Enhance MR approval policy to look at if issues have been created

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

Add the ability to create MR approval policies that look at the state of the new vulnerabilities found in the MR so that you can prevent approval until all new vulnerabilities of a certain severity (e.g. Critical) must be dismissed or have an issue created before the MR can be approved.

Currently, someone can approve the MR without determining the disposition of the new vulnerabilities and for some organizations, this is a required part of their process and thus they would like to see our compliance policies enhanced to account for this workflow.