Michaelcochez added a comment.
Thanks @sbassett . I didn't realize it was possible to run semgrep without posting the results to their service. They actually have a configuration available which can be used without that feature. I have now configured that. Semgrep actually found an issue. The issue flagged is that we do start an http server without TLS (meaning http instead of https). It is easy to change this to the version with a certificate and key, but in the current setting traffic to https://recommender.wmcloud.org/recommender gets forwarded to an internal port on the server hosting the schematree, which is not reachable directly from the outside world. So, my question is: 1. should we solve this by also having this internal service use https ? 2. and if so, where would i get a certificate/key for that? TASK DETAIL https://phabricator.wikimedia.org/T292110 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Reedy, Michaelcochez Cc: Lucas_Werkmeister_WMDE, sbassett, Michaelcochez, Martaannaj, Lydia_Pintscher, Addshore, WMDE-leszek, karapayneWMDE, Aklapper, Invadibot, Devnull, maantietaja, Akuckartz, Jcross, Dsharpe, DannyS712, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Bawolff, Mbch331, Legoktm
_______________________________________________ Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org
