Page MenuHomePhabricator

Create Phabricator Intake Form for Security Concept Reviews
Closed, ResolvedPublic

Description

I'd like to create a Phabricator intake form similar to the standard Security Review form for our new Concept Reviews. This is the format I'd like to propose (and which I've already used for T220043 and T220242). I'm not sure if it would make sense to reuse the aforementioned Security Review form and just change the title and description query params or create an entirely new form. I'll defer to the Phab admins on that decision.

Event Timeline

sbassett created this task.Apr 10 2019, 4:13 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 10 2019, 4:13 PM
sbassett triaged this task as Low priority.Apr 10 2019, 4:14 PM

So this should probably work for now:

https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?title=Security%20Concept%20Review%20For%20%7B...%7D&description=%23%23%23Project%20Information%20%0A*%20Name%20of%20project%3A%0A*%20Project%20home%20page%3A%0A*%20Name%20of%20team%20which%20owns%20the%20project%3A%0A*%20Primary%20contact%20for%20the%20project%3A%0A*%20Target%20date%20for%20deployment%3A%0A*%20Link%20to%20code%20repository%3A%0A*%20Is%20this%20a%20brand-new%20project%3A%20%0A*%20Has%20this%20project%20ever%20been%20reviewed%20before%3A%20(Phab%20tasks%2C%20etc.)%0A*%20Has%20any%20risk%20assessment%20(STRIDE%2C%20etc.)%20been%20performed%3A%0A*%20Is%20there%20an%20existing%20RFC%20or%20has%20this%20been%20presented%20to%20the%20community%3A%0A*%20Is%20this%20project%20tied%20to%20a%20team%20quarterly%20goal%3A%0A*%20Does%20this%20project%20require%20its%20own%20privacy%20policy%3A%0A%23%23%23Description%20of%20the%20project%20and%20how%20it%20will%20be%20used%0A%60%2F*%20please%20be%20verbose%20and%20feel%20free%20to%20link%2Fupload%20related%20documents%20*%2F%60%0A%0A%23%23%23Description%20of%20any%20sensitive%20data%20to%20be%20collected%20or%20exposed%0A%60%2F*%20PII%2C%20credit%20cards%2C%20UA%2FIP%2C%20credentials%2C%20etc.%20*%2F%60%0A%0A%23%23%23Technologies%20employed%0A%60%2F*%20please%20list%20all%20relevant%20languages%2C%20platforms%2C%20hardware%2C%20etc.%20*%2F%60%0A%0A%23%23%23Dependencies%20and%20vendor%20code%0A%60%2F*%20please%20list%20all%20known%20internal%20and%20external%20dependencies%2C%20including%20hosting%20providers%20*%2F%60%0A%0A%23%23%23Working%20test%20environment%0A%60%2F*%20this%20is%20NOT%20A%20HARD%20REQUIREMENT%20*%2F%60%0A%60%2F*%20a%20vagrant%20role%2C%20Dockerfile%2C%20install%20instructions%2C%20outside%20proof-of-concept%20or%20ETA%20on%20existence%20*%2F%60%0A%60%2F*%20n.b.%20the%20test%20environment%20will%20determine%20if%20the%20Phabricator%20task%20needs%20to%20be%20security-protected%20*%2F%60&projects=Security-Team-Reviews&subscribers=sbassett

sbassett closed this task as Resolved.Apr 11 2019, 7:18 PM