Page MenuHomePhabricator

Security readiness review for the MachineVision extension
Open, NormalPublic

Description

Project Information

Description of the project and how it will be used

This is a project to support the incorporation of machine vision (MV) generated metadata into Foundation products. Specifically, the project will support:

  • Requesting MV-generated image metadata from machine vision providers (internal and/or external) and storing results
  • Serving MV data to Commons users for verification and promotion to Structured Data on Commons

For full discussion, see the project page at https://www.mediawiki.org/wiki/Wikimedia_Product/Machine_vision_middleware.

Description of any sensitive data to be collected or exposed

None

Technologies employed

MediaWiki, Wikibase, PHP, MySQL

Dependencies and vendor code

Working test environment

Post-Deployment

The extension will be maintained primarily by Product Infrastructure, with secondary support from the Structured Data team, particularly for Wikibase and frontend JS issues.

Event Timeline

Mholloway created this task.Jul 5 2019, 4:40 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 5 2019, 4:40 PM
Mholloway renamed this task from Request a security review for the machine vision middleware to Request a security readiness review for the machine vision middleware.Jul 5 2019, 5:16 PM
Mholloway renamed this task from Request a security readiness review for the machine vision middleware to Security readiness review for the MachineVision extension.Aug 20 2019, 3:11 PM
Mholloway updated the task description. (Show Details)
Mholloway updated the task description. (Show Details)Sep 10 2019, 1:00 AM
Mholloway updated the task description. (Show Details)
Mholloway updated the task description. (Show Details)Sep 10 2019, 1:05 AM
Mholloway updated the task description. (Show Details)
Mholloway moved this task from Backlog to Tracking on the Machine vision board.
Mholloway updated the task description. (Show Details)Sep 10 2019, 4:58 AM
Jcross added a subscriber: Jcross.Sep 10 2019, 5:17 PM

Hi @Mholloway -

The team has taken a look at this feels we can provide a basic review by your target deployment date, but that a more in-depth look may need to happen post-launch. We hope that this will work for you and your team - please let us know if you have any questions or concerns and we'll be in touch as we move forward.

Cheers! Jennifer

Hi @Jcross, thanks for the heads-up. That sounds OK to me, but I've started a convo on the parent ticket to confirm that'll suffice for production deployment.

sbassett triaged this task as Normal priority.Sep 17 2019, 4:53 PM
sbassett claimed this task.Thu, Oct 10, 9:40 PM
sbassett moved this task from Backlog to In Progress on the Security-Team-Reviews board.
sbassett added a project: Restricted Project.
sbassett moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Tue, Oct 15, 4:21 PM