GitLab 18.4 boosts AI workflow tools & strengthens security

GitLab has launched its 18.4 release, introducing enhancements aimed at streamlining developer workflows, supporting AI-driven development, and improving security and governance over artificial intelligence usage.

The release expands several core AI-native features, including enabling the building and sharing of custom agents, navigating codebases using a Knowledge Graph, and optimising feature performance through model selection. The update is intended to support developer teams by providing tools that keep workflows efficient while addressing security and organisational needs.

Custom agents and AI catalog

Among the main additions in GitLab 18.4 is the GitLab Duo AI Catalog. This serves as a centralised library where teams can develop, share, and collaborate on custom-built agents across their organisation. The aim is to foster a structured approach to automating routine tasks and enable knowledge sharing within software teams.

This builds on the previous GitLab release, 18.3, which, according to the company, established foundations for human-AI collaboration. The earlier release featured integrations of tools such as Claude Code, Codex CLI, Amazon Q CLI, and Gemini CLI as native components within GitLab, along with the introduction of the GitLab Model Context Protocol (MCP) server in collaboration with Cursor. Additionally, 18.3 included workflows like Issue to MR and Convert CI File for Jenkins Flows, targeting common challenges encountered by development teams.

Knowledge Graph for codebase navigation

The new Knowledge Graph functionality "transforms how developers and agents understand and navigate complex codebases, providing a connected map of the entire project linking files, routes, and references across the software development lifecycle." GitLab states that this feature is intended to reduce the time required to understand large or unfamiliar codebases, making it easier for engineers to work on shared projects and for AI agents to contribute effectively.

Model selection and expanded controls

Another update in this release is the general availability of GitLab Duo model selection. This gives customers direct control over which large language models (LLMs) power GitLab Duo. Teams can now "select the models of their choice, apply them across the organisation, or tailor them per feature." This flexibility is designed to help organisations balance performance and security considerations when using AI features in their development environments.

Agentic Chat and improved transparency

With 18.4, GitLab has updated its Agentic Chat system to improve both the user experience and the transparency of automated agent workflows. Enhanced session management now provides richer session detail, including job logs, user information, and tool metadata. These improvements, GitLab says, are intended to give "critical transparency into how agents are working on behalf of users."

Pipelines and business alignment

The Fix Failed Pipelines Flow with business awareness is another key part of the 18.4 release. This feature combines technical analysis with "strategic context to maintain green pipelines." The process includes features such as business-aware failure detection, contextual root cause analysis, strategic fix prioritisation, and workflow-integrated resolution that automatically creates merge requests. According to GitLab, these changes are aimed at ensuring that pipeline status remains aligned with business objectives, while maintaining review processes and contextual prioritisation.

Security, governance and context exclusion

Security and governance remain a focus in the 18.4 release, particularly regarding AI usage. The update introduces Context Exclusion, allowing project-level settings to "exclude specific files or paths from AI access, protecting sensitive data while supporting AI-driven workflows." This measure enables organisations to leverage AI tools without compromising confidential or regulated project data.

GitLab 18.4 aims to make the day-to-day experience of developers smoother, smarter, and more secure, with features such as reusable agents and business-aware pipeline fixes designed to help teams maintain flow while balancing speed, security, and control.

GitLab's latest features are designed to address the needs of enterprise software development teams working to implement AI securely and productively within fast-paced delivery pipelines.