Re-enable ORES data in action API
Closed, ResolvedPublic
Actions

Description

Most of the ORES-related functionality in the action API was disabled in https://gerrit.wikimedia.org/r/#/c/336213/ due to T157206. Given that that issue was caused by excessive requests from a single client, the client has been silent for a long time, and disabling the API doesn't really do anything to prevent abuse (the same requests could still be done directly to the ORES API), there is no reason to keep the API disabled.

Mitigation of similar events in the future is tracked in T148997 and T137962, but given that those need to be done in the ORES API, and the action API is just one possible way to call the ORES API, it doesn't really make sense to block reenabling on that.

(Some mitigation also happened in T157983.)

Details

	Project	Branch	Lines +/-	Subject
	mediawiki/extensions/ORES	master	+24 -12	Use $wgOresRevisionsPerBatch == 0 to disable on-demand score fetch
	mediawiki/extensions/ORES	master	+21 -0	Revert "Remove all (except meta) API funcationality hooks"

Customize query in gerrit

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Declined		None	T153688 Announce presence of "oresscores" in api.php
		Resolved		Halfak	T163687 Re-enable ORES data in action API

Event Timeline

Tgr created this task.Apr 24 2017, 1:07 PM

Restricted Application added a project: Scoring-platform-team. · View Herald TranscriptApr 24 2017, 1:07 PM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Tgr added a parent task: T153688: Announce presence of "oresscores" in api.php.Apr 24 2017, 1:07 PM

Tgr updated the task description. (Show Details)Apr 24 2017, 1:11 PM

Halfak edited projects, added Scoring-platform-team (Current); removed Scoring-platform-team.Apr 27 2017, 2:50 PM

Halfak moved this task from Active to Review on the Scoring-platform-team (Current) board.

Change 350756 had a related patch set uploaded (by Gergő Tisza; owner: Gergő Tisza):
[mediawiki/extensions/ORES@master] Use $wgOresRevisionsPerBatch == 0 to disable on-demand score fetch

https://gerrit.wikimedia.org/r/350756

gerritbot added a project: Patch-For-Review.Apr 27 2017, 10:25 PM

Change 349955 merged by jenkins-bot:
[mediawiki/extensions/ORES@master] Revert "Remove all (except meta) API funcationality hooks"

https://gerrit.wikimedia.org/r/349955

Tgr mentioned this in T162484: DRAFT: Use rate limiting for ORES Action API score retrieval.Apr 28 2017, 2:17 PM

Change 350756 merged by jenkins-bot:
[mediawiki/extensions/ORES@master] Use $wgOresRevisionsPerBatch == 0 to disable on-demand score fetch

https://gerrit.wikimedia.org/r/350756

ReleaseTaggerBot added a project: MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)).Apr 28 2017, 7:00 PM

@Joe ORES functionality in api.php will be reenabled with the next train (which is a week from now). If there is trouble again, $wgOresRevisionsPerBatch can be set to 0, which will prevent api.php from making any user-triggered requests to the upstream ORES API (but otherwise it will remain working, and data for new edits will still be fetched).

When disabled that way, the ores field will be missing in the API response for all revisions which do not have locally cached data (ie. are not in recentchanges). Clients will have to be able to handle that so adding Developer-notice.

Tgr edited projects, added Developer-notice; removed Patch-For-Review.May 1 2017, 12:50 PM

Halfak moved this task from Review to Done on the Scoring-platform-team (Current) board.May 8 2017, 5:00 PM

Halfak mentioned this in Blog Post: Status update (June 3rd, 2017).Jun 3 2017, 8:24 PM

Halfak closed this task as Resolved.Jun 5 2017, 5:07 PM

Halfak claimed this task.

Krinkle mentioned this in T153688: Announce presence of "oresscores" in api.php.Jun 5 2017, 5:31 PM

dr0ptp4kt mentioned this in T178962: "No model available for [models]" error for API access.Oct 24 2017, 11:00 PM