Jump to content

විකිපීඩියා:අධි-අවදානම් සැකිලි

විකිපීඩියා වෙතින්
(විකිපීඩියා:HIGHRISK වෙතින් යළි-යොමු කරන ලදි)

Following the protection policy, page protection may be indefinitely applied to all templates, template redirects, and Lua modules that have been identified by the community as being of high risk to Wikipedia. If fully protected, so that they can only be edited by administrators, or template-protected, so that they can only be edited by administrators and template editors, these pages should be edited cautiously, and consensus should be established for any changes that might be controversial. If semi-protected or extended-confirmed protected, templates and modules may be edited by any established user, but users should ensure there is consensus for their edits and avoid edit wars.

Common reasons

[සංස්කරණය]

The most common reasons a template or module is considered high-risk are:

  • It is used in a permanently highly visible location, and it is not cascade protected.
  • It is transcluded into a very large number of pages.
  • It is substituted extremely frequently by multiple users on an ongoing basis (for example, templates used to warn users about inappropriate editing).

There are generally no fixed criteria, and no fixed number of transclusions, that are used to decide whether a template or module is high-risk; each page is considered separately. If a template or module relates to a biography of a living person, that would strengthen any arguments in favor of its preemptive protection.

Note that a bot automatically

  • template-protects pages with over 5,000 transclusions,
  • extended-confirmed protects pages with over 2,500 transclusions, and
  • semi-protects pages with over 250 transclusions.

A 2018 RfC identified rough consensus to permanently semiprotect templates with at least around 200–250 transclusions, and a 2021 RfC identified a rough consensus to permanently extended-confirmed protect templates with roughly 2500 to 5000 transclusions.

For templates and modules that are widely used, the damage caused by bad faith or incorrect edits is uniquely high. The fact that numerous readers would see an edit to these pages provides an incentive to vandalize them and also magnifies the damage done by such an act. There have also been cases where well-meaning editors introduced an error to a template that broke millions of pages.

Although template vandalism is usually reverted quickly (often within one minute), the technical aspects of templates create a greater potential for damage than other kinds of vandalism. For templates that are used across hundreds or thousands of articles, any vandalism, no matter how short, could be seen by many readers across the entire encyclopedia. To prevent denial of service attacks, pages are cached and template changes are slowly rolled out across the entire encyclopedia. In some cases, pages may have their caches updated before the vandalism is reverted, and these may stick around for a long time even after the vandalism is fixed. This problem scales with the number of transclusions as the time for changes to roll out increases as the number of pages needing updates increases. Some templates like user warnings are substituted instead of transcluded, and when used the source code of the template is inserted directly onto the page. Because these uses do not update when template vandalism is reverted, disruption on substituted templates will stick around until someone finds the use and fixes it manually making this kind of vandalism harder to clean up.

In all cases, page protection minimizes the risk posed by bad faith or technically deficient edits to templates (see principle of least privilege). In contrast to our usual policy prohibiting preemptive protection, administrators are given wide latitude to use page protection in order to minimize the unique risks posed by the technical aspects of templates. The technical knowledge required to carry out these attacks is non-trivial, and experience has shown that vandalism to templates is often performed by long-term abusive editors and sleeper accounts. For templates which carry high risk but require frequent maintenance from the general editorial community, lower protection levels such as semi-protection or extended-confirmed protection may be used. For templates that are stable, part of our critical technical infrastructure, or used across thousands of pages, administrators should consider full protection or template protection to enforce code review through edit requests which helps prevent accidental bugs and deliberate attacks.

Documentation and padlock

[සංස්කරණය]

Semi- and fully-protected templates should normally have the {{Documentation}} template. It loads the unprotected /doc page, so that non-admins and IP-users can edit the documentation and categories. It also automatically adds {{pp-template}} to protected templates, which displays a small padlock in the top right corner and categorizes the template as a protected template. Only manually add {{pp-template}} to protected templates that don't use {{Documentation}} (mostly the stub templates).

The bottom of protected templates should usually look like this:

<!--Last line of the template code--><noinclude>

{{Documentation}}
<!-- Categories go on the /doc subpage, and interwikis go on Wikidata. -->
</noinclude>

This process is not necessary for Lua modules, as the documentation from the module's /doc subpage is automatically shown on the main module page.

Relevant discussions

[සංස්කරණය]