Merge branch 'docs-security-approvals' into 'master'

Clarify security approval rules in documentation See merge request gitlab-org/gitlab!39401

Merge branch 'docs-security-approvals' into 'master'
Clarify security approval rules in documentation See merge request gitlab-org/gitlab!39401
e78a4382 · Nick Gaskill · cb597719 · 5817e703 · e78a4382
Commit e78a4382 authored Aug 19, 2020 by Nick Gaskill
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 4 deletions

doc/user/application_security/index.md doc/user/application_security/index.md +5 -4

No files found.
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -321,14 +321,15 @@ Once this group is added to your project, the approval rule is enabled for all m

 Any code changes cause the approvals required to reset.

-An approval is required when a security report:
+An approval is required when the latest security report in a merge request:

- Contains a new vulnerability of `high`, `critical`, or `unknown` severity, regardless of dismissal.
+- Contains a vulnerability of `high`, `critical`, or `unknown` severity that is not present in the
+  target branch. Note that approval is still required for dismissed vulnerabilities.
 - Is not generated during pipeline execution.

-An approval is optional when a security report:
+An approval is optional when the security report:

- Contains no new vulnerabilities.
+- Contains no new vulnerabilities when compared to the target branch.
 - Contains only new vulnerabilities of `low` or `medium` severity.

 ## Enabling License Approvals within a project