diff --git a/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb b/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb
index 21dba15674c..07810002630 100644
--- a/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb
+++ b/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb
@@ -245,7 +245,7 @@ def source_provider_supports_html?
         end
 
         def sanitize_links_and_mentions(text, unsafe: false)
-          return text unless source.provider == "github"
+          return text unless source.provider == "github" || source.provider == "gitlab"
 
           LinkAndMentionSanitizer.
             new(github_redirection_service: github_redirection_service).
diff --git a/common/spec/dependabot/pull_request_creator/message_builder_spec.rb b/common/spec/dependabot/pull_request_creator/message_builder_spec.rb
index 6e9c37615cf..2b0f60b888a 100644
--- a/common/spec/dependabot/pull_request_creator/message_builder_spec.rb
+++ b/common/spec/dependabot/pull_request_creator/message_builder_spec.rb
@@ -976,8 +976,8 @@ def commits_details(base:, head:)
             Dependabot::Source.new(provider: "gitlab", repo: "gocardless/bump")
           end
 
-          it "does not sanitize github links" do
-            expect(pr_message).not_to include(github_redirection_service)
+          it "sanitizes github links" do
+            expect(pr_message).to include(github_redirection_service)
           end
         end