[13:49:32] <MirahezeRelay>	 <mrjaroslavik> What is writeapi for? is not that obsolete?
[14:45:07] <MirahezeRelay>	 <mrjaroslavik> [1/2] $wgEnableAPI and $wgEnableWriteAPI are now deprecated and will be removed in a future version. The API is now considered to be stable, secure and essential.
[14:45:07] <MirahezeRelay>	 <mrjaroslavik> [2/2] <https://www.mediawiki.org/wiki/MediaWiki_1.31>
[14:47:13] <MirahezeRelay>	 <pskyechology, replying to mrjaroslavik> configuration parameter =/= userright
[14:48:54] <MirahezeRelay>	 <pskyechology> actually where did you even get writeapi from cause im not seeing it anywhere really
[14:50:05] <MirahezeRelay>	 <mrjaroslavik> In special:globalgrouppermissions
[14:50:40] <MirahezeRelay>	 <pskyechology> lol
[14:50:43] <MirahezeRelay>	 <pskyechology> that right was removed in 1.43
[14:51:52] <MirahezeRelay>	 <mrjaroslavik> https://phabricator.wikimedia.org/T294397
[14:51:57] <MirahezeRelay>	 <mrjaroslavik> This?
[14:52:17] <MirahezeRelay>	 <mrjaroslavik> I see stewards and sysadmins on Wikimedia also have it now
[14:52:48] <MirahezeRelay>	 <pskyechology> they forgor skull emoji
[15:37:30] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> Add it to the existing task and I'll clean it up later
[15:37:50] <MirahezeRelay>	 <rhinosf1> Just giving Stewards and T&S time to comment on the changes
[15:39:40] <MirahezeRelay>	 <mrjaroslavik> Yes, check my comment, i included it there and also
[15:41:48] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> Okay I will review that later this evening
[15:42:51] <MirahezeRelay>	 <rhinosf1> Thank you for doing most of the work for us
[15:44:19] <MirahezeRelay>	 <mrjaroslavik> yes, it took hour and half with small pauses :DD
[15:49:30] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> I've only been putting it off 15 months
[15:52:16] <MirahezeRelay>	 <mrjaroslavik> i think you are doing another things
[15:52:35] <MirahezeRelay>	 <mrjaroslavik> is there reason to have member group on meta that can add bureaucrat?
[15:53:30] <MirahezeRelay>	 <mrjaroslavik> i understand member is propably for userrights-interwiki to add member, but why it can add crat?
[15:55:42] <MirahezeRelay>	 <mrjaroslavik> ` 22:51, 4 March 2025 Raidarr changed group metadata for Special:ManageWiki/permissions/member, added addgroups bureaucrat (dummy group for central permissions assignment)`
[16:41:41] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> Ye there are better ways to do that
[16:41:52] <MirahezeRelay>	 <rhinosf1> At least less risky rights for it
[16:44:29] <MirahezeRelay>	 <rhinosf1> That's dangerously stupid
[16:45:35] <MirahezeRelay>	 <rhinosf1> @Meta Administrators any objections to me making it that far less risky
[16:45:48] <MirahezeRelay>	 <rhinosf1> Or @raidarr
[16:46:24] <MirahezeRelay>	 <pixldev> None
[16:47:20] <MirahezeRelay>	 <pixldev> Go ahead
[16:47:34] <MirahezeRelay>	 <kiju1108> ^
[16:52:57] <MirahezeRelay>	 <rhinosf1> Done
[17:06:24] <MirahezeRelay>	 <zipppee> @posix_memalign iirc you were the person who setup securepoll here — is it meant to store encryption keys plaintext in the database?
[17:06:30] <MirahezeRelay>	 <zipppee> seems like a slight security issue to me
[17:06:40] <MirahezeRelay>	 <zipppee> either that or I'm being a big cock who can't use securepoll
[17:07:25] <MirahezeRelay>	 <pskyechology> it very much would store the public key in the db, not so much for the private key
[17:07:53] <MirahezeRelay>	 <zipppee> [1/2] seems to store the private key in the db
[17:07:53] <MirahezeRelay>	 <zipppee> [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1505617868723720452/image.png?ex=6a0b4768&is=6a09f5e8&hm=088d8ed8c5b7acdd1cc08d3cede6b37b1d24ba4059fcea8fec8c2ad6d9509b0c&
[17:08:32] <MirahezeRelay>	 <zipppee> surely this can't be the intended way because then anybody with access to the securepoll database (even if it's restricted somewhat) can decrypt everything
[17:11:03] <MirahezeRelay>	 <pskyechology, replying to zipppee> that's supposed to be the public key silly
[17:11:04] <MirahezeRelay>	 <mrjaroslavik, replying to rhinosf1> Oh i think i now understand, it needs "something" to exist and to be able to be used. Like consul, also only read right.
[17:11:17] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> Ye
[17:11:35] <MirahezeRelay>	 <zipppee> [1/2] so 2 pubkeys?
[17:11:35] <MirahezeRelay>	 <zipppee> [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1505618800782082088/image.png?ex=6a0b4847&is=6a09f6c7&hm=52067c76c50e9cb33a30c220447b089da1a58d89d8f6b9cfb5bafaa3e47d3acd&
[17:11:45] <MirahezeRelay>	 <rhinosf1> There's 2 keys
[17:11:50] <MirahezeRelay>	 <zipppee> 💀 oh yeah
[17:11:51] <MirahezeRelay>	 <rhinosf1> A sign key and an encryption key
[17:11:53] <MirahezeRelay>	 <zipppee> 😭
[17:12:00] <MirahezeRelay>	 <rhinosf1> The sign key you need the private side to sign it
[17:12:06] <MirahezeRelay>	 <zipppee> I just like forgot how asymmetric encryption worked
[17:12:11] <MirahezeRelay>	 <zipppee> and assumed private key bad
[17:12:16] <MirahezeRelay>	 <rhinosf1> The encrypt key you will only have the public for
[17:12:23] <MirahezeRelay>	 <zipppee> it's 2 sets of keys
[17:12:36] <MirahezeRelay>	 <mrjaroslavik, replying to rhinosf1> imagine if steward added member group to someone locally on meta instead of other wiki :D
[17:12:59] <MirahezeRelay>	 <rhinosf1, replying to zipppee> I mean my contractors working on that and other stuff charge £2k a day so if it wasn't confusing they wouldn't get away with their prices
[17:13:11] <MirahezeRelay>	 <rhinosf1, replying to mrjaroslavik> Exactly and hence me dealing with it
[21:19:34] <MirahezeRelay>	 <raidarr, replying to mrjaroslavik> this is an absolute error and I have no idea why it has add addgroups bureaucrat
[21:20:08] <MirahezeRelay>	 <raidarr> the only  reason for that to exist on meta is so I can use Special:UserRights for some other wiki and add someone on that wiki to the member group, it should be totally empty of access on meta
[22:38:24] <MirahezeRelay>	 <mrjaroslavik> I am not saying anything, i just copied log. Maybe you clicked on it by mistake or some glitch. Something can happen.
[22:39:01] <MirahezeRelay>	 <raidarr> it must have been a mistake, or a glitch, either or and I've been known to do silly things
[22:39:11] <MirahezeRelay>	 <raidarr> but definitely neither intentional nor proper