GitLab.com is moving to 15.0 with a few breaking changes
GitLab 15.0 is coming to GitLab.com. Along with the exciting new features, it also includes planned deprecations because it is our major version release for 2022. We try to minimize breaking changes, but some changes are needed to improve workflows, performance, scalability, and more. These changes will go live on GitLab.com sometime between April 23 – May 22, through our daily deployments, leading up to the official release of 15.0 on May 22. Keep reading to learn more about these important changes. GitLab 15.0 for self-managed users will also be released on May 22. Jump to the list of breaking changes in each stage by clicking below: Manage Audit events for repository push events Announced in 14.3 Audit events for repository events are now deprecated and will be removed in GitLab 15.0. These events have always been disabled by default and had to be manually enabled with a feature flag. Enabling them can cause too many events to be generated which can dramatically slow down GitLab instances. For this reason, they are being removed. External status check API breaking changes Announced in 14.8 The external status check API was originally implemented to support pass-by-default requests to mark a status check as passing. Pass-by-default requests are now deprecated. Specifically, the following are deprecated: Requests that do not contain the status field. Requests that have the status field set to approved. Beginning in GitLab 15.0, status checks will only be updated to a passing state if the status field is both present and set to passed. Requests that: Do not contain the status field will be rejected with a 422 error. For more information, see the relevant issue. Contain any value other than passed will cause the status check to fail. For more information, see the relevant issue. To align with this change, API calls to list external status checks will also return the value of passed rather than approved for status checks that have passed. OAuth implicit grant Announced in 14.0 The OAuth implicit grant authorization flow will be removed in our next major release, GitLab 15.0. Any applications that use OAuth implicit grant should switch to alternative supported OAuth flows. OAuth tokens without expiration Announced in 14.8 By default, all new applications expire access tokens after 2 hours. In GitLab 14.2 and earlier, OAuth access tokens had no expiration. In GitLab 15.0, an expiry will be automatically generated for any existing token that does not already have one. You should opt in to expiring tokens before GitLab 15.0 is released: Edit the application. Select Expire access tokens to enable them. Tokens must be revoked or they don’t expire. OmniAuth Kerberos gem Announced in 14.3 The omniauth-kerberos gem will be removed in our next major release, GitLab 15.0. This gem has not been maintained and has very little usage. We therefore plan to remove support for this authentication method and recommend using the Kerberos SPNEGO integration instead. You can follow the upgrade instructions to upgrade from the omniauth-kerberos integration to the supported one. Note that we are not deprecating the Kerberos SPNEGO integration, only the old password-based Kerberos integration. Optional enforcement of PAT expiration Announced in 14.8 The feature to disable enforcement of PAT expiration is unusual from a security perspective. We have become concerned that this unusual feature could create […]
