Monday, 30 June 2025
30.6 C
Singapore
32.2 C
Thailand
21.4 C
Indonesia
29.1 C
Philippines

GitLab introduces GitLab 18 with AI-native features to boost developer productivity

GitLab 18 delivers AI-native tools and security upgrades to help developers work faster and reduce risks in software delivery pipelines.

GitLab has launched GitLab 18, the latest version of its comprehensive DevSecOps platform, introducing AI-native capabilities alongside key enhancements in core development workflows, security, and compliance. Available from 16 May, the release offers real-time AI assistance to developers and improves software delivery pipelines through a unified and secure experience. GitLab Premium customers can now access advanced AI tools without the need to upgrade to the Ultimate tier.

AI tools enhance development speed and efficiency

At the heart of GitLab 18 is deeper integration of GitLab Duo, bringing AI-powered Code Suggestions and Chat to Premium and Ultimate users at no extra cost. These features enable developers to generate code, receive real-time completion suggestions, refactor scripts, write tests, and fix bugs—all from within their preferred source code editor or IDE.

According to Felix Kortmann, chief technology officer at Ignite by FORVIA HELLA, these tools are already delivering impact. “For us, as GitLab users, Duo’s intelligent code suggestions have become a daily asset for our developers. Combined with the chat feature, it allows for immediate feedback and iteration, resulting in faster development cycles and a more secure codebase. It’s a seamless and powerful addition to our workflows.”

This AI-native approach builds on GitLab Premium’s existing capabilities in source code management and continuous integration, removing the need for separate tools or additional licensing. Additionally, GitLab Duo Enterprise—offering more advanced, context-aware AI across the development lifecycle—is now available for purchase by Premium customers, without requiring an upgrade to the Ultimate plan.

DevSecOps enhancements drive performance and collaboration

GitLab 18 brings major improvements to its core platform, designed to streamline DevSecOps workflows and reduce dependency on external tools. The update introduces built-in artifact management for storing packages, containers, and other build components. This includes support for a new virtual Maven registry and immutable tag management, which simplifies tooling on a single platform.

To further accelerate delivery, GitLab has refined its CI/CD pipelines with structured inputs and modular configurations. The enhancements allow for easier management of parent/child pipelines and better change detection, enabling faster and more secure deployments.

New capabilities such as GitLab Query Language (GQL) make it easier for teams to search, filter, and embed content across the platform. This supports improved collaboration and reporting for cross-functional teams working on complex projects.

For Andrei Nita, chief technology officer at McKenzie Intelligence Services, the impact of GitLab’s unified toolset is clear. “GitLab has already been instrumental in eliminating our reliance on a fragmented toolchain, which cut costs from disconnected solutions, and streamlined our workflow. Enhancing GitLab Premium with Duo will give us even greater efficiency and cost savings as our developers spend less time on routine coding tasks and more time tackling complex challenges that drive real business value.”

Security and compliance capabilities expanded

The latest version also strengthens GitLab’s built-in security features to support organisations with stricter compliance and risk management requirements. Custom compliance frameworks now include out-of-the-box controls aligned with SOC 2, ISO 27001, and CIS benchmarks, with options to define and enforce additional policies specific to each organisation.

Security updates include reachability analysis for dependencies, which helps reduce false positives by focusing only on exploitable vulnerabilities. Static Application Security Testing (SAST) has also been improved, allowing organisations to adjust detection logic according to their tech stack, reducing false alerts.

New vulnerability dashboards offer both organisation-level and application-specific views with strong filtering and reporting functions to highlight critical issues. GitLab 18 also introduces support for FIDO passkeys, enabling secure logins using biometrics, device PINs, or hardware tokens like YubiKeys.

Another significant feature is the security policy impact assessment tool, which adds context when making changes to policies. A “warn mode” provides guidance to developers without blocking their workflow, promoting better adherence to policies while maintaining efficiency.

David DeSanto, chief product officer at GitLab, said the aim of these updates is to eliminate unnecessary complexity: “Today’s fragmented landscape of AI point solutions creates unnecessary complexity for development teams. By natively integrating the essential capabilities of GitLab Duo Code Suggestions and Chat directly within the GitLab DevSecOps platform, we’re eliminating the need for separate tools, licenses, and governance structures. This unified approach enables teams to accelerate their workflows and improve productivity while maintaining security and compliance standards.”

Hot this week

WhatsApp now lets you use AI to summarise your private messages

WhatsApp now uses Meta AI to summarise your unread private messages, helping you catch up on chats quickly while keeping your privacy intact.

Meta slammed by Oversight Board for ‘incoherent’ handling of AI-manipulated content

Meta is under fire again as its Oversight Board slams its weak AI content rules as 'incoherent and unjustifiable'.

Thales enhances Imperva Application Security with new API threat detection and response capabilities

Thales updates Imperva Application Security with real-time API threat detection and response, tackling BOLA and business logic risks.

Google DeepMind launches offline version of Gemini Robotics AI for robots

Google DeepMind launches an offline Gemini Robotics AI model, letting robots operate without the internet while learning tasks with a few examples.

HPE launches modular AI factory solutions in partnership with NVIDIA

HPE expands its AI factory solutions with NVIDIA to simplify enterprise AI adoption through integrated infrastructure, software, and services.

Cheapest SIM-only plans in Singapore 2025: Flexible, contract-free mobile data

Compare the cheapest SIM-only plans in Singapore for 2025, with up to 1TB data, 5G access, roaming, and no-contract options from S$8/month.

Android 16 to alert you if your phone connects to a fake cell tower

Android 16 will warn you if your phone connects to a fake tower, helping protect your calls, texts, and location from silent spying.

Runway moves into gaming with new AI platform Game Worlds

Runway launches Game Worlds, an AI platform aiming to reshape game creation and expand its success from film into the gaming industry.

TikTok trials new ‘bulletin boards’ to rival Instagram’s broadcast channels

TikTok is testing bulletin boards, a new feature similar to Instagram's broadcast channels, for direct creator-to-fan updates.

Related Articles

Popular Categories