Oct 11, 2025
Available now on GitLab

The latest features available on GitLab SaaS

New features are regularly released to GitLab SaaS (GitLab.com), with a packaged release available for GitLab Self-Managed every month. Read on to learn more about the new features available on GitLab.com. Note that it may take a few days for a feature to become fully available on GitLab.com, due to deployment schedule and potential feature flags.

Additional information on past releases is available; be sure to check out the release for other features we've launched recently. We also have information about upcoming releases if you're interested in seeing what we are doing next.

Preview Key improvements released in GitLab Preview

GPT-5 now available as a model option for GitLab Duo Agentic Chat

GPT-5 now available as a model option for GitLab Duo Agentic Chat

OpenAI GPT-5 is now available as a GitLab AI Vendor model when selecting a model for GitLab Duo Agent Platform. When configured by Owners of a top-level group on GitLab.com and instance Administrators on Self-Managed and Dedicated, end-users can select to use GPT-5 with GitLab Duo features. Top-level owners and administrators can continue to set organization-wide model preferences through namespace or instance settings, or allow end-user to choose from all available GitLab AI Vendor models.

To get started using GPT-5, select your preferred model from the model dropdown list in GitLab Duo Agentic Chat.

GPT-5 now available as a model option for GitLab Duo Agentic Chat

DAST authentication scripts

DAST authentication scripts

stage-badge

You can now add scripts to your CI/CD configurations to automate DAST authentication workflows. Authentication scripts enable automating complex authentication flows, including support for time-based, one-time passwords (OTP MFA).

This enhancement helps your team maintain critical security controls while conducting thorough, automated security scans. By supporting real-world authentication scenarios, scripts reduce friction and ensure accurate security assessments of production software.

Pick up where you left off on the new personal homepage

Pick up where you left off on the new personal homepage

stage-badge

You can now access a new personal homepage that consolidates all your important GitLab activities in one place, making it easier to pick up where you left off. The homepage brings together your to-do items, assigned issues, merge requests, review requests, and recently viewed content, helping you navigate GitLab’s large surface area and stay focused on what matters the most to you.

Pick up where you left off on the new personal homepage

Preview Other improvements in GitLab Preview

Format markdown tables in the plain text editor

Format markdown tables in the plain text editor

stage-badge

Misaligned markdown tables are difficult to read and edit, even though they render correctly.

The new Reformat table feature in the plain text editor’s toolbar realigns table columns with a single click, preserving alignment settings and indentation. To use it:

  • Select any markdown table in wiki pages, issues, or merge requests.
  • From the More options menu, select Reformat table.

This makes documentation maintenance faster and collaboration easier when working with complex tables.

Increased rule coverage for secret push protection and pipeline secret detection

Increased rule coverage for secret push protection and pipeline secret detection

stage-badge

New rules have been added to GitLab’s pipeline secret detection. Some existing rules have also been updated to improve quality and reduce false positives. These changes are released in version 7.15.0 of the secrets analyzer.

Expose the original severity from the Vulnerabilities API

Expose the original severity from the Vulnerabilities API

stage-badge

The vulnerabilities GraphQL API now exposes the original severity of vulnerabilities. This allows you to determine what the severity of the vulnerability was before severity overrides were applied.

Codestral now supported for GitLab Duo Chat (Classic)

Codestral now supported for GitLab Duo Chat (Classic)

You can now use Mistral Codestral on Gitlab Duo Self-Hosted for classic Duo Chat. This model is supported for Gitlab Duo Self-Hosted customers on GitLab Self-Managed instances.

Codestral now supported for GitLab Duo Chat (Classic)

GPT OSS Models compatible with GitLab Duo Agent Platform for GitLab Duo Self-Hosted

GPT OSS Models compatible with GitLab Duo Agent Platform for GitLab Duo Self-Hosted

You can now use GPT OSS models on GitLab Duo Agent Platform with Gitlab Duo Self-Hosted.

Improved inactive item management for groups and projects

Improved inactive item management for groups and projects

stage-badge

The Inactive tab now consistently displays all inactive items in one unified location across GitLab. This includes archived projects, projects pending deletion, and groups pending deletion. This tab is available on the group overview page, as well as in group and project lists throughout Your work, Explore, and the Admin area. All users with the appropriate permissions can view inactive items, while only group owners and project owners and maintainers can take further actions on them. As part of this update, a new active parameter is now available in both the Projects and Groups REST APIs, and GraphQL APIs.

Managing inactive content is a critical part of maintaining a GitLab instance. This update makes it easier to find and recover content that was archived or is pending deletion, allowing you to maintain better control over your GitLab resources while reducing the risk of accidentally losing valuable work. The clear separation of active from inactive content also provides a more focused search experience when navigating through groups and projects across all areas of GitLab.

Improved inactive item management for groups and projects

Variable expansion in environment deployment_tier

Variable expansion in environment deployment_tier

stage-badge

You can now use CI/CD variables in the environment:deployment_tier field, making it easier to dynamically configure deployment tiers based on pipeline conditions.

Validity checks is in beta

Validity checks is in beta

stage-badge

Pipeline secret detection alerts you to exposed credentials, like passwords or API keys, in your projects. However, until GitLab 18.5, you had to manually check whether each detection represented an active token. This could make effectively triaging detections difficult and time consuming.

Now that validity checks is in beta, enable it to display the status of detected GitLab secrets. Active secrets can be used to impersonate legitimate activity, so you should rotate them as soon as possible. To watch validity checks in action, see the validity checks playlist.

Validity checks is in beta

Control requests for external controls statuses

Control requests for external controls statuses

stage-badge

External controls can be attached to requirements when creating compliance frameworks in GitLab.

By default, GitLab automatically requests the status of external controls from external systems every 12 hours during compliance scans, setting the control status to ‘pending’. External systems then respond by using the external controls API to update the status to ‘pass’ or ‘fail’.

In GitLab 18.5, you can now disable this automatic 12-hour ping by turning off the Ping enabled setting when configuring external controls. When the 12-hour ping is disabled:

  • GitLab will not automatically request status updates from external systems.
  • The external control displays a Disabled badge in the compliance framework UI.
  • You have complete control over when external control statuses are updated using the external controls API.

This prevents the system from resetting the external control statuses to ‘pending’ and gives you full control over status update timing.

Enhanced Admin area groups list

Enhanced Admin area groups list

stage-badge

We’ve upgraded the Admin area groups list to provide a more consistent experience for GitLab administrators:

  • Delayed deletion protection: Group deletions now follow the same safe deletion flow used throughout GitLab, preventing accidental data loss.
  • Faster interactions: Filter, sort, and paginate groups without page reloads for a more responsive experience.
  • Consistent interface: The groups list now matches the look and behavior of other group lists across GitLab.

This update brings the administrator experience in line with GitLab design standards, and adds important safety features to protect your data. Future enhancements to group management will automatically appear in all group lists throughout the platform.

GitLab Duo Agent Platform for GitLab Duo Self-Hosted now in beta

GitLab Duo Agent Platform for GitLab Duo Self-Hosted now in beta

GitLab Duo Agent Platform is now in beta for GitLab Duo Self-Hosted. This feature is available to all Self-Managed GitLab Duo Enterprise customers. Self-Managed instance administrators using AWS Bedrock or Azure OpenAI can configure Anthropic Claude or OpenAI GPT models for use with GitLab Duo Agent Platform. Self-Hosted administrators can also configure compatible models to use with Gitlab Duo Agent Platform.

Updated navigation experience for groups

Updated navigation experience for groups

stage-badge

We’ve made changes to the group overview list to deliver a more consistent and efficient experience across GitLab. These improvements make it easier to navigate your groups and projects while providing more valuable information at a glance:

  • Richer project information: Projects now display stars, forks, issues, merge requests, and relevant dates, giving you a complete activity overview at a glance.
  • Streamlined actions: Edit or delete groups and projects directly from the overview using the actions menu. Archived and pending deletion items appear in the Inactive tab.
  • Consistent experience: The group overview now matches the look and behavior of other group and project lists throughout GitLab for a more intuitive experience.

These enhancements save time by putting more information and actions at your fingertips. This update also lays the groundwork for future features like bulk editing and advanced filtering options.

Deprecations Deprecations

The complete list of all features that are currently deprecated can be viewed in the GitLab documentation. To be notified of upcoming breaking changes, subscribe to our Breaking Changes RSS feed.

Removals and breaking changes Removals and breaking changes

The complete list of all removed features can be viewed in the GitLab documentation. To be notified of upcoming breaking changes, subscribe to our Breaking Changes RSS feed.

Changelog

Please check out the changelog to see all the named changes:

Installing

If you are setting up a new GitLab installation please see the download GitLab page.

Updating

Check out our update page.

GitLab Subscription Plans

See what your team could do with The DevSecOps Platform.

  • Free

    Free-forever features for individual users

  • Premium

    Enhance team productivity and coordination

  • Ultimate

    Organization wide security, compliance, and planning

Try all GitLab features - free for 30 days

Take GitLab for a spin

See what your team could do with The DevSecOps Platform.

Get free trial

Have a question? We're here to help.

Talk to an expert
Edit this page View source