sbassett edited projects, added Security-Team-Reviews; removed
Security-Team-Review-Active.
TASK DETAIL
https://phabricator.wikimedia.org/T216692
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Reedy, sbassett
Cc: Tarrow, Aklapper, RazShuty, WMDE
sbassett added a comment.
In T237667#5728294 <https://phabricator.wikimedia.org/T237667#5728294>,
@Ladsgroup wrote:
> Sorry, When I made the patch to gerrit it made sense to open the ticket so
the bots can add the patch to this ticket, when the patch is in gerrit, this
can
sbassett removed a project: Patch-For-Review.
sbassett moved this task from External (Non-WMF) Issues to Done on the Security
board.
TASK DETAIL
https://phabricator.wikimedia.org/T237667
WORKBOARD
https://phabricator.wikimedia.org/project/board/30/
EMAIL PREFERENCES
https
sbassett added a subscriber: Daimona.
sbassett added a comment.
In T240884#5810094 <https://phabricator.wikimedia.org/T240884#5810094>,
@Ladsgroup wrote:
> One complicating factor here is that AbuseFilter and SpamBlacklist both
don't have a clear maintainer.
I thi
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
TASK DETAIL
https://phabricator.wikimedia.org/T241536
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Addshore, sbassett, Zby
sbassett added a comment.
I've made this task public now that T241410 should be completely resolved
with all data flushed (and hopefully able to become public soon itself).
TASK DETAIL
https://phabricator.wikimedia.org/T241536
EMAIL PREFERENCES
https://phabricator.wikimedia.org/set
sbassett added a comment.
Not seeing anything in master or REL1_32 for this. Is it somewhere else? If not, is there an estimate for completion?TASK DETAILhttps://phabricator.wikimedia.org/T204542EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: sbassettCc
sbassett triaged this task as "Low" priority.
TASK DETAILhttps://phabricator.wikimedia.org/T204542EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: sbassettCc: sbassett, Aklapper, Hjfocs, Nandana, Lahi, Gq86, GoranSMilovanovic, Kiailandi, QZand
sbassett added a comment.
Ok, thanks for the update, @Hjfocs.TASK DETAILhttps://phabricator.wikimedia.org/T204542EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: sbassettCc: sbassett, Aklapper, Hjfocs, Nandana, Lahi, Gq86, GoranSMilovanovic, Kiailandi, QZanden
sbassett updated the task description. (Show Details)
CHANGES TO TASK DESCRIPTION...* Target date for deployment: N.A. (the related [[https://meta.wikimedia.org/wiki/Grants:IEG/StrepHit:_Wikidata_Statements_Validation_via_References/Renewal/Timeline | project grant]] is over anyway)this code is
sbassett added a comment.
Hello @Hjfocs
Some follow-up here - apologies for the stop/go on this one:
Did the mirroring issue with gerrit ever get addressed? It still looks to be an empty repo.
I was curious if the tool is actually working in production. On wikidata.org, I added the gadget and
sbassett added a comment.
@Hjfocs -
But you served as the first reviewer, what am I getting wrong?
From T196073#4825203, it looks like @MaxSem found the PrimarySources code as an unmerged gerrit patch set, and offered some initial feedback (thanks!) However, this isn't typical of a sta
sbassett edited projects, added Security-Team-Reviews; removed Security.
TASK DETAIL
https://phabricator.wikimedia.org/T216692
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Aklapper, RazShuty, WMDE-leszek, Michael, noarave
sbassett changed the task status from "Open" to "Stalled".
sbassett triaged this task as "Normal" priority.
sbassett moved this task from Backlog to Waiting on the Security-Team board.
TASK DETAIL
https://phabricator.wikimedia.org/T208329
WORKBOARD
https://pha
sbassett added a comment.
@RazShuty @Addshore @Lucas_Werkmeister_WMDE - Sorry for the (very) delayed
response here. Due to a healthy amount of organizational shift, the
#security-team <https://phabricator.wikimedia.org/tag/security-team/> is just
now getting our Phab works boards in
sbassett triaged this task as "Normal" priority.
TASK DETAIL
https://phabricator.wikimedia.org/T202390
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Legoktm, sbassett
Cc: gerritbot, Umherirrender, darthmon_wmde, DannyS712, Nandana
sbassett triaged this task as "Normal" priority.
TASK DETAIL
https://phabricator.wikimedia.org/T202389
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Legoktm, sbassett
Cc: Legoktm, gerritbot, Aklapper, Umherirrender, darthmon_wmde,
sbassett triaged this task as "Normal" priority.
TASK DETAIL
https://phabricator.wikimedia.org/T19
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Smalyshev, sbassett
Cc: Krenair, Bawolff, Lydia_Pintscher, APalmer_WMF, Smalysh
sbassett triaged this task as "Normal" priority.
sbassett removed a project: Cloud-Services.
TASK DETAIL
https://phabricator.wikimedia.org/T150803
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Esc3300, Sjoerddebruin, Multichi
sbassett removed a project: Patch-For-Review.
TASK DETAIL
https://phabricator.wikimedia.org/T124451
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Tarrow, sbassett
Cc: gerritbot, Lucas_Werkmeister_WMDE, Addshore, thiemowmde, adrianheine,
TerraCodes
sbassett removed a project: Patch-For-Review.
TASK DETAIL
https://phabricator.wikimedia.org/T130856
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: JanZerebecki, sbassett
Cc: Gehel, Smalyshev, gerritbot, csteipp, Bovlb, Jonas, Aklapper
sbassett added a comment.
In T236500#5609046 <https://phabricator.wikimedia.org/T236500#5609046>,
@Bugreporter wrote:
> @jijiki The Custom Policy does not make sense since #Traffic
<https://phabricator.wikimedia.org/tag/traffic/> is currently a public-joinable
projec
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
TASK DETAIL
https://phabricator.wikimedia.org/T233213
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Tarrow, hoo, Jakob_WMDE,
sbassett removed a project: Patch-For-Review.
sbassett moved this task from Backlog / Other to Done on the Security board.
TASK DETAIL
https://phabricator.wikimedia.org/T233213
WORKBOARD
https://phabricator.wikimedia.org/project/board/30/
EMAIL PREFERENCES
https
sbassett moved this task from Incoming to Back Orders on the secscrum board.
sbassett triaged this task as "Low" priority.
TASK DETAIL
https://phabricator.wikimedia.org/T249039
WORKBOARD
https://phabricator.wikimedia.org/project/board/4630/
EMAIL PREFERENC
sbassett added a comment.
This was caused by this security patch to PS.php
<https://phabricator.wikimedia.org/T250887#6102375>. Which was reverted and
re-synced <https://sal.toolforge.org/log/0F-m4XEBj_Bg1xd3x-G7>. An updated
version <https://phabricator.wikimedia.org/P1
sbassett added a comment.
@darthmon_wmde - we don't currently have this review assigned/scheduled,
though I could probably have a look at it next week. Before we do that, I
think we'd need:
1. Confirmed commit shas for the various code bases and files defined within
sectio
sbassett claimed this task.
sbassett moved this task from Back Orders to Waiting on the secscrum board.
sbassett added a project: user-sbassett.
TASK DETAIL
https://phabricator.wikimedia.org/T249039
WORKBOARD
https://phabricator.wikimedia.org/project/board/4630/
EMAIL PREFERENCES
https
sbassett added a comment.
Hey @darthmon_wmde-
In T249039#6125290 <https://phabricator.wikimedia.org/T249039#6125290>,
@darthmon_wmde wrote:
> We have not frozen the code yet, are finishing the last 2.5 stories. Excuse
my ignorance but, do we need to be 100% finished b
sbassett changed the task status from "Open" to "Stalled".
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE-leszek, sbassett, Addshore, Michael, Lu
sbassett updated the task description.
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE-leszek, sbassett, Addshore, Michael, Lucas_Werkmeister_WMDE,
Tonina_Zhelyazkova_WMDE
sbassett added a comment.
@darthmon_wmde - I can look at this next. Did you have an updated target
date for deployment?
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE
sbassett changed the task status from "Stalled" to "Open".
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE-leszek, sbassett, Addshore, Michael, Lu
sbassett raised the priority of this task from "Low" to "Medium".
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE-leszek, sbassett, Addshore, Michael, Lu
sbassett added a comment.
In T249039#6224698 <https://phabricator.wikimedia.org/T249039#6224698>,
@Lydia_Pintscher wrote:
> If at all possible it'd be <3 to be ready for deployment at the beginning
of July.
We can at least have a minimal, due-diligence review
sbassett added a comment.
In T230451#6257384 <https://phabricator.wikimedia.org/T230451#6257384>,
@Jdforrester-WMF wrote:
> Not sure if these release branches of Wikibase are supported. That'd be
something for the Wikidata team to determine.
I suppose REL1_32 and REL1
sbassett removed a project: Patch-For-Review.
TASK DETAIL
https://phabricator.wikimedia.org/T230451
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Jdforrester-WMF, Aklapper, sbassett, darthmon_wmde, Michael, Nandana, Lahi,
Gq86
sbassett added a comment.
Hmm, well now I'm getting an phpunit error with
`quibble-composer-mysql-php72-noselenium-docker`:
PHP Fatal error: Cannot use 'object' as class name as it is reserved in
/workspace/src/vendor/phpunit/phpunit-mock-objects/src/Generator.php(2
sbassett added a comment.
@Lydia_Pintscher @darthmon_wmde - I hope to have the aforementioned
due-diligence security review completed by the end of next week (Friday, July
3rd).
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org
sbassett added a comment.
So
https://gerrit.wikimedia.org/g/mediawiki/extensions/Wikibase/+/master/client/resources/Resources.php
no longer appears to exist, as it is ref'd in the task description. Does that
live somewhere else or is it just gone now?
TASK DETAIL
sbassett added a comment.
Update: I still hope to have this security review completed by EOBD tomorrow
(10:00 PM UTC for me) but note that the review may have to be posted on Monday
2020-07-06 due to some delays. Apologies and thanks for your patience.
TASK DETAIL
https
sbassett added a comment.
**Update:** Apologies, but this is going to have to wait until Monday
2020-07-06.
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: WMDE-leszek, sbassett
sbassett added a comment.
!!**Security Review Summary - T249039
<https://phabricator.wikimedia.org/T249039> - 2020-07-06**!!
**Last commit reviewed:**
1. Wikibase: `cbfd8bbca3bf816ace5bafdfbd112ddaa44274da`
For this review, I focused mainly upon the TypeScript app
sbassett added a comment.
In T249039#6307879 <https://phabricator.wikimedia.org/T249039#6307879>,
@darthmon_wmde wrote:
> sorry if this is a stupid question but could you please say clearly whether
we need to lower the risk on any of the points? I am not sure whether what you
sbassett added a comment.
In T249039#6313032 <https://phabricator.wikimedia.org/T249039#6313032>,
@darthmon_wmde wrote:
>> (...) our current risk management policy (on officewiki
<https://office.wikimedia.org/wiki/Security/Policy/Risk_Management>, which
sadly I don
sbassett added a comment.
In T249039#6322813 <https://phabricator.wikimedia.org/T249039#6322813>,
@Lucas_Werkmeister_WMDE wrote:
> I looked at these earlier and thought they all looked like false positives
Great, thanks for confirming and for your detailed analysis, wit
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
TASK DETAIL
https://phabricator.wikimedia.org/T258323
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: sbassett, greg, Lucas_Werkm
sbassett removed a project: Patch-For-Review.
sbassett moved this task from Watching to Our Part Is Done on the Security-Team
board.
TASK DETAIL
https://phabricator.wikimedia.org/T258323
WORKBOARD
https://phabricator.wikimedia.org/project/board/1179/
EMAIL PREFERENCES
https
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
TASK DETAIL
https://phabricator.wikimedia.org/T238052
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: 4nn1l2, Urb
sbassett added a comment.
In T258323#6334121 <https://phabricator.wikimedia.org/T258323#6334121>,
@RhinosF1 wrote:
> There was a restricted task merged into this. Should it be made public as
well? (https://phabricator.wikimedia.org/T258323#6317139)
Done.
TASK DETAI
sbassett added a comment.
Ping @darthmon_wmde et al - just wanted to check on where we're at here with
mediations and/or risk acceptance per my previous comment. Thanks!
TASK DETAIL
https://phabricator.wikimedia.org/T249039
EMAIL PREFERENCES
https://phabricator.wikimedia.org/set
sbassett added a comment.
In T249039#6362819 <https://phabricator.wikimedia.org/T249039#6362819>,
@darthmon_wmde wrote:
> heads up: I am accepting the risk and we programmed the deploy to
production.
Great, thanks.
> We have already fixed
<https://gerrit.wi
sbassett closed this task as "Resolved".
sbassett moved this task from Waiting to Our Part Is Done on the secscrum board.
sbassett added a comment.
@darthmon_wmde - I assume there are no further questions about my above
explanation? I'll plan to resolve this task for now. We
sbassett added a comment.
Hey all-
We've received the security review request (T292110
<https://phabricator.wikimedia.org/T292110>) for this and will plan to include
it within our review planning session this week (whether it's accepted for the
quarter as-is or not is a
sbassett changed the task status from "Open" to "Stalled".
sbassett triaged this task as "Low" priority.
sbassett added a comment.
Stalling this review for now pending further discussion at T285098
<https://phabricator.wikimedia.org/T285098>. We may st
sbassett added a comment.
In T292110#7405421 <https://phabricator.wikimedia.org/T292110#7405421>,
@WMDE-leszek wrote:
> @sbassett Opening this request was meant as an indication of WMDE
understanding the "fast track" deployment is not an option. Apologies for not
b
sbassett added a comment.
In T292110#7412589 <https://phabricator.wikimedia.org/T292110#7412589>,
@Addshore wrote:
> Quick follow up incase the intent of this ticket was misunderstood.
> This is a security review request for deploying the service to Wikimedia
Production,
sbassett added a comment.
Hey @WMDE-leszek - We're still working through some possibilities for
engaging a vendor for this work. Hopefully I can have an answer in another
week or so for you and your team. If the vendor path falls through, we'd
likely need to schedule this review
sbassett assigned this task to Reedy.
sbassett moved this task from Q1: 2021 Planning Queue to In Progress on the
secscrum board.
TASK DETAIL
https://phabricator.wikimedia.org/T292110
WORKBOARD
https://phabricator.wikimedia.org/project/board/4630/
EMAIL PREFERENCES
https
sbassett changed the task status from "Stalled" to "In Progress".
TASK DETAIL
https://phabricator.wikimedia.org/T292110
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Reedy, sbassett
Cc: sbassett, Michaelcochez, Martaannaj, Lydia
sbassett raised the priority of this task from "Low" to "Medium".
TASK DETAIL
https://phabricator.wikimedia.org/T292110
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Reedy, sbassett
Cc: sbassett, Michaelcochez, Martaannaj, Lydia
sbassett added a comment.
Hey @WMDE-leszek - we're going to have @reedy give this a first look for a
security review. Hopefully they can have a report deliverable for you later
this quarter or early next. At that point we can reassess any additional needs.
TASK DETAIL
sbassett changed the task status from "In Progress" to "Stalled".
sbassett added a comment.
Stalling until more security/linting automation has been officially set up in
CI. We'll then plan to use the results of some of that tooling, in addition to
some manu
sbassett added a comment.
@Michaelcochez - Thanks for getting gosec set up within the project's Github
CI. just reviewing some recent runs
<https://github.com/martaannaj/RecommenderServer/actions/workflows/gosec.yml>,
it doesn't seem like it's found much, which is
sbassett added a comment.
In T292110#7571382 <https://phabricator.wikimedia.org/T292110#7571382>,
@Michaelcochez wrote:
> I have now added gokart. The github action was not working out of the box,
because of some missing configuration parameters in the example. I opened a
pul
sbassett added a comment.
In T292110#7573952 <https://phabricator.wikimedia.org/T292110#7573952>,
@Michaelcochez wrote:
> 1. should we solve this by also having this internal service use https ?
> 2. and if so, where would i get a certificate/key for that?
I belie
sbassett added a comment.
In T292110#7574265 <https://phabricator.wikimedia.org/T292110#7574265>,
@Michaelcochez wrote:
> @sbassett Is that something which should be checked now, during the
security readiness review, or only later upon deployment?
>
> I have added th
sbassett closed this task as "Resolved".
TASK DETAIL
https://phabricator.wikimedia.org/T294693
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Urbanecm, sbassett
Cc: Zabe, gerritbot, Reedy, Mohammed_Sadat_WMDE, Rosalie_WMDE, Lea_
sbassett closed this task as "Resolved".
TASK DETAIL
https://phabricator.wikimedia.org/T297570
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Lucas_Werkmeister_WMDE, sbassett
Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan, Ro
sbassett added a parent task: Restricted Task.
TASK DETAIL
https://phabricator.wikimedia.org/T297570
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Lucas_Werkmeister_WMDE, sbassett
Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan
sbassett added a parent task: Restricted Task.
TASK DETAIL
https://phabricator.wikimedia.org/T296578
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Zabe, Rosalie_WMDE, Addshore, toan, sbassett, karapayneWMDE, Manuel,
Lydia_Pintscher
sbassett added a parent task: Restricted Task.
TASK DETAIL
https://phabricator.wikimedia.org/T294693
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Urbanecm, sbassett
Cc: Zabe, gerritbot, Reedy, Mohammed_Sadat_WMDE, Rosalie_WMDE, Lea_WMDE, dang
sbassett closed this task as "Resolved".
sbassett added a comment.
We're going to resolve this for now as {icon check-circle color=green} **low
risk** since none of the new security tooling added to the Github repo has
returned any medium+ risk actionable issues. One caveat
sbassett added a comment.
In T292110#7614949 <https://phabricator.wikimedia.org/T292110#7614949>,
@Michaelcochez wrote:
> @Reedy could you have a look at the current security policy
https://github.com/martaannaj/RecommenderServer/security/policy and if this is
fine cl
sbassett edited projects, added SecTeam-Processed; removed Security-Team.
sbassett added a comment.
@ItamarWMDE - re: security reviews, please see the current SOP at
https://www.mediawiki.org/wiki/Security/SOP/Application_Security_Reviews.
From what I'm seeing in the chang
sbassett added a project: SecTeam-Processed.
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett changed Risk Rating from N/A to Low.
TASK DE
sbassett removed a project: Security-Team.
TASK DETAIL
https://phabricator.wikimedia.org/T294151
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: Dsharpe, Lucas_Werkmeister_WMDE, Silvan_WMDE, Tarrow, sbassett, Aklapper,
Jdforrester-WMF
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
TASK DETAIL
https://phabricator.wikimedia.org/T302215
EMAIL PREFERENCES
https://
sbassett triaged this task as "Low" priority.
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett changed Risk Rating from N/A to Low
sbassett added a comment.
In T329121#8620995 <https://phabricator.wikimedia.org/T329121#8620995>,
@ItamarWMDE wrote:
> Unfortunately, it seems like we cannot do this as these headers were
requested by the WMF security team it seems. In addition, this might expose us
to some
sbassett moved this task from Incoming to In Progress on the Security-Team
board.
sbassett added a project: SecTeam-Processed.
TASK DETAIL
https://phabricator.wikimedia.org/T329121
WORKBOARD
https://phabricator.wikimedia.org/project/board/1179/
EMAIL PREFERENCES
https
sbassett added a comment.
In T329121#8636168 <https://phabricator.wikimedia.org/T329121#8636168>,
@Michael wrote:
> That being said, the query builder is just static files. It could
potentially just run on their page natively, maybe needs a few changes and a
bit of documenta
sbassett updated the task description.
TASK DETAIL
https://phabricator.wikimedia.org/T332953
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: bking, bd808, Ladsgroup, Krinkle, Legoktm, tstarling, Physikerwelt,
dcausse, Jdrewniak, taavi
sbassett added a comment.
In T332953#8769056 <https://phabricator.wikimedia.org/T332953#8769056>,
@thcipriani wrote:
> - Tricky part: recreate mediawiki-i18n-check, only run on changes from
l10nbot/localization (may/likely to require changes to GitLab client code, too)
T
sbassett triaged this task as "Low" priority.
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett changed Risk Rating from N/A to Low
sbassett added a comment.
In T308659#8036319 <https://phabricator.wikimedia.org/T308659#8036319>,
@MoritzMuehlenhoff wrote:
> This appeared in the CVE feed as
https://www.cve.org/CVERecord?id=CVE-2022-34750
Yes, I requested that ID a couple of days ago and forgot to update
sbassett moved this task from Watching to Our Part Is Done on the Security-Team
board.
sbassett added a comment.
In T308659#8037779 <https://phabricator.wikimedia.org/T308659#8037779>,
@Lucas_Werkmeister_WMDE wrote:
> I think we’re done here (but please reopen if the task sho
sbassett added a comment.
In T321318#8407900 <https://phabricator.wikimedia.org/T321318#8407900>,
@WMDE-leszek wrote:
> Good point @sbassett. For that reasons it was actually worked upon in the
open on Gerrit
Ok. Is there a change set we could reference here? Searching
sbassett changed Risk Rating from N/A to Low.
TASK DETAIL
https://phabricator.wikimedia.org/T321318
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: sbassett
Cc: sbassett, Jakob_WMDE, WMDE-leszek, Aklapper, Lucas_Werkmeister_WMDE,
Astuthiodit_1
sbassett removed a project: Patch-For-Review.
TASK DETAIL
https://phabricator.wikimedia.org/T323592
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Mstyles, sbassett
Cc: Mstyles, sbassett, Jdforrester-WMF, WMDE-leszek, Michael, Aklapper
sbassett added a comment.
In T340201#9213154 <https://phabricator.wikimedia.org/T340201#9213154>,
@Reedy wrote:
> I'm curious how we can track issues found by this...
>
> Just xref this task in the description?
We could subtask them under this task. Or sure,
sbassett added a comment.
Yes, it can be made public soon. We've been waiting on Mitre to get us the
CVEs for the next supplemental security release (T340874) (where this issue is
included) and we just got those at the end of last week. So the supplemental
security release should com
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
TASK DETAIL
https://phabricator.wikimedia.org/T352877
EMAIL PREFERENCES
https://
sbassett moved this task from Incoming to Watching on the Security-Team board.
sbassett added a project: SecTeam-Processed.
TASK DETAIL
https://phabricator.wikimedia.org/T352877
WORKBOARD
https://phabricator.wikimedia.org/project/board/1179/
EMAIL PREFERENCES
https
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett changed Risk Rating from N/A to Low.
TASK DETAIL
https://phabricator.wikimedi
sbassett removed a project: Patch-For-Review.
TASK DETAIL
https://phabricator.wikimedia.org/T357101
EMAIL PREFERENCES
https://phabricator.wikimedia.org/settings/panel/emailpreferences/
To: Lucas_Werkmeister_WMDE, sbassett
Cc: Lydia_Pintscher, gerritbot, jnuche, Mstyles, sbassett, mmartorana
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett changed Risk Rating from N/A to Low.
TASK DETAIL
https://phabricator.wikimedi
sbassett triaged this task as "Low" priority.
sbassett added a project: Tools.
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
sbassett ch
sbassett removed a project: Patch-For-Review.
sbassett changed the visibility from "Custom Policy" to "Public (No Login
Required)".
sbassett changed the edit policy from "Custom Policy" to "All Users".
TASK DETAIL
https://phabricator.wikimedi
sbassett added a comment.
In T356764#9701739 <https://phabricator.wikimedia.org/T356764#9701739>,
@Lucas_Werkmeister_WMDE wrote:
> I think we can make this task public now? As far as I understand, the
release happened and T353904 only remains open because the CVEs haven’t been
1 - 100 of 128 matches
Mail list logo