Proposal: release security report schemas version 15-0-0
Context
Changes targeting version 15-0-0
of the security-report-schemas have been made in a protected v15_wip
branch (i.e. no direct commits or force pushes) and there's a merge request for it: Build and Release MODEL version 15.0.0 (gitlab-org/security-products/security-report-schemas!100 - merged).
All the changes present in that MR have already been through review + maintainer review, so they're ready to be merged.
Proposal
Release version 15-0-0
of the security-report-schemas as part of GitLab %15.4.
[Feature flag] Cleanup enforce_security_report_... (#355628 - closed) is scheduled for %15.3 and, from there on, the feature flag to disable schema validation enforcement is no longer available. Releasing in %15.4 gives everyone one extra milestone to make changes and release 14-x-x
before changes can only be made to 15-x-x
.
NB: the previous versions of the schema, 14-x-x
, will continue to be accepted until such a time when we agree to deprecate and remove them; see TBD.
Details
If this proposal is accepted, a new issue to do the actual release must be written.
Optionally, we may choose to cut a "release candidate" (i.e." 15.0.0-rc1
) that will be tagged on the existing v15_wip
branch and manually copied/allowed in the gitlab-org/gitlab
rails application. This allows teams to be early adopters of the new model. If we choose to do this, a separate issue should be created.
Impact to integrations
As explained in the v15 MR:
(...) there is no defined process to to iterate on previous
MODEL
releases when a newMODEL
release is out. By merging this MR, we'll be agreeing that unless there are exceptional circumstances there will be no changes made to the14-x-x
schema.
Given the above, once 15-0-0
is released, all integrations should adopt the new model schema version as soon as possible, even if the 14-x-x
schemas aren't being deprecated yet.
/cc @matt_wilson @sam.white @derekferguson @NicoleSchwartz @connorgilbert @minac @cam_swords @theoretick @julianthome @idawson @fcatteau @mparuszewski