git bisect says this was caused by T367394: REST: Stop using getParamSettings for body parameters / rMW2b31f4c46ff8: param-settings: Remove backward compatibility code from default.

Perhaps related to some REST framework refactoring in core.

In T357600#9983296, @Jdlrobson wrote:

@ppelberg what is the long term plan for Flow? I assume it is going to be replaced with discussion tools at some point. Is there a timeline or any plans in motion?

Also, whoever is verifying the patch should:

We need something similar in AbuseFilter, whenever a user sees the precise IP address for a temporary user who triggered a filter.

In the patch that enable for testwiki, let's make sure to document how to safely disable (using the known config flag) in case that is necessary.

Is there more to do here?

Marking this as resolved per T300269#8365943. cc @Niharika

@KColeman-WMF @Niharika this task needs design and product specification for what the Special:CreateAccount page should look like if you are logged-in as a temporary account user and want to create a full, named account. There is already a suggestion on what is to be done for this task:

@Niharika @KColeman-WMF the idea in the task description sounds good to me. What do you think?

@Niharika @KColeman-WMF could you please discuss this task and decide if there's something that we should do here?

I think this is something that can solved via T20110: Define AbuseFilter consequence to display a CAPTCHA, so I will mark it as stalled until we have fully rolled out the showcaptcha consequence.

In T369872#9976122, @zeljkofilipin wrote:

@kostajh I can take a look later today, but unless it's quick to fix I will not have the time to work on it this week.

I can create a patch that will disable the test until it's fixed, to unblock merges.

Could someone from Quality-and-Test-Engineering-Team have a look at this, please? cc @zeljkofilipin

We may also want to have T360195: Analyze IP reputation data and how it maps to on-wiki editing and account creation activity done first, to better guide people who create filters using facets of IP reputation data as AbuseFilter variables.

In T368883#9954592, @hashar wrote:

I have added fixsuggesterbot to the Service Users group. I think that would also cause the old comments made that by bot to be hidden in the web interface.

In T368910#9974427, @bd808 wrote:

The community run https://www.mediawiki.org/wiki/Project:Support_desk system is current Flow based. It seems important that community administered tech support for MediaWiki continue to be accessible to unregistered users. The work at T365846: Assist communities in archiving Flow/StructuredDiscussions boards should maybe prioritize discussions with the mediawiki.org community to ensure that technical support for MediaWiki continue to function well with Temporary accounts.

Removing from the task tree, as we are enabling in CI via T359043: Enable temp account creation in CI via DevelopmentSettings.php

In T368454#9972946, @Lucas_Werkmeister_WMDE wrote:

That error doesn’t sound like it would be related to any particular test… I think we just need to wait for MediaWiki to be ready?

Thanks, all!

In T366272#9971036, @ssingh wrote:

I am not sure if I should do any cleanup here without running it by and hence just a comment and no action:

We have geoip_update_ipinfo.service failing on puppetmaster1001 (started by the timer of the same name):

Jul 10 04:30:01 puppetmaster1001 systemd[1]: Starting download geoip databases for the IPInfo extension from MaxMind...
Jul 10 04:30:02 puppetmaster1001 geoip_update_ipinfo[22062]: Received an unexpected HTTP status code of 403 from https://updates.maxmi
Jul 10 04:30:02 puppetmaster1001 geoip_update_ipinfo[22062]: Invalid product ID or subscription expired for GeoIP2-Enterprise
Jul 10 04:30:04 puppetmaster1001 systemd[1]: geoip_update_ipinfo.service: Main process exited, code=exited, status=1/FAILURE
Jul 10 04:30:04 puppetmaster1001 systemd[1]: geoip_update_ipinfo.service: Failed with result 'exit-code'.
Jul 10 04:30:04 puppetmaster1001 systemd[1]: Failed to start download geoip databases for the IPInfo extension from MaxMind.

sukhe@puppetmaster1001:~$ systemctl list-units --failed
  UNIT                        LOAD   ACTIVE SUB    DESCRIPTION                                                   
● geoip_update_ipinfo.service loaded failed failed download geoip databases for the IPInfo extension from MaxMind

Seen again on DevelopmentSettings: Enable auto creation of temp users in CI (https://integration.wikimedia.org/ci/job/wmf-quibble-selenium-php74/17795/console).

In T20110#9901516, @suffusion_of_yellow wrote:

• The message should say something other than "Incorrect or missing CAPTCHA." when no CAPTCHA was ever asked for.

For QA, see the acceptance criteria in the task description.

In T356102#9965438, @achou wrote:

In T356102#9944154, @kostajh wrote:

@achou thanks for the documentation!

I made a patch to clarify using -1 for revision ID if the edit has not yet been saved.

Merged, thanks! :)

A couple of other questions:

• Is comment a required field?

comment is an optional field.

• Where are you currently retrieving bytes from? Is that equivalent to size in a prop=revisions Action API query?

Yes, bytes is equivalent to size in a prop=revisions Action API query.

• just to confirm, if the edit is the creation of a page, then the revertrisk endpoint will not provide any useful prediction?

Right, since the revertrisk model needs the data from the parent revision. If the edit is the creation of a page, it has no parent revision.

While we work on adapting the tests to work with temp accounts, two things we could consider:

@Tgr is there a status update for this task? Asking in context of Temporary accounts rollout, where ideally we'd like for temporary accounts to persist reliably while navigating from one site to the next (since there is no possibility to log back in to one's account).

My 2c would be to use the one that ships with core https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/refs/heads/master/.gitmessage; I typically run git config commit.template ~/path/to/mediawiki-core/.gitmessage in new extensions that I clone

This can skip QA, I think. Temp account creation on beta cluster is now unbroken.

I'm going to close this as a duplicate of T364705: Provide AbuseFilter condition for revertrisk threshold.

In T369372#9959202, @Dreamy_Jazz wrote:

Could we put the log creation in a deferred update or job? I'm thinking that putting the log entry last might fix the issue, as the log entry will create an actor ID for the local user. That might be the cause of the problems.

In T369372#9958909, @kostajh wrote:

In T369372#9958161, @kostajh wrote:

T357498: Temp account creations do not appear in Special:Log rMWc81f5b81e321: Create an autocreate log when a temporary account is created on edit is implicated for reasons unclear to me.

We should probably prioritize adding a basic end-to-end test for temp accounts (WIP selenium: Add tests for temporary accounts).

Something in AuthManager::acquireActorId is involved in the session issues for temp account auto creation, when called in the context of autoCreateUser and creating a log entry.

In T369372#9958161, @kostajh wrote:

T357498: Temp account creations do not appear in Special:Log rMWc81f5b81e321: Create an autocreate log when a temporary account is created on edit is implicated for reasons unclear to me.

We should probably prioritize adding a basic end-to-end test for temp accounts (WIP selenium: Add tests for temporary accounts).

We should probably prioritize adding a basic end-to-end test for temp accounts (WIP selenium: Add tests for temporary accounts).