Wikimedia Security Team/AppSec Clinic Minutes/2023-06-05

Date: 2023-06-05

Attending: MMartorana_(WMF), SBassett_(WMF)

Phabricator Tasks In Progress[edit]

1. MMartorana_(WMF)
   1. T144097 - Investigating potential patches.
   2. T334437 - Working on a patch.
   3. T336113 - To triage, maybe write patch.
   4. T336711 - Left a comment, untag soon.
   5. T337695 - WMF Legal told me they don't have access to this NDA but T&C might.
2. MStyles_(WMF)
   1. T323651 - Leave note that other patches can go through gerrit.
   2. T335164 - Analysis work assigned to Maryum.
   3. T250720#8830971 - One patch is on gerrit, others might need rebase?
   4. T337714 - MStyles_(WMF) to watch, maybe help with AppSec CI.
3. Reedy_(WMF)
   1. T333722 - Decom channel soon.
   2. T318825 - Assigned for follow-up.
   3. T321092 - Assigned for follow-up.
   4. T330086 - Done, add reporter to secteam HoF.
   5. T335204 - Assigned to Reedy_(WMF) for review.
   6. T335288 - Assigned to Reedy_(WMF) for review.
4. SBassett_(WMF)
   1. T326871 - Waiting on AHT/Thalia response.
   2. T336310 - Confirm right was added by Amir, the resolve task.
   3. T337274 - PR merged, still need to confirm prod deployment.

Sent to Kelton
Sent to Privacy Engineering

New Phabricator Tasks Reviewed[edit]

1. T338094 - Reedy_(WMF) triaged, assigned to Kosta H.
2. T337802 - Untagged team for now.
3. T337949 - Assigned to Reedy_(WMF) for review.
4. T338034 - MMartorana_(WMF) to complete.
5. T338088 - Untagged team for now, left to DBA.
6. T338092 - SBassett_(WMF) to analyze.
7. T338104 - Assigned to Reedy_(WMF) for review.
8. T338105 - Assigned to Reedy_(WMF) for review.