In the age of agentic coding, many developers are reporting their productivity to have jumped from a few lines of code every day to thousands. While "lines of code written" is a really bad metric to track outcomes, it's also an indication of the rapid pace of iteration of new features.

I've previously covered GitHub and the strange place they have found themselves in, being the most successful they've ever been, while essentially not having put anything meaningful on the market since GitHub Copilot (which threw away its massive first-mover advantage due to slow pace of iteration).

There is another company that is associated with Git, the primary version control system we use in order to track the evolution of application code. GitLab has also had a strong opportunity to innovate and be seen as central to the AI revolution. Did they?

The key takeaway

For tech sales and industry operators: The GitLab sales team has found themselves in a classic "fork in the road" moment. The company has been behind on AI for years, leadership is churning at an increased rate and the market doesn't believe in them. If you're competing against GitLab, the opportunity has never been better. Their customers are already adopting AI coding tools like Cursor, Claude Code, and Codex independently, which cracks open the single-vendor story at the most visible entry point. Once teams start buying outside the platform for code generation, it gets much easier to question the rest of the bundle too. Any buyer today is asking themselves "should I sign this contract if I believe that my engineering org would look fundamentally different in 36 months?"If you're evaluating joining GitLab's sales team, be honest with yourself about what you're walking into. The installed base is real and retention is strong, so there's money to be made on renewals and expansions. But the new logo motion is broken by their own admission, the AI story is still unproven, and the most likely exit is a PE take-private that historically means headcount cuts and compressed comp plans.

For investors and founders: GitLab at $4.7B with $1.2B in cash and close to $1B ARR looks cheap on paper, but it's hard to build a long thesis around a company whose core value proposition is being questioned by the market it serves. The most interesting asset here is the intellectual property in their security scanning and compliance automation, which has genuine standalone value that exceeds what the market is pricing, and will likely be the centerpiece of any PE take-private pitch. But the real allocation question for this space is: what happens after Git? The winning company in the next wave of developer infrastructure will be the one where an agent can go from business requirement to production deployment without ever touching a git commit. That means agent orchestration layers, intent-based deployment systems, and autonomous testing frameworks that don't require human-defined pipelines. We are in the equivalent of 2007 for mobile. Everyone knows the smartphone is coming but most incumbents are still optimizing their flip phone business. For founders: the opportunity is not "GitLab but better." It's building for a world where the entire concept of a pull request, a CI pipeline, and a manual code review feels as antiquated as deploying software via FTP. The companies that capture the $150B+ that enterprises spend annually on software development infrastructure will look nothing like GitLab or GitHub.

The winners and losers of AI coding

GitLab has lost 57% of its stock value in the last year and is widely considered one of the most likely companies to get acquired (it's also down 72% since IPO). They sit on $1.2B in cash and close to $1B ARR run rate, which is not the worst of places to be in. The product is clearly growing, albeit slowly. The challenge for them is that outside of security players who want to increase their AppSec footprint, it's not obvious who buys them. This didn't use to be the case, as many different companies were seen as an obvious fit (AWS or GCP wanting a GitHub alternative, Atlassian or IBM extending their DevOps capabilities). It's a testament to how much the value of Git is being questioned when it comes to AI, that many of the existing players would rather wait for something new and build around that.

If GitHub has been coasting on being the "default" store for both open and closed source code, GitLab has always been focused on executing towards enterprise customers, offering a full CI/CD platform, including self-managed hosting. This ability to run your CI/CD platform internally has always been seen as an advantage with certain regulated industries and in the last year is also becoming more relevant in international markets where there is a growing distrust with hosting on US-based hyperscalers.

William Staples: It’s my first anniversary as GitLabs CEO, and I wake up every day feeling incredibly lucky to build upon the foundation that GitLab have created.

When I first got here, I said three things: there has never been a better time to serve developers; we’re in the early stages of how software gets transformed through AI; and GitLab sits at the heart of the software development life cycle and has the best and most comprehensive platform to enable this transformation. My conviction in the company and our opportunity has only grown stronger.

A year into this journey and hundreds of customer conversations later, I can confidently say that we are stronger today than even one year ago. We’ve built the foundation to deliver more value through AI in the coming year architecting GitLab and Duo Agent platform to remain mission-critical and delivering increasing value as LLM and markets evolve.

I truly believe there has never been a more exciting time to be at GitLab. We’re seeing the rise of AI expand our total addressable market. AI has drastically reduced barriers to entry of software creation and is driving the marginal cost of code generation towards zero.

However, software is more than just code. Software with all its embedded business processes and sensitive data is business critical. The global economy runs on software human lives rely on software. Businesses can’t afford negligence in their quality assurance, security, compliance or governance of their software development and delivery practice.

I believe what we do becomes even more critical in a world where teams want to take advantage of agents to author code, given the nondeterministic nature of AI. For decades, I’ve watched my own teams and countless customer teams struggle to stay on top of bug backlogs, technical debt, and business requirements, all while innovating.

The pattern is universal and longstanding. The tools for building software are technically pretty good, but things consistently break down wherever people and processes are required. GitLab has been solving this problem by providing teams an opinionated view with proven ROI.

The key differentiator, we automate the end-to-end software delivery flow, including quality, security, compliance, and governance in a single process flow as part of our unified platform. Ironically, as we’ve studied teams using agents and new AI tools, we see the familiar pattern agents act early like humans.

Sometimes they follow pros, but sometimes they don’t. Sometimes they write secure code, but sometimes they don’t. Why is this? Because LLMs will always be non-deterministic. It is the nature of the algorithms used to build them. And every business has unique requirements that LLM simply can’t guess.

Even if LLM become superior at code generation to humans, external validation of that code which will also be driven agentically with human oversight will be required to ensure they meet the complex human requirements of doing business. We believe LLMs will continue to improve in accuracy and cost but they will always require systems that can validate they are supporting complex business requirements.

I think that it should be obvious that Bill does not appear to be very AI-pilled. His vision seems to be one of compliance and safety, offering a stable platform that mostly human developers can leverage to control and track AI-generated code. This is not that shocking, keeping in mind that his career was basically being a great behind-the-scenes operator at Microsoft and Adobe, followed by a stint as CEO of the legacy observability platform New Relic, where as he puts it on his LinkedIn:

Led a premium, take-private transaction to capture shareholder value and set the company up for its next phase of growth.

William Staples: IDE tools like Cursor, Copilot, and Claude Code have contributed to an explosion in code generation. The downstream effects are now clearly visible to us in our business. GitLab engagement has grown significantly across our SaaS customer base.

In the first 10 months of 2025, key activity metrics CI pipelines, deployments, and releases are up about 35% to 45% year-over-year, similar to what peers are seeing. For customers paying us more than $5,000 in ARR, usage proxies like deployments and CI pipelines on a per seat basis are up 20% to 40% annually. Simply put, more code means more of a need for GitLab.

Our 2025 global DevSecOps report shows that while AI accelerates coding, more code doesn’t necessarily mean better outcomes. We call this the AI paradox. We believe long-term winners are not the vendors who can generate code the fastest but those who can maximize the customers’ ability to deliver high-quality, secure software to the consumers of their business and drive meaningful business outcomes through software. GitLab is in position to do that better than anyone else.

How we’ve extended our end-to-end platform, which already powers full life cycle actions for more than 50% of the Fortune 100 and hundreds of thousands of organizations across 100 different countries around the world and now provide that same set of capabilities natively to agents along with shared context for both humans and agents. This not only facilitates greater trust and accuracy, but will help accelerate the end-to-end software delivery process required to win.

Instead of just building new systems tools and agents to solve specific use cases like our competition, we’ve extended our platform to provide intelligent orchestration across the software life cycle. Enabling our partners, customers, and ourselves to solve any engineering problem across the life cycle. GitLab Duo agent platform is our answer to the AI paradox most companies are experiencing today as they adopt new AI tools and will be a driver of new revenue stream beyond seats.

The context we have is rich. It includes semantic understanding of the code and dependencies across repositories, granular changes to it over time, quality assurance tests, planning and issue tracking and collaboration on those plans, security and compliance checks, and build integration and deployment pipelines just to name a few.

Our underlying platform becomes more valuable as the volume of code explodes regardless of whether a human or agent may change. I believe the primitives of code collaboration will prove to be powerful moats. And with Duo Agent platform we are in a great position even as LLMs improve and the market evolves. I’m pleased to share that Duo Agent platform is on track for general availability in the coming weeks.

Now to be clear, there is an argument to be made that there is an interesting opportunity to monetize “code quality” as a category.

The trick is that this is where GitLab runs into a corner of its own making. Fundamentally, the business has been built on top of the enterprise companies leveraging the platform as an all-in-one CI/CD workflow, ideally hosted within its internal network. The value proposition of "improve code quality and security with AI" is obvious, but it requires providing the inference service, which will inherently require this code to be exposed to external cloud providers. The reality is that in order to provide a competitive product against the multiple startups already doing that (and users simply asking Claude Code/Codex to do this for them), they will have to leverage the best coding models, which all require API access. While there are ways to offer improved privacy (leverage private cloud, zero-trust architecture), this adds significant additional cost.

Short term, for the legacy customers that are fully embracing AI coding agents, the argument to move towards GitLab cloud has never been stronger. The obvious question here is, if they are already fully transitioning in this direction and they start hitting the obvious limits in Git workflows, would they start looking towards what's the next thing?