The update focuses on improvements for geographically distributed application deployments.

GitLab 14.6 is now ready for downloading, according to devclass.com. This will be the last release of 2021, and it brings some significant improvements. Specifically, the GitLab team tried to improve things for distributed deployment scenarios by reworking the mirroring component Geo. 

While users of self-managed instances had to know the URL of the site replica closest to them in order to get the best performance before, the updated version knows the concept of unified URLs. Through its introduction, everyone in an organisation can now use the same URL and Geo will automatically choose the closest site. 

Geo now also comes with secondary proxying, meaning write requests will be proxied to the primary site when working on a replique. Before, users had to change sites in order to perform changes.

GitLab modified container scanning jobs to add “any identified system dependencies to the dependency list by default”. This will help ultimate subscribers get a full understanding of their project’s dependencies. They can see the results on the Dependency List page under Security & Compliance. 

Additional security features also included

Additional security features include SAST scan execution policies to run regular SAST scans independent of the .gitlab-ci.yml file’s contents, an option to set a maximum SSH key lifetime on self-managed ultimate instances, and the ability to compose custom rulesets from multiple sources.

Though the above enhancements are only available to paying customers, GitLab 14.6 comes with an array of improvements for all users. Amongst other things, there’s an activity list for the GitLab agent that logs connections and token statuses. In addition, the jobs API now returns job failure reasonsb and webhooks trigger events when a job state changes to pending.

Administrators gained features to clean up leftover Kubernetes Runner pods and configure a GitLab CI/CD job using when as well as rules. Starting with 14.6, they can also move subgroups to a different parent via the API (before, this only worked via the UI), customise the default squash commit message, and use deploy tokens to authenticate those interacting with the Composer repository.