Snooze to-do items

Snooze to-do items

You can now snooze notifications in your To-Do List, allowing you to temporarily hide items and focus on what’s most important right now. Whether you need an hour to concentrate or want to revisit a task tomorrow, you’ll have fine-grained control over when notifications reappear, helping you manage your workflow more effectively.

Configurable token duration with GitLab OIDC provider

Configurable token duration with GitLab OIDC provider

When using GitLab as an OpenID Connect (OIDC) provider, you can now configure the duration of ID tokens with the id_token_expiration attribute. Previously, ID tokens had a fixed expiration time of 120 seconds.

Thank you Henry Sachs for your contribution!

Map OmniAuth profile attributes to user

Map OmniAuth profile attributes to user

You can now map the Organization and Title profile attributes from an OmniAuth identity provider (IdP) to a user’s GitLab profile. This allows the IdP to be the single source of truth for these attributes, and users can no longer change them.

Wider distribution for token expiration notifications

Wider distribution for token expiration notifications

Previously, access token expiry notification emails were only sent to direct members of the group and project in which the token was expiring. Now, these notifications are also sent to inherited group and project members, if the setting is enabled. This wider distribution makes it easier to manage the token before expiry.

New insights into GitLab Duo Code Suggestions and GitLab Duo Chat trends

New insights into GitLab Duo Code Suggestions and GitLab Duo Chat trends

The AI comparison metrics panel on the AI Impact Dashboard now provides month-over-month (MoM) tracking for GitLab Duo Code Suggestions acceptance rate and GitLab Duo Chat usage (MoM%). These new trend-based insights complement the existing Duo Code Suggestions and Duo Chat tiles, which provide a 30-day snapshot of these metrics. With these additional metrics, managers can better measure the AI impact on their software development processes and identify patterns, by comparing Code Suggestions acceptance rate and Duo Chat usage with other SDLC metrics over time.

Identify and revoke tokens with token information API

Identify and revoke tokens with token information API

GitLab administrators can now use a unified API to identify and revoke tokens. Previously, administrators had to use endpoints related to the specific type of token. This API allows revocation regardless of the type. For a list of supported token types, see the Token information API.

Thank you Nicholas Wittstruck and the team from Siemens for your contribution!

Select a compliance framework as default from the dropdown list on the Frameworks page

Select a compliance framework as default from the dropdown list on the Frameworks page

Users can set a default compliance framework in the GitLab compliance centre, which is applied to all new and imported projects that are created in that group. A default compliance framework has a default label to help users identify it.

To make it easier to set a compliance framework as default, we are introducing the ability for users to set a framework as default by using the framework dropdown list on the list frameworks page in the compliance center of a top-level group. This feature isn’t available in the compliance center of subgroups nor projects.

Improved project creation permission settings

Improved project creation permission settings

We’ve improved the project creation permission settings to make them more clear, intuitive, and aligned with our security principles. The improved settings include: - Renamed the “Default project creation protection” dropdown to “Minimum role required for project creation” to clearly reflect the setting’s purpose. - Renamed the “Developers + Maintainers” dropdown option to “Developers” for consistency across the platform. - Reordered the dropdown options from most restrictive to least restrictive access level.

These changes make it easier to understand and configure which roles can create projects within your groups, helping administrators enforce appropriate access controls more confidently.

Thank you @yasuk for this community contribution!