⚓ T290324 Create Oversight-level abuse filters

⚓ T290324 Create Oversight-level abuse filters
Page Menu
Phabricator
Create Task
Maniphest
T290324
Create Oversight-level abuse filters
Open, In Progress, Needs Triage
Public
Actions
Edit Task
Edit Related Tasks...
Create Subtask
Edit Parent Tasks
Edit Subtasks
Merge Duplicates In
Close As Duplicate
Edit Related Objects...
Edit Commits
Edit Mocks
Mute Notifications
Protect as security issue
Assigned To
MolecularPilot
Authored By
Jules78120
Sep 3 2021, 11:46 AM
2021-09-03 11:46:30 (UTC+0)
Tags
AbuseFilter
(Filtering features)
Community-Wishlist-Survey-2023
(Backlog)
User-notice
(Already announced/Archive)
Patch-For-Review
Community-Wishlist
(In Progress)
Essential-Work
Product Safety and Integrity (Sprint Crocus (Mar 2 - Mar 20))
(Done)
Referenced Files
F71583515: Screenshot 2026-01-21 at 13.16.53.png
Jan 21 2026, 12:26 PM
2026-01-21 12:26:13 (UTC+0)
Subscribers
0xDeadbeef
A_smart_kitten
Aklapper
AntiCompositeNumber
ARamadan-WMF
Barkeep49
DannyS712
View All 32 Subscribers
Description
Summary
Add support for suppressing AbuseFilters, allowing certain filters with sensitive information (e.g., PII) to be marked as suppressed. This restricts visibility of filter details, logs, and history to users with oversight rights.
Background
Introduces a new "suppressed" flag for AbuseFilters to protect sensitive information.
Unlike "protected" filters, suppression can occur without needing certain variables, offering a more flexible way to protect data.
Suppression restricts access to filter details, logs, and history, making them visible only to oversighters.
This enhancement includes updates to both the UI and API to support the management of suppressed filters.
Logs for suppressed filters are auto-suppressed by default.
Suppression operates independently from filter hiding; a suppressed filter can require both oversight and EFH/M rights if hidden.
User story
As an oversighter, (if I was one) I would want the ability to mark sensitive AbuseFilters as "suppressed" so that their details, logs, and history are only visible to users with oversight rights, helping ensure better privacy protection for sensitive data. For example, if an LTA is posting someone's address or phone number everywhere and I want to create a filter that hits on that address or phone number.
Technical notes
Add a "suppressed" checkbox in the filter edit form, only accessible to users with oversight rights. The checkbox is grayed out for other users.
Modify the system to restrict visibility of suppressed filter details, logs, and history to users with oversight rights.
Add UI and API support for managing suppressed filters, ensuring oversight users can handle them.
Create unit and integration tests to validate the behavior of suppressed filters and ensure proper functionality.
Suppression works independently from filter hiding, so it can be used in conjunction with existing privacy features.
Acceptance criteria
"Suppressed" flag available in the filter edit form, usable only by oversighters.
Filter details, logs, and history of suppressed filters are visible only to users with oversight rights.
Support for showing and managing suppressed filters added to the UI and API.
Unit and integration tests for suppressed filters implemented.
Approval from L3SC
Approval from Trust & Safety Product
Documentation on mediawiki.org updated to reflect new suppression functionality.
QA (pending deployment)
Deployment
January 6 - Group 0 wikis (incl. testwiki)
January 7 - Group 1 wikis
January 8 - Group 2 wikis (incl. enwiki)
Related links
m:Community Wishlist Survey 2022/Larger suggestions/Create CheckUser-level and Oversight-level abuse filters
m:Community Wishlist Survey 2023/Anti-harassment/Allow abuse filters to be hidden to only oversighters
m:Community Wishlist/Wishes/Allow abuse filters to be hidden to only oversighters
m:Community Wishlist/Focus areas/AbuseFilter
Details
Related Changes in Gerrit:
Subject
Repo
Branch
Lines +/-
AbuseFilterPermissionManager: Make blocks deny suppressor rights
mediawiki/extensions/AbuseFilter
master
+78
-26
AbuseFilter: Add support for suppressing filters
mediawiki/extensions/AbuseFilter
master
+562
-33
[WIP] AbuseFilterPermissionManager: Add oversight-only abuse filters
mediawiki/extensions/AbuseFilter
master
+145
-15
Customize query in gerrit
Related Objects
Search...
Task Graph
Mentions
Status
Subtype
Assigned
Task
In Progress
MolecularPilot
T290324
Create Oversight-level abuse filters
Open
None
T414396
Suppressed filters should hide abuse logs of other filters' hits for the same edit
Mentioned In
T414990: Disallow unsuppression of abuse filters (and their log entries & filter notes)
T414016: PHP Deprecated: Creation of dynamic property MediaWiki\Extension\AbuseFilter\Filter\Flags::$suppressed is deprecated
T414011: Users with viewsuppressed permissions are able to edit suppressed abuse filters and remove the suppressed flag in the process
T413188: PatchDemoBot wiki deletion comments sometimes contain a malformed/nonexistent link
T363906: [Epic] Ensure filters that use PII-sensitive variables are protected
T307828: Separate Special:CreateLocalAccount from autocreateaccount in abuse filters
T360765: Abuse Filter, Special:CreateLocalAccount and type of created accounts
T241440: Allow private blocking of harassment via regexes and URLs on-wiki
T234155: Create CheckUser-level abuse filters
Mentioned Here
T414990: Disallow unsuppression of abuse filters (and their log entries & filter notes)
T414011: Users with viewsuppressed permissions are able to edit suppressed abuse filters and remove the suppressed flag in the process
T354599: [EPIC] WE4.2.14b Provide IP reputation variables in AbuseFilter
T234155: Create CheckUser-level abuse filters
Event Timeline
There are a very large number of changes, so older changes are hidden.
Show Older Changes
Niharika
added a comment.
May 22 2025, 10:01 AM
2025-05-22 10:01:13 (UTC+0)
Comment Actions
@MolecularPilot
Thank you for your work on this and sorry about the delay on our end. I've reviewed the task requirements and it looks good to me. My only question is whether this has gone through any community approvals process? Looking at the number of subscribers on this task it seems like this is a popular idea. If there is a community discussion about it that you can link to, that would be helpful.
I tried to pull the patch into a patch demo to review the feature but that failed presumably because the patch needs rebasing. Happy to look that over once the patch is updated.
@kostajh
We can proceed with the engineering review.
Jules78120
added a comment.
Edited
May 22 2025, 10:09 AM
2025-05-22 10:09:53 (UTC+0)
Comment Actions
Hi
@Niharika
. As a former fr-wp OS, and current AF: I don't think there are public community discussion on fr-wp, but we wanted to get such Oversight-level abuse filters because we have on fr-wp a (private) anti-harassment abuse filter (
148
) using real names of editors, especially functionnaries. Which is not optimal for privacy.
Barkeep49
added a comment.
May 22 2025, 2:47 PM
2025-05-22 14:47:18 (UTC+0)
Comment Actions
I can tell you this has gone through the en OS mailing list as a very popular idea. Crucially this also came out of the Wishlist process which, as I understand it, is supposed to be its own form of community discussion.
kostajh
changed the task status from
Stalled
to
Open
May 22 2025, 3:38 PM
2025-05-22 15:38:38 (UTC+0)
kostajh
moved this task from
Priority Backlog
to
Needs Review
on the
Trust and Safety Product Sprint (Sprint Carrot Cake (May 26 - June 13))
board.
A_smart_kitten
added a project:
User-notice
May 22 2025, 4:19 PM
2025-05-22 16:19:05 (UTC+0)
Comment Actions
User-notice
: IMO this feature is worth a Tech/News announcement if/when it's implemented; feel free to remove the tag if you disagree :)
A_smart_kitten
moved this task from
To Triage
to
Not ready to announce
on the
User-notice
board.
May 22 2025, 4:19 PM
2025-05-22 16:19:17 (UTC+0)
Quiddity
subscribed.
May 23 2025, 12:27 AM
2025-05-23 00:27:57 (UTC+0)
Comment Actions
For Tech News (once this is ready to announce): Drafts/suggested wording would be welcome! (I always appreciate help understanding what exactly needs to be communicated).
Any estimates of the timing of the entry are also always welcome (for when I/other editors are skimming the workboard for recently-active tasks, each week). Cheers.
PatchDemoBot
added a comment.
May 25 2025, 5:34 AM
2025-05-25 05:34:23 (UTC+0)
Comment Actions
Test wiki
created
on
Patch demo
by MolecularPilot using patch(es) linked to this task:
MolecularPilot
added a comment.
May 25 2025, 5:48 AM
2025-05-25 05:48:45 (UTC+0)
Comment Actions
Change rebased ontop of protected variable changes (latest
master
) and ready for code review!
All tests are passing and you can see the patch demo of it working through the above link (login info specified on the main page).
For Tech News, I was thinking something like:
Edit filters can now be suppressed to automatically restrict details and logs to oversighters only.
but the question does arise do we use enwiki/Wikimedia specific terms ("edit filter", "oversighter") or general MediaWiki terms ("abuse filter, "suppressor")?
Izno
added a comment.
Edited
May 25 2025, 6:43 AM
2025-05-25 06:43:23 (UTC+0)
Comment Actions
The global terms should be preferred for i18n purposes. That said, I'd rewrite the note as "Edit filters can now be set to suppress attempted edits and actions [automatically]." which avoids part of the issue. (And I think edit filter is the wider known terminology these days too, but I could be wrong.) Link suppress to the relevant MW wiki documentation page or Wikidata item, and add a separate "see filters documentation about this feature" sentence after, wherever that lives.
Novem_Linguae
added a comment.
May 25 2025, 2:24 PM
2025-05-25 14:24:16 (UTC+0)
Comment Actions
How about "Certain edit filters can now be set to suppress their list of attempted edits and actions. The idea is to restrict information in edit filters related to doxing."
Nemoralis
subscribed.
May 27 2025, 3:48 PM
2025-05-27 15:48:26 (UTC+0)
Quiddity
updated the task description.
(Show Details)
May 28 2025, 6:51 PM
2025-05-28 18:51:35 (UTC+0)
Quiddity
updated the task description.
(Show Details)
Quiddity
added a comment.
May 28 2025, 7:17 PM
2025-05-28 19:17:01 (UTC+0)
Comment Actions
I've added four related wishlist links to the task's Description. I believe that, plus
@Niharika
's comment above, satisfies the Acceptance criteria for "
Approval from Trust & Safety Product
", but I'll leave checking-that-checkbox to someone else.
Re: terminology: I see the 4 wishlist pages all use "abuse filter". But I'm aware that that name isn't ideal for a few reasons (incl. inaccurate for some filters, and not universally used by editors). In the Tech News entry, I suggest using "edit filters", but I will also add a note in the "translation guidance" (qqq) telling the translators to use either term, as appropriate for their linguistic community.
Re: Acceptance criteria of "
Documentation on mediawiki.org updated to reflect new suppression functionality.
" -- Is this part done, or planned to be done by someone? It would be ideal to have the updated content both ready for translation, and linked-to within the Tech News entry.
Re: draft of an entry: I'd suggest (but further edits/suggestions are very welcome!):
Edit filters [[LINK TO NEW DOCS| can now be set]] to suppress their list of attempted edits and actions. This will help oversighters if they are using any edit filters to prevent doxxing.
Niharika
added a comment.
Jun 3 2025, 10:36 AM
2025-06-03 10:36:00 (UTC+0)
Comment Actions
@Jules78120
@Barkeep49
Noted, thank you. In that case this is all good on my end. The other remaining thing is for our team to do a code review. It's in our current sprint and should be looked at by someone hopefully soon.
@Quiddity
let's leave the Approval for TSP checkbox open for whoever does the code review. They can sign off on it.
MolecularPilot
added a comment.
Jun 7 2025, 1:04 PM
2025-06-07 13:04:36 (UTC+0)
Comment Actions
There was a minor merge conflict in the patch caused by a change merged to main in the last few days, I’ve reconciled this, so it’s ready for code review now, but absolutely no rush for that! :)
MolecularPilot
changed the task status from
Open
to
In Progress
Jun 16 2025, 4:54 AM
2025-06-16 04:54:12 (UTC+0)
MolecularPilot
edited projects, added
Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4))
; removed
Trust and Safety Product Sprint (Sprint Carrot Cake (May 26 - June 13))
MolecularPilot
moved this task from
Priority Backlog
to
Needs Review
on the
Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4))
board.
kostajh
moved this task from
Needs Review
to
Priority Backlog
on the
Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4))
board.
Jul 2 2025, 1:44 PM
2025-07-02 13:44:10 (UTC+0)
kostajh
edited projects, added
Trust and Safety Product Sprint (Sprint Cannoli (July 7 - July 25))
; removed
Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4))
Jul 7 2025, 9:47 AM
2025-07-07 09:47:18 (UTC+0)
Dreamy_Jazz
removed a project:
Trust and Safety Product Sprint (Sprint Cannoli (July 7 - July 25))
Edited
Jul 17 2025, 1:30 PM
2025-07-17 13:30:46 (UTC+0)
Dreamy_Jazz
subscribed.
Comment Actions
Removing our sprint tag as we provided code review but are now waiting for the patch to be updated for the new merge conflicts and the comments I left a few weeks ago.
We would want to take another look at this for code review once the patch has been updated.
Pppery
edited projects, added
Patch-Needs-Improvement
; removed
Patch-For-Review
Jul 24 2025, 2:42 PM
2025-07-24 14:42:29 (UTC+0)
MolecularPilot
added a comment.
Jul 27 2025, 8:51 PM
2025-07-27 20:51:00 (UTC+0)
Comment Actions
Hi! Thank you very much for the patch review,. I’ve addressed all concerns, but due to a problem with WiFi (I am writing this on my phone) I’m currently unable to submit the new patch. I should be able to by next weekend when it is repaired. Thanks again! :)
Dreamy_Jazz
added a comment.
Edited
Jul 28 2025, 11:09 AM
2025-07-28 11:09:32 (UTC+0)
Comment Actions
In
T290324#11037917
@MolecularPilot
wrote:
Hi! Thank you very much for the patch review,. I’ve addressed all concerns, but due to a problem with WiFi (I am writing this on my phone) I’m currently unable to submit the new patch. I should be able to by next weekend when it is repaired. Thanks again! :)
Thanks for the update! Hope you can get the WiFi sorted soon and there are no other unexpected problems. If you could ping me when that's done, I can take another look at the patch.
Nemoralis
unsubscribed.
Jul 28 2025, 11:48 AM
2025-07-28 11:48:47 (UTC+0)
OKryva-WMF
edited projects, added
Product Safety and Integrity
; removed
Trust and Safety Product Team
Oct 24 2025, 3:21 PM
2025-10-24 15:21:10 (UTC+0)
OKryva-WMF
moved this task from
Inbox
to
Triaged (backlog)
on the
Product Safety and Integrity
board.
Oct 24 2025, 3:23 PM
2025-10-24 15:23:16 (UTC+0)
MolecularPilot
added a comment.
Nov 5 2025, 12:58 PM
2025-11-05 12:58:29 (UTC+0)
Comment Actions
My apologies, this slipped my mind once my WiFi was restored. I’ll resolve the merge conflicts and reviewer comments within a few days and submit an updated patch. :)
MolecularPilot
added a comment.
Nov 9 2025, 2:33 AM
2025-11-09 02:33:42 (UTC+0)
Comment Actions
@Dreamy_Jazz
I've addressed the merge conflicts and all of your feedback in the latest patchset - Patchset 12 - and it's ready for your review when ready. Thank you again for your detailed feedback!
MolecularPilot
edited projects, added
Patch-For-Review
; removed
Patch-Needs-Improvement
Nov 9 2025, 2:43 AM
2025-11-09 02:43:08 (UTC+0)
STei-WMF
subscribed.
Nov 11 2025, 8:25 PM
2025-11-11 20:25:19 (UTC+0)
Comment Actions
Is this ready for Tech News?
MolecularPilot
added a comment.
Nov 11 2025, 8:34 PM
2025-11-11 20:34:32 (UTC+0)
Comment Actions
It needs to be reviewed and merged first.
Aklapper
added a comment.
Nov 11 2025, 10:57 PM
2025-11-11 22:57:26 (UTC+0)
Comment Actions
@STei-WMF
Please look at the "Details" box to see patch statuses, and at the project tags which may include
Patch-For-Review
OKryva-WMF
edited projects, added
Product Safety and Integrity (Crepes au Chocolat (Sprint Nov 10 - Nov 28))
; removed
Product Safety and Integrity
Nov 12 2025, 11:58 AM
2025-11-12 11:58:03 (UTC+0)
OKryva-WMF
moved this task from
Backlog
to
Needs review
on the
Product Safety and Integrity (Crepes au Chocolat (Sprint Nov 10 - Nov 28))
board.
OKryva-WMF
edited projects, added
Product Safety and Integrity (Sprint Mince Pie Dec 1 - Dec 12)
; removed
Product Safety and Integrity (Crepes au Chocolat (Sprint Nov 10 - Nov 28))
Dec 1 2025, 9:15 AM
2025-12-01 09:15:17 (UTC+0)
OKryva-WMF
moved this task from
Backlog
to
Needs review
on the
Product Safety and Integrity (Sprint Mince Pie Dec 1 - Dec 12)
board.
Dec 1 2025, 9:15 AM
2025-12-01 09:15:27 (UTC+0)
Dreamy_Jazz
updated the task description.
(Show Details)
Dec 17 2025, 11:37 PM
2025-12-17 23:37:01 (UTC+0)
PatchDemoBot
added a comment.
Dec 18 2025, 1:21 PM
2025-12-18 13:21:12 (UTC+0)
Comment Actions
Test wiki
created
on
Patch demo
by MolecularPilot using patch(es) linked to this task:
Dreamy_Jazz
moved this task from
Not ready to announce
to
Announce in next Tech/News
on the
User-notice
board.
Dec 18 2025, 1:49 PM
2025-12-18 13:49:22 (UTC+0)
Comment Actions
This patch will not be going out until the week of the 5th of January (as there are no trains over the Christmas holiday period), but otherwise should be ready for a tech news entry
Dreamy_Jazz
moved this task from
Needs review
to
Needs QA
on the
Product Safety and Integrity (Sprint Mince Pie Dec 1 - Dec 12)
board.
Dec 18 2025, 2:09 PM
2025-12-18 14:09:01 (UTC+0)
gerritbot
added a comment.
Dec 18 2025, 2:14 PM
2025-12-18 14:14:06 (UTC+0)
Comment Actions
Change #1115319
merged
by jenkins-bot:
[mediawiki/extensions/AbuseFilter@master] AbuseFilter: Add support for suppressing filters
STei-WMF
added a comment.
Dec 18 2025, 8:24 PM
2025-12-18 20:24:36 (UTC+0)
Comment Actions
Is this entry still accurate for Tech News?:
Edit filters [[LINK TO NEW DOCS| can now be set]] to suppress their list of attempted edits and actions. This will help oversighters if they are using any edit filters to prevent doxxing.
MolecularPilot
added a comment.
Edited
Dec 18 2025, 10:48 PM
2025-12-18 22:48:57 (UTC+0)
Comment Actions
I think that's great, maybe just also add that this hides the filter details (incl. rules as well) and that the log suppression is done automatically, like:
Edit filters [[LINK TO NEW DOCS|can now be set]] to automatically suppress their details such as rules and list of attempted edits and actions. This will help oversighters use edit filters to prevent doxxing or other suppressible material.
PatchDemoBot
added a comment.
Dec 19 2025, 12:32 AM
2025-12-19 00:32:03 (UTC+0)
Comment Actions
Test wiki on
Patch demo
by MolecularPilot using patch(es) linked to this task was
deleted
PatchDemoBot
added a comment.
Dec 19 2025, 12:32 AM
2025-12-19 00:32:16 (UTC+0)
Comment Actions
Test wiki on [[ | Patch demo ]] by MolecularPilot using patch(es) linked to this task was
deleted
MolecularPilot
added a comment.
Dec 19 2025, 8:04 AM
2025-12-19 08:04:54 (UTC+0)
Comment Actions
I've made new docs now at
that can be linked in the tech news entry.
A_smart_kitten
mentioned this in
T413188: PatchDemoBot wiki deletion comments sometimes contain a malformed/nonexistent link
Dec 19 2025, 9:36 AM
2025-12-19 09:36:26 (UTC+0)
STei-WMF
added a comment.
Dec 19 2025, 3:25 PM
2025-12-19 15:25:32 (UTC+0)
Comment Actions
In
T290324#11475472
@MolecularPilot
wrote:
I've made new docs now at
that can be linked in the tech news entry.
Edit filters [[mw:Extension:AbuseFilter/Access flags|can now be set]] to automatically suppress their details such as rules and list of attempted edits and actions. This will help oversighters use edit filters to prevent doxxing or other suppressible material.[
Done!
STei-WMF
moved this task from
Announce in next Tech/News
to
In current Tech/News draft
on the
User-notice
board.
Dec 19 2025, 3:26 PM
2025-12-19 15:26:30 (UTC+0)
Dreamy_Jazz
added a comment.
Dec 19 2025, 3:32 PM
2025-12-19 15:32:48 (UTC+0)
Comment Actions
@STei-WMF
, this change will not be deployed until January but it is being included in next week's Tech News from what I can see.
If we are using it in this coming week's Tech News, can we clarify that this will be available in January?
STei-WMF
added a comment.
Dec 19 2025, 5:36 PM
2025-12-19 17:36:23 (UTC+0)
Comment Actions
In
T290324#11477087
@Dreamy_Jazz
wrote:
@STei-WMF
, this change will not be deployed until January but it is being included in next week's Tech News from what I can see.
If we are using it in this coming week's Tech News, can we clarify that this will be available in January?
I will add that it will be available in January.
MolecularPilot
updated the task description.
(Show Details)
Dec 22 2025, 2:31 AM
2025-12-22 02:31:50 (UTC+0)
MolecularPilot
updated the task description.
(Show Details)
gerritbot
added a comment.
Dec 22 2025, 4:23 AM
2025-12-22 04:23:47 (UTC+0)
Comment Actions
Change #1220039 had a related patch set uploaded (by MolecularPilot; author: MolecularPilot):
[mediawiki/extensions/AbuseFilter@master] AbuseFilterPermissionManager: Check for blocks when assessing suppresion rights
Novem_Linguae
updated the task description.
(Show Details)
Dec 22 2025, 9:23 AM
2025-12-22 09:23:18 (UTC+0)
Titore
subscribed.
Dec 22 2025, 12:27 PM
2025-12-22 12:27:07 (UTC+0)
Johannnes89
mentioned this in
T414011: Users with viewsuppressed permissions are able to edit suppressed abuse filters and remove the suppressed flag in the process
Jan 7 2026, 6:33 PM
2026-01-07 18:33:28 (UTC+0)
Reedy
mentioned this in
T414016: PHP Deprecated: Creation of dynamic property MediaWiki\Extension\AbuseFilter\Filter\Flags::$suppressed is deprecated
Jan 7 2026, 8:02 PM
2026-01-07 20:02:22 (UTC+0)
gerritbot
added a comment.
Jan 7 2026, 11:48 PM
2026-01-07 23:48:06 (UTC+0)
Comment Actions
Change #1220039
merged
by jenkins-bot:
[mediawiki/extensions/AbuseFilter@master] AbuseFilterPermissionManager: Make blocks deny suppressor rights
OKryva-WMF
edited projects, added
Product Safety and Integrity (Sprint Daffodil (Jan 19 - Feb 6))
; removed
Product Safety and Integrity (Sprint Mince Pie Dec 1 - Dec 12)
Jan 9 2026, 10:35 AM
2026-01-09 10:35:01 (UTC+0)
OKryva-WMF
moved this task from
Backlog
to
Needs QA
on the
Product Safety and Integrity (Sprint Daffodil (Jan 19 - Feb 6))
board.
Jan 9 2026, 10:35 AM
2026-01-09 10:35:40 (UTC+0)
STei-WMF
moved this task from
In current Tech/News draft
to
Already announced/Archive
on the
User-notice
board.
Jan 9 2026, 4:35 PM
2026-01-09 16:35:00 (UTC+0)
Wargo
subscribed.
Jan 13 2026, 1:07 AM
2026-01-13 01:07:02 (UTC+0)
Comment Actions
Note the Unsuppress will unhide all the logs. Should be warning somewhere or the logs until unflag should stay hidden?
Wargo
added a subtask:
T414396: Suppressed filters should hide abuse logs of other filters' hits for the same edit
Jan 13 2026, 1:16 AM
2026-01-13 01:16:36 (UTC+0)
Johannnes89
added a comment.
Jan 13 2026, 6:06 AM
2026-01-13 06:06:26 (UTC+0)
Comment Actions
In
T290324#11514874
@Wargo
wrote:
Note the Unsuppress will unhide all the logs. Should be warning somewhere or the logs until unflag should stay hidden?
That’s already discussed in
T414011
along with other issues. Ideally the option to unsuppress filters should be removed, just like it’s not possible to unprotected filters with protected variables.
Johannnes89
mentioned this in
T414990: Disallow unsuppression of abuse filters (and their log entries & filter notes)
Jan 19 2026, 5:38 PM
2026-01-19 17:38:57 (UTC+0)
DerHexer
subscribed.
Jan 20 2026, 12:51 PM
2026-01-20 12:51:58 (UTC+0)
MGChecker
subscribed.
Jan 20 2026, 10:35 PM
2026-01-20 22:35:52 (UTC+0)
Comment Actions
Who is able to see the information that a certain filter is suppressed? I would suspect
abusefilter-view
to suffice, but maybe it is regulated differently?
Johannnes89
added a comment.
Jan 21 2026, 12:26 PM
2026-01-21 12:26:13 (UTC+0)
Comment Actions
In
T290324#11539679
@MGChecker
wrote:
Who is able to see the information that a certain filter is suppressed? I would suspect
abusefilter-view
to suffice, but maybe it is regulated differently?
That's indeed based on
abusefilter-view
(usually given to all users, even unregistered ones – or restricted to autoconfirmed users
in some projects
).
Example from
(I've now unsuppressed filter 300 again):
Clicking on the filter link without the permissions to view suppressed filters shows the
abusefilter-edit-denied-suppressed
message which is similar to the denied-messages for private and protected filters.
OKryva-WMF
edited projects, added
Product Safety and Integrity (Sprint Flower (Feb 9 - Feb 27))
; removed
Product Safety and Integrity (Sprint Daffodil (Jan 19 - Feb 6))
Feb 10 2026, 8:39 AM
2026-02-10 08:39:38 (UTC+0)
OKryva-WMF
moved this task from
Backlog
to
Needs QA
on the
Product Safety and Integrity (Sprint Flower (Feb 9 - Feb 27))
board.
Feb 10 2026, 8:58 AM
2026-02-10 08:58:00 (UTC+0)
kostajh
added a comment.
Feb 11 2026, 6:07 PM
2026-02-11 18:07:30 (UTC+0)
Comment Actions
In
T290324#11515167
@Johannnes89
wrote:
In
T290324#11514874
@Wargo
wrote:
Note the Unsuppress will unhide all the logs. Should be warning somewhere or the logs until unflag should stay hidden?
That’s already discussed in
T414011
along with other issues. Ideally the option to unsuppress filters should be removed, just like it’s not possible to unprotected filters with protected variables.
@MolecularPilot
what do you think about this proposal?
Quiddity
unsubscribed.
Feb 11 2026, 7:42 PM
2026-02-11 19:42:54 (UTC+0)
MolecularPilot
added a comment.
Feb 12 2026, 5:21 AM
2026-02-12 05:21:08 (UTC+0)
Comment Actions
I agree with what Pppery mentioned in
T414990
, I don't think making a filter completely unable to be unsuppressed is ideal, and feel it's inconsistent with the wiki model. I think a better solution is to set the, already existing, "manually suppressed" (I don't recall the exact column name) bit for any log generated while a filter is suppressed, so unsuppressed the filter doesn't automatically reveal this. I think it's different to protected filter logs, as they inherently contain PII in the variables like IP addresses, but each log hit for a suppressed filter doesn't necessarily contain this. Though, if we do need to go with irreversible suppression for legal/compliance/etc. reasons, a warning before suppressing would definitely be ideal.
mikez-WMF
added a project:
Community-Wishlist
Feb 13 2026, 12:56 PM
2026-02-13 12:56:39 (UTC+0)
mikez-WMF
moved this task from
Backlog
to
In Progress
on the
Community-Wishlist
board.
Feb 13 2026, 2:34 PM
2026-02-13 14:34:10 (UTC+0)
OKryva-WMF
added a project:
Essential-Work
Feb 27 2026, 2:26 PM
2026-02-27 14:26:56 (UTC+0)
OKryva-WMF
edited projects, added
Product Safety and Integrity (Sprint Crocus (Mar 2 - Mar 20))
; removed
Product Safety and Integrity (Sprint Flower (Feb 9 - Feb 27))
Mar 2 2026, 4:21 PM
2026-03-02 16:21:47 (UTC+0)
OKryva-WMF
moved this task from
Backlog
to
Needs QA
on the
Product Safety and Integrity (Sprint Crocus (Mar 2 - Mar 20))
board.
Mar 2 2026, 4:22 PM
2026-03-02 16:22:52 (UTC+0)
dom_walden
moved this task from
Needs QA
to
Done
on the
Product Safety and Integrity (Sprint Crocus (Mar 2 - Mar 20))
board.
Mar 16 2026, 1:21 PM
2026-03-16 13:21:37 (UTC+0)
dom_walden
subscribed.
Comment Actions
I have checked that users without the
viewsuppressed
right or who are blocked cannot see various things related to suppressed filters, including the filter itself, any logs associated with the filter (including via the API), the change history of the filter, nor use
action=abusefiltercheckmatch
on logs of suppressed filters.
I did most of my testing on my local environment, but also briefly on enwiki beta.
Log In to Comment
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct.
Wikimedia Foundation
Code of Conduct
Disclaimer
CC-BY-SA
GPL
Credits