Re: [Wikitech-l] Grant merge rights on core to Martin Urbanec

I am also surprised by this and strongly support this request! Martin has been instrumental in refactoring much of the code in the blocking system that is essential to the mission's continued success. [image: Wikimedia-logo black.svg] *David Barratt* Senior Software Engineer, Anti-Harassment

Re: [Wikitech-l] New Feature from Community Tech: Enhanced Password Reset

Awesome!!! [image: Wikimedia-logo black.svg] *David Barratt* (he/him) Software Engineer, Anti-Harassment Tools Wikimedia Foundation <https://wikimediafoundation.org/> On Mon, May 11, 2020 at 6:01 PM Ilana Fried wrote: > Hello everyone, > > > The Community Tech team[1]

Re: [Wikitech-l] realtime notifications disabled in Phabricator

I think they mean that if you have the board open and someone else moves a task, it will update on your end in realtime. I imagine this *would* be affected by the change. On Mon, Nov 25, 2019 at 6:28 PM Daniel Zahn wrote: > On Mon, Nov 25, 2019 at 11:21 AM Sebastian Berlin < >

Re: [Wikitech-l] Composer does not know mediawiki/mediawiki on dry-runs

as far as I know, extensions shouldn't be declaring a dependency on MediaWiki in composer.json and if one is, it should probably be fixed. On Fri, Nov 15, 2019 at 9:50 AM Stephan Gambke via Wikitech-l < wikitech-l@lists.wikimedia.org> wrote: > > When running `composer update` MediaWiki injects a

Re: [Wikitech-l] Wikiwisdom Update and Question

Related: https://meta.wikimedia.org/wiki/Community_Wishlist_Survey_2020/Wikiquote/Structured_Wikiquote On Thu, Oct 24, 2019 at 2:52 PM Adam Sobieski wrote: > Wikimedia-l, > Wikitech-l, > > It appears that there is a growing consensus in the discussion area for > the Wikiwisdom sister project

Re: [Wikitech-l] WebTestCase

> What is this "controller" in MediaWiki context? Do you have any example of > how this would work? For instance, you could call the `::execute()` method on a class that extends SpecialPage directly. It might be helpful to know what you are trying to do though. Basically what Gergo said. :) On

Re: [Wikitech-l] WebTestCase

As far as I know, MediaWiki does not have a centralized router like Symfony and Drupal have. Therefore, you must call the "controller" directly from your test. Also, the "controller" will typically print the result, so you would need to capture the result with output buffering:

Re: [Wikitech-l] 503 Backend fetch failed

If you could provide the URL or the request that might be helpful. I know for instance that I have sometimes received that error on https://query.wikidata.org/ when there is a query timeout. On Tue, Oct 1, 2019 at 4:35 PM Gergő Tisza wrote: > 503 Backend fetch failed is a generic error message

Re: [Wikitech-l] Docs for using Mediawiki Docker Image

I started a page at: https://www.mediawiki.org/wiki/Docker/Hub please improve it. :) And yes, to answer your question, there should be a single container per process ( https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications). Since node.js is a separate

Re: [Wikitech-l] [Train] 1.34.0-wmf.20 status update

Can you give an update on the status of the train? Will Group 2 be moved to wmf.20 or will it skip that version? https://tools.wmflabs.org/versions/ Thanks! On Thu, Aug 29, 2019 at 12:48 PM Željko Filipin wrote: > The 1.34.0-wmf.20 version of MediaWiki is blocked[0]. > > The new version is

Re: [Wikitech-l] Oauth non working properly

glish Wikipedia. > > Kind regards > > > -Original Message- > From: Wikitech-l On Behalf Of > David Barratt > Sent: 31 August 2019 15:58 > To: Wikimedia developers > Subject: Re: [Wikitech-l] Oauth non working properly > > What's the url of the dashboar

Re: [Wikitech-l] Oauth non working properly

What's the url of the dashboard? also, what is the url of the empty page (that you get redirected to)? On Sat, Aug 31, 2019 at 9:09 AM wrote: > Hi all, > > I am doing an edit-a-thon and I have a strange behaviour with an user. > > > > He allows the use of Oauth for the Dashboard but he does the

Re: [Wikitech-l] Dealing with composer dependencies in early MediaWiki initialization

zation. That is wrong anyways. That would prevent a MediaWiki user from disabling an extension without removing the code via the Composer CLI. Breaking something we want to discourage, I think, is a good thing. David Barratt (he/him) Software Engineer, Anti-Harassment Tools Wikimedia Foundation On Wed,

Re: [Wikitech-l] Issues with Cross-Origin Resource Sharing (CORS) JQuery Request

Somewhat related: https://phabricator.wikimedia.org/T210790 On Mon, May 6, 2019 at 9:05 AM Brad Jorsch (Anomie) wrote: > On Mon, May 6, 2019 at 7:14 AM Egbe Eugene wrote: > > > After looking at [1]Manual:CORS and trying to perform a request with > JQuery > > from an external application, I

Re: [Wikitech-l] mwoauth.errors.OAuthException in Flask

With owner-only consumers, you cannot use the grant process: https://www.mediawiki.org/wiki/OAuth/Owner-only_consumers you can use the resource directly. When you request an owner-only token, you should get an access token at that point. Unfortunately (afaik) there is no way to test the workflow

Re: [Wikitech-l] Question to WMF: Backlog on bugs

Wikimedia Foundation is not even in the top 100 non-profits in the United States: https://www.forbes.com/top-charities/list/ Money is relative. On Sun, Mar 24, 2019 at 10:34 PM Nathan wrote: > I think it was doomed to fail as soon as people argued that an organization > with an ~$80m annual

Re: [Wikitech-l] Question to WMF: Backlog on bugs

> > I would prefer to have a way to measure technical debt and how it is > changing. > I think the entire software industry would prefer to have that, but as far as I know, that type of measurement does not exist. On Wed, Mar 20, 2019 at 4:23 PM Pine W wrote: > On Tue, Mar 19, 2019 at 4:16 PM

Re: [Wikitech-l] Question to WMF: Backlog on bugs

All software development costs someone something. Software does not change without someone paying something for it (even if that is just their own time, time has value). To that end, technical debt, is like any other software change. There is no difference between solving technical debt, fixing

Re: [Wikitech-l] Gerrit Vandalism

Several of my patches were vandalized, should I fix them or leave them alone? On Tue, Mar 19, 2019 at 2:52 AM Alaa Sarhan wrote: > Okay > > On Tue, 19 Mar 2019 at 07:48, Amir Sarabadani wrote: > > > It's a security ticket. Only people who are added explicitly can see it. > > > > Best > > > >

Re: [Wikitech-l] Question to WMF: Backlog on bugs

Perhaps a better example would be the Drupal community who has a total of ~1,071,600 issues and ~282,350 of those are open https://www.drupal.org/project/issues and they have several organizations https://www.drupal.org/organizations working on the software. I do not understand how a large

Re: [Wikitech-l] Question to WMF: Backlog on bugs

Is the Wikimedia Foundation responsible for people's emotions? On Thu, Mar 14, 2019 at 10:51 AM John Erling Blad wrote: > Yes, there should always be a response to all bugs. Without a response > the impression in the reporting wiki-community would be "nobody cares > about our bug reports". > >

Re: [Wikitech-l] Question to WMF: Backlog on bugs

> > I think that there's consensus that the backlog is a problem. > For whom is the backlog a problem? On Tue, Mar 12, 2019 at 4:36 PM Pine W wrote: > I'm going to make a few points that I think will respond to some comments > that I've read, and I will try to organize some of my previous

Re: [Wikitech-l] Question to WMF: Backlog on bugs

A customer, by definition (https://en.wikipedia.org/wiki/Customer) exchanges something of value (money) for a product or service. That does not mean that a freemium model ( https://en.wikipedia.org/wiki/Freemium) is not a valid business model. However, if there is no exchange of value, the person

Re: [Wikitech-l] Question to WMF: Backlog on bugs

> > Most development work is done by volunteers According to https://wikimedia.biterg.io/ that does not appear to be the case. Or is there some other metric that is more accurate? On Sun, Mar 10, 2019 at 6:33 PM Zppix wrote: > To blame WMF for having a huge backlog is wrong imho. Most

Re: [Wikitech-l] Question to WMF: Backlog on bugs

> > So if only wikiworld were for profit, then it wouldn't be > resource-constrained? > You don't have to be for-profit to have a self-sustaining business model. But you do have to have a problem (or a need), with a solution, that customers are willing to pay for to solve. Even if you give the

Re: [Wikitech-l] Announcing the Docker Special Interest Group

Thank you for organizing this!!! On Thu, Feb 14, 2019 at 6:22 PM Greg Grossmeier wrote: > Hello, > > At this year's WMF All Hands there was an unconference session about > MediaWiki and Docker; what people currently are doing/using and what > plans are for the future. > > One of the identified

Re: [Wikitech-l] A potential new way to deal with spambots

http://gph.is/2lnp32Z On Mon, Feb 11, 2019 at 5:19 PM Pine W wrote: > Thanks for the replies. > > I think that detailed discussion of the pros and cons of the Tech Wishlist > should be separate from this thread, but I agree that one way to get a > subject like unflagged bot detection addressed

[Wikitech-l] BREAKING CHANGE Action::requiresUnblock() is now called from Title::getUserPermissionsErrors() and Title::userCan()

Previously, Action::requiresUnblock() was only called in Action::checkCanExecute() which was called by Action::show(). As of 478056 , Action::requiresUnblock() is now called from Title::getUserPermissionsErrors() and Title::userCan().

Re: [Wikitech-l] Changes to User Blocking

gt;isSitewide() // or some other condition, if you do not have the title object. OR $user->getBlock() && $user->getBlock()->prevents( 'upload' ) // or some other action that a block knows how to handle. or some other combination. :) Thanks! On Mon, Nov 5, 2018 at 10:15 AM Dav

Re: [Wikitech-l] Changes to User Blocking

> > Well, that function is also exposed externally, e. g. in the 'blocked' > field of the OAuth identity (what’s returned by Special:OAuth/identify). > What should happen to that in the future? For the Userinfo API we added

Re: [Wikitech-l] My Phabricator account has been disabled

> > the unclear CoCC action > Why do you feel that you need clarity on the CoCC's actions? or perhaps a better way to ask would be: What do you gain from getting more clarity? On Wed, Aug 15, 2018 at 6:58 PM Isarra Yos wrote: > On 10/08/18 14:31, David Barratt wrote: > >>

Re: [Wikitech-l] My Phabricator account has been disabled

thankful that their are avenues to pursue alternative resolutions. *or are we dancer? :P https://en.wikipedia.org/wiki/Human_(The_Killers_song)#Lyrics On Wed, Aug 15, 2018 at 6:46 PM Isarra Yos wrote: > On 15/08/18 22:40, David Barratt wrote: > >> In this particular case,

Re: [Wikitech-l] My Phabricator account has been disabled

> > In this particular case, it was based on a comment that was deleted. > https://web.archive.org/web/20180803232905/https://phabricator.wikimedia.org/T200742#4475216 And no, my intention was not to imply "if you did nothing wrong, you have nothing to hide", it was only that, our public

Re: [Wikitech-l] My Phabricator account has been disabled

> > If someone accuses me, I have no way to defend myself. > This isn't a he said, she said type of issue, it's based on evidence that is public and difficult (if not impossible) to delete. If you feel that you would have to defend your behavior,

Re: [Wikitech-l] My Phabricator account has been disabled

Slang terms, typically do not maintain the same meaning and intention when used crossed-culturally (otherwise they wouldn't be slang terms). To preserve the intended meaning, I would suggest using a term or phrase that conveys what you are trying to say in a more cross-cultural way. On Wed, Aug

Re: [Wikitech-l] My Phabricator account has been disabled

> > Again, this isn't enwiki, but there would be a large mob gathering at the > administrators' doorstep on enwiki for a block without that context and > backstory. > That seems like really toxic behavior. On Tue, Aug 14, 2018 at 6:27 AM George Herbert wrote: > I keep seeing "abusers" and I

Re: [Wikitech-l] My Phabricator account has been disabled

nformation on > what is possible, common, and feasible. > > -I > > On 09/08/18 22:39, David Barratt wrote: > > I'm not sure I completely understand the problem. What is being called a > > "lack of transparency" is the opposite of "privacy by design.&q

Re: [Wikitech-l] My Phabricator account has been disabled

I'm not sure I completely understand the problem. What is being called a "lack of transparency" is the opposite of "privacy by design." What is being called a bug, is perhaps a feature. The irony of this, ought not be missed. On Thu, Aug 9, 2018 at 6:33 PM Isarra Yos wrote: > An interesting

Re: [Wikitech-l] My Phabricator account has been disabled

> > If we really feel people trying to interact with a banned users should find > out the user is banned, it could be displayed in their Phabricator profile > or in the Phabricator calendar (that results in a little notice icon > everywhere the username is used), although I'd hope the banned

Re: [Wikitech-l] My Phabricator account has been disabled

018 at 5:19 PM David Barratt > wrote: > > > However, there will have to be a significant number of major changes > before > > that can be a reality. > > > > Which kind of changes? > ___ > Wikitech-l mailing lis

Re: [Wikitech-l] My Phabricator account has been disabled

> > So basically your're saying that the wiki way of doing things, were > blocks and bans are public and often contain the offending diff, is > bad and should not be followed. Is the CoC committee really the venue > where such a decision should be made? Shouldn't the wiki way be the > default

Re: [Wikitech-l] My Phabricator account has been disabled

I fear that this thread is perhaps having a chilling effect on the members of the Code of Conduct Committee, but perhaps that was the desired effect. On Wed, Aug 8, 2018 at 2:51 PM Federico Leva (Nemo) wrote: > Thanks Amir and MZMcBride for disclosing the action. > > A volunteer has been

Re: [Wikitech-l] eslint compromised, reset your npm tokens

It's sad to see how the npm team could have taken steps to mitigate this situation before hand: https://github.com/npm/npm/pull/4016 Important lesson for everyone (including myself). On Thu, Jul 12, 2018 at 11:42 AM C. Scott Ananian wrote: > Further eslint-related packages seem to be infected:

Re: [Wikitech-l] MediaWiki and OpenID Connect

Although... while I don't think we should encourage private data disclosure, if people want to discluse that data, I think it should be structured. Therefor, I think global users should be Wikibase items on Meta https://phabricator.wikimedia.org/T173145 This would allow people to expose data

Re: [Wikitech-l] [Wmfall] GlobalPreferences now available on a wiki near you

YAY! SO EXCITING! On Tue, Jul 10, 2018 at 2:20 PM Niharika Kohli wrote: > Hello all, > > I'm happy to announce that GlobalPreferences > is now > available on all Wikimedia wikis. This project came out of the Wishlist > Survey

Re: [Wikitech-l] CI jobs using npm might suffer from a 10 minutes delay

If we were to upgrade npm to 5+ (I think) that would support package-lock.json https://docs.npmjs.com/files/package-lock.json That file would be committed to our code repository and allow the CI to skip the dependency resolution step(s). This means that the tar/zip or clone would happen directly

Re: [Wikitech-l] [MediaWiki-announce] MediaWiki 1.31.0 now available!

The release is now on Docker hub: https://hub.docker.com/_/mediawiki/ Special Thanks to Magnus Österlund for creating the PR . :) On Thu, Jun 14, 2018 at 2:22 AM Chad Horohoe wrote: > Hello everyone, > > I am

Re: [Wikitech-l] Gerrit as a shared community space

Do we have a Terms of Service for Gerrit (or any other technical spaces)? If not, perhaps we should add one? If so, perhaps we should add the code of conduct to the terms of using the service? Examples: https://www.drupal.org/git-repository-usage-policy

Re: [Wikitech-l] MediaWiki and OpenID Connect

"As aforementioned, system administrative configuration options could include allowing verified users to choose whether to display their real names or to display their usernames." I think you might be missing the point, we don't even want to collect that data in the first place, let alone allow

Re: [Wikitech-l] Commons app - version 2.7 release

or car, I just have to have a key. On Wed, May 2, 2018 at 8:58 AM, David Barratt <dbarr...@wikimedia.org> wrote: > 2 Factor Authentication can be broken up like this: > - Something you have > - Something you know > > The "something you have" can be anything in your

Re: [Wikitech-l] Commons app - version 2.7 release

2 Factor Authentication can be broken up like this: - Something you have - Something you know The "something you have" can be anything in your possession, this could be hard things like a U2F device, a smartphone, or soft things like a phone

Re: [Wikitech-l] How does a build process look like for a mediawiki extension repository?

Symfony is going to start recommending the use of `make` starting with version 4, so it might be something worth exploring: http://fabien.potencier.org/symfony4-best-practices.html#makefile (I have no opinion on the matter) On Wed, Jun 7, 2017 at 5:48 PM, Bryan Davis wrote:

Re: [Wikitech-l] How does a build process look like for a mediawiki extension repository?

Much like npm, you can hook into the existing build steps, as well as create your own custom scripts: https://getcomposer.org/doc/articles/scripts.md On Wed, Jun 7, 2017 at 4:29 PM, Brion Vibber wrote: > For JS dependencies, image optimizations etc the state of the art