Merge branch...

Merge branch 'docs/8608-update-approval-guidelines-to-include-red-orange-data-reviews' into 'master' Add RED data security requirement to code review See merge request gitlab-org/gitlab-ce!23426

Merge branch...
Merge branch 'docs/8608-update-approval-guidelines-to-include-red-orange-data-reviews' into 'master' Add RED data security requirement to code review See merge request gitlab-org/gitlab-ce!23426
86bf2dd3 · Rémy Coutable · beb1963d · 62fd842c · 86bf2dd3
Commit 86bf2dd3 authored Nov 29, 2018 by Rémy Coutable
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

doc/development/code_review.md doc/development/code_review.md +2 -0

No files found.
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -53,6 +53,8 @@ from teams other than your own.

 #### Security requirements

+   1. If your merge request is processing, storing, or transferring any kind of [RED or ORANGE data][https://docs.google.com/document/d/15eNKGA3zyZazsJMldqTBFbYMnVUSQSpU14lo22JMZQY/edit] (this is a confidential document), it must be
+      **approved by a [Security Engineer][team]**.
   1. If your merge request involves implementing, utilizing, or is otherwise related to any type of authentication, authorization, or session handling mechanism, it must be
      **approved by a [Security Engineer][team]**.
   1. If your merge request has a goal which requires a cryptographic function such as: confidentiality, integrity, authentication, or non-repudiation, it must be