Update WMDE Engineering-owned products that may be affected by IP Masking
Open, Needs TriagePublic
Actions

Description

IP Masking will affect lots of our products, features, tools, gadgets, etc. This task is for tracking work to update those that are owned by WMDE Engineering, ahead of IP Masking being enabled on WMF sites.

See T326816: Update features for temporary accounts, particularly What will be affected.

A preliminary investigation (T326759) has found that the following may be affected:

WMDE-TechWish

AdvancedSearch 921472
FileImporter ( does not need adjustments )
RevisionSlider 921540
TwoColConflict 921542

Wikidata (tracked in T328454: [TECH][IPM] Investigate ramifications of IP masking on Wikidata related extensions

EntitySchema
WikibaseLexeme
Wikibase
WikibaseQualityConstraints

Details

Subject	Repo	Branch	Lines +/-
Use isNamed for the user option	mediawiki/extensions/AdvancedSearch	master	+7 -8
Skip user setting for unnamed users	mediawiki/extensions/RevisionSlider	master	+2 -2
Adjust check for registered users	mediawiki/extensions/AdvancedSearch	master	+1 -1
Skip user setting for unnamed users	mediawiki/extensions/TwoColConflict	master	+3 -3

Customize query in gerrit

Related Objects
Search...

Status	Assigned	Task
		Restricted Task
Resolved	kostajh	T294511 2021 Security Team wikireplicas audit
Declined	None	T284948 Raw IPs of logged-out users disclosed in wiki-replicas
In Progress	Niharika	T324492 Temporary accounts - MVP
Open	None	T326816 Update features for temporary accounts
Open	None	T326908 Update WMDE Engineering-owned products that may be affected by IP Masking
Resolved	ItamarWMDE	T328454 [TECH][IPM] Investigate ramifications of IP masking on Wikidata related extensions
Open	None	T343786 [TECH][IPM] Investigate ramifications of IP masking on Wikidata Bridge
Resolved	Michael	T343799 [8 hr] Investigate places where Wikibase distinguishes between anonymous and registered users
Resolved	Lucas_Werkmeister_WMDE	T343800 [8 hr] Investigate behavior of temporary accounts with cross-wiki API actions
Resolved	Lucas_Werkmeister_WMDE	T343980 [IPM] Enable temporary accounts (IP Masking) on Beta Wikidata
Resolved	Arian_Bozorg	T351968 Update Wikidata-related extensions for IP Masking
Resolved	Arian_Bozorg	T351969 Stop showing IP warning on Item and Property pages for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T351970 [EPIC] Stop showing IP warning on SpecialPages for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352002 Stop showing IP warning on EntitySchema pages for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352004 Stop showing IP warning on Create EntitySchema page for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352005 Stop showing IP warning on when editing EntitySchema text for Wikibase instances that have temporary accounts enabled
Resolved	ArthurTaylor	T352006 Stop showing IP warning on when setting label, description and aliases for EntitySchema for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352016 Stop showing IP warning on Lexeme SpecialPages for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352017 Stop showing IP warning on Merge Lexeme for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352018 Stop showing IP warning on Create Lexeme (both js and non-js) for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352065 Stop showing IP warning on Item and Property pages for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352066 Stop showing IP warning on Create Item for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352067 Stop showing IP warning on Create Property for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352068 Stop showing IP warning on Merge Item for Wikibase instances that have temporary accounts enabled
Declined	None	T352069 Stop showing IP warning when setting a Property label, description or alias for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352070 Stop showing IP warning when setting an Item/Property label, description or alias for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352071 Stop showing IP warning when setting an Item sitelink for Wikibase instances that have temporary accounts enabled
Resolved	Arian_Bozorg	T352072 Stop showing IP warning on Redirect an Entity for Wikibase instances that have temporary accounts enabled
Resolved	Lydia_Pintscher	T351971 Check if client LinkItem widget leaks IP on the repo of the edited Item
Resolved	Arian_Bozorg	T351973 Stop showing create an account message on Lexeme editing UI for Wikibase instances that have temporary accounts enabled
Resolved	None	T351974 Stop showing create an account message on EntitySchema editing UI for Wikibase instances that have temporary accounts enabled
Open	None	T351975 remove config for showing constraints violations only to non-logged-in users
Resolved	ArthurTaylor	T351977 Remember license note confirmation for temporary accounts
Resolved	Arian_Bozorg	T353807 Stop showing IP warning when editing using Wikidata Bridge when temporary accounts enabled
Resolved	Lucas_Werkmeister_WMDE	T353961 Consider creating a Wikibase Secondary CI job with temporary accounts enabled
Open	None	T353957 [SW] Wikibase secondary CI is broken and email sending is broken again (Dec 2023)
Resolved	Arian_Bozorg	T354730 Support creating items as not-logged-in user when TempAccounts is enabled
Resolved	Arian_Bozorg	T357020 [DOT] Perform necessary redirects after creating temporary account in Wikidata-related extensions
Resolved	Arian_Bozorg	T357023 [DOT] Perform necessary redirect after creating temporary account in merge/redirect special pages
Resolved	Arian_Bozorg	T357024 [DOT] Add redirect-related parameters to API modules and return redirect URL (if any) in Wikibase editing APIs
Resolved	ArthurTaylor	T357030 Add help messages to params specified by ApiCreateTempUserTrait
Resolved	ArthurTaylor	T357120 [DOT] Make Wikibase View editing interface redirect user for CentralAuth after edit creates temporary account
Resolved	ArthurTaylor	T357149 [DOT] Perform necessary redirect after editing terms in legacy termbox
Resolved	ArthurTaylor	T357151 [DOT] Perform necessary redirect after editing terms in termbox v2 / mobile termbox
Resolved	Arian_Bozorg	T357152 [DOT] Perform necessary redirect after creating new lexeme with Special:NewLexeme
Resolved	Arian_Bozorg	T357499 [DOT] Perform necessary redirect after editing terms with wikidata-bridge
Resolved	Lucas_Werkmeister_WMDE	T357799 [DOT] Add redirect-related parameters to API modules and return redirect URL (if any) in WikibaseLexeme editing APIs
Resolved	Arian_Bozorg	T358323 [DOT] Perform necessary redirect after editing lexeme data in view interface
Resolved	Lucas_Werkmeister_WMDE	T357404 [DOT] Termbox v2 / mobile termbox anonymous edit warning for temp users
Resolved	Arian_Bozorg	T355076 Adjust Wikibase repo to not leak IPs when editing and IP masking is enabled
Resolved	Arian_Bozorg	T356147 Adjust Lexeme Special Pages to not leak IPs when editing and IP masking is enabled
Open	Lucas_Werkmeister_WMDE	T356148 Adjust EntitySchema Special Pages to not leak IPs when editing and IP masking is enabled
Open	None	T370577 EntitySchema CI broken: Cannot create an actor for an IP user when temporary accounts are enabled
Resolved	Arian_Bozorg	T356149 Adjust Item and Property Special Pages to not leak IPs when editing and IP masking is enabled
Resolved	Arian_Bozorg	T356150 Adjust Lexeme UI to not leak IPs when editing and IP masking is enabled
Resolved	Arian_Bozorg	T356151 Adjust Item/Property UI to not leak IPs when editing and IP masking is enabled
Open	None	T371030 Create temporary user on undo/restore in Wikibase
Resolved	Dima_Koushha_WMDE	T356989 Automated testing in REST API to ensure IP masking works

Event Timeline

Tchanders created this task.Jan 13 2023, 9:33 AM

Tchanders updated the task description. (Show Details)Jan 13 2023, 9:35 AM

ItamarWMDE added projects: wmde-wikidata-tech, [DEPRECATED] wdwb-tech.Jan 13 2023, 9:45 AM

ItamarWMDE subscribed.

Maintenance_bot added a project: Wikidata.Jan 13 2023, 9:45 AM

Maintenance_bot moved this task from Inbox to Sorted Team A on the [DEPRECATED] wdwb-tech board.Jan 13 2023, 10:15 AM

Niharika moved this task from Backlog to Needs Other Product Teams on the Temporary accounts board.Jan 25 2023, 7:04 PM

ItamarWMDE mentioned this in T328454: [TECH][IPM] Investigate ramifications of IP masking on Wikidata related extensions.Jan 31 2023, 4:17 PM

Tobi_WMDE_SW added a project: WMDE-TechWish-Maintenance.Jan 31 2023, 4:18 PM

Created a followup task for the Wikidata team T328454

ItamarWMDE moved this task from Incoming to Epics+STALLED on the Wikidata Dev Team board.Jan 31 2023, 4:20 PM

WMDE-leszek subscribed.Jan 31 2023, 4:27 PM

ItamarWMDE moved this task from Incoming to Radar on the wmde-wikidata-tech board.Feb 14 2023, 2:04 PM

Change 921472 had a related patch set uploaded (by WMDE-Fisch; author: WMDE-Fisch):

[mediawiki/extensions/AdvancedSearch@master] Adjust check for registered users

https://gerrit.wikimedia.org/r/921472

gerritbot added a project: Patch-For-Review.May 20 2023, 12:29 PM

WMDE-Fisch updated the task description. (Show Details)May 20 2023, 12:30 PM

WMDE-Fisch subscribed.

Change 921540 had a related patch set uploaded (by WMDE-Fisch; author: WMDE-Fisch):

[mediawiki/extensions/RevisionSlider@master] Skip user setting for unnamed users

https://gerrit.wikimedia.org/r/921540

Change 921542 had a related patch set uploaded (by WMDE-Fisch; author: WMDE-Fisch):

[mediawiki/extensions/TwoColConflict@master] Skip user setting for unnamed users

https://gerrit.wikimedia.org/r/921542

WMDE-Fisch updated the task description. (Show Details)May 20 2023, 12:49 PM

WMDE-Fisch moved this task from Incoming to In progress on the WMDE-TechWish-Maintenance board.May 20 2023, 1:54 PM

Change 921542 merged by jenkins-bot:

[mediawiki/extensions/TwoColConflict@master] Skip user setting for unnamed users

https://gerrit.wikimedia.org/r/921542

Change 921472 merged by jenkins-bot:

[mediawiki/extensions/AdvancedSearch@master] Adjust check for registered users

https://gerrit.wikimedia.org/r/921472

WMDE-Fisch mentioned this in rESCCd12dd0afb6a2: Skip user setting for unnamed users.May 21 2023, 8:28 AM

ReleaseTaggerBot added a project: MW-1.41-notes (1.41.0-wmf.10; 2023-05-23).May 21 2023, 9:00 AM

WMDE-Fisch updated the task description. (Show Details)May 21 2023, 10:54 AM

WMDE-Fisch added a subtask: T328454: [TECH][IPM] Investigate ramifications of IP masking on Wikidata related extensions.

Change 921540 merged by jenkins-bot:

[mediawiki/extensions/RevisionSlider@master] Skip user setting for unnamed users

https://gerrit.wikimedia.org/r/921540

ReleaseTaggerBot edited projects, added MW-1.41-notes (1.41.0-wmf.11; 2023-05-30); removed MW-1.41-notes (1.41.0-wmf.10; 2023-05-23).May 24 2023, 8:00 AM

Maintenance_bot removed a project: Patch-For-Review.May 24 2023, 8:10 AM

WMDE-Fisch added a project: WMDE-TechWish-Sprint-2023-05-03.May 25 2023, 7:59 AM

WMDE-Fisch moved this task from Sprint Backlog to Demo on the WMDE-TechWish-Sprint-2023-05-03 board.

thiemowmde removed a project: WMDE-TechWish-Maintenance.May 25 2023, 2:04 PM

WMDE-Fisch moved this task from Demo to Done on the WMDE-TechWish-Sprint-2023-05-03 board.Jun 13 2023, 8:22 AM

Change 929636 had a related patch set uploaded (by WMDE-Fisch; author: WMDE-Fisch):

[mediawiki/extensions/AdvancedSearch@master] Use isNamed for the user option

https://gerrit.wikimedia.org/r/929636

gerritbot added a project: Patch-For-Review.Jun 13 2023, 8:43 AM

Change 929636 merged by jenkins-bot:

[mediawiki/extensions/AdvancedSearch@master] Use isNamed for the user option

https://gerrit.wikimedia.org/r/929636

ReleaseTaggerBot edited projects, added MW-1.41-notes (1.41.0-wmf.15; 2023-06-27); removed MW-1.41-notes (1.41.0-wmf.11; 2023-05-30).Jun 13 2023, 10:00 AM

Maintenance_bot removed a project: Patch-For-Review.Jun 13 2023, 10:10 AM

ItamarWMDE closed subtask T328454: [TECH][IPM] Investigate ramifications of IP masking on Wikidata related extensions as Resolved.Sep 26 2023, 5:15 PM

There is a whole bunch of API endpoints and Special Pages on the Wikidata side of things that do changes that currently cause an anon user's IP address to be logged and displayed. Many, but not all of them go through repo/includes/EditEntity/MediaWikiEditEntity.php and I guess WIP example: Create a temporary user from ApiSetClaim (I57075e88) outlines the fundamental work that will need to be done, eventually.

@Tchanders: It is still unclear to me what the general plan is for moving forward with them. Or where the overall effort for this is being coordinated. I really would appreciate some pointers here if you can provide them 🙏.

Noting my confusion about a bunch of things in more detail, doesn't have to be cleared up here, but probably answers should exist at some point somewhere:
I see T349219: [M] Investigate: Which workflows create an IP actor?, but is this for doing due diligence that no workflow is being overlooked, or is that for creating a list to actually do the work? I saw T340540#9201679 which seems looks like we need to touch every current and future editing-related endpoint for this. I also saw T336187: [S] Investigate: Creating temp user on non-EditPage actions, but I'm unsure what specifically follows from that.

If we miss an endpoint, is there some safety-mechanism planned/implemented that ensures that requests fail that would create a ip-edit/change without also creating a temporary account?

The task T325592: Start a technical documentation page for IP Masking sounds like it might help, but it has not seen any movement since it was created roughly a year ago.

Michael mentioned this in T351974: Stop showing create an account message on EntitySchema editing UI for Wikibase instances that have temporary accounts enabled.Nov 27 2023, 1:10 PM

Thanks for the question @Michael - we are drafting a follow-up communication to send round about this, which should hopefully add a load of clarification. I'll try to provide some answers in the meantime below.

@Tchanders: It is still unclear to me what the general plan is for moving forward with them. Or where the overall effort for this is being coordinated. I really would appreciate some pointers here if you can provide them 🙏.
[...]
I see T349219: [M] Investigate: Which workflows create an IP actor?, but is this for doing due diligence that no workflow is being overlooked, or is that for creating a list to actually do the work?

The work will be co-ordinated via this task: T349129: [Epic] Workflows that create an IP (anon) actor should create a temporary user actor instead. We're expecting to add some more subtasks as a result of T349219: [M] Investigate: Which workflows create an IP actor?, which will be our attempt to find affected cases. But we don't expect to find them all, so we'll also ask other teams to check their features and file tasks there too.

In terms of co-ordinating timing and roadmaps between teams, this is something that @TAdeleye_WMF has been working on.

I saw T340540#9201679 which seems looks like we need to touch every current and future editing-related endpoint for this. I also saw T336187: [S] Investigate: Creating temp user on non-EditPage actions, but I'm unsure what specifically follows from that.

Each endpoint will need updating separately. (I think this is the logical conclusion of how MW is architected, by calling out to individual handlers that do everything - e.g. permissions checks, rate limits, logging, etc - distally.)

We will provide clear steps for what to do, which modules and traits can be included, etc. We'll add it to the documentation page (more on that below) and add it to the communication.

If we miss an endpoint, is there some safety-mechanism planned/implemented that ensures that requests fail that would create a ip-edit/change without also creating a temporary account?

The safety mechanism goes the other way - it will throw an error on attempting to create an IP actor, so the action won't complete until the pathway is fixed: T345578: Ensure that an IP address cannot be saved permanently if IP Masking is enabled.

This will likely be a way of finding missed cases, but at first we'll monitor for this log entry when IP actors are created: T349891: [S] Add some kind of logging when an actor is created with an IP address, to try to stay ahead.

The task T325592: Start a technical documentation page for IP Masking sounds like it might help, but it has not seen any movement since it was created roughly a year ago.

Our technical documentation lives here: https://www.mediawiki.org/wiki/Help:Temporary_accounts/How_it_works - it looks like that task wasn't updated when we added that.

@Tchanders Thank you so much for those details! This helps us a lot with planning the next steps better 🙏

Lydia_Pintscher added a subtask: T356989: Automated testing in REST API to ensure IP masking works.Feb 8 2024, 5:25 PM

kostajh added a parent task: T359043: Enable temp account creation in CI and local development environments via DevelopmentSettings.php.Mar 4 2024, 1:39 PM

kostajh removed a parent task: T359043: Enable temp account creation in CI and local development environments via DevelopmentSettings.php.Mar 4 2024, 1:42 PM

Ifrahkhanyaree_WMDE closed subtask T356989: Automated testing in REST API to ensure IP masking works as Resolved.Mar 5 2024, 11:17 AM

WMDE-Fisch unsubscribed.Mar 5 2024, 11:23 AM

Arian_Bozorg closed subtask T351968: Update Wikidata-related extensions for IP Masking as Resolved.Mar 22 2024, 3:30 PM

kostajh mentioned this in T365676: [REPO][SW] Ensure api-testing MediaWiki extension tests pass when temp account feature flag is enabled.May 23 2024, 9:33 AM