Page MenuHomePhabricator

Legoktm (Legoktm)
UserAdministrator

Projects (101)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 7:30 PM (256 w, 5 d)
Roles
Administrator
Availability
Available
IRC Nick
legoktm
LDAP User
Legoktm
MediaWiki User
Unknown

Recent Activity

Yesterday

Legoktm committed rICMV80c3eaec9484: Port tests to pytest (authored by Legoktm).
Port tests to pytest
Wed, Aug 21, 2:21 PM

Mon, Aug 19

Legoktm claimed T196012: ExtensionRegistry::readFromQueue() should not autoload classes.
Mon, Aug 19, 7:26 AM · Patch-For-Review, Technical-Debt, MediaWiki-Configuration

Fri, Aug 9

Legoktm added a comment to T230245: Mediawiki maintenance job "generate-fancycaptcha" - fatal error when trying to copy new captchas to storage.

Reproducible when running it manually...

Fri, Aug 9, 11:18 PM · ConfirmEdit (CAPTCHA extension), MediaWiki-Maintenance-scripts
Legoktm added a comment to T230177: TypeError: mw.ForeignApi is not a constructor when using minerva skin (due to missing dependency to `mediawiki.ForeignApi`).

mw.ForeignApi is a separate module, that needs to be loaded individually. Adding a dependency to mediawiki.ForeignApi should make it work properly.

Fri, Aug 9, 11:04 PM · MediaWiki-Interface, User-DannyS712, MinervaNeue
Legoktm added a comment to T230245: Mediawiki maintenance job "generate-fancycaptcha" - fatal error when trying to copy new captchas to storage.
legoktm@mwmaint1002:~$ php7.2 -a
Interactive mode enabled
Fri, Aug 9, 10:56 PM · ConfirmEdit (CAPTCHA extension), MediaWiki-Maintenance-scripts
Legoktm added a comment to T230245: Mediawiki maintenance job "generate-fancycaptcha" - fatal error when trying to copy new captchas to storage.

Well FormatJson.php definitely exists...

legoktm@mwmaint1002:~$ file /srv/mediawiki/php-1.34.0-wmf.16/includes/json/FormatJson.php
/srv/mediawiki/php-1.34.0-wmf.16/includes/json/FormatJson.php: PHP script, UTF-8 Unicode text
Fri, Aug 9, 10:47 PM · ConfirmEdit (CAPTCHA extension), MediaWiki-Maintenance-scripts
Legoktm added a comment to T229996: How to set global variables for CI environment?.

You can use $wgWikimediaJenkinsCI to detect whether you're running in CI. I think it's a fine solution for now, though in the long-term I'd like to phase it out (T200650: Deprecate/obsolete $wgWikimediaJenkinsCI).

Fri, Aug 9, 10:42 PM · Continuous-Integration-Infrastructure
Mholloway awarded T188196: Create a self-service portal for trusted users to easily create new Gerrit repos a Like token.
Fri, Aug 9, 6:34 PM · Developer-Advocacy, Gerrit
Legoktm added a comment to T213880: Cleaning up #Mediawiki-extensions-other.

In my opinion every repository in Gerrit should have its own Phabricator project. User stories:

Fri, Aug 9, 8:10 AM · Project-Admins

Wed, Aug 7

Legoktm committed rLLUPbab6dda31ebf: Use integration/composer instead of packaged version (authored by Legoktm).
Use integration/composer instead of packaged version
Wed, Aug 7, 9:30 PM
Legoktm committed rLLUP4bb1a82abe9c: Move date_log_dir into utils.py (authored by Legoktm).
Move date_log_dir into utils.py
Wed, Aug 7, 9:30 PM
Legoktm committed rLLUP1002b7eee94c: run: Cleanup deleted/archived repositories (authored by Legoktm).
run: Cleanup deleted/archived repositories
Wed, Aug 7, 9:30 PM
Legoktm committed rLLUPcb78b707cf38: Start checking PHP dependencies for security issues too (authored by Legoktm).
Start checking PHP dependencies for security issues too
Wed, Aug 7, 9:29 PM
Legoktm closed T228207: libup doesn't get rid of deleted/archived repositories as Resolved.
Removing /srv/data/current/mediawiki_extensions_MediaWikiFarm.json
Removing /srv/data/current/mediawiki_extensions_Copyvio.json
Removing /srv/data/current/mediawiki_extensions_WikibaseQuality.json
Removing /srv/data/current/mediawiki_extensions_Convert2Wiki.json
Removing /srv/data/current/mediawiki_extensions-MassMessage.json
Removing /srv/data/current/mediawiki_extensions_ZeroPortal.json
Removing /srv/data/current/mediawiki_extensions_SemanticTitle.json
Removing /srv/data/current/mediawiki_extensions_ZeroBanner.json
Wed, Aug 7, 2:12 AM · LibUp

Tue, Aug 6

Legoktm committed rLLUPbd585503374f: Use gerrit-replica for cloning (authored by Legoktm).
Use gerrit-replica for cloning
Tue, Aug 6, 11:01 PM
Legoktm committed rLLUPc46abaa47b33: Automatically disable failing stylelint rules on upgrade (authored by Legoktm).
Automatically disable failing stylelint rules on upgrade
Tue, Aug 6, 11:01 PM
Legoktm committed rLLUP3e11891e30b8: Always add .eslintcache to .gitignore if eslint caching is enabled (authored by Legoktm).
Always add .eslintcache to .gitignore if eslint caching is enabled
Tue, Aug 6, 11:01 PM
Legoktm added a comment to T228114: Have libup rename .eslintrc to .eslintrc.json.

@Mh-3110 any progress so far? Let me know if you need any help/assistance or have questions.

Tue, Aug 6, 10:53 PM · good first bug, LibUp
Legoktm committed rLLUP2195769e7b68: Fix eslint auto-fixing (authored by Legoktm).
Fix eslint auto-fixing
Tue, Aug 6, 11:44 AM
Legoktm committed rLLUP30422ca855fd: web: Don't fatal if npm-audit data is incomplete (authored by Legoktm).
web: Don't fatal if npm-audit data is incomplete
Tue, Aug 6, 10:57 AM
Legoktm committed rLLUP4d060dcb7d27: push: Avoid creating an extra git remote while pushing (authored by Legoktm).
push: Avoid creating an extra git remote while pushing
Tue, Aug 6, 10:52 AM
Legoktm committed rLLUP7f6d32b9f0e4: Don't fatal if JSON data is incomplete (authored by Legoktm).
Don't fatal if JSON data is incomplete
Tue, Aug 6, 10:50 AM
Legoktm added a comment to T229834: Undefined index: value in "ExtensionProcessor.php" on line 504.

Try the following patch:

diff --git a/includes/registration/ExtensionProcessor.php b/includes/registration/ExtensionProcessor.php
index 6182d5fdc4..1bff9efbf5 100644
--- a/includes/registration/ExtensionProcessor.php
+++ b/includes/registration/ExtensionProcessor.php
@@ -575,6 +575,9 @@ class ExtensionProcessor implements Processor {
                $prefix = $info['config_prefix'] ?? 'wg';
                if ( isset( $info['config'] ) ) {
                        foreach ( $info['config'] as $key => $data ) {
+                               if ( !isset( $data['value'] ) ) {
+                                       throw new \Exception("Missing 'value' for $key from {$info['name']}");
+                               }
                                $value = $data['value'];
                                if ( isset( $data['merge_strategy'] ) ) {
                                        $value[ExtensionRegistry::MERGE_STRATEGY] = $data['merge_strategy'];
Tue, Aug 6, 7:59 AM · MediaWiki-Configuration

Fri, Aug 2

Legoktm committed rEDTL43b175f222bb: build: Updating lodash to 4.17.15 (authored by libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>).
build: Updating lodash to 4.17.15
Fri, Aug 2, 10:46 PM
Legoktm committed rEDTLb86c52f56f75: Use OutputPage::addModules() (authored by Legoktm).
Use OutputPage::addModules()
Fri, Aug 2, 10:46 PM
Legoktm committed rEEPS64f3e308e95e: build: Updating wdio-mediawiki to 0.4.0 (authored by libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>).
build: Updating wdio-mediawiki to 0.4.0
Fri, Aug 2, 6:59 AM
Legoktm added a comment to T229624: Remove Facebook surveillance network buttons from Wikimedia blog.

I am only basing this on Facebook Container blocking it, which makes me think it has non-local code. Could be wrong and others are evidently saying that I am.

Fri, Aug 2, 5:23 AM · wikimediafoundation.org, Privacy
Legoktm created T229636: [CreatedPagesList] CreatedPagesListRecalculateTest::testInitialize failing.
Fri, Aug 2, 1:05 AM · ci-test-error, MediaWiki-extensions-Other
Legoktm updated the task description for T229635: D3Loader extension fatals when calling removed OutputPage::addModuleScripts().
Fri, Aug 2, 1:01 AM · ci-test-error, MediaWiki-extensions-Other
Legoktm created T229635: D3Loader extension fatals when calling removed OutputPage::addModuleScripts().
Fri, Aug 2, 1:01 AM · ci-test-error, MediaWiki-extensions-Other

Thu, Aug 1

Legoktm committed rECKT45535651b7ac: build: Updating dependencies (authored by libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>).
build: Updating dependencies
Thu, Aug 1, 11:26 PM
Legoktm committed rLLUP56c16f478767: grunt: Add ability to remove entire sections and reorder tasks (authored by Legoktm).
grunt: Add ability to remove entire sections and reorder tasks
Thu, Aug 1, 10:54 PM
Legoktm committed rLLUP0f8dcaaef9ce: Run eslint --fix when upgrading eslint and disable failing rules (authored by Legoktm).
Run eslint --fix when upgrading eslint and disable failing rules
Thu, Aug 1, 10:52 PM
Legoktm committed rLLUPfe14c69f3d25: Add hooks for npm upgrades (authored by Legoktm).
Add hooks for npm upgrades
Thu, Aug 1, 10:51 PM
Legoktm committed rLLUP49ee90d6d59d: Turn test_sha1 into a unit test (authored by Legoktm).
Turn test_sha1 into a unit test
Thu, Aug 1, 9:02 PM
Legoktm created T229619: Publish labs/libraryupgrader test coverage report.
Thu, Aug 1, 8:34 PM · Continuous-Integration-Config, Test-Coverage, LibUp
Legoktm committed rLLUP6bf98ecead9f: Start logging earlier, and make sure we log Python exceptions too (authored by Legoktm).
Start logging earlier, and make sure we log Python exceptions too
Thu, Aug 1, 7:25 PM
Legoktm committed rLLUPc66807ca073b: Remove some resolved TODOs (authored by Legoktm).
Remove some resolved TODOs
Thu, Aug 1, 7:25 PM
Legoktm committed rLLUPe950af066400: Remove some debugging that's no longer needed (authored by Legoktm).
Remove some debugging that's no longer needed
Thu, Aug 1, 7:25 PM
Legoktm committed rLLUPa6968a58d76a: Increase test coverage (authored by Legoktm).
Increase test coverage
Thu, Aug 1, 7:25 PM
Legoktm closed T228780: New user right for creation of new short URL as Resolved.
Thu, Aug 1, 9:42 AM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), User-DannyS712, MediaWiki-extensions-UrlShortener
Legoktm added a comment to T220703: Increase the max length of URL to be shortened.

You can use wiki pages or some other mechanism to share […] long URLs

You can do this for URLs of any length – by that argument, you don’t need a URL shortener at all. The whole idea is that it makes sharing URLs more convenient, and for the Wikidata Query Service, that’s how queries have always been shared. There’s enough comments on this task already to testify that there is a real user need for supporting longer URLs.

Thu, Aug 1, 9:35 AM · Security, Wikimedia-Site-requests, MediaWiki-extensions-UrlShortener
Legoktm updated subscribers of T220703: Increase the max length of URL to be shortened.
Thu, Aug 1, 7:36 AM · Security, Wikimedia-Site-requests, MediaWiki-extensions-UrlShortener
Legoktm closed T220703: Increase the max length of URL to be shortened as Declined.

I'm going to mark this as declined, as we have no plans to raise the length limit for now. You can use wiki pages or some other mechanism to share insanely long URLs, this isn't a pastebin service.

Thu, Aug 1, 7:35 AM · Security, Wikimedia-Site-requests, MediaWiki-extensions-UrlShortener
Legoktm closed T108607: UrlShortener-shortened URLs require two redirects to dereference as Resolved.

Indeed.

Thu, Aug 1, 7:31 AM · MediaWiki-extensions-UrlShortener
Legoktm added a comment to T115802: It is possible to create circular redirects in UrlShortener.

I guess we can block shortening to Special:UrlRedirector?

Thu, Aug 1, 7:30 AM · MediaWiki-extensions-UrlShortener
Legoktm closed T220923: URL Shortener should not obfuscate important links as Resolved.

This should be fixed now. Any other actions that can happen over GET requests should be filed as their own security bugs.

Thu, Aug 1, 7:23 AM · MediaWiki-extensions-UrlShortener
Legoktm triaged T221073: URL shortener link management should be logged as High priority.
Thu, Aug 1, 7:22 AM · MediaWiki-extensions-UrlShortener
Legoktm triaged T228779: New special page to list all short URLs as Lowest priority.
Thu, Aug 1, 7:22 AM · MediaWiki-extensions-UrlShortener
Legoktm updated subscribers of T229369: UrlShortener doesn't work on beta cluster.

@Krenair do you remember what instance this domain was supposed to point to? You had helped us debug this when we first set it up in T116444.

Thu, Aug 1, 7:18 AM · Beta-Cluster-Infrastructure, User-DannyS712, MediaWiki-extensions-UrlShortener
Legoktm triaged T228781: Create API to retrieve target of short url as Low priority.
Thu, Aug 1, 7:14 AM · Patch-For-Review, MediaWiki-extensions-UrlShortener, User-DannyS712
Legoktm changed the status of T222089: Allow URL shortening for wikimediafoundation.org domain from Open to Stalled.

Marking as stalled pending confirmation from someone(?) that someone has reviewed wikimediafoundation.org for:

  • reflective XSS
  • open redirects
  • dangerous URLs that perform actions upon GET requests
Thu, Aug 1, 7:13 AM · wikimediafoundation.org, Wikimedia-Site-requests, MediaWiki-extensions-UrlShortener
Legoktm triaged T228810: URL inputted in URLShortener should go through Spam blacklist as Normal priority.

+1 to the general idea. Don't think there's a security or privacy issue here though.

Thu, Aug 1, 7:09 AM · SpamBlacklist, MediaWiki-extensions-UrlShortener
Legoktm added a comment to T228781: Create API to retrieve target of short url.

@Legoktm is there any downside to adding this feature?

Thu, Aug 1, 7:04 AM · Patch-For-Review, MediaWiki-extensions-UrlShortener, User-DannyS712
Legoktm committed rLLUPa23f36f7c1c5: Support 'canaries' in libup-run (authored by Legoktm).
Support 'canaries' in libup-run
Thu, Aug 1, 6:44 AM
Legoktm committed rLLUP31f1ddf7f8b5: Resort operations in Dockerfile so we're not reinstalling Pipfile every time (authored by Legoktm).
Resort operations in Dockerfile so we're not reinstalling Pipfile every time
Thu, Aug 1, 6:33 AM
Legoktm committed rLLUP7272ed24fd54: Add bug link to codesniffer hack (authored by Legoktm).
Add bug link to codesniffer hack
Thu, Aug 1, 6:33 AM
Legoktm added a project to T177734: License mismatch in wikidata-query-gui: Software-Licensing.
Thu, Aug 1, 6:04 AM · Software-Licensing, Discovery, Wikidata-Query-Service, Wikidata
Legoktm committed rLLUP84d7ca2de088: Don't upgrade mediawiki/mediawiki-codesniffer 19.x (authored by Legoktm).
Don't upgrade mediawiki/mediawiki-codesniffer 19.x
Thu, Aug 1, 12:16 AM
Legoktm closed T228186: libup upgraded mediawiki/codesniffer 19.x repos when it wasn't supposed to as Resolved.

Forgot to tag the patch: 84d7ca2de088fbb9923e0e6f90f5341332d04eb9

Thu, Aug 1, 12:15 AM · LibUp

Wed, Jul 31

Legoktm closed T202113: libraryupgrader needs tests as Resolved.

We have some tests, and the infrastructure is in place to write more tests for fixers.

Wed, Jul 31, 11:58 PM · LibUp
Legoktm triaged T229520: libup: Upgrade to Debian Buster as Lowest priority.
Wed, Jul 31, 11:52 PM · LibUp
Legoktm created T229519: libup: Add some form of monitoring or a status page.
Wed, Jul 31, 11:49 PM · LibUp
Legoktm created T229518: Lock down rabbitmq access on libup server.
Wed, Jul 31, 11:47 PM · LibUp
Legoktm created T229517: Run libup-celery with PrivateTmp=true.
Wed, Jul 31, 11:46 PM · LibUp
Legoktm committed rLLUP7071d20ba690: Try a different way of setting git author/email (authored by Legoktm).
Try a different way of setting git author/email
Wed, Jul 31, 11:26 PM
Legoktm committed rLLUP363f01d208a3: Use git's environment variables to pass author/email (authored by Legoktm).
Use git's environment variables to pass author/email
Wed, Jul 31, 11:17 PM
Legoktm committed rLLUPdea15071c0f6: Run push operation outside of the container (authored by Legoktm).
Run push operation outside of the container
Wed, Jul 31, 11:17 PM
Legoktm added a comment to T228342: Set explicit PHP support target for MediaWiki.

One additional requirement/criteria I'd like to add:

  • We only bump PHP version at the time of releasing a new LTS. This means that people aren't constantly having to update PHP every 6 months, plus the CI team doesn't constantly have to be reacting to these bumps (also codesniffer and other tooling changes). Backporting security patches doesn't have to constantly figure out which syntax is OK or not (or at least, it keeps it at the current volume).
Wed, Jul 31, 10:22 PM · MediaWiki-General, PHP 7.3 support, PHP 7.2 support, PHP 7.1 support, PHP 7.0 support, TechCom-RFC
Legoktm added a comment to T213494: Installing composer modules for deployment.

Are we still going to be deploying parsoid's /deploy repository? We can bundle the composer dependencies in that repository for now.

Wed, Jul 31, 9:06 PM · Patch-For-Review, Release-Engineering-Team-TODO, Release-Engineering-Team (Deployment services), Parsoid-PHP
Legoktm committed rLLUP768ad2d7d206: Install known_hosts for the nobody user account (authored by Legoktm).
Install known_hosts for the nobody user account
Wed, Jul 31, 5:29 AM
Legoktm committed rLLUP44560cc72884: Mount DATA_ROOT and CONFIG_REPO into push container (authored by Legoktm).
Mount DATA_ROOT and CONFIG_REPO into push container
Wed, Jul 31, 5:00 AM
Legoktm committed rLLUP8d53e3bc8d7a: libup-celery: Disable PrivateTmp so it can access ssh-agent socket (authored by Legoktm).
libup-celery: Disable PrivateTmp so it can access ssh-agent socket
Wed, Jul 31, 5:00 AM
Legoktm committed rLLUP1abd41e19fc0: Add a bit of debugging to figure out why pushing isn't working (authored by Legoktm).
Add a bit of debugging to figure out why pushing isn't working
Wed, Jul 31, 4:50 AM
Legoktm committed rLLUP94909ad89d8d: data['push'] might not always be set (authored by Legoktm).
data['push'] might not always be set
Wed, Jul 31, 4:34 AM
Legoktm committed rLLUP775565a781f6: Configure and use ssh-agent (authored by Legoktm).
Configure and use ssh-agent
Wed, Jul 31, 4:23 AM
Legoktm committed rLLUP3df3dbf96b61: Exit earlier if there are no composer updates (authored by Legoktm).
Exit earlier if there are no composer updates
Wed, Jul 31, 4:23 AM

Tue, Jul 30

Legoktm created T229376: JsonConfig hardcodes an older version of wikimedia-ui-base.
Tue, Jul 30, 10:16 PM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), Technical-Debt, UI-Standardization, MediaWiki-extensions-JsonConfig
Legoktm closed T229374: libup GrowthExperiments fails when running npm audit fix as Resolved.
Tue, Jul 30, 9:52 PM · LibUp
Legoktm committed rLLUPceb67e7538f3: npm audit: Only care about 'action': 'update' (authored by Legoktm).
npm audit: Only care about 'action': 'update'
Tue, Jul 30, 9:51 PM
Legoktm added a comment to T229374: libup GrowthExperiments fails when running npm audit fix.
{
  "action": "review",
  "module": "jquery",
  "resolves": [
    {
      "id": 796,
      "path": "oojs-ui>jquery",
      "dev": true,
      "optional": false,
      "bundled": false
    }
  ]
}
Tue, Jul 30, 9:45 PM · LibUp
Legoktm created T229374: libup GrowthExperiments fails when running npm audit fix.
Tue, Jul 30, 9:42 PM · LibUp
Legoktm committed rLLUP4b924ea27cb8: Workaround bug in SaveDict that prevented log entries from being properly saved (authored by Legoktm).
Workaround bug in SaveDict that prevented log entries from being properly saved
Tue, Jul 30, 9:32 PM
Legoktm committed rLLUP8eb6364d8bf4: Add integration tests for shell (authored by Legoktm).
Add integration tests for shell
Tue, Jul 30, 9:29 PM
Legoktm committed rLLUPd05f087cf8a9: Install all of python2 for node-gyp (authored by Legoktm).
Install all of python2 for node-gyp
Tue, Jul 30, 7:39 PM
Legoktm closed T229367: libup: node-gyp doesn't work in container as Resolved.
Tue, Jul 30, 7:38 PM · LibUp
Legoktm created T229367: libup: node-gyp doesn't work in container.
Tue, Jul 30, 7:27 PM · LibUp
Legoktm committed rLLUP79d98fb06846: Only run tests for upgraded libraries if we upgrade anything (authored by Legoktm).
Only run tests for upgraded libraries if we upgrade anything
Tue, Jul 30, 5:54 PM
Legoktm committed rLLUPf78b31ce346c: Limit celery concurrency to 1 (authored by Legoktm).
Limit celery concurrency to 1
Tue, Jul 30, 5:48 PM
Legoktm committed rLLUP2e15094dbc68: library: Suppress a bug in distutils (authored by Legoktm).
library: Suppress a bug in distutils
Tue, Jul 30, 5:39 PM
Legoktm committed rLLUPd539b8bbeb70: Add a basic listing of repositories with errors (authored by Legoktm).
Add a basic listing of repositories with errors
Tue, Jul 30, 5:39 PM
Legoktm committed rLLUPb9bce02a0571: Don't try rollbacking partial changes, it doesn't work (authored by Legoktm).
Don't try rollbacking partial changes, it doesn't work
Tue, Jul 30, 5:39 PM
Legoktm closed T227820: (informal) Security Concept Review For LibUp 2.0 as Resolved.

I think we're all good. To recap:

Tue, Jul 30, 5:18 PM · Restricted Project, LibUp, Security-Team-Reviews
Legoktm triaged T229358: libup should do a sanity check to make sure we're not introducing more vulnerable dependencies as High priority.
Tue, Jul 30, 5:16 PM · LibUp
Legoktm committed rLLUPc154fdb0a124: Add 'push' config kill switch (authored by Legoktm).
Add 'push' config kill switch
Tue, Jul 30, 5:08 PM
Legoktm committed rLLUPc175c79e0a47: web: Avoid errors in case npm audit report doesn't have 'dev' set (authored by Legoktm).
web: Avoid errors in case npm audit report doesn't have 'dev' set
Tue, Jul 30, 5:08 PM
Legoktm committed rLLICc76d4cb608ac: Add push field for a kill switch (authored by Legoktm).
Add push field for a kill switch
Tue, Jul 30, 5:05 PM
Legoktm committed rLLUP55bb31ba27be: Improve ng tests by verifying fixes (authored by Legoktm).
Improve ng tests by verifying fixes
Tue, Jul 30, 4:31 PM
Legoktm committed rLLUP7234dd5a55e3: Turn Library.is_newer() into unit tests, not integration (authored by Legoktm).
Turn Library.is_newer() into unit tests, not integration
Tue, Jul 30, 4:31 PM
Legoktm committed rLLUPcb0b9691f416: Finish coverage for gruntfile.parse_section() (authored by Legoktm).
Finish coverage for gruntfile.parse_section()
Tue, Jul 30, 4:31 PM