GitLab 19.1 Enhances AI Security and Developer Workflows
GitLab 19.1 introduces significant improvements, including AI-powered secret false positive detection for enhanced security scanning and an 'always on' availability mode for GitLab Duo, offering centralized AI governance. The release also automates Code Owner assignments for merge requests and adds compliance framework templates to streamline adherence to standards. These updates aim to reduce alert fatigue, improve security posture, and boost developer productivity for a wide range of users across different tiers.
- →Secret false positive detection for GitLab Duo
- →Always on availability mode for GitLab Duo
- →Automatic Code Owner reviewer assignment
- →Compliance framework templates (beta)
- →Tool approval guardrails for GitLab Duo agents (beta)
Features (5) ›
- Secret false positive detection for GitLab Duo
GitLab Duo now automatically analyzes secret detection findings to identify false positives, reducing alert fatigue and improving trust in scan results. This feature offers both automatic analysis after scans and manual triggering for on-demand assessment, focusing on critical and high-severity vulnerabilities.
- Always on availability mode for GitLab Duo
Administrators can now enforce GitLab Duo to be always on for all projects within an instance or top-level group, enabling centralized AI governance for compliance. This setting prevents group owners from disabling GitLab Duo, ensuring consistent AI tooling across an organization.
- Automatic Code Owner reviewer assignment
Projects can now be configured to automatically assign Code Owners as reviewers for merge requests based on changed files. This automation occurs when a merge request is created or marked as ready, provided no reviewer has been manually assigned.
- Compliance framework templates (beta)
Users can now create compliance frameworks from predefined templates, including options for ISO 27001, SOC 2, and FedRAMP. This feature simplifies the process of building compliance frameworks by starting with pre-configured requirements and controls.
- Tool approval guardrails for GitLab Duo agents (beta)
Administrators can configure tool-level approval policies for GitLab Duo agents, allowing them to gate sensitive actions with human approval. This offers modes like 'Allow,' 'Ask,' and 'Deny' for different tools, enhancing control over AI agent operations.
Enhancements (1) ›
- Improved secret detection coverage for feature branch pipelines
Secret detection in feature branch pipelines now scans every commit from the branch's divergence point with the default branch. This ensures that secrets leaked in earlier commits are detected before reaching shared branches or production.
https://docs.gitlab.com/releases/19/gitlab-19-1-released/
Related releases
- GitLab 18.11 reaches end of life in 1 days endoflife.date ·
- GitLab 19.0 reaches end of life in 36 days endoflife.date ·
- GitLab 19.1 reaches end of life in 64 days endoflife.date ·