Tgr (Gergő Tisza)
Software Engineer, WMF Reading

Projects (33)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Tuesday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 4:55 PM (174 w, 1 d)
Availability
Available
IRC Nick
tgr
LDAP User
Gergő Tisza
MediaWiki User
Tgr (WMF)

Things my team is working on: Reading-Infrastructure-Team-Backlog (kanban board)
Side projects I am working on (or planning to, eventually): User-Tgr
You can find more info about me on my user page.

Recent Activity

Today

Tgr added a comment to T184606: Evaluate and set up a test instance of FOSS persistent chat software as a companion to Q&A system for communication with third-party developers.

Matrix/Riot has insane amounts of promise. They are basically redesigning IRC for the modern world, in a fully backwards-compatible manner, with everything from presistency to rich text to permissions and state-of-the-art end-to-end group chat encryption to video chat; they are true a community-based FOSS project, and moving fast. I would love to see the Foundation being strategic in act and not just speech for once, and invest into them.

Sun, Jan 21, 3:56 AM · Developer-Relations (Jan-Mar-2018), Community-Liaisons (Jan-Mar-2018), User-Johan, MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018)
Tgr added a comment to T183313: Wikimedia Developer Summit 2018 Topic: Evolving the MediaWiki Architecture.

A serious plan for full-on replacing MediaWiki (or rewriting in $language_of_the_day, another proposal that was popular some time ago) would probably start with "stop all development for three years and focus on the migration" (and then it would actually take five). I doubt there is any appetite for that.

Sun, Jan 21, 3:27 AM · User-Jdlrobson, Services (watching), User-mobrovac, User-Daniel, Wikimedia-Developer-Summit (2018)
Tgr updated the task description for T183869: WikimediaEvents extension for data collection.
Sun, Jan 21, 1:21 AM · MediaWiki-extensions-WikimediaEvents, AICaptcha
Tgr updated the task description for T183869: WikimediaEvents extension for data collection.
Sun, Jan 21, 12:32 AM · MediaWiki-extensions-WikimediaEvents, AICaptcha

Yesterday

Tgr added a comment to T183312: Wikimedia Developer Summit 2018 Topic: Supporting Third-Party Use of MediaWiki.

WMDE is doing a fairly major part of roadmap setting and development, and while there were growing pains, these days it seems like a harmonious relationship. I don't fundamentally disagree though, the WMF should seek to involve new parties (including non-Wikimedian ones) more proaactively. I don't think anyone ever did a retrospective on how it came to Wikia deciding to stay with 1.19 forever, but that would be a worthwhile exercise.

Sat, Jan 20, 11:28 PM · MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018), Wikimedia-Developer-Summit (2018)
Tgr added a comment to T183312: Wikimedia Developer Summit 2018 Topic: Supporting Third-Party Use of MediaWiki.
  • If MediaWiki has it's own mission, how do we avoid the "Automattic effect" (Automattic controls 90% of WordPress' development, effectively making WordPress its own product)?
Sat, Jan 20, 9:31 PM · MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018), Wikimedia-Developer-Summit (2018)
Tgr added a comment to T116598: Document support levels for tools and labs projects.

Ah, sorry. I thought this was something similar to T184648: Create and publish a multi-tiered support level system for MediaWiki extensions frequently used by third parties which can change from tool to tool and is important to expose in a catalog.

Sat, Jan 20, 6:21 PM · Documentation, labs-sprint-119, Cloud-Services, labs-sprint-118
Tgr added a comment to T183312: Wikimedia Developer Summit 2018 Topic: Supporting Third-Party Use of MediaWiki.

My position statement got sorted to this session, even though it's mostly unrelated to third-party use. Fortunately I have to unofficial position statements which are related, so I'll use the opportunity to promote those:

Sat, Jan 20, 8:32 AM · MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018), Wikimedia-Developer-Summit (2018)
Tgr added a comment to T183313: Wikimedia Developer Summit 2018 Topic: Evolving the MediaWiki Architecture.

I'll add an issue that I haven't seen mentioned elsewhere. Per the recent blog post, Android is experimenting with offline content sharing (ie. copying downloaded Wikipedia articles from one phone to another); presumably the feature will reach other platforms as well eventually. That suggests we should be considering some kind of verification system (e.g. signed downloads) to prevent fake news operations seeding some offline community with made-up Wikipedia articles subvert Wikipedia's reputation for their own aims.

Sat, Jan 20, 8:10 AM · User-Jdlrobson, Services (watching), User-mobrovac, User-Daniel, Wikimedia-Developer-Summit (2018)
Tgr added a comment to T184606: Evaluate and set up a test instance of FOSS persistent chat software as a companion to Q&A system for communication with third-party developers.

There is currently a well-attended Slack team for Enterprise MediaWiki developers (enterprisemw.slack.com). It provides an excellent venue for communication and relationship building. There are several Wikimedia Foundation staff who participate in the Slack team, but there would be broader Foundation participation if FOSS software were used. -> there would be broader Foundation participation if it wasn't an invite-only channel that you can only learn about by accident. Not to denigrate the idea of a FOSS chat forum, but it's far from the biggest barrier limiting participation.

Sat, Jan 20, 3:16 AM · Developer-Relations (Jan-Mar-2018), Community-Liaisons (Jan-Mar-2018), User-Johan, MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018)
Tgr added a comment to T118188: Extension Store - Ideas and Requirements.

Some overlap with T115650: Create an authoritative and well promoted catalog of Wikimedia tools.

Sat, Jan 20, 3:11 AM · Wikimedia-General-or-Unknown, Epic, Developer-Relations, MediaWiki-Stakeholders-Group
Tgr added a comment to T115650: Create an authoritative and well promoted catalog of Wikimedia tools.

Sort of related to T116598: Document support levels for tools and labs projects.

Sat, Jan 20, 3:11 AM · Cloud-Services, Documentation, MediaWiki-Stakeholders-Group, Developer-Wishlist (2017), Community-Tech-Tool-Labs, Developer-Relations
Tgr added a comment to T184648: Create and publish a multi-tiered support level system for MediaWiki extensions frequently used by third parties.

In practice actively developed, maintained (ie. developer looks at it if someone reports a bug, not really otherwise), abandoned are easy to differentiate. Not sure if there is much value in going beyond that.

Sat, Jan 20, 3:08 AM · User-Johan, Developer-Relations, Community-Liaisons
Tgr added a comment to T156500: Document extensions' MediaWiki version compatibility better.

What's left to do here before marking as resolved?

  • The second bullet point from T156500#2977431 is not done but as I said I'm not convinced it's worth the effort. If no one feels strongly about it, I'd say drop it. (I might be biased though as I strongly prefer the release branch policy.)
  • Most extensions don't declare a policy. Some kind of campaign to fix that? Now that this is sort of part of an annual goal, maybe DevRel is interested in driving it.
Sat, Jan 20, 3:02 AM · User-Tgr, MediaWiki-Stakeholders-Group, Documentation, Developer-Wishlist (2017)
Tgr created T185368: New wikitext editor breaks undelete.
Sat, Jan 20, 2:59 AM · VisualEditor-MediaWiki-2017WikitextEditor, VisualEditor
Tgr added a comment to T156500: Document extensions' MediaWiki version compatibility better.

Updated other pages that I could find talking about extension compatibility to reference Compatibility#MediaWiki_extensions:

Sat, Jan 20, 2:49 AM · User-Tgr, MediaWiki-Stakeholders-Group, Documentation, Developer-Wishlist (2017)
Tgr added a comment to T67653: VisualEditor: avoid causing "Translation unit markers in unexpected position" edit abort.

FWIW this worked in the end.

Sat, Jan 20, 2:23 AM · VisualEditor, VisualEditor-MediaWiki
Tgr added a comment to T67653: VisualEditor: avoid causing "Translation unit markers in unexpected position" edit abort.

Also results in a bunch of JS errors along the line of

Uncaught TypeError: Cannot read property 'top' of null
    at <anonymous>:405:348
    at Array.forEach (<anonymous>)
    at VeUiDiffElement.ve.ui.DiffElement.positionDescriptions (<anonymous>:405:25)
    at <anonymous>:682:225
    at VeUiMwSaveDialog.OO.ui.Window.withoutSizeTransitions (<anonymous>:45:1)
    at <anonymous>:682:129

and

Uncaught TypeError: Cannot read property 'getSelection' of undefined
    at VeUiFindAndReplaceDialog.ve.ui.FindAndReplaceDialog.renderRangeOfFragments (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:952)
    at VeUiFindAndReplaceDialog.ve.ui.FindAndReplaceDialog.renderFragments (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:952)
    at run (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:1048)
    at VeUiFindAndReplaceDialog.renderFragmentsThrottled (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:1048)
    at VeUiFindAndReplaceDialog.ve.ui.FindAndReplaceDialog.onSurfaceViewPosition (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:949)
    at VeCeMwWikitextSurface.oo.EventEmitter.emit (<anonymous>:233:445)
    at VeCeMwWikitextSurface.<anonymous> (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:713)
    at later (/w/load.php?debug=false&lang=en&modules=ext.CodeMirror.lib%7Cext.visualEditor.core%7Coojs-ui-core%2Coojs-ui-widgets&skin=vector&version=0okwd4t:1048)

I think those started propping up after trying visual diff for curiosity (broken by Translate, of course).

Sat, Jan 20, 2:20 AM · VisualEditor, VisualEditor-MediaWiki
Tgr added a comment to T67653: VisualEditor: avoid causing "Translation unit markers in unexpected position" edit abort.

Can you give me some more details on what the problem is, and what the steps to reproduce are?

Sat, Jan 20, 2:17 AM · VisualEditor, VisualEditor-MediaWiki
Tgr awarded T67653: VisualEditor: avoid causing "Translation unit markers in unexpected position" edit abort a The World Burns token.
Sat, Jan 20, 2:08 AM · VisualEditor, VisualEditor-MediaWiki
Tgr updated the task description for T183312: Wikimedia Developer Summit 2018 Topic: Supporting Third-Party Use of MediaWiki.
Sat, Jan 20, 12:16 AM · MediaWiki-Platform-Team (MWPT-Q3-Jan-Mar-2018), Wikimedia-Developer-Summit (2018)

Fri, Jan 19

Tgr added a comment to T183313: Wikimedia Developer Summit 2018 Topic: Evolving the MediaWiki Architecture.

The Problem Grouping document is a bit too daunting to be a required read IMO. Maybe the blocking questions / technology goals could be copied out of it?

Fri, Jan 19, 11:29 PM · User-Jdlrobson, Services (watching), User-mobrovac, User-Daniel, Wikimedia-Developer-Summit (2018)
Tgr added a comment to T183313: Wikimedia Developer Summit 2018 Topic: Evolving the MediaWiki Architecture.

I'll try recapture a point that I tried to make in the IRC discussion: there are two ways of strategizing, bottom-up and top-down. Bottom-up is to look at what problems and immediate needs we have today, what works well and what doesn't, and see if a larger strategy emerges from that. (E.g. have a discussion about microservices, another about handling frontend libraries, a third about improving performance for logged-in users, and maybe those all point into the direction of Javascript being a more useful technology for us, and congeal into a technological vision of gradually deprecating PHP components and replacing them with Javascript components.) Top-down is to start from a longer-term product vision (e.g. we want multimedia and interactive content to be first-class citizens) or technological vision (e.g. we want a codebase that's significantly cheaper to maintain) and try to break it down into small steps.

Fri, Jan 19, 10:48 PM · User-Jdlrobson, Services (watching), User-mobrovac, User-Daniel, Wikimedia-Developer-Summit (2018)
Tgr moved T176268: Feature flag ("kill switch") for TemplateStyles from To Do to Code Review on the Reading-Infrastructure-Team-Backlog (Kanban) board.
Fri, Jan 19, 9:29 PM · Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), TemplateStyles
Tgr moved T176269: Disallow <templatestyles> tags in non-Template namespaces from To Do to Code Review on the Reading-Infrastructure-Team-Backlog (Kanban) board.
Fri, Jan 19, 9:29 PM · Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), TemplateStyles
Tgr added a comment to T185187: Images do not display.

Similar report from the past (which was assumed to be caused by antivirus but no way to be sure): T180661: Cannot see images on Commons (due to Kaspersky being installed)

Fri, Jan 19, 7:48 AM · Multimedia, MediaWiki-extensions-MultimediaViewer
Tgr closed T144680: Cannot display image; no thumbnails generated: HTTP 500 with unknown-error as Resolved.

Works now, and we have moved to Thumbor for thumbnail rendering since then so old thumbnail bugs would not be actionable anyway.

Fri, Jan 19, 7:42 AM · Commons, Multimedia, MediaWiki-File-management
Tgr added a comment to T185187: Images do not display.

That sounds like someone or something is listening in on your connection. If it's not the antivirus software, it could be malware, some kind of company proxy / firewall, your ISP... strange that this is only happening for upload.wikimedia.org and not Wikipedia itself, though.

Fri, Jan 19, 7:39 AM · Multimedia, MediaWiki-extensions-MultimediaViewer
Tgr added a comment to T185087: Whitelist discourse-mediawiki.wmflabs.org for Extension:RSS in MediaWiki.org.

I was under the (wrong?) impression that $wgRSSUrlWhitelist could accept a domain or a wildcard like discourse-mediawiki.wmflabs.org/*.

Fri, Jan 19, 2:43 AM · Discourse, Patch-For-Review, Wikimedia-Site-requests
Tgr added a comment to T185075: A template to show discourse-mediawiki.wmflabs.org feeds.

The extension caches fetched RSS data for a configurable amount of time (default: 1 hour) and reduces parser cache expiry to that amount. The latter seems more problematic but is not really related to the number of different feeds, but rather to the number of pages the extension is used on. For the former, I don't think a few thousand different feeds would be too much of a strain on memcached.

Fri, Jan 19, 2:41 AM · MediaWiki-extensions-RSS, Developer-Relations, Discourse
Tgr committed rETSTbefc9ac23a28: [POC] Disallow <templatestyles> tags in non-template namespaces (authored by Tgr).
[POC] Disallow <templatestyles> tags in non-template namespaces
Fri, Jan 19, 2:38 AM
Tgr committed rETSTf1c17ecefcbc: [POC] Disallow <templatestyles> tags in non-template namespaces (authored by Tgr).
[POC] Disallow <templatestyles> tags in non-template namespaces
Fri, Jan 19, 2:38 AM
Tgr committed rETST36fc1e5c21fb: [POC] Warn when using <templatestyles> tags in non-template namespaces (authored by Tgr).
[POC] Warn when using <templatestyles> tags in non-template namespaces
Fri, Jan 19, 2:38 AM
Tgr committed rETST34a7cf83fa62: Temporary feature flag for disabling style output (authored by Tgr).
Temporary feature flag for disabling style output
Fri, Jan 19, 2:38 AM
Tgr added a comment to T133410: Deploy TemplateStyles to WMF production.

Sorry for taking so long on this :( Somehow it managed to be #2 on my todo list for a very long time, with various other things always taking priority.

Fri, Jan 19, 2:37 AM · Performance-Team (Radar), User-notice, Reading-Infrastructure-Team-Backlog (Kanban), Readers-Web-Backlog (Tracking), Traffic, Operations, Wikimedia-Extension-setup, TemplateStyles
Tgr added a comment to T176269: Disallow <templatestyles> tags in non-Template namespaces.

OTOH in that case we might want feature parity in Parsoid and I haven't even looked at that.

Fri, Jan 19, 2:19 AM · Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), TemplateStyles
Tgr added a comment to T176269: Disallow <templatestyles> tags in non-Template namespaces.

Significantly more complicated code to check this. Unclear if it's possible in Parsoid.

Fri, Jan 19, 1:53 AM · Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), TemplateStyles

Thu, Jan 18

Tgr added a comment to T138678: AuthManager should support to create a new account for a Link PrimaryAuthenticationProvider.

@Florian thanks, I am starting to remember now :)

Thu, Jan 18, 10:38 PM · GoogleLogin, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Tgr added a comment to T185184: Invisible text in new wikitext editor.

Yeah, sorry, I forgot to mention I have syntax highlight on (and it doesn't happen without that). I tried to reproduce this with another account with the same beta features enabled but couldn't - so maybe some gadget? I don't have anything obviously edit area related, though.

Thu, Jan 18, 8:51 PM · VisualEditor, VisualEditor-MediaWiki-2017WikitextEditor
Tgr added a comment to T184987: Enable Wikimedia Phabricator login in discourse-mediawiki.wmflabs.org.

@Qgil: Maybe that's the problem: I think you need to define the phabricator url to be https://phabricator.wikimedia.org/oauthserver/auth/

Thu, Jan 18, 8:37 PM · Developer-Relations (Jan-Mar-2018), Phabricator, Discourse
Tgr added a comment to T138678: AuthManager should support to create a new account for a Link PrimaryAuthenticationProvider.

Yeah, that's one of the problems although I don't think it's a huge one. The security implications are spelled out in more detail at https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager/Linked_accounts#Security. As for tokens, we do reset login state when someone clicks the login link, but it's pretty hard to prevent the attacker from using the "open recently closed tab" browser feature, or back arrow navigation or something similar. (On some browsers that will even restore the Javascript/DOM state of the closed tab.) I guess for JS-enabled browsers we could clear state when navigating away/closing the tab but it seems hacky. But as said on the wiki page, that's considered a somewhat implausible attack.

Thu, Jan 18, 7:27 PM · GoogleLogin, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Tgr added a subtask for T138678: AuthManager should support to create a new account for a Link PrimaryAuthenticationProvider: T134952: Review AuthManager account linking UI.
Thu, Jan 18, 7:05 PM · GoogleLogin, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Tgr added a parent task for T134952: Review AuthManager account linking UI: T138678: AuthManager should support to create a new account for a Link PrimaryAuthenticationProvider.
Thu, Jan 18, 7:05 PM · User-Tgr, MediaWiki-Authentication-and-authorization
bd808 awarded T176269: Disallow <templatestyles> tags in non-Template namespaces a Heartbreak token.
Thu, Jan 18, 4:13 PM · Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), TemplateStyles
Tgr created T185184: Invisible text in new wikitext editor.
Thu, Jan 18, 8:14 AM · VisualEditor, VisualEditor-MediaWiki-2017WikitextEditor
Tgr added a comment to T185055: Stack overflow when Redis is down.

Also I have zero clue why redis-cli -s /var/run/nutcracker/redis_eqiad.sock -a <correct password> and redis-cli -s /var/run/nutcracker/redis_eqiad.sock -a <wrong password> returned different errors on mediawiki04 even though the redis server didn't even listen for connections, that's super weird. (And it made me assume that Redis is at least reachable, and that led the investigation into unproductive directions.) Does nutcracker pre-check the password? Or does it do some kind of caching?

Thu, Jan 18, 1:30 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr claimed T185055: Stack overflow when Redis is down.

nutcracker is still dead :(

Thu, Jan 18, 1:25 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T185055: Stack overflow when Redis is down.

So this is partially my fault, sorry :/ I started redis with sudo service redis-server start but the redis service that is properly configured to serve external requests is called redis-instance-tcp_6379. (In my defense, only redis-server autocompletes, presumably because the other scripts are in /etc/init and not /etc/init.d so it never occurred to me I might be using the wrong service.) As for why the service needed manual starting in the first place, unlike most other Beta hosts redis01/02 is still on trusty, and presumably the upstart branch of the redis puppet module is not really maintained anymore.

Thu, Jan 18, 1:12 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T185055: Stack overflow when Redis is down.
tgr@deployment-mediawiki04:~$ telnet deployment-redis01.deployment-prep.eqiad.wmflabs 6379
Trying 10.68.16.177...
telnet: Unable to connect to remote host: Connection refused
tgr@deployment-redis01:~$ sudo netstat -ntlp | grep redis
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      1624/redis-server 1

I'm a bit outside my comfort zone with network admin stuff, but doesn't this mean that redis is listening on the loopback interface and any external connection attempts are hopeless?

Thu, Jan 18, 12:39 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible

Wed, Jan 17

Tgr created T185162: Measure bottlenecks in the MediaWiki-Vagrant install process.
Wed, Jan 17, 11:33 PM · MediaWiki-Vagrant
Tgr added a comment to T185055: Stack overflow when Redis is down.

All of Beta MediaWiki seems to be down now.

tgr@deployment-mediawiki04:~$ curl -v -H 'Host: en.wikipedia.beta.wmflabs.org' http://localhost
...
<p>If you report this error to the Wikimedia System Administrators, please include the details below.</p>
<p class="text-muted"><code>
  PHP fatal error: <br/>
  Stack overflow</code></p></div>
...
Wed, Jan 17, 7:08 PM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr updated the task description for T184680: Update duplicate handling in reading lists API.
Wed, Jan 17, 6:01 PM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr added a comment to T184987: Enable Wikimedia Phabricator login in discourse-mediawiki.wmflabs.org.

https://discourse-mediawiki.wmflabs.org/auth/discourse_phabricator/callback would be my guess.

Wed, Jan 17, 4:53 PM · Developer-Relations (Jan-Mar-2018), Phabricator, Discourse
Tgr added a comment to T184981: Remove the medlem user group and the editallpages user right on se.wikimedia.org.

Probably more like '+sewikimedia', although even that might replace editpage instead of merging into it (if that's the case you'd have to add it in CommonSettings.php).

Wed, Jan 17, 4:41 PM · WMSE-Bug-Reporting-and-Translation-2018, Patch-For-Review, Wikimedia-Site-requests
Tgr updated the task description for T185055: Stack overflow when Redis is down.
Wed, Jan 17, 4:39 PM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr moved T182052: Batch reading list operations from Doing to Code Review on the Reading-Infrastructure-Team-Backlog (Kanban) board.
Wed, Jan 17, 12:59 AM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr updated the task description for T185055: Stack overflow when Redis is down.
Wed, Jan 17, 12:49 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr updated the task description for T185055: Stack overflow when Redis is down.
Wed, Jan 17, 12:36 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T185055: Stack overflow when Redis is down.

Caused by some issue with the redis servers:

redis-cli -s /var/run/nutcracker/redis_eqiad.sock -a <password> get test
(error) ERR Connection refused

This is different from the error given on a wrong password.

Wed, Jan 17, 12:34 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T185055: Stack overflow when Redis is down.

The first loop is

Redis::processArrayCommand
Redis::processCommand
Redis::auth
Redis::checkConnection
Redis::processArrayCommand
...
Wed, Jan 17, 12:17 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T185055: Stack overflow when Redis is down.

The redis-server service was down on redis-01/02, I did a manual restart, but that only changed the methods involved in the loop somewhat:

2018-01-17 00:09:03 [Wl6UHwpEFhUAAAMB6EYAAAAC] deployment-mediawiki05 enwiki 1.31.0-alpha fatal ERROR: [5214e78a] PHP Fatal Error: Stack overflow {"fatal_exception":{"class":"ErrorException","message":"PHP Fatal Error: Stack overflow","code":16777217,"file":"","line":0,"trace":{"0":{"function":"processArrayCommand","class":"Redis","type":"->","args":["string","array"]},"1":{"function":"processCommand","class":"Redis","type":"->","args":["string","string"]},"2":{"function":"auth","class":"Redis","type":"->","args":["string"]},"3":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"4":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"5":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"6":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"7":{"function":"auth","class":"Redis","type":"->","args":["string"]},"8":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"9":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"10":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"11":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"12":{"function":"auth","class":"Redis","type":"->","args":["string"]},"13":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"14":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"15":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"16":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"17":{"function":"auth","class":"Redis","type":"->","args":["string"]},"18":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"19":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"20":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"21":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"22":{"function":"auth","class":"Redis","type":"->","args":["string"]},"23":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"24":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"25":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"26":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"27":{"function":"auth","class":"Redis","type":"->","args":["string"]},"28":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"29":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"30":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"31":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"32":{"function":"auth","class":"Redis","type":"->","args":["string"]},"33":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"34":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"35":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"36":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"37":{"function":"auth","class":"Redis","type":"->","args":["string"]},"38":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"39":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"40":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]},"41":{"function":"processBooleanResponse","class":"Redis","type":"->","args":[]},"42":{"function":"auth","class":"Redis","type":"->","args":["string"]},"43":{"function":"checkConnection","class":"Redis","type":"->","args":[]},"44":{"function":"sockReadLine","class":"Redis","type":"->","args":[]},"45":{"function":"sockReadData","class":"Redis","type":"->","args":["NULL"]}
Wed, Jan 17, 12:11 AM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible

Tue, Jan 16

Tgr added a comment to T185055: Stack overflow when Redis is down.

Apparently HHVM's Redis implementation goes into an infinite loop when the Redis server is down :/

Tue, Jan 16, 11:56 PM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr created T185055: Stack overflow when Redis is down.
Tue, Jan 16, 11:44 PM · Beta-Cluster-Infrastructure, Performance-Team (Radar), MediaWiki-JobQueue, Operations, Beta-Cluster-reproducible
Tgr added a comment to T183991: UI for notifying users about data collection.

The code used for the mockup was something like

mw.loader.using( 'oojs-ui-core', function() {
    var popupButton = new OO.ui.PopupButtonWidget( {
        $overlay: true,
        label: 'How we collect data to help us detect bots',
        icon: 'info',
        framed: false,
        popup: {
            $content: $( '<p>We’re always working to improve our systems. In order to get better at detecting bots, between January and March 2018, we may collect information about keyboard and mouse usage on the account creation form. This data will only be used to help us better detect automated registrations, in order to prevent spam and make registration more seamless for humans. <a href="https://meta.wikimedia.org/wiki/Research:Spambot_detection_via_registration_page_behavior">(find out more)</a></p>' ),
            // position: 'after',
            padded: true
        }
    } );
    // there must be a nicer way to do this
    popupButton.$element.css( { float: 'right', marginTop: 30 } );
    $( '#wpCreateaccount' ).closest( '.mw-ui-vform-field' ).append( popupButton.$element );
} );
Tue, Jan 16, 9:56 PM · AICaptcha
Tgr added a comment to T183991: UI for notifying users about data collection.

Not sure if we want to broadcast that much what we are doing though. (So spammers visit the registration page regularly? Seems likely.) Maybe @APalmer_WMF has advice on what level of disclosure to aim for.

Tue, Jan 16, 9:28 PM · AICaptcha
Tgr added a comment to T138678: AuthManager should support to create a new account for a Link PrimaryAuthenticationProvider.

I think it would be better to keep this task about the issue described by Florian (AuthManager supports creating a new local account for an existing remote account via Special:CreateAccount, but not via Special:UserLogin). For support requests, you can use Discourse, wikitech-l, IRC etc.

Tue, Jan 16, 6:47 PM · GoogleLogin, MediaWiki-User-login-and-signup, MediaWiki-Authentication-and-authorization
Tgr updated the task description for T185017: Ensure Wikimedia sites work with Discourse Onebox.
Tue, Jan 16, 6:35 PM · Discourse
Tgr added a subtask for T142243: [EPIC] Add open graph meta tags: T185017: Ensure Wikimedia sites work with Discourse Onebox.
Tue, Jan 16, 6:29 PM · Epic, MediaWiki-General-or-Unknown
Tgr added a parent task for T185017: Ensure Wikimedia sites work with Discourse Onebox: T142243: [EPIC] Add open graph meta tags.
Tue, Jan 16, 6:29 PM · Discourse
Tgr created T185017: Ensure Wikimedia sites work with Discourse Onebox.
Tue, Jan 16, 6:29 PM · Discourse
Tgr added a comment to T184986: Enable GitHub login in discourse-mediawiki.wmflabs.org.

I've set it up, works fine. Could use a better logo.

Tue, Jan 16, 6:26 PM · Discourse, Developer-Relations
Tgr edited projects for T184981: Remove the medlem user group and the editallpages user right on se.wikimedia.org, added: Wikimedia-Site-requests; removed MediaWiki-extensions-OAuth.
Tue, Jan 16, 4:47 PM · WMSE-Bug-Reporting-and-Translation-2018, Patch-For-Review, Wikimedia-Site-requests
Tgr added a comment to T184981: Remove the medlem user group and the editallpages user right on se.wikimedia.org.

See $wgGrantPermissions.

Tue, Jan 16, 4:46 PM · WMSE-Bug-Reporting-and-Translation-2018, Patch-For-Review, Wikimedia-Site-requests

Mon, Jan 15

Tgr updated the task description for T182052: Batch reading list operations.
Mon, Jan 15, 11:35 PM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr updated the task description for T182052: Batch reading list operations.
Mon, Jan 15, 11:35 PM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr added a comment to T184592: Setup reply via email in discourse-mediawiki.wmflabs.org.

It's under https://myaccount.google.com/apppasswords (a different thing from "apps with access to your account" which is about OAuth).

Mon, Jan 15, 9:17 PM · Developer-Relations (Jan-Mar-2018), Discourse, Operations
Tgr created T184953: mw.Title.exists() is not helpful.
Mon, Jan 15, 8:47 PM · JavaScript, MediaWiki-General-or-Unknown
Tgr added a comment to T182052: Batch reading list operations.

The associated RESTBase patch is #907.

Mon, Jan 15, 12:29 PM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Kaartic awarded T158909: Automatically detect spambot registration using machine learning (like invisible reCAPTCHA) a Like token.
Mon, Jan 15, 10:06 AM · AICaptcha, Outreachy (Round-15), Outreach-Programs-Projects, Stewards-and-global-tools, User-Tgr, MediaWiki-extension-requests, artificial-intelligence
Tgr added a comment to T167968: Complete edit quality campaign for Hungarian Wikipedia.

Bot edits should not be included in the dataset. Is it possible that some bots that are not flagged as bots are showing up?

Mon, Jan 15, 12:54 AM · User-Tgr, editquality-modeling, Wikilabels, artificial-intelligence, Scoring-platform-team
Tgr added a comment to T107561: MediaWiki support for Composer equivalent for JavaScript packages.

This post: I’m harvesting credit card numbers and passwords from your site. Here’s how. makes some interesting points on the security aspects of using npm modules (which also underscores the importance of using our own bundling infrastructure and only relying on npm/whatever for sources).

Mon, Jan 15, 12:51 AM · Developer-Wishlist (2017), RfC, TechCom-RFC, Front-end-Standards-Group, Librarization

Sat, Jan 13

Tgr added a comment to T40417: MediaWiki's anonymous edit token leaves wiki installations (incl. Wikipedia) open to mass anonymous spam we can't block.

It seems the only way to make IP-changing edits work securely is by using a generic token stored and sent back in a way the attacker can't do themselves. It seems cookies are the only way for that, which is also the one thing no-cookie users don't have. Even using JavaScript won't help because anything JS could fetch and insert in the form, the attacker could as well.

Sat, Jan 13, 1:37 AM · TechCom-RFC, Security, Patch-For-Review, Security-General

Fri, Jan 12

Tgr committed rERLSb3b883035f52: Fix purge.php parameter handling (authored by Tgr).
Fix purge.php parameter handling
Fri, Jan 12, 10:01 PM
Tgr added a comment to T40417: MediaWiki's anonymous edit token leaves wiki installations (incl. Wikipedia) open to mass anonymous spam we can't block.

If a user has a constantly changing IP address, their edit will fail with a CSRF error, a session will be started due to the edit form submission attempt, and on their next submit the token will be session-based and will succeed. That seems acceptable.

Fri, Jan 12, 8:56 PM · TechCom-RFC, Security, Patch-For-Review, Security-General

Thu, Jan 11

Tgr added a comment to T40417: MediaWiki's anonymous edit token leaves wiki installations (incl. Wikipedia) open to mass anonymous spam we can't block.

Also IIRC there was concern about blocking edits from users who have disabled cookies. The patch already contains a fallback mechanism for non-session-based tokens though so I'm not sure there is a problem to solve here.

Thu, Jan 11, 10:08 PM · TechCom-RFC, Security, Patch-For-Review, Security-General
Tgr updated the task description for T184680: Update duplicate handling in reading lists API.
Thu, Jan 11, 6:26 AM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr updated the task description for T182052: Batch reading list operations.
Thu, Jan 11, 6:25 AM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr claimed T184680: Update duplicate handling in reading lists API.
Thu, Jan 11, 6:23 AM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr created T184680: Update duplicate handling in reading lists API.
Thu, Jan 11, 6:23 AM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr claimed T182706: [Feature Request] Return current timestamp in /changes/since.
Thu, Jan 11, 6:19 AM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr moved T182706: [Feature Request] Return current timestamp in /changes/since from Needs triage to Kanban on the Reading-Infrastructure-Team-Backlog board.
Thu, Jan 11, 6:19 AM · Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr updated the task description for T182052: Batch reading list operations.
Thu, Jan 11, 6:18 AM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service
Tgr added projects to T184611: PHP Notice: Undefined index when running populateProjectsFromSiteMatrix.php and viewing Special:SiteMatrix in MW-Vagrant: SiteMatrix, MediaWiki-Vagrant.
Thu, Jan 11, 3:45 AM · MediaWiki-Vagrant, SiteMatrix, Reading-Infrastructure-Team-Backlog, Reading List Service
Tgr triaged T184611: PHP Notice: Undefined index when running populateProjectsFromSiteMatrix.php and viewing Special:SiteMatrix in MW-Vagrant as Low priority.

SiteMatrix is full of duct tape and Vagrant site config is duct-taped together in a different way. I'll propose an RFC about fixing that one day. For now, the easiest way is probably to just fill the reading_list_project table manually or from a dump. This one contains the WMF sites:

Thu, Jan 11, 3:43 AM · MediaWiki-Vagrant, SiteMatrix, Reading-Infrastructure-Team-Backlog, Reading List Service
Tgr added a comment to T184612: Uncaught Error: Call to undefined function wfDeprecated() when running populateWithTestData.php.

Nice to see that Maintenance::error(,1) is getting killed. Apparently the maintenance script constructor is called before GlobalFunctions gets loaded...

Thu, Jan 11, 3:32 AM · MW-1.31-release-notes (WMF-deploy-2018-01-16 (1.31.0-wmf.17)), Patch-For-Review, Reading-Infrastructure-Team-Backlog, Reading List Service
Tgr committed rERLS2bf67774626f: Replace deprecated Maintenance::error(..., 1) calls (authored by Tgr).
Replace deprecated Maintenance::error(..., 1) calls
Thu, Jan 11, 3:31 AM
Tgr added a comment to T184669: Fetching incorrect description data from the Feed API.

This is a combination of T59846: Multilang mode should always return a list of languages and Template:CH-BAR-picture having some hand-mucked language markup which is different from language markup elsewhere so CommonsMetadata does not pick it up as such. (See also this thread for context.) So not really a bug on the MW side (although T59846 was certainly bad API design).

Thu, Jan 11, 3:09 AM · Multimedia, Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Mobile-Content-Service
Tgr added a comment to T184669: Fetching incorrect description data from the Feed API.

The API response:

"ImageDescription": {
    "value": "<span class=\"description\">\n<span class=\"language de\"><b>Das Motorrad mit den Skiern von der Seite</b><br>Darin: Transport Dienst<br>Original: Negativ; Glasplatte; Silberbromid; 13x18cm<br>Signatur: CH-BAR#E27#1000/721#14095#5045*</span></span>",
    "source": "commons-desc-page"
}

(same with or without iiextmetadatamultilang). So not an EXIF issue actually.

Thu, Jan 11, 2:53 AM · Multimedia, Patch-For-Review, Reading-Infrastructure-Team-Backlog (Kanban), Mobile-Content-Service

Wed, Jan 10

Tgr added a comment to T91162: RFC: Shadow namespaces.

Most of the information is not infobox related (e.g. news entries or DYK entries on the main page). IMO the nice solution would be T156876: Structured data side channel for wikitext. But in some ways it's always going to rely on templates.

Wed, Jan 10, 11:32 PM · Wikimedia-Developer-Summit (2017), TechCom-RFC
Tgr added a comment to T91162: RFC: Shadow namespaces.

Reading would like more mobile-friendly and possibly more machine-readable pages, and since most complex markup and most data that machines would care about is in templates, that would mainly be achievable by template standardization. (Putting machine-readable data into an MCR slot instead of the current mark-it-up-in-HTML-then-parse-out approach would be cool, but seems quite far away, and in any case would still happen through templates in some form.) Cross-wiki template standardization and the creation of a specialist class users focusing on that (much like the Commons community for images or Wikidatans for data) would increase the chance of that happening (in the case of most small wikis, increase it from zero) and that depends on shadow namespaces. So there is definitely a product need IMO.

Wed, Jan 10, 10:20 PM · Wikimedia-Developer-Summit (2017), TechCom-RFC