Please change OAuth-authorised edits from logging as 127.0.0.1 and to that of the editor; and consider better UA logging.
Following a tutorial session with @csteipp to stewards about the OAuth approval process; for the stewards I ran a checkuser test on myself on Wikidata. I have edits there utilising one of Magnus's tools.
The CU result showed the edits as coming from 127.0.0.1. Such a result is less than ideal, especially were a block to be made including IP address that presumably such a block would stop all OAuth applications. Ideally such edits wouldshow inthe Checkuser results as
- of the IP address of the editor undertaking the edits via the OAuth
- with a user agent that clearly identifies the originating browser and the OAuth tool
Initially setting confidential.