Wikimedia Security Team/Security Review Planning/2022-04-05
Minutes for the Security Team's Q4 2022 (April to June) quarterly planning session
Attending: MStyles, SBassett, MMartorana
Completed Reviews, Previous Quarter
- Abs Wiki Function Orchestrator (Mstyles) (https://phabricator.wikimedia.org/T289322#7621518)
- Developer Portal static site tools (Mstyles) (https://phabricator.wikimedia.org/T297167#7776403)
- Abs Wiki WikiLambda Extension (MMartorana) (https://phabricator.wikimedia.org/T289322#7623085)
- WikiSEO Extension (MMartorana) (https://phabricator.wikimedia.org/T295065#7825096)
- Abs Wiki Function Evaluator (SBassett) (https://phabricator.wikimedia.org/T289322#7684639)
- Wikipedia Birthday Buddies JS lib (SBassett) (https://phabricator.wikimedia.org/T297816#7621649)
- Re-review of IP Info (SBassett) (https://phabricator.wikimedia.org/T260822#7754242)
Reviews That Need Follow-Up This Quarter
- Trusted GitLab Runners (likely out of scope) (https://phabricator.wikimedia.org/T304514)
- OIT LDAP (verify takedown at end of quarter) (https://phabricator.wikimedia.org/T155537)
- Wikispeech (re-evaluation and re-prioritization) (https://phabricator.wikimedia.org/T180021)
Accepted Reviews To Complete This Quarter
- Wikistories extension (SBassett) (https://phabricator.wikimedia.org/T301389)
- Abs Wiki Function Schemata (SBassett) (https://phabricator.wikimedia.org/T302472)
- Codex component library (MMartorana)(https://phabricator.wikimedia.org/T302772)
- Image Suggestions Service (MMartorana) (https://phabricator.wikimedia.org/T304885)
- SimilarUsers extension (Mstyles) (https://phabricator.wikimedia.org/T304631)
- Campaigns Registration System (Mstyles) (https://phabricator.wikimedia.org/T290248)
Updates Made For Other Review Tasks
- Mailman3 (still a soft decline, vendor?) (https://phabricator.wikimedia.org/T289899#7403112)
- Design of Toolforge Kubernetes (officially declined, pentest of wmcs) (https://phabricator.wikimedia.org/T245205)