Wikipedia:Tajmaɛt/yulyu 2018

Global preferences are now available, you can set them by visiting your new global preferences page. Visit mediawiki.org for information on how to use them and leave feedback. -- Keegan (WMF) (talk)

(Tanemmirt ɣef afus ara d-muddeḍ i tsuqilt ar tutlayt-ik)

Hi all,

I'm preparing a change in who can edit sitewide CSS/JS pages. (These are pages like MediaWiki:Common.css and MediaWiki:Vector.js which are executed in the browser of all readers and editors.) Currently all administrators are able to edit these pages, which poses a serious and unnecessary security risk. Soon, a dedicated, smaller user group will take over this task. Your community will be able to decide who belongs in this group, so this should mean very little change for you. You can find out more and provide feedback at the consultation page on Meta. If you are involved in maintaining CSS/JS code, or policymaking around adminship requests, please give it a look!

Thanks!
Tgr (talk) 08:45, 12 Yulyu 2018 (UTC) (via global message delivery)

(Tanemmirt ɣef afus ara d-muddeḍ i tsuqilt ar tutlayt-ik)

Hi all!

To improve the security of our readers and editors, permission handling for CSS/JS pages has changed. (These are pages like MediaWiki:Common.css and MediaWiki:Vector.js which contain code that is executed in the browsers of users of the site.) A new user group, interface-admin, has been created. Starting four weeks from now, only members of this group will be able edit CSS/JS pages that they do not own (that is, any page ending with .css or .js that is either in the MediaWiki: namespace or is another user's user subpage).

You can learn more about the motivation behind the change here.

Please add users who need to edit CSS/JS to the new group (this can be done the same way new administrators are added, by stewards or local bureaucrats). This is a dangerous permission; a malicious user or a hacker taking over the account of a careless interface-admin can abuse it in far worse ways than admin permissions could be abused. Please only assign it to users who need it, who are trusted by the community, and who follow common basic password and computer security practices (use strong passwords, do not reuse passwords, use two-factor authentication if possible, do not install software of questionable origin on your machine, use antivirus software if that's a standard thing in your environment).

Thanks!
Tgr (talk) 13:08, 30 Yulyu 2018 (UTC) (via global message delivery)