[{"data":1,"prerenderedAt":813},["ShallowReactive",2],{"/en-us/blog/continuous-delivery-with-gitlab-and-convox":3,"navigation-en-us":33,"banner-en-us":443,"footer-en-us":453,"blog-post-authors-en-us-Noah Zoschke":695,"blog-related-posts-en-us-continuous-delivery-with-gitlab-and-convox":709,"blog-promotions-en-us":749,"next-steps-en-us":803},{"id":4,"title":5,"authorSlugs":6,"body":8,"categorySlug":9,"config":10,"content":14,"description":8,"extension":22,"isFeatured":12,"meta":23,"navigation":24,"path":25,"publishedDate":20,"seo":26,"stem":30,"tagSlugs":31,"__hash__":32},"blogPosts/en-us/blog/continuous-delivery-with-gitlab-and-convox.yml","Continuous Delivery With Gitlab And Convox",[7],"noah-zoschke",null,"open-source",{"slug":11,"featured":12,"template":13},"continuous-delivery-with-gitlab-and-convox",false,"BlogPost",{"title":15,"description":16,"authors":17,"heroImage":19,"date":20,"body":21,"category":9},"Continuous Delivery with GitLab and Convox","This tutorial will show you how to use GitLab and Convox together to ship software quickly and reliably.",[18],"Noah Zoschke","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749684833/Blog/Hero%20Images/gitlab-convox-cover.jpg","2016-06-09","[Convox](https://convox.com/) is an open-source tool for deploying, managing, and monitoring applications on cloud infrastructure. It increases the productivity of your developers, reduces your infrastructure spend, and ensures that your architecture is resilient, consistent, and compliant.\n\nRecently, Convox launched a native integration with [GitLab](/) for Continuous Delivery (CD). This tutorial will show you how to use GitLab and Convox together to ship software quickly and reliably.\n\n**Note:** For this tutorial we assume you are familiar with Continuous Deployment (CD) and have a GitLab, [Slack](https://slack.com/) and [Amazon Web Services](https://aws.amazon.com/) (AWS) account. We also assume you are curious about how [Convox](https://convox.com/) utilities make setting up a private, production-ready cloud environment easy.\n\n\n\u003C!-- more -->\n\n----------\n\n### What's in this page?\n\n\n- TOC\n\n\n----\n\n## Continuous Delivery\n\nContinuous Delivery (CD) is a modern software development best practice. Your team wants and needs the ability to safely push updates to production multiple times a day. With a great CD pipeline you can:\n\n* Ship features faster and more frequently\n* Roll out bug fixes and security patches instantly\n* Keep your development team in a coding flow\n* Eliminate work and interruptions on infrastructure that’s not core to your business\n\nIf you don’t have CD tools, you may be spending too much precious time and budget on infrastructure, servers and bespoke deployment tools.\n\nSee the [Wikipedia article on Continuous Delivery](https://en.wikipedia.org/wiki/Continuous_delivery) for more details about the Continuous Delivery approach.\n\n## CD with GitLab and Convox\n\nThe best Continuous Delivery workflow offers a way to `git push` code and automatically deploy it to resilient cloud infrastructure.\n\nConvox and GitLab together represent a modern open-source based Continuous Delivery solution. With both of them your team can:\n\n* **Set up a private deployment cloud in minutes** with `convox install`\n* **Create a production-ready application** with `convox apps create`\n* **Link GitLab.com or GitLab CE/EE and Slack to your deployment cloud** through the Convox Console\n* **Push code to GitLab** with `git push`\n* **Let GitLab webhooks or CI automate builds**, tests and deploys of your code to Convox\n* **Notify your team via Slack** when the new release is live\n\nThis level of automation enables your team to safely release new code as fast as possible, offering an extremely productive workflow for you and your team.\n\nAll of this is built on open-source software that you are free to read, modify, and work with the OSS communities to improve.\n\nOn top of the open-source projects, both GitLab and Convox offer enterprise-grade options to run this in a totally isolated environment where your code, images and containers never leave your control.\n\n![Continuous Delivery from GitLab to Convox](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/gitlab-integration.png)*Continuous Delivery from GitLab to Convox*\n\n![Push Code, Get Service](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/slack.png)*Push Code, Get Service*\n\n### Setting up a Convox Deployment Environment\n\nWe first need to configure an isolated environment where we will deploy everything. When deploying to AWS, there is a minimum architecture we want for a production-ready environment. Convox makes this simple with the `convox install` and `convox apps create` tools. Click the \"Get Started\" button on [convox.com](https://convox.com/) to access the web or command line installer.\n\nConvox expertly integrates the following AWS services:\n\n* Virtual Private Cloud spanning 3 availability zones for network isolation\n* EC2 and an AutoScale Group (ASG) with at least 3 instances for redundancy\n* CloudFormation stacks for safe, automated updates for new AMIs or to scale up instance type and count\n* EC2 Container Service (ECS) for container-based zero downtime deploys\n* EC2 Container Registry (ECR) for storing build artifacts\n* Elastic Load Balancer (ELB) for SSL, websockets and load balancing\n* CloudWatch Logs for log tailing, archiving and search\n\nWith this consistent, batteries-included cluster setup with the `convox` tools we can now relibly deploy, configure and scale our applications.\n\nYou can read the [Getting Started on Convox](https://convox.com/docs/getting-started/) guide for more detailed instructions about setting everything up.\n\n### Granting GitLab and Slack Auth to Convox\n\nEvery service integration begins with authorizing two services to talk to each other. For the first iteration of GitLab and Convox, we opted for a simple token-based solution.\n\n![Get your GitLab Private Token](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/gitlab-account.png)*Get your GitLab Private Token*\n\n![Give Convox your GitLab Endpoint and Token](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/gitlab-setup.png)*Give Convox your GitLab Endpoint and Token*\n\nConvox encrypts this token, and decrypts it when it needs to perform actions on your GitLab instance like creating a webhook and deploy key.\n\nSimilarly, you integrate Convox and Slack with an OAuth flow.\n\nNow Convox has access tokens to get and send information to GitLab and Slack.\n\n### Git Push Webhooks\n\n[Webhooks](https://docs.gitlab.com/web_hooks/web_hooks/) — user-defined HTTP callbacks — are the fabric on which Continuous Deployment systems are built.\n\nGitLab has tremendous webhook support, allowing you to configure how it will make an HTTPS request to an external system on events like every comment, code push and code merge.\n\nWhen you integrate GitLab with a Convox app, the first thing Convox does is add a new Push Event webhook to your project pointing to a secure and secret Convox URL.\n\n![Tell Convox About the Push](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/gitlab-webhooks.png)*Tell Convox About the Push*\n\nWhen this is configured, Convox will get a notification every time your team pushes new code.\n\n### GitLab Deploy Keys\n\nGitLab has an impeccable security model. If a system like Convox happens to learn the URL for a private repo via a webhook, we still want to control its ability to read or write to this private repo.\n\nTo grant Convox limited, read-only access to your private repo, GitLab offers “[Deploy Keys](https://docs.gitlab.com/user/project/deploy_keys/).” These are SSH keys that have read-only access to a repo, guaranteeing that a third-party system can clone code, but can not push any code back.\n\n![Read-only SSH key](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/gitlab-deploy-key.png)*Read-only SSH key*\n\nWhen you integrate GitLab with a Convox app, the next thing Convox does is generate a new SSH keypair, encrypt and save the private key, and set up a new Deploy Key with the public key.\n\nWith a webhook and deploy key, Convox can dutifully perform an automatic build and/or deploy.\n\n### Delivering Code to Production\n\nNow that a Convox environment is running and it is authorized to get webhooks and pull code from GitLab, and send notifications to Slack, we can do our first `git push` deploy that rolls out new containers:\n\n```shell\n$ git push gitlab master\nCounting objects: 8, done.\nDelta compression using up to 4 threads.\nCompressing objects: 100% (8/8), done.\nWriting objects: 100% (8/8), 758 bytes | 0 bytes/s, done.\nTotal 8 (delta 7), reused 0 (delta 0)\nTo https://gitlab.com/nzoschke/httpd.git\n   176d4d2..896d06b  master -> master\n\n$ convox builds\nID           STATUS    RELEASE      STARTED         ELAPSED DESC\nBCPSBDTVSVB  complete  RQYRSVEXGLD  56 seconds ago  52s      push nzoschke/httpd refs/heads/master 896d06b2a72e702c3c2efe8fae9670bd19f5f255\nBSZIBYZFDDU  complete  RVUEQWAOHTN  5 days ago      60s      push nzoschke/httpd refs/heads/master 176d4d22d0631c1223ea7ba31d80f837e4a24390\n\n$ convox builds info BCPSBDTVSVB\nRUNNING: git clone --progress git@gitlab.com:nzoschke/httpd.git src\nRUNNING: git checkout 896d06b2a72e702c3c2efe8fae9670bd19f5f255\nRUNNING: /usr/local/bin/git-restore-mtime .\nRUNNING: docker pull httpd\n...\ncb604ab7d359: Pull complete\nDigest: sha256:3eae43b977887f7f660c640ba8477dc1af1626d757ff1a7ddba050418429f2f6\nStatus: Downloaded newer image for httpd:latest\nRUNNING: docker tag -f httpd httpd/web\nRUNNING: docker tag -f httpd/web 132866487567.dkr.ecr.us-east-1.amazonaws.com/convox-httpd-owdnefujkr:web.BCPSBDTVSVB\nRUNNING: docker push 132866487567.dkr.ecr.us-east-1.amazonaws.com/convox-httpd-owdnefujkr:web.BCPSBDTVSVB\nThe push refers to a repository [132866487567.dkr.ecr.us-east-1.amazonaws.com/convox-httpd-owdnefujkr] (len: 1)\n...\nweb.BCPSBDTVSVB: digest: sha256:943ca8f7dbbbfa99f761fae8f8f8d57fa99b6ac7b939ce787ec33735ec68edcb size: 23914\n\n$ convox releases\nID           CREATED       STATUS\nRQYRSVEXGLD  1 minute ago  active\nRVUEQWAOHTN  5 days ago    active\n\n$ convox ps\nID            NAME  RELEASE      SIZE  STARTED         COMMAND\n1bac0db9b7b5  web   RQYRSVEXGLD  256   25 seconds ago  httpd-foreground\n47542b8458a8  web   RVUEQWAOHTN  256   5 days ago      httpd-foreground\nd29eb239fda9  web   RQYRSVEXGLD  256   25 seconds ago  httpd-foreground\nef1d2825f528  web   RVUEQWAOHTN  256   1 day ago       httpd-foreground\n```\n\nYou can see that release `RQYRSVEXGLD` is rolling out and replacing an older release `RVUEQWAOHTN`. In a few more seconds the new code will be up and running. The build and zero-downtime deploy is fully automated by Convox and GitLab.\n\nThe final icing on the cake is that your whole team is notified about the new release on Slack:\n\n![Push Code, Get Service](https://about.gitlab.com/images/blogimages/continuous-delivery-with-gitlab-and-convox/slack.png)*Push Code, Get Service*\n\n### Automated Testing\n\nI'm sure you noticed that we went directly from a code push to production. This demonstrates all the heavy lifting, and may be suitable for QA or staging workflows, but for anything going out to production we almost certainly want to run some tests too.\n\nThis is possible to set up with a few changes. [GitLab CI](/solutions/continuous-integration/) is an excellent tool and service for automating tests.\n\nYou can tell GitLab to deploy to Convox by setting `CONVOX_PASSWORD` as a User-defined variable, then adding a `.gitlab-ci.yml` file similar to:\n\n```yaml\ntest:\n  script:\n  - make test\n\nproduction:\n  type: deploy\n  script:\n  - curl -Ls https://install.convox.com/linux.zip > convox.zip\n  - unzip convox.zip\n  - convox login\n  - convox switch org/rack\n  - convox deploy --app app\n  only:\n  - tags\n\n```\n\nSee the [CI Variables](https://docs.gitlab.com/ci/variables/) doc and [GitLab CI Examples](https://docs.gitlab.com/ci/examples/) doc for more information.\n\n## Open Source Evolution\n\nBoth GitLab and Convox are always working hard to improve APIs, integrations and tools for automating continuous delivery as open-source projects.\n\nWe encourage you to participate in the open-source projects future enhancements in this space such as a more formal [GitLab Deploy](https://gitlab.com/gitlab-org/gitlab-ce/issues/3286#note_4141009) enhancement and the [Convox Build / Deploy / Release Pipeline](https://github.com/convox/rack/milestones/Build%20/%20Deploy%20/%20Release%20Pipeline) milestone.\n\n## Conclusion\n\nAs you can tell, there are a lot of details to coordinate between your team pushing code and delivering it as a production service in the cloud.\n\nGitLab and Convox understand how important Continuous Delivery is and have gone to great lengths to make this process available to everyone with free and open-source software.\n\n## About guest author Noah Zoschke\n\n[Noah](https://medium.com/@nzoschke) is CTO at Convox. Previously he was Platform Architect at Heroku. He believes that the cloud should be easy to use, secure, reliable and cost effective for teams and systems of all sizes. He believes that simple, open-source tools will unlock this true utility of the cloud.\n","yml",{},true,"/en-us/blog/continuous-delivery-with-gitlab-and-convox",{"title":15,"description":16,"ogTitle":15,"ogDescription":16,"noIndex":12,"ogImage":19,"ogUrl":27,"ogSiteName":28,"ogType":29,"canonicalUrls":27},"https://about.gitlab.com/blog/continuous-delivery-with-gitlab-and-convox","https://about.gitlab.com","article","en-us/blog/continuous-delivery-with-gitlab-and-convox",[],"tK0hoBu4KRIjswY9kQT2WUmi-7e4Yjdv7jhJzCpmud4",{"data":34},{"logo":35,"freeTrial":40,"sales":45,"login":50,"items":55,"search":363,"minimal":394,"duo":413,"switchNav":422,"pricingDeployment":433},{"config":36},{"href":37,"dataGaName":38,"dataGaLocation":39},"/","gitlab logo","header",{"text":41,"config":42},"Get free trial",{"href":43,"dataGaName":44,"dataGaLocation":39},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":46,"config":47},"Talk to sales",{"href":48,"dataGaName":49,"dataGaLocation":39},"/sales/","sales",{"text":51,"config":52},"Sign in",{"href":53,"dataGaName":54,"dataGaLocation":39},"https://gitlab.com/users/sign_in/","sign in",[56,83,178,183,284,344],{"text":57,"config":58,"cards":60},"Platform",{"dataNavLevelOne":59},"platform",[61,67,75],{"title":57,"description":62,"link":63},"The intelligent orchestration platform for DevSecOps",{"text":64,"config":65},"Explore our Platform",{"href":66,"dataGaName":59,"dataGaLocation":39},"/platform/",{"title":68,"description":69,"link":70},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":71,"config":72},"Meet GitLab Duo",{"href":73,"dataGaName":74,"dataGaLocation":39},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":76,"description":77,"link":78},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":79,"config":80},"Learn more",{"href":81,"dataGaName":82,"dataGaLocation":39},"/why-gitlab/","why gitlab",{"text":84,"left":24,"config":85,"link":87,"lists":91,"footer":160},"Product",{"dataNavLevelOne":86},"solutions",{"text":88,"config":89},"View all Solutions",{"href":90,"dataGaName":86,"dataGaLocation":39},"/solutions/",[92,116,139],{"title":93,"description":94,"link":95,"items":100},"Automation","CI/CD and automation to accelerate deployment",{"config":96},{"icon":97,"href":98,"dataGaName":99,"dataGaLocation":39},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[101,105,108,112],{"text":102,"config":103},"CI/CD",{"href":104,"dataGaLocation":39,"dataGaName":102},"/solutions/continuous-integration/",{"text":68,"config":106},{"href":73,"dataGaLocation":39,"dataGaName":107},"gitlab duo agent platform - product menu",{"text":109,"config":110},"Source Code Management",{"href":111,"dataGaLocation":39,"dataGaName":109},"/solutions/source-code-management/",{"text":113,"config":114},"Automated Software Delivery",{"href":98,"dataGaLocation":39,"dataGaName":115},"Automated software delivery",{"title":117,"description":118,"link":119,"items":124},"Security","Deliver code faster without compromising security",{"config":120},{"href":121,"dataGaName":122,"dataGaLocation":39,"icon":123},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[125,129,134],{"text":126,"config":127},"Application Security Testing",{"href":121,"dataGaName":128,"dataGaLocation":39},"Application security testing",{"text":130,"config":131},"Software Supply Chain Security",{"href":132,"dataGaLocation":39,"dataGaName":133},"/solutions/supply-chain/","Software supply chain security",{"text":135,"config":136},"Software Compliance",{"href":137,"dataGaName":138,"dataGaLocation":39},"/solutions/software-compliance/","software compliance",{"title":140,"link":141,"items":146},"Measurement",{"config":142},{"icon":143,"href":144,"dataGaName":145,"dataGaLocation":39},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[147,151,155],{"text":148,"config":149},"Visibility & Measurement",{"href":144,"dataGaLocation":39,"dataGaName":150},"Visibility and Measurement",{"text":152,"config":153},"Value Stream Management",{"href":154,"dataGaLocation":39,"dataGaName":152},"/solutions/value-stream-management/",{"text":156,"config":157},"Analytics & Insights",{"href":158,"dataGaLocation":39,"dataGaName":159},"/solutions/analytics-and-insights/","Analytics and insights",{"title":161,"items":162},"GitLab for",[163,168,173],{"text":164,"config":165},"Enterprise",{"href":166,"dataGaLocation":39,"dataGaName":167},"/enterprise/","enterprise",{"text":169,"config":170},"Small Business",{"href":171,"dataGaLocation":39,"dataGaName":172},"/small-business/","small business",{"text":174,"config":175},"Public Sector",{"href":176,"dataGaLocation":39,"dataGaName":177},"/solutions/public-sector/","public sector",{"text":179,"config":180},"Pricing",{"href":181,"dataGaName":182,"dataGaLocation":39,"dataNavLevelOne":182},"/pricing/","pricing",{"text":184,"config":185,"link":187,"lists":191,"feature":271},"Resources",{"dataNavLevelOne":186},"resources",{"text":188,"config":189},"View all resources",{"href":190,"dataGaName":186,"dataGaLocation":39},"/resources/",[192,225,243],{"title":193,"items":194},"Getting started",[195,200,205,210,215,220],{"text":196,"config":197},"Install",{"href":198,"dataGaName":199,"dataGaLocation":39},"/install/","install",{"text":201,"config":202},"Quick start guides",{"href":203,"dataGaName":204,"dataGaLocation":39},"/get-started/","quick setup checklists",{"text":206,"config":207},"Learn",{"href":208,"dataGaLocation":39,"dataGaName":209},"https://university.gitlab.com/","learn",{"text":211,"config":212},"Product documentation",{"href":213,"dataGaName":214,"dataGaLocation":39},"https://docs.gitlab.com/","product documentation",{"text":216,"config":217},"Best practice videos",{"href":218,"dataGaName":219,"dataGaLocation":39},"/getting-started-videos/","best practice videos",{"text":221,"config":222},"Integrations",{"href":223,"dataGaName":224,"dataGaLocation":39},"/integrations/","integrations",{"title":226,"items":227},"Discover",[228,233,238],{"text":229,"config":230},"Customer success stories",{"href":231,"dataGaName":232,"dataGaLocation":39},"/customers/","customer success stories",{"text":234,"config":235},"Blog",{"href":236,"dataGaName":237,"dataGaLocation":39},"/blog/","blog",{"text":239,"config":240},"Remote",{"href":241,"dataGaName":242,"dataGaLocation":39},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":244,"items":245},"Connect",[246,251,256,261,266],{"text":247,"config":248},"GitLab Services",{"href":249,"dataGaName":250,"dataGaLocation":39},"/services/","services",{"text":252,"config":253},"Community",{"href":254,"dataGaName":255,"dataGaLocation":39},"/community/","community",{"text":257,"config":258},"Forum",{"href":259,"dataGaName":260,"dataGaLocation":39},"https://forum.gitlab.com/","forum",{"text":262,"config":263},"Events",{"href":264,"dataGaName":265,"dataGaLocation":39},"/events/","events",{"text":267,"config":268},"Partners",{"href":269,"dataGaName":270,"dataGaLocation":39},"/partners/","partners",{"backgroundColor":272,"textColor":273,"text":274,"image":275,"link":279},"#2f2a6b","#fff","Insights for the future of software development",{"altText":276,"config":277},"the source promo card",{"src":278},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":280,"config":281},"Read the latest",{"href":282,"dataGaName":283,"dataGaLocation":39},"/the-source/","the source",{"text":285,"config":286,"lists":288},"Company",{"dataNavLevelOne":287},"company",[289],{"items":290},[291,296,302,304,309,314,319,324,329,334,339],{"text":292,"config":293},"About",{"href":294,"dataGaName":295,"dataGaLocation":39},"/company/","about",{"text":297,"config":298,"footerGa":301},"Jobs",{"href":299,"dataGaName":300,"dataGaLocation":39},"/jobs/","jobs",{"dataGaName":300},{"text":262,"config":303},{"href":264,"dataGaName":265,"dataGaLocation":39},{"text":305,"config":306},"Leadership",{"href":307,"dataGaName":308,"dataGaLocation":39},"/company/team/e-group/","leadership",{"text":310,"config":311},"Team",{"href":312,"dataGaName":313,"dataGaLocation":39},"/company/team/","team",{"text":315,"config":316},"Handbook",{"href":317,"dataGaName":318,"dataGaLocation":39},"https://handbook.gitlab.com/","handbook",{"text":320,"config":321},"Investor relations",{"href":322,"dataGaName":323,"dataGaLocation":39},"https://ir.gitlab.com/","investor relations",{"text":325,"config":326},"Trust Center",{"href":327,"dataGaName":328,"dataGaLocation":39},"/security/","trust center",{"text":330,"config":331},"AI Transparency Center",{"href":332,"dataGaName":333,"dataGaLocation":39},"/ai-transparency-center/","ai transparency center",{"text":335,"config":336},"Newsletter",{"href":337,"dataGaName":338,"dataGaLocation":39},"/company/contact/#contact-forms","newsletter",{"text":340,"config":341},"Press",{"href":342,"dataGaName":343,"dataGaLocation":39},"/press/","press",{"text":345,"config":346,"lists":347},"Contact us",{"dataNavLevelOne":287},[348],{"items":349},[350,353,358],{"text":46,"config":351},{"href":48,"dataGaName":352,"dataGaLocation":39},"talk to sales",{"text":354,"config":355},"Support portal",{"href":356,"dataGaName":357,"dataGaLocation":39},"https://support.gitlab.com","support portal",{"text":359,"config":360},"Customer portal",{"href":361,"dataGaName":362,"dataGaLocation":39},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":364,"login":365,"suggestions":372},"Close",{"text":366,"link":367},"To search repositories and projects, login to",{"text":368,"config":369},"gitlab.com",{"href":53,"dataGaName":370,"dataGaLocation":371},"search login","search",{"text":373,"default":374},"Suggestions",[375,377,381,383,387,391],{"text":68,"config":376},{"href":73,"dataGaName":68,"dataGaLocation":371},{"text":378,"config":379},"Code Suggestions (AI)",{"href":380,"dataGaName":378,"dataGaLocation":371},"/solutions/code-suggestions/",{"text":102,"config":382},{"href":104,"dataGaName":102,"dataGaLocation":371},{"text":384,"config":385},"GitLab on AWS",{"href":386,"dataGaName":384,"dataGaLocation":371},"/partners/technology-partners/aws/",{"text":388,"config":389},"GitLab on Google Cloud",{"href":390,"dataGaName":388,"dataGaLocation":371},"/partners/technology-partners/google-cloud-platform/",{"text":392,"config":393},"Why GitLab?",{"href":81,"dataGaName":392,"dataGaLocation":371},{"freeTrial":395,"mobileIcon":400,"desktopIcon":405,"secondaryButton":408},{"text":396,"config":397},"Start free trial",{"href":398,"dataGaName":44,"dataGaLocation":399},"https://gitlab.com/-/trials/new/","nav",{"altText":401,"config":402},"Gitlab Icon",{"src":403,"dataGaName":404,"dataGaLocation":399},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":401,"config":406},{"src":407,"dataGaName":404,"dataGaLocation":399},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":409,"config":410},"Get Started",{"href":411,"dataGaName":412,"dataGaLocation":399},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/get-started/","get started",{"freeTrial":414,"mobileIcon":418,"desktopIcon":420},{"text":415,"config":416},"Learn more about GitLab Duo",{"href":73,"dataGaName":417,"dataGaLocation":399},"gitlab duo",{"altText":401,"config":419},{"src":403,"dataGaName":404,"dataGaLocation":399},{"altText":401,"config":421},{"src":407,"dataGaName":404,"dataGaLocation":399},{"button":423,"mobileIcon":428,"desktopIcon":430},{"text":424,"config":425},"/switch",{"href":426,"dataGaName":427,"dataGaLocation":399},"#contact","switch",{"altText":401,"config":429},{"src":403,"dataGaName":404,"dataGaLocation":399},{"altText":401,"config":431},{"src":432,"dataGaName":404,"dataGaLocation":399},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":434,"mobileIcon":439,"desktopIcon":441},{"text":435,"config":436},"Back to pricing",{"href":181,"dataGaName":437,"dataGaLocation":399,"icon":438},"back to pricing","GoBack",{"altText":401,"config":440},{"src":403,"dataGaName":404,"dataGaLocation":399},{"altText":401,"config":442},{"src":407,"dataGaName":404,"dataGaLocation":399},{"title":444,"button":445,"config":450},"See how agentic AI transforms software delivery",{"text":446,"config":447},"Watch GitLab Transcend now",{"href":448,"dataGaName":449,"dataGaLocation":39},"/events/transcend/virtual/","transcend event",{"layout":451,"icon":452,"disabled":24},"release","AiStar",{"data":454},{"text":455,"source":456,"edit":462,"contribute":467,"config":472,"items":477,"minimal":684},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":457,"config":458},"View page source",{"href":459,"dataGaName":460,"dataGaLocation":461},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":463,"config":464},"Edit this page",{"href":465,"dataGaName":466,"dataGaLocation":461},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":468,"config":469},"Please contribute",{"href":470,"dataGaName":471,"dataGaLocation":461},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":473,"facebook":474,"youtube":475,"linkedin":476},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[478,525,579,623,650],{"title":179,"links":479,"subMenu":494},[480,484,489],{"text":481,"config":482},"View plans",{"href":181,"dataGaName":483,"dataGaLocation":461},"view plans",{"text":485,"config":486},"Why Premium?",{"href":487,"dataGaName":488,"dataGaLocation":461},"/pricing/premium/","why premium",{"text":490,"config":491},"Why Ultimate?",{"href":492,"dataGaName":493,"dataGaLocation":461},"/pricing/ultimate/","why ultimate",[495],{"title":496,"links":497},"Contact Us",[498,501,503,505,510,515,520],{"text":499,"config":500},"Contact sales",{"href":48,"dataGaName":49,"dataGaLocation":461},{"text":354,"config":502},{"href":356,"dataGaName":357,"dataGaLocation":461},{"text":359,"config":504},{"href":361,"dataGaName":362,"dataGaLocation":461},{"text":506,"config":507},"Status",{"href":508,"dataGaName":509,"dataGaLocation":461},"https://status.gitlab.com/","status",{"text":511,"config":512},"Terms of use",{"href":513,"dataGaName":514,"dataGaLocation":461},"/terms/","terms of use",{"text":516,"config":517},"Privacy statement",{"href":518,"dataGaName":519,"dataGaLocation":461},"/privacy/","privacy statement",{"text":521,"config":522},"Cookie preferences",{"dataGaName":523,"dataGaLocation":461,"id":524,"isOneTrustButton":24},"cookie preferences","ot-sdk-btn",{"title":84,"links":526,"subMenu":535},[527,531],{"text":528,"config":529},"DevSecOps platform",{"href":66,"dataGaName":530,"dataGaLocation":461},"devsecops platform",{"text":532,"config":533},"AI-Assisted Development",{"href":73,"dataGaName":534,"dataGaLocation":461},"ai-assisted development",[536],{"title":537,"links":538},"Topics",[539,544,549,554,559,564,569,574],{"text":540,"config":541},"CICD",{"href":542,"dataGaName":543,"dataGaLocation":461},"/topics/ci-cd/","cicd",{"text":545,"config":546},"GitOps",{"href":547,"dataGaName":548,"dataGaLocation":461},"/topics/gitops/","gitops",{"text":550,"config":551},"DevOps",{"href":552,"dataGaName":553,"dataGaLocation":461},"/topics/devops/","devops",{"text":555,"config":556},"Version Control",{"href":557,"dataGaName":558,"dataGaLocation":461},"/topics/version-control/","version control",{"text":560,"config":561},"DevSecOps",{"href":562,"dataGaName":563,"dataGaLocation":461},"/topics/devsecops/","devsecops",{"text":565,"config":566},"Cloud Native",{"href":567,"dataGaName":568,"dataGaLocation":461},"/topics/cloud-native/","cloud native",{"text":570,"config":571},"AI for Coding",{"href":572,"dataGaName":573,"dataGaLocation":461},"/topics/devops/ai-for-coding/","ai for coding",{"text":575,"config":576},"Agentic AI",{"href":577,"dataGaName":578,"dataGaLocation":461},"/topics/agentic-ai/","agentic ai",{"title":580,"links":581},"Solutions",[582,584,586,591,595,598,602,605,607,610,613,618],{"text":126,"config":583},{"href":121,"dataGaName":126,"dataGaLocation":461},{"text":115,"config":585},{"href":98,"dataGaName":99,"dataGaLocation":461},{"text":587,"config":588},"Agile development",{"href":589,"dataGaName":590,"dataGaLocation":461},"/solutions/agile-delivery/","agile delivery",{"text":592,"config":593},"SCM",{"href":111,"dataGaName":594,"dataGaLocation":461},"source code management",{"text":540,"config":596},{"href":104,"dataGaName":597,"dataGaLocation":461},"continuous integration & delivery",{"text":599,"config":600},"Value stream management",{"href":154,"dataGaName":601,"dataGaLocation":461},"value stream management",{"text":545,"config":603},{"href":604,"dataGaName":548,"dataGaLocation":461},"/solutions/gitops/",{"text":164,"config":606},{"href":166,"dataGaName":167,"dataGaLocation":461},{"text":608,"config":609},"Small business",{"href":171,"dataGaName":172,"dataGaLocation":461},{"text":611,"config":612},"Public sector",{"href":176,"dataGaName":177,"dataGaLocation":461},{"text":614,"config":615},"Education",{"href":616,"dataGaName":617,"dataGaLocation":461},"/solutions/education/","education",{"text":619,"config":620},"Financial services",{"href":621,"dataGaName":622,"dataGaLocation":461},"/solutions/finance/","financial services",{"title":184,"links":624},[625,627,629,631,634,636,638,640,642,644,646,648],{"text":196,"config":626},{"href":198,"dataGaName":199,"dataGaLocation":461},{"text":201,"config":628},{"href":203,"dataGaName":204,"dataGaLocation":461},{"text":206,"config":630},{"href":208,"dataGaName":209,"dataGaLocation":461},{"text":211,"config":632},{"href":213,"dataGaName":633,"dataGaLocation":461},"docs",{"text":234,"config":635},{"href":236,"dataGaName":237,"dataGaLocation":461},{"text":229,"config":637},{"href":231,"dataGaName":232,"dataGaLocation":461},{"text":239,"config":639},{"href":241,"dataGaName":242,"dataGaLocation":461},{"text":247,"config":641},{"href":249,"dataGaName":250,"dataGaLocation":461},{"text":252,"config":643},{"href":254,"dataGaName":255,"dataGaLocation":461},{"text":257,"config":645},{"href":259,"dataGaName":260,"dataGaLocation":461},{"text":262,"config":647},{"href":264,"dataGaName":265,"dataGaLocation":461},{"text":267,"config":649},{"href":269,"dataGaName":270,"dataGaLocation":461},{"title":285,"links":651},[652,654,656,658,660,662,664,668,673,675,677,679],{"text":292,"config":653},{"href":294,"dataGaName":287,"dataGaLocation":461},{"text":297,"config":655},{"href":299,"dataGaName":300,"dataGaLocation":461},{"text":305,"config":657},{"href":307,"dataGaName":308,"dataGaLocation":461},{"text":310,"config":659},{"href":312,"dataGaName":313,"dataGaLocation":461},{"text":315,"config":661},{"href":317,"dataGaName":318,"dataGaLocation":461},{"text":320,"config":663},{"href":322,"dataGaName":323,"dataGaLocation":461},{"text":665,"config":666},"Sustainability",{"href":667,"dataGaName":665,"dataGaLocation":461},"/sustainability/",{"text":669,"config":670},"Diversity, inclusion and belonging (DIB)",{"href":671,"dataGaName":672,"dataGaLocation":461},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":325,"config":674},{"href":327,"dataGaName":328,"dataGaLocation":461},{"text":335,"config":676},{"href":337,"dataGaName":338,"dataGaLocation":461},{"text":340,"config":678},{"href":342,"dataGaName":343,"dataGaLocation":461},{"text":680,"config":681},"Modern Slavery Transparency Statement",{"href":682,"dataGaName":683,"dataGaLocation":461},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":685},[686,689,692],{"text":687,"config":688},"Terms",{"href":513,"dataGaName":514,"dataGaLocation":461},{"text":690,"config":691},"Cookies",{"dataGaName":523,"dataGaLocation":461,"id":524,"isOneTrustButton":24},{"text":693,"config":694},"Privacy",{"href":518,"dataGaName":519,"dataGaLocation":461},[696],{"id":697,"title":18,"body":8,"config":698,"content":700,"description":8,"extension":22,"meta":704,"navigation":24,"path":705,"seo":706,"stem":707,"__hash__":708},"blogAuthors/en-us/blog/authors/noah-zoschke.yml",{"template":699},"BlogAuthor",{"name":18,"config":701},{"headshot":702,"ctfId":703},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659488/Blog/Author%20Headshots/gitlab-logo-extra-whitespace.png","Noah-Zoschke",{},"/en-us/blog/authors/noah-zoschke",{},"en-us/blog/authors/noah-zoschke","FgRDr89QzUNgig1BbKwD9mIMQYZCo9r28cE3sqSj_z4",[710,723,737],{"content":711,"config":721},{"title":712,"description":713,"authors":714,"heroImage":716,"date":717,"body":718,"category":9,"tags":719},"GitLab AI Hackathon 2026: Meet the winners","Nearly 7,000 developers built 600+ AI agents and flows on GitLab Duo Agent Platform. Find out who won and what they created.",[715],"Nick Veenhof","https://res.cloudinary.com/about-gitlab-com/image/upload/v1776457632/llddiylsgwuze0u1rjks.png","2026-04-22","AI writes code. That is expected now. But planning, security, compliance, and deployments? Those gaps remain. I have run contributor programs for years. I have never seen a community respond to technology like this.\n\nThat is why we opened [GitLab Duo Agent Platform](https://about.gitlab.com/gitlab-duo-agent-platform/) and invited developers worldwide to build AI agents that help teams ship secure software faster. Not chatbots that answer questions, but agents that jump into workflows, respond to events, and act on your behalf. The GitLab AI Hackathon ran from February 9 to March 25, 2026, on Devpost, the hackathon platform. Google Cloud and Anthropic joined as co-sponsors.\n\nWhen my team planned this hackathon with Google Cloud and Anthropic, I asked the judges to score four things: technical work, design, potential impact, and idea quality. We hoped for strong turnout. What we got surprised all of us. Nineteen judges spent 18 days reviewing every entry. Google Cloud and Anthropic provided judges, prizes, and cloud access. The community built hundreds of agents and flows because they wanted to solve these problems.\n\nNearly 7,000 developers showed up. They built 600+ agents and flows in weeks. The prizes across all categories totaled $65,000 from GitLab, Google Cloud, and Anthropic.\n\n\nIf you have ever watched a senior engineer leave and take half the team's knowledge with them, you know why the winning project hit so hard.\n\nRead on to find out what the community built.\n\n## Grand Prize: LORE\n\n[LORE](https://devpost.com/software/lore-living-organizational-record-engine), the Living Organizational Record Engine, uses eight agents with a router that sends each question to the right agent, logic to prevent circular loops in the knowledge graph, a visual dashboard, and carbon tracking. The command-line tool ships with 43 tests (yes, 43 tests in a hackathon project).\n\nLORE solves a real problem: the knowledge that lives in engineers' heads and walks out the door when they leave. In my experience, a hackathon project with 43 tests is rare. That many tests in a hackathon project tells you something about the team behind it.\n\nJudge April Guo (Anthropic) wrote: \"This feels like a product, not a hackathon project.\"\n\n\n### Google Cloud winners\n\n[Gitdefender](https://devpost.com/software/gitdefender) won the Google Cloud Grand Prize. It works inside code review workflows, finding and fixing security issues. It spots the bug, writes the fix, and opens the code review. No developer needs to step in.\n\n[Aegis](https://devpost.com/software/aegis-2m1oq0) won the Google Cloud Runner Up. It gives AI-powered explanations for every decision it makes, deployed to Google Cloud and ready for production use.\n\n### Anthropic winners\n\n[GraphDev](https://devpost.com/software/graphdev) won the Anthropic Grand Prize. It maps code links and shows how systems change over time. Judge Aboobacker MK (GitLab) noted it was \"in sync with our work on GitLab knowledge graph.\" Judge Ayush Billore (GitLab) wrote: \"Loved the demo and UX, super useful for understanding how the system evolved and what gets impacted by changes.\" You can see the full impact of a change before you make it.\n\n[DocSync](https://devpost.com/software/pipeheal) won the Anthropic Runner Up. It uses three agents: Detector, Writer, and Reviewer. If DocSync is confident in the fix, it opens a code review. If not, it creates an issue for a human to check.\n\n## Category winners\n\n### Most Technically Impressive\n\nDatabase migrations break things. [Time-Traveler](https://devpost.com/software/time-traveler-w3cxp0) creates a safe copy of your production setup, runs the migration against that copy, and reports the result. It runs five agents connected by a bridge, with real Google Cloud deployment, real PostgreSQL migrations, and real data.\n\n### Most Impactful\n\n[RedAgent](https://devpost.com/software/redagent) checks AI-generated security reports, closing the trust gap between AI findings and developer action. If your team uses AI for security scanning, you know this problem. I have seen teams dismiss AI findings because they could not verify them. RedAgent gives teams a way to check AI output before it reaches developers.\n\n### Easiest to Use\n\n[Launch Control](https://devpost.com/software/launch-control-bgp8az) delivers polished UX and solid infrastructure, and scored well on sustainability too.\n\n## The sustainability signal\n\nFive projects won prizes or bonuses for environmental impact. Software delivery has a carbon cost as CI/CD pipelines, but now LLMs also run compute at scale. We created the Green Agent category to challenge developers to measure and reduce that footprint. Stacy Cline and Kim Buncle from GitLab's sustainability team helped judge the Green Agent category. \n\n### Green Agent prize\n\n[GreenPipe](https://devpost.com/software/greenpipe) scans CI/CD pipelines for environmental impact and produces carbon footprint reports. Judges Kim Buncle and Rajesh Agadi (Google) both backed the project.\n\n### Sustainable Design bonus\n\nSustainable Design bonuses were awarded to the projects with exceptional sustainability practices in their design, from model optimization techniques to energy-efficient architecture choices.\n\n* [BugFlow](https://devpost.com/software/bugflow-ai-regression-detective-ci-optimizer) turned one bug report into 10 fixes in 20 minutes. \n* [DELTA Cyber Reasoning](https://devpost.com/software/delta-cyber-reasoning-system) is automated fuzz testing for security. \n* [CarbonLint](https://devpost.com/software/carbonlint) applied code analysis to energy use.\n* [TFGuardian](https://devpost.com/software/tfguardian) features a carbon footprint analyzer, among other agents.\n\nCongratulations on all the Sustainable Design bonus winners! \n\nJudge Jens-Joris Decorte (TechWolf) cited the result: Costs dropped from $556 to $18 per month, a 96% carbon cut (that is a $538 monthly saving with a sustainability label on it).\n\n## Honorable mentions and the long tail\n\nSix projects received honorable mentions:\n\n\n- [SecurityMonkey](https://devpost.com/software/securitymonkey) injects known vulnerabilities into a test branch and scores how well your security scanners catch them.\n- [stregent](https://devpost.com/software/stregent) monitors CI/CD pipelines and lets developers investigate and merge fixes from WhatsApp without opening a laptop.\n- [Compliance Sentinel](https://devpost.com/software/compliance-sentinel-autonomous-devsecops-governance) scores every merge request for compliance risk and blocks the merge if critical violations are detected.\n- [Carbon Tracker](https://devpost.com/software/carbon-tracker-ij25kf) calculates the carbon footprint of each CI/CD pipeline job and posts optimization tips on the merge request.\n- [RepoWarden](https://devpost.com/software/docuguard) is the first Living Specification Engine, an AI system that captures why code was written, not just what it does.\n- [MR Compliance Auditor](https://devpost.com/software/mr-compliance-auditor) collects evidence across merge requests, maps it to SOC 2 controls, and streams compliance scores to a live dashboard.\n\nMy favorite quote from the judging came from Luca Chun Lun Lit (Anthropic), who described stregent's mobile-first approach: \"Being able to essentially code from your phone is a next level in the engineering experience.\"\n\n> Explore the 600+ entries in the [project gallery](https://gitlab.devpost.com/project-gallery).\n\n## What comes next\n\nEvery agent in this hackathon worked within a single project. They still delivered impressive results. Some participants ran a local knowledge graph alongside their agents to surface code relationships and dependencies within the repo. LORE captures project history. Gitdefender finds vulnerabilities. Pairing agents with richer local context is already helping contributors build sharper tools. The next hackathon will build on what contributors are already doing with richer context. Sign up on [contributors.gitlab.com](https://contributors.gitlab.com/) to be the first to know when details drop.\n\n\n## Get started\n\nA special thanks to Lee Tickett (GitLab) and Mattias Michaux (GitLab) for orchestrating the orchestrators and innovators behind this hackathon!\n\nThank you to every developer who submitted. Nearly 7,000 of you showed what GitLab Duo Agent Platform can do when a community decides to build. I am proud of what you built here, and I cannot wait to see what you build next.\n\nBuild your own agent on [GitLab Duo Agent Platform](https://docs.gitlab.com/user/duo_agent_platform/). Browse community-built agents in the [AI Catalog](https://docs.gitlab.com/user/duo_agent_platform/ai_catalog/). You orchestrate. AI accelerates.\n",[720,255],"AI/ML",{"featured":12,"template":13,"slug":722},"gitlab-ai-hackathon-2026-meet-the-winners",{"content":724,"config":735},{"title":725,"description":726,"authors":727,"heroImage":729,"date":730,"category":9,"tags":731,"body":734},"What’s new in Git 2.54.0?","Learn about release contributions, including new repository maintenance, a new command to edit commit history, a replacement for git-sizer(1), and more.",[728],"Patrick Steinhardt","https://res.cloudinary.com/about-gitlab-com/image/upload/v1776711651/sj7xxyyuimlarswbyft5.png","2026-04-20",[732,733,255],"open source","git","The Git project recently released [Git 2.54.0](https://lore.kernel.org/git/xmqqa4uxsjrs.fsf@gitster.g/T/#u). Let's look at a few notable highlights from this release, which includes contributions from the Git team at GitLab.\n\n## Pluggable Object Databases\n\nGit already has the ability to store references with either the \"files\" backend or with the [\"reftable\" backend](https://about.gitlab.com/blog/a-beginners-guide-to-the-git-reftable-format/). This is achieved by having proper abstractions in Git that allows us to have different backends.\n\nBut references are just one of the two important types of data that are stored in repositories, with the other being objects. Objects are stored in the object database, and each object database in turn consists of multiple object sources where objects can be read from or written to. Each object source either stores individual objects as so-called \"loose\" objects, or compresses multiple objects into a \"packfile\" in your `.git/objects` directory.\n\nUntil now, however, these sources did not have a proper abstraction boundary, so the storage format for objects is completely hardcoded into Git. But this is finally changing with pluggable object databases! The concept is straightforward and similar to how we did this for references in the past: Instead of having hardcoded code paths for how to store objects, we introduce an abstraction boundary that allows us to have different backends for storing objects.\n\nWhile the idea is simple, the implementation is not, as we have hardcoded assumptions about the storage formats used in Git all over the place. In fact, we have started working on this topic in Git 2.48, which was released in January 2025. Initially, we focused on making object-related subsystems self-contained and creating proper subsystems for the existing backends that we had in Git.\n\nWith Git 2.54, we have now reached a milestone: The object database backend is now pluggable. Not all of Git's functionality is covered yet, but introducing an alternate backend that handles a meaningful subset of operations is now a realistic undertaking.\n\nFor now, only local workflows like creating commits, showing commit graphs, or performing merges will work with such an alternative implementation. This notably excludes anything that interacts with a remote, such as when you want to fetch or push changes. Regardless, this is the culmination of almost two years of work spanning across almost 400 commits that have been merged upstream, and we will of course continue to iterate on this effort.\n\nSo why does this matter? The idea is that it becomes practical to introduce new storage formats into Git. Examples could be:\n- A storage format that is able to store large binary files more efficiently\n  than packfiles do today\n\n- A storage format that is custom-tailored for GitLab to ensure that we can\n  serve repositories to our users even more efficiently than we currently can\n\n\nThis is a large-scale effort that is likely to shape the future of Git and GitLab.\n\n*This project was led by [Patrick Steinhardt](https://gitlab.com/pks-gitlab).*\n\n## Easier editing of your commit history\n\nIn many software development projects it is common practice for developers to not only polish the code they want to contribute, but to also polish the commit history so that it becomes easy to review. The result is a set of small and atomic commits that each do one thing, with a good commit message that describes the intent of the commit as well as specific nuances.\n\nOf course, more often than not, these atomic commits are not something that just happens naturally during the development process. Instead, the author of the changes will gain a better understanding of what they are while iterating on them, and the way to split up the commits will become clearer over time. Furthermore, the subsequent review process may result in feedback that requires changes to the crafted commits.\n\nThe consequence of this process is that the developer will have to rewrite their commit history many times during the development process. Historically, Git has allowed for this use case via [interactive rebases](https://git-scm.com/docs/git-rebase#_interactive_mode). These interactive rebases are an extremely powerful tool: They let you reorder commits, rewrite commit messages, squash multiple commits together, or perform arbitrary edits of any commit.\n\nBut they are also somewhat arcane and hard to understand. The user needs to figure out the base commit for the rebase, they need to understand how to edit a somewhat obscure \"instruction sheet,\" and they need to be aware of how the stateful rebasing process works. For example, users are presented with an instruction sheet similar to the following when rebasing a topic branch:\n\n```shell\npick b60623f382 # t: detect errors outside of test cases # empty\npick b80cb55882 # t: prepare `test_match_signal ()` calls for `set -e`\npick 5ffe397f30 # t: prepare `test_must_fail ()` for `set -e`\npick 5e9b0cf5e1 # t: prepare `stop_git_daemon ()` for `set -e`\npick 299561e7a2 # t: prepare `git config --unset` calls for `set -e`\npick ed0e7ca2b5 # t: detect errors outside of test cases\n```\n\nSo while interactive rebases are powerful, they are also quite intimidating for the average user.\n\nIt doesn't have to be this way, though. Tools like [Jujutsu](https://www.jj-vcs.dev/latest/) provide interfaces that are much easier to use compared to Git, as you can for example simply execute `jj split` to split up a commit into two commits. With Git and interactive rebases, this use case requires a lot of different steps with confusing command line arguments.\n\nWe have thus taken inspiration from Jujutsu and have introduced a new git-history(1) command into Git that is the foundation for better history editing. For now, this command has two subcommands:\n\n- `git history reword` allows you to easily rewrite a commit message. You simply\n  give it the commit whose message you want to reword, Git asks you for the new\n  commit message, and that's it.\n\n- `git history split` allows you to split up a commit into two, which is\n  inspired by `jj split`. You give it a commit, Git asks you which changes to\n  stage into which commit and for the two commit messages, and then you're done.\n\n\nThis is of course only a start, and we want to add additional subcommands over time. For example:\n\n- `git history fixup` to take staged changes and automatically amend them to a\n  specific commit\n\n- `git history drop` to remove a commit\n- `git history reorder` to reorder the sequence of commits\n- `git history squash` to squash a range of commits\n\nBut that's not all! In addition to making history editing easy, this new command also knows to automatically rebase all of your local branches that previously included this commit. So that means that you can even edit a commit that is not on the current branch, and all branches that contain the commit will be rewritten.\n\nIt may seem puzzling at first that Git is automatically rebasing dependent branches, as that is a significant diversion from how git-rebase(1) works. But this is part of a bigger effort to bring better support for Stacked Diffs to Git, which are a way to create a series of multiple dependent branches that can be reviewed independently, but that together work towards a bigger goal.\n\n*This project was led by [Patrick Steinhardt](https://gitlab.com/pks-gitlab) with support from [Elijah Newren](https://github.com/newren).*\n\n## A native replacement for git-sizer(1)\n\nThe size of a Git repository is an important factor that determines how well Git and GitLab can handle it. But size alone is not the only factor, as the performance of a repository is ultimately a combination of multiple different dimensions:\n\n- The depth of the commit history\n- The shape of the directory structure\n- The size of files stored in the repository\n- The number of references\n\nThese are only some of the dimensions one needs to consider when trying to predict whether Git will be able to handle a repository well.\n\nBut while it is clear that the mere repository size is insufficient, Git itself does not provide any tooling that gives the user an easy overview of these metrics. Instead, users are forced to rely on third-party tools like [git-sizer(1)](https://github.com/github/git-sizer) to fill this gap. This tool does an excellent job at surfacing this information, but it is not part of Git itself and thus needs to be installed separately.\n\nObservability of repository internals is critical to us at GitLab, so we introduced a [new `git repo structure` command into Git 2.52](https://about.gitlab.com/blog/whats-new-in-git-2-52-0/#new-subcommand-for-git-repo1-to-display-repository-metrics) to display repository metrics, which we have extended in Git 2.53 to [show inflated and disk sizes for objects by type](https://about.gitlab.com/blog/whats-new-in-git-2-53-0/#more-data-collected-in-git-repo-structure).\n\nIn Git 2.54, we are now iterating some more on this command so that we don't only show the overall size, but also show the largest objects by type:\n\n```shell\n$ git clone https://gitlab.com/git-scm/git.git\n$ cd git\n$ git repo structure\nCounting objects: 410445, done.\n| Repository structure      | Value       |\n| ------------------------- | ----------- |\n| * References              |             |\n|   * Count                 |    1.01 k   |\n|     * Branches            |       1     |\n|     * Tags                |    1.00 k   |\n|     * Remotes             |       9     |\n|     * Others              |       0     |\n|                           |             |\n| * Reachable objects       |             |\n|   * Count                 |  410.45 k   |\n|     * Commits             |   83.99 k   |\n|     * Trees               |  164.46 k   |\n|     * Blobs               |  161.00 k   |\n|     * Tags                |    1.00 k   |\n|   * Inflated size         |    7.46 GiB |\n|     * Commits             |   57.53 MiB |\n|     * Trees               |    2.33 GiB |\n|     * Blobs               |    5.07 GiB |\n|     * Tags                |  737.48 KiB |\n|   * Disk size             |  181.37 MiB |\n|     * Commits             |   33.11 MiB |\n|     * Trees               |   40.58 MiB |\n|     * Blobs               |  107.11 MiB |\n|     * Tags                |  582.67 KiB |\n|                           |             |\n| * Largest objects         |             |\n|   * Commits               |             |\n|     * Maximum size    [1] |   17.23 KiB |\n|     * Maximum parents [2] |      10     |\n|   * Trees                 |             |\n|     * Maximum size    [3] |   58.85 KiB |\n|     * Maximum entries [4] |    1.18 k   |\n|   * Blobs                 |             |\n|     * Maximum size    [5] | 1019.51 KiB |\n|   * Tags                  |             |\n\n|     * Maximum size    [6] |    7.13 KiB |\n\n[1] f6ecb603ff8af608a417d7724727d6bc3a9dbfdf\n[2] 16d7601e176cd53f3c2f02367698d06b85e08879\n[3] 203ee97047731b9fd3ad220faa607b6677861a0d\n[4] 203ee97047731b9fd3ad220faa607b6677861a0d\n[5] aa96f8bc361fd84a1459440f1e7de02ab0dc3543\n[6] 07e38db6a5a03690034d27104401f6c8ea40f1fc\n```\n\nWith this information we're now almost feature-complete as compared to git-sizer(1). We're not done yet, though — we plan to eventually add additional features such as:\n\n- Severity levels as they exist in git-sizer(1)\n- Graphs that show you the distribution of object sizes\n- The ability to scan objects reachable via a subset of references\n\n*This project was led by [Justin Tobler](https://gitlab.com/justintobler).*\n\n## New infrastructure for repository maintenance\n\nWhenever you write data into a Git repository you will typically end up adding more loose objects. Left unmanaged, this leads to a large number of separate files in your `.git/objects/` directory, which slows down several operations that want to access many objects at once. Git thus regularly packs these objects into \"packfiles\" to ensure good performance.\n\nThis isn't the only data structure that may become inefficient over time: Updating references may create loose references, reflogs will need trimming, worktrees may become stale, and caches like commit-graphs need to be refreshed regularly.\n\nAll of these tasks have historically been managed by [git-gc(1)](https://git-scm.com/docs/git-gc). However, this tool has a monolithic architecture, where it basically executes all of the tasks required in sequential order. This foundation is hard to extend and doesn't give the end user much flexibility in case they want to slightly modify how housekeeping is performed.\n\nThe Git project introduced the new [git-maintenance(1)](https://git-scm.com/docs/git-maintenance) tool in Git 2.29. In contrast to git-gc(1), git-maintenance(1) is not monolithic but is instead structured around tasks. These tasks are freely configurable by the user so that the user can control which tasks are running, giving them much more fine-grained control over repository maintenance.\n\nEventually, Git has migrated to use git-maintenance(1) by default. But in the beginning, the only task that was default-enabled was the git-gc(1) task, which as you might have guessed, simply executes `git gc`. To manually run maintenance using this new command you can execute `git maintenance run`, but Git knows to execute this automatically after several other commands.\n\nOver the last couple releases we have implemented all the individual tasks that are supported by git-gc(1) in git-maintenance(1) to ensure that we have feature parity between these two tools.\n\nFurthermore, we have implemented a new task that uses Git's modern architecture for repacking objects with [geometric compaction](https://git-scm.com/docs/git-repack#Documentation/git-repack.txt---geometricfactor).\nGeometric compaction is a much better fit for large monorepos, and with our efforts to make them work well with partial clones [that landed in Git 2.53](https://about.gitlab.com/blog/whats-new-in-git-2-53-0/#geometric-repacking-support-with-promisor-remotes) they are now a full replacement for our previous repacking strategy in Git.\n\nIn Git 2.54, we have now reached another significant milestone: Instead of using the git-gc(1)-based strategy by default, we are now using geometric repacking with fine-grained individual maintenance tasks! Besides being more efficient for large monorepos, it also ensures that we have an easier foundation to iterate on going forward.\n\n*The git-maintenance(1) infrastructure was originally implemented by [Derrick Stolee](https://github.com/derrickstolee) and geometric maintenance was introduced by [Taylor Blau](https://github.com/ttaylorr). The effort to introduce the new fine-grained tasks and migrate to the new maintenance strategy was led by [Patrick Steinhardt](https://gitlab.com/pks-gitlab).*\n\n## Read more\n\nThis article highlighted just a few of the contributions made by GitLab and the wider Git community for this latest release. You can learn about these from the [official release announcement](https://lore.kernel.org/git/xmqqa4uxsjrs.fsf@gitster.g/T/#u) of the Git project. Also, check out our [previous Git release blog posts](https://about.gitlab.com/blog/tags/git/) to see other past highlights of contributions from GitLab team members.",{"slug":736,"featured":12,"template":13},"whats-new-in-git-2-54-0",{"content":738,"config":747},{"title":739,"description":740,"authors":741,"date":743,"body":744,"heroImage":745,"category":9,"tags":746},"What’s new in Git 2.53.0?","Learn about release contributions, including fixes for geometric repacking, updates to git-fast-import(1) commit signature handing options, and more.",[742],"Justin Tobler","2026-02-02","The Git project recently released [Git 2.53.0](https://lore.kernel.org/git/xmqq4inz13e3.fsf@gitster.g/T/#u). Let's look at a few notable highlights from this release, which includes\ncontributions from the Git team at GitLab.\n\n## Geometric repacking support with promisor remotes\n\nNewly written objects in a Git repository are often stored as individual loose files. To ensure good performance and optimal use of disk space, these loose objects are regularly compressed into so-called packfiles. The number of packfiles in a repository grows over time as a result of the user’s activities, like writing new commits or fetching from a remote. As the number of packfiles in a repository increases, Git has to do more work to look up individual objects. Therefore, to preserve optimal repository performance, packfiles are periodically repacked via git-repack(1) to consolidate the objects into fewer packfiles. When repacking there are two strategies: “all-into-one” and “geometric”.\n\nThe all-into-one strategy is fairly straightforward and the current default. As its name implies, all objects in the repository are packed into a single packfile. From a performance perspective this is great for the repository as Git only has to scan through a single packfile when looking up objects. The main downside of such a repacking strategy is that computing a single packfile for a repository can take a significant amount of time for large repositories.\n\nThe geometric strategy helps mitigate this concern by maintaining a geometric progression of packfiles based on their size instead of always repacking into a single packfile. To explain more plainly, when repacking Git maintains a set of packfiles ordered by size where each packfile in the sequence is expected to be at least twice the size of the preceding packfile. If a packfile in the sequence violates this property, packfiles are combined as needed until the progression is restored. This strategy has the advantage of still minimizing the number of packfiles in a repository while also minimizing the amount of work that must be done for most repacking operations.\n\nOne problem with the geometric repacking strategy was that it was not compatible with partial clones. Partial clones allow the user to clone only parts of a repository by, for example, skipping all blobs larger than 1 megabyte. This can significantly reduce the size of a repository, and Git knows how to backfill missing objects that it needs to access at a later point in time.\n\nThe result is a repository that is missing some objects, and any object that may not be fully connected is stored in a “promisor” packfile.  When repacking, this promisor property needs to be retained going forward for packfiles containing a promisor object so it is known whether a missing object is expected and can be backfilled from the promisor remote. With an all-into-one repack, Git knows how to handle promisor objects properly and stores them in a separate promisor packfile. Unfortunately, the geometric repacking strategy did not know to give special treatment to promisor packfiles and instead would merge them with normal packfiles without considering whether they reference promisor objects. Luckily, due to a bug the underlying git-pack-objects(1) dies when using geometric repacking in a partial clone repository. So this means repositories in this configuration were not able to be repacked anyways which isn’t great, but better than repository corruption.\n\nWith the release of Git 2.53, geometric repacking now works with partial clone repositories. When performing a geometric repack, promisor packfiles are handled separately in order to preserve the promisor marker and repacked following a separate geometric progression. With this fix, the geometric strategy moves closer towards becoming the default repacking strategy. For more information check out the corresponding [mailing list thread](https://lore.kernel.org/git/20260105-pks-geometric-repack-with-promisors-v1-0-c4660573437e@pks.im/).\n\nThis project was led by [Patrick Steinhardt](https://gitlab.com/pks-gitlab).\n\n## git-fast-import(1) learned to preserve only valid signatures\n\nIn our [Git 2.52 release article](https://about.gitlab.com/blog/whats-new-in-git-2-52-0/), we covered signature related improvements to git-fast-import(1) and git-fast-export(1). Be sure to check out that post for a more detailed explanation of these commands, how they are used, and the changes being made with regards to signatures.\n\nTo quickly recap, git-fast-import(1) provides a backend to efficiently import data into a repository and is used by tools such as [git-filter-repo(1)](https://github.com/newren/git-filter-repo) to help rewrite the history of a repository in bulk. In the Git 2.52 release, git-fast-import(1) learned the `--signed-commits=\u003Cmode>` option similar to the same option in git-fast-export(1). With this option, it became possible to unconditionally retain or strip signatures from commits/tags.\n\nIn situations where only part of the repository history has been rewritten, any signature for rewritten commits/tags becomes invalid. This means git-fast-import(1) is limited to either stripping all signatures or keeping all signatures even if they have become invalid. But retaining invalid signatures doesn’t make much sense, so rewriting history with git-repo-filter(1) results in all signatures being stripped, even if the underlying commit/tag is not rewritten. This is unfortunate because if the commit/tag is unchanged, its signature is still valid and thus there is no real reason to strip it. What is really needed is a means to preserve signatures for unchanged objects, but strip invalid ones.\n\nWith the release of Git 2.53, the git-fast-import(1) `--signed-commits=\u003Cmode>` option has learned a new `strip-if-invalid` mode which, when specified, only strips signatures from commits that become invalid due to being rewritten. Thus, with this option it becomes possible to preserve some commit signatures when using git-fast-import(1). This is a critical step towards providing the foundation for tools like git-repo-filter(1) to preserve valid signatures and eventually re-sign invalid signatures.\n\nThis project was led by [Christian Couder](https://gitlab.com/chriscool).\n\n## More data collected in git-repo-structure\n\nIn the Git 2.52 release, the “structure” subcommand was introduced to git-repo(1). The intent of this command was to collect information about the repository and eventually become a native replacement for tools such as [git-sizer(1)](https://github.com/github/git-sizer). At GitLab, we host some extremely large repositories, and having insight into the general structure of a repository is critical to understand its performance characteristics. In this release, the command now also collects total size information for reachable objects in a repository to help understand the overall size of the repository. In the output below, you can see the command now collects both the total inflated and disk sizes of reachable objects by object type.\n\n```shell\n$ git repo structure\n\n| Repository structure | Value      |\n| -------------------- | ---------- |\n| * References         |            |\n|   * Count            |   1.78 k   |\n|     * Branches       |      5     |\n|     * Tags           |   1.03 k   |\n|     * Remotes        |    749     |\n|     * Others         |      0     |\n|                      |            |\n| * Reachable objects  |            |\n|   * Count            | 421.37 k   |\n|     * Commits        |  88.03 k   |\n|     * Trees          | 169.95 k   |\n|     * Blobs          | 162.40 k   |\n|     * Tags           |    994     |\n|   * Inflated size    |   7.61 GiB |\n|     * Commits        |  60.95 MiB |\n|     * Trees          |   2.44 GiB |\n|     * Blobs          |   5.11 GiB |\n|     * Tags           | 731.73 KiB |\n|   * Disk size        | 301.50 MiB |\n|     * Commits        |  33.57 MiB |\n|     * Trees          |  77.92 MiB |\n|     * Blobs          | 189.44 MiB |\n|     * Tags           | 578.13 KiB |\n```\n\nThe keen-eyed among you may have also noticed that the size values in the table output are also now listed in a more human-friendly manner with units appended. In subsequent releases we hope to further expand this command's output to provide additional data points such as the largest individual objects in the repository.\n\nThis project was led by [Justin Tobler](https://gitlab.com/justintobler).\n\n## Read more\n\nThis article highlighted just a few of the contributions made by GitLab and\nthe wider Git community for this latest release. You can learn about these from\nthe [official release announcement](https://lore.kernel.org/git/xmqq4inz13e3.fsf@gitster.g/T/#u) of the Git project. Also, check\nout our [previous Git release blog posts](https://about.gitlab.com/blog/tags/git/)\nto see other past highlights of contributions from GitLab team members.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663087/Blog/Hero%20Images/git3-cover.png",[732,733,255],{"featured":24,"template":13,"slug":748},"whats-new-in-git-2-53-0",{"promotions":750},[751,765,777,789],{"id":752,"categories":753,"header":755,"text":756,"button":757,"image":762},"ai-modernization",[754],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":758,"config":759},"Get your AI maturity score",{"href":760,"dataGaName":761,"dataGaLocation":237},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":763},{"src":764},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":766,"categories":767,"header":769,"text":756,"button":770,"image":774},"devops-modernization",[768,563],"product","Are you just managing tools or shipping innovation?",{"text":771,"config":772},"Get your DevOps maturity score",{"href":773,"dataGaName":761,"dataGaLocation":237},"/assessments/devops-modernization-assessment/",{"config":775},{"src":776},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":778,"categories":779,"header":781,"text":756,"button":782,"image":786},"security-modernization",[780],"security","Are you trading speed for security?",{"text":783,"config":784},"Get your security maturity score",{"href":785,"dataGaName":761,"dataGaLocation":237},"/assessments/security-modernization-assessment/",{"config":787},{"src":788},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":790,"paths":791,"header":794,"text":795,"button":796,"image":801},"github-azure-migration",[792,793],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","Is your team ready for GitHub's Azure move?","GitHub is already rebuilding around Azure. Find out what it means for you.",{"text":797,"config":798},"See how GitLab compares to GitHub",{"href":799,"dataGaName":800,"dataGaLocation":237},"/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":802},{"src":776},{"header":804,"blurb":805,"button":806,"secondaryButton":811},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":807,"config":808},"Get your free trial",{"href":809,"dataGaName":44,"dataGaLocation":810},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":499,"config":812},{"href":48,"dataGaName":49,"dataGaLocation":810},1777394053122]