To Whom It May Concern: Since 2012, the CheckUser extension has contained functionality to optionally store the encrypted recipients for emails that were sent via Special:EmailUser, if the operator set $wgCUPublicKey to a valid RSA public key. The encryption mechanism used by this logic is outdated and needs an update.[1]
However, it's unclear if anybody is using this feature. It is not enabled in WMF production, and was implemented without a corresponding BZ reference. There is also no functionality in CheckUser that allows access to the stored data. If you are actively using this functionality and would like it to be retained, please leave a comment on the deprecation task T384460.[2] [1] https://phabricator.wikimedia.org/T384398 [2] https://phabricator.wikimedia.org/T384460 Yours faithfully, Máté Szabó (he/him/his) Senior Software Engineer, Trust & Safety Product Wikimedia Foundation _______________________________________________ MediaWiki-l mailing list -- [email protected] To unsubscribe send an email to [email protected] https://lists.wikimedia.org/postorius/lists/mediawiki-l.lists.wikimedia.org/
