Background

After Temporary accounts is live, external tools will have no way to query for IP ranges from public data. All new logged out edits will be made using temporary accounts, and thus the underlying IP only lives in CheckUser. However, the barrier to being able to see the IPs will be lowered, similar to before (because they're still "logged out"). The difference is some may not have the rights to view the IPs on one wiki, while they do on others, etc.

Local sysops can use Special:Contributions to query for edits from a given IP range. When we identify a vandalism spree on one wiki, it's not uncommon that it spreads to others. This is where stewards step in and block globally if it's causing harm across the farm.

Problem

Older tools that were relied on by Stewards and Global Sysops like Tool-Global-user-contributions and XTools will no longer be able to suit the needs of the global counter-vandalism community. T331546: Convert XTools globalcontribs and GUC to use authenticated API calls is about updating those tools to make authenticated API calls so they can continue to function, but this still would mean making 800+ separate requests to get the same results that before could be done in just 8 database queries. The time to check a range globally will go from a few seconds to significantly longer.

Proposed solution

We need a proper global contributions tool to be introduced into MediaWiki. Care should be taken to ensure IPs are only surfaced on wikis for which the user has the rights to view them. Since the data all lives in CheckUser, it seems fitting to implement it there, with a standard ContribsPager-like interface. There is T28957 which is about a dedicated extension, but that makes less sense now given it would have a hard dependency on CheckUser.

Note that this not T212779: Implement Global CheckUser, which has seen some pushback from the community. This task is about exposing only edits from temporary accounts across all wikis for which the IPs are already visible to the user.