►
From YouTube: Compliance: UX Office Hours (2021-05-14)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hey
everyone:
my
name
is
austin,
I'm
a
senior
product
designer
gitlab
jumping
into
what
happened
this
week.
I
want
to
start
by
giving
a
shout
out
to
sam
for
creating
this
awesome
proposal
that
could
help
us
shift
away
the
burden
of
creating
so
many
audit
events
inside
gitlab.
Perhaps
we
could
shift
that
responsibility
on
to
users
or
customers
to
define
where
that
data
should
live.
One
problem
we
run
into
trying
to
scale
these
events
is
our
infrastructure
isn't
necessarily
designed
to
be
a
logging
type
of
environment?
A
So
if
you
want
to
track
all
of
your
git
events,
perhaps
we
can
give
that
to
customers
to
decide.
They
want
to
move
that
somewhere
else
and
capture
those
events
without
having
to
necessarily
scale
or
redesign
how
gitlab
handles
that.
Currently,
we
could
do
some
of
the
easier
ones,
but
maybe
the
more
complex,
more
heavy,
hitting
events
we
could
push
off
somewhere
else.
So
we've
got
a
solution.
Validation
issue
open
we're
talking
through
with
anna
about
how
we
might
go
about
validating
the
remaining
gaps
in
our
understanding.
A
But
if
you
have
any
ideas
on
how
to
collaborate
on
it
feel
free
to
ask
them
the
proposal.
Next
thing
I
wanted
to
share.
I
don't
know
if
I
shared
this
already,
but
I
just
want
to
hit
it
again,
there's
a
old
issue
that
hits
pretty
squarely
where
we're
going
with
status
checks.
It
was
great
to
already
see
the
word
status
checks
in
there
paid
your
buzz
to
my
attention.
It's
got
a
lot
of
community
support
and
I've
been
getting
some
great
feedback
from
existing
customers.
A
A
I
also
want
to
highlight
some
nice
collaboration
that
we're
having
with
the
pipeline
authoring
group
maddie,
and
I
have
been
going
back
and
forth
on
some
different
ideas
to
create
mvc.
A
I
also
wanted
to
call
out
this
great
addition
from
sam
that
expands
upon
our
compliance
features
documentation.
He
added
on
the
compliance
pipelines,
the
compliance
frameworks
and
also
specifies
which
tier
they're
in
and
if
they're,
available
on
sas
or
not.
A
This
is
really
important,
we're
seeing
more
and
more
tams
and
customers
asking
about
compliance
features,
and
it's
important
that
we
start
sharing
those
things.
We
don't
own
all
of
these
features
themselves,
but
they
can
be
used
for
compliance.
So
we
do
want
to
highlight
that
for
people,
so
just
because
we
don't
own
a
feature
outright
doesn't
mean
that
it's
not
used
for
compliance.
So
keep
that
in
mind
as
we
consider
the
scope
of
what
compliance
means
for
organizations.
A
And
then
I
spent
today
really
trying
to
do
my
best
to
figure
out
how
we
can
scale
mr
approval
rules
to
the
group
I'll.
Suffice
to
say
we
can't
do
it
as
best
as
I
understand,
without
on
fixing
protective
branches
or
rather
making
protective
protective
branches
more
flexible.
I
forgot
to
add
my
link
here
in
loom
tulum,
but
it's
a
17
minute,
video
of
me
kind
of
rambling
through
my
different
screens.
A
What
I
will
instead
highlight
is
I
at
least
synthesize
down
my
best
idea
into
a
single
figma
art
board.
Really
the
crux
of
this
whole
thing:
it
lies
within
protective
branches.
I
mean
if
the
protective
branches
don't
exist,
what
populates
currently
in
projects
protective
branches
disappear?
It
defaults
back
to
any
branch
which
is
not
a
rule.
We
want
to
enforce
upon
it's
way
too
restrictive
and
so
considering
how
we
might
bring
in
new
projects
and
what
they'll
be
inheriting
and
what
is
allowed
to
be
created.
A
There's
just
a
lot
of
work
to
be
done
with
protective
branches,
and
that's
going
to
be
a
blocker
for
moving
protective
branches
to
the
group
level
and
moving
merge
requests.
Approval
rules
to
the
group
level,
but
we
can
still
continue
to
make
progress
on
things
like
mr
approval
settings
merge
method
push
rules
even
potentially
those
things
are
just
the
check
boxes.
A
We
can
definitely
continue
growing
out,
and
I
think
we
have
some
neat
ideas
about
how
we
can
help
illustrate
using
compliance
frameworks
to
start
enforcing
things
and
showing
how
they
are
being
portrayed
at
the
project
level.
So
that
could
be
a
nice
path
forward
to
keep
us
busy,
while
we
figure
out
the
logic
on
the
other
end.
A
Next,
I
found
a
problem
today,
as
I
was
thinking
through
that
it
made
me
think
about
the
compliance
pipeline.
It's
possible
to
get
stuck
in
this
situation
where
it
doesn't
know
where
this
file
is.
If
you
move
it
or
delete
it,
you
could
be
kind
of
screwed.
The
only
way
to
get
around
it
is.
You
need
a
group
runner
to
go
in
and
d
map
it
from
the
framework
or
remove
the
frameworks
from
different
projects.
A
Last
but
not
least-
and
I
put
this
in
a
collapsible
section-
because
it
relates
my
merge
request
merged
which
was
super
exciting
to
me.
I
helped
build
this
with
the
help
of
so
many
people
and
it's
fun
just
to
see
it
there
and
I've
already
used
it
numerous
times
this
week
and
saved
myself
a
good
number
of
keystrokes.