What's new in GitLab

Stay updated with our latest features and improvements.

What's new in GitLab 18.5

Oct 21, 2025
Past release

GitLab 18.5 reduces friction across planning, security, and deployment with intelligent orchestration across the software lifecycle — keeping teams in control through human-in-the-loop workflows.

Intelligence that moves software development forward

With GitLab 18.5, we are delivering new specialized agents, security insights that cut through the noise, and a reimagined interface that keeps your AI teammate always in view.

Read CEO's blog

Enhanced user experience with contextual access to Agentic Chat (Beta)

Manage

Code

Operate

AI

Improve access to project data and context with an integrated UI that surfaces AI assistance contextually across GitLab. Helps you eliminate hours lost to context-switching and accelerate issue resolution and development velocity. This release provides:

  • Accessibility to GitLab Duo Chat panel from anywhere in the platform.

  • Side-by-side information display for contextual work without losing your place.

  • Left-side navigation menu, which collapses and expands for flexible workspace management.

GitLab Security Analyst Agent (Beta)

Secure

Plan

AI

Transform vulnerability noise into actionable threat management with agentic security analysis. Now teams can orchestrate remediation workflows, prioritize exploitable risks, and complete bulk operations in minutes while working to maintain consistent security policies and audit trails. With this agent, teams can:

  • Use conversational commands to run AI-powered vulnerability management workflows.

  • Perform bulk operations for dismissing false positives and creating issues at scale.

  • Get enriched vulnerability data, including reachability analysis and code flow information.

  • Orchestrate multiple security tools through a single interface.

GitLab Duo Planner (Beta)

Plan

AI

Manage

Turn hundreds of backlog issues into actionable task lists with an agentic workflow powered by GitLab Duo within an Agile framework. Instead of tedious manual analysis, product and engineering teams can make fast, informed decisions. GitLab Duo Planner:

  • Turns vague ideas into structured planning hierarchies.

  • Identifies stale backlog items and suggests priorities automatically.

  • Drafts structured progress summaries for key stakeholders.

Popular AI tools as native agents in the AI Catalog (Experimental)

Deploy

Operate

AI

Code

Manage

Bring your preferred CLI agents directly into your GitLab Duo experience while maintaining enterprise governance, security, and audit trails. This capability includes:

  • Access to Claude, OpenAI Codex, Google Gemini, and Amazon Q in the GitLab AI Catalog.

  • Seamless authentication with composite identity management.

  • Session tracking for full visibility into flow execution and history.

Self-Hosted Duo Agent Platform (now Beta)

Deploy

Operate

Manage

AI

Unlock the full power of agentic AI within your own infrastructure so you can control where GitLab Duo executes, how it accesses your code, and what data it processes. This beta update gives you:

  • The power to execute Duo workflows within your infrastructure.

  • The ability to address data sovereignty requirements with enterprise-grade security for sensitive code within organizational boundaries.

  • Improved timeout configurations and AI Gateway settings for production deployment.

  • Support for code reviews, bug fixes, and feature implementations.

Precise security: Focus on real risks

Secure

Operate

Code

Accelerate security feedback without sacrificing coverage by focusing scans and helping to distinguish exploitable vulnerabilities from theoretical ones. Reduce noise, identify real risks, and keep developers in flow with:

  • Diff-based scanning that focuses on changed code, reducing pipeline execution time and alert fatigue.

  • Reachability analysis that helps identify whether vulnerable code is actually invoked.

  • Clear identification of expired secrets.

  • Strong security coverage focused on exploitable risks.

Maven Virtual Registry

Manage

A new web-based interface that simplifies how teams create and manage Maven virtual registries. Instead of configuring through APIs, package administrators can now:

  • Create registries and order upstreams to help improve performance and compliance.

  • View and clear stale cache entries directly in the UI.

  • Help reduce operational overhead and gives teams clearer insight into dependency resolution.