Wikipedia:Snuggle/Work log/Archive June13

Monday, June 3rd
I've had a couple of early testers go through the user interface and turn up some bugs and requests. The general feedback is that Snuggle works and does so in a mostly straightforward way, so I think that we can continue as planned. I'm spending today cleaning up the few simple visual bugs that have been reported. By the end of the day today, I plan to declare version 1.0 and welcome in users.

There are, however, a few changes that have made the short list for version 1.1. Here they are sorted by priority:
 * 1) Make the activity log public
 * 2) Improve performance by doing something clever with the edit graph
 * 3) Decide on a final set of user actions (now just "send message", "invite to teahouse" and "report abuse").

I plan to make the version 1.0 announcement buy the end of the day (GMT -5). In the meantime, feel free to check out version 1.0rc1. -- EpochFail (talk &bull; work) 17:23, 3 June 2013 (UTC)


 * Hey guys. I just ran into a potential hiccup that I thought I should make you aware of.  Apparently it is against the Wikimedia Labs terms of service for me to allow you to log into your Wikipedia account through Snuggle.  The devs at the Wikimedia Foundation are working on an alternative way to sync your Wikipedia accounts with tools like Snuggle, Huggle and STiki (OAuth), but that's not ready yet.  In the meantime, I'm working with  to get an exception from legal.  Since I'm WMF staff and I have signed an NDA, there's hope.  I'll post here as soon as I know more. -- EpochFail  (talk &bull; work) 18:44, 3 June 2013 (UTC)

Tuesday, June 4th
So, I have bad news. We're officially on hold until OAuth support can be added to Wikipedia. It's important to understand the situation, so I've written a brief overview.

Tools like Huggle, STiki and Snuggle allow you to log into Wikipedia through their user interfaces. This is cool because it allows the tool to operate on your behalf. Huggle and STiki help you identify vandalism and then perform a revert without requiring you to navigate Wikipedia to do it. Similarly, Snuggle allows you to send messages to newcomers and report abuse through some cool, animated menus.

But there's a security problem with how you let these tools operate on your behalf. You must provide the software with your password. While us tool developers are a moral bunch and our code never stores our password, it's just better if our code doesn't touch your password at all. But sadly, this was/is the only way that our tools could do the cool things that they do on your behalf.

There's a standard called OAuth that I mentioned earlier. OAuth is a way to get around the problem. With an OAuth based authentication system, you can allow Snuggle to make edits to Wikipedia on your behalf without typing your password anywhere other than wikipedia.org. However, MediaWiki does not yet support OAuth. Support for this authentication system was scheduled for the end of last month, but it's a software project. If this work log is any evidence, software projects take a long time and are often more complex than originally spec'd.

Sadly, policy on Wikimedia Labs prevents us from running Snuggle until OAuth is available. This is why we weren't able to deploy yesterday.

Despite the pain and lameness of having Snuggle's deployment delayed again, it's blocked for your protection. My plan right now is to help out as much as I can to get OAuth support into Wikipedia and to have Snuggle be early adopter. I've already talking with the devs involved to getting OAuth implemented to find out how I can help.

In the meantime, I'm working to get a test version of Snuggle up and running on my University's servers so that the alpha testers can keep helping me with bugs. I'll continue working my way down the list of critical features so that, when we finally do go live, we'll be working with a better tool. -- EpochFail (talk &bull; work) 13:55, 4 June 2013 (UTC)

Hey folks. I guess it's a double update day. I'm working on designing a home screen for Snuggle that would combine a short introduction to what, exactly, Snuggle is and a recent activity monitor that would give you a window into the activities of other Snugglers. See the image on the right. Note that this is just a mockup and not a demonstration of new functionality. My intention is that you'll be able to open Snuggle in two separate tabs. One contain the activity monitor/home page and the other would contain the user list interface that you've become familiar with.

Thoughts? -- EpochFail (talk &bull; work) 19:33, 4 June 2013 (UTC)



Thursday, June 6th
Hey folks. There's two things that I want to talk about today:
 * 1) Snuggle's public event log
 * 2) New test instance (http://snuggle.grouplens.org)

Public event logging
One of the key features of the next build of Snuggle will allow you to easily monitor the activities of other Snuggle users. It's my intention that by keeping our activities publicly view-able, (1) we'll have an easier time coming up with a shared understanding of "good-faith", "ambiguous" and "bad-faith" users and (2) we'll be able to police the use of Snuggle to ensure our tool doesn't inadvertently become a means to harass new users or cause other harm.

A critical question that must be answered is, "What activities should be considered 'public'?". Currently, I'm only planning to show three types of events in the public log:
 * System events (server started, server stopped, etc.)
 * User categorizations - The snuggler's name, categorized user's name and category would be included)
 * User actions - These actions affect the wiki, so they should already appear in Special:Recentchanges, but I like the idea of showing these in Snuggle's event log as well.

New test instance
Due to the mishap with WMF labs and the devs' interpretation of the Terms of Service that I discussed on June 4th, we won't be able to run Snuggle on Labs until OAuth is implemented in MediaWiki. In the meantime, I've set up another instance on one of my university research lab's servers (see GroupLens Research). For now, you can help me keep catching bugs and testing new builds here: http://snuggle.grouplens.org.

I'm working on getting us behind SSL so that your Snuggle activities will be secure. Once that's ready (eta Monday), I'll announce ver. 1.0 on the new server.

In the meantime, please let me know if you run into any trouble. -- EpochFail (talk &bull; work) 21:51, 6 June 2013 (UTC)

Monday, June 10th
Hey folks. I'm still working on getting us behind SSL so that we can announce the release of Snuggle. That should be coming quickly. Sadly, it turns out that getting a SSL certificate is expensive (specifically a subdomain one), so I had to go through proper funding channels to get it worked out. If all goes well, I'll announce that Snuggle is live tomorrow.

In the meantime, I got the event tracking system in place and a welcome screen from which to view it. One of the things that I managed to work out was the ability to do something useful while viewing the event log. Each public event has an associated user that was categorized or sent a message. When you click on this user, you'll see the familiar interface showing their edit activity and allowing you to re-categorize the user or send them another message.

Give it a try and tell me what you think.

-- EpochFail (talk &bull; work) 00:12, 11 June 2013 (UTC)

Thursday, June 13th
Hey guys. I just have a quick update. I pushed out a new build with a few UI tweaks based on some feedback I got about the welcome screen. I've also boosted the version number to v1.1 and started the beginnings of a developer reference for helping other programmers hack on the code for snuggle. I'll be fleshing that out some time this weekend.

There's one other important note to give you. I've set up SSL/HTTPS on the server, so you can now feel secure that your snuggle activities (and wiki login credentials) are being encrypted for you. However, I still don't have a signed "certificate" for the encrypted handshake. Quite simply, this means that while your Snuggle activity is now happening over a secure connection, your browser is going to complain that it can't verify the identity of the server on the other end. Browsers purposefully make accessing a site without a verified certificate a jarring experience by filling it with bold red warnings. This is OK. You're actually accessing Snuggle in a more secure way than you were before. Please continue as usual. I hope to have the a certificate on the server by the end of the week. I'm just waiting for incommonfederation.org to turn around on this.

Please continue to let me know if you run into any problems. -- EpochFail (talk &bull; work) 15:47, 13 June 2013 (UTC)Italic text

Friday, June 14th
I just updated the SSL certificate with InCommon's signed version so that you won't get a browser warning anymore. I'm preparing an announcement to go out to the list today. -- EpochFail (talk &bull; work) 18:27, 14 June 2013 (UTC)

Saturday, June 15th
Lots of little UI tweaks today. I've been getting lots of good bug reports and feature requests over the last 24 hours. Keep them coming. I'll try to deal with what I can right away and schedule the big changes so that they make it into the next major release.

I also started working with User:HAndrade (WMF) to try to start preparing Snuggle to on the Portuguese Wikipedia too. -- EpochFail (talk &bull; work) 16:50, 15 June 2013 (UTC)

Thursday, June 20th
Hey folks. We've had a good first week. Along with a load of feature requests came a set of bug reports. There's one that I want to make you aware of.

Snuggle stays in sync with Wikipedia by reading from it's API, a machine-readable version of Wikipedia that's useful for bots, scripts and tools like Snuggle. Specifically, I read from the corresponding function to Special:Recentchanges. Since I'm primarily interested in tracking editing activity, I tell the api to only show me changes of type "edit". Here's an example of what that looks like:


 * http://en.wikipedia.org/w/api.php?action=query&list=recentchanges&rctype=edit

It turns out that asking for changes of type "edit" doesn't get you all edits. If the edit created a page, you also need to ask for "new". This distinction is really useful for systems that track page creation (e.g. WP:New page patrol). However, because I didn't realize that "new" edits were differentiated from "edit" edits, that means that Snuggle has only been tracking non-page-creating edits this whole time!


 * |new&format=jsonfm http://en.wikipedia.org/w/api.php?action=query&list=recentchanges&rctype=edit|new

I've pushed pushed a HotFix to grouplens.snuggle.org. You can actually see the sync server stop and start back up in the event log. I'm running a script right now that will re-load the data for each user's talk page since that's the most obvious pain point. This is going to be a little bit annoying for newcomers who have made edits before this point in time. Due to this bug, some of the activity graphs and edit counts will be a little bit under-counted. New users who join after today will be correct.

I'll look into ways that I can reload just the missing data when I next find some time to get some hacking in. Mad props to Addshore, Technical_13 and TheOriginalSoni for bringing this to my attention and helping me work out the cause. -- EpochFail (talk &bull; work) 15:36, 20 June 2013 (UTC)

Friday, June 21st
I built a script to load the missing data, but I have to travel in a couple of hours, so I won't be able to monitor its run. I think it's better to leave Snuggle in it's current state and apply the fix on Monday when I can be here to make sure that I don't accidentally make things worse. -- EpochFail (talk &bull; work) 14:26, 21 June 2013 (UTC)

Tuesday, June 25th
Just a quick update today. I've been bogged down a bit recently by the work that I had put off to make the last bit of progress on Snuggle. I was itching to get some more work done, so I picked up two tasks:
 * 1) I pushed out a couple of UI fixes:  and.
 * 2) I put a rotating backup system in place so we won't lose our work if the server mysteriously dies.

I'll be out in Seattle over the next few days talking to other researchers about my studies of Wikipedia and Snuggle. If you're in the area and you want to grab a coffee or beer, let me know. -- EpochFail (talk &bull; work) 23:15, 25 June 2013 (UTC)