Security Review of On This Day Endpoint
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• Fjalapeno
	Dec 13 2016, 4:39 PM

Description

Project Information

Name of tool/project: Anniversaries Service
Project home page: https://www.mediawiki.org/wiki/Wikimedia_Apps/Team/RESTBase_services_for_apps
Name of team requesting review: #reading-infrastructure-team
Primary contact: @bearND
Target date for deployment: Feb 8, 2017
Link to code repository / patchset: https://gerrit.wikimedia.org/r/330820
Programming Language(s) Used: Node.js

Description of the tool/project

See Parent Task: T143408

Description of how the tool will be used at WMF

Will be used in the feed of the iOS and Android Apps (Likely used in other contexts as well)

Dependencies

RESTBase

Has this project been reviewed before?

Working test environment

https://www.mediawiki.org/wiki/Wikimedia_Apps/Team/RESTBase_services_for_apps#....2Ffeed.2Fonthisday.2F.7Btype.7D.2F.7Bmm.7D.2F.7Bdd.7D

Post-deployment

#reading-infrastructure-team

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		• bearND	T143408 Create endpoint for "Anniversaries"
		Resolved		Bawolff	T153088 Security Review of On This Day Endpoint

Event Timeline

• Fjalapeno created this task.Dec 13 2016, 4:39 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 13 2016, 4:39 PM

• Fjalapeno added a parent task: T143408: Create endpoint for "Anniversaries".Dec 13 2016, 4:41 PM

Hi. To clarify, is this written yet? Can you fill out the task with the info requested at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_reviews#Requesting_a_review ?

• bearND moved this task from Incoming to Backlog on the Mobile-Content-Service board.Dec 14 2016, 9:40 PM

This is not implemented yet. Will add more info when we start working on the 'On this Day' endpoint, see parent task.

• Fjalapeno renamed this task from Security Review of On This Day Endpoint to Security Review of Anniversaries Endpoint.Jan 31 2017, 4:31 PM

• Fjalapeno moved this task from Backlog to Kanban on the Mobile-Content-Service board.

• Fjalapeno edited projects, added Mobile-Content-Service (Kanban); removed Mobile-Content-Service.

• Fjalapeno moved this task from To Do to Blocked on the Mobile-Content-Service (Kanban) board.

• Fjalapeno added a project: Reading Epics (New Feed Content).

@Bawolff let me know if the description is sufficient now - thanks!

• bearND updated the task description. (Show Details)Feb 22 2017, 6:06 PM

The endpoint has been deployed. There are some follow-up patches in the repo for this new set of endpoints.

• dpatrick mentioned this in E502: Security review of Anniversaries Endpoint.Feb 22 2017, 6:56 PM

• dpatrick moved this task from Incoming to Scheduled on the deprecated-security-team-reviews board.Feb 22 2017, 6:58 PM

Bawolff moved this task from Scheduled to In Progress on the deprecated-security-team-reviews board.Feb 28 2017, 9:33 PM

• Fjalapeno renamed this task from Security Review of Anniversaries Endpoint to Security Review of On This Day Endpoint.Mar 1 2017, 6:05 PM

Security review passed. Everything looks good. (For reference, I looked at c9241268d38d)

@Bawolff awesome, thanks!

Thank you!

sbassett moved this task from Waiting to Done on the deprecated-security-team-reviews board.Jul 9 2019, 8:22 PM

• chasemp removed a project: deprecated-security-team-reviews.Jan 8 2020, 4:12 PM

• chasemp added a project: Application Security Reviews.Jan 8 2020, 4:39 PM

• chasemp moved this task from Incoming to Our Part Is Done on the Application Security Reviews board.Jan 8 2020, 4:43 PM

• chasemp added a project: secscrum.Mar 10 2020, 8:11 PM

• chasemp moved this task from Incoming to Our Part Is Done on the secscrum board.Mar 10 2020, 8:19 PM

Security Review of On This Day EndpointClosed, ResolvedPublicActions