Paul Krill
Editor at Large

GitLab unveils GitLab 17, AI for devsecops

news
May 20, 20242 mins
Artificial IntelligenceCI/CDDevelopment Tools

GitLab Duo Enterprise will bring AI assistance to finding and fixing vulnerabilities and other aspects of the software development life cycle.

shutterstock 1869308242 team putting together a chain of gears teamwork coordination collaboration

GitLab has unveiled GitLab 17, a major update of its devsecops platform that brings a CI/CD catalog of reusable pipeline components and an AI impact dashboard. The company also announced GitLab Duo Enterprise, an AI-powered assistant that helps detect vulnerabilities in code and resolve CI/CD bottlenecks.

GitLab Duo Enterprise, the subject of a virtual launch event on June 24, combines the developer-focused AI capabilities of GitLab Duo Pro, which include code suggestions and code explanation, with enterprise-oriented AI capabilities for other aspects of the software development life cycle, such as detecting and fixing security vulnerabilities and summarizing issue discussions and merge requests. GitLab Duo Enterprise will also resolve CI/CD bottlenecks and failures and enhance team collaboration, GitLab said.

GitLab 17, released May 16, introduces a CI/CD catalog that allows GitLab users to discover, reuse, and contribute pre-built CI/CD components. Users also can create a private catalog to distribute customized pipelines to automate workflows.

The new AI impact dashboard in GitLab 17 is intended to help organizations understand the impact of the GitLab Duo AI programming assistant on developer productivity. For example, users can compare AI usage trends with software development metrics like lead time, cycle time, DORA, and vulnerabilities.

GitLab also offered a list of improvements coming to the devsecops platform:

  • A native secrets manager to allow users to store sensitive credentials.
  • Static application security testing (SAST) integrations to help improve accuracy, reduce false positives, and resolve application-layer risks.
  • Analytics capabilities to understand user behavior patterns, measure product performance, and prioritize feature enhancements.
  • Enterprise agile planning capabilities, including enhanced epics, custom fields in issues, and roadmaps.
  • A model registry for data scientists to develop AI/ML models on the same platform where engineers build and deploy code.