[{"data":1,"prerenderedAt":789},["ShallowReactive",2],{"/en-us/blog/gitlab-releases-15-breaking-changes":3,"navigation-en-us":37,"banner-en-us":436,"footer-en-us":446,"blog-post-authors-en-us-Brian Rhea":688,"blog-related-posts-en-us-gitlab-releases-15-breaking-changes":702,"assessment-promotions-en-us":740,"next-steps-en-us":779},{"id":4,"title":5,"authorSlugs":6,"body":8,"categorySlug":9,"config":10,"content":14,"description":8,"extension":26,"isFeatured":12,"meta":27,"navigation":28,"path":29,"publishedDate":20,"seo":30,"stem":34,"tagSlugs":35,"__hash__":36},"blogPosts/en-us/blog/gitlab-releases-15-breaking-changes.yml","Gitlab Releases 15 Breaking Changes",[7],"brian-rhea",null,"company",{"slug":11,"featured":12,"template":13},"gitlab-releases-15-breaking-changes",false,"BlogPost",{"title":15,"description":16,"authors":17,"heroImage":19,"date":20,"body":21,"category":9,"tags":22},"GitLab.com is moving to 15.0 with a few breaking changes","These are the features that will be removed in GitLab 15.0.",[18],"Brian Rhea","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667351/Blog/Hero%20Images/14_0_breaking_changes.jpg","2022-04-18","\nNote: This post was updated on May 20, 2022, to reflect the release of GitLab 15.0.\n\n\nGitLab 15.0 has arrived! Along with the [exciting new features](https://youtu.be/1a6-yv6UXsY), it also includes planned removals of [previously deprecated features](https://docs.gitlab.com/ee/update/deprecations.html). Some of these removals are [breaking changes](https://handbook.gitlab.com/handbook/product/categories/gitlab-the-product/#breaking-changes-deprecations-and-removing-features), because this release is a major version release. We try to minimize such breaking changes but sometimes they are needed to improve workflows, performance, scalability, and more. Please keep reading to learn more about these important changes.\n\nTo see all removals in 15.0, visit [GitLab Docs](https://docs.gitlab.com/ee/update/deprecations.html). Jump to the list of breaking changes in each stage by clicking below:\n\n- [Manage](#manage)\n- [Plan](#plan)\n- [Create](#create)\n- [Verify](#verify)\n- [Package](#package)\n- [Secure](#secure)\n- [Configure](#configure)\n- [Monitor](#monitor)\n- [Protect](#protect)\n- [Enablement](#enablement)\n- [Ecosystem](#ecosystem)\n- [Platform](#platform)\n\n## Manage\n\n### Audit events for repository push events\n\nAnnounced in 14.3\n\n\nAudit events for [repository events](https://docs.gitlab.com/ee/administration/audit_events.html#removed-events) are removed as of GitLab 15.0.\n\nAudit events for repository events were always disabled by default and had to be manually enabled with a feature flag.\nEnabling them could slow down GitLab instances by generating too many events. Therefore, they are removed.\n\nPlease note that we will add high-volume audit events in the future as part of [streaming audit events](https://docs.gitlab.com/ee/administration/audit_event_streaming.html). An example of this is how we will send [Git fetch actions](https://gitlab.com/gitlab-org/gitlab/-/issues/343984) as a streaming audit event. If you would be interested in seeing repository push events or some other action as a streaming audit event, please reach out to us!\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/337993)\n\n### External status check API breaking changes\n\nAnnounced in 14.8\n\n\nThe [external status check API](https://docs.gitlab.com/ee/api/status_checks.html) was originally implemented to\nsupport pass-by-default requests to mark a status check as passing. Pass-by-default requests are now removed.\nSpecifically, the following are removed:\n\n- Requests that do not contain the `status` field.\n- Requests that have the `status` field set to `approved`.\n\nFrom GitLab 15.0, status checks are only set to a passing state if the `status` field is both present\nand set to `passed`. Requests that:\n\n- Do not contain the `status` field will be rejected with a `400` error. For more information, see [the relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/338827).\n- Contain any value other than `passed`, such as `approved`, cause the status check to fail. For more information, see [the relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/339039).\n\nTo align with this change, API calls to list external status checks also return the value of `passed` rather than\n`approved` for status checks that have passed.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/339039)\n\n### OAuth implicit grant\n\nAnnounced in 14.0\n\n\nThe OAuth implicit grant authorization flow is no longer supported. Any applications that use OAuth implicit grant must switch to alternative [supported OAuth flows](https://docs.gitlab.com/ee/api/oauth2.html).\n\n### OAuth tokens without an expiration\n\nAnnounced in 14.3\n\n\nGitLab no longer supports OAuth tokens [without an expiration](https://docs.gitlab.com/ee/integration/oauth_provider.html#expiring-access-tokens).\n\nAny existing token without an expiration has one automatically generated and applied.\n\n### Optional enforcement of SSH expiration\n\nAnnounced in 14.8\n\n\nDisabling SSH expiration enforcement is unusual from a security perspective and could create unusual situations where an expired\nkey is unintentionally able to be used. Unexpected behavior in a security feature is inherently dangerous and so now we enforce\nexpiration on all SSH keys.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/351963)\n\n### Optional enforcement of personal access token expiration\n\nAnnounced in 14.8\n\n\nAllowing expired personal access tokens to be used is unusual from a security perspective and could create unusual situations where an\nexpired key is unintentionally able to be used. Unexpected behavior in a security feature is inherently dangerous and so we now do not let expired personal access tokens be used.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/351962)\n\n### Required pipeline configurations in Premium tier\n\nAnnounced in 14.8\n\n\n[Required pipeline configuration](https://docs.gitlab.com/ee/administration/settings/continuous_integration.html#required-pipeline-configuration) helps to define and mandate organization-wide pipeline configurations and is a requirement at an executive and organizational level. To align better with our [pricing philosophy](https://handbook.gitlab.com/handbook/company/pricing/#three-tiers), this feature is removed from the Premium tier in GitLab 15.0. This feature continues to be available in the GitLab Ultimate tier.\n\nWe recommend customers use [Compliance Pipelines](https://docs.gitlab.com/ee/user/project/settings/index.html#compliance-pipeline-configuration), also in GitLab Ultimate, as an alternative as it provides greater flexibility, allowing required pipelines to be assigned to specific compliance framework labels.\n\nThis change also helps GitLab remain consistent in our tiering strategy with the other related Ultimate-tier features:\n\n- [Security policies](https://docs.gitlab.com/ee/user/application_security/policies/).\n- [Compliance framework pipelines](https://docs.gitlab.com/ee/user/project/settings/index.html#compliance-pipeline-configuration).\n\n### `omniauth-kerberos` gem\n\nAnnounced in 14.3\n\n\nThe `omniauth-kerberos` gem is no longer supported. This gem has not been maintained and has very little usage. Therefore, we\nremoved support for this authentication method and recommend using [SPNEGO](https://en.wikipedia.org/wiki/SPNEGO) instead. You can\nfollow the [upgrade instructions](https://docs.gitlab.com/ee/integration/kerberos.html#upgrading-from-password-based-to-ticket-based-kerberos-sign-ins)\nto upgrade from the removed integration to the new supported one.\n\nWe are not removing Kerberos SPNEGO integration. We are removing the old password-based Kerberos.\n\n---\n\n## Create\n\n### Feature flag PUSH_RULES_SUPERSEDE_CODE_OWNERS\n\nAnnounced in 14.8\n\n\nThe feature flag `PUSH_RULES_SUPERSEDE_CODE_OWNERS` has been removed in GitLab 15.0. From now on, push rules will supersede CODEOWNERS. The CODEOWNERS feature is no longer available for access control.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/262019)\n\n### `defaultMergeCommitMessageWithDescription` GraphQL API field\n\nAnnounced in 14.5\n\n\nThe GraphQL API field `defaultMergeCommitMessageWithDescription` has been removed in GitLab 15.0. For projects with a commit message template set, it will ignore the template.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/345451)\n\n---\n\n## Verify\n\n### API: `stale` status returned instead of `offline` or `not_connected`\n\nAnnounced in 14.6\n\n\nA breaking change was made to the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints\nin 15.0.\n\nInstead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not\ncontacted the GitLab instance in the past three months, the API endpoints now return the `stale` value,\nwhich was introduced in 14.6.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/347303)\n\n### `artifacts:report:cobertura` keyword\n\nAnnounced in 14.8\n\n\nAs of GitLab 15.0, the `artifacts:report:cobertura` keyword has been replaced by\n[`artifacts:reports:coverage_report`](https://gitlab.com/gitlab-org/gitlab/-/issues/344533). Cobertura is the only\nsupported report file, but this is the first step towards GitLab supporting other report types.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/348980)\n\n### Known host required for GitLab Runner SSH executor\n\nAnnounced in 14.5\n\n\nIn [GitLab 14.3](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3074), we added a configuration setting in the GitLab Runner `config.toml`. This setting, [`[runners.ssh.disable_strict_host_key_checking]`](https://docs.gitlab.com/runner/executors/ssh.html#security), controls whether or not to use strict host key checking with the SSH executor.\n\nIn GitLab 15.0, the default value for this configuration option has changed from `true` to `false`. This means that strict host key checking will be enforced when using the GitLab Runner SSH executor.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28192)\n\n### Runner status `not_connected` API value\n\nAnnounced in 14.6\n\n\nThe GitLab Runner REST and GraphQL [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints\ndeprecated the `not_connected` status value in GitLab 14.6 and will start returning `never_contacted` in its place\nstarting in GitLab 15.0.\n\nRunners that have never contacted the GitLab instance will also return `stale` if created more than 3 months ago.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/347305)\n\n### `type` and `types` keyword from CI/CD configuration\n\nAnnounced in 14.6\n\n\nThe `type` and `types` CI/CD keywords is removed in GitLab 15.0, so pipelines that use these keywords fail with a syntax error. Switch to `stage` and `stages`, which have the same behavior.\n\n### Test coverage project CI/CD setting\n\nAnnounced in 14.8\n\n\nTo specify a test coverage pattern, in GitLab 15.0 the\n[project setting for test coverage parsing](https://docs.gitlab.com/ee/ci/pipelines/settings.html#add-test-coverage-results-to-a-merge-request-removed)\nhas been removed.\n\nTo set test coverage parsing, use the project’s `.gitlab-ci.yml` file by providing a regular expression with the\n[`coverage` keyword](https://docs.gitlab.com/ee/ci/yaml/index.html#coverage).\n\n---\n\n## Package\n\n### Container registry authentication with htpasswd\n\nAnnounced in 14.9\n\n\nThe Container Registry supports [authentication](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/configuration.md#auth) with `htpasswd`. It relies on an [Apache `htpasswd` file](https://httpd.apache.org/docs/2.4/programs/htpasswd.html), with passwords hashed using `bcrypt`.\n\nSince it isn't used in the context of GitLab (the product), `htpasswd` authentication will be deprecated in GitLab 14.9 and removed in GitLab 15.0.\n\n### GraphQL permissions change for Package settings\n\nAnnounced in 14.9\n\n\nThe GitLab Package stage offers a Package Registry, Container Registry, and Dependency Proxy to help you manage all of your dependencies using GitLab. Each of these product categories has a variety of settings that can be adjusted using the API.\n\nThe permissions model for GraphQL is being updated. After 15.0, users with the Guest, Reporter, and Developer role can no longer update these settings:\n\n- [Package Registry settings](https://docs.gitlab.com/ee/api/graphql/reference/#packagesettings)\n- [Container Registry cleanup policy](https://docs.gitlab.com/ee/api/graphql/reference/#containerexpirationpolicy)\n- [Dependency Proxy time-to-live policy](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxyimagettlgrouppolicy)\n- [Enabling the Dependency Proxy for your group](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxysetting)\n\nThe issue for this removal is [GitLab-#350682](https://gitlab.com/gitlab-org/gitlab/-/issues/350682)\n\n### Versions from PackageType\n\nAnnounced in 14.5\n\n\nAs part of the work to create a [Package Registry GraphQL API](https://gitlab.com/groups/gitlab-org/-/epics/6318), the Package group deprecated the `Version` type for the basic `PackageType` type and moved it to [`PackageDetailsType`](https://docs.gitlab.com/ee/api/graphql/reference/index.html#packagedetailstype).\n\nIn GitLab 15.0, we will completely remove `Version` from `PackageType`.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/327453)\n\n### dependency_proxy_for_private_groups feature flag\n\nAnnounced in 14.5\n\n\nA feature flag was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11582) in GitLab 13.7 as part of the change to require authentication to use the Dependency Proxy. Before GitLab 13.7, you could use the Dependency Proxy without authentication.\n\nIn GitLab 15.0, we will remove the feature flag, and you must always authenticate when you use the Dependency Proxy.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/276777)\n\n### Pipelines field from the version field\n\nAnnounced in 14.5\n\n\nIn GraphQL, there are two `pipelines` fields that you can use in a [`PackageDetailsType`](https://docs.gitlab.com/ee/api/graphql/reference/#packagedetailstype) to get the pipelines for package versions:\n\n- The `versions` field's `pipelines` field. This returns all the pipelines associated with all the package's versions, which can pull an unbounded number of objects in memory and create performance concerns.\n- The `pipelines` field of a specific `version`. This returns only the pipelines associated with that single package version.\n\nTo mitigate possible performance problems, we will remove the `versions` field's `pipelines` field in GitLab 15.0. Although you will no longer be able to get all pipelines for all versions of a package, you can still get the pipelines of a single version through the remaining `pipelines` field for that version.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/342882)\n\n### Update to the Container Registry group-level API\n\nAnnounced in 14.5\n\n\nIn GitLab 15.0, support for the `tags` and `tags_count` parameters will be removed from the Container Registry API that [gets registry repositories from a group](https://docs.gitlab.com/ee/api/container_registry.html#within-a-group).\n\nThe `GET /groups/:id/registry/repositories` endpoint will remain, but won't return any info about tags. To get the info about tags, you can use the existing `GET /registry/repositories/:id` endpoint, which will continue to support the `tags` and `tag_count` options as it does today. The latter must be called once per image repository.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/336912)\n\n---\n\n## Secure\n\n### DS_DEFAULT_ANALYZERS environment variable\n\nAnnounced in 14.0\n\n\nWe are removing the `DS_DEFAULT_ANALYZERS` environment variable from Dependency Scanning on May 22, 2022 in 15.0. After this removal, this variable's value will be ignored. To configure which analyzers to run with the default configuration, you should use the `DS_EXCLUDED_ANALYZERS` variable instead.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/333299)\n\n### Dependency Scanning default Java version changed to 17\n\nAnnounced in 14.10\n\n\nFor Dependency Scanning, the default version of Java that the scanner expects will be updated from 11 to 17. Java 17 is [the most up-to-date Long Term Support (LTS) version](https://en.wikipedia.org/wiki/Java_version_history). Dependency Scanning continues to support the same [range of versions (8, 11, 13, 14, 15, 16, 17)](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#supported-languages-and-package-managers), only the default version is changing. If your project uses the previous default of Java 11, be sure to [set the `DS_JAVA_VERSION` variable to match](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#configuring-specific-analyzers-used-by-dependency-scanning). Please note that consequently the default version of Gradle is now 7.3.3.\n\n### End of support for Python 3.6 in Dependency Scanning\n\nAnnounced in 14.8\n\n\nFor those using Dependency Scanning for Python projects, we are removing support for the default `gemnasium-python:2` image which uses Python 3.6, as well as the custom `gemnasium-python:2-python-3.9` image which uses Python 3.9. The new default image as of GitLab 15.0 will be for Python 3.9 as it is a [supported version](https://endoflife.date/python) and 3.6 [is no longer supported](https://endoflife.date/python).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/351503)\n\n### Retire-JS Dependency Scanning tool\n\nAnnounced in 14.8\n\n\nWe have removed support for retire.js from Dependency Scanning as of May 22, 2022 in GitLab 15.0. JavaScript scanning functionality will not be affected as it is still being covered by Gemnasium.\n\nIf you have explicitly excluded retire.js using the `DS_EXCLUDED_ANALYZERS` variable, then you will be able to remove the reference to retire.js. If you have customized your pipeline’s Dependency Scanning configuration related to the `retire-js-dependency_scanning` job, then you will want to switch to `gemnasium-dependency_scanning`. If you have not used the `DS_EXCLUDED_ANALYZERS` to reference retire.js, or customized your template specifically for retire.js, you will not need to take any action.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/289830)\n\n### bundler-audit Dependency Scanning tool\n\nAnnounced in 14.8\n\n\nWe are removing bundler-audit from Dependency Scanning on May 22, 2022 in 15.0. After this removal, Ruby scanning functionality will not be affected as it is still being covered by Gemnasium.\n\nIf you have explicitly excluded bundler-audit using the `DS_EXCLUDED_ANALYZERS` variable, then you will be able to remove the reference to bundler-audit. If you have customized your pipeline’s Dependency Scanning configuration related to the `bundler-audit-dependency_scanning` job, then you will want to switch to `gemnasium-dependency_scanning`. If you have not used the `DS_EXCLUDED_ANALYZERS` to reference bundler-audit or customized your template specifically for bundler-audit, you will not need to take any action.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/347491)\n\n---\n\n## Configure\n\n### GitLab Serverless\n\nAnnounced in 14.3\n\n\nAll functionality related to GitLab Serverless was deprecated in GitLab 14.3 and is scheduled for removal in GitLab 15.0. Users who need a replacement for this functionality are encouraged to explore using the following technologies with GitLab CI/CD:\n\n- [Serverless Framework](https://www.serverless.com)\n- [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/deploying-using-gitlab.html)\n\nFor additional context, or to provide feedback regarding this change, please reference our [deprecation issue](https://gitlab.com/groups/gitlab-org/configure/-/epics/6).\n\n- [Issue](https://gitlab.com/groups/gitlab-org/configure/-/epics/6)\n\n### `Managed-Cluster-Applications.gitlab-ci.yml`\n\nAnnounced in 14.0\n\n\nThe `Managed-Cluster-Applications.gitlab-ci.yml` CI/CD template is being removed. If you need an  alternative, try the [Cluster Management project template](https://gitlab.com/gitlab-org/gitlab/-/issues/333610) instead. If your are not ready to move, you can copy the [last released version](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/v14.10.1/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml) of the template into your project.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/333610)\n\n### Self-managed certificate-based integration with Kubernetes feature flagged\n\nAnnounced in 14.5\n\n\nIn 15.0 the certificate-based integration with Kubernetes will be disabled by default.\n\nAfter 15.0, you should use the [agent for Kubernetes](https://docs.gitlab.com/ee/user/clusters/agent/) to connect Kubernetes clusters with GitLab. The agent for Kubernetes is a more robust, secure, and reliable integration with Kubernetes. [How do I migrate to the agent?](https://docs.gitlab.com/ee/user/infrastructure/clusters/migrate_to_gitlab_agent.html)\n\nIf you need more time to migrate, you can enable the `certificate_based_clusters` [feature flag](https://docs.gitlab.com/ee/administration/feature_flags.html), which re-enables the certificate-based integration.\n\nIn GitLab 16.0, we will [remove the feature, its related code, and the feature flag](https://about.gitlab.com/blog/deprecating-the-cert-based-kubernetes-integration/). GitLab will continue to fix any security or critical issues until 16.0.\n\n- [Epic](https://gitlab.com/groups/gitlab-org/configure/-/epics/8)\n\n---\n\n## Monitor\n\n### ELK stack logging\n\nAnnounced in 14.7\n\n\nThe logging features in GitLab allow users to install the ELK stack (Elasticsearch, Logstash, and Kibana) to aggregate and manage application logs. Users could search for relevant logs in GitLab directly. However, since deprecating certificate-based integration with Kubernetes clusters and GitLab Managed Apps, this feature is no longer available. For more information on the future of logging and observability, you can follow the issue for [integrating Opstrace with GitLab](https://gitlab.com/groups/gitlab-org/-/epics/6976).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/346485)\n\n### Jaeger integration\n\nAnnounced in 14.7\n\n\nTracing in GitLab is an integration with Jaeger, an open-source end-to-end distributed tracing system. GitLab users could previously navigate to their Jaeger instance to gain insight into the performance of a deployed application, tracking each function or microservice that handles a given request. Tracing in GitLab was deprecated in GitLab 14.7, and removed in 15.0. To track work on a possible replacement, see the issue for [Opstrace integration with GitLab](https://gitlab.com/groups/gitlab-org/-/epics/6976).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/346540)\n\n### Request profiling\n\nAnnounced in 14.8\n\n\n[Request profiling](https://docs.gitlab.com/ee/administration/monitoring/performance/index.html) has been removed in GitLab 15.0.\n\nWe're working on [consolidating our profiling tools](https://gitlab.com/groups/gitlab-org/-/epics/7327) and making them more easily accessible.\nWe [evaluated](https://gitlab.com/gitlab-org/gitlab/-/issues/350152) the use of this feature and we found that it is not widely used.\nIt also depends on a few third-party gems that are not actively maintained anymore, have not been updated for the latest version of Ruby, or crash frequently when profiling heavy page loads.\n\nFor more information, check the [summary section of the deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352488#deprecation-summary).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352488)\n\n---\n\n## Protect\n\n### Container Network and Host Security\n\nAnnounced in 14.8\n\n\nAll functionality related to the Container Network Security and Container Host Security categories was deprecated in GitLab 14.8 and is scheduled for removal in GitLab 15.0. Users who need a replacement for this functionality are encouraged to evaluate the following open source projects as potential solutions that can be installed and managed outside of GitLab: [AppArmor](https://gitlab.com/apparmor/apparmor), [Cilium](https://github.com/cilium/cilium), [Falco](https://github.com/falcosecurity/falco), [FluentD](https://github.com/fluent/fluentd), [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/). To integrate these technologies with GitLab, add the desired Helm charts in your copy of the [Cluster Management Project Template](https://docs.gitlab.com/ee/user/clusters/management_project_template.html). Deploy these Helm charts in production by calling commands through GitLab [CI/CD](https://docs.gitlab.com/ee/user/clusters/agent/ci_cd_workflow.html).\n\nAs part of this change, the following capabilities within GitLab are scheduled for removal in GitLab 15.0:\n\n- The **Security & Compliance > Threat Monitoring** page.\n- The Network Policy security policy type, as found on the **Security & Compliance > Policies** page.\n- The ability to manage integrations with the following technologies through GitLab: AppArmor, Cilium, Falco, FluentD, and Pod Security Policies.\n- All APIs related to the above functionality.\n\nFor additional context, or to provide feedback regarding this change, please reference our [deprecation issue](https://gitlab.com/groups/gitlab-org/-/epics/7476).\n\n- [Issue](https://gitlab.com/groups/gitlab-org/-/epics/7477)\n\n### Vulnerability Check\n\nAnnounced in 14.8\n\n\nThe vulnerability check feature was deprecated in GitLab 14.8 and is scheduled for removal in GitLab 15.0. We encourage you to migrate to the new security approvals feature instead. You can do so by navigating to **Security & Compliance > Policies** and creating a new Scan Result Policy.\n\nThe new security approvals feature is similar to vulnerability check. For example, both can require approvals for MRs that contain security vulnerabilities. However, security approvals improve the previous experience in several ways:\n\n- Users can choose who is allowed to edit security approval rules. An independent security or compliance team can therefore manage rules in a way that prevents development project maintainers from modifying the rules.\n- Multiple rules can be created and chained together to allow for filtering on different severity thresholds for each scanner type.\n- A two-step approval process can be enforced for any desired changes to security approval rules.\n- A single set of security policies can be applied to multiple development projects to allow for ease in maintaining a single, centralized ruleset.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/357300)\n\n---\n\n## Enablement\n\n### Background upload for object storage\n\nAnnounced in 14.9\n\n\nTo reduce the overall complexity and maintenance burden of GitLab's [object storage feature](https://docs.gitlab.com/ee/administration/object_storage.html), support for using `background_upload` has been removed in GitLab 15.0.\n\nThis impacts a small subset of object storage providers, including but not limited to:\n\n- **OpenStack** Customers using OpenStack need to change their configuration to use the S3 API instead of Swift.\n- **RackSpace** Customers using RackSpace-based object storage need to migrate data to a different provider.\n\nIf your object storage provider does not support `background_upload`, please [migrate objects to a supported object storage provider](https://docs.gitlab.com/ee/administration/object_storage.html#migrate-objects-to-a-different-object-storage-provider).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/26600)\n\n### Elasticsearch 6.8.x in GitLab 15.0\n\nAnnounced in 14.8\n\n\nElasticsearch 6.8 support has been removed in GitLab 15.0. Elasticsearch 6.8 has reached [end of life](https://www.elastic.co/support/eol).\nIf you use Elasticsearch 6.8, **you must upgrade your Elasticsearch version to 7.x** prior to upgrading to GitLab 15.0.\nYou should not upgrade to Elasticsearch 8 until you have completed the GitLab 15.0 upgrade.\n\nView the [version requirements](https://docs.gitlab.com/ee/integration/advanced_search/elasticsearch.html) for details.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/350275)\n\n### Gitaly nodes in virtual storage\n\nAnnounced in 13.12\n\n\nConfiguring the Gitaly nodes directly in the virtual storage's root configuration object has been deprecated in GitLab 13.12 and is no longer supported in GitLab 15.0. You must move the Gitaly nodes under the `'nodes'` key as described in [the Praefect configuration](https://docs.gitlab.com/ee/administration/gitaly/praefect.html#praefect).\n\n### Move Gitaly Cluster Praefect `database_host_no_proxy` and `database_port_no_proxy configs`\n\nAnnounced in 14.0\n\n\nThe Gitaly Cluster configuration keys for `praefect['database_host_no_proxy']` and `praefect['database_port_no_proxy']` are replaced with `praefect['database_direct_host']` and `praefect['database_direct_port']`.\n\n- [Issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6150)\n\n### Move `custom_hooks_dir` setting from GitLab Shell to Gitaly\n\nAnnounced in 14.9\n\n\nThe [`custom_hooks_dir`](https://docs.gitlab.com/ee/administration/server_hooks.html#create-a-global-server-hook-for-all-repositories) setting is now configured in Gitaly, and is removed from GitLab Shell in GitLab 15.0.\n\n- [Issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4208)\n\n### Pseudonymizer\n\nAnnounced in 14.7\n\n\nThe Pseudonymizer feature is generally unused, can cause production issues with large databases, and can interfere with object storage development.\nIt was removed in GitLab 15.0.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/219952)\n\n### `promote-to-primary-node` command from `gitlab-ctl`\n\nAnnounced in 14.5\n\n\nIn GitLab 14.5, we introduced the command `gitlab-ctl promote` to promote any Geo secondary node to a primary during a failover. This command replaces `gitlab-ctl promote-to-primary-node` which was only usable for single-node Geo sites. `gitlab-ctl promote-to-primary-node` has been removed in GitLab 15.0.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/345207)\n\n### SUSE Linux Enterprise Server 12 SP2\n\nAnnounced in 14.5\n\n\nLong term service and support (LTSS) for SUSE Linux Enterprise Server (SLES) 12 SP2 [ended on March 31, 2021](https://www.suse.com/lifecycle/). The CA certificates on SP2 include the expired DST root certificate, and it's not getting new CA certificate package updates. We have implemented some [workarounds](https://gitlab.com/gitlab-org/gitlab-omnibus-builder/-/merge_requests/191), but we will not be able to continue to keep the build running properly.\n\n### Sidekiq configuration for metrics and health checks\n\nAnnounced in 14.7\n\n\nIn GitLab 15.0, you can no longer serve Sidekiq metrics and health checks over a single address and port.\n\nTo improve stability, availability, and prevent data loss in edge cases, GitLab now serves\n[Sidekiq metrics and health checks from two separate servers](https://gitlab.com/groups/gitlab-org/-/epics/6409).\n\nWhen you use Omnibus or Helm charts, if GitLab is configured for both servers to bind to the same address,\na configuration error occurs.\nTo prevent this error, choose different ports for the metrics and health check servers:\n\n- [Configure Sidekiq health checks](https://docs.gitlab.com/ee/administration/sidekiq/index.html)\n- [Configure the Sidekiq metrics server](https://docs.gitlab.com/ee/administration/sidekiq/index.html)\n\nIf you installed GitLab from source, verify manually that both servers are configured to bind to separate addresses and ports.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/347509)\n\n### Support for `gitaly['internal_socket_dir']`\n\nAnnounced in 14.10\n\n\nGitaly introduced a new directory that holds all runtime data Gitaly requires to operate correctly. This new directory replaces the old internal socket directory, and consequentially the usage of `gitaly['internal_socket_dir']` was deprecated in favor of `gitaly['runtime_dir']`.\n\n- [Issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6758)\n\n### Support for legacy format of `config/database.yml`\n\nAnnounced in 14.3\n\n\nThe syntax of [GitLab's database](https://docs.gitlab.com/omnibus/settings/database.html)\nconfiguration located in `database.yml` has changed and the legacy format has been removed.\nThe legacy format supported a single PostgreSQL adapter, whereas the new format supports multiple databases.\nThe `main:` database needs to be defined as a first configuration item.\n\nThis change only impacts users compiling GitLab from source, all the other installation methods handle this configuration automatically.\nInstructions are available [in the source update documentation](https://docs.gitlab.com/ee/update/upgrading_from_source.html#new-configuration-options-for-databaseyml).\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/338182)\n\n### The `promote-db` command is no longer available from `gitlab-ctl`\n\nAnnounced in 14.5\n\n\nIn GitLab 14.5, we introduced the command `gitlab-ctl promote` to promote any Geo secondary node to a primary during a failover. This command replaces `gitlab-ctl promote-db` which is used to promote database nodes in multi-node Geo secondary sites. The `gitlab-ctl promote-db` command has been removed in GitLab 15.0.\n\n- [Issue](https://gitlab.com/gitlab-org/gitlab/-/issues/345207)\n\n---\n",[23,24,25],"news","releases","production","yml",{},true,"/en-us/blog/gitlab-releases-15-breaking-changes",{"title":15,"description":16,"ogTitle":15,"ogDescription":16,"noIndex":12,"ogImage":19,"ogUrl":31,"ogSiteName":32,"ogType":33,"canonicalUrls":31},"https://about.gitlab.com/blog/gitlab-releases-15-breaking-changes","https://about.gitlab.com","article","en-us/blog/gitlab-releases-15-breaking-changes",[23,24,25],"6aT5VD_KTVF0tzlzN_XSXOD2rvvL4ffVVSi9eydX7SU",{"data":38},{"logo":39,"freeTrial":44,"sales":49,"login":54,"items":59,"search":366,"minimal":397,"duo":416,"pricingDeployment":426},{"config":40},{"href":41,"dataGaName":42,"dataGaLocation":43},"/","gitlab logo","header",{"text":45,"config":46},"Get free trial",{"href":47,"dataGaName":48,"dataGaLocation":43},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":50,"config":51},"Talk to sales",{"href":52,"dataGaName":53,"dataGaLocation":43},"/sales/","sales",{"text":55,"config":56},"Sign in",{"href":57,"dataGaName":58,"dataGaLocation":43},"https://gitlab.com/users/sign_in/","sign in",[60,87,182,187,288,347],{"text":61,"config":62,"cards":64},"Platform",{"dataNavLevelOne":63},"platform",[65,71,79],{"title":61,"description":66,"link":67},"The intelligent orchestration platform for DevSecOps",{"text":68,"config":69},"Explore our Platform",{"href":70,"dataGaName":63,"dataGaLocation":43},"/platform/",{"title":72,"description":73,"link":74},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":75,"config":76},"Meet GitLab Duo",{"href":77,"dataGaName":78,"dataGaLocation":43},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":80,"description":81,"link":82},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":83,"config":84},"Learn more",{"href":85,"dataGaName":86,"dataGaLocation":43},"/why-gitlab/","why gitlab",{"text":88,"left":28,"config":89,"link":91,"lists":95,"footer":164},"Product",{"dataNavLevelOne":90},"solutions",{"text":92,"config":93},"View all Solutions",{"href":94,"dataGaName":90,"dataGaLocation":43},"/solutions/",[96,120,143],{"title":97,"description":98,"link":99,"items":104},"Automation","CI/CD and automation to accelerate deployment",{"config":100},{"icon":101,"href":102,"dataGaName":103,"dataGaLocation":43},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[105,109,112,116],{"text":106,"config":107},"CI/CD",{"href":108,"dataGaLocation":43,"dataGaName":106},"/solutions/continuous-integration/",{"text":72,"config":110},{"href":77,"dataGaLocation":43,"dataGaName":111},"gitlab duo agent platform - product menu",{"text":113,"config":114},"Source Code Management",{"href":115,"dataGaLocation":43,"dataGaName":113},"/solutions/source-code-management/",{"text":117,"config":118},"Automated Software Delivery",{"href":102,"dataGaLocation":43,"dataGaName":119},"Automated software delivery",{"title":121,"description":122,"link":123,"items":128},"Security","Deliver code faster without compromising security",{"config":124},{"href":125,"dataGaName":126,"dataGaLocation":43,"icon":127},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[129,133,138],{"text":130,"config":131},"Application Security Testing",{"href":125,"dataGaName":132,"dataGaLocation":43},"Application security testing",{"text":134,"config":135},"Software Supply Chain Security",{"href":136,"dataGaLocation":43,"dataGaName":137},"/solutions/supply-chain/","Software supply chain security",{"text":139,"config":140},"Software Compliance",{"href":141,"dataGaName":142,"dataGaLocation":43},"/solutions/software-compliance/","software compliance",{"title":144,"link":145,"items":150},"Measurement",{"config":146},{"icon":147,"href":148,"dataGaName":149,"dataGaLocation":43},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[151,155,159],{"text":152,"config":153},"Visibility & Measurement",{"href":148,"dataGaLocation":43,"dataGaName":154},"Visibility and Measurement",{"text":156,"config":157},"Value Stream Management",{"href":158,"dataGaLocation":43,"dataGaName":156},"/solutions/value-stream-management/",{"text":160,"config":161},"Analytics & Insights",{"href":162,"dataGaLocation":43,"dataGaName":163},"/solutions/analytics-and-insights/","Analytics and insights",{"title":165,"items":166},"GitLab for",[167,172,177],{"text":168,"config":169},"Enterprise",{"href":170,"dataGaLocation":43,"dataGaName":171},"/enterprise/","enterprise",{"text":173,"config":174},"Small Business",{"href":175,"dataGaLocation":43,"dataGaName":176},"/small-business/","small business",{"text":178,"config":179},"Public Sector",{"href":180,"dataGaLocation":43,"dataGaName":181},"/solutions/public-sector/","public sector",{"text":183,"config":184},"Pricing",{"href":185,"dataGaName":186,"dataGaLocation":43,"dataNavLevelOne":186},"/pricing/","pricing",{"text":188,"config":189,"link":191,"lists":195,"feature":275},"Resources",{"dataNavLevelOne":190},"resources",{"text":192,"config":193},"View all resources",{"href":194,"dataGaName":190,"dataGaLocation":43},"/resources/",[196,229,247],{"title":197,"items":198},"Getting started",[199,204,209,214,219,224],{"text":200,"config":201},"Install",{"href":202,"dataGaName":203,"dataGaLocation":43},"/install/","install",{"text":205,"config":206},"Quick start guides",{"href":207,"dataGaName":208,"dataGaLocation":43},"/get-started/","quick setup checklists",{"text":210,"config":211},"Learn",{"href":212,"dataGaLocation":43,"dataGaName":213},"https://university.gitlab.com/","learn",{"text":215,"config":216},"Product documentation",{"href":217,"dataGaName":218,"dataGaLocation":43},"https://docs.gitlab.com/","product documentation",{"text":220,"config":221},"Best practice videos",{"href":222,"dataGaName":223,"dataGaLocation":43},"/getting-started-videos/","best practice videos",{"text":225,"config":226},"Integrations",{"href":227,"dataGaName":228,"dataGaLocation":43},"/integrations/","integrations",{"title":230,"items":231},"Discover",[232,237,242],{"text":233,"config":234},"Customer success stories",{"href":235,"dataGaName":236,"dataGaLocation":43},"/customers/","customer success stories",{"text":238,"config":239},"Blog",{"href":240,"dataGaName":241,"dataGaLocation":43},"/blog/","blog",{"text":243,"config":244},"Remote",{"href":245,"dataGaName":246,"dataGaLocation":43},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":248,"items":249},"Connect",[250,255,260,265,270],{"text":251,"config":252},"GitLab Services",{"href":253,"dataGaName":254,"dataGaLocation":43},"/services/","services",{"text":256,"config":257},"Community",{"href":258,"dataGaName":259,"dataGaLocation":43},"/community/","community",{"text":261,"config":262},"Forum",{"href":263,"dataGaName":264,"dataGaLocation":43},"https://forum.gitlab.com/","forum",{"text":266,"config":267},"Events",{"href":268,"dataGaName":269,"dataGaLocation":43},"/events/","events",{"text":271,"config":272},"Partners",{"href":273,"dataGaName":274,"dataGaLocation":43},"/partners/","partners",{"backgroundColor":276,"textColor":277,"text":278,"image":279,"link":283},"#2f2a6b","#fff","Insights for the future of software development",{"altText":280,"config":281},"the source promo card",{"src":282},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":284,"config":285},"Read the latest",{"href":286,"dataGaName":287,"dataGaLocation":43},"/the-source/","the source",{"text":289,"config":290,"lists":291},"Company",{"dataNavLevelOne":9},[292],{"items":293},[294,299,305,307,312,317,322,327,332,337,342],{"text":295,"config":296},"About",{"href":297,"dataGaName":298,"dataGaLocation":43},"/company/","about",{"text":300,"config":301,"footerGa":304},"Jobs",{"href":302,"dataGaName":303,"dataGaLocation":43},"/jobs/","jobs",{"dataGaName":303},{"text":266,"config":306},{"href":268,"dataGaName":269,"dataGaLocation":43},{"text":308,"config":309},"Leadership",{"href":310,"dataGaName":311,"dataGaLocation":43},"/company/team/e-group/","leadership",{"text":313,"config":314},"Team",{"href":315,"dataGaName":316,"dataGaLocation":43},"/company/team/","team",{"text":318,"config":319},"Handbook",{"href":320,"dataGaName":321,"dataGaLocation":43},"https://handbook.gitlab.com/","handbook",{"text":323,"config":324},"Investor relations",{"href":325,"dataGaName":326,"dataGaLocation":43},"https://ir.gitlab.com/","investor relations",{"text":328,"config":329},"Trust Center",{"href":330,"dataGaName":331,"dataGaLocation":43},"/security/","trust center",{"text":333,"config":334},"AI Transparency Center",{"href":335,"dataGaName":336,"dataGaLocation":43},"/ai-transparency-center/","ai transparency center",{"text":338,"config":339},"Newsletter",{"href":340,"dataGaName":341,"dataGaLocation":43},"/company/contact/#contact-forms","newsletter",{"text":343,"config":344},"Press",{"href":345,"dataGaName":346,"dataGaLocation":43},"/press/","press",{"text":348,"config":349,"lists":350},"Contact us",{"dataNavLevelOne":9},[351],{"items":352},[353,356,361],{"text":50,"config":354},{"href":52,"dataGaName":355,"dataGaLocation":43},"talk to sales",{"text":357,"config":358},"Support portal",{"href":359,"dataGaName":360,"dataGaLocation":43},"https://support.gitlab.com","support portal",{"text":362,"config":363},"Customer portal",{"href":364,"dataGaName":365,"dataGaLocation":43},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":367,"login":368,"suggestions":375},"Close",{"text":369,"link":370},"To search repositories and projects, login to",{"text":371,"config":372},"gitlab.com",{"href":57,"dataGaName":373,"dataGaLocation":374},"search login","search",{"text":376,"default":377},"Suggestions",[378,380,384,386,390,394],{"text":72,"config":379},{"href":77,"dataGaName":72,"dataGaLocation":374},{"text":381,"config":382},"Code Suggestions (AI)",{"href":383,"dataGaName":381,"dataGaLocation":374},"/solutions/code-suggestions/",{"text":106,"config":385},{"href":108,"dataGaName":106,"dataGaLocation":374},{"text":387,"config":388},"GitLab on AWS",{"href":389,"dataGaName":387,"dataGaLocation":374},"/partners/technology-partners/aws/",{"text":391,"config":392},"GitLab on Google Cloud",{"href":393,"dataGaName":391,"dataGaLocation":374},"/partners/technology-partners/google-cloud-platform/",{"text":395,"config":396},"Why GitLab?",{"href":85,"dataGaName":395,"dataGaLocation":374},{"freeTrial":398,"mobileIcon":403,"desktopIcon":408,"secondaryButton":411},{"text":399,"config":400},"Start free trial",{"href":401,"dataGaName":48,"dataGaLocation":402},"https://gitlab.com/-/trials/new/","nav",{"altText":404,"config":405},"Gitlab Icon",{"src":406,"dataGaName":407,"dataGaLocation":402},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":404,"config":409},{"src":410,"dataGaName":407,"dataGaLocation":402},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":412,"config":413},"Get Started",{"href":414,"dataGaName":415,"dataGaLocation":402},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":417,"mobileIcon":422,"desktopIcon":424},{"text":418,"config":419},"Learn more about GitLab Duo",{"href":420,"dataGaName":421,"dataGaLocation":402},"/gitlab-duo/","gitlab duo",{"altText":404,"config":423},{"src":406,"dataGaName":407,"dataGaLocation":402},{"altText":404,"config":425},{"src":410,"dataGaName":407,"dataGaLocation":402},{"freeTrial":427,"mobileIcon":432,"desktopIcon":434},{"text":428,"config":429},"Back to pricing",{"href":185,"dataGaName":430,"dataGaLocation":402,"icon":431},"back to pricing","GoBack",{"altText":404,"config":433},{"src":406,"dataGaName":407,"dataGaLocation":402},{"altText":404,"config":435},{"src":410,"dataGaName":407,"dataGaLocation":402},{"title":437,"button":438,"config":443},"See how agentic AI transforms software delivery",{"text":439,"config":440},"Watch GitLab Transcend now",{"href":441,"dataGaName":442,"dataGaLocation":43},"/events/transcend/virtual/","transcend event",{"layout":444,"icon":445},"release","AiStar",{"data":447},{"text":448,"source":449,"edit":455,"contribute":460,"config":465,"items":470,"minimal":677},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":450,"config":451},"View page source",{"href":452,"dataGaName":453,"dataGaLocation":454},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":456,"config":457},"Edit this page",{"href":458,"dataGaName":459,"dataGaLocation":454},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":461,"config":462},"Please contribute",{"href":463,"dataGaName":464,"dataGaLocation":454},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":466,"facebook":467,"youtube":468,"linkedin":469},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[471,518,572,616,643],{"title":183,"links":472,"subMenu":487},[473,477,482],{"text":474,"config":475},"View plans",{"href":185,"dataGaName":476,"dataGaLocation":454},"view plans",{"text":478,"config":479},"Why Premium?",{"href":480,"dataGaName":481,"dataGaLocation":454},"/pricing/premium/","why premium",{"text":483,"config":484},"Why Ultimate?",{"href":485,"dataGaName":486,"dataGaLocation":454},"/pricing/ultimate/","why ultimate",[488],{"title":489,"links":490},"Contact Us",[491,494,496,498,503,508,513],{"text":492,"config":493},"Contact sales",{"href":52,"dataGaName":53,"dataGaLocation":454},{"text":357,"config":495},{"href":359,"dataGaName":360,"dataGaLocation":454},{"text":362,"config":497},{"href":364,"dataGaName":365,"dataGaLocation":454},{"text":499,"config":500},"Status",{"href":501,"dataGaName":502,"dataGaLocation":454},"https://status.gitlab.com/","status",{"text":504,"config":505},"Terms of use",{"href":506,"dataGaName":507,"dataGaLocation":454},"/terms/","terms of use",{"text":509,"config":510},"Privacy statement",{"href":511,"dataGaName":512,"dataGaLocation":454},"/privacy/","privacy statement",{"text":514,"config":515},"Cookie preferences",{"dataGaName":516,"dataGaLocation":454,"id":517,"isOneTrustButton":28},"cookie preferences","ot-sdk-btn",{"title":88,"links":519,"subMenu":528},[520,524],{"text":521,"config":522},"DevSecOps platform",{"href":70,"dataGaName":523,"dataGaLocation":454},"devsecops platform",{"text":525,"config":526},"AI-Assisted Development",{"href":420,"dataGaName":527,"dataGaLocation":454},"ai-assisted development",[529],{"title":530,"links":531},"Topics",[532,537,542,547,552,557,562,567],{"text":533,"config":534},"CICD",{"href":535,"dataGaName":536,"dataGaLocation":454},"/topics/ci-cd/","cicd",{"text":538,"config":539},"GitOps",{"href":540,"dataGaName":541,"dataGaLocation":454},"/topics/gitops/","gitops",{"text":543,"config":544},"DevOps",{"href":545,"dataGaName":546,"dataGaLocation":454},"/topics/devops/","devops",{"text":548,"config":549},"Version Control",{"href":550,"dataGaName":551,"dataGaLocation":454},"/topics/version-control/","version control",{"text":553,"config":554},"DevSecOps",{"href":555,"dataGaName":556,"dataGaLocation":454},"/topics/devsecops/","devsecops",{"text":558,"config":559},"Cloud Native",{"href":560,"dataGaName":561,"dataGaLocation":454},"/topics/cloud-native/","cloud native",{"text":563,"config":564},"AI for Coding",{"href":565,"dataGaName":566,"dataGaLocation":454},"/topics/devops/ai-for-coding/","ai for coding",{"text":568,"config":569},"Agentic AI",{"href":570,"dataGaName":571,"dataGaLocation":454},"/topics/agentic-ai/","agentic ai",{"title":573,"links":574},"Solutions",[575,577,579,584,588,591,595,598,600,603,606,611],{"text":130,"config":576},{"href":125,"dataGaName":130,"dataGaLocation":454},{"text":119,"config":578},{"href":102,"dataGaName":103,"dataGaLocation":454},{"text":580,"config":581},"Agile development",{"href":582,"dataGaName":583,"dataGaLocation":454},"/solutions/agile-delivery/","agile delivery",{"text":585,"config":586},"SCM",{"href":115,"dataGaName":587,"dataGaLocation":454},"source code management",{"text":533,"config":589},{"href":108,"dataGaName":590,"dataGaLocation":454},"continuous integration & delivery",{"text":592,"config":593},"Value stream management",{"href":158,"dataGaName":594,"dataGaLocation":454},"value stream management",{"text":538,"config":596},{"href":597,"dataGaName":541,"dataGaLocation":454},"/solutions/gitops/",{"text":168,"config":599},{"href":170,"dataGaName":171,"dataGaLocation":454},{"text":601,"config":602},"Small business",{"href":175,"dataGaName":176,"dataGaLocation":454},{"text":604,"config":605},"Public sector",{"href":180,"dataGaName":181,"dataGaLocation":454},{"text":607,"config":608},"Education",{"href":609,"dataGaName":610,"dataGaLocation":454},"/solutions/education/","education",{"text":612,"config":613},"Financial services",{"href":614,"dataGaName":615,"dataGaLocation":454},"/solutions/finance/","financial services",{"title":188,"links":617},[618,620,622,624,627,629,631,633,635,637,639,641],{"text":200,"config":619},{"href":202,"dataGaName":203,"dataGaLocation":454},{"text":205,"config":621},{"href":207,"dataGaName":208,"dataGaLocation":454},{"text":210,"config":623},{"href":212,"dataGaName":213,"dataGaLocation":454},{"text":215,"config":625},{"href":217,"dataGaName":626,"dataGaLocation":454},"docs",{"text":238,"config":628},{"href":240,"dataGaName":241,"dataGaLocation":454},{"text":233,"config":630},{"href":235,"dataGaName":236,"dataGaLocation":454},{"text":243,"config":632},{"href":245,"dataGaName":246,"dataGaLocation":454},{"text":251,"config":634},{"href":253,"dataGaName":254,"dataGaLocation":454},{"text":256,"config":636},{"href":258,"dataGaName":259,"dataGaLocation":454},{"text":261,"config":638},{"href":263,"dataGaName":264,"dataGaLocation":454},{"text":266,"config":640},{"href":268,"dataGaName":269,"dataGaLocation":454},{"text":271,"config":642},{"href":273,"dataGaName":274,"dataGaLocation":454},{"title":289,"links":644},[645,647,649,651,653,655,657,661,666,668,670,672],{"text":295,"config":646},{"href":297,"dataGaName":9,"dataGaLocation":454},{"text":300,"config":648},{"href":302,"dataGaName":303,"dataGaLocation":454},{"text":308,"config":650},{"href":310,"dataGaName":311,"dataGaLocation":454},{"text":313,"config":652},{"href":315,"dataGaName":316,"dataGaLocation":454},{"text":318,"config":654},{"href":320,"dataGaName":321,"dataGaLocation":454},{"text":323,"config":656},{"href":325,"dataGaName":326,"dataGaLocation":454},{"text":658,"config":659},"Sustainability",{"href":660,"dataGaName":658,"dataGaLocation":454},"/sustainability/",{"text":662,"config":663},"Diversity, inclusion and belonging (DIB)",{"href":664,"dataGaName":665,"dataGaLocation":454},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":328,"config":667},{"href":330,"dataGaName":331,"dataGaLocation":454},{"text":338,"config":669},{"href":340,"dataGaName":341,"dataGaLocation":454},{"text":343,"config":671},{"href":345,"dataGaName":346,"dataGaLocation":454},{"text":673,"config":674},"Modern Slavery Transparency Statement",{"href":675,"dataGaName":676,"dataGaLocation":454},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":678},[679,682,685],{"text":680,"config":681},"Terms",{"href":506,"dataGaName":507,"dataGaLocation":454},{"text":683,"config":684},"Cookies",{"dataGaName":516,"dataGaLocation":454,"id":517,"isOneTrustButton":28},{"text":686,"config":687},"Privacy",{"href":511,"dataGaName":512,"dataGaLocation":454},[689],{"id":690,"title":18,"body":8,"config":691,"content":693,"description":8,"extension":26,"meta":697,"navigation":28,"path":698,"seo":699,"stem":700,"__hash__":701},"blogAuthors/en-us/blog/authors/brian-rhea.yml",{"template":692},"BlogAuthor",{"name":18,"config":694},{"headshot":695,"ctfId":696},"","brhea",{},"/en-us/blog/authors/brian-rhea",{},"en-us/blog/authors/brian-rhea","7YgwkWkXjQzercV40u-89F0XbFcIxKjZmwO5Jxl5mbI",[703,715,726],{"content":704,"config":713},{"title":705,"description":706,"authors":707,"heroImage":709,"date":710,"body":711,"category":9,"tags":712,"updatedDate":710},"GitLab names Bill Staples as new CEO","Co-founder Sid Sijbrandij transitions to Executive Chair of the Board.",[708],"Sid Sijbrandij","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665388/Blog/Hero%20Images/Revised2.png","2024-12-05","__This message from Sid Sijbrandij and Bill Staples was shared with GitLab team members earlier today.__ \n\n__Sid:__ On today’s earnings call, I announced that I am stepping down as CEO and will remain Executive Chair of the Board. I also introduced GitLab’s new CEO, [Bill Staples](https://www.linkedin.com/in/williamstaples/). \n\nAs a Board, we routinely do succession planning. This includes conversations with a number of top executives. We’ve been having these conversations in greater earnest since my cancer returned. Through these discussions, we identified someone uniquely qualified to lead GitLab. I want more time to focus on my cancer treatment and health. My treatments are going well, my cancer is not metastatic, and I'm working towards making a full recovery. Stepping down from a role that I love is not easy, but I believe that it is the right decision for GitLab.\n\nI couldn't be more excited to introduce you to Bill Staples, who will be leading GitLab into its next chapter. Bill will be GitLab’s CEO, effective today. He will also join the GitLab Board as a Director. Bill was most recently a public company CEO at New Relic. During his time there, he significantly increased the value of the company by accelerating revenue and driving increased profitability. He also brings decades of experience in leadership roles at Adobe and Microsoft. When I began speaking with Bill, I was immediately drawn to his customer-centric approach and deep product expertise. As I got to know him further, I knew that his shared value system made him the right person for this role, for our team members, for our customers, and for our shareholders. I feel fortunate that GitLab has found someone with a great leadership track record and strong DevOps expertise to lead GitLab into the future.\n\nWe have come so far from the early days when we launched GitLab.com. We have created the DevOps category and are the leader in the Gartner Magic Quadrant for both vision and execution. Millions of people now use GitLab to deliver software faster and more efficiently. We have integrated AI, Security, and Compliance into our platform to offer our enterprise customers the strongest AI-powered DevSecOps solution. We have also built GitLab in collaboration with our contributors. Last quarter, we had an all-time high of an estimated 1,800 code contributions from the wider community. It is incredible that as GitLab grew, our contributor community grew with us. We have done all of this while being a values-driven company, leading in all-remote work, championing transparency through our public handbook and culture, and co-creating with the wider community.\n\nI feel many things today, but more than anything else, I am grateful. I want to thank our customers. Driving results for them has been at the core of GitLab’s values, and I greatly appreciate their trust in us. I want to thank the wider GitLab community for their trust and enthusiasm. Their tens of thousands of contributions have greatly enhanced GitLab and its value for all users. Thank you, GitLab team members. Your contributions are at the core of GitLab’s success and the value we drive for our customers. Thank you, E-Group. You are amazing partners and collaborators in leading GitLab and our team members to achieve our very best. Thank you, GitLab Board. I have appreciated your support throughout my time as CEO and look forward to our ongoing partnership as I continue to serve as Executive Chair. And, thank you, Bill. I am excited for you to lead our next phase of growth. I am here to support you and the company in GitLab’s next chapter!\n\nI couldn't be more thrilled about Bill and what's ahead for GitLab with him at the helm. We have an incredible opportunity in front of us. Software has never mattered more, and GitLab is well-positioned to be the platform that best enables folks to create, secure, and operate it. I look forward to staying part of the company and being actively involved wherever Bill can use me. \n\n__Bill:__ Thanks, Sid, for the warm welcome! I greatly admire you and what you have accomplished. Very few people in the world have built a $10B market-cap technology company, taken it public, and scaled it to $750M in run-rate revenue. You have done incredible things with GitLab, and I’m grateful you will continue to play a meaningful role in the company. I appreciate your trust in me and commit to building upon the successes you and others should rightfully celebrate. \n\nI am so excited about GitLab and the opportunity ahead of us. Over the coming decade, we will see software-driven transformation around the world as AI accelerates and transforms the software revolution already in motion. GitLab and our mission are going to be more important than ever. I look forward to working with this team to scale GitLab well beyond where it is today.\n",[23],{"slug":714,"featured":28,"template":13},"gitlab-names-bill-staples-as-new-ceo",{"content":716,"config":724},{"title":717,"description":718,"authors":719,"heroImage":721,"date":722,"body":723,"category":9},"Our Privacy Policy has been updated","Our updated Privacy Policy clarifies our existing data processing activities.",[720],"GitLab","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664472/Blog/Hero%20Images/gitlabflatlogomap.png","2023-06-14","As part of our commitment to keeping our policies current, we made some updates to our [Privacy Policy](/privacy/) on June 14, 2022.  These updates are intended to clarify our existing data processing activities and to provide information on processing that may derive from new features.  Through this update, we continue to provide transparency to our data processing activities, in line with an evolving privacy landscape.  Specifically, these policy updates include the following:\n\n- Clarification about which processing activities apply to each respective GitLab product;\n- Information about when personal data may be collected to verify someone’s identity to enable certain product features;\n- Clarification about what personal data is collected to provide a license and maintain a subscription; \n- Additional information regarding our Service Usage data collection practices, and the inclusion of certain processing activities, such as Event Analytics and Call Recordings;\n- Additional information regarding the purposes for which personal data is collected;\n- Minor updates regarding our legal basis for processing your personal data in the European Union; \n- Updates to our data retention practices for inactive accounts; \n- Clarification about how to delete your personal data at GitLab and how deletion is effectuated for public projects; \n- An additional notice that details our processing and your rights under the California Consumer Privacy Act, including CCPA metrics reporting;\n\nOverall, we believe that these updates will empower our users to make informed decisions about their personal data.  Please visit the complete text of our Privacy Policy and [Cookie Policy](/privacy/cookies/) to learn more about how GitLab processes personal data and your rights and choices regarding such processing.\n",{"slug":725,"featured":12,"template":13},"our-privacy-policy-has-been-updated",{"content":727,"config":738},{"title":728,"description":729,"authors":730,"heroImage":732,"date":733,"body":734,"category":9,"tags":735},"Rate limitations for unauthorized users of the Projects List API","Learn details about upcoming changes for unauthenticated users of the Projects List API.",[731],"Christina Lohr","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664087/Blog/Hero%20Images/tanukicover.jpg","2023-04-10","\n\nStarting on May 22 for self-managed GitLab, and May 8 for GitLab.com, unauthenticated users will be subject to rate limitations when using the Projects List API. This change has been made to ensure the stability and reliability of our platform for all users.\n\n**Note:** Authorized users are not affected by this change.\n\n## What is the the Projects List API?\n\nThe Projects List API provides information about GitLab projects, including name, description, and other metadata. This API is widely used by our community, including researchers, developers, and integrators, to retrieve and analyze information about GitLab projects. We value this usage and aim to support it as much as possible.\n\n## Rate limitation details\n\nIn recent months, we have observed that the frequency and intensity of requests made by unauthenticated, also known as anonymous, users to the Projects List API have increased significantly. This has resulted in an increased load on our servers, which has impacted the performance and stability of our platform for all users. To address this issue, we have decided to introduce rate limitations for unauthenticated users.\n\nAs a consequence of this change, unauthenticated users of the Projects List API will be limited to 400 requests per 10 minutes per unique IP address on GitLab.com. If an unauthenticated user exceeds this limit, the user will receive a \"429 Too Many Requests\" response. On GitLab.com, this limit cannot be changed. Users of self-managed GitLab instances have the same rate limitation set by default, but [admins can change the rate limits](https://docs.gitlab.com/ee/administration/settings/rate_limit_on_projects_api.html#rate-limit-on-projects-api) as they see fit via the UI or the application settings API. They can also set the rate limit to zero, which acts as if there is no rate limitation at all.\n\nWe understand that this change may impact some of our users who rely on the Projects List API, and we apologize for any inconvenience this may cause. We encourage users who need to make more than 400 requests per 10 minutes to the Projects List API to [sign up for a GitLab account](/pricing/), which provides higher rate limits and other benefits, such as access to additional APIs and integrations.\n\nIf you have any questions or concerns about this change, please do not hesitate to [leave feedback in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/404611).\n",[736,737,23],"product","features",{"slug":739,"featured":12,"template":13},"rate-limitation-for-unauthorized-users-projects-list-api",{"promotions":741},[742,756,767],{"id":743,"categories":744,"header":746,"text":747,"button":748,"image":753},"ai-modernization",[745],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":749,"config":750},"Get your AI maturity score",{"href":751,"dataGaName":752,"dataGaLocation":241},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":754},{"src":755},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":757,"categories":758,"header":759,"text":747,"button":760,"image":764},"devops-modernization",[736,556],"Are you just managing tools or shipping innovation?",{"text":761,"config":762},"Get your DevOps maturity score",{"href":763,"dataGaName":752,"dataGaLocation":241},"/assessments/devops-modernization-assessment/",{"config":765},{"src":766},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":768,"categories":769,"header":771,"text":747,"button":772,"image":776},"security-modernization",[770],"security","Are you trading speed for security?",{"text":773,"config":774},"Get your security maturity score",{"href":775,"dataGaName":752,"dataGaLocation":241},"/assessments/security-modernization-assessment/",{"config":777},{"src":778},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"header":780,"blurb":781,"button":782,"secondaryButton":787},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":783,"config":784},"Get your free trial",{"href":785,"dataGaName":48,"dataGaLocation":786},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":492,"config":788},{"href":52,"dataGaName":53,"dataGaLocation":786},1772652064825]