Source code is managed with GitLab-approved version control mechanisms.
GitLab-approved version control mechanisms should be enforced over all source code that is maintained by GitLab to ensure tracability and auditability between source code changes. Processes in place to enforce version control demonstrate strong security and SDLC maturity.
This control is applicable to all areas where GitLab manages it's own source code. Note that the scope does not extend to third party systems because GitLab does not own the related source code and therefore does not have the ability to enforce version control mechanisms
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Source Code Management control issue .