GitLab.org/GitLab: Release v11.1.0-ee

Name: GitLab

Owner: GitLab.org

Release: GitLab 11.1

Released: 2020-04-03

License: MIT

Release Assets:

![31 new features](https://img.shields.io/static/v1?color=108548&label=new+features&labelColor=525252&message=31&style=for-the-badge "New features added in this release") ![418 total badges](https://img.shields.io/static/v1?color=1F75CB&label=total+features&labelColor=525252&message=418&style=for-the-badge "Total features") #### [Ultimate](https://about.gitlab.com/pricing/ultimate/) ![4 new features](https://img.shields.io/static/v1?color=108548&label=new+features&labelColor=525252&message=4&style=flat-square "New features added to this tier in this release") ![36 total badges](https://img.shields.io/static/v1?color=1F75CB&label=total+features&labelColor=525252&message=36&style=flat-square "Total features in this tier")

[Security Dashboard for projects](https://docs.gitlab.com/ee/user/application_security/security_dashboard/index.html) > Security professionals are focused on preventing threats that could harm the applications > they are responsible for. Even after code has been merged into the stable branch or deployed > to production, they need to be able to continually monitor and jump into any problems that > could affect security. > > In order to make their life easier, GitLab 11.1 introduces the Security Dashboard that > reports the latest security status of the default branch for each project. This gives > a very accessible view to Security teams that can easily spot if something is wrong > and if actions must be taken. The new dashboard can be found in the **Project** > menu of the project's side navigation. It is an interactive dashboard, so it can be used > to dismiss false positives or to create issues to solve existing vulnerabilities.
[Container Scanning and DAST reports at pipeline level](https://docs.gitlab.com/ee/user/project/merge_requests/#security-reports) > Security reports in the merge request are very useful to spot new problems that are > introduced by new code, even before the code is merged into `master`. But since the > vulnerabilities can appear even before a merge request is created, sometimes developers > need to know the security status for a specific branch in a specific moment. > > GitLab 11.1 completes the set of security reports shown in the pipeline view, adding both > Container Scanning and DAST. Simply review the `Reports` tab to access all > security information and take the proper actions.
[SAST support for Node.js](https://docs.gitlab.com/ee/user/application_security/sast/) > Static Application Security Testing allows you to spot code vulnerabilities > as soon as your changes are committed to the repository. With this information > available in the merge request, you can fix any detected vulnerabilities, so no > problems will land in production, adopting the 'shift left' approach automatically. > > With GitLab 11.1, we add another great language to the list of supported SAST languages: > **Node.js**. You don’t need to change any setup in your Node.js project. The new language is > automatically detected and tested by the `sast` job.
[Autocomplete epics and labels in epics](https://docs.gitlab.com/ee/user/group/epics/) > In this release, we've improved autocompletion in epics. In particular, when you are typing > in a GitLab Flavored Markdown textbox in an epic (that is, the description or in a comment), > you can type the `&` character, and GitLab will autocomplete search for epics in that group. Similarly, > typing `~` will autocomplete search for labels, similar to issues and merge requests already.
#### [Premium](https://about.gitlab.com/pricing/premium/) ![4 new features](https://img.shields.io/static/v1?color=108548&label=new+features&labelColor=525252&message=4&style=flat-square "New features added to this tier in this release") ![80 total badges](https://img.shields.io/static/v1?color=1F75CB&label=total+features&labelColor=525252&message=80&style=flat-square "Total features in this tier")
[Contribution Analytics redesign](https://docs.gitlab.com/ee/user/group/contribution_analytics/) > We redesigned the Contribution Analytics page for a more readable and > consistent user experience. We've focused on enabling this page to > handle a large number of contributors, so groups are now able to better > understand contribution patterns across many users.
[GitLab subgroups in JIRA Development panel](https://docs.gitlab.com/ee/integration/jira/) > Teams who use JIRA with GitLab have taken advantage of the JIRA Development panel integration. > This feature allows JIRA users to see GitLab merge requests, branches, and commits right > inside the right Development panel of a JIRA issue itself. In particular, you configure the integration > by pointing a JIRA instance to a GitLab top-level group. All projects in that group are now visible > to that JIRA instance. > > With this release, we are extending that visibility so that all projects in that top-level group as well > as all subgroups nesting down are also known to JIRA. This gives even more power in your integration, > allowing you more flexibility to structure your projects in a hierarchy structure on the GitLab > side, without changing how you do issue management on the JIRA side.
[Issue board configuration API](https://docs.gitlab.com/ee/api/boards.html#update-a-board) > We previously released a feature called [Configurable issue boards](https://gitlab.com/gitlab-org/gitlab-ee/issues/2518) > in GitLab 10.2, allowing teams to save a configuration issue scope, per issue board. > This feature is now available via the GitLab API. > > This allows teams to create their own custom and/or even automated workflows. > For example, if you wanted to re-use the same issue board each iteration to > represent your team's workflow, you can now change the configuration's milestone > via the API, and have that be automated through an external script run in between > iterations.
[Geo improvements](https://docs.gitlab.com/ee/administration/geo/replication/configuration.html) (self-managed only) > We continously improve our Geo feature for distributed teams. Some of the noteworthy improvements in GitLab 11.1 include: > > * [Flash message in the secondary Geo node web UI now links to the corresponding page on the primary](https://gitlab.com/gitlab-org/gitlab-ee/issues/4966) > * [Git LFS is now supported for `git push` proxy to the primary node via HTTP](https://gitlab.com/gitlab-org/gitlab-ee/issues/6195) > * [Locked log files are now automatically cleaned up periodically](https://gitlab.com/gitlab-org/gitlab-ee/issues/5533) > * [Geo snapshot is now enabled by default](https://gitlab.com/gitlab-org/gitlab-ee/issues/6692) > * [Geo repository verification is now enabled by default](https://gitlab.com/gitlab-org/gitlab-ee/issues/6803) > * [Performance improvement for repository state queries](https://gitlab.com/gitlab-org/gitlab-ee/issues/6053)
#### Core ![23 new features](https://img.shields.io/static/v1?color=108548&label=new+features&labelColor=525252&message=23&style=flat-square "New features added to this tier in this release") ![302 total badges](https://img.shields.io/static/v1?color=1F75CB&label=total+features&labelColor=525252&message=302&style=flat-square "Total features in this tier")
[File name and path filters for advanced code search](https://docs.gitlab.com/ee/user/search/advanced_search.html) > As teams generate large amounts of source code continuously, searching through all of that > code can be difficult. Having great tools to manage and, in particular, search through > all that source code is critical. > > With this release, we are introducing new advanced search syntax options, allowing you to nail > down your code search via three more granular filters. You can now filter by **filename**, > **file path**, and even **file extension** when searching through repository code, resulting in > more targeted search results. These filters are available in both the Web UI and in the API. > > For Core, these filters are available at the project-level scope. > > For Starter and higher, if you use [Elasticsearch](https://docs.gitlab.com/ee/integration/elasticsearch.html) > with GitLab, the filters are available at the group-level scope and global-level scope additionally. > > For GitLab.com, the filters are available at the project-level scope only for all tiers, since Elasticsearch > is not yet available on GitLab.com. (We are, however, working on [bringing Elasticsearch to GitLab.com](https://gitlab.com/groups/gitlab-org/-/epics/153).)
[Merge request widget info and pipeline sections redesign](https://docs.gitlab.com/ee/user/project/merge_requests/) > In GitLab, merge requests and in particular, the merge request widget, is a powerful feature > showing you many integrated and relevant information and functionality. As such, we want to be > constantly evaluating the design and ensure that the information presented is as easy to consume > as it is useful. > > In this release, we've tweaked the design of the information and pipeline sections, making > them easier to consume by breaking them slightly away from the rest of the widget content.
[Groups dropdown in navigation](https://docs.gitlab.com/ee/user/group/) > Switching between groups should be an easy task that doesn't disrupt > your workflow. To make this step easier than ever, we've added a > dropdown to the Groups link in the top navigation for quick access. > > Searching for a group is now directly available behind a lightweight > dropdown menu, removing the need to navigate away from your work into > a separate view when you're looking for a hard-to-remember group. > Similar to the Projects dropdown, your frequently visited groups > are also displayed.
[View merge request description in the Web IDE](https://docs.gitlab.com/ee/user/project/web_ide/) > When working on a merge request or reviewing a merge request it can > help to refer back to the merge request description for why the changes > were made and further context. > > With this release, instead of having to switch tabs, you can now open > the merge request description side by side with the code directly within > the Web IDE.
[Milestone list pages redesign](https://docs.gitlab.com/ee/user/project/milestones/) > In this iteration, we redesigned the milestone list, including the project list page, > the group list page, and the dashboard list page for a more consistent experience. > > This is a first step in simplifying the design, making it more delightful and usable, ultimately > allowing teams to better manage their milestones.
[GitLab Flavored Markdown with CommonMark](https://docs.gitlab.com/ee/user/markdown.html) > GitLab Flavored Markdown (GFM) allows users to simply and quickly format and style text across GitLab, including > in issues, merge requests, epics, comments, and other places. Up until now, GitLab was using > Redcarpet, an older implementation of Markdown to support GFM. This resulted in > [a number of issues](https://gitlab.com/gitlab-org/gitlab-ce/issues/43011#pros). > > With this release, GFM is now rendered using [CommonMark](http://commonmark.org/), a modern > standard, for new Markdown content. (Existing Markdown content continues to be rendered with Redcarpet. > [See the docs](https://docs.gitlab.com/ee/user/markdown.html) for additional details.) > Besides solving many of the aforementioned issues, CommonMark is more performant. Additionally, > GitHub has also standardized on CommonMark. So GitHub users coming to GitLab will now have the same > experience with Markdown. Additionally, > [in the future when repository Markdown files will be rendered in CommonMark](https://docs.gitlab.com/ee/user/markdown.html#gitlab-flavored-markdown-gfm), > importing GitHub projects to GitLab will render Markdown files the same way. > > Thank you [blackst0ne](https://gitlab.com/blackst0ne) for your contribution!
[Confidential issue quick action](https://docs.gitlab.com/ee/user/project/quick_actions.html) > You can now set an issue to be confidential via a quick action right from the issue comment field. > This allows you to type a comment and set an issue to confidential, all without leaving the keyboard. > > Thank you [Jan Beckmann](https://gitlab.com/kingjan1999) for your contribution!
[Merge request comments Vue.js refactor](https://docs.gitlab.com/ee/user/project/merge_requests/) > Since 2016, when GitLab decided to [adopt Vue.js](https://about.gitlab.com/blog/2016/10/20/why-we-chose-vue/), we've been > using it not only to build new features but also to refactor existing ones in order to allow for more interactive user interfaces > and increased performance. > > In this release, the merge request comments user interface has been rewritten to allow for better control of performance in upcoming > months, as well as set the groundwork for creating new features more efficiently and cleanly using Vue.js. (For example, we are already > working on [batch commenting](https://gitlab.com/gitlab-org/gitlab-ee/issues/1984)). > > See the [ongoing improvements for this refactor](https://gitlab.com/groups/gitlab-org/-/issues?scope=all&utf8=✓&state=opened&label_name[]=mr%20refactor) beyond > what we have already merged for this release.
[Merge request locked state in API](https://docs.gitlab.com/ee/api/merge_requests.html) > In this release, we added the locked state of a merge request to the GitLab API. This was > a previously internal-only state not exposed in the API. A merge request is in this locked > state while the source branch is being merged into the target branch. > > By allowing access to this state in the API, external systems can no access all merge > requests reliably, even merge requests that are in this tranisent locked state.
[Transfer projects between namespaces via API](https://docs.gitlab.com/ee/user/project/settings/#transferring-an-existing-project-into-another-namespace) > In the project settings, Owners can transfer an existing project into another namespace. > This allows for flexible organization of projects within groups and personal userspaces. > > With this release, we add access to this settings via our project API, allowing you to > bulk-move many repositories in one go. > > Thank you [Aram Visser](https://gitlab.com/aramvisser) for your contribution!
[Initialize README on project creation](https://docs.gitlab.com/ee/user/project/working_with_projects.html#create-a-project) > At GitLab, we believe that everybody can contribute. Making the creation of a new GitLab > project as straight-forward and intuitive as possible is an essential step towards this > goal. > > With GitLab 11.1, we introduce a new option to initialize a repository by adding a README > when creating a new project. If this option is checked, a project repository is initialized > with a default master branch which can be cloned right away. > The created README file includes the project name and description.
[Improved user experience on SSH key configuration](https://docs.gitlab.com/ee/ssh/) > Using GitLab, anyone should be able to contribute and push to projects without a daunting > learning curve. With this ideal, we [found](https://gitlab.com/gitlab-org/ux-research/issues/53) > that configuring SSH, a core requirement to start contributing, remains a hard thing to do. > > With this release, we improve the user experience of and documentation for our SSH Keys user setting.
[Improved Web IDE staging and committing](https://docs.gitlab.com/ee/user/project/web_ide/) > In this release we've made it easier to commit your changes in the Web > IDE with a pre-filled commit message and the ability to **Stage & > Commit** your changes with one click. When editing a branch you don't > have write permissions to, like the `master` branch, the Web IDE will > default to the **Create new branch** option, including a prefilled branch > name so you can always commit your changes with a single click. > > Previously, the commit message was not pre-filled and the commit button > would be disabled when opening the Commit panel. This made it hard to > commit changes quickly and it was unclear why the Commit button was > disabled.
['Contribute to GitLab' link](/community/contribute/) > GitLab is only as strong as its community, and nothing energizes us more > than empowering new contributors! > > With this release, we make it easier for GitLab Core and GitLab.com users > to find our GitLab contribution page with a handy link, available right > away from your user profile menu.
[Allow SAML assurance level to bypass 2FA](https://docs.gitlab.com/ee/integration/saml.html#bypass-two-factor-authentication) > In many cases SAML providers already support or even enforce two-factor > authentification natively via an assurance level property. > > With GitLab 11.1, it is now possible to honor the SAML assurance level > allowing to disable the two-factor authentification on GitLab side via a > new SAML configuration option. > > Thank you [Roger Rüttimann](https://gitlab.com/rroger) for your contribution!
[New HEAD method in File API](https://docs.gitlab.com/ee/api/repository_files.html) > Our repository files API allows CRUD (create, read, update and delete) operations on > files stored within your GitLab projects. > > With GitLab 11.1, we add support for the `HEAD` HTTP method to our files API that > allows to just read file metadata. This request could be used to check for a file > size before deciding to download, for example. > > Thank you [Ahmet Demir](https://gitlab.com/ahmet2mir) for your contribution!
[Improved Kubernetes Cluster page design](https://docs.gitlab.com/ee/user/project/clusters/) > We have improved the Kubernetes page design to make use of tabs for each > option when adding a cluster, minimizing the amount of irrelevant options > shown on-screen. > > This is the first step in a series of changes that will enhance the design > of cluster addition and management, making it easier and more intuitive.
[Application Metrics now available in Operations menu](https://docs.gitlab.com/ee/user/project/integrations/prometheus.html) > Viewing your application's performance metrics is now easier and quicker than before, > with the addition of `Metrics` to the `Operations` menu. Clicking on `Metrics` will directly > open the performance dashboard for your `production` environment, if you have one, as well as provide > an easy drop down to change to other environments as desired. > > Previously users had to navigate to the Environments menu, find the desired environment, and then select > Monitoring button. Switching to another environment required going back through this process. With GitLab 11.1, > your production metrics now are just one click away!
[Manage third party offers](https://docs.gitlab.com/ee/administration/settings/third_party_offers.html) (self-managed only) > With GitLab 10.8 we began to inform users of third party offers they might > find valuable in order to advance the development of their projects. > > There may be instances were these offers are not applicable or you simply don't > want them shown on the application. With GitLab 11.1 we introduce the ability > to control the display of third party offers in the administration area, providing > more control over the display of these offers.
[Store user ID in OpenID Connect sub claim](https://docs.gitlab.com/ee/integration/openid_connect_provider.html#introduction-to-openid-connect) > GitLab can be used as an OpenID Connect (OIDC) identity provider to sign into > external services. This layer is built on top of OAuth 2.0. > > In previous version, we were storing the `sub` claim of OIDC based on a hashed > version of the GitLab user ID. This could lead to a potentially unstable API as > the obfuscation is tied to GitLab specific logic. > With GitLab 11.1, we are directly storing the user ID in `sub`, following the > OIDC specification. To allow migration, the previous value is still available in > the `sub_legacy` claim.
[GitLab Runner 11.1](https://docs.gitlab.com/runner) > We're also releasing GitLab Runner 11.1 today! GitLab Runner is the open source project > that is used to run your CI/CD jobs and send the results back to GitLab. > > Most interesting changes in this release include: > > * [Sign RPM and DEB packages](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/922) > * [Update kubernetes vendor to 1.10](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/877) > * [Upgrade helper image alpine 3.7](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/917) > * [Remove go-bindata](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/831) > * [Improve docker timeouts](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/963) > * [Cache the connectivity of live Docker Machine instances](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/909) > * [Detect possible misplaced boolean on command line](https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/932) > > List of all changes can be found in GitLab Runner's [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-runner/blob/v11.1.0/CHANGELOG.md).
[Omnibus improvements](https://docs.gitlab.com/omnibus/) (self-managed only) > - GitLab 11.1 ships with [Mattermost 5.0](https://mattermost.com/blog/mattermost-5-0-intercept-and-modify-posts-advanced-permissions-longer-posts-and-more/), > an [open source Slack-alternative](https://mattermost.com) whose newest release includes a post > interception feature, increased character limit on posts, combined join/leave messages, plus much more. > - Raspberry Pi packages are now available for Raspbian Stretch. > - Omnibus has been updated to 5.6.12. > - Prometheus can now be configured to [read and write to remote services](https://docs.gitlab.com/omnibus/settings/prometheus.html#remote-read-write). > - Prometheus exporters have been updated, and some metric names have changed: node_exporter 0.16.0, alertmanager 0.15.0, postgres_exporter 0.4.6, redis_exporter 0.20.2.
[Performance improvements](https://gitlab.com/groups/gitlab-org/merge_requests?scope=all&utf8=%E2%9C%93&state=merged&label_name%5B%5D=performance&milestone_title=11.1) > Some of the more noteworthy performance improvements in GitLab 11.1 > include: > > * [Merge request diff files for old versions are deleted from the database on merge](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/19670) > * [Web hook logs older than one month are periodically removed](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20183) > * [Pagination of web hook logs has been fixed, ensuring the page for editing web hooks no longer times out](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20247) > * [Improve performance of listing users without projects in the admin area](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20264)

To top