Update CHANGELOG-EE.md for 13.5.0-ee

[ci skip]

CHANGELOG-EE.md

 Please view this file on the master branch, on stable branches it's out of date.
+## 13.5.0 (2020-10-22)
+
+### Removed (1 change, 1 of them is from the community)
+
+- Issue 233813 - Remove confusing text and url on vulnerability finding modal. !43698 (Judith Weiss)
+
+### Fixed (43 changes, 2 of them are from the community)
+
+- Fix quick actions autocomplete in new epic form. !37099
+- Exclude bots from licensed user count. !42034
+- Allow epic tree nodes to reset correctly. !42083
+- Fix merge pre-receive errors when load balancing in use. !42435
+- This fixes an issue where the request parameters would be missing on the Value Stream Analytics page, so the charts would not reflect the filters applied. !42655
+- Fix project_ids query param for group test coverage report. !42880
+- Fix: [Geo] Blob removal doesn't work for SSF blobs. !42891
+- Remove N+1 in license scanning report comparison. !42895
+- Ignore rake task license check on geo secondaries. !42920
+- Fix the scroll position in code search results. !43083
+- Fixes a bug with merge request approval rules being changed after creation. !43209
+- Check if HEAD report is nil when diffing license_scanning reports. !43210
+- Allow access to license scan report when `read_licenses` claim is satisfied. !43222
+- Geo: Permanently enable package_file_registries field. !43245
+- Generate a link to an artifact using the path from the license scanning report. !43455
+- Fallback to matching policies on license name. !43488
+- Send only one scope query when requesting pipeline findings. !43535
+- Show that Advanced Search is disabled when searching in a specific ref. !43612
+- Add route to coverage_fuzzing_reports. !43664
+- Remove confirm email from trial form. !43683
+- Gracefully handle gitlab:elastic:reindex_cluster unique index violation. !43690
+- Hide "Create Issue" On Vulnerability Page When Issues Are Disabled. !43725 (Kev @KevSlashNull)
+- Change the instance security dashboard path as `/-/security/dashboard`. !43737
+- Fix LDAP group settings heading being shown when feature disabled. !43901
+- Handle 500 error for GraphQL "configureSast" mutation. !43936
+- Fix scoped labels padding. !44044
+- Fix console null errors in security dashboard. !44076 (Kev @KevSlashNull)
+- Load license scan data as soon as it is available. !44194
+- Fix NoMethodError when accessing protected environment for job. !44257
+- Load license scanning widget data when the `read_licenses` claim is satisfied. !44464
+- Geo: Fix single-file snippets on Geo secondaries. !44532
+- Hide issues badge when there are no issues. !44663
+- Fix issue filtering by negated epic parameter. !44719
+- Disallow guest access for group repository analytics. !44721
+- Fix swimlanes duplicate epics. !44728
+- Remove extra to from subscription expiration message. !44769
+- Load license scanning data in MR widget as soon as the data is available. !44835
+- Fix params not filtered on project approval API. !44885
+- Fix disabling options in scanner profile. !44937
+- Label filter includes labels from ancestor groups on merge request analytics page. !44987
+- Align Analytics date picker labels. !44990
+- Fix unnecessary Sidekiq errors/retries when project is deleted during indexing. !45249
+- Fix GitLab vendor name appearing accidentally in the security reports when it's the only one. !45442
+
+### Deprecated (1 change)
+
+- Migrate analytics bs-callout to gl-alert. !40788
+
+### Changed (50 changes)
+
+- Add 'All Environments' option for environment dropdown if enabled. !40531
+- Search projects by namespace from Global Security Dashboard. !41191
+- Remove `project_merge_request_analytics` feature flag. !41876
+- Add namespace column into the network policies UI. Only visible when All Environment option is set. !42125
+- Improve policy editor layout. !42424
+- Update Threat Monitoring page. !42541
+- SAST mutation now supports analyzers section. !42542
+- Move the remediated badge to the activity column. !42599
+- Search API allow group/global notes scope. !42624
+- Return max_seats_used in namespaces list API. !42644
+- Add SAST UI Config telemetry. !42720
+- Security configuration page documentation links are now always available. !42765
+- Update DAST profiles routes. !42859
+- Allowlist GitLab-owned bots for SpamActionService. !42905
+- Add default date range for audit events. !42986
+- Move created issues in the activity column. !43016
+- Add link to vulnerability from created issue. !43046
+- Improve projects table in Usage quotas page. !43080
+- Limit Project Access Tokens/Bots to paid groups in Gitlab.com. !43199
+- Update Dismiss selected button on security dashboard. !43207
+- Use gl-badge for vulnerability states. !43253
+- Improve design for vulnerability details. !43274
+- Remove code for non-versioned terraform state replication. !43341
+- Remove feedback alerts from License Compliance & Dependency List. !43371
+- Removes fallback warning for legacy deploy board labels. !43376
+- Support Group Milestones to be associated with Project Releases in API. !43385
+- Move the download test coverage button to its own section in group repositories analytics page. !43422
+- Updated license compliance policy violation indicator styling. !43447
+- Remove item when dismissed on security dashboard if it no longer matches filter. !43468
+- Make it easier to click on items for bulk dismissal selection on security dashboard. !43482
+- DAST Profiles manage button changed to default styling. !43588
+- Use similarity sort when searching projects from Security Dashboard. !43610
+- Replace remove icon with unlink. !43641
+- Geo Form - Internal URL More Info Link. !43876
+- Find or create index when Elasticsearch indexing enabled. !43912
+- Update the audit events filter to have a fallback starting date. !44005
+- Only allow multiple reviewers in paid tiers. !44097
+- Change stubbed DastSiteProfile#status for calculated status. !44133
+- Migrate compliance framework enums to a new table. !44290
+- Return more specific error message when moving issue in GraphQL API. !44296
+- Replace bootstrap alert in ee/app/views/projects/_merge_request_approvals_settings_form.html.haml. !44749
+- Add swimlanes license check. !44880
+- Add project full path to analytics project dropdown filter. !45020
+- Order cluster agents query by name. !45165
+- Truncate long file paths. !45254
+- Allows GitLab-owned service users to bypass certain spam checks. !45310
+- Display dependency version on License Compliance page. !45315
+- Allow 'allowed_to_push' to supersede code owner protected branch. !45323
+- Geo - Rename Open projects Button to Replication details. !45434
+- Update RemoveProjectFromSecurityDashboard mutation to use new Global IDs. !45500
+
+### Performance (8 changes)
+
+- Geo: Improve performance of LFS objects queries. !42423
+- Fix poor performance with global search across entire instance. !42437
+- Preload epics in GraphQL group queries using Lookahead. !42874
+- Reduce load time of large number of audit events. !43248
+- Preload parent in GraphQL epics queries using Lookahead. !43323
+- Fix N+1 cache queries for load balancing sticking. !43843
+- Improve audit events preloading logic for CSV export. !44958
+- Use Lookahead to preload tests reports when querying Requirements with GraphQL. !45195
+
+### Added (69 changes, 2 of them are from the community)
+
+- Make mapping between LDAP and Kerberos configurable. !9962 (Christopher Schenk)
+- Add usage ping for MRs with overridden project rules. !36230
+- Added a delete SSH key button to the credentials inventory pages. !41592
+- Audit failed 2-factor login attempt. !41641
+- Add API to revert vulnerability to reverted state. !41784
+- Add GraphQL API to revert vulnerabilities to detected state. !41786
+- Add ability to revert vulnerability to detected state on single vulnerability page. !41794
+- Add Agent List to Cluster List View. !42115
+- Add ability to validate sites for on-demand DAST. !42198
+- Track views of group repo analytics page in snowplow. !42376
+- Send email reminder when approaching active user limit. !42453
+- Add license encryption key for testing purposes. !42475
+- Add mutation to Confirm Vulnerability in GraphQL. !42499
+- Expose board epic user preferences in GraphQL. !42569
+- Expose analyzer configuration in SAST Configuration UI. !42593
+- Rename Active Users to Billable Users. !42638
+- Add quick select date options to audit events filter. !42711
+- Allow updating epic swimlanes collapsed status in GraphQL. !42712
+- Add 'blob:' search filter to search for a specific Git object ID. !42752
+- Show when the last update to seats usage data was in the Billing page. !42763
+- Introduce top-level `vulnerability` field for GraphQL API. !42870
+- Add `discussions` and `notes` fields for VulnerabilityType on GraphQL API. !42892
+- Count merged MRs using approval rules in usage data. !42911
+- Config to hide Open/Closed list in Boards. !42945
+- Add ability to sort vulnerabilities by detected_at. !42950
+- Enable sorting vulnerabiliies by detected date in the list view. !42952
+- Add ability to sort vulnerabilities by title in GraphQL. !42953
+- Enable sorting vulnerabiliies by title in list view. !42955
+- Add ability to sort vulnerabilities by state. !42973
+- Enable sorting vulnerabiliies by state in vulnerability list. !42974
+- Add ability to sort vulnerabilities by report type in GraphQL. !42979
+- Enable sorting vulnerabiliies by state in the list view. !42980
+- Fetch more group projects for the test coverage dropdown. !43044
+- Expose using_license_seat in users API for admins. !43057
+- Add description field to requirements model and expose it in GraphQL API. !43099
+- Add `cwe` and `Other Identifiers` columns into vulnerability export files. !43179
+- Allow created_at and updated_at to be set through Epics API. !43279 (stingrayza)
+- Support flexible rollout strategy in the API. !43340
+- Enable geo replication of versioned terraform state. !43367
+- Add feedback alert in DAST On-demand Scans. !43374
+- Provide ability to mark a requirement as Satisfied. !43583
+- Add more options in DAST On-demand Scanner Profile. !43660
+- Persist collapsed state to DB. !43681
+- Add API Fuzzing report type (backend). !43763
+- Add search autocomplete suggestions for recently viewed epics. !43964
+- Update security vulnerability modal to show fuzzing data. !43983
+- Add incident SLA to operations settings. !44099
+- Update and expose board labels trough GraphQL API. !44204
+- Add basic search for epics. !44269
+- Add header validation to DastSiteValidationWorker. !44314
+- Expose if requirement test report wasmanually created on GraphQL. !44345
+- API endpoint to return defined experiments. !44498
+- Honor all DAST Scanner Profile variables in on demand DAST Scan. !44508
+- Create pipeline status widget. !44521
+- Include additional information related from scan in issue template. !44620
+- Include pipeline artifacts size on storage usage page. !44645
+- Add REST API for listing iterations. !44685
+- Provide dependency version data for the License Compliance page. !44839
+- Add tooltip to DAST scan profiles delete button. !44876
+- Add support for providing requirement description. !44902
+- Add iteration reports in projects. !44921
+- Create SamlGroupLink table and model. !45061
+- Introduce optional Service Level Agreement (SLA) for Incidents. !45085
+- Add metric count for projects with incident sla enabled. !45092
+- Add group-level wikis. !45144
+- Enable geo replication for merge request diffs. !45224
+- Update merge requests approvers when code owners is updated. !45290
+- Add MobSF in SAST vendor template. !45291
+- Expose seats_in_use in namespace entity. !45316
+
+### Other (20 changes, 7 of them are from the community)
+
+- Replace Loading Button with Icon on All Vulnerability Lists. !41019 (Kev @KevSlashNull)
+- Replace bootstrap alert in jaeger page. !41610
+- Remove duplicate broken container scanning findings. !42609
+- Add tooltip to header for Code Owner Approval toggle in repository settings. !42725
+- Migrate Start event label dropdown. !43050
+- Use new fingerprint as default fingerprint for Container Scanning findings. !43145
+- Apply GitLab UI button styles in ee/app/views/projects/settings/ci_cd directory. !43335 (Justin Zeng @jzeng88)
+- adds the `.gl-button` class to ee/app/views/projects/settings/operations/_tracing.html.haml. !43347 (Justin Zeng @jzeng88)
+- Finish migration of Container Scanning fingerprints. !43691
+- Replace in-repo SVGs with @gitlab/svgs in Group Value Stream Analytics. !43825 (Takuya Noguchi)
+- Refactor vulnerabilities related issues component test createWrapper method to take an object instead of multiple arguments. !44035 (Kev @KevSlashNull)
+- Create tests for ee/app/assets/javascripts/security_dashboard/components/selection_summary_vuex.vue. !44213 (Kev @KevSlashNull)
+- Expose scan object in unsaved findings. !44274
+- Use the new dropdown for the split button in vulnerability management. !44399
+- Redesign solution card in vulnerability details page. !44408
+- Improve selection_summary_spec.js tests. !44506 (Kev @KevSlashNull)
+- Add metrics for tracking stale secondaries for merge requests. !44813
+- Text wrap the license name in Dependency List. !45242
+- Convert bootstrap alert to gl for project size limit. !45312
+- Remove bootstrap class in licensed user count. !45443
+
+
 ## 13.4.4 (2020-10-15)
 ### Fixed (1 change)

ee/changelogs/unreleased/16826-audit-failed-2fa.yml

----
-title: Audit failed 2-factor login attempt
-merge_request: 41641
-author:
-type: added

ee/changelogs/unreleased/205422-changing-approval-rule-target-branch-should-not-affect-existing.yml

----
-title: Fixes a bug with merge request approval rules being changed after creation
-merge_request: 43209
-author:
-type: fixed

ee/changelogs/unreleased/207888-enable-group-wikis.yml

----
-title: Add group-level wikis
-merge_request: 45144
-author:
-type: added

ee/changelogs/unreleased/208723-diff-nil-license-report.yml

----
-title: Check if HEAD report is nil when diffing license_scanning reports
-merge_request: 43210
-author:
-type: fixed

ee/changelogs/unreleased/208723-licenses-authz.yml

----
-title: Remove N+1 in license scanning report comparison
-merge_request: 42895
-author:
-type: fixed

ee/changelogs/unreleased/208723-load-license-scanning-widget-data-faster.yml

----
-title: Load license scanning data in MR widget as soon as the data is available
-merge_request: 44835
-author:
-type: fixed

ee/changelogs/unreleased/208723-load-license-url.yml

----
-title: Load license scanning widget data when the `read_licenses` claim is satisfied
-merge_request: 44464
-author:
-type: fixed

ee/changelogs/unreleased/208723-load-licenses-sooner.yml

----
-title: Load license scan data as soon as it is available
-merge_request: 44194
-author:
-type: fixed

ee/changelogs/unreleased/208723-parse-v2-1-report.yml

----
-title: Generate a link to an artifact using the path from the license scanning report
-merge_request: 43455
-author:
-type: fixed

ee/changelogs/unreleased/208723-qa-specs.yml

----
-title: Fallback to matching policies on license name
-merge_request: 43488
-author:
-type: fixed

ee/changelogs/unreleased/208723-read-licenses.yml

----
-title: Allow access to license scan report when `read_licenses` claim is satisfied.
-merge_request: 43222
-author:
-type: fixed

ee/changelogs/unreleased/210553-improve-performance-of-graphql-groupepics-query-2.yml

----
-title: Preload parent in GraphQL epics queries using Lookahead
-merge_request: 43323
-author:
-type: performance

ee/changelogs/unreleased/210553-improve-performance-of-graphql-groupepics-query.yml

----
-title: Preload epics in GraphQL group queries using Lookahead
-merge_request: 42874
-author:
-type: performance

ee/changelogs/unreleased/213039-fix-double-scope-params.yml

----
-title: Send only one scope query when requesting pipeline findings
-merge_request: 43535
-author:
-type: fixed

ee/changelogs/unreleased/213789-swap-out-license-policy-badge.yml

----
-title: Updated license compliance policy violation indicator styling
-merge_request: 43447
-author:
-type: changed

ee/changelogs/unreleased/214224_extend_vulnerability_exports.yml

----
-title: Add `cwe` and `Other Identifiers` columns into vulnerability export files
-merge_request: 43179
-author:
-type: added

ee/changelogs/unreleased/215135-refactor-group-repositories-page.yml

----
-title: Move the download test coverage button to its own section in group repositories
-  analytics page
-merge_request: 43422
-author:
-type: changed

ee/changelogs/unreleased/215209-track-group-repo-analytics-pageviews.yml

----
-title: Track views of group repo analytics page in snowplow
-merge_request: 42376
-author:
-type: added

ee/changelogs/unreleased/217530-bulk-dismissal-easier-selection.yml

----
-title: Make it easier to click on items for bulk dismissal selection on security dashboard
-merge_request: 43482
-author:
-type: changed