Page MenuHomePhabricator

Create Phabricator Intake Form for Security Concept Reviews
Closed, ResolvedPublic

Description

I'd like to create a Phabricator intake form similar to the standard Security Review form for our new Concept Reviews. This is the format I'd like to propose (and which I've already used for T220043 and T220242). I'm not sure if it would make sense to reuse the aforementioned Security Review form and just change the title and description query params or create an entirely new form. I'll defer to the Phab admins on that decision.

Event Timeline

So this should probably work for now:

https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?title=Security%20Concept%20Review%20For%20%7B...%7D&description=%23%23%23Project%20Information%20%0A*%20Name%20of%20project%3A%0A*%20Project%20home%20page%3A%0A*%20Name%20of%20team%20which%20owns%20the%20project%3A%0A*%20Primary%20contact%20for%20the%20project%3A%0A*%20Target%20date%20for%20deployment%3A%0A*%20Link%20to%20code%20repository%3A%0A*%20Is%20this%20a%20brand-new%20project%3A%20%0A*%20Has%20this%20project%20ever%20been%20reviewed%20before%3A%20(Phab%20tasks%2C%20etc.)%0A*%20Has%20any%20risk%20assessment%20(STRIDE%2C%20etc.)%20been%20performed%3A%0A*%20Is%20there%20an%20existing%20RFC%20or%20has%20this%20been%20presented%20to%20the%20community%3A%0A*%20Is%20this%20project%20tied%20to%20a%20team%20quarterly%20goal%3A%0A*%20Does%20this%20project%20require%20its%20own%20privacy%20policy%3A%0A%23%23%23Description%20of%20the%20project%20and%20how%20it%20will%20be%20used%0A%60%2F*%20please%20be%20verbose%20and%20feel%20free%20to%20link%2Fupload%20related%20documents%20*%2F%60%0A%0A%23%23%23Description%20of%20any%20sensitive%20data%20to%20be%20collected%20or%20exposed%0A%60%2F*%20PII%2C%20credit%20cards%2C%20UA%2FIP%2C%20credentials%2C%20etc.%20*%2F%60%0A%0A%23%23%23Technologies%20employed%0A%60%2F*%20please%20list%20all%20relevant%20languages%2C%20platforms%2C%20hardware%2C%20etc.%20*%2F%60%0A%0A%23%23%23Dependencies%20and%20vendor%20code%0A%60%2F*%20please%20list%20all%20known%20internal%20and%20external%20dependencies%2C%20including%20hosting%20providers%20*%2F%60%0A%0A%23%23%23Working%20test%20environment%0A%60%2F*%20this%20is%20NOT%20A%20HARD%20REQUIREMENT%20*%2F%60%0A%60%2F*%20a%20vagrant%20role%2C%20Dockerfile%2C%20install%20instructions%2C%20outside%20proof-of-concept%20or%20ETA%20on%20existence%20*%2F%60%0A%60%2F*%20n.b.%20the%20test%20environment%20will%20determine%20if%20the%20Phabricator%20task%20needs%20to%20be%20security-protected%20*%2F%60&projects=Security-Team-Reviews&subscribers=sbassett