Security concerns when running tests with arbitrary code (from anyone since
labsconsole account registration opened...) from what I understand.
I have requested that I am added to the whitelist
here:https://gerrit.wikimedia.org/r/#/c/39712/2
Hoo also did so:https://gerrit.wikimedia.org/r/#/c/39711 (yay, merge conflicts)
I really think that everyone who has +2 on a WMF-deployed extension should be
on this whitelist. Hashar told me in #mediawiki that he thinks this as well.
Alex
On 19/12/12 10:34, Denny Vrandečić wrote:
Just curious -- I probably missed it in a previous mail -- why are the
tests switched off?
To preserve processing power?
To speed up tests for the whitelisted?
Security concerns when running tests with arbitrary code?
Other?
Cheers,
Denny
2012/12/19 Antoine Musso <[email protected]>
Hello,
As you surely have noticed, the unit tests for mediawiki/core are no
more run when a patch is submitted.
I have just enabled a feature that whitelist people to have unit tests
run for them on patch submission. The patch still need to be reviewed
and approved with a CR+2 though.
Basically any user with a @wikimedia.org or @wikimedia.de email address
is whitelisted by default. I have also added a few contractors using
their personal emails and several long term users.
The related change is:
https://gerrit.wikimedia.org/r/#/c/39310/
This is only enabled for mediawiki/core for now, I will look at applying
such a whitelist on extensions too in January.
There is no process to be added in the whitelist, I guess you could talk
about it on IRC. If there is no obvious veto there, you could probably
just amend layout.yaml in integration/zuul-config.git file and get it
approved :)
cheers,
--
Antoine "hashar" Musso
_______________________________________________
Wikitech-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
