Introduce "critical" level for git-fsck(1) checks

In Gitaly, we're busy playing whack-a-mole with the fsck(1) checks. There are many benign checks that verify whether or not an object is well-formatted, like e.g. whether the author/committer mail addresses match the expected format. These aren't security-critical in any way and may naturally occur in repositories with older history, so we disable them such that it is possible to import such repositories. On the other hand there are issues that are security relevant and which shouldn't ever be disabled on our side to remove us as an attack vector.

Ideally, we shouldn't be the ones deciding on a case-by-case basis whether or not a consistency check is relevant to security or not. We should think about introducing a new security-critical class upstream to do so.

added devopssystems featureenhancement group::gitalygit groupgitaly sectioncore platform typefeature labels

added Category:Gitaly label

mentioned in issue gitaly#5641

Thanks for creating this @pks-gitlab - I completely agree, this is an awesome concept to introduce upstream as it would provide high level guidance.

mentioned in issue gitlab-org/gitaly-planning/release-planning#31

marked this issue as blocking gitaly#5641

changed milestone to %Git 2.48

added workflowready for development label

removed groupgitaly label

removed sectioncore platform label

removed devopssystems label

added sectioncore platform label

added devopsdata_access label

removed devopsdata_access sectioncore platform labels

added devopsdata_access label

added sectioninfrastructure platforms label and removed devopsdata_access label

added devopsdata_access label

changed milestone to %Git 2.49