Undefined #Security-General and #Security-Other
Open, LowPublic

Description

Security-General and Security-Other don't have any description and are undistinguishable.

Nemo_bis created this task.Aug 17 2015, 4:14 PM
Nemo_bis updated the task description. (Show Details)
Nemo_bis raised the priority of this task from to Needs Triage.
Nemo_bis added a subscriber: Nemo_bis.
Restricted Application added subscribers: scfc, Aklapper. · View Herald TranscriptAug 17 2015, 4:14 PM

We were using security-general for WMF / security in deployment issues, and
security-other for mediawiki issues that were not core or an extension.

But yes, those need to be defined and consistently used, or we can probably
get rid of one of its causing confusion.

I'm happy to batch-edit if someone decides™ what is wanted.

Sounds like they could be renamed to better reflect what they're intended for

Restricted Application added a subscriber: TerraCodes. · View Herald TranscriptJun 1 2016, 12:01 AM

I've used @csteipp's comment to attempt to clarify the project descriptions

Dzahn added a subscriber: Dzahn.Jun 1 2016, 12:07 AM

We were using security-general for WMF / security in deployment issues, and
security-other for mediawiki issues that were not core or an extension.

Almost sounds like this means "security-general" should be renamed to "security-deployment" and "security-other" is the real "security-general". But ..actually.. just merge them both into "security" per KISS.

@Dzahn, I believe that Chris meant "security in deployed software" when he said "security in deployment" issues.

Dzahn added a comment.Jun 1 2016, 12:30 AM

@dpatrick hm, ok, so "deployed with scap" is the difference? (as opposed to software that is deployed in other ways?)

In any case, please update the description of ALL #security-* projects to be distinguishable. Thanks.

@dpatrick hm, ok, so "deployed with scap" is the difference? (as opposed to software that is deployed in other ways?)

No, it just means software that is in production use on sites that we operate, as opposed to extensions which have been developed by the community but which we do not have deployed anywhere.

Dzahn added a comment.Jun 1 2016, 8:19 PM

Ah, thanks for that, that did clarify it more for me.

Ah. I'm afraid I brought up a very related question in T122624#2367743

Aklapper edited projects, added Project-Admins; removed Phabricator.Oct 7 2016, 5:01 PM
Aklapper triaged this task as Low priority.