subject:"\[Wikidata\-bugs\] \[Maniphest\] T249039\: Security Readiness Review For Wikidata Bridge"

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-08-28 Thread darthmon_wmde

darthmon_wmde added a comment. In T249039#6400360 , @sbassett wrote: > @darthmon_wmde - I assume there are no further questions about my above explanation? I'll plan to resolve this task for now. We can create new tasks for any

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-08-20 Thread sbassett

sbassett closed this task as "Resolved". sbassett moved this task from Waiting to Our Part Is Done on the secscrum board. sbassett added a comment. @darthmon_wmde - I assume there are no further questions about my above explanation? I'll plan to resolve this task for now. We can create new

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-08-06 Thread sbassett

sbassett added a comment. In T249039#6362819 , @darthmon_wmde wrote: > heads up: I am accepting the risk and we programmed the deploy to production. Great, thanks. > We have already fixed

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-08-05 Thread darthmon_wmde

darthmon_wmde added a comment. Hey @sbassett , heads up: I am accepting the risk and we programmed the deploy to production. We have already fixed some of the dev dependencies - by yesterday there were no

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-30 Thread darthmon_wmde

darthmon_wmde added a comment. Hey @sbassett , thanks for checking in! I have talked with the PM of the project about the possibly soon activation of the Bridge for Wikicat, as planned, and I have set a discussion meeting next week with the developers to craft the plan. I will update you

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-29 Thread sbassett

sbassett added a comment. Ping @darthmon_wmde et al - just wanted to check on where we're at here with mediations and/or risk acceptance per my previous comment. Thanks! TASK DETAIL https://phabricator.wikimedia.org/T249039 EMAIL PREFERENCES

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-21 Thread sbassett

sbassett added a comment. In T249039#6322813 , @Lucas_Werkmeister_WMDE wrote: > I looked at these earlier and thought they all looked like false positives Great, thanks for confirming and for your detailed analysis, with which I

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-21 Thread Pablo-WMDE

Pablo-WMDE added a comment. > **Vulnerable Packages** > **Risk: {icon exclamation-triangle color=yellow} medium** > [...] > **Outdated Packages** There recurringly are and recently were efforts to get those numbers down, maybe a recheck (e.g. after sha

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-21 Thread Lucas_Werkmeister_WMDE

Lucas_Werkmeister_WMDE added a comment. > **General Security Issues** > > 1. `njsscan` did find some potential issues with vue's `v-html` attribute. I'd guess most of these are false positives given that they render messages which shouldn't be vulnerable as they are used within the

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-16 Thread sbassett

sbassett added a comment. In T249039#6313032 , @darthmon_wmde wrote: >> (...) our current risk management policy (on officewiki , which sadly I don't believe wmde folks

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-16 Thread darthmon_wmde

darthmon_wmde added a comment. thanks a lot @sbassett for your complete answer! > (...) our current risk management policy (on officewiki , which sadly I don't believe wmde folks can view) ... You are probably

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-15 Thread sbassett

sbassett added a comment. In T249039#6307879 , @darthmon_wmde wrote: > sorry if this is a stupid question but could you please say clearly whether we need to lower the risk on any of the points? I am not sure whether what you define as

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

2020-07-15 Thread darthmon_wmde

darthmon_wmde added a comment. hi @sbassett ! thanks a lot for that assessment! sorry if this is a stupid question but could you please say clearly whether we need to lower the risk on any of the points? I am not sure whether what you define as medium or low risk are acceptable to

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

[Wikidata-bugs] [Maniphest] T249039: Security Readiness Review For Wikidata Bridge

13 matches

Site Navigation

Mail list logo

Footer information