Last modified: 2014-09-25 23:05:20 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T71541, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 69541 - security review for Capiunto
security review for Capiunto
Status: NEW
Product: MediaWiki extensions
Classification: Unclassified
Capiunto (Other open bugs)
master
All All
: Normal enhancement (vote)
: ---
Assigned To: Chris Steipp
u=dev c=infrastructure p=0
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-14 14:05 UTC by Lydia Pintscher
Modified: 2014-09-25 23:05 UTC (History)
5 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Lydia Pintscher 2014-08-14 14:05:45 UTC 
We would like to roll out Capiunto to production. It needs a security review. The code is at https://git.wikimedia.org/summary/mediawiki%2Fextensions%2FCapiunto More information about Capiunto is at https://www.mediawiki.org/wiki/Extension:Capiunto
Comment 1 Nik Everett 2014-08-14 16:20:15 UTC 
Already assigned to csteipp - does this need anything else to get it in the security review queue?
Comment 2 Marius Hoch 2014-08-14 16:22:39 UTC 
(In reply to Nik Everett from comment #1)
> Already assigned to csteipp - does this need anything else to get it in the
> security review queue?

Don't think so...
Given that this extension almost only hosts Lua code that is being executed with the same rights as user given Lua code, this should be quick to check.
Comment 3 Chris Steipp 2014-08-14 16:23:06 UTC 
Can you point to any more information about the extension, and timelines? I'm swamped with reviews right now. Is this more or less urgent than WikibaseQuery?
Comment 4 Lydia Pintscher 2014-08-14 16:25:15 UTC 
Less urgent than WikibaseQuery.
Comment 5 Nik Everett 2014-08-19 18:20:08 UTC 
(In reply to Chris Steipp from comment #3)
> Can you point to any more information about the extension? 

Can anyone answer this question?
Comment 7 Nik Everett 2014-08-27 15:49:18 UTC 
So "everyone I've asked" about the extension says the mw.org page needs more instructions.  A link https://git.wikimedia.org/blob/mediawiki%2Fextensions%2FCapiunto/1441b9ab1c126d7047e182a41497303a4a32a9bb/docs%2Finfobox.wiki might help matters I think.
Comment 8 Marius Hoch 2014-09-25 23:05:20 UTC 
(In reply to Nik Everett from comment #7)
> So "everyone I've asked" about the extension says the mw.org page needs more
> instructions.  A link
> https://git.wikimedia.org/blob/mediawiki%2Fextensions%2FCapiunto/
> 1441b9ab1c126d7047e182a41497303a4a32a9bb/docs%2Finfobox.wiki might help
> matters I think.

Done that.

Also the integration test cases (https://git.wikimedia.org/blob/mediawiki%2Fextensions%2FCapiunto/HEAD/tests%2Fphpunit%2Foutput%2FBasicRowTest.lua and https://git.wikimedia.org/blob/mediawiki%2Fextensions%2FCapiunto/HEAD/tests%2Fphpunit%2Foutput%2FBasicTest.lua) might be good as short examples.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links