[00:00:00] <dtm>	 quiddity: how's it going
[00:01:41] <dtm>	 i just realized that not all of the citation templates are in sync.  {{cite web}} has a few parameters for translations, like for the title, but amazingly not for the actual url target.  and {{cite interview}} doesn't have them at all.
[00:02:22] <dtm>	 so i had to hack the situation thusly: <ref name="Official Earthbound 64 Cancellation Interview">{{cite web | title=Official Earthbound 64 Cancellation Interview | url=http://www.1101.com/nintendo/nin13/nin13_2.htm | language=Japanese | date=August 22, 2000 | first1=Shigesato | last1=Itoi | first2=Satoru | last2=Iwata | first3=Shigeru | last3=Miyamoto | publisher=Shigesato Itoi | ...
[00:02:28] <dtm>	 ... others=[http://yomuka.wordpress.com/2013/08/18/earthbound-64-cancellation-interview-itoi-miyamoto-iwata/ translated by Yomuka] | accessdate=July 5, 2014}}</ref>
[00:02:40] <dtm>	 so where does a person submit suggestions for improving templates?
[00:04:57] <legoktm>	 dtm: the talk page.
[00:07:25] <dtm>	 legoktm: for all of them?
[00:07:52] <legoktm>	 well you didn't specify which templates
[00:08:04] <dtm>	 yeah i did!  i guess i can do one and then link to the others.
[00:08:23] <dtm>	 s/to the/from the/
[00:08:29] <legoktm>	 well on enwp, they all redirect to Help talk:Citation Style 1 I think.
[00:08:44] <dtm>	 sounds good; i'll look.  thanks.
[05:44:58] <Sven_Manguard>	 Hello. I just tried to test https://bugzilla.wikimedia.org/show_bug.cgi?id=65437 by uploading a file as a .jpe and it disallowed it. Has this bug been fixed and not documented as such, or am I misunderstanding the bug?
[05:50:04] <p858snake|l>	 uploading the file is unrelated to that bug.
[06:12:06] <Sven_Manguard>	 p858snake|l: oh. How do files wind up with the .jpe extension then? The move + replace tool will change *everything* (.JPE, .jpeg, .jpe, etc.) to ".jpe"
[06:12:28] <Sven_Manguard>	 so if it's not uploaded as a .jpe, and it's not moved to that? 
[06:36:16] <p858snake|l>	 Sven_Manguard: upload checks were differnt in the past, so files could be uploaded
[06:36:28] <Sven_Manguard>	 okay
[06:36:32] <p858snake|l>	 and then there are situations where people let any file extension to be uploaded
[06:36:38] <Sven_Manguard>	 eww
[06:36:44] <Sven_Manguard>	 that... that's not good.
[06:36:56] <p858snake|l>	 nothing wrong with it?
[06:36:59] <p858snake|l>	 eg: private wiki
[06:37:09] <Sven_Manguard>	 Oh, well I don't care about that
[06:37:15] <Sven_Manguard>	 I'm only concerned with Commons 
[06:37:39] <Sven_Manguard>	 where, as an admin, I get to be the poor sod that cleans up after whatever weirdness gets thrown at the project 
[06:38:35] <Jasper_Deng>	 I'm sure .exe can't be uploaded though
[06:39:10] <Sven_Manguard>	 oh hey Jasper_Deng 
[06:39:15] <p858snake|l>	 if you disable the checks,
[06:39:19] <p858snake|l>	 yes they can
[06:39:39] <Sven_Manguard>	 and, honestly, I wouldn't be surprised if someone got an .exe onto Commons
[06:40:14] <Sven_Manguard>	 if you spend enough time doing maintenance work in the untrodden, far off litter corners, you see some weird shit
[06:40:24] <Sven_Manguard>	 little* corners 
[06:40:37] <Sven_Manguard>	 although the first thing I said also works 
[09:18:47] * legoktm pokes Nemo_bis 
[09:19:49] <legoktm>	 wait, ignore me
[09:19:51] <legoktm>	 I figured it out
[09:23:40] <Nemo_bis>	 legoktm's uncertainty lasts 1 min :P
[09:24:50] <Nemo_bis>	 When I have some time I'd like to investigate how to "attack" the bulk of those 4M unattached accounts without a mass of emails...
[09:26:50] <Nemo_bis>	 I don't remember if we already attached everything that is attachable by email address and I wonder how many of those 4M could be attached by password if only users logged in once.
[09:27:52] <legoktm>	 I'm running the query for "... global clash but appear to be merge-able"
[09:27:55] <legoktm>	 right now
[09:28:03] <legoktm>	 using email data
[09:28:13] <legoktm>	 for passwords, we can't really do much unless they login
[09:30:39] <Nemo_bis>	 Ah great, as usual you precede my thoughts ;)
[09:33:29] <Nemo_bis>	 And as an addendum I don't remember if in the Final Rename Script we managed to include an algo to group renamed local accounts by their email (i.e. rename 8 "Nemo" users on es.* to a single Nemo~eswiki rather than Nemo~eswiki, Nemo~eswikiquote etc.)
[09:35:30] <legoktm>	 the "Final Rename Script" has already been written?
[09:35:42] <Nemo_bis>	 Some part of it
[09:36:09] <Nemo_bis>	 In the scariest options of the script you've been sending patches for
[09:38:18] <legoktm>	 oh
[09:38:35] <legoktm>	 well it doesn't support that then :P
[09:38:48] <legoktm>	 file a bug for it?
[09:42:04] <Nemo_bis>	 I'll wait for the stats first
[09:42:35] <Nemo_bis>	 I can't find the patchset where I had added most of my comments on that script...
[15:16:34] <Qcoder00>	 Hi
[15:16:54] <Qcoder00>	 When using VADA a tracker called Gomez was idnetified
[15:16:56] <Qcoder00>	 Who are they?
[15:17:05] <Qcoder00>	 And why are they showing up?
[15:17:25] <Qcoder00>	 It was my understanding WMF sites didn't like unethical ad/user profiling 
[15:21:10] <hoo>	 Qcoder00: There's no user profiling by external trackers on WMF sites
[15:21:16] <hoo>	 on which wiki did you encounter this?
[15:26:30] <Qcoder00>	 enwikipedia, when using VADA
[15:26:39] <Qcoder00>	 I suspect a false positive
[15:29:39] <Qcoder00>	 But thought I'd ask in case you were aware of anything
[15:30:16] <hoo>	 Qcoder00: Nothing going on there ;)
[15:30:23] <Qcoder00>	 Ok
[15:30:32] <Qcoder00>	 Will assume a false positive
[15:33:36] <hoo>	 Qcoder00: Vada is definitely hurting the privacy policy... not sure where the tracker is coming from
[15:34:00] <Qcoder00>	 hoo: a930913 is active in -en
[15:34:05] <hoo>	 I originally thought Vada was one of these tools to detect trackers (like a browser plugin)
[15:34:06] <Qcoder00>	 Suggest you have a chat with them
[15:34:27] <Qcoder00>	 VADA is a set of semi-automated scripts
[15:35:31] <hoo>	 Qcoder00: Yeah... looking at the code now... it's importing stuff from both github and dropbox (as far as I see so far)
[15:35:41] <hoo>	 that's a no go without an explicit user warning
[15:36:05] <Qcoder00>	 hoo: I suggest chatting with a930913
[15:36:10] <Qcoder00>	 There are online right now
[15:36:40] <hoo>	 can you ask them to join here?
[15:37:04] <YuviPanda>	 hoo: I asked them on -labs
[15:37:19] <a930913>	 Qcoder00: o/
[15:37:26] <YuviPanda>	 a930913: \o
[15:37:33] <a930913>	 YuviPanda: o/
[15:37:41] <hoo>	 hi a930913: I have to talk to you about Vada
[15:37:44] <Qcoder00>	 Hi a930913 
[15:37:58] <Qcoder00>	 I was explaining to hoo about VADA and he voiced some concerns
[15:38:06] * a930913 ducks.
[15:38:21] <Qcoder00>	 -tech isn't the Inquistion...
[15:38:23] <Qcoder00>	 XD
[15:38:43] <hoo>	 a930913: You're importing stuff from 3rd party sources like github and dropbox (all I've seen so far, but only had a quick look yet)
[15:38:44] * a930913 states the policy line that no passwords were compromised during the making of Vada.
[15:38:58] <a930913>	 hoo: Only images.
[15:39:17] <a930913>	 Oh, privicy policy stuff?
[15:39:24] <hoo>	 that's still a violation of the privacy policy
[15:39:35] <YuviPanda>	 yeah, will leak user IP
[15:39:37] <hoo>	 you have to warn the users about this at least
[15:39:45] <hoo>	 yep, id, referrer, ...
[15:39:49] <hoo>	 * ip
[15:40:33] <Qcoder00>	 I noted that something was up because DNTMe gave a false positive when loading Vada
[15:40:44] <Qcoder00>	 I think it's seeing a 'false' positive
[15:41:08] <Qcoder00>	 Ideally, of course VADA should be entirly within WMF (or Labs) 
[15:41:20] <Qcoder00>	 But that might not be possible if using 3rd party code
[15:41:20] <hoo>	 Yeah, it totally should
[15:41:52] <hoo>	 Pulling in 3rd party code (js or whatever) is a total no-go, don't think that's ok at all
[15:41:56] <Qcoder00>	 hoo: Can you help a930913  in getting it 'fixed'?
[15:42:06] <Qcoder00>	 It's a very useful tool
[15:42:25] <YuviPanda>	 a930913: if you're just loading images and / or static files, just put them in toollabs?
[15:43:16] <Qcoder00>	 VADA's original goal was to be a more crossplatform AWB IIRC
[15:43:51] <hoo>	 Qcoder00: I can give advice, but I don't really have the time to fix anything myself
[15:44:01] <Qcoder00>	 Anyway I'm sure you can resolve technical issues between you, without me needing to stick around.
[15:44:10] <Qcoder00>	 a930913 can code :)
[15:44:29] <Qcoder00>	 But would need to know where and why to make tweaks:)
[15:44:40] * Qcoder00 out
[15:45:11] <hoo>	 a930913: So... will you fix it?
[15:52:55] <a930913>	 Sorry, at Wikimania atm.
[15:53:32] <a930913>	 Erm, I just need to use the images from wikipedia.
[15:53:54] <hoo>	 a930913: If it's only images you use from external sources, that should be fine
[15:54:16] <hoo>	 please review all your external imports/ includings
[15:55:18] <hoo>	 that should be fine => it should be fine if you upload these to commons
[15:56:17] <a930913>	 Well the core is built not to rely on anything external (because it can fail.)
[15:57:37] <a930913>	 And all apps either use tools.wmflabs, and if they didn't, it would be obvious that it was external, because it would be labled as such, or because the user directed it.
[15:58:05] <a930913>	 hoo: What about igloo and other stuff that imports from github?
[15:58:16] <hoo>	 Link?
[15:58:34] <hoo>	 Same treatment for them
[15:58:37] <hoo>	 that's a no-go
[16:00:18] <hoo>	 https://en.wikipedia.org/wiki/Wikipedia:Igloo/gloo.js wtf
[16:02:34] <hoo>	 a930913: Noted that down also. Please fix your scripts, I'll have an eye on them
[16:06:30] <a930913>	 hoo: It's fairly common practice to have a script import the real code from github btw.
[16:06:40] <hoo>	 a930913: That's horrible
[16:07:04] <a930913>	 Due to security constraints, as it happens, all my code has to be on wikipedia.
[16:07:36] <a930913>	 The downside being having to develop on wikipedia, with each save a new revision.
[16:08:13] <hoo>	 a930913: You can still develop with github and the copy it over
[16:08:19] <hoo>	 not an impossible task, really
[16:08:43] <a930913>	 Others in theory could, but don't. I can't either way.
[16:09:53] <hoo>	 Why can't oyu
[16:10:01] <a930913>	 CORS.
[16:10:37] <hoo>	 what on earth has that to do with cors
[16:10:50] <a930913>	 Webworkers have additional security constraints for some reason.
[16:11:03] <Nemo_bis>	 $ curl -I https://board.wikimedia.org/wiki/2013_2014_Board_Agenda
[16:11:03] <Nemo_bis>	 HTTP/1.1 200 OK
[16:11:12] <Nemo_bis>	 Quite silly, is there a bug for this? 
[16:14:12] <hoo>	 Nemo_bis: Don't know one offhand... go search :P
[18:43:08] <legoktm>	 Nemo_bis: https://www.mediawiki.org/w/index.php?title=Admin_tools_development%2FSUL_Audit%2FMetrics_20140704&diff=1060087&oldid=1059736
[18:44:16] <legoktm>	 hoo: I disabled igloo or whatever
[18:45:20] <hoo>	 thanks, legoktm 
[20:51:51] <dtm>	 a930913: are you saying that because your contributions for WMF are web-based, you are required to abuse wikipedia itself as your only RCS?  and you can't use any other, like github, at all?
[20:52:59] <dtm>	 oh crap.  he's got..... *it*.  doesn't he, guys?  it's curtains for him.  a930913 has contracted an acute case of wikimania.
[20:54:38] <dtm>	 he's a goner!
[20:56:32] <legoktm>	 MediaWiki is a perfectly reasonable VCS
[21:01:03] <hoo>	 yeah, it's good enough
[21:03:41] <dtm>	 k
[21:03:53] <dtm>	 is there a command line interface to it? ^_^
[21:06:03] <hoo>	 dtm: You can use one of the many bot frameworks or, if you prefer, fiddle mediawiki up as a git backend
[21:06:29] <dtm>	 wow. so no browser cut and paste ;)
[21:07:19] <dtm>	 but you're not allowed to then paste your code into github?  how can you not do that with free software?
[21:07:37] <hoo>	 dtm: ?
[21:07:50] <dtm>	 that's what it sounded like a930913 was saying
[21:08:12] <dtm>	 to you
[21:09:00] <hoo>	 Well, he was in a hurry, I guess... if he doesn't fix his stuff soonish, I'll just drop him off a mail
[21:09:28] <dtm>	 you were asking if he could source it all with github and then mirror it to wikipedia.  i dont understand what that has to do with security.  but couldn't he then go the other way anyhow, so that other people could find and contribute easier?
[21:09:48] <hoo>	 dtm: Other way?
[21:10:00] <dtm>	 source it in wikipedia and mirror over to github
[21:10:27] <hoo>	 He can do that also, sure... although most people find git more convenient for development
[21:10:28] <dtm>	 because github is probably the easiest way to have your code be discovered
[21:10:39] <dtm>	 but he said he couldn't use github due to security.
[21:11:20] <hoo>	 I don't care how he (or anyone) manages the code, really... only thing is that for privacy reasons stuff used on WMF sites has to be on wmf sites (for very good reasons)
[21:13:14] <dtm>	 reasons.  i see
[21:22:06] <scfc_de>	 dtm: As far as I understood a930913, he can't *develop* in GitHub or some other place off-site due to that development code not being allowed to do some magic.  So he needs to develop in Wikipedia itself.  IIRC there's a FUSE module for MediaWiki, so you should be able to do that rather conveniently.
[21:24:33] <dtm>	 scfc_de: oh.  so the security issue is that they dont want to open secure ports to github.
[21:25:07] <dtm>	 so a person could have a wrapper that simultaneously publishes to github and wikipedia if they wanted to, and then test on wikipedia
[21:46:11] <Nemo_bis>	 legoktm: I don't understand, doesn't --attachmissing from 0c6438bc merge by email (for those 3k who weren't yet)
[21:46:47] * legoktm checks
[21:47:13] <Nemo_bis>	 Ah, perhaps you mean we still have that TODO: add the algorithm for choosing a winner and doing that migration
[21:47:51] <legoktm>	 --attachmissing checks for a confirmed local email, I'm not
[21:49:12] <Nemo_bis>	 (nope, that todo part was added later)
[21:49:24] <Nemo_bis>	 Those 3k may be unconfirmed?
[21:49:37] <legoktm>	 possibly
[21:49:59] <Nemo_bis>	 Ok. Still so few anyway