|
|
|
|
|
|
by mdaniel
1544 days ago
|
|
|
> to require a security engineer to give additional signoff on top of a normal review Like this? > cc @gitlab-com/gl-security/appsec https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76318#... I do so desperately hope it doesn't come across as throwing shade, because hindsight-2020-etc, but I do also think there was some kind of weird process breakdown here because this change somehow slipped past a "4 eyes" and an appsec review phase |
|
|