Wikimedia Security Team/AppSec Clinic Minutes/2023-09-11

Date: 2023-09-11

Dashboard: https://phabricator.wikimedia.org/portal/view/3/

Attending: CLemoisson-WMF, MMartorana_(WMF), SBassett_(WMF)

  1. MMartorana_(WMF)
    1. T144097 - Requesting staff rights to prod-test, still testing locally.
    2. T336113 - Volunteer tagged for review.
    3. T343664 - WMF staff tagged for review.
  2. MStyles_(WMF)
    1. T335164 - Analysis work assigned to Maryum.
    2. T338238 - Set up AppSec CI includes for iPoid.
    3. T338611 - Waiting Releng to deploy.
    4. T344130 - To review, possibly write patch.
  3. SBassett_(WMF)
    1. T326871 - Waiting on AHT/Thalia response.
    2. T336310 - Try to get a steward to add Maryana's SUL to new group.
    3. T344359 - Attempt sec deploy today.

Sent to Privacy Engineering

No new tasks from the appsec clinic this week.

New Phabricator Tasks Reviewed

edit
  1. T345858 - Assigned to MMartorana_(WMF) for review.
  2. T345862 - Assigned to SBassett_(WMF) for review.
  3. T345910 - Marked invalid for now.
  4. T345928 - Triaged during clinic, pinged relevant mitigators.
  5. T345989 - Triaged during clinic, set to watching.
  6. T346055 - Triaged during clinic, never needed to be a security bug.