Change "Scan result policy" to "Merge request approval policy"
Proposal
With the discussion @matt_wilson @beckalippert, and @sam.white, the decision is that managing vulnerability results will be a separate policy. The Action part of the current Scan result policy will become only approval rules. To make it easier for users to differentiate both, should we just rename the current Scan result policy to Merge request approval policy?
The philosophy behind it is that the naming matches the Purpose/Action of the policy:
- Scan execution policy -> purpose is to create security scans
- Merge request approval policy -> purpose is to manage security approval rules
- Vulnerability management policy -> purpose is to manage the vulnerability, create auto actions
Changes in Documentation
The title we use in the doc should be Security Merge Request Approval Policy to make it more specific and easy to search
Changes in UI
Edited by Sam White