Note: for historical task protection to remain we need to usurp the /existing/ project used as an acl and create a second project for tagging purposes only. This is in the same spirit as T90491. We currently have [[ https://phabricator.wikimedia.org/maniphest/query/8wTH1EjH3ysd/#R | hundreds of tasks ]] that would be useful for volunteers to follow tagged with #security. Related [[ https://phabricator.wikimedia.org/phame/post/view/187/changes_to_security_team_workflow/ | blog post ]].
[x] Determine #Security access subgroups
[x] Create first subproject of acl*security_volunteer (this will inherit all users)
[x] Create subsequent subprojects and add members as appropriate
[x] Create a new security project for tagging only (#security-related)
[x] Add #security-related to all exting tasks tagged with #security
[x] add a herald rule to add #security-related to all tasks if tagged with #security (H353)
[x] Add all members of original security project to transitional security-related
** This still needs to be protected until the `protect as security issue` is changed
[x] update [[ https://phabricator.wikimedia.org/transactions/editengine/maniphest.task/ | security forms ]] to add #security_related
[x] rename #security to `#acl*security` (remove `security` alias)
[x] rename `security-related` to `security`
[ ] T245201. Update `protect as security issue` to use `acl*security` (since this is by name and not phid)
** `$projects = WMFSecurityPolicy::getProjectByName('security');`
** https://phabricator.wikimedia.org/rPHEX9ec849c6ea4af2b55732dfd928f59e62d4f289cd
[ ] remove #security from all tasks as a tag
[ ] update anywhere else?
## Add new tag in place of old #security which is now an ACL only
### https://wikitech.wikimedia.org/wiki/Phabricator#Run_a_bulk_job_silently_(suppressing_notification_spam)