doc/user/application_security/dependency_scanning/agentic-breaking-change-resolution.md
{{< details >}}
{{< /details >}}
{{< history >}}
enable_dependency_bump_breaking_changes and dependency_bump_web_search.{{< /history >}}
Agentic breaking change resolution is an opt-in foundational flow that:
[!warning] When this feature is enabled, pipeline logs and code context from the affected merge request are sent to large language models (LLMs) for analysis. Review your organization's data policies before enabling this feature.
In this foundational flow, GitLab Duo:
Results are based on AI analysis and should be reviewed by a developer before merging.
The feature is turned off by default and must be explicitly enabled at both the group and project level.
To allow all projects in a group to use the foundational flow:
Prerequisites:
To turn on agentic breaking change resolution for a specific project:
You can trigger the flow automatically or manually.
The flow runs automatically when:
The analysis runs in the background. When complete, any generated fixes are committed to the merge request branch and the pipeline is re-run.
To manually trigger agentic breaking change resolution on a merge request (that bumps dependencies) with a failed pipeline:
The flow runs in the background. When complete, it commits any generated fixes to the MR branch and re-runs the pipeline.
Share your feedback in the feedback issue.