Warn user about tokens in the comments (!114621) · Merge requests · GitLab.org / GitLab

Dheeraj Joshi requested to merge djadmin-secret-detection-comments into master Mar 14, 2023

What does this MR do and why?

This MR show a confirmation warning when user is about to submit a comment with potential sensitive tokens. This change applies to the MR and Issue comments.

This is the first iteration of this initiative, and shall be rolled out to other parts of the application too.

Screenshots or screen recordings

warn_token_message

How to set up and validate locally

Go to any Issue or MR.
Post a comment with a potential token, for example: "This message contains a token: glpat-1234567890abcdefghij"
A confirmation warning should be shown

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Mar 15, 2023 by Dheeraj Joshi

Warn user about tokens in the comments

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports