I've filed T133735 as a bug to formalize procedures for security releases of non-mediawiki bundled wmf-maintained extensions.
On Tue, Apr 26, 2016 at 3:17 PM, bawolff <bawolff...@gmail.com> wrote: > On Tue, Apr 26, 2016 at 3:08 PM, Ryan Lane <rlan...@gmail.com> wrote: >> On Tue, Apr 26, 2016 at 12:01 PM, Alex Monk <kren...@gmail.com> wrote: >> >>> It's not an extension that gets bundled with MediaWiki releases. >>> >>> >> That doesn't mean third parties aren't using it. When I say a release of >> the extension, I mean give it a version number, increase the version >> number, tag it in git, then tell people "ensure you are using version x or >> greater of MobileFrontend". >> >> This is a pretty normal process that Wikimedia does well for other things. >> I have a feeling this isn't going through a normal process... >> > > I'm pretty sure that doing git tags in extensions for new versions is > not normal procedure. > > I can't recall any extension ever doing that (Unless you mean the > REL1_26 type tags). > > Which is not to say that I necessarily disagree with doing that > procedure, I just think its unfair to call that the normal procedure, > where I don't think that procedure has ever been used for extensions. > > Regardless of what procedures are decided as good practice for > extensions, formalizing the procedures security releases of > non-bundled extensions that are maintained by WMF would probably be a > good idea. > > -- > -bawolff _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l