Wikitech-l February 2014

wikitech-l@lists.wikimedia.org

152 participants
157 discussions

by Mark A. Hershberger

Mz writes: > I received this message twice. Ten-four! My apologies to you and the list. I re-sent it because I saw it on mediawiki-l but not on wikitech-l. > Can you please create a 2014 timeline of expected releases? Or at least > the first half of 2014? Yes. I'll do that this week, maybe even tonight. Mark.

9 years, 1 month

Monthly point releases

by Mark A. Hershberger

Subject: Monthly point releases Based on the issues raised during a meeting we had at the Architecture Summit a couple of weeks ago, those of us involved in MediaWiki release management have decided to introduce a monthly point-release cycle. On the last Thursday of every month we'll collect fixes that have been made and release them for download. We plan to continue to use the "Known Issues" subpage[1] to drive the issues that are incorporated into the release. This means that if you have an issue that you think should be addressed before the next major release, you can add it to the "Known Issues" page. We'll review it and, if we agree that it is an appropriate issue for a point release, then we'll try to get it resolved. Of course, this is a community-driven effort, so issues that have working code attached are more likely to be resolved in a point release than requests without code. If you cannot provide patches, that doesn't mean that your issue won't be fixed. Instead, you can help us find someone to fix it and further help by testing any fixes provided. We hope that this will mean a more usable MediaWiki. Thanks, Mark. [1] https://www.mediawiki.org/wiki/MediaWiki_1.22/Known_issues

9 years, 1 month

Please update for the latest security patch

by Chris Steipp

Hi lists, If you haven't patched with the last security release, or know of a wiki that hasn't patched yet, please do so immediately. An exploit was released on the full disclosure mailing list over the weekend[1] that targets the vulnerability in the PdfHandler extension. If you're not able to patch for some reason, you may be able to work around the issue: * If you have never allowed .djvu files to be uploaded, but you do allow pdf files, you can simply disable the PdfHandler extension (typically by remove the include in your LocalSettings.php). * If you have any .djvu files saved on your wiki, then there is no workaround-- you need to apply the security patch to MediaWiki core. If anyone is running an unsupported branch of MediaWiki (1.20 was recently EOL'ed), and needs help creating a patch for their instance, I'm happy to try and work with you to get the vulnerability closed. Contact me off list, or on irc. [1] - http://seclists.org/fulldisclosure/2014/Feb/6

9 years, 1 month

Bugzilla Weekly Report

by reporter

MediaWiki Bugzilla Report for January 27, 2014 - February 03, 2014 Status changes this week Reports changed/set to UNCONFIRMED: 8 Reports changed/set to NEW : 19 Reports changed/set to ASSIGNED : 17 Reports changed/set to REOPENED : 8 Reports changed/set to PATCH_TO_RE: 82 Reports changed/set to RESOLVED : 245 Reports changed/set to VERIFIED : 5 Total reports still open : 13803 Total bugs still open : 8037 Total non-lowest prio. bugs still open: 7830 Total enhancements still open : 5766 Reports created this week: 297 Resolutions for the week: Reports marked FIXED : 180 Reports marked DUPLICATE : 22 Reports marked INVALID : 18 Reports marked WORKSFORME: 14 Reports marked WONTFIX : 9 Specific Product/Component Resolutions & User Metrics Created reports per component MediaWiki extensions Flow 34 VisualEditor Editing Tools 15 MediaWiki extensions MobileFrontend 11 VisualEditor General 11 MediaWiki Skin and page rendering 10 Created reports per product MediaWiki extensions 131 MediaWiki 60 Wikimedia 35 VisualEditor 32 Wikipedia App 10 Top 5 bug report closers ebernhardson [AT] wikimedia.or15 neverett+bugzilla [AT] wikimed15 matma.rex [AT] gmail.com 13 jrobson [AT] wikimedia.org 10 umherirrender_de.wp [AT] web.d9 Most urgent open issues Product | Component | BugID | Priority | LastChange | Assignee | Summary -------------------------------------------------------------- Analytics | Tech communit | 57038 | Highest | 2013-12-23 | acs[AT]bitergia.com | Metrics about contributors with +2 pe MediaWiki ext | Diff | 58274 | Highest | 2014-01-22 | wikibugs-l[AT]lists. | Implement an order-aware MapDiffer MediaWiki ext | Echo | 53569 | Highest | 2014-02-02 | wikibugs-l[AT]lists. | [Regression] Echo: Sending 2 e-mails MediaWiki ext | Flow | 58016 | Highest | 2014-01-27 | wikibugs-l[AT]lists. | Flow: Suppression redacts the wrong u MediaWiki ext | Translate | 60306 | Highest | 2014-01-29 | ori[AT]wikimedia.org | TypeError: mw.uls is undefined on [[m MediaWiki ext | WikidataRepo | 58166 | Highest | 2013-12-09 | wikidata-bugs[AT]lis | label/description uniqueness constrai MediaWiki ext | WikidataRepo | 57918 | Highest | 2014-01-13 | wikidata-bugs[AT]lis | show diffs for sorting changes MediaWiki ext | WikidataRepo | 52385 | Highest | 2014-01-16 | wikidata-bugs[AT]lis | Query by one property and one value ( MediaWiki ext | WikidataRepo | 60127 | Highest | 2014-01-17 | wikidata-bugs[AT]lis | Implement DB schema for query indexes VisualEditor | Editing Tools | 50768 | Highest | 2014-01-22 | rmoen[AT]wikimedia.o | VisualEditor: Better reference UI for VisualEditor | MediaWiki int | 48429 | Highest | 2014-01-21 | krinklemail[AT]gmail | VisualEditor: Support editing of sect Wikimedia | Apache config | 31369 | Highest | 2014-01-20 | bugzilla+org.wikimed | Non-canonical HTTPS URLs quietly redi Wikimedia | General/Unkno | 49189 | Highest | 2014-01-16 | springle[AT]wikimedi | New fields: ar_id, el_id. Wikimedia | General/Unkno | 60710 | Highest | 2014-02-02 | wikibugs-l[AT]lists. | multiversion/getMWVersion prints vers Wikimedia | Mailing lists | 60215 | Highest | 2014-01-30 | wikibugs-l[AT]lists. | Mails to any wikimedia.org account/li Wikimedia Lab | Infrastructur | 48501 | Highest | 2014-01-23 | greg[AT]wikimedia.or | beta: Get SSL certificates for *.{pro

9 years, 1 month

Tor exemption process (was: Re: Jake requests enabling access and edit access to Wikipedia via TOR)

by Erik Moeller

On Mon, Jan 13, 2014 at 9:10 AM, Chris Steipp <csteipp(a)wikimedia.org> wrote: >> To satisfy Applebaum's request, there needs to be a mechanism whereby >> someone can edit even if *all of their communications with Wikipedia, >> including the initial contact* are coming over Tor or equivalent. >> Blinded, costly-to-create handles (minted by Wikipedia itself) are one >> possible way to achieve that; if there are concrete reasons why that >> will not work for Wikipedia, the people designing these schemes would >> like to know about them. > This should be possible, according to https://meta.wikimedia.org/wiki/NOP, > which Nemo also posted. The user sends an email to the stewards (using tor > to access email service of their choice). Account is created, and user can > edit Wikimedia wikis. Or is there still a step that is missing? I tested the existing process by creating a new riseup.net email account via Tor, then requesting account creation and a global exemption via stewards(a)wikimedia.org. My account creation request was granted, but for exemption purposes, I was requested to go through the process for any specific wiki I want to edit. In fact, the account was created on Meta, but not exempted there. The reason I gave is as follows: "My reason for editing through Tor is that I would like to write about sensitive issues (e.g. government surveillance practices) and prefer not to be identified when doing so. I have some prior editing experience, but would rather not disclose further information about it to avoid any correlation of identities." This seems like a valid reason for a global exemption to me, so I'm not sure the current global policy is sufficient. Erik -- Erik Möller VP of Engineering and Product Development, Wikimedia Foundation

9 years, 1 month

How to retrieve the page, execute some time expensive operation and edit the page ONLY if it wasn't changed meanwhile

by Petr Bena

The title pretty much say what I need 1) Retrieve the page - page must not be changed starts NOW 2) Do something what requires user input, possibly may last few minutes 3) Save the page ONLY if it wasn't changed, if it was, go back to step 1 this all needs to be done using API, I thought that edit token would help me here, so that I would fetch the token at step 1 and edit using it at step 3, hoping it expire if someone edit the page meanwhile. But this doesn't seem to work according to documentation, because edit token is only changed when user logout. Is there any super-safe and proper method to do this? Preferably something more reliable than just storing the timestamp and comparing it (in theory someone could edit the page even in short time when timestamp is compared). I need some super-safe lock that prevent all possible race conditions here.

9 years, 1 month

Dynamic search results as category pages

by Yuri Astrakhan

Hi, I am thinking of implementing a #CATQUERY <query> magic keyword for the category pages. When this keyword is present, the category page would execute a query against the search backend instead of normal category behavior and show result as if those pages were actually marked with this category. For example, this would allow Greek Philosophers category page to be quickly redefined as a cross-section of greeks & philosophers categories: #CATQUERY incategory:Greek incategory:Philosopher Obviously the community will be able to define much more elaborate queries, including the ordering (will be supported by the new search backend)

9 years, 1 month

Jump to page:

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Wikitech-l February 2014