Allow security MRs targeting unreleased stable branches
In the window between a new stable branch being created during an RC,
and the monthly .0
release being created, a security MR might target
the stable branch but be rejected because version.gitlab.com
doesn't
yet know about the version.
This naive solution would break down when we have a new major version.
A better solution might be to allow rc
versions to be created (but not
considered for the upgrade warning) so that we get back the intended
versions.
Related to gitlab-com/gl-infra/delivery#1360 (closed) and !1297 (merged).