Wikimedia Security Team/Security Review Scrum/2019-10-01


Date/time: October 1st, 2019 - 10:00 AM PDT

Attending: Scott, Jennifer


  • Security readiness review for the MachineVision extension, unassigned
  • John to explore funding of 3rd party audits this quarter, stalled -,,,
  • Planet Wikimedia,unassigned
  • Security Concept Review For client side error logging js client,unassigned


  • Security Review for MediaWiki REST API, assigned to Sam,
  • Security review of Ex:DoubleWiki, in-progress -
  • Parsoid-PHP, moved to active, Scott this week -
  • Security review of WebAuthn library dependancies, in-progress -


  • Labs db/sanitarium and maintain-views.yaml audits, assigned to James F, stalled -,
  • Page Content Service route /page/mobile-html, waiting -

Frozen (delayed indefinitely)

  • Banner preview, stalled -
  • Security review of preact 8.4.2, Scott did a very simple assessment, unassigned, stalled

Closing Soon / Closed