A shared library of reusable and specialized agents, allowing developers to:

• Create custom agents with defined behaviors and tools.

• Share agents project-wide or across the organization.

• Test agents before rollout to ensure predictable performance.

• Build common use cases like security scanning, docs drafting, or deployment validation.

Enables AI agents to act as teammates, allowing developers to:

• Start fresh conversations or resume previous ones with custom agents.

• Run agents synchronously or asynchronously.

• Access session views with logs, user info, and tool metadata for visibility.

Developers and AI agents use the Knowledge Graph to accelerate large codebase navigation and quickly answer complex questions. Developers can:

• Utilize real-time indexing to map files, routes, and references across projects.

• Use go-to-definition, reference tracking, and in-chat search.

• Ask precise questions like "show me all route files" or "what does this change impact?"

• Accelerates onboarding, deep research, and confident refactors.

New flow keeps software development pipelines functional by balancing technical fixes and business priorities. To keep developers in the flow state, it is designed to:

• Detect and prioritize failures based on business importance.

• Perform root-cause analysis across logs, dependencies, and recent changes.

• Suggest and apply fixes aligned with deadlines and priorities.

• Automatically create merge requests with business context.

Ensure consistent and compliant AI use across features and namespaces. GitLab 18.4 allows teams to:

• Set model defaults at org or feature level.

• Apply consistent preferences across namespaces.

• Support GPT-OSS and GPT-5.

• Note: Model selection is not available for gitlab.com customers, and GPT models are not supported on gitlab.com.

When group-level model selection is not active, developers can choose their preferred model in Agentic Chat. It allows for:

• A dropdown selection in Agentic Chat to easily switch models.

• The selection to persist between conversations.

Helps developers protect sensitive information by controlling the context shared with AI models. It makes it possible to:

• Exclude specific files (e.g., secrets, proprietary algorithms).

• Apply path-based rules by directory or file type.

• Configure at project level with audit visibility.

Developers can accelerate their workflows even further with new workflows to:

• Simulate pipelines against any branch to test and validate changes before commit.

• Utilize CI/CD job tokens to authenticate Git push requests with fine-grained permissions.

In GitLab 18.4, new security capabilities allow developers to:

• Speed up secret detection scans and reduce noise by excluding low-signal files.

• Quickly trace original pipeline IDs for resolved vulnerabilities in case they reappear.

Additional flexibility for developers with newly added models for Duo Enterprise self-hosted deployments:

• GPT-5 on Azure OpenAI.

• GPT-OSS 20B/120B via vLLM and Azure.

Developers can run pipelines with increased reliability thanks to these improvements in GitLab Runner:

• FIPS startup fixes.

• New fastzip flag support.

• Improved long-polling in Kubernetes.

DevOps teams can now deploy GitLab Dedicated in more regions with enterprise-grade availability and disaster recovery (DR) thanks to following improvements in 18.4:

• io2-backed storage and disaster recovery.

• Availability of all AWS regions in Switchboard.

Enable first- and third-party agents within development workflows, giving developers the ability to choose the right AI tools within GitLab's governance and context:

• MCP server provides standardized, secure AI integration with GitLab projects and APIs.

• CLI agent support allows @mention Claude Code, Codex, Amazon Q, Google Gemini, or opencode in issues/MRs to generate code or comments.

• Agentic Chat for Visual Studio + GitLab UI provides access to Duo agents natively where you work to reduce context-switching.

• Expanded AI model support (Self-Hosted) allows running GPT (20B/120B), Claude 4, and more through vLLM, Azure, or AWS Bedrock.

Watch the integrations demo

See how GitLab 18.4 integrates any AI agent into your workflow. No more tool switching—mention @Claude in merge requests.

Eliminate repetitive tasks with multi-agent workflows that take ideas from concept to code in minutes, freeing developers to focus on higher-value work:

• Issue to MR Flow automatically converts issues into merge requests with implementation plans and production-ready code.

• Convert CI File Flow migrates Jenkins CI/CD configurations into GitLab CI pipelines without manual rewriting.

Watch the Issue to MR Flow demo

See AI turn a simple issue into production-ready code with implementation plans. No more manual coding—just describe the problem.

Watch the Convert CI File Flow demo here

See how AI automatically converts your Jenkins configurations into GitLab CI pipelines. Reliable code conversion, quick and easy validation.

Context-aware insights that help agents and developers understand complex codebases and cut hours off discovery and refactoring tasks:

• Real-time code indexing accelerates search and navigation.

• Maps dependencies and file relationships across the codebase.

• Provides AI agents with richer context for more accurate answers.

Adopt AI confidently with visibility and control. New governance features ensure agent actions are transparent and compliant with organizational security standards:

• Agent Insights track and optimize how agents make decisions.

• Duo Code Review for Self-Hosted provides AI code review with data sovereignty.

• Hybrid model configurations combine self-hosted and GitLab-managed AI models.

• OAuth 2.0 for MCP server provides modern, secure authentication to protected resources.

Watch the Agent Insights demo

Discover how Agent Insights tracks every AI decision with full transparency. Complete control – every agent action accounted for.

Watch the GitLab Duo Code Review for Self-hosted demo

See how Duo Code Review provides intelligent feedback while keeping your code secure. Your data never leaves your infrastructure.

Apply least-privilege principles and compliance at scale. GitLab 18.3 embeds security and governance across the SDLC so organizations can standardize without slowing teams down:

• Custom admin roles create specialized roles with precise admin access.

• Instance-level compliance frameworks apply policies once and cascade across groups and projects.

• Enhanced violations reporting provides immediate, actionable alerts tied to compliance controls.

• Fine-grained CI/CD job tokens limit tokens to only required API endpoints.

• AWS Secrets Manager integration retrieves secrets securely in CI/CD jobs via OIDC.

Protect against vulnerabilities and outages by ensuring artifacts and images are immutable and consistently governed across the supply chain:

• Conan revisions support provides immutable identifiers for C++ packages.

• Immutable container tags prevent modification of critical production images.

• Extended immutability protections across npm, PyPI, Maven, NuGet, Helm, and more.

Allow developers access to live project data where they work. Embedded views turn wikis, issues, and epics into living dashboards that update automatically:

• Insert live GLQL queries in issues, epics, and MRs.

• Personalize with functions like currentUser() and today().

• Filter by 25+ fields including labels, milestones, and health.

• Display as auto-refreshing tables or lists.

More flexibility in how developers use AI models and manage projects with features that improve customization, security, and productivity:

• Customize Duo Code Review instructions to define project-specific review standards in YAML.

• Bring your own models (Self-Hosted) to run any compatible model with Duo.

• Hybrid model selection (Self-Hosted) assigns models per feature to balance scale and security.

• Surfacing compliance violations with enhanced reports directly map violations to framework controls.

• Web IDE source control allows creating/deleting branches, amending commits, and force-pushing directly in the browser.

• Migration by direct transfer reliably moves large groups/projects between GitLab instances.