Wikimedia Security Team/Security Review Scrum/2019-06-11
Date/time: June 11th, 2019 - 10:00 AM PST
Attending: Brian, Sam, Michal Anna, Scott, John
Updates:
Backlog
- Brian still performing code review, this is a tracking ticket for follow-ups for library/vendor code, not started - https://phabricator.wikimedia.org/T223307
- Exploring outsourced reviews for OIT things, rewrites, JB to follow up after new vendor budgets set stalled - https://phabricator.wikimedia.org/T155537, https://phabricator.wikimedia.org/T156960, https://phabricator.wikimedia.org/T148246, https://phabricator.wikimedia.org/T187846
- DoubleWiki, Brian to deploy as sec release, then push through gerrit, stalled - https://phabricator.wikimedia.org/T131199
Active
- Waiting on update from Yurik/Vega folks (upstream) to proceed stalled - https://phabricator.wikimedia.org/T222806
- Scott to verify risk Google sheet, comment on task about trusa risk ownership, close task in-progress - https://phabricator.wikimedia.org/T221719
- Leaving open for feedback, meeting w/ Subbu this week in-progress - https://phabricator.wikimedia.org/T221907
- Basic analysis performed, Scott to dig a little deeper then resolve, in-progress - https://phabricator.wikimedia.org/T219831
- Planet Wikimedia - assigned to Michal Anna, stalled - https://phabricator.wikimedia.org/T207246
- Wikisource ext, starting - https://phabricator.wikimedia.org/T217289
- FormWizard extension, Brian to write response, tag releng stalled - https://phabricator.wikimedia.org/T201492
Waiting
- Wikibase Termbox, completed for now, John to follow up with Raz re: risk ownership, in-progress - https://phabricator.wikimedia.org/T216419
- Labs db/sanitarium and maintain-views.yaml audits, in-progress - https://phabricator.wikimedia.org/T169097, https://phabricator.wikimedia.org/T103011
- Audiences user-testing concept review, stalled - https://phabricator.wikimedia.org/T220043
- Audiences growth team emails concept review, stalled - https://phabricator.wikimedia.org/T220242