GitLab Next

Projects
Groups
Snippets
Help

Loading...
Help
Sign in / Register

GitLab

Project overview
Repository
Issues 34,392
Merge Requests 1,155
- Merge Requests 1,155
Requirements
CI / CD
Security & Compliance
Operations
Packages & Registries
Analytics
Snippets
- Snippets
Members
- Members

Collapse sidebar

Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards

GitLab.org
GitLab
Merge Requests
!40993

Merged

Opened Sep 01, 2020 by James Johnson @d0c-s4vageDeveloper6 of 13 tasks completed6/13 tasks

Adds documentation for CVE ID Request button

Overview 37
Commits 10
Pipelines 10
Changes 10

What does this MR do?

This MR adds documentation for the CVE ID Request button in the issue sidebar. This MR is the documentation portion of Draft: Adds Request CVE ID button to issue sidebar, which was broken into separate merge requests.

For an overview of what purpose the button serves, please see the video below, or read the high-level bullet points below the video:

Slides

CVE identifiers track specific vulnerabilities in specific version ranges of a project
GitLab participates in MITRE's CNA program and is able to issue CVE identifiers to projects that are:
- public
- hosted on GitLab.com
Prior to this feature, users needed to manually create an issue to start the CVE request process
The CVE ID Request button allows project maintainers to directly create the CVE ID Request issue from an existing, confidential issue's sidebar

The CVE ID Request button is only available

when the project is public
when the project is hosted on GitLab.com
when the current user is a maintainer
when the current issue is a confidential issue

Screenshots

Does this MR meet the acceptance criteria?

Conformity

Changelog entry Not needed - docs only change
Documentation (if required)
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers
Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited Sep 02, 2020 by James Johnson

Assignee

Assign to

Reviewer

Request review from

13.4

Milestone

13.4 (Past due)

Assign milestone

Time tracking

Reference: gitlab-org/gitlab!40993

Source branch: add_request_cve_issue_docs

Revert this merge request

This will create a new commit in order to revert the existing changes.

Revert in branch

Switch branch

Cancel

A new branch will be created in your fork and a new merge request will be started.

Cherry-pick this merge request

Pick into branch

Switch branch

Cancel

A new branch will be created in your fork and a new merge request will be started.