tstarling (Tim Starling)Administrator
User

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Sunday

  • Clear sailing ahead.

User Details

User Since
Oct 15 2014, 8:27 PM (192 w, 2 d)
Roles
Administrator
Availability
Available
LDAP User
Tim Starling
MediaWiki User
Tim Starling (WMF)

Recent Activity

Wed, Jun 20

tstarling added a comment to T176916: Find PHP7 alternative for HHVM's Xenon.

Handling signals may be a bit tricky in general cases (since PHP can mess with signals too and some parts of the engine may disable signals) but I think in our case for our code it should be ok. Not sure whether signals interrupting syscalls is a problem...

Wed, Jun 20, 9:22 PM · Patch-For-Review, PHP 7.0 support, Performance-Team, MediaWiki-Platform-Team
tstarling updated subscribers of T176916: Find PHP7 alternative for HHVM's Xenon.

@Smalyshev do you have any thoughts on the idea of reading EG(current_execute_data) from a signal handler as a profiling method?

Wed, Jun 20, 12:20 PM · Patch-For-Review, PHP 7.0 support, Performance-Team, MediaWiki-Platform-Team
tstarling added a comment to T176916: Find PHP7 alternative for HHVM's Xenon.
$ sudo gdb -batch -nx -x php-gdb-init -ex 'zbacktrace' -p $PID_OF_PHP
Wed, Jun 20, 2:19 AM · Patch-For-Review, PHP 7.0 support, Performance-Team, MediaWiki-Platform-Team

Tue, Jun 19

tstarling added a comment to T187147: Do we need mediawiki/php/wmerrors for PHP7.

The reason wmerrors is long and complicated is because PHP handled request timeout errors by trying to write out the error message from a signal handler. This was extremely unsafe and frequently crashed or deadlocked. In PHP 7.1, this issue was fixed: it now only calls signal-safe functions from the signal handler, setting a flag in the VM for graceful exit and setting a second "hard" timeout to abort the process if the VM doesn't terminate quickly enough.

Tue, Jun 19, 6:36 AM · Performance-Team (Radar), MediaWiki-Platform-Team, PHP 7.0 support

Mon, Jun 18

tstarling updated subscribers of T197550: Remove approval requirement for new accounts, or patch everything in Phabricator to allow unapproved users to be treated as logged out for permissions purposes.

@mmodell enabled auth.require-approval two days ago, presumably due to T162026, which is a general task discussing phabricator vandalism, which was escalated to UBN three days ago due to a vandalism spree.

Mon, Jun 18, 4:49 AM · Phabricator

Thu, Jun 14

tstarling added a project to T133452: Create temporary accounts for anonymous editors: MediaWiki-Platform-Team.

Claiming this for MWPT at least for some infrastructure work.

Thu, Jun 14, 5:32 AM · MediaWiki-Platform-Team, User-Tgr, WMF-Legal, Privacy, MediaWiki-Authentication-and-authorization
tstarling added a comment to T172477: Attribute anonymous contributions to the first IP address used in a session.

T133452 can probably be the other task.

Thu, Jun 14, 5:23 AM · TechCom-RFC, MediaWiki-User-management
tstarling lowered the priority of T172477: Attribute anonymous contributions to the first IP address used in a session from Normal to Lowest.

For privacy reasons, there is substantial interest within the WMF for attributing anonymous edits to a session identifier, not to an IP address. I'm going to write up a separate task for that. This task as described, with attribution to the first IP address of the session, probably won't happen, at least not on WMF wikis.

Thu, Jun 14, 5:18 AM · TechCom-RFC, MediaWiki-User-management

Tue, Jun 12

tstarling added a comment to T165540: Add CODE_OF_CONDUCT.md to Wikimedia repositories.

The GitHub API apparently works just as well without the extension:

Tue, Jun 12, 11:38 AM · User-Tgr, MW-1.30-release-notes (WMF-deploy-2017-06-13_(1.30.0-wmf.5)), Patch-For-Review, Repository-Admins, Gerrit, GitHub-Mirrors, Developer-Relations
tstarling added a comment to T95799: wfWaitForSlaves in JobRunner can massively slow down run rate if just a single slave is lagged.

I don't understand how we can implement the task as described. It's intentional that write-heavy maintenance scripts go at the speed of the slowest slave. If you only wait for a majority then you could have 50% of slaves permanently lagged, potentially by days or weeks.

Tue, Jun 12, 4:04 AM · MediaWiki-Platform-Team, Availability, Performance-Team (Radar), DBA, MediaWiki-Database
tstarling removed a project from T169026: Tech debt: includes/media cleanup: MediaWiki-Platform-Team.
Tue, Jun 12, 3:58 AM · MediaWiki-File-management, Commons, Technical-Debt, Multimedia

Mon, Jun 11

Gerrit Code Review <gerrit@wikimedia.org> committed rELINT7e015a133142: Update patch set 2 (authored by tstarling).
Update patch set 2
Mon, Jun 11, 2:21 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rETSTb40098c02808: Update patch set 11 (authored by tstarling).
Update patch set 11
Mon, Jun 11, 9:58 AM
Gerrit Code Review <gerrit@wikimedia.org> committed rETST422bb51b2f37: Update patch set 1 (authored by tstarling).
Update patch set 1
Mon, Jun 11, 9:57 AM
Gerrit Code Review <gerrit@wikimedia.org> committed rETST07ce71ecac7e: Update patch set 1 (authored by tstarling).
Update patch set 1
Mon, Jun 11, 9:56 AM

Sun, Jun 10

Gerrit Code Review <gerrit@wikimedia.org> committed R1984:efba924a6874: Create change (authored by tstarling).
Create change
Sun, Jun 10, 1:39 PM
Gerrit Code Review <gerrit@wikimedia.org> committed R1984:282e5eb1725f: Update patch set 1 (authored by tstarling).
Update patch set 1
Sun, Jun 10, 1:39 PM

Sat, Jun 9

Gerrit Code Review <gerrit@wikimedia.org> committed rCSSS92d07d4fe945: Update patch set 1 (authored by tstarling).
Update patch set 1
Sat, Jun 9, 5:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rCSSS7272df4476b6: Update patch set 15 (authored by tstarling).
Update patch set 15
Sat, Jun 9, 5:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rCSSS28eee33000f0: Update patch set 13 (authored by tstarling).
Update patch set 13
Sat, Jun 9, 5:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rCSSS781456b9bf59: Update patch set 13 (authored by tstarling).
Update patch set 13
Sat, Jun 9, 5:19 PM
Gerrit Code Review <gerrit@wikimedia.org> committed rCSSS0e6da4c15a87: Update patch set 1 (authored by tstarling).
Update patch set 1
Sat, Jun 9, 5:18 PM

Wed, Jun 6

tstarling added a comment to T91820: Create HTTP verb and sticky cookie DC routing in VCL .

Special:Userlogin starts a session on a GET request so that it can implement CSRF protection on the login form. And that's a localised page name so it's not easy to filter in VCL unless we change the URL in MediaWiki to something more predictable. Not sure if there are other cases, we'd need some sort of audit. If session access is very rare in the secondary DC then could we just tunnel session access to the primary DC, instead of replicating? GET requests causing session creation would be slightly delayed, then the user would get their session cookie and be directed to the primary for subsequent requests.

Wed, Jun 6, 6:18 AM · Services (watching), Wikimania-Hackathon-2018, Availability (MediaWiki-MultiDC), Operations, Traffic

Tue, Jun 5

tstarling moved T93097: MediaWiki should support SQLite 3.8 (or later) from Inbox to Backlog on the MediaWiki-Platform-Team board.
Tue, Jun 5, 6:56 AM · MediaWiki-Platform-Team, SQLite, MediaWiki-Database
tstarling added a comment to T93097: MediaWiki should support SQLite 3.8 (or later).

To recap, SQLite 3.8+ generates an error when a read transaction is upgraded to a write transaction, if another thread holds the write lock. The solution to this is to use BEGIN IMMEDIATE instead of BEGIN in order to force the transaction to be a write transaction from the start. As a quick hack, a constructor parameter trxMode was added in 22508bec75fb05546520398ac0a195c7c79ef87e , which can be used in CI to force all transactions to be write transactions, at the expense of performance. The transactions would all be serialized instead of allowing parallel reads.

Tue, Jun 5, 6:36 AM · MediaWiki-Platform-Team, SQLite, MediaWiki-Database

Fri, Jun 1

tstarling updated subscribers of T196043: wikidiff2 repo doesn't have LICENSE in source nor distribution, nor individual files.

The license in debian/copyright was added in Jan 2012 236f2dffb0ce3dec8ca80b6389aabdc2a40744af by @akosiaris . I'll send an email to people who contributed after that date about relicensing.

Fri, Jun 1, 2:32 AM · Patch-For-Review, Software-Licensing, wikidiff2

Thu, May 31

tstarling added a comment to T196043: wikidiff2 repo doesn't have LICENSE in source nor distribution, nor individual files.

PHP extensions should absolutely not be GPL. The PHP group refuses to distribute them due to incompatibility with the PHP license. Resulting binaries cannot be distributed under any license. MIT is acceptable and often used in this ecosystem.

Thu, May 31, 12:53 PM · Patch-For-Review, Software-Licensing, wikidiff2

May 19 2018

tstarling added a comment to T91820: Create HTTP verb and sticky cookie DC routing in VCL .

Currently, ChronologyProtector times out after 10 seconds, this is configurable. Timeout causes "lagged replica mode" to be set, and Skin::lastModified() responds to this mode by putting a warning in the page footer. Maybe OutputPage::output() would be a good place to send a lagged replica mode response header. Note that lagged replica mode will also be set by LoadBalancer::getReaderIndex() if the lag exceeds the "max lag" parameter, currently 6 seconds in db-eqiad.php. Is it acceptable to send a retry hint to varnish in either case?

May 19 2018, 4:20 PM · Services (watching), Wikimania-Hackathon-2018, Availability (MediaWiki-MultiDC), Operations, Traffic
tstarling updated subscribers of T91820: Create HTTP verb and sticky cookie DC routing in VCL .

I explained ChronologyProtector to @Joe and @BBlack just now. They seemed happy with the idea of not sending a useDC cookie for now, and just relying on ChronologyProtector instead to ensure that the user is presented with an up-to-date view of the site. So the current idea would be to have routing based on HTTP verb, with two exceptions:

May 19 2018, 1:49 PM · Services (watching), Wikimania-Hackathon-2018, Availability (MediaWiki-MultiDC), Operations, Traffic
tstarling added a comment to T194901: MediaWiki and GDPR.
  • Article 6: Is IP address attribution for anons "necessary"?
  • Article 15: Right of access by the data subject. Do we need to e.g. give people access to their own checkuser data, and is it a security problem to make that accessible without a human in the loop?
  • Article 17: Right to erasure. How do we respond to requests for erasure of a username or anon IP? Do we need to provide a way to fully erase content via the web UI?
  • Article 20: Data portability. A personal view of "right to fork". Any additional tools needed? Preferences, watchlist export/import? Contributions mode of Special:Export? Uploaded files?
  • Article 34: Communication of a personal data breach to the data subject. Currently there is no mass mailing extension. For WMF board elections we write a custom maintenance script each time.
May 19 2018, 8:32 AM · MediaWiki-Stakeholders-Group, Wikimedia-Hackathon-2018

May 18 2018

tstarling added a comment to T185355: Normalize change tag schema.

I also had an in-person conversation with @Ladsgroup where he said he intended to use the same technique that site_stats uses to manage incrementing fields (store a value in memcached, use its increment primitive, and periodically write the value to the DB) for the ctd_count field.

May 18 2018, 4:39 PM · Wikidata-Campsite, User-Ladsgroup, MW-1.32-release-notes (WMF-deploy-2018-05-15 (1.32.0-wmf.4)), Wikidata-Ministry-Of-Magic-Tech-Debt, Wikidata-Ministry-Of-Magic, TechCom-RFC (TechCom-Approved), MediaWiki-Database, MediaWiki-Change-tagging, Patch-For-Review

May 15 2018

tstarling added a comment to T194125: [RFC] Future of charset and collation for mediawiki on mysql.

If you want this to be an RFC then you need to tag it with TechCom-RFC . But I'm not sure if it's ready for public discussion yet, since it's mostly just a problem statement.

May 15 2018, 6:57 AM · MediaWiki-Platform-Team, MediaWiki-Database

May 9 2018

tstarling committed R1984:bdbefd13d162: Protect against insecure unserialization of ScopedCallback (authored by tstarling).
Protect against insecure unserialization of ScopedCallback
May 9 2018, 6:37 AM
tstarling added a comment to T169328: Protect against PHP code execution via memcached/unserialize.

Filed upstream proposal at https://github.com/php-memcached-dev/php-memcached/issues/395

May 9 2018, 4:40 AM · Patch-For-Review, Services (watching), Security

Apr 18 2018

tstarling added a comment to T182348: dcatap.rdf in dumps contains invalid data.

It should be back on php5 now, I went through all the misc dumps crons, made sure they all use the config setting for php in the dumps config, and that is php5. See https://gerrit.wikimedia.org/r/#/c/400692/

Apr 18 2018, 12:34 AM · Dumps-Generation, Wikidata

Apr 12 2018

Liuxinyu970226 awarded T176370: Migrate to PHP 7 in WMF production a Yellow Medal token.
Apr 12 2018, 10:00 AM · TechCom-RFC (TechCom-Approved), User-ArielGlenn, HHVM, MediaWiki-Platform-Team, Operations

Mar 20 2018

tstarling moved T100782: http://en.wikipedia.org//wiki/Main_Page raise "Redirect loop detected!" because of the double slash from Inbox to Backlog on the MediaWiki-Platform-Team board.
Mar 20 2018, 1:25 AM · MediaWiki-Platform-Team, MediaWiki-General-or-Unknown, Wikimedia-log-errors
tstarling moved T189966: Audit and simplify MediaWiki initialisation code (Spring 2018) from Inbox to Watching on the MediaWiki-Platform-Team board.
Mar 20 2018, 1:22 AM · Technical-Debt, MediaWiki-General-or-Unknown, MediaWiki-Platform-Team, Performance-Team
tstarling added a comment to T189981: Create Wikitech account for Aryeh Gregor (preexisting SVN login "simetrical").

I took a stab at doing this myself. I added an email address and password to the LDAP user using the tools described at https://wikitech.wikimedia.org/wiki/LDAP , tested logging in as "simetrical" to wikitech.wikimedia.org, and then sent a password reminder email. You should have received a temporary password which you can use to log in and set a new password for the account. Then you should be able to log in to the Gerrit web interface and set up SSH keys using https://gerrit.wikimedia.org/r/#/settings/ssh-keys

Mar 20 2018, 1:00 AM · Cloud-Services, Operations

Mar 16 2018

tstarling added projects to T85838: Add a way to stop animated GIFs: Accessibility, WCAG-Level-A.

This is required by WCAG 2.0 SC 2.2.2: "For any moving, blinking or scrolling information that (1) starts automatically, (2) lasts more than five seconds, and (3) is presented in parallel with other content, there is a mechanism for the user to pause, stop, or hide it unless the movement, blinking, or scrolling is part of an activity where it is essential"

Mar 16 2018, 3:18 AM · WCAG-Level-A, Accessibility, Commons, Design, Multimedia, MediaWiki-File-management
tstarling added a project to T6845: CAPTCHA doesn't work for blind people: WCAG-Level-A.

WCAG 2.0 SC 1.1.1 requires non-text CAPTCHAs to have "alternative forms of CAPTCHA using output modes for different types of sensory perception are provided to accommodate different disabilities"

Mar 16 2018, 1:12 AM · WCAG-Level-A, Security-Extensions, Design, Accessibility, ConfirmEdit (CAPTCHA extension)

Mar 14 2018

tstarling removed a project from T47891: External link icon for file extensions should have alt text: WCAG-Level-A.

While in principal, that might seem true, I partly disagree with that. You see, the target of the link IS being communicated to the screenreader and If I remember correctly, a screenreader can easily be triggered to read out the target url. As such, by knowing the target url, you can interpret if the link is 'external/internal' if you want, so the basic information IS being communicated, it's just not 'enhanced'/'sped up' the way we do with a little symbol in a page view.

Mar 14 2018, 8:25 PM · WorkType-NewFunctionality, Accessibility, MediaWiki-General-or-Unknown
tstarling added a project to T120636: List-Item bullets fail WCAG 2.0 Level AA in `.wikitable`: WCAG-Level-AA.
Mar 14 2018, 5:40 AM · WCAG-Level-AA, Easy, UI-Standardization, UI-Standardization-Kanban, Vector, Accessibility
tstarling added a project to T15765: more "jump to" accessibility links needed: WCAG-Level-A.

The relevant WCAG 2.0 success criterion is SC 2.4.1 Bypass Blocks: "A mechanism is available to bypass blocks of content that are repeated on multiple Web pages. (Level A) "

Mar 14 2018, 5:26 AM · WCAG-Level-A, Accessibility, MediaWiki-Parser
tstarling added a project to T7827: Use full label text for toggles on recent changes: WCAG-Level-AAA.

WCAG 2.0 SC 2.4.9 Link Purpose (Link Only): "A mechanism is available to allow the purpose of each link to be identified from link text alone, except where the purpose of the link would be ambiguous to users in general. (Level AAA) "

Mar 14 2018, 5:02 AM · WCAG-Level-AAA, Accessibility, MediaWiki-Recent-changes
tstarling added a project to T47891: External link icon for file extensions should have alt text: WCAG-Level-A.

If the icon is conveying information then it is a violation of WCAG 2.0 SC 1.1.1 "Non-text Content" if we do not provide a text equivalent. The only way out of this is to claim that it is "pure decoration", which I don't think is true.

Mar 14 2018, 4:56 AM · WorkType-NewFunctionality, Accessibility, MediaWiki-General-or-Unknown
tstarling removed a project from T20418: Create a new message displayed in reading mode for non-talk pages: Accessibility.
Mar 14 2018, 4:37 AM · MediaWiki-Interface
tstarling added a project to T20465: Tabs in Monobook and Vector should indicate selected state: WCAG-Level-AAA.

I think the existing behaviour is OK under WCAG 2.0 SC 1.3.1 since the same information is available in the <title> and <h1>.

Mar 14 2018, 4:35 AM · WCAG-Level-AAA, Readers-Web-Backlog (Tracking), CSS, Vector, Accessibility, MonoBook
tstarling added a project to T49342: Autocomment formatter section link should be wider than just the one arrow character: WCAG-Level-AAA.

The title attribute only contains the name of the page, which is the same in every case, it doesn't contain the heading or anchor. Improving the title attribute would satisfy WCAG 2.0 SC 2.4.9, although begrudgingly, since note H33 recommends using CSS to hide part of the link text instead, due to "extensive user agent limitations" with the title attribute.

Mar 14 2018, 4:16 AM · WCAG-Level-AAA, Accessibility, MediaWiki-History-or-Diffs
tstarling added a project to T19474: Image pages contain same named links, but to different items: WCAG-Level-AAA.

Whether this is a WCAG 2.0 Level A or Level AAA conformance issue depends on whether you think the link purpose can be determined from the "programmatically determined link context", which includes other links in the same list. I think the answer is probably yes, so it's only Level AAA SC 2.4.9 "Link Purpose (Link Only): A mechanism is available to allow the purpose of each link to be identified from link text alone, except where the purpose of the link would be ambiguous to users in general."

Mar 14 2018, 4:02 AM · WCAG-Level-AAA, Accessibility, MediaWiki-Interface
tstarling added a comment to T26544: Watchlist tab empty (no alternative text) when loading images is off.

This is not a WCAG 2.0 issue since there is a text alternative by WCAG's definition of the term.

Mar 14 2018, 3:48 AM · Readers-Web-Backlog (Tracking), Vector, Accessibility
tstarling added a project to T43241: Add a "don't auto-hide notifications" user preference: WCAG-Level-A.

The existing behaviour violates WCAG 2.0 SC 2.2.1 Timing Adjustable (Level A). Allowing the user to disable auto-hide in preferences would satisfy SC 2.2.1 but would probably not be Level AAA compliant due to SC 2.2.3 "No Timing".

Mar 14 2018, 3:43 AM · WCAG-Level-A, JavaScript, Accessibility, MediaWiki-User-preferences
tstarling removed a project from T74350: Give a hint there is a save button in action=edit: Accessibility.

This is really usability rather than accessibility.

Mar 14 2018, 3:33 AM · MediaWiki-Page-editing
tstarling added a project to T54697: Labels of form elements in the preferences are messed up: WCAG-Level-A.

The checkboxes in the Notifications tab of Special:Preferences, from the Echo extension, appear to violate WCAG 2.0 SC 1.1.1 (Level A). I don't see any label for those checkboxes, not even an empty label. Each checkbox needs to have a human-readable name that describes its purpose. Presumably that means the "web" and "email" checkboxes on each row need to have different names. An aria-label attribute would be sufficient.

Mar 14 2018, 3:30 AM · WCAG-Level-A, Accessibility, MediaWiki-User-preferences
tstarling added a comment to T150458: On action prompts (purging and watching), set focus keyboard focus to button.

Not required by WCAG 2.0

Mar 14 2018, 3:10 AM · MediaWiki-General-or-Unknown, Accessibility
tstarling added a project to T155604: Diff formatter for screen readers: WCAG-Level-A.

This is a violation of WCAG 2.0 SC 1.3.1: Information, structure, and relationships conveyed through presentation can be programmatically determined or are available in text. (Level A)

Mar 14 2018, 3:03 AM · WCAG-Level-A, MediaWiki-History-or-Diffs, Accessibility
tstarling added a project to T181416: In VE table editor, cannot move cursor out of caption area using keyboard: WCAG-Level-A.

WCAG 2.0 SC 2.1.2 No Keyboard Trap (Level A)

Mar 14 2018, 2:53 AM · WCAG-Level-A, Accessibility, VisualEditor, VisualEditor-Tables
tstarling added a project to T181488: Improve screenreader compatibility in AdvancedSearch: WCAG-Level-A.

The only WCAG 2.0 violation that I see in here is "The file size textfields for the size are not labelled". This violates SC 1.1.1 "If non-text content is a control or accepts user input, then it has a name that describes its purpose." (Level A)

Mar 14 2018, 2:50 AM · WCAG-Level-A, Accessibility, Advanced-Search, TCB-Team
tstarling added a comment to T181734: Prohibit links/other formatting in headings in HTMLMultiSelectField for accessibility reasons.

This is not a WCAG violation if there are no callers that use this.

Mar 14 2018, 2:31 AM · MediaWiki-HTMLForm, Accessibility
tstarling added a project to T186551: Make ULS language panel keyboard accessible at the personal bar : WCAG-Level-A.

This is probably a WCAG 2.0 SC 2.1.1 conformance failure. You can type the language name, but if "suggested languages" counts as functionality then it's a violation to not give keyboard access to it.

Mar 14 2018, 2:26 AM · WCAG-Level-A, Accessibility, UniversalLanguageSelector
tstarling added a project to T186553: Notification badges in personal bar need visual focus feedback: WCAG-Level-AA.

This is a violation of WCAG 2.0 Level AA 2.4.7 Focus Visible: Any keyboard operable user interface has a mode of operation where the keyboard focus indicator is visible.

Mar 14 2018, 2:10 AM · Patch-For-Review, WCAG-Level-AA, UI-Standardization, UI-Standardization-Kanban, Design, Accessibility, Collaboration-Team-Triage, Notifications
tstarling added a project to T186875: Selected state of radio buttons for merge interface not accessible to those with visual impairments: WCAG-Level-A.

Based on the screenshot, this is a failure of WCAG 2.0 Level A guideline 1.4.1 "Color is not used as the only visual means of conveying information, indicating an action, prompting a response, or distinguishing a visual element."

Mar 14 2018, 2:05 AM · WCAG-Level-A, Accessibility, WMDE-QWERTY-Team, Design, Two-Column-Edit-Conflict-Merge, WMDE-Design, TCB-Team
tstarling added a comment to T188756: Alt for site logo.

Not a WCAG 2.0 violation in my opinion, on the basis that the logo is pure decoration. It is deliberately hidden from screen readers.

Mar 14 2018, 2:01 AM · UI-Standardization, Front-end-Standards-Group, Accessibility
tstarling closed T189558: Tags for WCAG levels as Resolved.
Mar 14 2018, 1:57 AM · Project-Admins
tstarling set the image for WCAG-Level-AAA to F15331326: fa-tags-yellow.png.
Mar 14 2018, 1:56 AM
tstarling created WCAG-Level-AAA.
Mar 14 2018, 1:56 AM
tstarling set the image for WCAG-Level-AA to F15331224: fa-tags-yellow.png.
Mar 14 2018, 1:55 AM
tstarling created WCAG-Level-AA.
Mar 14 2018, 1:55 AM
tstarling set the image for WCAG-Level-A to F15331093: fa-tags-yellow.png.
Mar 14 2018, 1:54 AM
tstarling created WCAG-Level-A.
Mar 14 2018, 1:54 AM

Mar 13 2018

tstarling created T189558: Tags for WCAG levels.
Mar 13 2018, 5:13 AM · Project-Admins

Mar 12 2018

tstarling added a comment to T189065: Outbound mail from Greenhouse is broken.

So we need a Greenhouse admin to go to Configure > Email Settings, then enter "careers.wikimedia.org" for the domain and click "Register". Then click "Email your I.T. dept" and send it to kherron@wikimedia.org.

Mar 12 2018, 11:59 PM · User-herron, Patch-For-Review, DNS, Operations, Mail

Mar 9 2018

tstarling added a comment to T188798: Change the limit of the edit summary to 500 characters on all Wikimedia wikis.

To get a bit more philosophical, my theory is that improving and encouraging communication of the rationale for an edit will help to avoid conflict and anger.

Mar 9 2018, 5:43 AM · Patch-For-Review, Community-Tech-Sprint, MediaWiki-Page-editing
tstarling added a comment to T188798: Change the limit of the edit summary to 500 characters on all Wikimedia wikis.

Proof-of-concept display-side truncation uploaded at https://gerrit.wikimedia.org/r/#/c/417593/

Mar 9 2018, 5:22 AM · Patch-For-Review, Community-Tech-Sprint, MediaWiki-Page-editing
tstarling added a comment to T188798: Change the limit of the edit summary to 500 characters on all Wikimedia wikis.

I think 500 is too long for change lists, I think it should be more like 150. When you require the same length for storage and display, you have to make awkward trade-offs. Edit summaries on Wikipedia are usually much shorter than 500 characters, whereas commit messages in MW git are very often longer than 500 characters. I don't think MediaWiki is fundamentally more complicated than a Wikipedia article, I think Wikipedians are just accustomed to not explaining what they are doing, due to UI decisions by developers.

Mar 9 2018, 5:11 AM · Patch-For-Review, Community-Tech-Sprint, MediaWiki-Page-editing
tstarling added a comment to T188798: Change the limit of the edit summary to 500 characters on all Wikimedia wikis.

My preference is to leave the limit as it is, and to collapse or truncate edit summaries in the change list UI. There's no reason to limit the size on the diff page.

Mar 9 2018, 1:00 AM · Patch-For-Review, Community-Tech-Sprint, MediaWiki-Page-editing

Mar 8 2018

tstarling renamed T189065: Outbound mail from Greenhouse is broken from SPF for Greenhouse to Outbound mail from Greenhouse is broken.
Mar 8 2018, 5:16 AM · User-herron, Patch-For-Review, DNS, Operations, Mail
tstarling added a comment to T189065: Outbound mail from Greenhouse is broken.

How about I change the task title so that it can stay open? Because the real problem here is that outbound email is broken, I don't care whether SPF or a subdomain is used to fix it. There's no MX record for careers.wikimedia.org.

Mar 8 2018, 5:16 AM · User-herron, Patch-For-Review, DNS, Operations, Mail

Mar 7 2018

tstarling created T189065: Outbound mail from Greenhouse is broken.
Mar 7 2018, 12:27 AM · User-herron, Patch-For-Review, DNS, Operations, Mail

Mar 6 2018

tstarling added a comment to T92892: Remove code path in Sanitizer that depends on tidy.

Sanitizer is in fact not involved. The Parser wraps the TOC with <mw:toc>...</mw:toc>. The input to Tidy is:

Mar 6 2018, 11:27 PM · MediaWiki-Parser

Mar 1 2018

tstarling updated subscribers of T187980: Memcached error "A TIMEOUT OCCURRED" for key "WANCache:v:enwiki:sidebar:en".

This comes from pybal monitoring. The client IP addresses identify LVS hosts, and you can see the relevant requests using tcpdump. I tried to reproduce using nc, which was mostly unsuccessful, except for one request to http://fr.wikipedia.org/wiki/Special:BlankPage .

Mar 1 2018, 5:59 AM · Performance-Team (Radar), Wikimedia-log-errors, MediaWiki-Cache, MediaWiki-Interface

Feb 28 2018

tstarling added a comment to T187833: Fatal error: request has exceeded memory limit in StripState.php.

Fix uploaded at https://gerrit.wikimedia.org/r/#/c/415207/ . Any objections to removing the policy? This is not a DOS attack. It's apparently not even a DOS attack vector, since the memory limit is doing its job, and the CPU time is short.

Feb 28 2018, 2:25 AM · Parsing-Team, MediaWiki-Parser, Wikimedia-log-errors
mmodell awarded T187833: Fatal error: request has exceeded memory limit in StripState.php a Barnstar token.
Feb 28 2018, 12:05 AM · Parsing-Team, MediaWiki-Parser, Wikimedia-log-errors

Feb 21 2018

tstarling added a comment to T151903: Special:Search performs DB writes on GET request.

The issue is that some GET requests will be routed to the secondary data centre. Eliminating all writes in such requests is not feasible and was abandoned as a goal very early in the planning. Instead, when MW calls wfGetDB(DB_MASTER) from the secondary datacentre, it will connect to the remote master database. This takes about 6 RTTs per SSL connection plus 1 RTT per query. So avoiding such queries is useful for performance.

Feb 21 2018, 9:48 PM · Availability (MediaWiki-MultiDC), Discovery-Search, Discovery, CirrusSearch
tstarling added a comment to T151903: Special:Search performs DB writes on GET request.

I'm not sure this needs to be done, since it is already deferred until post-send so should not have any impact on user-visible latency.

Feb 21 2018, 5:09 AM · Availability (MediaWiki-MultiDC), Discovery-Search, Discovery, CirrusSearch
tstarling added a subtask for T92357: Fix problematic database master queries performed on HTTP GET/HEAD: T151903: Special:Search performs DB writes on GET request.
Feb 21 2018, 5:01 AM · MW-1.30-release-notes (WMF-deploy-2017-06-13_(1.30.0-wmf.5)), Availability (MediaWiki-MultiDC), Patch-For-Review, MediaWiki-General-or-Unknown
tstarling added a parent task for T151903: Special:Search performs DB writes on GET request: T92357: Fix problematic database master queries performed on HTTP GET/HEAD.
Feb 21 2018, 5:01 AM · Availability (MediaWiki-MultiDC), Discovery-Search, Discovery, CirrusSearch
tstarling added a comment to T179760: File metadata gets refreshed when accessing the file description page.

It looks like this is deferred until post-send, so there shouldn't be a user-visible latency impact. I'm assuming we're talking about LocalFile::maybeUpgradeRow().

Feb 21 2018, 4:39 AM · Performance, Multimedia, MediaWiki-File-management, Commons
tstarling added a comment to T154719: PageTriage opens master connection on GET for ArticleMetadata cache misses.

The call of ArticleCompileProcessor::compileMetadata() from from ArticleMetadata::getMetadata() is supposedly a "very rare case" according to a source code comment. It's incorrect in this case to do BasicData compilation from the master. ArticleMetadata::getMetadata() has just loaded the page information from the replica, so it knows all the data is already in the replica. It should override the componentDb config so that all data comes from the replica. Note that the backtrace shows this information being prepared for the footer of a page view. Page views use existence information from the replica DB, so if you loaded PageTriage data from the master, the best you could do would be to display a triage footer on a "page does not exist" error message.

Feb 21 2018, 4:29 AM · Collaboration-Team-Triage (Collab-Team-This-Quarter), Availability, MediaWiki-extensions-PageCuration
tstarling closed T154554: AbuseFilter "Examine past edits" feature opens master conn on GET in certain cases involving Scribunto as Resolved.

Seems fixed.

Feb 21 2018, 3:19 AM · TestMe, MW-1.29-release-notes, Availability, AbuseFilter
tstarling closed T154554: AbuseFilter "Examine past edits" feature opens master conn on GET in certain cases involving Scribunto, a subtask of T92357: Fix problematic database master queries performed on HTTP GET/HEAD, as Resolved.
Feb 21 2018, 3:19 AM · MW-1.30-release-notes (WMF-deploy-2017-06-13_(1.30.0-wmf.5)), Availability (MediaWiki-MultiDC), Patch-For-Review, MediaWiki-General-or-Unknown
tstarling added a comment to T134842: SpecialCentralAutoLogin calls User::saveSettings() on HTTP GET presend.

So this only affects users with user_token=''? The field is not nullable. Apparently only users created between March and June 2012 are affected by this:

Feb 21 2018, 2:55 AM · MediaWiki-Authentication-and-authorization, MediaWiki-extensions-CentralAuth, Availability
tstarling added a comment to T187833: Fatal error: request has exceeded memory limit in StripState.php.

I revision-deleted the revision in question.

Feb 21 2018, 12:09 AM · Parsing-Team, MediaWiki-Parser, Wikimedia-log-errors

Feb 20 2018

tstarling added a comment to T187833: Fatal error: request has exceeded memory limit in StripState.php.

It's not a DOS, there's not enough requests. It's just a broken bot hitting the same old revision via action=parse again and again. Specifically 256170852, a revision of [[Barack Obama]] from 2008. The solution is to find the person running this bot and to tell them to stop doing it.

Feb 20 2018, 10:59 PM · Parsing-Team, MediaWiki-Parser, Wikimedia-log-errors
tstarling added a comment to T146285: Switch mwscript from Zend PHP5 to default php alternative (e.g. HHVM or PHP7).

@tstarling AIUI we should be able to switch mwscript to use 'php' instead of 'php5' now, correct?

Feb 20 2018, 4:57 AM · Release-Engineering-Team (Kanban), Deployments, User-Joe, Beta-Cluster-reproducible, HHVM, Operations
tstarling removed a subtask for T145819: Jobs invoking SiteConfiguration::getConfig cause HHVM to fail updating the bytecode cache due to being filesize limited to 512MBytes: T161598: Monitor HHVM bytecode cache depletion on mediawiki app servers.
Feb 20 2018, 4:52 AM · MW-1.31-release-notes (WMF-deploy-2017-11-14 (1.31.0-wmf.8)), Patch-For-Review, Release-Engineering-Team (Someday), Scap, MW-1.28-release-notes, Wikimedia-Incident, Beta-Cluster-reproducible, MediaWiki-extensions-WikibaseRepository, Wikidata
tstarling removed a parent task for T161598: Monitor HHVM bytecode cache depletion on mediawiki app servers: T145819: Jobs invoking SiteConfiguration::getConfig cause HHVM to fail updating the bytecode cache due to being filesize limited to 512MBytes.
Feb 20 2018, 4:52 AM · Patch-For-Review, monitoring, HHVM, Operations
tstarling lowered the priority of T161598: Monitor HHVM bytecode cache depletion on mediawiki app servers from Normal to Low.

There's no longer a 512MB limit imposed by wfShellExec(). Monitoring bytecode cache size may be useful if there is a risk of disk space exhaustion or performance degradation, but this is no longer necessary for T146285, so I'm removing it as a parent and reducing priority. Possibly the task could be declined if we switch mwscript back to HHVM and no issues are encountered.

Feb 20 2018, 4:52 AM · Patch-For-Review, monitoring, HHVM, Operations

Feb 19 2018

tstarling closed T187615: Remove dpatrick from security@ as Resolved.
Feb 19 2018, 5:31 AM · Operations

Feb 15 2018

Liuxinyu970226 awarded T158730: Automate WMF wiki creation a Mountain of Wealth token.
Feb 15 2018, 5:37 AM · Release-Engineering-Team, Services (watching), Patch-For-Review, MediaWiki-Configuration