153 lines
3.9 KiB
YAML
153 lines
3.9 KiB
YAML
# This is supposed to be used with:
|
|
# tooling/bin/find_codeowners tooling/config/CODEOWNERS.yml
|
|
# And paste the contents into .gitlab/CODEOWNERS
|
|
|
|
'[Authentication]':
|
|
group: '@gitlab-org/software-supply-chain-security/authentication/approvers'
|
|
entries:
|
|
- '/app/views/layouts/terms.html.haml'
|
|
- '/app/views/admin/sessions/'
|
|
allow:
|
|
keywords:
|
|
- 'auth'
|
|
- 'credentials_inventory'
|
|
- 'devise'
|
|
- 'doorkeeper'
|
|
- 'enterprise_user'
|
|
- 'feed_token'
|
|
- 'ip_allowlist'
|
|
- 'kerberos'
|
|
- 'ldap'
|
|
- 'passkeys'
|
|
- 'password'
|
|
- 'service_account'
|
|
- 'smartcard'
|
|
- 'token'
|
|
- 'two_factor_auth'
|
|
- 'warden'
|
|
patterns:
|
|
- '/{,ee/}app/**/*%{keyword}*{,/**/*}'
|
|
- '/{,ee/}config/**/*%{keyword}*{,/**/*}'
|
|
- '/{,ee/}lib/**/*%{keyword}*{,/**/*}'
|
|
deny:
|
|
keywords:
|
|
- '.png'
|
|
- '.svg'
|
|
- 'alert_management'
|
|
- 'application_setting_columns/'
|
|
- 'arkose'
|
|
- 'audit_event'
|
|
- 'author'
|
|
- 'authorize'
|
|
- 'authz'
|
|
- 'autocomplete'
|
|
- 'batch_comments'
|
|
- 'chat_name_token'
|
|
- 'ci'
|
|
- 'cloud_connector'
|
|
- 'cluster'
|
|
- 'commit'
|
|
- 'compliance'
|
|
- 'conan_token'
|
|
- 'container_registry'
|
|
- 'custom_abilities'
|
|
- 'dast'
|
|
- 'dependency_proxy'
|
|
- 'deploy_token'
|
|
- 'doctor'
|
|
- 'dpop'
|
|
- 'elasticsearch'
|
|
- 'embed'
|
|
- 'error_tracking'
|
|
- 'errors'
|
|
- 'events/'
|
|
- 'external_auth_client'
|
|
- 'external_storage'
|
|
- 'feature_flag'
|
|
- 'filter{,ed}_{bar,search,token}'
|
|
- 'gitlab_subscriptions'
|
|
- 'google_api'
|
|
- 'google_cloud'
|
|
- 'group_{link,sync}'
|
|
- 'health_check'
|
|
- 'hook'
|
|
- 'ide/'
|
|
- 'import/'
|
|
- 'incoming_email'
|
|
- 'instrumentations'
|
|
- 'invite_members'
|
|
- 'issue_token'
|
|
- 'jira'
|
|
- 'jitsu'
|
|
- 'job_token'
|
|
- 'json_schema'
|
|
- 'json_web_token'
|
|
- 'jwt'
|
|
- 'kubernetes'
|
|
- 'locale'
|
|
- 'ldap*_*{group,sync,link}'
|
|
- 'lfs'
|
|
- 'limit'
|
|
- 'logger'
|
|
- 'mail_room'
|
|
- 'maven'
|
|
- 'merge_request'
|
|
- 'metadata'
|
|
- 'metric'
|
|
- 'mirror_authentication'
|
|
- 'pipeline'
|
|
- 'protected_environment'
|
|
- 'remote_development'
|
|
- 'requirements/'
|
|
- 'reset_prometheus_token'
|
|
- 'reset_registration_token'
|
|
- 'runner'
|
|
- '{saml,sync,link}_group'
|
|
- 'scim'
|
|
- 'scope_validator'
|
|
- 'search/'
|
|
- 'search_token'
|
|
- 'secret_detection'
|
|
- 'service_access'
|
|
- 'services/ai/'
|
|
- 'sidebars/'
|
|
- 'task'
|
|
- 'terraform_registry_token'
|
|
- 'throttle'
|
|
- 'token_access'
|
|
- 'tracking'
|
|
- 'tracing'
|
|
- 'usage_quotas'
|
|
- 'web_ide'
|
|
- 'work_item_token'
|
|
- 'work_items'
|
|
patterns:
|
|
- '/{,ee/}app/**/*%{keyword}*{,/**/*}'
|
|
- '/{,ee/}config/**/*%{keyword}*{,/**/*}'
|
|
- '/{,ee/}lib/**/*%{keyword}*{,/**/*}'
|
|
|
|
'[Compliance]':
|
|
group: '@gitlab-org/software-supply-chain-security/compliance'
|
|
entries:
|
|
- '/ee/app/services/audit_events/build_service.rb'
|
|
- '/ee/spec/services/audit_events/custom_audit_event_service_spec.rb'
|
|
allow:
|
|
keywords:
|
|
- audit
|
|
patterns:
|
|
- '/{,ee/}app/**/*%{keyword}*'
|
|
- '/{,ee/}config/**/*%{keyword}*'
|
|
- '/{,ee/}lib/**/*%{keyword}*'
|
|
deny:
|
|
keywords:
|
|
- '*.png'
|
|
- '*bundler-audit*'
|
|
- '**/merge_requests/**'
|
|
- '/config/feature_flags/**/*'
|
|
- '/ee/app/services/audit_events/**/*'
|
|
- '/ee/spec/services/audit_events/**/*'
|
|
- '/ee/spec/services/ci/*'
|
|
- '/ee/spec/services/personal_access_tokens/*'
|
|
patterns:
|
|
- '%{keyword}'
|