惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Threat Research - Cisco Blogs
P
Privacy & Cybersecurity Law Blog
The Hacker News
The Hacker News
H
Heimdal Security Blog
W
WeLiveSecurity
L
LINUX DO - 热门话题
Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
The Last Watchdog
The Last Watchdog
Hugging Face - Blog
Hugging Face - Blog
博客园 - 【当耐特】
D
DataBreaches.Net
I
Intezer
Webroot Blog
Webroot Blog
C
Cisco Blogs
AWS News Blog
AWS News Blog
博客园 - 聂微东
T
The Blog of Author Tim Ferriss
V
Vulnerabilities – Threatpost
罗磊的独立博客
Google DeepMind News
Google DeepMind News
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
宝玉的分享
宝玉的分享
博客园 - 叶小钗
PCI Perspectives
PCI Perspectives
D
Docker
Scott Helme
Scott Helme
NISL@THU
NISL@THU
J
Java Code Geeks
B
Blog RSS Feed
Google Online Security Blog
Google Online Security Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Exploit Database - CXSecurity.com
AI
AI
美团技术团队
Cloudbric
Cloudbric
月光博客
月光博客
P
Proofpoint News Feed
T
Tailwind CSS Blog
Google DeepMind News
Google DeepMind News
小众软件
小众软件
www.infosecurity-magazine.com
www.infosecurity-magazine.com
The Cloudflare Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org

GitLab

Green DevOps: Why carbon measurement belongs in your CI/CD pipeline GitLab Patch Release: 19.1.2, 19.0.4, 18.11.7 How we used AI agents to migrate GitLab rate limiting Keep your GitLab seats in check with restricted access GitLab Patch Release: 18.8.11 | GitLab Docs Claude Sonnet 5 on GitLab: More reliable, more efficient What Google Antigravity agents get full context with GitLab Orbit GitLab Patch Release: 19.1.1, 19.0.3, 18.11.6 GitLab 19.1 release notes | GitLab Docs AI Catalog updates for governance and operations One vulnerability view: From scanner coverage to AI governance GitLab named a Leader in the 2026 Gartner® Magic Quadrant™ for DevSecOps Platforms GitLab and Capgemini accelerate DevSecOps transformation Introducing the 2026 EMEA GitLab Partner Award winners GitLab Patch Release: 19.0.2, 18.11.5, 18.10.8 Introducing GitLab Orbit GitLab Flex: Commit once, reshape your seats and AI spend GitLab: Built for the agentic engineering era GitLab on Google Cloud: Fully managed, compliant, and AI-ready Shai-Hulud copycat campaign targets Python developers through PyPI typosquatting Mythos-class Claude Fable 5 arrives on GitLab Duo Agent Platform GitLab Patch Release: 19.0.1, 18.11.4, 18.10.7 Claude Opus 4.8 on GitLab: Complex agentic work, less disruption Agentic coding is only as good as its context GitLab Patch Release: 18.9.8, 18.8.10, 18.7.7, 18.6.8, 18.5.7 Full security scanner coverage of your codebase in minutes Reduce supply chain risk with SBOM-based dependency scanning Transform MRs from manual tasks to an automated workflow Manage CI/CD credentials with GitLab Secrets Manager More AI models for GitLab Duo Agent Platform Self-Hosted GitLab 19.0 | GitLab Docs GitLab Dedicated for Government now GovRAMP-authorized Beyond BYOK: Why governance matters for AI agents Fix bugs with Codex and GitLab 5 ways to fix misleading vulnerability severities with policy Harden your pipeline perimeter for the era of AI-assisted coding GitLab Patch Release: 18.11.3, 18.10.6, 18.9.7 GitLab Act 2 Consolidate your GitLab stack with Gitaly on Kubernetes Limit token exposure with fine-grained PATs Automate deployment processes with GitLab Duo Agent Platform Claude Code and GitLab: Three workflows that ship 8 Agentic AI patterns reshaping team collaboration How to detect and prevent Contagious Interview IDE attacks Atlassian will train on your data: Opt out with GitLab Automate detection testing with GitLab CI/CD and Duo
Track CI component usage across your organization
Corinne Dent · 2026-05-21 · via GitLab

If your platform team publishes standardized pipeline components, you've probably encountered this: once they're out in the wild, you lose visibility. You can't see if anyone’s actually using it, who's on which version, or which projects are still running outdated versions that open your organization up to security risks.

Now with GitLab 19.0's new Components Analytics view in the CI/CD Catalog, your team gets visibility and important adoption data about how CI/CD components are being utilized across the organization. Usage counts and adoption data is available across all tiers; with Ultimate, drill into any component to see exactly which projects are using which versions.

As AI generates more of the pipelines hitting production, this visibility matters more than ever.

The GitLab CI/CD Catalog gives DevSecOps and platform engineering teams a central place to publish versioned, reusable pipeline components that any project can pull in with a single include reference. No copy-pasting, no manual updates across hundreds of repos, no guesswork about which template is the source of truth. Distribution: solved.

But once a component is out in the wild, visibility disappears, and the consequences aren't only operational. Security fixes in shared components don't automatically propagate, so outdated, vulnerable versions linger in production pipelines, with a blast radius no one can measure until something breaks. The next time a vulnerability is disclosed in a widely used component, the question "how exposed are we?" shouldn't take a week of manual auditing to answer.

Components Analytics shows you what’s actually running

Components Analytics closes that gap with two views: a high-level usage view available across all tiers, and a per-component drill-down on Ultimate.

High-level adoption view

The high-level adoption view shows component maintainers how widely each of their components is being used across the organization. For each catalog resource you maintain, you can see:

  • The latest released version
  • A count of how many unique projects pulled a component from it in the last 30 days
  • Which components are available in that version.

CI/CD Catalog

At a glance, you can see which of your components are widely adopted and which have been quietly abandoned. This is useful for prioritizing maintenance, planning deprecations, and making the case for continued investment in shared CI infrastructure.

This high-level view shipped in GitLab 18.9 and is available across all tiers, including Free. If you maintain components in the CI/CD Catalog, it's ready for use today. You can access it through Explore > CI/CD Catalog > Analytics.

For teams that need evidence of what's running where, whether for security response, compliance audits, or major refactors, GitLab Ultimate adds the per-component drill-down.

Component usage detail view

If the high-level view answers "how widely is my component being used?", the drill-down answers "which projects are running which versions, and where do I need to act?"

With the new Component Analytics on GitLab Ultimate, you can open any catalog resource you maintain and see exactly which projects included one of its components in a pipeline in the last 30 days, which version each project is on, and which versions are outdated. Each project is clearly marked as up-to-date or outdated, so you know at a glance where to focus.

Components Analytics view

If you shipped a fix in v2.1 of a component, the drill-down shows you exactly which projects are still pinned to v1.x, so you can open MRs, notify the maintainers directly, or escalate. The next time a vulnerability is disclosed in a widely used component, "how exposed are we?" becomes a one-tab answer instead of a week of manual auditing.

The drill-down also shapes the bigger decisions: whether a refactor will ripple across hundreds of pipelines, whether it's safe to deprecate an older version, or whether the security fix you shipped last week has actually been adopted in the projects that matter.

Built-in visibility you can’t get elsewhere

GitHub Actions, CircleCI Orbs, and Jenkins Shared Libraries all offer pipeline reusability, but none of them offers the native usage visibility that Components Analytics adds.

  • GitHub Actions has no native catalog analytics layer, so knowing which reusable workflows are in use across your organization, at which versions, requires building and maintaining your own internal tooling or documentation.
  • CircleCI's Insights dashboard covers pipeline performance metrics, but there's no native view showing which orbs are in use across your organization, by which teams, or at which versions.
  • Jenkins Shared Libraries require custom tooling to track component usage at all.

Reusability without visibility means you can't prove your standards are running or measure the return on the platform investment. GitLab is the only platform that pairs a governed CI component catalog with native analytics that show where your standards are running and surface where they aren't.

Governance for AI-generated pipelines

The CI/CD Catalog gave platform teams a way to reduce drift and enforce standards. Components Analytics is the visibility layer that turns shared CI from a set of YAML templates you publish and forget into infrastructure you can audit, act on, and trust.

As AI generates more code across your org, the CI/CD Catalog and Components Analytics together help your organization scale its automated workflows. Tools like the CI Expert Agent can generate pipelines built to GitLab standards from the start, but only Components Analytics tells you whether those standards are actually running in production.

Self-Managed and Dedicated customers can build that approved set of standards with components mirrored from GitLab.com alongside components built in-house, giving regulated and air-gapped environments the same curated baseline.

See which CI/CD components are running in your projects

If you maintain components in the CI/CD Catalog, adoption metrics are available now across all tiers by clicking on Explore > CI/CD Catalog > Analytics.

The component usage detail view that answers the question, “which projects are running which versions, and where do I need to act?” is available on GitLab Ultimate. Start a free Ultimate trial or talk to our team about enabling it for your organization.

Read more about what's in GitLab 19.0