GitLab 18.9 introduces Duo Agent general availability, vulnerability resolution, and more

GitLab 18.9 is now available, bringing an array of feature updates for software development and DevOps teams. The general availability of GitLab Duo Agent Platform allows self-managed customers with a cloud license to use this feature with usage-based billing. Administrators gain the flexibility to configure compatible AI models, such as Anthropic Claude or OpenAI GPT, by integrating with AWS Bedrock or Azure OpenAI.

Building on automation, the Agentic SAST Vulnerability Resolution feature lets GitLab Duo autonomously analyze static application security testing (SAST) findings, determine solutions based on code context, apply fixes, and open merge requests without manual intervention. This workflow is currently offered as a free beta for Ultimate customers.

Focusing on developer productivity, users can now browse repository files using a collapsible file tree. This interface provides a holistic view of project structure, supports expanding and collapsing directories inline, and enables easy file navigation while maintaining context. Teams working on complex pipelines benefit from the ability to include input definitions from external files via the familiar include keyword, supporting configuration reuse across multiple projects.

Further enhancements include web-based commit signing for GitLab.com and a beta release of the container virtual registry, as well as additional platform updates.