Page MenuHomePhabricator
Create Task
Maniphest T327006

Bundle Extension:TemplateStyles with MediaWiki core
Closed, ResolvedPublicFeature
Actions

Description

Necessary for any wiki that wants to copy templates from Wikipedia and many other WMF wikis (and increasingly, from third-party wikis as well).

Checklist:

  • Passed discussion or already Wikimedia deployed
  • Passed security review or already Wikimedia deployed
  • Voting CI structure tests
  • Runs MediaWiki-CodeSniffer
  • Runs phan
  • Supports MySQL, SQLite, and Postgres (if there are schema changes)
  • GPL v2 or later compatible license
  • Extension's default configuration provides optimal experience
  • Tested with web installer
  • Any relevant dependencies also bundled
    • wikimedia/css-sanitizer, already in master of vendor, needs to remain when pruning vendor for REL1_44

Details

Related Changes in GitLab:
TitleReferenceAuthorSource BranchDest Branch
settings.yaml: Promote TemplateStyles to being bundledrepos/releng/release!160reedybundle-templatestylesmain
Customize query in GitLab

Related Objects
Search...

Event Timeline

Bugreporter2 created this task.Jan 14 2023, 10:39 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 14 2023, 10:39 AM
Bugreporter2 mentioned this in T317146: Expand the set of bundled extensions and skins in MediaWiki 1.40.Jan 14 2023, 10:42 AM
matej_suchanek merged a task: T327005: Bundle Extension:TemplateStyles with MediaWiki core.Jan 14 2023, 11:04 AM
taavi added projects: TemplateStyles, MediaWiki-Releasing, MW-1.40-release.Jan 14 2023, 11:14 AM
taavi updated the task description. (Show Details)
Dinoguy1000 awarded a token.Jan 14 2023, 4:06 PM
Dinoguy1000 subscribed.
Tgr updated the task description. (Show Details)Jan 14 2023, 9:23 PM
Frostly subscribed.Jan 14 2023, 11:18 PM
Reedy updated the task description. (Show Details)Jan 15 2023, 2:23 AM
Tgr added subscribers: Reedy, Tgr.Jan 15 2023, 4:01 AM

@Reedy I don't think there are any relevant dependencies.

Reedy added a comment.Jan 15 2023, 1:00 PM

css-sanitizer

The item in the check list is vague. Yes it’s already in master, but it’s not currently included in release branches

Tgr added a comment.Jan 15 2023, 8:59 PM

css-sanititer is a Composer dependency. I thought those get packaged automatically in the bundle?

Reedy added a comment.Jan 15 2023, 9:21 PM
In T327006#8526678, @Tgr wrote:

css-sanititer is a Composer dependency. I thought those get packaged automatically in the bundle?

Automatically, as far as what is in the vendor branch (submoduled into the REL1_XX branch) is included. And the REL1_XX branch of vendor is made by (manually, because the tracking of dependancies is hard) trimming the master branch.

Like I say, "Any relevant dependencies also bundled" is vague... It could cover dependant skins/extensions, composer libraries etc.

Bundled would suggest currently included etc. Whereas it's not currently, so it is not currently bundled. It can be (trivially) bundled in future.

I know, it's semantics.

Tgr added a comment.Jan 15 2023, 9:53 PM

Why aren't we just using composer install? There's a security disadvantage in theory, but the moment you install any other extension you'll get vendor code generated by Composer anyway...

In any case, what's the actionable part? The trimming will only happen when REL1_40 is cut, right? Should a notice be added somewhere about css-sanitizer now being a bundle dependency?

(manually, because the tracking of dependancies is hard)

I tried to add more formal tracking at one point but it didn't garner much interest.

Reedy added a comment.Jan 15 2023, 10:09 PM
In T327006#8526704, @Tgr wrote:

Why aren't we just using composer install? There's a security disadvantage in theory, but the moment you install any other extension you'll get vendor code generated by Composer anyway...

We'd have to setup/use composer merge plugin for that to work. As it'd need to know about the core + any skin/extension dependancies...

But then we also lose the pinning of individual packages like we do. As in the composer.json in MW Core, we don't pin every individual and dependant package like we (or at least try to) do in Vendor

In T327006#8526704, @Tgr wrote:

In any case, what's the actionable part? The trimming will only happen when REL1_40 is cut, right? Should a notice be added somewhere about css-sanitizer now being a bundle dependency?

It's part of the bigger issue (as below). It's not uncommon we miss (or leave something extra) in vendor when we do the manual trimming.

In T327006#8526704, @Tgr wrote:

(manually, because the tracking of dependancies is hard)

I tried to add more formal tracking at one point but it didn't garner much interest.

I know :). But just pointing out (for others watching too) how awkward this kinda gets.

Yes, this is all very rough around the edges.

And like I say, what "Any relevant dependencies also bundled" actually means is vague at best.

Bugreporter2 triaged this task as Medium priority.Jan 16 2023, 1:57 PM
Jdforrester-WMF moved this task from Blocker to Bundling on the MW-1.40-release board.Feb 7 2023, 5:57 PM
Jdforrester-WMF removed a project: MW-1.40-release.Mar 28 2023, 9:37 PM
Jdforrester-WMF mentioned this in T333405: Expand the set of bundled extensions and skins in MediaWiki 1.44.
stjn awarded a token.Feb 22 2024, 10:13 PM
Prod subscribed.Feb 23 2024, 2:12 AM
Emicraft awarded a token.Sep 10 2024, 11:24 PM
Pcoombe awarded a token.Sep 10 2024, 11:46 PM
Izno awarded a token.Sep 11 2024, 1:46 AM
Bugreporter2 added a comment.Feb 12 2025, 3:14 AM

Why is the checklist vague? Why not make it less vague? Then you can't hide behind it as an excuse to avoid doing something - or have I discovered the reason why it's vague?

Izno added a parent task: T333405: Expand the set of bundled extensions and skins in MediaWiki 1.44.Feb 12 2025, 3:26 AM
CodeReviewBot added a comment.Apr 10 2025, 9:33 PM

reedy updated https://gitlab.wikimedia.org/repos/releng/release/-/merge_requests/160

settings.yaml: Promote TemplateStyles to being bundled

Jdforrester-WMF added a project: MW-1.44-release.Apr 10 2025, 9:48 PM
Jdforrester-WMF added subscribers: MSantos, Jdforrester-WMF.

I think new additions / removals in the bundle should get sign-off from the MW releasing process from a Product/etc. POV – that'd be @MSantos. Is this OK?

Bugreporter2 awarded a token.Apr 13 2025, 1:54 AM
MSantos moved this task from Blocker to Bundling on the MW-1.44-release board.Apr 14 2025, 4:04 PM
In T327006#10731862, @Jdforrester-WMF wrote:

I think new additions / removals in the bundle should get sign-off from the MW releasing process from a Product/etc. POV – that'd be @MSantos. Is this OK?

LGTM.

CodeReviewBot added a comment.Apr 16 2025, 12:42 PM

jforrester merged https://gitlab.wikimedia.org/repos/releng/release/-/merge_requests/160

settings.yaml: Promote TemplateStyles to being bundled

Jdforrester-WMF added a comment.Apr 16 2025, 12:53 PM

OK, this will Just Work™ when the bundle is made using the script.

Remaining work:

  • Add an entry about this to the release notes for MW itself, and
  • Double-check when pruning vendor that new things are included (looking at the composer.json we'll need to add wikimedia/css-sanitizer, but in extension.json there's nothing new).
Jdforrester-WMF updated the task description. (Show Details)Apr 16 2025, 12:55 PM
dancy subscribed.Apr 17 2025, 3:16 PM

The periodic (twice a day) "MediaWiki branch and publish WMF single-version image" job on https://releases-jenkins.wikimedia.org/ is currently failing with:

00:36:51 MediaWiki wmf/next successfully checked out.
00:36:51 Finished scap prep next (duration: 04m 33s)
00:36:52 Started scap build-images: publishing wmf/next image
00:36:52 Started cache_git_info
00:36:54 Finished cache_git_info (duration: 00m 01s)
00:36:54 Started update_localization_cache
00:36:54 Creating empty /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/wmf-config/ExtensionMessages-next.php
00:36:54 Bootstrapping l10n cache for next
00:36:54 Running rebuildLocalisationCache.php
00:36:57 Error: The TemplateStyles extension cannot be loaded. Check that all of its files are installed properly.
00:36:57 
00:36:57 #0 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/includes/GlobalFunctions.php(59): MediaWiki\Registration\ExtensionRegistry->queue('/srv/jenkins-ag...')
00:36:57 #1 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/wmf-config/CommonSettings.php(2630): wfLoadExtension('TemplateStyles')
00:36:57 #2 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/LocalSettings.php(4): require('/srv/jenkins-ag...')
00:36:57 #3 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/includes/Setup.php(230): require_once('/srv/jenkins-ag...')
00:36:57 #4 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/maintenance/run.php(49): require_once('/srv/jenkins-ag...')
00:36:57 #5 /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/multiversion/MWScript.php(221): require_once('/srv/jenkins-ag...')
00:36:57 #6 {main}
00:36:57 Fatal error: Error Loading extension. Unable to open file /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/extensions/TemplateStyles/extension.json: filemtime(): stat failed for /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/extensions/TemplateStyles/extension.json in /srv/jenkins-agent/workspace/MediaWiki publish WMF single-version image/mediawiki/php-next/includes/registration/MissingExtensionException.php on line 102
Jdforrester-WMF added a comment.Apr 17 2025, 3:44 PM

That's most odd. TemplateStyles was already in the pull-list and so this shouldn't have had any effect. Looking at https://gitlab.wikimedia.org/repos/releng/jenkins-deploy it's not obvious to me but I don't think there's a secondary list of extensions to pull?

Jdforrester-WMF added a comment.Apr 17 2025, 3:48 PM

Also we added CheckUser at the same time, and presumably if it was going alphabetically it'd be loaded first. Both appear in wmf-config/extension-list in the same fashion.

Jdforrester-WMF added a comment.Apr 17 2025, 4:56 PM

(Fixed via https://gitlab.wikimedia.org/repos/releng/release/-/merge_requests/166.)

Bugreporter2 mentioned this in T395642: Central repository for modules, templates, CSS..May 30 2025, 2:22 AM
Kristbaum subscribed.May 30 2025, 11:10 AM
Bugreporter2 added a comment.Jun 21 2025, 2:39 AM

Why isn't this mentioned in the 1.44 release notes?

https://github.com/wikimedia/mediawiki/blob/master/RELEASE-NOTES-1.44

It should be mentioned under "Upgrading Notes" similar to https://www.mediawiki.org/wiki/Release_notes/1.40

Reedy closed this task as Resolved.Jun 25 2025, 12:34 AM
Reedy claimed this task.
Bugreporter2 added a comment.Jun 25 2025, 12:56 AM

There's still no mention in the release notes!

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits