Page MenuHomePhabricator

bd808 (Bryan Davis)
Principal Software EngineerAdministrator

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Oct 3 2014, 2:36 PM (477 w, 5 d)
Roles
Administrator
Availability
Available
IRC Nick
bd808
LDAP User
BryanDavis
MediaWiki User
BDavis (WMF) [ Global Accounts ]

I'm BDavis (WMF) on wiki, bd808 on irc & GitLab, and BryanDavis on Gerrit & Wikitech.

I've got a thing for 🦄s. Don't judge.

I work for or provide services to the Wikimedia Foundation, but this is my only Phabricator account. Edits, statements, or other contributions made from this account are my own, and may not reflect the views of the Foundation.

Recent Activity

Yesterday

bd808 added a comment to T352136: Create large instance for MinT.

https://openstack-browser.toolforge.org/project/language is the Cloud VPS project that owns the named https://translate.wmcloud.org/ proxy.

Wed, Nov 29, 5:17 PM · Cloud-VPS (Quota-requests), Language-Team (Language-2023-October-December), MinT
bd808 added a comment to T351253: Add support for GitLab markdown linebreak requirement.

Maybe a wikitech-l post requesting feedback from folks who really care here?

Wed, Nov 29, 12:47 AM · commit-message-validator

Tue, Nov 28

bd808 added a comment to T311466: Create a kubernetes container with mono and dotnet.

As you say, the biggest obstacle is that there is no dotnet buildpack available.

I don't know if any work has been done on this.

Tue, Nov 28, 11:53 PM · Toolforge (Software install/update)
bd808 updated subscribers of T311466: Create a kubernetes container with mono and dotnet.

This reads to me like splitting your "mono/Liftwing/" directory into a dedicated git repo would make the Toolforge supported system work for this part of your project. You can use https://toolsadmin.wikimedia.org/tools/id/milhistbot/repos/create to create as many distinct git repos for your milhistbot tool as are needed.

Tue, Nov 28, 5:01 PM · Toolforge (Software install/update)
bd808 added a comment to T311466: Create a kubernetes container with mono and dotnet.

I have multiple C# projects in the one git repository. It was never intended to be built in this manner.

Tue, Nov 28, 4:52 PM · Toolforge (Software install/update)

Mon, Nov 27

bd808 changed the status of T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024 from In Progress to Stalled.

Marking as stalled until scholarship window closes on 2024-01-05. I will set a local calendar reminder to revisit this task then.

Mon, Nov 27, 10:06 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 added a comment to T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024.

Registration and Scholarship window open:

Mon, Nov 27, 10:04 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 closed T351316: 'mbh' tool cannot log in to srwiki's DB replica when attempting to connect using the legacy 'srwiki.labsdb' hostname as Resolved.

The credentials in the /data/project/mbh/replica.my.cnf file seem to be working as expected:

$ sudo become mbh
$ ls -lh replica.my.cnf
-r-------- 1 tools.mbh tools.mbh 51 Oct  2  2014 replica.my.cnf
$ grep user replica.my.cnf
user='s52321'
$ $ sql srwiki
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Mon, Nov 27, 8:38 PM · User-bd808, cloud-services-team, Data-Services
bd808 renamed T351316: 'mbh' tool cannot log in to srwiki's DB replica when attempting to connect using the legacy 'srwiki.labsdb' hostname from 'mbh' tool cannot log in to srwiki's DB replica on Toolforge to 'mbh' tool cannot log in to srwiki's DB replica when attempting to connect using the legacy 'srwiki.labsdb' hostname.
Mon, Nov 27, 8:37 PM · User-bd808, cloud-services-team, Data-Services
bd808 renamed T351316: 'mbh' tool cannot log in to srwiki's DB replica when attempting to connect using the legacy 'srwiki.labsdb' hostname from I can't log in to srwiki's DB replica on Toolforge to 'mbh' tool cannot log in to srwiki's DB replica on Toolforge.
Mon, Nov 27, 8:18 PM · User-bd808, cloud-services-team, Data-Services
bd808 moved T351316: 'mbh' tool cannot log in to srwiki's DB replica when attempting to connect using the legacy 'srwiki.labsdb' hostname from Backlog to Wiki replicas on the Data-Services board.
Mon, Nov 27, 8:16 PM · User-bd808, cloud-services-team, Data-Services

Wed, Nov 22

bd808 added a comment to F41524514: profile.

Copied from https://commons.wikimedia.org/wiki/File:Wikimedia_hackathon_mark_logo.svg

Wed, Nov 22, 11:38 PM
bd808 set the image for Wikimedia-Hackathon-2024 to F41524514: profile.
Wed, Nov 22, 11:34 PM
bd808 set the color for Wikimedia-Hackathon-2023 to Red.
Wed, Nov 22, 11:26 PM
bd808 merged task T222665: Code Stewardship Review: iegreview into T332918: determine whether https://iegreview.wikimedia.org can be sunset.
Wed, Nov 22, 11:03 PM · Security, Wikimedia-IEG-grant-review, Code-Stewardship-Reviews
bd808 merged T222665: Code Stewardship Review: iegreview into T332918: determine whether https://iegreview.wikimedia.org can be sunset.
Wed, Nov 22, 11:03 PM · Wikimedia-IEG-grant-review, collaboration-services
bd808 added a comment to T334415: decom iegreview.

The gerrit repo and phabricator board should probably be archived as well as marking the various wiki pages as historic too.

Wed, Nov 22, 10:57 PM · Wikimedia-IEG-grant-review, collaboration-services
bd808 added a watcher for Wikimedia-Hackathon-2024: bd808.
Wed, Nov 22, 10:19 PM
bd808 added a project to T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024: Wikimedia-Hackathon-2024.
Wed, Nov 22, 10:18 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 created Wikimedia-Hackathon-2024.
Wed, Nov 22, 10:17 PM
bd808 added a comment to T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024.

Initial announce posted:

Wed, Nov 22, 8:06 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 changed the status of T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024 from Open to In Progress.
Wed, Nov 22, 8:01 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 created T351843: Put up site notices on Wikitech and mw.o for Hackathon 2024.
Wed, Nov 22, 8:01 PM · Wikimedia-Hackathon-2024, User-bd808
bd808 changed the status of T319646: Migrate convert from Toolforge GridEngine to Toolforge Kubernetes from Stalled to Open.

https://wikitech.wikimedia.org/wiki/Help:Toolforge/Build_Service#Installing_Apt_packages should unblock moving this webservice to Kubernetes.

Wed, Nov 22, 12:06 AM · Grid-Engine-to-K8s-Migration

Tue, Nov 21

bd808 moved T351774: Check on labs/tools/* repos from Tyler's list of really stale repos from To Do to In Dev/Progress on the User-bd808 board.
Tue, Nov 21, 11:41 PM · User-bd808
bd808 moved T318635: Migrate Toolhub local dev away from blubberoid generated Dockerfiles from In Dev/Progress to To Do on the User-bd808 board.
Tue, Nov 21, 11:41 PM · User-bd808, Toolhub
bd808 moved T318632: Migrate developer-portal local dev away from blubberoid generated Dockerfiles from In Dev/Progress to To Do on the User-bd808 board.
Tue, Nov 21, 11:41 PM · Patch-Needs-Improvement, User-bd808, Wikimedia-Developer-Portal
bd808 created T351774: Check on labs/tools/* repos from Tyler's list of really stale repos.
Tue, Nov 21, 11:41 PM · User-bd808
bd808 added a comment to T351764: Preserve existing JSDuck documentation on docs.wikimedia.org.

maybe create a generic place for this sort of thing in future?

Tue, Nov 21, 11:37 PM · collaboration-services, Tech-Docs-Team, Technical-Debt (RW-Tech-Debt), Front-end-Standards-Group, Documentation
bd808 added a comment to T351764: Preserve existing JSDuck documentation on docs.wikimedia.org.

I think a new vhost is a bad idea. There are already a large number of separate generated document collections on doc.wikimedia.org. Just move the thing you want to preserve to a new directory. https://doc.wikimedia.org/mediawiki-core-js-legacy/ or whatever.

Tue, Nov 21, 11:27 PM · collaboration-services, Tech-Docs-Team, Technical-Debt (RW-Tech-Debt), Front-end-Standards-Group, Documentation
bd808 updated the task description for T351744: New upstream release for Pygments (2.17.1).
Tue, Nov 21, 10:14 PM · SyntaxHighlight
bd808 closed T351702: Make Onyinyechi a TechBlog admin as Resolved.
Tue, Nov 21, 4:55 PM · User-bd808, Technical Blog
bd808 changed the status of T351702: Make Onyinyechi a TechBlog admin from Open to In Progress.

@Maryann-Onyinye Check your work email for your initial account information. Unfortunately I cannot remember what sender address account emails from https://techblog.wikimedia.org use.

Tue, Nov 21, 4:48 PM · User-bd808, Technical Blog
bd808 updated the task description for T351744: New upstream release for Pygments (2.17.1).
Tue, Nov 21, 4:38 PM · SyntaxHighlight
bd808 triaged T351744: New upstream release for Pygments (2.17.1) as Medium priority.
Tue, Nov 21, 4:37 PM · SyntaxHighlight
bd808 created T351744: New upstream release for Pygments (2.17.1).
Tue, Nov 21, 4:36 PM · SyntaxHighlight
bd808 triaged T324316: git-review hook for adding Change-Id trailer confused by Signed-Off-By trailer as Low priority.
Tue, Nov 21, 1:13 AM · Upstream, Gerrit, commit-message-validator
bd808 triaged T195060: Make rules and MessageValidator configurable as Low priority.

Quite a bit of work towards making things more configurable happened in the 2.0.0 release cycle as a side effect of making it easier to vary rules across Gerrit, GitHub, and GitLab repos (rICMVf9bfb67cf64b: Refactor into rules based system). I'm not sure however that there is much value in making commit-message-validator. The project is purpose built for Wikimedia commit message rules and was never really intended to be a general purpose commit message linter.

Tue, Nov 21, 1:08 AM · commit-message-validator
bd808 closed T339309: Document how to run commit-message-validator as part of GitLab CI as Resolved.

On-wiki docs have now been updated: https://www.mediawiki.org/w/index.php?title=Commit-message-validator&diff=prev&oldid=6207296

Tue, Nov 21, 12:55 AM · User-bd808, GitLab (CI & Job Runners), Documentation, commit-message-validator
bd808 closed T339309: Document how to run commit-message-validator as part of GitLab CI, a subtask of T339307: Update commit-message-validator to work nicely with GitLab repos, as Resolved.
Tue, Nov 21, 12:55 AM · User-bd808, GitLab (CI & Job Runners), commit-message-validator

Mon, Nov 20

bd808 changed the subtype of T351640: Enhancing User Experience with URL Docs Input Error Handling from "Task" to "Bug Report".

@Punith.nyk Thank you for this bug report. It would be helpful if you described the issue using words rather than the attached mp4 screen recording. What screen were you on? What were you trying to accomplish? What unexpected behavior did you find? https://www.mediawiki.org/wiki/How_to_report_a_bug has some additional advice on creating actionable bug reports.

Mon, Nov 20, 9:45 PM · Toolhub
bd808 closed T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes as Resolved.

Let's see how this goes:

$ toolforge jobs show fix-double-redirects
+-------------+-----------------------------------------------------+
| Job name:   | fix-double-redirects                                |
+-------------+-----------------------------------------------------+
| Command:    | pwb -family:officewiki redirect both -moves -always |
+-------------+-----------------------------------------------------+
| Job type:   | schedule: @weekly                                   |
+-------------+-----------------------------------------------------+
| Image:      | tool-officewikibot/tool-officewikibot:latest        |
+-------------+-----------------------------------------------------+
| File log:   | no                                                  |
+-------------+-----------------------------------------------------+
| Output log: |                                                     |
+-------------+-----------------------------------------------------+
| Error log:  |                                                     |
+-------------+-----------------------------------------------------+
| Emails:     | all                                                 |
+-------------+-----------------------------------------------------+
| Resources:  | default                                             |
+-------------+-----------------------------------------------------+
| Mounts:     | none                                                |
+-------------+-----------------------------------------------------+
| Retry:      | no                                                  |
+-------------+-----------------------------------------------------+
| Status:     | Waiting for scheduled time                          |
+-------------+-----------------------------------------------------+
| Hints:      | No pods were created for this job.                  |
+-------------+-----------------------------------------------------+
Mon, Nov 20, 6:59 PM · Grid-Engine-to-K8s-Migration, User-bd808
bd808 added a project to T351667: Improve Ping Function: Notifications.
Mon, Nov 20, 6:27 PM · Growth-Team, Notifications
bd808 renamed T309898: Fix "Fetching a token via "action=login" is deprecated" when authenticating via bot passwords from Fix "Fetching a token via "action=login" is deprecated" to Fix "Fetching a token via "action=login" is deprecated" when authenticating via bot passwords.
Mon, Nov 20, 5:27 PM · Pywikibot
bd808 added a comment to T309898: Fix "Fetching a token via "action=login" is deprecated" when authenticating via bot passwords.

Just a note that this warning is still happening:

Logging in to officewiki:officewiki as Officewikibot@toolforge
WARNING: API warning (main): Subscribe to the mediawiki-api-announce mailing list at <https://lists.wikimedia.org/postorius/lists/mediawiki-api-announce.lists.wikimedia.org/> for notice of API deprecations and breaking changes. Use [[Special:ApiFeatureUsage]] to see usage of deprecated features by your application.
WARNING: API warning (login): Fetching a token via "action=login" is deprecated. Use "action=query&meta=tokens&type=login" instead.
ERROR: Received incorrect login token. Forcing re-login.

Runtime context:

$ webservice buildservice shell -- pwb --version
Pywikibot: [https] toolforge-repos-officewikibot-pywikibot (998aaa8, g1, 2023/11/17, 14:56:35, OUTDATED)
Release version: 8.5.1
setuptools version: 63.4.3
mwparserfromhell version: 0.6.5
wikitextparser version: n/a
requests version: 2.31.0
  cacerts: /app/.heroku/python/lib/python3.9/site-packages/certifi/cacert.pem
    certificate test: ok
Python: 3.9.18 (main, Aug 24 2023, 22:36:08)
[GCC 11.4.0]
PYWIKIBOT_DIR: Not set
PYWIKIBOT_DIR_PWB: /workspace/pywikibot/scripts
PYWIKIBOT_NO_USER_CONFIG: Not set
Config base dir: /workspace
Usernames for family 'officewiki':
        *: Officewikibot
Mon, Nov 20, 5:27 PM · Pywikibot
bd808 added a comment to T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes.

Interactive debugging of things in the buildpack created image can be done using webservice shell. This can be made a bit easier by first setting up a $HOME/service.template for the tool:

$HOME/service.template
backend: kubernetes
type: buildservice
mount: none

With that template in place a script can be run from the cli by doing something like webservice buildservice shell -- pwb -family:officewiki -lang:en redirect both -moves -always. Just use webservice buildservice shell to get an interactive shell inside the container. (This is all normal Toolforge Kubernetes stuff, but possibly not obvious to everyone including my future self.)

Mon, Nov 20, 4:06 PM · Grid-Engine-to-K8s-Migration, User-bd808

Fri, Nov 17

bd808 added a comment to T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes.

Work in progress at https://gitlab.wikimedia.org/toolforge-repos/officewikibot-pywikibot/-/tree/work/bd808/botpassword

Fri, Nov 17, 10:46 PM · Grid-Engine-to-K8s-Migration, User-bd808
bd808 changed the status of T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes from Open to In Progress.
Fri, Nov 17, 10:42 PM · Grid-Engine-to-K8s-Migration, User-bd808
bd808 triaged T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes as High priority.
Fri, Nov 17, 6:27 PM · Grid-Engine-to-K8s-Migration, User-bd808
bd808 added a comment to T319934: Migrate officewikibot from Toolforge GridEngine to Toolforge Kubernetes.

@RhinosF1 changed the task status from Stalled to Open.

Fri, Nov 17, 6:24 PM · Grid-Engine-to-K8s-Migration, User-bd808

Thu, Nov 16

bd808 added a comment to T347402: [tbs] Create a tutorial on how to deploy a ruby on rails tool using build service.

It is painfully slow though, which is surprising considering that it's just a bare-bones app with some basic CRUD and a sqlite database. Haven't investigated why yet.

Thu, Nov 16, 11:49 PM · Toolforge (Toolforge iteration 02), Documentation
bd808 added a comment to T351462: Question: Volunteer and WMDE staff work with two separate GitLab accounts or with a combined one?.

There is currently no community or Wikimedia Foundation requirement for separating paid and volunteer contributions to Wikimedia's technical projects. All technical contributors are equally bound by the https://www.mediawiki.org/wiki/Code_of_Conduct and the license terms of the codebases they contribute to.

Thu, Nov 16, 11:20 PM · GitLab (Account Approval)
nskaggs awarded T347557: [wikitech] administrator rights for WMCS a Stroopwafel token.
Thu, Nov 16, 1:42 PM · User-bd808, wikitech.wikimedia.org, cloud-services-team (FY2023/2024-Q1-Q2)
nskaggs awarded T347346: Requesting content administrator permissions access for Triciaburmeister a Meh! token.
Thu, Nov 16, 1:41 PM · User-bd808, wikitech.wikimedia.org
bd808 closed T347557: [wikitech] administrator rights for WMCS as Resolved.

We need a bureaucrat to grant permissions: https://wikitech.wikimedia.org/wiki/Special:ListUsers/bureaucrat

Thu, Nov 16, 12:47 AM · User-bd808, wikitech.wikimedia.org, cloud-services-team (FY2023/2024-Q1-Q2)
bd808 added a comment to T347557: [wikitech] administrator rights for WMCS.

We should probably just import some nicer 'protectedpagetext' message overrides from meta or mw.o. The default message shipped with MediaWiki is "This page has been protected to prevent editing or other actions." which is true, but not super helpful to folks who don't know what it means. I'll take a shot at setting something better up.

Thu, Nov 16, 12:42 AM · User-bd808, wikitech.wikimedia.org, cloud-services-team (FY2023/2024-Q1-Q2)

Wed, Nov 15

bd808 added a comment to T347557: [wikitech] administrator rights for WMCS.

Thanks, then maybe the note in the page could be "This page is protected, if you need to edit it please contact an admin".

Wed, Nov 15, 11:26 PM · User-bd808, wikitech.wikimedia.org, cloud-services-team (FY2023/2024-Q1-Q2)
bd808 added a comment to T347557: [wikitech] administrator rights for WMCS.

editprotected is technically the right that is needed to edit pages marked visually as "Allow only administrators". On wikitech most folks with this right get it from membership in the content administrators user group. That group has almost the same rights as administrators (sysop) group. The main difference is that content admins do not have the editinterface right that lets you edit things in the MediaWiki namespace which is used for customizing UI messages and global css & javascript.

Wed, Nov 15, 11:18 PM · User-bd808, wikitech.wikimedia.org, cloud-services-team (FY2023/2024-Q1-Q2)
bd808 closed T347346: Requesting content administrator permissions access for Triciaburmeister as Resolved.

https://wikitech.wikimedia.org/w/index.php?title=Special:Log&logid=964019

Wed, Nov 15, 11:02 PM · User-bd808, wikitech.wikimedia.org
bd808 changed the status of T347346: Requesting content administrator permissions access for Triciaburmeister from Open to In Progress.
Wed, Nov 15, 10:58 PM · User-bd808, wikitech.wikimedia.org
bd808 moved T351330: Request creation of devel-stats VPS project from Inbox to Clinic Duty on the cloud-services-team board.
Wed, Nov 15, 9:15 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 added a project to T351330: Request creation of devel-stats VPS project: cloud-services-team.
Wed, Nov 15, 9:14 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 moved T351330: Request creation of devel-stats VPS project from Inbox to Approved on the Cloud-VPS (Project-requests) board.

+1 from me for creating the project

Wed, Nov 15, 9:13 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 renamed T351330: Request creation of devel-stats VPS project from Request creation of releng-data VPS project to Request creation of devel-stats VPS project.
Wed, Nov 15, 9:12 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 added a comment to T351330: Request creation of devel-stats VPS project.

gerrit-stats involves a clone of all WMF repos from Gerrit, which comes to 34G. Spitballing, it would probably be helpful to have 80-100G of storage available here.

The default cinder quota for a project is 80Gb. Does that sound like enough space to get started or would you want additional quota from the start?

Wed, Nov 15, 7:05 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 added a comment to T351330: Request creation of devel-stats VPS project.

@brennen, To avoid the appearance of "Umbrella" projects with a broad scope, such as all the work to be done by an engineering team or a large problem space. (1) that having "releng" in the project name might invoke would y'all be ok with calling the project something like "devel-stats" as a riff on https://www.mediawiki.org/wiki/Development_statistics?

Wed, Nov 15, 7:02 PM · cloud-services-team, Release-Engineering-Team (Quid Pro Crow 🦃), GitLab, User-brennen, Cloud-VPS (Project-requests)
bd808 edited Description on acl*userdisable.
Wed, Nov 15, 12:40 AM
bd808 added a member for acl*userdisable: Xeno_WMF.
Wed, Nov 15, 12:30 AM

Tue, Nov 14

bd808 added a comment to T351253: Add support for GitLab markdown linebreak requirement.

T351253#9332725 helps me understand what is happening, and broadly why. Now the question is how should we adjust either CMV or the conventions used in the function-orchestrator repo to get back to a place where the linter can be used?

Tue, Nov 14, 11:43 PM · commit-message-validator
bd808 added a comment to T351253: Add support for GitLab markdown linebreak requirement.
Tue, Nov 14, 11:10 PM · commit-message-validator
bd808 added a comment to T351253: Add support for GitLab markdown linebreak requirement.

@Jdforrester-WMF Do you have some examples of this happening that I can take a look at in GitLab? I did not see this issue when testing commit messages like https://gitlab.wikimedia.org/bd808/cmv-mr-test/-/commit/7b6aa1d7c70383847eafb7abd82cb7d00f7a5f8a.

Tue, Nov 14, 10:06 PM · commit-message-validator
bd808 added a comment to T349610: Three repositories mirrored by Diffusion from GitLab into both "Toolforge" and "Wikimedia" on GitHub.

@bd808: By any chance, do you remember anything related to this setup? Asking as you seem to have been involved in setting up these mirroring URIs.

Tue, Nov 14, 6:43 PM · Wikimedia-GitHub, Diffusion, Phabricator
bd808 edited projects for T135784: Security review of Tool Labs console application, added: Striker; removed Cloud-Services.
Tue, Nov 14, 4:14 PM · Striker, Community-Tech-Tool-Labs
bd808 added a comment to T351143: Bitu appears to have access control vulnerability for ssh key management.

This appears to be a form of https://owasp.org/Top10/A01_2021-Broken_Access_Control/ caused by an insecure direct object reference embedded in the URL. I do not see any strong signs of attempts to implement access control in the https://gerrit.wikimedia.org/r/plugins/gitiles/operations/software/bitu/+/refs/heads/master/src/bitu/keymanagement/ source. The list view does as demonstrated limit the enumeration to the current user's records, but the other views do not seem to have any active user related access control at all.

Tue, Nov 14, 12:44 AM · Vuln-VulnComponent, SecTeam-Processed, Infrastructure-Foundations, Security, Bitu
bd808 created T351143: Bitu appears to have access control vulnerability for ssh key management.
Tue, Nov 14, 12:33 AM · Vuln-VulnComponent, SecTeam-Processed, Infrastructure-Foundations, Security, Bitu
bd808 created T351140: Allow viewing of full public key from UI.
Tue, Nov 14, 12:16 AM · Infrastructure-Foundations, Bitu

Mon, Nov 13

bd808 added a comment to T351139: ssh key added via Bitu not appearing in LDAP directory replicas used by WMCS.

In case it helps with debugging, the key I am expecting to see is ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2CmBUwGc7Npo6HiEzgJemSLEKUndpRlL24I9dtkYrP bd808+wmcs@wmf-bd808-mbp02.local.

Mon, Nov 13, 11:49 PM · Patch-For-Review, Infrastructure-Foundations, Bitu
bd808 created T351139: ssh key added via Bitu not appearing in LDAP directory replicas used by WMCS.
Mon, Nov 13, 11:47 PM · Patch-For-Review, Infrastructure-Foundations, Bitu
bd808 created T351137: Pages should have a footer providing common links.
Mon, Nov 13, 11:17 PM · Infrastructure-Foundations, Bitu
bd808 created T351136: Page title should vary by page.
Mon, Nov 13, 11:13 PM · Infrastructure-Foundations, Bitu
bd808 created T351135: MIssing UI to change Developer account password.
Mon, Nov 13, 11:10 PM · Infrastructure-Foundations, Bitu
bd808 created T351134: UI never shows shell account name.
Mon, Nov 13, 11:04 PM · Bitu, Infrastructure-Foundations
bd808 changed the subtype of T350126: IDM signup page doesn't link to any privacy policy documentation from "Task" to "Bug Report".
Mon, Nov 13, 9:29 PM · Privacy, Infrastructure-Foundations, Bitu
bd808 changed the subtype of T351122: Signup form username and shell name should have AJAX validation to highlight duplicate names before form submission from "Task" to "Feature Request".
Mon, Nov 13, 9:28 PM · Infrastructure-Foundations, Bitu
bd808 created T351122: Signup form username and shell name should have AJAX validation to highlight duplicate names before form submission.
Mon, Nov 13, 9:28 PM · Infrastructure-Foundations, Bitu
bd808 updated the task description for T335478: Automatic detection of inactive LDAP account.
Mon, Nov 13, 9:17 PM · Bitu, Infrastructure-Foundations, SRE
bd808 added a member for acl*userdisable: Ijon.
Mon, Nov 13, 4:35 PM
bd808 added a member for acl*userdisable: Asaf.
Mon, Nov 13, 4:34 PM

Fri, Nov 10

Aklapper awarded T340675: Stashbot should post multiple Phabricator links from a single IRC message in the order they were mentioned in the message a Like token.
Fri, Nov 10, 9:32 AM · User-bd808, Stashbot
bd808 committed rLTST5c3e0a83fa1a: dev: Bump ib3 dependency to 0.3.0 (authored by bd808).
dev: Bump ib3 dependency to 0.3.0
Fri, Nov 10, 4:58 AM
bd808 committed rLTST2e97848f428c: Remove Twitter support (authored by bd808).
Remove Twitter support
Fri, Nov 10, 4:58 AM
bd808 committed R2371:774682b20399: UI: link to audit log wiki page from footer (authored by bd808).
UI: link to audit log wiki page from footer
Fri, Nov 10, 4:39 AM
bd808 committed R2371:7cf2ce93f4fe: log_on_wiki: scan for h3 rather than h2 (authored by bd808).
log_on_wiki: scan for h3 rather than h2
Fri, Nov 10, 4:39 AM
bd808 closed T343157: Remove Twitter support as Resolved.
Fri, Nov 10, 1:14 AM · User-bd808, Stashbot
bd808 closed T340675: Stashbot should post multiple Phabricator links from a single IRC message in the order they were mentioned in the message as Resolved.
[01:08]  <    bd808> I have been working on T339147 which then turned into working on T339307 and that may actually end with a partial solution for T195060
[01:08]  < stashbot> T339147: Release post-1.0.0 version - https://phabricator.wikimedia.org/T339147
[01:08]  < stashbot> T339307: Update commit-message-validator to work nicely with GitLab repos - https://phabricator.wikimedia.org/T339307
[01:08]  < stashbot> T195060: Make rules and MessageValidator configurable - https://phabricator.wikimedia.org/T195060
Fri, Nov 10, 1:11 AM · User-bd808, Stashbot
bd808 changed the status of T343157: Remove Twitter support from Open to In Progress.
Fri, Nov 10, 1:01 AM · User-bd808, Stashbot
bd808 committed rLTST0fc09b44cafd: Remove extra deduplication from bot.do_phabecho (authored by bd808).
Remove extra deduplication from bot.do_phabecho
Fri, Nov 10, 12:38 AM

Thu, Nov 9

bd808 closed T350891: log_on_wiki assumes h2 headings but also generates h3 headings as Resolved.
Thu, Nov 9, 11:28 PM · User-bd808, Tool-phab-ban
bd808 closed T350890: Link to audit log wiki page from UI as Resolved.
Thu, Nov 9, 11:10 PM · User-bd808, Tool-phab-ban
bd808 changed the status of T350890: Link to audit log wiki page from UI from Open to In Progress.
Thu, Nov 9, 11:02 PM · User-bd808, Tool-phab-ban