Store a real revision for large grace period edits

I think a very awesome change would be to calculate “amount of diff” prior to deciding if an edit requires storage of a real revision or not.

If you changed 5 letters in a post, sure it can be a “grace period” edit with no revision stored. If you deleted 10 paragraphs it should never be considered a “grace period edit” and a revision should be stored.

I suggest:

grace_period_edits_max_chars_changed default to: 30

Any larger changes deserve to be tracked anyway and can be vectors for abuse, so this would be a great change on 2 levels.

  1. It protects end users from “mistake” nuking own post with a ninja edit (cause a revision will be stored)

  2. It protects the community from “bad actors” that abuse ninja edits and starts surfacing them.

Can not think of any downsides really.

5 Likes

I would wait to see how often this happens again… because I think there is significant risk in what you are describing. I don’t want to do a knee-jerk “bad thing happened once, therefore radical change” response on this.

As for abuse, that will be handled by TL0 not getting ANY grace period on edits.

1 Like

This is the exact vector a lot of TL0 spam entered the system, so there is tons of precedent there, though we protect otherwise.

Like I said

So that is a non issue at the moment. I am the type of poster who makes a LOT of grace period edits, so your proposed change to save yourself one mistake one time, would really screw me over.

Until spambots figure out how to get to TL1… it will happen I can guarentee that.

Not rushing to fix this, but I can not think of any downsides.

1 Like

As someone who makes extensive grace period edits on the regular, I can think of many ways your heuristic would screw me over.

I also make a lot of grace period edits and I wouldn’t want to be prevented from making them.

On the other hand, I could live with a type of “really want to make major changes?” educational/confirm modal.

Oh this is completely misreading my feature request here. And I think @codinghorror also misread it.

I don’t want to stop edits in these cases.

All I want is to create a proper revision in the post_revisions table for any large edits made.

7 Likes

Ohhhh aha my bad, I indeed misunderstood. Carry on then, apologies!

3 Likes

Sounds like a good idea though i do think the default limit of 30 might be a bit high. 30 characters could completely change the meaning or point of a post with no edit history. Why not something closer to 10-15? that would allow room for the occasional missed word or bad spelling without much room for post changing edits

2 Likes

You can change the meaning of a post with a three character change. This isn’t about highlighting “change of meaning”, it’s to prevent accidents and abuse.

2 Likes

Thats fair but i still feel like 30 characters is too much.

1 Like

This is why site settings exist.

8 Likes

This is now in place with:

https://github.com/discourse/discourse/commit/e162cd16b663d4da18cef7492a47550024275753

Implementation is quite complete which means you can not sneak in GIANT edits with no revisions by sneaking in lots and lots of small edits.

@codinghorror I feel given this change we are protected from a certain ugly vector of spam abuse cause we now have proper auditing.

I think we can drop “Disable edit grace period for TL0 users by default” from the release … with this change it is no longer really needed.

4 Likes

Hmm, I am not sure I am totally comfortable with that, but I guess we can give it a try and see?

Wait, 20 characters? that’s way too small of a default. I could quickly add one sentence and that would trigger…

1 Like

I am not married to 20 chars, just feel that in general it is enough. I would like to deploy to BBS and look at the resulting revisions 24h later. If you want to push it to 30 or 40 we can.

20 chars is wayyyy low, I set it to 100, let’s start with that. Even that might be too small.

1 Like

Wait…if we’re increasing this setting to 100 (or even more) I think we still need the Disable edit grace period for TL0 users by default feature. 100 characters is plenty of room for a user to turn a valid post into spam, add an inappropriate image, etc. without triggering an edit log.

In theory, absolutely, even 20 chars can be enough to insert a bad url. In practice though this is not what we observed.

I think we can wait and see with this change.

There is always the atomic, min trust to edit post = 10 which can work around any community being spammed.

EDIT I triggered a revision under new rules here

2 Likes

I thought that was just me!!! Yes… I’m not alone.

4 Likes