Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
852373a0
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
852373a0
编写于
2月 28, 2020
作者:
G
GitLab Bot
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add latest changes from gitlab-org/gitlab@12-7-stable-ee
上级
b7d29500
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
11 addition
and
12 deletion
+11
-12
.gitlab/issue_templates/Security developer workflow.md
.gitlab/issue_templates/Security developer workflow.md
+9
-10
.gitlab/merge_request_templates/Security Release.md
.gitlab/merge_request_templates/Security Release.md
+2
-2
未找到文件。
.gitlab/issue_templates/Security developer workflow.md
浏览文件 @
852373a0
...
...
@@ -9,10 +9,11 @@ Set the title to: `Description of the original issue`
## Prior to starting the security release work
-
[ ] Read the [security process for developers] if you are not familiar with it.
-
[ ] Link this issue in the Security Release issue on GitLab.com. You can find this issue in the topic of the
`#releases`
channel.
-
[
] Add a link to the confidential `gitlab-org/gitlab` issue describing the vulnerability next to **Original issue** in the [links table
](
#links
)
.
-
[
] Add a link to the confidential `gitlab-org/gitlab` Security release issue next to **Security release issue** in the [links table
](
#links
)
.
-
[ ] Mark this [issue as related] to the Security Release tracking issue. You can find it on the topic of the
`#releases`
Slack channel.
-
[ ] Run
`scripts/security-harness`
in your local repository to prevent accidentally pushing to any remote besides
`gitlab.com/gitlab-org/security`
.
-
Fill out the
[
Links section
](
#links
)
:
-
[ ] Next to
**Issue on GitLab**
, add a link to the
`gitlab-org/gitlab`
issue that describes the security vulnerability.
-
[ ] Next to
**Security Release tracking issue**
, add a link to the security release issue that will include this security issue.
## Development
...
...
@@ -29,7 +30,8 @@ After your merge request has being approved according to our [approval guideline
*
You can use the script
`bin/secpick`
instead of the following steps, to help you cherry-picking. See the [secpick documentation]
-
[ ] Create each MR targeting the stable branch
`X-Y-stable`
, using the [Security Release merge request template].
*
Every merge request will have its own set of TODOs, so make sure to complete those.
-
[
] Make sure all MRs are linked in the [Links section
](
#links
)
-
[ ] On the "Related merge requests" section, ensure all MRs are linked to this issue.
*
This section should only list the merge requests created for this issue: One targeting
`master`
and the 3 backports.
## Documentation and final details
...
...
@@ -46,12 +48,8 @@ After your merge request has being approved according to our [approval guideline
| Description | Link |
| -------- | -------- |
| Original issue | #TODO |
| Security release issue | #TODO |
|
`master`
MR | !TODO |
|
`Backport X.Y`
MR | !TODO |
|
`Backport X.Y`
MR | !TODO |
|
`Backport X.Y`
MR | !TODO |
| Issue on
[
GitLab
](
https://gitlab.com/gitlab-org/gitlab/issues
)
| #TODO |
| Security Release tracking issue | #TODO |
### Details
...
...
@@ -68,5 +66,6 @@ After your merge request has being approved according to our [approval guideline
[
security Release merge request template
]:
https://gitlab.com/gitlab-org/security/gitlab/blob/master/.gitlab/merge_request_templates/Security%20Release.md
[
code review process
]:
https://docs.gitlab.com/ee/development/code_review.html
[
approval guidelines
]:
https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines
[
issue as related
]:
https://docs.gitlab.com/ee/user/project/issues/related_issues.html#adding-a-related-issue
/label ~security
.gitlab/merge_request_templates/Security Release.md
浏览文件 @
852373a0
...
...
@@ -8,11 +8,11 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
## Related issues
<!-- Mention the
issue(s)
this MR is related to -->
<!-- Mention the
GitLab Security issue
this MR is related to -->
## Developer checklist
-
[ ]
Link this MR in the
`links`
section of the related issue on [GitLab Security].
-
[ ]
**Make sure this merge request mentions the [GitLab Security] issue it belongs to (i.e. `Related to <issue_id>`).**
-
[ ] Merge request targets
`master`
, or
`X-Y-stable`
for backports.
-
[ ] Milestone is set for the version this merge request applies to. A closed milestone can be assigned via [quick actions].
-
[ ] Title of this merge request is the same as for all backports.
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录