Phabricator Link
|
Wiki Link
|
Status
|
Priority
|
Author
|
Assignee
|
Projects
|
Subtasks
|
Parent Tasks
|
T110620
|
T110620: Make User::newFromId(0) not return current user's IP
|
open
|
Medium (orange)
|
|
|
|
|
|
T152462
|
T152462: Add cookie when blocking anonymous users
|
resolved
|
Low (yellow)
|
|
|
|
|
|
T159299
|
T159299: Deprecate and remove $wgUser
|
open
|
Medium (orange)
|
|
|
|
|
|
T185948
|
T185948: Update web UI for increased comment length
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T192016
|
T192016: Release anon cookie blocking on test.wikipedia.org
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T192017
|
T192017: Enable anon cookie blocking on all Wikimedia wikis
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T193980
|
T193980: Write a global function to help assign rights to a user group
|
open
|
Medium (orange)
|
|
|
|
|
|
T196575
|
T196575: Add block cookie for browser-based API edits (including VisualEditor & MobileFrontend)
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T199540
|
T199540: Forbid blocking IP ranges as big as /1 and /2, as done on ruwikiquote using the API
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T200938
|
T200938: Special:CentralAuth should provide the same blocking information as Special:BlockList does
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T206954
|
T206954: Enable wgRelevantUserName for IP ranges
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T207217
|
T207217: ActorMigration.php: PHP Warning: Invalid argument supplied for foreach (via SpecialNewFiles)
|
resolved
|
High (red)
|
|
|
|
|
|
T208472
|
T208472: Block::getTarget() can return a User object or a string that is an invalid user name
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T208768
|
T208768: Create a PermissionManager service
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T212851
|
T212851: Confusing error for OAuth consumers with rollback but not edit grant
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T216200
|
T216200: includes/specials/pagers/ActiveUsersPager.php: PHP Notice: Undefined index: dir
|
resolved
|
Unbreak Now! (pink)
|
|
|
|
|
|
T218558
|
T218558: Move User::getRights and related methods into PermissionManager
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T218674
|
T218674: User::getRights() applies session rights restrictions to non-session users
|
open
|
Medium (orange)
|
|
|
|
|
|
T219441
|
T219441: Introduce a BlockManager service for getting and combining the blocks that apply to a user/IP
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T219684
|
T219684: BlockRestriction should be a service instead of a singleton
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T221444
|
T221444: Partially blocked users cannot tag revisions on unrelated pages, nor add, deactive or delete tags
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T222380
|
T222380: Decide how to represent the identity of users from another wiki.
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T222598
|
T222598: NamespaceInfo::getRestrictionLevels() does not correctly handle namespace restrictions that require more than one permission
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T222720
|
T222720: NamespaceInfo::getRestrictionLevels does not correctly handle group permissions
|
duplicate
|
Needs Triage (violet)
|
|
|
|
|
|
T222737
|
T222737: Refactor Block to AbstractBlock, DatabaseBlock and SystemBlock
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T223099
|
T223099: Factor code for handling for options (preferences) out of User class
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T224423
|
T224423: Factor user group management out of the User object
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T225141
|
T225141: Move cookie-related logic from User and Block to BlockManager
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T225469
|
T225469: Create maintenance script for bad actor data cleanup
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T226926
|
T226926: Investigate separate user right for creating pages with custom content models
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T227005
|
T227005: Don't require that the blocker be a User for a SystemBlock
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T227007
|
T227007: Reasons and blockers for SystemBlocks should not be stored as translated messages
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T227656
|
T227656: action=history shows "username removed" for anonymous editors on mediawiki.org instead of IP addresses
|
resolved
|
Unbreak Now! (pink)
|
|
|
|
|
|
T227733
|
T227733: Draft: Masking IP addresses for increased privacy
|
declined
|
Needs Triage (violet)
|
|
|
|
|
|
T227739
|
T227739: Contention on User::getActorId ?
|
open
|
Low (yellow)
|
|
|
|
|
|
T228025
|
T228025: Translate sandbox signup is broken
|
resolved
|
High (red)
|
|
|
|
|
|
T228077
|
T228077: Migrate ipblocks to actor table
|
declined
|
Lowest (sky)
|
|
|
|
|
|
T228286
|
T228286: LocalFile.php: Call to a member function getName() on a non-object (null)
|
duplicate
|
Unbreak Now! (pink)
|
|
|
|
|
|
T228486
|
T228486: Partially blocked users cannot delete revisions
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T228948
|
T228948: PermissionManager::isBlockedFrom() can return true even if the user does not have a block
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T229035
|
T229035: Deprecate 'GetBlockedStatus' hook and reduce visibility of User::mBlock, User::mBlockedBy and User::mHideName
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T229692
|
T229692: Use GetUserBlockComplete hook instead of GetBlockedStatus in TorBlock extension
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T230822
|
T230822: Include `dnsblacklist` in logs
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T231930
|
T231930: Introduce Authority objects to represent the user performing a given action
|
open
|
Medium (orange)
|
|
|
|
|
|
T232021
|
T232021: Add some way to technically distinguish partial blocks and full blocks
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T232169
|
T232169: Deprecate `wgSysopEmailBans`
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T232568
|
T232568: Special:UserRights exposes the existence of hidden users (CVE-2020-25813)
|
resolved
|
High (red)
|
|
|
|
|
|
T232763
|
T232763: Allow setting a block that can be removed by the blocked user
|
declined
|
Low (yellow)
|
|
|
|
|
|
T232940
|
T232940: Allow automatic deletion during page move of redirect pages with multiple redirect-only revisions
|
duplicate
|
Medium (orange)
|
|
|
|
|
|
T233594
|
T233594: Allow cookie-block tracking from any uncached web request
|
resolved
|
High (red)
|
|
|
|
|
|
T234921
|
T234921: Factor group membership management out of User class
|
open
|
Medium (orange)
|
|
|
|
|
|
T236444
|
T236444: Actor migration seems to have broken deleteDefaultMessages.php, and by extension the update process for really old wikis
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T236701
|
T236701: Consider enforcing read permissions at the storage layer
|
open
|
Medium (orange)
|
|
|
|
|
|
T239277
|
T239277: Add user right to delete single revision redirects, regardless of target, during page moves
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T239451
|
T239451: DBPerformance: Unexpected masterConns on GET from ApiQueryInfo via BlockManager.php
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T241557
|
T241557: Replace $wgUser in core Api modules
|
declined
|
Needs Triage (violet)
|
|
|
|
|
|
T243003
|
T243003: Create method to temporarily override contextuser / wgUser
|
declined
|
Needs Triage (violet)
|
|
|
|
|
|
T243276
|
T243276: Add 'actor' to default $wgSharedTables
|
resolved
|
High (red)
|
|
|
|
|
|
T245717
|
T245717: ApiQuerySiteInfo: add/remove user groups sometimes given as an object instead of array
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T246077
|
T246077: SQlite has wrong DB structure after upgrading to 1.35
|
resolved
|
High (red)
|
|
|
|
|
|
T246991
|
T246991: Memcached keys sometimes outlive their TTL (affects MW rate limit)
|
resolved
|
High (red)
|
|
|
|
|
|
T248195
|
T248195: Db error "Duplicate entry TestNewSystemUser … for key actor_name" (via UserTest)
|
resolved
|
High (red)
|
|
|
|
|
|
T248196
|
T248196: Consolidate logic for parsing expiries
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T249189
|
T249189: Duplicate queries on page views (SELECT actor_id,actor_user,actor_name FROM `actor` WHERE actor_name = 'Current_user')
|
resolved
|
Low (yellow)
|
|
|
|
|
|
T249380
|
T249380: RfC: Per namespace view restrictions
|
open
|
High (red)
|
|
|
|
|
|
T250071
|
T250071: Rename ipb_address index on ipb_address to ipb_address_unique
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T250822
|
T250822: Factor user options definitions out of PreferencesFactory
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T251831
|
T251831: Factor code for user email out of the User class
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T251851
|
T251851: Move remaining user rights methods to PermissionManager
|
open
|
Medium (orange)
|
|
|
|
|
|
T252621
|
T252621: Move Autopromotion logic to UserGroupManager service
|
resolved
|
Low (yellow)
|
|
|
|
|
|
T252853
|
T252853: updateSearchIndex.php sql error not all tables locked
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T253431
|
T253431: Move information about user edits to a new service
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T253432
|
T253432: Create a User factory
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T254282
|
T254282: Reuse cached values for higher queryFlags in UserGroupManager if possible
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T254822
|
T254822: CentralAuth's group membership is not reliable
|
resolved
|
Unbreak Now! (pink)
|
|
|
|
|
|
T254838
|
T254838: Move User::changeableGroups and User::changeableByGroup to UserGroupManager
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T254912
|
T254912: CheckUser is using UserGroupMembership::getGroupMemberships for foreign wikis
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T255309
|
T255309: Remove UserRightsProxy and replace it's usages with UserGroupManager
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T255330
|
T255330: [Regression] user rights log entries no longer include expiry
|
resolved
|
High (red)
|
|
|
|
|
|
T256427
|
T256427: Normal admin cannot delete site-wide javascript page
|
invalid
|
Medium (orange)
|
|
|
|
|
|
T256706
|
T256706: Add a script to back fill missing user rights expirations
|
open
|
Medium (orange)
|
|
|
|
|
|
T259719
|
T259719: UserEditTracker attempts to initialize edit count in read only mode
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T260485
|
T260485: CentralAuth uses wrong actor ID when locally suppressing the user (CVE-2020-25869)
|
resolved
|
High (red)
|
|
|
|
|
|
T260631
|
T260631: BotPasswords doesn't validate length of resultant bp_restrictions JSON
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T260633
|
T260633: BotPasswords doesn't validate length of resultant bp_grants JSON
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T260933
|
T260933: Make UserIdentity objects aware of which wiki they belong to
|
open
|
High (red)
|
|
|
|
|
|
T261963
|
T261963: Spike to explore Authority concept, implementation, and migration
|
resolved
|
High (red)
|
|
|
|
|
|
T263207
|
T263207: The `UserrightsPage` class is not safe to extend
|
open
|
Medium (orange)
|
|
|
|
|
|
T263911
|
T263911: Missing $wgServer in LocalSettings.php causes fatal error "Call to a member function getIP() on null"
|
resolved
|
Low (yellow)
|
|
|
|
|
|
T264363
|
T264363: Instances of User are not serializable!
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T264393
|
T264393: Mark user object as non-serializable
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T265197
|
T265197: Make class UserrightsPage a real special page and move all helper function to own service
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T265298
|
T265298: Provide a public method for logging user rights changes
|
open
|
Lowest (sky)
|
|
|
|
|
|
T265311
|
T265311: Inject UserFactory into classes using DI
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T267013
|
T267013: How to replace deprecated User::getTokenFromOption for the watchlisttoken?
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T267215
|
T267215: Changes to Session ID interface for MediaWiki event instrumentation
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T267217
|
T267217: MediaWiki Session ID should have per-subdomain and cross-subdomain variants
|
open
|
Low (yellow)
|
|
|
|
|
|
T267218
|
T267218: MediaWiki Session ID should persist according to user inactivity
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T267861
|
T267861: [GOAL] Emit deprecation warnings reading from $wgUser
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T271458
|
T271458: RevisionRecord should use Authority for permission checks
|
resolved
|
High (red)
|
|
|
|
|
|