[11:53:12] Fundraising-Backlog, MediaWiki-extensions-CentralNotice, Security, User-revi: &banner causes CSP warning - https://phabricator.wikimedia.org/T199055 (revi) >>! In T199055#4406571, @AndyRussG wrote: > > @revi can you please try previewing the banner when logged out, and see if you still get the w... [14:25:05] (PS2) Mepps: WIP Move to problem array, split out functions [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445535 (https://phabricator.wikimedia.org/T194517) [14:26:15] morningsies [14:27:30] good morning AndyRussG [14:28:01] mepps: Good morning! If you want to talk stuff out live I'm available for chat whenever. [14:28:35] great ejegg, i actually just got tests passing this morning if you want to take a look [14:28:40] fundraising-tech-ops: Staging access for Saurabh - https://phabricator.wikimedia.org/T199373 (cwdent) @saurabhbatra96 needs a Yubikey, if shipping is going to cause an inconvenient delay we may be able to work out other authentication in the mean time. [14:28:42] oh cool [14:29:12] i may do more but i'd be curious to hear your thoughts on the general direction [14:30:04] mepps looks like a chain of 3 patches, right? [14:30:11] yup ejegg [14:30:29] the first one isn't well named, i can go back and fix that [14:30:43] but it's just get pulling out the loop and getting the pending handling in [14:30:57] ok [14:31:50] the second one handles these flag variables and changes from the if/else logic to a switch statement which actually didn't totally work correctly (maybe i should combine that one with the last one?) the last one consolidates the problem variables and pulls out the handling of the cases into separate functions [14:32:53] hmm i guess tests are passing on the second patch (and they seem pretty robust) so maybe it works okay [14:33:32] ejegg mepps :) [14:34:43] morning AndyRussG! [14:34:58] brb about to walk to a coffee shop [14:35:18] mepps so, the whole reason for the loop was the possibility that we would need to run the do_finishpayment and then run the get_orderstatus again, I think [14:37:11] Fundraising Sprint Karma chameleons hide amongst us, Fundraising Sprint Lactose is unusually tolerant, Fundraising Sprint Matt Damon to head up Space Force, Fundraising Sprint Naming Sprints Is Not Important, and 2 others: Civi: enable Force Merge Selected ... - https://phabricator.wikimedia.org/T193674 [14:40:34] Wikimedia-Fundraising-Banners: All banner images should be inline SVG where possible - https://phabricator.wikimedia.org/T199147 (schoenbaechler) I’ve updated all control banners with inline svg’s @Pcoombe Re Standardizing: I created an svg version based on the [[ https://upload.wikimedia.org/wikipedia/dona... [14:48:56] (CR) Ejegg: "'cancel' should prevail over 'problem'" [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445534 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [14:50:23] (CR) Ejegg: "Definitely nice to get rid of the loop!" [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/444311 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:19:03] (CR) Ejegg: "Hmm. Looking in the logs, it seems like DO_FINISHPAYMENT might have been broken for years. Since it's tied to a dying API, maybe we don't " [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/444311 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:33:36] fr-tech I have an approximate layout of mini-classes and controller flow for the new Kafka ingress scripts. Pls lmk what u think! :) Starting at line 27: https://etherpad.wikimedia.org/p/fr_user_event_consumer_notes [15:33:41] thx in advance!!!! [15:33:47] (CR) Mepps: "ejegg my understanding is that it would because it would go to the cancel statement and then fall through to problem..but let me know what" [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445534 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:34:29] (CR) Mepps: "Interesting...should we document that?" [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/444311 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:34:49] the "db mapper" bits don't imply any framework or anything, it's just where I'll encapsulate the actual DB calls [15:39:52] (CR) Ejegg: "Right, the switch looks good. It's just that the getForceCancel result doesn't matter in the new logic." (1 comment) [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445534 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:44:22] hmm i do wish php had a straightforward setvalue if null syntax.. [15:44:50] (CR) Mepps: Consolidate flags (1 comment) [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445534 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [15:45:31] thanks for the review ejegg! i see what yo mean now, did you look at the final patch too? [15:46:07] mepps a bit [15:47:27] I was initially hoping the flags and problem vars could go away entirely and just have the logging and things happen inside the conditionals that are currently setting the flags [15:50:16] fundraising-tech-ops: Staging access for Saurabh - https://phabricator.wikimedia.org/T199373 (saurabhbatra96) Just checked, Fedex estimates a shipping time of around 6-7 days from SF to Hyderabad. I guess, worst case, it's possible to wait till then, but if a workaround is possible, it'd be greatly appreciated. [15:58:42] ejegg that's the long term goal [15:59:01] long-term as in hopefully later today [15:59:22] mepps hehe, nice [15:59:23] Fundraising-Backlog, fundraising-tech-ops: Try Amazon proxy IP for cert retrieval - https://phabricator.wikimedia.org/T199382 (Ejegg) Open>declined Doesn't look like it will work, unfortunately. Using curl from the command line with --resolve ends up giving me a bad SSL cert response: SSL: no al... [16:01:35] saurabhbatra: i think the quickest way to get the ball rolling would be for you to email techsupport@wikimedia.org and tell them you'd like a yubikey and where to ship it [16:02:05] oh he is not there [16:02:44] fr-tech: do we have anything on wiki explaining saurabh's project? [16:03:10] something we could point OIT to so they can see why he needs a yubikey [16:10:29] (CR) Mepps: "Also is there a new ingenico parallel process to do_finishpayment?" [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/444311 (https://phabricator.wikimedia.org/T194517) (owner: Mepps) [16:31:46] Heads up that VIP Access can be worked around by FLOSS TOTP, https://github.com/dlenski/python-vipaccess [16:36:31] fundraising-tech-ops: Whitelist another Amazon IP - https://phabricator.wikimedia.org/T199552 (cwdent) [16:43:36] fundraising-tech-ops: Whitelist another Amazon IP - https://phabricator.wikimedia.org/T199552 (cwdent) Open>Resolved [16:58:16] RECOVERY - check_disk on pay-lvs2001 is OK: DISK OK - free space: /dev 10 MB (100% inode=99%): /run 5786 MB (90% inode=99%): / 11367 MB (21% inode=96%): /dev/shm 16068 MB (100% inode=99%): /run/lock 5 MB (100% inode=99%): /sys/fs/cgroup 16068 MB (100% inode=99%): /boot 191 MB (76% inode=99%) [16:59:49] hey it worked [17:00:00] i lowered prometheus retention on there and it cleaned up some disk space [17:01:02] Prometheus: nice guy but maybe a bit retentive. I don't blame him after that POW stint on the remote island. [17:01:16] fundraising-tech-ops: Whitelist another Amazon IP - https://phabricator.wikimedia.org/T199552 (cwdent) Actually it needs this whole range: { "ip_prefix": "52.46.128.0/19", "region": "us-east-1", "service": "AMAZON" }, [17:14:20] retentive of data heh [18:12:42] ejegg|food you have a buch of patches in review, which were the ones you wanted reviewed? [18:15:30] mepps this is the ContributionTracking one: https://gerrit.wikimedia.org/r/445456 [18:15:44] we set all those vars on the payments cluster, so it'll be a no-op there [18:16:04] and this is the antifraud message date format fix from the failmail: [18:16:08] https://gerrit.wikimedia.org/r/445447 [18:16:39] Oh, this is a tiny fix for another thing that Jack and I discovered yesterday: [18:16:43] https://gerrit.wikimedia.org/r/445451 [18:17:01] ^^^ Not sure why that's not actively breaking production right now :S [18:24:31] (CR) Mepps: [C: 2] DB settings default to null [extensions/ContributionTracking] - https://gerrit.wikimedia.org/r/445456 (https://phabricator.wikimedia.org/T195814) (owner: Ejegg) [18:25:39] (CR) Mepps: Make sure to send right timestamp format to antifraud (1 comment) [wikimedia/fundraising/SmashPig] - https://gerrit.wikimedia.org/r/445447 (https://phabricator.wikimedia.org/T199468) (owner: Ejegg) [18:26:14] (CR) Mepps: [C: 2] List 'variant' as allowed API param [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445451 (owner: Ejegg) [18:27:26] (Merged) jenkins-bot: DB settings default to null [extensions/ContributionTracking] - https://gerrit.wikimedia.org/r/445456 (https://phabricator.wikimedia.org/T195814) (owner: Ejegg) [18:28:32] (Merged) jenkins-bot: List 'variant' as allowed API param [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445451 (owner: Ejegg) [18:36:42] (CR) Ejegg: Make sure to send right timestamp format to antifraud (1 comment) [wikimedia/fundraising/SmashPig] - https://gerrit.wikimedia.org/r/445447 (https://phabricator.wikimedia.org/T199468) (owner: Ejegg) [18:36:59] Thanks mepps! Answered inline^^ [18:38:47] mepps it looks like at least for the hosted checkout, there is no need for a do_finishpayment analog in Connect [18:39:01] actually, that may be the case for the older API too [18:39:25] that is, do_finishpayment is only needed when the merchant is hosting the credit card form [18:40:16] ahh [18:40:30] hmm, do we use pending_poke in any other scenarios? [18:41:17] mepps yeah, pending_poke is the normal status for approved-but-not-captured [18:41:27] *authorized-but-not-captured [18:41:38] what is statusCode 200? [18:42:14] looked it up, looks like that only maps to this workflow [18:42:27] shall i just rip this out then? [18:42:42] (fun note: this morning james constructed a sentence starting with "we shall..." [18:42:46] I think so... it would be great to try this in a sentence [18:42:47] hehe [18:42:58] derp *sandbox [18:43:06] ha, i was very curious what you meant [18:43:08] try the flow in a sandbox [18:43:36] can we at least test 3d secure for the old API? [18:44:27] sure, hmm how do i test 3d secure? i've never done that before [18:44:47] mepps you can set the 3d secure rules global [18:45:03] $wgDonationInterface3DSRules [18:45:16] to enable it for currencies beyond just INR [18:45:25] (enabled on INR by default) [18:45:29] ok [18:45:40] oh right, or you could just try an INR transaction [18:46:05] Note that for GC tests you do need to be on the full VPN [18:51:57] Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog: Investigate why Ingenico donation did not recur on 6/14 - https://phabricator.wikimedia.org/T199331 (MBeat33) Thanks, @Ejegg Do you know if that error is related to the donors' cards? Should we hold off on inviting anyone affected t... [19:23:19] ejegg i don't know a lot about 3d secure, should i see something different if it's successfully enabled? [19:23:49] mepps it's the interstitial credit card login [19:23:53] like 'verified by visa' [19:24:41] They suggested to try the 'Maestro' card type when Jack was initially looking at this [19:25:19] since we don't actually use Maestro anywhere, I think he had to hack his payment_submethods.yaml file [19:26:15] ah okay [19:26:33] the good news is i just successfully got a gc contribution in the db with these changes [19:26:48] oh hey, well, that's good [19:27:08] so it definitely called set_payment and all [19:42:34] this cafe is just straight up playing the music from super mario 3 [19:42:41] not even a remix or anything [19:45:59] i hope it's on repeat ejegg [19:46:49] hehe, only a few minutes. [19:46:56] now it's some brazilian music [19:52:30] Fundraising-Backlog, MediaWiki-extensions-DonationInterface: GC payment attempts missing card type - https://phabricator.wikimedia.org/T199573 (Ejegg) [19:53:57] oh hi XenoRyet! Feeling better today? [19:54:28] Yea, wicked headache yesterday, but the rest seems to have beaten it back for the most part. [19:55:03] so how's the fraud stuff going? anything you want to talk through? [19:55:26] Are you going on chargebacks? [19:55:32] Going well enough. [19:55:47] Or getting stuff from the console that MBeat reversed? [19:56:28] Partly chargebacks, some just the status 600 bits, also spending some time looking through the reversals and seeing which filters fired why. [19:56:56] Nothing super obvious jumping out yet, but I wouldn't expect it to. [19:56:57] ah, status 600 meaning false positives? [19:57:12] Some are false, some aren't. [19:57:13] So not just trying to get tougher on false negatives? [19:57:45] ah, but the fraudy 600s are the ones our filters caught [20:10:05] mepps i think failmail from your machine is getting delivered to fr-tech [20:10:26] at least, I hope our Civi install knows about GBP [20:25:26] oh weird ejegg [20:30:43] mepps and XenoRyet you guys both know how to deploy the thank you updates? [20:30:59] I can do these, if it's not depriving anyone of a learning opportunity [20:31:53] Yea, I'm good. [20:32:13] Don't really want to context shift right now anyway. [20:36:56] (PS1) Ejegg: Update Thank You letters [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/445721 (https://phabricator.wikimedia.org/T198870) [20:50:15] Fundraising-Backlog, Scoring-platform-team: Machine Learning for Fraud Detection - https://phabricator.wikimedia.org/T190523 (saurabhbatra96) Tracking API frontend code here - https://github.com/saurabhbatra96/wmf-fd-api [20:57:11] (PS1) Ejegg: Update redirects to CH chapter donate page [extensions/FundraiserLandingPage] - https://gerrit.wikimedia.org/r/445724 (https://phabricator.wikimedia.org/T196403) [20:58:30] Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog, Patch-For-Review: Update Wikimedia CH landing page redirects - https://phabricator.wikimedia.org/T196403 (Ejegg) @Pcoombe heh, looks like that 2013 documentation was still accurate. It's a horrible hack (putting URLs in i18n mes... [20:59:11] Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog, Patch-For-Review: Update Wikimedia CH landing page redirects - https://phabricator.wikimedia.org/T196403 (Ejegg) p:Triage>Normal a:Ejegg [20:59:24] Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog, FR-Smashpig, Patch-For-Review, Unplanned-Sprint-Work: payments-antifraud messages with wrong date format - https://phabricator.wikimedia.org/T199468 (Ejegg) p:Triage>Normal [21:00:39] durn, net is getting slow here - this place is usually great! [21:00:52] gonna finish out the day from the apt [21:40:18] Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog, Patch-For-Review: Deploy new thank you email translations - https://phabricator.wikimedia.org/T198870 (Ejegg) p:Triage>Normal [21:40:31] Fundraising Sprint Matt Damon to head up Space Force, Fundraising Sprint Naming Sprints Is Not Important, Fundraising-Backlog, Wikimedia-Fundraising-CiviCRM, Patch-For-Review: BitPay import error - https://phabricator.wikimedia.org/T198669 (Ejegg) p:Triage>Normal [21:44:14] (CR) Ejegg: "mepps thanks for the review! answered inline" [wikimedia/fundraising/SmashPig] - https://gerrit.wikimedia.org/r/445447 (https://phabricator.wikimedia.org/T199468) (owner: Ejegg) [21:47:24] (PS1) Ejegg: Revert bad translatewiki update [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445726 [21:48:08] (CR) Ejegg: [C: 2] Revert bad translatewiki update [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445726 (owner: Ejegg) [21:50:15] (Merged) jenkins-bot: Revert bad translatewiki update [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445726 (owner: Ejegg) [21:51:03] (PS5) Ejegg: WIP add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) [22:14:17] (PS6) Ejegg: Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) [22:16:24] (CR) jerkins-bot: [V: -1] Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) (owner: Ejegg) [22:20:01] (PS7) Ejegg: Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) [22:22:20] (CR) jerkins-bot: [V: -1] Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) (owner: Ejegg) [22:25:32] (PS8) Ejegg: Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) [22:27:48] (CR) jerkins-bot: [V: -1] Add opt_in field for selected countries [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/445327 (https://phabricator.wikimedia.org/T199278) (owner: Ejegg) [23:11:20] Fundraising-Backlog, MediaWiki-extensions-ContributionTracking, Technical-Debt (Deprecation): Remove premium and paypal things from ContributionTracking - https://phabricator.wikimedia.org/T121969 (Krinkle)