diff options
-rw-r--r-- | .gitlab/merge_request_templates/Security Release.md | 2 | ||||
-rw-r--r-- | PROCESS.md | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md index 983ffbfc..df832c7d 100644 --- a/.gitlab/merge_request_templates/Security Release.md +++ b/.gitlab/merge_request_templates/Security Release.md @@ -15,7 +15,7 @@ When submitting a merge request for gitlab-pages, CE and EE merge requests for u ## Developer checklist -- [ ] Link to the developer security workflow issue on https://gitlab.com/gitlab-org/security/gitlab +- [ ] Link to the original confidential issue on https://gitlab.com/gitlab-org/gitlab-pages. **Warning don't associate this MR with the security implementation issue on GitLab Security** - [ ] MR targets `master`, or `X-Y-stable` for backports - [ ] Milestone is set for the version this MR applies to - [ ] Title of this MR is the same as for all backports @@ -55,9 +55,10 @@ Pages security releases are built on top of the [GitLab Security Release process the same steps stated on the [Security Developer] guidelines with some adjustments: - Apart from the [security merge requests] created on [GitLab Security], merge requests will also be created on [GitLab Pages Security]: - - Security merge requests are required to use the [merge request security template]. - Merge request targeting `master` is prepared with the GitLab Pages security fix. - Backports are prepared for the last releases corresponding to last 3 GitLab releases. + - Security merge requests are required to use the [merge request security template]. + - **It's important for these merge requests to not be associated with the Security Implementation Issue created on [GitLab Security], otherwise the security issue won't be considered by [Release Tools].** - Security merge requests created on [GitLab Security] will bump the `GITLAB_PAGES_VERSION`. - Once the merge requests on [GitLab Pages Security] are approved: - Maintainers of GitLab Pages will merge the security merge requests **targeting stable branches** and create a new tag for these branches. |