From 007992248b03513decf829d7deb762254a72170d Mon Sep 17 00:00:00 2001 From: Lars Hvam Date: Sat, 13 Jun 2020 09:32:57 +0200 Subject: [PATCH] security documentation (#3491) --- docs/index.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/index.md b/docs/index.md index 9f335e194..1aeec6481 100644 --- a/docs/index.md +++ b/docs/index.md @@ -8,7 +8,18 @@ Latest build: [zabapgit.abap](https://raw.githubusercontent.com/abapGit/build/ma For questions/comments/bugs/feature requests/wishes please create an [issue](https://github.com/larshp/abapGit/issues) ### Security -All abapGit code is reviewed via pull requests. All [repository watchers](https://github.com/larshp/abapGit/watchers) are automatically notified for every change to the code base. +abapGit is a tool to import and export code between ABAP systems. If a developer have a developer key to the system, +the developer can perform these actions already. abapGit enables the developer to do mass export/changes/imports but +not more than already possible to do manually. + +Running automated security checks on the abapGit code will by design give a lot of errors, as abapGit will import, overwrite and change +ABAP artifacts in the system in ways that might not be intended. Always review all code in remote repositories before importing to the target system, +this is possible because abapGit is plain text unlinke traditional transport files. + +That being said, abapGit is used by mutiple [organizations](https://docs.abapgit.org/other-where-used.html), all abapGit +changes are reviewed via pull requests. And all 100+ [repository watchers](https://github.com/larshp/abapGit/watchers) are +automatically notified for every change to the code base, so potentially all changes are looked at by more people than +tradtional enterprise products. ### Support It is a community effort to support the project, recommend [watching](https://help.github.com/articles/watching-and-unwatching-repositories/) the project to get a feeling about issue resolution. Everyone can suggest changes to abapGit via [pull requests](https://help.github.com/articles/about-pull-requests/).