diff --git a/providers/gitlab/config/config.go b/providers/gitlab/config/config.go
index 3838073960..41cbe964b2 100644
--- a/providers/gitlab/config/config.go
+++ b/providers/gitlab/config/config.go
@@ -53,7 +53,7 @@ var Config = plugin.Provider{
 					Long:    "url",
 					Type:    plugin.FlagType_String,
 					Default: "",
-					Desc:    "Custom GitLab base url",
+					Desc:    "Custom GitLab base URL (https://example.com/)",
 				},
 			},
 		},
diff --git a/providers/gitlab/resources/gitlab.go b/providers/gitlab/resources/gitlab.go
index a5bcd26f3d..b887da68d1 100644
--- a/providers/gitlab/resources/gitlab.go
+++ b/providers/gitlab/resources/gitlab.go
@@ -101,6 +101,10 @@ func getGitlabProjectArgs(prj *gitlab.Project) map[string]*llx.RawData {
 		"visibility":                                llx.StringData(string(prj.Visibility)),
 		"webURL":                                    llx.StringData(prj.WebURL),
 		"wikiEnabled":                               llx.BoolData(prj.WikiEnabled),
+		"jobsEnabled":                               llx.BoolData(prj.JobsEnabled),
+		"emptyRepo":                                 llx.BoolData(prj.EmptyRepo),
+		"sharedRunnersEnabled":                      llx.BoolData(prj.SharedRunnersEnabled),
+		"groupRunnersEnabled":                       llx.BoolData(prj.GroupRunnersEnabled),
 	}
 }
 
@@ -141,6 +145,7 @@ func (p *mqlGitlabProject) approvalSettings() (*mqlGitlabProjectApprovalSetting,
 		"mergeRequestsAuthorApproval":               llx.BoolData(approvalConfig.MergeRequestsAuthorApproval),
 		"mergeRequestsDisableCommittersApproval":    llx.BoolData(approvalConfig.MergeRequestsDisableCommittersApproval),
 		"requirePasswordToApprove":                  llx.BoolData(approvalConfig.RequirePasswordToApprove),
+		"selectiveCodeOwnerRemovals":                llx.BoolData(approvalConfig.SelectiveCodeOwnerRemovals),
 	}
 
 	mqlApprovalSettings, err := CreateResource(p.MqlRuntime, "gitlab.project.approvalSetting", approvalSettings)
@@ -286,9 +291,11 @@ func (p *mqlGitlabProject) projectMembers() ([]interface{}, error) {
 	for _, member := range members {
 		role := mapAccessLevelToRole(int(member.AccessLevel))
 		memberInfo := map[string]*llx.RawData{
-			"id":   llx.IntData(int64(member.ID)),
-			"name": llx.StringData(member.Name),
-			"role": llx.StringData(role),
+			"id":       llx.IntData(int64(member.ID)),
+			"username": llx.StringData(member.Username),
+			"state":    llx.StringData(member.State),
+			"name":     llx.StringData(member.Name),
+			"role":     llx.StringData(role),
 		}
 
 		mqlMember, err := CreateResource(p.MqlRuntime, "gitlab.project.member", memberInfo)
diff --git a/providers/gitlab/resources/gitlab.lr b/providers/gitlab/resources/gitlab.lr
index 4873dd798c..28d521b632 100644
--- a/providers/gitlab/resources/gitlab.lr
+++ b/providers/gitlab/resources/gitlab.lr
@@ -43,7 +43,7 @@ gitlab.project @defaults("fullName visibility webURL") {
   // Project path
   path string
   // Create date of the project
-  createdAt time  
+  createdAt time
   // Project description
   description string
   // Default Git branch
@@ -66,21 +66,21 @@ gitlab.project @defaults("fullName visibility webURL") {
   onlyAllowMergeIfAllDiscussionsAreResolved bool
   // Whether the issues feature is enabled
   issuesEnabled bool
-	// Whether the merge request feature is enabled
+  // Whether the merge request feature is enabled
   mergeRequestsEnabled bool
-	// Whether the wiki feature is enabled
+  // Whether the wiki feature is enabled
   wikiEnabled bool
-	// Whether the snippets feature is enabled
+  // Whether the snippets feature is enabled
   snippetsEnabled bool
-	// Whether the container registry feature is enabled
+  // Whether the container registry feature is enabled
   containerRegistryEnabled bool
-	// Whether the Service Desk feature is enabled
+  // Whether the Service Desk feature is enabled
   serviceDeskEnabled bool
-	// Whether the packages feature is enabled
+  // Whether the packages feature is enabled
   packagesEnabled bool
-	// Whether the Auto DevOps feature is enabled
+  // Whether the Auto DevOps feature is enabled
   autoDevopsEnabled bool
-	// Whether the requirements feature is enabled
+  // Whether the requirements feature is enabled
   requirementsEnabled bool
   // Approval rules for the project
   approvalRules() []gitlab.project.approvalRule
@@ -96,9 +96,16 @@ gitlab.project @defaults("fullName visibility webURL") {
   projectFiles() []gitlab.project.file
   // List of webhooks for the project
   webhooks() []gitlab.project.webhook
+  // Whether CI jobs are enabled
+  jobsEnabled bool
+  // Whether the repo is empty
+  emptyRepo bool
+  // Whether the project is enabled for shared runners
+  sharedRunnersEnabled bool
+  // Whether the project is enabled for group runners
+  groupRunnersEnabled bool
 }
 
-
 // GitLab project approval rule
 private gitlab.project.approvalRule @defaults("id name approvalsRequired") {
   // Rule ID
@@ -123,9 +130,10 @@ private gitlab.project.approvalSetting @defaults("approvalsBeforeMerge requirePa
   mergeRequestsDisableCommittersApproval bool
   // Whether a password is required to approve
   requirePasswordToApprove bool
+  // Whether approvals are reset from Code Owners if their files changed
+  selectiveCodeOwnerRemovals bool
 }
 
-
 // GitLab protected branch
 private gitlab.project.protectedBranch @defaults("name allowForcePush") {
   // Branch name
@@ -139,13 +147,17 @@ private gitlab.project.protectedBranch @defaults("name allowForcePush") {
 }
 
 // GitLab project member
-gitlab.project.member @defaults("id name role") {
+gitlab.project.member @defaults("username role name") {
   // Member ID
   id int
   // Member name
   name string
   // Member role
   role string
+  // Member username
+  username string
+  // Member state
+  state string
 }
 
 // GitLab project file
@@ -166,4 +178,4 @@ private gitlab.project.webhook @defaults("url sslVerification") {
   url string
   // Whether SSL verification is enabled
   sslVerification bool
-}
\ No newline at end of file
+}
diff --git a/providers/gitlab/resources/gitlab.lr.go b/providers/gitlab/resources/gitlab.lr.go
index 2bed7e1228..36a9d48592 100644
--- a/providers/gitlab/resources/gitlab.lr.go
+++ b/providers/gitlab/resources/gitlab.lr.go
@@ -247,6 +247,18 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{
 	"gitlab.project.webhooks": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProject).GetWebhooks()).ToDataRes(types.Array(types.Resource("gitlab.project.webhook")))
 	},
+	"gitlab.project.jobsEnabled": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProject).GetJobsEnabled()).ToDataRes(types.Bool)
+	},
+	"gitlab.project.emptyRepo": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProject).GetEmptyRepo()).ToDataRes(types.Bool)
+	},
+	"gitlab.project.sharedRunnersEnabled": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProject).GetSharedRunnersEnabled()).ToDataRes(types.Bool)
+	},
+	"gitlab.project.groupRunnersEnabled": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProject).GetGroupRunnersEnabled()).ToDataRes(types.Bool)
+	},
 	"gitlab.project.approvalRule.id": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProjectApprovalRule).GetId()).ToDataRes(types.Int)
 	},
@@ -274,6 +286,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{
 	"gitlab.project.approvalSetting.requirePasswordToApprove": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProjectApprovalSetting).GetRequirePasswordToApprove()).ToDataRes(types.Bool)
 	},
+	"gitlab.project.approvalSetting.selectiveCodeOwnerRemovals": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProjectApprovalSetting).GetSelectiveCodeOwnerRemovals()).ToDataRes(types.Bool)
+	},
 	"gitlab.project.protectedBranch.name": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProjectProtectedBranch).GetName()).ToDataRes(types.String)
 	},
@@ -295,6 +310,12 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{
 	"gitlab.project.member.role": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProjectMember).GetRole()).ToDataRes(types.String)
 	},
+	"gitlab.project.member.username": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProjectMember).GetUsername()).ToDataRes(types.String)
+	},
+	"gitlab.project.member.state": func(r plugin.Resource) *plugin.DataRes {
+		return (r.(*mqlGitlabProjectMember).GetState()).ToDataRes(types.String)
+	},
 	"gitlab.project.file.path": func(r plugin.Resource) *plugin.DataRes {
 		return (r.(*mqlGitlabProjectFile).GetPath()).ToDataRes(types.String)
 	},
@@ -505,6 +526,22 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool {
 		r.(*mqlGitlabProject).Webhooks, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error)
 		return
 	},
+	"gitlab.project.jobsEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProject).JobsEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"gitlab.project.emptyRepo": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProject).EmptyRepo, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"gitlab.project.sharedRunnersEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProject).SharedRunnersEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
+	"gitlab.project.groupRunnersEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProject).GroupRunnersEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
 	"gitlab.project.approvalRule.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
 			r.(*mqlGitlabProjectApprovalRule).__id, ok = v.Value.(string)
 			return
@@ -549,6 +586,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool {
 		r.(*mqlGitlabProjectApprovalSetting).RequirePasswordToApprove, ok = plugin.RawToTValue[bool](v.Value, v.Error)
 		return
 	},
+	"gitlab.project.approvalSetting.selectiveCodeOwnerRemovals": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProjectApprovalSetting).SelectiveCodeOwnerRemovals, ok = plugin.RawToTValue[bool](v.Value, v.Error)
+		return
+	},
 	"gitlab.project.protectedBranch.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
 			r.(*mqlGitlabProjectProtectedBranch).__id, ok = v.Value.(string)
 			return
@@ -585,6 +626,14 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool {
 		r.(*mqlGitlabProjectMember).Role, ok = plugin.RawToTValue[string](v.Value, v.Error)
 		return
 	},
+	"gitlab.project.member.username": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProjectMember).Username, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
+	"gitlab.project.member.state": func(r plugin.Resource, v *llx.RawData) (ok bool) {
+		r.(*mqlGitlabProjectMember).State, ok = plugin.RawToTValue[string](v.Value, v.Error)
+		return
+	},
 	"gitlab.project.file.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) {
 			r.(*mqlGitlabProjectFile).__id, ok = v.Value.(string)
 			return
@@ -793,6 +842,10 @@ type mqlGitlabProject struct {
 	ProjectMembers plugin.TValue[[]interface{}]
 	ProjectFiles plugin.TValue[[]interface{}]
 	Webhooks plugin.TValue[[]interface{}]
+	JobsEnabled plugin.TValue[bool]
+	EmptyRepo plugin.TValue[bool]
+	SharedRunnersEnabled plugin.TValue[bool]
+	GroupRunnersEnabled plugin.TValue[bool]
 }
 
 // createGitlabProject creates a new instance of this resource
@@ -1030,6 +1083,22 @@ func (c *mqlGitlabProject) GetWebhooks() *plugin.TValue[[]interface{}] {
 	})
 }
 
+func (c *mqlGitlabProject) GetJobsEnabled() *plugin.TValue[bool] {
+	return &c.JobsEnabled
+}
+
+func (c *mqlGitlabProject) GetEmptyRepo() *plugin.TValue[bool] {
+	return &c.EmptyRepo
+}
+
+func (c *mqlGitlabProject) GetSharedRunnersEnabled() *plugin.TValue[bool] {
+	return &c.SharedRunnersEnabled
+}
+
+func (c *mqlGitlabProject) GetGroupRunnersEnabled() *plugin.TValue[bool] {
+	return &c.GroupRunnersEnabled
+}
+
 // mqlGitlabProjectApprovalRule for the gitlab.project.approvalRule resource
 type mqlGitlabProjectApprovalRule struct {
 	MqlRuntime *plugin.Runtime
@@ -1095,6 +1164,7 @@ type mqlGitlabProjectApprovalSetting struct {
 	MergeRequestsAuthorApproval plugin.TValue[bool]
 	MergeRequestsDisableCommittersApproval plugin.TValue[bool]
 	RequirePasswordToApprove plugin.TValue[bool]
+	SelectiveCodeOwnerRemovals plugin.TValue[bool]
 }
 
 // createGitlabProjectApprovalSetting creates a new instance of this resource
@@ -1153,6 +1223,10 @@ func (c *mqlGitlabProjectApprovalSetting) GetRequirePasswordToApprove() *plugin.
 	return &c.RequirePasswordToApprove
 }
 
+func (c *mqlGitlabProjectApprovalSetting) GetSelectiveCodeOwnerRemovals() *plugin.TValue[bool] {
+	return &c.SelectiveCodeOwnerRemovals
+}
+
 // mqlGitlabProjectProtectedBranch for the gitlab.project.protectedBranch resource
 type mqlGitlabProjectProtectedBranch struct {
 	MqlRuntime *plugin.Runtime
@@ -1225,6 +1299,8 @@ type mqlGitlabProjectMember struct {
 	Id plugin.TValue[int64]
 	Name plugin.TValue[string]
 	Role plugin.TValue[string]
+	Username plugin.TValue[string]
+	State plugin.TValue[string]
 }
 
 // createGitlabProjectMember creates a new instance of this resource
@@ -1276,6 +1352,14 @@ func (c *mqlGitlabProjectMember) GetRole() *plugin.TValue[string] {
 	return &c.Role
 }
 
+func (c *mqlGitlabProjectMember) GetUsername() *plugin.TValue[string] {
+	return &c.Username
+}
+
+func (c *mqlGitlabProjectMember) GetState() *plugin.TValue[string] {
+	return &c.State
+}
+
 // mqlGitlabProjectFile for the gitlab.project.file resource
 type mqlGitlabProjectFile struct {
 	MqlRuntime *plugin.Runtime
diff --git a/providers/gitlab/resources/gitlab.lr.manifest.yaml b/providers/gitlab/resources/gitlab.lr.manifest.yaml
index 481031e6d9..4f6b8a713f 100755
--- a/providers/gitlab/resources/gitlab.lr.manifest.yaml
+++ b/providers/gitlab/resources/gitlab.lr.manifest.yaml
@@ -21,7 +21,6 @@ resources:
       visibility: {}
       webURL:
         min_mondoo_version: 9.0.0
-    maturity: experimental
     min_mondoo_version: 5.15.0
   gitlab.project:
     fields:
@@ -44,11 +43,17 @@ resources:
       description: {}
       emailsDisabled:
         min_mondoo_version: 9.0.0
+      emptyRepo:
+        min_mondoo_version: 9.0.0
       fullName:
         min_mondoo_version: 9.0.0
+      groupRunnersEnabled:
+        min_mondoo_version: 9.0.0
       id: {}
       issuesEnabled:
         min_mondoo_version: 9.0.0
+      jobsEnabled:
+        min_mondoo_version: 9.0.0
       mergeMethod:
         min_mondoo_version: 9.0.0
       mergeRequestsEnabled:
@@ -73,6 +78,8 @@ resources:
         min_mondoo_version: 9.0.0
       serviceDeskEnabled:
         min_mondoo_version: 9.0.0
+      sharedRunnersEnabled:
+        min_mondoo_version: 9.0.0
       snippetsEnabled:
         min_mondoo_version: 9.0.0
       visibility: {}
@@ -82,7 +89,6 @@ resources:
         min_mondoo_version: 9.0.0
       wikiEnabled:
         min_mondoo_version: 9.0.0
-    maturity: experimental
     min_mondoo_version: 5.15.0
   gitlab.project.approvalRule:
     fields:
@@ -99,6 +105,7 @@ resources:
       mergeRequestsDisableCommittersApproval: {}
       requirePasswordToApprove: {}
       resetApprovalsOnPush: {}
+      selectiveCodeOwnerRemovals: {}
     is_private: true
     min_mondoo_version: 9.0.0
   gitlab.project.file:
@@ -114,6 +121,8 @@ resources:
       id: {}
       name: {}
       role: {}
+      state: {}
+      username: {}
     min_mondoo_version: 9.0.0
   gitlab.project.protectedBranch:
     fields: