GitLab Announces GitLab 19.0: Balancing Governance and Speed in AI Development
GitLab releases GitLab 19.0 to address the 'AI Paradox,' where AI-driven coding speed outpaces traditional security workflows. Key features include a new Secret Manager, AI-assisted merge requests, and component analysis.
📋 Article Processing Timeline
- 📰 Published: May 26, 2026 at 20:00
- 🔍 Collected: May 26, 2026 at 11:31
- 🤖 AI Analyzed: May 27, 2026 at 08:23 (20h 51m after Collected)
GitLab (NASDAQ: GTLB), the most comprehensive and intelligent enterprise DevSecOps platform for software innovation, has announced the release of GitLab 19.0. This major release enhances secret management, agent-based merge request workflows, CI pipeline visualization, support for new open-source models in GitLab Duo Agent Platform Self-Hosted, and overall software supply chain security.
Engineering teams are increasingly facing the 'AI Paradox,' where the speed of code generation via AI is outpacing peripheral workflows such as credential protection, review cycles, and pipeline standards. GitLab 19.0 mitigates this by integrating these functions directly into the platform teams already use, effectively reducing hand-offs from code creation to production release.
The GitLab Secret Manager (public beta) allows users to manage credentials directly within the platform. It utilizes existing project/group structures for access control and audit logs, eliminating the need for a separate authority model. This ensures that in the event of a credential compromise, response teams can trace the credentials back to their originating pipelines through the existing audit trail.
AI-powered developer flows now span the entire merge request lifecycle, assisting with reviewer feedback, conflict resolution, and splitting large merge requests. New features such as the 'Resolve with Duo' button and one-click rebase/merge functions further automate the development process. Additionally, the new component analysis feature provides engineering teams with visibility into CI/CD catalog usage across the organization without switching tools.
Furthermore, GitLab Duo Agent Platform Self-Hosted has expanded its open-source model support to include four new models: Mistral Devstral 2 123B, GLM-5.1, Kimi-K2.6, and MiniMax-M2.7. This empowers teams in air-gapped environments and regulated industries. For software supply chain security, GitLab 19.0 introduces dependency scanning leveraging Software Bill of Materials (SBOM) and security configuration profiles to enforce policies across entire projects.
'While AI has accelerated code generation, it has not necessarily made it easier to ensure reliability and security at scale,' says Manav Khurana, Chief Product and Marketing Officer at GitLab. 'By having security, automation, and governance functioning on the same platform as the code, teams can realize the speed enabled by AI without losing control over the software they release.'
Engineering teams are increasingly facing the 'AI Paradox,' where the speed of code generation via AI is outpacing peripheral workflows such as credential protection, review cycles, and pipeline standards. GitLab 19.0 mitigates this by integrating these functions directly into the platform teams already use, effectively reducing hand-offs from code creation to production release.
The GitLab Secret Manager (public beta) allows users to manage credentials directly within the platform. It utilizes existing project/group structures for access control and audit logs, eliminating the need for a separate authority model. This ensures that in the event of a credential compromise, response teams can trace the credentials back to their originating pipelines through the existing audit trail.
AI-powered developer flows now span the entire merge request lifecycle, assisting with reviewer feedback, conflict resolution, and splitting large merge requests. New features such as the 'Resolve with Duo' button and one-click rebase/merge functions further automate the development process. Additionally, the new component analysis feature provides engineering teams with visibility into CI/CD catalog usage across the organization without switching tools.
Furthermore, GitLab Duo Agent Platform Self-Hosted has expanded its open-source model support to include four new models: Mistral Devstral 2 123B, GLM-5.1, Kimi-K2.6, and MiniMax-M2.7. This empowers teams in air-gapped environments and regulated industries. For software supply chain security, GitLab 19.0 introduces dependency scanning leveraging Software Bill of Materials (SBOM) and security configuration profiles to enforce policies across entire projects.
'While AI has accelerated code generation, it has not necessarily made it easier to ensure reliability and security at scale,' says Manav Khurana, Chief Product and Marketing Officer at GitLab. 'By having security, automation, and governance functioning on the same platform as the code, teams can realize the speed enabled by AI without losing control over the software they release.'
FAQ
What is required to upgrade to GitLab 19.0?
Users should update their platform to the latest version to access these integrated features. Please refer to the official release notes for details.
Are AI features available in the Free plan?
Some AI-assisted features are available across all plans, including Free, Premium, and Ultimate. Check the GitLab plan comparison for specifics.
Is the Secret Manager ready for production?
It is currently in public beta. We recommend testing your configurations thoroughly before deploying to production environments.