Tool:WikiScriptSync
 wikiscriptsync
| |
|---|---|
| Author(s) | Dev Jadiya |
| Maintainer(s) | (View all) |
| License | MIT |
Status: Active | Version: 1.1 (May 2026) | Maintainer: Dev Jadiya | Source: GitLab | User documentation: meta:WikiScriptSync
WikiScriptSync monitors public GitHub and GitLab repositories for changes to .js and .css gadget files, monitors Wikimedia wiki pages for revision changes, and allows bot-based publishing from a repository directly to a wiki page. Full user documentation is at meta:WikiScriptSync.
Stack
| Layer | Technology |
|---|---|
| Language | Python 3.13 |
| Framework | Django 5.2.1 |
| Database | MariaDB 10.6 (ToolsDB) |
| Authentication | Wikimedia OAuth 2.0 and BotPassword session login |
| Hosting | Toolforge Kubernetes webservice |
| Scheduler | Toolforge periodic jobs |
| Static files | WhiteNoise |
| Frontend | Wikimedia Codex |
| HTTP client | Python requests (MediaWiki Action API) |
| Credential encryption | Fernet / AES-256 (Python cryptography library) |
| CI/CD | GitLab CI |
Service account
Tool account: tool-script-publisher
Toolsadmin: https://toolsadmin.wikimedia.org/tools/id/script-publisher
Scheduled jobs
Three jobs run on Toolforge:
- check-updates runs hourly and detects file changes across monitored repositories.
- check-wiki-updates runs every 30 minutes and checks monitored wiki pages for new revisions.
- cleanup-logs runs nightly and removes expired log rows.
Database schema
| Table | Purpose |
|---|---|
sync_trackedrepository |
Repositories registered by users |
sync_watchedfile |
Individual files under monitoring |
sync_filemapping |
Source file to wiki page mappings, including the publish_enabled flag |
sync_filechecklog |
Per-file check history |
sync_apiquotalog |
GitHub API call tracking |
wiki_monitor_pagemonitor |
Wiki pages under revision monitoring |
wiki_monitor_wikipage_checklog |
Wiki page check history |
publish_botcredential |
AES-256 encrypted BotPassword credentials, one per user per wiki |
publish_task |
Per-user publish mutex (PENDING, RUNNING, DONE, FAILED) |
publish_log |
Permanent publish audit log |
notifications_notificationlog |
Talk-page notification history |
notifications_userpreference |
Per-user notification preferences |
accounts_toolvisit |
Aggregated usage metrics |
Security model
Monitoring
OAuth is used for identity verification only. No edit permissions are requested. File content is never stored; only Git blob SHAs and wiki revision IDs are compared. The notification bot account (WikiScriptSyncBot) has talk-page posting rights only and no JavaScript or CSS editing rights.
Publishing
Each user creates their own BotPassword on Special:BotPasswords with the minimum permissions they need. The tool stores bot passwords encrypted with Fernet (AES-256) in the database. The encryption key is kept only in the Toolforge environment and is never in the source code or the database.
When a publish runs, the password is decrypted in memory for that one operation and overwritten immediately after. It is never logged and never returned in any HTTP response. Each publish uses a fresh requests.Session with no shared state between users. A database mutex (the publish_task table) ensures one publish runs at a time per user. Tasks stuck in RUNNING state for more than five minutes are expired automatically on the next attempt.
Every publish attempt is recorded in publish_log regardless of whether it succeeded.
Privacy
WikiScriptSync stores: Wikimedia usernames, repository URLs, file paths, destination wiki and page names, notification history, and publish audit records. File content is never stored. OAuth tokens are session-only. BotPasswords are stored encrypted and the plaintext is never persisted anywhere.
All data is in the Wikimedia ToolsDB database under the schema s57111__script_publisher.
Management commands
| Command | Purpose |
|---|---|
check_updates |
Run repository file change detection manually |
check_wiki_updates |
Run wiki page revision check manually |
check_health |
Verify database and external API connectivity |
cleanup_logs |
Remove expired log rows (supports --dry-run) |
clean_orphan_data |
Find and remove orphaned database rows |
Local development
git clone https://gitlab.wikimedia.org/toolforge-repos/script-publisher.git
cd script-publisher
python3 -m venv venv && source venv/bin/activate
pip install -r requirements.txt
cp .env.example .env
python3 manage.py migrate --settings=wikiscriptsync.settings.local
python3 manage.py runserver --settings=wikiscriptsync.settings.local
The .env.example file lists all required environment variables. The one addition for the publishing module is CREDENTIAL_ENCRYPTION_KEY, which must be a valid Fernet key. Generate one with:
python3 -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
Contact
Maintainer: Dev Jadiya
Questions and bug reports: User talk:Dev Jadiya or the GitLab issue tracker
User documentation: meta:WikiScriptSync