Jump to content

Wikimedia Security Team/Security Review Planning/2023-01-04

From mediawiki.org

Minutes for the Security Team's Q3 2023 (January to March) quarterly planning session

Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF), CLemoisson-WMF

Completed Reviews, Previous Quarter

  1. Campaign Events Threat Model / API - MStyles_(WMF) - T309410#8283772
  2. SearchVue - MMartorana_(WMF) - T315250#8487006
  3. ext:Phonos - MMartorana_(WMF) - T314296#8420301
  4. QuickSurveys - MStyles_(WMF) - T320992#8457720
  5. d3js (sub components) - SBassett_(WMF) - T318854#8496915
  6. OIT LDAP decommission T155537#8479008
  7. Gitlab Runners - Vendor review completed and evaluated - MStyles_(WMF) - T304514

Reviews That Need Follow-Up This Quarter

  1. Soundlogo Wordpress - Done, awaiting requester feedback - SBassett_(WMF) - T317769#8487670
  2. Campaigns V2 - Allotting space for this, reached out to requester for details - SBassett_(WMF) - T322871#8499433
  3. RESTbase decomission - threat-modeling, to discuss and plan - SBassett_(WMF) - T325073
  4. Wikispeech - re-evaluate/decline - SBassett_(WMF) - T180021

Updates Made For Other Review Tasks

  1. Abstract Wikipedia - Language Review for ZObject spec, trying to complete this quarter - SBassett_(WMF) - T302472

Accepted Reviews To Complete This Quarter

  1. ext:OurWorldInData - SBassett_(WMF) - T324989
  2. Swagger UI vendor review - MStyles_(WMF) - T325558
  3. ext:RealMe - MMartorana_(WMF) - T324536
  4. Device analytics service - MStyles_(WMF) - T324710
  5. swaggest/json-diff - left over from last quarter - MMartorana_(WMF) - T316523
Retrieved from "https://www.mediawiki.org/w/index.php?title=Wikimedia_Security_Team/Security_Review_Planning/2023-01-04&oldid=5695626"