28.7 KB

Contributor license agreement

By submitting code as an individual you agree to the individual contributor license agreement. By submitting code as an entity you agree to the corporate contributor license agreement.

This notice should stay as the first item in the CONTRIBUTING.MD file.

Table of Contents generated with DocToc

Contribute to GitLab

Thank you for your interest in contributing to GitLab. This guide details how to contribute to GitLab in a way that is efficient for everyone.

GitLab comes into two flavors, GitLab Community Edition (CE) our free and open source edition, and GitLab Enterprise Edition (EE) which is our commercial edition. Throughout this guide you will see references to CE and EE for abbreviation.

If you have read this guide and want to know how the GitLab core team operates please see the GitLab contributing process.

Security vulnerability disclosure

Please report suspected security vulnerabilities in private to, also see the disclosure section on the website. Please do NOT create publicly viewable issues for suspected security vulnerabilities.

Closing policy for issues and merge requests

GitLab is a popular open source project and the capacity to deal with issues and merge requests is limited. Out of respect for our volunteers, issues and merge requests not in line with the guidelines listed in this document may be closed without notice.

Please treat our volunteers with courtesy and respect, it will go a long way towards getting your issue resolved.

Issues and merge requests should be in English and contain appropriate language for audiences of all ages.

If a contributor is no longer actively working on a submitted merge request we can decide that the merge request will be finished by one of our Merge request coaches or close the merge request. We make this decision based on how important the change is for our product vision. If a Merge request coach is going to finish the merge request we assign the coach will finish label.

Helping others

Please help other GitLab users when you can. The channels people will reach out on can be found on the getting help page.

Sign up for the mailing list, answer GitLab questions on StackOverflow or respond in the IRC channel. You can also sign up on CodeTriage to help with the remaining issues on the GitHub issue tracker.

I want to contribute!

If you want to contribute to GitLab, but are not sure where to start, look for issues with the label Accepting Merge Requests and weight < 5. These issues will be of reasonable size and challenge, for anyone to start contributing to GitLab.

Workflow labels

Labelling issues is described in the GitLab Inc engineering workflow.

Implement design & UI elements

Please see the UX Guide for GitLab.

Release retrospective and kickoff


After each release, we have a retrospective call where we discuss what went well, what went wrong, and what we can improve for the next release. The retrospective notes are public and you are invited to comment on them. If you're interested, you can even join the retrospective call, on the first working day after the 22nd at 6pm CET / 9am PST.


Before working on the next release, we have a kickoff call to explain what we expect to ship in the next release. The kickoff notes are public and you are invited to comment on them. If you're interested, you can even join the kickoff call, on the first working day after the 7th at 6pm CET / 9am PST..

Issue tracker

To get support for your particular problem please use the getting help channels.

The GitLab CE issue tracker on is for bugs concerning the latest GitLab release and feature proposals.

When submitting an issue please conform to the issue submission guidelines listed below. Not all issues will be addressed and your issue is more likely to be addressed if you submit a merge request which partially or fully solves the issue.

If you're unsure where to post, post to the mailing list or Stack Overflow first. There are a lot of helpful GitLab users there who may be able to help you quickly. If your particular issue turns out to be a bug, it will find its way from there.

If it happens that you know the solution to an existing bug, please first open the issue in order to keep track of it and then open the relevant merge request that potentially fixes it.

Feature proposals

To create a feature proposal for CE, open an issue on the issue tracker of CE.

For feature proposals for EE, open an issue on the issue tracker of EE.

In order to help track the feature proposals, we have created a feature proposal label. For the time being, users that are not members of the project cannot add labels. You can instead ask one of the core team members to add the label feature proposal to the issue or add the following code snippet right after your description in a new line: ~"feature proposal".

Please keep feature proposals as small and simple as possible, complex ones might be edited to make them small and simple.

Please submit Feature Proposals using the 'Feature Proposal' issue template provided on the issue tracker.

For changes in the interface, it can be helpful to create a mockup first. If you want to create something yourself, consider opening an issue first to discuss whether it is interesting to include this in GitLab.

Issue tracker guidelines

Search the issue tracker for similar entries before submitting your own, there's a good chance somebody else had the same issue or feature proposal. Show your support with an award emoji and/or join the discussion.

Please submit bugs using the 'Bug' issue template provided on the issue tracker. The text in the parenthesis is there to help you with what to include. Omit it when submitting the actual issue. You can copy-paste it and then edit as you see fit.

Issue weight

Issue weight allows us to get an idea of the amount of work required to solve one or multiple issues. This makes it possible to schedule work more accurately.

You are encouraged to set the weight of any issue. Following the guidelines below will make it easy to manage this, without unnecessary overhead.

  1. Set weight for any issue at the earliest possible convenience
  2. If you don't agree with a set weight, discuss with other developers until consensus is reached about the weight
  3. Issue weights are an abstract measurement of complexity of the issue. Do not relate issue weight directly to time. This is called anchoring and something you want to avoid.
  4. Something that has a weight of 1 (or no weight) is really small and simple. Something that is 9 is rewriting a large fundamental part of GitLab, which might lead to many hard problems to solve. Changing some text in GitLab is probably 1, adding a new Git Hook maybe 4 or 5, big features 7-9.
  5. If something is very large, it should probably be split up in multiple issues or chunks. You can simply not set the weight of a parent issue and set weights to children issues.

Regression issues

Every monthly release has a corresponding issue on the CE issue tracker to keep track of functionality broken by that release and any fixes that need to be included in a patch release (see 8.3 Regressions as an example).

As outlined in the issue description, the intended workflow is to post one note with a reference to an issue describing the regression, and then to update that note with a reference to the merge request that fixes it as it becomes available.

If you're a contributor who doesn't have the required permissions to update other users' notes, please post a new note with a reference to both the issue and the merge request.

The release manager will update the notes in the regression issue as fixes are addressed.

Technical debt

In order to track things that can be improved in GitLab's codebase, we created the technical debt label in GitLab's issue tracker.

This label should be added to issues that describe things that can be improved, shortcuts that have been taken, code that needs refactoring, features that need additional attention, and all other things that have been left behind due to high velocity of development.

Everyone can create an issue, though you may need to ask for adding a specific label, if you do not have permissions to do it by yourself. Additional labels can be combined with the technical debt label, to make it easier to schedule the improvements for a release.

Issues tagged with the technical debt label have the same priority like issues that describe a new feature to be introduced in GitLab, and should be scheduled for a release by the appropriate person.

Make sure to mention the merge request that the technical debt issue is associated with in the description of the issue.


For issues related to the open source stewardship of GitLab, there is the stewardship label.

This label is to be used for issues in which the stewardship of GitLab is a topic of discussion. For instance if GitLab Inc. is planning to remove features from GitLab CE to make exclusive in GitLab EE, related issues would be labelled with stewardship.

A recent example of this was the issue for bringing the time tracking API to GitLab CE.

Merge requests

We welcome merge requests with fixes and improvements to GitLab code, tests, and/or documentation. The issues that are specifically suitable for community contributions are listed with the label Accepting Merge Requests on our issue tracker for CE and EE, but you are free to contribute to any other issue you want.

Please note that if an issue is marked for the current milestone either before or while you are working on it, a team member may take over the merge request in order to ensure the work is finished before the release date.

If you want to add a new feature that is not labeled it is best to first create a feedback issue (if there isn't one already) and leave a comment asking for it to be marked as Accepting Merge Requests. Please include screenshots or wireframes if the feature will also change the UI.

Merge requests should be opened at

If you are new to GitLab development (or web development in general), see the I want to contribute! section to get you started with some potentially easy issues.

To start with GitLab development download the GitLab Development Kit and see the Development section for some guidelines.

Merge request guidelines

If you can, please submit a merge request with the fix or improvements including tests. If you don't know how to fix the issue but can write a test that exposes the issue we will accept that as well. In general bug fixes that include a regression test are merged quickly while new features without proper tests are least likely to receive timely feedback. The workflow to make a merge request is as follows:

  1. Fork the project into your personal space on
  2. Create a feature branch, branch away from master
  3. Write tests and code
  4. Generate a changelog entry with bin/changelog
  5. If you are writing documentation, make sure to follow the documentation styleguide
  6. If you have multiple commits please combine them into a few logically organized commits by squashing them
  7. Push the commit(s) to your fork
  8. Submit a merge request (MR) to the master branch
    1. Your merge request needs at least 1 approval but feel free to require more. For instance if you're touching backend and frontend code, it's a good idea to require 2 approvals: 1 from a backend maintainer and 1 from a frontend maintainer
    2. You don't have to select any approvers, but you can if you really want specific people to approve your merge request
  9. The MR title should describe the change you want to make
  10. The MR description should give a motive for your change and the method you used to achieve it.
    1. If you are contributing code, fill in the template already provided in the "Description" field.
    2. If you are contributing documentation, choose Documentation from the "Choose a template" menu and fill in the template.
  11. If the MR changes the UI it should include Before and After screenshots
  12. If the MR changes CSS classes please include the list of affected pages, grep css-class ./app -R
  13. Link any relevant issues in the merge request description and leave a comment on them with a link back to the MR
  14. Be prepared to answer questions and incorporate feedback even if requests for this arrive weeks or months after your MR submission
  15. If your MR touches code that executes shell commands, reads or opens files or handles paths to files on disk, make sure it adheres to the shell command guidelines
  16. If your code creates new files on disk please read the shared files guidelines.
  17. When writing commit messages please follow these guidelines.
  18. If your merge request adds one or more migrations, make sure to execute all migrations on a fresh database before the MR is reviewed. If the review leads to large changes in the MR, do this again once the review is complete.
  19. For more complex migrations, write tests.
  20. Merge requests must adhere to the merge request performance guidelines.
  21. For tests that use Capybara or PhantomJS, see this article on how to write reliable asynchronous tests.

Please keep the change in a single MR as small as possible. If you want to contribute a large feature think very hard what the minimum viable change is. Can you split the functionality? Can you only submit the backend/API code? Can you start with a very simple UI? Can you do part of the refactor? The increased reviewability of small MRs that leads to higher code quality is more important to us than having a minimal commit log. The smaller an MR is the more likely it is it will be merged (quickly). After that you can send more MRs to enhance it. The 'How to get faster PR reviews' document of Kubernetes also has some great points regarding this.

For examples of feedback on merge requests please look at already closed merge requests. If you would like quick feedback on your merge request feel free to mention someone from the core team or one of the Merge request coaches. Please ensure that your merge request meets the contribution acceptance criteria.

When having your code reviewed and when reviewing merge requests please take the code review guidelines into account.

Getting your merge request reviewed, approved, and merged

There are a few rules to get your merge request accepted:

  1. Your merge request should only be merged by a maintainer.
    1. If your merge request includes only backend changes 1, it must be approved by a backend maintainer.
    2. If your merge request includes only frontend changes 1, it must be approved by a frontend maintainer.
    3. If your merge request includes frontend and backend changes 1, it must be approved by a frontend and a backend maintainer.
  2. To lower the amount of merge requests maintainers need to review, you can ask or assign any reviewers for a first review.
    1. If you need some guidance (e.g. it's your first merge request), feel free to ask one of the Merge request coaches.
    2. The reviewer will assign the merge request to a maintainer once the reviewer is satisfied with the state of the merge request.

Contribution acceptance criteria

  1. The change is as small as possible
  2. Include proper tests and make all tests pass (unless it contains a test exposing a bug in existing code). Every new class should have corresponding unit tests, even if the class is exercised at a higher level, such as a feature test.
  3. If you suspect a failing CI build is unrelated to your contribution, you may try and restart the failing CI job or ask a developer to fix the aforementioned failing test
  4. Your MR initially contains a single commit (please use git rebase -i to squash commits)
  5. Your changes can merge without problems (if not please rebase if you're the only one working on your feature branch, otherwise, merge master)
  6. Does not break any existing functionality
  7. Fixes one specific issue or implements one specific feature (do not combine things, send separate merge requests if needed)
  8. Migrations should do only one thing (e.g., either create a table, move data to a new table or remove an old table) to aid retrying on failure
  9. Keeps the GitLab code base clean and well structured
  10. Contains functionality we think other users will benefit from too
  11. Doesn't add configuration options or settings options since they complicate making and testing future changes
  12. Changes do not adversely degrade performance.
    • Avoid repeated polling of endpoints that require a significant amount of overhead
    • Check for N+1 queries via the SQL log or QueryRecorder
    • Avoid repeated access of filesystem
  13. If you need polling to support real-time features, please use polling with ETag caching.
  14. Changes after submitting the merge request should be in separate commits (no squashing). If necessary, you will be asked to squash when the review is over, before merging.
  15. It conforms to the style guides and the following:
    • If your change touches a line that does not follow the style, modify the entire line to follow it. This prevents linting tools from generating warnings.
    • Don't touch neighbouring lines. As an exception, automatic mass refactoring modifications may leave style non-compliant.
  16. If the merge request adds any new libraries (gems, JavaScript libraries, etc.), they should conform to our Licensing guidelines. See the instructions in that document for help if your MR fails the "license-finder" test with a "Dependencies that need approval" error.

Changes for Stable Releases

Sometimes certain changes have to be added to an existing stable release. Two examples are bug fixes and performance improvements. In these cases the corresponding merge request should be updated to have the following:

  1. A milestone indicating what release the merge request should be merged into.
  2. The label "Pick into Stable"

This makes it easier for release managers to keep track of what still has to be merged and where changes have to be merged into. Like all merge requests the target should be master so all bugfixes are in master.

Definition of done

If you contribute to GitLab please know that changes involve more than just code. We have the following definition of done. Please ensure you support the feature you contribute through all of these steps.

  1. Description explaining the relevancy (see following item)
  2. Working and clean code that is commented where needed
  3. Unit and integration tests that pass on the CI server
  4. Performance/scalability implications have been considered, addressed, and tested
  5. Documented in the /doc directory
  6. Changelog entry added
  7. Reviewed and any concerns are addressed
  8. Merged by the project lead
  9. Added to the release blog article
  10. Added to the website if relevant
  11. Community questions answered
  12. Answers to questions radiated (in docs/wiki/etc.)

If you add a dependency in GitLab (such as an operating system package) please consider updating the following and note the applicability of each in your merge request:

  1. Note the addition in the release blog post (create one if it doesn't exist yet)
  2. Upgrade guide, for example
  3. Upgrader
  4. Installation guide
  5. GitLab Development Kit
  6. Test suite
  7. Omnibus package creator

Style guides

  1. Ruby. Important sections include Source Code Layout and Naming. Use:
    • multi-line method chaining style Option A: dot . on the second line
    • string literal quoting style Option A: single quoted by default
  2. Rails
  3. Newlines styleguide
  4. Testing
  5. JavaScript styleguide
  6. SCSS styleguide
  7. Shell commands created by GitLab contributors to enhance security
  8. Database Migrations
  9. Markdown
  10. Documentation styleguide
  11. Interface text should be written subjectively instead of objectively. It should be the GitLab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of prohibited this user from being saved due to the following errors: the text should be sorry, we could not create your account because:

This is also the style used by linting tools such as RuboCop, PullReview and Hound CI.

Code of conduct

As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.

We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, or religion.

Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.

Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.

This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community.

Instances of abusive, harassing, or otherwise unacceptable behavior can be reported by emailing

This Code of Conduct is adapted from the Contributor Covenant, version 1.1.0, available at

  1. Please note that specs other than JavaScript specs are considered backend code.