Threat Insights 15.4 Planning
What is this?
This is an experiment with a slightly different format for Threat Insights milestone planning. The old priorities issue still exists but it is now an Epic. It will continue to be a cross-milestone reference point for the relative priority order for large features or projects. Each milestone will now have a standalone planning issue underneath this epic. There a few key goals for these new planning issues:
- Provide a focused point-in-time set of work priorities for a single milestone.
- Create a per-milestone SSOT for team/quad planning. This will also provide a space to highlight issues to be worked in the milestone.
- Add a new section to discuss any milestone themes or important points.
As always, feedback is welcome. If this new format is useful, we'll continue it and adjust as needed.
Narrative
The two high-level focuses continue to be split between key performance/refactor work and continuing to build out the security training functionality. With the last piece of enforcing schema validation likely to wrap up in %15.3, the next highest priority non-feature work is the continuation of the effort to deprecate and remove Vulnerabilities::Feedback
as this is still blocking a number of other features.
Looking at the other top items on the priorities list, there are several large initiatives that are in various stages of progress. We have a number of large, long-running initiatives in flight. I recognize that it can be difficult to feel like things are progressing. Getting even one of these large projects off the list will be a huge step forward (although in reality it was many small steps that actually achieved the progress). That's why I'm suggesting focusing on fewer of the ongoing projects for this milestone (see below).
Important links
typefeature focus
typemaintenance focus
- Deprecate and remove
Vulnerabilities::Feedback
- Migrate Pipeline Security Tab to GraphQL
- Create shared Vulnerability Details component
- Vulnerability Management DDL to replace raw JSON in the DB (
raw_metadata
) - MR Widget v2 framework
typebug focus
- Vulnerability Management tab is empty on fresh gitlab installation
- securityReportFindings GraphQL resolver is unable to retrieve scanners
Extra
Frontend Kanban Board - easier to pick up, non-project tasks: Bugs, orphaned issues/enhancements, MR follow-ups