Page MenuHomePhabricator
Create Task
Maniphest T319432

Migrate WMF production from PHP 7.4 to PHP 8.1
Open, In Progress, MediumPublic
Actions

Assigned To
Krinkle
Authored By
Krinkle
Oct 5 2022, 3:28 PM
Tags
Referenced Files
F56618453: Screenshot 2024-07-23 at 14.47.10.png
Jul 23 2024, 1:47 PM
F56618452: Screenshot 2024-07-23 at 14.46.28.png
Jul 23 2024, 1:46 PM
F53712686: 2023_php_EOL_Composer.png
May 18 2024, 3:17 PM
F53712005: 2023_php_EOL_wmf.png
May 18 2024, 3:17 PM
Subscribers
A_smart_kitten
abi_
Aklapper
akosiaris
ArielGlenn
bd808
charitwo
View All 34 Subscribers
Tokens
"Love" token, awarded by Michael."Love" token, awarded by hashar."Yellow Medal" token, awarded by kostajh.

Description

T271736: Migrate WMF production from PHP 7.2 to PHP 7.4 | T360995: Migrate Wikimedia production from PHP 8.1 to PHP 8.3

This is scheduled after T290536: Serve production traffic via Kubernetes, kept out of dependency tree for readability.

The next target for WMF production after PHP 7.4, is PHP 8.1. This will incorporate:

  • Assurance that this should work
    • CI configured to require PHP 8.1 to pass for all production code
      • Making CI passing and enforced ("voting") for MediaWiki core on PHP 8.0 and PHP 8.1.
      • Making CI passing wmf-deployed MediaWiki extensions and skins on PHP 8.0 and PHP 8.1.
    • Other tooling changes as needed
  • Preparation of Wikimedia production
  • Pre-launch testing T319432
    • Benchmarks for different workloads and different clusters (non blocking)
    • Add an option to WikimediaDebug to select which version is used. T372605
    • Add ability to do consistent client-side ramp-up via a PHP_ENGINE cookie. T377987
    • Add request routing for PHP_ENGINE cookie. T377042
  • MediaWiki production migration T383845
    • cookie-based traffic (mw-(web|api-ext)-next svc)
      • mw-web
      • mw-api-ext
    • cookie-less external traffic, and non-user facing traffic (via -migration releases)
      • mw-web
      • mw-api-ext
      • mw-api-int
      • mw-parsoid
      • mw-jobrunner
    • Everything else
      • Snapshot hosts ("dumps")
      • mw-videoscaler
      • mw-script
      • mw-wikifunctions
      • mw-cron
  • Decommission support for PHP 7.4 from production
  • Drop PHP 7.4 and 8.0 testing from CI, if not otherwise needed for release branches

Details

SubjectRepoBranchLines +/-
MediaWiki-Docker: Switch PHP images to PHP 8.1mediawiki/coremaster+4 -2
Customize query in gerrit
TitleReferenceAuthorSource BranchDest Branch
Add PHP 8.1 imagesrepos/releng/dev-images!23jforresterphp81main
Customize query in GitLab

Related Objects
Search...

StatusSubtypeAssignedTask
 StalledNoneT255792 Quibble runs core:unit tests twice!
 OpenNoneT328919 Upgrade to PHPUnit 10
 OpenNoneT376276 PHP 8.4: Implicitly nullable parameter declarations deprecated
 OpenNoneT379587 PHP 8.4: Implicitly nullable parameter declarations deprecated in 3rd party vendor libs
 OpenNoneT378424 PHP 8.4: Implicitly nullable parameter declarations deprecated in qrcode vendor libs
 OpenNoneT358666 Drop PHP 8.1 support from MediaWiki
 OpenNoneT380185 Prepare for newer geoip2/geoip2 library
 OpenNoneT338103 Micro-optimize ApiResult::isMetadataKey with str_starts_with once we support PHP8+
 OpenNoneT379930 Use WeakMap instead of an array in RestrictedEntityLookupFactory
 StalledNoneT334726 Use return type `never` in Wikibase
 StalledNoneT373753 Drop symfony/polyfill-php80 and symfony/polyfill-php81 from mediawiki-vendor
 OpenNoneT328921 Drop PHP 7.4 support from MediaWiki
 OpenNoneT328922 Drop PHP 8.0 support from MediaWiki
 StalledNoneT319055 Upgrade to psr/container 2.x
 In ProgressKrinkleT319432 Migrate WMF production from PHP 7.4 to PHP 8.1
 ResolvedtstarlingT292552 Rename articles and users to update our case mapping to PHP 7.4 and Unicode 11
 ResolvedJdforrester-WMFT316078 Make PHP 8.1 voting on development (master) branch of MW ecosystem (core, extensions, skins, libraries)
 ResolvedJdforrester-WMFT319065 All Wikimedia production extensions and skins must support PHP 8.1
 ResolvedtstarlingT314212 str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 ResolvedReedyT311448 Echo PHP 8.1 support
 ResolvedBUG REPORTtstarlingT289925 FILTER_SANITIZE_STRING is deprecated in PHP 8.1
 ResolvedtstarlingT320726 Fix RandomImageGenerator as used in tests to work on PHP 8.1 without errors or warnings
 ResolvedDaimonaT311451 Re-enable PHP 8.1 CI on css-sanitizer
 ResolvedDaimonaT311452 Taint Check Plugin release
 ResolvedNoneT307506 Address PHP 8.1 job failures on various PHP libs
 ResolvedJdforrester-WMFT311450 Re-enable PHP 8.1 CI on RemexHTML
 ResolvedBUG REPORTNoneT308406 RemexHtml should support PHP 8.1
 ResolvedtstarlingT307630 mediawiki/libs/RemexHtml phan issues under 8.1
 ResolvedJdforrester-WMFT311463 Re-enable PHP 8.1 CI on Zest
 ResolvedssastryT307632 mediawiki/libs/Zest phan issues under 8.1
 ResolvedkostajhT321600 GrowthExperiments PHP 8.1 support
 ResolvedkostajhT321691 StructuredDiscussions support for PHP 8.1
 ResolvedthiemowmdeT321692 FileImporter support for PHP 8.1
 ResolvedtstarlingT322098 GeoData support for PHP 8.1
 ResolvedtstarlingT322099 TwoColConflict support for PHP 8.1
 ResolvedBUG REPORTLucas_Werkmeister_WMDET319219 Wikibase gives deprecated warnings on php 8.1
 ResolvedhooT301249 Handle deprecation of Serializable interface in Wikibase
 ResolvedhooT305785 Wikibase Snak hashes (and thus "mainsnak", "references" and "qualifiers" hashes) depend on legacy PHP serialization
 ResolvedJdforrester-WMFT322233 PageViewInfo support for PHP 8.1
 ResolvedthiemowmdeT322408 CirrusSearch support for PHP 8.1
 ResolvedkostajhT322838 PageTriage PHP 8.1 support
 ResolvedUmherirrenderT323056 STVTallierTest::testFinishTally() fails under PHP 8.0 and later
 ResolvedPRODUCTION ERROR brookeT289189 getid3: PHP Warning: Division by zero
 ResolvedTheresNoTimeT332356 function strftime() is deprecated in php8.1 used by Calendar extension
 ResolvedtstarlingT322278 MediaWiki core should pass Phan on PHP 8.1
 OpenJdforrester-WMFT320818 Configure CI to test the Wikimedia production gate code against PHP 8.1 as well as PHP 7.4
 ResolvedlarissagauliaT321709 PHP 8.1 Upgrade Performance <-> SRE Service Ops coordination
 ResolvedJMeybohmT345561 Upgrade the MediaWiki servers to ICU 67
 ResolvedMoritzMuehlenhoffT350767 Rebuild PHP 7.4 packages for Bullseye
 OpenNoneT373752 Build php-uuid package, and add to WMF production and CI
 DuplicateNoneT378043 Route requests with PHP_ENGINE=8.1 cookie to "next" deployment via ATS plugin
 In ProgressNoneT379874 ☂ PHP 8.1 issues found during WMF rollout/ramp up
 ResolvedPRODUCTION ERRORReedyT379834 PHP Deprecated: Automatic conversion of false to array is deprecated
 In ProgressPRODUCTION ERRORNoneT384851 PHP Deprecated: strrpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
 ResolvedPRODUCTION ERRORmszaboT384853 PHP Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORmszaboT384854 PHP Deprecated: strtolower(): Passing null to parameter #1 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORmszaboT384858 PHP Deprecated: strtr(): Passing null to parameter #1 ($string) of type string is deprecated
 In ProgressPRODUCTION ERRORkarapayneWMDET384867 PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT384879 PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated
 In ProgressPRODUCTION ERRORNoneT384906 PHP Deprecated: strlen(): Passing null to parameter #1 ($string) of type string is deprecated
 In ProgressPRODUCTION ERRORkarapayneWMDET384963 PHP Deprecated: strlen(): Passing null to parameter #1 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT385028 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT385061 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT385170 PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT385169 PHP Deprecated: preg_split(): Passing null to parameter #2 ($subject) of type string is deprecated
 ResolvedPRODUCTION ERROR hasharT385143 PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
 ResolvedPRODUCTION ERRORUmherirrenderT384694 TypeError: Argument 1 passed to MediaWiki\Extension\Notifications\Api\ApiEchoMute::parsePref() must be of the type string, null given, called in /srv/mediawiki/php-1.44.0-wmf.13/extensions/Echo/includes/Api/ApiEchoMute.php on l
 ResolvedPRODUCTION ERRORReedyT385201 PHP Deprecated: strlen(): Passing null to parameter #1 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORthiemowmdeT385268 ArgumentCountError: array_merge() does not accept unknown named parameters
 ResolvedPRODUCTION ERRORReedyT385267 PHP Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated
 ResolvedPRODUCTION ERRORReedyT385269 PHP Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 OpenPRODUCTION ERRORNoneT385331 PHP Deprecated: mb_strlen(): Passing null to parameter #1 ($string) of type string is deprecated
 In ProgressPRODUCTION ERRORTacsipacsiT385332 PHP Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 OpenPRODUCTION ERRORNoneT385333 PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated
 In ProgressPRODUCTION ERRORReedyT385335 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated
 OpenPRODUCTION ERRORNoneT385452 PHP Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 ResolvedPRODUCTION ERRORReedyT385460 PHP Deprecated: Brick\Math\BigInteger implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary)
 OpenPRODUCTION ERRORNoneT385519 PHP Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
 In ProgressPRODUCTION ERRORNoneT385567 PHP Warning: Undefined array key 1
DuplicatePRODUCTION ERRORNoneT385569 InvalidArgumentException: Bad key: if(now()=sysdate(),sleep(15),0)
 In ProgressPRODUCTION ERRORNoneT385568 InvalidArgumentException: Bad key: -1" OR 2+583-583-1=0+0+0+1 --
DuplicatePRODUCTION ERRORNoneT385579 TypeError: preg_match(): Argument #2 ($subject) must be of type string, null given
 ResolvedPRODUCTION ERRORReedyT385588 PHP Deprecated: preg_replace_callback(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 OpenPRODUCTION ERRORUmherirrenderT385758 PHP Deprecated: htmlspecialchars(): Passing null to parameter #1 ($string) of type string is deprecated
 OpenPRODUCTION ERRORUmherirrenderT385762 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated
 ResolvedPRODUCTION ERRORReedyT385763 PHP Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated
 OpenPRODUCTION ERRORNoneT385395 503 error when edit large size pages on PHP 8.1
 OpenFeaturebd808T378752 Install PHP 8.1 on deployment-prep bullseye MediaWiki instances
 In ProgressScott_FrenchT383845 MediaWiki on PHP 8.1 production traffic ramp-up
 ResolvedScott_FrenchT377042 Support cookie-driven fractional migration to PHP 8.1 deployments of mw-web and mw-api-ext
 ResolvedScott_FrenchT377040 Turn up PHP 8.1-flavored k8s deployments for all MediaWiki services
 ResolvedKrinkleT377987 Prepare sticky cookie for gradual PHP 8.1 rollout
 OpenNoneT383805 Performance assessment of PHP8.1
 OpenNoneT383875 Create Grafana and Logstash dashboards for MediaWiki migrations/upgrades
 ResolvedMSantosT379986 Testing and verification of MediaWiki on PHP 8.1 in mwdebug-next
 OpenTgrT383633 Test MediaWiki authentication on PHP 8.1 in mwdebug-next
 ResolvedScott_FrenchT372605 Extend x-wikimedia-debug-routing.lua to support PHP 8.1 mw-debug deployment
 ResolvedScott_FrenchT372604 Turn up PHP 8.1-flavored mw-debug k8s deployment
 ResolveddduvallT370934 Build and publish multiple MediaWiki production images for a given set of PHP versions
 ResolvedClement_GoubertT376895 mw-debug-repl fails with `container mediawiki-pinkunicorn-app is not valid for pod mw-debug.codfw.next-5d785576b4-sq6dv`
 ResolvedScott_FrenchT372602 Prepare PHP 8.1 production images
 ResolvedScott_FrenchT372507 Prepare WMF PHP 8.1 packages for Bullseye
 ResolvedScott_FrenchT372603 Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition
 ResolvedScott_FrenchT384532 Align mw-on-k8s alerts with PHP 8.1 migration
 OpenNoneT385199 Gather PHP8.1 profiling data
OpenNoneT276994 Provide an mwdebug functionality on kubernetes (mw-experimental)
 OpenNoneT324003 mwdebug: people in the "deployment" group should be able to launch 'experimental' instances for testing purposes
 OpenNoneT380485 Transition parsoidtest1001 to PHP 8.1
 OpenjijikiT384294 Add support for JIT in PHP8.1 images

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
JMeybohm closed subtask T345561: Upgrade the MediaWiki servers to ICU 67 as Resolved.Nov 9 2023, 10:03 AM
Krinkle moved this task from Next to Within 2 Qs on the MediaWiki-Platform-Team board.Nov 13 2023, 5:41 PM
Krinkle moved this task from Within 2 Qs to Blocked/waiting on the MediaWiki-Platform-Team board.Nov 16 2023, 11:25 PM
Umherirrender mentioned this in T353276: Make Phan on PHP 8.1 voting for wmf-deployed extensions/skins.Dec 12 2023, 4:01 PM
Reedy added a comment.Jan 31 2024, 3:33 PM
In T319432#9234734, @MoritzMuehlenhoff wrote:
In T319432#9234692, @kostajh wrote:

@Krinkle this task is marked as stalled, is it blocked on something?

The ICU migration needs to happen first: https://phabricator.wikimedia.org/T329491

Which was replaced by T345561: Upgrade the MediaWiki servers to ICU 67, which is resolved..

Jdforrester-WMF added a comment.Jan 31 2024, 4:30 PM

Yup, AIUI that for simplicity it's been decided that this is blocked by T290536: Serve production traffic via Kubernetes; should we mark that formally in Phab?

Reedy added a comment.Jan 31 2024, 4:36 PM

Yeah, otherwise it's unclear what/why this is stalled

Jdforrester-WMF added a subtask: T290536: Serve production traffic via Kubernetes.Jan 31 2024, 4:39 PM
Nikerabbit subscribed.Feb 13 2024, 9:49 AM
freephile subscribed.Feb 22 2024, 5:55 AM
Reedy mentioned this in T358771: Unable to login on iPhone with Passkey Enabled.Mar 5 2024, 10:33 PM
Reedy mentioned this in T328921: Drop PHP 7.4 support from MediaWiki.Mar 11 2024, 2:50 PM
Jdforrester-WMF added a parent task: T319055: Upgrade to psr/container 2.x.Mar 18 2024, 4:34 PM
Jdforrester-WMF updated the task description. (Show Details)Mar 26 2024, 11:18 AM
Jdforrester-WMF mentioned this in T360995: Migrate Wikimedia production from PHP 8.1 to PHP 8.3.Mar 26 2024, 11:20 AM
Jdforrester-WMF updated the task description. (Show Details)
Lucas_Werkmeister_WMDE mentioned this in T362412: Wikibase CI jobs wikibase-repo and wikibase-client broken on REL1_42.Apr 12 2024, 2:17 PM
hashar reopened subtask T320818: Configure CI to test the Wikimedia production gate code against PHP 8.1 as well as PHP 7.4 as Open.Apr 17 2024, 5:58 AM
bd808 mentioned this in T364249: New upstream release for Pygments (2.18.0).May 16 2024, 9:59 PM
Krinkle added a comment.EditedMay 18 2024, 3:17 PM

(Disparate notes for ease of linking during an upcoming internal WMF presentation.)

Upstreams: PHP.net, Debian, Composer (lib dependencies)

We benefit from Debian Linux and their LTS packages for PHP, which maintain and provide security patches beyond the official PHP.net support at https://www.php.net/supported-versions. For example, while php.net ended "Active support" for PHP 7.4 in 2021, and ended Security support in 2022; We actually use Debian Linux 11 ("Bullseye") which provides LTS and security support for php7.4 until June 2027 per https://wiki.debian.org/LTS.

2023_php_EOL_wmf.png (526×1 px, 31 KB)

However, this is limited to the PHP engine itself. It does not help us with our runtime dependency on specific libraries, which we install from Packagist.org via Composer. Examples of libraries that we deploy in production to run Wikipedia on MediaWiki, include: Monolog, JWT, Symfony, PHPUnit, etc.

Libraries have much shorter support in practice. Plus, bugs in an old version rarely receive a published CVE that one could subscribe to. This just isn't a practice for most individually maintained libraries, since only the latest version at any given time is supported. Individual releases generally do not enjoy long-term support. In practice, "support" from a library translates to a patch to the latest version, and you have to upgrade to latest version to get it.

Over 30% (as of July 2023), and 50% (as of 2024) of the 1000 most popular Composer packages require PHP 8.0 or later. This is not theoretical, this is today. https://stitcher.io/blog/php-version-stats-july-2024:

Screenshot 2024-07-23 at 14.47.10.png (820×1 px, 73 KB)

This is already affecting MediaWiki dependencies. Below is a list of packages we have in production ("mediawiki-vendor") that have incompatible upgrades available upstream. We are unable to install these due to running an outdated PHP version.

f we look at upstream "main" branches, there are several more who discontinued PHP 7.4 in their main branch, but have not released it yet. This means any upcoming of security fix, bug fix, or other improvement will be part of a release we can't install.

Misc links

  • Example of six months period from June 2023 to Feb 2024, where our own performance tooling did not work in our official MediaWiki-Docker dev environment. This because we moved from PHP 7.4 to PHP 8.1, and thus by extent away from WMF packaging to a third-party (deb.sury.org) which happened to lack some of the required packages. https://github.com/oerdnj/deb.sury.org/issues/1952
TheDJ added a parent task: T364249: New upstream release for Pygments (2.18.0).May 20 2024, 1:22 PM
Clement_Goubert changed the status of subtask T290536: Serve production traffic via Kubernetes from Open to In Progress.Jul 8 2024, 11:26 AM
abi_ subscribed.Jul 18 2024, 4:36 AM
charitwo subscribed.Jul 18 2024, 5:02 PM
Krinkle attached a referenced file: F56618453: Screenshot 2024-07-23 at 14.47.10.png. (Show Details)Jul 23 2024, 1:47 PM
Krinkle attached a referenced file: F56618452: Screenshot 2024-07-23 at 14.46.28.png. (Show Details)
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:40 PM
Krinkle removed a subtask: T290536: Serve production traffic via Kubernetes.
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:46 PM
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:48 PM
bd808 added a subtask: T370934: Build and publish multiple MediaWiki production images for a given set of PHP versions.Jul 24 2024, 7:47 PM
Scott_French subscribed.Jul 26 2024, 8:29 PM
DannyS712 mentioned this in T371266: Release mediawiki-codesniffer v44.0.0.Jul 29 2024, 7:03 PM
bd808 subscribed.Aug 29 2024, 9:47 PM
Reedy mentioned this in T373752: Build php-uuid package, and add to WMF production and CI.Aug 31 2024, 9:24 PM
Reedy added a subtask: T373752: Build php-uuid package, and add to WMF production and CI.
Dogu subscribed.Sep 1 2024, 11:35 PM
bd808 removed a parent task: T364249: New upstream release for Pygments (2.18.0).Sep 30 2024, 10:45 PM
Dringsim subscribed.Oct 5 2024, 4:44 PM
Krinkle updated the task description. (Show Details)Oct 24 2024, 12:39 AM
Krinkle added a subtask: T377042: Support cookie-driven fractional migration to PHP 8.1 deployments of mw-web and mw-api-ext.Oct 24 2024, 6:27 PM
Krinkle updated the task description. (Show Details)
Krinkle mentioned this in T378043: Route requests with PHP_ENGINE=8.1 cookie to "next" deployment via ATS plugin.
Krinkle closed subtask T377987: Prepare sticky cookie for gradual PHP 8.1 rollout as Resolved.Oct 24 2024, 6:29 PM
Krinkle mentioned this in T378299: SpecialPageFatalTest fails for Special:UploadWizard with "Undefined index: defaultCampaign".Oct 27 2024, 11:54 PM
Krinkle added a subtask: T372603: Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition.Nov 11 2024, 3:07 PM
Krinkle updated the task description. (Show Details)
Scott_French closed subtask T372603: Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition as Resolved.Nov 13 2024, 12:55 AM
Reedy mentioned this in T379834: PHP Deprecated: Automatic conversion of false to array is deprecated.Nov 14 2024, 2:10 AM
Reedy mentioned this in T379868: Could not load user for revision {rev_id}.Nov 14 2024, 2:21 AM
Reedy added a subtask: T379874: ☂ PHP 8.1 issues found during WMF rollout/ramp up.Nov 14 2024, 3:29 AM
Jdforrester-WMF mentioned this in T379930: Use WeakMap instead of an array in RestrictedEntityLookupFactory.Nov 14 2024, 4:27 PM
Scott_French added a subtask: T372604: Turn up PHP 8.1-flavored mw-debug k8s deployment.Nov 14 2024, 11:59 PM
Scott_French added a subtask: T379986: Testing and verification of MediaWiki on PHP 8.1 in mwdebug-next.Nov 15 2024, 12:26 AM
Scott_French updated the task description. (Show Details)
Reedy added a parent task: T380185: Prepare for newer geoip2/geoip2 library.Nov 18 2024, 3:34 PM
Scott_French closed subtask T372604: Turn up PHP 8.1-flavored mw-debug k8s deployment as Resolved.Nov 18 2024, 7:35 PM
dduvall closed subtask T370934: Build and publish multiple MediaWiki production images for a given set of PHP versions as Resolved.Nov 19 2024, 7:03 PM
kostajh added a comment.Nov 22 2024, 7:09 AM

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

MoritzMuehlenhoff added a comment.Nov 22 2024, 7:26 AM
In T319432#10347278, @kostajh wrote:

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

We do not rely on upstream security support since we backport security patches internally. Our main wiki workloads are on PHP 7.4 and all security patches applicable to 7.4 have been backported, see e.g. https://phabricator.wikimedia.org/T378173 for the previous PHP security releases.

kostajh added a comment.Nov 22 2024, 8:48 AM
In T319432#10347290, @MoritzMuehlenhoff wrote:
In T319432#10347278, @kostajh wrote:

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

We do not rely on upstream security support since we backport security patches internally. Our main wiki workloads are on PHP 7.4 and all security patches applicable to 7.4 have been backported, see e.g. https://phabricator.wikimedia.org/T378173 for the previous PHP security releases.

I see, thanks for the explanation.

Reedy added a comment.Nov 22 2024, 1:18 PM

Noting also that getting the k8s stuff done was done before this in attempt to make future upgrades easier..

I’m not sure we’re immediately start going to go to 8.3 or similar when we’re done with the 8.1 upgrade, but it should result in a much shorter timeline going forward

Reedy mentioned this in T379509: [GENERAL] Fix implicit nullable types in Wikibase.Nov 24 2024, 9:10 PM
Krinkle mentioned this in T380185: Prepare for newer geoip2/geoip2 library.Nov 26 2024, 7:30 PM
Scott_French updated the task description. (Show Details)Dec 3 2024, 6:06 PM
Daimona mentioned this in T381728: Use PHP 8.3 in MediaWiki-Docker.Dec 7 2024, 11:03 PM
bd808 added a subtask: T378752: Install PHP 8.1 on deployment-prep bullseye MediaWiki instances.Dec 16 2024, 5:09 PM
A_smart_kitten subscribed.Jan 3 2025, 5:13 PM
ArthurTaylor mentioned this in T379481: [GENERAL] PHP 8.4 issues in WMDE/Wikidata libraries.Jan 6 2025, 10:42 AM
jijiki updated the task description. (Show Details)Wed, Jan 15, 9:35 PM
Restricted Application added a project: Data-Engineering. · View Herald TranscriptWed, Jan 15, 9:35 PM
jijiki updated the task description. (Show Details)Wed, Jan 15, 9:37 PM
Scott_French added a subtask: T383845: MediaWiki on PHP 8.1 production traffic ramp-up.Thu, Jan 16, 12:18 AM
jijiki added a subtask: T276994: Provide an mwdebug functionality on kubernetes (mw-experimental).Thu, Jan 16, 11:30 AM
jijiki changed the status of subtask T383845: MediaWiki on PHP 8.1 production traffic ramp-up from Open to In Progress.Thu, Jan 16, 12:13 PM
Jdforrester-WMF mentioned this in T276994: Provide an mwdebug functionality on kubernetes (mw-experimental).Thu, Jan 16, 2:06 PM
Jdforrester-WMF updated the task description. (Show Details)Thu, Jan 16, 2:08 PM
Krinkle closed subtask T379986: Testing and verification of MediaWiki on PHP 8.1 in mwdebug-next as Resolved.Thu, Jan 16, 9:09 PM
Scott_French added a subtask: T380485: Transition parsoidtest1001 to PHP 8.1.Fri, Jan 17, 3:45 PM
Scott_French mentioned this in T380485: Transition parsoidtest1001 to PHP 8.1.
Scott_French closed subtask T377042: Support cookie-driven fractional migration to PHP 8.1 deployments of mw-web and mw-api-ext as Resolved.Wed, Jan 22, 6:41 PM
jijiki changed the status of subtask T379874: ☂ PHP 8.1 issues found during WMF rollout/ramp up from Open to In Progress.Fri, Jan 24, 2:14 PM
jijiki changed the task status from Stalled to In Progress.Fri, Jan 24, 2:18 PM
jijiki updated the task description. (Show Details)
Reedy mentioned this in T327094: Allow psr/container 2.x in Metrics Platform.Fri, Jan 24, 3:49 PM
Scott_French updated the task description. (Show Details)Fri, Jan 24, 3:57 PM
Tacsipacsi mentioned this in T385294: Enable sniffs to enforce use of type declarations.Thu, Feb 6, 12:56 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits