Do you even have a community consensus for that?

I could do this, and it would be near-trivial, this is more of a policy issue.

(In reply to comment #1)

Do you even have a community consensus for that?

I could do this, and it would be near-trivial, this is more of a policy issue.

Looks like common sense: the old system is superseded by SUL. Moreover, the community would still have control on the blacklist, on Meta or via local blocks if needed.

I agree with Victor that we will need to socialize this before making the change, and ensure that there's a proper plan in place for transitioning abuse prevention rules to the new system. However, I don't think sustaining the current situation is even an option. Having lots of local rules that act as tripwires when moving from wiki to wiki is nuts.

Let me know if this sounds about right from an implementation perspective:

• Right now we have MediaWiki:Titleblacklist in each local wiki, plus [[m:Title blacklist]] on Meta. The latter is loaded on all WMF wikis as an additional title blacklist.

• Currently newaccountonly rules can exist in both the local title blacklist, and the global one.

• To make it global-only, we'd add the newaccountonly rule as an option to $wgTitleBlacklistSources . We'd enable it for the global title blacklist. We'd also want to be able to disable it for the default (project-local) source.

We'd announce that we're making the switch by X date, and then turn off the newaccountonly config option for the local blacklists on that date.

(In reply to comment #4)

• To make it global-only, we'd add the newaccountonly rule as an option to

$wgTitleBlacklistSources . We'd enable it for the global title blacklist. We'd
also want to be able to disable it for the default (project-local) source.

Not really. Options without newaccountonly block username creation as well (as you could have guessed from option's name). What you'd want is some variable to control which sources may restrict usernames, like $wgTitleBlacklistUsernameRestrictionSources. I will actually implement a patch for such option soonish.

That makes sense, thanks for clarifying, Victor. I'll wait for your patch.

Patch submitted: https://gerrit.wikimedia.org/r/8881.

(In reply to comment #7)

Patch submitted: https://gerrit.wikimedia.org/r/8881.

I just added some reviewers for this patch set. Looks like the extension isn't on anyone's radar.

Supporter of SUL and central management of it but I'm not sure if disabling the <newaccountonly> restriction locally is very good. The only thing that stopped an spambot attack at a project (CU and blocks didn't worked/were not effective) was this https://ik.wiktionary.org/w/index.php?title=MediaWiki:Titleblacklist&direction=next&oldid=6454 temporary measure. And currently for some reason those attacks are being done everyday at all hours. Regards.

What's the status of this bug?

Gerrit changeset pending review. Currently it has one -1 for... trailing whitespace! So probably I can tell that no one has really reviewed it.

I could of course merge it myself, but I'm strongly against such practice.

Andre or Sumana: https://gerrit.wikimedia.org/r/8881 was submitted about seven months ago and still hasn't received a real code review from anyone. Could one of you try to find someone to review this changeset? I'd appreciate it.

Merged by Ori on the 21st. What else needs to be done for this bug?

The rest of this is a configuration change - make sure all wikis (other than meta) are using meta as a source for newaccountonly flags, and disable the newaccountonly tag for all wikis (other than meta). However, as Erik said above, this needs to be discussed on wiki as it's mostly a policy change. I'm not sure that this has been done?

Okay, so that's a Wikimedia-side thing. Resolved as far as MediaWiki extensions are concerned.

Sadly this is not fixed, only a minor part of the bug as filed (software changes) is; moving to Wikimedia product.

-shellpolicy, makes no sense here. This is not actionable yet, but will be a forced thing when the final unification happens.

From the definitions (https://bugzilla.wikimedia.org/describekeywords.cgi), shellpolicy is for bugs where

	Consensus is needed from someone who is familiar with community
       standards. Often used for configuration changes for specific wikis to
       check if the user community agrees.

If I understand you ("not actionable *yet*"), then you're saying no attempt for consensus from anyone "familiar with community standards" for the item on here and that no attempt will be made.

I'm not sure I agree with that, but is that what you're saying?

(In reply to comment #18)

I'm not sure I agree with that, but is that what you're saying?

No. No consensus is needed.

• Bug 15183 has been marked as a duplicate of this bug. ***

Could someone (Victor?) please update [[mw:Extension:TitleBlacklist]] to document the changes made in Gerrit change 8881?

Change 195623 had a related patch set uploaded (by Legoktm):
Manage user name blacklist (TitleBlacklist) from meta only

https://gerrit.wikimedia.org/r/195623

Yes, this is the right time to proceed with this. Announcements are fine but I think most sysops have understood that the unification implies such things. Especially since only global accounts can be created now and people are in need of merging accounts. So, just adding to [[Tech/News]] will be enough.

Stewards etc. are certainly able to handle the addition of new rules as a need arise. Mass migrations are not possible anyway because due to a lack of logging it was never possible to assess which rules were still needed or not.

@Nemo_bis Line in Tech/News done.

P384 contains the current wikis with MediaWiki:Titleblacklist

From Gerrit: some wikis have abusefilters for preventing usernames. We need to disable those too. (I've pinged plwiki).

BTW, https://meta.wikimedia.org/wiki/Talk:Title_blacklist#SUL_finalization my one-person-discussion here :)

I will post a notice about this on dewiki's blacklist. It contains a lot of common german insults and also variants of local sysops usernames, which are affected by stalking trolls.
Also enwiki has similiar cases.
So before the switch gets flipped, Glaisher's questions (which would be mine too, from above link), should be answered.

So since this is going to happen, we need a process for migrating reasonable rules from local blacklists to this one (also abusefilters which prevents usernames needs to be disabled and imported here). [...] Glaisher (talk) 12:57, 11 March 2015 (UTC)

So when will this actually get deployed in the projects? Japanese Wikipedia has a lot of <newaccountonly> entries to counter vandal sock puppets. Some of them are just downright vulgar words which I see no problem with being in the global blacklist, but some entries are very wide-catching and made sense locally but would easily cause problems if merged globally (e.g. .*igasih.* or .*[1１][5５][6６].*). I would like to let jawiki admins know about this so that they can sort it out.

In T38939#1114528, @Asahiko wrote:

So when will this actually get deployed in the projects? Japanese Wikipedia has a lot of <newaccountonly> entries to counter vandal sock puppets. Some of them are just downright vulgar words which I see no problem with being in the global blacklist, but some entries are very wide-catching and made sense locally but would easily cause problems if merged globally (e.g. .*igasih.* or .*[1１][5５][6６].*). I would like to let jawiki admins know about this so that they can sort it out.

It will likely get deployed once things like this get sorted out. If you'd like to go ahead and start talking about with jawiki admins, sooner rather than later is always helpful to move this along :)

@Keegan Thanks. Okay, now I see that the same concern had been raised in Gerrit too. I've already started the discussion at [[:ja:MediaWiki talk:Titleblacklist]] and will keep an eye on so that the discussion will not dwindle on for too long. Other wikis should do the same.

Japanese blacklist has been merged (thanks to Glaisher) as logged at [[m:Title blacklist/Log/2015/03]].

Change 195623 merged by jenkins-bot:
Manage username blacklist (TitleBlacklist) from Meta-Wiki only

https://gerrit.wikimedia.org/r/195623

@gpaumier I think another prod through wikitech-ambassadors about this would be beneficial. Something quite specifically points users to [[m:Talk:Title blacklist]] with additions for <newaccountonly>.

We may even do well to think about having the message bot whack something onto each Mediawiki talk:TitleBlacklist that points to [[m:Talk:Title blacklist]], though not sure that English alone will be suitable.