Page MenuHomePhabricator

Quick/short security review of Extension:Sentry
Closed, ResolvedPublic

Description

The extension's code will change a lot before deployment to production, so it might not be worth a full on review now, but given that Sentry is to deal with stack traces, I figured a quick look is warranted.

Related Objects

StatusSubtypeAssignedTask
DeclinedNone
ResolvedTgr
ResolvedGilles
OpenNone
DeclinedNone
DeclinedTgr
ResolvedTgr
ResolvedTgr
Resolvedcsteipp
ResolvedTgr
Resolvedjlinehan
ResolvedTgr
DeclinedTgr
DeclinedTgr
DeclinedTgr
ResolvedTgr
DeclinedTgr
ResolvedTgr
ResolvedTgr
ResolvedKrinkle
DeclinedNone
OpenNone
ResolvedTgr
DeclinedNone
OpenNone
InvalidNone
DeclinedTgr
ResolvedTgr
Resolvedjcrespo
ResolvedTgr

Event Timeline

greg assigned this task to csteipp.
greg raised the priority of this task from to Medium.
greg updated the task description. (Show Details)
greg added subscribers: Aklapper, Tgr, He7d3r and 7 others.

I talked through the privacy aspects with Tgr, and as long as access to the collection server is restricted to start, we should be ok on that.

raven.js doesn't look likely to harm us. @Tgr, who on multimedia is responsible for making sure that any security fixes in upstream will get deployed into our environment?

@Tgr, who on multimedia is responsible for making sure that any security fixes in upstream will get deployed into our environment?

I'll assume responsibility for that.

csteipp set Security to None.