GitLab 19.0 targets the gap between writing code and shipping it

TL;DRGitLab 19.0 extends agentic AI across the full software lifecycle with its Duo Agent Platform, adds SBOM-based dependency scanning, and supports Claude Opus 4.7 and Gemini models. The release targets the gap between faster code generation and slower delivery pipelines.

GitLab has released version 19.0, its first major version bump in a year, built around a concept the company calls intelligent orchestration. The pitch is that AI coding assistants have made writing code faster, but reviews, pipelines, security scans, and deployments remain manual bottlenecks. GitLab wants to close that gap.

The release expands the GitLab Duo Agent Platform, which reached general availability in January 2026. Duo agents now work across the full software lifecycle, from planning to security remediation, running tasks in parallel rather than waiting for human handoffs at each stage.

The most significant new capability is the SBOM-based dependency scanner, now generally available. It gives Maven, Gradle, and Python projects full visibility into vulnerabilities across their entire dependency tree, including transitive dependencies that are not declared directly. That matters because roughly 70 per cent of critical security debt comes from third-party code, according to Veracode’s 2025 State of Software Security report.