GitLab 13.6 adds another layer of fuzz, makes tracing free for all


GitLab 13.6 has landed, putting automation and visibility at the centre of the repo management and DevOps system’s latest release. And with the season of giving drawing closer, the team decided to move the dependency proxy and tracing component into the core of the project, making them free to use for all.

Amongst the features, the new version comes with code quality severity ratings in both the full quality report and the merge request widget, which should help maintainers, reviewers and the like to decide which issues to tackle before merging new code additions. Another enhancement for improved overview is the sorting component in the Releases UI, which finally allows users to sort releases by date and name.

With regard to the infrastructural elements, GitLab 13.6 now allows group owners to add integrations to a group, which are then inherited by the associated projects. In earlier versions this could only be done on an instance level. Developers have gained the option of using the toggle of a feature flag as a trigger for pipeline runs as there are webhooks for that.

For a change, security wasn’t among the big drivers for this release, however, starting with GitLab 13.6, admin approval is by default required for all new user registration on a new instance.

On tiers premium/silver and ultimate/gold, code coverage has been reworked so that teams can select specific projects in a group and see their coverage values directly without having to download and manually check files. GitLab has also made its first step towards a load balancer implementation by adding a way of configuring NGINX annotations for custom behaviour.

Ultimate and gold subscribers no longer have to dig their way through pipeline lists to find information on the last completed default pipeline run, as it is now displayed on their project security dashboard.

The GitLab team has also been busy improving testing options for the top tiers, making GitLab 13.6, for example, the first version of the software to let users define and view test cases. The functionality is scheduled to be followed by tools for tracking test histories across deployment targets and overall quality management.

Additional top tier augmentations in this release include human-readable fuzz testing results to help devs get to the source of a crash faster, and the integration of coverage-guided fuzz testing results into the merge request widget. Under the hood is also a new engine for Java coverage guided fuzz testing which can be used by adding –engine javafuzz to a pipeline file.

Meanwhile, teams on ultimate/gold that are working with postman collections have gained the capability to use those for API fuzz testing by adding the collections to a repository and noting their location in the .gitlab-ci.yml file for the fuzz engine to reference. More details can be found in the GitLab release announcement.


Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x