cannon.danielc wrote:

Yeah, I think that was pointed out when it was first introduced. In the same way, a user could simply add {{subst:User:Me/sig}} on his own -- no need for the ~~~~ bit. The limit's not there to be inescapable, nor should it really be something we invest effort into ensuring IMO.

tcrow777 wrote:

Typing {{subst:Me/sig}} would not produce the timesnap, it would have to be: {{subst:Me/sig}} ~~~~~. ;)

A bit experienced user doesn't even need subpage in his user space, he can have eg. button on edit toolbar to insert entire signature code.

Lowering down the priority and severity, inclining to WONTFIX since it wouldn't bring the necessary effect.

tcrow777 wrote:

This is not priority, I suggest changing the status of the bug to LATER.

robchur wrote:

Minor bug - yes, it is technically a bug, since the limit is advertised as a "limit" - but certainly not a high priority, and probably not something we want to waste time fixing, since it's been rightly pointed out by others that users can, unbelievably in this day and age, put anything they want on a page.

cannon.danielc wrote:

Changing to LATER .. don't think this is a matter of urgency or priority that we want to address right now.

tcrow777 wrote:

Changed "Product" detail from "MediaWiki" to "Wikimedia".

• Bug 38974 has been marked as a duplicate of this bug. ***

(In reply to comment #6)

Changing to LATER .. don't think this is a matter of urgency or priority that
we want to address right now.

REOPENING, "not urgent" isn't a reason to close a bug. LATER should be reserved for "things we can't do right now because of [some other thing]"

Re-closing as LATER:

As long as the signature is not stored as a metadata somewhere else than on page, this is invalid request because of principles of editing of wiki page - I don't have to use ~~~~ for signature, I can always manually sign with whatever text I want, even different way anytime I edit. Tildas signature is not any metadata at the moment, but just a shortcut which is not mandatory to be used.

If it's technically invalid, close it as INVALID. :)
Reopening to get rid of deprecated LATER resolution.

@AntiCompositeNumber would you be able to provide some estimates on how many signatures this change would affect?

https://signatures.toolforge.org/reports/en.wikipedia.org says 35. That probably means 1-2 on other wikis.

Thanks, looking through some of those is pretty interesting. https://en.wikipedia.org/wiki/User:The_Earwig/Signature is a good example of why this is an impossible problem to fully prevent, it varies the signature based on {{REVISIONUSER}}, and defaults to an empty string, which would pass length checks.

Change 893847 had a related patch set uploaded (by Legoktm; author: Legoktm):

[mediawiki/core@master] WIP: Check signature length after pre-save transform

https://gerrit.wikimedia.org/r/893847