Wikimedia Security Team/Security Review Scrum/2019-08-27


Date/time: August 27th, 2019 - 10:00 AM PDT

Attending: Scott, Jennifer, Sam, Michal Anna


  • Security Review for MediaWiki REST API, assigned to Sam,
  • John to explore funding of 3rd party audits this quarter, stalled -,,,


  • Security review of Ex:DoubleWiki, in-progress -
  • Parsoid-PHP, moved to active, additional review by Sam, in-progress -
  • Security review of preact 8.4.2, Scott did a very simple assessment, unassigned, stalled
  • Page Content Service route /page/mobile-html, starting -
  • Security review of WebAuthn library dependancies, in-progress -
  • Planet Wikimedia - assigned to Michal Anna, stalled -


  • Labs db/sanitarium and maintain-views.yaml audits, assigned to James F, stalled -,

Frozen (delayed indefinitely)

  • Audiences growth team emails concept review, stalled - Jen will contact to close -
  • Banner preview, stalled -

Closing Soon / Closed

  • Doublewiki (old), Scott to resolve this week, in-progress - can Jen contact to close? -