Follow-up from "Adjust docs for FIPS guide"
The following discussions from !90984 (merged) should be addressed:
-
@corey-oas started a discussion: This needs to be modified ahead of the audit. It's fine to say GitLab as whole is not FIPS-compliant, however we need to specify that there is a FIPS-compliant build which does not include all features, and call those out in the Known Limitations section below.
-
@corey-oas started a discussion: Any FIPS-related gaps included in this Epic should fall outside of what we're defining as our FIPS-compliant build otherwise we should remove the reference to this Epic from this page. The auditor will look closely at this.
-
@corey-oas started a discussion: (+4 comments) This section should include the FIPS Epic for work in progress and/or call out specific product features that are not compliant }(e.g. DAST)