Daimona
Musician

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
May 18 2017, 10:49 AM (78 w, 5 d)
Availability
Available
IRC Nick
Daimona
LDAP User
Daimona Eaytoy
MediaWiki User
Daimona Eaytoy [ Global Accounts ]

Recent Activity

Yesterday

Daimona moved T209993: Expose wikibase page properties to abusefilter for Wikidata from Backlog to Filtering features on the AbuseFilter board.
Tue, Nov 20, 6:18 PM · MediaWiki-extensions-WikibaseRepository, Wikidata, AbuseFilter
Daimona added a comment to T209926: Wikilabels campaign shows "revision not found" and that's confusing and sometimes wrong.

@Halfak Yeah, I lately got to the same conclusion that this happens both because deleted revisions aren't handled properly, and because for itwiki only deleted revisions are left. I guess showing a clearer message would be great for the moment, while the proper solution would be of course to overcome the limitations of JSONP.

Tue, Nov 20, 3:36 PM · UX-Debt, Scoring-platform-team, Wikilabels
Daimona added a comment to T209926: Wikilabels campaign shows "revision not found" and that's confusing and sometimes wrong.

Using a sample API request, I noticed that:

On m.o I read:

Tue, Nov 20, 10:05 AM · UX-Debt, Scoring-platform-team, Wikilabels
Daimona updated the task description for T209926: Wikilabels campaign shows "revision not found" and that's confusing and sometimes wrong.
Tue, Nov 20, 9:53 AM · UX-Debt, Scoring-platform-team, Wikilabels
Daimona created T209926: Wikilabels campaign shows "revision not found" and that's confusing and sometimes wrong.
Tue, Nov 20, 9:50 AM · UX-Debt, Scoring-platform-team, Wikilabels

Mon, Nov 19

Daimona triaged T209877: Several edits appear twice in AbuseLog as High priority.

In the best scenario this only makes logs a bit messy. However we cannot exclude that something is broken underneath.

Mon, Nov 19, 7:42 PM · AbuseFilter
Daimona created T209877: Several edits appear twice in AbuseLog.
Mon, Nov 19, 7:41 PM · AbuseFilter

Fri, Nov 16

Daimona moved T96041: Allow excluding soft redirected categories on Special:UnusedCategories from To Triage to Announce in next Tech/News on the User-notice board.
Fri, Nov 16, 5:57 PM · MW-1.33-notes (1.33.0-wmf.6; 2018-11-27), User-notice, Patch-For-Review, Wikimedia-Hackathon-2017, Developer-Wishlist (2017), MediaWiki-Special-pages, MediaWiki-Categories
Daimona added a project to T96041: Allow excluding soft redirected categories on Special:UnusedCategories: User-notice.
Fri, Nov 16, 5:57 PM · MW-1.33-notes (1.33.0-wmf.6; 2018-11-27), User-notice, Patch-For-Review, Wikimedia-Hackathon-2017, Developer-Wishlist (2017), MediaWiki-Special-pages, MediaWiki-Categories
Daimona added a comment to T193068: Add support for SQLite and postgre when searching patterns.

I'm also wondering whether the cast to char needs to be rewritten to be DBMS-independent.

Fri, Nov 16, 1:11 PM · AbuseFilter, PostgreSQL, SQLite
Daimona added a comment to T208646: Pattern searching doesn't work for patterns enclosed in quotes.

https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/474172/ could help.

Fri, Nov 16, 1:11 PM · User-Daimona, MediaWiki-Database, AbuseFilter
Daimona added a comment to T50963: Add sniff to detect usage of deprecated $wgUser.

So, what's the status here? Adding wgUser is trivial, do we want to do it?

Fri, Nov 16, 10:35 AM · goodfirstbug, MediaWiki-Codesniffer
Daimona added a comment to T205254: Investigate usage of "text" in AbuseFilter rules on wikidata.org.

Just a comment: "_text" variables are for page title, and so are "_prefixedtext" variables. So, if you're interested in covering such variables, then you also have to include "_title" and "_prefixedtitle" per T173889.

Fri, Nov 16, 10:13 AM · Wikidata.org, wikidata-tech-focus, Wikidata
Daimona added a project to T209565: Dry run for normalizeThrottleParameters.php: Core Platform Team.

Adding Platform team per maintainers, plus CC'ing people active in this project and Tim who reviewed the patch. Being the related task UBN and release blockers, the plan is to get this done before 1.32 release. Also, a note for whoever will run the script: it's not included in production (it'll be in wmf.6), but given the circumstances, could you please deploy it and do the dry run? Deploying the script alone (and adding it to autoload) would be enough, no other code from that patch is required.

Fri, Nov 16, 8:12 AM · Core Platform Team Kanban (Doing), Core Platform Team (Security, stability, performance and scalability (TEC1)), Wikimedia-maintenance-script-run, AbuseFilter

Thu, Nov 15

Daimona removed a project from T208621: AbuseFilter Log and Edit/Create is inaccessible while partially blocked: Patch-For-Review.
Thu, Nov 15, 6:58 PM · Anti-Harassment (AHT Sprint 33), MW-1.33-notes (1.33.0-wmf.6; 2018-11-27), AbuseFilter, MediaWiki-User-management
Amorymeltzer awarded T144096: AbuseLog: add checkboxes for multiple hidding and unhidding of log entries a Cookie token.
Thu, Nov 15, 3:44 PM · Patch-For-Review, Stewards-and-global-tools, AbuseFilter
Amorymeltzer awarded T144096: AbuseLog: add checkboxes for multiple hidding and unhidding of log entries a Cookie token.
Thu, Nov 15, 3:43 PM · Patch-For-Review, Stewards-and-global-tools, AbuseFilter
Daimona removed a project from T203554: Rewrite throttle parameters: Wikimedia-maintenance-script-run.

Will file a separate task once the patch will be merged.

Thu, Nov 15, 1:31 PM · Patch-For-Review, Technical-Debt, AbuseFilter
Daimona triaged T209565: Dry run for normalizeThrottleParameters.php as High priority.

Setting to high to reflect the importance of the parent task and related ones (specifically T203336 which is 1.32 blocker).

Thu, Nov 15, 9:16 AM · Core Platform Team Kanban (Doing), Core Platform Team (Security, stability, performance and scalability (TEC1)), Wikimedia-maintenance-script-run, AbuseFilter
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

@Tgr that is true for old_wikitext_slot and new_wikitext_slot (or whatever we decide to call them), but not for derived variables like added_lines_slot, edit_delta_slot etc. I also think that for users it would be quite confusing to see lazy-loaded array elements of the same array, so we should take this into account.

Thu, Nov 15, 8:08 AM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona removed a project from T203336: Fatal exception when editing an abuse filter: Error: 1048 Column 'afa_parameters' cannot be null: Wikimedia-maintenance-script-run.

T209565 for the maintscript

Thu, Nov 15, 8:04 AM · Core Platform Team Backlog (Watching / External), MW-1.32-release, Patch-For-Review, Wikimedia-production-error, AbuseFilter
Daimona added a parent task for T209565: Dry run for normalizeThrottleParameters.php: T203587: Major overhaul for "throttle" action.
Thu, Nov 15, 8:01 AM · Core Platform Team Kanban (Doing), Core Platform Team (Security, stability, performance and scalability (TEC1)), Wikimedia-maintenance-script-run, AbuseFilter
Daimona added a subtask for T203587: Major overhaul for "throttle" action: T209565: Dry run for normalizeThrottleParameters.php.
Thu, Nov 15, 8:01 AM · Core Platform Team Kanban (Waiting for Review), Core Platform Team ( Code Health (TEC13)), User-Daimona, Patch-For-Review, Technical-Debt, AbuseFilter
Daimona created T209565: Dry run for normalizeThrottleParameters.php.
Thu, Nov 15, 7:59 AM · Core Platform Team Kanban (Doing), Core Platform Team (Security, stability, performance and scalability (TEC1)), Wikimedia-maintenance-script-run, AbuseFilter

Wed, Nov 14

Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

I think per-slot filters arebb't the right way. As for using suffixes versus arrays, the idea is the same, and both ways are good. The advantage of arrays could be a less clogged variables list (and you get the idea that you're using a part of the whole). Another thing to take into account: each part of variable should be lazy-loaded independently of others, e.g. if the whole page has new_wikitext for slot A and B, only load the required ones, like if they were separate variables. Effectively making them separate variables would help with this.

Wed, Nov 14, 9:07 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T204654: Find a better way to compute variables when testing filter syntax.

Random idea: add a new AFPData type, e.g. DNONE, to tell between actual null variables, and non-initialized ones; make the parser be permissive when it encounters this data type. I wrote a stub-patch for this some weeks ago, but stopped working on it as new problems came out... I'm also not that confident in making such a breaking change to the parser, although I think it's worth investigating this idea.

Wed, Nov 14, 7:51 PM · AbuseFilter
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

@Tgr If correctly supervisioned, it won't be a breaking change. Arrays are currently handled as strings in several function, that's because of poor initial implementation. Just think of how common is for instance added_lines contains/like/rlike ...: in these cases we just cast the array to string, because added_lines was turned into array when lots of filters already used a syntax like that, and people decided not to break everything. A step forward is to add array-specific functions, see https://gerrit.wikimedia.org/r/#/c/424298/. This way we add new ways to play with arrays (mostly treating them as such), without changing anything in the current syntax.
Adding associative arrays would be the same: for sure a big (and possibly useful) change, but it wouldn't interfere with existing filters.
The two points above (specific functions and associative arrays) would IMHO make arrays acceptable, and we could use such arrays in this patch after having addressed T204654.

Wed, Nov 14, 7:46 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

@Jdforrester-WMF Huh? Weren't we planning to make the change so that nothing will need to be updated? It wouldn't be easy to update all those filters...
@Tgr Well, that's an important point. I think we should instead improve arrays (and yeah, they pretty suck right now) somehow, maybe introducing associative arrays and changing my previous idea to use them.

Wed, Nov 14, 5:59 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

@Jdforrester-WMF That would be easy, but I'm not sure it's worth it. It'd be similar to T173889, and as for that task we would end up keeping old variables anyway. Unless we want to edit hundreds of filters.

Wed, Nov 14, 5:37 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

I think a good approach could be to:

  • Keep current variables as they are, i.e. include all slots (concatenated)
  • Add new variables, for instance new_wikitext_slot, added_lines_slot, ..., every of them being an array. To retrieve its content for the nth slot, you just have to access e.g. new_wikitext_slot[1] and proceed as usual

I don't know if this will be feasible and painless for filter maintainers, but I guess it'd be a relatively simple but effective approach. However, please note that:

  1. I haven't investigated what code changes would be necessary
  2. Since all these arrays will have variable length, we'll need to change the syntax checker, which right now fails with non-fixed-length arrays (part of T204654)
  3. In any case, also given point 2, this will not be easy.
Wed, Nov 14, 5:10 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona updated the task description for T204654: Find a better way to compute variables when testing filter syntax.
Wed, Nov 14, 5:09 PM · AbuseFilter
Daimona added a comment to T204654: Find a better way to compute variables when testing filter syntax.

Note: arrays with variable length should also be allowed: the syntax check doesn't allow accessing an array element if such array is generated at runtime (for instance it is added_lines), although it makes sense to do so. To reproduce the problem you may try checking added_lines[0], although that gives the wrong error (T198531).

Wed, Nov 14, 5:08 PM · AbuseFilter

Tue, Nov 13

Daimona created T209404: Check abnormal pageviews for some pages on itwiki.
Tue, Nov 13, 7:09 PM · Analytics, Tool-Pageviews, MediaWiki-General-or-Unknown

Mon, Nov 12

Daimona added a comment to T209296: Edit filter log: add a suppress option on the examine changes page .

@Thryduulf Ah, that's a totally different thing. The /examine interface doesn't really contain a reference to the log entry itself, and thus it's also missing a link for oversighting it. The real point here is T20655. Currently, "details" is the one focused on the entry itself and all the variables, while "examine" is almost entry-independent (if two filters catch the same edit, "examine" is the same for both entries) and is more meant to do some testing with an arbitrary pattern, which may or may not be the one of the triggered filter. I don't know if I explained properly, but the point is that "examine" is in place only to allow people take the variables from a logged abusefilter hit, and do whatever they want with them, disregarding the entry. It may sound funny, but the problem reported is more or less a feature. My suggestion as filter maintainer is to use "details" in these cases, while for the future we'll see in T20655.

Mon, Nov 12, 5:18 PM · AbuseFilter
Daimona closed T209296: Edit filter log: add a suppress option on the examine changes page as Invalid.

@Thryduulf We already have such button (which is actually a link): if you head for instance to this entry, at the end of the top line there is

Mon, Nov 12, 4:36 PM · AbuseFilter

Thu, Nov 8

Daimona committed rEARAefb31ca4b86a: Update TitleMove hook (authored by Daimona).
Update TitleMove hook
Thu, Nov 8, 3:57 PM
Daimona committed rEARA2eb36df3d374: Update TitleMove hook (authored by Daimona).
Update TitleMove hook
Thu, Nov 8, 3:57 PM
Daimona added a comment to T208842: Create a front end for making unit tests for filters.

@Huji indeed, done :-) I forgot to do it... Also, I have added T193064 instead of T53294 as subtask, as the latter is part of a broader plan.

Thu, Nov 8, 8:40 AM · User-Daimona, AbuseFilter
Daimona added subtasks for T209023: Major overhaul for AbuseFilter: T208842: Create a front end for making unit tests for filters, T193064: Create a dedicated page for stats, T203587: Major overhaul for "throttle" action.
Thu, Nov 8, 8:39 AM · Epic, AbuseFilter
Daimona added a parent task for T203587: Major overhaul for "throttle" action: T209023: Major overhaul for AbuseFilter.
Thu, Nov 8, 8:39 AM · Core Platform Team Kanban (Waiting for Review), Core Platform Team ( Code Health (TEC13)), User-Daimona, Patch-For-Review, Technical-Debt, AbuseFilter
Daimona added a parent task for T193064: Create a dedicated page for stats: T209023: Major overhaul for AbuseFilter.
Thu, Nov 8, 8:39 AM · AbuseFilter, Patch-For-Review, Design
Daimona added a parent task for T208842: Create a front end for making unit tests for filters: T209023: Major overhaul for AbuseFilter.
Thu, Nov 8, 8:39 AM · User-Daimona, AbuseFilter
Daimona created T209023: Major overhaul for AbuseFilter.
Thu, Nov 8, 8:38 AM · Epic, AbuseFilter
Daimona renamed T208842: Create a front end for making unit tests for filters from Provide a way to save some edits or their enviroment variables as unittests for individual filters to Create a front end for making unit tests for filters.
Thu, Nov 8, 8:36 AM · User-Daimona, AbuseFilter

Wed, Nov 7

Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

@Amorymeltzer I checked, and I confirm that it's a duplicate of T44734. Also, please note that this only happens in Special:AbuseLog, and not in Special:AbuseFilter/test or /examine (as it did for the problem originally reported in this task). And when it comes to specific AbuseLog entries, suppressing them is the right way, at least while waiting for a fix to T44734 (which won't be easy).

Wed, Nov 7, 3:25 PM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter
Daimona moved T151291: "User::loadFromSession called before the end of Setup.php" warning due to AbuseFilter from Next to Waiting on the User-Daimona board.
Wed, Nov 7, 11:17 AM · Core Platform Team (Security, stability, performance and scalability (TEC1)), Core Platform Team Backlog (Later), User-Daimona, AbuseFilter, Wikimedia-production-error
Daimona moved T115530: Convert Special:AbuseLog to more standard delete and suppress system from Next to Future on the User-Daimona board.
Wed, Nov 7, 11:17 AM · User-Daimona, AbuseFilter
Daimona moved T208842: Create a front end for making unit tests for filters from Backlog to Future on the User-Daimona board.
Wed, Nov 7, 11:16 AM · User-Daimona, AbuseFilter
Daimona added a project to T208842: Create a front end for making unit tests for filters: User-Daimona.
Wed, Nov 7, 11:16 AM · User-Daimona, AbuseFilter
Daimona moved T208931: Warning: Invalid parameter for message "abusefilter-log-detailedentry-local" from Backlog to Next on the User-Daimona board.
Wed, Nov 7, 11:16 AM · User-Daimona, AbuseFilter, Wikimedia-production-error
Daimona added a project to T208931: Warning: Invalid parameter for message "abusefilter-log-detailedentry-local": User-Daimona.
Wed, Nov 7, 11:16 AM · User-Daimona, AbuseFilter, Wikimedia-production-error
Daimona reopened T208842: Create a front end for making unit tests for filters as "Open".

@Huji thanks, excellent analysis! The idea is great, however I agree that it will be quite complex, and need lots of work. I'm reopening this task, but I believe that for the moment we should focus on other major changes, which aim to solve software bugs, instead of adding new features.

Wed, Nov 7, 10:44 AM · User-Daimona, AbuseFilter
Daimona added a comment to T208931: Warning: Invalid parameter for message "abusefilter-log-detailedentry-local".

If I understood T208537#4714444 correctly, this happens because we call numParams on null, which in turn means $filterId is null for the current entry. I have no idea about why this happens, though. Do we have some more context?

Wed, Nov 7, 10:36 AM · User-Daimona, AbuseFilter, Wikimedia-production-error
Daimona added a comment to T208144: Fatal error on file upload: "Argument to AbuseFilter::filterAction() must be Title, null given".

@Krinkle AFAICS The fatal only happens for uploads, specifically for uploads where the specified title isn't valid. As I was saying above, avoiding the fatal doesn't avoid silent errors, but I agree that it'd be less intrusive for users. I can't send a patch right now, but the one above is definitely an overkill. All we need to do is remove the "Title" typehint from line 1100. Also, could you please take a look at https://gerrit.wikimedia.org/r/466842?

Wed, Nov 7, 7:12 AM · MW-1.33-notes (1.33.0-wmf.2; 2018-10-30), AbuseFilter, Wikimedia-production-error

Tue, Nov 6

Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

@Amorymeltzer Hmm I don't think it's intended, probably it's just some edge-case, possibly due to the fact that the page doesn't exist (maybe we handle non-existing pages differently, or Revision class does so). I'll investigate tomorrow anyway. Could you please confirm that the reproduction steps below are correct?
*Create a page with some revisions (and trigger a filter with one of these)
*Delete the page
*Suppress the revision (already deleted) which triggered the AF
*Go to Special:AbuseLog for that same revision, which will only check for "deletedtext" right (i.e. it's visible to sysops (who aren't oversighters) but not to "normal" users)
Also, I'm unsure if that task is related... The reason could be similar, but in that case solving the problem isn't trivial at all.

Tue, Nov 6, 8:28 PM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter
Daimona added a comment to T208842: Create a front end for making unit tests for filters.

I don't know how difficult would it be, but for sure it would require several changes: at least a new page in the UI (and we'll add several new pages for performance monitoring) and some sort of DB change, being (at least) a new column in abuse_filter_log if testing past hits is OK, or a new table to make it possible to add edits for which there are no entries in the AbuseLog. It could be done, but I'd rather wait for T36180 and see if this feature will still be needed.

Tue, Nov 6, 11:37 AM · User-Daimona, AbuseFilter
Daimona added a comment to T208842: Create a front end for making unit tests for filters.

This would require adding lots of new logic. I wonder if Special:AbuseFilter/test would be enough, especially when T36180 will be resolved.

Tue, Nov 6, 10:59 AM · User-Daimona, AbuseFilter

Mon, Nov 5

Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

Uh, as filter maintainer I don't really fancy adding tons of new variables. However, adding logic to apply filters only to some slots could be IMHO even worse. If we decide to add new variables, I guess we should make the existing ones refer to all slots, to keep B/C. But again, I'm new to MCR, so all I can do is probably express my thoughts as filter maintainer.

Mon, Nov 5, 8:44 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T204954: Uncaught MWException: SpecialEditWatchlistTest::tearDown() must call parent::tearDown().

Just a note: this failure is often seen when something abruptly halts the script. It could be due to something happening elsewhere.

Mon, Nov 5, 8:00 PM · MediaWiki-Core-Tests, MediaWiki-Special-pages
Daimona renamed T208769: Ensure that AbuseFilter applies to the content of all MCR slots from AbuseFilter applies to the content of all slots to Ensure that AbuseFilter applies to the content of all MCR slots.
Mon, Nov 5, 7:51 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering
Daimona added a comment to T208769: Ensure that AbuseFilter applies to the content of all MCR slots.

@Jdforrester-WMF I was just going to ask what's to be done here, since I don't know much about MCR. This also means that I probably won't be able to help much with this. Anyway, AF uses the EditFilterMergedContent for edits. If there are no changes to the logic related to this hook, AF will probably work as usual.

Mon, Nov 5, 7:47 PM · Core Platform Team Kanban, AbuseFilter, Multi-Content-Revisions (Tech Debt), Core Platform Team (MCR), SDC Engineering

Sun, Nov 4

Daimona moved T208646: Pattern searching doesn't work for patterns enclosed in quotes from Backlog to Next on the User-Daimona board.
Sun, Nov 4, 11:16 AM · User-Daimona, MediaWiki-Database, AbuseFilter
Daimona added a project to T208646: Pattern searching doesn't work for patterns enclosed in quotes: User-Daimona.
Sun, Nov 4, 11:16 AM · User-Daimona, MediaWiki-Database, AbuseFilter

Sat, Nov 3

Daimona created T208646: Pattern searching doesn't work for patterns enclosed in quotes.
Sat, Nov 3, 2:13 PM · User-Daimona, MediaWiki-Database, AbuseFilter
Daimona closed T49512: Switch AbuseFilter to using Lua as Declined.

My assessment:

  1. We only need a fairly simple syntax for filters, there's no need to allow complicated stuff
  2. Our dedicated parser is probably faster than Lua's (exactly because it's dedicated), and this will be especially true as CachingParser will be implemented
  3. Higher expressive power means potential performance troubles from badly-written filters
  4. Adapting Lua to our needs (removing potentially dangerous stuff, injecting our variables, regex library etc.) could possibly nullify the performance gain
  5. AbuseFilter's syntax is actually simpler than Lua's, and would only make writing filters harder for non-tech people (they'd have to learn a full programming language, instead of a basic language).
Sat, Nov 3, 11:00 AM · MediaWiki-extensions-Scribunto, Performance, AbuseFilter
Daimona claimed T208621: AbuseFilter Log and Edit/Create is inaccessible while partially blocked.
Sat, Nov 3, 10:04 AM · Anti-Harassment (AHT Sprint 33), MW-1.33-notes (1.33.0-wmf.6; 2018-11-27), AbuseFilter, MediaWiki-User-management
Daimona added a comment to T201815: Implement partial blocks in AbuseFilter as they'll be available.

Memo: we should also update the user_blocked variable during the process.

Sat, Nov 3, 9:55 AM · AbuseFilter

Wed, Oct 31

Daimona added a project to T208435: Add an option to hide the "saving a blank page" warning: WorkType-Maintenance.
Wed, Oct 31, 4:18 PM · WorkType-Maintenance, AutoWikiBrowser
Daimona created T208435: Add an option to hide the "saving a blank page" warning.
Wed, Oct 31, 4:17 PM · WorkType-Maintenance, AutoWikiBrowser

Tue, Oct 30

Daimona created T208316: Allow longer summaries.
Tue, Oct 30, 1:41 PM · AutoWikiBrowser

Sat, Oct 27

Daimona added a comment to T208144: Fatal error on file upload: "Argument to AbuseFilter::filterAction() must be Title, null given".

Short-term solution could be to remove the Title typehint from $title (which was added in https://gerrit.wikimedia.org/r/#/c/mediawiki/extensions/AbuseFilter/+/460335/). However, it wouldn't actually do much, since our code isn't really meant to handle filtering without a title.
Proper and long-term solution is to ensure filtering only happens with a real title. This may be done either by halting AF execution if the title is null, or changing the used hook to make sure it always passes a title. Anyway, this only happens with uploads, and I guess only for uploads where an invalid title is specified.
See T144265 (and related patches) for the progress in the long-term.

Sat, Oct 27, 8:45 PM · MW-1.33-notes (1.33.0-wmf.2; 2018-10-30), AbuseFilter, Wikimedia-production-error
Daimona updated the task description for T208058: Cannot edit a JS page with wikitext content model.
Sat, Oct 27, 10:32 AM · MediaWiki-ContentHandler

Fri, Oct 26

Daimona moved T208092: Implement "Creating new section" variable from Backlog to Filtering features on the AbuseFilter board.

See T58371 (and consequently T191722) for why checking the summary doesn't work. I still have to check if the EditFilterMergedContent hook provides enough context to determine whether the edit is creating a new section.

Fri, Oct 26, 8:25 PM · AbuseFilter
Daimona created T208058: Cannot edit a JS page with wikitext content model.
Fri, Oct 26, 3:27 PM · MediaWiki-ContentHandler
Daimona closed T207085: Suppressed edits remain examinable in AbuseFilter as Resolved.

Nothing more to do here, this task can now be made public.

Fri, Oct 26, 3:01 PM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter

Wed, Oct 24

Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

Ah, I didn't know. If someone with merge access on wmf. branches will come across the patch, that'd be nice! Otherwise, we can just abandon it as the new version is already on group0 and the fix is already deployed on other wikis.

Wed, Oct 24, 6:43 AM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter
Daimona added a comment to T182760: Display abusefilter disables and deletions as such on Special:Log/abusefilter.

I'm not sure that we want to do this: since this log is an actual log on Special/Log, we cannot selectively hide entries from some people IIRC. This means that private filters deletions would show up as well for every user, and together with the fact that vandals (especially LTAs) may already know if there's a filter targeting them (and its ID), this way they could know if such filter is disabled.

Wed, Oct 24, 6:41 AM · AbuseFilter

Tue, Oct 23

Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

@Huji the fix is already deployed to WMF wikis per T207085#4679131. There's still this patch to be merged on wmf.26 (could you please merge it?), but it doesn't really matters, it's just for completeness' sake.

Tue, Oct 23, 5:47 PM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter
Daimona triaged T207173: Random test failures for Flow\Tests\Collection\PostCollectionTest::testGetFirstRevision as High priority.

Again: https://gerrit.wikimedia.org/r/#/c/mediawiki/extensions/AbuseFilter/+/469184/
This is nasty, and even if the cause may not be easy to understand, the test should at least be included in @Broken until it's fixed.

Tue, Oct 23, 11:55 AM · Wikimedia-production-error (Shared Build Failure), MW-1.33-notes (1.33.0-wmf.3; 2018-11-06), Patch-For-Review, StructuredDiscussions, Growth-Team
Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

Pushed to gerrit, for all mentioned branches. I only merged the one on master, since I'd like someone else to double-check backports to be sure that everything is fine, CC @Reedy @Legoktm. Please note that I had to manually +2verify the one on REL1_31 due to T189560. Also: can this task be made public once everything will be merged?

Tue, Oct 23, 11:37 AM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter

Mon, Oct 22

Daimona added a comment to T207085: Suppressed edits remain examinable in AbuseFilter.

Is everyone fine with this pushed on gerrit? Ping @Reedy, @Rxy if no oppositions are raised I'll push the patch tomorrow or so.

Mon, Oct 22, 5:32 PM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter
Daimona removed a project from T52736: Provide a way to remove autoconfirmed status without caching enabled.: goodfirstbug.

I wouldn't say this is a good first bug. Something has changed in the meanwhile, and I don't know if it's worth it to change this behaviour. Also, it should be noted that we don't explicitly require caching for blockautopromote (like we do for throttle).

Mon, Oct 22, 5:24 PM · AbuseFilter
Daimona updated subscribers of T207652: JavaScript protection on some MediaWiki messages.

This is intended, see the patch where it was introduced, and also the reasoning behind it in T45646. However, I do recognize that reusing the messages isn't that clear, so we should probably add separate messages to handle this specific case. CC'ing @Tgr who wrote the patch.

Mon, Oct 22, 5:13 PM · JavaScript, MediaWiki-Page-protection

Oct 21 2018

Daimona added a comment to T93564: Addition of last hit date to Special:AbuseFilter table.

On my wiki, running the previously used query gives the following:

Oct 21 2018, 1:01 PM · DBA, Stewards-and-global-tools, WMF-deploy-2015-07-21_(1.26wmf15), AbuseFilter
Daimona claimed T87862: Show AbuseFilter average run time and used conditions in main table.

Claiming as I took over the patch.

Oct 21 2018, 12:17 PM · Patch-For-Review, AbuseFilter
Daimona claimed T90754: Allow tracking of max run time / conditions consumed in AbuseFilter.

Claiming as I took over the patch.

Oct 21 2018, 12:17 PM · Patch-For-Review, AbuseFilter
Daimona claimed T53294: Overhaul internal profiling system .

Claiming as I took over the patch.

Oct 21 2018, 12:17 PM · Patch-For-Review, MW-1.27-release (WMF-deploy-2016-04-12_(1.27.0-wmf.21)), AbuseFilter
Daimona closed T100539: MediaWiki:Uploadtext message shown together with AbuseFilter warning for action == "upload" as Invalid.

I rewrote the task description to make it easier to understand. The second part was removed as we already have T187072. As for the remaining part, I'm closing it as invalid because now the interface is different: the uploadtext message is still there, but the filter warning is inside the section having the message "uploaderror" as title. Now the messages are clearly separated, and also it's completely fine to keep an introduction on Special:Upload.

Oct 21 2018, 12:00 PM · AbuseFilter
Daimona renamed T100539: MediaWiki:Uploadtext message shown together with AbuseFilter warning for action == "upload" from Edit filter warning message's Unexpected loading behaviours, when we use parameter: action == "upload" to MediaWiki:Uploadtext message shown together with AbuseFilter warning for action == "upload" .
Oct 21 2018, 11:55 AM · AbuseFilter
Daimona closed T100641: False positives for Group throttle by: page as Invalid.

I tried my best to understand the problem here, but I'm not sure I really got it. However, supposing that Andre's explanation is correct (and to me, it looks so), the behaviour is intended. If a filter is set to group throttle by page, throttle counters will be increased on a per-page basis. So, 3 edits on page XXX and 1 edit on page YYY means that the counter is 3 for XXX and 1 for YYY, and that's all. If the filter is set to take any action after e.g. 5 edits, then it'll execute such actions as soon as the higher counter reaches 5, whatever page is it for.
If, instead, the aim of this task was to report a different problem, please feel free to reopen it and provide further details, as suggested above.

Oct 21 2018, 11:41 AM · AbuseFilter
Daimona changed the status of T177666: AbuseFilter's update keys aren't guaranteed to be stable from Open to Stalled.
Oct 21 2018, 11:29 AM · AbuseFilter
Daimona changed the status of T194793: Improve the way warning previews are generated from Open to Stalled.

A good solution could be to replace the API query with a loadMessagesIfMissing, and then just call mw.message(xxx).parse(). However, it doesn't support many things (like templates), and the goal of this task is exactly to improve the message in presence of such things.

Oct 21 2018, 11:25 AM · AbuseFilter
Daimona removed a project from T195249: Allow cascade semi-protection or different protection levels for root page and cascade transclusions: AbuseFilter.
Oct 21 2018, 11:11 AM · MediaWiki-Page-protection, MediaWiki-Page-editing
Daimona merged T150246: Create an 'abusefilter-exempt' flag for AbuseFilter to ignore users holding it into T69936: Provide a sane way to bypass abuse filters.
Oct 21 2018, 10:39 AM · AbuseFilter
Daimona merged task T150246: Create an 'abusefilter-exempt' flag for AbuseFilter to ignore users holding it into T69936: Provide a sane way to bypass abuse filters.
Oct 21 2018, 10:39 AM · AbuseFilter
Daimona claimed T195699: "Throttle" action seems to malfunction randomly.

I'll do whatever is needed to fix this, as part of T203587. This will probably get fixed on the way, but given that it seems to happen randomly I'm also adding a testme.

Oct 21 2018, 10:37 AM · TestMe, MW-1.32-notes (WMF-deploy-2018-09-18 (1.32.0-wmf.22)), AbuseFilter
Daimona closed T65768: warning message on article deletion / article moving is not parsed as Resolved.

The original problem is gone, while for having a cleaner message there's T199622

Oct 21 2018, 10:07 AM · AbuseFilter
Daimona claimed T207085: Suppressed edits remain examinable in AbuseFilter.
Oct 21 2018, 10:05 AM · User-Rxy, Trust-and-Safety, Vuln-Infoleak, Security, MediaWiki-Revision-deletion, AbuseFilter

Oct 20 2018

Daimona added a comment to T207553: Disabling abuse filter triggers internal error message.

Thanks Krenair and Reedy. BTW @Cyberpower678 a workaround is to re-set throttle parameters which got lost, which you can see in filter history. However please note that this only works because you're disabling the filter: it wouldn't work as it used to (although recently it totally stopped working (since July) just because, alas, throttle is broken, and that's why the other task is UBN).

Oct 20 2018, 5:19 PM · Wikimedia-production-error, AbuseFilter
Daimona triaged T207553: Disabling abuse filter triggers internal error message as Unbreak Now! priority.

Not being able to disable filters is a great deal. Let's wait for the stacktrace, although I suspect this is T203336, which is already UBN and for which I already expressed my worries about its urgency.

Oct 20 2018, 4:58 PM · Wikimedia-production-error, AbuseFilter