[01:15:00] legoktm, so which tense should we use in release notes? sometimes, "was deprecated" is used. sometimes, "is deprecated" [01:15:37] I...have no idea. [01:17:30] I would favor past tense. Once the release is really released any changes it contains were in the past [01:17:53] TOO LATE, ALREADY MERGED! [01:19:15] (I'm in Mr. Torgue mode today) [02:39:57] MaxSem: wanna review https://gerrit.wikimedia.org/r/#/c/375547/ too? [20:34:54] Warning: Missing rc_comment_text and rc_comment_data fields in row with MIGRATION_OLD [Called from CommentStore::getCommentInternal in /srv/mediawiki/php-1.30.0-wmf.17/includes/CommentStore.php at line 203 [20:35:00] Just got a spike of ~100 of those a few mins ago [20:35:23] anomie: can you think of any existing way that a MediaWiki API call could be used to autoattach an existing user to a wiki? Specific use case is the Striker makes LDAP accounts now, but those accounts don't attach on wikitech until the user logs into the wiki with user/pass [20:35:49] T174469 [20:35:50] T174469: LDAP account that is not attached on wikitech has no means for password reset - https://phabricator.wikimedia.org/T174469 [20:38:14] bd808: Do you have OAuth credentials for the users in question? If so, any random API call using the credentials should trigger auto-creation. [20:39:26] If not... you'd need a special module that specifically called `MediaWiki\Auth\AuthManager::singleton()->autoCreateUser()` after verifying that the central user exists. That's slightly scary, but not *extremely* scary. [20:40:18] anomie: *nod* no OAuth or they would have already logged in and solved the problem :) [20:40:47] I think the easier thing is probably just to add proper password reset functionality to Striker [20:41:06] something for me to work on next quarter [20:41:40] bd808: Oh yeah, wikitech isn't on SUL, is it. So how would that even have anything to autoattach to? [20:42:02] it autoattaches to the LDAP directory [20:42:06] its weird [20:42:19] basically a form of external auth [20:42:45] you do not want to look at the code (again) [20:42:52] bd808: Ok, that makes sense from a "how would that work" standpoint. [20:43:42] maybe we should just fix Special:PasswordReset to not assume a local account? [20:44:01] that too would be cool [20:44:50] at some point wikitech will be SUL and we will need password reset for LDAP so adding that to Striker isn't a horrible idea [20:45:13] even if we later factor it out into another not-yet-created service [20:45:43] one way to do that is to autocreate accounts when someone asks for a password reset; not sure how we'd feel about that [20:46:31] no_justification: I think I see the entries in error.log, but they don't make sense. I don't see how the code would trigger that. I'll see if I can get the POST data from api.log and reproduce it. [20:46:59] the other way would be to check if every logged-in user is allowed to editmyprivateinfo [20:47:15] not sure if MediaWiki supports that [20:48:19] there is User::groupHasPermission('user'); I'm not quite sure of the security implications [20:48:28] anomie: Thanks. If you end up filing a task plz cc me on it [21:02:01] no_justification: Done. And a patch submitted. [21:03:19] Bam! Tyvm! [21:04:38] anomie: Wow, just move it and add || $token? Simple! [21:05:27] Fatal error: Call to undefined method CommentStore::getKey() in /srv/mediawiki/php-1.30.0-wmf.17/includes/revisiondelete/RevDelLogList.php on line 66 [21:05:36] Today's whack-a-mole with CommentStore :) [21:55:11] Krinkle: How did you find the SVG that was busted last time? Still getting ResourceLoaderImage errors from SVG.