GitLab Duo in merge requests
GitLab Duo is designed to provide contextually relevant information during the lifecycle of a merge request.
Generate a description by summarizing code changes
- Tier: Premium, Ultimate
- Add-on: GitLab Duo Enterprise
- Offering: GitLab.com, GitLab Self-Managed
- Status: Beta
When you create or edit a merge request, use GitLab Duo Merge Request Summary to create a merge request description.
In the Description field, put your cursor where you want to insert the description.
On the toolbar above the text area, select Summarize code changes ( ).
The description is inserted where your cursor was.
Provide feedback on this feature in issue 443236.
Data usage: The diff of changes between the source branch’s head and the target branch is sent to the large language model.
Have GitLab Duo review your code
- Tier: Premium, Ultimate
- Add-on: GitLab Duo Enterprise
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
When your merge request is ready to be reviewed, use GitLab Duo Code Review to perform an initial review:
- On the left sidebar, select Search or go to and find your project. If you’ve turned on the new navigation, this field is on the top bar.
- Select Code > Merge requests and find your merge request.
- In a comment box, enter the quick action
/assign_reviewer @GitLabDuo, or assign GitLab Duo as reviewer.
Provide feedback on this feature in issue 517386.
Data usage: When you use this feature, the following data is sent to the large language model:
- Merge request title
- Merge request description
- File contents before changes applied (for context)
- Merge request diffs
- Filenames
- Custom instructions
Interact with GitLab Duo in reviews
You can mention @GitLabDuo in comments to interact with GitLab Duo on your merge request. You can ask follow-up questions on its review comments, or ask questions on any discussion thread in your merge request.
Interactions with GitLab Duo can help to improve the suggestions and feedback as you work to improve your merge request.
Feedback provided to GitLab Duo does not influence later reviews of other merge requests. There is a feature request to add this functionality, see issue 560116.
Automatic reviews from GitLab Duo for a project
Automatic reviews from GitLab Duo ensure that all merge requests in your project receive an initial review. After a merge request is created, GitLab Duo reviews it unless:
- It’s marked as draft. For GitLab Duo to review the merge request, mark it ready.
- It contains no changes. For GitLab Duo to review the merge request, add changes to it.
Prerequisites:
- You must have at least the Maintainer role in a project.
To enable @GitLabDuo to automatically review merge requests:
- On the left sidebar, select Search or go to and find your project. If you’ve turned on the new navigation, this field is on the top bar.
- Select Settings > Merge requests.
- In the GitLab Duo Code Review section, select Enable automatic reviews by GitLab Duo.
- Select Save changes.
Automatic reviews from GitLab Duo for groups and applications
- Tier: Premium, Ultimate
- Add-on: GitLab Duo Enterprise
- Offering: GitLab.com
- Status: Beta
The availability of this feature is controlled by a feature flag. For more information, see the history.
Use group or application settings to enable automatic reviews for multiple projects.
Prerequisites:
- To enable automatic reviews for groups, you must have the Owner role for the group.
- To enable automatic reviews for all projects, you must be an administrator.
To enable automatic reviews for groups:
- On the left sidebar, select Search or go to and find your group. If you’ve turned on the new navigation, this field is on the top bar.
- Select Settings > General.
- Expand the Merge requests section.
- In the GitLab Duo Code Review section, select Enable automatic reviews by GitLab Duo.
- Select Save changes.
To enable automatic reviews for all projects:
- On the left sidebar, at the bottom, select Admin. If you’ve turned on the new navigation, in the upper-right corner, select Admin.
- Select Settings > General.
- In the GitLab Duo Code Review section, select Enable automatic reviews by GitLab Duo.
- Select Save changes.
Settings cascade from application to group to project. More specific settings override broader ones.
Customize instructions for GitLab Duo Code Review
GitLab Duo Code Review can help ensure consistent code review standards in your project. Define a glob pattern for files, and create custom instructions for files matching that pattern. For example, enforce Ruby style conventions only on Ruby files, and Go style conventions on Go files. GitLab Duo appends your custom instructions to its standard review criteria, instead of replacing them.
To configure custom instructions:
In the root of your repository, create a
.gitlab/duodirectory if it doesn’t already exist.In the
.gitlab/duodirectory, create a file namedmr-review-instructions.yaml.Add your custom instructions using this format:
instructions: - name: <instruction_group_name> fileFilters: - <glob_pattern_1> - <glob_pattern_2> - !<exclude_pattern> # Exclude files matching this pattern instructions: | <your_custom_review_instructions>For example:
instructions: - name: Ruby Style Guide fileFilters: - "*.rb" # Ruby files in the root directory - "lib/**/*.rb" # Ruby files in lib and its subdirectories - "!spec/**/*.rb" # Exclude test files instructions: | 1. Ensure all methods have proper documentation 2. Follow Ruby style guide conventions 3. Prefer symbols over strings for hash keys - name: TypeScript Source Files fileFilters: - "**/*.ts" # Typescript files in any directory - "!**/*.test.ts" # Exclude test files - "!**/*.spec.ts" # Exclude spec files instructions: | 1. Ensure proper TypeScript types (avoid 'any') 2. Follow naming conventions 3. Document complex functions - name: All Files Except Tests fileFilters: - "!**/*.test.*" # Exclude all test files - "!**/*.spec.*" # Exclude all spec files - "!test/**/*" # Exclude test directories - "!spec/**/*" # Exclude spec directories instructions: | 1. Follow consistent code style 2. Add meaningful comments for complex logic 3. Ensure proper error handling - name: Test Coverage fileFilters: - "spec/**/*_spec.rb" # Ruby test files in spec directory instructions: | 1. Test both happy paths and edge cases 2. Include error scenarios 3. Use shared examples to reduce duplicationOptional: Add a Code Owners entry to protect changes to the
mr-review-instructions.yamlfile.[GitLab Duo] .gitlab/duo @default-owner @tech-leadCreate a merge request to review and merge the changes:
- Code Review automatically applies your custom instructions when the file patterns match.
- Multiple instruction groups can apply to a single file.
Optional:
- Review the feedback and refine your instructions as needed.
- Test the patterns to ensure they match the intended files.
For glob syntax examples, see the file pattern reference.
Best practices
When writing custom review instructions, apply the following best practices:
- Be specific and actionable.
- Number your instructions for clarity.
- Focus on the most important standards.
- Explain the “why” when helpful.
- Start with straightforward instructions, and add complexity as needed.
For example:
instructions: |
1. All public functions must include docstrings with parameter descriptions
2. Use parameterized queries to prevent SQL injection
3. Validate user input before processing (check type, length, format)
4. Include error handling for all external API calls
5. Avoid hardcoded credentials - use environment variablesAvoid vague instructions:
instructions: |
1. Write clean code
2. Be secure
3. Make it goodYou can ask GitLab Duo Agentic Chat to analyze the codebase and documentation, and generate customized review rules. For security reasons, Chat cannot edit .gitlab/duo/mr-review-instructions.yaml directly and requires human copy actions.
Example prompt:
I need more Duo Code Review custom rules - when you look at the source code, which languages are missing and need to be added to the mr-review-instructions.yaml file?You can find practical examples for many programming languages in the use case examples for customized MR review rules section.
Customized code review comments
When GitLab Duo Code Review generates code review comments based on your custom instructions, they follow this format:
According to custom instructions in '[instruction_name]': [specific feedback]For example:
According to custom instructions in 'Ruby Style Guide': This method should have proper documentation explaining its purpose and parameters.The instruction_name value corresponds to the name property from your .gitlab/duo/mr-review-instructions.yaml file. Standard GitLab Duo comments don’t use this citation format.
Summarize a code review
- Tier: Premium, Ultimate
- Add-on: GitLab Duo Enterprise
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
- Status: Experiment
When you’ve completed your review of a merge request and are ready to submit your review, use GitLab Duo Code Review Summary to generate a summary of your comments.
- On the left sidebar, select Search or go to and find your project. If you’ve turned on the new navigation, this field is on the top bar.
- Select Code > Merge requests and find the merge request you want to review.
- When you are ready to submit your review, select Finish review.
- Select Add Summary.
The summary is displayed in the comment box. You can edit and refine the summary before you submit your review.
Provide feedback on this experimental feature in issue 408991.
Data usage: When you use this feature, the following data is sent to the large language model:
- Draft comment’s text
Generate a merge commit message
- Tier: Premium, Ultimate
- Add-on: GitLab Duo Enterprise, GitLab Duo with Amazon Q
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
When preparing to merge your merge request, edit the proposed merge commit message by using GitLab Duo Merge Commit Message Generation.
- On the left sidebar, select Search or go to and find your project. If you’ve turned on the new navigation, this field is on the top bar.
- Select Code > Merge requests and find your merge request.
- Select the Edit commit message checkbox on the merge widget.
- Select Generate commit message.
- Review the commit message provided and choose Insert to add it to the commit.
Data usage: When you use this feature, the following data is sent to the large language model:
- Contents of the file
- The filename
File pattern reference for custom MR reviews
Use glob patterns in fileFilters to target specific files for customized MR review rules.
| Pattern | Match |
|---|---|
**/*.rb | All Ruby files in any directory |
*.rb | Ruby files in root directory only |
lib/**/*.rb | Ruby files in the lib directory and its subdirectories |
!**/*.test.rb | Exclude all Ruby test files |
!spec/**/*.rb | Exclude all Ruby files in the spec directory and its subdirectories |
!tests/**/* | Exclude all files in the tests directory and its subdirectories |
**/*.{js,jsx} | JavaScript and JSX files in all directories |
The difference between **/*.rb and *.rb can be illustrated with the following structure:
project/
├── app.rb ← matched by both *.rb and **/*.rb
├── lib/
│ └── helper.rb ← matched only by **/*.rb
└── app/
└── models/
└── user.rb ← matched only by **/*.rb*.rbwould only match app.rb**/*.rbwould match all three files
For the mr-review-instructions.yaml file, **/*.rb ensures that review instructions apply to Ruby files anywhere in the project structure, not just the root directory.
Use case examples for customized MR review rules
Use the following practical examples for customized MR review rules to get started faster:
Example for Assembly style guide:
instructions:
- name: Assembly Style Guide
fileFilters:
- "**/*.asm"
- "**/*.s"
- "**/*.S"
instructions: |
1. Document the target architecture (x86-64, ARM, RISC-V, AVR, etc.) at the top
2. Use meaningful labels and comment all non-obvious instructions
3. Document register usage and calling conventions
4. Align code sections properly for readability
5. Include memory layout and stack usage documentationExample for C style guide:
instructions:
- name: C Style Guide
fileFilters:
- "**/*.c"
- "**/*.h"
instructions: |
1. goto is not allowed
2. Avoid using global variables
3. Use meaningful variable names
4. Add comments for complex logicExample for C++ style guide:
instructions:
- name: C++ Style Guide
fileFilters:
- "**/*.cpp"
- "**/*.{h,hpp}"
instructions: |
1. Ensure all methods have proper documentation
2. Use smart pointers for dynamic memory management
3. Avoid raw pointersExample for C# style guide:
instructions:
- name: C# Style Guide
fileFilters:
- "**/*.cs"
instructions: |
1. Follow Microsoft C# coding conventions
2. Use XML documentation comments for public APIs
3. Prefer async/await for asynchronous operations
4. Use nullable reference types appropriately
5. Follow .NET naming conventions (PascalCase for public members)Example for COBOL style guide:
instructions:
- name: COBOL Style Guide
fileFilters:
- "**/*.CBL"
- "**/*.cbl"
- "**/*.COB"
- "**/*.cob"
instructions: |
1. Use clear and meaningful names for variables and procedures
2. Prefer COBOL-85 syntax where possible
3. Use proper division structure (IDENTIFICATION, ENVIRONMENT, DATA, PROCEDURE)
4. Document all paragraphs and sections with meaningful comments
5. Use 88-level condition names for boolean flags and status codes
6. Avoid GO TO statements, prefer PERFORM for structured programming
7. Use proper error handling with declaratives or status code checking
8. Define working storage variables with appropriate PICTURE clauses
9. Use meaningful paragraph names that describe the operation
10. For mainframe integration, document JCL dependencies and file layoutsExample for Go style guide:
instructions:
- name: Go Style Guide
fileFilters:
- "**/*.go"
instructions: |
1. Use idiomatic Go practices
2. Ensure all public functions and types have documentation
3. Prefer standard library packages over third-party ones when possibleExample for Java style guide:
instructions:
- name: Java Style Guide
fileFilters:
- "**/*.java"
instructions: |
1. Do not modernize Java 8 code to Java 11+ features, unless there is a GitLab issue or task specifically requesting modernization
2. All public classes must have Javadoc describing purpose and usage
3. All public methods must have Javadoc with @param and @return tags
4. Include code examples in main class Javadoc
5. All public methods must have at least one test caseExample for JavaScript/TypeScript style guide:
instructions:
- name: JavaScript/TypeScript Files
fileFilters:
- "src/**/*.js"
- "src/**/*.jsx"
- "src/**/*.ts"
- "src/**/*.tsx"
- "!**/*.test.js"
- "!**/*.test.ts"
- "!**/*.spec.js"
- "!**/*.spec.ts"
instructions: |
1. Use const/let instead of var
2. Prefer async/await over promise chains
3. Add JSDoc comments for complex functions
4. Ensure proper error handling in async code
5. Avoid any 'any' types in TypeScriptExample for Kotlin style guide:
instructions:
- name: Kotlin Style Guide
fileFilters:
- "**/*.kt"
- "**/*.kts"
instructions: |
1. Follow Kotlin coding conventions
2. Prefer immutability (val over var)
3. Use coroutines for asynchronous operations
4. Leverage Kotlin's null safety features
5. Document public APIs with KDocExample for MATLAB style guide:
instructions:
- name: MATLAB Style Guide
fileFilters:
- "**/*.m"
instructions: |
1. Use descriptive variable and function names with camelCase convention
2. Vectorize operations instead of using loops where possible
3. Document functions with H1 line and help text comments
4. Preallocate arrays before loops to improve performance
5. Use proper error handling with try-catch blocks and error() functionExample for Perl style guide:
instructions:
- name: Perl Style Guide
fileFilters:
- "**/*.pl"
- "**/*.pm"
instructions: |
1. Follow idiomatic Perl practices
2. Ensure proper module documentation
3. Use strict and warnings pragmasExample for PHP style guide:
instructions:
- name: PHP Style Guide
fileFilters:
- "**/*.php"
instructions: |
1. Follow PSR-12 coding standard
2. Use type declarations for function parameters and return types
3. Ensure compatibility with PHP 8+
4. Use proper error handling and exceptions
5. Document classes and methods with PHPDocExample for Python style guide:
instructions:
- name: Python Source Files
fileFilters:
- "**/*.py"
- "!tests/**/*.py"
- "!test_*.py"
instructions: |
1. All functions must have docstrings with parameters and return types
2. Use type hints for function signatures
3. Follow PEP 8 style conventions
4. Ensure proper exception handling
5. Avoid using bare 'except' clauses
- name: Python Tests
fileFilters:
- "tests/**/*.py"
- "test_*.py"
instructions: |
1. Use pytest fixtures for common setup
2. Test names should clearly describe the scenario being tested
3. Include assertions for both expected outcomes and edge cases
4. Mock external dependencies appropriatelyExample for Ruby style guide:
instructions:
- name: Ruby Style Guide
fileFilters:
- "*.rb"
- "lib/**/*.rb"
- "!spec/**/*.rb" # Exclude test files
instructions: |
1. Follow Ruby style guide conventions
2. Prefer symbols over strings for hash keys
3. Use snake_case for methods/variables, SCREAMING_SNAKE_CASE for constants, CamelCase for classes
4. Prefer Ruby 3.0+ features (pattern matching, endless methods) where appropriate
5. Use proper error handling - raise exceptions over returning nil for errors
6. Write idiomatic Ruby - use blocks, enumerables, and Ruby idioms over procedural patterns
7. Use meaningful method names - use ? for predicates, ! for dangerous methods
8. Prefer keyword arguments for methods with multiple parameters
9. All public methods should have corresponding RSpec/Minitest tests
10. Manage dependencies with Gemfile and ensure version compatibility
11. Document thread-safe code and use proper synchronization for concurrent operations
12. Handle signals (SIGTERM, SIGINT) properly for daemon processesExample for R style guide:
instructions:
- name: R Style Guide
fileFilters:
- "**/*.r"
- "**/*.R"
instructions: |
1. Follow tidyverse style guide conventions
2. Use snake_case for variable and function names
3. Document functions with roxygen2 comments
4. Prefer vectorized operations over loops
5. Use proper error handling with tryCatch and stop()Example for Rust style guide:
instructions:
- name: Rust Style Guide
fileFilters:
- "**/*.rs"
instructions: |
1. Follow Rust idioms and conventions
2. Use proper error handling with Result and Option types
3. Avoid unsafe code unless absolutely necessary and well-documented
4. Ensure all public items have documentation commentsExample for Scala style guide:
instructions:
- name: Scala Style Guide
fileFilters:
- "**/*.scala"
instructions: |
1. Follow Scala style guide conventions
2. Prefer immutable data structures (val over var)
3. Use pattern matching effectively for control flow
4. Document public APIs with ScalaDoc
5. Use proper error handling with Try, Either, or Option typesExample for Shell script style guide:
instructions:
- name: Shell Script Style Guide
fileFilters:
- "**/*.sh"
- "**/*.bash"
- "**/*.zsh"
- "**/*.ksh"
instructions: |
1. Always quote variables to prevent word splitting ("$var" not $var)
2. Use proper error handling with set -euo pipefail at script start
3. Document script purpose, parameters, and exit codes in header comments
4. Prefer [[ ]] over [ ] for conditional tests
5. Use meaningful function names and avoid complex one-linersExample for SQL style guide:
instructions:
- name: SQL Style Guide
fileFilters:
- "**/*.sql"
instructions: |
1. Use uppercase for SQL keywords (SELECT, FROM, WHERE, JOIN)
2. Always specify column names explicitly instead of using SELECT *
3. For PostgreSQL use SERIAL/RETURNING, for MySQL use AUTO_INCREMENT, for Oracle use SEQUENCE
4. For NoSQL (MongoDB) use proper indexing and aggregation pipelines to avoid N+1 queries
5. Document database-specific features and expected performance characteristics
6. Use proper indentation for complex queries and subqueriesExample for VHDL style guide:
instructions:
- name: VHDL Style Guide
fileFilters:
- "**/*.vhd"
- "**/*.vhdl"
instructions: |
1. Follow IEEE VHDL coding standards
2. Use meaningful signal and entity names with clear prefixes
3. Document all entities, architectures, and processes with comments
4. Use synchronous design practices with proper clock and reset handling
5. Avoid combinational loops and ensure proper timing constraintsExample for configuration files:
instructions:
- name: Configuration Files
fileFilters:
- "*.yaml"
- "*.yml"
- "*.json"
- "config/**/*"
- "!.gitlab/**/*"
instructions: |
1. Do not include sensitive data (passwords, API keys)
2. Use environment variables for environment-specific values
3. Document all configuration options
4. Validate configuration schema if possibleExample for Infrastructure-as-Code style guide:
instructions:
- name: Ansible Style Guide
fileFilters:
- "*.yaml"
- "*.yml"
- "playbooks/**/*.yaml"
- "roles/**/*.yaml"
instructions: |
1. Use meaningful play and task names that describe the action
2. Prefer modules over shell/command tasks when possible
3. Use variables and defaults for reusability across environments
4. Implement idempotency - tasks should be safe to run multiple times
5. Use handlers for service restarts and notifications
6. Document playbook purpose, required variables, and dependencies
- name: Dockerfile Style Guide
fileFilters:
- "Dockerfile"
- "*.dockerfile"
- "Dockerfile.*"
instructions: |
1. Use specific base image tags, avoid 'latest'
2. Minimize layers by combining RUN commands with && where logical
3. Use multi-stage builds to reduce final image size
4. Run containers as non-root user for security
5. Use .dockerignore to exclude unnecessary files
6. Document exposed ports, volumes, and environment variables
- name: GitLab CI/CD Style Guide
fileFilters:
- ".gitlab-ci.yml"
- "**/.gitlab-ci.yml"
instructions: |
1. Use job extends instead of YAML anchors for reusability
2. Always use rules instead of only/except for job conditions
3. Define appropriate caching strategies for dependencies
4. Use stages to organize pipeline workflow logically
5. Include security scanning templates (SAST, Dependency Scanning, Secret Detection)
6. Document job purpose, required variables, and dependencies in comments
- name: Helm Chart Style Guide
fileFilters:
- "Chart.yaml"
- "values.yaml"
- "templates/**/*.yaml"
instructions: |
1. Use semantic versioning for chart versions
2. Provide sensible defaults in values.yaml with comments
3. Use template functions for conditional logic and loops
4. Include NOTES.txt with post-installation instructions
5. Validate charts with helm lint before committing
6. Document all configurable values and their purpose
- name: Kubernetes Style Guide
fileFilters:
- "*.yaml"
- "*.yml"
- "k8s/**/*.yaml"
- "kubernetes/**/*.yaml"
instructions: |
1. Use explicit API versions and avoid deprecated APIs
2. Always define resource limits and requests for containers
3. Use namespaces to organize resources logically
4. Define liveness and readiness probes for all deployments
5. Use ConfigMaps and Secrets instead of hardcoded values
6. Document resource purpose and dependencies in metadata annotations
- name: Terraform/OpenTofu Style Guide
fileFilters:
- "*.tf"
- "*.tfvars"
instructions: |
1. Use consistent naming conventions for resources (environment_service_resource)
2. Organize code into modules for reusability
3. Use variables with descriptions and validation rules
4. Define outputs for important resource attributes
5. Use remote state with locking for team collaboration
6. Document module purpose, inputs, outputs, and provider requirementsUse case example projects
You can learn about more custom review instructions use cases in the following production examples:
- GitLab development in
gitlab-org/gitlab - GitLab handbook
- GitLab website
- Developer Advocacy: Tanuki IoT Platform