https://bugzilla.wikimedia.org/show_bug.cgi?id=67533
--- Comment #8 from Jeroen De Dauw <jeroen_ded...@yahoo.com> --- > Regardless, I'm pretty sure we're not going to change our minds about > security review by debating in a bug. Not sure debate is happening. I never even asked to change the relevant policies, only that one would consider if doing so in this case makes sense or not. That has been done now, giving us more clarity on what the next steps can be. > Our options are to review them, make them optional and not use them on the > cluster, or rip them out entirely. Creating replacement code will result in more maintenance cost, less nice architecture and also has an initial cost. And it will leave us with some self writien db abstraction code, which I really rather avoid for security reasons. Hence the review option is the only really logical one from my point of view. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l