Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
GitLab Secrets Manager, now in public beta, scopes credentials to individual jobs and governs access through the same controls used for code. Developer Flow now handles the full merge request ...