Re: [Wikitech-l] Proposal: Add security researchers to CREDITS file & [[Special:Version/credits]]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 A while back (cba03a5777) we gave up dividing that file into "Developers" and "Patch contributors" - and imho that was a good thing. The only sections in the CREDITS file by now are "Contributors" and "Translators", where the latter just holds a link to translatewiki. I'd (slightly) prefer to just add those who reported security issues to the "Contributors" section (considering "reported a security issue" a contribution) instead of adding a new section - technically someone reporting a security issue with a patch attached would be both a "Vulnerability Reporter" and a "Contributor", which just seems confusing. Besides from bikeshedding about that, I totally agree with your proposal. - -- Eddie On 01.05.2018 20:34, Brian Wolff wrote: > Hi everyone, > > Currently we only credit people who report security vulnerabilities > at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Thanks > (which basically nobody reads or knows exists) and sometimes in the > commit message and release announcements. Given such people are > instrumental in keeping MediaWiki secure, I think we should also > credit them in the CREDITS file. I propose adding another section > to the file - "Vulnerability Reporters", listing the names of > everyone who has reported a security vulnerability in either > MediaWiki or a bundled extension. > > Thoughts? > > -- Brian ___ Wikitech-l > mailing list Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE/zqKboUFrd4f9T4zA/bLnFtzmKEFAlro2/UACgkQA/bLnFtz mKHlUA//SUKpGwRUtxpkxm46T8wrwnBfSamwK7hRfv4bvAyzmyAk2YAFxh3GVvji qUuabrnARdQn4/HgfNXqe09rPUPXrESX+Blp5JCxKQuJzgrgBeqMYlnR4JbVsA0A ITvyTlrUKAmDJd7pjCnb+MKzd9qroTLU6PWwCh0ln0ihrx9syhzZAcNW3BB+D24B EYHx4i7VBWWFnFgzgdif7hjO4JJ6gZvGKZaUDNkZ4ZOyRdY/+OpxRx1jqhhMDauZ dHwk17yQYkeC9+z+GBicdtwwLs9AKbq0mz7P4DkCe6fUbtsyAlAWYB8Z8qSCvfwP p1CFo+7L5sdc3dEq8xLhHQNRBfzOg7WMDq9T1vfaR9kxHhrfA/PPu8EFcNAMiiLe hmHxZaKGRqB48eJGZMYUv9OAxB5fA+tUp/NdMhchkOtH1Zq1mOWv2JBzcfIm1uUY POsFL1lgghsU9GEyRMa7EPkiFIYzHYs7OuGJUybXfaL2fGxh+zaWHVWfBjmvMABL tL7MyY8aFUegkvod1vQIocAsBVCRx5TVibLs8WAkVfnKE7wr55msgknt/JZbiqqO poHv0Vluvd3A86L7P17zUX/p3vo50psBv/A+0yPq0xwaosrumU+yHKzBUF2hKl8r e6RcRA0ElzAwej6VRoErB+HkJXi+EDJdQADatB84hL9sTJi3TFg= =0KkP -END PGP SIGNATURE- ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: [Wikitech-l] Data gathering for intermittent issue
Sorry dear all for the spam - apparently there is both a "Reply" and "Reply List" button in my mail client but both do exactly the same thing and I was wrong to assume than actually only the "Reply List" one would reply to the list and the other wouldn't. Silly me will look on this more carefully in the future. Sorry again! On 07.05.2017 00:42, Eddie Greiner-Petter wrote: > Hey James, > I've tried this on my Kubuntu 17.04 machine. I'm living in Germany and > my time zone settings reflect that (which means CEST currently), > although the main language of my system (and browsers) is set to > English. On both Chromium [2] and Firefox [3] the page you linked > directly shows me 5 events (Tue 11, Wed 12, Sat 15 & two on Mon 17). > > I hope this helps you. If theres anything more you'd need, feel free to > mail me. > - Eddie > > [1] System localization setup: > eddie@eddie-thinkpad:~$ locale > LANG=en_US.UTF-8 > LANGUAGE=en_US > LC_CTYPE="en_US.UTF-8" > LC_NUMERIC=de_DE.UTF-8 > LC_TIME=de_DE.UTF-8 > LC_COLLATE=de_DE.UTF-8 > LC_MONETARY=de_DE.UTF-8 > LC_MESSAGES="en_US.UTF-8" > LC_PAPER=en_US.utf8 > LC_NAME=en_US.utf8 > LC_ADDRESS=en_US.utf8 > LC_TELEPHONE=en_US.utf8 > LC_MEASUREMENT=de_DE.UTF-8 > LC_IDENTIFICATION=en_US.utf8 > LC_ALL= > > [2] Version 58.0.3029.81 Built on Ubuntu , running on Ubuntu 17.04 (64-bit) > [3] 53.0 (64-bit) Mozilla Firefox for Ubuntu canonical - 1.0 > > On 06.05.2017 22:49, James Montalvo wrote: >> Hello, >> >> I'm troubleshooting an issue that impacts some users but not others, and >> I'd like to collect data to try to identify the cause. Could anyone willing >> to help please go to [1] and let me know if they either: >> >> A) See any events on the calendar initially (e.g. in Sept 2012), or >> B) Have to navigate back in the calendar to fall 2011 (approximately >> October 2011) to see events. >> >> To avoid spamming this list, please reply directly to me or comment on the >> GitHub issue [2], and let me know: >> >> 1. The result of the check above (A or B) >> 2. OS type and version >> 3. Browser(s) used >> 4. Any internationalization aspects of your setup like country/timezone, >> language, etc. (Specifically this issue is related to time formatting, so I >> think this info may be useful) >> >> I will anonymize any info provided to me. >> >> Thanks, >> James >> >> [1] https://www.semantic-mediawiki.org/wiki/User:Jamesmontalvo3/Test2 >> [2] https://github.com/SemanticMediaWiki/SemanticMediaWiki/issues/2440 >> ___ >> Wikitech-l mailing list >> Wikitech-l@lists.wikimedia.org >> https://lists.wikimedia.org/mailman/listinfo/wikitech-l >> > > > > ___ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > signature.asc Description: OpenPGP digital signature ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: [Wikitech-l] [Wikipedia-l] Data centre switchover to Eqiad
Hey, I had a quick chat with Zppix about how to solve this and we ended up creating this task instead of just sending in a patch: https://phabricator.wikimedia.org/T164177 While it looks quite trivial to change the strings in the config files on the first glance, I noticed that the switchdc script actually hardcodes this message in the scripts used to set mediawiki ro and back rw (maybe also somewhere else, haven't checked), which needs us to pay attention to not break switchdc by exchanging that message. Details are described on the task, let's continue there. - Eddie On 01.05.2017 00:18, Jaime Crespo wrote: > On Sun, Apr 30, 2017 at 9:24 PM, Eddie Greiner-Petter < > wikimedia@eddie-sh.de> wrote: > >> That reminds me that we noticed during switch to codfw that the message >> shown when trying to really edit a page (the mediawiki read-only >> message) contains: >> >> The system administrator who locked it offered this explanation: >> MediaWiki is in read-only mode for maintenance. Please try again in a >> few minutes >> >> which isn't quite informative. Is there a task for changing the "offered >> explanation" part? Some hint about the DC switch (and maybe a link to >> the meta page) would be better. > > > The read-only messages are controlled by these strings: > > https://phabricator.wikimedia.org/source/mediawiki-config/browse/master/wmf-config/db-codfw.php;a65f35adbc9d2c8c9a85e956a64661783d2c973d$645 > https://phabricator.wikimedia.org/source/mediawiki-config/browse/master/wmf-config/db-eqiad.php;a65f35adbc9d2c8c9a85e956a64661783d2c973d$664 > > I think with the pressure of keeping everything up, plus discussing > internally if we should declare a specific amount of time (given it doesn't > auto-update) we ended up a very generic message. We are, however, looking > at showing better error messages like on the ticket I reported at > https://phabricator.wikimedia.org/T163455#3199813 > > Please send a pull request or file a new ticket on Phabricator with the > #operations and #codfw-rollout tags with a proposal and we can definitely > change it by Wednesday. > > Thanks, > signature.asc Description: OpenPGP digital signature ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: [Wikitech-l] [Wikipedia-l] Data centre switchover to Eqiad
As there was a globalnotice the other week when we switched to codfw, I'm sure there'll be one this week for the switch back too. That reminds me that we noticed during switch to codfw that the message shown when trying to really edit a page (the mediawiki read-only message) contains: The system administrator who locked it offered this explanation: MediaWiki is in read-only mode for maintenance. Please try again in a few minutes which isn't quite informative. Is there a task for changing the "offered explanation" part? Some hint about the DC switch (and maybe a link to the meta page) would be better. - Eddie On 30.04.2017 21:15, David Gerard wrote: > Would a sitenotice for logged-in users, or at least a watchlist > notice, be a good idea? > > > - d. > > > > On 30 April 2017 at 19:08, zppix ewrote: >> Hello, as you may or may not already know there will be a datacentre >> switch back to Eqiad, WMF's main data centre, on May 3rd at approximately >> 14:00 UTC. For approximately 20-30 minutes you will NOT be able to save >> edits to any WMF project. If you have any questions feel free to reply back >> to this email, or ask on IRC on freenode channel #wikimedia-tech. If there >> any major issues that occur during this time please report them to >> #wikimedia-tech on freenode! >> >> Thanks, >> Zppix >> Volunteer Developer for WMF >> www.enwp.org/User:Zppix >> ___ >> Wikipedia-l mailing list >> wikipedi...@lists.wikimedia.org >> https://lists.wikimedia.org/mailman/listinfo/wikipedia-l > > ___ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > signature.asc Description: OpenPGP digital signature ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l