[MEDIUM] 1.31.0 tarball is missing .htaccess files

PKSA-rmdy-mjd9-nv1m CVE-2018-13258 GHSA-2c28-7gwv-cpgf

Affected package: mediawiki/core

Affected version: >=1.31.0,<1.31.1

Reported by:
GitHub, FriendsOfPHP/security-advisories