Product categories

On this page


We want intuitive interfaces both within the company and with the wider community. This makes it more efficient for everyone to contribute or to get a question answered. Therefore, the following interfaces are based on the product categories defined on this page:


The categories form a hierarchy:

  1. Departments: Dev and Ops. Dev and Ops map to departments in our organization structure. At GitLab the Dev and Ops split is different then the infinity loop suggests because our CI/CD functionality is one codebase, so from verify on we consider it Ops so that the codebase falls under one department. The stages that are the difference between the value stages and the team stages are part of the Dev department.
  2. Stages: Stages start with the 7 loop stages, then add Manage and Secure to give the 9 (DevOps) value stages, and then add Distribution, Geo, Gitaly & Gitter to get the 12 team stages. Values stages are what we all talk about in our marketing. Each of the team stages has a dedicated engineering team, product manager. Within shared functions like quality and product management individuals are paired to one or more stages so that there are stable counterparts.
  3. Categories: High-level capabilities that may be a standalone product at another company. e.g. Portfolio Management. There are a maximum of 8 high-level capabilities per stage to ensure we can display this on our website and pitch deck. Or the internal customers of the stage who practice our collaborate value of dogfooding.
  4. Features: Small, discrete functionalities. e.g. Issue weights. Some common features are listed within parentheses to facilitate finding responsible PMs by keyword. Features are maintained in features.yml.

Eventually, every category and capability listed on this page should link to a product marketing page, documentation, or an epic/issue.

Adding more layers to the hierarchy would give it more fidelity but would hurt usability in the following ways:

  1. Harder to keep the interfaces up to date.
  2. Harder to automatically update things.
  3. Harder to train and test people.
  4. Harder to display more levels.
  5. Harder to reason, falsify, and talk about it.
  6. Harder to define what level something should be in.
  7. Harder to keep this page up to date.


The impact of changes to stages is felt across the company. Merge requests with changes to stages and significant changes to categories need to be approved by:

  1. Head of Product
  2. VP of Product
  3. VP of Engineering
  4. CEO

Dev department

Dev leadership

Dev stages

  1. Manage - PM: Jeremy Watson PMM: John Jeremiah - EM: Liam McAndrew
    • Cycle Analytics
    • DevOps Score
    • Audit Management
    • Authentication & Authorization
    • Internationalization
    • Code Analytics Planned 2019
    • Workflow Policies Planned 2019
    • Design Management Planned 2019
  2. Plan - PM: Victor Wu PMM: John Jeremiah - EM: Sean McGivern
    • Issue Trackers
    • Issue Boards
    • Service Desk
    • Portfolio Management New in 2018
    • Program Management Planned 2019
    • Requirements Management Planned 2019
    • Value Stream Management Planned 2019
  3. Create - PM: James Ramsay PMM: John Jeremiah - EM: Douwe Maan
    • Source Code Management
    • Code Review
    • Wiki
    • Snippets
    • Web IDE New in 2018
  4. Distribution - PM: Joshue Lambert PMM: William Chia - EM: Marin Jankovski
    • Omnibus
    • Cloud Native Installation New in 2018
  5. Gitaly and Gitter - PM: James PMM: John - EM: Tommy (interim)
  6. Geo - PM: Andreas PMM: John - EM: Rachel Nienaber

Ops department

Ops leadership

Ops stages

  1. Verify - PM: Jason Lenny (Interim) PMM: William Chia - EM: Elliot Rushton
    • Continuous Integration (CI)
    • Unit Testing
    • Integration Testing
    • Code Quality
    • Performance Testing New in 2018
    • System Testing Planned 2019
    • Acceptance Testing (UAT) Planned 2019
    • Usability Testing Planned 2019
    • Compatibility Testing Planned 2019
    • Internal Customer: Quality Department
  2. Package - PM: Joshua Lambert PMM: William Chia - EM: Marin Jankovski (Interim)
    • Container Registry
    • Maven Repository New in 2018
    • NPM Registry Planned 2018
    • Rubygems Registry Planned 2018
    • Internal Customer: Distribution Team
  3. Release - PM: Jason Lenny PMM: William Chia - EM: Elliot Rushton (Interim)
    • Continuous Delivery (CD)
    • Incremental Rollout
    • Pages
    • Review Apps
    • Feature flags Planned 2018
    • Binary authorization Planned 2019
  4. Configure - PM: Daniel Gruesso PMM: William Chia - EM: Dylan Griffith
    • Auto DevOps
    • Kubernetes Configuration New in 2018
    • ChatOps New in 2018
    • Serverless Planned 2018
    • PaaS Planned 2019
    • Chaos Engineering Planned 2019
    • Runbooks Planned 2019
    • Internal Customers: Site Availability Engineering, Site Reliability Engineering
  5. Monitor - PM: Joshua Lambert PMM: William Chia - EM: Seth Engelhard
    • Metrics
    • Logging New in 2018
    • Cluster Monitoring New in 2018
    • Tracing Planned 2018
    • Error Tracking Planned 2018
    • Production Monitoring Planned 2018
    • Incident Management Planned 2019
    • Service Status Page Planned 2019
    • Internal Customer: Infrastructure Department
  6. Secure - PM: Fabio Busatto PMM: Cindy Blake - EM: Philippe Lafoucrière
    • Static Application Security Testing (SAST) New in 2018
    • Dynamic Application Security Testing (DAST) New in 2018
    • Dependency Scanning New in 2018
    • Container Scanning New in 2018
    • License Management New in 2018
    • Interactive Application Security Testing (IAST) Planned 2019
    • Web Application Firewall (WAF) Planned 2019
    • Runtime Application Self-Protection (RASP) Planned 2019
    • Internal Customer: Security Department


GitLab also does the things below that are composed of multiple categories.

  1. Software Composition Analysis (SCA) = Dependency Scanning + License Management
  2. Interactive Application Security Testing (IAST) = Dynamic application security testing (DAST) + Runtime Application Self-Protection (RASP)
  3. Application Performance Monitoring (APM) = Metrics + Tracing
  4. Project management = Issue trackers + Issue boards
  5. Continuous Integration (CI) = Unit Testing + Integration Testing + System Testing + Acceptance Testing (UAT) + Usability Testing + Compatibility Testing

Other functionality

This list of other functionality so you can easily find the team that owns it. Maybe we should make our features easier to search to replace the section below.