Wikimedia Security Team/AppSec Clinic Minutes/2024-12-02

Date: 2024-12-02

Dashboard: https://phabricator.wikimedia.org/portal/view/3/

Attending: SBassett_(WMF), MMartorana_(WMF), MStyles_(WMF), JLy-WMF, ACooper-WMF

Previous Tasks

edit
  1. MMartorana_(WMF)
    1. T380014 - Jimmy onboarding, still in progress
  2. MStyles_(WMF)
    1. T367677 - 3D upgrade, in progress
  3. SBassett_(WMF)
    1. T364776 - waiting, ping Ladsgroup
    2. T380322 - await more discussion
  4. JLy-WMF
  5. ACooper-WMF
    1. T380232 - FR-Tech CSP approval
  6. Reedy
    1. T373933 - Seems in-progress?
    2. T375537 - processed, Reedy to be working on it?
    3. T376563 - Publish public "Rules of Engagement" for security researchers and people reporting security vulnerabilities
    4. T379176 - moved to watching, assigned to Reedy

New Phabricator Tasks Reviewed

edit
  1. T380653 - Moved to AppSec reviews
  2. T381027 - Make public, eventually
  3. T381033 - Assinged to MMartorana_(WMF)
  4. T381190 - Untagged Security Team
  5. T381191 - Untagged Security Team, propose to make public
  6. T381197 - Rerouting to PE
  7. T381220 - Assigned to MStyles_(WMF), help review patch, add to supp