Wikimedia Security Team/Security Review Planning/2022-01-11

Minutes for the Security Team's Q3 2022 (January to March) quarterly planning session

Attending: Reedy, MStyles, SBassett, MMartorana

Completed Reviews, Previous Quarter
 * 1) Wikidata Suggestor (Reedy/SBassett) (https://phabricator.wikimedia.org/T292110)
 * 2) Wikipedia Preview WP (MMartorana) (https://phabricator.wikimedia.org/T293369)
 * 3) Vuex4 (MStyles) (https://phabricator.wikimedia.org/T288768) (to be added to risk register)
 * 4) Vue3 (SBassett) (https://phabricator.wikimedia.org/T257734)

Reviews That Need Follow-Up This Quarter
 * 1) Various Abs Wiki Reviews (MStyles, SBassett, MMartorana) (https://phabricator.wikimedia.org/T289322)
 * 2) OIT LDAP (noting risk register entry, move to done) (https://phabricator.wikimedia.org/T155537)
 * 3) Wikispeech (re-evaluation and re-prioritization) (https://phabricator.wikimedia.org/T180021)

Accepted Reviews To Complete This Quarter
 * 1) Developer Portal tools (MStyles) (https://phabricator.wikimedia.org/T297167)
 * 2) ext:WikiSEO (MMartorana) (https://phabricator.wikimedia.org/T295065)
 * 3) Wikipedia Birthday JS (SBassett) (https://phabricator.wikimedia.org/T297816)

Updates Made For Other Review Tasks
 * 1) SD Image Recommendations UI (invalid by requester) (https://phabricator.wikimedia.org/T277690)
 * 2) Mailman3 (still a soft decline, vendor?) (https://phabricator.wikimedia.org/T289899#7403112)
 * 3) Design of Toolforge Kubernetes (vendor?) (https://phabricator.wikimedia.org/T245205)