Page MenuHomePhabricator
Create Task
Maniphest T148102

Security review of Quiz Extension
Closed, InvalidPublic
Actions

Description

https://www.mediawiki.org/wiki/Extension:Quiz

Related Objects
Search...

Event Timeline

greg created this task.Oct 13 2016, 10:26 PM
dpatrick subscribed.Oct 14 2016, 5:14 PM

Hey @greg, please update the description with the info requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review, in particularly, the target date for deployment. Thanks!

greg added a comment.Oct 14 2016, 5:32 PM
In T148102#2717347, @dpatrick wrote:

Hey @greg, please update the description with the info requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review, in particularly, the target date for deployment. Thanks!

ping @Toniher :)

dpatrick mentioned this in E341: Security Review: Quiz.Oct 14 2016, 6:15 PM
dpatrick moved this task from Incoming to Scheduled on the deprecated-security-team-reviews board.Oct 14 2016, 6:43 PM
Toniher added a comment.EditedOct 14 2016, 7:01 PM

Hey @greg, @dpatrick, I don't know what to tell you. I guess the sooner we can have it in ca.wikipedia.beta.wmflabs.org for testing the better :) Thanks!

dpatrick added a comment.Oct 14 2016, 9:04 PM
In T148102#2717836, @Toniher wrote:

Hey @greg, @dpatrick, I don't know what to tell you. I guess the sooner we can have it in ca.wikipedia.beta.wmflabs.org for testing the better :) Thanks!

@Toniher, please update the description of this ticket with the information requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review.

Legoktm added a comment.Oct 14 2016, 9:11 PM

Wait what? This extension is already deployed, why does it need another security review?

greg added a comment.Oct 14 2016, 9:13 PM

I blindly opened this after:

In T142692#2713788, @Krenair wrote:

It'll still need a security review before that can be done

Krenair closed this task as Invalid.Oct 14 2016, 9:23 PM

Which was based on a (wrong) understanding of:

In T142692#2545805, @greg wrote:
In T142692#2545072, @Legoktm wrote:

Errr, the Quiz extension is already deployed on Wikimedia sites, so this would just be a Wikimedia-Site-requests right?

Well, no :) Their request is to test it on Beta Cluster *first* and then enable in production *if* they like it:

would it be possible to install Quiz Extension in beta site for some testing?
If after some tries, the outcome is positive, would it be possible to install it later in cawiki?

@Toniher: please correct me if I am wrong.

So, this is not needed.

dpatrick added a comment.Oct 14 2016, 9:52 PM
In T148102#2718268, @Legoktm wrote:

Wait what? This extension is already deployed, why does it need another security review?

Thanks for noting that, @Legoktm. Do you know when it was last reviewed?

Legoktm added a comment.Oct 14 2016, 9:54 PM
In T148102#2718361, @dpatrick wrote:

Do you know when it was last reviewed?

{T99961} (still private)

dpatrick added a comment.EditedOct 14 2016, 9:59 PM
In T148102#2718366, @Legoktm wrote:
In T148102#2718361, @dpatrick wrote:

Do you know when it was last reviewed?

{T99961} (still private)

Ah, right. Thanks. We all reviewed it in fact (me, Brian, and Chris).

sbassett moved this task from Scheduled to Done on the deprecated-security-team-reviews board.Jul 9 2019, 8:26 PM
chasemp removed a project: deprecated-security-team-reviews.Jan 8 2020, 4:16 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL