GitLab has released version 17.10, expanding the scope of its Duo AI assistant and adding security features for CI/CD credentials.
Duo AI Agents
A new class of autonomous agents can now be triggered on merge requests to perform multi-step tasks: generating missing tests, refactoring based on review comments, or migrating code across framework versions. Agents operate within sandboxed environments and always produce a diff for human review before changes are applied.
Native CI/CD Secret Rotation
Project and group-level secrets can now specify a rotation schedule and an integration (AWS Secrets Manager, HashiCorp Vault, GCP Secret Manager) from which to pull fresh values. Pipelines automatically receive the rotated values without manual intervention.
Other Improvements
- Merge Request approvals by codeowner groups
- Container registry supports OCI v1.1 with referrers API
- Faster project import from GitHub with parallelized LFS transfer
