We have to take the word of the server operators. And in that case, I would rather prefer wikimedia servers instead of someone else's for such purpose.

@Leaderboard we can't have the mailserver there. So we can really drop that part of the request.

@Tks4Fish that

We should at least use it for the purpose of private channels. We never know when one is logging messages of a channel like #wikimedia-otrs-en.

My concern being this problem can happen anywhere and therefore we should have a server which is not bound to have this problem.

To clarify, right now multiple people have been writing news about events in the US -- citing various government websites. I am not sure if the problem exists if they are geoblocking the content, or my ISP is blocking, and I have been relying on PornHub's VPN for proxying from the US. I understand the current rules prohibit using WMCS to be used as a proxy, but given this circumstance, would it be okay to set up wireguard on the VPS? The use is minimal, and for the purpose of wiki only, to access otherwise geo-restricted info for the purpose of verification.

I do not use AWS, so I would not know what KMS is supposed to be doing. Could you please answer about this, @Bstorm?

@Bstorm, I still do not understand why the discussion is about passwords -- are you talking about VPS root password? (Couldn't we disable root login and password-based login in favour of SSH?) Or is it about something else?

@Bstorm, could you please explain "Our secrets management in Cloud VPS is somewhat rudimentary and you may want to provide your own better way of storing things like passwords (like password managers, etc) especially if you have data you care about"?

I am still unconvinced why 2FA comes into picture for IAs.

1 @Leaderboard -- without declaring proper rationale, and especially without informing the communities about the idea, let alone the plan does not sound good. I can't see the motivation behind this, but it appears we are no longer trusting 'crats with the rights they were given.

I would reiterate, I am not aware of the security of WMCS, and how it is different from the prod; I had asked to, I think Martin Urbanecm, if he were to set up a wiki on prod and on WMCS, with the same security in place, what kind of data might be breached from WMCS, that might be protected on prod. While the confidential data is unrelated to WMF's NDA, it is still confidential regardless.

Well, Leaderboard tried asking for a prod wiki, which was denied because there are too many moving parts in prod. We were suggested to go for WMCS instead. This is the requirement which I have detailed above. What do you suggest given this requirement? We could host a nextcloud instance for the data, while having a wiki dealing with non-media, text content, which needs to be handled behind closed doors. I don't know if it solves any problems, but let's see what we can do.

@bd808 Much about the use case was explained in this comment on T281520, I will paste it here before answering your question.

@Ladsgroup FWIW, it is not something Wikinews admins do/use, it is what the reviewers need. Secondly, not all Wikinews have a concept of original reporting or exclusive interview, let alone the concept of review process. The requirement is a simple wiki, with no bells and whistles, just a wiki where we can upload files, and edit.

@Green_Giant the issue of VRT, afaik, is we cannot sent the first initial outbound email. We can't send under our unique name. We will have to keep the server in the US, which let's be honest, does not have the best reputation for the press freedom index. Therefore, we have been running our own mail servers (after WMF denied Brian Mcneil in 2009-2010 to hand out @wikinews.org emails to non-staff members.) in locations which have better privacy-respecting laws. We have wn-reporters.org now, for that purpose.

We used to have a chapter/wiki, but few years ago, it was no longer considered by AffCom.
'Wikinewsie' word is used to mean two things -- one being someone who contributes to Wikinews, and second, it is used to refer to the accredited reporters and reviewers (users who can sight the edit, technically speaking) with scoop access.
Just like how we have Znuny where trusted VRT-agents can access the information to validate and approve a file on Commons (talking about permission@wikimedia), people who have access to scoop access are able to access evidence for the purpose of verification of the facts in a news article. Sometimes it is email, sometimes it is media document. By nature, it is not free, and cannot be put on Commons; and sometimes it is something reviewers should have access to, but not the general public. (An example that comes to mind is a source revealing something under the request of anonymity). One use being an archive repo for non-free media used as a source, be it a video, an audio interview, photos, and even PDF (an example that immediately pops up in mind is the PDF letter sent by the secretary of European Council upon request).

It has been more than two months; anyone assigning the bug for themselves, or giving a status update, or timeline, ETA, or at least an acknowledgment that the devs are actually working on it would be appreciated.

Any update on this issue? This has been causing troubles, and it would be nice to have some foolproof fix for this.

@Aklapper Should I update the task description to better explain the current arguments?

@Aklapper Can you please reopen this issue?

I can see advantages of having ES for a specific wiki. There are dozens if not 100s of edits taking place all over sisterhood at any moment. And in some cases, stream subsubscribers just don't need events for all wikis. Right now, this is leading to unnecessary data being fetched, parsed and compare, much of which is not even needed. I really hope we reconsider this, and provide an API for this to avoid unnecessary computation.

@Aklapper done.

@DannyS712 for reviewers (might be referred as "editor" internally). You were not able to reproduce the issue since you don't have the reviewer bits. However, page history will show you all edits by the reviewer after hitting publish are now auto-sighted.

I don't understand why it is declined, but I can see advantages of having ES for a specific wiki. There are dozens if not 100s of edits taking place all over sisterhood. And in some cases, stream subsubscribers just don't need events for all wikis. Right now, this is leading to unnecessary data being fetched, parsed ad compare, much of which is not even needed. I really hope we reconsider this, and provide an API for this.

@Aklapper @Tgr told me to create a task. Besides, this task specifically requests the functions only for page title.

@Daimona if we specify in the docs the limit is 255 chars, maybe not enough people will complaint.

Maybe, a hacky way:

Lev(str) { if(str.length <= 255) {...algo...} }

@Daimona as I metioned, that does not solve the problem when the LTA uses 'Tnis is a problematic string' or 'Th1s is a problematic strimg'. They are visually similar, but not something normalisation can solve on its own.

Hi, for a long time an LTA is creating pages on enwn with the tilte visually similar to "This is a problematic string". The create pages like "thís is a problemat1c string", "tnis iss a problemátiç strimg" and of such sorts. There is not much in the body. I really think dice coffecient, or some sort of string similarity algorithm, and then a hamming disctance calculating function can help preventing abuse.

Thanks for taking the innitiative @Harej, I have added a comment. Could you please acknowledge it on-wiki, which would be necessary for the community approval. Can you please have a look?

I am talking about kubernetes, yes. To quote @bd808, "the PORT env var should still be set". $PORT used to work few months ago, without me setting it. It seems to be unset recently.

@Majavah at the very top you would see "Open access". See the first screenshot.

Seems to be working now.

Thank you @Jdlrobson. I will have a look.

@Jdlrobson I was asking for en.wikinews.

Can anyone please share a before-and-after photos of what has changed? Thank you.

hq.eso.org is a sub-domain of ESO. The copyright notice page clearly states "Unless specifically noted, the images, videos, and music distributed on the public ESO website, along with the texts of press releases, announcements, pictures of the week, blog posts and captions, are licensed under a Creative Commons Attribution 4.0 International License"

@Trizek-WMF That dashboard helps knowing what kind of changes were made recently, knowing which articles needs expansion/peer review/protection … Since different projects implements these things in different way, I suggest to provide an option to set it uncollapsed by default … and as you have mentioned, one can choose what to do with it, and it will be saved, so just a simple by default uncollapse would solve the issue.

@Trizek-WMF: the “more compact design” makes it harder for newbies to contribute. It hides one of the most crucial templates which contains everything from links to project policies, RFA, RFP, DR and articles to review.

I assume this task changed the appearance of recent changes. However, on English Wikinews, there is an important template which is now collapsed by default and the label reads "Other review tools" even when the tasks mentioned in that template are not limited to reviewers. Admins, or even normal users can make use of it. However, if the label says review tools, it is less likely to be clicked, and hence, it is counter productive. The Tech News says users can opt-out for the new filters. Instead of opting-out, it should be not there by default and let the users opt-in for it. Else, it hide crucial links for everyone -- moreover, anonymous editors would not be able to opt-out.

In T172256#3510928, @Aklapper wrote:

Phab is the correct place for tracking and planning the actual performance of such a technical task.
Whether the task should be performed should be discussed and agreed on on-wiki, preferably before creating the task.

Phab isn't the best place for this task.

I would rather like a logo which won't make me wonder if it was UN's logo or Wikinews'. Just because it was not updated for years is not good enough to update adding shadows or complex gradients.

@Shizhao Because I do not agree to the terms and conditions. Besides, we do not know if that bot shares the logs publicly -- apparently WMF related channels do not allow public logging on public channels even though this is not their server.

@bd808 So, what should I do if I want to choose kubernetes. (By the way, if phabricator the correct place to discuss about project request?)

@bd808 I am already running the teleirc bot based on node.js locally on my machine.

@Piramidion It happens a) everytime VE is selected, and after it loads, cancelled by pressing Escape and clicking on Edit Source b) randomly when Edit Source is clicked.