Lucas_Werkmeister_WMDE added a comment.
The current Wikibase code also has a regex in JS which eslint now detects as being unsafe (see discussion <https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/916503/2/view/resources/wikibase/templates.js#72>). We’re not 100% sure if it’s actually exploitable in practice or not, but migrating to mustache would also resolve that issue. TASK DETAIL https://phabricator.wikimedia.org/T91067 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE Cc: Michael, Lucas_Werkmeister_WMDE, WMDE-leszek, Aleksey_WMDE, Ricordisamoa, thiemowmde, adrianheine, Jdouglas, Aklapper, daniel, Isabelladantes1983, Themindcoder, Adamm71, Jersione, Hellket777, LisafBia6531, Astuthiodit_1, 786, Biggs657, karapayneWMDE, Invadibot, maantietaja, Juan90264, Alter-paule, Beast1978, ItamarWMDE, Un1tY, Akuckartz, Hook696, PatsagornY, Kent7301, joker88john, CucyNoiD, Nandana, jijiki, Klaas_Z4us_V, Gaboe420, Giuliamocci, Cpaulf30, Lahi, Gq86, Af420, Bsandipan, GoranSMilovanovic, QZanden, LawExplorer, Lewizho99, Maathavan, elukey, _jensen, rosalieper, Neuronton, Scott_WUaS, Wikidata-bugs, aude, Mbch331, Jay8g, ori
_______________________________________________ Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org
