Should $wgAutoCreateTempUser['enabled'] = true; become the default value in MediaWiki core? If so, when?
If it does: how should we handle testing MediaWiki in CI for the anonymous IP editing paradigm?
If it does not: how should we manage testing MediaWiki in CI for temp accounts? T355879 has a proposal to create one or more jobs with a temp account enabled flag.
I think this is probably mostly a question for MediaWiki-Platform-Team to think about. Is there someone from the team who could talk through this with Trust and Safety Product Team ?
If we enable IP masking as MediaWiki default, we need to systematically review its compatibility to non-WMF extensions. Incompatible extension should either be updated or taghed with some templates like {{incompatible with IP masking}}, though some extensions may work (not completely broken) in a non-perfect way, e.g. UserMerge, where we may want to disallow merging to (NOT from) temporary accounts. Several types of extensions, by the increasing order of their impacts:
Anyway, this will be a solution of https://www.mediawiki.org/wiki/GDPR_(General_Data_Protection_Regulation)_and_MediaWiki_software#Hiding_the_display_of_IP_addresses_for_anonymous_editing
This is an interesting question. I think that what will help think through this would be listing our the implication and impact of either option.
I imagine this is mostly about non-Wikimedia installations (3rd parties) for the defaults, so setting it as either would be a message of how we as the maintainers of the software think that people *should* have it on by default. However, we probably will need to do this with our eyes open as to whether it impacts any other initial settings.
I actually am not sure I agree with that; 3rd party installations already have to do their own compatibility work with non-WMF extensions, especially if there are several of them that may collide internally because we as maintainers of the underlying system cannot do that already.
If this will be on by default for new installations, we'll need to announce it well to current 3rd parties for them to make the decision about whether to enable this or not.
So, in essence, I think this is potentially more of a philosophical question (should we have this behavior as the recommended default of mw) that has implications/impacts we should understand, rather than strictly a technical one.
We should probably verify whether there are any implications for within mediawiki itself for whether this is toggled, etc.
Some extensions currently did not complete actor migration (instead they stored user and user_text), such as Moderation (https://github.com/edwardspec/mediawiki-moderation/blob/master/sql/patch-moderation.sql) and ArticleFeedbackv5 (https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/ArticleFeedbackv5/+/refs/heads/master/sql/ArticleFeedbackv5.sql). If a third-party wiki installed it IP addresses will be leaked upon usage.
For extensions that use actor but did not create a temporary account, they may break for not allowing actors for IP.
So we at least need their users know the extension is currently incompatible with IP masking, so they can at least remove/not install the extension or restrict their usage to named accounts (if possible), or disable IP masking (even if IP masking become the default).
We should have an option in MediaWiki installer to ask sysadmins whether to enable IP masking when installing MediaWiki. There should provide sufficient information saying:
Change 980947 had a related patch set uploaded (by Kosta Harlan; author: Kosta Harlan):
[mediawiki/core@master] DevelopmentSettings: Enable auto creation of temp users