Require approval from composition analysis and threat insights when modifying shared models

Proposal

As I was working on #432146 (closed), I became aware of some new changes done to the Sbom::Occurrence model. In the same issue, I was proposing adding a new column to the sbom_occurrences table which would directly impact groupthreat insights. This made me think that it's quite easy to forget to involve groupthreat insights when making such changes, and can use some of GitLab's features to avoid doing so later. I'm creating this issue to gather interest on improving the ease of collaboration between the teams when we work on a shared model. There are many features that we could leverage to assist here ranging from the CODEOWNERS file to the feature_category class attributes, and most likely others that I may have missed.

Topics

Add a new label that pings the owners of a shared feature
Add both teams to the CODEOWNERS files

Edited Dec 22, 2023 by Oscar Tovar