What’s new in Eficode ROOT: November 2024

Tool usage metrics

We’re excited to introduce a new tool usage feature in our Eficode ROOT developer platform, providing enhanced visibility into tool usage across your organization. Now available for Atlassian and GitLab (GitHub coming soon), this feature helps you monitor license utilization effectively.

The tool usage feature tracks employee engagement over a 30-day period, showing the number of active users in your organization. This means you can quickly identify usage patterns, optimize license allocation, and manage costs associated with underutilized resources.

Additionally, the insights gained can help you spot areas where employ

^{View your license usage in the new feature.}

This upgrade brings essential fixes and optimizations that reinforce our commitment to maintaining a secure and consistent experience. Although Bitbucket 9, Confluence 9, and Jira 10 have been available for a while, we’re opting to stay with the stable lines due to limited plugin support in the newer version, which could impact essential integrations.

We prioritize stability and dependability, keeping your needs at the forefront rather than chasing the latest features.

We’re upgrading GitHub Enterprise Server from version 3.13.3 to 3.13.5 to benefit from important fixes while ensuring a stable experience for our customers. While newer versions offer additional features, we chose not to adopt them due to some known issues that could interfere with day-to-day operations. This conservative approach allows us to provide a reliable environment without introducing disruptions.

Of course, every update has its quirks, but GitLab 17.4.3 promises fewer hiccups and more productivity hacks to keep things on track. So while you’re bundling up for the colder months, take a moment to appreciate the warmth of smoother pipelines and upgraded integrations—it’s the kind of November treat we didn’t know we needed!

Project development

Auto-merge when all checks pass (all users)

This is a new and handy addition for streamlining code review and integration that allows changes to merge automatically once all required checks pass, freeing up developers to focus on the next tasks instead of waiting for manual approvals.

By reducing bottlenecks in the merge process, teams maintain a smoother, faster workflow, saving time and ensuring that approved code gets integrated without delay. It’s a boost in efficiency that promises fewer interruptions and more momentum for development projects. Learn more here.

^{Auto-merge functionality.}

Resend failed webhook requests with the API (all users)

This addition allows teams to easily retry webhook requests that didn't go through initially, reducing the time and hassle of manually re-triggering events.

Feature added API endpoints for resending them:

• Project webhook requests.
• Group webhook requests (Premium and Ultimate tiers only).

It’s a practical boost for reliability, ensuring critical updates are delivered without unnecessary delays or manual intervention. Learn more here.

CI/CD component for code intelligence (all users)

This feature integrates code intelligence directly into the CI/CD process, allowing for smarter, automated analysis of code quality and potential issues before deployment. By catching bugs and inefficiencies early, code quality is enhanced, saving developers from time-consuming manual reviews. It’s like having an extra set of eyes in the pipeline, ensuring that only the best code moves forward, which makes projects more efficient and reliable from the get-go.

Currently, the component supports these languages:

• Go version 1.21 or later.
• TypeScript or JavaScript.

Learn more here.

Non-deployment jobs to protected environments aren't turned into manual jobs (Premium, Ultimate)

This update means that action: prepare, action: verify, and action: access jobs run automatically as configured, streamlining workflows and avoiding the need for manual intervention in protected environments. This enhancement helps reduce friction in CI/CD processes by keeping jobs flowing smoothly, even in protected settings and minimizes the risk of human error during critical tasks.

It’s a small but powerful adjustment that keeps automation intact, ensuring the consistent and efficient execution of all pipeline jobs. To prevent future compatibility issues, you should review your use of these keywords now. Learn more here.

Idempotency keys for webhook requests (all users)

This new feature adds reliability by preventing duplicate webhook events from causing issues. With idempotency keys, even if a webhook is triggered multiple times due to retries or network hiccups, only one instance of the event is processed.

This enhancement streamlines workflows, reducing the risk of unintended duplicates, and making integrations smoother and more predictable. It’s a smart step toward robust, error-free automation, ensuring that each webhook request counts just once, no matter what! Learn more here.

Extension marketplace now available in the Web IDE

GitLab brings the extension marketplace directly into the Web IDE, making it easier than ever to customize your development environment without leaving the editor. With this update, developers can browse, install, and manage extensions on the fly, adding tools and functionality that enhance coding efficiency and flexibility.

This is a welcome boost for productivity, allowing teams to tailor their workspace to meet project needs effortlessly. This built-in marketplace is like a one-stop shop for development boosts, making the Web IDE more powerful and adaptable than ever! Learn more here.

^{Extensions marketplace location.}

UI/UX

Linked files in merge request show first (all users)

This update prioritizes linked files, so reviewers and developers can quickly access relevant documentation or dependencies without sifting through other files. It’s a simple but effective improvement, streamlining the review process and helping teams stay focused on essential content.

This small change promises a more organized, intuitive approach to merge requests, saving time and reducing the chance of missing important information. Learn more here.

^{Linked files view in the merge request.}

Hide CI/CD variable values in the UI (all users)

This feature enhances security by concealing sensitive variable values from the user interface. This means passwords, tokens, and other confidential information stay hidden, reducing the risk of accidental exposure.

By keeping these values private, GitLab strengthens security and gives teams peace of mind when working with sensitive data. It’s a straightforward but valuable safeguard that helps maintain best practices in protecting critical information across the CI/CD pipeline. Learn more here.

^{Settings for the added variable.}

Trigger a flux reconciliation from the cluster UI (all users)

You can now trigger a flux reconciliation directly from the cluster UI, making it easier to sync Kubernetes clusters with the latest code updates.

This feature simplifies cluster management by letting users initiate reconciliations on demand without needing to jump into the command line. It’s a great way to keep environments up-to-date with minimal hassle, helping teams maintain smooth, consistent deployments. Learn more here.

Improved source display for group and project members (all users)

This feature introduces an improved source display for group and project members, making it clearer where each person’s permissions come from. This enhancement means you can now see at a glance whether someone’s access is inherited from a parent group or assigned directly, simplifying permission management and reducing confusion. It’s a small tweak with big benefits, helping administrators manage roles more effectively and ensuring everyone has the right access without the guesswork. Learn more here.

^{Members permit inheritance.}

Administration

List groups invited to a group or project using the groups or projects API (all users)

You can now list groups invited to a group or project directly through the groups or projects API. This feature provides a streamlined way to view all invited groups in one place, making it easier to manage shared access and permissions programmatically.

It’s a practical addition that supports automation and gives administrators a more comprehensive, organized overview of group relationships across projects. Learn more here.

Restrict group access by domain with the groups API (Premium, Ultimate)

This feature introduces the ability to restrict group access by domain using the groups API, offering an extra layer of control over who joins. With this feature, administrators can ensure that only members from specific email domains gain access, adding a simple but effective security measure.

This is especially useful for organizations that want to keep group memberships exclusive to their team or trusted partners, reducing the chance of accidental access. Learn more here.

GitLab pages without wildcard DNS are generally available

GitLab pages without wildcard DNS are now generally available, making it easier to deploy pages even without configuring wildcard DNS records. This update simplifies the setup for users who may not have access to DNS configuration or prefer not to use wildcard settings, enabling faster and more flexible page deployments.

It’s a practical boost for accessibility, letting teams launch GitLab pages with less hassle while still enjoying the same reliable performance. 

If you’d like this feature enabled, please reach out to us! Learn more here.

^{GitLab pages without Wildcard DNS.}

Optional token expirations (all users)

GitLab offers optional token expirations, giving teams the flexibility to set expiration dates on access tokens as needed. This feature enhances security by allowing administrators to ensure that tokens are only valid for as long as necessary, reducing the risk of outdated credentials lingering in the system. It’s a straightforward addition that empowers teams to manage access more proactively, adding another layer of security control with minimal effort. Learn more here.

AI

Summarize issue discussions with GitLab Duo Chat (Ultimate, Duo Enterprise)

Getting up to speed on lengthy issue discussions can be a significant time investment. With this release, AI-generated issue discussion summarization has been integrated with Duo Chat and is now generally available for GitLab.com, self-managed, and dedicated customers. Learn more here.

^{GitLab Duo Chat discussion.}

Authenticate with OAuth for GitLab Duo in JetBrains IDEs (Premium, Ultimate)

The GitLab Duo plugin for JetBrains now offers a more secure and streamlined onboarding process. Sign in quickly and securely with OAuth. It integrates seamlessly with your existing workflow, with no personal access token required. Learn more here.

^{OAuth in the GitLab Duo for JetBrains IDEs.}

Context-aware GitLab Duo Code Suggestions using open tabs (Premium, Ultimate, Duo Pro, Duo Enterprise)

Code Suggestions now leverages the content of your open editor tabs to deliver more relevant and accurate recommendations. This improvement means that GitLab’s AI can better understand the context of your current work, tailoring suggestions to fit seamlessly with the code already in progress. It’s a smart boost to productivity, helping developers write code that aligns with their project context, and making suggestions more useful and on-point. Learn more here.

^{Context-aware GitLab Duo Code Suggestions.}

Reporting

List Kubernetes resource events (all users)

This new feature allows you to list Kubernetes resource events, providing a clearer view of what’s happening in your Kubernetes clusters. You can see events like pod restarts, scaling actions, and error messages directly from GitLab, giving your teams valuable insights into resource activity without switching platforms.

This is a helpful addition that streamlines monitoring, making it easier to stay informed and troubleshoot issues quickly, right from the GitLab interface. Learn more here.

Real-time view on Kubernetes deployments.

Important announcement

Jenkins plans to stop Java 11 support. There is no date yet specified, but we expect that it may be brought in with the next LTS feature release. As we want to be ahead of their plan in November, we intend to upgrade to Java 17.

All agents will get their default Java changed to the 17 version as well. Please make sure to prepare agents that we don’t control for the Java change just after the maintenance we will perform. If you have any questions regarding the process don’t hesitate to contact us!

This won't affect your ability to build older distributions of Java (such as 8 or 11), as this change only concerns the default Java of your agents. As such, if you are managing your own agents, you will have to change the default Java version you're using on your agents. After this, you can select the other JDK versions from within your jobs.

Release 3.71.0+ will require either a H2 or PostgreSQL database and Java 17. All customers with a Pro license will be upgraded to PostgreSQL and ones with OSS to H2. Of course, we will perform all the testing and migration for you!

New Database Migrator Flow

With Sonatype Nexus Repository 3.70, the new Database Migrator Flow simplifies the migration process, making it smoother and more efficient. This feature streamlines data transfer, ensuring that repository information moves over seamlessly without the typical downtime or headaches. It’s designed to help admins migrate databases with confidence, saving time and reducing potential risks during transitions.

This release isn’t just a bug-buster; it brings new features designed to make code review smoother and more thorough. With expanded language support and enhanced analysis tools, SonarQube 10.7 LTS aims to catch issues faster and give you cleaner code as we head into the end-of-year crunch.

AI-generated fix suggestions (available in Early Access in the Enterprise Edition and above)

When investigating an issue, you can ask for an AI-generated fix suggestion and open it directly in your IDE (VS Code, IntelliJ, and Eclipse). Learn more here.

AI code assurance (available starting in Developer Edition)

You can now flag projects as containing AI-generated code. The flagged projects will use the Sonar way quality gate to ensure the AI-generated code is clean. Learn more here.

Automatic synchronization of project permissions and roles with GitLab (available starting in Developer Edition)

When integrating with GitLab, project permissions and custom roles are now automatically synchronized. Learn more here.

New rules for Javascript and Typescript

This feature added 10 new rules that find structure problems in JavaScript and TypeScript code.

Support for Dart (available starting in Developer Edition)

Analysis of Dart is now supported. It includes support for loading coverage data provided by LCOV and more than 70 rules, including cognitive complexity. Learn more here.

Secrets Detection includes more patterns and cloud services (available starting in Developer Edition)

With added support for more than 30 new patterns, SonarQube now covers 146 secret patterns and can detect secrets/tokens generated by 81 cloud services. Learn more here.

Support added for C23

Analysis of C23, the latest major revision of C, is now supported.

Other improvements

Among all the above-mentioned improvements are:

• 7 new preprocessor and code presentation rules inspired by MISRA C++2023.
• 30% increased analysis time on Mac Apple Silicon for C/C++/Objective-C Projects.
• Advanced security rules for the Spring Framework to reach a coverage of 92% for security-sensitive Spring features.