SAST False Positive Detection - Add permission AppSec Team to enable SAST FP (!241277) · Merge requests · GitLab.org / GitLab · GitLab

What does this MR do and why?

Allows Security Managers to update the duo_sast_fp_detection_enabled project setting without requiring Maintainer/Owner roles.

This follows the same pattern established for SAST Vulnerability Resolution in !239266 (merged), extending it to False Positive Detection.

This MR closes: #602868 (closed)

References

Project epic: SAST False Positive Detection - Add permission ... (gitlab-org#22422) • Charlie Kroon • 19.2
- Epic Phase Epic: gitlab-org#22422
- Issue this MR is closing: #602868 (closed)
- Feature Flag Rollout Issue: #603450
Reference implementation: SAST VR – Backend (2) – Add feature flag + repl... (!237031 - merged) • Charlie Kroon • 19.1

Edited Jun 22, 2026 by Charlie Kroon