What’s new in Eficode ROOT: August 2024

Repositories

Users can now:

• Use repository properties to add meaningful metadata that simplifies repository classification, enhances discoverability, and seamlessly integrates with rulesets. Learn more here.

• Browse and view code in a revamped experience for GitHub repositories, providing a tree pane for browsing files, fuzzy files search, sticky code headers, and more.
• Migrate existing tag protection rules into repository rules. Learn more here.

• Post status updates on projects to share the current status, start date, and target date. Learn more here.
• Migrate projects (classic) to the new projects experience.
• Apply filter to display alerts that are the result of having bypassed push protection in the secret scanning list view.
• Enable code scanning on repositories even if they don’t contain any code written in the languages currently supported by CodeQL. The default setup will automatically trigger the first scan when a supported language is detected on the branch.
• CodeQL will use version 2.16.5.

Elasticsearch

Elasticsearch powers the search functionality on GitHub Enterprise Server instances. The Elasticsearch version will be upgraded from 5.6.16 to 8.7.0.

As a result of the upgrade, all search indexes will be rebuilt. You may experience a degraded search experience during the rebuild, but the instance is otherwise expected to be functional and available. The index rebuild process depends on the size of the data set and could take a few hours to days.

UI/UX

Downscale pasted images on upload (all users)

GitLab enhances the handling of high-resolution images, enabling them to be downscaled during upload. Previously, images were displayed in their original size, which resulted in suboptimal display quality. This improvement ensures large images don’t break the visual flow of the pages they are included in. Learn more here.

Improved wiki user experience (all users)

The new wiki feature improves ease of use, discoverability, and content management in your workflows. Key changes include:

• Easier and quicker cloning with a new repository clone button. This improves collaboration and speeds up access to the wiki content for editing or viewing.
• A more obvious delete option in a more discoverable location. This reduces the time spent searching for it and minimizes potential errors or confusion when managing wiki pages.
• Allowing empty pages to be valid improves flexibility. Create empty placeholders when you need them. Focus on better planning and organization of wiki content, and fill in the empty pages later.

Draggable media in the rich text editor (all users)

Finally, you can now drag and drop media in the rich text editor, significantly enhancing efficiency during editing. Previously, moving media in the rich text editor required you to copy and paste each item manually. This often slowed down the inclusion of media in issues, epics, and wikis. Learn more here.

More UI improvements (all users)

GitLab did a tremendous job refreshing the UI components. But as the old saying goes: “One picture instead of a thousand words. Check out the results here.

OAuth improvements

OAuth 2.0 device authorization grant support (Free, Premium, Ultimate)

This feature enhances the security and flexibility of OAuth 2.0 by enabling devices without browsers or with limited input capabilities to securely request user authorization.

This method streamlines the authentication process for a wide range of devices, expanding the applicability of OAuth 2.0 in diverse environments. Learn more here.

 

^{GitLab OAuth2 device authorization demo}

OAuth authorization screen improvements (Free, Premium, Ultimate)

The latest update includes enhancement of the user interface and user experience of the OAuth authorization process. These refinements make the authorization screens more intuitive and user-friendly, helping to simplify the process of granting permissions while ensuring a smoother and clearer interaction for users during authentication. Learn more here.

^{Oauth authorization screen}

Indicate imported items in UI (Free, Premium, Ultimate)

This enhancement visually marks items that have been imported into the system within the user interface. It allows users to easily distinguish between native and imported elements, improving navigation and management within the application. Learn more here.

Separate wiki page title and path fields (Free, Premium, Ultimate)

Wiki page titles are separate from their paths. In previous releases, if a page title changed, the path would also change, which could cause links to the page to break. Now, if a wiki page’s title changes, the path remains unchanged. Even if a wiki page path changes, an automatic redirect is set up to prevent broken links. Learn more here.

Find project settings by using the command palette (Free, Premium, Ultimate)

This enhancement allows users to quickly access and search for specific project settings directly through the command palette, streamlining navigation and improving efficiency in project configuration.

Try it out by visiting a project, selecting “Search” or “go to…,” entering command mode with “>,” and typing the name of a settings section, like “Protected tags”. Select a result to jump right to the setting itself. Learn more here.

^{Project settings from the command palette}

Resolve to-do items, one discussion at a time (Free, Premium, Ultimate)

This feature enables users to methodically address and resolve individual discussion points listed in their to-do items, promoting a more organized and focused approach to managing tasks and feedback within the platform. Learn more here.

Document modules in the Terraform module registry (Free, Premium, Ultimate)

This perk allows users to systematically document their modules directly within the Terraform Module Registry, facilitating better organization and accessibility of module information for users and teams. This improvement streamlines module management and increases transparency within the Terraform ecosystem. Learn more here.

^{Terraform module documentation}

AI

See multiple GitLab Duo Code Suggestions in VS Code (Premium, Ultimate)

GitLab Duo Code Suggestions in VS Code will now show you if there are multiple suggestions available. Simply hover over the suggestion and use the arrows or keyboard shortcut to cycle through the suggestions. Learn more here.

^{AI suggestions in VS Code}

Model registry available in beta

This feature allows users to manage machine learning models directly within GitLab, facilitating easier versioning, sharing, and collaboration on machine learning projects. The model registry supports various functionalities, such as creating new machine learning models and versions via the GitLab UI, offering a streamlined way to handle machine learning assets.

Vulnerability explanations (Ultimate with GitLab Duo Enterprise)

To make use of this functionality you must have the GitLab Ultimate subscription tier and have paid GitLab Duo Enterprise seats. Then you are provided with detailed descriptions and insights into the vulnerabilities detected within their projects. It helps developers understand the nature and implications of security issues, facilitating more informed decision-making for remediation efforts. Learn more here.

^{Vulnerability explanation}

GitLab Duo Chat and Code Suggestions available in workspaces (Premium or Ultimate with Duo Pro or Duo Enterprise)

This perk brings enhanced AI-powered collaboration and coding assistance directly into user workspaces. It enables seamless interaction with AI tools that offer conversational support and context-aware code recommendations, improving productivity and code quality within the GitLab environment. Learn more here.

In-line code suggestion

GitLab Duo for the CLI (Ultimate with Duo Enterprise)

This new feature is generally available with the GitLab Duo integration for the command-line interface. This advancement brings AI-powered capabilities directly to the CLI, allowing developers to interact with GitLab's features and perform tasks using natural language processing tools while working in their command-line environments.

You can now ask GitLab Duo to help you find the right git command for your needs. For example, use glab duo ask <git question> to have GitLab Duo provide you with formatted git commands to achieve your goals. Take a look at how you can use the tool below:

^{GitLab Duo for the CLI}

Administration

Pages support for mutual TLS in GitLab API calls (all users)

Now you can configure a client certificate for GitLab Pages. This allows you to enable client authentication with the GitLab API, strengthening the security of your GitLab instance. Learn more here.

Project owners receive expiring access token notifications

Both project owners and maintainers with direct membership now receive email notifications when their project access tokens are close to expiring. Previously, only project maintainers received this notification. This helps keep more people informed about upcoming token expiration.

GitLab connector application now available on the Snowflake Marketplace (Premium, Ultimate)

Before this release, audit events could only be accessed from GitLab, with results reviewed using the GitLab UI or set as a streaming destination to receive all audit events as structured JSON. Now you have the ability to have audit events in third-party destinations (such as SIEM solutions like Snowflake) to make it easier to:

• See, combine, manipulate, and report on all of the audit event data from an organization’s multiple systems, including GitLab.
• Look only at specific audit events that they care about so that they can quickly answer the questions they are interested in.
• Have a full picture of what goes on inside GitLab, and be able to review it after the fact.

To make use of this functionality, customers must deploy and manage the application using the Snowflake Marketplace. Learn more here.

^{Gitlab-Snowflake connector}

Enhanced control over who can override user-defined variables (all users)

To better control who can override user-defined variables, GitLab introduced the ci_pipeline_variables_minimum_role project setting. This new setting provides greater flexibility than the existing restrict_user_defined_variables. You can now restrict/override permissions to no users or only users with at least the developer, maintainer, or owner roles. Learn more here.

Disable diff previews in code review emails (all users)

New settings are available in groups and projects to enable organizations to remove diff previews from merge request emails.

When you review code in a merge request and comment on a line of code, GitLab includes a few lines of the diff in the email notification to participants. Some organizational policies treat email as a less secure system or might not control their own infrastructure for email. This can present risks to IP or access control of source code. Learn more here.

^{Merge requests look after disabling diff preview}

New permissions for custom roles (Ultimate)

Now you can create custom roles with the following new permissions:

• Manage merge request settings
• Manage integrations
• Manage deploy tokens
• Read CRM contacts

With custom roles, you can reduce the number of users with the owner role by creating users with equivalent permissions. This helps you define roles that are tailored specifically to the needs of your group, preventing unnecessary privilege escalation. Learn more here.

Pipeline execution policy type (Ultimate)

This functionality allows users to set specific conditions under which their CI/CD pipelines will trigger and execute within their projects. This feature enhances control over the automation processes, ensuring that pipelines run only when necessary, based on predefined rules and conditions set by the user.

The pipeline execution policy has two modes: Inject and override. The inject mode injects jobs into the project’s CI/CD pipeline. The override mode replaces the project’s CI/CD pipeline configuration. Learn more here.

New agent authorization strategy for workspaces (Premium, Ultimate)

This feature provides an enhanced mechanism for securing and managing access permissions for agents operating within various workspaces. It allows administrators to fine-tune authorization settings so that agents have the appropriate level of access to perform their tasks efficiently while maintaining stringent security standards.

To ensure a smooth transition, users on the legacy authorization strategy are automatically migrated to the new strategy. Learn more here.

Assigning frameworks at subgroup compliance center (Premium, Ultimate)

Administrators are enabled to apply specific compliance frameworks directly to subgroups within their organization. By doing so, it simplifies the management of compliance across different teams and projects, ensuring that each subgroup adheres to relevant standards and regulations tailored to their specific needs. Learn more here.

Reporting

New Value Stream Management report generator tool

Decision-makers are empowered to be more efficient and effective in the software development life cycle (SDLC) with the addition of the reports generation tool for Value Stream Management.

With the improved tool, you can schedule DevSecOps comparison metrics reports or the AI impact analytics report to be delivered automatically, proactively, and with relevant information in GitLab issues. Managers can focus on analyzing insights and make informed decisions rather than spending time manually searching for the right dashboard with the required data.

You can access the scheduled reports tool using the CI/CD catalog. Learn more here.

^{New report made with the Value Stream Management report generator tool}

Runner fleet dashboard for groups (Ultimate)

With the runner fleet dashboard for groups, you directly have runner fleet observability and actionable insights in the GitLab UI. Quickly determine the runner's health, and gain insights into runner usage metrics as well as CI/CD job queue service capabilities in your organization’s target service-level objectives.

To make use of the new tool, you must configure the “ClickHouse” analytics database to use the runner usage and wait time to pick job metrics. Learn more here.

^{Fleet dashboard}

Track time on tasks (all users)

Set estimates and record time spent on tasks with a quick action or in the time tracking widget in the task’s sidebar. Time spent on a task can be viewed with the task’s time tracking report. Learn more here.

^{Time tracking tool}

Understand an epic’s progress percentage

See the overall progress of an epic based on the weight completion of its child items. This new progress rollup in the hierarchy widget makes it easier to understand the full scope of work for an epic and track progress as you go. Learn more here.

^{Overall progress of an epic}

Log streaming for Kubernetes pods and containers (Free, Premium, Ultimate)

Monitoring capabilities were enhanced by allowing users to stream real-time logs directly from Kubernetes pods and containers. It provides greater visibility into the operational status and performance of Kubernetes environments, facilitating more efficient troubleshooting and management. Learn more here.

^{Kubernetes pod list and details view}

Deployments and approvals to protected environments trigger an audit event (Premium, Ultimate)

From now on any deployment or approval action within protected environments is automatically recorded as an audit event. This addition enhances security and compliance by providing a detailed and traceable record of all critical changes, aiding in oversight and review processes.

• deployment_started records who started a deployment job and when it was started.

• deployment_approved records who approved a deployment job and when it was approved.

• deployment_rejected records who rejected a deployment job and when it was rejected.

Learn more here.

Container scanning: Continuous Vulnerability Scanning OS support (Ultimate)

Scanning capabilities were extended to support APK and RPM operating system package versions to include ongoing vulnerability assessments across various operating systems within container environments. It ensures continuous security monitoring and protection against vulnerabilities, improving the overall security posture of containerized applications. Learn more here.

User API added to the Snowflake Data Connector (Free, Premium, Ultimate)

In GitLab 17.2, there is support for the Users API to the GitLab Data Connector, which is available in the Snowflake Marketplace app. You can now stream user data from self-managed GitLab instances to Snowflake using the Users API. Learn more.

Project development

Expanded support of custom rulesets in pipeline secret detection (Ultimate)

Custom rulesets now allow customization of secret detection strategies in CI/CD pipelines by supporting a broader range of passthroughs - git and url.

It empowers teams to tailor security measures more precisely to their specific needs, enhancing the effectiveness of secret detection processes. 

The analyzer also now supports:

• Chaining up to 20 passthroughs into a single configuration to replace predefined rules.
• Including environment variables in passthroughs.
• Setting a timeout when loading a passthrough.
• Validating TOML syntax in ruleset configuration.

Learn more here.

Block a merge request by requesting changes (Premium, Ultimate)

This feature allows users to formally block the approval of a merge request by flagging specific changes that need to be addressed. This ensures that all concerns are resolved before the code is merged, enhancing code quality and collaboration within the development process. Learn more here.

^{Merge request blocked due to unresolved concerns}

Merge commit message generation now GA (Ultimate with Duo Enterprise)

This enhancement (now generally available) automates the generation of descriptive commit messages for merge actions, streamlining the documentation process within version control workflows and ensuring clear historical tracking of changes. Learn more here.

Pure SSH transfer protocol for LFS (Free, Premium, Ultimate)

This enhancement introduces a dedicated SSH protocol for handling Large File Storage (LFS) transfers, providing a more secure and efficient method for managing large files within Git repositories. This protocol optimizes data transmission and enhances security measures for large-scale file management. Learn more here.

DAST analyzer updates (Ultimate)

This enhancement improves Dynamic Application Security Testing (DAST) capabilities by introducing updated analyzers that offer more comprehensive scanning, better detection of vulnerabilities, and improved performance. This helps ensure applications are more secure through thorough, efficient testing. Learn more here.

Secret push protection, now available for self-managed, with improved warnings of potential leaks (Ultimate)

This perk enhances security for self-managed environments by providing robust protection against accidental secret disclosures in code pushes. Additionally, it improves the system's ability to warn users about potential secret leaks for better proactive measures in safeguarding sensitive information. Contact us to enable this option. Learn more here.

Several tweaks have been made to the Jenkins user interface, aiming to streamline user interactions and improve overall user experience:

• Help will be displayed in the correct locale if the user has an alternate language option defined in their browser. 
• Alerts have been corrected to get proper highlights. 
• New CSS classes added to avoid conflicts with CSS classes from Bootstrap.

There were also fixes related to the bundled plugins but nothing with significant impact or value.

That’s all for August, see you in September!