Towards AI-powered DevSecOps: GitLab 16 Releases and Updates

As GitLab’s dedicated partner, E-SPIN proudly present this GitLab 16 releases and updates page as a one-stop resource page to provide information on improvement in GitLab 16.

GitLab introduces their improvements on the platform every month. In regards to this monthly release practice, E-SPIN will continuously reach the end users through this post for each GitLab 16 releases and updates. The details of the latest release and updates are presented in the manner where the latest release is shown at the top of the post and then followed with the previous releases. Feel free to visit this post for the updates and please do not hesitate to contact E-SPIN regarding product and related matter (if any).

---

GitLab 16.6 Release (2023-Nov-22)

GitLab 16.6 released with  GitLab Duo Chat Available in Beta, MR approvals as a compliance policy, improved forking, improved UI for CI/CD variable management, and much more!

Key improvements:

1. GitLab Duo Chat available in Beta

Availability – in SaaS GitLab Ultimate

Capabilities – This report initially involved in the software development process can spend a significant amount of time familiarizing themselves with code, epics, issues, and lengthy discussion threads. It can often find users slowed down by routine tasks like writing summaries, documentation, tests, or even code. Having an expert at users side that can answer DevSecOps questions without judgment and address follow-ups could help users accelerate the software development process.

2. Automatic claims of enterprise users

Availability – in SaaS GitLab Premium and Ultimate

Capabilities – This gives the group Owner more user management controls and visibility into the user’s account. After a user becomes an enterprise user, they can only change their primary email to an email their organization owns as per its verified domains.

3. Minimal forking – only include the default branch

Availability – in SaaS GitLab Free, Premium and Ultimate and self-managed GitLab Free, Premium and Ultimate

Capabilities – Users can create a fork with only the default branch, reducing complexity and storage space. Create minimal forks if users don’t need the changes that are currently being worked on in other branches.

4. Allow users to enforce MR approvals as a compliance policy

Availability – in SaaS GitLab Ultimate

Capabilities – it can ensure unilateral changes cannot be made by enforcing two person approval on all merge requests. Scan results policies have a new option to target Any merge request which can be paired with defining role-based approvers to ensure each MR for the defined branches require approval by two (or more) users with a given role (Owner, Maintainer, or Developer).

5. Switchboard portal for GitLab Dedicated is now generally available

Availability – in self-managed GitLab Ultimate

Capabilities – Switchboard, a new self-service portal, is now available for customers and team members to onboard, configure and maintain their GitLab Dedicated instances. Using Switchboard, users can now make some configuration changes to users GitLab Dedicated instance.

 

6. CI/CD components Beta release

Availability – in SaaS GitLab Free, Premium and Ultimate and self-managed GitLab Free, Premium and Ultimate

Capabilities – Users can improved the components folder structure from the initial experimental version. If users are already testing the experimental version of CI/CD components, it’s essential to migrate to the new folder structure. If users try out CI/CD components, users are also welcome to try the new CI/CD catalog, currently available as an experimental feature. Users can search the Global CI/CD catalog for components that others have created and published for public use. Additionally, if users create users own components, users can choose to publish them in the catalog too!

7. Improved UI for CI/CD variable management

Availability – in SaaS GitLab Free, Premium and Ultimate and self-managed GitLab Free, Premium and Ultimate

Capabilities – CI/CD variables are a fundamental part of GitLab CI/CD, and we felt that we could offer a better experience for working with variables from the settings UI. So in this release we’ve updated the UI to use a new drawer that improves the flow of adding and editing CI/CD variables. For example, the masking validation used to only happen when users tried to save the CI/CD variable, and if it failed users have to restart from scratch. But now with the new drawer, users get real time validation so users can adjust on the fly without needed to redo anything!

8. Runner Fleet Dashboard – Starter metrics (Beta)

Availability – in Self-Managed GitLab Ultimate

Capabilities – it have actionable insights to help users quickly answer critical fleet management and developer experience questions, starting with instance runners. These include answers to questions like which runners have errors, the performance of the runner queues for CI job execution, and which runners are most actively used. Ultimate customers can enable this feature independently, but are encouraged to participate in the early adopter’s program.

Other improvements:

• Comprehensive list of items that failed to be imported
• Consistent navigation experience for all users
• macOS 14 (Sonoma) and Xcode 15 image support
• GitLab Runner 16.6
• Upload packages to the Maven repository with basic HTTP authentication
• Prevent duplicate NuGet packages
• Real-time Kubernetes status updates in the GitLab UI
• Connect to Kubernetes clusters with the GitLab CLI
• Container Scanning: Exclude findings which won’t be fixed
• Include CVSS Vectors in the vulnerability report export
• Added support for SBT projects using Java 21
• Changes to the vulnerability report’s Tool filter
• DAST analyzer updates
• Improved handling of unresponsive external status checks
• Allow compliance teams to prevent pushing and force pushing into protected branches
• GitLab Silent Mode
• Group-level audit event streaming to AWS S3
• Hide archived projects in search results by default
• Service accounts have optional expiry dates
• Private group names are hidden from unauthorized users

---

GitLab 16.5 Release (2023-Oct-22)

GitLab 16.5 released with compliance standards adherence reports and merge request target branch rules.

Key improvements:

1. Compliance standards adherence report

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – This report initially includes a GitLab best practices standard, showing when the projects in your group are not meeting the requirements for the checks included in the standard. It will also show users when the check was last run, which standard the check applies to, and how to fix any failures or problems that might be shown on the report.

2. Create rules to set target branches for merge requests

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – In these projects, users might want to keep main as the default branch since it represents the production state of the project.

3. Resolve an issue thread

Availability – in SaaS GitLab Free, Premium and Ultimate and self-managed GitLab Free, Premium and Ultimate

Capabilities – Long-running issues with many threads can be challenging to read and track. Users can now resolve a thread on an issue when the topic of discussion has concluded.

4. Fast-forward merge trains with semi-linear history

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Now, if users want to ensure your semi-linear commit history is maintained you can use semi-linear fast-forward merge trains.

Other improvements:

• Changing context just got easier
• Webhook now triggered when a release is deleted
• Export individual wiki pages as PDF
• Set a parent for a task, objective, or key result with a quick action
• Integrate deployment approval and approval rule changes into audit events
• DAST analyzer updates
• Activate and deactivate headers for streaming audit events
• Export the compliance violations report
• New customizable permissions
• Geo adds bulk resync and reverify buttons for all components
• Find epics with advanced search
• Reviewer information for merge requests in the Jira development panel
• Add a child task, objective, or key result with a quick action
• Linked items widget in tasks, objectives, and key results
• Make jobs API endpoint rate limit configurable
• Redesigned Service Desk issues list
• API to create PAT for currently authenticated user
• Configurable locked user policy
• Instance-level audit event streaming to Google Cloud Logging
• Use the API to delete a user’s SAML and SCIM identities
• Vulnerability report grouping by status and severity
• Back up and restore repository data in the cloud
• Omnibus improvements

---

GitLab 16.4 Release (2023-Sep-22)

GitLab 16.4 release involves more than 100 improvements and among them are Customizable Roles, Group/sub-group level dependency list, Access clusters locally using your GitLab user identity, Create workspaces for private projects and many more.

Key improvements:

1. Customizable roles

Availability – in SaaS Gitlab Ultimate and self-managed GitLab Ultimate

Capabilities – This release enables users to create and remove custom roles via the UI under the Roles and Permissions menu. Users can create custom role by adding permissions on top of an existing base role. Overtime, GitLab will be adding new permissions including Granular permission to create custom roles.

2. Create workspaces for private projects

Availability – in SaaS Gitlab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16.4 allows users to create workspace for private or public project. A successfully created workspace gives user a personal token that can be used to clone private projects and perform Git operations without any additional configuration or authentication.

3. Access clusters locally with your GitLab user identity

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – With GitLab 16.4, users can now give developers access to kubernetes cluster by using their GitLab identities and the agent for Kubernetes. Along with OIDC cloud authentication offering in GitLab pipelines, these features enable GitLab users to access cloud resources without dedicated cloud accounts, at the same time,  ensuring security and compliance.

4. Group/sub-group level dependency list

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – GitLab 16.4 enables users to view all dependencies at the project or group level, including subgroups. This feature is enabled by default.

4. Vulnerability bulk status updates

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities –  In this release, users are able to bulk change the status and make a comment for multiple vulnerabilities from a group or project Vulnerability Report.

5. Granular security permissions

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – GitLab 16.4 enables users to create a custom role based on the access of the Reporter role. This feature however need to apply the added permissions of the following:

• Viewing the dependency list (read_dependency).
• Viewing the security dashboard and vulnerability report (read_vulnerability).
• Approving a merge request (admin_merge_request).
• Changing status of a vulnerability (admin_vulnerability).

6. Set id_token globally and eliminate configuration for individual jobs

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16.4 is improved  to provide a smooth transition to id_token. With GitLab 16.4, Users can now set id_tokens as a global default value in .gitlab-ci.yml. As this feature automatically set the id_token configuration for every job, when working with the jobs that use OpenID Connect (OIDC) authentication, there is no longer need for users to set up a separate id_token.

Other improvements:

• Add webhooks for added or revoked emoji reactions
• Create custom role name and description using API
• Expand configurable import limits available in application settings
• Trigger Slack notifications for group mentions
• Users with the Maintainer role can view runner details
• GitLab Runner 16.4
• Support for environment keyword in downstream pipelines
• macOS 13 (Ventura) image for SaaS runners on macOS
• Browser-based DAST active check 22.1 is enabled by default
• Custom email address for Service Desk
• Improved SAST vulnerability tracking
• Dependency and License Scanning support for pnpm lockfile v6.1
• Pipeline-specific CycloneDX SBOM exports
• Private registry support for Operational Container Scanning
• SAST analyzer updates
• Allow users to define branch exceptions to enforced security policies
• Email notification when access expires
• Notifications for expiring access tokens
• Geo supports unified URLs on Cloud Native Hybrid sites
• Geo verifies object storage
• Omnibus improvements
• Elasticsearch index integrity now generally available
• Bug fixes

---

GitLab 16.3 Release (2023-Aug-22)

GitLab 16.3 release introduces more than 100 improvements importantly the new velocity metrics in the Value Streams Dashboard, more powerful GitLab SaaS runners on Linux, additional filtering for scan result policies, workspace connections with SSH, Flux sync status visualization, and much more!

Key improvements:

1. New velocity metrics in the Value Streams Dashboard

Availability – in SaaS Gitlab Ultimate and self-managed GitLab Ultimate

Capabilities – Merge request (MR) throughput and Total closed issues (Velocity). In GitLab, MR throughput is a count of the number of merge requests merged per month, and Total closed issues is the number of flow items closed at a point in time.

 

2. Connect to a workspace with SSH

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – create reproducible, ephemeral, cloud-based runtime environments. With this release, you can now securely connect to a workspace from your desktop with SSH and use your local tools and extensions. The first iteration supports SSH connections directly in VS Code or from the command line with editors like Vim or Emacs.

3. Flux sync status visualization

Availability – in SaaS GitLab Free Premium and Ultimate and self-managed GitLab Free Premium and Ultimate

Capabilities – you can check your deployments with the environments UI. Deployments rely on FluxKustomization and HelmRelease resources to gather the status of a given environment, which requires a namespace to be configured for the environment.

4. Additional filtering for scan result policies

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – Determining which results from a security or compliance scan are actionable is a significant challenge for security and compliance teams. Granular filters for scan result policies will help you cut through the noise to identify which vulnerabilities or violations require your attention the most.

• Status: Status rule changes introduce more intuitive enforcement of “new” versus “previously existing” vulnerabilities. A new status field new_needs_triage allows you to filter only new vulnerabilities that need to be triaged.
• Age: Create policies to enforce approvals when a vulnerability is outside of SLA (days, months, or years) based on the detected date.
• Fix Available: Narrow the focus of your policy to address dependencies that have a fix available.
• False Positive: Filter out false positives that have been detected by our Vulnerability Extraction Tool, for SAST results, and via Rezilion for our Container Scanning and Dependency Scanning results.

5. Security findings in VS Code

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – monitor the status of your CI/CD pipeline, watch CI/CD job logs, and move through your development workflow in the GitLab Workflow panel. Now, after you create a merge request for your branch, you can also see a list of new security findings that weren’t previously found on the default branch.

 

6. Use the needs keyword with parallel jobs

Availability – in SaaS GitLab Free Premium and Ultimate and self-managed GitLab Free Premium and Ultimate

Capabilities – enabled the ability to use needs with parallel matrix jobs too. You can now define a flexible dependency relationship to parallel matrix jobs, which can help speed up your pipeline even more!

 

7. More powerful GitLab SaaS runners on Linux

Availability – in SaaS GitLab Free Premium and Ultimate and self-managed GitLab Free Premium and Ultimate

Capabilities – introducing xlarge and 2xlarge SaaS runners on Linux. Equipped with 16 and 32 vCPUs respectively and fully integrated with GitLab CI/CD, these runners will allow you to build and test your application faster than ever before.

 

8. Azure Key Vault secrets manager support

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – now easily be retrieved and used in CI/CD jobs. Our new integration simplifies the process of interacting with Azure Key Vault through GitLab CI/CD, helping you streamline your build and deploy processes!

Other improvements:

• Audit event recorded for applications settings change
• Configurable import limits available in application settings
• New navigation has color themes available
• No entity export timeout for migrations by direct transfer
• Preserve pull request reviewers when importing from BitBucket Server
• Support for Azure AD overage claim
• CODEOWNERS file syntax and format validation
• Expose pipeline name as a predefined CI/CD variable
• Automatic response to leaked Postman API keys
• GitLab Runner 16.3
• Improved SAST vulnerability tracking
• Kubernetes 1.27 support
• Wrap feature flag names instead of truncating
• SAST analyzer updates
• Dependency and License Scanning support for Java v21
• Runner tags enable UI-based configuration of on-demand DAST scans
• Explain this vulnerability
• Compliance reports renamed to Compliance center
• Improve accuracy of scan result policies
• Instance-level streaming audit event filters
• Names for audit event streams
• Security bot to trigger scan execution policies pipelines
• Geo verifies group wikis
• Include or exclude archived projects from project search results
• Omnibus improvements
• Bug fixes

---

GitLab 16.2 Release (2023-Jul-22)

GitLab 16.2 release introduces more than 110 improvements importantly the all new rich text editor experience, command palette, support for keyless signing with Cosign, new customization layer for the Value and Streams Dashboard.

Key improvements:

1. All new rich text editor experience

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Available for all, in issues, epics and merge requests, GitLab 16.2’s all new rich text editor

• removes the need to remember syntax references or working with long tables.
• provides extensible foundation on which we can build custom editing interfaces for things such as diagrams, content embeds, media management, and many more.

2. GitLab triggers a Flux synchronization without any configuration

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Flux synchronizes Kubernetes manifests at regular intervals by default. Now, with GitLab 16.2, additional configuration no longer involved when triggering a reconciliation immediately as a manifest changes by default.

3. Support for Keyless Signing with Cosign

Availability – in SaaS GitLab Premium and Ultimate

Capabilities – GitLab 16.2 makes proper storing, rotating, and managing signing keys easier  as it supports keyless signing through a native integration with the Sigstore Cosign tool. Signing is performed through a very short-lived signing key where the key is generated through a token obtained from the GitLab server via the OIDC identity of the user who ran the pipeline.

4. Command palette

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16.2 comes with new command palette that enables you to use the keyboard to do more.

Enabling the command palette involves the following simple steps:

•  open the left sidebar and click Search GitLab (🔍)
• or use the /  key.

5. Track your machine learning model experiments

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16.2 allows data scientists to directly log parameters, metrics, and artifacts with machine learning model experiment so they can have easy access the their most performant models.

6. New customization layer for the Value Streams Dashboard

Availability – in SaaS GitLab Ultimate and self-managed GitLab Premium and Ultimate

Capabilities –  GitLab 16.2 is now added with new configuration file to the Value Streams Dashboard. This files let customization of the dashboard’s data and appearance easier, making you able to define various settings and parameters, such as title, description, and number of panels and filters.

Additionally, the file is schema-driven and managed with version control systems like Git that allows you to track and maintain a history of configuration changes, revert to previous versions if necessary, and collaborate effectively with your team members.

Furthermore,  the new configuration as well includes the option to filter the metrics by labels.

Other improvements:

• Automatic deletion of unconfirmed users
• GitLab for Slack app available on self-managed GitLab
• Improved security for feed tokens
• Enhanced Improved sign-in and sign-up pages
• Speed up imports from GitHub using multiple access tokens
• Sync auditor role with OIDC provider
• View deployments from Jira issues mentioned in GitLab commits
• Add emoji reactions to comments on uploaded designs
• Interactive diff suggestions in merge requests
• Improve Git LFS download performance
• CI/CD: Support for when: never on conditional includes
• GitLab Runner 16.2
• Medium SaaS runners on Linux available to all tiers
• Import PyPI packages with CI/CD pipelines
• Install the agent for Kubernetes using extra volumes in the Helm chart
• Advanced SAST vulnerability tracking
• SAST analyzer updates
• Secret Detection updates
• Enable initial push to protected branches
• Enable scan execution policies to allow CI/CD pipelines in development projects
• Support for NuGet v2 in Dependency and License Scanning
• Compliance frameworks report export
• Audit event streaming to Google Cloud Logging
• Instance-level streaming audit events
• Group/Sub-Group Level Dependency List
• Backup adds the ability to skip projects
• Streaming audit event filtering UI
• Omnibus improvements
• Target “Default” or “Protected” branches in security policies
• Geo add individual resync and reverification for all components
• Group-level wiki now available in Advanced Search
• Bug fixes

---

GitLab 16.1 Release (2023-Jun-22)

GitLab 16.1 release involve more than 100 improvements which highlights on completely new navigation as well as other key features such as GitLab Dedicated General Availability, Kubernetes resource visualization, Authentication with Service Accounts and much more.

Key improvements:

1. All new navigation experience

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – The GitLab 16.1 provides every user the all-new navigation experience that aims to address three key areas of feedback; navigation can prove daunting, making it difficult to resume where you left off and lacking customization options.

The new navigation includes a streamlined and improved left sidebar that enables you to:

• pin frequently accessed items
• hide the sidebar entirely and ‘peek it back into view.
• simply switch contexts, search, and view subsets of data with the new ‘Your Work and Explore’ options.
• scan faster due to fewer top-level menu items.

Get started with the all-new navigation through – go to your avatar in the top right of the UI and turn on the New navigation toggle.

2. Visualise Kubernetes resources in GitLab

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – This feature allows users to have better insight with ability to see an overview of the primary resources in their Kubernetes deployments. Additionally, this feature works with every connected Kubernetes cluster regardless where you deploy your workloads (with the CI/CD integration or GitOps).

3. Authenticate with Service Account

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Service account creation and management is API-only as well as not bound by human user and are more granular in scope.

4. GitLab Dedicated availability

Availability – in SaaS GitLab Ultimate

Capabilities – GitLab Dedicated enables organizations to have access to all of the benefits of the DevSecOps platform which include faster releases, improved security, and more productive developers while at the same time meeting  compliance requirements such as data residency, isolation, and private networking.

5. Artifacts page to manage job artifacts

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – This features let users view artifacts without the need to go to each job’s detail page, or use the API. Users can view and manage artifacts by accessing the artifacts page at build -> artifacts.

Delete artifacts is also allowed for users with at least maintainer role.

6. Enhanced CI/CD variables list view

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16.1 release involved the first iteration of CI/CD improvements where the “Type” and “Options” columns are merged into a new Attributes column to better represents these related attributes.

Other improvements:

• Improved domain verification
• More detail in completed GitHub project import summary
• Password reset email sent to any verified email address
• Personal access token last_used value updated more frequently
• Prevent user from deleting account
• Reintroduction of OmniAuth Shibboleth support
• SCIM identities included in users API response
• Select administrator access for personal access tokens in Admin Mode
• View Vulnerability Report as Customizable Permission
• Configure the static file directory in GitLab Pages
• Add a description to design uploads
• Configure the static file directory in GitLab Pages
• Create a changelog from the GitLab CLI
• Comment on whole file in merge requests
• CI/CD job token scope API endpoint
• Beautify the UI of CI/CD pipelines and jobs
• GitLab Runner 16.1
• CI/CD: Use needs in rules
• Runner details – consolidate runners sharing a configuration
• Increased storage for GitLab SaaS runners on Linux
• Install npm packages from your group or subgroup
• Issue URL placeholder in Service Desk emails Automatic response to leaked Google Cloud secrets
• Show external user as a comment author in Service Desk issues
• Code Quality analyzer updates
• Clearer guidance and better coverage for SAST rules
• Shared ruleset customizations in SAST, IaC Scanning, and Secret Detection
• SAST analyzer updates
• Fail closed for invalid Security Policy approval checks
• Backup adds the ability to skip projects
• Geo adds filtering by replication status to all components
• Geo verifies Design repositories
• GitLab chart improvements
• Omnibus improvements
• Bug fixes

---

GitLab 16.0 Release (2023-May-22)

GitLab is now moving towards comprehensive DevSevOps platform. With this vision, GitLab’s journey in building and integrating Machine Learning (ML) and Artificial intelligence (AI) into DevSecOps continues to happen to enable you to securely develop software, faster. The year 2023 celebrates the release of GitLab 16. GitLab 16 release brings in more than 55 improvements including new Value Streams Dashboards, improvements to AI-powered Code Suggestions, remote development workspaces, more powerful GitLab SaaS runner and multiple other enhancements.

Key improvements:

1. New Value Streams Dashboard

Availability – in SaaS and self-managed GitLab Ultimate

Capabilities – The new Value Streams Dashboard offer strategic insights into metric for decision makers to identify trends and optimize software delivery.  This feature gives comprehensive views to stakeholders  (from executives to contributor) making them have full visibility into the software development life cycle, all from a single application.

2. Upsizing GitLab SaaS runners on Linux

Availability – in SaaS GitLab Premium and Ultimate

Capabilities – GitLab 16 release involves doubling on vCPU & RAM for all GitLab SaaS runners on Linux making pipelines to run faster thus increase productivity.

3. Apple silicon (M1) GitLab SaaS runners on macOS – Beta

Availability – in SaaS GitLab Premium and Ultimate

Capabilities – With GitLab 16, the mobile DevOps teams are now able to run GitLab SaaS runners on macOS to  create, test, and deploy applications for the Apple ecosystem.

GitLab 16 with three times the performance of hosted x86-64 macOS Runners speeds up building and deploying applications of your development team.

4. Comment templates

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Comment templates in GitLab 16 makes your workflow faster by letting you to create saved responses that you can apply in comment boxes around GitLab.

Create a comment template is done by going to User settings > Comment templates and then fill out your template. Saved. Select the Insert comment template icon on any text area, and your saved response will be applied.

5. Update your fork from the GitLab UI

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities –GitLab 16 makes it easier to manage fork from the GitLab UI. This feature allows you to update fork;

• When fork is behind, solve it by clicking update fork in the GitLab UI to align with the latest upstream changes.
• When fork is ahead, solve it by selecting create merge request to contribute your changes back to the upstream project.

6. Mirror Specific Branch only

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – Now, with GitLab 16, you no longer need to mirror the entire repository as you can select specific branches by creating a regular expression that matches only the branches you need.

7. New Web IDE experience now generally available

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16 introduces Web IDE Beta and will become the default multi-file code editor across GitLab.

8. Remote development workspaces available in Beta for public projects

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – This feature allows you to define a consistent, stable, and secure development environment in code  then utilise it to create on-demand, remote development workspaces.

These workspaces function as personal, ephemeral development environments in the cloud. As local development environment is no longer needed, you can now better focus on your code instead of dependencies.

Setting up workspaces include;

1. Configure GitLab Agent for Kubernetes and install the dependencies in your self-hosted cluster or cloud platform.
2. Define your development environment in a .devfile.yaml file and store it in a public project.
3. Create a workspace based on the .devfile.yaml file and edit directly in the embedded Web IDE.

9. Security training with SecureFlag

Availability – in SaaS GitLab Ultimate and self-managed GitLab Ultimate

Capabilities – GitLab 16 adds in integration with SecureFlag based upon the CWE of the vulnerability to the previously introduced Contextual training in GitLab 14.9. SecureFlag’s provides remediation advice with example codes and recommendation hands-on labs to help you remediate vulnerabilities.

10. Token rotation API

Availability – in SaaS GitLab Premium and Ultimate and self-managed GitLab Premium and Ultimate

Capabilities – GitLab 16 enables token owners to use a :rotate API endpoint to programatically rotate personal, group, and project access tokens.

11. AI-powered workflow features