From 02412a5040e11e20df984964ecd12b74e7f9eeef Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Wed, 27 Mar 2019 13:35:28 +0100
Subject: [PATCH] Update the MR template for security MRs

This makes two changes to the template:

1. EE MRs are now always required (see
   https://gitlab.com/gitlab-org/release/framework/issues/256 for a
   backstory).

2. We clarify that a release manager is not a suitable reviewer for
   security merge requests.
---
 .gitlab/merge_request_templates/Security Release.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md
index 246f2dae00938..42314f9b2dd68 100644
--- a/.gitlab/merge_request_templates/Security Release.md	
+++ b/.gitlab/merge_request_templates/Security Release.md	
@@ -7,6 +7,10 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
 This merge request _must not_ close the corresponding security issue _unless_ it
 targets master.
 
+When submitting a merge request for CE, a corresponding EE merge request is
+always required. This makes it easier to merge security merge requests, as
+manually merging CE into EE is no longer required.
+
 -->
 ## Related issues
 
@@ -20,8 +24,8 @@ targets master.
 - [ ] Title of this MR is the same as for all backports
 - [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
 - [ ] Add a link to this MR in the `links` section of related issue
-- [ ] Add a link to an EE MR if required
-- [ ] Assign to a reviewer
+- [ ] Set up an EE MR (always required for CE merge requests): EE_MR_LINK_HERE
+- [ ] Assign to a reviewer (that is not a release manager)
 
 ## Reviewer checklist
 
-- 
GitLab