User Details
- User Since
- Nov 5 2021, 2:54 PM (29 w, 1 d)
- Availability
- Available
- LDAP User
- Unknown
- MediaWiki User
- MMartorana (WMF) [ Global Accounts ]
Tue, May 24
Yes, you should file a new request using this form and we will triage it for next quarter's appsec reviews. You can also find additional information of the appsec review process.
The Extension:Upload_Wizard has not undergone any manual security review, and since it is an extension that may present a large subset of risky vulnerabilities, we would like to review it before approving the deployment in other wikis.
Tue, May 10
Mon, May 2
Ok, thank you.
Apr 27 2022
Hi @Eevans, we have also found these two extensions:
Apr 21 2022
Perfect, thank you.
Apr 20 2022
Hey @Eevans, I just wanted to have confirmation that the main branch is stable and I can work with the most recent commit, and that there shouldn't be any more substantial contributions before deployment.
Apr 13 2022
Hello @WDoranWMF and @Eevans, I will be in charge of this security review.
Apr 7 2022
Subject: MediaWiki Extensions and Skins Security Release Supplement (1.35.6/1.36.4/1.37.2)
Apr 4 2022
Hi @RhinosF1, as per WMF's risk management framework, low risk (which this review has overall) is automatically accepted by the WMF.
Apr 1 2022
Security Review Summary - T295065 - 2022-03-31
Last commit reviewed: 08d39f11c9abdf22d10e6a0138d4ea3d6817cc62
Feb 22 2022
Hi @RhinosF1, thanks a lot for your feedback!
Feb 16 2022
Feb 9 2022
Before proceeding with the review, we would like to shed some light on a couple of points:
Jan 14 2022
Security Review Summary - T289322 - 2022-01-14
Last commit reviewed: f8bfba32ddc266ead8a8bbd134e63ec669defba9
Jan 11 2022
Jan 10 2022
Jan 7 2022
Security Review Summary - T293369 - 2022-01-07
Last commit reviewed: 4583e736243d46857d982c16be0850112db892b1
Dec 21 2021
Dec 1 2021
Nov 30 2021
I have experimented with the GitLab SAST templates on many languages/frameworks repos containing vulnerable code and the results are not very satisfying.
Nov 18 2021
I have now provided all the required information.