15.6 Planning for Manage::Authentication and Authorization
15.6 Milestone: 2022-010-18 to 2022-11-17
%15.5 Planning issue: #17557 (closed)
Boards
- Build Board (%15.6 milestone issues to be built)
- Workflow Board (%15.6 issues in their current workflow states)
- Cross-Functional Prioritization Board
- Bug Prioritization Sisense Dashboard (Handbook page)
Capacity
Preliminary capacity
| Team | Weight |
|---|---|
| frontend | w8 |
| backend | w45 |
Capacity Goals
60% typefeature 10% typemaintenance 30% typebug
Objectives & Themes
- FedRAMP Required Items
- Fix open security bugvulnerability
- Feature rollouts of some things we have behind feature flags - Weak Passwords, Disallow Password Auth
- FY23:ROADMAP work (Custom Roles, Enterprise Users) - These have the direction label applied
- Group SCIM for self-managed
- typemaintenance and typebug work
Security Issue Summary
Product prioritized typefeature list
- New feature work - FY23:ROADMAP items, direction items
-
Main Themes: Customizable Roles, Domain Verification/Enterprise Users, FedRAMP MilestoneRAR Requirement deliverables
-
See Feature Board. Items are stack ranked.
Quality prioritized typebug list
- GitLab.com Group access tokens continue working... (gitlab-org/gitlab#367740 - closed) (W2 priority3 severity3 security bugvulnerability Deliverable )
- https://gitlab.com/gitlab-org/gitlab/-/issues/373299+ (W? priority3 severity3 security bugvulnerability Deliverable )
- Error when removing user's SCIM ID via API (gitlab-org/gitlab#368031 - closed) (W2 priority2 severity2 customer Deliverable )
- Do not allow Group Access Token (bot user) to b... (gitlab-org/gitlab#375676 - closed) (W2 priority2 severity2 customer Deliverable )
- Admins should be blocked from impersonating exp... (gitlab-org/gitlab#332667 - closed) (W2 priority2 severity2 customer SUSImpacting Deliverable )
- Cannot access Admin/credentials Project Access ... (gitlab-org/gitlab#354489 - closed) (W2 priority2 severity2 customer Deliverable )
- Group owner cannot remove their group from a pr... (gitlab-org/gitlab#251137 - closed) ( W3 priority2 severity2 SUSImpacting customer Deliverable )
- `undefined method `[]' for nil:NilClass` except... (gitlab-org/gitlab#366450 - closed) (W? priority3 severity3 customer )
- Group SSO redirects to the sign in page instead... (gitlab-org/gitlab#366076 - closed) (W2 priority3 severity3 customer )
- Requests to `POST /api/:version/groups/:id/memb... (gitlab-org/gitlab#363325 - closed) (W? priority3 severity3)
- Self-managed SAML - bypass 2 factor authenticat... (gitlab-org/gitlab#196131 - closed) (W3 priority4 severity4 SUSImpacting Deliverable )
%15.5 typebug Deliverable currently open (for tracking purpose)
- Automatic Logouts Are Too Frequent (gitlab-org/gitlab#121569 - closed) ( W3 priority2 severity2 SUSImpacting customer Deliverable )
- https://gitlab.com/gitlab-org/gitlab/-/issues/368416+ (W3 priority3 severity3 security bugvulnerability Deliverable )
Engineering prioritized 15.6 typemaintenance list
- Tech debt: Update implementation of PBKDF2+SHA5... (gitlab-org/gitlab#370450 - closed) Deliverable
- Integrate newly created gem supporting Microsof... (gitlab-org/gitlab#365524 - closed) Deliverable
- Fix Service ping failing metrics for manage sta... (gitlab-org/gitlab#374735 - closed) Deliverable
- [Feature flag] Enable SAML Group Sync retain de... (gitlab-org/gitlab#364144 - closed)
- OAuth tokens without expiry in the DB (gitlab-org/gitlab#363355 - closed)
- Drop U2F support (gitlab-org/gitlab#232672 - closed)
- Remove project bots with no membership (gitlab-org/gitlab#276489 - closed)
- Review moving the `GITLAB_THROTTLE_USER_ALLOWLI... (gitlab-org/gitlab#332697)
- Document Git Credential Manager as alternative ... (gitlab-org/gitlab#360905 - closed)
- [Feature flag] Enable sending paginated data fo... (gitlab-org/gitlab#366534 - closed)
- Follow-up from "Update documentation for SCIM i... (gitlab-org/gitlab#371784 - closed)
- https://gitlab.com/gitlab-org/gitlab/-/issues/24675+
- https://gitlab.com/gitlab-org/gitlab/-/issues/28210+
- Epic Convert access token creation form into a Vue c... (gitlab-org&8768) (will break down once ready)
%15.5 typemaintenance currently open (for tracking purpose).
- Disable authentication with auto-generated pass... (gitlab-org/gitlab#357952 - closed) Deliverable in 15.5
- https://gitlab.com/gitlab-org/gitlab/-/issues/365241+ Deliverable in 15.5
- https://gitlab.com/gitlab-org/gitlab/-/issues/365242+ Deliverable in 15.5
- Integrate newly created gem supporting Microsof... (gitlab-org/gitlab#365524 - closed) Deliverable in 15.5
For consideration
Slipped %15.5
Release Post Items
| Status | Issue | Release Post MR |
|---|---|---|
| Ready, issue may land in %15.7 | Transparent SSO enforcement for group members o... (gitlab-org/gitlab#215155 - closed) | Link |
| Moved to %15.7 , need screenshot | Allow group owners to disable 2FA for individua... (gitlab-org/gitlab#372401 - closed) | Link |
| Moved to 15.7 | Enterprise Users - MVC: Automatic Claim of exis... (gitlab-org/gitlab#322039 - closed) | Link |
| Bumped to %15.7 | Prevent users from choosing weak passwords (gitlab-org/gitlab#23610 - closed) | Link |
| Waiting on Evan's final signoff | Add a 'Remember me' checkbox to the SAML author... (gitlab-org/gitlab#379013 - closed) | Link |
Other
Edited by Hannah Sutor