Stay updated with our latest features and improvements.
Compliance frameworks gain custom requirements and controls, while Eclipse IDE support and protected packages expand platform capabilities.
Governance transformation and platform breadth
GitLab 17.11 transforms compliance frameworks from simple project labels into comprehensive governance systems with custom requirements and controls. The Eclipse IDE plugin launch, continued Self-Hosted feature expansion, and protected container tags demonstrate GitLab's investment across governance, AI accessibility, and supply chain security.
Define specific requirements and compliance controls within compliance frameworks, transforming them from simple project labels into actionable governance tools. Organizations can:
Map requirements to regulatory standards like SOC 2, ISO 27001, HIPAA, or custom internal standards.
Track compliance status to monitor which projects meet specific control requirements.
Demonstrate audit readiness with structured, reportable compliance data.
Customize enforcement by applying different requirements based on project risk levels.
Extend GitLab Duo features directly into Eclipse IDE with the new GitLab Eclipse plugin now available in the Eclipse Marketplace. This integration provides:
Seamless access to Duo Chat and AI-powered Code Suggestions in Eclipse
Unified AI assistance across VS Code, JetBrains, and Eclipse IDEs.
Expanded developer choice for AI-assisted workflows.
Expand AI capabilities in self-hosted environments with additional GitLab Duo features now available for organizations requiring complete data sovereignty. Teams can:
Access an expanded Duo feature set while maintaining on-premise or private cloud deployment.
Meet strict data residency and compliance requirements.
Achieve feature parity with cloud-hosted Duo offerings.
Control who can push or delete specific container tags with fine-grained protection rules using RE2 regex patterns. This feature enables teams to:
Create up to five protection rules per project to protect tags like latest or semantic versions.
Restrict push and delete operations to Maintainer, Owner, or Administrator roles.
Prevent protected tags from being removed by cleanup policies.
Safeguard production-critical container images from accidental or unauthorized changes.
CycloneDX export for the project dependency list
Secure
Deploy
Generate your SBOM by exporting your dependency list in the widely-adopted CycloneDX format. Organizations can:
Meet regulatory requirements for software bill of materials.
Enable compatibility with security scanning tools across their ecosystem.
Facilitate vulnerability tracking across the software supply chain.
Integrate with industry-standard SBOM processing workflows.