Page MenuHomePhabricator
Create Task
Maniphest T319432

Migrate WMF production from PHP 7.4 to PHP 8.1
Open, Stalled, MediumPublic
Actions

Assigned To
Krinkle
Authored By
Krinkle
Oct 5 2022, 3:28 PM
Tags
Referenced Files
F56618453: Screenshot 2024-07-23 at 14.47.10.png
Jul 23 2024, 1:47 PM
F56618452: Screenshot 2024-07-23 at 14.46.28.png
Jul 23 2024, 1:46 PM
F53712686: 2023_php_EOL_Composer.png
May 18 2024, 3:17 PM
F53712005: 2023_php_EOL_wmf.png
May 18 2024, 3:17 PM
Subscribers
abi_
Aklapper
akosiaris
ArielGlenn
bd808
charitwo
Daimona
View All 33 Subscribers
Tokens
"Love" token, awarded by Michael."Love" token, awarded by hashar."Yellow Medal" token, awarded by kostajh.

Description

T271736: Migrate WMF production from PHP 7.2 to PHP 7.4 | T360995: Migrate Wikimedia production from PHP 8.1 to PHP 8.3

This is scheduled after T290536: Serve production traffic via Kubernetes, kept out of dependency tree for readability.

The next target for WMF production after PHP 7.4, is PHP 8.1. This will incorporate:

  • Assurance that this should work
    • CI configured to require PHP 8.1 to pass for all production code
      • Making CI passing and enforced ("voting") for MediaWiki core on PHP 8.0 and PHP 8.1.
      • Making CI passing wmf-deployed MediaWiki extensions and skins on PHP 8.0 and PHP 8.1.
    • Other tooling changes as needed
  • Preparation of Wikimedia production
  • Pre-launch testing T319432
    • Benchmarks for different workloads and different clusters.
    • Add an option to WikimediaDebug to select which version is used. T372605
    • Add ability to do consistent client-side ramp-up via a PHP_ENGINE cookie. T377987
    • Add request routing for PHP_ENGINE cookie. T377042
  • Per-cluster ramp-up:
    • App servers
      • N% of all cookie-based traffic to Appservers and API appservers
      • Parsoid
      • Job runners
      • Appservers
      • API appservers
    • Snapshot hosts ("dumps")
    • Deployment hosts
    • Maintenance hosts
    • Wikitech host
  • Decommission support for PHP 7.4 from production
  • Drop PHP 7.4 and 8.0 testing from CI, if not otherwise needed for release branches

Details

SubjectRepoBranchLines +/-
MediaWiki-Docker: Switch PHP images to PHP 8.1mediawiki/coremaster+4 -2
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 StalledNoneT255792 Quibble runs core:unit tests twice!
 OpenNoneT328919 Upgrade to PHPUnit 10
 OpenNoneT376276 PHP 8.4: Implicitly nullable parameter declarations deprecated
 OpenNoneT379587 PHP 8.4: Implicitly nullable parameter declarations deprecated in 3rd party vendor libs
 OpenNoneT378424 PHP 8.4: Implicitly nullable parameter declarations deprecated in qrcode vendor libs
 OpenNoneT358666 Drop PHP 8.1 support from MediaWiki
 OpenNoneT380185 Prepare for newer geoip2/geoip2 library
 OpenNoneT338103 Micro-optimize ApiResult::isMetadataKey with str_starts_with once we support PHP8+
 OpenNoneT379930 Use WeakMap instead of an array in RestrictedEntityLookupFactory
 StalledNoneT334726 Use return type `never` in Wikibase
 StalledNoneT373753 Drop symfony/polyfill-php80 and symfony/polyfill-php81 from mediawiki-vendor
 OpenNoneT328921 Drop PHP 7.4 support from MediaWiki
 OpenNoneT328922 Drop PHP 8.0 support from MediaWiki
 StalledNoneT319055 Upgrade to psr/container 2.x
 StalledKrinkleT319432 Migrate WMF production from PHP 7.4 to PHP 8.1
 Resolved tstarlingT292552 Rename articles and users to update our case mapping to PHP 7.4 and Unicode 11
 ResolvedJdforrester-WMFT316078 Make PHP 8.1 voting on development (master) branch of MW ecosystem (core, extensions, skins, libraries)
 ResolvedJdforrester-WMFT319065 All Wikimedia production extensions and skins must support PHP 8.1
 Resolved tstarlingT314212 str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
 ResolvedReedyT311448 Echo PHP 8.1 support
 ResolvedBUG REPORT tstarlingT289925 FILTER_SANITIZE_STRING is deprecated in PHP 8.1
 Resolved tstarlingT320726 Fix RandomImageGenerator as used in tests to work on PHP 8.1 without errors or warnings
 ResolvedDaimonaT311451 Re-enable PHP 8.1 CI on css-sanitizer
 ResolvedDaimonaT311452 Taint Check Plugin release
 ResolvedNoneT307506 Address PHP 8.1 job failures on various PHP libs
 ResolvedJdforrester-WMFT311450 Re-enable PHP 8.1 CI on RemexHTML
 ResolvedBUG REPORTNoneT308406 RemexHtml should support PHP 8.1
 Resolved tstarlingT307630 mediawiki/libs/RemexHtml phan issues under 8.1
 ResolvedJdforrester-WMFT311463 Re-enable PHP 8.1 CI on Zest
 ResolvedssastryT307632 mediawiki/libs/Zest phan issues under 8.1
 ResolvedkostajhT321600 GrowthExperiments PHP 8.1 support
 ResolvedkostajhT321691 StructuredDiscussions support for PHP 8.1
 ResolvedthiemowmdeT321692 FileImporter support for PHP 8.1
 Resolved tstarlingT322098 GeoData support for PHP 8.1
 Resolved tstarlingT322099 TwoColConflict support for PHP 8.1
 ResolvedBUG REPORTLucas_Werkmeister_WMDET319219 Wikibase gives deprecated warnings on php 8.1
 ResolvedhooT301249 Handle deprecation of Serializable interface in Wikibase
 ResolvedhooT305785 Wikibase Snak hashes (and thus "mainsnak", "references" and "qualifiers" hashes) depend on legacy PHP serialization
 ResolvedJdforrester-WMFT322233 PageViewInfo support for PHP 8.1
 ResolvedthiemowmdeT322408 CirrusSearch support for PHP 8.1
 ResolvedkostajhT322838 PageTriage PHP 8.1 support
 ResolvedUmherirrenderT323056 STVTallierTest::testFinishTally() fails under PHP 8.0 and later
 ResolvedPRODUCTION ERROR brookeT289189 getid3: PHP Warning: Division by zero
 ResolvedTheresNoTimeT332356 function strftime() is deprecated in php8.1 used by Calendar extension
 Resolved tstarlingT322278 MediaWiki core should pass Phan on PHP 8.1
 OpenJdforrester-WMFT320818 Configure CI to test the Wikimedia production gate code against PHP 8.1 as well as PHP 7.4
 ResolvedlarissagauliaT321709 PHP 8.1 Upgrade Performance <-> SRE Service Ops coordination
 ResolvedJMeybohmT345561 Upgrade the MediaWiki servers to ICU 67
 ResolvedMoritzMuehlenhoffT350767 Rebuild PHP 7.4 packages for Bullseye
 OpenNoneT373752 Build php-uuid package, and add to WMF production and CI
 DuplicateNoneT378043 Route requests with PHP_ENGINE=8.1 cookie to "next" deployment via ATS plugin
 OpenScott_FrenchT377042 Support cookie-driven fractional migration to PHP 8.1 deployments of mw-web and mw-api-ext
 OpenScott_FrenchT377040 Turn up PHP 8.1-flavored k8s deployments for all MediaWiki services
 ResolvedKrinkleT377987 Prepare sticky cookie for gradual PHP 8.1 rollout
 ResolvedScott_FrenchT372603 Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition
 OpenNoneT379874 PHP 8.1 issues found during WMF rollout/ramp up
 ResolvedPRODUCTION ERRORReedyT379834 PHP Deprecated: Automatic conversion of false to array is deprecated
 OpenNoneT343229 Scribunto's use of dynamic Parser::$scribunto_engine should be rewritten/removed
 ResolvedReedyT324891 Deprecated: Creation of dynamic property Parser::$scribunto_engine is deprecated
 OpenNoneT343226 TemplateStyles's use of dynamic Parser::$extTemplateStylesCache should be rewritten/removed
 ResolvedReedyT324890 Deprecated: Creation of dynamic property Parser::$extTemplateStylesCache is deprecated in Hooks.php on line 208
 OpenPRODUCTION ERRORNoneT357593 FundraisingEmailUnsubscribe doesn't pass tests in PHP 8.1
 ResolvedScott_FrenchT372604 Turn up PHP 8.1-flavored mw-debug k8s deployment
 ResolveddduvallT370934 Build and publish multiple MediaWiki production images for a given set of PHP versions
 ResolvedClement_GoubertT376895 mw-debug-repl fails with `container mediawiki-pinkunicorn-app is not valid for pod mw-debug.codfw.next-5d785576b4-sq6dv`
 ResolvedScott_FrenchT372605 Extend x-wikimedia-debug-routing.lua to support PHP 8.1 mw-debug deployment
 OpenMSantosT379986 Testing and verification of MediaWiki on PHP 8.1 in mwdebug-next
 OpenNoneT380485 Transition parsoidtest1001 to PHP 8.1
 OpenFeaturebd808T378752 Install PHP 8.1 on deployment-prep bullseye MediaWiki instances

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
matmarex added a comment.Sep 25 2023, 7:35 PM

Configure MW with ICU emulation for PHP 8.1 that matches PHP 7.4 (see also: T263437: Allow easier ICU transitions in MediaWiki (change how sortkey collation is managed in the categorylinks table), T292552: Rename articles and users to update our case mapping to PHP 7.4 and Unicode 11).

I'm not sure where to raise this, so I'll raise it here: the category collation transition should also be done for 'uppercase' collations, not just ICU collations, as they are also affected by upgrades. For example, see T323868 and T251698 where this problem was reported.

Reedy added a comment.Sep 25 2023, 9:43 PM
In T319432#9177477, @Tacsipacsi wrote:
In T319432#8338918, @Krinkle wrote:

We choose PHP 8.1, based on PHP 8.2 not being ready yet

In the meantime, 8.2 has been out for over nine months, and it’s the version included in Debian Bookworm. Are you sure it makes sense to stick with 8.1, despite it not being included in any Debian version? It would be important to support at least one PHP version Debian includes (i.e. 7.4 or 8.2) for the benefit of third-party wikis; while it doesn’t need to be the one used in WMF production, it’s easier to support a PHP version if we ourselves use it.

https://www.mediawiki.org/wiki/Support_policy_for_PHP

Milimetric subscribed.Oct 3 2023, 9:16 PM

Hi, Experimentation Lab owns dumps now, and so I think we're responsible for the snapshot hosts mentioned in the description here. Do we have a timeline for this upgrade?

kostajh added a comment.Oct 9 2023, 8:08 AM

@Krinkle this task is marked as stalled, is it blocked on something?

Also, to bump @Tacsipacsi's question above (T319432#9177477), should we consider 8.2 for WMF production, since the decision to go with 8.1 instead of 8.2 (T319432#8338918) was made ~1 year ago?

MoritzMuehlenhoff subscribed.Oct 9 2023, 8:20 AM
In T319432#9234692, @kostajh wrote:

@Krinkle this task is marked as stalled, is it blocked on something?

The ICU migration needs to happen first: https://phabricator.wikimedia.org/T329491

Aklapper added a comment.Oct 9 2023, 8:33 AM

Please set subtasks in tasks to express dependencies. T329491 and T345561 are not connected to anything so it's not obvious what needs to happen first.

Clement_Goubert added a subtask: T329491: ICU transition towards ICU 67.Oct 9 2023, 8:39 AM
Aklapper mentioned this in T349214: Proof-of-concept: Run MediaWiki tests in latest Zuul.Oct 18 2023, 5:41 PM
Physikerwelt subscribed.Oct 23 2023, 8:45 PM
JMeybohm closed subtask T329491: ICU transition towards ICU 67 as Declined.Oct 25 2023, 1:44 PM
Krinkle added a subtask: T345561: Upgrade the MediaWiki servers to ICU 67.Nov 3 2023, 1:08 AM
Jdforrester-WMF removed a subtask: T329491: ICU transition towards ICU 67.Nov 3 2023, 3:38 PM
tstarling subscribed.Nov 4 2023, 4:55 AM
In T319432#9177477, @Tacsipacsi wrote:

In the meantime, 8.2 has been out for over nine months, and it’s the version included in Debian Bookworm. Are you sure it makes sense to stick with 8.1, despite it not being included in any Debian version? It would be important to support at least one PHP version Debian includes (i.e. 7.4 or 8.2) for the benefit of third-party wikis; while it doesn’t need to be the one used in WMF production, it’s easier to support a PHP version if we ourselves use it.

Given the amount of work that went into getting 8.1 running in CI and making everything pass, I would suggest upgrading to 8.1 within the next three months, and then starting a PHP 8.3 upgrade project immediately after that, with target completion in 2024.

We can start work on 8.3 CI whenever. I found out at php-src#11469 that Drupal are constantly running their CI against PHP master. My PR was merged on June 6 and they filed a bug about it on June 18 asking for a revert, which they immediately got. That's the kind of CI I'd like to have.

Jdforrester-WMF added a comment.Nov 6 2023, 7:28 PM
In T319432#9306384, @tstarling wrote:

We can start work on 8.3 CI whenever.

Yup, T339350 is tracking that; right now we're blocked by a lack of releases, particularly of php-ast; I believe 8.3.0's release date will be as is traditional US Thanksgiving again, so I'll have some time around then to see if we can get it out then.

Ladsgroup subscribed.Nov 6 2023, 8:47 PM
JMeybohm closed subtask T345561: Upgrade the MediaWiki servers to ICU 67 as Resolved.Nov 9 2023, 10:03 AM
Krinkle moved this task from Soon to Within 2 Qs on the MediaWiki-Platform-Team board.Nov 13 2023, 5:41 PM
Krinkle moved this task from Within 2 Qs to Blocked/waiting on the MediaWiki-Platform-Team board.Nov 16 2023, 11:25 PM
Umherirrender mentioned this in T353276: Make Phan on PHP 8.1 voting for wmf-deployed extensions/skins.Dec 12 2023, 4:01 PM
Reedy added a comment.Jan 31 2024, 3:33 PM
In T319432#9234734, @MoritzMuehlenhoff wrote:
In T319432#9234692, @kostajh wrote:

@Krinkle this task is marked as stalled, is it blocked on something?

The ICU migration needs to happen first: https://phabricator.wikimedia.org/T329491

Which was replaced by T345561: Upgrade the MediaWiki servers to ICU 67, which is resolved..

Jdforrester-WMF added a comment.Jan 31 2024, 4:30 PM

Yup, AIUI that for simplicity it's been decided that this is blocked by T290536: Serve production traffic via Kubernetes; should we mark that formally in Phab?

Reedy added a comment.Jan 31 2024, 4:36 PM

Yeah, otherwise it's unclear what/why this is stalled

Jdforrester-WMF added a subtask: T290536: Serve production traffic via Kubernetes.Jan 31 2024, 4:39 PM
Nikerabbit subscribed.Feb 13 2024, 9:49 AM
freephile subscribed.Feb 22 2024, 5:55 AM
Reedy mentioned this in T358771: Unable to login on iPhone with Passkey Enabled.Mar 5 2024, 10:33 PM
Reedy mentioned this in T328921: Drop PHP 7.4 support from MediaWiki.Mar 11 2024, 2:50 PM
Jdforrester-WMF added a parent task: T319055: Upgrade to psr/container 2.x.Mar 18 2024, 4:34 PM
Jdforrester-WMF updated the task description. (Show Details)Mar 26 2024, 11:18 AM
Jdforrester-WMF mentioned this in T360995: Migrate Wikimedia production from PHP 8.1 to PHP 8.3.Mar 26 2024, 11:20 AM
Jdforrester-WMF updated the task description. (Show Details)
Lucas_Werkmeister_WMDE mentioned this in T362412: Wikibase CI jobs wikibase-repo and wikibase-client broken on REL1_42.Apr 12 2024, 2:17 PM
hashar reopened subtask T320818: Configure CI to test the Wikimedia production gate code against PHP 8.1 as well as PHP 7.4 as Open.Apr 17 2024, 5:58 AM
bd808 mentioned this in T364249: New upstream release for Pygments (2.18.0).May 16 2024, 9:59 PM
Krinkle added a comment.EditedMay 18 2024, 3:17 PM

(Disparate notes for ease of linking during an upcoming internal WMF presentation.)

Upstreams: PHP.net, Debian, Composer (lib dependencies)

We benefit from Debian Linux and their LTS packages for PHP, which maintain and provide security patches beyond the official PHP.net support at https://www.php.net/supported-versions. For example, while php.net ended "Active support" for PHP 7.4 in 2021, and ended Security support in 2022; We actually use Debian Linux 11 ("Bullseye") which provides LTS and security support for php7.4 until June 2027 per https://wiki.debian.org/LTS.

2023_php_EOL_wmf.png (526×1 px, 31 KB)

However, this is limited to the PHP engine itself. It does not help us with our runtime dependency on specific libraries, which we install from Packagist.org via Composer. Examples of libraries that we deploy in production to run Wikipedia on MediaWiki, include: Monolog, JWT, Symfony, PHPUnit, etc.

Libraries have much shorter support in practice. Plus, bugs in an old version rarely receive a published CVE that one could subscribe to. This just isn't a practice for most individually maintained libraries, since only the latest version at any given time is supported. Individual releases generally do not enjoy long-term support. In practice, "support" from a library translates to a patch to the latest version, and you have to upgrade to latest version to get it.

Over 30% (as of July 2023), and 50% (as of 2024) of the 1000 most popular Composer packages require PHP 8.0 or later. This is not theoretical, this is today. https://stitcher.io/blog/php-version-stats-july-2024:

Screenshot 2024-07-23 at 14.47.10.png (820×1 px, 73 KB)

This is already affecting MediaWiki dependencies. Below is a list of packages we have in production ("mediawiki-vendor") that have incompatible upgrades available upstream. We are unable to install these due to running an outdated PHP version.

f we look at upstream "main" branches, there are several more who discontinued PHP 7.4 in their main branch, but have not released it yet. This means any upcoming of security fix, bug fix, or other improvement will be part of a release we can't install.

Misc links

  • Example of six months period from June 2023 to Feb 2024, where our own performance tooling did not work in our official MediaWiki-Docker dev environment. This because we moved from PHP 7.4 to PHP 8.1, and thus by extent away from WMF packaging to a third-party (deb.sury.org) which happened to lack some of the required packages. https://github.com/oerdnj/deb.sury.org/issues/1952
TheDJ added a parent task: T364249: New upstream release for Pygments (2.18.0).May 20 2024, 1:22 PM
Clement_Goubert changed the status of subtask T290536: Serve production traffic via Kubernetes from Open to In Progress.Jul 8 2024, 11:26 AM
abi_ subscribed.Jul 18 2024, 4:36 AM
charitwo subscribed.Jul 18 2024, 5:02 PM
Krinkle attached a referenced file: F56618453: Screenshot 2024-07-23 at 14.47.10.png. (Show Details)Jul 23 2024, 1:47 PM
Krinkle attached a referenced file: F56618452: Screenshot 2024-07-23 at 14.46.28.png. (Show Details)
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:40 PM
Krinkle removed a subtask: T290536: Serve production traffic via Kubernetes.
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:46 PM
Krinkle updated the task description. (Show Details)Jul 23 2024, 9:48 PM
bd808 added a subtask: T370934: Build and publish multiple MediaWiki production images for a given set of PHP versions.Jul 24 2024, 7:47 PM
Scott_French subscribed.Jul 26 2024, 8:29 PM
DannyS712 mentioned this in T371266: Release mediawiki-codesniffer v44.0.0.Jul 29 2024, 7:03 PM
bd808 subscribed.Aug 29 2024, 9:47 PM
Reedy mentioned this in T373752: Build php-uuid package, and add to WMF production and CI.Aug 31 2024, 9:24 PM
Reedy added a subtask: T373752: Build php-uuid package, and add to WMF production and CI.
Dogu subscribed.Sep 1 2024, 11:35 PM
bd808 removed a parent task: T364249: New upstream release for Pygments (2.18.0).Sep 30 2024, 10:45 PM
Dringsim subscribed.Oct 5 2024, 4:44 PM
Krinkle updated the task description. (Show Details)Oct 24 2024, 12:39 AM
Krinkle added a subtask: T377042: Support cookie-driven fractional migration to PHP 8.1 deployments of mw-web and mw-api-ext.Oct 24 2024, 6:27 PM
Krinkle updated the task description. (Show Details)
Krinkle mentioned this in T378043: Route requests with PHP_ENGINE=8.1 cookie to "next" deployment via ATS plugin.
Krinkle closed subtask T377987: Prepare sticky cookie for gradual PHP 8.1 rollout as Resolved.Oct 24 2024, 6:29 PM
Krinkle mentioned this in T378299: SpecialPageFatalTest fails for Special:UploadWizard with "Undefined index: defaultCampaign".Oct 27 2024, 11:54 PM
Krinkle added a subtask: T372603: Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition.Nov 11 2024, 3:07 PM
Krinkle updated the task description. (Show Details)
Scott_French closed subtask T372603: Regenerate UcfirstOverrides.php for PHP 7.4 -> 8.1 transition as Resolved.Nov 13 2024, 12:55 AM
Reedy mentioned this in T379834: PHP Deprecated: Automatic conversion of false to array is deprecated.Nov 14 2024, 2:10 AM
Reedy mentioned this in T379868: Could not load user for revision {rev_id}.Nov 14 2024, 2:21 AM
Reedy added a subtask: T379874: PHP 8.1 issues found during WMF rollout/ramp up.Nov 14 2024, 3:29 AM
Jdforrester-WMF mentioned this in T379930: Use WeakMap instead of an array in RestrictedEntityLookupFactory.Nov 14 2024, 4:27 PM
Scott_French added a subtask: T372604: Turn up PHP 8.1-flavored mw-debug k8s deployment.Nov 14 2024, 11:59 PM
Scott_French added a subtask: T379986: Testing and verification of MediaWiki on PHP 8.1 in mwdebug-next.Nov 15 2024, 12:26 AM
Scott_French updated the task description. (Show Details)
Reedy added a parent task: T380185: Prepare for newer geoip2/geoip2 library.Nov 18 2024, 3:34 PM
Scott_French closed subtask T372604: Turn up PHP 8.1-flavored mw-debug k8s deployment as Resolved.Nov 18 2024, 7:35 PM
dduvall closed subtask T370934: Build and publish multiple MediaWiki production images for a given set of PHP versions as Resolved.Nov 19 2024, 7:03 PM
kostajh added a comment.Fri, Nov 22, 7:09 AM

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

MoritzMuehlenhoff added a comment.Fri, Nov 22, 7:26 AM
In T319432#10347278, @kostajh wrote:

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

We do not rely on upstream security support since we backport security patches internally. Our main wiki workloads are on PHP 7.4 and all security patches applicable to 7.4 have been backported, see e.g. https://phabricator.wikimedia.org/T378173 for the previous PHP security releases.

kostajh added a comment.Fri, Nov 22, 8:48 AM
In T319432#10347290, @MoritzMuehlenhoff wrote:
In T319432#10347278, @kostajh wrote:

PHP 8.4 was released yesterday, and PHP 8.1 is now receiving critical security fixes only until December 31, 2025, after which no support is provided:

After this two year period of active support, each branch is then supported for two additional years for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

Perhaps the target for this task should be 8.2, 8.3 or 8.4, to avoid completing the upgrade to 8.1, only to then need to upgrade to a newer version that has some level of security support?

We do not rely on upstream security support since we backport security patches internally. Our main wiki workloads are on PHP 7.4 and all security patches applicable to 7.4 have been backported, see e.g. https://phabricator.wikimedia.org/T378173 for the previous PHP security releases.

I see, thanks for the explanation.

Reedy added a comment.Fri, Nov 22, 1:18 PM

Noting also that getting the k8s stuff done was done before this in attempt to make future upgrades easier..

I’m not sure we’re immediately start going to go to 8.3 or similar when we’re done with the 8.1 upgrade, but it should result in a much shorter timeline going forward

Reedy mentioned this in T379509: [GENERAL] Fix implicit nullable types in Wikibase.Sun, Nov 24, 9:10 PM
Krinkle mentioned this in T380185: Prepare for newer geoip2/geoip2 library.Tue, Nov 26, 7:30 PM
Scott_French updated the task description. (Show Details)Tue, Dec 3, 6:06 PM
Daimona mentioned this in T381728: Use PHP 8.3 in MediaWiki-Docker.Sat, Dec 7, 11:03 PM
bd808 added a subtask: T378752: Install PHP 8.1 on deployment-prep bullseye MediaWiki instances.Mon, Dec 16, 5:09 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits