Approved / Banned List for GitLab Registry
Problem to solve
The GitLab Package Registry allows users to build, publish and share packages across a variety of languages. For organizations concerned about open source security risks, it is important to sent policies and controls over which packages and dependencies may be used. Compliance teams need the ability to set and maintain an approved/banned list of external dependencies. Those policies must be enforced at the instance/group/project level.
Intended users
Proposal
As more package registries are added to the dependency proxy we will give users the ability to create policies at the instance level that will either prevent banned dependencies from being downloaded.
Permissions and Security
- This feature will be limited to Administrators.
What is the type of buyer?
The primary buyer of this feature will be directors and executives.
Links / references
Edited by Tim Rizzi