Closed
Bug 1517607
Opened 6 years ago
Closed 6 years ago
Security Review for Firebase SDK
Categories
(Firefox for Android Graveyard :: General, enhancement)
Tracking
(firefox65 unaffected, firefox66 affected)
RESOLVED
WONTFIX
Firefox 66
| Tracking | Status | |
|---|---|---|
| firefox65 | --- | unaffected |
| firefox66 | --- | affected |
People
(Reporter: sdaswani, Assigned: sdaswani)
Details
We have to integrate the open source Firebase into SDK to support FCM push notifications: https://bugzilla.mozilla.org/show_bug.cgi?id=1510730
Does the security team want / need to review the SDK?
|
||
Comment 1•6 years ago
|
||
Security reviews don't need to be confidential. If issues are found then the individual bugs can be flagged as such.
Group: firefox-core-security
|
||
Comment 4•6 years ago
|
||
Dan, Wennie mentioned I could n-i to you for security review, at least until there is some more formal process.
Flags: needinfo?(dveditz)
|
|
||
Comment 5•6 years ago
|
||
It looks like more info may be in bug 1286912.
|
||
Comment 6•6 years ago
|
||
(In reply to Liz Henry (:lizzard) (use needinfo) from comment #4)
Dan, Wennie mentioned I could n-i to you for security review, at least until there is some more formal process.
There is a process: much like the original pi-request mail-based process but to a different address (which I'm leaving out of this bug to minimize getting on spam lists). I've sent mail to get this request into the queue.
Flags: needinfo?(dveditz)
Please hold off on this until I have more clarity on whether we indeed Firebase.
|
|
||
Updated•6 years ago
|
status-firefox65:
--- → unaffected
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
|
||
Updated•4 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•