Re: [Wikitech-l] Proposal: Add security researchers to CREDITS file & [[Special:Version/credits]]

2018-05-01 Thread Eddie Greiner-Petter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

A while back (cba03a5777) we gave up dividing that file into
"Developers" and "Patch contributors" - and imho that was a good
thing. The only sections in the CREDITS file by now are "Contributors"
and "Translators", where the latter just holds a link to translatewiki.

I'd (slightly) prefer to just add those who reported security issues
to the "Contributors" section (considering "reported a security issue"
a contribution) instead of adding a new section - technically someone
reporting a security issue with a patch attached would be both a
"Vulnerability Reporter" and a "Contributor", which just seems
confusing. Besides from bikeshedding about that, I totally agree with
your proposal.

- -- 
Eddie

On 01.05.2018 20:34, Brian Wolff wrote:
> Hi everyone,
> 
> Currently we only credit people who report security vulnerabilities
> at https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Thanks
> (which basically nobody reads or knows exists) and sometimes in the
> commit message and release announcements. Given such people are
> instrumental in keeping MediaWiki secure, I think we should also
> credit them in the CREDITS file. I propose adding another section
> to the file - "Vulnerability Reporters", listing the names of
> everyone who has reported a security vulnerability in either
> MediaWiki or a bundled extension.
> 
> Thoughts?
> 
> -- Brian ___ Wikitech-l
> mailing list Wikitech-l@lists.wikimedia.org 
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
> 
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE/zqKboUFrd4f9T4zA/bLnFtzmKEFAlro2/UACgkQA/bLnFtz
mKHlUA//SUKpGwRUtxpkxm46T8wrwnBfSamwK7hRfv4bvAyzmyAk2YAFxh3GVvji
qUuabrnARdQn4/HgfNXqe09rPUPXrESX+Blp5JCxKQuJzgrgBeqMYlnR4JbVsA0A
ITvyTlrUKAmDJd7pjCnb+MKzd9qroTLU6PWwCh0ln0ihrx9syhzZAcNW3BB+D24B
EYHx4i7VBWWFnFgzgdif7hjO4JJ6gZvGKZaUDNkZ4ZOyRdY/+OpxRx1jqhhMDauZ
dHwk17yQYkeC9+z+GBicdtwwLs9AKbq0mz7P4DkCe6fUbtsyAlAWYB8Z8qSCvfwP
p1CFo+7L5sdc3dEq8xLhHQNRBfzOg7WMDq9T1vfaR9kxHhrfA/PPu8EFcNAMiiLe
hmHxZaKGRqB48eJGZMYUv9OAxB5fA+tUp/NdMhchkOtH1Zq1mOWv2JBzcfIm1uUY
POsFL1lgghsU9GEyRMa7EPkiFIYzHYs7OuGJUybXfaL2fGxh+zaWHVWfBjmvMABL
tL7MyY8aFUegkvod1vQIocAsBVCRx5TVibLs8WAkVfnKE7wr55msgknt/JZbiqqO
poHv0Vluvd3A86L7P17zUX/p3vo50psBv/A+0yPq0xwaosrumU+yHKzBUF2hKl8r
e6RcRA0ElzAwej6VRoErB+HkJXi+EDJdQADatB84hL9sTJi3TFg=
=0KkP
-END PGP SIGNATURE-

___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Re: [Wikitech-l] Data gathering for intermittent issue

2017-05-06 Thread Eddie Greiner-Petter
Sorry dear all for the spam - apparently there is both a "Reply" and
"Reply List" button in my mail client but both do exactly the same thing
and I was wrong to assume than actually only the "Reply List" one would
reply to the list and the other wouldn't. Silly me will look on this
more carefully in the future. Sorry again!

On 07.05.2017 00:42, Eddie Greiner-Petter wrote:
> Hey James,
> I've tried this on my Kubuntu 17.04 machine. I'm living in Germany and
> my time zone settings reflect that (which means CEST currently),
> although the main language of my system (and browsers) is set to
> English. On both Chromium [2] and Firefox [3] the page you linked
> directly shows me 5 events (Tue 11, Wed 12, Sat 15 & two on Mon 17).
> 
> I hope this helps you. If theres anything more you'd need, feel free to
> mail me.
> - Eddie
> 
> [1] System localization setup:
> eddie@eddie-thinkpad:~$ locale
> LANG=en_US.UTF-8
> LANGUAGE=en_US
> LC_CTYPE="en_US.UTF-8"
> LC_NUMERIC=de_DE.UTF-8
> LC_TIME=de_DE.UTF-8
> LC_COLLATE=de_DE.UTF-8
> LC_MONETARY=de_DE.UTF-8
> LC_MESSAGES="en_US.UTF-8"
> LC_PAPER=en_US.utf8
> LC_NAME=en_US.utf8
> LC_ADDRESS=en_US.utf8
> LC_TELEPHONE=en_US.utf8
> LC_MEASUREMENT=de_DE.UTF-8
> LC_IDENTIFICATION=en_US.utf8
> LC_ALL=
> 
> [2] Version 58.0.3029.81 Built on Ubuntu , running on Ubuntu 17.04 (64-bit)
> [3] 53.0 (64-bit) Mozilla Firefox for Ubuntu canonical - 1.0
> 
> On 06.05.2017 22:49, James Montalvo wrote:
>> Hello,
>>
>> I'm troubleshooting an issue that impacts some users but not others, and
>> I'd like to collect data to try to identify the cause. Could anyone willing
>> to help please go to [1] and let me know if they either:
>>
>> A) See any events on the calendar initially (e.g. in Sept 2012), or
>> B) Have to navigate back in the calendar to fall 2011 (approximately
>> October 2011) to see events.
>>
>> To avoid spamming this list, please reply directly to me or comment on the
>> GitHub issue [2], and let me know:
>>
>> 1. The result of the check above (A or B)
>> 2. OS type and version
>> 3. Browser(s) used
>> 4. Any internationalization aspects of your setup like country/timezone,
>> language, etc. (Specifically this issue is related to time formatting, so I
>> think this info may be useful)
>>
>> I will anonymize any info provided to me.
>>
>> Thanks,
>> James
>>
>> [1] https://www.semantic-mediawiki.org/wiki/User:Jamesmontalvo3/Test2
>> [2] https://github.com/SemanticMediaWiki/SemanticMediaWiki/issues/2440
>> ___
>> Wikitech-l mailing list
>> Wikitech-l@lists.wikimedia.org
>> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>>
> 
> 
> 
> ___
> Wikitech-l mailing list
> Wikitech-l@lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
> 



signature.asc
Description: OpenPGP digital signature
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Re: [Wikitech-l] [Wikipedia-l] Data centre switchover to Eqiad

2017-04-30 Thread Eddie Greiner-Petter
Hey,
I had a quick chat with Zppix about how to solve this and we ended up
creating this task instead of just sending in a patch:

https://phabricator.wikimedia.org/T164177

While it looks quite trivial to change the strings in the config files
on the first glance, I noticed that the switchdc script actually
hardcodes this message in the scripts used to set mediawiki ro and back
rw (maybe also somewhere else, haven't checked), which needs us to pay
attention to not break switchdc by exchanging that message. Details are
described on the task, let's continue there.

- Eddie

On 01.05.2017 00:18, Jaime Crespo wrote:
> On Sun, Apr 30, 2017 at 9:24 PM, Eddie Greiner-Petter <
> wikimedia@eddie-sh.de> wrote:
> 
>> That reminds me that we noticed during switch to codfw that the message
>> shown when trying to really edit a page (the mediawiki read-only
>> message) contains:
>>
>> The system administrator who locked it offered this explanation:
>> MediaWiki is in read-only mode for maintenance. Please try again in a
>> few minutes
>>
>> which isn't quite informative. Is there a task for changing the "offered
>> explanation" part? Some hint about the DC switch (and maybe a link to
>> the meta page) would be better.
> 
> 
> The read-only messages are controlled by these strings:
> 
> https://phabricator.wikimedia.org/source/mediawiki-config/browse/master/wmf-config/db-codfw.php;a65f35adbc9d2c8c9a85e956a64661783d2c973d$645
> https://phabricator.wikimedia.org/source/mediawiki-config/browse/master/wmf-config/db-eqiad.php;a65f35adbc9d2c8c9a85e956a64661783d2c973d$664
> 
> I think with the pressure of keeping everything up, plus discussing
> internally if we should declare a specific amount of time (given it doesn't
> auto-update) we ended up a very generic message. We are, however, looking
> at showing better error messages like on the ticket I reported at
> https://phabricator.wikimedia.org/T163455#3199813
> 
> Please send a pull request or file a new ticket on Phabricator with the
> #operations and #codfw-rollout tags with a proposal and we can definitely
> change it by Wednesday.
> 
> Thanks,
> 



signature.asc
Description: OpenPGP digital signature
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Re: [Wikitech-l] [Wikipedia-l] Data centre switchover to Eqiad

2017-04-30 Thread Eddie Greiner-Petter
As there was a globalnotice the other week when we switched to codfw,
I'm sure there'll be one this week for the switch back too.

That reminds me that we noticed during switch to codfw that the message
shown when trying to really edit a page (the mediawiki read-only
message) contains:

The system administrator who locked it offered this explanation:
MediaWiki is in read-only mode for maintenance. Please try again in a
few minutes

which isn't quite informative. Is there a task for changing the "offered
explanation" part? Some hint about the DC switch (and maybe a link to
the meta page) would be better.

- Eddie

On 30.04.2017 21:15, David Gerard wrote:
> Would a sitenotice for logged-in users, or at least a watchlist
> notice, be a good idea?
> 
> 
> - d.
> 
> 
> 
> On 30 April 2017 at 19:08, zppix e  wrote:
>> Hello,  as you may or may not already know there will be a datacentre
>> switch back to Eqiad, WMF's main data centre, on May 3rd at approximately
>> 14:00 UTC. For approximately 20-30 minutes you will NOT be able to save
>> edits to any WMF project. If you have any questions feel free to reply back
>> to this email, or ask on IRC on freenode channel #wikimedia-tech. If there
>> any major issues that occur during this time please report them to
>> #wikimedia-tech on freenode!
>>
>> Thanks,
>> Zppix
>> Volunteer Developer for WMF
>> www.enwp.org/User:Zppix
>> ___
>> Wikipedia-l mailing list
>> wikipedi...@lists.wikimedia.org
>> https://lists.wikimedia.org/mailman/listinfo/wikipedia-l
> 
> ___
> Wikitech-l mailing list
> Wikitech-l@lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
> 



signature.asc
Description: OpenPGP digital signature
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l