Legoktm (Legoktm)
User

Projects (82)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 7:30 PM (139 w, 3 d)
Availability
Available
IRC Nick
legoktm
LDAP User
Legoktm
MediaWiki User
Unknown

Recent Activity

Yesterday

Legoktm added a comment to T104309: [Task] Move PropertySuggester extension to gerrit.

I guess we would also need to somehow also port the releases over to Gerrit, no?

Mon, May 22, 8:25 PM · Patch-For-Review, User-Ladsgroup, Wikidata-Sprint, Wikidata
Legoktm claimed T142474: Update squizlabs/PHP_CodeSniffer to 3.x.
Mon, May 22, 8:14 AM · Patch-For-Review, MediaWiki-Codesniffer

Fri, May 19

Legoktm closed T163154: 1.29.0-alpha / Template failed integrity check on "EnhancedChangesListGroup.mustache" in TemplateParser.php as "Resolved".
Fri, May 19, 10:12 AM · MW-1.29-release-notes, MW-1.30-release-notes, Patch-For-Review, MW-1.29-release, MediaWiki-Recent-changes
Legoktm closed T165521: Execute mwgate-composer workers in CI while building Popups extension as "Invalid".

Those tests are already being run through the mwext-testextension-(php55|hhvm)-* jobs.

Fri, May 19, 9:49 AM · Reading-Web-Backlog, Continuous-Integration-Infrastructure, Page-Previews

Thu, May 18

Legoktm closed T165700: [en-wiki] PROD/CSD deletion reasons not prefilling when clicking "delete" as "Invalid".

As I mentioned on IRC, this is an issue with Twinkle or another gadget you have installed. You should talk to the maintainers of that script about getting it fixed.

Thu, May 18, 10:31 PM
Legoktm added a comment to T165703: Create wmcs-team project and kanban milestone.

mwcs-team or wmcs-team?

Thu, May 18, 10:28 PM · cloud-services-team (Kanban), Project-Admins, User-bd808, Labs
Legoktm awarded T165623: Request to rename LegoFan4000 to MacFan4000 on Phabricator a Heartbreak token.
Thu, May 18, 10:27 PM · Phabricator
Legoktm added a comment to T165540: Add CODE_OF_CONDUCT.md to Wikimedia projects.

I'd propose that we should JFDI across all repos in Gerrit.

How would that be done in practice? Manually, or is there an automated way?

Thu, May 18, 5:56 PM · Repository-Admins, Gerrit, GitHub-Mirrors, Developer-Relations
Legoktm added a comment to T120288: Once it's not patent-encumbered, enable MP3 support for Commons uploads and TMH/etc. playback.

Sorry for the delay - Legal still is reviewing this (the Fedora situation is good news). We hope to have a response by the end of the week.

Thu, May 18, 5:41 PM · Support-and-Safety, TimedMediaHandler, WMF-Legal, UploadWizard, Commons, User-notice, Multimedia
Legoktm added a comment to T165540: Add CODE_OF_CONDUCT.md to Wikimedia projects.

I thought our goal was not to have .md files and etc in our repos (phase3/core) because we use plain extensionless files for these type of things?

I believe we only ended up with .mediawiki because of github as well

Thu, May 18, 5:35 PM · Repository-Admins, Gerrit, GitHub-Mirrors, Developer-Relations

Tue, May 16

RandomDSdevel awarded T90849: Red link to userpage if there is no content to show a Grey Medal token.
Tue, May 16, 11:14 PM · User-notice, MW-1.28-release (WMF-deploy-2016-09-13_(1.28.0-wmf.19)), Patch-For-Review, GlobalUserPage
Legoktm added a comment to T163154: 1.29.0-alpha / Template failed integrity check on "EnhancedChangesListGroup.mustache" in TemplateParser.php.

Also there's another problem that because a new TemplateParser instance is created every time EnhancedChangesList processes a group, the instance caching is broken.

Tue, May 16, 10:38 PM · MW-1.29-release-notes, MW-1.30-release-notes, Patch-For-Review, MW-1.29-release, MediaWiki-Recent-changes
Legoktm claimed T163154: 1.29.0-alpha / Template failed integrity check on "EnhancedChangesListGroup.mustache" in TemplateParser.php.

The bug appears to be that even if the cache is corrupt, we don't invalidate the cache so the error gets triggered over and over again. The cache failing integrity checks could happen if the cache is truncating or secret key changes. Showing an error doesn't seem that useful IMO. Working on a patch.

Tue, May 16, 10:31 PM · MW-1.29-release-notes, MW-1.30-release-notes, Patch-For-Review, MW-1.29-release, MediaWiki-Recent-changes
Legoktm updated subscribers of T165539: translatewiki.net times out.

@Nikerabbit said they're aware and the server isn't connected to the Internet.

Tue, May 16, 10:17 PM · translatewiki.net
Legoktm added a comment to T164613: Rename “MediaWiki” theme to “WikimediaUI“ theme.

Shouldn't the theme just be called "Wikimedia" with no "UI" suffix? Isn't that part implied and redundant?

Tue, May 16, 10:07 PM · OOjs-UI (OOjs-UI-0.22.0)
Legoktm removed a project from T100085: PHP Notice: JobQueueGroup::__destruct: 1 buffered job(s) never inserted: MassMessage.

This isn't being caused by MassMessage.

Tue, May 16, 9:55 PM · Wikimedia-log-errors, Performance-Team, MW-1.27-release, MW-1.29-release, MediaWiki-JobQueue
Legoktm closed T155610: Require manifest_version to be set in extension.json as "Resolved".
Tue, May 16, 5:50 PM · MW-1.29-release-notes, MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Patch-For-Review, MW-1.29-release, MediaWiki-Configuration
Legoktm added a comment to T165115: action=mobileview sections delivering a div of class "mw-parser-output" without a matching closing div.

I believe this is all fixed now, but I'll let @Anomie confirm.

Tue, May 16, 4:12 AM · Patch-For-Review, Reading-Web-Backlog, Mobile-Content-Service, Reading-Infrastructure-Team-Backlog, Android-app-Bugs, Wikipedia-iOS-App-Backlog, iOS-app-Bugs, Wikipedia-Android-App-Backlog, MobileFrontend

Mon, May 15

Legoktm added a comment to T155610: Require manifest_version to be set in extension.json.

Could you skip caching of a particular extension?

Mon, May 15, 11:42 PM · MW-1.29-release-notes, MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Patch-For-Review, MW-1.29-release, MediaWiki-Configuration
Legoktm added a comment to T155076: VisualEditor REL1_23 is not distributed by ExtensionDistributor.

Commit b3e5759 is https://gerrit.wikimedia.org/r/#/c/126908/ which was probably at one time tagged with "wmf/1.23wmf22" (see also the branch in .gitreview in MW extension version REL1_23). But these tags are removed so the only reference to this commit is now "changes/08/126908/1", which is not pulled by default since it is in the Git namespace "changes" and not in "heads" or "tags".

To solve this, a commit should be referenced in a branch (e.g. REL1_23 or another name). This commit can be between 74353d9 (oldest ancestor both in master and in branch "wmf/1.23wmf22") and b3e5759. I’m not sure which one is better (didn’t check in details).

Mon, May 15, 11:22 PM · VisualEditor, ExtensionDistributor

Sun, May 14

Legoktm merged T165222: Blacklist to block an user from editing a list of pages into T2674: Allow users to be blocked from editing a specific article.
Sun, May 14, 4:03 PM · Anti-Harassment, Wikimania-Hackathon-2016, Community-Wishlist-Survey-2015, MediaWiki-extension-requests
Legoktm merged task T165222: Blacklist to block an user from editing a list of pages into T2674: Allow users to be blocked from editing a specific article.
Sun, May 14, 4:03 PM · MediaWiki-extension-requests
Legoktm added a comment to T165222: Blacklist to block an user from editing a list of pages.

I assume this issue already have been raised. Please subscribe me to that issue if you find it.

Sun, May 14, 4:02 PM · MediaWiki-extension-requests

Fri, May 12

Legoktm claimed T146388: Should we require documentation for constructors?.
Fri, May 12, 9:08 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm moved T146388: Should we require documentation for constructors? from Untriaged to Accepted rule changes on the MediaWiki-Codesniffer board.
Fri, May 12, 9:08 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm added a comment to T164653: Review rules in wikibase/wikibase-codesniffer and see which are appropriate for MW-CS.

[14:00:46] <wikibugs> (PS1) Legoktm: Use upstream CharacterBeforePHPOpeningTag sniff [tools/codesniffer] - https://gerrit.wikimedia.org/r/353653
[14:06:15] <wikibugs> (PS1) Legoktm: Make sure all files end with a newline [tools/codesniffer] - https://gerrit.wikimedia.org/r/353666

Fri, May 12, 9:07 PM · Wikidata, MediaWiki-Codesniffer
Legoktm claimed T164649: Ignore blocks with @inheritDoc.
Fri, May 12, 8:52 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm claimed T164657: Don't require documentation for standard methods.
Fri, May 12, 8:52 PM · MediaWiki-Codesniffer
Legoktm added a comment to T164649: Ignore blocks with @inheritDoc.

Also consider whether requiring /** @inheritDoc */ is even necessary on inherited methods.

Fri, May 12, 8:52 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm merged T165177: Recently edited articles lose their preview, and it stays lost for too long into T165161: Text extracts empty for some articles.
Fri, May 12, 6:52 PM · MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Unplanned-Sprint-Work, Reading-Web-Kanban-Board, Reading-Web-Backlog, Services (done), User-mobrovac, MediaWiki-Parser, Reading-Infrastructure-Team-Backlog, RESTBase-API, TextExtracts
Legoktm merged task T165177: Recently edited articles lose their preview, and it stays lost for too long into T165161: Text extracts empty for some articles.
Fri, May 12, 6:52 PM · Page-Previews
Legoktm added a comment to T139380: MassMessage failed delivery claiming "readonly" although the page is not protected.

readonly means the database is locked, not page protection (something like "protectedpage" would be the error). MassMessage should probably backoff and then retry like we do for edit conflicts.

Fri, May 12, 6:38 PM · MassMessage

Wed, May 10

Legoktm added a comment to T164898: PostgreSQL schema change for consistency with MySQL.

We should aim to have a schema which can be automatically generated from maintenance/tables.sql

We should have CI require that the generator doesn't error out to make sure people don't accidentally break it, even if we don't test anything else about the output.

Or we could go one better and turn tables.sql into a "MediaWiki DDL" rather than MySQL/SQLite DDL statements (is there already a Phab task about that?). That could be anything from something that looks very much like it does now (but maybe with column types using keywords that are less MySQL-specific) to a PHP array structure or JSON.

Wed, May 10, 7:24 PM · ArchCom-RfC, Technical-Debt, MediaWiki-Platform-Team, PostgreSQL

Tue, May 9

Legoktm added a comment to T53642: Get rid of SemanticMediaWiki/SRF/SF from wikitech.wikimedia.org.

<3

Tue, May 9, 11:12 PM · User-bd808, Goal, Labs, wikitech.wikimedia.org
Legoktm added a comment to T143788: Deprecation warnings about mcrypt_* functions in PHP 7.1.

There are two places in core that reference mcrypt, CryptRand (which DJ patched for using random_bytes) and MediaWiki\Session\Session (which checks for openssl first).

Tue, May 9, 6:20 PM · MW-1.28-release, MW-1.29-release (WMF-deploy-2017-03-21_(1.29.0-wmf.17)), MW-1.29-release-notes, Patch-For-Review, NewPHP, Technical-Debt, MediaWiki-General-or-Unknown
MGChecker awarded T90849: Red link to userpage if there is no content to show a Like token.
Tue, May 9, 3:40 PM · User-notice, MW-1.28-release (WMF-deploy-2016-09-13_(1.28.0-wmf.19)), Patch-For-Review, GlobalUserPage

Sun, May 7

Legoktm added a comment to T164656: Wikimedia IRC issues project/tag.

Do the the Wikimedia IRC group contacts who handle such issues want a Phabricator project?

Sun, May 7, 2:08 AM · User-Luke081515, Project-Admins

Sat, May 6

Legoktm edited projects for T164651: Unblock EPFL IP addresses for access to IRC, added: Wikimedia-General-or-Unknown; removed Operations.
Sat, May 6, 9:32 PM · wikimedia-irc-freenode
Legoktm created T164653: Review rules in wikibase/wikibase-codesniffer and see which are appropriate for MW-CS.
Sat, May 6, 7:37 PM · Wikidata, MediaWiki-Codesniffer
Legoktm added a comment to T164651: Unblock EPFL IP addresses for access to IRC.

Are these Wikimedia IRC channels on irc.freenode.net or irc.wikimedia.org?

Sat, May 6, 7:34 PM · wikimedia-irc-freenode
Legoktm claimed T164650: Don't require documentation for __toString().
Sat, May 6, 7:20 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm created T164650: Don't require documentation for __toString().
Sat, May 6, 7:09 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm created T164649: Ignore blocks with @inheritDoc.
Sat, May 6, 7:08 PM · Patch-For-Review, MediaWiki-Codesniffer

Thu, May 4

Legoktm closed T154715: Release Codesniffer v0.8.0 as "Resolved".

Sorry about the delay :( I'm hoping to get back to a more regular schedule over the summer.

Thu, May 4, 9:15 PM · Patch-For-Review, MediaWiki-Codesniffer
Legoktm added a comment to T155610: Require manifest_version to be set in extension.json.

I thought this would be easy, but we can't just stick a wfDeprecated there because that code path is only called on read, so once it's cached it won't get called again until the cache expires, which will make it pretty annoying and hard for sysadmins to debug.

Thu, May 4, 8:30 PM · MW-1.29-release-notes, MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Patch-For-Review, MW-1.29-release, MediaWiki-Configuration
Legoktm claimed T155610: Require manifest_version to be set in extension.json.
Thu, May 4, 7:24 PM · MW-1.29-release-notes, MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Patch-For-Review, MW-1.29-release, MediaWiki-Configuration

Wed, May 3

Legoktm added a comment to T52655: Allow adding canonical names for custom namespaces.

I don't get what this task is about...custom namespaces are custom, what would the canonical value even be?

Wed, May 3, 2:07 AM · User-Dereckson, MediaWiki-Configuration, WorkType-NewFunctionality

Mon, May 1

Legoktm added a comment to T163091: Parsoid: Add API endpoint to get lint errors for arbitrary wikitext.

Title is necessary for parsing page-specific variables e.g. {{PAGENAME}} and everything that builds on top of that.

Mon, May 1, 9:49 PM · Services (done), User-mobrovac, RESTBase-API, Parsoid, MediaWiki-extensions-Linter
Legoktm added a comment to T163091: Parsoid: Add API endpoint to get lint errors for arbitrary wikitext.

Isn't linting on preview also a use case?

Mon, May 1, 9:36 PM · Services (done), User-mobrovac, RESTBase-API, Parsoid, MediaWiki-extensions-Linter
Legoktm added a comment to T163091: Parsoid: Add API endpoint to get lint errors for arbitrary wikitext.

Oh, hm, wait, so this would be consulted on every edit? What would be the exact flow for this API?

Mon, May 1, 9:31 PM · Services (done), User-mobrovac, RESTBase-API, Parsoid, MediaWiki-extensions-Linter
Legoktm added a comment to T164191: Tired of APIError: readonly.

The error message means that the eswiki db is lagged, yes. I think the main problem that you're having is that whatever script you are running isn't retrying after the readonly error, so you have to manually restart the job.

Mon, May 1, 8:57 PM · Patch-For-Review, DBA, Tool-Labs-tools-Other

Fri, Apr 28

Legoktm committed R1995:ea12bdb5c94c: Add caching to looking up totals (authored by Legoktm).
Add caching to looking up totals
Fri, Apr 28, 10:15 PM
Legoktm committed R1995:b03b1979b5b1: Add caching to looking up totals (authored by Legoktm).
Add caching to looking up totals
Fri, Apr 28, 10:14 PM
Legoktm added a comment to T163091: Parsoid: Add API endpoint to get lint errors for arbitrary wikitext.

Would this need to be project dependent?

Fri, Apr 28, 5:12 PM · Services (done), User-mobrovac, RESTBase-API, Parsoid, MediaWiki-extensions-Linter

Thu, Apr 27

Legoktm committed R1995:7650ef56f3b0: Organize lint categories by priority (authored by ssastry).
Organize lint categories by priority
Thu, Apr 27, 8:20 PM
Legoktm committed R1995:49cc5bc9691f: Organize lint categories by priority (authored by ssastry).
Organize lint categories by priority
Thu, Apr 27, 8:19 PM
Legoktm committed R1995:78809efa3dd3: Organize lint categories by priority (authored by ssastry).
Organize lint categories by priority
Thu, Apr 27, 6:57 PM
Legoktm added a comment to T163874: Deleting a page on Wikidata broke related changes with enhanced rc.

Sounds like we just need to fix whatever is pass in in null since nothing should have been taking advantage of that?

Thu, Apr 27, 4:52 PM · Regression, Wikimedia-log-errors, CatWatch, TCB-Team, MediaWiki-Recent-changes

Apr 19 2017

Legoktm added a comment to T159021: Wikitech error when adding users to projects.
2017-02-25 00:50:02 [63aa22b668ebe4dde03fc343] silver labswiki 1.29.0-wmf.13 exception ERROR: [63aa22b668ebe4dde03fc343] /wiki/Special:NovaProject   UnexpectedValueExceptio
n from line 196 of /srv/mediawiki/php-1.29.0-wmf.13/includes/user/UserGroupMembership.php: UserGroupMembership::insert() needs a positive user ID. Did you forget to add you
r User object to the database before calling addGroup()? {"exception_id":"63aa22b668ebe4dde03fc343","caught_by":"mwe_handler"} 
[Exception UnexpectedValueException] (/srv/mediawiki/php-1.29.0-wmf.13/includes/user/UserGroupMembership.php:196) UserGroupMembership::insert() needs a positive user ID. Di
d you forget to add your User object to the database before calling addGroup()?
  #0 /srv/mediawiki/php-1.29.0-wmf.13/includes/user/User.php(3412): UserGroupMembership->insert(boolean)
  #1 /srv/mediawiki/php-1.29.0-wmf.13/extensions/OpenStackManager/special/SpecialNovaProject.php(472): User->addGroup(string)
  #2 [internal function]: SpecialNovaProject->tryAddMemberSubmit(array, HTMLForm)
  #3 /srv/mediawiki/php-1.29.0-wmf.13/includes/htmlform/HTMLForm.php(663): call_user_func(array, array, HTMLForm)
  #4 /srv/mediawiki/php-1.29.0-wmf.13/includes/htmlform/HTMLForm.php(555): HTMLForm->trySubmit()
  #5 /srv/mediawiki/php-1.29.0-wmf.13/includes/htmlform/HTMLForm.php(570): HTMLForm->tryAuthorizedSubmit()
  #6 /srv/mediawiki/php-1.29.0-wmf.13/extensions/OpenStackManager/special/SpecialNovaProject.php(90): HTMLForm->show()
  #7 /srv/mediawiki/php-1.29.0-wmf.13/extensions/OpenStackManager/special/SpecialNovaProject.php(41): SpecialNovaProject->addMember()
  #8 /srv/mediawiki/php-1.29.0-wmf.13/includes/specialpage/SpecialPage.php(522): SpecialNovaProject->execute(NULL)
  #9 /srv/mediawiki/php-1.29.0-wmf.13/includes/specialpage/SpecialPageFactory.php(577): SpecialPage->run(NULL)
  #10 /srv/mediawiki/php-1.29.0-wmf.13/includes/MediaWiki.php(285): SpecialPageFactory::executePath(Title, RequestContext)
  #11 /srv/mediawiki/php-1.29.0-wmf.13/includes/MediaWiki.php(860): MediaWiki->performRequest()
  #12 /srv/mediawiki/php-1.29.0-wmf.13/includes/MediaWiki.php(521): MediaWiki->main()
  #13 /srv/mediawiki/php-1.29.0-wmf.13/index.php(43): MediaWiki->run()
  #14 /srv/mediawiki/w/index.php(3): require(string)
  #15 {main}
Apr 19 2017, 8:05 AM · Labs-Infrastructure, Labs
Legoktm added a comment to T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function.

See also T159021: Wikitech error when adding users to projects.

Apr 19 2017, 5:23 AM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm added a comment to T159021: Wikitech error when adding users to projects.

The logged exception was:

UnexpectedValueException from line 196 of /srv/mediawiki/php-1.29.0-wmf.13/includes/user/UserGroupMembership.php: UserGroupMembership::insert() needs a positive user ID. Did you forget to add your User object to the database before calling addGroup()?
Apr 19 2017, 5:22 AM · Labs-Infrastructure, Labs
Legoktm removed projects from T163302: Consider to re-label "Save changes"/"Publish changes" to be "Save & Publish": MW-1.28-release-notes, MW-1.28-release (WMF-deploy-2016-08-30_(1.28.0-wmf.17)), MW-1.27-release (WMF-deploy-2016-05-03_(1.27.0-wmf.23)), MW-1.27-release-notes.
Apr 19 2017, 5:17 AM · Design, Community-Liaisons, VisualEditor, Editing-Department, MediaWiki-Internationalization, MediaWiki-Page-editing
Legoktm removed a project from T138370: Backport load_composer_autoloader to prevent breaking compat with mw 1.26 and 1.25: MW-1.27-release.
Apr 19 2017, 3:28 AM · MediaWiki-Configuration
Legoktm renamed T138370: Backport load_composer_autoloader to prevent breaking compat with mw 1.26 and 1.25 from "Backport load_composer_autoloader to 1.27.x, to prevent breaking compat with 1.26 and 1.25" to "Backport load_composer_autoloader to prevent breaking compat with mw 1.26 and 1.25".
Apr 19 2017, 3:28 AM · MediaWiki-Configuration
Legoktm closed T138370: Backport load_composer_autoloader to prevent breaking compat with mw 1.26 and 1.25 as "Declined".

Right, the title change by Andre didn't really make sense. Given that 1.25 and 1.26 are EOL now, this is declined.

Apr 19 2017, 3:28 AM · MediaWiki-Configuration
RandomDSdevel awarded T157670: Changes to MediaWiki code related to parsing can leave links tables out of date a Grey Medal token.
Apr 19 2017, 12:45 AM · MediaWiki-Parser, MediaWiki-Page-editing, Parsing-Team

Apr 18 2017

Legoktm added a comment to T163277: Make CentralIdLookup easier to use safely across environments (different providers, part of cluster/not part, etc.).

a) You can get a central ID from LocalIdLookup that could be used incorrectly. This can only be used on that same wiki, or on other wikis using shared user tables (maybe these two cases should even be different providers). If you're expecting (incorrectly) that the wiki is part of a farm, you may not realize you're using LocalIdLookup.

Apr 18 2017, 10:55 PM · MediaWiki-Authentication-and-authorization
Legoktm added a comment to T163167: Sysops are no longer able to add education extension groups.

I think this is the same issue as T141431: Can't grant "Upload Wizard campaign editor" unless default settings are customized?

Apr 18 2017, 2:07 AM · Patch-For-Review, Wikimedia-General-or-Unknown, MediaWiki-Configuration, MediaWiki-extensions-EducationProgram
Legoktm added a comment to T163166: XSS in object descriptions from tabular data.

For reference, GlobalUserPage does parsing on the central wiki and the local wiki blindly trusts the HTML it's given. At that time, Chris said it was OK provided it was explicitly documented (https://www.mediawiki.org/wiki/Extension:GlobalUserPage#Caveats).

Apr 18 2017, 2:06 AM · Patch-For-Review, Interactive-Sprint, Maps (Kartographer), Vuln-XSS, Security

Apr 17 2017

Legoktm added a comment to T163150: Add native support to selectively load MediaWiki JS or CSS via URL.

I think this would mean revisiting T29766: Allow loading modules by request url query parameter? (which I would be in favor of re-opening)

Apr 17 2017, 10:00 PM · MediaWiki-ResourceLoader
Legoktm added a comment to T108138: Sysops can undelete pages, although the page is protected against it.

This caused T163144: Restoration of deleted items broken on Wikidata.

Apr 17 2017, 8:07 PM · MW-1.27-release-notes, MW-1.28-release-notes, MW-1.29-release (WMF-deploy-2017-04-11_(1.29.0-wmf.20)), MW-1.29-release-notes, Patch-For-Review, Security-Team, Security, MediaWiki-Page-deletion, MediaWiki-Page-protection
Legoktm added a comment to T163144: Restoration of deleted items broken on Wikidata.

'create' on Wikidata in the main namespace is blocked by the 'wikibase-no-direct-editing' error. Therefore 'undelete' now fails with 'undelete-cantcreate' which was added in T108138: Sysops can undelete pages, although the page is protected against it.

Apr 17 2017, 8:07 PM · Wikidata-Sprint, Patch-For-Review, Regression, Wikidata
Legoktm added a comment to T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function.

I'm delighted to report that the patch has fixed the problem. I've successfully managed to have the account block me while not logged-in. Thank you, @Legoktm.

Apr 17 2017, 6:52 PM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm added a comment to T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function.

I'm not seeing how that patch would fix the bug reported here (although the patch does seem like a good idea on its own).

Apr 17 2017, 5:36 PM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm committed R1995:f5e43ddb1a02: API: Add pageid/ns to list=linterrors output (authored by Legoktm).
API: Add pageid/ns to list=linterrors output
Apr 17 2017, 5:27 PM
Legoktm merged task T163092: Linter does not handle "Multi-part-template" well into T162920: In multi-content/template-block scenarios, Linter displays "--" in the "Through a template"? column.
Apr 17 2017, 4:21 AM · MediaWiki-extensions-Linter, Parsoid
Legoktm merged T163092: Linter does not handle "Multi-part-template" well into T162920: In multi-content/template-block scenarios, Linter displays "--" in the "Through a template"? column.
Apr 17 2017, 4:21 AM · MW-1.30-release-notes (WMF-deploy-2017-05-23_(1.30.0-wmf.2)), Patch-For-Review, MediaWiki-extensions-Linter, Parsoid
Legoktm added a comment to T163092: Linter does not handle "Multi-part-template" well.

Probably a dupe yes.

Apr 17 2017, 4:20 AM · MediaWiki-extensions-Linter, Parsoid
Legoktm added a comment to T163092: Linter does not handle "Multi-part-template" well.

That's from [mediawikiwiki]> select * from linter where linter_id=107;

Apr 17 2017, 3:23 AM · MediaWiki-extensions-Linter, Parsoid
Legoktm created T163092: Linter does not handle "Multi-part-template" well.
Apr 17 2017, 3:22 AM · MediaWiki-extensions-Linter, Parsoid
Legoktm created T163091: Parsoid: Add API endpoint to get lint errors for arbitrary wikitext.
Apr 17 2017, 3:17 AM · Services (done), User-mobrovac, RESTBase-API, Parsoid, MediaWiki-extensions-Linter
Legoktm renamed T153055: Support API query for list of errors for arbitrary wikitext (for pre-save checks) from "Support API query for list of errors for a given page" to "Support API query for list of errors for arbitrary wikitext (for pre-save checks)".
Apr 17 2017, 3:10 AM · MediaWiki-extensions-Linter
Legoktm added a comment to T153055: Support API query for list of errors for arbitrary wikitext (for pre-save checks).

Ah, understood. OK, I'll rephrase the title.

Apr 17 2017, 3:09 AM · MediaWiki-extensions-Linter

Apr 16 2017

Legoktm edited projects for T154361: Add $wgWhitelistSpecialPages option, added: MediaWiki-Configuration; removed MediaWiki-General-or-Unknown.

Unfortunately this only works for english version pages

Apr 16 2017, 9:28 PM · MediaWiki-Configuration
Legoktm added a comment to T148609: Review and deploy Linter extension to Wikimedia wikis.

As I mentioned on IRC, I think the huge increase in queries was caused by the inclusion in the API meta=siteinfo endpoint which in hindsight is called pretty frequently. We should consider not including it by default (another parameter) and putting it behind some caching.

Apr 16 2017, 7:37 AM · Wikimedia-Incident, MW-1.29-release (WMF-deploy-2017-04-25_(1.29.0-wmf.21)), DBA, MediaWiki-Platform-Team, User-notice, Patch-For-Review, MediaWiki-extensions-Linter, Wikimedia-Extension-setup
Legoktm committed R1995:8302db893fef: Separate linter-numerrors bidi from rest of the line (authored by Ebraminio).
Separate linter-numerrors bidi from rest of the line
Apr 16 2017, 7:37 AM
Legoktm committed R1995:379137df59b0: Revert "Expose category totals in API response" (authored by Legoktm).
Revert "Expose category totals in API response"
Apr 16 2017, 7:37 AM
Legoktm added a reverting commit for R1995:45b4bf6382ad: Expose category totals in API response: R1995:379137df59b0: Revert "Expose category totals in API response".
Apr 16 2017, 7:37 AM
Legoktm updated subscribers of T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function.

+@Anomie and @TTO since this is related to the UserGroupMembership stuff. I think I have a band-aid patch that should mitigate most of this?

Apr 16 2017, 7:25 AM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm renamed T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function from "UserGroupMembership::insert() needs a positive user ID. Did you forget to add your User object to the database before calling addGroup()" to "UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function".
Apr 16 2017, 7:11 AM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm triaged T163032: UserGroupMembership::insert() needs a positive user ID exception breaking AbuseFilter block function as "Unbreak Now!" priority.
Apr 16 2017, 7:10 AM · MW-1.30-release-notes (WMF-deploy-2017-05-09_(1.30.0-wmf.1)), Wikimedia-log-errors, AbuseFilter
Legoktm added a comment to T163042: Linter extension should provide sufficent information to locate markup it considered malformed..

Well in this case it was caused by a template: https://la.wiktionary.org/w/index.php?title=luna&type=revision&diff=169447&oldid=169438

Apr 16 2017, 2:52 AM · MediaWiki-extensions-Linter

Apr 15 2017

Legoktm added a comment to T148609: Review and deploy Linter extension to Wikimedia wikis.

Sorry about the trouble :/

Apr 15 2017, 3:27 AM · Wikimedia-Incident, MW-1.29-release (WMF-deploy-2017-04-25_(1.29.0-wmf.21)), DBA, MediaWiki-Platform-Team, User-notice, Patch-For-Review, MediaWiki-extensions-Linter, Wikimedia-Extension-setup
Legoktm added a comment to T161556: Implement a way to have linter reprocess all pages .

Sorry I forgot to comment here - I ended up writing a small python script to do this for now: https://git.legoktm.com/legoktm/parsoid-reparse

Apr 15 2017, 3:15 AM · Services (watching), Parsoid, MediaWiki-extensions-Linter

Apr 14 2017

Legoktm added a comment to T153454: Enable BotPasswords (or similar feature) for non-bot accounts.

Any account can use bot passwords? There's no limitation that restricts it only to bots.

Apr 14 2017, 11:06 AM · User-Urbanecm, MediaWiki-Authentication-and-authorization
Legoktm merged T162893: LintErrors should have namespace selector into T162918: Different handling for lint errors in User: and other non-article namespaces.
Apr 14 2017, 7:20 AM · MW-1.29-release (WMF-deploy-2017-04-25_(1.29.0-wmf.21)), Patch-For-Review, Parsoid, MediaWiki-extensions-Linter
Legoktm merged task T162893: LintErrors should have namespace selector into T162918: Different handling for lint errors in User: and other non-article namespaces.
Apr 14 2017, 7:20 AM · MediaWiki-extensions-Linter
Legoktm added a comment to T153055: Support API query for list of errors for arbitrary wikitext (for pre-save checks).

If we add a prop=linterrors I think that should work out the best. Then you can retrieve the current revision text plus hte errors with prop=revisions|linterrors or something.

Apr 14 2017, 7:15 AM · MediaWiki-extensions-Linter
Legoktm closed T162898: have txt export for LintErrors as "Declined".

There's a list=linterrors API module: https://www.mediawiki.org/w/api.php?action=help&modules=query%2Blinterrors

Apr 14 2017, 7:07 AM · MediaWiki-extensions-Linter
Legoktm committed R1995:fbff1cffff4d: Add namespace filter to Special:LintErrors (authored by Legoktm).
Add namespace filter to Special:LintErrors
Apr 14 2017, 3:52 AM