You need to sign in or sign up before continuing.
WIP: Add steps for handling H1 reports of public issues with sensitive data
Why is this change being made?
The GitLab bug bounty program receives reports about public issues with potentially sensitive data. This outlines the steps the triaging engineer should take for responding to these reports taking a conservative approach of making the issue confidential until it can be determined.
Author Checklist
-
Provided a concise title for the MR -
Added a description to this MR explaining the reasons for the proposed change, per say-why-not-just-what -
Assign this change to the correct DRI - If the change relates to any part of the project other than updates to content and/or data files (e.g. team.yml) please make sure to ping
@gl-static-site-editor
in a comment for a review and merge. - If the DRI for the page/s being updated isn't immediate clear, then assign it to your manager.
- If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in #mr-buddies
- If the change relates to any part of the project other than updates to content and/or data files (e.g. team.yml) please make sure to ping
For help with failing pipelines reach out in #mr-buddies in Slack
Edited by Danielle Morrill