Wikimedia Security Team/AppSec Clinic Minutes/2023-10-10

Date: 2023-10-10

Dashboard: https://phabricator.wikimedia.org/portal/view/3/

Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF)

  1. MMartorana_(WMF)
    1. T144097 - Requesting staff rights to prod-test, advance next quarter.
    2. T336113 - Untag secteam, mark secteam-processed.
    3. T343664 - Untag secteam, mark secteam-processed.
    4. T345858 - Allow more comments, opinions on whether this is an issue.
  2. MStyles_(WMF)
    1. T338238 - Set up AppSec CI includes for iPoid.
    2. T338611 - Waiting Releng to deploy.
    3. T344130 - Waiting for CR on patch.
    4. T347302 - Follow up that problematic js was removed.
  3. SBassett_(WMF)
    1. T326871 - Waiting on AHT/Thalia response.
    2. T345862 - Follow up on a bit more.

Sent to Privacy Engineering

No new tasks from the appsec clinic this week.

New Phabricator Tasks Reviewed

edit
  1. T347914 - Assigned to SBassett_(WMF) for triage.
  2. T348061 - Assigned to MMartorana_(WMF) for triage.
  3. T348481 - Assigned to MStyles_(WMF) for triage.
  4. T331352 - MStyles_(WMF) to untag security-team.