Still getting these from time to time. Last time: 11 Apr 6:15:48 AM (UTC)

last time this happened for me was: 03 Feb 2024 03:15 UTC

In T356163#9497689, @Joe wrote:

migration to kubernetes (which is still only partial, btw).

Done.

Done.

I believe that having this option would greatly improve user security. It is much harder to break into someone's account when you don't know the login. With more and more Wikimedians being targeted by governments and other malicious actors, it is imperative that we allow people to raise their defences as much as possible.

@bd808 hi Bryan. I understand that you're worried about scope creep here. Sorry about that. My initial thought was, since we're moving to the new cloud platform, it would make sense to take that opportunity and get the modern runtime.

In T319625#8319616, @bd808 wrote:

At this time we do not allow "bring your own container" nor do we import containers created externally for use by Toolforge tools.
It looks to me like ~chie-bot/run-bot uses the mono runtime today on the grid engine. Is there a particular reason that you would need a different runtime to move these jobs from the grid engine to a Kuberrnetes container?

In T319625#8301642, @komla wrote:

This is being addressed here T311466: Create a kubernetes container with mono and dotnet

Is there any way to use the MS-supplied image on labs k8s?

This is being addressed here T311466: Create a kubernetes container with mono and dotnet

In T319625#8298817, @nskaggs wrote:

My apologies if this ticket comes as a surprise to you. In order to ensure WMCS can provide a stable, secure and supported platform, it’s important we migrate away from GridEngine. I want to assure you that while it is WMCS’s intention to shutdown GridEngine as outlined in the blog post https://techblog.wikimedia.org/2022/03/14/toolforge-and-grid-engine/, a shutdown date for GridEngine has not yet been set. The goal of the migration is to migrate as many tools as possible onto kubernetes and ensure as smooth a transition as possible for everyone. Once the majority of tools have migrated, discussion on a shutdown date is more appropriate. See T314664: [infra] Decommission the Grid Engine infrastructure.

Hi! My tool is written in dotnet and requires donet 6 which you don't have an image for. So it is not possible to migrate at the moment.

This definitely has nothing to do with PWB. I get this error by just running the bare query like I said above

I experience the same error intermittently with my bot. To test this I wrote code that sends the same query in a loop and sometimes it gets the correct reply from the server while sometimes this happens:

I tested it and it works. Thanks a lot, that was really quick!

@Tgr, I would argue it's a self-deceit. The current grant list page is too complicated. If it was a simple "allow read-only access only" setting - then maybe your argument would be valid.
Instead the current grant list page is hard to use (a user is supposed to hover every checkbox to figure out what it does and decide if they need it) and confusing (it lists even the rights that are not actually available to the user). I'm pretty sure almost no one will use it as intended. Instead, most of the users are going to check every checkbox on that page and forget about it. And nothing can be done about it. So adding the 'grant all existing rights' checkbox is not going to change anything security-wise.

@Tgr, could you please elaborate on what you mean by "unhealthy habits"?

@Anomie thank you very much for the clarification!

@Anomie So, essentially every extension that uses custom rights is broken for bots now. I kinda have a feeling this should've been addressed somehow before deploying action = login deprecation.

@Aklapper https://bitbucket.org/leloiandudu/chiebot/src, but I don't see how this is of any relevance

I would advocate for the removal of the workaround from T2295, it would make everything cleaner.

In T78497#847008, @Aklapper wrote:

now parsed

What does "now" mean? Did this recently change?

In my point of view, it would've been better to use something like L<nowiki>'</nowiki>''homme'' est (or L'<nowiki></nowiki>''homme'' est) than to implement all that half-broken hackery from T2295