Tgr (Gergő Tisza)
Software Engineer, WMF Reading

Projects (37)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 4:55 PM (195 w, 2 d)
Availability
Available
IRC Nick
tgr
LDAP User
Gergő Tisza
MediaWiki User
Tgr (WMF)

Things my team is working on: Reading-Infrastructure-Team-Backlog (kanban board)
Side projects I am working on (or planning to, eventually): User-Tgr
You can find more info about me on my user page.

Recent Activity

Yesterday

Tgr created T197535: extension.json should be able to express dependency on PHP version / PHP extension version.
Sun, Jun 17, 10:02 AM · MediaWiki-Configuration
Tgr added a comment to T186374: Show explanation about wikistats on landing pages.

I think this is still confusing to 99% of the Analytics-Wikistats userbase who probably have no idea what Analytics is and how it is relevant. Although these days Wikistats 2 does better on Google so it's less of a problem.

Sun, Jun 17, 9:03 AM · VPS-project-Wikistats

Sat, Jun 16

Tgr added a comment to T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default.

How many of those were from local privileged users vs global privileged users (e.g. global interface editors, global sysops, stewards)?

Sat, Jun 16, 10:18 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Tgr updated the task description for T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default.
Sat, Jun 16, 8:46 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core

Fri, Jun 15

Tgr closed T197215: MediaWiki-Vagrant: assets don't work (on LXC?): "symbolic link not allowed or link target not accessible" as Resolved.
Fri, Jun 15, 10:20 PM · Patch-For-Review, MediaWiki-Vagrant
Tgr added a comment to T197087: Remove or limit edituserjs and similar rights.

However, the tech admin group is already going to have mandatory 2FA or some similar requirement, which significantly reduces the probability of an account compromise (maybe even to negligible if not zero).

Fri, Jun 15, 7:39 PM · MediaWiki-Interface, Security-Core
Tgr added a comment to T197087: Remove or limit edituserjs and similar rights.

I'd prefer blanking over deleting, because the user can recover or revert it on its own, while deleting the page will remove that possibility except for users with the right to see deleted revisions. However, I don't know how this could be implemented in the UI

Fri, Jun 15, 5:30 PM · MediaWiki-Interface, Security-Core
Harej awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Like token.
Fri, Jun 15, 5:19 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Tgr added a comment to T197087: Remove or limit edituserjs and similar rights.

@Izno do less-experienced users involve admins, stewards etc? The main concern here is that someone compromising a technical administrator account can use this ability to take over something more powerful, like a steward account. (That could be done by editing non-personal Javascript as well, but that's much easier to notice - there are only so many JS pages that get loaded and a large number of people are bound to be watching them. Creating User:Foo/vector.js is much more likely to avoid notice.)

Fri, Jun 15, 4:46 PM · MediaWiki-Interface, Security-Core

Thu, Jun 14

Tgr added a comment to T193690: RFC: Use ar_page_id to determine the parent IDs for undeleted revisions.

I intend to, yeah.

Thu, Jun 14, 7:13 PM · MediaWiki-Page-deletion, TechCom-RFC, MediaWiki-History-or-Diffs
Tgr added a comment to T197238: No way to mark patches as not WIP (which blocks merging).

Sorry. It seems me and others who reported this have just missed the button on the new interface (where it replaces the "Reply" button, with the same hard-to-read color, so it's somewhat hard to spot). So owners can unWIP on both interfaces although the UX on polygerrit is extra poor.

Thu, Jun 14, 7:10 PM · Gerrit
Tgr added a comment to T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default.

Therefore, I suggest implementing the proposed limitation for big wikis, while letting small wikis (where there is no major potential risk) choose whether they want to have it too or not.

Thu, Jun 14, 3:31 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Tgr added a comment to T197241: "Enable syncing on your Wikipedia app to begin saving articles".

Which app is that?

Thu, Jun 14, 3:19 PM · Wikipedia-Android-App-Backlog, Reading-Infrastructure-Team-Backlog, Reading List Service
Tgr updated subscribers of T197238: No way to mark patches as not WIP (which blocks merging).

on the old UI changeset owners can indeed see it

Thu, Jun 14, 3:10 PM · Gerrit
Tgr lowered the priority of T197238: No way to mark patches as not WIP (which blocks merging) from Unbreak Now! to High.

I was slightly confused: the unWIP option seems to be missing completely from the new UI; on the old UI changeset owners can indeed see it. So this is not that bad a problem. Should block T196812: Make PolyGerrit the default ui though, IMO.

Thu, Jun 14, 3:06 PM · Gerrit
Tgr added a comment to T197238: No way to mark patches as not WIP (which blocks merging).

Most changeset owners do not have that button currently, and many patches have been marked as WIP somehow (compare 437064, where I tested the WIP button, and it has a Set Work In Progress comment, with 421433 where there are no such comments), so an unknown number of developers are now unable to merge their patches without the help of a gerrit admin. (And it's not particularly easy to figure out what's going on, either; especially on the old interface which just says "Cannot Merge" like it does on patches that do not rebase cleanly.)

Thu, Jun 14, 2:46 PM · Gerrit
Addshore awarded T197238: No way to mark patches as not WIP (which blocks merging) a The World Burns token.
Thu, Jun 14, 1:38 PM · Gerrit
Tgr triaged T197238: No way to mark patches as not WIP (which blocks merging) as Unbreak Now! priority.
Thu, Jun 14, 1:33 PM · Gerrit
Tgr created T197238: No way to mark patches as not WIP (which blocks merging).
Thu, Jun 14, 1:32 PM · Gerrit
Tgr added a comment to T196653: Test MCR Storage Layer Patches.

Test plan was https://www.mediawiki.org/wiki/User:Daniel_Kinzler_(WMDE)/MCR-StorageLayerTesting#PageUpdater_test_plan. All tests either passed or failed on master as well (those will be repeated on beta after merging).

Thu, Jun 14, 12:45 PM · Patch-For-Review, User-Addshore, Multi-Content-Revisions (MCR-SDC phase 1), Epic, MediaWiki-Platform-Team, Structured-Data-Commons, Wikidata
Tgr updated the task description for T197234: Expected mass rollback of all peer transactions (DBO_TRX set).
Thu, Jun 14, 12:30 PM · MediaWiki-Database, StructuredDiscussions, Collaboration-Team-Triage
Tgr added a comment to T197234: Expected mass rollback of all peer transactions (DBO_TRX set).

FWIW the original exception was

2018-06-14 12:22:38 mcr-full wiki: [a9d24b56be842208db86ddac] /wiki/Special:EnableStructuredDiscussions   Wikimedia\Rdbms\DBUnexpectedError from line 3754 of /vagrant/mediawiki/includes/libs/rdbms/database/Database.php: Flow\Import\PageImportState::begin: Implicit transaction already active (from Wikimedia\Rdbms\Database::query (User::idFromName)).
#0 /vagrant/mediawiki/extensions/Flow/includes/Import/Importer.php(406): Wikimedia\Rdbms\Database->begin(string)
#1 /vagrant/mediawiki/extensions/Flow/includes/Import/Importer.php(586): Flow\Import\PageImportState->begin()
#2 /vagrant/mediawiki/extensions/Flow/includes/Import/Importer.php(126): Flow\Import\TalkpageImportOperation->import(Flow\Import\PageImportState)
#3 /vagrant/mediawiki/extensions/Flow/includes/Import/Converter.php(187): Flow\Import\Importer->import(Flow\Import\Wikitext\ImportSource, Title, User, Flow\Import\SourceStore\NullImportSourceStore)
#4 /vagrant/mediawiki/extensions/Flow/includes/Import/Converter.php(138): Flow\Import\Converter->doConversion(Title, NULL)
#5 /vagrant/mediawiki/extensions/Flow/includes/Specials/SpecialEnableStructuredDiscussions.php(120): Flow\Import\Converter->convert(Title)
#6 /vagrant/mediawiki/includes/htmlform/HTMLForm.php(662): Flow\Specials\SpecialEnableStructuredDiscussions->onSubmit(array, OOUIHTMLForm)
#7 /vagrant/mediawiki/includes/htmlform/HTMLForm.php(554): HTMLForm->trySubmit()
#8 /vagrant/mediawiki/includes/htmlform/HTMLForm.php(569): HTMLForm->tryAuthorizedSubmit()
#9 /vagrant/mediawiki/includes/specialpage/FormSpecialPage.php(184): HTMLForm->show()
#10 /vagrant/mediawiki/extensions/Flow/includes/Specials/SpecialEnableStructuredDiscussions.php(49): FormSpecialPage->execute(NULL)
#11 /vagrant/mediawiki/includes/specialpage/SpecialPage.php(565): Flow\Specials\SpecialEnableStructuredDiscussions->execute(NULL)
#12 /vagrant/mediawiki/includes/specialpage/SpecialPageFactory.php(569): SpecialPage->run(NULL)
#13 /vagrant/mediawiki/includes/MediaWiki.php(288): SpecialPageFactory::executePath(Title, RequestContext)
#14 /vagrant/mediawiki/includes/MediaWiki.php(867): MediaWiki->performRequest()
#15 /vagrant/mediawiki/includes/MediaWiki.php(524): MediaWiki->main()
#16 /vagrant/mediawiki/index.php(42): MediaWiki->run()
#17 /var/www/w/index.php(5): include(string)
#18 {main}

Probably a case of using Database::begin instead of Database::startAtomic (see docs).

Thu, Jun 14, 12:28 PM · MediaWiki-Database, StructuredDiscussions, Collaboration-Team-Triage
Tgr created T197234: Expected mass rollback of all peer transactions (DBO_TRX set).
Thu, Jun 14, 12:20 PM · MediaWiki-Database, StructuredDiscussions, Collaboration-Team-Triage
Tgr added a comment to T197210: Mail sending broken in MediaWiki-Vagrant.

Thix was tested on Wikimed Cloud in a stretch labs-vagrant setup, not sure if that matters.

Thu, Jun 14, 10:58 AM · MediaWiki-Vagrant
Tgr renamed T197215: MediaWiki-Vagrant: assets don't work (on LXC?): "symbolic link not allowed or link target not accessible" from MediaWiki-Vagrant: symbolic link not allowed to MediaWiki-Vagrant: assets don't work (on LXC?): "symbolic link not allowed or link target not accessible".
Thu, Jun 14, 8:48 AM · Patch-For-Review, MediaWiki-Vagrant
Tgr added a comment to T197215: MediaWiki-Vagrant: assets don't work (on LXC?): "symbolic link not allowed or link target not accessible".

FollowSymlinks seems to be set properly, this is more likely to be a permission issue:

vagrant@mcr-full:/vagrant$ ls -ld /var/www/w/resources
lrwxrwxrwx 1 vagrant www-data 28 May 25 14:21 /var/www/w/resources -> /vagrant/mediawiki/resources
vagrant@mcr-full:/vagrant$ ls -ld /vagrant/mediawiki/resources
drwxr-sr-x 5 vagrant_share vagrant_share 4096 Jun 13 13:40 /vagrant/mediawiki/resources
Thu, Jun 14, 8:48 AM · Patch-For-Review, MediaWiki-Vagrant
Tgr created T197215: MediaWiki-Vagrant: assets don't work (on LXC?): "symbolic link not allowed or link target not accessible".
Thu, Jun 14, 8:42 AM · Patch-For-Review, MediaWiki-Vagrant
Tgr added a comment to T197210: Mail sending broken in MediaWiki-Vagrant.

Running sudo postalias /etc/postfix/aliases creates the missing database file and after that things work as expected.

Thu, Jun 14, 7:24 AM · MediaWiki-Vagrant
Tgr created T197210: Mail sending broken in MediaWiki-Vagrant.
Thu, Jun 14, 7:21 AM · MediaWiki-Vagrant

Wed, Jun 13

Tgr closed T195019: Should be possible to filter meta=readinglists by reading list id as Resolved.
Wed, Jun 13, 7:37 PM · MW-1.32-release-notes (WMF-deploy-2018-06-26 (1.32.0-wmf.10)), Patch-For-Review, Reading-Infrastructure-Team-Backlog, Reading List Service
Tgr added a comment to T197150: User right changes should require elevated security.

AIUI, as long as the permissions changes are within $wgReauthenticateTime of the last login you shouldn't be prompted again?

Wed, Jun 13, 5:54 PM · Stewards-and-global-tools, MediaWiki-extensions-CentralAuth, MediaWiki-User-management, Security-Extensions, Security-Core
Tgr moved T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default from Backlog to Pending on the User-Tgr board.
Wed, Jun 13, 5:29 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Tgr added projects to T197160: All security-sensitive MediaWiki functionality should require elevated security: Epic, User-Tgr.
Wed, Jun 13, 5:25 PM · User-Tgr, Epic, MediaWiki-Authentication-and-authorization, Security-General
Tgr added a parent task for T168557: "Keep me logged in" check box shouldn't be shown when a logged-in user is being verified: T197160: All security-sensitive MediaWiki functionality should require elevated security.
Wed, Jun 13, 5:24 PM · Patch-For-Review, MediaWiki-Authentication-and-authorization
Tgr added subtasks for T197160: All security-sensitive MediaWiki functionality should require elevated security: T197137: Editing sitewide JS/CSS pages should require elevated security, T197150: User right changes should require elevated security, Unknown Object (Task), T197156: Creating OAuth owner-only consumers should require elevated security, T197158: CheckUser should require elevated security, T197130: Document MediaWiki elevated security feature, T168557: "Keep me logged in" check box shouldn't be shown when a logged-in user is being verified, T197153: Make some providers optional for reauthentication.
Wed, Jun 13, 5:24 PM · User-Tgr, Epic, MediaWiki-Authentication-and-authorization, Security-General
Tgr created T197160: All security-sensitive MediaWiki functionality should require elevated security.
Wed, Jun 13, 5:22 PM · User-Tgr, Epic, MediaWiki-Authentication-and-authorization, Security-General
Tgr created T197158: CheckUser should require elevated security.
Wed, Jun 13, 5:21 PM · Stewards-and-global-tools, CheckUser, Security-Extensions
Tgr created T197156: Creating OAuth owner-only consumers should require elevated security.
Wed, Jun 13, 5:12 PM · MediaWiki-extensions-OAuth, Security-Extensions
Tgr created T197153: Make some providers optional for reauthentication.
Wed, Jun 13, 5:09 PM · MediaWiki-Authentication-and-authorization, Security-Core
Tgr added a comment to T133040: Remember "Remember me".

Related: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/372762

Wed, Jun 13, 5:04 PM · MediaWiki-Authentication-and-authorization
Tgr created T197150: User right changes should require elevated security.
Wed, Jun 13, 4:44 PM · Stewards-and-global-tools, MediaWiki-extensions-CentralAuth, MediaWiki-User-management, Security-Extensions, Security-Core
Tgr added a comment to T197136: Tie certain user rights to elevated security.

Good point, there would probably have to be two ways of checking permissions, "has right now" and "can obtain".

Wed, Jun 13, 4:39 PM · MediaWiki-User-management, Security-Core
Tgr added a comment to T170150: Evaluate Grafana's LDAP group options and deprecate grafana-admin if possible.

Any thoughts on whether this might make something like T189531: All Wikimedia developer services should use single sign-on easier or harder in the future?

Wed, Jun 13, 4:29 PM · Patch-For-Review, monitoring, Operations
Tgr awarded T170150: Evaluate Grafana's LDAP group options and deprecate grafana-admin if possible a Like token.
Wed, Jun 13, 4:28 PM · Patch-For-Review, monitoring, Operations
Tgr awarded T197070: +2 for MarcoAurelio in mediawiki/* a Like token.
Wed, Jun 13, 4:25 PM · Repository-Ownership-Requests
Tgr created T197137: Editing sitewide JS/CSS pages should require elevated security.
Wed, Jun 13, 3:52 PM · MediaWiki-User-management, MediaWiki-Interface, Security-Core
Tgr created T197136: Tie certain user rights to elevated security.
Wed, Jun 13, 3:48 PM · MediaWiki-User-management, Security-Core
Tgr created T197130: Document MediaWiki elevated security feature.
Wed, Jun 13, 3:37 PM · MediaWiki-General-or-Unknown, Documentation, Security-Core
Tgr created T197087: Remove or limit edituserjs and similar rights.
Wed, Jun 13, 10:23 AM · MediaWiki-Interface, Security-Core
Tgr added a comment to T160877: New wikitext editor should anchordecode internal links.

On converting an URL to an internal link the URL decoding of the title and the URL decoding of the anchor is missing. This is a valid bug.

Wed, Jun 13, 6:44 AM · VisualEditor, VisualEditor-MediaWiki-2017WikitextEditor
Tgr closed T193417: ReadingLists performance degradation as Resolved.

After T190082#4277676, load times now seem to be back to their original levels. Thanks @aaron!

Wed, Jun 13, 6:42 AM · Services (watching), Performance-Team (Radar), Reading-Infrastructure-Team-Backlog (Kanban), Reading List Service

Tue, Jun 12

Tgr closed T160877: New wikitext editor should anchordecode internal links as Invalid.
Tue, Jun 12, 5:06 PM · VisualEditor, VisualEditor-MediaWiki-2017WikitextEditor
Tgr added a comment to T160877: New wikitext editor should anchordecode internal links.

I can't get NWE to decode links at all now, they are pasted as is. VE decodes links (which use the new section encoding) correctly though.

Tue, Jun 12, 5:05 PM · VisualEditor, VisualEditor-MediaWiki-2017WikitextEditor
Tgr added a comment to T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default.

Looking at how much JS editing happens in smaller wikis:

0: jdbc:hive2://analytics1003.eqiad.wmnet:100> select count edits, count(*) cnt from (select wiki_db wiki, count(*) count from wmf.mediawiki_history where snapshot='2018-05' and event_entity = 'revision' and event_type = 'create' and event_timestamp > '2017-06-01 00:00:00' and page_namespace = 8 and page_title like '%.js' and wiki_db in (<small.dblist>) group by wiki_db order by count desc limit 1000) x group by count order by count asc limit 100;
1       33
2       23
3       10
4       6
5       3
6       1
7       3
8       1
9       3
10      1
11      2
12      1
13      1
15      2
20      1
22      1
24      1
33      2
53      1

So from the 508 small wikis, 412 had no Javascript namespace edits in the last 12 months, 75 had five or less, 21 had more.

Tue, Jun 12, 10:46 AM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Smalyshev awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Like token.
Tue, Jun 12, 7:41 AM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core

Mon, Jun 11

Tgr committed rEBOPdc0c23d3352b: Make stylelint not break in the absence of CSS files (authored by Tgr).
Make stylelint not break in the absence of CSS files
Mon, Jun 11, 10:45 PM
Tgr committed rEBOPb666bb37f121: Make stylelint not break in the absence of CSS files (authored by Tgr).
Make stylelint not break in the absence of CSS files
Mon, Jun 11, 10:45 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA236272a1025f: Update patch set 3 (authored by Tgr).
Update patch set 3
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA7ad682c0f70b: Create patch set 3 (authored by Tgr).
Create patch set 3
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA4c66a1faa66e: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGAb113238d58a8: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA605ff37b2e47: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA5fd6cc2341c5: Update patch set 1 (authored by Tgr).
Update patch set 1
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEGGA4ca4339047f5: Create change (authored by Tgr).
Create change
Mon, Jun 11, 10:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rENPU76b29eee18a2: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 9:20 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rENPUc35fa7780f9a: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 9:20 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rENPU9ef9cbdbb595: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 9:20 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rENPU72aa9def1789: Update patch set 1 (authored by Tgr).
Update patch set 1
Mon, Jun 11, 9:20 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA31eaa9fa1c2c: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMAe20f5093efd0: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA58d53a62ed57: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA74b63d185a19: Update patch set 1 (authored by Tgr).
Update patch set 1
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA12b8cf1f25c4: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMAe5ba03741e65: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA0c6dc630a357: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:31 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA94cb7badc560: Final NoteDb migration updates (authored by Tgr).
Final NoteDb migration updates
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA047734766d81: Update patch set 4 (authored by Tgr).
Update patch set 4
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA89579461f034: Create patch set 4 (authored by Tgr).
Create patch set 4
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMAa890534b6620: Create patch set 3 (authored by Tgr).
Create patch set 3
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMAaf6ea0989d05: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEEMA045ded06cd58: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:30 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQSf4023aa5ce2b: Final NoteDb migration updates (authored by Tgr).
Final NoteDb migration updates
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQS2490187d1c67: Update patch set 4 (authored by Tgr).
Update patch set 4
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQSc465dc517248: Create patch set 4 (authored by Tgr).
Create patch set 4
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQSf13c3ddb7ebc: Create patch set 3 (authored by Tgr).
Create patch set 3
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQS30320f57a7be: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQS05c2f52c687d: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:18 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQSa2d52fa7ae01: Final NoteDb migration updates (authored by Tgr).
Final NoteDb migration updates
Mon, Jun 11, 8:17 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQS540bd9e8a04f: Create patch set 2 (authored by Tgr).
Create patch set 2
Mon, Jun 11, 8:17 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQSb2c905d6ca00: Create change (authored by Tgr).
Create change
Mon, Jun 11, 8:17 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rEQS4208aad9bc39: Update patch set 1 (authored by Tgr).
Update patch set 1
Mon, Jun 11, 8:16 PM
Krenair awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Evil Spooky Haunted Tree token.
Mon, Jun 11, 7:23 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Pcoombe awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Like token.
Mon, Jun 11, 7:14 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Jdlrobson awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Love token.
Mon, Jun 11, 3:42 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Bawolff awarded T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default a Love token.
Mon, Jun 11, 2:25 PM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core
Gerrit Code Review <gerrit@wikimedia.org> committed rELINT40a47b86f4d2: Update patch set 2 (authored by Tgr).
Update patch set 2
Mon, Jun 11, 2:13 PM
Tgr added a comment to T196825: Action API redirects should set CORS headers when origin parameter is set.

I don't think that makes this invalid (maybe slightly misleadingly titled). Valid CORS requests to the action API are broken because the client and MediaWiki use slightly different URL encoding logic that's a bug. Apparently not in the API, but still a bug.

Mon, Jun 11, 1:40 PM · MediaWiki-API
Tgr added a comment to T196812: Make PolyGerrit the default ui.

The lack of editing support is a pretty serious limitation IMO, especially for beginners who might find that a much easier way of creating a patch then setting up git, virtualbox, vagrant & git-review locally.

Mon, Jun 11, 1:02 PM · Release-Engineering-Team, User-notice, Patch-For-Review, Gerrit
Tgr moved T196892: Raw HTML in page descriptions from Needs triage to Tracking on the Reading-Infrastructure-Team-Backlog board.
Mon, Jun 11, 12:30 PM · Security, MediaWiki-extensions-WikibaseClient, Security-Extensions, Reading-Infrastructure-Team-Backlog, Wikidata
Tgr created T196892: Raw HTML in page descriptions.
Mon, Jun 11, 12:29 PM · Security, MediaWiki-extensions-WikibaseClient, Security-Extensions, Reading-Infrastructure-Team-Backlog, Wikidata