Wikipedia:Bots/Requests for approval/ProcBot 8


 * The following discussion is an archived debate. Please do not modify it. To request review of this BRFA, please start a new section at Bots/Noticeboard. The result of the discussion was

ProcBot 8
Operator:

Time filed: 21:18, Sunday, May 2, 2021 (UTC)

Automatic, Supervised, or Manual: automatic

Programming language(s): Ruby

Source code available:

Function overview: Update an edit filter automatically.

Links to relevant discussions (where appropriate): Edit filter mailing list

Edit period(s): Continuous

Estimated number of pages affected: 1

Exclusion compliant (Yes/No): No

Already has a bot flag (Yes/No): Yes

Function details: The bot will periodically update data of a specific edit filter. There's discussion on the edit filter mailing list if any BAG members have access, also happy to discuss on IRC.

The bot account will need to be flagged with EFM. I've done a test without submitting on my own account. Worth noting that since there are no API endpoints to update edit filters programmatically, the bot makes normal web requests for this purpose. It has checks for roughly expected data and saves a record of the request for safekeeping.

Discussion

 * In principle, I think this is fine. I would prefer if it runs under an isolated account due to the inherit risk of the EFM role and to make auditing easier. I wish there was more we could say to explain to users about what it's trying to do, but I understand the BEANS risks. Suffusion of Yellow, I checked recent hits of the filter and while I see plenty of unconstructive edits being stopped (and some constructive ones as well), I don't see much of the actual thing it's trying to target. How often do you expect it to hit? Also, would it be at least OK to give the filter number, so users with EFH/EFM/sysop permissions can understand what's going on, without needing to dig through the mailing list? —&#8239; The Earwig (talk) 22:38, 2 May 2021 (UTC)
 * Well, once the bot's running, it will have to be public at Special:Log/abusefilter that it's editing . And we can say that this is what the bot will be doing. Yes, the LTA(s) have "gone dark" right now. I was tempted to disable the filter, before I saw this request. But then we'd be back here in a few months when one of the LTAs returns. So,, will the bot leave the filter's actions unchanged? What I'd like to do is switch it to log-only (probably a good idea while bot's in testing anyway), but be able to switch it back to disallow again as soon the problem returns. Suffusion of Yellow (talk) 23:09, 2 May 2021 (UTC)
 * Yeah, it won't try to overwrite any of the other filter properties, or the rest of the filter (outside the relevant portions). ProcrastinatingReader (talk) 23:13, 2 May 2021 (UTC)
 * FWIW (not much!), I also feel that bot tasks with 'advanced' rights should run under an isolated account. ƒirefly  ( t · c ) 11:03, 3 May 2021 (UTC)
 * I'm not particularly convinced it improves security, especially in the case of this task, but I also don't mind maintaining a second account. I created User:ProcBot II but it'll need to be temp flagged with bot as well if this goes to trial (due to same issue as ProcBot I; captchas and IP blocks). ProcrastinatingReader (talk) 11:25, 3 May 2021 (UTC)
 * This is on my watchlist now, so if it goes to trial I'll give all of the appropriate permissions. Primefac (talk) 12:12, 4 May 2021 (UTC)
 * FWIW agree that a second account doesn't really improve security as long as your other bot tasks are running out of a BotPassword configuration that doesn't have access to EFM rights. But since it's an advanced right, it might help to enable 2FA for its web-login. – SD0001  (talk) 05:17, 5 May 2021 (UTC)
 * Personally, I don't view it as a security issue, I view it as more of a transparency/clarity issue. If MyBot1 is a "normal" bot and MyBot2 has TPE and MyBot3 is an adminbot, if I see them in the contribs I immediately (assuming I know the bot functions) have a better idea of what "type" of edits the bot is making (in other words, it's easier to quickly check if it is functioning properly). Primefac (talk) 11:58, 5 May 2021 (UTC)
 * The trial should be conducted with the filter in log-only mode, as SoY suggested above, unless the problem returns and we need to switch it to disallow. I will leave the flagging to Primefac. —&#8239; The Earwig (talk) 04:05, 11 May 2021 (UTC)
 * Flags granted. Primefac (talk) 12:32, 11 May 2021 (UTC)
 * BotOnHold Popping on hold for a while. Both scripts work (and a few bot edits were made), but I can't seem to get it to run in Toolforge cron. Something weird going on. Had one of the sysadmins take a look but will need to file a phab ticket I think, and can't get around to that for a few weeks. ProcrastinatingReader (talk) 08:40, 2 June 2021 (UTC)
 * can we restart the trial? Just going to self-host it, less trouble than figuring out what's wrong with Toolforge. ProcrastinatingReader (talk) 17:51, 2 July 2021 (UTC)
 * OK, go for it. —&#8239; The Earwig (talk) 03:32, 3 July 2021 (UTC)
 * Sure. Primefac (talk) 09:31, 3 July 2021 (UTC)
 * Thanks! Can the rights be granted to the User:ProcBot II account again as well? ProcrastinatingReader (talk) 10:44, 3 July 2021 (UTC)
 * ✅. Primefac (talk) 11:27, 3 July 2021 (UTC)

Log. ProcrastinatingReader (talk) 13:32, 25 July 2021 (UTC)
 * Everything seems to be working as intended. Primefac (talk) 14:42, 8 August 2021 (UTC)
 * The above discussion is preserved as an archive of the debate. Please do not modify it. To request review of this BRFA, please start a new section at Bots/Noticeboard.