Change Details

**Problem** AbuseFilter has it's own [[ https://www.mediawiki.org/wiki/Extension:AbuseFilter/Rules_format | domain-specific language ]]. This language must be learned by admins and maintained by developers. **Proposed Solution** If admins are more familiar with JavaScript, perhaps it would be better to allow them to write JavaScript. These scripts could be executed in a [[ https://github.com/patriksimek/vm2 | secure vm ]] and function similar to a [[ https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers | Service Worker ]]: ``` lang=javascript self.addEventListener('fetch', function(event) { event.respondWith( new Response('Hello World'); ); }); ``` This would give admins the ability to write filters in standard JavaScript while also maintaining a secure environment for our infrastructure. Doing this should open up the number admins who can write filters, provide additional linting and testing tools, and also remove the amount of code that AbuseFilter has to maintain. Lastly, it could be possible to publish/update filters with an API, making it possible to write filters on a desktop IDE, and deploy them with a CLI. This could enable developers to use npm dependencies and compile their script into a single file for deployment.

**Problem** AbuseFilter has its own [[ https://www.mediawiki.org/wiki/Extension:AbuseFilter/Rules_format | domain-specific language ]]. This language must be learned by admins and maintained by developers. **Proposed Solution** If admins are more familiar with JavaScript, perhaps it would be better to allow them to write JavaScript. These scripts could be executed in a [[ https://github.com/patriksimek/vm2 | secure vm ]] and function similar to a [[ https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers | Service Worker ]]: ``` lang=javascript self.addEventListener('fetch', function(event) { event.respondWith( new Response('Hello World'); ); }); ``` This would give admins the ability to write filters in standard JavaScript while also maintaining a secure environment for our infrastructure. Doing this should open up the number admins who can write filters, provide additional linting and testing tools, and also remove the amount of code that AbuseFilter has to maintain. Lastly, it could be possible to publish/update filters with an API, making it possible to write filters on a desktop IDE, and deploy them with a CLI. This could enable developers to use npm dependencies and compile their script into a single file for deployment.

**Problem** AbuseFilter has it's own [[ https://www.mediawiki.org/wiki/Extension:AbuseFilter/Rules_format | domain-specific language ]]. This language must be learned by admins and maintained by developers. **Proposed Solution** If admins are more familiar with JavaScript, perhaps it would be better to allow them to write JavaScript. These scripts could be executed in a [[ https://github.com/patriksimek/vm2 | secure vm ]] and function similar to a [[ https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers | Service Worker ]]: ``` lang=javascript self.addEventListener('fetch', function(event) { event.respondWith( new Response('Hello World'); ); }); ``` This would give admins the ability to write filters in standard JavaScript while also maintaining a secure environment for our infrastructure. Doing this should open up the number admins who can write filters, provide additional linting and testing tools, and also remove the amount of code that AbuseFilter has to maintain. Lastly, it could be possible to publish/update filters with an API, making it possible to write filters on a desktop IDE, and deploy them with a CLI. This could enable developers to use npm dependencies and compile their script into a single file for deployment.