Wikimedia Security Team/Security Review Scrum/2019-04-30

Date/time: April 30th, 2019 - 10:00 AM PST

Attending: Brian, Sam, Michal Anna, Scott

Updates:

Backlog
 * Exploring outsourced reviews for OIT things, rewrites, JB to follow up, stalled - https://phabricator.wikimedia.org/T155537, https://phabricator.wikimedia.org/T156960, https://phabricator.wikimedia.org/T148246, https://phabricator.wikimedia.org/T187846
 * DoubleWiki, Brian to deploy as sec release, then push through gerrit, in-progress - https://phabricator.wikimedia.org/T131199

Active
 * Leaving open for feedback, will monitor, in-progress - https://phabricator.wikimedia.org/T221907
 * Still exploring vendor options, recruiting org SMEs, will start on basic analysis, in-progress - https://phabricator.wikimedia.org/T219831
 * Assigned to Reedy for now, team review on May 2nd, in-progress - https://phabricator.wikimedia.org/T221719
 * Planet Wikimedia - assigned to Michal Anna, in-progress - https://phabricator.wikimedia.org/T207246
 * Wikisource ext, starting - https://phabricator.wikimedia.org/T217289
 * FormWizard extension, stalled - https://phabricator.wikimedia.org/T201492

Waiting
 * Wikibase Termbox, completed for now, awaiting developer response, in-progress - https://phabricator.wikimedia.org/T216419
 * Labs db/sanitarium and maintain-views.yaml audits, in-progress - https://phabricator.wikimedia.org/T169097, https://phabricator.wikimedia.org/T103011
 * Audiences user-testing concept review, stalled - https://phabricator.wikimedia.org/T220043
 * Audiences growth team emails concept review, stalled - https://phabricator.wikimedia.org/T220242