Wikimedia Security Team/Security review template

Security review reporting
When the security review is finished, add a report to Phabricator task requesting the security review. The report should include,
 * Did we engage with the team during the design phase (so we can track that)
 * Data-flow diagram / Threat model
 * Can use the mozilla tool, once I find the link
 * Design/architectural issues identified
 * Hardening requests
 * Vulnerabilities found

Blocking issues should have a separate phabricator task opened, and be listed as blockers of the security review task.

Markdown template: = Project =
 * Repo:**
 * Current head:**
 * Dependencies:** 

= Review =
 * Did we work with the team during the design phase?** [Y/N]


 * Data-flow diagram:**

== Architecture issues

== Hardening

== Vulnerabilities