@Dalba I just ran this simplified bot on fawiki and ran into the same issue (of it asking me to login again):

In T229293#5419215, @Dalba wrote:

I wonder why you're being prompted for typing your password again, maybe your user-config.py/password_file is not configured properly?

I have the following lines in mine:

user-config.py:

usernames['*']['*'] = 'Dalba'
sysopnames['*']['*'] = 'Dalba'
password_file = 'user-password.py'

@Daimona I updated these:

I agree that a DBA review would be necessary.

In T200703#5420646, @Bawolff wrote:

In T200703#5420630, @Huji wrote:

Is there a reason we are using cl_timestamp and not page_random here? The code has been using cl_timestamp since 2013 at least. In comparison, Randompage and Randomrootpage both use page_random.

Efficency on large categories. Using page_random means a filesort. This means that the db has to load every page in the category, sort them, and then get the right page. Some categories have millions of pages in them (e.g. license cats on commons) so thats not ok. Order by RAND() would probably be equivalent to page_random here.

Is there a reason we are using cl_timestamp and not page_random here? The code has been using cl_timestamp since 2013 at least. In comparison, Randompage and Randomrootpage both use page_random.

@DannyS712 the Elections tag, which Aklapper pointed out, would serve that purpose.

I am not fluent in MW API, so let me ask this: is there a way to ask the API "who am i"? Or "which groups am I a part of"? Because if so, then all Pywikibot has to do is when OAuth is used it should check to make sure it is indeed authenticated using a sysop account before trying each sysop action.

With BotPasswords, the CSRF error was not shown when the first block was done. When a second block was attempted, I got a Login failed error. Here are some relevant portions of the log:

Alright, I tried OAuth and when I was creating the consumer on meta, I made sure to check "Block and unblock users". However, when the bot gets to the point that it tries to block an IP I get this error message:

Sure, I will give OAuth a try. But first, I need someone to add my bot to the "confirmed" group on Meta.

@Sambasoccer27 can you please provide a diff link, not an oldid link? Something like https://en.wikipedia.org/w/index.php?title=Abd_el-Krim&diff=prev&oldid=906255302

That is my best guess. Here is an excerpt of the relevant portions of the output of my bot in one of its recent runs:

I did not know that if you do not specify the bot parameter it would mean the edit won't be labeled as a bot edit. Since we had both minor and notminor I just assumed we would also need notbot. I just verified that what @Antigng said is actually correct, hence marking the task as invalid.

In T229947#5402592, @Daimona wrote:

I suggest that we try to restart the discussion about the global abusefilter managers group on meta. I was thinking to do that next week, and maybe write on tech news. ATM there are several tasks for which we'd need those rights.

Here is the thing tho: if we only want to allow literal strings as the first parameter, then what is the point of having set_var at all? We already can use the variable := value syntax for that.

You can query public filters like this but (a) you cannot query private filters, and (b) this would require running the query for hundreds of wikis one at a time.

Can this be merged with T170504 somehow? As a parent and child task, or some other way?

@Daimona, I think we should run a query to make sure no WMF wiki already uses this feature, before disabling it. Can you take the lead on that subtask?

Interesting find!

Obviously, keeping this open despite the merged patch, as the patch only helps with better logging of events and the problem persists.

In T229600#5385973, @Reedy wrote:

a new hook was created in OATHAuth to address

A new subscriber was created. A new hook was not created

I did more examinations of this. My bot will issue several blocks each time I run it. The first block never causes the warning to show up; all subsequent blocks will. I will try to investigate more, but thought sharing it here could help others who may also be investigating this.

@Urbanecm yes; sorry I did not see your message due to poor inbox management.

Hmmm. The only case for using cuc_user_text would be if we were thinking that a user maybe renamed but CU data might not have been synced yet. But I don't think that should be the case ever since the onRenameUserSQL hook exists (since rECHU7b16c55a4a0def59a910d4bb4bead07706a23028 implemented in 2016).

No, I don't. Here is what I get for running a check for "admin":

That was a typo (I updated the task). The issue persists.

I still think someone else with more experience should give this some consideration; I continue to think that the help message should be wiki-specific, and therefore it should not be handled through the code base.

https://www.mediawiki.org/wiki/Manual:Special_pages#Custom_special_pages does not provide the relevant information (for one thing, it never even mentions Special:BlankPage so for a non-technical user that help page is completely useless).

On it

@DannyS712 feel free to add me as a reviewer for the remaining patches.

It is. I just created a log for you on fawiki :)