PRFlow

May 29, 2026 ยท 4 min read

GitLab 19.0 upgrade gotchas: what to check first

Good news: 19.0 is GitLab's calmest major release in years, about 15 breaking changes versus 80 in 17.0. Bad news: a few of them will bite you on upgrade day if you don't know they're coming. Here's the short list, with sources.

19.0 shipped to self-managed on May 21, 2026. The new features (Rapid Diffs, Duo conflict resolution, one-click rebase-and-merge) are nice. The stuff that'll actually catch you out is what got removed. The release is only a week old, so most of the real signal is in GitLab's breaking-changes guide plus a handful of early forum reports. We pulled them together.

The 60-second version

  • The legacy Slack integrations are gone (slash commands and the old notifications service).
  • PostgreSQL 17 is now the minimum. Clusters upgrade manually first.
  • The Helm chart switches ingress from NGINX to Envoy Gateway and drops bundled Postgres/Redis/MinIO.
  • Early upgraders report the container registry showing up empty.
  • Webhooks get new signing headers; CI job tokens switch to JWT.

1. The legacy Slack integrations are gone

Two things happened here, and both have been telegraphed for years:

  • The Slack slash commands integration is removed for self-managed and Dedicated (gitlab.com already moved). You migrate to the GitLab for Slack app, which means setting up a Slack app and reconfiguring per project. (work item #569345)
  • The older project-level Slack notifications integration, the one that posts MR and pipeline events to a channel, was deprecated in 15.9 and is listed as removed in 19.0 on GitLab's integration docs (issue #435909). Small caveat: it's on the integration doc but not the breaking-changes blog, so double-check your own instance.

If your team relied on that notifier, the migration is a fair moment to ask whether it ever did what you wanted. The classic gripes, straight from GitLab's tracker: a separate message for every event, label filters that don't apply (#387630), cancelled pipelines shown as failed (#217842), and notifications quietly dropping after upgrades (#212073).

Full disclosure: we make PRFlow, one way to fill that gap. It posts a single message per merge request that updates in place with CI/CD status and threaded comments, and it works on gitlab.com and self-hosted GitLab. If you're rethinking Slack anyway, here's our honest comparison with the native GitLab for Slack app. Either way, don't let the upgrade silently kill your channel.

2. Two upgrade fires self-hosters are already hitting

Not documented breaking changes, just real first-week forum reports with fixes. Read these before you book the maintenance window.

Container registry shows up empty. After 18.x to 19.0, the UI says "Something went wrong while fetching the repository list" and project transfers throw 500s, though docker push/pull still work. 19.0 turns on the registry metadata database by default but doesn't migrate existing metadata into Postgres. Fix: run registry database import manually. (thread)

Docker container exits ~30s after start. It logs Removed configurations found in gitlab.rb. Aborting reconfigure. because Mattermost was removed and leftover mattermost settings (including stale ones in the mounted volume) block the reconfigure. Strip them, back up gitlab-secrets.json, and let Omnibus regenerate defaults. (thread)

3. Version requirements that block the upgrade

  • PostgreSQL 17 minimum (PG16 dropped). Single-node installs may auto-upgrade at the 18.11 step (watch your disk space). Clustered or external DBs upgrade manually first.
  • Redis 6 removed. External Redis moves to 7.2 or Valkey 7.2.
  • Helm ingress switches to Envoy Gateway since NGINX Ingress hit end-of-life. TLS handling differs, so this is the big one for cloud-native installs. You can re-enable bundled NGINX until 20.0.
  • Bundled Bitnami Postgres/Redis/MinIO removed with no replacement. Stand up external services first. Spamcheck is gone too.
  • Ubuntu 20.04 and SUSE packages dropped. Move to Ubuntu 22.04+ or Docker.

4. Webhook and API changes worth a code review

  • New webhook signing. 19.0 adds webhook-signature, webhook-id, and webhook-timestamp headers with an HMAC-SHA256 over the payload. On by default in 19.0, permanent in 19.1. The old X-Gitlab-Token still works and payloads are unchanged, but if you verify signatures, update your receiver. (docs)
  • CI job tokens switch to JWT. The longer tokens break echo $CI_JOB_TOKEN | base64, so use base64 -w0. Legacy format works until 20.0.
  • API removals: REST ci_job_token_scope_enabled is gone, GraphQL ciJobTokenScopeAddProject becomes ciJobTokenScopeAddGroupOrProject, and unauthenticated Projects-list requests cap at a 50,000 offset (use keyset pagination).
  • OAuth ROPC grant removed. Move to the Authorization Code flow.

5. One thing people get wrong

Runner registration tokens are not removed in 19.0. They were disabled by default in 17.0 and aren't removed until 20.0. New tokens use the glrt- prefix. If registration breaks, 19.0 isn't the cause.

6. Plan the path to 19.0

Get to a recent 18.11 first, since that's where the PostgreSQL auto-upgrade happens, then confirm your database and Redis versions before you jump. The upgrade notes and deprecations index are the references to trust for your edition and install method.

Bottom line

19.0 is genuinely a calm release. The risk isn't volume, it's that the sharp edges sit in infrastructure (Postgres, ingress, registry) and integrations (Slack, webhooks) that don't show up until you're mid-upgrade. Test on staging, and pay extra attention to anything that talks to GitLab from the outside. That's where the surprises live.

Lost your Slack notifications in the upgrade?

PRFlow posts one clean, updating message per merge request, with CI/CD status and threaded comments, on gitlab.com and self-hosted GitLab.

Try PRFlow Free

Or read the native GitLab Slack comparison first.