `scroll-padding-top` to 4rem (Cloyd Lau) [#53662]
* [`933359a786`] - **doc**: mention v8.setFlagsFromString to pm (Rafael Gonzaga) [#53731]
* [`e17c2618e3`] - **doc**: remove the last \<pre> tag (Claudio W) [#53741]
* [`7f18a5f47a`] - **doc**: exclude voting and regular TSC from spotlight (Michael Dawson) [#53694]
* [`df3dcd1bd1`] - **doc**: fix releases guide for recent Git versions (Michaël Zasso) [#53709]
* [`50987ea833`] - **doc**: require `node:process` in assert doc examples (Alfredo González) [#53702]
* [`fa58d01497`] - **doc**: add additional explanation to the wildcard section in permissions (jakecastelli) [#53664]
* [`28bf1e48ef`] - **doc**: mark NODE\_MODULE\_VERSION for Node.js 22.0.0 (Michaël Zasso) [#53650]
* [`1cc0b41f00`] - **doc**: include node.module\_timer on available categories (Vinicius Lourenço) [#53638]
* [`d224e9eab5`] - **doc**: fix module customization hook examples (Elliot Goodrich) [#53637]
* [`2cf60964e6`] - **doc**: fix doc for correct usage with plan & TestContext (Emil Tayeb) [#53615]
* [`6df86ae056`] - **doc**: remove some news issues that are no longer (Michael Dawson) [#53608]
* [`42b9408f3e`] - **doc**: add issue for news from ambassadors (Michael Dawson) [#53607]
* [`2d1ff91953`] - **doc**: add esm example for os (Leonardo Peixoto) [#53604]
* [`de99d69d75`] - **doc**: clarify usage of coverage reporters (Eliphaz Bouye) [#53523]
* [`519c328dcf`] - **doc**: document addition testing options (Aviv Keller) [#53569]
* [`c6166cdfe4`] - **doc**: clarify that fs.exists() may return false for existing symlink (Tobias Nießen) [#53566]
* [`9139ab2848`] - **doc**: note http.closeAllConnections excludes upgraded sockets (Rob Hogan) [#53560]
* [`19b3718ee1`] - **doc, meta**: add PTAL to glossary (Aviv Keller) [#53770]
* [`80c1f5ce8a`] - **doc, typings**: events.once accepts symbol event type (René) [#53542]
* [`1a21e0f61e`] - **esm**: improve `defaultResolve` performance (Yagiz Nizipli) [#53711]
* [`262f2cb3b6`] - **esm**: remove unnecessary toNamespacedPath calls (Yagiz Nizipli) [#53656]
* [`e29c9453a9`] - **esm**: move hooks test with others (Geoffrey Booth) [#53558]
* [`8368555289`] - **fs**: add v8 fast api to closeSync (Yagiz Nizipli) [#53627]
* [`628a539810`] - **fs**: reduce throwing unnecessary errors on glob (Yagiz Nizipli) [#53632]
* [`076e82ca40`] - **fs**: move `ToNamespacedPath` dir calls to c++ (Yagiz Nizipli) [#53630]
* [`128e514d81`] - **fs**: improve error performance of `fs.dir` (Yagiz Nizipli) [#53667]
* [`603c2c5c08`] - **fs**: fix typings (Yagiz Nizipli) [#53626]
* [`1367c5558e`] - **(SEMVER-MINOR)** **http**: expose websockets (Natalia Venditto) [#53721]
* [`7debb6c36e`] - **http**: remove prototype primordials (Antoine du Hamel) [#53698]
* [`b13aea5698`] - **http, readline**: replace sort with toSorted (Benjamin Gruenbaum) [#53623]
* [`1397f5d9f4`] - **http2**: remove prototype primordials (Antoine du Hamel) [#53696]
* [`f57d3cee2c`] - **lib**: make navigator not runtime-lookup process.version/arch/platform (Jordan Harband) [#53765]
* [`0a01abbd45`] - **lib**: refactor `platform` utility methods (Daniel Bayley) [#53817]
* [`afe7f4f819`] - **lib**: remove path.resolve from permissions.js (Rafael Gonzaga) [#53729]
* [`cbe77b30ca`] - **lib**: move `ToNamespacedPath` call to c++ (Yagiz Nizipli) [#53654]
* [`0f146aac2c`] - **lib**: make navigator properties lazy (James M Snell) [#53649]
* [`0540308bd7`] - **lib**: add toJSON to PerformanceMeasure (theanarkh) [#53603]
* [`b31394920d`] - **(SEMVER-MINOR)** **lib,src,test,doc**: add node:sqlite module (Colin Ihrig) [#53752]
* [`1a7c2dc5ea`] - **meta**: remove redudant logging from dep updaters (Aviv Keller) [#53783]
* [`ac5d7b709d`] - **meta**: change email address of anonrig (Yagiz Nizipli) [#53829]
* [`085ec5533c`] - **meta**: add `node_sqlite.c` to PR label config (Aviv Keller) [#53797]
* [`c68d873e99`] - **meta**: move one or more collaborators to emeritus (Node.js GitHub Bot) [#53758]
* [`5ae8ea489d`] - **meta**: use HTML entities in commit-queue comment (Aviv Keller) [#53744]
* [`ecd8fceb68`] - **meta**: move regular TSC member to emeritus (Michael Dawson) [#53693]
* [`05058f9809`] - **meta**: bump codecov/codecov-action from 4.4.1 to 4.5.0 (dependabotbot]) [#53675]
* [`e272ffa3d6`] - **meta**: bump mozilla-actions/sccache-action from 0.0.4 to 0.0.5 (dependabotbot]) [#53674]
* [`a39407560c`] - **meta**: bump github/codeql-action from 3.25.7 to 3.25.11 (dependabotbot]) [#53673]
* [`e4ce92ee31`] - **meta**: bump actions/checkout from 4.1.6 to 4.1.7 (dependabotbot]) [#53672]
* [`4cf98febe7`] - **meta**: bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (dependabotbot]) [#53671]
* [`c28af95bf5`] - **meta**: bump step-security/harden-runner from 2.8.0 to 2.8.1 (dependabotbot]) [#53670]
* [`dd2157bc83`] - **meta**: move member from TSC regular to emeriti (Michael Dawson) [#53599]
* [`508abfe178`] - **meta**: warnings bypass deprecation cycle (Benjamin Gruenbaum) [#53513]
* [`3c5ec839e3`] - **meta**: prevent constant references to issues in versioning (Aviv Keller) [#53564]
* [`aa7df9551d`] - **module**: add \_\_esModule to require()'d ESM (Joyee Cheung) [#52166]
* [`8743c4d65a`] - **(SEMVER-MINOR)** **path**: add `matchesGlob` method (Aviv Keller) [#52881]
* [`77936c3d24`] - **(SEMVER-MINOR)** **process**: port on-exit-leak-free to core (Vinicius Lourenço) [#53239]
* [`5e4ca9fbb6`] - **src**: update outdated references to spec sections (Tobias Nießen) [#53832]
* [`c22d9d5167`] - **src**: use Maybe\<void> in ManagedEVPPKey (Tobias Nießen) [#53811]
* [`d41ed44f49`] - **src**: move `loadEnvFile` toNamespacedPath call (Yagiz Nizipli) [#53658]
* [`dc99dd391f`] - **src**: fix error handling in ExportJWKAsymmetricKey (Tobias Nießen) [#53767]
* [`ab1e03e8cd`] - **src**: use Maybe\<void> in node::crypto::error (Tobias Nießen) [#53766]
* [`9bde9b254d`] - **src**: fix implementation of `PropertySetterCallback` (Igor Sheludko) [#53576]
* [`021e2cf40f`] - **src**: remove unused ContextifyContext::WeakCallback (Chengzhong Wu) [#53517]
* [`87121a17c4`] - **src**: fix typo in node.h (Daeyeon Jeong) [#53759]
* [`94c7054c8d`] - **src**: document the Node.js context embedder data (Joyee Cheung) [#53611]
* [`c181940e83`] - **src**: zero-initialize data that are copied into the snapshot (Joyee Cheung) [#53563]
* [`8cda2db64c`] - _**Revert**_ "**src**: make sure that memcpy-ed structs in snapshot have no padding" (Joyee Cheung) [#53563]
* [`81767f6089`] - **src**: fix Worker termination when '--inspect-brk' is passed (Daeyeon Jeong) [#53724]
* [`a9db553935`] - **src**: refactor embedded entrypoint loading (Joyee Cheung) [#53573]
* [`3ab8aba478`] - **src**: do not get string\_view from temp string (Cheng) [#53688]
* [`664bf6c28f`] - **src**: replace `kPathSeparator` with std::filesystem (Yagiz Nizipli) [#53063]
* [`cc1f49751a`] - **src**: move `FromNamespacedPath` to path.cc (Yagiz Nizipli) [#53540]
* [`e43a4e07ec`] - **src**: use `starts_with` in node\_dotenv.cc (Yagiz Nizipli) [#53539]
* [`19488fd4ce`] - **src,test**: further cleanup references to osx (Daniel Bayley) [#53820]
* [`4bf62f6cbd`] - **stream**: improve inspector ergonomics (Benjamin Gruenbaum) [#53800]
* [`82d88a83f8`] - **(SEMVER-MINOR)** **stream**: pipeline wait for close before calling the callback (jakecastelli) [#53462]
* [`53a7dd7790`] - **test**: update wpt test (Mert Can Altin) [#53814]
* [`bc480902ab`] - **test**: update WPT WebIDL interfaces (Filip Skokan) [#53720]
* [`d13153d90f`] - **test**: un-set inspector-async-hook-setup-at-inspect-brk as flaky (Abdirahim Musse) [#53692]
* [`ac9c2e6bf2`] - **test**: use python3 instead of python in pummel test (Mathis Wiehl) [#53057]
* [`bac28678e6`] - **test**: do not assume cwd in snapshot tests (Antoine du Hamel) [#53146]
* [`41e106c0c6`] - **test**: use `Set.difference()` (Richard Lau) [#53597]
* [`8aab680f66`] - **test**: fix OpenSSL version checks (Richard Lau) [#53503]
* [`6aa4f0f266`] - **test**: refactor, add assertion to http-request-end (jakecastelli) [#53411]
* [`fbc5cbb617`] - **test\_runner**: remove plan option from run() (Colin Ihrig) [#53834]
* [`c590828ad8`] - **test\_runner**: fix escaping in snapshot tests (Julian Kniephoff) [#53833]
* [`3a0fcbb17a`] - **test\_runner**: support glob matching coverage files (Aviv Keller) [#53553]
* [`e6a1eeb73d`] - **test\_runner**: support module detection in module mocks (Geoffrey Booth) [#53642]
* [`4d777de7d4`] - **tls**: add setKeyCert() to tls.Socket (Brian White) [#53636]
* [`ab9adfc42a`] - **tls**: remove prototype primordials (Antoine du Hamel) [#53699]
* [`03d378ffb9`] - **tools**: update lint-md-dependencies (Node.js GitHub Bot) [#53840]
* [`06377b1b11`] - **tools**: update eslint to 9.7.0 (Node.js GitHub Bot) [#53839]
* [`d6629a2d84`] - **tools**: use v8\_features.json to populate config.gypi (Cheng) [#53749]
* [`d3653fe8ac`] - **tools**: update eslint to 9.6.0 (Node.js GitHub Bot) [#53645]
* [`1e930e93d4`] - **tools**: update lint-md-dependencies to unified\@11.0.5 (Node.js GitHub Bot) [#53555]
* [`317a13b30f`] - **tools**: replace reference to NodeMainInstance with SnapshotBuilder (codediverdev) [#53544]
* [`0e25faea0a`] - **typings**: add `fs_dir` types (Yagiz Nizipli) [#53631]
* [`7637f291be`] - **url**: fix typo (KAYYY) [#53827]
* [`2c6548afd1`] - **url**: reduce unnecessary string copies (Yagiz Nizipli) [#53628]
* [`0f2b57d1bc`] - **url**: make URL.parse enumerable (Filip Skokan) [#53720]
* [`1300169f80`] - **url**: add missing documentation for `URL.parse()` (Yagiz Nizipli) [#53733]
* [`c55e72ed8b`] - **util**: fix crashing when emitting new Buffer() deprecation warning #53075 (Aras Abbasi) [#53089]
* [`5aa216320e`] - **v8**: move `ToNamespacedPath` to c++ (Yagiz Nizipli) [#53655]
* [`9fd976b09d`] - **vm,src**: add property query interceptors (Chengzhong Wu) [#53517]
* [`22ca334090`] - **(SEMVER-MINOR)** **worker**: add postMessageToThread (Paolo Insogna) [#53682]
* [`5aecbefbd5`] - **worker**: allow copied NODE\_OPTIONS in the env setting (Joyee Cheung) [#53596]

Rabbitmq/Rabbitmq-server v3.13.5
RabbitMQ `3.13.5` is a maintenance release in the `3.13.x` [release series]. This upgrade is **highly recommended** to all users currently on earlier `3.13.x` series and in particular `3.13.4`. Starting June 1st, 2024, community support for this series will only be provided to [regularly contributing users] and those who hold a valid [commercial support license]. Please refer to the upgrade section from the [3.13.0 release notes] if upgrading from a version prior to 3.13.0. This release requires Erlang 26 and supports Erlang versions up to `26.2.x`. [RabbitMQ and Erlang/OTP Compatibility Matrix] has more details on Erlang version requirements for RabbitMQ.

Minimum Supported Erlang Version:
As of 3.13.0, RabbitMQ requires Erlang 26. Nodes **will fail to start** on older Erlang releases. Users upgrading from 3.12.x (or older releases) on Erlang 25 to 3.13.x on Erlang 26 (both RabbitMQ *and* Erlang are upgraded at the same time) **must** consult the [v3.12.0 release notes] and [v3.13.0 release notes] first.

Changes Worth Mentioning:
* Release notes can be found on GitHub at [rabbitmq-server/release-notes]

Core Broker
Bug Fixes:
* Quorum queue replicas could fail to recover in certain scenarios. GitHub issue: [#11769]
* Safer AMQP 0-9-1 to AMQP 1.0 (the internal message format) conversion for longer string values. GitHub issue: [#11737]
* When a message that contained an `x-deaths` [dead-lettering] header was republished "as is" by a client, the `time` field in the dead lettering events was not correctly converted for AMQP 0-9-1 clients. GitHub issue: [#11608]
* [Direct Reply-to] failed with an exception when firehose tracing was enabled. GitHub issue: [#11666]

CLI Tools
Bug Fixes:
* `rabbitmqctl export_definitions` failed if cluster contained custom federation upstream set definitions. GitHub issue: [#11612]

MQTT Plugin
Bug Fixes:
* An abrupt client TCP connection closure could result in a spike in that connection's memory footprint. GitHub issue: [#11683]

Shovel Plugin
Enhancements:
* Improved AMQP 1.0 to AMQP 0-0-1 conversion for shovels. Contributed by @luos. GitHub issue: [#10037]

etcd Peer Discovery Plugin
Bug Fixes:
* Nodes now register themselves before running peer discovery, reducing the probability of first (usually) two nodes to boot potentially forming two initial clusters. GitHub issues: [#11647] [#11646]

Consul Peer Discovery Plugin
Bug Fixes:
* Nodes now register themselves before running peer discovery, reducing the probability of first (usually) two nodes to boot potentially forming two initial clusters.

GitHub issues: [#11647] [#11646]

AWS Peer Discovery Plugin
Enhancements:
* Forward compatibility: handle AWS API responses that use empty HTTP response bodies. Contributed by @SimonUnge. GitHub issue: [#11722]

Dependency Changes:
* Ra was [upgraded to `2.13.3`]

Source Code Archives:
* To obtain source code of the entire distribution, please download the archive named `rabbitmq-server-3.13.5.tar.xz` instead of the source tarball produced by GitHub.

View all OpenUpdate editions >

July 25, 2024

Stay Informed

Non-Security Based Updates