Commit 93ad0fcc authored by Nick Gaskill's avatar Nick Gaskill

Merge branch 'explain-unknown-severity' into 'master'

Clarify unknown severity in docs

See merge request gitlab-org/gitlab!32064
parents 01c3cdfc d7ae9097
...@@ -201,9 +201,19 @@ security team when a merge request would introduce one of the following security ...@@ -201,9 +201,19 @@ security team when a merge request would introduce one of the following security
- A security vulnerability - A security vulnerability
- A software license compliance violation - A software license compliance violation
This threshold is defined as `high`, `critical`, or `unknown` severity. When any vulnerabilities are The security vulnerability threshold is defined as `high`, `critical`, or `unknown` severity. The
present within a merge request, an approval is required from the `Vulnerability-Check` approver `Vulnerability-Check` approver group must approve merge requests that contain vulnerabilities.
group.
When GitLab can assess vulnerability severity, the rating can be one of the following:
- `unknown`
- `low`
- `medium`
- `high`
- `critical`
The rating `unknown` indicates that the underlying scanner doesn't contain or provide a severity
rating.
### Enabling Security Approvals within a project ### Enabling Security Approvals within a project
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment