Deprecations and Removals by Version in Software Development

Understanding Deprecation Policies in Software Products

As software products evolve, developers and product teams must make decisions about which features, APIs, and functionalities to maintain, update, or retire. Deprecation is the process of marking a feature or functionality as outdated, with the intention of removing or replacing it in a future release.

Deprecation serves several important purposes in software development:

1. Improving Security and Stability: Older, outdated features can introduce security vulnerabilities or become difficult to maintain, so deprecation helps prioritize resources toward more secure and reliable components.

2. Streamlining the Codebase: Removing deprecated features reduces technical debt and makes the codebase easier to understand, test, and evolve over time.

3. Driving Adoption of New Functionality: Deprecation encourages users to migrate to newer, more feature-rich replacements, ensuring the product can continue innovating and meeting evolving user needs.

4. Providing Advance Notice: By announcing deprecations well in advance, software vendors give users time to plan for and adapt to the changes, minimizing disruptions.

GitLab’s Approach to Deprecations and Removals

GitLab is a leading DevOps platform that offers a comprehensive suite of tools for software development, deployment, and security. As GitLab has grown and expanded its capabilities, the engineering team has had to make careful decisions about which features to deprecate and remove over time.

GitLab follows a structured approach to deprecations, with a few key principles:

1. Advance Notice: GitLab provides advance notice of at least one major release (typically 3-6 months) before removing a deprecated feature. This allows users time to migrate to alternatives.

2. Deprecation Documentation: GitLab thoroughly documents each deprecation, including the rationale, timeline, and migration guidance. This information is published in the GitLab Docs and linked from the relevant deprecation issues.

3. Gradual Transition: GitLab often introduces new functionality as an opt-in or parallel feature before deprecating the older approach. This gradual transition helps users adapt to the changes.

4. Consistency and Standardization: GitLab aims to apply a consistent deprecation policy across its various components, APIs, and integrations to ensure a predictable experience for users.

Upcoming Deprecations and Removals in GitLab

Let’s take a closer look at some of the key deprecations and removals that are scheduled in upcoming GitLab releases:

GitLab 20.0

Deprecation: GitLab Runner Docker Machine Executor
– The GitLab Runner Docker Machine executor is being deprecated and will be fully removed in GitLab 20.0.
– This executor has been replaced by the GitLab Runner Autoscaler with plugins for cloud providers like AWS, GCP, and Azure.
– Users are advised to migrate to the new Autoscaler functionality before the removal.

GitLab 19.0

Deprecation: Running a Single Database
– GitLab 19.0 will require a separate database for CI features, in addition to the main GitLab database.
– This change provides additional scalability for large GitLab instances like GitLab.com.
– Users must migrate to two databases before upgrading to GitLab 19.0.

Deprecation: Self-Managed Certificate-Based Integration with Kubernetes
– The certificate-based integration with Kubernetes will be deprecated and removed in GitLab 19.0.
– GitLab recommends using the agent for Kubernetes to connect Kubernetes clusters instead, which provides a more robust and secure integration.

GitLab 18.0

Deprecation: Behavior Change for Protected Variables and Multi-Project Pipelines
– In GitLab 18.0, the behavior for forwarding protected variables in multi-project pipelines will be updated to ensure they are only passed in specific situations.
– Users must update their pipeline configurations to conform to the new rules.

Deprecation: CodeClimate-Based Code Quality Scanning
– GitLab 18.0 will remove the CodeClimate-based Code Quality scanning feature.
– Users can continue to import quality results as artifacts or use the new directions being considered for Code Quality.

Deprecation: Compliance Pipelines
– Compliance pipelines are being deprecated in GitLab 17.3 and will be removed in GitLab 18.0.
– Users should migrate to the new pipeline execution policy type instead.

Deprecation: Default CI/CD Job Token (CI_JOB_TOKEN) Scope Changed
– GitLab 18.0 will enforce the usage of the “Authorized groups and projects allowlist” setting for CI/CD job token access.
– Users must update their projects to use this new setting and add any required projects to the allowlist.

GitLab 17.0

Deprecation: Old Versions of JSON Web Tokens (JWTs)
– GitLab 17.0 will completely remove support for the old CI_JOB_JWT, CI_JOB_JWT_V1, and CI_JOB_JWT_V2 tokens.
– Users must migrate to the newer ID tokens introduced in GitLab 15.7, which are more secure and OIDC-compliant.

Deprecation: Windows CMD in GitLab Runner
– Support for the Windows Batch (CMD) shell in GitLab Runner will be fully removed in GitLab 17.0.
– Users must switch to using PowerShell when running the GitLab Runner on Windows.

Deprecation: Grype Scanner for Container Scanning
– Support for the Grype scanner in the GitLab Container Scanning analyzer is deprecated and will be removed in GitLab 17.0.
– Users are advised to use the default Trivy scanner instead.

Deprecation: SAST Analyzer Coverage Changes
– GitLab 17.0 will remove several SAST analyzers from the default CI/CD template, including Brakeman, Flawfinder, MobSF, NodeJS Scan, and PHPCS Security Audit.
– These analyzers will be replaced by GitLab-supported detection rules in the Semgrep-based analyzer.

GitLab 16.0

Deprecation: Auto DevOps No Longer Provisions a PostgreSQL Database by Default
– In GitLab 16.0, Auto DevOps will no longer provision an in-cluster PostgreSQL database by default.
– Users who want Auto DevOps to provision a database must set the POSTGRES_ENABLED variable to true.

Deprecation: Azure Storage Driver Defaults to the Correct Root Prefix
– The container registry’s Azure Storage Driver will default to using the correct root prefix (/) instead of the legacy // prefix.
– Users can add trimlegacyrootprefix: false to their configuration to maintain the old behavior.

Deprecation: Bundled Grafana Helm Chart
– The Grafana Helm chart bundled with the GitLab Helm Chart is deprecated and will be removed in GitLab 16.0.
– Users must migrate to a newer Grafana chart from Grafana Labs or a Grafana Operator.

Deprecation: CAS OmniAuth Provider
– The omniauth-cas3 gem providing the CAS OmniAuth provider will be removed in GitLab 16.0.
– Users must migrate to a different OmniAuth provider.

Deprecation: Container Scanning Variables Referencing Docker
– All Container Scanning variables prefixed with DOCKER_ are deprecated and will be removed in GitLab 16.0.
– Users must update their variables to use the new CS_ prefixed names.

Deprecation: Default CI/CD Job Token (CI_JOB_TOKEN) Scope Changed
– GitLab 16.0 will disable the deprecated “Limit CI_JOB_TOKEN access” setting by default for new projects.
– Users must update their projects to use the new “Authorized groups and projects allowlist” setting.

Deprecation: Dependency Scanning Support for Java 13, 14, 15, and 16
– GitLab 16.0 will remove Dependency Scanning support for Java versions 13, 14, 15, and 16.
– Users are advised to upgrade to Java 17, which is the new default.

Deprecation: GitLab.com Importer
– The GitLab.com importer, available only on self-managed instances, is deprecated and will be removed in GitLab 16.0.
– Users should use the group and project migration functionality instead.

Deprecation: HashiCorp Vault Integration Using CI_JOB_JWT
– The native HashiCorp Vault integration will no longer use the CI_JOB_JWT token by default in GitLab 16.0.
– Users must configure the integration to use ID tokens instead.

Deprecation: Heroku Image Upgrade in Auto DevOps Build
– The auto-build-image project in Auto DevOps will upgrade from the heroku/builder:20 image to heroku/builder:22 in GitLab 17.0.
– Users can set the AUTO_DEVOPS_BUILD_IMAGE_CNB_BUILDER variable to use the older image if needed.

Deprecation: Legacy Gitaly Configuration Methods
– Using environment variables like GIT_CONFIG_SYSTEM and GIT_CONFIG_GLOBAL to configure Gitaly is deprecated.
– Users must switch to configuring Gitaly directly through the config.toml file.

Deprecation: Legacy Praefect Configuration Method
– The previous scattered configuration of Praefect is deprecated, and users must switch to the new single configuration structure.

Deprecation: Offset Pagination for /users REST API Endpoint
– Offset pagination for the /users REST API endpoint is deprecated in favor of keyset pagination.

Deprecation: PostgreSQL 13 No Longer Supported
– GitLab 16.0 will remove support for PostgreSQL 13, making PostgreSQL 14 the new minimum required version.

Deprecation: Proxy-Based DAST
– Proxy-based DAST will no longer be supported in GitLab 17.0, and users must migrate to Browser-Based DAST.

Deprecation: Queue Selector for Running Sidekiq
– The queue selector functionality for running Sidekiq is deprecated and will be fully removed in GitLab 17.0.

Deprecation: Required Pipeline Configuration
– The required pipeline configuration feature will be removed in GitLab 17.0.
– Users should replace it with security policies or compliance pipelines.

Deprecation: SAST Analyzer Coverage Changes
– GitLab 16.0 will remove the Security Code Scan-based analyzer for .NET from the SAST CI/CD template.
– It will be replaced by GitLab-supported detection rules in the Semgrep-based analyzer.

Deprecation: Secure Analyzers Major Version Update
– The major versions of several Secure stage analyzers will be bumped in GitLab 16.0, including Container Scanning, Dependency Scanning, DAST, Secret Detection, and SAST.
– Users must update their CI/CD job definitions to use the new major versions.

GitLab 15.0

Deprecation: Audit Events for Repository Push Events
– Audit events for repository push events are being deprecated and will be removed in GitLab 15.0.
– These events can generate too many events and significantly slow down GitLab instances.

Deprecation: Background Upload for Object Storage
– Support for using background_upload to upload files to object storage is deprecated and will be fully removed in GitLab 15.0.
– Users must migrate to using the S3 API or another supported provider.

Deprecation: CI/CD Job Name Length Limit
– GitLab 15.0 will limit CI/CD job names to 255 characters.
– Pipelines with job names exceeding this limit will stop working.

Deprecation: Changing an Instance (Shared) Runner to a Project (Specific) Runner
– In GitLab 15.0, you can no longer change an instance (shared) runner to a project (specific) runner.

Deprecation: Container Network and Host Security
– All functionality related to Container Network Security and Container Host Security is deprecated and will be removed in GitLab 15.0.
– Users are encouraged to evaluate open-source alternatives like AppArmor, Cilium, Falco, FluentD, and Pod Security Policies.

Deprecation: Dependency Scanning Support for Python 3.9 and 3.6 Images
– GitLab 15.0 will deprecate the default Dependency Scanning images for Python 3.6 and 3.9.
– Users must switch to the new default Python 3.9 image or use a custom image for Python 3.6.

Deprecation: Dependency Scanning Java Version Changed to 17
– The default Java version for Dependency Scanning will be updated from 11 to 17 in GitLab 15.0.
– Users must set the DS_Java_Version variable if their project uses Java 11.

Deprecation: Elasticsearch 6.8
– Elasticsearch 6.8 is deprecated in GitLab 14.8 and will be removed in GitLab 15.0.
– Users must upgrade their Elasticsearch version to 7.x before upgrading to GitLab 15.0.

Deprecation: External Status Check API Breaking Changes
– The external status check API will no longer support “pass-by-default” requests, and status checks will only be updated to a passing state if the status field is explicitly set to passed.

Deprecation: GitLab Serverless
– The GitLab Serverless feature set, which supported Knative-based serverless development, is being removed in GitLab 15.0.

Deprecation: Non-Expiring Access Tokens
– GitLab 15.0 will automatically set a one-year expiration date on any personal, project, or group access tokens that do not have an expiration date.

Deprecation: Non-Standard Default Redis Ports
– GitLab will no longer assume non-standard Redis ports (6380, 6381, 6382) by default. The default port will be 6379.

Deprecation: PostgreSQL 12 Deprecated
– Support for PostgreSQL 12 will be removed in GitLab 16.0, with PostgreSQL 13 becoming the new minimum required version.

Deprecation: SAST Analyzer Consolidation and CI/CD Template Changes
– GitLab 15.4 will remove several SAST analyzers from the default CI/CD template, including ESLint, Gosec, and Bandit.
– These will be replaced by the Semgrep-based analyzer.

This is a comprehensive overview of the key deprecations and removals planned for upcoming GitLab releases. As an experienced IT professional, you should closely monitor the GitLab Docs and release notes to stay up-to-date on the latest changes and ensure a smooth transition for your GitLab-based projects and workflows.