Once upstream does new releases for Mailman, hyperkitty, postorius (and any related components), we will upgrade lists.wikimedia.org.
In the meantime this mostly serves as a tracking bug for things that will be fixed when we upgrade.
Once upstream does new releases for Mailman, hyperkitty, postorius (and any related components), we will upgrade lists.wikimedia.org.
In the meantime this mostly serves as a tracking bug for things that will be fixed when we upgrade.
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | BUG REPORT | None | T286149 Mailman doesn't replace email in notice when changing subscription email | ||
Open | None | T283909 Poor link parsing in HyperKitty (Mailman 3) web archive | |||
Open | None | T283128 In Mailman3, users cannot change their display name from the web | |||
Open | BUG REPORT | None | T291134 Confirmation message when changing email subscription is broken | ||
Open | None | T286217 Upgrade lists.wikimedia.org to next Mailman/hyperkitty/postorius versions |
postorius 1.3.5 was released, in addition to the unsubscribe security fix we already have: https://docs.mailman3.org/projects/postorius/en/latest/news.html#news-1-3-5
Mailman Core 3.3.5b1 is out: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/docs/NEWS.html#news-3-3-5
From the announcement:
It is a pre-release for 3.3.5, which is slated to come out in 3 weeks from now.
I am planning for a 2 week beta period, after which I'll release the first RC and then stable a week after. Right now I am not planning to release a second beta version, but if there are several changes in Core in the next week or so, then I might.
We should at least upgrade the cloud VM to the beta.
Here's the dependency diff for Mailman Core 3.3.5 from 3.3.4:
@@ -111,16 +111,16 @@ case second 'm'. Any other spelling is incorrect.""", }, install_requires = [ 'aiosmtpd>=1.4.1', + 'alembic>=1.6.2,<1.7', - 'alembic', 'atpublic', 'authheaders>=0.9.2', 'authres>=1.0.1', + 'click>=8.0.0', - 'click>=7.0.0', 'dnspython>=1.14.0', + 'falcon>=3.0.0', + 'flufl.bounce>=4.0', + 'flufl.i18n>=3.2', + 'flufl.lock>=5.1', - 'falcon>1.0.0', - 'flufl.bounce', - 'flufl.i18n>=2.0', - 'flufl.lock>=3.1', 'importlib_resources>=1.1.0', 'gunicorn', 'lazr.config',
So...another round of package updates. It doesn't seem like upgrading to bullseye first will help much here.
I'm waiting for this because HyperKitty v1.3.5 provides RSS feed. (https://gitlab.com/mailman/hyperkitty/-/merge_requests/302)
Mailman really doesn't have an owner yet. Kunal and I did just the upgrade from 2 to 3 due its severe limitations and security issues. I have way too much in my plate to do the upgrade on my own but would be happy to help anyone who would take the lead. Unless the new postorius adds support for 2FA then the priorities change (but I haven't seen that in changelog)
Our current Mailman deployment is a bunch of backported and forked debs with random patches thrown on top based on what we managed to fix upstream. It's not sustainable (as hopefully T286217#7406437 shows). Given that we need to get off buster anyways, I would suggest that we wait until the bookworm freeze gets more frozen and set up some lists1003 with normal Debian packages, and after some level of testing switch lists.wm.o over to the new host. The new version will have a new set of bugs, we either learn to live with them or patch via puppet.
Pardon my ignorance but are partial i18n updates possible (e.g. django_mailman3/locale/) without having to upgrade the whole lot? After mailman3 was released widely there have been a number of translation fixes that we may wish to use. And since mailman3 displays its UI by default in your browser language (and it does not let you to change it), being able to regularly have our translations updated would be great IFF possible. Thank you.