diff options
Diffstat (limited to '.gitlab/issue_templates/Security developer workflow.md')
-rw-r--r-- | .gitlab/issue_templates/Security developer workflow.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md index 99149442509..51e8ec378b2 100644 --- a/.gitlab/issue_templates/Security developer workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -9,7 +9,9 @@ Set the title to: `Description of the original issue` ## Prior to starting the security release work - [ ] Read the [security process for developers] if you are not familiar with it. +- [ ] Make sure the issue really needs to follow the security release workflow. - Verify if the issue you're working on `gitlab-org/gitlab` is confidential, if it's public fix should be placed on GitLab canonical and no backports are required. + - If the issue you're fixing doesn't appear to be something that can be exploited by a malicious person and is instead simply a security enhancement do not hesitate to ping `@gitlab-com/gl-security/appsec` to discuss if the issue can be fixed in the canonical repository. - [ ] **IMPORTANT**: Mark this [issue as linked] to the Security Release Tracking Issue. You can find it on the topic of the `#releases` Slack channel. This issue MUST be linked for the release bot to know that the associated merge requests should be merged for this security release. - Fill out the [Links section](#links): |