[00:34:20] https://meta.miraheze.org/wiki/Tech:Volunteers/Chart Is not yet updated. [00:34:32] It's updated now. [00:46:02] thanks! just for reference my deadname is no longer in use btw [01:07:43] Ah I see. Did that out of habit. Will only use Skye in the future. [15:13:57] [1/4] @cookmeplox Yo! Quick question, we have an open request to add minecraft.wiki to the CSP list for images, could you provide insight on these two bits here? [15:13:57] [2/4] > Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? [15:13:57] [3/4] > Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? [15:13:58] [4/4] These aren [15:15:13] best way to contact the working group is admin@weirdgloop.org, yeah [15:15:26] https://issue-tracker.miraheze.org/T14079 is the ticket btw [15:15:38] We're speedrunning this [15:15:51] I think we alreaddy have the list done and can pass it on the management [15:15:51] The specific person in a position of responsibility for both is me, but I've been trying to get people to use the group aliases more [15:16:21] gotcha [15:17:38] Since WG hasn't had any issues with info security to my knowlege(right?), that's the checklist done, thanks Cook [15:18:23] Actually I may need to revise some of these that should prob have cites [15:18:31] actually may be included in the Privacy policy lemme see [15:18:50] great way to spend my friday morning [15:19:04] okay yeah its in the policy [15:20:15] I am not aware of any information breaches since we started trading in 2018. There's one time in 2024 where we had a (non PII) database more exposed than it was intended to be, but we were able to confirm via audit logs that nobody had ever accessed it [15:20:26] 2018 wow [15:20:37] I'm pretty happy that can go to DTech review @pixldev [15:20:44] same [15:20:59] [1/2] > [x] Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? [15:21:00] [2/2] this isn't really applicable given we're not approving for scripts, right? [15:22:49] @cosmicalpha balls in your court now [15:25:14] Feels really good to bounce this through so quick [15:25:51] Everyone will expect every review at that pace now though [15:26:07] 🥀 [15:26:17] the 8 other CSP reviews: [15:26:22] Don't worry we can stall to make up for it [15:26:56] i think dtech fell asleep on this one https://issue-tracker.miraheze.org/T13017 [15:26:59] 🏃 [15:27:18] whoops [15:27:39] oh [15:27:41] https://cdn.discordapp.com/attachments/1006789349498699827/1400862558101049395/image.png?ex=688e2e6c&is=688cdcec&hm=370ad89d6d396dededd83b588f9e611ccdc6e2bb0a019dd094a944dd3998e414& [15:27:49] guess im in charge now chat :devilish: [15:28:38] ha your client cant handle both my spotify activity and my status [15:28:47] https://cdn.discordapp.com/attachments/1006789349498699827/1400862835512442900/image.png?ex=688e2eae&is=688cdd2e&hm=b3ce357f958726f701c0f5600ba48708173e6b71a7d28d27e1b2d7d27308f3ed& [15:29:09] dont care this theme rocks [15:30:01] ngl it's a very "you weren't there" theme (i cant wait to explain) [15:36:57] https://issue-tracker.miraheze.org/T14069 this one is interesting [15:37:03] do you wanna check it out and give 2c? [15:43:17] my 2c is this should be considered since it is very popular, but imo its ultimately up to T&S to judge if previous privacy concerns have improved [15:43:44] Is it T&S or Tech management? [15:43:45] Idk [15:44:16] I saw let's throw James at it, heres in T&S and technically in tech [15:44:53] both really [15:45:42] https://issue-tracker.miraheze.org/T13917 clear to put this on the DTech list too? [15:46:02] wanna try and cut this down a bit [15:46:35] this looks fine to me [15:47:40] lgtm but i did get "hired" yesterday [15:47:45] I think @reception123 can approve these too [15:47:57] you have the funny hex so lets ball! [16:02:53] Balls are banned 😉 [16:08:26] Reception is DDTech [16:09:15] So only when DTech is out [16:22:45] If here’s trusted to do it when CA is gone I feel it makes sense he can do things to split work better no? [16:23:29] Don't use sense [16:24:07] https://tenor.com/view/oocw-outofcontextwrasslin-oh-sad-sad-emoji-gif-15462661027727635708 [17:03:47] I will review all the CSP requests I need to today. [17:03:53] @pixldev @rhinosf1 [17:04:33] Awesome, see your DM too [17:07:58] Bet, thank you. I’m going out biking now and when I’m back I’ll finish going down the list moving the ones I can to DTech colum [18:41:02] there should be a task form for CSP reviews so people have to answer the questions on the checklist before submitting the task [18:45:32] @rhinosf1 hey mr phorge admin [18:46:08] I'm on the sofa though [18:46:13] And my laptop is on my desk [18:47:17] why is it not on your lap [18:47:58] Cause I'm chilling [18:48:01] I’m looking to enroll https://outlaster.peakprecision.wiki into the NextTide program [18:48:11] Cause I spent all day at work refactoring C [18:48:32] cant escape phorge [18:49:13] SMW... [18:49:20] Oh god [18:49:27] I mean I can cause my yubikey is also behind me [18:49:44] It's about 1mm further away than I can reach [18:50:25] valid justification [18:50:31] https://tenor.com/view/undertale-undertale-memes-sans-papyrus-gif-24074771 [18:50:47] perfect time to stretch a little then [18:50:53] nooooooo [18:51:01] that reminds me I'm yet to play the new Deltarune chapters [18:51:06] Skye gets it [18:51:17] Oh my god, I just finished chapter 4 yesterday [18:51:28] You really should, it was incredible [18:51:36] maybe this weekend [18:51:50] yea SMW is one of those things that is gonna take a while to be 1.44-compatible so unfortunately you won't be registered [18:51:56] Claire would know that I went fucking insane over it [18:52:44] I haven’t really used SMW on my wiki that much I could just disable it [18:53:33] (would it be funny to have you file a [[SR/RC]]) [18:53:39]

[18:54:08] may ward bless ye wiki in that case [18:54:22] keep calm and flutter on [18:54:26] do take a moment to consider that [18:54:58] can someone poke https://issue-tracker.miraheze.org/T13196 to see if they still need it added? if so i think it can go to CA but also hard to tell with the formatting [18:55:09] (also no way am I gonna do the disabling, I've yet to get my SMW bomb defusal course) [18:55:48] we have that? [18:57:58] i hate when we have to say oops forgot about this you still need this? [18:59:31] we forgor 💀 [19:00:11] thats the motto going on the Offical Seal Of The Technologogy Department [19:00:18] _we forgor_ [19:00:37] Done [19:00:41] 💀 [19:01:00] is it actually that hard to enable and disable SMW on wikis? [19:01:10] weeeeeeeell [19:01:32] [1/2] just disabling it? no [19:01:32] [2/2] disabling without explosions? a bit more complicated [19:04:04] It shouldnt really cause issues disabling it but it might when/if you reenable it... [19:04:56] While keep previous SMW store data intact that is.. if that doesnt matter there is no issues. [19:06:11] Uuuuuh [19:06:25] hey @cosmicalpha does this count as a privacy policy..? https://evil-ads.k1tty.net/privacy.html [19:06:48] From https://issue-tracker.miraheze.org/T14056 [19:07:10] uh the name alone is quite concerning. [19:07:36] I think it's meant to be a satire site to serve comedic mock ads [19:07:39] For some reason [19:09:48] Does this give a bad gateway for yall https://public-api.typicaldevelopers.com/ ? [19:09:58] that's more of a privacy notice then policy, concerning and im not sure how accurate it is also. Sure it can be a privacy policy in CSP review, I still dont know if it'll fit other criteria for approval though [19:10:32] yes [19:10:37] Want me to give some more scrutiny, leave it to a Tech member or someone else? [19:10:54] hm, reception said back in feb it didnt work [19:11:05] ill set a reminder for, 3 days? and if its still not working ill close the task [19:12:28] I think that's all the pending CSP requests I've gone through [19:12:29] You can fill out the checklist, and we will decide from there. I still lean towards declining based on what ive seen so far but would also like a second opinion still. I havent looked in depth so it could be fine. [19:12:34] Most I asked for the checklist [19:13:02] this needs followup if someone wanna snag [19:13:43] [1/2] This is whats on there [19:13:43] [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1400919437145538691/image.png?ex=688e6365&is=688d11e5&hm=53e42673858c4d5212c424f61f1b84a4b055e9f30c804fecec9e821fedd0febd& [19:13:59] They also added a security.txt [19:14:07] Which is also inaccessible at the moment [19:33:49] https://github.com/miraheze/mw-config/commit/02442aa1d7c2aa86768f1f69bcc59d11b8b690ab that sure was one interesting find an it questions my ability to do math properly when I added it lol [19:34:47] math is hard :( [19:34:59] computer do math, me think [19:36:07] No wonder I was seeing dumps making 3,000 parts lol [19:37:54] Chunky chunks [19:43:42] this is interesting https://wikimedia.eventyay.com/talk/wikimania2025/talk/WTRQCJ/ [19:43:59] @serverlessharej you going to Wikimania this year? [19:44:25] No [19:45:41] tempted to go there just to tell the guy hosting the discussion to re-review my [patch]() (it's been like a month) [19:46:52] that would be such a baller move but please dont [19:47:19] What's the point of wikimania if you can't bribe people to merge patches [19:47:38] fr [19:47:41] @abaddriverlol will donate a security review for every patch merged [19:50:23] How the fuck did it get to 10 to 9 too [19:53:54] oh? [19:54:13] time travel [19:56:10] [1/2] Was already in the box, seems I forgot to click submit months ago lol [19:56:11] [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1400930127273005076/image0.png?ex=688e6d5a&is=688d1bda&hm=fd1608e091e4ce9ff2962c056546f4968ee3c9631943706983ecfd5171712ce9& [19:56:51] terrific [20:02:54] Does phorge show all drafts [20:03:20] Yep if you start typing its there until you remove it lol [20:12:25] Assuming you never clear cookies / cache [20:13:03] Well true lol [20:14:48] i mean a list with all your draft replies [20:14:58] Nope [20:15:03] oh no [20:15:13] It's not that smart [20:15:34] mate you made that request when logged out 💀 [20:15:49] sigh [20:15:56] want a revdel? [20:16:02] 💔 [20:16:21] sign correctly, i can remove the old edit if you want [20:18:48] nah it’s fine [20:18:54] I signed it correctly [20:25:29] hey @pskyechology do you know how puppet PRs work [20:26:33] i kinda wanna learn how to do em [20:26:56] What you wanna do [20:27:10] CSP Addition [20:27:33] That's a yaml file [20:27:40] those are so simple [20:27:40] you just add them [20:27:48] damn discord took a century to send those msgs [20:28:17] baby steps [20:28:19] https://github.com/miraheze/puppet/blob/main/modules/mediawiki/data/csp.yaml [20:28:38] alrught cool [20:28:58] uh, explain to me the difference between the types please im dumb [20:36:28] [1/9] we have the uhhhh: [20:36:29] [2/9] the default stands for Dont [20:36:29] [3/9] script for scripts, usually of the js variety [20:36:29] [4/9] style for CSS [20:36:29] [5/9] img for images [20:36:30] [6/9] font for fonts [20:36:30] [7/9] media is audio and video [20:36:30] [8/9] frame is mostly iframes [20:36:31] [9/9] connect tl;dr is anything you get via a websocket, fetch() or XHR [20:43:22] no puppet write access, can't give myself root access 😔 [20:44:40] yay(?) [20:44:53] yes, very yay, this is a good practice [20:45:11] although I'd personally limit it further [20:45:44] @rhinosf1do i put all 3 requests in one PR [20:46:00] yeah you can get away with that [20:46:13] 3 different commits? [20:46:26] its gonna be 1 commit in the end anyway so [20:46:52] if anything, list changes (with their ticket #) in the PR description [20:47:15] yeah i would like to add Resolves T12345 to autoclose [20:47:58] righty lets see [20:55:50] https://github.com/pixDeVl/MirahezePuppet/commit/2aba236bba3c5be649e93e88dbff32afdd0d4c9e @rhinosf1 look good? [20:56:14] Ye [20:56:21] splendid [20:56:32] https://github.com/miraheze/puppet/pull/4458 [20:56:51]