mmodell (Mukunda Modell)Administrator
Release Engineer, Phabricator Admin

Projects (31)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 9:45 AM (199 w, 3 d)
Roles
Administrator
Availability
Available
IRC Nick
twentyafterfour
LDAP User
20after4
MediaWiki User
MModell (WMF) [ Global Accounts ]

I am a Release Engineer on the Wikimedia Release-Engineering-Team.


Current projects: Phabricator, Release-Engineering-Team (Long-Lived-Branches) and Scap


Besides working on Deployments, I am responsible for Phabricator maintenance & operations. I also help out with other phabricator-related tasks as a member of Project-Admins and Repository-Admins.

Disclaimer: I work for or provide services to the Wikimedia Foundation. However, the Foundation does not vet all my activity, so edits, statements, or other contributions made by this account may not reflect the views of the Foundation.`

Recent Activity

Thu, Jul 12

mmodell added a comment to T198823: Enable 2FA on wmfphab github account.

I created an access token and replaced the stored password with the access token.

Thu, Jul 12, 10:10 PM · Release-Engineering-Team, Phabricator
mmodell added a comment to T198823: Enable 2FA on wmfphab github account.

The password hasn't changed.

Thu, Jul 12, 9:14 PM · Release-Engineering-Team, Phabricator
mmodell closed T198823: Enable 2FA on wmfphab github account as Resolved.

I've added 2factor to wmfphab on github

Thu, Jul 12, 4:00 PM · Release-Engineering-Team, Phabricator
mmodell closed T198823: Enable 2FA on wmfphab github account, a subtask of T198810: Enforce 2FA for GitHub members, as Resolved.
Thu, Jul 12, 4:00 PM · Release-Engineering-Team (Watching / External), Security-Team, GitHub-Mirrors
mmodell added a comment to T116515: Enable embedding of media from Wikimedia Commons.

maybe we need to adjust content security policy?

Thu, Jul 12, 11:28 AM · RelEng-Archive-FY201718-Q1, Phabricator (2017-06-01)
mmodell added a comment to T198974: Rate-limit is too harsh and affects human users.

Note that the rate limiting is disabled only temporarily. We need to remove the config from puppet to make it permanent.

Thu, Jul 12, 12:16 AM · Patch-For-Review, Phabricator

Wed, Jul 11

mmodell committed rPHTR378bf3552ee7: generated new translation classes from translatewiki data. (authored by mmodell).
generated new translation classes from translatewiki data.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXbbd8f8f2b8ef: Moved README content (authored by mmodell).
Moved README content
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX25c3f70dca55: remove SecurityPolicyListener (authored by mmodell).
remove SecurityPolicyListener
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX2b3ca49ad54f: Moved all contents to rPHEX (authored by mmodell).
Moved all contents to rPHEX
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXc9b7c132a592: Add a button to maniphest tasks to escalate security issues which need to be… (authored by mmodell).
Add a button to maniphest tasks to escalate security issues which need to be…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX664dfb6208d4: Fix ops security policy for access review tasks (authored by Krenair).
Fix ops security policy for access review tasks
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX728d5a43f5bf: Fix SecurityPolicyEnforcerAction to work with upstream changes. (authored by mmodell).
Fix SecurityPolicyEnforcerAction to work with upstream changes.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX3e5000e1a5fe: Merge remote-tracking branch 'origin/master' into production (authored by mmodell).
Merge remote-tracking branch 'origin/master' into production
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX0959a1204103: Replace WMFSubscribersPolicyRule with builtin (authored by mmodell).
Replace WMFSubscribersPolicyRule with builtin
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX563004b3d084: Adjust method signatures for upstream changes. (authored by mmodell).
Adjust method signatures for upstream changes.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXf161073b2433: Add back WMFSubscribersPolicyRule.php (authored by mmodell).
Add back WMFSubscribersPolicyRule.php
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX21b11bc9873b: Fix security policy when changing security to "sensitive" (authored by mmodell).
Fix security policy when changing security to "sensitive"
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXdb399b3720bc: Fix the author username and the project names for ops-access-requests (authored by mmodell).
Fix the author username and the project names for ops-access-requests
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX172605e25e05: * herald should ignore access-request tasks (authored by mmodell).
* herald should ignore access-request tasks
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXb0ee884eb968: Refactored security extension to support upstream changes (based on… (authored by mmodell).
Refactored security extension to support upstream changes (based on…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXb58375b7920d: Fix fallout from upstream changes. "Ops-Access-Requests" subtask creation is… (authored by mmodell).
Fix fallout from upstream changes. "Ops-Access-Requests" subtask creation is…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXe23980c4170c: argh! reset the projects and security field values to override the saved values… (authored by mmodell).
argh! reset the projects and security field values to override the saved values…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX7abdf3e592bb: don't 'return' when security field is 'default' unless is_new is true (authored by mmodell).
don't 'return' when security field is 'default' unless is_new is true
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXf21b6260bf43: force the security policy on the transition to 'security-bug' from any other… (authored by mmodell).
force the security policy on the transition to 'security-bug' from any other…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX9acb9c308781: Phabricator Security Extension is moving to it's own repo. (authored by mmodell).
Phabricator Security Extension is moving to it's own repo.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX87ef3fe64e84: fixed the library name to match the repo name fixed .gitreview to point to the… (authored by mmodell).
fixed the library name to match the repo name fixed .gitreview to point to the…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX396f6377897c: use src/ for the libphutil library root (authored by mmodell).
use src/ for the libphutil library root
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX3af6566a8b2d: check for empty $values array to avoid potentially huge select from… (authored by mmodell).
check for empty $values array to avoid potentially huge select from…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX120aab85a7f8: Huge refactor of security policy enforcer stuff. (authored by mmodell).
Huge refactor of security policy enforcer stuff.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX4cd39e282d11: Policy Enforcer should not remove user-submitted projects (authored by mmodell).
Policy Enforcer should not remove user-submitted projects
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX321bc113d2e3: Create a custom security policy for each "secure" task so that the task author… (authored by mmodell).
Create a custom security policy for each "secure" task so that the task author…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX0a8456b10481: Don't strip projects from newly created tasks (authored by mmodell).
Don't strip projects from newly created tasks
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX822ae1825b3f: Fix bugs we missed in the last commit. (authored by mmodell).
Fix bugs we missed in the last commit.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX276dbdb0ed5a: MediaWikiUserpageCustomField: fix broken urlencoding in userpage links. (authored by mmodell).
MediaWikiUserpageCustomField: fix broken urlencoding in userpage links.
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXcd6d10e73cee: WIP: initial SecurityPolicyEnforcerAction (authored by cpettet <rush@wikimedia.org>).
WIP: initial SecurityPolicyEnforcerAction
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX7fe472f58bd2: initial commit (authored by mmodell).
initial commit
Wed, Jul 11, 11:58 PM
mmodell committed rPHEX89345edb75a4: CustomField extension that adds a "MediaWiki Userpage" link on phabricator user… (authored by mmodell).
CustomField extension that adds a "MediaWiki Userpage" link on phabricator user…
Wed, Jul 11, 11:58 PM
mmodell committed rPHEXe91a643c9b96: gitreview (authored by cpettet <rush@wikimedia.org>).
gitreview
Wed, Jul 11, 11:58 PM
mmodell committed rPHDEPcb7fb85bf367: submodule updates (authored by mmodell).
submodule updates
Wed, Jul 11, 11:58 PM
mmodell committed rPHDEPa40ca83e4fde: process translations (authored by mmodell).
process translations
Wed, Jul 11, 11:58 PM
mmodell created Phabricator (2018-07-11).
Wed, Jul 11, 11:56 PM
mmodell added a comment to T198974: Rate-limit is too harsh and affects human users.

I've disabled the rate limit because even after merging 7562c262da5699d61634ffb8e4ea3aab54a0048d we still saw regular users hitting the limit. I think the rate limiting code is buggy or somehow not working as intended.

Wed, Jul 11, 10:13 PM · Patch-For-Review, Phabricator
mmodell changed the edit policy for Phabricator.
Wed, Jul 11, 10:05 PM
mmodell committed rPHUTIL8f712c902e71: More verbose logging (authored by mmodell).
More verbose logging
Wed, Jul 11, 8:09 PM
mmodell added a comment to T198915: wikibugs hits Phabricator's rate limiting and hence is unreliable.

Why are read-only requests being rate limited? That doesn't really make sense. Only write requests should be rate limited...

Wed, Jul 11, 8:01 PM · Patch-For-Review, Phabricator, Wikibugs
mmodell added a comment to T198974: Rate-limit is too harsh and affects human users.

I submitted a patch to raise the limits. I just need someone from sre to merge.

Wed, Jul 11, 6:51 PM · Patch-For-Review, Phabricator

Tue, Jul 10

mmodell added a comment to T199122: Creating subtasks sets more restrictive edit permissions than parent task: Others cannot edit such subtasks anymore.

I changed the default edit policy here.

Tue, Jul 10, 7:31 PM · Regression, Phabricator
mmodell added a comment to T93499: Add support for task types.

@atgo: I'm actually not sure why the aren't logged. I'll see what I can do.

Tue, Jul 10, 7:28 PM · Phabricator
mmodell added a comment to T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database).

Somehow a custom filter was applied but it didn't exist in the database, causing a 404. I'm going to look into changing the behavior when the filter cannot be found. A 404 isn't very helpful.

Tue, Jul 10, 7:27 PM · User-Ryasmeen, VisualEditor, Phabricator
mmodell closed T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database) as Resolved.
Tue, Jul 10, 7:26 PM · User-Ryasmeen, VisualEditor, Phabricator
mmodell accepted D1079: Refactor canary_checks method.

Looks good to me.

Tue, Jul 10, 6:32 PM · Release-Engineering-Team
mmodell added a comment to T199122: Creating subtasks sets more restrictive edit permissions than parent task: Others cannot edit such subtasks anymore.

Why would "Task author, administrators, WMF-NDA" deny the author?

Tue, Jul 10, 8:06 AM · Regression, Phabricator
mmodell committed rPHEX5d98d7412d0d: Get rid of hard-coded testing url (authored by mmodell).
Get rid of hard-coded testing url
Tue, Jul 10, 7:36 AM
mmodell added a task to rPHEX03173dd00974: Provide a link to Special:CentralAuth/$user for easy evaluation: Unknown Object (Task).
Tue, Jul 10, 6:50 AM
mmodell committed rPHEX03173dd00974: Provide a link to Special:CentralAuth/$user for easy evaluation (authored by mmodell).
Provide a link to Special:CentralAuth/$user for easy evaluation
Tue, Jul 10, 6:50 AM

Fri, Jul 6

mmodell accepted D1076: Remove double ADD from sql query.
Fri, Jul 6, 1:36 AM
mmodell awarded T198831: Trusted contributors cannot escalate tasks as security issues a Barnstar token.
Fri, Jul 6, 1:34 AM · User-MarcoAurelio, Security, Phabricator
mmodell closed T198612: Exclude WMDE/WMF IP from rate limiting / throttling as Resolved.

rPHAB49ad8413aec8: Whitelist WMF and WMDE office IPs from rate limiting

Fri, Jul 6, 12:49 AM · Patch-For-Review, Phabricator
mmodell added a commit to T198612: Exclude WMDE/WMF IP from rate limiting / throttling: rPHAB49ad8413aec8: Whitelist WMF and WMDE office IPs from rate limiting.
Fri, Jul 6, 12:43 AM · Patch-For-Review, Phabricator
mmodell lowered the priority of T198915: wikibugs hits Phabricator's rate limiting and hence is unreliable from Unbreak Now! to Normal.

Indeed, I don't think we can whitelist labs IPs. The best we can do is somehow whitelist the API key that wikibugs uses. That's tricky to do, however, without revealing the api key publicly.

Fri, Jul 6, 12:42 AM · Patch-For-Review, Phabricator, Wikibugs

Thu, Jul 5

mmodell added a comment to T198589: Replace project names by PHIDs in our Phab extensions.

The problem with using PHIDs is that it makes testing difficult - on my test instance the PHIDs differ from production. I suppose I could fix it manually in the database though.

Thu, Jul 5, 11:04 PM · Phabricator
mmodell awarded T198589: Replace project names by PHIDs in our Phab extensions a Love token.
Thu, Jul 5, 11:02 PM · Phabricator
mmodell added a comment to T198838: Turn off 'blame' by default on Diffusion.

I'm not sure why this is happening.

Thu, Jul 5, 10:52 PM · Phabricator (Upstream), Upstream, Diffusion
mmodell claimed T181393: Make sure elasticsearch 6 is supported in phabricator.
Thu, Jul 5, 10:50 PM · Release-Engineering-Team (Kanban), Phabricator
mmodell added a comment to T198614: Whitelist the Trusted-Contributors group from rate limit.

This isn't technically feasible. The rate limit is based on IP and the throttle doesn't necessarily know which user is associated with an IP.

Thu, Jul 5, 10:41 PM · Trusted-Contributors, Phabricator
mmodell committed rPHEX9ac7eb2ccef0: Update project names after some renames (authored by mmodell).
Update project names after some renames
Thu, Jul 5, 10:13 PM
mmodell closed D1075: Update project names after some renames.
Thu, Jul 5, 10:13 PM · Wikimedia-Phabricator-Extensions
mmodell added inline comments to D1075: Update project names after some renames.
Thu, Jul 5, 5:33 PM · Wikimedia-Phabricator-Extensions
mmodell accepted D1075: Update project names after some renames.
Thu, Jul 5, 5:20 PM · Wikimedia-Phabricator-Extensions

Tue, Jul 3

mmodell accepted D1077: Support utf-8 for config templates.
Tue, Jul 3, 8:12 PM · Release-Engineering-Team
Jan_Dittrich awarded T198624: Give Addshore the ability to block users on phabricator a Love token.
Tue, Jul 3, 6:49 AM · Phabricator

Mon, Jul 2

mmodell closed T198624: Give Addshore the ability to block users on phabricator, a subtask of T198578: Create more Phabricator administrators, as Resolved.
Mon, Jul 2, 3:43 PM · Phabricator
mmodell closed T198624: Give Addshore the ability to block users on phabricator as Resolved.
Mon, Jul 2, 3:43 PM · Phabricator
mmodell added a comment to T198624: Give Addshore the ability to block users on phabricator.

@Addshore: https://tools.wmflabs.org/phab-ban/

Mon, Jul 2, 3:43 PM · Phabricator
mmodell added a member for acl*userdisable: Addshore.
Mon, Jul 2, 3:42 PM
Ciencia_Al_Poder awarded T145832: Create Trusted Contributors project? a Like token.
Mon, Jul 2, 12:39 PM · Release-Engineering-Team (Next), Project-Admins
mmodell added a member for acl*userdisable: MarcoAurelio.
Mon, Jul 2, 9:18 AM
mmodell added a task to rPHEXf951c8bfa70a: Lock down the 'lock as security issue' feature: Unknown Object (Task).
Mon, Jul 2, 12:40 AM
mmodell added a task to rPHEX26ee84549bf6: Veto oauth logins for accounts with less than 10 edits.: Unknown Object (Task).
Mon, Jul 2, 12:39 AM
mmodell committed rPHEX6ad714f4e46a: Custom herald action that sets task subtype (authored by mmodell).
Custom herald action that sets task subtype
Mon, Jul 2, 12:34 AM
mmodell committed rPHEX26ee84549bf6: Veto oauth logins for accounts with less than 10 edits. (authored by mmodell).
Veto oauth logins for accounts with less than 10 edits.
Mon, Jul 2, 12:34 AM
mmodell closed D1074: Custom herald action that sets task subtype.
Mon, Jul 2, 12:34 AM

Sun, Jul 1

mmodell added a comment to T198422: Running scap sync-dir php-1.32.0-wmf.10 fails due to syntax error.

scap lints every single file regardless of whether it would ever be executed by unit tests. I don't think CI is quite as strict with the way things are linted?

Sun, Jul 1, 6:38 AM · Performance-Team (Radar), Release-Engineering-Team, MediaWiki-Maintenance-scripts, Deployments
mmodell changed the "Default Edit Policy" policy for application Maniphest from "Members of Project: Trusted-Contributors" to "Custom Policy".
Sun, Jul 1, 6:23 AM
mmodell changed the "Default Edit Policy" policy for application Maniphest from "All Users" to "Members of Project: Trusted-Contributors".
Sun, Jul 1, 6:17 AM
Tumzaaaa24 awarded U6 Mediawiki Train Deployment Blockers a Burninate token.
Sun, Jul 1, 5:24 AM · Release, Release-Engineering-Team

Sat, Jun 30

mmodell awarded Blog Post: 2017 Toolforge survey results a Barnstar token.
Sat, Jun 30, 2:35 PM · Toolforge
mmodell added a comment to T93499: Add support for task types.

D1074 will add the ability to set task types from herald rules.

Sat, Jun 30, 12:06 PM · Phabricator
mmodell claimed T93499: Add support for task types.
Sat, Jun 30, 12:05 PM · Phabricator
mmodell added a comment to T193770: The Edit Task form of an existing task should expose the 'Due Date' field.

It's just another field on the already long list of fields to fill out when creating a task.

Sat, Jun 30, 12:02 PM · Phabricator
mmodell updated the diff for D1074: Custom herald action that sets task subtype.

better...

Sat, Jun 30, 11:57 AM
mmodell requested review of D1074: Custom herald action that sets task subtype.
Sat, Jun 30, 11:41 AM

Thu, Jun 28

mmodell added a comment to T198411: Cannot change tags of tasks that are "Release" tasks.

@daniel: can you try again and see if it works better now? I changed the configuration on the "edit release" form.

Thu, Jun 28, 6:49 PM · Phabricator
mmodell added a comment to T182085: Connect Phabricator to swift for storage of git-lfs and file uploads..
  • Currently all file uploads get stored in mysql database tables, not locally on the phab host. There shouldn't be a significant amount of traffic to the phabricator file store - it's mostly used for screenshots and whatnot.
  • Replication across datacenters would indeed be a good thing. We aren't quite multi-datacenter with phabricator yet but that is a goal for the near future.
Thu, Jun 28, 12:10 PM · Patch-For-Review, Phabricator, Release-Engineering-Team (Kanban), media-storage
mmodell accepted D1068: Remove some archived extensions.
Thu, Jun 28, 12:03 PM · Wikimedia-Phabricator-Extensions
mmodell committed rPHEX03971ea8965d: Fix PhabricatorDataNotAttachedException (authored by mmodell).
Fix PhabricatorDataNotAttachedException
Thu, Jun 28, 10:43 AM

Wed, Jun 27

mmodell committed rPHDEP54b600c08149: update translations submodule (authored by mmodell).
update translations submodule
Wed, Jun 27, 11:58 PM
mmodell committed rPHDEP3f0535a7b3f9: Bump submodules for release/2018-06-27/1 (authored by mmodell).
Bump submodules for release/2018-06-27/1
Wed, Jun 27, 11:58 PM
mmodell edited Description on Phabricator (2018-06-27).
Wed, Jun 27, 11:49 PM