Board Thread:General Discussion/@comment-27103088-20151021150257/@comment-24473195-20151022090259

Penguin-Pal wrote: What's next? Also making wikia staff go through this process because their accounts can be hacked and abused for adding malicious scripts? All code developed by Wikia staff (including javascript) undergoes code-review. That's a standard software development practice, see :

https://www.mediawiki.org/wiki/Gerrit/%2B2#.2B2_is_for_code_review.2C_not_merging_your_own_stuff

In fact there was a particular script in dev.wiki that had serious a security hole, and it was only removed a few days ago. The script was created by staff several years ago.

So yes, even staff should go through this process. Regardless of how years of experience or professional training no human is perfect and incapable of making bad decisions (a tired or  disgruntled or malicious employee) or designing bad code.