Page MenuHomePhabricator
People kostajh

kostajh (Kosta Harlan)
Staff Software Engineer, Trust & Safety Engineering

Projects (12)
View All

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Jun 12 2018, 2:22 PM (276 w, 3 h)
Availability
Available
IRC Nick
kostajh
LDAP User
Unknown
MediaWiki User
KHarlan (WMF) [ Global Accounts ]

I'm currently working with Anti-Harassment and Trust and Safety Tools Team Backlog teams and more generally in trust & safety engineering.

Recent Activity
View All

Today

kostajh closed T345649: Trim uach_value before insertion to the database, a subtask of T257893: [EPIC] Support User-Agent Client Hints header in CheckUser, as Resolved.
Tue, Sep 26, 12:59 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh closed T345649: Trim uach_value before insertion to the database as Resolved.
Tue, Sep 26, 12:58 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.26; 2023-09-12), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T342826: If replica is lagged, an attempt is made to insert rows which violate unique index constraint on cu_useragent_clienthints as Resolved.
Tue, Sep 26, 12:56 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.22; 2023-08-15), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T342790: Allow storage of client hints for deleted revisions and revisions with revision deleted performer as Resolved.
Tue, Sep 26, 12:55 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.20; 2023-08-01), CheckUser, Anti-Harassment (AHaT Sprint 32 - Baseball Cap)
kostajh closed T344993: PHP Warning: implode(): Invalid arguments passed as Resolved.
Tue, Sep 26, 12:55 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh added a subtask for T257893: [EPIC] Support User-Agent Client Hints header in CheckUser: T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data.
Tue, Sep 26, 12:55 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh removed a subtask for T341110: Deploy client hints functionality: T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data.
Tue, Sep 26, 12:54 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), Anti-Harassment, CheckUser, Google-Chrome-User-Agent-Deprecation
kostajh edited parent tasks for T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data, added: T257893: [EPIC] Support User-Agent Client Hints header in CheckUser; removed: T341110: Deploy client hints functionality.
Tue, Sep 26, 12:54 PM · http-client-hints (Release 1 (all production wikis)), CheckUser, Anti-Harassment
kostajh closed T344797: Decrease CheckUserClientHintsRestApiMaxTimeLag config on production wikis, a subtask of T341110: Deploy client hints functionality, as Declined.
Tue, Sep 26, 12:54 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), Anti-Harassment, CheckUser, Google-Chrome-User-Agent-Deprecation
kostajh closed T344797: Decrease CheckUserClientHintsRestApiMaxTimeLag config on production wikis as Declined.
Tue, Sep 26, 12:54 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment, CheckUser
kostajh added a comment to T340995: Display client hint data in Special:Investigate.
In T340995#9198712, @kostajh wrote:

I propose this task as a candidate to keep in the backlog. If we want to show it in Special:Investigate, we should first gather some data on Special:Investigate usage (compared to Special:CheckUser) to justify the development time. We could also ask (cc @KColeman-WMF) CheckUser users if this is more important than other tasks in the backlog.

Tue, Sep 26, 12:53 PM · Anti-Harassment, http-client-hints, CheckUser
kostajh added a comment to T340992: Return client hint data in CheckUser API results.

@Dreamy_Jazz and I reviewed existing API usage, and as it is very low, we are going to put this into someday/maybe.

Tue, Sep 26, 12:51 PM · http-client-hints, CheckUser
kostajh closed T344901: TypeError: Argument 1 passed to MediaWiki\CheckUser\ClientHints\ClientHintsData::newFromJsApi() must be of the type array, null given, a subtask of T257893: [EPIC] Support User-Agent Client Hints header in CheckUser, as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh closed T344901: TypeError: Argument 1 passed to MediaWiki\CheckUser\ClientHints\ClientHintsData::newFromJsApi() must be of the type array, null given as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), Wikimedia-production-error, CheckUser
kostajh closed T344873: [{reqId}] {exception_url} UnexpectedValueException: Wikimedia\Rdbms\InsertQueryBuilder::execute can't have empty $rows value, a subtask of T257893: [EPIC] Support User-Agent Client Hints header in CheckUser, as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh closed T344873: [{reqId}] {exception_url} UnexpectedValueException: Wikimedia\Rdbms\InsertQueryBuilder::execute can't have empty $rows value as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser, Wikimedia-production-error
kostajh closed T344787: [{reqId}] {exception_url} Wikimedia\Rdbms\DBQueryError: Error 1062: Duplicate entry 'X-X-X' for key 'PRIMARY' Function: MediaWiki\CheckUser\Services\UserAgentClientHintsManager::insertMappingRows, a subtask of T257893: [EPIC] Support User-Agent Client Hints header in CheckUser, as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh closed T344787: [{reqId}] {exception_url} Wikimedia\Rdbms\DBQueryError: Error 1062: Duplicate entry 'X-X-X' for key 'PRIMARY' Function: MediaWiki\CheckUser\Services\UserAgentClientHintsManager::insertMappingRows as Resolved.
Tue, Sep 26, 12:48 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser, Wikimedia-production-error
kostajh assigned T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data to KColeman-WMF.
Tue, Sep 26, 12:45 PM · http-client-hints (Release 1 (all production wikis)), CheckUser, Anti-Harassment
kostajh added a comment to T344797: Decrease CheckUserClientHintsRestApiMaxTimeLag config on production wikis.

@Dreamy_Jazz anything else we want to do for this task? I think the existing config and limits look OK.

Tue, Sep 26, 12:45 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment, CheckUser
kostajh closed T344679: CheckUser Client Hints ResourceLoader module causing cache polution, a subtask of T257893: [EPIC] Support User-Agent Client Hints header in CheckUser, as Resolved.
Tue, Sep 26, 12:44 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh closed T344679: CheckUser Client Hints ResourceLoader module causing cache polution, a subtask of T341110: Deploy client hints functionality, as Resolved.
Tue, Sep 26, 12:44 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), Anti-Harassment, CheckUser, Google-Chrome-User-Agent-Deprecation
kostajh closed T344679: CheckUser Client Hints ResourceLoader module causing cache polution as Resolved.
Tue, Sep 26, 12:43 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh edited Description on http-client-hints (Release 0 (Pilot wikis)).
Tue, Sep 26, 12:41 PM
kostajh closed T342371: Create a maintenance script used only for testing to insert a large volume of testing actions to CheckUser, a subtask of T324907: Create separate tables for log events in CheckUser, as Resolved.
Tue, Sep 26, 12:39 PM · MW-1.41-notes (1.41.0-wmf.9; 2023-05-15), MW-1.40-notes (1.40.0-wmf.22; 2023-02-06), Patch-For-Review, Anti-Harassment, Schema-change, CheckUser
kostajh closed T342371: Create a maintenance script used only for testing to insert a large volume of testing actions to CheckUser as Resolved.
Tue, Sep 26, 12:39 PM · MW-1.41-notes (1.41.0-wmf.26; 2023-09-12), Patch-For-Review, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh added a project to T341094: Create client hint mapping rows for CheckUser-worthy events: Epic.
Tue, Sep 26, 12:38 PM · Epic, http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh added a comment to T341827: Add read new support to the CheckUser API.

@Dreamy_Jazz this task can be declined, AIUI, because we are not using CheckUserUnionSelectQueryBuilder

Tue, Sep 26, 12:37 PM · Anti-Harassment, CheckUser
kostajh added a comment to T340992: Return client hint data in CheckUser API results.

My vote is to put this into the Someday / Maybe column.

Tue, Sep 26, 12:36 PM · http-client-hints, CheckUser
kostajh updated the task description for T340992: Return client hint data in CheckUser API results.
Tue, Sep 26, 12:35 PM · http-client-hints, CheckUser
kostajh added a comment to T327447: FYI: Other changes to the CheckUser tables.

@Milimetric can we close this task?

Tue, Sep 26, 12:35 PM · Data-Engineering
kostajh closed T340996: Implement system to convert client hint data to a string representation as Resolved.

Closing in favor of QA on T340991 and T340993

Tue, Sep 26, 12:33 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T340996: Implement system to convert client hint data to a string representation, a subtask of T337942: Display client hint data, as Resolved.
Tue, Sep 26, 12:33 PM · http-client-hints (Release 0 (Pilot wikis)), Design, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T340996: Implement system to convert client hint data to a string representation, a subtask of T340991: Display client hint data in Special:CheckUser's 'Get users' mode, as Resolved.
Tue, Sep 26, 12:33 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T340996: Implement system to convert client hint data to a string representation, a subtask of T340993: Display client hint data in Special:CheckUser's 'Get edits' mode result lines, as Resolved.
Tue, Sep 26, 12:33 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.28; 2023-09-26), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T341932: Create service to return Client Hints data from the database, a subtask of T337942: Display client hint data, as Resolved.
Tue, Sep 26, 12:32 PM · http-client-hints (Release 0 (Pilot wikis)), Design, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T341932: Create service to return Client Hints data from the database, a subtask of T340996: Implement system to convert client hint data to a string representation, as Resolved.
Tue, Sep 26, 12:32 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T341932: Create service to return Client Hints data from the database as Resolved.
Tue, Sep 26, 12:32 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh added a comment to T340995: Display client hint data in Special:Investigate.
In T340995#9198712, @kostajh wrote:

I propose this task as a candidate to keep in the backlog. If we want to show it in Special:Investigate, we should first gather some data on Special:Investigate usage (compared to Special:CheckUser) to justify the development time. We could also ask (cc @KColeman-WMF) CheckUser users if this is more important than other tasks in the backlog.

Tue, Sep 26, 12:31 PM · Anti-Harassment, http-client-hints, CheckUser
kostajh removed a subtask for T337942: Display client hint data: T340995: Display client hint data in Special:Investigate.
Tue, Sep 26, 12:31 PM · http-client-hints (Release 0 (Pilot wikis)), Design, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh removed a parent task for T340995: Display client hint data in Special:Investigate: T337942: Display client hint data.
Tue, Sep 26, 12:31 PM · Anti-Harassment, http-client-hints, CheckUser
kostajh closed T344800: Analyse Client Hints data collected on WMF wikis to determine entropy, a subtask of T337942: Display client hint data, as Resolved.
Tue, Sep 26, 12:30 PM · http-client-hints (Release 0 (Pilot wikis)), Design, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T344800: Analyse Client Hints data collected on WMF wikis to determine entropy as Resolved.
Tue, Sep 26, 12:30 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T344797: Decrease CheckUserClientHintsRestApiMaxTimeLag config on production wikis from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 12:14 PM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment, CheckUser
kostajh moved T344984: Wikibase: Fire postEdit hook after making an edit from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 12:14 PM · Wikidata, http-client-hints, MediaWiki-extensions-WikibaseClient
kostajh moved T344828: Send Client Hints headers on 304 response for action=history view. from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 12:14 PM · Anti-Harassment, Patch-For-Review, CheckUser, http-client-hints
kostajh moved T344679: CheckUser Client Hints ResourceLoader module causing cache polution from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 12:14 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh closed T343739: Ensure consistent test coverage across Client Hints code as Resolved.
Tue, Sep 26, 12:14 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.22; 2023-08-15), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T344826: Add ClientHints header to action=history views when using cached response via HtmlFileCache from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 12:14 PM · Anti-Harassment, Patch-For-Review, CheckUser, http-client-hints
kostajh moved T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data from Release 0 (Pilot wikis) to Release 1 (all production wikis) on the http-client-hints board.
Tue, Sep 26, 12:13 PM · http-client-hints (Release 1 (all production wikis)), CheckUser, Anti-Harassment
kostajh moved T342044: Survey CUs on stage 2 deployment wikis for thoughts on display of client hints data from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 12:13 PM · http-client-hints (Release 1 (all production wikis)), CheckUser, Anti-Harassment
kostajh moved T341110: Deploy client hints functionality from Backlog to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 12:13 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), Anti-Harassment, CheckUser, Google-Chrome-User-Agent-Deprecation
kostajh moved T341094: Create client hint mapping rows for CheckUser-worthy events from Backlog to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 12:13 PM · Epic, http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh moved T340995: Display client hint data in Special:Investigate from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 12:12 PM · Anti-Harassment, http-client-hints, CheckUser
kostajh moved T340993: Display client hint data in Special:CheckUser's 'Get edits' mode result lines from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 12:12 PM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.28; 2023-09-26), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T257893: [EPIC] Support User-Agent Client Hints header in CheckUser from Backlog to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 12:12 PM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Epic, User-Daniel, Anti-Harassment, Platform Engineering, MediaWiki-General
kostajh moved T345398: Error: exception of type TypeError: MediaWiki\CheckUser\ClientHints\ClientHintsData::__construct() when array passed for non-array Client Hints value from Code Review 🔍 to QA/Testing 🐞 on the Anti-Harassment (AHaT Sprint 32 - Baseball Cap) board.
Tue, Sep 26, 12:04 PM · MW-1.41-notes (1.41.0-wmf.29; 2023-10-03), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), http-client-hints (Release 1 (all production wikis)), CheckUser
kostajh moved T337947: Include User-Agent Client Hints in WebRequest logs from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:42 AM · Google-Chrome-User-Agent-Deprecation, http-client-hints, SRE, Traffic, Anti-Harassment, Data-Engineering
kostajh moved T344923: User can store arbitrary number of rows in cu_useragent_clienthints from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:32 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), SecTeam-Processed, Vuln-DoS, CheckUser, Security, Security-Team
kostajh moved T344873: [{reqId}] {exception_url} UnexpectedValueException: Wikimedia\Rdbms\InsertQueryBuilder::execute can't have empty $rows value from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:32 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser, Wikimedia-production-error
kostajh moved T344901: TypeError: Argument 1 passed to MediaWiki\CheckUser\ClientHints\ClientHintsData::newFromJsApi() must be of the type array, null given from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:32 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), Wikimedia-production-error, CheckUser
kostajh moved T344875: [{reqId}] {exception_url} Wikimedia\Rdbms\DBQueryError: Error 1062: Duplicate entry 'X-X-X' for key 'PRIMARY' Function: MediaWiki\CheckUser\Services\UserAgentClientHintsManager::insertMappingRows Query: INSERT INTO `cu_useragent_clienthints_map where query doesn't include duplicated rows from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:32 AM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment, CheckUser, Wikimedia-production-error
kostajh moved T344979: brands and fullVersionList might get the "brand" and "version" the wrong way round from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:32 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), Patch-For-Review, CheckUser
kostajh moved T344983: Flow: Fire postEdit hook after making an edit from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:31 AM · Growth-Team, http-client-hints, StructuredDiscussions
kostajh moved T344993: PHP Warning: implode(): Invalid arguments passed from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:31 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345024: When a cu_useragent_clienthints row isn't found, attempts are made to insert to cu_useragent_clienhints_map with uachm_uach_id as 0 from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:31 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345076: Consider ways to reduce the row count in cu_useragent_clienthints_map from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:29 AM · Data-Persistence (work done), Anti-Harassment, http-client-hints, CheckUser
kostajh moved T345134: Improve load times for Special:CheckUser's 'Get edits' mode from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:29 AM · Anti-Harassment, Performance Issue, http-client-hints, CheckUser
kostajh moved T345135: Cache calls to Linker::userLink and Linker::userToolLinksRedContribs from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:29 AM · Anti-Harassment, http-client-hints, CheckUser
kostajh moved T345144: If replica is lagged, duplicate entry exception in cu_useragent_clienthints_map from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:22 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345157: Allow storage of client hints for revisions of deleted pages from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:21 AM · http-client-hints, CheckUser, Anti-Harassment
kostajh moved T345165: Move the time limit check before the permissions check from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:21 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.26; 2023-09-12), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), SecTeam-Processed, Vuln-Infoleak, CheckUser, Security
kostajh added a comment to T345189: Multiple attempts to submit data to the Client Hints API with revision ID 0.

The frequency is low enough (45 in last 7 days) that I am not too concerned. What do you think?

Tue, Sep 26, 11:20 AM · Anti-Harassment, CheckUser, http-client-hints, Wikimedia-production-error
kostajh moved T345189: Multiple attempts to submit data to the Client Hints API with revision ID 0 from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:20 AM · Anti-Harassment, CheckUser, http-client-hints, Wikimedia-production-error
kostajh moved T345229: Fire postEdit hook when performing a rollback from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:14 AM · http-client-hints (Release 0 (Pilot wikis)), MediaWiki-Platform-Team (Radar), MediaWiki-General, MW-1.41-notes (1.41.0-wmf.25; 2023-09-05), Patch-For-Review, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), Editing-team
kostajh moved T345398: Error: exception of type TypeError: MediaWiki\CheckUser\ClientHints\ClientHintsData::__construct() when array passed for non-array Client Hints value from Backlog to Release 1 (all production wikis) on the http-client-hints board.
Tue, Sep 26, 11:13 AM · MW-1.41-notes (1.41.0-wmf.29; 2023-10-03), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), http-client-hints (Release 1 (all production wikis)), CheckUser
kostajh moved T345549: i18n: checkuser-api-useragent-clienthints-explanation should be project agnostic from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:13 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.27; 2023-09-19), WikimediaMessages, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser, I18n
kostajh moved T345518: Client Hints API not called on rollback when user has "Show a confirmation prompt when clicking on a rollback link" preference enabled from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:13 AM · http-client-hints (Release 0 (Pilot wikis)), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345591: Stop deletion of rows in the cu_useragent_clienthints table from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:12 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.26; 2023-09-12), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345565: PageTriage should collect client-hints on log action/edit from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:12 AM · http-client-hints, CheckUser, PageTriage
kostajh moved T345817: Store client hint mapping rows for user account creation events from Backlog to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 11:12 AM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh moved T345818: Store client hint mapping rows for login events from Backlog to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 11:12 AM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh moved T345819: Store client hint mapping rows for logout events from Release 1 (all production wikis) to Release 2 (iteration, increase data collection coverage) on the http-client-hints board.
Tue, Sep 26, 11:12 AM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh moved T345819: Store client hint mapping rows for logout events from Backlog to Release 1 (all production wikis) on the http-client-hints board.
Tue, Sep 26, 11:11 AM · http-client-hints (Release 2 (iteration, increase data collection coverage)), CheckUser, Google-Chrome-User-Agent-Deprecation, Anti-Harassment
kostajh moved T345820: Store client hint mapping rows for password reset events from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:10 AM · CheckUser, Google-Chrome-User-Agent-Deprecation, http-client-hints, Anti-Harassment
kostajh moved T345821: Store client hint mapping rows for email user events from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:10 AM · CheckUser, Google-Chrome-User-Agent-Deprecation, http-client-hints, Anti-Harassment
kostajh moved T346227: Allow comparison of Client Hints data displayed in Special:CheckUser 'get edits' and Special:Investigate 'Timeline' mode from Backlog to Someday / Maybe on the http-client-hints board.
Tue, Sep 26, 11:10 AM · Anti-Harassment, http-client-hints, CheckUser
kostajh closed T345837: Create a maintenance script to trim trailing and leading spaces in uach_value as Declined.

Declining this per https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CheckUser/+/955809/25#message-c0074c8d0b92ada57bb444033cc6c0a483e93764.

Tue, Sep 26, 11:09 AM · http-client-hints, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh moved T345837: Create a maintenance script to trim trailing and leading spaces in uach_value from Backlog to Release 0 (Pilot wikis) on the http-client-hints board.
Tue, Sep 26, 11:09 AM · http-client-hints, Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh renamed http-client-hints (Release 2 (iteration, increase data collection coverage)) from Release 2 to Release 2 (iteration, increase data collection coverage).
Tue, Sep 26, 11:08 AM
kostajh renamed http-client-hints (Release 1 (all production wikis)) from Release 1 to Release 1 (all production wikis).
Tue, Sep 26, 11:07 AM
kostajh renamed http-client-hints (Release 0 (Pilot wikis)) from Release 0 to Release 0 (Pilot wikis).
Tue, Sep 26, 11:07 AM
kostajh edited projects for T345649: Trim uach_value before insertion to the database, added: http-client-hints (Release 0 (Pilot wikis)); removed http-client-hints.
Tue, Sep 26, 10:54 AM · http-client-hints (Release 0 (Pilot wikis)), MW-1.41-notes (1.41.0-wmf.26; 2023-09-12), Anti-Harassment (AHaT Sprint 32 - Baseball Cap), CheckUser
kostajh added a project to T274633: Record browser fingerprints instead of pure UA for checkuser : Google-Chrome-User-Agent-Deprecation.
In T274633#9130878, @Soda wrote:
In T274633#9130354, @kostajh wrote:
In T274633#9130270, @Soda wrote:

I would personally (as a user) would be extremely against this being implemented. Wikimedia/Wikipedia should not be a platform that should perform invasive JS based (font-support detection/Web-GL based) fingerprinting on it's users regardless of it's usecase (as opposed to passive fingerprinting via UA hints and basic api support detection which is what is being done/proposed untill now).

@Soda thanks for commenting on this. Would you mind elaborating further about what level of fingerprinting you think would be acceptable, and why? For example, there are fingerprinting techniques that can be done without JavaScript (explainer) that one could also argue are as invasive as JavaScript-based techniques.

I think a good rule of thumb would be to consider any active fingerprinting method to be off-limits. Feature detection would be okay since this information is something that the browser explicitly provides, but actively (ab)using the web-gl API or using font detection techniques (which is one of the techniques that the no-js demo uses) or cache supercookies would be a definite no.

Another more user centric rule of thumb (that will be more difficult to quantify) would be to see how unique the resulting fingerprinting is (calculating the entrophy of a fingerprinting). If we are able to semi-reliably uniquely identify every single person/device in the world, we are clearly crossing some boundaries.

Tue, Sep 26, 10:51 AM · Google-Chrome-User-Agent-Deprecation, CheckUser
kostajh added a comment to T295073: <Org-Wide Impact> Google Chrome User-Agent Deprecation Impact.

I propose to close this and T242825: Deal with Google Chrome User-Agent deprecation. Related tasks can be tracked in Google-Chrome-User-Agent-Deprecation.

Tue, Sep 26, 10:45 AM · Google-Chrome-User-Agent-Deprecation, Foundational Technology Requests
kostajh added a comment to T265057: SPIKE: consider problems to data pipelines as a result of reduced user agent entropy in Google Chrome.

@Milimetric, do we need to keep this task open?

Tue, Sep 26, 10:44 AM · Data-Engineering, Product-Analytics, Anti-Harassment, Privacy Engineering, User-revi, CheckUser
kostajh added a project to T242825: Deal with Google Chrome User-Agent deprecation: Google-Chrome-User-Agent-Deprecation.
Tue, Sep 26, 10:43 AM · Google-Chrome-User-Agent-Deprecation, Epic, Data-Engineering-Icebox, Structured-Data-Backlog, Stewards-and-global-tools, Web-Team-Backlog, Analytics-Radar, Product-Analytics, Anti-Harassment, Privacy Engineering, User-revi, CheckUser
kostajh added a watcher for Google-Chrome-User-Agent-Deprecation: kostajh.
Tue, Sep 26, 10:42 AM
kostajh edited Description on Google-Chrome-User-Agent-Deprecation.
Tue, Sep 26, 10:42 AM
kostajh removed a subtask for T242825: Deal with Google Chrome User-Agent deprecation: T257893: [EPIC] Support User-Agent Client Hints header in CheckUser.
Tue, Sep 26, 10:40 AM · Google-Chrome-User-Agent-Deprecation, Epic, Data-Engineering-Icebox, Structured-Data-Backlog, Stewards-and-global-tools, Web-Team-Backlog, Analytics-Radar, Product-Analytics, Anti-Harassment, Privacy Engineering, User-revi, CheckUser
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL