gitlab-org/gitlab-foss v17.10.0

on GitLab

Previously, when you imported groups or projects, you could not see when placeholder users were created.
With this release, we've added timestamps so you can track the progress of your migration and troubleshoot any issues as they occur.

You can now efficiently manage your To-Do List with our improved bulk editing feature. Select multiple to-do items and mark them as done or snooze them in one go, giving you more control over your tasks and helping you stay organized with less effort.

You can now snooze notifications in your To-Do List, allowing you to temporarily hide items and focus on what's most important right now. Whether you need an hour to concentrate or want to revisit a task tomorrow, you'll have fine-grained control over when notifications reappear, helping you manage your workflow more effectively.

With this release, user contribution mapping now supports bulk reassignment by using a CSV file.
If you have a large user base with many placeholder users, group members with the Owner role can:

1. Download a prefilled CSV template.
   
2. Add GitLab usernames or public emails from the destination instance.
   
3. Upload the completed file to reassign all contributions at once.
   

This method eliminates tedious manual reassignment through the UI.
To further streamline large-scale migrations, API support for CSV-based reassignment is now also available.

We're excited to announce significant improvements to the project overview in Your Work, designed to streamline how you discover and access your projects. This update introduces a more intuitive tab-based navigation system that better reflects how users interact with their projects.

• The new Contributed tab (previously Yours) now displays all projects you've contributed to, including your personal projects, making it easier to track your development activity.
  
• Find your individual projects faster with the Personal tab, now prominently featured in the main navigation.
  
• Access team projects through the Member tab (formerly All), showing all projects where you have membership.
  
• The Inactive tab (previously Pending deletion) now provides a comprehensive view of both archived projects and those pending deletion.
  

Further, if you have the appropriate permissions, you can now edit or delete a project directly from the Your Work projects overview.
These changes reflect our commitment to creating a more efficient and user-friendly GitLab experience. The new layout helps you focus on the projects that matter most to your work, reducing the time spent navigating between different project categories.

We value your feedback on this update! Join the discussion in epic 16662 to share your experience with the new navigation system.

We've improved the project creation permission settings to make them more clear, intuitive, and aligned with our security principles. The improved settings include:

• Renamed the "Default project creation protection" dropdown to "Minimum role required for project creation" to clearly reflect the setting's purpose.
  
• Renamed the "Developers + Maintainers" dropdown option to "Developers" for consistency across the platform.
  
• Reordered the dropdown options from most restrictive to least restrictive access level.
  

These changes make it easier to understand and configure which roles can create projects within your groups, helping administrators enforce appropriate access controls more confidently.

Thank you @yasuk for this community contribution!

You can now authenticate to private GitLab Pages sites programmatically using access tokens, making it easier to automate interactions with your Pages content. Previously, accessing restricted Pages sites required interactive authentication through the GitLab UI.

This powerful enhancement increases productivity while maintaining security, giving developers more flexibility in how they interact with and distribute private Pages content.

Tracking and understanding work in progress across GitLab previously required navigating multiple locations, reducing team efficiency and consuming valuable time.

This release introduces GitLab Query Language (GLQL) views Beta so you can create dynamic, real-time work tracking directly in your existing workflows.

GLQL views embed live data queries in Markdown code blocks throughout Wiki pages, epic descriptions, issue comments, and merge requests.

Previously available as an experiment, GLQL views now enter beta with support for sophisticated filtering using logical expressions and operators across key fields, including assignee, author, label, and milestone. You can customize your view's presentation as tables or lists, control which fields appear, and set result limits to create focused, actionable insights for your team.

Teams can now maintain context while accessing the information they need, creating shared understanding, and improving collaboration — all without leaving their current workflow.

We welcome your feedback on GLQL views as we continue to enhance this feature.

GitLab Flavored Markdown has been enhanced with several powerful improvements:

• Improved math and image handling:

  • Disable math rendering limits in your group or self-hosted instance to handle more complex mathematical expressions.
    
  • Control image dimensions precisely using pixel values or percentages to better manage content layout.
    

• Enhanced editor experience:

  • Continue lists automatically when pressing Enter/Return.
    
  • Shift text left or right using keyboard shortcuts.
    
  • Create clear term-definition pairs using description list syntax.
    
  • Adjust video widths flexibly.
    

• Better content organization:

  • Navigate content more easily with auto-expanding summary quick views (add +s to URLs).
    
  • See referenced issue titles render automatically (add + to URLs).
    
  • Organize content modularly using include syntax.
    
  • Create visually distinct callouts and warnings using alert boxes.
    

These improvements make GitLab Flavored Markdown more powerful for teams creating and maintaining documentation while offering greater flexibility in how content is presented and organized.

Issues now share a common framework with epics and tasks, featuring real-time updates and workflow improvements:

• Drawer view: Open items from lists or boards in a drawer for quick viewing without leaving your current context. A button at the top lets you expand to full page view.
  
• Change type: Convert types between epics, issues, and tasks using the "Change type" action (replaces "Promote to epic")
  
• Start date: Issues now support start dates, aligning their functionality with epics and tasks.
  
• Ancestry: The complete hierarchy is above the title and the Parent field in the sidebar. To manage relationships, use the new quick action commands /set_parent, /remove_parent, /add_child, and /remove_child.
  
• Controls: All actions are now accessible from the top menu (vertical ellipsis), which remains visible in the sticky header when scrolling.
  
• Development: All development items (merge requests, branches, and feature flags) related to an issue or task are now consolidated in a single, convenient list.
  
• Layout: UI improvements create a more seamless experience between issues, epics, tasks, and merge requests, helping you navigate your workflow more efficiently.
  
• Linked items: Create relationships between tasks, issues, and epics with improved linking options. Drag and drop to change link types and toggle the visibility of labels and closed items.
  

You can now streamline your workflow and maintain consistency across your projects with description templates for work items (epics, tasks, objectives, and key results).

This powerful addition allows you to create standardized templates, saving you time and ensuring all crucial information is included every time you create a new work item.

When browsing the history of a repository, there might be commits that aren't relevant to otherwise meaningful changes in the project. This can happen during:

• Refactors where you change from one library to another without changing functionality.
  
• Implementation of code formatters or linters that require standardizing the entire codebase.
  

When you look through the history of a project with blame, these kinds of commits make it difficult to understand the changes that occurred. Git supports identifying these commits with a .git-blame-ignore-revs file in your project. GitLab now allows you to toggle the blame view to show or hide these specific revisions in the "Blame preferences" dropdown list, making it easier to understand the history of your project.

We’re also releasing GitLab Runner 17.10 today! GitLab Runner is the highly-scalable build agent that runs your CI/CD jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab.

What's new:

• Perform Autoscaler executor health check before instance usage
  
• Expand Docker executor volumes
  
• Add Docker excecutor configuration for device addition for services
  

Bug Fixes:

• The Windows gitlab-runner-helper image fails due to invalid volume specification for the `/opt/step-runner' path
  
• Repository mirroring for RPM packages is not working properly in GitLab Runner 17.7.0 and later
  
• Running git submodule update --remote in GitLab CI/CD returns an error
  

The list of all changes is in the GitLab Runner CHANGELOG.

The GitLab Dependency Proxy for container images now supports authentication with Docker Hub, helping you avoid pipeline failures due to rate limits and giving you access to private images.

Starting April 1, 2025, Docker Hub will enforce stricter pull limits (10 pulls per IP address) for unauthenticated users. Without authentication, your pipelines might fail once these limits are reached.

With this release, you can configure Docker Hub authentication through the GraphQL API using your Docker Hub credentials, personal access token, or organization access tokens. Support for UI configuration will be available in GitLab 17.11.

Previously, access token expiry notification emails were only sent to direct members of the group and project in which the token was expiring. Now, these notifications are also sent to inherited group and project members, if the setting is enabled. This wider distribution makes it easier to manage the token before expiry.

GitLab administrators can now use a unified API to identify and revoke tokens. Previously, administrators had to use endpoints related to the specific type of token. This API allows revocation regardless of the type. For a list of supported token types, see the Token information API.

Thank you Nicholas Wittstruck and the team from Siemens for your contribution!

When using GitLab as an OpenID Connect (OIDC) provider, you can now configure the duration of ID tokens with the id_token_expiration attribute. Previously, ID tokens had a fixed expiration time of 120 seconds.

Thank you Henry Sachs for your contribution!

You can now trigger webhook events 60 and 30 days before a project or group access token expires. Previously, these webhook events only triggered 7 days before expiry. This is an optional setting that matches the existing email notification schedule for expiring tokens.