summaryrefslogtreecommitdiff
path: root/.gitlab
diff options
context:
space:
mode:
authorYorick Peterse <yorickpeterse@gmail.com>2019-03-27 13:35:28 +0100
committerYorick Peterse <yorickpeterse@gmail.com>2019-03-27 13:35:28 +0100
commit02412a5040e11e20df984964ecd12b74e7f9eeef (patch)
tree9e3a0377cf4a44862079824dcafbe4cb743d02ee /.gitlab
parenta9194b60d783b81ece88e037f31e61f977f8fd0b (diff)
downloadgitlab-ce-02412a5040e11e20df984964ecd12b74e7f9eeef.tar.gz
Update the MR template for security MRs
This makes two changes to the template: 1. EE MRs are now always required (see https://gitlab.com/gitlab-org/release/framework/issues/256 for a backstory). 2. We clarify that a release manager is not a suitable reviewer for security merge requests.
Diffstat (limited to '.gitlab')
-rw-r--r--.gitlab/merge_request_templates/Security Release.md8
1 files changed, 6 insertions, 2 deletions
diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md
index 246f2dae009..42314f9b2dd 100644
--- a/.gitlab/merge_request_templates/Security Release.md
+++ b/.gitlab/merge_request_templates/Security Release.md
@@ -7,6 +7,10 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
This merge request _must not_ close the corresponding security issue _unless_ it
targets master.
+When submitting a merge request for CE, a corresponding EE merge request is
+always required. This makes it easier to merge security merge requests, as
+manually merging CE into EE is no longer required.
+
-->
## Related issues
@@ -20,8 +24,8 @@ targets master.
- [ ] Title of this MR is the same as for all backports
- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
- [ ] Add a link to this MR in the `links` section of related issue
-- [ ] Add a link to an EE MR if required
-- [ ] Assign to a reviewer
+- [ ] Set up an EE MR (always required for CE merge requests): EE_MR_LINK_HERE
+- [ ] Assign to a reviewer (that is not a release manager)
## Reviewer checklist