[05:11:54] ori-l: https://en.wikipedia.org/wiki/Special:Contributions/208.80.154.51 <-- I have a feeling that a WMF (server) IP should not be editing, let alone vandalizing [05:12:39] sure, but why ping me of all people? [05:13:54] i don't have admin / checkuser / staff account [05:13:55] * Jasper_Deng thinks ori-l is a sysadmin [05:14:04] and I couldn't find any other sysadmins [05:14:20] ah, ok [05:14:23] * Jasper_Deng knows you can at least rule out or confirm the possibility of Labs [05:15:10] superm401: can you help? i have no idea how to chase this down or what to do with it [05:15:15] I'm not sure how CheckUser would help. [05:15:30] it could reveal XFF data [05:15:31] Jasper_Deng, sure, I'll take a look. [05:15:44] It may be a known issue, though. [05:15:50] I recall people talking about a broken XFF. [05:15:52] 208.80.154.51 does seem to be a WMF IP. [05:15:55] https://en.wikipedia.org/w/index.php?title=Rupert_Hollaus&diff=prev&oldid=566948512 doesn't look like vandalism [05:16:03] unless i'm misreading it somehow [05:16:20] well it has vandal warnings for this month, which is only 2 days old [05:16:23] Not really the point. [05:16:32] Jasper_Deng: You should just file a bug. [05:16:33] The point is the server shouldn't be editing, and it is probably related to XFF. [05:16:37] https://bugs.wikimedia.org [05:16:45] I do know that a Squid malfunctioned in a similar way [05:16:50] leading to a 10.* address editing. [05:17:00] Occasionally localhost edits. [05:17:26] I don't know if it's a server, but it's definitely WMF. [05:18:00] are we witnessing the cluster become sentient? [05:18:07] becoming [05:18:09] Hmm, the issue I recalled was IPv6. [05:18:11] that's my diagnosis [05:18:12] ori-l, Occam's Razor [05:18:16] Could just be the NSA [05:18:16] well, reverse dns leads to ssl1007.wikimedia.org - looks like maybe an SSL LVS [05:18:24] heh [05:18:35] yeah, i think there was a bug about exactly that [05:18:41] Jasper_Deng et al, did anyone file yet? [05:18:41] * ori-l greps through irc logs [05:18:43] I'm about to. [05:18:58] that would support an IPv6-related hypothesis because IPv6 is served only by the same ones as SSL [05:19:09] I didn't file it. [05:19:12] I was reading https://bugzilla.wikimedia.org/show_bug.cgi?id=52496 [05:19:18] superm401: idk [05:19:20] I searched for a dupe and didn't see anything. [05:19:52] Okay, I'll file. [05:20:15] I'm the sassmaster. [05:22:15] possibly related: [05:22:21] 18:43 grrrit-wm: (03PS1) 10Yurik: Do not mark HTTPS requests with X-CS header [operations/puppet] - 10https://gerrit.wikimedia.org/r/76873 [05:22:21] 18:43 yurik: paravoid, there is a problem with mark's patch - see ^ [05:22:21] 12:17 yurik: hi, is XFF header appended or prepended when going through the SSL proxy? [05:22:23] 12:26 yurik: paravoid, yes, that's why i'm asking about it -- i was reading that patch and noticed that Zero's XFF handling assumes that XFF gets appended each time it goes through a proxy (like opera servers or our SSL proxy) [05:22:42] paravoid, ugh, sorry if you got pinged. [05:24:49] https://bugzilla.wikimedia.org/show_bug.cgi?id=52497 [05:27:13] https://en.wikipedia.org/wiki/Special:Contributions/127.0.0.1 <--- huh? [05:27:46] Philon: Shit happens. [05:27:52] I think the IPv6 form has edits as well. [05:28:08] Shit happened 9 years ago, specifically. [05:28:39] https://en.wikipedia.org/wiki/Special:Contributions/::1 - yep [05:28:48] hey, that's my ip! [05:28:52] Shit happened this year too https://meta.wikimedia.org/wiki/Special:Contributions/127.0.0.1 [05:28:56] https://www.wikidata.org/wiki/Special:Contributions/127.0.0.1 [05:29:06] Shit regularly happens. [05:29:13] Git happens. [05:33:24] Not sure if that translation one is fixed or not. [05:33:30] Should probably keep an eye out for it. [05:33:51] mmm, just finished some of the left over burrito fixens I took home today [05:35:00] https://en.wikipedia.org/wiki/Wikipedia:Database_queries#Sysop_queries [05:35:02] Heh. [05:35:20] Such an incredulous superscript note. [05:36:27] csteipp, ^ [05:36:49] I think that means it was once possible for sysops to run arbitrary SQL queries from the UI? :D [05:37:00] And I thought we were crazy for allowing sysops to edit JS [05:40:12] The feature was called Special:AskSql, I think. [05:41:12] https://en.wikipedia.org/wiki/User:Kim_Bruning/Lost_functionalities#Loss_of_SQL_access_for_admins [05:41:32] oh! [05:41:39] i think about that 'lost functionalities' page often [05:41:46] i had vaguely intended to look it up again [05:41:49] thanks for that [05:43:04] Queries causing deadlocks is not the first reason that I would've given. [05:43:25] Also that page seems to be missing something about interwiki search [05:43:30] What would be your first? [05:43:35] Krenair, if they blacklisted the user table, perf is the only one I can think of. [05:43:38] private data Elsie [05:43:45] Private data isn't an issue. [05:43:52] And the private tables keeping checkuser data and such, obviously. [05:43:53] ... yes it is. [05:43:57] The Toolserver and Wikimedia Labs pretty well demonstrate this. [05:44:06] Elsie, those have a lot of filtering, just like I'm saying. [05:44:09] They demonstrate that it can be filtered out. [05:44:14] This feature did not do that. [05:44:19] Krenair: if you let the initial "OMG SQL access to users" subside and think about it for a second, it's actually quite wonderful [05:44:32] wonderfully dangerous [05:44:34] i'd love it if that were still in place, though i understand why it's not especially realistic [05:44:40] I don't remember how restrictive it was. [05:44:45] well, you know, insert standard joke about letting anyone edit content [05:44:55] It's hiding somewhere in Git or SVN. [05:45:17] probably near the start of the core history [05:45:19] the mediawiki API is pretty thorough, fortunately [05:45:23] but not as expressive as SQL [05:45:38] Being able to view the underlying tables is invaluable. [05:45:45] View and query. [05:46:18] Elsie: I think you're probably unusual in your awareness of and interest in details that exist at the database level [05:46:46] ori-l: you could have stopped before you typed "in" [05:46:47] Not entirely. [05:46:58] There's a reason the toolserver, and no Tool Labs is relatively popular. [05:47:03] I mean "now Tool Labs" [05:47:09] * greg-g waits [05:47:13] Yes. [05:47:21] unicorn logo? [05:47:26] germans? [05:47:36] i give up. [05:47:37] germans. [05:47:38] PHP app logic often hides issues. [05:47:44] ori-l, not sure if seroius [05:47:49] lol [05:47:52] superm401: the replica db, i know. [05:48:00] If you can see the underlying tables/data, it makes life easier. [05:48:20] And the security concerns are hugely overblown. [05:48:33] Given that we've been doing this for nearly nine years now. [05:48:52] Elsie, they're valid issues, but there are clear solutions, which they've implemented for Toolserver and Labs. [05:48:58] We should do more of it, but paranoia is a killer. [05:49:10] But given that, there's no real need to let arbitrary queries go through the main site (AskSql). [05:49:24] Because every wiki has its own testing cluster, heh. [05:50:08] Did anyone find SpecialAskSql.php? [05:50:47]

though knowing MediaWiki, its probably still confusing to use - $wgDontNotUnDisenableInstantCommons [05:51:00] That quip never gets old. [05:52:04] Anyone remember ExtensionFunctions.php? [05:52:50] g'night [05:53:05] Night, greg-g [05:53:13] https://www.mediawiki.org/w/index.php?title=Special:Code/MediaWiki/7474 [05:53:19] Krenair: ^ [05:53:36] Though even then it was behind a configuration variable. [05:53:48] no includes/specials directory then, that's why I couldn't find it [05:54:04] Right. [05:54:18] It's even in the index.php - "THIS IS VERY INSECURE." [05:54:22] night greg-g [05:55:12] $wgSqlLogFile = "{$wgUploadDirectory}/sqllog_mFhyRe6"; [05:55:35] Elsie: this is the library GitHub uses to render .mediawiki: https://github.com/nricciar/wikicloth [05:55:45] if you want to see what it implements [05:55:52] looks like someone smashed their face into their keyboard while typing that Elsie [05:55:57] ori-l: I already fixed the links, BTW. [05:55:59] Not sure if you saw. [05:56:08] oh, no, I didn't [05:56:09] * ori-l looks [05:56:12] Krenair: Security through obscurity. :-) [05:56:37] ori-l: I went with bullets, even though the GitHub parser is still pretty bad. [05:56:47] it's better! [05:56:50] https://github.com/wikimedia/mediawiki-core#readme [05:56:52] It works! [05:56:53] ® [05:56:59] but there needs to be an additional line of whitespace after the last bullet item [05:57:08] i think [05:57:08] No kidding. :P [05:57:13] There is a line there. [05:57:18] The parser sucks. [05:59:18] nice job with the readme guys [05:59:25] :) [05:59:27] :-) [05:59:37] i think the project page on github looks kinda cool now [05:59:47] hm, we still have wiki.phtml [05:59:47] it looked like some unofficial fork of some piece of abandonware before [05:59:50] and .php5 files [05:59:59] Yeah. [06:00:04] Those are really difficult to kill. [06:00:09] I don't think we support some older versions of PHP 5 anymore [06:00:33] I assume there's hundreds of old links to them hanging around on enwiki Elsie? [06:00:34] Ugh. [06:00:38] i screwed up. [06:00:49] Krenair: Not to php5, but to wiki.phtml, yeah. [06:00:52] I edited the README in-place on GitHub, thinking it'd submit a pull request [06:01:01] but it committed it to core, except only on GitHub. [06:01:04] lol. [06:01:11] You've created a Git horcrux. [06:01:13] I wonder what that breaks. [06:01:23] * ori-l facepalms. [06:02:49] revert it before ^demon sees? :p [06:02:54] still might break stuff though. I dunno. [06:02:58] ori-l, you should force push to fix it. [06:03:02] It might break on the next auto-pull. [06:03:17] That... sounds like a bad idea. But it might work! [06:03:28] Krenair, not as bad as leaving it there. [06:03:33] true [06:05:15] ori-l, you going to do fix it, or should I? [06:05:29] fixing [06:05:32] or trying to, anyway [06:05:44] Something like: [06:05:55] git checkout master [06:05:56] git reset --hard af94bc9c69db033c7308192b42a47a4f27e25878 [06:06:08] git push -f master github:master [06:06:11] If github is the remote [06:06:24] That hash is the commit before your change. [06:06:27] yeah, i just did [06:06:29] let's see what that did [06:06:38] You got it. [06:06:49] whew. [06:06:53] no one has to know. [06:06:59] except all the people on this channel. [06:07:04] And Git. [06:07:05] but none of you will tell anyone. [06:07:07] And anyone who reads http://ur1.ca/edq1o [06:07:13] 169 users. [06:07:23] Elsie, Git knows nothing, he removed it from the history :) [06:07:46] well, unless someone did a clone while the commit was there [06:07:46] 169 nicks, some of them aren't people. [06:07:48] but I doubt it [06:08:39] * Elsie takes away ori-l's keys. [06:08:54] https://github.com/atdt.keys # I learned about this this week. [06:09:16] that's handy [06:09:32] It's pretty crazy that the whole GitHub Wikimedia "organization" (whatever GitHub means by that) has direct push access to all our repos there, even the auto-mirrored ones. [06:09:46] I don't think all members do.. [06:10:01] only the stupid, irresponsible ones [06:10:09] apparently [06:10:13] Just click "edit." Oh wait. [06:10:15] Just all owners. And there's like 17 of us (1 of which is 'wmfgerrit') [06:16:10] * ori-l doesn't trust wmfgerrit [06:16:36] someone with access to the e-mail account should upload a gravatar [06:16:48] actually there are some smaller groups of members which have push access to multiple repositories (biggest has push to 21, whereas the org account has 879 repos in total) [06:16:55] Oh, Mr. Snowden is on the English Wikipedia Main Page. [06:17:17] https://en.wikipedia.org/wiki/Main_Page [06:18:00] Long ago, there was talk of making https://en.wikipedia.org/ not redirect. [06:18:04] I still kind of like that idea. [06:18:20] I don't think there's any good reason it redirects. [06:53:28] Anyone know why en.wp is getting a ton of edits [[Special:Contributions/208.80.154.51]], that IP mapping back to WMF? [06:54:30] It's gotten a few level4 warnings and still bad edits since then... [06:55:23] in the past few hr. Hate to see us block ourselves:) [07:04:28] dmacks, yeah, it's filed. [07:04:32] https://bugzilla.wikimedia.org/show_bug.cgi?id=52497 [07:05:47] good find! Thanks [07:06:17] Er well, obviously you could find that bz item easily:) [07:06:25] dmacks, sure, cause I filed it. :) [07:06:50] * dmacks rarely visits -tech, doesn't recognize too many nicks here:( [07:06:52] Jasper_Deng brought it up earlier. [07:06:56] dmacks, no problem. [07:21:36] superm401: why not blocking the ip with autoblock disabled [07:21:37] *? [07:22:27] I can see both sides. [07:22:39] If you block, you're blocking some legit contributors (maybe anons, maybe even logged in, not sure). [07:22:47] If you don't block, there's attribution problems. [07:22:51] superm401: https://commons.wikimedia.org/wiki/User_talk:208.80.154.51 [07:23:03] it is blocked. schould i unblock it? [07:23:06] Not going to do anything either way, but if the bug doesn't get fixed feel free to start making noise. [07:23:18] Give it a few hours. [07:23:51] INeverCry has blocked not i.. [07:24:12] Re "give it a few hours", I meant for you to wait before pinging people about the bug. [07:24:16] Wasn't talking about the block. [07:24:27] I will comment that it's a WMF server IP. [07:24:39] i know [07:28:11] Steinsplitter, did it actually do anything on Commons? [07:28:22] Can't tell. I can't see deleted contribs since I'm not a commons admin. [07:29:41] no [07:29:49] momment [07:29:58] nope [07:30:04] Maby was blocked by CheckUser [15:48:31] Hi all [15:49:42] Is some one there who know mysql? [15:51:19] Yes.. [15:51:22] What's up? [15:52:08] Is it possible for you to write a query for me to getting the number of articles without article created by bots. [15:58:21] Elph: can't you just use stats.wikimedia.org? [15:58:41] how? [15:58:55] have you ever visited it? [15:59:05] yes [15:59:07] good [15:59:36] but can't find statistics without bots [15:59:42] http://stats.wikimedia.org/EN/BotActivityMatrixCreates.htm [15:59:57] you only have to subtract the bot created articles to the total [16:00:44] no [16:00:50] hah, nl.wiki almost reached 1 million, 60 % now [16:00:52] no? [16:01:08] i want to create new table [16:01:27] to rank all wikis by number of articles without bots [16:01:32] so? the data is there [16:02:20] there is some data about bots not about wikis [16:02:31] no idea what you mean [16:02:56] let say again [16:03:23] http://meta.wikimedia.org/wiki/%D9%82%D8%A7%D8%A6%D9%85%D8%A9_%D8%A7%D9%84%D9%88%D9%8A%D9%83%D9%8A%D8%A8%D9%8A%D8%AF%D9%8A%D8%A7%D8%AA [16:03:37] please see the link [16:03:53] I know that table, so? [16:04:04] it's contain number of total articles [16:04:13] yes, it's the official definition [16:04:36] but i want to number of aritcles without articles created by bots [16:04:46] please define "I want" [16:05:11] do you want the number for yourself, or do you want to impose it to others by changing the counting method used by that table? [16:06:22] some discussion in ar.wiki about articles created by bot [16:06:38] yeah, of course [16:07:00] someone ask is it possible to know who mach we have articles non created by bots [16:07:08] who is we [16:07:53] we means ar.wiki users [16:08:04] for ar.wiki, the table I linked you contains the answer: out of 225 thousands articles, 199 thousands are not bot created [16:08:55] thanks. in need to see the link again :) [16:09:38] yes, usually paying more attention to my suggestions is a good starting point :P [16:09:42] just kidding [16:10:01] :) [19:19:16] hi, i have a medium size encyclopedia like php application and i want to migrate this to mediawiki, could anyone suggest me any guideline for this? [19:51:05] nasir8891, #mediawiki [19:51:51] OuKB: thanks for mentioning [19:52:08] i already asked this question there [19:52:26] but did not get enough information [19:52:59] so i thought someone might be online here :) [20:38:17] This headline: [20:38:19] http://rt.com/news/wikipedia-encryption-security-nsa-990/ [20:39:37] I can't wait to "lock out the NSA".