security: document and explain session CSRF safety better
There are currently no pipelines.
To run a merge request pipeline, the jobs in the CI/CD configuration file must be configured to run in merge request pipelines and you must have sufficient permissions in the source project.