On Wed, Dec 11, 2013 at 2:38 PM, Tyler Romeo <[email protected]> wrote:
> I can definitely understand the reasoning behind this. Right now with both > Gadgets and common.js we are allowing non-reviewed code to be injected > directly into every page. While there is a bit of trust to be had > considering only administrators can edit those pages, it is still a > security risk, and an unnecessary one at that. > > I like the idea of having gadgets (and any JS code for that matter) going > through Gerrit for code review. The one issue is the question of where > would Gadget code go? Would each gadget have its own code repository? Maybe > we'd have just one repository for all gadgets as well as common.js > (something like operations/common.js)? I don't think sending wiki edits to > Gerrit is too feasible a solution, so if this were implemented it'd have to > be entirely Gerrit-based. > Could FlaggedRevs, perhaps with some modifications, be used to implement a review process? _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
