Add merge request source to API

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

Sam the Security Analyst wants to proactively address merge requests created by an email to ensure that the user's private email address was not leaked, guessed, or otherwise compromised. Sam needs the ability to automatically detect the use of this feature rather than depending on the user self-reporting compromise of the token. Unfortunately, neither the merge request REST API or GraphQL API includes information on how a merge request was created. As a result, there's no way to programmatically detect if a merge request was created in the UI or by sending an email.

Proposal

Add merge request source information to API.

Links / references

https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html#by-sending-an-email