What’s new in Eficode ROOT: September 2025
 
        
      
As part of our September round of digital housekeeping, we’ve nudged a few of our favorite tools forward to their latest versions. Bitbucket has gone from 9.4.3 to 9.4.9, Jira from 10.3.6 to 10.3.9, GitLab from 18.1.3 to 18.2.5, and GitHub from 3.16.3 to 3.16.8. Think of it as everyone getting a fresh coat of paint and a few new gadgets for the autumn season—less “pumpkin spice latte,” more “security patches and performance tweaks.” The upgrades may be subtle, but they keep our workflow smooth, our developers smiling, and our systems happy enough to avoid any surprise drama (at least until October).
BitBucket
Bitbucket will be upgraded from 9.4.3 to 9.4.9, delivering important improvements in security and performance to ensure a stable and reliable environment. This release includes multiple fixes that strengthen the overall platform, addressing known vulnerabilities and enhancing operational efficiency. In addition, all associated plugins have been updated to their latest supported versions, ensuring full compatibility and continued compliance with best practices. These updates collectively provide a more secure, performant, and consistent experience for our development teams.
GitLab
GitLab will be upgraded from 18.1.3 to 18.2.5, bringing a set of enhancements designed to improve usability and flexibility.
This release introduces a new Merge Request homepage that streamlines how reviews are organized and managed, making it easier for teams to focus on what matters most. In addition, custom workflow statuses provide more tailored issue and task tracking, while the early availability of the Duo Agent in IDEs integrates AI-powered assistance directly into VS Code and JetBrains. Together, these features help development teams work more efficiently and with greater alignment to their workflows.
Reassign from placeholder users to inactive users (all users)
Administrators can now reassign contributions and memberships from placeholder users to inactive users. This new feature allows the preservation of contribution history and membership information for blocked, banned, or deactivated users on your GitLab instance.
To enable this, administrators must first activate the setting. Once enabled, this setting streamlines user management by skipping user confirmation during reassignment, all while maintaining secure access control. Learn more here.
Mistral Small now available for GitLab Duo Self-Hosted (Premium, Ultimate, Duo Enterprise)
Mistral Small is now available on GitLab Duo Self-Hosted. As the first fully compatible open-source model, it supports GitLab Duo Chat and Code Suggestions on GitLab Self-Managed instances. Learn more here.
Group and project controls for Premium and Ultimate with GitLab Duo (Premium, Ultimate)
For GitLab Premium and Ultimate users, Code Suggestions and GitLab Duo Chat availability can now be configured at the group and project levels within the IDE. Previously, this was only possible at the instance or top-level group. Learn more here.
Admin controls for enabling or restricting GitLab Duo AI features, including data processing options and IDE integrations.
Duo Agent Platform in the IDE (Beta) (Premium, Ultimate, Duo Core/Pro/Ultimate)
The Duo Agent Platform integrates agentic chat and agent flows directly into VS Code and JetBrains IDEs, facilitating conversation-based interaction with your codebase and GitLab projects.
Agentic chat is designed for swift, conversational tasks, such as creating and editing files, conducting codebase searches using pattern matching and grep, and obtaining immediate code-related answers. Agent flows, on the other hand, manage more extensive implementations and comprehensive planning, transforming high-level concepts into architecture while accessing GitLab resources like issues, merge requests, commits, CI/CD pipelines, and security vulnerabilities. Both features offer intelligent search capabilities for documentation, code patterns, and project discovery, enabling you to accomplish everything from quick edits to intricate project analysis.
The platform also supports the Model Context Protocol (MCP), allowing for connections to external data sources and tools, which extends the context leveraged by AI features beyond GitLab. Learn more here.
Open epics in a drawer or the full page on the Epics page (Premium, Ultimate)
GitLab enhanced the way how epics open from the list page, offering you more control and flexibility. A new toggle allows you to seamlessly switch between two viewing modes:
Drawer View: Quickly review epic details without losing context of your epic list. Ideal for rapid overviews.
Full-Page Navigation: Access a dedicated screen for detailed editing and comprehensive navigation. Perfect when you need more space for in-depth work.
Learn more here.

Choose how an epic opens—either in a side drawer for quick context or in a full page for detailed editing.
Configure epic display preferences (Premium, Ultimate)
Customize your work item list view by controlling which metadata appears. Previously, all metadata fields were always visible, which could be overwhelming. Now, you can easily focus on the information that matters most by turning specific fields like assignees, labels, dates, and milestones on or off. Learn more here.

Configure epic display preferences
Trigger jobs can mirror the downstream pipeline status (all users)
The new strategy:mirror keyword offers enhanced visibility for complex pipeline states. Previously, the strategy:depend keyword had limitations, making it difficult to accurately track downstream pipelines that were blocked, manual, or retried, sometimes leading to the misconception that they were actively running.
strategy:mirror addresses this by reflecting the precise, real-time status of the downstream pipeline. This includes crucial intermediate states such as running, manual, blocked, and canceled, providing teams with complete transparency into their pipeline's progress without disrupting existing workflows. Learn more here.
Work item references and editor improvements for GitLab Flavored Markdown (all users)
You can now use a unified [work_item:123] syntax to reference issues, epics, and other work items. This new method works alongside existing formats like #123 for issues and &123 for epics. For cross-project references, simply use [work_item:namespace/project/123].
The plain text editor now offers a new preference to maintain cursor indentation when you press Enter. This feature makes it easier to write structured content, such as nested lists and code blocks. Learn more here.
New merge request homepage (all users)
The new merge request homepage revolutionizes how you manage your review workload by intelligently prioritizing tasks that require your immediate attention. It offers two distinct and powerful viewing modes:
- Workflow View: Organizes merge requests based on their current review state, grouping work according to its stage in the code review workflow.
- Role View: Categorizes merge requests by whether you are the author or the reviewer, providing a clear distinction of responsibilities.
The homepage also features:
- Active Tab: Displays merge requests that require attention.
- Merged Tab: Shows recently completed work.
- Search Functionality: Offers comprehensive filtering capabilities.

Sorting and pagination for GLQL views (all users)
Users can now efficiently sort large datasets using key fields such as due dates, health status, and popularity, allowing for quick identification of the most relevant items. The previous full-page results have been replaced with a new "Load more" pagination system, enabling on-demand loading of manageable data chunks.
These updates empower teams to navigate complex project data more effectively, helping them concentrate on essential information. Learn more here.
Improved archive file support for Container Scanning (all users)
Container Scanning in GitLab 18.2 now offers enhanced archive file scanning. This update means that if a vulnerability is detected in a specific package across multiple images, the vulnerability will be individually attributed to each scanned image. Learn more here.
Custom workflow statuses for issues and tasks (Premium, Ultimate)
GitLab now offers configurable statuses, allowing teams to track work items through their actual workflow stages, moving beyond a simple open/closed system.
Key benefits of configurable statuses:
- Define Custom Workflows: Tailor workflows to precisely match your team's unique processes.
- Clearer Status Tracking: Replace generic labels with proper statuses for easier identification, updates, and reporting.
- Granular Completion Outcomes: Clarify issue completion beyond "Done" or "Canceled" for more detailed insights.
- Enhanced Reporting and Filtering: Accurately filter and report on work item status for improved project insights.
- Seamless Board Integration: Utilize statuses in issue boards with automatic updates when issues move between columns.
- Efficient Bulk Updates: Update status across multiple work items simultaneously for streamlined workflow management.
- Improved Dependency Tracking: Gain visibility into the status of linked work items to better track dependencies.
Additionally, custom workflow statuses support quick actions in comments and automatically synchronize with GitLab's open/closed system. Learn more here.
Assign milestones to epics for enhanced long-term planning (Premium, Ultimate)
You can now directly assign milestones to epics, facilitating a seamless planning cascade from high-level strategic initiatives to detailed execution. This improvement helps align long-term planning cadences, such as quarterly planning or SAFe program increments, with epics, while keeping iterations focused on development sprints.
This hierarchy streamlines administrative tasks and offers enhanced visibility into the progress of strategic initiatives against organizational timelines. Learn more here. 

Assign milestones directly to epics.
Assign epics to team members (Premium, Ultimate)
This enhancement brings greater clarity and accountability to your strategic initiatives by:
- Defining Ownership: Clearly identify who is responsible for overseeing specific long-term objectives at the portfolio level.
- Accelerating Decisions: Enable faster decision-making by making ownership transparent.
- Improving Accountability: Foster clearer accountability for achieving long-term goals.
- Streamlining Communication: Help teams quickly identify who to contact regarding epic progress, dependencies, or scope changes.
By assigning epics, you gain better visibility and control over your key strategic initiatives, facilitating smoother execution and improved outcomes. Learn more here.
Assign epics to individual team members.
Map workspace Kubernetes agents for the instance (Premium, Ultimate)
For GitLab administrators, it is now possible to map enabled workspace Kubernetes agents to an instance. This allows users to create workspaces from any group or project within that instance.
This enhancement dramatically improves workspace scalability. Organizations can now provision workspace Kubernetes agents once, making them accessible to all current and future projects across the entire instance. Learn more here.

Administrators can now map and manage workspace Kubernetes agents at the instance level.
Filter functionality for all audit streaming destinations
Filter functionality is now available for all destinations within the UI, including the ability to filter by audit event type, groups, or projects. This enhancement extends filtering capabilities to audit event destinations such as AWS and GCP. Learn more here.
Custom admin role in beta
The new custom admin role offers granular permissions within the Admin Area. This eliminates the need for full access, allowing administrators to create specialized roles with access only to specific, necessary functions. This feature promotes the principle of least privilege for administrative tasks, thereby reducing security risks associated with overprivileged access and enhancing operational efficiency. Learn more here.

Creation of custom admin role.
Vulnerability ID added to vulnerability report CSV export
The CSV export of the vulnerability report now includes vulnerability IDs, a feature that was previously unavailable. Learn more here.
Filter functionality for all audit streaming destinations
GitLab added a filter functionality for all destinations in the UI, allowing you to filter by audit event type, groups, or projects. This enhancement extends to audit event destinations like AWS and GCP, enabling them to filter audit events. Learn more here.
Credentials inventory now includes service account tokens
GitLab's updated credentials inventory now offers enhanced visibility and control over authentication methods throughout your software supply chain by supporting service account tokens. This feature provides a comprehensive overview of all credentials utilized within your organization. Learn more here.
Container Scanning support for multi-architecture container images
Container Scanning now offers Linux Arm64 container image variants, eliminating the need for emulation when running on a Linux Arm64 runner. This results in faster analysis. Additionally, you can scan multi-architecture images by setting the TRIVY_PLATFORM environment variable to your desired platform. Learn more here.
Security Inventory for comprehensive asset visibility now in beta
Security Inventory offers a comprehensive overview of your GitLab instance's security posture, empowering AppSec teams to:
- Gain full visibility into security coverage across all projects and groups.
- Pinpoint assets lacking security scans or exhibiting configuration deficiencies.
- Make strategic, risk-aware decisions for prioritizing security initiatives.
- Monitor enhancements in security posture over time.
This functionality effectively bridges the gap between individual project security and an overarching organizational security strategy, establishing the essential asset inventory for robust security program management. Learn more here.
Source branch pattern exceptions for approval policies
Previously, teams utilizing GitFlow often encountered approval bottlenecks when merging release/* branches into main. This was primarily due to most contributors having already participated in release development, thus disqualifying them as approvers.
Branch pattern exceptions in merge request approval policies now resolve this issue by automatically bypassing approval requirements for specific source-target branch combinations. This allows for configuring strict approvals for feature-to-main merges while enabling more streamlined release-to-main workflows.
Key Capabilities:
- Pattern-based configuration: Define source branch patterns (e.g., release/* or hotfix/*) that bypass approval requirements.
- Seamless integration: Branch exceptions are directly integrated into existing merge request approval policies and can be configured via the UI or policy.yml file.
This new feature eliminates the need for complex workarounds while preserving the security benefits of merge request approval policies for standard development workflows. Learn more here.
Source branch patterns.
Deactivate streaming to an audit streaming destination
Previously, temporarily deactivating an audit streaming destination was not possible. This feature is useful for troubleshooting stream connectivity or making configuration changes without deleting and re-creating the configuration.
GitLab 18.2 introduces the ability to toggle an audit stream between active and inactive states. When inactive, audit events are not streamed to the selected destination. Upon reactivation, audit events resume streaming to the chosen destination. Learn more here.
DAST support for time-based one-time password MFA
Dynamic Analysis now includes support for time-based one-time password (TOTP) multi-factor authentication (MFA). This allows you to conduct DAST scans on projects that have TOTP MFA enabled, ensuring thorough security testing. By testing applications in configurations that replicate production environments where MFA is implemented, this enhancement provides more precise scan results. Learn more here.
Centralized Security Policy Management (Beta)
Large organizations often face challenges in maintaining compliance due to fragmented policies across numerous projects and groups. This lack of centralized visibility makes consistent enforcement difficult and increases compliance risks.
Centralized Security Policy Management offers a unified solution for creating, managing, and enforcing security policies throughout your GitLab organization. This is achieved through a single, dedicated Compliance and Security Policy (CSP) group, enabling security teams to:
- Define policies once, apply everywhere: Policies created within the CSP group are automatically enforced across all groups and projects within the instance.
- Configure business unit policies: Top-level groups can establish their own distinct policies while inheriting organizational policies from the CSP group.
- Ensure adherence to the principle of least privilege: A central policy management layer is enforced at the instance level.
This beta release lays the groundwork for centralized policy management, supporting all existing security policy types, configurable for groups, projects, or the entire instance. Learn more here.
Centralized Security Policy Management (Beta) interface lets administrators define and enforce security policies from a single compliance and security policy (CSP) group across the entire instance.
GitHub Enterprise Server
GitHub Enterprise Server has been upgraded from 3.16.3 to 3.16.8, with this release focused on improving the stability and performance of the environment.
Alongside various optimizations addressing performance issues reported in recent versions, the update also delivers a set of important security fixes. Notably, it resolves CVE-2025-8447, an improper access control vulnerability that could have allowed users with access to one repository to retrieve limited code content from another repository by exploiting the compare/diff functionality—provided they knew the private repository’s name and specific references. This vulnerability was responsibly disclosed through the GitHub Bug Bounty program and has now been fully addressed, further strengthening the security of our environment.
Jira
Jira has been upgraded from 10.3.6 to 10.3.9 as part of our continued efforts to strengthen the stability and performance of the environment. In addition to the core upgrade, all installed plugins have been updated to their latest supported versions, ensuring full compatibility, improved reliability, and ongoing security compliance. These enhancements provide a more consistent and dependable platform for your teams.
Dependency Track
Dependency-Track has been upgraded from 4.13.0 to 4.13.3, incorporating a series of security and performance fixes that strengthen the platform’s overall reliability. This release addresses identified issues to improve operational stability while ensuring alignment with the latest security standards. The update also enhances compatibility across components, supporting a more consistent and dependable experience for managing software supply chain risks.
That’s all for September. See you in October!
Published:
