2026-04-16 00:00
🚀 AI is reshaping application security with GitLab's new Agentic SAST Vulnerability Resolution. This tool automatically generates ready-to-merge code fixes for SAST vulnerabilities, helping developers stay productive and reducing the burden on AppSec teams. 🔍 GitLab 18.11 enhances SAST scanning speed and governance, ensuring vulnerabilities are addressed efficiently before reaching production. 📊 The update includes risk-based prioritization, using CVSS 4.0 to reflect real-world...
Source: GitLab Blog
Alisa Ho
2026-04-16 00:00
🚀 GitLab 18.11 introduces two new AI agents on the Duo Agent Platform: 1️⃣ **CI Expert Agent** (in beta) helps streamline the path from writing code to running it in a pipeline, making setup faster and easier. 2️⃣ **Data Analyst Agent** (now available) provides instant answers to questions about merge requests, pipeline performance, and deployment targets using simple language. These tools enhance development efficiency by providing context-aware insights directly within GitLab. Learn more...
Source: GitLab Blog
Corinne Dent
2026-04-16 00:00
🚀 Exciting news for GitLab users! Claude Opus 4.7 is now integrated into the GitLab Duo Agent Platform. This update enhances agent performance across the software delivery lifecycle, improving efficiency in tasks like CI/CD, code review, and vulnerability resolution. Key features include better instruction interpretation and the ability to verify outputs, resulting in smoother workflows and reduced errors. Start your free trial today! 💻✨ #GitLab #Opus4.7 #SoftwareDevelopment #AI #TechUpdate
Source: GitLab Blog
Rebecca Carter
2026-04-16 00:00
🚀 GitLab 18.11 introduces budget guardrails for GitLab Credits, enhancing control over AI spending. Key features include: - **Subscription-level caps**: Set a monthly limit on credits for your entire team. 📊 - **Per-user credit limits**: Prevent overuse by individual users with customizable caps. 👥 - **Visibility and notifications**: Stay informed about credit usage and cap status. 📧 These tools aim to promote predictable spending and support AI adoption in organizations. #GitLab #AI...
Source: GitLab Blog
Bryan Rothwell
2026-04-15 00:00
🚀 GitLab 19.0 is set to launch with 15 breaking changes. Key deployment windows are: - GitLab.com: May 4-6 & May 11-13, 2026 - Self-Managed: Available from May 21, 2026 High-impact changes include the shift from NGINX Ingress to Gateway API with Envoy Gateway and removal of bundled PostgreSQL, Redis, and MinIO. For detailed mitigation steps, refer to the breaking changes documentation. 📅🔧 #GitLab #SoftwareUpdates #DevOps #TechNews
Source: GitLab Blog
Martin Brümmer
2026-04-14 00:00
🚀 GitLab Duo Agent Platform is transforming software development by integrating agentic AI into every phase of the software lifecycle. This platform collaborates with Vertex AI on Google Cloud, enabling automated orchestration and context management for software teams. With advanced AI capabilities, GitLab users can streamline workflows, enhance security, and improve project management. Experience the future of DevSecOps with GitLab and Vertex AI. #GitLab #VertexAI #DevSecOps...
Source: GitLab Blog
Rajesh Agadi
2026-04-13 00:00
🚀 GitLab has been recognized as a Leader in the 2026 Omdia Universe for AI-assisted Software Development! The independent evaluation highlighted GitLab's top scores in Solution Breadth (100%), Strategy and Innovation (88%), and Core Features (82%). This year, Omdia expanded its criteria to assess full software lifecycle capabilities, reflecting the evolving role of AI in development. With a focus on not just coding but also testing, security, and deployment, GitLab stands out among its peers....
Source: GitLab Blog
Rebecca Carter
2026-04-09 00:00
Unlock the potential of GitLab's pipeline logic! 🚀 This article explores 5 key ways GitLab addresses complex engineering challenges with its CI/CD model. From managing monorepos with parent-child pipelines to ensuring cross-repo integration in microservices, each solution is designed for real-world scenarios. Key features include: - **DAG Execution** for efficient builds - **Dynamic Child Pipelines** for scalable deployments - **Merge Request Pipelines** ensuring accurate testing before...
Source: GitLab Blog
Omid Khan
2026-04-07 00:00
🚀 GitLab Duo CLI is now in public beta, designed to enhance the software development lifecycle. It combines agentic AI with automated workflows and an interactive chat mode for when human oversight is needed. This tool operates in two modes: Interactive mode for user engagement, and Headless mode for automation without supervision. Security features include human approval for actions, built-in prompt injection detection, and limited access for agents. Try GitLab Duo CLI today to optimize your...
Source: GitLab Blog
John Coghlan
2026-04-07 00:00
🚨 In March 2026, multiple supply chain attacks targeted CI/CD pipelines, affecting several tools like Trivy, Checkmarx KICS, LiteLLM, and axios. The attackers exploited compromised credentials to infiltrate and manipulate these widely used systems. Key vulnerabilities included poisoned tools, packaging misconfigurations, and issues with transitive dependencies. GitLab's Pipeline Execution Policies are recommended to enhance security and prevent similar incidents by enforcing mandatory checks...
Source: GitLab Blog
Grant Hickman
2026-04-07 00:00
Streamline your test management with the new SmartBear QMetry GitLab component! 🚀 This integration automates the upload of test results from your GitLab CI/CD pipeline to QMetry, reducing manual effort and ensuring up-to-date data across teams. Key benefits include: - Elimination of manual uploads - Complete traceability for compliance - Accelerated feedback loops for faster decisions Learn how to set up and optimize your test management process! 📊🔍 #DevSecOps #TestManagement #GitLab #QMetry...
Source: GitLab Blog
Matt Bonner
2026-03-31 00:00
🚨 Important updates for users of packages.gitlab.com! 🚨 GitLab is migrating to a new package hosting system. The base domain remains the same, but URL formats, GPG key locations, and network requirements are changing. 🔹 Existing configurations will work until September 30, 2026, with a transition period in place. 🔹 Key actions include updating repository configurations and GPG key references. For a smooth transition, please review the updated installation documentation and make necessary...
Source: GitLab Blog
Denis Afonso
2026-03-26 00:00
🚀 **Discover the power of GitLab feature flags!** Feature flags allow developers to deploy code without immediate visibility to all users. This tutorial guides you through integrating GitLab feature flags with a Python Flask app using the Unleash SDK. 🔧 Start by setting up your GitLab project and cloning the demo repository. Follow clear steps to create and manage feature flags, enabling gradual rollouts and real-time control of application behavior. No need for redeployment if issues...
Source: GitLab Blog
Omid Khan
2026-03-25 00:00
🚨 Managing security vulnerabilities just got easier! GitLab introduces auto-dismiss policies to streamline your vulnerability triage process. These policies allow security teams to automatically dismiss irrelevant findings, reducing alert fatigue and improving efficiency. You can set criteria based on file paths, directories, or vulnerability identifiers. 🔍 By implementing these policies, teams can eliminate noise, enforce decisions at scale, and maintain transparency in their reports. Ready...
Source: GitLab Blog
Grant Hickman
2026-03-23 00:00
📢 Exciting updates for GitLab users! With GitLab 18.10, the Agile planning experience is enhanced through the new work items list and saved views. This upgrade consolidates all work item types—epics, issues, and more—into one unified list, streamlining workflows. Saved views allow users to customize and save list configurations for efficient access. These changes aim to improve consistency and standardize reporting across teams. Stay tuned for more features that will further enhance your...
Source: GitLab Blog
Matthew Macfarlane
2026-03-19 00:00
🚀 Code reviews are slowing down software delivery, with wait times increasing by 91% as developers use AI tools. Many AI review options come with high costs, making teams selective. However, GitLab's Code Review Flow offers a flat rate of $0.25 per review, enabling all merge requests to be processed efficiently. This tool automates the review process, saving time and significantly reducing costs—up to 99%. It allows for consistent review standards across projects, helping teams focus on...
Source: GitLab Blog
Karishma Kumar
2026-03-19 00:00
🚀 Developers are moving faster with AI, but code review bottlenecks persist. GitLab addresses this challenge with Code Review Flow, an AI tool that automates the review of merge requests. 🔍 This feature analyzes code in real-time, providing consistent feedback without delays. It runs multiple reviews simultaneously, ensuring organization-wide standards are met. 💲 With a flat-rate pricing model, each review costs just $0.25, making it easier to manage budgets and scale reviews efficiently....
Source: GitLab Blog
Karishma Kumar
2026-03-19 00:00
🚀 GitLab 18.10 has launched with new AI-driven security features to enhance vulnerability management. The update includes Static Application Security Testing (SAST) false positive detection, which helps teams prioritize critical vulnerabilities by assessing the likelihood of false positives. Additionally, the Agentic SAST resolution flow can automatically create merge requests for verified vulnerabilities, streamlining the remediation process. Secret false positive detection is also...
Source: GitLab Blog
Alisa Ho
2026-03-19 00:00
🚀 GitLab 18.10 introduces a new way for Free GitLab.com teams to access Agentic AI without needing a full subscription. Starting today, teams can purchase GitLab Credits monthly, enabling immediate use of the GitLab Duo Agent Platform. This allows for streamlined software development tasks like planning, code generation, and automated code review. With features like the Planner Agent and Code Review Flow, teams can enhance productivity and reduce manual effort. Learn more about how to get...
Source: GitLab Blog
Talia Armato-Helle
2026-03-12 00:00
Streamline your container image management with GitLab's Container Virtual Registry! 🐳 This solution acts as a pull-through cache for multiple registries like Docker Hub and dhi.io, allowing teams to pull images from a single endpoint. It simplifies authentication and reduces build times by caching images after the first pull. The article details how to set it up for Docker Hardened Images, addressing security and operational challenges. #GitLab #ContainerRegistry #DevOps #Docker #HardenedImages
Source: GitLab Blog
Tim Rizzi
2026-03-10 00:00
🚨 After an incident, security teams often ask, "What did we miss?" GitLab addresses this with the Duo Agent Platform, automating detection gap analysis. 🔍 The platform features two AI agents: the Security Analyst Agent for quick assessments and the custom Detection Engineering Assistant tailored to your environment. 📈 This automation enhances consistency and efficiency in identifying detection gaps, ultimately improving security operations. Learn more about how GitLab is transforming incident...
Source: GitLab Blog
Matt Coons
2026-03-09 00:00
🚀 GitLab 18.9 introduces the file tree browser, enhancing navigation within repositories. This feature adds a collapsible panel to keep your project structure visible while you read code, reducing the need for backtracking. You can filter files quickly, navigate with keyboard shortcuts, and enjoy a responsive design across devices. Explore this tool today to streamline your workflow! #GitLab #FileTreeBrowser #CodeNavigation #DevTools #SoftwareDevelopment
Source: GitLab Blog
Talia Armato-Helle
2026-03-05 00:00
🚀 GitLab’s Container Scanning Guide outlines essential strategies to identify vulnerabilities in container images throughout their lifecycle. 🛡️ It emphasizes the importance of early detection to mitigate risks before deployment and highlights five scanning methods: Pipeline-based, Registry, Multi-Container, Continuous Vulnerability, and Operational Scanning. 🔍 Each method is designed for specific needs, ensuring comprehensive security from development to production. For more insights, visit...
Source: GitLab Blog
Fernando Diaz
2026-03-05 00:00
🚀 Managing software development involves juggling various tools like Jira, GitLab, and IDEs. GitLab Duo Agent Platform now supports MCP, allowing seamless integration with Jira. 🔑 This tutorial covers setting up Jira OAuth for secure access, configuring GitLab as an MCP client, and practical use cases. You'll learn how to query issues, update tickets, and manage workflows directly within your IDE. 💡 Key points include: - Secure authentication with OAuth 2.0 - Real-world workflows to...
Source: GitLab Blog
Albert Rabassa
2026-03-04 00:00
🚀 AI-assisted coding tools are transforming software delivery, but coding is just 20% of the process. The remaining 80% often slows teams down due to issues like code review backlogs and security scanning delays. Here are 10 AI prompts from GitLab to streamline the software lifecycle. They address challenges in code review, security, documentation, and planning, ensuring that improvements in individual productivity translate to team efficiency. Explore how AI can enhance your workflow and...
Source: GitLab Blog
Chandler Gibbons
2026-03-04 00:00
🚀 GitLab's Security Compliance team recognized that existing security control frameworks didn't meet their unique needs. They created the GitLab Control Framework (GCF) to better align with their multi-product environment. Through five detailed steps, they tailored controls to focus on quality over quantity, ensuring compliance with various certifications. This custom framework allows for effective management and scaling across products, enhancing audit efficiency and reducing stakeholder...
Source: GitLab Blog
Davoud Tu
2026-02-27 00:00
Anthropic's new AI system, Claude Code Security, detects vulnerabilities and suggests fixes, raising concerns over the future of traditional AppSec tools. 📉 Organizations are now focused on critical questions about safety, evolving risks, and governance of AI-generated code. GitLab is positioned as the solution, providing necessary visibility and control throughout the software lifecycle. 🔍 Effective governance is essential, as AI cannot enforce policies alone. Trust in AI-driven development...
Source: GitLab Blog
Omer Azaria
2026-02-26 00:00
🚀 The GitLab Duo Agent Platform is transforming software development by integrating AI models like Anthropic's Claude into existing workflows. This platform addresses the challenges of maintaining velocity while ensuring code quality and security. External agents can autonomously handle tasks, from generating full-stack applications to performing thorough code reviews. Real-world use cases show how these agents streamline processes, reduce repetitive work, and enhance collaboration within the...
Source: GitLab Blog
Cesar Saavedra
2026-02-26 00:00
🚀 Exciting news for Managed Service Providers (MSPs)! GitLab has launched the Managed Service Provider (MSP) Partner Program, designed to enable MSPs to offer GitLab as a fully managed service. This program provides partners with clear requirements, structured support, and financial benefits, empowering them to support organizations in their DevSecOps journey. Partners can earn margins on transactions, access technical bootcamps, and receive go-to-market support. Customers benefit from a...
Source: GitLab Blog
Karishma Kumar
2026-02-26 00:00
🚀 Learn how to deploy AI agents using Google Cloud's Agent Engine and GitLab! This tutorial guides you through configuring IAM, setting up CI/CD pipelines, and testing your agent. Agent Engine simplifies deployment by managing infrastructure, scaling, and integrations. Key benefits of using GitLab include automated security scans, native Google Cloud integration, and streamlined CI/CD processes. Ready to get started? Check out the full tutorial! #GoogleCloud #GitLab #AIAgents #DevOps...
Source: GitLab Blog
Regnard Raquedan
2026-02-25 00:00
🚀 GitLab introduces two new beta features aimed at enhancing CI/CD efficiency. 🔍 The CI/CD Job Performance Metrics provide insights into job durations and failure rates, helping teams identify bottlenecks directly in the analytics page. 📦 The Container Virtual Registry simplifies pulling images from multiple registries with built-in caching, reducing operational overhead. Both features are designed for user feedback to improve future updates. #GitLab #DevOps #CICD #SoftwareDevelopment...
Source: GitLab Blog
Talia Armato-Helle
2026-02-25 00:00
🚀 Passkeys are now live on GitLab! These provide a secure way to access your account through passwordless sign-in and phishing-resistant two-factor authentication (2FA). You can authenticate using your device's fingerprint, face recognition, or PIN. To set up, visit your profile settings under Account > Manage authentication. Passkeys utilize WebAuthn technology, ensuring your private key remains secure on your device. They're compatible with major browsers and mobile devices, enhancing...
Source: GitLab Blog
GitLab
2026-02-24 00:00
🔒 GitLab has extended the expiration of its GPG key used for signing repository metadata from Feb. 27, 2026, to Feb. 6, 2028. This decision aligns with GitLab's security policies and aims to reduce disruptions for users. If you configured GitLab before Feb. 17, 2026, check the official documentation to update your key. New users should follow the installation guide without any additional steps. For more details, visit the Omnibus documentation or download the public key directly from...
Source: GitLab Blog
Denis Afonso
2026-02-20 00:00
🚀 GitLab has extended the expiration of its Omnibus package signing key to February 16, 2028. This key ensures the integrity of packages created within CI pipelines. 🔑 Users are advised to update their copy of the package signing key if they validate signatures. No action is needed if you simply install Omnibus packages. For more details on verification, check the Omnibus documentation or download the key directly from GitLab. #GitLab #Omnibus #Cybersecurity #PackageManagement #GPG
Source: GitLab Blog
Pratik Singh
2026-02-19 00:00
🚀 GitLab 18.9 introduces new features for regulated industries, enhancing the Duo Agent Platform. Organizations can now run self-hosted models on online cloud licenses, ensuring data residency and control. This update includes a usage-based billing model for transparency and accurate chargeback. Additionally, the "Bring Your Own Model" feature allows integration of third-party or self-hosted models, providing governance and flexibility. Explore how these capabilities support AI adoption in...
Source: GitLab Blog
Rebecca Carter
2026-02-19 00:00
📊 GitLab's Threat Intelligence Team has published insights on North Korean threat actors involved in "Contagious Interview" campaigns. These actors pose as recruiters to lure software developers into executing malicious code, facilitating credential theft and device control. In 2025, GitLab banned 131 accounts linked to these activities. The report includes case studies on synthetic identity creation and financial records tied to IT worker cells. Over 600 indicators of compromise are shared...
Source: GitLab Blog
Oliver Smith
2026-02-19 00:00
🚀 The updated GitLab Security Dashboard enhances how security teams and developers manage vulnerabilities. It offers features like trend tracking, vulnerability age distribution, and risk scoring to help prioritize remediation efforts effectively. With new filters and charts, teams can visualize critical data, focusing on the most significant risks. This tool simplifies tracking program effectiveness and reduces manual reporting for better insights. Explore how GitLab is making security...
Source: GitLab Blog
Mike Clausen
2026-02-18 00:00
🚀 GitLab is enhancing its commitment to reliability with a 99.9% availability SLA for Ultimate customers on GitLab.com and GitLab Dedicated. If availability drops below this threshold, eligible customers can receive service credits toward future invoices. This ensures your DevSecOps workflows remain uninterrupted. 🛠️ Key services covered include: - Issues and merge requests - Git operations - Container and Package Registry operations - API requests For service credits, submit a request within...
Source: GitLab Blog
Lyle Kozloff
2026-02-17 00:00
🚀 GitLab introduces Claude Opus 4.6, Anthropic's latest model, in the Duo Agent Platform. This model enhances agentic development with advanced capabilities for tackling complex tasks. 🛠️ With a 1 million token context window, it efficiently processes entire codebases and extensive documentation in a single interaction. 🧠 Claude Opus 4.6 is designed for deep reasoning, adaptive thinking, and multi-agent orchestration. Explore this new feature within the model selector on GitLab.com! #GitLab...
Source: GitLab Blog
Stuart Moncada
2026-02-10 00:00
🚀 Exciting news from GitLab! They have partnered with Oracle Cloud Infrastructure (OCI) and Data Intensity to offer DevSecOps-as-a-Service. This managed service combines the control of GitLab Self-Managed with the ease of a fully managed platform. Key features include: - Standalone GitLab instance on OCI - 24/7 support and monitoring - Automated backups and disaster recovery With OCI, organizations can reduce infrastructure costs by 40-50%. For more information, visit Data Intensity’s...
Source: GitLab Blog
Ryan Palmaro