[16:27:22] <tgr>	 anomie: captchas need a hidden ID to link to the solution stored in memcache; I can't use the AuthManager session for that because that's initialized by begin* which is only called on the POST request, the GET just calls getAuthenticationRequests to build the form
[16:27:40] <tgr>	 any objections to introducing a 'hidden' authrequest field type?
[16:28:21] <tgr>	 I could make it a string and use the form change hook to turn it into a hidden field, but a separate type seems cleaner
[16:30:49] <anomie>	 tgr: Nope, go ahead and add a "hidden" type.
[17:43:22] <csteipp>	 SMalyshev: What static analysis tool are you running on php?
[17:43:29] <SMalyshev>	 csteipp: phan
[17:45:59] <SMalyshev>	 csteipp: this one: https://github.com/etsy/phan - Erik should know more details
[17:46:24] <SMalyshev>	 csteipp: this is the plan on how to run it: https://gerrit.wikimedia.org/r/#/c/283560/
[17:53:21] <bd808>	 I should really add some phpenv stuff to mw-vagrant
[17:53:31] <bd808>	 that would make things like this easier to handle
[18:22:37] * anomie is both surprised and not really surprised at how not-really-difficult https://gerrit.wikimedia.org/r/#/c/284499/ was to do
[18:29:09] <bd808>	 anomie: neat! we kept waving our hands and hoping it would be easy
[18:29:28] <anomie>	 bd808: Yeah, I'm a little surprised we were right about that.
[18:29:57] <anomie>	 So far, anyway...
[18:30:40] <bd808>	 I'll take a look at it after I eat something.
[18:30:53] <anomie>	 ok