| gabriel-wmde added a comment. |
I don't think this is an acceptable response. It's not just CI, it's also developer's laptops, which are an extremely high value target. While this vulnerability might be pretty minor, it's important to keep the security issues green, so that when an actual high severity vulnerability is reported, we don't miss it by assuming there is always a vulnerability.
You're right. We were already in "OMG, the fundraising campaign is coming, drop everything you're doing" mode, which is not a good excuse to slack on security, but the reason why we initially decided on postponing the fix.
TASK DETAIL
EMAIL PREFERENCES
To: gabriel-wmde
Cc: Legoktm, Tim_WMDE, gerritbot, gabriel-wmde, Umherirrender, Aklapper, CucyNoiD, Nandana, NebulousIris, Gaboe420, A.S.Kochergin, Versusxo, Majesticalreaper22, Giuliamocci, Adrian1985, God, Cpaulf30, Lahi, Gq86, Baloch007, Darkminds3113, Bsandipan, Lordiis, Lucas_Werkmeister_WMDE, GoranSMilovanovic, Adik2382, Th3d3v1ls, Ramalepe, Liugev6, QZanden, LawExplorer, Lea_WMDE, Lewizho99, Maathavan, Agabi10, KasiaWMDE, Wikidata-bugs, aude, jayvdb, Tobi_WMDE_SW, Mbch331, hashar
Cc: Legoktm, Tim_WMDE, gerritbot, gabriel-wmde, Umherirrender, Aklapper, CucyNoiD, Nandana, NebulousIris, Gaboe420, A.S.Kochergin, Versusxo, Majesticalreaper22, Giuliamocci, Adrian1985, God, Cpaulf30, Lahi, Gq86, Baloch007, Darkminds3113, Bsandipan, Lordiis, Lucas_Werkmeister_WMDE, GoranSMilovanovic, Adik2382, Th3d3v1ls, Ramalepe, Liugev6, QZanden, LawExplorer, Lea_WMDE, Lewizho99, Maathavan, Agabi10, KasiaWMDE, Wikidata-bugs, aude, jayvdb, Tobi_WMDE_SW, Mbch331, hashar
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
