Placeholder user limits appear in group usage quotas

Placeholder user limits appear in group usage quotas

For imports to GitLab.com, placeholder users are limited per top-level group. These limits depend on your GitLab license and number of seats. With this release, it’s possible to check your placeholder user usage and limits for a top-level group in the UI.

To view your current usage and limits:

1. On the left sidebar, select Search or go to and find your group. This group must be at the top level.
2. Select Settings > Usage Quotas.
3. Select the Import tab.

Kubernetes 1.32 support

Kubernetes 1.32 support

This release adds full support for Kubernetes version 1.32, released in December 2024. If you deploy your apps to Kubernetes, you can now upgrade your connected clusters to the most recent version and take advantage of all its features.

You can read more about our Kubernetes support policy and other supported Kubernetes versions.

Store and filter a source value for CI/CD jobs

Store and filter a source value for CI/CD jobs

GitLab 17.11 introduces a new feature that allows users to verify the origin of build artifacts by tracking the source attribute of CI/CD jobs. This enhancement is particularly valuable for security and compliance workflows. For example, organizations can implement software supply chain security measures or require verifiable evidence of security scans for compliance purposes.

Jobs in GitLab now store and display a source value that identifies whether they originated from:

• A scan execution policy
• A pipeline execution policy
• A regular pipeline

You can access the source attribute on the Build > Jobs page with a new filter option, using the Jobs API, or through the ID token claims for artifact verification.

With this new feature, you can now:

• Verify the authenticity of security scan results.
• Filter jobs by source type to quickly identify policy-enforced scans.
• Implement cryptographic verification of artifacts using the new ID token claims.
• Ensure compliance requirements are met with proper audit trails.

Security and compliance teams can leverage this feature to:

• View only policy-enforced jobs using the new filter on the Jobs page.
• Automate tasks by accessing the source field in the Jobs API.

• Implement artifact verification using the new ID token claims:

  • job_source: Identifies the job’s origin.
  • job_policy_ref_uri: Points to the policy file (for policy-defined jobs).
  • job_policy_ref_sha: Contains the git commit SHA of the policy.

Docker Hub authentication UI for the dependency proxy

Docker Hub authentication UI for the dependency proxy

We’re excited to announce UI support for Docker Hub authentication in the GitLab Dependency Proxy. This feature was initially introduced in GitLab 17.10 with GraphQL API support only, and now includes a user interface for easier configuration.

With this enhancement, you can now configure Docker Hub authentication directly from your group settings page, helping you:

• Avoid pipeline failures due to rate limits.
• Access private Docker Hub images.
• Store your Docker Hub credentials, personal access token, or organization access tokens securely.

This streamlined approach makes it easier to maintain uninterrupted access to Docker Hub images in your CI/CD pipelines without using the GraphQL API.

Export dependency list in CSV format

Export dependency list in CSV format

Previously, you could not export a dependency list from GitLab as CSV file. Now, when you download a dependency list, you can select the new CSV option to export the list in in this format.