From 7522c49d8c3d5fe0c47622c3cf275eeb4102a88b Mon Sep 17 00:00:00 2001
From: charlie ablett <cablett@gitlab.com>
Date: Wed, 10 Apr 2019 00:12:55 +0000
Subject: [PATCH 1/2] Correct slightly conflicting information regarding
 security processes for developers

---
 general/security/developer.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/general/security/developer.md b/general/security/developer.md
index d85480b6..3c37323e 100644
--- a/general/security/developer.md
+++ b/general/security/developer.md
@@ -39,7 +39,7 @@ post-deployment patch process.
   disclosure.
 - [Create a new issue on org](https://dev.gitlab.org/gitlab/gitlabhq/issues/new?issuable_template=Security+developer+workflow) using the [Security Developer Workflow] template.
 - Security vulnerabilities that exist in **both** CE and EE should be fixed in
-  the [CE project on org](https://dev.gitlab.org/gitlab/gitlabhq).
+  the [CE project on org](https://dev.gitlab.org/gitlab/gitlabhq) and a corresponding MR is required for EE.
 - Security vulnerabilities that exist only in EE should be fixed in the [EE
   project on org](https://dev.gitlab.org/gitlab/gitlab-ee).
 - Security vulnerabilities that exist in Omnibus should be fixed in the [Omnibus
-- 
GitLab


From beac9a845a720781dc241cc588a2fbf5a94f18ff Mon Sep 17 00:00:00 2001
From: charlie ablett <cablett@gitlab.com>
Date: Thu, 23 May 2019 21:08:15 +0000
Subject: [PATCH 2/2] Apply suggestion to general/security/developer.md

---
 general/security/developer.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/general/security/developer.md b/general/security/developer.md
index 3c37323e..39b342b8 100644
--- a/general/security/developer.md
+++ b/general/security/developer.md
@@ -39,7 +39,7 @@ post-deployment patch process.
   disclosure.
 - [Create a new issue on org](https://dev.gitlab.org/gitlab/gitlabhq/issues/new?issuable_template=Security+developer+workflow) using the [Security Developer Workflow] template.
 - Security vulnerabilities that exist in **both** CE and EE should be fixed in
-  the [CE project on org](https://dev.gitlab.org/gitlab/gitlabhq) and a corresponding MR is required for EE.
+  the [CE project on org](https://dev.gitlab.org/gitlab/gitlabhq), and a corresponding MR is required for EE in order to avoid unexpected conflicts and failing tests.
 - Security vulnerabilities that exist only in EE should be fixed in the [EE
   project on org](https://dev.gitlab.org/gitlab/gitlab-ee).
 - Security vulnerabilities that exist in Omnibus should be fixed in the [Omnibus
-- 
GitLab