Not Miraheze related beyond we use MediaWiki.

Empty task

It'll be one of the policies shown on https://phabricator.wikimedia.org/transactions/editengine/maniphest.task/edit/8/

In T276446#6883231, @Majavah wrote:

@RobH I see "Allow members of any project acl*phabricator, acl*security_team" when trying to edit forms, so I doubt that it's restricted to only full admins

Lowering from Unbreak! but leaving open.

In T275722#6880487, @Sergey.Trofimovsky.SF wrote:

Sergeys everywhere!

@jbond No problem, here's the new key:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP9JEWVUhWekpKtJWQuA3ccAtFxcIK8DYH0MoW/o4UNH

I also updated it in wikitech.

Fix deployed. Leaving open per Martin to monitor logs.

https://gerrit.wikimedia.org/r/c/mediawiki/extensions/WikibaseMediaInfo/+/668147/1,edit

We're co-ordinating on IRC. @Urbanecm is gonna help. Patch is ready.

In T276353#6879939, @AnneT wrote:

@Umherirrender indeed, that issue was resolved by the latter patch. What do I need to do to help get this resolved?

I pinged you on IRC. I'm happy to help you get it deployed.

The assert=user parameter exists for some requests so maybe edits should pass that cross wiki?

Adding performance team and @Gilles who did the original review for their opinion.

@thiemowmde: Thanks!

The definition of Unbreak Now! according to https://www.mediawiki.org/wiki/Phabricator/Project_management#Setting_task_priorities is

Something is broken and needs to be fixed immediately, setting anything else aside.

Thanks for the explanation. Interested to see the result as I could image concerns with anyone able to modify a pages raw html.

How does the differ from TemplateStyles?
Is there any plan to deploy this to WMF sites?

In T258361#6830518, @Marostegui wrote:

db1162 is fully pooled

Added attribution per request of researcher.

In T274736#6840161, @RhinosF1 wrote:

@Paladox: Can you get this pushed to us as well?

Done by @Reception123.

Thanks for all the help in investigating this.

@Paladox: Can you get this pushed to us as well?

Hidden. Only myself and @IN should be able to see it now.

Done by @Majavah

In T274726#6837036, @IN wrote:

So E1336 can only exist forever, and no one can delete it? If so, I can consider create another task for this matter.

Can this be resolved?

Just to note that we also seem to see huge bursts of these happening hundreds at a time according to graylog.

Just to update we have sent an email to Grafana's security team.

There is a view deleted content right that might be more what you are after if you don't want it to be restorable.

There was https://phabricator.wikimedia.org/T274526#6824553 from @hashar so could have been affected by that job being stuck maybe?

In T245183#6820029, @Ladsgroup wrote:

I'm admin and I can't disable it....

Phabricator is good at that. I guess it'll have to be CLI. Can't see at a glance any other things that trigger messed up via https://phabricator.wikimedia.org/maniphest/query/fA5RcoBdI.Po/#R

In T245183#6819999, @Krinkle wrote:

It wasn't me, it was https://phabricator.wikimedia.org/project/trigger/72/.

Can we get someone to disable that?

@Krinkle: Robert doesn't seem to have been active for a few years nor involved in this task. Did you mean to assign it to him?

What is the plan for this week given the situation over the last 2 trains?

In T258432#6812749, @Jdlrobson wrote:

Since it's not causing any logspam anymore resetting priority.

Should this be Needs Triage then rather than UBN!?

In T274061#6809079, @Aklapper wrote:

See https://www.mediawiki.org/wiki/Manual:Preventing_access#Restrict_viewing_of_certain_specific_pages

Which is very clear on advising against per page view restrictions.

then we will need, apparently, the old extension for oversight rights

Could you elaborate, please?

I don't think it's easily possible.

It did. That error is actually from .27 looking at the trace so post rollback.

Train blocker = UBN

@Legoktm had to make https://phabricator.wikimedia.org/transactions/editengine/maniphest.task/view/46/#2010 as it broke priority on all prod error tasks.

right, I usually guide myself through the tags but this task has "(Oct2020/1.36.0-wmf.11+)" which is clearly not correct.

In T244114#6777171, @Jpita wrote:

In T244114#6776507, @Nikerabbit wrote:

Do note that the linked patch is included in wmf/1.36.0-wmf.28 which is expected to be deployed in this week's train.

Can you tell me where you got that information from?
I couldn't find it :(

Normally @ReleaseTaggerBot would tell you by adding a tag to the task but in short any patch merged by Monday Morning (its early UTC time I believe) is deployed in that weeks train. You can find more information on https://wikitech.wikimedia.org/wiki/Train and see this week's deployment task at https://train-blockers.toolforge.org

iPhone 8 (MQ6H2B/A) running iOS 14.3 with Chrome for iOS version 87.0.4280.77

In T72470#6771726, @MGChecker wrote:

Wouldn't it be easier to just replace all variables at once?

I've seen this on chrome for iOS

@DannyS712: For the first image, I think it should be the same as the width between the buttons.

Is this not the second time in 2 weeks this has happened with WMF branches?

I think https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Translate/+/606424/54/utils/MessageUpdateJob.php activated the code. Someone probably should have checked the schema changes were made, oops like James says.

I've removed the broken files, at least for now.

I'd go with C too

Created https://github.com/miraheze/ManageWiki/pull/229 to do that

In T272229#6753842, @Nikerabbit wrote:

Per https://translatewiki.net/w/i.php?title=Special:MessageGroupStats&language=fi&group=mwgithub-managewiki my has fallen under the export threshold. Feel free to delete the file.

What is the threshold?

Please see T233581: Decide how to deal with languages that have fallen under export threshold for addressing the cause.

Removing assignment. If someone wants to remove 'protect' from the documentation or otherwise, they can.

Thanks everyone! Looks to be working now.

Should make it's way everywhere by next Thursday

I managed to get the failure on a blank patch too https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/656297 so I'm not insane and it is 100% master already.

Master of a deployed extension

Should this be UBN as train blocking?

Looks good to me. Someone should review it and then it will ride the train.

This can be done by editing https://github.com/wikimedia/mediawiki-extensions-CentralAuth/blob/master/CentralAuth.alias.php#L761

Not a site request

I'll contact Manual re the first one shortly.

Should this be resolved?

Thanks everyone for looking into this

In T271808#6742982, @Aklapper wrote:

In T271808#6739592, @RhinosF1 wrote:

But yeah I guess this should be fixed/monitored better so it doesn't need manual reload.

Is that worth a dedicated followup ticket under observability and Beta-Cluster-Infrastructure ?

I'd say yes.