The Gitlab Slack app gives you notifications and slash-commands that could be useful. We should look at its features and see if it could be useful.
https://docs.gitlab.com/ee/user/project/integrations/gitlab_slack_application.html
The Gitlab Slack app gives you notifications and slash-commands that could be useful. We should look at its features and see if it could be useful.
https://docs.gitlab.com/ee/user/project/integrations/gitlab_slack_application.html
Read-only (e.g. notifications) is straightforward, write operations (slash commands) would require a security review.
The GitLab Slack App had a critical security vulnerability in the most recent security release. See Attacker can abuse Slack/Mattermost integrations to execute slash commands as another user and T354913 which is exactly the concern I had when we discussed this Slack integration internally.
So if we experiment and/or use this integration we should make sure to check if there is a read-only mode and if write commands (slash commands) can be disabled.