Wikipedia talk:Categories for deletion/cleanup
In regards to NekoDaemon, I have spotted two abuses by two anonymous editors. As such, I would like to impose some level of security, but I haven't thought of how specifically. The only thought that crossed my mind in regards to securing the bot's automated process is to restrict it to sysops and bureaucrats. --AllyUnion (talk) 09:14, 26 December 2005 (UTC)
With the implementation of the 'security' features, this might be ok. I would have the usual concerns about restricting activities to admins but this wouldn't actually prevent a non-admin from doing a recat/removal by hand as at present. Incidentally, if someone can teach me how (I'm computer and scripting but nor pearl literate) I can run a bot, too. -Splashtalk 17:34, 1 January 2006 (UTC)
I wouldn't oppose at all so long as the owners of the bots mentioned agree, specifically AllyUnion (NekoDaemon). K1Bond007 18:17, 1 January 2006 (UTC)
I don't have much time to do bot development right now, but Pearle's code is open. My previous comments are below. -- Beland 17:38, 22 July 2006 (UTC)
- Hmm. Actually, Pearle is already running on a daily cron job from my laptop, to refile things from Category:Wikipedia cleanup and update Template:Opentask. But these are commands I've specified manually. There are some security implications when people are able to give arbitrary text as commands for Pearle, especially given that her source code is published. I would probably be comfortable doing that after reviewing the code for security loopholes accessible via the command pathway. Though it might be a good idea to run Pearle as a separate user account (on the local Unix box) in case she is compromised. I suppose with a protected page, you'd be able to trust most people able to give input...but. Running such a bot under its own Wikipedia account (separate from Pearle) is also probably a good idea, since it will likely generate complaints about the categories being deleted and renamed from people unaware of the WP:CFD process, and the admins who do cleanup on WP:CFD should probably be the ones to deal with that.
- Having people put a "kill me" template on a category they want to de-populate seems considerably more secure; you just need to recognize that it exists, rather than processing it as a command. Perhaps also slightly more reliable - there's little possibility of some kind of parse error causing havok. The concern about vandal abuse is legitimate - or people accidentally confusing {{cfd}} with the "kill me" tag. But I don't see how it's really much different than the potential for abuse with redirects. It's also not that hard to undo any damage that a vandal does, given that we already have bots to recategorize articles en masse, and the changes would be automatically logged under the user contributions of the bot. One thing that Pearle does do is check to see if a category to be moved was properly tagged {{cfr}}, {{cfd}}, etc. She also now has history-parsing code, which we could recycle to see if the tag was added at least seven days ago, giving a warning message if it was not. That right there would probably stop most vandals. We should probably also be checking Category:Categories for deletion for categories that are not on WP:CFD anyway; that would close the next loophole. The only thing left would be categories that have been tagged, discussed, and closed as "keep" being tagged by someone who didn't agree with the decision. But that could easily happen now by someone editing the "delete me" section of WP:CFD in bad faith, so, feh. ... -- Beland 06:53, 24 December 2005 (UTC)