Handle components using dev for security fixes (!936) · Merge requests · GitLab.org / release-tools

Yorick Peterse requested to merge release-tracking-security into master Apr 06, 2020

This changes ReleaseTools::ReleaseMetadata so it supports tracking components that still use dev.gitlab.org for security fixes. Not supporting this means that we will error when trying to obtain the tag of a component, as we'll be trying to look it up on a GitLab.com project that may not exist.

Currently the GitLab ElasticSearch indexer project is the only project still using dev, but it's not clear how long it will take for this to change. See issue gitlab-com/gl-infra/delivery#708 (closed) for more information about creating a security mirror for this project.

Handle components using dev for security fixes

Merge request reports