Aryeh Gregor wrote:
> On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling wrote:
You know you could have changed that header to indicate who actually
wrote it. It's not against the laws of the internet.
>> To help in the "proving trustworthy, or else" process, I have released
>> the source code of Watc
On Fri, Jul 24, 2009 at 2:52 AM, Brianna
Laugher wrote:
> 2009/7/24 Aryeh Gregor :
>> On Thu, Jul 23, 2009 at 2:20 AM, Brianna
>> Laugher wrote:
>>> All the potential problems posed are ones that Wikipedia faces every
>>> day just because it lets people edit, period. I don't see how doing it
>>> vi
On Thu, Jul 23, 2009 at 8:52 PM, Brianna
Laugher wrote:
> If you make something orders of magnitude easier, it is like a "new" thing.
I think you're overstating how much easier the write API is to use.
Screen-scraping is not hard. We've always had plenty of
screen-scraping bots, and we still do.
On Thu, Jul 23, 2009 at 2:32 PM, Cody Jung wrote:
> Wouldn't adding a salt fix this? They would have to have both the
> username, the database, and the salt value to decrypt the wiki list.
In other words, they would have to have access to your server, nothing
more. No, it wouldn't fix it.
After
parserTests is a developer tool to stay informed about potential problems in a
release. Consequently, its customer base is the developer community. I am
working on the assumption that user requirements for changes to it should come
from this community (hence the use of this list for discussions
2009/7/24 Aryeh Gregor :
> On Thu, Jul 23, 2009 at 2:20 AM, Brianna
> Laugher wrote:
>> All the potential problems posed are ones that Wikipedia faces every
>> day just because it lets people edit, period. I don't see how doing it
>> via an API adds some massive new risk.
>
> Well. If you had some
On 07/23/2009 11:00 AM, dan nessett wrote:
>
> So far no one has responded to my question about how --ktf-to-fail should
> interact with --compare and --record. Also, at least one commenter has
> suggested a different name for --ktf-to-fail. Before I open a bug and attach
> the patches, I would
On 07/23/2009 10:21 AM, William Allen Simpson wrote:
> Here's what I do in similar circumstances. Create another variable,
> $wgScriptPathEscaped. Then, gradually make the changes. Wait for tests.
> Change some more. Eventually, most of the old ones will be gone.
$wgScriptPath is a URL fragmen
On 07/22/2009 08:21 PM, Brianna Laugher wrote:
> I imagine you could also have it so that actions made via the API
> identify where they are made from. (a la Twitter's "from web", "from
> twhirl" etc)
>
> In that case, if that information was exposed in the UI, it would be
> easy to identify rogue
On 07/22/2009 06:39 PM, Aryeh Gregor wrote:
> On Thu, Jul 23, 2009 at 1:02 AM, Ryan Lane wrote:
>> Check out how the Flickr API works. Users can give web and desktop
>> apps privileges (read/write/delete).
>>
>> It isn't really that bizarre of a concept.
>
> Read/write/delete access to what? The
On 07/22/2009 05:11 PM, Ryan Lane wrote:
> On Wed, Jul 22, 2009 at 3:49 PM, Gregory Maxwell wrote:
>> If it has your credentials it can impersonate you, which is bad.
>>
>> It addressed by making it possible for the site to generate access
>> cookies for particular resources which you could share.
On 07/22/2009 05:45 AM, Glanthor wrote:
> the another big question is that why don't include JQuery to load
> automatically with _every_ pages?
Because the version of MediaWiki currently in production doesn't have or
use jQuery, and the merging of the new-upload/scriptloader branch which
begins
On Thu, Jul 23, 2009 at 8:50 PM, Happy-melon wrote:
>
>
> "Aryeh Gregor"
> >
> wrote in message
> news:7c2a12e20907231051s638dd2f9v399ac2a79e185...@mail.gmail.com...
> > On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling
> > wrote:
> >> To help in the "proving trustworthy, or else" process, I have re
"Aryeh Gregor" wrote in message
news:7c2a12e20907231051s638dd2f9v399ac2a79e185...@mail.gmail.com...
> On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling
> wrote:
>> To help in the "proving trustworthy, or else" process, I have released
>> the source code of Watchlistr - please take a look at it. Yo
> On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling
wikimedia.org> wrote:
>
> They would only have to get the site usernames to decrypt the login
> info. They could get those the next time each user logs in, if
> they're not detected immediately. There's no way around this; if your
> program can lo
Brianna Laugher wrote:
> 2009/7/23 Alex :
> The OAuth provider typically has a page on the service (say en.wp)
> that lists all the third party apps you have granted authorisation to.
> This authorisation can be time-limited in itself, but if an app starts
> misbehaving (say, doing
So far no one has responded to my question about how --ktf-to-fail should
interact with --compare and --record. Also, at least one commenter has
suggested a different name for --ktf-to-fail. Before I open a bug and attach
the patches, I would like to resolve these issues. Since Brion suggested
Aryeh Gregor wrote:
> On Wed, Jul 22, 2009 at 7:08 PM, Thomas Dalton wrote:
>> 2009/7/22 Pavlo Shevelo :
>>> There should not be any real problem to link wikimedia.org.uk directly
>>> to Wikimedia UK chapter wiki (wherever it's hosted).
>> It depends on how the WMF has everything set up. They have
Sounds like a plan. Be my guest.
--- On Thu, 7/23/09, William Allen Simpson
wrote:
> From: William Allen Simpson
> Subject: Re: [Wikitech-l] Do no harm
> To: "Wikimedia developers"
> Date: Thursday, July 23, 2009, 10:21 AM
> Here's what I do in similar
> circumstances. Create another variab
On Thu, Jul 23, 2009 at 1:37 PM, Tim Starling wrote:
> To help in the "proving trustworthy, or else" process, I have released
> the source code of Watchlistr - please take a look at it. You will see
> that I take the utmost care in securing user information. The wiki
> logins are encrypted with AES
On Thu, Jul 23, 2009 at 1:00 PM, jeroen De Dauw wrote:
> - What's the easiest way to generate an SSH public key on Windows?
PuTTY.
> - What's a good SVN client to use for Windows?
TortoiseSVN.
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
Message from the developer. I will see if he's interested in
subscribing, but a forward will do for now.
Original Message
Subject: Re: Watchlistr
Date: Thu, 23 Jul 2009 11:20:19 -0500
From: Cody Jung
To: Tim Starling
Hey there Tim,
Apologies, I am not actually
On Thu, Jul 23, 2009 at 2:20 AM, Brianna
Laugher wrote:
> All the potential problems posed are ones that Wikipedia faces every
> day just because it lets people edit, period. I don't see how doing it
> via an API adds some massive new risk.
Well. If you had some way to clearly distinguish which a
Here's what I do in similar circumstances. Create another variable,
$wgScriptPathEscaped. Then, gradually make the changes. Wait for tests.
Change some more. Eventually, most of the old ones will be gone.
By inspection, many of the uses will be terminal, not passed to other
routines, with no s
The reason I started this conversation is I want to write an extension. I also
want to be a good citizen and do this in a way that doesn't break things (this
would also have the desirable effect of making it more likely that some MW
installation would use the extension).
So, since, as you poin
True. Regressions tests do not guarantee bug are not introduced by changes.
However, they are a fundamental piece of the QA puzzle.
--- On Thu, 7/23/09, Gregory Maxwell wrote:
> From: Gregory Maxwell
> Subject: Re: [Wikitech-l] Do no harm
> To: "Wikimedia developers"
> Date: Thursday, July 2
Hey,
I'm one of the GSoC students for Wikimedia Foundation this
year, and have just released the first versions of my extensions [0, 1].
I do not know how to add them to the SVN repository though. (I have never
worked with SVN before.)
My
mentor pointed out that I should place a request here [2
On Thu, Jul 23, 2009 at 11:07 AM, dan nessett wrote:
> On the other hand, if there were regression tests for the main code and for
> the most important extensions, I could make the change, run the regression
> tests and see if any break. If some do, I could focus my attention on those
> problems
On Thu, Jul 23, 2009 at 11:07 AM, dan nessett wrote:
[snip]
> On the other hand, if there were regression tests for the main code and for
> the most important extensions, I could make the change, run the regression
> tests and see if any break. If some do, I could focus my attention on those
> p
A fundamental principle of medicine is "do no harm." It has a long history and
you can find it in the Hippocratic oath with a slightly different wording.
This is also an important principle of software development. If you add a new
feature or fix a bug, make sure the resulting code isn't worse
Thanks. Just to clarify, I am not changing --fuzz. I am testing --ktf-to-fail
in conjunction with other parserTests options to ensure there is no
interference. The chances of such interference is very small, but since I have
been preaching the importance of regression testing, I thought I shoul
On 7/17/2009 11:25 AM, Brion Vibber wrote:
> Tod wrote:
>> This is my first post and I think I've selected the appropriate list.
>> Please let me know if there is a better place to post my question.
>>
>> I have a client with an installed search engine that they don't want to
>> part with. I hav
Glanthor gmail.com> writes:
> the another big question is that why don't include JQuery to load
> automatically with _every_ pages? Now at least two wikis load JQuery
> v1.3.2 from common.js (see
> http://zh.wikipedia.org/wiki/MediaWiki:Common.js,
> http://hu.wikipedia.org/wiki/MediaWiki:Common.j
Brianna Laugher gmail.com> writes:
> I can imagine someone building an alternative edit interface for a
> subset of Wikipedia content, say a WikiProject. Then the interface can
> strip away all the general crud and just provide information relevant
> to that topic area.
That can be done without
34 matches
Mail list logo