Page MenuHomePhabricator

Jcross (Jennifer Cross)
Project Manager

Projects (7)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Jul 1 2019, 6:26 PM (156 w, 3 d)
Availability
Available
IRC Nick
jencross
LDAP User
Unknown
MediaWiki User
JCross (WMF) [ Global Accounts ]

Recent Activity

Nov 23 2021

Jcross added a comment to T295790: Add Manfredi Martorana to deployment and analytics-privatedata-users groups.

@Jelto You have my approval as Manfredi's manager.

Nov 23 2021, 8:12 AM · SRE-Access-Requests, SRE, SecTeam-Processed, Security-Team

Nov 3 2021

Jcross added a comment to T294970: Requesting access to restricted for htriedman.

@RLazarus You have my approval

Nov 3 2021, 8:37 PM · SRE, SRE-Access-Requests

Jul 28 2021

Jcross closed T287607: Jen testing things as Resolved.
Jul 28 2021, 5:55 PM · Trash
Jcross set Final Story Points to 6 on T287607: Jen testing things.
Jul 28 2021, 5:20 PM · Trash
Jcross shifted T287607: Jen testing things from the Restricted Space space to the S1 Public space.
Jul 28 2021, 5:20 PM · Trash
Jcross updated the task description for T287607: Jen testing things.
Jul 28 2021, 5:18 PM · Trash
Jcross changed the visibility for T287607: Jen testing things.
Jul 28 2021, 5:18 PM · Trash
Jcross shifted T287607: Jen testing things from the S1 Public space to the Restricted Space space.
Jul 28 2021, 5:18 PM · Trash
Jcross created T287607: Jen testing things.
Jul 28 2021, 5:17 PM · Trash

Jun 11 2021

Jcross edited projects for T284833: Vendor Review For Tray.io, added: Security-Team; removed secscrum, Application Security Reviews.

Assigning to @Dsharpe and moving to Security Team incoming for triage and review.

Jun 11 2021, 6:30 PM · SecTeam-Processed, Security Supplier Assessments, Security-Team, Security
Jcross reassigned T284833: Vendor Review For Tray.io from Jcross to Dsharpe.
Jun 11 2021, 6:28 PM · SecTeam-Processed, Security Supplier Assessments, Security-Team, Security

May 17 2021

Jcross closed T247327: Combine RFS forms for Security Readiness Review and other RFS as Declined.

After reviewing the initial intent of this ticket, I believe that this plan no longer fits in with the direction we are taking with our overall intake process.

May 17 2021, 8:49 PM · Security-Team, Application Security Reviews
Jcross added a comment to T247327: Combine RFS forms for Security Readiness Review and other RFS.

@Aklapper that's an intentionally vague reference to various improvements we need to make as a team both in and out of phab.

May 17 2021, 8:25 PM · Security-Team, Application Security Reviews

May 4 2021

Jcross moved T281627: Security Readiness Review For Datatables from Incoming to Back Orders on the secscrum board.
May 4 2021, 3:57 PM · Security, Application Security Reviews, secscrum
Jcross added a comment to T281627: Security Readiness Review For Datatables.

Hi @Urbanecm_WMF - can you please let us know what your target deployment date is? It will help us to resource this appropriately. Please know that next quarter (Q1) would be the soonest we'd be able to get you in queue for review. Thank you!

May 4 2021, 3:57 PM · Security, Application Security Reviews, secscrum

Apr 21 2021

Jcross added a comment to T244076: Security Readiness Review For ChessBrowser extension.

Thanks, @ori . These assumptions sound correct to us and make a beta deployment for this extension low risk. While the Security Team is not in the business of giving thumbs up/thumbs down approvals, low risk is automatically accepted by the Foundation thus unblocking beta deployment. I hope this is helpful and helps you to move forward with the project.

Apr 21 2021, 5:49 PM · secscrum, Application Security Reviews, Community-Tech, ChessBrowser

Apr 20 2021

Jcross moved T274875: Security Readiness Review For mapbox-gl-leaflet from Q1:2021 Review Queue to Upcoming Quarter Planning Queue on the secscrum board.
Apr 20 2021, 4:03 PM · secscrum, Application Security Reviews, Security, Product-Infrastructure-Team-Backlog
Jcross moved T274356: Security Readiness Review For maplibre-gl-js from Q1:2021 Review Queue to Upcoming Quarter Planning Queue on the secscrum board.
Apr 20 2021, 4:03 PM · Product-Infrastructure-Team-Backlog, secscrum, Security, Application Security Reviews
Jcross moved T280644: Security Readiness Review For mapbox-gl-rtl-text from Incoming to Q1:2021 Review Queue on the secscrum board.
Apr 20 2021, 4:03 PM · Maps (Kartographer), Product-Infrastructure-Team-Backlog, Security, Application Security Reviews
Jcross moved T257734: Security Readiness Review For Vue version 3 from Q1:2021 Review Queue to Back Orders on the secscrum board.
Apr 20 2021, 3:58 PM · Codex, user-sbassett, secscrum, Deprecated-Design-Systems-team-board (Design Systems Team Radar), Application Security Reviews, Security

Apr 19 2021

Jcross changed the status of T247327: Combine RFS forms for Security Readiness Review and other RFS from Open to Stalled.

This won't be revisited until related upstream workflows are addressed.

Apr 19 2021, 9:32 PM · Security-Team, Application Security Reviews
Jcross added a comment to T275891: What's the purpose of "Security Awareness" Project?.

@sbassett we have a pile of these without tasks, boards, or members. We're aware and incorporating into workflow changes / development. Expect a team review of it all...eventually.

Apr 19 2021, 7:55 PM · Security-Team, Security Awareness
Jcross closed T275454: Security review/input for Wordpress site for messaging as Resolved.
Apr 19 2021, 7:47 PM · RFS, Security-Team

Apr 15 2021

Jcross added a comment to T244076: Security Readiness Review For ChessBrowser extension.

Thank you for doing this work, we appreciate your efforts in trying to get this extension to production. Unfortunately, the Security team is unable to assign a risk rating based upon a review not performed by a member of the Security team or an approved vendor.

Apr 15 2021, 3:34 PM · secscrum, Application Security Reviews, Community-Tech, ChessBrowser

Apr 14 2021

Jcross added a member for Security Supplier Assessments: Dsharpe.
Apr 14 2021, 7:54 PM
Jcross edited projects for T280045: Security Readiness Review For Diff Calendar, added: Security Supplier Assessments; removed secscrum, Application Security Reviews.

Sending over to @Dsharpe as a supplier assessment. David, please let me know if we should send these your way via some other workflow?

Apr 14 2021, 7:39 PM · SecTeam-Processed, Security Supplier Assessments, Security-Team, Security
Jcross added a comment to T257734: Security Readiness Review For Vue version 3.

@Volker_E @Jdlrobson Please respond to our previous message by April 20 or we will need to move this to our backlog. Thanks!

Apr 14 2021, 4:59 PM · Codex, user-sbassett, secscrum, Deprecated-Design-Systems-team-board (Design Systems Team Radar), Application Security Reviews, Security

Apr 13 2021

Jcross assigned T180021: Security review for extension Wikispeech to Reedy.
Apr 13 2021, 5:23 PM · Technical-Debt, secscrum, Wikispeech-Jobrunner (Sprint), User-Sebastian_Berlin-WMSE, User-kalle, User-LokalProfil, Wikispeech-Text-to-Speech, Wikispeech-WMSE

Apr 8 2021

Jcross added a comment to T244076: Security Readiness Review For ChessBrowser extension.

@ori We will discuss at our next AppSec scrum and provide an update next week. Thanks!

Apr 8 2021, 6:38 PM · secscrum, Application Security Reviews, Community-Tech, ChessBrowser
Jcross removed projects from T211489: Security review of bjeavons/zxcvbn-php: secscrum, Application Security Reviews.
Apr 8 2021, 6:37 PM · secscrum, Application Security Reviews, MediaWiki-Vendor, MediaWiki-User-login-and-signup
Jcross removed projects from T258306: Security Readiness Review For Suggestor: secscrum, Application Security Reviews.
Apr 8 2021, 6:37 PM · secscrum, Application Security Reviews, Tor, Suggestor, Security
Jcross removed projects from T275402: Security Readiness Review For UseResource: Application Security Reviews, secscrum.
Apr 8 2021, 6:36 PM · secscrum, Application Security Reviews, MediaWiki-extensions-UseResource, Security
Jcross removed projects from T269517: Security Readiness Review For WatchSubpages: secscrum, Application Security Reviews.
Apr 8 2021, 6:33 PM · Application Security Reviews, secscrum, MediaWiki-extensions-WatchSubpages

Apr 6 2021

Jcross moved T273020: Security Readiness Review For Toolhub from Q1:2021 Review Queue to Upcoming Quarter Planning Queue on the secscrum board.
Apr 6 2021, 3:52 PM · user-sbassett, Toolhub, Security, secscrum, Application Security Reviews
Jcross moved T269291: Security Readiness Review For Extension:NearbyPages from Waiting to Upcoming Quarter Planning Queue on the secscrum board.
Apr 6 2021, 3:51 PM · Security, secscrum, Application Security Reviews, NearbyPages
Jcross moved T260914: Security Readiness Review For Wikipedia Preview from Q1:2021 Review Queue to Upcoming Quarter Planning Queue on the secscrum board.
Apr 6 2021, 3:51 PM · Wikipedia-Preview, secscrum, Inuka-Team, Security, Application Security Reviews
Jcross moved T260914: Security Readiness Review For Wikipedia Preview from Upcoming Quarter Planning Queue to Q1:2021 Review Queue on the secscrum board.
Apr 6 2021, 3:47 PM · Wikipedia-Preview, secscrum, Inuka-Team, Security, Application Security Reviews
Jcross added a comment to T269291: Security Readiness Review For Extension:NearbyPages.

Apologies for the lack of updates @Jdlrobson - we do have a vendor lined up to complete this and will be in touch as they move forward. Thank you for your patience.

Apr 6 2021, 3:28 PM · Security, secscrum, Application Security Reviews, NearbyPages

Mar 2 2021

Jcross moved T275751: Security review of backbone.js and underscore.js library updates from Incoming to Back Orders on the secscrum board.
Mar 2 2021, 5:02 PM · Security-Team, SecTeam-Processed, Growth-Team-Filtering, Application Security Reviews, secscrum, PageCuration, Growth-Team, Security Team AppSec, Security

Mar 1 2021

Jcross added a comment to T269517: Security Readiness Review For WatchSubpages.

Hi, just a quick reminder that, as mentioned above, we will be unable to prioritize and schedule a security review until we've received an intended production support plan, including any potential Foundation team sponsorship. Please review our SOP for details: https://www.mediawiki.org/wiki/Security/SOP/Security_Readiness_Reviews

Mar 1 2021, 6:33 PM · Application Security Reviews, secscrum, MediaWiki-extensions-WatchSubpages
Jcross added a comment to T275454: Security review/input for Wordpress site for messaging.

Hi @SLien_WMF - we'd love to schedule a quick chat to clarify. Could you please email me and let me know who would attend, and I will get something scheduled? Thanks!

Mar 1 2021, 6:15 PM · RFS, Security-Team

Feb 19 2021

Jcross added a comment to T266510: Security Readiness Review For Diff Blog oAuth plugin.

@CKoerner_WMF Looks like we are all set for now and @Reedy expects to finish next week. Have a great weekend :)

Feb 19 2021, 5:14 PM · Diff-blog, secscrum, Security, Application Security Reviews

Feb 18 2021

Jcross added a watcher for Security-Team-Services: Jcross.
Feb 18 2021, 4:20 PM

Feb 11 2021

Jcross moved T274356: Security Readiness Review For maplibre-gl-js from Incoming to Back Orders on the secscrum board.
Feb 11 2021, 4:39 PM · Product-Infrastructure-Team-Backlog, secscrum, Security, Application Security Reviews

Feb 10 2021

Jcross added a comment to T269007: Security Readiness Review For Citoid VE Mobile ISBN Barcode Scanner.

Hi @MBinder_WMF - I noted that we still had it marked "Needs Triage" and wanted to correct that error. Adjust priority as needed. There is discussion happening around the remaining question and it was raised again just yesterday. We'll pursue resolution for you as soon as possible and apologize for the delay.

Feb 10 2021, 6:11 PM · secscrum, Editing-team (FY2021-22 Kanban Board), Security, Application Security Reviews

Feb 9 2021

Jcross triaged T269007: Security Readiness Review For Citoid VE Mobile ISBN Barcode Scanner as Medium priority.
Feb 9 2021, 9:21 PM · secscrum, Editing-team (FY2021-22 Kanban Board), Security, Application Security Reviews
Jcross moved T266510: Security Readiness Review For Diff Blog oAuth plugin from Q1:2021 Review Queue to In Progress on the secscrum board.
Feb 9 2021, 5:12 PM · Diff-blog, secscrum, Security, Application Security Reviews
Jcross removed projects from T241451: Security Review For SpamRegex extension: secscrum, Application Security Reviews.

We are untagging as there is currently no path to production that we are aware of. Should this change, please feel free to tag us back in and we will triage.

Feb 9 2021, 5:08 PM · SpamRegex, User-DannyS712
Jcross removed projects from T244076: Security Readiness Review For ChessBrowser extension: secscrum, Application Security Reviews.

We are untagging as there is currently no path to production that we are aware of. Should this change, please feel free to tag us back in and we will triage.

Feb 9 2021, 5:08 PM · secscrum, Application Security Reviews, Community-Tech, ChessBrowser
Jcross removed projects from T180021: Security review for extension Wikispeech: Application Security Reviews, Security, secscrum.

We are untagging as there is currently no path to production that we are aware of. Should this change, please feel free to tag us back in and we will triage.

Feb 9 2021, 5:07 PM · Technical-Debt, secscrum, Wikispeech-Jobrunner (Sprint), User-Sebastian_Berlin-WMSE, User-kalle, User-LokalProfil, Wikispeech-Text-to-Speech, Wikispeech-WMSE
Jcross removed projects from T269517: Security Readiness Review For WatchSubpages: secscrum, Security, Application Security Reviews.

Untagging as there has been no activity. Please feel free to re-tag if this moves forward and we will be happy to triage.

Feb 9 2021, 4:59 PM · Application Security Reviews, secscrum, MediaWiki-extensions-WatchSubpages
Jcross edited projects for T261248: Security review request for IRCCloud, added: Security; removed Application Security Reviews, secscrum.

Sending to @Dsharpe for vendor assessment

Feb 9 2021, 4:55 PM · WMF-General-or-Unknown, Security
Jcross removed projects from T258306: Security Readiness Review For Suggestor: Application Security Reviews, secscrum.

Untagging as there has been no activity. Please feel free to re-tag if this moves forward and we will be happy to triage.

Feb 9 2021, 4:54 PM · secscrum, Application Security Reviews, Tor, Suggestor, Security
Jcross moved T207246: Do a security audit of *.planet.wikimedia.org from Back Orders to Upcoming Quarter Planning Queue on the secscrum board.
Feb 9 2021, 4:39 PM · secscrum, Application Security Reviews

Feb 8 2021

Jcross moved T260914: Security Readiness Review For Wikipedia Preview from Back Orders to Upcoming Quarter Planning Queue on the secscrum board.
Feb 8 2021, 4:53 PM · Wikipedia-Preview, secscrum, Inuka-Team, Security, Application Security Reviews
Jcross added a comment to T260914: Security Readiness Review For Wikipedia Preview.

@SBisson @sbassett I'll place in planning queue for Q4 (https://phabricator.wikimedia.org/tag/secscrum/) and we'll be in touch if anything changes / is of concern. Thanks!

Feb 8 2021, 4:52 PM · Wikipedia-Preview, secscrum, Inuka-Team, Security, Application Security Reviews

Feb 5 2021

Jcross added a comment to T257734: Security Readiness Review For Vue version 3.
Feb 5 2021, 5:48 PM · Codex, user-sbassett, secscrum, Deprecated-Design-Systems-team-board (Design Systems Team Radar), Application Security Reviews, Security
Jcross added a comment to T273020: Security Readiness Review For Toolhub.

@bd808 we have placed you in queue for next quarter, with work expected to begin in May for a late June launch date. Please note that all relevant code should be in a production-ready state (close to deployment with low volatility) to maintain this estimated timeline per our SOP: https://www.mediawiki.org/wiki/Security/SOP/Security_Readiness_Reviews

Feb 5 2021, 5:46 PM · user-sbassett, Toolhub, Security, secscrum, Application Security Reviews

Feb 2 2021

Jcross triaged T273020: Security Readiness Review For Toolhub as Medium priority.
Feb 2 2021, 4:57 PM · user-sbassett, Toolhub, Security, secscrum, Application Security Reviews
Jcross moved T257734: Security Readiness Review For Vue version 3 from Back Orders to Upcoming Quarter Planning Queue on the secscrum board.
Feb 2 2021, 4:56 PM · Codex, user-sbassett, secscrum, Deprecated-Design-Systems-team-board (Design Systems Team Radar), Application Security Reviews, Security
Jcross moved T273020: Security Readiness Review For Toolhub from Incoming to Upcoming Quarter Planning Queue on the secscrum board.
Feb 2 2021, 4:56 PM · user-sbassett, Toolhub, Security, secscrum, Application Security Reviews

Feb 1 2021

Jcross lowered the priority of T247327: Combine RFS forms for Security Readiness Review and other RFS from Low to Lowest.
Feb 1 2021, 8:55 PM · Security-Team, Application Security Reviews
Jcross added a comment to T273020: Security Readiness Review For Toolhub.

Hi @bd808 - thank you for submitting this early! We will review in our call tomorrow and be in touch with any questions or concerns we have about getting you in queue.

Feb 1 2021, 8:54 PM · user-sbassett, Toolhub, Security, secscrum, Application Security Reviews

Jan 25 2021

Jcross assigned T269291: Security Readiness Review For Extension:NearbyPages to Reedy.
Jan 25 2021, 7:24 PM · Security, secscrum, Application Security Reviews, NearbyPages
Jcross assigned T266513: Security Readiness Review For the MediaSearch extension to sbassett.
Jan 25 2021, 7:23 PM · Patch-For-Review, user-sbassett, Security, secscrum, Application Security Reviews

Jan 22 2021

Jcross assigned T266510: Security Readiness Review For Diff Blog oAuth plugin to Reedy.
Jan 22 2021, 11:05 PM · Diff-blog, secscrum, Security, Application Security Reviews

Jan 21 2021

Jcross updated subscribers of T266513: Security Readiness Review For the MediaSearch extension.

Hi @AnneT -as we mentioned in our call, we're revamping our scheduling process a bit to provide more clarity and transparency around our workload management and prioritization process. You'll see that we've placed you into queue for this quarter: https://phabricator.wikimedia.org/tag/secscrum/ and @sbassett or @Reedy will be in touch with any questions or concerns. Thanks for your patience, and please feel free to reach out at any time!

Jan 21 2021, 9:51 PM · Patch-For-Review, user-sbassett, Security, secscrum, Application Security Reviews

Jan 14 2021

Jcross moved T266513: Security Readiness Review For the MediaSearch extension from Back Orders to Q1:2021 Review Queue on the secscrum board.
Jan 14 2021, 7:45 PM · Patch-For-Review, user-sbassett, Security, secscrum, Application Security Reviews

Jan 5 2021

Jcross added a comment to T266513: Security Readiness Review For the MediaSearch extension.

Hi @AnneT - we're in the process of finalizing our queue for Q3 and we're wondering if you can let us know how close this is to production ready/what your timeline is? Thank you!

Jan 5 2021, 8:15 PM · Patch-For-Review, user-sbassett, Security, secscrum, Application Security Reviews
Jcross updated subscribers of T269291: Security Readiness Review For Extension:NearbyPages.

Hi @Jdlrobson - we're revamping our scheduling process a bit to provide more clarity and transparency around our workload management and prioritization process. You'll see that we've placed you into queue for this quarter, and will do our best to meet your target deployment date: https://phabricator.wikimedia.org/tag/secscrum/ and @sbassett or @Reedy will be in touch with any questions or concerns. Thanks for your patience as we work through this, and please feel free to reach out at any time!

Jan 5 2021, 8:11 PM · Security, secscrum, Application Security Reviews, NearbyPages

Jan 4 2021

Jcross updated subscribers of T266510: Security Readiness Review For Diff Blog oAuth plugin.

Hi @CKoerner_WMF - we're revamping our scheduling process a bit to provide more clarity and transparency around our workload management and prioritization process. You'll see that we've placed you into queue for this quarter: https://phabricator.wikimedia.org/tag/secscrum/ and @sbassett or @Reedy will be in touch with any questions or concerns. Thanks for your patience as we work through this, and please feel free to reach out at any time!

Jan 4 2021, 6:46 PM · Diff-blog, secscrum, Security, Application Security Reviews
Jcross moved T269291: Security Readiness Review For Extension:NearbyPages from Back Orders to Q1:2021 Review Queue on the secscrum board.
Jan 4 2021, 5:25 PM · Security, secscrum, Application Security Reviews, NearbyPages
Jcross moved T266510: Security Readiness Review For Diff Blog oAuth plugin from Back Orders to Q1:2021 Review Queue on the secscrum board.
Jan 4 2021, 5:12 PM · Diff-blog, secscrum, Security, Application Security Reviews

Nov 25 2020

Jcross added a comment to T260466: Security Readiness Review For GlobalWatchlist extension.

@DannyS712 I've just spoken with @Reedy and at this point "by the end of the quarter" is what we are in a position to commit to. We appreciate that the grant was scheduled for the end of November, but I'm afraid we are still limited by pandemic resourcing, such as it is.

Nov 25 2020, 5:56 PM · MediaWiki-extensions-GlobalWatchlist, secscrum, Security, User-DannyS712, Application Security Reviews

Nov 16 2020

Jcross closed T267590: Phab email account verification not received as Resolved.
Nov 16 2020, 5:09 PM · Mail, Phabricator
Jcross added a comment to T267590: Phab email account verification not received.

@Aklapper what magic did you work? I just got 5 verification emails :)

Nov 16 2020, 5:08 PM · Mail, Phabricator
Jcross added a comment to T267590: Phab email account verification not received.

Thanks so much for working on this. When you get to step #5 above - where you receive an email to the new address? I never get that email.

Nov 16 2020, 4:36 PM · Mail, Phabricator

Nov 10 2020

Jcross added a comment to T216775: Add ability to cite books by scanning their ISBN barcode in mobile web.

@JTannerWMF - we've taken a look and would appreciate it if you would fill out the Security Readiness Review form. Thanks!

Nov 10 2020, 7:50 PM · Editing-team, Editing Design, User-notice, Patch-For-Review, VisualEditor, VisualEditor-MediaWiki-Mobile, Citoid

Nov 9 2020

Jcross added a comment to T267590: Phab email account verification not received.

@Aklapper I am seeing both -ctr as primary and jcross as added but needing verification. I've clicked "verify" several times over several days and never received anything.

Nov 9 2020, 9:29 PM · Mail, Phabricator
Jcross created T267590: Phab email account verification not received.
Nov 9 2020, 7:49 PM · Mail, Phabricator

Nov 4 2020

Jcross updated subscribers of T257579: Security Readiness Review For WVUI and Vector dependencies needed for Vue.js search.

Hi @nnikkhoui - we were told that you are the new contact for both this ticket and https://phabricator.wikimedia.org/T257734. We're wondering if there are any changes we need to know about and whether you have a new deployment timeline? Thanks so much.

Nov 4 2020, 8:28 PM · Application Security Reviews, WVUI, Readers-Web-Backlog (Kanbanana-FY-2020-21), user-sbassett, secscrum, Security, Design-Systems-team-20200324-20220422 (Vue.js Search Experience (Vector modern))
Jcross added a comment to T266510: Security Readiness Review For Diff Blog oAuth plugin.

Hi @CKoerner_WMF - we just wanted to touch base as this is noted as a November target deployment date. With all of the holidays this month and a somewhat reduced capacity, we are looking to complete this towards the end of the month. We hope that works for your timeline?

Nov 4 2020, 5:20 PM · Diff-blog, secscrum, Security, Application Security Reviews
Jcross added a comment to T260466: Security Readiness Review For GlobalWatchlist extension.

HI @MusikAnimal - we've had a few bumps in the road recently and we do plan to complete it this quarter. We'll be in touch with any questions or concerns and we apologize for the delay.

Nov 4 2020, 5:15 PM · MediaWiki-extensions-GlobalWatchlist, secscrum, Security, User-DannyS712, Application Security Reviews

Oct 28 2020

Jcross added a comment to T262963: Security Readiness Review For geoip2/geoip2.

Hi @Tchanders - we've moved this ticket to In Progress and I believe we are planning on having feedback for you in the next two weeks. Please let us know if you have any questions as we move forward. Thanks!

Oct 28 2020, 5:14 PM · user-sbassett, Security, secscrum, Application Security Reviews, Anti-Harassment, IP Info, MediaWiki-Vendor

Oct 14 2020

Jcross assigned T254947: Security Review Request for WikimediaApiPortalOAuth Extension to Reedy.
Oct 14 2020, 4:15 PM · MW-1.36-notes (1.36.0-wmf.18; 2020-11-17), Platform Team Sprints Board (Sprint 5), secscrum, MediaWiki-extensions-WikimediaApiPortalOAuth, Platform Team Initiatives (API Gateway), Application Security Reviews, Platform Team Workboards (Green)

Oct 9 2020

Jcross updated the task description for T265147: Offboard Chase Pettet from Security Team.
Oct 9 2020, 6:29 PM · SRE, Security-Team

Oct 7 2020

Jcross moved T260466: Security Readiness Review For GlobalWatchlist extension from In Progress to Back Orders on the secscrum board.
Oct 7 2020, 4:11 PM · MediaWiki-extensions-GlobalWatchlist, secscrum, Security, User-DannyS712, Application Security Reviews
Jcross moved T254947: Security Review Request for WikimediaApiPortalOAuth Extension from Waiting to Back Orders on the secscrum board.
Oct 7 2020, 4:10 PM · MW-1.36-notes (1.36.0-wmf.18; 2020-11-17), Platform Team Sprints Board (Sprint 5), secscrum, MediaWiki-extensions-WikimediaApiPortalOAuth, Platform Team Initiatives (API Gateway), Application Security Reviews, Platform Team Workboards (Green)
Jcross added a comment to T254947: Security Review Request for WikimediaApiPortalOAuth Extension.

Hey @WDoranWMF - this looks good and we hope to get it assigned shortly.

Oct 7 2020, 4:10 PM · MW-1.36-notes (1.36.0-wmf.18; 2020-11-17), Platform Team Sprints Board (Sprint 5), secscrum, MediaWiki-extensions-WikimediaApiPortalOAuth, Platform Team Initiatives (API Gateway), Application Security Reviews, Platform Team Workboards (Green)
Jcross changed the status of T260466: Security Readiness Review For GlobalWatchlist extension from Open to Stalled.

@Niharika this is currently stalled and we will have a more complete update soon.

Oct 7 2020, 4:06 PM · MediaWiki-extensions-GlobalWatchlist, Security, secscrum, Application Security Reviews, User-DannyS712
Jcross changed the status of T260466: Security Readiness Review For GlobalWatchlist extension, a subtask of T260862: Deploy GlobalWatchlist extension to production (Meta only), from Open to Stalled.
Oct 7 2020, 4:05 PM · User-DannyS712, User-notice, MediaWiki-extensions-GlobalWatchlist, Wikimedia-extension-review-queue, Wikimedia-Extension-setup
Jcross added a comment to T180021: Security review for extension Wikispeech.

@Lokal_Profil Thank you, sorry we missed that.

Oct 7 2020, 4:02 PM · Technical-Debt, secscrum, Wikispeech-Jobrunner (Sprint), User-Sebastian_Berlin-WMSE, User-kalle, User-LokalProfil, Wikispeech-Text-to-Speech, Wikispeech-WMSE

Oct 2 2020

Jcross added a comment to T254947: Security Review Request for WikimediaApiPortalOAuth Extension.

Hey @WDoranWMF Is the extension in a stable reviewable state?

Oct 2 2020, 4:11 PM · MW-1.36-notes (1.36.0-wmf.18; 2020-11-17), Platform Team Sprints Board (Sprint 5), secscrum, MediaWiki-extensions-WikimediaApiPortalOAuth, Platform Team Initiatives (API Gateway), Application Security Reviews, Platform Team Workboards (Green)
Jcross assigned T257734: Security Readiness Review For Vue version 3 to sbassett.
Oct 2 2020, 4:10 PM · Codex, user-sbassett, secscrum, Deprecated-Design-Systems-team-board (Design Systems Team Radar), Application Security Reviews, Security
Jcross assigned T257579: Security Readiness Review For WVUI and Vector dependencies needed for Vue.js search to sbassett.
Oct 2 2020, 4:10 PM · Application Security Reviews, WVUI, Readers-Web-Backlog (Kanbanana-FY-2020-21), user-sbassett, secscrum, Security, Design-Systems-team-20200324-20220422 (Vue.js Search Experience (Vector modern))
Jcross added a comment to T180021: Security review for extension Wikispeech.

@Lokal_Profil There are a few processes we are unable to find evidence of having been followed, and we'd be happy to provide those if you'd like - but it's largely the issue of there being no path to production that will necessitate us prioritizing this review as "Low". We simply do not have the resources to spend on reviews that do not have support plans already in place. This does not mean that we are declining, but that reviews with a support plan in place will always be worked on first. Please let us know if anything changes and we will reconsider priority.

Oct 2 2020, 4:09 PM · Technical-Debt, secscrum, Wikispeech-Jobrunner (Sprint), User-Sebastian_Berlin-WMSE, User-kalle, User-LokalProfil, Wikispeech-Text-to-Speech, Wikispeech-WMSE
Jcross lowered the priority of T247327: Combine RFS forms for Security Readiness Review and other RFS from Medium to Low.
Oct 2 2020, 4:05 PM · Security-Team, Application Security Reviews

Sep 28 2020

Jcross lowered the priority of T247327: Combine RFS forms for Security Readiness Review and other RFS from High to Medium.
Sep 28 2020, 6:22 PM · Security-Team, Application Security Reviews
Jcross raised the priority of T247327: Combine RFS forms for Security Readiness Review and other RFS from Low to High.
Sep 28 2020, 6:21 PM · Security-Team, Application Security Reviews
Jcross moved T247327: Combine RFS forms for Security Readiness Review and other RFS from Waiting to Back Orders on the secscrum board.
Sep 28 2020, 6:21 PM · Security-Team, Application Security Reviews