From 48d8a7d64cc55af2bd5012e584ba1e0c881106fd Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 7 Dec 2018 19:30:54 +0900 Subject: [PATCH] Small improvement for phrasing --- doc/ci/merge_request_pipelines/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md index 6697bf9480f..706e83abf44 100644 --- a/doc/ci/merge_request_pipelines/index.md +++ b/doc/ci/merge_request_pipelines/index.md @@ -75,10 +75,10 @@ because, technically, external contributors can disguise their pipeline results by tweaking their GitLab Runner in the forked project. There are multiple reasons about why GitLab doesn't allow those pipelines to be -created in the parent project, but one of the biggest reasons is security. +created in the parent project, but one of the biggest reasons is security concern. External users could steal secret variables from the parent project by modifying -.gitlab-ci.yml. +.gitlab-ci.yml, which could be some sort of credentials. This should not happen. -We're discussing a secure solution about how to run pipelines for merge requests +We're discussing a secure solution of running pipelines for merge requests that submitted from forked projects, see [the issue about the permission extension](https://gitlab.com/gitlab-org/gitlab-ce/issues/23902).