Page MenuHomePhabricator
People Reedy

Reedy (Sam Reed)
Breaker of WikisAdministrator

Projects (31)
View All

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Sep 24 2014, 6:58 PM (263 w, 5 d)
Roles
Administrator
Availability
Available
IRC Nick
Reedy
LDAP User
Reedy
MediaWiki User
Reedy [ Global Accounts ]

Recent Activity
View All

Today

Reedy renamed T235427: Serve volatile uri from local site from Serve volatile uri from local site. to Serve volatile uri from local site.
Mon, Oct 14, 2:18 PM · Patch-For-Review, Operations, Puppet
Reedy added a comment to T235392: I09a178e5c6938954edb2949f13660227d6a01fbc breaks extension Semantic MediaWiki.

I'm struggling to see how "deprecation procedures" can necessarily be followed, as this isn't deprecation for removal, like that policy is mostly aimed towards.

Mon, Oct 14, 2:16 PM · Parsing-Team, MW-1.34-release, Patch-For-Review, MediaWiki-Parser
Reedy added a project to T235436: Vagrant installation fails: MediaWiki-Vagrant.

This is related to T232354: New vagrant instance not setting password for `admin` user to `vagrant`

Mon, Oct 14, 2:15 PM · Readers-Web-Backlog (Tracking), MediaWiki-Vagrant, WMSE-Bug-Reporting-and-Translation-2019, MobileFrontend
Reedy closed T235316: PHP Notice: Undefined property: stdClass::$page_namespace, a subtask of T233850: 1.35.0-wmf.2 deployment blockers, as Resolved.
Mon, Oct 14, 2:02 PM · Release, Train Deployments
Reedy closed T235316: PHP Notice: Undefined property: stdClass::$page_namespace as Resolved.
Mon, Oct 14, 2:02 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, MediaWiki-API, Core Platform Team Workboards (Clinic Duty Team), Core Platform Team, Wikimedia-production-error
Reedy removed a project from T192168: project to understand tooling: Patch-For-Review.
Mon, Oct 14, 8:29 AM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Design-Research
Reedy added a comment to T235403: Unable to update translatewiki.net: romaricdrigon/metayaml 1.1 requires symfony/yaml ~2.3|~3.0.

Master has a fix for that, so it could mostly just be asking them to release the fix - https://github.com/romaricdrigon/MetaYaml/commit/1481b99679b29cbb50c88f3e10e4951ac64b8ad3

Mon, Oct 14, 7:53 AM · MediaWiki-General, translatewiki.net, MediaWiki-extensions-Translate

Yesterday

Reedy added a comment to T235389: IP Address ranges (CIDR) are stored as strings and cannot be queried.
In T235389#5571256, @dbarratt wrote:
In T235389#5571221, @Reedy wrote:

And FWIW, CheckUser stores IPs as the string and as a hexadecimal representation, which it uses for IP comparison and maths...

Yes, so does ipblocks, but wikibase does not have a way to store ranges in hexadecimal format, so rather than building one, it would be simpler to store them in decimal format.

Sun, Oct 13, 5:46 PM · Wikidata, MediaWiki-extensions-WikibaseRepository
Reedy added a project to T122296: Allow checking by last 64 bits of an IPv6 address: IPv6.
Sun, Oct 13, 5:04 PM · IPv6, Stewards-and-global-tools, CheckUser
Reedy added a comment to T235389: IP Address ranges (CIDR) are stored as strings and cannot be queried.

And FWIW, CheckUser stores IPs as the string and as a hexadecimal representation, which it uses for IP comparison and maths...

Sun, Oct 13, 4:56 PM · Wikidata, MediaWiki-extensions-WikibaseRepository
Reedy added a comment to T235389: IP Address ranges (CIDR) are stored as strings and cannot be queried.

Given the IP address 198.35.26.5 it is impossible to reason that the IP address belongs to Wikimedia Foundation.

Sun, Oct 13, 4:49 PM · Wikidata, MediaWiki-extensions-WikibaseRepository
Reedy renamed T235382: MariaDB User s54171, access denied on replicas. from MariaDB User s54171, assess denided on replicas. to MariaDB User s54171, access denied on replicas..
Sun, Oct 13, 2:57 PM · cloud-services-team (Kanban), Data-Services

Sat, Oct 12

Reedy added a project to T235352: Remove polyfill's from DonationInterface vendor: Fundraising-Backlog.
Sat, Oct 12, 9:56 PM · Fundraising-Backlog, MediaWiki-extensions-DonationInterface
Reedy updated the task description for T235352: Remove polyfill's from DonationInterface vendor.
Sat, Oct 12, 9:55 PM · Fundraising-Backlog, MediaWiki-extensions-DonationInterface
Reedy created T235352: Remove polyfill's from DonationInterface vendor.
Sat, Oct 12, 9:51 PM · Fundraising-Backlog, MediaWiki-extensions-DonationInterface
Reedy added projects to T235338: "Currently active MediaWiki versions:" broken on noc/conf: Scap, Release-Engineering-Team, Operations.

Current implementation:

Sat, Oct 12, 4:05 PM · User-jijiki, serviceops, Operations, Release-Engineering-Team, Scap, Wikimedia-General-or-Unknown
Reedy created T235338: "Currently active MediaWiki versions:" broken on noc/conf.
Sat, Oct 12, 4:04 PM · User-jijiki, serviceops, Operations, Release-Engineering-Team, Scap, Wikimedia-General-or-Unknown
Reedy added a comment to T235334: ErrorException from line 596 of /srv/mediawiki/php-1.35.0-wmf.1/includes/api/ApiQueryBase.php: PHP Notice: Undefined property: stdClass::$page_namespace.

Reverting out of 1.35.0-wmf.1 (for now), due to ~240K errors in 90 minutes on enwiki

Sat, Oct 12, 4:02 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), Patch-For-Review, MW-1.34-release, Core Platform Team, MediaWiki-API, Operations, Wikimedia-production-error
Reedy added a project to T235334: ErrorException from line 596 of /srv/mediawiki/php-1.35.0-wmf.1/includes/api/ApiQueryBase.php: PHP Notice: Undefined property: stdClass::$page_namespace: MW-1.34-release.
Sat, Oct 12, 3:59 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), Patch-For-Review, MW-1.34-release, Core Platform Team, MediaWiki-API, Operations, Wikimedia-production-error
Reedy updated subscribers of T235334: ErrorException from line 596 of /srv/mediawiki/php-1.35.0-wmf.1/includes/api/ApiQueryBase.php: PHP Notice: Undefined property: stdClass::$page_namespace.

I think https://github.com/wikimedia/mediawiki/commit/a8525d7201dada88f3117142fe1919d0b9b80d4e is to blame

Sat, Oct 12, 3:59 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), Patch-For-Review, MW-1.34-release, Core Platform Team, MediaWiki-API, Operations, Wikimedia-production-error
Reedy updated the task description for T235334: ErrorException from line 596 of /srv/mediawiki/php-1.35.0-wmf.1/includes/api/ApiQueryBase.php: PHP Notice: Undefined property: stdClass::$page_namespace.
Sat, Oct 12, 3:52 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), Patch-For-Review, MW-1.34-release, Core Platform Team, MediaWiki-API, Operations, Wikimedia-production-error
Reedy added a project to T235334: ErrorException from line 596 of /srv/mediawiki/php-1.35.0-wmf.1/includes/api/ApiQueryBase.php: PHP Notice: Undefined property: stdClass::$page_namespace: MediaWiki-API.
Sat, Oct 12, 3:50 PM · MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), Patch-For-Review, MW-1.34-release, Core Platform Team, MediaWiki-API, Operations, Wikimedia-production-error

Fri, Oct 11

Reedy closed T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch, a subtask of T235266: Composer Library Updates, as Resolved.
Fri, Oct 11, 7:55 PM · Composer, MediaWiki-General
Reedy closed T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch as Resolved.

Sorted now. Some possible bumps to be done, but that’s a different problem

Fri, Oct 11, 7:55 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy triaged T235266: Composer Library Updates as Normal priority.
Fri, Oct 11, 1:59 PM · Composer, MediaWiki-General
Reedy added a parent task for T121947: Update zordius/lightncandy: T235266: Composer Library Updates.
Fri, Oct 11, 1:59 PM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added a parent task for T215853: Wikidata vendor version updates (Feb 2019): T235266: Composer Library Updates.
Fri, Oct 11, 1:59 PM · wikidata-tech-focus, MediaWiki-Vendor, Wikidata-Campsite, Wikidata
Reedy added a parent task for T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch: T235266: Composer Library Updates.
Fri, Oct 11, 1:59 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy added subtasks for T235266: Composer Library Updates: T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch, T215853: Wikidata vendor version updates (Feb 2019), T121947: Update zordius/lightncandy.
Fri, Oct 11, 1:59 PM · Composer, MediaWiki-General
Reedy created T235266: Composer Library Updates.
Fri, Oct 11, 1:58 PM · Composer, MediaWiki-General
Reedy added a project to T235265: Slow query on SpecialMostLinked creating lag on wikidata slaves: Performance Issue.
Fri, Oct 11, 1:50 PM · Performance Issue, Core Platform Team Workboards (Clinic Duty Team), Wikidata, MediaWiki-Special-pages
Reedy added a project to T235246: ExpandTemplates XML tree fails with only template argument: MediaWiki-Parser.
Fri, Oct 11, 1:49 PM · MediaWiki-Parser, MediaWiki-Special-pages
Reedy added projects to T235263: Make it possible to bypass automatic redirection to exact matches in commons: Commons, Discovery, MediaWiki-Search.
Fri, Oct 11, 1:48 PM · Patch-For-Review, Discovery-Search, MediaWiki-Search, Discovery, Commons
Reedy changed the visibility for T234987: Increase pbkdf2 parameter strengths (2019).
Fri, Oct 11, 1:27 PM · Wikimedia-Site-requests, MediaWiki-Authentication-and-authorization, Security-Team, Security
Reedy added a comment to T234987: Increase pbkdf2 parameter strengths (2019).
In T234987#5564319, @sbassett wrote:
In T234987#5557911, @Reedy wrote:

I filed this as a security bug. I honestly don't know if it needs to be. As it's basically ongoing hardening

It's all in CommonSettings.php, right? I'd guess this can probably be public.

Fri, Oct 11, 1:27 PM · Wikimedia-Site-requests, MediaWiki-Authentication-and-authorization, Security-Team, Security
Reedy added a comment to T215853: Wikidata vendor version updates (Feb 2019).

HHVM is definitely gone now :)

Fri, Oct 11, 1:27 PM · wikidata-tech-focus, MediaWiki-Vendor, Wikidata-Campsite, Wikidata
Reedy added a comment to T224949: Failed to access name from slot_roles using id = 1.
In T224949#5566036, @daniel wrote:
In T224949#5565266, @Reedy wrote:

I got bored of just kicking the failing test can down the road after 5 supporting backports to REL1_32 and REL1_33 to help this change

So when someone runs into that problem while installing 1.32 or 1.33, we just tell them to install 1.34 instead? Seems acceptable, since this seems to be rare enough.

Fri, Oct 11, 1:19 PM · MW-1.34-notes, MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), CPT Initiatives (MCR), Core Platform Team Workboards (Clinic Duty Team), MW-1.34-release, Multi-Content-Revisions (Reactive), MW-1.33-release, Patch-For-Review, MW-1.32-release, MediaWiki-General
Reedy committed rECIR1eaccfd8ba2c: Upgrade symfony/yaml from 3.4.31 to 4.3.4 (authored by Reedy).
Upgrade symfony/yaml from 3.4.31 to 4.3.4
Fri, Oct 11, 6:45 AM
Reedy committed rECIR5d39348abc7d: Drop HHVM support (authored by Daimona).
Drop HHVM support
Fri, Oct 11, 3:16 AM
Reedy committed rECIRc153fe8ab493: Kill checks for HHVM (authored by MaxSem).
Kill checks for HHVM
Fri, Oct 11, 3:14 AM
Reedy reopened T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch as "Open".

Except, it still clung onto the old versions...

Fri, Oct 11, 2:19 AM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy added a reverting change for rEELAe29a4af5beb1: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch: rEELAbf50f8725177: Revert version back to 6.0.2.
Fri, Oct 11, 1:54 AM
Reedy committed rEELAbf50f8725177: Revert version back to 6.0.2 (authored by Reedy).
Revert version back to 6.0.2
Fri, Oct 11, 1:54 AM
Reedy added a reverting change for rEELAe29a4af5beb1: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch: rEELAb33d985253e5: Revert version back to 6.0.2.
Fri, Oct 11, 1:48 AM
Reedy committed rEELAb33d985253e5: Revert version back to 6.0.2 (authored by Reedy).
Revert version back to 6.0.2
Fri, Oct 11, 1:48 AM
Reedy closed T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch as Resolved.

Version bump reverted, as it's tracking ruflin/elastica versions

Fri, Oct 11, 1:44 AM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy committed rECIR4e626b68212d: Remove php requirement from composer.json (authored by Reedy).
Remove php requirement from composer.json
Fri, Oct 11, 1:35 AM
Reedy added a comment to T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch.

I think the only thing that is outstanding, but not tagged to this task is the commit to bump CirrusSearch to use the Elastica version with the versions of the libraries that don't require >= 5.6.99 - https://gerrit.wikimedia.org/r/#/c/mediawiki/extensions/CirrusSearch/+/542270/ but Cindy doesn't like it, for reasons I don't quite understand

Fri, Oct 11, 1:34 AM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy committed rECIR9378e7ccf197: Removing composer/installers from composer.json (authored by Reedy).
Removing composer/installers from composer.json
Fri, Oct 11, 1:29 AM
Reedy added a project to T235238: What versions of PHP does upstream actually support?: Documentation.
Fri, Oct 11, 1:28 AM · MediaWiki-Installer, Documentation
Reedy triaged T235238: What versions of PHP does upstream actually support? as Lowest priority.
Fri, Oct 11, 1:27 AM · MediaWiki-Installer, Documentation
Reedy created T235238: What versions of PHP does upstream actually support?.
Fri, Oct 11, 1:27 AM · MediaWiki-Installer, Documentation
Reedy added a comment to T224949: Failed to access name from slot_roles using id = 1.

I got bored of just kicking the failing test can down the road after 5 supporting backports to REL1_32 and REL1_33 to help this change

Fri, Oct 11, 1:17 AM · MW-1.34-notes, MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), CPT Initiatives (MCR), Core Platform Team Workboards (Clinic Duty Team), MW-1.34-release, Multi-Content-Revisions (Reactive), MW-1.33-release, Patch-For-Review, MW-1.32-release, MediaWiki-General
Reedy committed rEELA5d8a04e173c4: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch (authored by Reedy).
Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch
Fri, Oct 11, 1:12 AM
Reedy committed rECIRcde438fc0255: Removing composer/installers from composer.json (authored by Reedy).
Removing composer/installers from composer.json
Fri, Oct 11, 12:34 AM
Reedy committed rEELAe29a4af5beb1: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch (authored by Reedy).
Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch
Fri, Oct 11, 12:33 AM

Thu, Oct 10

Reedy added a parent task for T176370: Migrate to PHP 7 in WMF production: T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch.
Thu, Oct 10, 11:34 PM · MW-1.34-notes (1.34.0-wmf.22; 2019-09-10), CPT Initiatives (PHP7 (TEC4)), Patch-For-Review, TechCom-RFC (TechCom-Approved), User-ArielGlenn, HHVM, Operations
Reedy added a parent task for T192166: Drop HHVM support from MediaWiki: T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch.
Thu, Oct 10, 11:34 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, TechCom, Core Platform Team Legacy (Watching / External), Patch-For-Review, HHVM
Reedy added subtasks for T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch: T192166: Drop HHVM support from MediaWiki, T176370: Migrate to PHP 7 in WMF production.
Thu, Oct 10, 11:34 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy created T235233: Stop using PHP5 versions of ruflin/elastica and elasticsearch/elasticsearch.
Thu, Oct 10, 11:33 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Discovery-Search, CirrusSearch
Reedy added a project to T235228: Can't undelete a file: Wikimedia-production-error.
Thu, Oct 10, 11:16 PM · media-storage, Wikimedia-production-error
Reedy closed T235230: OATHAuth does not parse wikitext syntax correctly as Invalid.
In T235230#5564890, @RhinosF1 wrote:

@Reedy not on the current one but in T226059 you mentioned adding links which can't be done with this 'issue'

Thu, Oct 10, 10:51 PM · User-RhinosF1, MediaWiki-extensions-OATHAuth
Reedy added a comment to T235230: OATHAuth does not parse wikitext syntax correctly.

This isn't a bug, it's a feature request

Thu, Oct 10, 10:49 PM · User-RhinosF1, MediaWiki-extensions-OATHAuth
Reedy closed T234766: Consider what PHP 7.2 point release to use, a subtask of T196206: Bump symfony libraries when we no longer need hhvm support, as Resolved.
Thu, Oct 10, 8:35 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Patch-For-Review, MediaWiki-General
Reedy closed T234766: Consider what PHP 7.2 point release to use as Resolved.
Thu, Oct 10, 8:35 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, Patch-For-Review, PHP 7.2 support, MW-1.34-release, MediaWiki-General
Reedy updated the task description for T235211: Extension:LDAP_Authentication is out of date.
Thu, Oct 10, 7:46 PM · Documentation, MediaWiki-extensions-LdapAuthentication
Reedy created T235211: Extension:LDAP_Authentication is out of date.
Thu, Oct 10, 7:44 PM · Documentation, MediaWiki-extensions-LdapAuthentication
Reedy added a comment to T235160: Decide whether extensions should set a PHP version requirement in composer.json.

T197535: extension.json should be able to express dependency on PHP version / PHP extension version

Thu, Oct 10, 7:34 PM · PHP 7.0 support, TechCom
Reedy added a parent task for T234766: Consider what PHP 7.2 point release to use: T196206: Bump symfony libraries when we no longer need hhvm support.
Thu, Oct 10, 7:25 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, Patch-For-Review, PHP 7.2 support, MW-1.34-release, MediaWiki-General
Reedy removed a parent task for T234767: Bump PHP support version in composer.json: T196206: Bump symfony libraries when we no longer need hhvm support.
Thu, Oct 10, 7:25 PM · MW-1.34-notes, MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Release-Engineering-Team-TODO (201910), MediaWiki-General
Reedy edited subtasks for T196206: Bump symfony libraries when we no longer need hhvm support, added: T234766: Consider what PHP 7.2 point release to use; removed: T234767: Bump PHP support version in composer.json.
Thu, Oct 10, 7:25 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Patch-For-Review, MediaWiki-General
Reedy added a parent task for T234767: Bump PHP support version in composer.json: T234766: Consider what PHP 7.2 point release to use.
Thu, Oct 10, 7:25 PM · MW-1.34-notes, MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), Release-Engineering-Team-TODO (201910), MediaWiki-General
Reedy added a subtask for T234766: Consider what PHP 7.2 point release to use: T234767: Bump PHP support version in composer.json.
Thu, Oct 10, 7:25 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, Patch-For-Review, PHP 7.2 support, MW-1.34-release, MediaWiki-General
Reedy added a comment to T235160: Decide whether extensions should set a PHP version requirement in composer.json.
In T235160#5564075, @MGChecker wrote:

I implemented the php requirements for extension.json, and @Legoktm and me thought it should be used the same way @Daimona proposes: A php requirement should only be specified, if an extension requires a php version higher than the minimum supported php version for the minimum supported MW core version. I think for composer.json, we should use the same approach.

Thu, Oct 10, 6:50 PM · PHP 7.0 support, TechCom
Reedy added a comment to T234766: Consider what PHP 7.2 point release to use.

Debian stable is on 7.3 so that's all good. Old stable is 7.0 so we don't care

Thu, Oct 10, 6:49 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, Patch-For-Review, PHP 7.2 support, MW-1.34-release, MediaWiki-General
Reedy added a project to T234766: Consider what PHP 7.2 point release to use: PHP 7.2 support.
Thu, Oct 10, 6:45 PM · MW-1.35-notes (1.35.0-wmf.2; 2019-10-15), MW-1.34-notes, Patch-For-Review, PHP 7.2 support, MW-1.34-release, MediaWiki-General
Reedy added projects to T235207: Some MediaWiki API call examples show an empty result set due to chosen query parameters: MediaWiki-API, Documentation.
Thu, Oct 10, 6:39 PM · Documentation, MediaWiki-API, Core Platform Team
Reedy added a comment to T235207: Some MediaWiki API call examples show an empty result set due to chosen query parameters.

It's been at MediaWiki for 14 years - https://www.mediawiki.org/w/index.php?title=MediaWiki:Mainpage&action=history

Thu, Oct 10, 6:39 PM · Documentation, MediaWiki-API, Core Platform Team
Reedy added a project to T234242: [betalabs-regression] Cannot create a topic on Structured discussion: Beta-Cluster-Infrastructure.
Thu, Oct 10, 5:19 PM · Beta-Cluster-Infrastructure, Growth-Team, StructuredDiscussions
Reedy added a comment to T233963: Add serialization options to RESTBagOStuff.
In T233963#5563743, @BPirkle wrote:

@Reedy, the OATHAuth and WebAuthn patches look like they're generally on the right track to me and unless that approach proves to be unnecessarily painful, I'd recommend continuing that direction.
This change (the one I'm commenting on, which modified RESTBagOStuff) gave us the flexibility to pick either PHP or JSON serialization for sessions stored in Kask. But that leaves the open question "which are we actually going to use", which was raised in T233537: Document and communicate potentially breaking session storage serialization change.
Which leaves the people working on OATHAuth and WebAuthn in a rough spot, because you need to know that things you store in sessions will work.
The safest approach is to do exactly what those patches are already doing - ensure that you aren't storing proper PHP objects. The alternative is to go ahead and have the discussion about which format we're actually going to use. But I think we're all on various short timelines and resolving that quickly might be challenging.
Is that helpful at all?
I made a comment on one of the patches regarding nesting, and some test code that I played around with locally.

Thu, Oct 10, 5:10 PM · MW-1.34-notes, MW-1.35-notes (1.35.0-wmf.1; 2019-10-08), MW-1.34-release, Core Platform Team Workboards (Green), CPT Initiatives (Session Management Service (CDP2))
Reedy added a comment to T235138: MW-Vagrant browsertests class attempts to create a user with blacklisted password.

See also T215798: Insecure password warning seems to break local Selenium tests and T232354: New vagrant instance not setting password for `admin` user to `vagrant`

Thu, Oct 10, 2:18 PM · Browser-Tests, MediaWiki-Vagrant
Reedy renamed T235138: MW-Vagrant browsertests class attempts to create a user with blacklisted password from MW-Vagrant browsertests class atempts to create a user with blacklisted password to MW-Vagrant browsertests class attempts to create a user with blacklisted password.
Thu, Oct 10, 2:17 PM · Browser-Tests, MediaWiki-Vagrant
Reedy added a comment to T235160: Decide whether extensions should set a PHP version requirement in composer.json.

I (@Daimona) think that extensions should *not* have an explicit PHP version requirement, unless it's (meant to be) different from the one in core.

Thu, Oct 10, 2:04 PM · PHP 7.0 support, TechCom

Wed, Oct 9

Reedy committed rEWAT25166acf7c9e: Require OATHAuth 0.4.3 (authored by Reedy).
Require OATHAuth 0.4.3
Wed, Oct 9, 10:38 PM
Reedy committed rEWAT744cc61329d8: Require OATHAuth 0.4.3 (authored by Reedy).
Require OATHAuth 0.4.3
Wed, Oct 9, 10:38 PM
Reedy committed rEMVI373012425462: Require monolog/monolog ^1.24 (authored by Reedy).
Require monolog/monolog ^1.24
Wed, Oct 9, 10:16 PM
Reedy committed rEMVIe9667b129cc1: Require monolog/monolog ^1.24 (authored by Reedy).
Require monolog/monolog ^1.24
Wed, Oct 9, 10:16 PM
Reedy closed T232008: Ability to overwrite 2FA method without providing/re-auth using existing secondary authentication method, a subtask of T218214: SO878 Step 3: Finalize settings and user experience, as Resolved.
Wed, Oct 9, 9:25 PM · CPT Initiatives (Two-Factor Authentication (TEC1)), Core Platform Team Workboards (Contractor Workboard), MediaWiki-extensions-OATHAuth
Reedy closed T232008: Ability to overwrite 2FA method without providing/re-auth using existing secondary authentication method as Resolved.
Wed, Oct 9, 9:25 PM · MW-1.34-notes (1.34.0-wmf.25; 2019-10-01), CPT Initiatives (Two-Factor Authentication (TEC1)), Core Platform Team Workboards (Contractor Workboard), MediaWiki-extensions-OATHAuth
Reedy added a comment to T235018: >>> UNRECOVERABLE FATAL ERROR <<< after update.

Is this a bug about Phabricator? I think you might be reporting it in the wrong place...

Wed, Oct 9, 8:58 AM
Reedy added a comment to T121947: Update zordius/lightncandy.
In T121947#5558144, @Jdlrobson wrote:
In T121947#5558095, @Krinkle wrote:

This library is using extreme measures with regards to security and performance. It only barely got through our 2015 audit, with a lot of work on our end to integrate and contain it. I think if this were proposed as a new library today, I don't think we'd be as lenient.

Is using another more minimal mustache template library an optional? If so I'd suggest doing that and marking the lightncandy library as deprecated.
Supporting custom helpers such as ifCond was certainly out of scope when we put templating in core. My understanding was Mustache was chosen for the very fact it was minimal.

Wed, Oct 9, 7:58 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added a comment to T121947: Update zordius/lightncandy.

Current failure on core from flow...

Wed, Oct 9, 1:42 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added projects to T235011: API query times out: MediaWiki-API, Performance Issue.
Wed, Oct 9, 12:54 AM · Core Platform Team, Performance Issue, MediaWiki-API
Reedy added a comment to T121947: Update zordius/lightncandy.

Vendor failing due to what is basically a cyclic dependancy on it and core

Wed, Oct 9, 12:45 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added a comment to T121947: Update zordius/lightncandy.
In T121947#5558066, @Jdlrobson wrote:

I guess first step would be to restore the upgrade and take a look at the test failures. To be honest I'm surprised to see direct usage of LightNCandy in this way. I thought TemplateParser was the only public class we support.
I know a little about Flow so hopefully I can do some of the upgrading there if needed but I'd like to understand if there's any Minerva problems.

Wed, Oct 9, 12:38 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added a comment to T121947: Update zordius/lightncandy.

An amusing one to me was finding this in BlueSpice Foundation to just add helpers...

Wed, Oct 9, 12:24 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy added a comment to T121947: Update zordius/lightncandy.
In T121947#5558018, @Jdlrobson wrote:

Do the breaking changes impact Flow only? This seems pretty serious and I'm surprised this has been sitting here since 2015. Is there anything I can do to help?

Wed, Oct 9, 12:16 AM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor

Tue, Oct 8

Reedy added a comment to T235008: ExampleSkin should use mustache template for HTML.

I do feel if we're going to be suggesting this is the way forward to do things (for whatever reasons)... We should get some love to lightncandy in MW Core and extensions that use it, rather than just sitting on an old unsupported version which is 0.23

Tue, Oct 8, 11:57 PM · User-Jdlrobson, Example (skin)
Reedy updated the task description for T121947: Update zordius/lightncandy.
Tue, Oct 8, 11:56 PM · Readers-Web-Backlog (Tracking), Performance-Team, Security-Team, Patch-For-Review, Growth-Team, StructuredDiscussions, MediaWiki-extensions-DonationInterface, MediaWiki-Vendor
Reedy closed T110418: vendor/zordius - file permissions trigger debian lintian warnings as Resolved.
Tue, Oct 8, 11:54 PM · Upstream, MediaWiki-Vendor
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL