Approvals¶
[!NOTE] Required role:
compliance_manager(to approve/reject),managerordeveloper(to request)
An approval is a formal quality gate before shipping. It captures a frozen snapshot of a module's bill of materials and runs it through eight review tabs covering vulnerabilities, licenses, versioning, viability, changes, export control, tests and capabilities.
Lifecycle¶
- A project manager or developer creates a draft approval.
- The draft is submitted for review → assigned to a compliance manager.
- The compliance manager reviews all eight tabs and approves or rejects.
- Once finalized, the approval is frozen and immutable — it cannot be changed.
In this section¶
| Page | What it covers |
|---|---|
| Requesting an Approval | How to create and submit an approval request. |
| The Eight Approval Tabs | What each review tab contains. |
| Approve / Reject | The decision workflow and what happens after. |
| Binary Linking | Attaching binary references to an approval. |
| Public Approves | Sharing approved releases with external stakeholders. |
| Post-Release Vulnerabilities | Monitoring for new CVEs after a release. |
📸 Screenshot: the approvals list with status filter and assignment column.