summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorShinya Maeda <shinya@gitlab.com>2018-12-07 19:30:54 +0900
committerShinya Maeda <shinya@gitlab.com>2018-12-07 19:30:54 +0900
commit48d8a7d64cc55af2bd5012e584ba1e0c881106fd (patch)
treefb24526199eb903e431db567da4b7657b48a3247 /doc
parent4e87bc0c1e071a009cbf4b8e53cf278a0abb6365 (diff)
downloadgitlab-ce-48d8a7d64cc55af2bd5012e584ba1e0c881106fd.tar.gz
Small improvement for phrasing
Diffstat (limited to 'doc')
-rw-r--r--doc/ci/merge_request_pipelines/index.md6
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md
index 6697bf9480f..706e83abf44 100644
--- a/doc/ci/merge_request_pipelines/index.md
+++ b/doc/ci/merge_request_pipelines/index.md
@@ -75,10 +75,10 @@ because, technically, external contributors can disguise their pipeline results
by tweaking their GitLab Runner in the forked project.
There are multiple reasons about why GitLab doesn't allow those pipelines to be
-created in the parent project, but one of the biggest reasons is security.
+created in the parent project, but one of the biggest reasons is security concern.
External users could steal secret variables from the parent project by modifying
-.gitlab-ci.yml.
+.gitlab-ci.yml, which could be some sort of credentials. This should not happen.
-We're discussing a secure solution about how to run pipelines for merge requests
+We're discussing a secure solution of running pipelines for merge requests
that submitted from forked projects,
see [the issue about the permission extension](https://gitlab.com/gitlab-org/gitlab-ce/issues/23902).