Page MenuHomePhabricator

Code Stewardship Review: SpamBlacklist
Open, MediumPublic

Description

Intro

The SpamBlacklist extension's presumed Code Steward is actually not the Code Steward. There's been some outstanding production errors that have been occurring for over a year in addition to some CI instability issues.

Number, severity, and age of known and confirmed security issues

TBD

Was it a cause of production outages or incidents? List them.

TBD

Does it have sufficient hardware resources for now and the near future (to take into account expected usage growth)?

n/a

Is it a frequent cause of monitoring alerts that need action, and are they addressed timely and appropriately?

Yes, there have been some ongoing errors in production (see T148639T64864).

When it was first deployed to Wikimedia production

unknown

Usage statistics based on audience(s) served

TBD

Changes committed in last 1, 3, 6, and 12 months

TBD

Reliance on outdated platforms (e.g. operating systems)

n/a

Number of developers who committed code in the last 1, 3, 6, and 12 months

TBD

Number and age of open patches

TBD

Number and age of open bugs

TBD

Number of known dependencies?

TBD

Is there a replacement/alternative for the feature? Is there a plan for a replacement?

Uknown

Submitter's recommendation (what do you propose be done?)

none

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Hello @marcella, this extension came up as a Code Stewardship review request, but I've noticed that it is marked as being stewarded by the Editing team on developers/maintainers page. Just checking to see what the actual Code Stewardship status is before I dig any deeper.

@marcella: Could you please elaborate if the WMF Editing Team is responsible for the SpamBlacklist extension? Thanks.

greg triaged this task as Medium priority.Jul 3 2019, 10:29 PM

@marcella: Could you please elaborate if the WMF Editing Team is responsible for the SpamBlacklist extension? Thanks.

This extension is not currently maintained by the WMF Editing Team. We have no specialized knowledge or skills among the team engineers to support this extension. I'll update the developers/maintainers page to reflect that we are not actively maintaining it.

The form seems a little underfilled out... There was basically one production error which arguably was intentional behaviour (albeit maybe a poor design choice not to suppress it)

There was basically one production error which arguably was intentional behaviour (albeit maybe a poor design choice not to suppress it)

At the Wikidata project, we have been struggling to use this extension as it does not seem to behave as documented. We add URLs to the blacklist and the API confirms that they are blocked, but editors can go right ahead and add them anyway. See T251047 where this was reported a year ago, but we still have no guidance on whether we should even keep attempting to use this anti-vandalism tool.

Removing task assignee due to inactivity, as this open task has been assigned for more than two years (see emails sent to assignee on May26 and Jun17, and T270544). Please assign this task to yourself again if you still realistically [plan to] work on this task - it would be very welcome!

(See https://www.mediawiki.org/wiki/Bug_management/Assignee_cleanup for tips how to best manage your individual work in Phabricator.)

Aklapper removed a subscriber: marcella.

For everyone's info, currently no Code-Stewardship-Reviews are taking place as there is no clear path forward and as this is not prioritized work.
(Entirely personal opinion: I also assume lack of decision authority due to WMF not having a CTO currently. However, discussing this is off-topic for this task.)

Note that the work on T279275: Move all the functionality of {Spam,Title}Blacklist extensions into AbuseFilter and retire them, if completed, will mean that this extension is undeployed from Wikimedia, un-bundled from MediaWiki, and likely archived (unless someone comes along to support it).