Confidential comments on an issues, merge requests, and epics
It would be good to be able to mark an individual note within a wider issue as confidential. This could be used for a range of purposes, from collaborative drafting of a response to a difficult question in an issue, to making inline notes about security problems discovered in the course of an MR or issue discussion.
Thoughts? /cc @smcgivern
- Security problems (above)
- Non-public conversations (#6049 (comment 73453958)).
- Should be available for issues, merge requests, and epics.
- As noted for a use case of service desk (#2257 (comment 74491279)), we should send notifications only to people who can view the confidential comment. And so for service desk, you can have a confidential comment discussion apart from the service desk issue initiator.