GitLab 19.0 advances AI agent integration across the software development process to accelerate code generation and automate manual review, security checks, and deployment steps. The release targets a growing problem where AI increases coding speed while validation, testing, and deployment remain slow. GitLab Duo Agent Platform enables agents to operate during multiple phases, including planning, code generation, and security remediation, encouraging more parallel execution instead of sequential hand-offs. GitLab Duo Developer gains features to link directly to issues or merge requests and to be invoked in discussion threads to generate changes or proposals. Dependency scanning based on SBOMs improves security by detecting vulnerabilities across full dependency graphs, including transitive dependencies, with support for Maven, Gradle, and Python.
"GitLab has released version 19.0 of its DevSecOps platform. The new release focuses primarily on further integrating AI agents throughout the entire software development process. With this, the company aims not only to accelerate code generation but also to further automate the manual steps involved in reviews, security checks, and deployments. According to GitLab, a new problem is emerging within many development teams: thanks to AI, developers are producing code faster, while validation, testing, and deployment continue to take a relatively long time."
"With version 19.0, the company is attempting to reduce that delay by deploying AI agents at multiple points within the software chain. Central to this is the GitLab Duo Agent Platform, which became generally available earlier this year. In the new version, the agents can perform tasks during various phases of software development, from planning and code generation to security remediation. This means processes should run in parallel more often rather than through sequential manual hand-offs between teams."
"GitLab Duo Developer, the AI assistant for developers, is also gaining new capabilities. Users can now directly link the assistant to issues or merge requests. Additionally, the agent can be invoked within discussion threads, after which it can independently generate changes or proposals."
"One of the most significant additions is the general availability of dependency scanning based on SBOMs, or Software Bills of Materials. This allows organizations to detect vulnerabilities within entire dependency structures, including transitive dependencies that are not explicitly included in projects. The functionality supports Maven, Gradle, and Python environments, among others. According to GitLab, third-party code poses an increasingly significant security risk in modern software development, partly because development teams rely heavily on open-source components."
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]