Page MenuHomePhabricator

Platonides (platonides)
User

Projects (6)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Oct 24 2014, 10:10 PM (302 w, 2 d)
Availability
Available
LDAP User
Platonides
MediaWiki User
Platonides [ Global Accounts ]

Recent Activity

Sat, Aug 8

Platonides added a comment to T256541: Fix the problem with gravatar and mailman3.

There is no need to actually proxy gravatar. We could have our own instance. Gravatar is just a service mapping email md5 to an uploaded image. Is people still uploading their avatars there? Didn't that stop like a decade ago? Even if some people have an image there, it seems saner to use our own "wikimedia avatars". I'm not particularly happy on using the (hashed) email as primary key, but that seems to be what they are working with.

Sat, Aug 8, 11:38 PM · Operations, Wikimedia-Mailing-lists

Fri, Aug 7

Platonides added a comment to T175691: Geoip lookup - Misidentifying country due to travelling.

It could go both ways. If as an Hungarian with only Hungarian credit card, and temporarily visiting the US, you are given HU options, it would succeed. OTOH, if you only had a US card, or if it persisted a US cookie after coming back, it's a failure.

Fri, Aug 7, 10:26 PM · Operations, Traffic, FR-Q2-FY2019-20-cleanup-list, Fundraising-Backlog, MediaWiki-extensions-CentralNotice

Sun, Aug 2

Platonides added a project to T259443: Deleting some specific files is not working: MediaWiki-Uploading.
Sun, Aug 2, 9:14 PM · MediaWiki-Uploading, Wikimedia-production-error
Platonides added a comment to T259443: Deleting some specific files is not working.

Files uploaded in 2013 with two upload entries at the same minute.

Sun, Aug 2, 8:48 PM · MediaWiki-Uploading, Wikimedia-production-error
Platonides added a project to T259443: Deleting some specific files is not working: MediaWiki-extensions-UploadBlacklist.
Sun, Aug 2, 8:47 PM · MediaWiki-Uploading, Wikimedia-production-error

Sun, Jul 26

Platonides added a comment to T258877: MediaWiki sets invalid Content-Encoding: none.

The content encoding of 'identity', was added in rfc2616 with a note that it "SHOULD NOT be used in the Content-Encoding header". The transfer coding identity was removed by rfc7230. rfc7231 uses "identity" as a special value in the context of Accept-Encoding, not of Content-Encoding. Anyway, the semantics of a Content-encoding: identity are completely clear and supported even if it may make for a redundant header.

Sun, Jul 26, 1:11 AM · Patch-For-Review, MediaWiki-General
Platonides claimed T258877: MediaWiki sets invalid Content-Encoding: none.
Sun, Jul 26, 12:37 AM · Patch-For-Review, MediaWiki-General
Platonides removed a project from T258877: MediaWiki sets invalid Content-Encoding: none: MediaWiki-Core-Hooks.
Sun, Jul 26, 12:29 AM · Patch-For-Review, MediaWiki-General
Platonides created T258877: MediaWiki sets invalid Content-Encoding: none.
Sun, Jul 26, 12:29 AM · Patch-For-Review, MediaWiki-General

Jul 9 2020

Platonides renamed T230425: Page creation log should not display the content of deleted pages from Recent changes new page entries should not display the content of deleted pages to Page creation log should not display the content of deleted pages.
Jul 9 2020, 10:11 PM · Performance-Team (Radar), Anti-Harassment, MediaWiki-Logging
Platonides renamed T230425: Page creation log should not display the content of deleted pages from Page creation log should not display the content of deleted pages to Recent changes new page entries should not display the content of deleted pages.
Jul 9 2020, 10:09 PM · Performance-Team (Radar), Anti-Harassment, MediaWiki-Logging

Jun 16 2020

Platonides added a comment to T230245: GenerateFancyCaptchas.php crashes with "FormatJson.php: File not found in" after 1000 iterations.

$maxConcurrency was set to 50, but we had nearly one thousand operations pending.

Jun 16 2020, 9:09 PM · Performance-Team, Patch-For-Review, Commons, MediaWiki-File-management, Platform Engineering (Icebox), Operations, SRE-swift-storage, Editing-team, ConfirmEdit (CAPTCHA extension)
Platonides added a comment to T230245: GenerateFancyCaptchas.php crashes with "FormatJson.php: File not found in" after 1000 iterations.

I can disable $async on FileBackendStore::doQuickOperationsInternal(), and then it no longer fails. Understandably, that makes the process slower (Copied 969 captchas to storage in 43.6 seconds).

Jun 16 2020, 8:52 PM · Performance-Team, Patch-For-Review, Commons, MediaWiki-File-management, Platform Engineering (Icebox), Operations, SRE-swift-storage, Editing-team, ConfirmEdit (CAPTCHA extension)
Platonides added a comment to T230245: GenerateFancyCaptchas.php crashes with "FormatJson.php: File not found in" after 1000 iterations.

I found it is a file descriptor problem. ulimit -n is set to 1024. FormatJson is failing with

Jun 16 2020, 8:27 PM · Performance-Team, Patch-For-Review, Commons, MediaWiki-File-management, Platform Engineering (Icebox), Operations, SRE-swift-storage, Editing-team, ConfirmEdit (CAPTCHA extension)

Jun 12 2020

Platonides added a comment to T230245: GenerateFancyCaptchas.php crashes with "FormatJson.php: File not found in" after 1000 iterations.

I would try

  • throwing a clearstatcache() somewhere, in case it makes find the file Json again
  • run a different program than python that creates the file externally, e.g. touch filename
Jun 12 2020, 10:58 PM · Performance-Team, Patch-For-Review, Commons, MediaWiki-File-management, Platform Engineering (Icebox), Operations, SRE-swift-storage, Editing-team, ConfirmEdit (CAPTCHA extension)

Jun 8 2020

Platonides added a comment to T205619: Upload to Commons fails with a common ADSL connection in Taiwan.

It doesn't make any sense that you can upload to phabricator, but not to commons.
I would suspect some crazy with some intermediate box, but the whole connection is encrypted.

Jun 8 2020, 12:41 AM · Operations, Wikimedia-General-or-Unknown, Commons

Jun 7 2020

Platonides added a comment to T52864: Upgrade GNU Mailman from 2.1 to Mailman3.

Note: The receiving Exim doesn't seem to be configured to accept list mail:

Jun 7 2020, 2:00 AM · Security-Team, Operations, Wikimedia-Mailing-lists
Platonides added a comment to T52864: Upgrade GNU Mailman from 2.1 to Mailman3.

MX records cannot have IP addresses. They must be associated to a hostname (plus a priority)

Jun 7 2020, 1:57 AM · Security-Team, Operations, Wikimedia-Mailing-lists

May 31 2020

Platonides added a comment to T244665: CopyPatrol incorrectly encodes non-ASCII letters (with diacritics) in article titles, so the links do not work.

It might be a simple issue of changing the db charset, or adding a SET NAMES to the client.

May 31 2020, 8:28 PM · I18n, Community-Tech, CopyPatrol

May 6 2020

Platonides created T251962: Double escaped entities in {{FULLPAGENAME}} on customized Delete-legend message again.
May 6 2020, 12:12 AM · MediaWiki-Parser, MediaWiki-Interface

Apr 23 2020

Platonides added a comment to T248294: Separate permission for creating a page with a custom content model.

Maybe, rather than a new permission for that, something like $wgCustomModelProtection[] which allows requiring a specific right for certain models (presumably those that could be sensitive, most models shouldn't need that), rather than a one-right fits all approach.

Apr 23 2020, 1:46 AM · Editing-team, Security-Team, MediaWiki-User-management, User-DannyS712

Apr 22 2020

Luke081515 awarded T250131: Allow the owner to lock its former account if it has been compromised a Love token.
Apr 22 2020, 4:28 PM · Trust-and-Safety, MediaWiki-extensions-CentralAuth, Security

Apr 20 2020

Platonides added a comment to T249703: Automatically close Pull Requests in repos mirrored on Github.

Heh, calling it "Welcome Bot" sounded nicer, even if it would still be saying go away from GitHub ;)

Apr 20 2020, 12:28 AM · Developer-Advocacy (Apr-Jun 2020), Release-Engineering-Team, User-Majavah, Wikimedia-GitHub
Platonides added a comment to T249703: Automatically close Pull Requests in repos mirrored on Github.

I understand the app Name will be the bot name, so rather than "Wikimedia PR Closer" I would prefer something more user-friendly, such as "Wikimedia Welcome Bot for GitHub users"

Apr 20 2020, 12:09 AM · Developer-Advocacy (Apr-Jun 2020), Release-Engineering-Team, User-Majavah, Wikimedia-GitHub

Apr 17 2020

Platonides added a comment to T246726: Prevent data loss in DiscussionTools caused by MediaWiki not detecting edit conflicts with yourself.

A point that is somewhat behind this is that the edit conflict isn't isn't too user friendly, which makes edit conflicts more burdensome.

Apr 17 2020, 12:13 AM · Verified, MW-1.35-notes (1.35.0-wmf.25; 2020-03-24), OWC2020 (OWC2020 Replying 1.0), Editing-team (Q3 2019-2020 Kanban Board), DiscussionTools

Apr 16 2020

Platonides added a comment to T250314: Investigate Privacy Pass for Wikimedia Sites.

https://github.com/WICG/trust-token-api seems to be another project doing basically the same thing.

Apr 16 2020, 9:53 PM · Privacy Engineering, Privacy, Security-Team, Wikimedia-General-or-Unknown
Platonides added a comment to T250314: Investigate Privacy Pass for Wikimedia Sites.

If a third party would be presenting our challenges, it could help making them not be able to link the requestors of captchas (for which they would have IP addresses, run js, etc.) and the actual wikipedia (since the token will be redeemed at a later date).

Apr 16 2020, 9:44 PM · Privacy Engineering, Privacy, Security-Team, Wikimedia-General-or-Unknown
Platonides added a comment to T246726: Prevent data loss in DiscussionTools caused by MediaWiki not detecting edit conflicts with yourself.

Yes, because with the behavior of the "back" button in browsers at the time, it was actually needed. It no longer is.

Apr 16 2020, 8:26 PM · Verified, MW-1.35-notes (1.35.0-wmf.25; 2020-03-24), OWC2020 (OWC2020 Replying 1.0), Editing-team (Q3 2019-2020 Kanban Board), DiscussionTools

Apr 14 2020

Platonides created T250131: Allow the owner to lock its former account if it has been compromised.
Apr 14 2020, 2:03 AM · Trust-and-Safety, MediaWiki-extensions-CentralAuth, Security

Apr 11 2020

Platonides added a comment to T246726: Prevent data loss in DiscussionTools caused by MediaWiki not detecting edit conflicts with yourself.

Note that MediaWiki doesn't "fail" to detect the conflict if the edit was made by the same user. It explicitly goes and does an expensive check to see if it should ignore the conflict because the edit is by the same user. This was explicitly implemented as a feature. Don't ask me why though ;)

Apr 11 2020, 1:08 AM · Verified, MW-1.35-notes (1.35.0-wmf.25; 2020-03-24), OWC2020 (OWC2020 Replying 1.0), Editing-team (Q3 2019-2020 Kanban Board), DiscussionTools

Apr 5 2020

Platonides renamed T243937: Wiki email not delivered to GMail from Wiki email not delievered to GMail to Wiki email not delivered to GMail.
Apr 5 2020, 2:13 PM · Operations, Mail
Platonides added a comment to T243937: Wiki email not delivered to GMail.

I don't think that graph is the right one, André. It may provide approximate data (both are emails), but I think list email is even sent from a completely different relay.

Apr 5 2020, 2:13 PM · Operations, Mail

Mar 22 2020

Platonides added a comment to T248269: Consider ignoring blocks that were quickly reverted [Was: Block report on personal account].

I think it could be a good request that the tool shouldn't show it. However, the tool is completely right. The user was blocked for 1030 days.

Mar 22 2020, 7:56 PM · XTools

Mar 15 2020

Platonides renamed T247719: Europeana links dont work - web is down?!?! from Understand how we can track changes in European and avoid linkroot in Wikidata to Understand how we can track changes in Europeana and avoid linkrot in Wikidata.
Mar 15 2020, 11:46 PM · Magnus Sälgö
Platonides added a comment to T246970: Quarry: Lost connection to MySQL server during query.

Why are you using that query?

Mar 15 2020, 12:52 AM · Quarry, Data-Services

Mar 14 2020

Platonides added a comment to T247682: Add {{em}} magic word.

And how do you know, server-side, the number of px in 1 em for the current user?

Mar 14 2020, 10:33 PM · ParserFunctions, MediaWiki-Parser
Platonides added a comment to T247587: XDebug makes requiring files unreasonably slow and affects open file limit.

There are file descriptors being opened that you did not capture. Some suggestions: openat, dup2, socket, accept...

Mar 14 2020, 1:21 AM · Patch-For-Review, MediaWiki-Vagrant

Mar 13 2020

Platonides added a comment to T152434: Add method to Revision to check if it was a Revert, and whether an edit was Reverted.

A great usecase of this would be to allow showing a collapsed view of the history page. Currently, you have some page histories where it almost hasn't changed for years, yet there are a lot of history entries due to edits and reverts/undos.
It would be great to have them collapsed as a single link mentioning there were 53 irrelevant edits, so that only actual changes affecting the current page are shown.

Mar 13 2020, 11:19 PM · Google-Summer-of-Code (2020), Growth-Team, Platform Team Legacy (Watching / External), Readers-Web-Backlog (Tracking), Product-Infrastructure-Team-Backlog, Trending-Service, Epic, MediaWiki-Page-editing, Contributors-Team, MediaWiki-Interface

Feb 18 2020

Platonides added a comment to T241768: Pilot social media traffic reports for English Wikipedia.

Or simply a Michael Jackson event! (that we'd better be aware, too)

Feb 18 2020, 11:26 PM · Research (FY2019-20-Research-April-June), Privacy Engineering

Feb 3 2020

Platonides added a comment to T239150: Login for SUL account on enwiki stopped working without clear hint why (due to password being in top 100000 list).

(...) Then we can hard-reset your password and reset it through the system.

Alternatively you can email ca-at-wikimedia.org from the email associated with the account.

Feb 3 2020, 11:37 PM · Trust-and-Safety, MediaWiki-User-login-and-signup, Wikimedia-General-or-Unknown
Platonides added a comment to T239150: Login for SUL account on enwiki stopped working without clear hint why (due to password being in top 100000 list).

@Beej--phabricator can you check if the password being rejected was indeed in the large list at
https://github.com/danielmiessler/SecLists/blob/aad07ff/Passwords/10_million_password_list_top_100000.txt ?

Feb 3 2020, 10:50 PM · Trust-and-Safety, MediaWiki-User-login-and-signup, Wikimedia-General-or-Unknown

Jan 14 2020

Platonides added a comment to T242696: AbuseFilter not blocking edits that trigger the Filter.

Maybe mwlog1001 will have some details about what happened?

Jan 14 2020, 12:46 AM · User-Daimona, AbuseFilter
Platonides created T242696: AbuseFilter not blocking edits that trigger the Filter.
Jan 14 2020, 12:45 AM · User-Daimona, AbuseFilter

Jan 11 2020

Platonides added a comment to T242520: Allow Cloud mailing list to be indexed .

As an external solution, it could be added to an external mailing list archiver such as marc (they already have wikitech-l, mediawiki-l...)

Jan 11 2020, 10:41 PM · User-RhinosF1, Operations, Wikimedia-Mailing-lists

Jan 3 2020

Platonides added a comment to T241781: Audit members of #security for more than x duration of no activity.

It was added by @chasemp on Apr 23 2019, 6:53 PM, along WDoranWMF.

Jan 3 2020, 12:57 AM · Security, Phabricator, Security-Team

Dec 20 2019

Platonides closed T241267: Spamhaus check suddenly started bouncing me; whitelist request? as Invalid.
Dec 20 2019, 9:53 PM · Operations, Wikimedia-Mailing-lists
Platonides added a comment to T241267: Spamhaus check suddenly started bouncing me; whitelist request?.

The entry SBL205747 is special in that it is an entry requested by mail.com itself. When they consider that the email they are going to send is spam, they send it through an IP address listed there so that people checking the Spamhaus blacklist may block it.

Dec 20 2019, 9:52 PM · Operations, Wikimedia-Mailing-lists
Platonides added a comment to T240520: Produce dumps of commons thumbnail URLs.

Then the internal urls are really no different than the public ones. Converting them would simply mean prepending "https://upload.wikimedia.org/wikipedia/commons/thumb/"

Dec 20 2019, 1:38 AM · Patch-For-Review, Dumps-Generation, Internet-Archive, Datasets-Archiving

Dec 12 2019

Platonides added a comment to T240520: Produce dumps of commons thumbnail URLs.

How are the internal swift urls? I'm not sure why we need two lists.
Also, while a baseline, I don't expect python to be the most efficient construct. A better one could be construed directly in C. Or even use a Bloom filter rather than a set.

Dec 12 2019, 10:18 PM · Patch-For-Review, Dumps-Generation, Internet-Archive, Datasets-Archiving

Dec 5 2019

Platonides added a comment to T239866: Investigate use of bz2 decompression tools on multistream files.

I think the bzip2 api doesn't handle the multistream transparently, so tools coded using that would probably be affected.

Dec 5 2019, 10:10 PM · Dumps-Generation

Dec 1 2019

Platonides added a comment to T239549: Cannot open image(s) on office.wikimedia.org: "Error: readapidenied" in MediaViewer.

The error "page" is actually https://office.wikimedia.org/wiki/Main_Page#/media/File:Wikimedia_Foundation_All_Hands_2018_-_Myleen_Hollero_(edited).jpg, which is failing due to the underlying https://office.wikimedia.org/w/api.php?action=query&format=json&prop=imageinfo&titles=File%3AWikimedia_Foundation_All_Hands_2018_-_Myleen_Hollero_(edited)%2Ejpg&iiprop=url&iiurlwidth=1024&smaxage=86400&maxage=86400 erroring with:
code: readapidenied
info: You need read permission to use this module.

Dec 1 2019, 11:45 PM · MediaViewer, Wikimedia-Site-requests, MediaWiki-File-management, Wikimedia-General-or-Unknown

Nov 25 2019

Platonides added a comment to T183763: [Recurring] Migrate an extension to use extension registration (extension.json).

I can help mentoring these @Gopavasanth

Nov 25 2019, 11:25 PM · Google-Code-in-2019, MediaWiki-Configuration, Google-Code-in-2017

Nov 16 2019

Platonides awarded T42439: Allow global whitelisting for global blocks a Orange Medal token.
Nov 16 2019, 10:44 PM · Stewards-and-global-tools, GlobalBlocking

Nov 7 2019

Platonides added a comment to T124101: Specific revisions of multiple files missing from Swift - 404 Not Found returned.

The file was reuploaded by Denniss on September 2016, but the original file is still missing, TheSandDoctor.

Nov 7 2019, 11:54 PM · User-Josve05a, Operations, Multimedia, SRE-swift-storage, Commons
Platonides added a comment to T124101: Specific revisions of multiple files missing from Swift - 404 Not Found returned.

(old comment that was waiting as draft in the browser)

Nov 7 2019, 11:54 PM · User-Josve05a, Operations, Multimedia, SRE-swift-storage, Commons

Oct 12 2019

Platonides added a comment to T235346: Edits which has been reverted and revision deleted over 40 hours ago were visible on page previews.

I'm not sure about the purges. Sometimes you need a null edit in order to really bypass some caches.

Oct 12 2019, 8:49 PM · Readers-Web-Backlog (Tracking), RESTBase-API, User-Josve05a, Page-Previews
Platonides added a comment to T235348: My profile picture on Phabricator looks wierd.

Looks like a partially downloaded image. Probably an interrupted download produced a truncated image that was then cached (locally, on a server?).

Oct 12 2019, 8:45 PM · User-Josve05a, Phabricator

Oct 10 2019

Platonides added a comment to T234537: Password Reset: Update PRU Language in Preferences [x-small].

For one, when reading the UI of T234537#5553996, initially thought that "Require email address" meant requiring being in control of the email address (i.e. that the feature was like requiring that the user validates the change via email in addition of knowing the current password before password changes take action), whereas it actually is meant to require knowing which is the email address linked to the account.

Oct 10 2019, 9:48 PM · MW-1.35-notes (1.35.0-wmf.10; 2019-12-10), Community-Tech (Kanban-Q2-2019-20), Password-Reset-Update

Oct 6 2019

Platonides added a comment to T234715: DynamicPageList (Wikimedia) no longer integrates properly with flagged revisions.

As an alternative solution, you could add an AbuseFIlter that prevents non-admins from adding {{yes}}

Oct 6 2019, 11:55 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), DynamicPageList (Wikimedia), MediaWiki-extensions-FlaggedRevs
Platonides added a comment to T234715: DynamicPageList (Wikimedia) no longer integrates properly with flagged revisions.

The default value of stablepages is 'exclude', since the very beginning (f798ae02d418f63301da636d1d21719ead743773).

Oct 6 2019, 11:45 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), DynamicPageList (Wikimedia), MediaWiki-extensions-FlaggedRevs

Sep 22 2019

Platonides added a comment to T232417: mass Yahoo / AOL bounces mailman.

Similarly, on Wednesday ...@yahoo.com subscriptions were disabled for wikitech-l due to this same issue, bouncing https://lists.wikimedia.org/pipermail/wikitech-l/2019-September/092531.html, a legitimate email which seems perfectly innocuous.

Sep 22 2019, 8:19 PM · Mail, Wikimedia-Mailing-lists, Operations
Platonides added a comment to T232417: mass Yahoo / AOL bounces mailman.

See T22507 for the same issue in 2009

Sep 22 2019, 8:12 PM · Mail, Wikimedia-Mailing-lists, Operations
Platonides renamed T232417: mass Yahoo / AOL bounces mailman from mass AOL bounces mailman to mass Yahoo / AOL bounces mailman.
Sep 22 2019, 8:11 PM · Mail, Wikimedia-Mailing-lists, Operations
Platonides added a comment to T232417: mass Yahoo / AOL bounces mailman.

Yesterday, we had the same issue on biblio-es-l with all subscribers using a yahoo.es email address being automatically disabled delivery (funnily, it was not the case for those with a yahoo.com one), as the max retry timeout for emails from an email from Tuesday was reached.

Sep 22 2019, 8:11 PM · Mail, Wikimedia-Mailing-lists, Operations

Aug 17 2019

Platonides created T230667: Old files stored with an invalid base36 fa_sha1 hash with leading 0.
Aug 17 2019, 11:04 PM · Platform Engineering (Icebox), MW-1.34-notes (1.34.0-wmf.22; 2019-09-10), Commons, MediaWiki-File-management
Platonides added a comment to T71088: Queries of commonswiki_p.filearchive for fa_sha1 are slow.

There is an API which allows you to look up deleted files by hash:
https://commons.wikimedia.org/w/api.php?action=query&list=filearchive&fasha1base36=eu7dlnl8z4upc36048um3aonw45w510&faprop=sha1
https://commons.wikimedia.org/w/api.php?action=query&list=filearchive&fasha1=7f08c97431182ef389ef6f09faac9ff6410b5674&faprop=sha1

Aug 17 2019, 10:49 PM · Data-Services, DBA, Cloud-VPS

Aug 10 2019

Platonides added a comment to T230240: purgeParserCache too slow to run once a day.

It is trying to purge objects created more than 2592000 seconds ago (30 days), with a sleep of 0,0005 seconds between each batch.

Aug 10 2019, 9:28 PM · MediaWiki-Maintenance-system

Jun 14 2019

Platonides added a comment to T224076: wmerrors has no license information.

I'm also ok with that.

Jun 14 2019, 12:57 AM · Patch-For-Review, wmerrors, Software-Licensing

May 25 2019

Platonides added a comment to T224343: Add more bad words to fancycaptcha/badwords.

The actual wordlist was published by Tim many years ago,¹ which is much more relevant for an attacker than the blacklist. Someone even created a greasemonkey to check if you were providing a valid captcha solution.

May 25 2019, 10:16 PM · Operations, Wikimedia-Site-requests
Platonides added a comment to T224343: Add more bad words to fancycaptcha/badwords.

The repo has a tiny blocklist (510 bytes). A 5KB blocklist seems perfectly acceptable to store there, and a good blocklist would benefit everyone.
Do we know the source of that blocklist?
(also, what's the last-modified timestamp of the wmf blocklist?)

May 25 2019, 9:58 PM · Operations, Wikimedia-Site-requests
Platonides added a comment to T224343: Add more bad words to fancycaptcha/badwords.

nazi is on the blacklist present in the repository since 2014, see 1e5bd7dc3c1be

May 25 2019, 9:49 PM · Operations, Wikimedia-Site-requests

Mar 9 2019

Platonides awarded T214998: RFC: Remove .m. subdomain, serve mobile and desktop variants through the same URL a Like token.
Mar 9 2019, 9:40 PM · MobileFrontend (Tracking), TechCom-RFC, Readers-Web-Backlog (Tracking), Traffic, Operations

Mar 5 2019

Platonides added a comment to T217613: Audit anti-abuse API calls and determine if they should be publicly visible.

Titleblacklist, spamblacklist and antispoof use data from public wiki pages.
One could manually parse the wikitext, extract the regex and apply them locally.

Mar 5 2019, 8:30 PM · Anti-Harassment

Feb 18 2019

Platonides added a comment to T146418: Special:Contributions lists namespaces by index number, which is not intuitive.

That Čeština screenshot shows it is wrongly sorting all Discussion pages together (Diskuse*) rather than using pairs of namespace/talk as stated in the description.

Feb 18 2019, 9:09 PM · Design, MediaWiki-Special-pages

Feb 16 2019

Platonides added a comment to T215071: Merge Wikipedia subdomains into one, to discourage censorship.

I don't think any certificate could. The SNI is transferred before the certificate is presented by the server. The server can of course be configured not to negotiate any TLS version less than 1.3 However note that in the event that your browser can't support TLS v1.3, you won't be able to view the page at all (regardless of the GFW blocking it or not).

Feb 16 2019, 10:18 PM · Domains, DNS, Traffic, Operations, HTTPS

Feb 15 2019

Platonides updated the task description for T216295: RFC: Update to Gerrit privilege policy .
Feb 15 2019, 10:54 PM · TechCom-RFC (TechCom-RFC-Closed), Developer-Advocacy
Platonides added a comment to T201146: Build article quality model for Galician Wikipedia.

Easy: https://gl.wikipedia.org/wiki/Wikipedia:Wikiproxecto_1000_artigos_de_calidade_para_alumnado_de_12_a_16_anos/Matem%C3%A1ticas?withJS=MediaWiki:Gadget-ArticleQuality.js

Feb 15 2019, 10:40 PM · Scoring-platform-team (Current), artificial-intelligence, articlequality-modeling, Wikilabels

Jan 16 2019

Platonides added a comment to T213655: Lost file Juan_Guaidó.jpg.

Could you try to restore it @Platonides using the wiki admin tools before trying some SQL?

Jan 16 2019, 11:53 PM · User-revi, Multimedia, MediaWiki-General, Operations, SRE-swift-storage

Jan 13 2019

Platonides added a comment to T213655: Lost file Juan_Guaidó.jpg.

It's probably on esams varnish cache but not on codfw.

Jan 13 2019, 3:57 PM · User-revi, Multimedia, MediaWiki-General, Operations, SRE-swift-storage
Platonides added a project to T213655: Lost file Juan_Guaidó.jpg: Multimedia.
Jan 13 2019, 3:56 PM · User-revi, Multimedia, MediaWiki-General, Operations, SRE-swift-storage
Platonides created T213655: Lost file Juan_Guaidó.jpg.
Jan 13 2019, 3:52 PM · User-revi, Multimedia, MediaWiki-General, Operations, SRE-swift-storage

Dec 14 2018

Platonides added a comment to T211414: Request for information about hosting services for WM-ES.

We already run a wiki for our chapter (well, actually a couple, one public and another private).

Dec 14 2018, 1:13 AM · Operations, Wikimedia-General-or-Unknown

Dec 12 2018

Platonides added a comment to T211414: Request for information about hosting services for WM-ES.

To clarify a little that last comment, WMES uses a commercial dedicated server, on which the different services then run on separate containers. The hardware is owned by a third-party (Hetzner), and hosted on their DC. No third party has access to the data contained therein. Even if some of their employees tried to steal something from there by abusing having physical access to the machine, it would be far from trivial.

Dec 12 2018, 9:09 PM · Operations, Wikimedia-General-or-Unknown

Dec 6 2018

Platonides added a comment to T209749: Allow privileged accounts to determine if an account has enrolled in 2FA.

MarcoAurelio: https://toolsadmin.wikimedia.org/ is part of production services.

Dec 6 2018, 12:16 AM · MW-1.35-notes (1.35.0-wmf.34; 2020-05-26), Security, User-DannyS712, Security-Team, MediaWiki-extensions-OATHAuth, Trust-and-Safety

Dec 5 2018

Platonides added a comment to T209749: Allow privileged accounts to determine if an account has enrolled in 2FA.

If $SECURITY_THEATER is needed for $RIGHT, then the software should not allow $RIGHT actions unless that is in use.

Dec 5 2018, 10:32 PM · MW-1.35-notes (1.35.0-wmf.34; 2020-05-26), Security, User-DannyS712, Security-Team, MediaWiki-extensions-OATHAuth, Trust-and-Safety
Platonides added a comment to T211249: Banners allow Other Amount=0 if fee selected.

You don't even need to write a 0.

Dec 5 2018, 10:23 PM · Wikimedia-Fundraising-Banners, Fundraising-Backlog
Platonides added a comment to T197160: All security-sensitive MediaWiki functionality should require elevated security.

This should be a list of rights that require having been authenticated less than <configurable> minutes ago, which would allow us to change which rights need an "elevated security". We should also allow configuring the suitable providers, so an account could login and edit without 2FA, need a TOTP token for a CheckUser, and creating a sysop would require using the hardware token that is stored in the dungeon safe, watched by lots of guards and crocodiles.

Dec 5 2018, 10:00 PM · Security, User-Tgr, Epic, MediaWiki-Authentication-and-authorization
Platonides added a comment to T211233: Setting the EditPage::POST_EDIT_COOKIE_KEY_PREFIX cookie on every edit causes the Cookie header to be truncated for bots and browsers..

Setting the same cookie many times it should only be stored (and sent to the server) once. If the clients are using a naive approach where they append several values for the same cookie name, it is a client bug.

Dec 5 2018, 7:56 PM · Patch-For-Review, MediaWiki-Page-editing

Dec 2 2018

Huji awarded T210075: Send notification when 2FA is disabled a Like token.
Dec 2 2018, 10:18 PM · Trust-and-Safety, MediaWiki-extensions-OATHAuth

Nov 30 2018

Platonides added a comment to T189641: Service for checking the Pwned Passwords database.

(starting again to present the code)

Nov 30 2018, 4:27 PM · Security, Security-Team, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Platonides added a comment to T189641: Service for checking the Pwned Passwords database.

@Joe Did you actually read the code?

Nov 30 2018, 4:14 PM · Security, Security-Team, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Platonides added a comment to T210667: Can exfat be used in WMF production?.

Well, I don't think it even needs to be treated in a private task. There was a situation about how to interpret the rules / how much pure we wish to be, so people brought it up and discussed it to reach a consensus.

Nov 30 2018, 3:53 PM · Analytics-Radar, Security-Team, Software-Licensing, WMF-Legal, Operations
Platonides committed rEPPAebaa3bd72acf: Distribute the files on folders (authored by Platonides).
Distribute the files on folders
Nov 30 2018, 3:11 PM
Platonides committed rEPPA630223ccb339: Initial files (authored by Platonides).
Initial files
Nov 30 2018, 3:11 PM
Platonides added a comment to T129747: Proposal: allow a second email address (wikimail, password reset, notifications).

I see some benefit in storing multiple email addresses per account (and if there are several validated emails, the source one could be selectable at Special:EmailUser), but mainly for the case when an email is no longer available.

Nov 30 2018, 1:06 AM · Proposal, MediaWiki-User-preferences, MediaWiki-Email
Platonides added a comment to T56328: Provide intraline diff format in API action=compare.

If you simply remove any html tags and unescape html entities, it is in unified diff format.

Nov 30 2018, 12:39 AM · MediaWiki-API

Nov 29 2018

Platonides awarded T209582: Unable to serialize r:46: Id 46 out of range. a Orange Medal token.
Nov 29 2018, 11:49 PM · Wikimedia-production-error, MediaWiki-General
Platonides added a comment to T205908: Unable to change visibility of log entries on at least metawiki, outreachwiki and wikimania2018wiki.

I think that rather than loading the main page, and get confused when it's a special page, it should not attempt to use that as a title.

Nov 29 2018, 11:29 PM · Security, MediaWiki-Logging, Wikimedia-General-or-Unknown, Trust-and-Safety, Regression, MediaWiki-Revision-deletion
Platonides added a comment to T189641: Service for checking the Pwned Passwords database.

@Joe: That's not a problem. Actually, not using local storage is actually easier. It will simply be fetching everything. I still think a cache should be available for who want it. In my tests, fetching from the internet makes it ~1.4s slower, but should be no problem on the same dc.

Nov 29 2018, 11:19 PM · Security, Security-Team, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Platonides added a comment to T189641: Service for checking the Pwned Passwords database.

Ok, I have been preparing the mentioned poc. Should I directly request a new extension repository for it?
As for the associated storage requirements, they easily go down to 9GB. We should decide if we prefer using 256 files of 37M, or 64K files of ~140K each.
(we could as well work with 1048576 text files of ~18K, but that would go up to 20GB!)

Nov 29 2018, 12:09 AM · Security, Security-Team, Platform Team Legacy (Watching / External), Services (watching), User-Tgr, WMF-Legal, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization