Page MenuHomePhabricator
People aranyap

aranyap (Aranya P)
User

Projects (4)
View All

Calendar

Today

  • No visible events.

Tomorrow

  • No visible events.

Friday

  • No visible events.

User Details

User Since
Mar 1 2023, 7:41 PM (154 w, 24 m)
Availability
Available
LDAP User
Aranyap
MediaWiki User
Anyaprum [ Global Accounts ]

Recent Activity
View All

Tue, Jan 27

aranyap moved T413211: Allow urlshortener for a selection of third-level domains from wmcloud.org and toolforge.org from In Progress to Completed on the Privacy Engineering board.
Tue, Jan 27, 5:40 AM · Patch-For-Review, Security-Team, SecTeam-Processed, Privacy Engineering, MediaWiki-extensions-UrlShortener, Cloud-Services
aranyap closed T413211: Allow urlshortener for a selection of third-level domains from wmcloud.org and toolforge.org as Resolved.
Tue, Jan 27, 5:39 AM · Patch-For-Review, Security-Team, SecTeam-Processed, Privacy Engineering, MediaWiki-extensions-UrlShortener, Cloud-Services
aranyap added a comment to T413211: Allow urlshortener for a selection of third-level domains from wmcloud.org and toolforge.org.

From a privacy perspective, this proposal appears low risk. The request is limited to a small, explicit set of known WMCS operational services and avoids wildcard domains or user-controlled Toolforge tools, which were the primary privacy concerns in prior discussions.

Tue, Jan 27, 5:38 AM · Patch-For-Review, Security-Team, SecTeam-Processed, Privacy Engineering, MediaWiki-extensions-UrlShortener, Cloud-Services

Jan 9 2026

aranyap added a comment to T411146: Application Security Review Request: Wikipedia 25 microsite.

The privacy team has reviewed this request and is concluding this to be a low risk as long as analytics collection is limited to aggregated metrics (e.g., page views and interaction events) and does not include personal identifiers.

Jan 9 2026, 7:09 PM · Security, SecTeam-Processed, Security-Team, secscrum, Application Security Reviews, PES1.3.3 WP25 Easter Eggs

Dec 16 2025

aranyap added a comment to T411146: Application Security Review Request: Wikipedia 25 microsite.

Hi @ATitkov and @Jdrewniak ,

Dec 16 2025, 5:47 PM · Security, SecTeam-Processed, Security-Team, secscrum, Application Security Reviews, PES1.3.3 WP25 Easter Eggs

Jul 18 2025

aranyap added a comment to T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum.

@ssingh I'm now able to access JupyterHub and have deleted the WMCS key. Thank you!

Jul 18 2025, 6:41 PM · SRE, SRE-Access-Requests

Jul 17 2025

aranyap added a comment to T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum.

@cmooney @ssingh I just requested access through the online system. Thank you!

Jul 17 2025, 9:31 PM · SRE, SRE-Access-Requests
aranyap reopened T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum as "Open".

Hi @cmooney ! I'm having some trouble trying to access JupyterHub and after some poking around with @dr0ptp4kt and @BTullis we think it's because I don't have wmf LDAP access but we aren't 100% sure.

Jul 17 2025, 8:53 PM · SRE, SRE-Access-Requests

Jul 8 2025

aranyap updated subscribers of T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum.
In T398650#10974346, @Clement_Goubert wrote:

Please make sure the Wikimedia global and developer accounts are correctly created and not conflicting.
There seems to be two existing deactivated accounts under the aprum-ctr@wikimedia.org email, linked with the Aranyap~labswiki and the Aranyap enwiki account, as well as the aprum dewiki and aprum~labswiki wikitech account as well, but no account for aprum@wikimedia.org.

Jul 8 2025, 6:40 PM · SRE, SRE-Access-Requests

Jul 3 2025

aranyap updated the task description for T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum.
Jul 3 2025, 5:08 PM · SRE, SRE-Access-Requests
aranyap created T398650: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for aprum.
Jul 3 2025, 5:07 PM · SRE, SRE-Access-Requests

Jul 31 2024

aranyap added a comment to T367905: Application Security Review Request : OpenTelemetry PHP SDK.

Hi @CDanis , we took a look at this repository found minimal problems, please feel free to move forward with using OpenTelemetry!

Jul 31 2024, 1:48 AM · SecTeam-Processed, Privacy Engineering, MediaWiki-Vendor, secscrum, Security, Application Security Reviews
aranyap moved T367905: Application Security Review Request : OpenTelemetry PHP SDK from Incoming to Completed on the Privacy Engineering board.
Jul 31 2024, 1:48 AM · SecTeam-Processed, Privacy Engineering, MediaWiki-Vendor, secscrum, Security, Application Security Reviews

Oct 24 2023

aranyap moved T65598: Privacy issues with Gadget-GoogleTrans.js (calls out to google APIs) from Watching to Completed on the Privacy Engineering board.
Oct 24 2023, 4:03 PM · Security, Privacy Engineering, WMF-General-or-Unknown, Privacy

Oct 16 2023

aranyap moved T340189: Images of private wikis are publicly accessible if attacker knows the URL or the filename from Incoming to Completed on the Privacy Engineering board.
Oct 16 2023, 7:07 AM · Privacy Engineering, SecTeam-Processed, Vuln-Infoleak, SRE-swift-storage, Security, Security-Team
aranyap moved T342487: [Event Platform] Actor performing suppression revealed publicly from Backlog to Completed on the Privacy Engineering board.
Oct 16 2023, 7:05 AM · Data-Engineering (Sprint 6), MW-1.42-notes (1.42.0-wmf.7; 2023-11-28), SecTeam-Processed, Privacy Engineering, Event-Platform, Vuln-Infoleak, Security
aranyap moved T260016: Request Security check of allowing editing from mirror/fork site from Completed to Waiting on the Privacy Engineering board.
Oct 16 2023, 6:58 AM · Privacy Engineering, Security, Chinese-Sites
aranyap moved T260016: Request Security check of allowing editing from mirror/fork site from Waiting to Completed on the Privacy Engineering board.
Oct 16 2023, 6:57 AM · Privacy Engineering, Security, Chinese-Sites
aranyap moved T310393: IP Info log can be used to deanonymize user from Incoming to Backlog on the Privacy Engineering board.
Oct 16 2023, 6:48 AM · Privacy Engineering, Anti-Harassment-Team, Vuln-Infoleak, SecTeam-Processed, IP Info, Security, Security-Team
aranyap moved T335958: The soon-to-be-released pageview datasets should be linked from dumps page from Incoming to In Progress on the Privacy Engineering board.
Oct 16 2023, 6:44 AM · Data-Engineering, Privacy Engineering

Oct 4 2023

aranyap moved T337576: capacity-exchange.wmcloud.org loads 3rd party content (privacy violation) from Incoming to Watching on the Privacy Engineering board.
Oct 4 2023, 7:19 PM · Capacity Exchange, Privacy Engineering
aranyap moved T334851: Define a procedure/pattern to populate test environments from Incoming to Completed on the Privacy Engineering board.
Oct 4 2023, 7:17 PM · Catalyst (Prototype leftovers 🍱), SecTeam-Processed, Privacy Engineering, serviceops-radar, WMF-Architecture-Team, Platform Engineering, Release-Engineering-Team, API Platform, AQS2.0

Sep 20 2023

aranyap updated subscribers of T345379: Add CSP for Fundraiseup on DonateWiki .

Hi @Ejegg thanks for bringing this to our attention. I initially conducted a privacy review for Fundraise Up and deemed it to be a low risk for the particular use-case that was specified by @ERoden-WMF . As for any additional integrations, I'll need to consult with @JFishback_WMF and @samuelguebo to determine whether this needs further review. I'll update here once I get more info. Thanks!

Sep 20 2023, 7:34 AM · Fundraising Tech - Chaos Crew, Fundraising-Backlog

Sep 7 2023

aranyap closed T203726: Privacy policy FAQ links to https://bits.wikimedia.org/geoiplookup which is long dead as Resolved.
Sep 7 2023, 9:02 PM · Privacy Engineering, WMF-Legal, Privacy
aranyap added a comment to T203726: Privacy policy FAQ links to https://bits.wikimedia.org/geoiplookup which is long dead.

This issue has been resolved, closing this ticket.

Sep 7 2023, 9:02 PM · Privacy Engineering, WMF-Legal, Privacy

Mar 3 2023

aranyap updated the task description for T331067: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP.
Mar 3 2023, 7:21 PM · SRE, SRE-Access-Requests
aranyap added a comment to T331067: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP.
In T331067#8663266, @JMeybohm wrote:

Welcome @aranyap! Please add the ssh key type to your request as well (assuming it's a ed25519 key, but just to be precise about it).

@Jcross from the mail address this looks like a contractor hiring. In that case we'd need:

  • Contract end date:
  • Contract contact person:
Mar 3 2023, 7:01 PM · SRE, SRE-Access-Requests
aranyap updated the task description for T331067: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP.
Mar 3 2023, 6:56 PM · SRE, SRE-Access-Requests

Mar 2 2023

aranyap renamed T331067: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP from Requesting access to RESOURCE for USER[S] to Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP.
Mar 2 2023, 9:46 PM · SRE, SRE-Access-Requests
aranyap created T331067: Requesting access to analytics-privatedata-users group (LDAP and kerberos), for AranyaP.
Mar 2 2023, 9:33 PM · SRE, SRE-Access-Requests
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits