Confidential comments on an issues, merge requests, and epics
It would be good to be able to mark an individual note within a wider issue as confidential. This could be used for a range of purposes, from collaborative drafting of a response to a difficult question in an issue, to making inline notes about security problems discovered in the course of an MR or issue discussion.
Thoughts? /cc @smcgivern
Use cases
- Security problems (above)
- Non-public conversations (https://gitlab.com/gitlab-org/gitlab-ee/issues/6049#note_73453958).
Scope
- Should be available for issues, merge requests, and epics.
Edge cases
- As noted for a use case of service desk (https://gitlab.com/gitlab-org/gitlab-ee/issues/2257#note_74491279), we should send notifications only to people who can view the confidential comment. And so for service desk, you can have a confidential comment discussion apart from the service desk issue initiator.
Edited by Victor Wu