Page MenuHomePhabricator
Feed Advanced Search

Jul 20 2021

LucasWerkmeister committed R2494:4a4ec80c2c02: Fix lots of type errors (authored by LucasWerkmeister).
Fix lots of type errors
Jul 20 2021, 7:04 PM
LucasWerkmeister committed R2494:4c4d5bd61ba3: Remove stray </textarea> tag (authored by LucasWerkmeister).
Remove stray </textarea> tag
Jul 20 2021, 7:04 PM
LucasWerkmeister committed R2494:56f9e69ec294: Improve .flake8 config file (authored by LucasWerkmeister).
Improve .flake8 config file
Jul 20 2021, 7:04 PM

Jul 19 2021

LucasWerkmeister committed R2362:0c9f1015c0c3: Use outline instead of border for edit mode style (authored by LucasWerkmeister).
Use outline instead of border for edit mode style
Jul 19 2021, 6:44 PM
LucasWerkmeister added a comment to T286414: Wikidata Lexeme Forms tool configuration was public.

Did I actually need to request a new consumer? It’s now been pointed out to me that there is a checkbox to “Reset the secret key to a new value” in the page to update the consumer – would that have been enough?

Jul 19 2021, 4:19 PM · Toolforge

Jul 18 2021

LucasWerkmeister committed R2469:e8184559a6b8: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 8:00 PM
LucasWerkmeister committed R2390:267a60858dca: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 7:54 PM
LucasWerkmeister committed R2390:9f87f32dba8b: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 7:53 PM
LucasWerkmeister committed R2390:905ab53af9cf: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 7:46 PM
LucasWerkmeister committed R2422:eb1f1e04bf5e: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 7:33 PM
LucasWerkmeister committed R2422:8eb3c8739ed8: Update config loading code (authored by LucasWerkmeister).
Update config loading code
Jul 18 2021, 7:31 PM
LucasWerkmeister committed R2362:fa64f7e0218c: Require only user-readable config file (authored by LucasWerkmeister).
Require only user-readable config file
Jul 18 2021, 6:17 PM
LucasWerkmeister committed R2362:61b1d0fd93e2: Add Igbo adjective template (authored by LucasWerkmeister).
Add Igbo adjective template
Jul 18 2021, 1:50 PM
LucasWerkmeister committed R2362:3f712cec280f: Update Igbo noun template (authored by LucasWerkmeister).
Update Igbo noun template
Jul 18 2021, 1:50 PM
LucasWerkmeister added a comment to T286845: Add operations/software/tools-webservice.git to MediaWiki Codesearch.

Works now, thanks a lot!

Jul 18 2021, 1:33 PM · User-Ladsgroup, Toolforge, VPS-project-Codesearch

Jul 17 2021

LucasWerkmeister added a comment to T286847: Add webservice flag to mount project directory read-only.

Ohhhh. That’s true, I completely forgot about the logs.

Jul 17 2021, 2:09 PM · Toolforge
LucasWerkmeister added a comment to T286847: Add webservice flag to mount project directory read-only.

Most of the volume mounts are already read-only:

Jul 17 2021, 12:03 PM · Toolforge
LucasWerkmeister created T286847: Add webservice flag to mount project directory read-only.
Jul 17 2021, 11:59 AM · Toolforge
LucasWerkmeister created T286845: Add operations/software/tools-webservice.git to MediaWiki Codesearch.
Jul 17 2021, 11:20 AM · User-Ladsgroup, Toolforge, VPS-project-Codesearch
LucasWerkmeister committed R2362:0d1f3d924eaf: Use flask.config.from_file() to load config file (authored by LucasWerkmeister).
Use flask.config.from_file() to load config file
Jul 17 2021, 11:00 AM

Jul 15 2021

LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

But as an approximation, I’ve pushed a pygments-server change to override the Python open() function before calling Pygments. It may break if Pygments changes how it reads files, but for now it works as another defense layer (I’ve tested it locally).

Jul 15 2021, 9:07 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

The whole point of my pygments-server, as opposed to the other one, is that it doesn’t parse the command line, because that limits the ways in which it can be used. I don’t control Extension:SyntaxHighlight, I don’t know which parts of pygments’ CLI it’ll start to use tomorrow.

Jul 15 2021, 8:09 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286690: Orchestrator on Notwikilambda is not correctly configured so can't dereference ZIDs from the wiki.

Isn’t it redundant with $wgServer or one of the related variables?

Jul 15 2021, 7:06 PM · Abstract Wikipedia team
LucasWerkmeister claimed T286690: Orchestrator on Notwikilambda is not correctly configured so can't dereference ZIDs from the wiki.

Alright, I added this to the LocalSettings.php:

Jul 15 2021, 7:04 PM · Abstract Wikipedia team
LucasWerkmeister closed T286724: notwikilambda pygments server allows revealing secrets as Resolved.

I think this is fixed; no secrets were revealed in this task, so I think it can be made public too.

Jul 15 2021, 6:53 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

Alright, after a false start where I accidentally took down the wiki by blocking ingress to all pods, including the webservice, I think it’s working now.

Jul 15 2021, 6:52 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

Mentioned in SAL (#wikimedia-cloud) [2021-07-15T18:49:00Z] <wm-bot> <lucaswerkmeister> block external traffic to internal pods (T286724)

Jul 15 2021, 6:50 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

I thought a generally accessible pygments-server might potentially be useful, but now I don’t feel confident enough anymore that k8s isn’t mounting random stuff elsewhere in the container. Let’s see if I can figure out network policies.

Jul 15 2021, 6:25 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

Mentioned in SAL (#wikimedia-cloud) [2021-07-15T18:24:00Z] <wm-bot> <lucaswerkmeister> don’t mount service tokens into pods (T286724)

Jul 15 2021, 6:25 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

Ugh, you’re right.

Jul 15 2021, 6:17 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

Mentioned in SAL (#wikimedia-cloud) [2021-07-15T17:53:00Z] <wm-bot> <lucaswerkmeister> only mount ~/www/python into pygments-server pod (T286724)

Jul 15 2021, 5:55 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team
LucasWerkmeister added a comment to T286724: notwikilambda pygments server allows revealing secrets.

The fix here is to use Kubernetes network policies to limit incoming traffic to the pygments server service.

Jul 15 2021, 5:27 PM · SecTeam-Processed, Vuln-Infoleak, Tools, Security, Security-Team

Jul 14 2021

LucasWerkmeister added a comment to T286679: Some interface messages are in Welsh when British English is selected as the interface language.

Also, note how the edit links in the sitelink groups (first screenshot) still say edit, rather than “golygu” as in ?uselang=cy.

Jul 14 2021, 9:48 PM · MW-1.37-notes (1.37.0-wmf.15; 2021-07-19), wdwb-tech, MediaWiki-Internationalization, I18n, Wikidata
LucasWerkmeister added a comment to T281155: 1.37.0-wmf.14 deployment blockers.

Possible blocker: T286679: Some interface messages are in Welsh when British English is selected as the interface language isn’t a very serious issue, but may annoy a number of English Wikipedia users if it reaches group2. (It’s not yet clear how many messages would be affected, and I also don’t know how many people actually have their user interface set to en-gb.)

Jul 14 2021, 9:48 PM · Release-Engineering-Team (Doing), Release, Train Deployments
LucasWerkmeister added a comment to T286679: Some interface messages are in Welsh when British English is selected as the interface language.

At least the footer seems to affect Wikipedias as well – https://ca.wikipedia.org/wiki/Portada?uselang=en-gb has the following footer on my end:

Jul 14 2021, 9:44 PM · MW-1.37-notes (1.37.0-wmf.15; 2021-07-19), wdwb-tech, MediaWiki-Internationalization, I18n, Wikidata
LucasWerkmeister added a comment to T286679: Some interface messages are in Welsh when British English is selected as the interface language.

https://www.wikidata.org/wiki/MediaWiki:Wikibase-sitelinks-wikiquote/en-gb shows the Welsh message text for some reason (which is at least consistent with it being shown on item pages).

Jul 14 2021, 9:42 PM · MW-1.37-notes (1.37.0-wmf.15; 2021-07-19), wdwb-tech, MediaWiki-Internationalization, I18n, Wikidata
LucasWerkmeister added a comment to T286679: Some interface messages are in Welsh when British English is selected as the interface language.

On the other hand, the sidebar, for instance, is unaffected (in ?uselang=cy it’s different):

Jul 14 2021, 9:39 PM · MW-1.37-notes (1.37.0-wmf.15; 2021-07-19), wdwb-tech, MediaWiki-Internationalization, I18n, Wikidata

Jul 12 2021

LucasWerkmeister added a comment to T286107: toolforge-jobs: Allow specifying arguments to commands.

For the record, I identified the problem early in the development of the framework. It was a conscious decision to leave it out in the first iteration because I wanted to collect clear use cases and expectations.
I was hoping that the wrapper approach that is suggested in wikitech was enough to cover basically all cases.

Jul 12 2021, 12:27 PM · cloud-services-team (Kanban), Toolforge

Jul 11 2021

LucasWerkmeister added a comment to T286411: ISA tool configuration is public.

In the slightly longer term, the ISA developers should probably request and configure a new OAuth consumer, and the old one should be disabled, since any Toolforge user could have stolen its secret in the past two years or so.

Jul 11 2021, 5:13 PM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister closed T286414: Wikidata Lexeme Forms tool configuration was public as Resolved.

Alright, the old OAuth consumers are gone. I think we can close this. Thanks @bd808!

Jul 11 2021, 5:12 PM · Toolforge
LucasWerkmeister updated subscribers of T286414: Wikidata Lexeme Forms tool configuration was public.

Alright, @bd808 approved the new consumer and I restarted the tool – seems to work as far as I can tell. (Task remains open since the old consumers are still enabled.)

Jul 11 2021, 5:05 PM · Toolforge
LucasWerkmeister updated subscribers of T286414: Wikidata Lexeme Forms tool configuration was public.

New OAuth consumer has been requested and configured; I’ll restart the tool (to pick up the new configuration file) once it’s been approved.

Jul 11 2021, 1:43 PM · Toolforge
LucasWerkmeister created T286414: Wikidata Lexeme Forms tool configuration was public.
Jul 11 2021, 1:36 PM · Toolforge
LucasWerkmeister added a project to T286411: ISA tool configuration is public: Toolforge.
Jul 11 2021, 1:22 PM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister added a project to T286411: ISA tool configuration is public: Vuln-Infoleak.

Tentatively classifying as Vuln-Infoleak, though I’m not certain about that.

Jul 11 2021, 11:50 AM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister updated the task description for T286411: ISA tool configuration is public.
Jul 11 2021, 11:28 AM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister added a project to T286411: ISA tool configuration is public: ISA.
Jul 11 2021, 11:27 AM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister created T286411: ISA tool configuration is public.
Jul 11 2021, 11:27 AM · SecTeam-Processed, cloud-services-team (Kanban), Toolforge, Vuln-Infoleak, ISA, Security
LucasWerkmeister claimed T229069: Don’t use heading elements (<h4>) in Wikibase diffs for coordinates and quantities.
Jul 11 2021, 10:56 AM · MW-1.37-notes (1.37.0-wmf.14; 2021-07-12), Patch-For-Review, Wikidata

Jul 7 2021

LucasWerkmeister added a comment to T286297: WikibaseMediaInfo StatementWidget uses messages from another ResourceLoader module.

Worked around this in AC/DC by loading the other ResourceLoader module as well (commit, on-wiki diff).

Jul 7 2021, 5:30 PM · MW-1.38-notes (1.38.0-wmf.6; 2021-10-26), Structured-Data-Backlog (Current Work), WikibaseMediaInfo
LucasWerkmeister created T286297: WikibaseMediaInfo StatementWidget uses messages from another ResourceLoader module.
Jul 7 2021, 5:21 PM · MW-1.38-notes (1.38.0-wmf.6; 2021-10-26), Structured-Data-Backlog (Current Work), WikibaseMediaInfo

Jul 6 2021

LucasWerkmeister added a comment to T286242: [Curious Facts] link to displayed image (if any).

You can get some attribution information from the query+imageinfo+extmetadata API, if you want to (example code), but it’s probably easier to just make the image a link to Commons.

Jul 6 2021, 7:15 PM · User-GoranSMilovanovic, Wikidata Analytics, WMDE-Analytics-Engineering, Wikidata

Jul 3 2021

LucasWerkmeister added a comment to T286107: toolforge-jobs: Allow specifying arguments to commands.

I think just splitting on spaces would do more harm than good. A shell would probably be a viable option.

Jul 3 2021, 12:27 PM · cloud-services-team (Kanban), Toolforge

Jul 2 2021

LucasWerkmeister added a comment to T285944: Toolforge: beta phase for the new jobs framework.
  • It looks like it’s not possible to pass arguments to the command being executed; I assume we’re expected to put any nontrivial commands into a shell script and use the shell script as the command?

You can add it in quotes, like --command "./my-command.py foo bar".

Jul 2 2021, 7:18 PM · cloud-services-team (Kanban), Toolforge
LucasWerkmeister added a comment to T285944: Toolforge: beta phase for the new jobs framework.

Thanks for the fingerprint.

Jul 2 2021, 6:28 PM · cloud-services-team (Kanban), Toolforge
LucasWerkmeister added a comment to T286072: No tab completion for `become` on dev-buster.toolforge.org.

I think the How It Ever Worked is that /etc/bash_completion.d/ isn’t loaded on-demand (which I guess is why it’s the legacy location and deprecated, because immediately loading all the completions takes a while)?

Jul 2 2021, 5:39 PM · Toolforge
LucasWerkmeister added a comment to T286072: No tab completion for `become` on dev-buster.toolforge.org.

After typing misctools and then pressing Tab, become autocompletes correctly. If I understand correctly, completions in /usr/share/bash-completion/ are only loaded on-demand, so combining multiple completions into a single misctools file is not correct – they should be in files called become and sql, respectively, so that they’ll be autoloaded when trying to run autocompletion for those commands.

Jul 2 2021, 5:35 PM · Toolforge
LucasWerkmeister added a comment to T286072: No tab completion for `become` on dev-buster.toolforge.org.

On the regular bastion, that completion comes from /etc/bash_completion.d/misctools, from the misctools package:

Jul 2 2021, 5:34 PM · Toolforge
LucasWerkmeister added a comment to T286072: No tab completion for `become` on dev-buster.toolforge.org.

Looks like it’s not installed:

Jul 2 2021, 5:15 PM · Toolforge
LucasWerkmeister created T286072: No tab completion for `become` on dev-buster.toolforge.org.
Jul 2 2021, 5:14 PM · Toolforge

Jul 1 2021

LucasWerkmeister added a comment to T285944: Toolforge: beta phase for the new jobs framework.

I’d love to use the new jobs framework for Wikidata Shape Expressions Inference, which currently runs as a Grid webservice so that it can schedule Grid jobs.

Jul 1 2021, 7:31 PM · cloud-services-team (Kanban), Toolforge

Jun 29 2021

LucasWerkmeister added a comment to T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection.

Hm, I didn’t consider new page creations, that’s a good point. I’ll check if there are any other reasons why Wikibase still has a separate API module.

Jun 29 2021, 11:01 PM · Abstract Wikipedia team, SecTeam-Processed, Vuln-CSRF, WikiLambda, Security

Jun 28 2021

LucasWerkmeister added a comment to T284170: TypeError: Argument to UserNameUtils::getCanonical() must be string in AbstractPrimaryAuthenticationProvider.php (Unable to login).

You can still get the error by adding &notwikilambda-clear-preauth=false to the login URL (example).

Jun 28 2021, 8:55 PM · MW-1.37-notes (1.37.0-wmf.12; 2021-06-28), Platform Engineering, Wikimedia-production-error, MediaWiki-extensions-Pluggable-Auth, MediaWiki-extensions-WSOAuth, MediaWiki-Authentication-and-authorization
LucasWerkmeister committed R2362:64c5584c9d02: Remove workaround for T241422 (authored by LucasWerkmeister).
Remove workaround for T241422
Jun 28 2021, 5:54 PM
LucasWerkmeister committed R2362:706244e36b08: Remove Igbo special case from test (authored by LucasWerkmeister).
Remove Igbo special case from test
Jun 28 2021, 5:42 PM

Jun 26 2021

LucasWerkmeister added a comment to T285579: [M] "Add data" step of Upload Wizard broken.

Confirmed, looks like this. (“Add a statement” finds no results because it’s searching for properties for other statements, not items as the “depicts” value, but I also fell for this before realizing that there must be an input field missing.)

Jun 26 2021, 7:03 PM · MW-1.38-notes (1.38.0-wmf.2; 2021-09-28), MW-1.37-notes (1.37.0-wmf.12; 2021-06-28), Structured-Data-Backlog (Current Work), Structured Data Engineering, StructuredDataOnCommons, UploadWizard

Jun 24 2021

LucasWerkmeister updated subscribers of T268114: Update documentation.
Jun 24 2021, 12:03 PM · Smithsonian, Wikibase (3rd party installations)

Jun 22 2021

LucasWerkmeister committed R2362:c88b1962faf5: Add Igbo noun template (authored by LucasWerkmeister).
Add Igbo noun template
Jun 22 2021, 7:37 PM
LucasWerkmeister committed R2362:8f4397d499d6: Add Igbo proper noun template (authored by LucasWerkmeister).
Add Igbo proper noun template
Jun 22 2021, 7:36 PM

Jun 19 2021

LucasWerkmeister committed R2362:c5b12d5dc11c: Add Malayalam proper noun template (authored by LucasWerkmeister).
Add Malayalam proper noun template
Jun 19 2021, 7:31 PM
LucasWerkmeister committed R2362:05cd31e9bd18: Update Malayalam noun template (authored by LucasWerkmeister).
Update Malayalam noun template
Jun 19 2021, 7:16 PM

Jun 15 2021

LucasWerkmeister committed R2362:d8eadd1caedc: Make some more grammatical features optional (authored by LucasWerkmeister).
Make some more grammatical features optional
Jun 15 2021, 7:31 PM
LucasWerkmeister committed R2362:f31f1c0fcfaa: Add support for optional grammatical features (authored by LucasWerkmeister).
Add support for optional grammatical features
Jun 15 2021, 6:58 PM
LucasWerkmeister committed R2362:fe22dbc464e0: Add set() support to flask.jsonify() (authored by LucasWerkmeister).
Add set() support to flask.jsonify()
Jun 15 2021, 6:58 PM
LucasWerkmeister committed R2362:9ff9495be2e5: Fix Nikki’s name (authored by LucasWerkmeister).
Fix Nikki’s name
Jun 15 2021, 6:55 PM

Jun 14 2021

LucasWerkmeister committed R2362:70efbdc1a7e6: Fix item ID for volitive (authored by LucasWerkmeister).
Fix item ID for volitive
Jun 14 2021, 11:56 PM

Jun 12 2021

LucasWerkmeister closed T284368: Not Wikilambda seems to be cyclically broken as Resolved.

I guess I’ll close this task now, the “cyclic” brokenness seems to be resolved.

Jun 12 2021, 5:12 PM · Abstract Wikipedia team, WikiLambda
LucasWerkmeister added a comment to T284368: Not Wikilambda seems to be cyclically broken.

Okay, Z5 is now fixed as well (I added a line zobject.Z2K1 = 'Z5'; before saving the edit). I guess that ID was just a mistake in the initial data (which was then fixed in Iee44178630).

Jun 12 2021, 5:10 PM · Abstract Wikipedia team, WikiLambda
LucasWerkmeister added a comment to T284368: Not Wikilambda seems to be cyclically broken.

Alright, fixing Z5 doesn’t work, because apparently the content of that page specifies the ID (Z2K1) as Z4 rather than Z5, which wikilamdba_edit then (rightfully, I suppose) complains about when trying to save the fixed revision.

Jun 12 2021, 5:07 PM · Abstract Wikipedia team, WikiLambda
LucasWerkmeister added a comment to T284368: Not Wikilambda seems to be cyclically broken.

I threw together some JavaScript to fix the monolingual texts:

Jun 12 2021, 4:53 PM · Abstract Wikipedia team, WikiLambda

Jun 7 2021

LucasWerkmeister committed R2362:39f4e1cf2b00: Remove workaround for pallets/werkzeug#1992 (authored by LucasWerkmeister).
Remove workaround for pallets/werkzeug#1992
Jun 7 2021, 9:35 PM
LucasWerkmeister committed R2362:dcb35421793f: Add link to create duplicate lexeme in bulk mode results (authored by LucasWerkmeister).
Add link to create duplicate lexeme in bulk mode results
Jun 7 2021, 9:35 PM
LucasWerkmeister committed R2362:ad15885b2042: Preserve form representations in bulk results duplicate edit links (authored by LucasWerkmeister).
Preserve form representations in bulk results duplicate edit links
Jun 7 2021, 9:35 PM
LucasWerkmeister added a comment to P16317 Script to get word count of all wikis from Toolforge CirrusSearch elasticsearch replicas.

Big caveat: only counts namespace 0. Ideally it should probably respect $wgNamespacesToBeSearchedDefault.

Jun 7 2021, 9:31 PM · CirrusSearch, Toolforge
LucasWerkmeister added a comment to T284499: Make CirrusSearch word count available via API.

Also, this doesn’t take $wgNamespacesToBeSearchedDefault into account.

Jun 7 2021, 9:29 PM · Discovery-Search, CirrusSearch
LucasWerkmeister added a comment to T284499: Make CirrusSearch word count available via API.

I packaged that up in a script (P16317) and put the results at P16318 if anyone needs them.

Jun 7 2021, 9:25 PM · Discovery-Search, CirrusSearch
LucasWerkmeister added a comment to P16318 Word count of all wikis as of 2021-06-07.

Created using P16317 (sorted using sort, not part of the script).

Jun 7 2021, 9:24 PM
LucasWerkmeister created P16318 Word count of all wikis as of 2021-06-07.
Jun 7 2021, 9:24 PM
LucasWerkmeister created P16317 Script to get word count of all wikis from Toolforge CirrusSearch elasticsearch replicas.
Jun 7 2021, 9:21 PM · CirrusSearch, Toolforge
LucasWerkmeister added a comment to T284499: Make CirrusSearch word count available via API.

Workaround using CirrusSearch elasticsearch replicas:

Jun 7 2021, 9:05 PM · Discovery-Search, CirrusSearch
LucasWerkmeister created T284499: Make CirrusSearch word count available via API.
Jun 7 2021, 8:37 PM · Discovery-Search, CirrusSearch

Jun 6 2021

LucasWerkmeister updated the task description for T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection.
Jun 6 2021, 4:42 PM · Abstract Wikipedia team, SecTeam-Processed, Vuln-CSRF, WikiLambda, Security
LucasWerkmeister added a subtask for T274682: Security Readiness Review For Wikifunctions: T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection.
Jun 6 2021, 4:40 PM · Abstract Wikipedia team, user-sbassett, Security, secscrum, Security Readiness Reviews
LucasWerkmeister added a subtask for T275945: Launch Wikifunctions: T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection.
Jun 6 2021, 4:40 PM · User-Urbanecm, Wiki-Setup (Create), Epic, Abstract Wikipedia team (Phase λ)
LucasWerkmeister added parent tasks for T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection: T274682: Security Readiness Review For Wikifunctions, T275945: Launch Wikifunctions.
Jun 6 2021, 4:40 PM · Abstract Wikipedia team, SecTeam-Processed, Vuln-CSRF, WikiLambda, Security
LucasWerkmeister added a project to T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection: WikiLambda.
Jun 6 2021, 4:39 PM · Abstract Wikipedia team, SecTeam-Processed, Vuln-CSRF, WikiLambda, Security
LucasWerkmeister created T284403: WikiLambda extension (wikilambda_edit action) is missing CSRF protection.
Jun 6 2021, 4:37 PM · Abstract Wikipedia team, SecTeam-Processed, Vuln-CSRF, WikiLambda, Security
LucasWerkmeister added a comment to T284368: Not Wikilambda seems to be cyclically broken.

It turns out that the “broken” objects can be fixed by converting their labels to the ZID form – see the history of https://notwikilambda.toolforge.org/w/index.php?title=ZObject:Z10001&action=history for an example.

Jun 6 2021, 4:15 PM · Abstract Wikipedia team, WikiLambda
LucasWerkmeister committed R2362:6c1be22b7448: Add target_hash URL parameter to edit mode (authored by LucasWerkmeister).
Add target_hash URL parameter to edit mode
Jun 6 2021, 2:36 PM
LucasWerkmeister committed R2362:d52179067ae7: Add target_hash URL parameter to regular+advanced mode (authored by LucasWerkmeister).
Add target_hash URL parameter to regular+advanced mode
Jun 6 2021, 2:36 PM