Commit d7ae9097 authored by Fernando Arias's avatar Fernando Arias Committed by Nick Gaskill

Clarify unknown severity in docs

* Add/Update text copy
parent dbe3821d
......@@ -201,9 +201,19 @@ security team when a merge request would introduce one of the following security
- A security vulnerability
- A software license compliance violation
This threshold is defined as `high`, `critical`, or `unknown` severity. When any vulnerabilities are
present within a merge request, an approval is required from the `Vulnerability-Check` approver
group.
The security vulnerability threshold is defined as `high`, `critical`, or `unknown` severity. The
`Vulnerability-Check` approver group must approve merge requests that contain vulnerabilities.
When GitLab can assess vulnerability severity, the rating can be one of the following:
- `unknown`
- `low`
- `medium`
- `high`
- `critical`
The rating `unknown` indicates that the underlying scanner doesn't contain or provide a severity
rating.
### Enabling Security Approvals within a project
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment