GitLab 19.0 introduces several major updates to its DevSecOps platform. The headline feature is GitLab Secrets Manager entering public beta, which scopes credentials to individual authorized CI/CD jobs rather than granting them project-wide — implementing least-privilege access by default. Developer Flow agentic workflows are extended across the full merge request lifecycle, reading project-specific AGENTS.md and agent-config.yml files to match team conventions. Four new open-source models (Mistral Devstral 2 123B, GLM-5.1, Kimi-K2.6, MiniMax-M2.7) are added to the self-hosted Duo Agent Platform for air-gapped and regulated environments. Additional updates include Components Analytics for CI/CD catalog visibility and SBOM-based dependency scanning. An external security researcher cautions that agentic pipelines still need execution governance to prevent forgotten permissions from becoming security liabilities.
Table of contents
Prisoners of the AI paradoxThe principle of least privileged accessKeeping developers in flow across the lifecycleFour new open source modelsDon’t forget forgotten permissionsFix AI infrastructure first, then codeSort: