Add mitigation item to security issue template

On the issue template for "security developer workflow", this adds a checkbox item for considering impact on non-malicious users. This is intended to help GitLab mitigate situations where a desirable security fix has undesirable customer impact.

Add mitigation item to security issue template
On the issue template for "security developer workflow", this adds a checkbox item for considering impact on non-malicious users. This is intended to help GitLab mitigate situations where a desirable security fix has undesirable customer impact.
a8fa8180 · Dan Jensen · Mayra Cabrera · 23bcd8c7 · a8fa8180
Commit a8fa8180 authored Feb 04, 2022 by Dan Jensen Committed by Mayra Cabrera Feb 04, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

.gitlab/issue_templates/Security developer workflow.md .gitlab/issue_templates/Security developer workflow.md +1 -0

No files found.
--- a/.gitlab/issue_templates/Security developer workflow.md
+++ b/.gitlab/issue_templates/Security developer workflow.md
@@ -15,6 +15,7 @@ MUST be linked for the release bot to know that the associated merge requests sh
 - Fill out the [Links section](#links):
  - [ ] Next to **Issue on GitLab**, add a link to the `gitlab-org/gitlab` issue that describes the security vulnerability.
 - [ ] Add one of the `~severity::x` labels to the issue and all associated merge requests.
+- [ ] If this change affects the public interface (public API or UI) of the product, post in the `#support_gitlab-com` Slack channel  to explain the impact and discuss a mitigation plan for users that might be affected. If you need Support feedback or approval, reach out in `#spt_managers` Slack channel or mention `@gitlab-com/support/managers`.

 ## Development