Most teams start with basic security practices, such as branch protection and simple access controls. But, there’s often a moment when teams realize they need more. It could be when they land their first enterprise client, when they start handling sensitive data, or when they experience their first security incident. If you’re unsure whether you’re…

In previous entries in this series, we covered how we used GitLab Duo to generate tests for our code as well as what we learned while using GitLab Duo for generating automated tests. We also shared some of the ways we addressed making changes to GitLab Duo generated tests. This last article in the series…

Git commands allow developers to manage different versions of code and collaborate as a team. If you’re in a Windows environment, you may have heard of Git Bash, a Bash terminal emulator that includes a Windows-friendly version of Git. Discover everything you need to know about installing Git Bash in this guide. How does Git…

At GitLab we have a tradition: Every year, we invite a bug bounty hunter to join us for an AMA. This year, we met with Alexander Siyou Tan, also known as ahacker1, and did a deep dive into all aspects of bug bounty hunting. About Alexander (ahacker1) Alexander is passionate about hacking complex SaaS applications,…

While manual code review processes may suffice for a small team, as DevSecOps teams scale, the processes create significant bottlenecks that impede software development velocity and quality. Often slow, inconsistent, and frequently failing to catch critical vulnerabilities, the manual approach leads to technical debt and increased security risks. To mitigate risks and drive innovation, organizations…

Memory unsafe languages are those that do not handle any memory management on behalf of the developer. For example, when programming in C or C++, if you need memory during runtime, you will need to allocate and deallocate the memory yourself, running the risk of ending up with memory leaks in cases when you inadvertently…

Writing PHP application code and ensuring the application is running smoothly in production are often two different skills sets owned by two different engineers. GitLab aims to bridge the gap by enabling the engineer who has written the PHP application code to also deploy it into Google Cloud Platform with little effort. Whether you own…

The first part of our three-part series on test generation with GitLab Duo focused on how to automate code testing. Now, we will share the lessons we learned while using AI for test generation. Situations we encountered and how we handled them Overall, we were pleased with the results using GitLab Duo to generate tests…

GitLab is continuously translated by our global community of translators and proofreaders. Through Crowdin, they help make our product more accessible to the world by translating it into 78 languages. GitLab translation community members are volunteer translators, working professionals who are GitLab users, and even university students contributing to translators as part of their classroom…

It’s 9 a.m. somewhere, and a DevOps engineer is starting their day. They check their GitLab todo list to see any mentions or tasks assigned to them, collaborating with other stakeholders in their organization. These tasks can include: managing infrastructure maintaining the configuration of resources maintaining CI/CD pipelines automating processes for efficiency maintaining monitoring and…