Welcome back from your sun-soaked vacation! As you swap beach towels for keyboards, let's dive into the tech tools that will make your return to work a breeze.

Bitbucket 8.19.7 LTS, Confluence 8.9.5, GitLab 17.3.1, SonarQube 10.6, Sonatype Nexus Repository 3.69.0, and Sonatype IQ Server 178 are here to help you manage your code, document your processes, automate your builds, and keep your code quality in check.

So, let’s make the transition from sandy beaches to seamless integrations as smooth as possible. Who says work can’t be as fun as that last poolside cocktail?

Bitbucket 8.19.7 LTS marks an important milestone for users seeking stability and long-term reliability in their version control and code collaboration tools.

The significance of LTS lies in its commitment to regular updates and security patches. With Bitbucket 8.19.7 LTS, you benefit from a version that is not only stable but also continuously maintained by Atlassian. This includes timely fixes for any identified vulnerabilities, ensuring that your repositories and codebases remain secure.

For you, this means faster resolution of security issues and fewer disruptions to your development workflow. It also means that there are no new features, but this version contains all the past ones.

I’m excited to announce the release of Confluence 8.9.5, packed with UI and UX enhancements designed to boost your team's collaboration and productivity.

UI/UX

Customize your profile pic!

You can now add a personal touch to your profile by uploading and setting a profile picture that represents your individuality. This enhancement makes it easier for your team to connect with you visually, fostering a more personalized and engaging collaboration experience. Take a moment to update your profile and let your personality shine through!

Profile picture customizations
Profile picture customizations

Seamlessly copy links to comments

With this update, you can now effortlessly copy direct links to specific comments, making it easier to share and reference important discussions with your team. This enhancement streamlines communication by ensuring that everyone can quickly access the relevant conversations. Try it out and keep your team on the same page with just a click!

Copying a link to the comment
Copying a link to the comment

Resize images in a flash

Now, you can quickly and easily resize images within your pages, giving you more control over your content's visual presentation. This update allows you to adjust images to the perfect size without any hassle, enhancing the overall look and feel of your documentation. Streamline your workflow and make your pages visually appealing with just a few clicks!

Image resizing

Image resizing

More accessibility improvements

To address keyboard user accessibility issues in Team Calendars, changes were made to the space sidebar and watchers management.This release has also placed particular emphasis on accessibly, creating new content in pages and blogs, including inserting links and files.

See the list of resolved tickets for further information.

Security

Tighten security with websudo allowlists

This update enhances your platform's security by allowing you to create and manage allowlists for websudo, ensuring that only trusted IP addresses can access sensitive administrative functions.

With this added layer of protection, you can better safeguard your system against unauthorized access. Strengthen your security measures and keep your Confluence environment secure.

Version 17.3.1 features significant updates to streamline your DevOps process. This release includes enhanced CI/CD pipeline efficiency, improved merge request handling, and advanced security scanning tools. With these new features, managing code, automating workflows, and ensuring secure deployments have never been easier.

Administration

Delete a pod from the GitLab UI (Free, Premium, Ultimate)

Now, you can easily manage your Kubernetes environments by directly deleting pods from the GitLab interface. This update simplifies cluster management, giving you more control without leaving the GitLab UI.

Streamline your workflow and maintain your infrastructure with just a few clicks. Learn more here.

Kubernetes pods overview
Kubernetes pods overview

Easily connect to a cluster from your local terminal (Free, Premium, Ultimate)

This new capability allows you to seamlessly connect to your Kubernetes clusters directly from your local terminal, making it more convenient to manage and interact with your environments. 

With the user access feature of the agent for Kubernetes, you can streamline your development workflow and gain faster access to your clusters without leaving the terminal. Enhance productivity with this effortless connection process. Learn more here.

Agent for Kubernetes
Agent for Kubernetes

Add multiple compliance frameworks to a single project (Premium, Ultimate)

This update allows you to assign multiple compliance frameworks to a single project, ensuring your projects meet various regulatory requirements simultaneously. It simplifies managing compliance across different standards, making it easier to stay aligned with industry regulations. Learn more here.

Compliance center view

Compliance center view

Add authentication to merge request external status checks (Ultimate)

HMAC (Hash-based Message Authentication Code) can now be enabled for your status check. This enhancement allows you to secure your external status checks by adding authentication, ensuring that only authorized systems can provide or validate status updates on merge requests.

It strengthens the integrity of your CI/CD pipeline by preventing unauthorized access to critical checks. Safeguard your development process with this added layer of security. Learn more here.

Adding status check
Adding status check

LDAP group link support for custom roles (Ultimate)

This update allows you to link LDAP groups to custom roles, providing more flexibility in managing user permissions and access control. By integrating LDAP group memberships with your custom roles, you can streamline user management and ensure the right access levels are consistently applied across your projects. Enhance your security and simplify role assignments with this powerful new feature. Learn more here.

List group or project webhook events with the API (Premium, Ultimate)

This update allows you to retrieve a comprehensive list of webhook events for any group or project directly through the API, providing greater visibility and control over your integrations. By easily accessing this data, you can better monitor and manage webhook activity, ensuring your systems stay connected and up to date. Streamline your workflow with this enhanced API capability. Learn more here.

AI

Troubleshoot failed jobs with root cause analysis (Ultimate, Duo Enterprise)

This powerful update helps you quickly identify and understand the underlying reasons for job failures, providing detailed insights directly within the GitLab UI. By pinpointing the root cause, you can resolve issues faster and prevent them from recurring, improving the reliability of your CI/CD pipelines.

Enhance your troubleshooting process and keep your projects on track with this essential new feature. Learn more here.

Resolve a vulnerability with AI (Ultiamte, Duo Enterprise)

This cutting-edge update leverages AI to help you quickly identify and fix security vulnerabilities within your code.

By providing intelligent suggestions and automated fixes, this feature streamlines the remediation process, making your applications more secure with less effort. Enhance your security posture and resolve vulnerabilities faster with the power of AI. Learn more here.

Resolving issues with AI

Resolving issues with AI

AI impact analytics with enhanced sparklines trend visualization (Ultimate, Duo Enterprise)

This update brings advanced AI-driven analytics to your projects, allowing you to visualize trends with enhanced sparklines directly within your dashboards.

These improved visualizations provide clearer insights into project performance and impact, helping you make data-driven decisions with ease. Elevate your analytics and stay ahead with this powerful new tool. Learn more here.

Metric trends with sparklines

Metric trends with sparklines

UI/UX

Report abuse for task, objective, and key result items (Free, Premium, Ultimate)

This feature empowers users to flag and report inappropriate content or misuse directly within tasks, objectives, and key result items. By providing a straightforward way to address concerns, you can maintain a respectful and productive work environment.

Ensure your projects stay focused and aligned with this important new capability. Learn more here.

Abuse reporting feature

Abuse reporting feature

Set parent items for OKRs and tasks (Free, Premium, Ultimate)

This enhancement allows you to link tasks and OKRs to parent items, creating a clear hierarchy and improving the organization of your projects. By setting parent relationships, you can better track progress and ensure alignment with broader objectives. Learn more here.

Linked tasks

Linked tasks

Resolve threads in tasks, objectives, and key results (Free, Premium, Ultimate)

This update allows you to efficiently manage discussions by resolving threads directly within tasks, objectives, and key results.

By closing out completed or addressed conversations, you can keep your workspaces organized and focused. Improve collaboration and maintain clarity in your projects with this new thread resolution capability. Learn more here.

View role details in the right drawer (Free, Premium, Ultimate)

This feature allows you to easily access and review detailed information about user roles directly from the right drawer in the interface. With this enhancement, you can quickly understand role permissions and responsibilities without navigating away from your current view. Learn more here.

Reporting

AI impact analytics: Code suggestions acceptance rate and GitLab Duo seats usage (Ultimate, Duo Enterprise)

This update provides valuable insights into how your team is utilizing AI-driven code suggestions and tracks the acceptance rate, helping you measure the effectiveness of these tools. Additionally, you can monitor GitLab Duo seat usage for maximum value of your AI resources. Enhance analytics and optimize your AI tools with this powerful new feature. Learn more here.

AI impact analytics

AI impact analytics

Merge train visualization (Premium, Ultimate)

This update provides a clear visual representation of your merge train, allowing you to track the progress of queued merge requests and understand their status at a glance. With this enhanced visualization, you can manage your merge process more efficiently, ensuring smooth and conflict-free integrations. Keep your development pipeline flowing smoothly with this insightful new tool Learn more here.

Merge train visualization

Merge train visualization

Project development

Add merge requests to tasks (Free, Premium, Ultimate)

This feature allows you to directly link merge requests to specific tasks for better alignment and tracking of code changes within your project management workflow.

By connecting merge requests to tasks, you can streamline your development process and keep your work organized and efficient.

Enhance your project management with this seamless integration! Learn more here.

Linking issues with merge requests

Linking issues with merge requests

New value stream analytics stage events for cycle time reduction (Premium, Ultimate)

This update provides detailed stage events within value stream analytics, helping you pinpoint areas to reduce cycle time and improve efficiency.

By tracking these specific events, you can better understand your workflow and implement changes that speed up your development process.

Optimize your cycle time and boost productivity with this insightful new feature. Learn more here.

Optimize merge requests review process with value stream analytics

Easily remove content from repositories (Free, Premium, Ultimate)

This enhancement simplifies the process of removing content, making it faster and more intuitive to clean up or update your projects.

Whether you're managing files, comments, or other project elements, this feature streamlines content removal, saving you time and effort. Keep your projects organized and clutter-free with this convenient update. Learn more here.

Blobs removal
Blobs removal

New permission for custom roles (Ultimate)

This update allows you to define and assign specific permissions to custom roles, giving you more granular control over user access and responsibilities. With this added flexibility, you can tailor roles to better fit your team's needs and ensure the right level of access for every user. Learn more here.

Other UI, performance, and bug fixes

Click the links below to see all the bug fixes, performance enhancements, and UI improvements we’ve delivered in 17.3.

Jump into SonarQube, where developers get their big slice of the features pie. There are simplifications, updates to rules, and new features in “connected mode.”

Branch and pull request overview simplified

Duplication of failed quality gate conditions has been reduced. New and overall code are presented in their own tabs, improving focus on new code while practicing Clean as You Code.

Clean as You Code (CaYC) in-product guided tour

The project page offers an in-product guided tour that explains the basics of Clean as You Code and the main concepts behind the methodology.

Set rule priority to uphold your coding standards (Enterprise Edition)

A dev manager or anyone who determines company code standards can now configure the priority of rules in the quality profile and add a quality gate condition to the overall code so that developers can address the corresponding issues before the next release.

Connected mode

Open issues from SonarQube in Visual Studio

In connected mode, you can now open an issue from SonarQube in Visual Studio (available in all IDE flavors). Learn more about connected mode.

Report dataflow bugs in VS Code and IntelliJ (starting in Developer Edition)

In connected mode, SonarLint reports in VS Code and IntelliJ the Java and Python dataflow bug detection (DBD) issues that can be detected by analyzing a single file.

Share connected mode setup with other contributors

It’s now possible to share a connected mode setup configuration file with your team, simplifying the process.

For details, see the "sharing your setup" section on the team features page of your IDE.

Languages and rules

This release is very rich in new rules and language improvements. I will list the ones that received updates:

  • C++
  • HTML and React/JSX
  • Python
  • Security rules for spring configuration files
  • .Net

Learn more here.

The 3.69.0 release of Sonatype Nexus Repository brings a range of improvements and fixes to enhance performance, security, and usability.

Configure user token expiration (Pro only)

This feature allows administrators to set expiration times for user tokens, providing greater control over their lifecycle management and improving security by ensuring they are valid for a specified duration.

By configuring token expiration, administrators can minimize the risk of unauthorized access through expired or compromised tokens, thereby strengthening the overall security of the Nexus environment. Learn more here.

SAML integration improvements (all users)

These improvements provide more robust and seamless authentication, ensuring better compatibility and reliability when connecting Nexus Repository with SAML identity providers. This update simplifies the configuration process and improves security by streamlining user authentication, making it easier for organizations to manage access across their systems.

Sonatype IQ Server versions 177 and 178 introduced significant updates, focusing on enhanced security and improved performance. Version 177 includes improvements to the vulnerability detection system, allowing for more precise identification of threats in software components. Version 178 further builds on these changes by optimizing the user interface for better usability and integrating advanced machine-learning features to predict potential security risks.

These updates reinforce Sonatype's commitment to providing robust and user-friendly solutions for managing software supply chains.

SBOM manager

The SBOM (Software Bill of Materials) manager enhances the management of open-source components,  providing users with a streamlined way to generate and analyze SBOMs, improving visibility into software dependencies, their associated vulnerabilities, and a detailed vulnerability profile, including transitive dependencies. It facilitates better governance and risk management within the software supply chain by offering detailed insights into the composition and security status of applications. Learn more here.

Dependency Scorecard

Introduced to provide a comprehensive assessment of open-source dependencies within projects, this feature offers a detailed view of the health and risks associated with each dependency, allowing users to quickly identify and address potential security issues.

The scorecard helps organizations make informed decisions about managing their software components, which makes for a more secure and stable software supply chain. Learn more here.

Supply chain monitoring

This new tool provides continuous oversight of open-source components throughout the entire software development lifecycle. It enables real-time detection of vulnerabilities and risks in the software supply chain so that organizations can proactively manage and mitigate potential threats as they arise, even after deployment. Learn more here.

Streamlined workflow for waivers

Introduced to simplify the process of managing policy waivers, this enhancement allows users to create, review, and manage waivers more efficiently, reducing the administrative overhead associated with compliance management.

By improving the workflow, organizations can more easily ensure that waivers are applied correctly and consistently, helping maintain secure and compliant software practices. Learn more here.

Solution switcher for the Sonatype platform

This feature provides a seamless way to switch between various Sonatype solutions within the platform, improving accessibility and efficiency for users managing multiple aspects of their software supply chain. Learn more here.

Notable improvements and bug fixes

Compatibility with Chrome cookie deprecation

Sonatype implemented cookie-free embedding of all dashboards using Looker™ under data insights, ensuring the normal functioning of all embedded dashboards in Chrome browsers after third-party cookies have been deprecated by Google Chrome.

Fix for Sonatype IQ CLI

The issue of not having an option to set non-proxy hosts while using Sonatype IQ CLI has been resolved. Users can now configure no-proxy lists while using Sonatype IQ CLI in environments such as Azure DevOps.

That’s all for September, see you in October!

Published: Sep 2, 2024

Eficode ROOTrelease notes