The Wire · Showcase
ARCHWIKI LOCKED DOWN AGAINST CRAWLER ASSAULT
By RepoJournal · Filed · About Arch Linux
The wiki's under siege from aggressive bots, and infrastructure just deployed a three-layer defense that rewrites the ruleset, hardens the challenge protocol, and bumps MediaWiki to 1.45.4.
Crawlers have been hammering archwiki with `returnto=` parameter abuse, forcing the team to escalate anti-bot measures across the board [1][2]. The anubis challenge system got two upgrades overnight: tighter MediaWiki rules to penalize the parameter-stuffing tactics crawlers favor, plus a significant difficulty bump on expensive challenges to make brute-force attacks prohibitively slow [2][3]. MediaWiki itself jumped to 1.45.4 as part of the hardening pass . Meanwhile, the repo side stayed quiet but productive: kmscon and loadtracker both landed new versions in extra [4][5], while testing packages for python-pyro, muse, and fish all graduated to stable [6][7][8]. Nothing critical here, but the wiki work matters - this is the kind of infrastructure polish that keeps community resources running clean.
Action items
- → Monitor wiki crawl traffic for further abuse patterns archlinux/infrastructure [monitor]
- → Update local archwiki mirrors if you're running them archlinux/infrastructure [plan]
- → Pull kmscon 10.0.1-1 and loadtracker 1.0.0-1 on next sync archlinux/svntogit-extra [plan]
References
- [1] Merge branch 'wiki-lockdown' into 'main' archlinux/infrastructure
- [2] anubis: Tweak the mediawiki ruleset archlinux/infrastructure
- [3] anubis: Increase difficulty of expensive challenge archlinux/infrastructure
- [4] update kmscon to 10.0.1-1 in extra-x86_64 archlinux/state
- [5] update loadtracker to 1.0.0-1 in extra-x86_64 archlinux/state
- [6] move python-pyro from extra-testing-any to extra-any archlinux/state
- [7] move muse from extra-testing-x86_64 to extra-x86_64 archlinux/state
- [8] move fish from extra-testing-x86_64 to extra-x86_64 archlinux/state
FAQ
- What changed in Arch Linux on July 3, 2026?
- The wiki's under siege from aggressive bots, and infrastructure just deployed a three-layer defense that rewrites the ruleset, hardens the challenge protocol, and bumps MediaWiki to 1.45.4.
- What should Arch Linux teams do about it?
- Monitor wiki crawl traffic for further abuse patterns • Update local archwiki mirrors if you're running them • Pull kmscon 10.0.1-1 and loadtracker 1.0.0-1 on next sync
- Which Arch Linux repositories shipped on July 3, 2026?
- archlinux/infrastructure, archlinux/state