Post by GitLab

AI is generating more of the code, and keeping that code secure and governed requires more than manual oversight. GitLab 19.1 gives enterprises unified vulnerability coverage across every scanner, AI governance controls that prove what every agent did, and workflows that run automatically without waiting on someone to pull the trigger. ✨ What's new: ➡️ Third-party scanner support lets security teams pull findings from any SARIF-compliant scanner, including Semgrep, Trivy, Snyk, and Gitleaks, directly into GitLab's vulnerability report, security dashboard, and policy engine. One view, every tool. ➡️ Secret false positive detection, now GA, scans every commit on a branch and adds a confidence score and plain-language explanation to each finding so your team spends time closing real exposures, not chasing noise. ➡️ AI audit event streaming and agent tool approval guardrails, both in beta, record every agent action in your existing audit trail and give admins control over what agents can do before they act. ➡️ Event-driven triggers for Duo Flows fire automatically on real GitLab events, including MR approval, so post-approval steps like compliance logging and deployment readiness checks run without anyone having to kick them off. ➡️ New AI governance controls let instance admins and group owners define which agents, flows, and models are approved to run in their environment, bringing AI under the same oversight as every other sensitive platform capability. ➡️ Also shipping: stacked merge requests now visible in the MR header, inline blame as a toggle in the file view, a redesigned commit list with author and date filtering, and Code Owners auto-assigned as reviewers. Read the full 19.1 release notes: https://lnkd.in/em7r5hcb

Video Content