GitLab and Vertex AI on Google Cloud: Advancing Agentic Software Development
GitLab has made its Duo Agent Platform generally available and integrated it with Google Cloud’s Vertex AI, creating an AI‑driven orchestration layer that spans the entire software development lifecycle. The partnership lets developers invoke specialized agents for planning, coding, security triage and delivery while leveraging Vertex AI’s expanding model garden and long‑context capabilities. Customers can deploy the platform on Google Cloud or on‑premises with a bring‑your‑own‑model option, preserving governance and cost controls. The combined solution promises faster, more secure releases by keeping AI inference within a single, governed system of record.
GitLab Named a 2026 Omdia Universe Leader
GitLab has been named a Leader in the 2026 Omdia Universe for AI‑assisted software development, topping the IDE‑based tools category. The vendor earned best‑in‑class scores in Solution Breadth (100%), Strategy and Innovation (88%) and Core Features (82%), with strong marks...
GitLab Duo CLI: Agentic AI for the Development Lifecycle, Now in the Terminal
GitLab has launched the Duo CLI in public beta, extending its AI‑driven Duo Agent Platform to the terminal. The tool offers two operating modes—a chat‑based interactive mode and a headless mode for scripts and CI/CD pipelines. It integrates security guardrails...
Pipeline Security Lessons From March Supply Chain Incidents
Between March 19 and March 31, 2026, the TeamPCP threat group executed four supply‑chain attacks that compromised the open‑source scanner Trivy, the IaC scanner Checkmarx KICS, the AI model gateway LiteLLM, and the JavaScript client axios. Each breach leveraged malicious...
Changes to packages.gitlab.com: What You Need to Know
GitLab is completing a migration of its packages.gitlab.com infrastructure to a new hosting system, keeping the same domain but changing URL structures, GPG key locations, and network endpoints. The legacy PackageCloud UI will be retired on March 31, 2026, and...
Manage Vulnerability Noise at Scale with Auto-Dismiss Policies
GitLab has launched auto‑dismiss vulnerability policies that let security teams codify triage rules and apply them automatically on every default‑branch pipeline. By matching on file paths, directories or vulnerability identifiers (CVE/CWE), the system can dismiss up to 1,000 findings per...
Agentic Code Reviews for $0.25 Each
GitLab Duo Agent Platform’s Code Review Flow introduces an agentic AI reviewer priced at a flat $0.25 per merge request, tackling the growing code‑review bottleneck that has surged 91% on AI‑assisted teams. Engineers now wait a median 13 hours for PR...
GitLab 18.10: Agentic AI Now Open to Even More Teams on GitLab
GitLab 18.10 introduces a usage‑based credit model that lets free GitLab.com teams purchase monthly GitLab Credits to unlock the Duo Agent Platform without upgrading their subscription. The shared credit pool grants all members access to AI agents for planning, code...
GitLab 18.10 Brings AI-Native Triage and Remediation
GitLab 18.10 adds AI‑driven security features that cut vulnerability triage time and automate remediation. The release ships generally available SAST false‑positive detection, beta agentic SAST vulnerability resolution, and beta secret false‑positive detection, all powered by the GitLab Duo Agent Platform....
Code Review without the Bottlenecks or the Bill
GitLab introduced Code Review Flow, an AI‑driven automated code review feature within its Duo Agent Platform. The service scans merge requests, incorporates repository context, security findings and compliance rules, and delivers structured inline feedback. It can run hundreds of reviews...
How to Use GitLab Container Virtual Registry with Docker Hardened Images
GitLab’s Container Virtual Registry acts as a pull‑through cache for Docker Hub, Docker Hardened Images (dhi.io), Microsoft Container Registry, Quay and internal registries. It consolidates authentication to GitLab, caches images on the first pull and serves subsequent pulls locally, cutting...
Secure and Fast Deployments to Google Agent Engine with GitLab
The tutorial shows how to deploy a Google Agent Development Kit (ADK) AI agent to Google Cloud's Agent Engine using GitLab’s native Google Cloud integration and CI/CD pipelines. It walks through configuring IAM with Workload Identity Federation, creating a .gitlab-ci.yml...
New GitLab Metrics and Registry Features Help Reduce CI/CD Bottlenecks
GitLab announced two beta features aimed at easing CI/CD bottlenecks: job‑level performance metrics and a Container Virtual Registry. The job metrics panel, available to Premium and Ultimate customers, displays median and 95th‑percentile durations, failure rates, and sortable tables directly in...
Agentic SDLC: GitLab and TCS Deliver Intelligent Orchestration Across the Enterprise
GitLab and Tata Consultancy Services (TCS) have teamed up to deliver an Intelligent Orchestration layer that embeds AI agents into the full software development lifecycle. The partnership leverages GitLab’s Duo Agent Platform and a TCS Center of Excellence to standardize...
GitLab Extends Omnibus Package Signing Key Expiration to 2028
GitLab announced that the GPG key used to sign its Omnibus packages will now expire on February 16, 2028, extending the previous 2026 deadline. The key, which authenticates package integrity across CI pipelines, remains separate from repository metadata signing keys...
