Phabricator Link
|
Wiki Link
|
Status
|
Priority
|
Author
|
Assignee
|
Projects
|
Subtasks
|
Parent Tasks
|
T108253
|
T108253: Make sure CentralAuth login tokens work with two datacenters
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T111789
|
T111789: Disallow renaming own accounts with Special:GlobalRenameQueue
|
resolved
|
Lowest (sky)
|
|
|
|
|
|
T112730
|
T112730: Failure to OAuth after login on mobile
|
open
|
Medium (orange)
|
|
|
|
|
|
T120484
|
T120484: Create password-authentication service for use by CentralAuth
|
open
|
Medium (orange)
|
|
|
|
|
|
T134842
|
T134842: SpecialCentralAutoLogin calls User::saveSettings() on HTTP GET presend
|
open
|
Medium (orange)
|
|
|
|
|
|
T145545
|
T145545: "No active login attempt is in progress for your session." when trying to log in on wikisource.org
|
open
|
Medium (orange)
|
|
|
|
|
|
T150506
|
T150506: Avoid lazyImportLocalNames() master writes on GET requests (Run a script to backfill them once for all)
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T153815
|
T153815: Allow global groups to be assigned temporarily (expire)
|
open
|
Medium (orange)
|
|
|
|
|
|
T154552
|
T154552: ApiLogin should not open master connection to centralauth DB
|
stalled
|
Medium (orange)
|
|
|
|
|
|
T154775
|
T154775: Add guiuserid for meta=globaluserinfo
|
open
|
Medium (orange)
|
|
|
|
|
|
T158365
|
T158365: Session "{session}": Metadata merge failed: {exception}
|
open
|
Medium (orange)
|
|
|
|
|
|
T167163
|
T167163: API error response for list=user&usprops=cancreate with similar username has '$1' instead of real error code.
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T180858
|
T180858: CentralAuth API list=globalallusers should capitalize the first letter
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T181869
|
T181869: Error "Session {session}: Metadata has an anonymous user, but a non-anon user was provided"
|
open
|
Medium (orange)
|
|
|
|
|
|
T193254
|
T193254: Global renames get stuck at metawiki
|
resolved
|
High (red)
|
|
|
|
|
|
T193671
|
T193671: Allow searching global rename log by old username via API
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T200938
|
T200938: Special:CentralAuth should provide the same blocking information as Special:BlockList does
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T200988
|
T200988: Edit count in Special:CentralAuth not equals entry count in Special:Contributions
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T202095
|
T202095: Require that CentralAuth's global groups all use lowercase internal identifiers
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T203283
|
T203283: Special:CreateAccount causes ApiValidatePassword to log a DBPerformance warning from CentralAuth
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T204145
|
T204145: PHP Warning: session_id(): Cannot change session id when headers already sent
|
declined
|
Needs Triage (violet)
|
|
|
|
|
|
T205992
|
T205992: Allusers query auprop=rights does not include global rights (and is possibly wrong in other ways)
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T212082
|
T212082: Do not block page moves with AbuseFilter on LocalRenameJob page moves
|
resolved
|
High (red)
|
|
|
|
|
|
T212284
|
T212284: Fatal db error "Could not select database 'centralauth'" (sometimes also 'metawiki')
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T224607
|
T224607: CentralAuth, MassMessage and WikibaseLexeme build failures
|
resolved
|
High (red)
|
|
|
|
|
|
T226840
|
T226840: Consistent HTTP 503 Error on some urls for some logged-in users (CentralAuth Set-Cookie storm)
|
open
|
Medium (orange)
|
|
|
|
|
|
T227772
|
T227772: Fix or remove capability to override user rights for the current request
|
resolved
|
Unbreak Now! (pink)
|
|
|
|
|
|
T229155
|
T229155: globaluserinfo should show global blocks
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T229610
|
T229610: "View the status" link in "Your account is currently being renamed or merged" message links to Special:GlobalRenameProgress/$1
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T229613
|
T229613: CentralAuth tests are broken
|
resolved
|
High (red)
|
|
|
|
|
|
T230153
|
T230153: WebResponse: Cannot modify header information - headers already sent by SpecialCentralAutoLogin.php
|
duplicate
|
Medium (orange)
|
|
|
|
|
|
T237505
|
T237505: Globaluserinfo API module should allow getting data for more than one user at once
|
open
|
Medium (orange)
|
|
|
|
|
|
T239523
|
T239523: Discrepancy between local and global email status
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T241940
|
T241940: No option to continue querying for more results in globalallusers API
|
open
|
Medium (orange)
|
|
|
|
|
|
T242994
|
T242994: CentralAuth needs uses of global $wgUser removed
|
stalled
|
Medium (orange)
|
|
|
|
|
|
T243123
|
T243123: Login to at least en.wikipedia.beta.wmflabs.org and commons.wikimedia.beta.wmflabs.org sometimes fails with `There seems to be a problem with your login session`
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T243652
|
T243652: Calls to LogPage::addEntry should pass a user
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T244899
|
T244899: CentralAuth should work with postgres
|
stalled
|
Needs Triage (violet)
|
|
|
|
|
|
T245413
|
T245413: Prepare CentralAuth db for global groups expiration
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T246943
|
T246943: Login failed/disappeared during 2FA
|
open
|
Medium (orange)
|
|
|
|
|
|
T249859
|
T249859: Unable to merge CentralAuth patches (master does not satisfy mwext-php72-phan-seccheck-docker in CI)
|
resolved
|
High (red)
|
|
|
|
|
|
T252934
|
T252934: Hard deprecate manually constructing MovePage objects
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|
T254822
|
T254822: CentralAuth's group membership is not reliable
|
resolved
|
Unbreak Now! (pink)
|
|
|
|
|
|
T255309
|
T255309: Remove UserRightsProxy and replace it's usages with UserGroupManager
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T258718
|
T258718: ConfigException: HashConfig::get: undefined option: 'CookieSameSite'
|
resolved
|
High (red)
|
|
|
|
|
|
T259376
|
T259376: Migrate CentralAuth to Abstract Schema
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T260485
|
T260485: CentralAuth uses wrong actor ID when locally suppressing the user (CVE-2020-25869)
|
resolved
|
High (red)
|
|
|
|
|
|
T261034
|
T261034: CentralAuth calls "UserInvalidateEmailComplete" hook which doesn't exist, but "InvalidateEmailComplete" exists
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T261143
|
T261143: Fix misattribution of block due to bad values in the ipblocks ipb_by_actor field
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T261325
|
T261325: Fix rows in ipblocks that point to a non-existing user in ipb_by_actor field, due to T260485
|
declined
|
High (red)
|
|
|
|
|
|
T261752
|
T261752: API: Make list=users display status of globally locked users
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T263207
|
T263207: The `UserrightsPage` class is not safe to extend
|
open
|
Medium (orange)
|
|
|
|
|
|
T263530
|
T263530: Table 'metawiki.globaluser' doesn't exist on query
|
duplicate
|
High (red)
|
|
|
|
|
|
T264798
|
T264798: CentralAuth should not emit central cookies when creating a local session
|
open
|
Low (yellow)
|
|
|
|
|
|
T267273
|
T267273: [arwiki] Submitting a POST on a form redirected to immediately after account creation sometimes logs user out
|
open
|
High (red)
|
|
|
|
|
|
T268617
|
T268617: Create a variation of the CentralAuthTokenSessionProvider based on an Authorization header
|
resolved
|
High (red)
|
|
|
|
|
|
T269680
|
T269680: MediaWiki logging indexing conflict on 'session' for 'session-ip' channel
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T270846
|
T270846: Update CentralAuth to use the new HookContainer/HookRunner system
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T273511
|
T273511: Convert CentralAuthUtilityService to Authority instead of PermissionManager
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T274817
|
T274817: Convert DatabaseBlock and AbstractBlock to UserIdentity, and make them cross-wiki aware.
|
open
|
High (red)
|
|
|
|
|
|
T275030
|
T275030: Avoid using User ::isUsableName, ::isCreatableName, ::getCanonicalName
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T275960
|
T275960: Partially failed user suppression left revisions visible, with rev_deleted=0
|
open
|
Low (yellow)
|
|
|
|
|
|
T276035
|
T276035: Avoid using User ::getDefaultOptions, ::getDefaultOption
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T276094
|
T276094: Avoid using User ::addGroup, ::removeGroup, ::getAllGroups, ::clearNotification
|
duplicate
|
Needs Triage (violet)
|
|
|
|
|
|
T276316
|
T276316: Argument 1 passed to MediaWiki\User\UserNameUtils::getCanonical() must be of the type string, null given, called in /srv/mediawiki/php-1.36.0-wmf.33/extensions/CentralAuth/includes/CentralAuthGroupMembershipProxy.php on line 48
|
resolved
|
High (red)
|
|
|
|
|
|
T276739
|
T276739: Get Wikimedia added to disconnect.me entity list
|
declined
|
Low (yellow)
|
|
|
|
|
|
T277074
|
T277074: Convert CentralIdLookup to UserIdentity and Authority [hard]
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T277687
|
T277687: Deprecated cross-wiki access to User. Expected: 'eswiki', Actual: the local wiki. Pass expected $wikiId. [Called from User::getId]
|
duplicate
|
Needs Triage (violet)
|
|
|
|
|
|
T278392
|
T278392: Storage solution for cross-datacenter tokens
|
open
|
Medium (orange)
|
|
|
|
|
|
T281837
|
T281837: extensions/CentralAuth - Use UserGroupManager instead of User group methods
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T281972
|
T281972: ActorStore::checkDatabaseDomain: InvalidArgumentException: DB connection domain does not match when suppressing via Special:CentralAuth (CVE-2021-36128)
|
resolved
|
Lowest (sky)
|
|
|
|
|
|
T281990
|
T281990: extensions/CentralAuth - use SessionProvider ::init, ::postInitSetup instead of the setters of SessionProvider
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T283365
|
T283365: CentralAuthUser is sometimes loaded from the primary database on GET requests
|
duplicate
|
Needs Triage (violet)
|
|
|
|
|
|
T283736
|
T283736: extensions / CentralAuth - use SessionProviderTestTrait::initProvider instead of SessionProvider::init in tests
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T286490
|
T286490: PHP Deprecated: Deprecated cross-wiki access to MediaWiki\User\UserIdentityValue. Expected: the local wiki, Actual: 'enwiki'. Pass expected $wikiId. [Called from MediaWiki\User\UserIdentityValue::getId]
|
resolved
|
Medium (orange)
|
|
|
|
|
|
T291515
|
T291515: PHP Deprecated: $wgUser reassignment detected [Called from MediaWiki\Extension\CentralAuth\Special\SpecialCentralLogin::execute]
|
resolved
|
High (red)
|
|
|
|
|
|
T291983
|
T291983: Create a BlockRestrictionStoreFactory in order to make BlockRestrictionStore a proper cross-wiki store
|
open
|
High (red)
|
|
|
|
|
|
T291994
|
T291994: Properly support cross-wiki blocking
|
open
|
High (red)
|
|
|
|
|
|
T298223
|
T298223: Global suppressions throw 'Deprecated cross-wiki access' warnings
|
open
|
Needs Triage (violet)
|
|
|
|
|
|
T37220
|
T37220: Allow per-session log out
|
open
|
Low (yellow)
|
|
|
|
|
|
T87889
|
T87889: Convert CentralAuth to use extension registration
|
resolved
|
Needs Triage (violet)
|
|
|
|
|
|