Skip to content

Add mentions of security in feature flag risks

Dominic Couture requested to merge dcouture-security-feature-flag into master

What does this MR do?

We mention a number of risks that come with using features that are disabled by default but there was no mention of security. This MR adds the security implications of enabling features that are disabled by default.

Related issues

No issue but it follows a discussion in this MR gitlab-com/www-gitlab-com!93286 (comment 723000961)

Author's checklist

If you are only adding documentation, do not add any of the following labels:

  • ~"type::feature"
  • ~"frontend"
  • ~"backend"
  • ~"type::bug"
  • ~"database"

These labels cause the MR to be added to code verification QA issues.

Review checklist

Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.

  • If the content requires it, ensure the information is reviewed by a subject matter expert.
  • Technical writer review items:
    • Ensure docs metadata is present and up-to-date.
    • Ensure the appropriate labels are added to this MR.
    • If relevant to this MR, ensure content topic type principles are in use, including:
      • The headings should be something you'd do a Google search for. Instead of Default behavior, say something like Default behavior when you close an issue.
      • The headings (other than the page title) should be active. Instead of Configuring GDK, say something like Configure GDK.
      • Any task steps should be written as a numbered list.
      • If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
  • Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
  • Ensure a release milestone is set.
Edited by Dominic Couture

Merge request reports