-
Disable dependency review automation job 1 of 1 checklist item completed
- Merged
- 9
- Approved
updated -
Update recommendation in `What should not be captured in the logs` 3 of 12 checklist items completed
- Merged
- 10
- Approved
updated -
Update location of custom SAST rules 1 of 1 checklist item completed
- Merged
- 8
- Approved
updated -
Change custom SAST rules location and include more rules 1 of 1 checklist item completed
- Merged
- 8
- Approved
updated -
Increase number of notes per page for SAST script 1 of 1 checklist item completed
- Merged
- 8
- Approved
updated -
Remove TF_CACHE_KEY reference 0 of 1 checklist item completed
- Merged
- 2
- Approved
updated -
Add scenario where codeowners approval becomes optional 0 of 1 checklist item completed
- Merged
- 4
- Approved
updated -
GCP OIDC Documentation update 2 of 12 checklist items completed
- Merged
- 11
- Approved
updated -
Add worker to create abuse trust scores 0 of 1 checklist item completed
- Merged
- 8
- Approved
updated -
Update file permissions.md 0 of 1 checklist item completed
- Merged
- 18
- Approved
updated -
Clarify how deploy keys and user accounts interact 0 of 1 checklist item completed
- Merged
- 11
- Approved
updated -
Add guidance on prefixing tokens 0 of 1 checklist item completed
- Merged
- 11
- Approved
updated -
Bump the expiry, update thanks, and describe format of security.txt 3 of 4 checklist items completed
- Merged
- 5
- Approved
updated -
Allow administrators to provide public security contact information 12 of 12 checklist items completed!138259 16.7Category:Compliance Management GitLab Free GitLab Premium GitLab Ultimate ProdSecEngMetricPending Technical Writing backend database database-testing-automation databasereviewed devopsgovern direction documentation frontend groupcompliance pipeline:mr-approved releasedcandidate sectionsec security teamProduct Security Engineering typefeature workflowpost-deploy-db-production
- Merged
- 70
- Approved
updated -
Add a prefix to deploy tokens 5 of 5 checklist items completed!138438 16.7Category:Continuous Delivery ProdSecEngMetricDefense in Depth Technical Writing backend devopsdeploy documentation featureenhancement frontend groupenvironments pipeline:mr-approved releasedcandidate sectioncd security security-backlogneeds-input teamProduct Security Engineering twfinished typefeature workflowpost-deploy-db-production
- Merged
- 36
- Approved
updated -
Update security contact and vulnerability disclosure info 1 of 1 checklist item completed
- Merged
- 5
- Approved
updated -
Clarify that Group and SCIM APIs don't use the internal API auth header 0 of 1 checklist item completed
- Merged
- 8
- Approved
updated