-
-
Add note about private group access 0 of 12 checklist items completed
- Merged
- 15
- Approved
updated -
-
!142037 16.9Category:Continuous Integration Data WarehouseNot Impacted Deliverable HackerOne VerifyP1 WeaknessCWE-284 backend bugvulnerability cicdactive databasereview pending devopsverify grouppipeline execution pipeline:mr-approved priority3 releasedcandidate sectionci security security-fix-in-public severity3 typebug workflowproduction
- Merged
- 80
- Approved
updated -
Adds absolute path check for dashboard config 0 of 1 checklist item completed
- Merged
- 11
- Approved
updated -
-
!140611 16.8Community contribution JiHu impacted backend database databasereview pending devopsfoundations documentation featureenhancement frontend grouppersonal productivity linked-issue pipeline:mr-approved pipeline:skip-undercoverage releasedcandidate sectioncore platform security typefeature workflowproduction
- Merged
- 182
- Approved
updated -
!140159 16.8CI job token Category:Secrets Management ProdSecEngMetricDefense in Depth backend devopsverify documentation feature flag feature flagexists featureaddition frontend grouppipeline security pipeline:mr-approved releasedcandidate sectionci security teamProduct Security Engineering typefeature workflowpost-deploy-db-production
- Merged
- 25
- Approved
updated -
Remove feature flag ci_job_token_scope 1 of 1 checklist item completed!139862 16.8Category:Container Registry Category:System Access Package:P1 Technical Writing api authorization backend devopspackage docsfeature documentation feature flag groupcontainer registry pipeline:mr-approved releasedcandidate sectionci security security-backlogreview-started typefeature workflowpost-deploy-db-production
- Merged
- 20
- Approved
updated -
Add a prefix to SCIM tokens behind a feature flag 3 of 4 checklist items completed!139737 16.8GitLab Premium GitLab Ultimate ProdSecEngMetricDefense in Depth Technical Writing backend devopsgovern direction documentation feature flag frontend groupauthentication pipeline:mr-approved releasedcandidate sectionsec security teamProduct Security Engineering typefeature workflowpost-deploy-db-production
- Merged
- 33
- Approved
updated -
Update security contact and vulnerability disclosure info 1 of 1 checklist item completed
- Merged
- 5
- Approved
updated -
Limit updating `can_create_group` & `projects_limit` to Enterprise Users 1 of 1 checklist item completed!138656 16.7Deliverable Enterprise Users GitLab Premium Technical Writing backend breaking change customer devopsgovern documentation featureenhancement gitlab.com groupauthentication pipeline:mr-approved releasedcandidate saml sectionsec security security-backlogreview-started typefeature workflowpost-deploy-db-production
- Merged
- 30
- Approved
updated -
Fix: Remember me cookie not set when bypassing 7 of 7 checklist items completed
- Merged
- 50
- 3
- Approved
updated -
Add a prefix to deploy tokens 5 of 5 checklist items completed!138438 16.7Category:Continuous Delivery ProdSecEngMetricDefense in Depth Technical Writing backend devopsdeploy documentation featureenhancement frontend groupenvironments pipeline:mr-approved releasedcandidate sectioncd security security-backlogneeds-input teamProduct Security Engineering twfinished typefeature workflowpost-deploy-db-production
- Merged
- 36
- Approved
updated -
Log the status code in the path traversal check middleware 1 of 1 checklist item completed
- Merged
- 13
- Approved
updated -
Support linking to access requests 0 of 1 checklist item completed
- Merged
- 13
- Approved
updated -
Allow administrators to provide public security contact information 12 of 12 checklist items completed!138259 16.7Category:Compliance Management GitLab Free GitLab Premium GitLab Ultimate ProdSecEngMetricPending Technical Writing backend database database-testing-automation databasereviewed devopsgovern direction documentation frontend groupcompliance pipeline:mr-approved releasedcandidate sectionsec security teamProduct Security Engineering typefeature workflowpost-deploy-db-production
- Merged
- 70
- Approved
updated