⚓ T305134 Reduce the number of messages that trigger false positive in security check to speed up manual review

Subject	Repo	Branch	Lines +/-
Replace < and < characters with 〈	mediawiki/extensions/UserStatus	master	+2 -2
Replace < character with <	mediawiki/extensions/UserStatus	master	+3 -3
Revert change to use < instead of '<'	mediawiki/extensions/UserStatus	master	+2 -2
Replace < with html character '<'	mediawiki/extensions/SocialProfile	master	+2 -2
<timeline> tag: replace with message parameter	mediawiki/extensions/timeline	master	+1 -1
Replace <> with html character codes	mediawiki/extensions/HeadScript	master	+1 -1
Replace <> with html character codes.	mediawiki/extensions/Link_Attributes	master	+1 -1
Replace use of <> with HTML character codes	mediawiki/extensions/DonationInterface	master	+1 -1
Replace <> with html character codes.	mediawiki/extensions/WikimediaMessages	master	+1 -1
jjb: [mediawiki-i18n-check-docker] Allow bdi, dl, dd, and ref tags	integration/config	master	+1 -1
Reword messages to reduce translation ambuguity	mediawiki/extensions/Translate	master	+3 -3
Update message description on qqq.json	mediawiki/extensions/Translate	master	+2 -2
<translate> tag: replace with message parameter	mediawiki/extensions/Translate	master	+4 -3

Nikerabbit created this task.Mar 31 2022, 10:13 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 31 2022, 10:13 AM

Nikerabbit set the point value for this task to 2.Mar 31 2022, 10:25 AM

Nikerabbit triaged this task as Low priority.Apr 5 2022, 10:25 AM

Nikerabbit added a project: Language-Team (Language-2022-April-June).

Nikerabbit moved this task from Quarter Backlog to Priority: Localization infrastructure on the Language-Team (Language-2022-April-June) board.

Wangombe claimed this task.Apr 7 2022, 6:56 AM

Wangombe moved this task from Priority: Localization infrastructure to In Progress on the Language-Team (Language-2022-April-June) board.

Change 779015 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/Translate@master] <translate> tag: replace with message parameter

https://gerrit.wikimedia.org/r/779015

gerritbot added a project: Patch-For-Review.Apr 11 2022, 11:47 AM

Change 786275 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/Translate@master] Update message description

https://gerrit.wikimedia.org/r/786275

Change 779015 merged by jenkins-bot:

[mediawiki/extensions/Translate@master] <translate> tag: replace with message parameter

https://gerrit.wikimedia.org/r/779015

ReleaseTaggerBot added a project: MW-1.39-notes (1.39.0-wmf.10; 2022-05-02).Apr 28 2022, 5:01 AM

Change 790971 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/Translate@master] Replace tags with use of parameter: $1

https://gerrit.wikimedia.org/r/790971

Change 786275 abandoned by Wangombe:

[mediawiki/extensions/Translate@master] Update message description on qqq.json

Reason:

No longer necessary

https://gerrit.wikimedia.org/r/786275

Change 790979 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/timeline@master] <timeline> tag: replace with message parameter

https://gerrit.wikimedia.org/r/790979

Change 790981 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/SocialProfile@master] Replace < with html character '<'

https://gerrit.wikimedia.org/r/790981

Change 790971 merged by jenkins-bot:

[mediawiki/extensions/Translate@master] Reword messages to reduce translation ambuguity

https://gerrit.wikimedia.org/r/790971

ReleaseTaggerBot edited projects, added MW-1.39-notes (1.39.0-wmf.12; 2022-05-16); removed MW-1.39-notes (1.39.0-wmf.10; 2022-05-02).May 12 2022, 7:01 PM

Change 792169 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/UserStatus@master] Replace < character with <

https://gerrit.wikimedia.org/r/792169

Change 792172 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/Link_Attributes@master] Replace <> with html character codes.

https://gerrit.wikimedia.org/r/792172

Change 792203 had a related patch set uploaded (by Wangombe; author: Wangombe):

[integration/config@master] Allow some more tags and attributes

https://gerrit.wikimedia.org/r/792203

Change 792203 merged by jenkins-bot:

[integration/config@master] jjb: [mediawiki-i18n-check-docker] Allow bdi, dl, dd, and ref tags

https://gerrit.wikimedia.org/r/792203

Change 792382 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/WikimediaMessages@master] Replace <> with html character codes.

https://gerrit.wikimedia.org/r/792382

Change 792449 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/DonationInterface@master] Replace use of <> with HTML character codes

https://gerrit.wikimedia.org/r/792449

Wangombe updated the task description. (Show Details)May 17 2022, 12:25 PM

Wangombe updated the task description. (Show Details)

Change 792382 abandoned by Wangombe:

[mediawiki/extensions/WikimediaMessages@master] Replace <> with html character codes.

Reason:

Out of scope. Change requires more input that may introduce breaking changes.

https://gerrit.wikimedia.org/r/792382

Change 792449 abandoned by Wangombe:

[mediawiki/extensions/DonationInterface@master] Replace use of <> with HTML character codes

Reason:

changes made would sort of solve one problem and create another.

https://gerrit.wikimedia.org/r/792449

Nikerabbit moved this task from Backlog to Processes on the translatewiki.net board.May 19 2022, 7:50 AM

As of this comment, the number or messages has reduced by >10. This patch handles a number of these messages by adding some tags onto the safe list.

Change 792172 merged by jenkins-bot:

[mediawiki/extensions/Link_Attributes@master] Replace <> with html character codes.

https://gerrit.wikimedia.org/r/792172

Wangombe mentioned this in rELNA0e63c4852a6d: Replace <> with html character codes..May 24 2022, 12:14 PM

Change 792169 merged by jenkins-bot:

[mediawiki/extensions/UserStatus@master] Replace < character with <

https://gerrit.wikimedia.org/r/792169

Change 799301 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/HeadScript@master] Replace <> with html character codes

https://gerrit.wikimedia.org/r/799301

I'm generally seeing less number of patches to review when automated exports run.

Leaving this open for some more time to monitor for any issues caused by this patch.

Change 799301 merged by jenkins-bot:

[mediawiki/extensions/HeadScript@master] Replace <> with html character codes

https://gerrit.wikimedia.org/r/799301

Wangombe mentioned this in rEHSC97173d331e93: Replace <> with html character codes.May 25 2022, 2:54 PM

Change 790979 merged by jenkins-bot:

[mediawiki/extensions/timeline@master] <timeline> tag: replace with message parameter

https://gerrit.wikimedia.org/r/790979

ReleaseTaggerBot edited projects, added MW-1.39-notes (1.39.0-wmf.14; 2022-05-30); removed MW-1.39-notes (1.39.0-wmf.12; 2022-05-16).May 26 2022, 5:00 AM

As of this comment, I have managed to reduce the number of messages by ~13. There might be a bigger number due to the fact that one of the patches added a few items to the safe tags list.

Wangombe reopened this task as In Progress.May 26 2022, 8:11 AM

Change 790981 merged by jenkins-bot:

[mediawiki/extensions/SocialProfile@master] Replace < with html character '<'

https://gerrit.wikimedia.org/r/790981

abi_ mentioned this in rESPR37ae5cec0558: Replace < with html character '<'.May 26 2022, 11:52 AM

Change 799955 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/UserStatus@master] Revert changes to use < instead of '<'

https://gerrit.wikimedia.org/r/799955

Change 799955 merged by jenkins-bot:

[mediawiki/extensions/UserStatus@master] Revert change to use < instead of '<'

https://gerrit.wikimedia.org/r/799955

For UserStatus, did you consider this option?

Make the HTML-lookalike characters use a different symbol, e.g. < Go back could be 〈 Go back.

In T305134#7966943, @Nikerabbit wrote:

For UserStatus, did you consider this option?

Make the HTML-lookalike characters use a different symbol, e.g. < Go back could be 〈 Go back.

It wasn't considered but it seems this will produce a consistent result.

Change 803863 had a related patch set uploaded (by Nikerabbit; author: Wangombe):

[mediawiki/extensions/UserStatus@master] Replace < and < characters with 〈

https://gerrit.wikimedia.org/r/803863

Change 803863 merged by jenkins-bot:

[mediawiki/extensions/UserStatus@master] Replace < and < characters with 〈

https://gerrit.wikimedia.org/r/803863

Nikerabbit moved this task from Recheck after deployment to Done on the Language-Team (Language-2022-April-June) board.Jun 21 2022, 8:36 AM

Nikerabbit added a project: Developer Productivity.Jun 23 2022, 5:52 AM

Nikerabbit closed this task as Resolved.Jun 23 2022, 9:17 AM

Nikerabbit removed a project: Patch-For-Review.

Nikerabbit mentioned this in T358384: Reduce the need to manually review markup in translatewiki exports.Feb 23 2024, 8:53 PM