Per parent task and T222035#5142376, it would appear there are some improvements we could make to the i18n CI checker in regards to false positives. Looking at some of the reported false positives: <user>, <page> and <strong> tags, especially without attributes, could probably be allowed.
|integration/config||master||+1 -1||jjb: [mediawiki-i18n-check-docker] Allow some more tags and attributes|
|Resolved||Nikerabbit||T222035 Pending (false positive?) translations on Gerrit to Toolforge tools|
|Resolved||sbassett||T222216 Improve i18n CI checker|
It would be nice if we could move this tool out of a bash oneliner and into a php/python/js script with tests/etc. for further development.
Now that we have automated the translation exports, most time is spending on going through false positives of the checker. With the introduction of translation backports, most false positives need to be reviewed and approved four times (once for main branch, three times for each backport to supported branches).
Reducing false positives can be done in two ways:
- Adding known safe exceptions to the script
- Editing messages so that they do not have unsafe looking HTML
So I had mentioned a few likely false positive tags in the task description. And there are at least a few more discussed on the old, main bug, e.g. T205563#4639331 (though the last two @Bawolff took issue with), T205563#4644721, T205563#4647188, etc. I can get a new patch up soon for those, and anyone can feel free to propose/add more. Hopefully that can make this review process a bit less awful.
Change 757946 had a related patch set uploaded (by SBassett; author: SBassett):
[integration/config@master] Add more tags and attributes to i18n security checker allow list
I'm going to make this task public - all of this work has long been out in the open, and most relevant patches have gone through gerrit.
Change 757946 merged by jenkins-bot:
[integration/config@master] jjb: [mediawiki-i18n-check-docker] Allow some more tags and attributes
Ok, this was merged and deployed by @Jdforrester-WMF (thanks!) so let's call it done for now. If more troublesome tags come up, we can re-open or file a new bug.