Conducting security scans is a regular part of any software development process. Whether scanning source code (e.g., Java, Python, or other languages), configuration files (e.g., YAML files), or container images, these scanning tools help development teams be proactive about understanding and addressing security threats. Traditionally, developers run these security scans as part of CI/CD pipelines.…

Artificial intelligence (AI) is quickly becoming the backbone of modern software development, fueling developer efficiency and accelerating innovation. With the emergence of AI agents implementing code based on instructions from humans, we are learning that implementing AI-based features has its own unique set of security challenges. How do we protect access to the resources AI…

A deep dive on the work that went into making the component that powers repository and pull request file trees. The post Considerations for making a tree view component accessible appeared first on The GitHub Blog. Tree views are a core part of the GitHub experience. You’ve encountered one if you’ve ever navigated through a…

Open source AI models are in widespread use, enabling developers around the world to build custom AI solutions and host them where they choose. The post Open source AI is already finding its way into production appeared first on The GitHub Blog. Open source has long driven innovation and the adoption of cutting-edge technologies, from…

Continuous deployment is a game-changing practice that enables teams to deliver value faster, with higher confidence. However, diving into advanced deployment workflows — such as GitOps, container orchestration with Kubernetes, or dynamic environments — can be intimidating for teams just starting out. At GitLab, we’re committed to making delivery seamless and scalable. By enabling teams…

Welcome to our “Getting started with GitLab” series, where we help newcomers get familiar with the GitLab DevSecOps platform. Knowing how to import your projects to GitLab is an essential skill to make the most of the GitLab DevSecOps platform. You’ve set up your account, invited users, and organized them based on your use case…

Deploying an application to the cloud often requires assistance from production or DevOps engineers. GitLab’s Google Cloud integration empowers developers to handle deployments independently. In this tutorial, you’ll learn how to deploy a server to Google Cloud in less than 10 minutes using Go. Whether you’re a solo developer or part of a large team,…

AI capabilities are rapidly reshaping how teams build, secure, and deploy applications. As part of our ongoing commitment to helping you navigate the evolving marketplace, GitLab has introduced more than 440 improvements in the past three releases. We’re excited to spotlight three standout features making an immediate impact on how teams approach AI-powered DevSecOps. In…