[00:45:53] (03PS11) 10DannyS712: Make use of PHPUnitTestTrait in more sniffs [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/650189 [01:44:39] 10Phabricator: Decide how to distribute phabricator badges - https://phabricator.wikimedia.org/T196390 (10Peachey88) >>! In T196390#6707927, @DannyS712 wrote: > It seems like everything but the trust and safety badge (https://phabricator.wikimedia.org/badges/view/13/) is restricted - can I suggest restricting th... [01:54:43] 10Phabricator: Decide how to distribute phabricator badges - https://phabricator.wikimedia.org/T196390 (10DannyS712) >>! In T196390#6714250, @Peachey88 wrote: >>>! In T196390#6707927, @DannyS712 wrote: >> It seems like everything but the trust and safety badge (https://phabricator.wikimedia.org/badges/view/13/)... [06:44:43] PROBLEM - Work requests waiting in Zuul Gearman server on contint2001 is CRITICAL: CRITICAL: 100.00% of data above the critical threshold [150.0] https://www.mediawiki.org/wiki/Continuous_integration/Zuul https://grafana.wikimedia.org/dashboard/db/zuul-gearman?panelId=10&fullscreen&orgId=1 [06:47:55] RECOVERY - Work requests waiting in Zuul Gearman server on contint2001 is OK: OK: Less than 100.00% above the threshold [90.0] https://www.mediawiki.org/wiki/Continuous_integration/Zuul https://grafana.wikimedia.org/dashboard/db/zuul-gearman?panelId=10&fullscreen&orgId=1 [11:10:36] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Amire80) >>! In T228745#67... [11:12:40] 10Continuous-Integration-Infrastructure, 10MediaWiki-Core-Testing: Coverage report wrongly marks some lines of a multi-line function call as uncovered - https://phabricator.wikimedia.org/T205812 (10Seb35) The specific issues decribed are fixed nowadays (it is now Xdebug 2.7.0). There are still (very) few issue... [11:34:53] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Sannita) Just a quick note... [11:56:17] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Exec8) >>! In T228745#6714... [12:10:52] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Gnangarra) > It doesn't h... [12:13:55] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Amire80) >>! In T228745#67... [12:54:59] 10phan-taint-check-plugin: taint-check could remove bad taint from keys when using implode/array_values - https://phabricator.wikimedia.org/T270942 (10Umherirrender) [13:08:33] 10LibUp, 10phan, 10phan-taint-check-plugin, 10Upstream: Have some fixers for Phan issues so that LibUp patches aren't so much work for humans - https://phabricator.wikimedia.org/T270751 (10Daimona) >>! In T270751#6710986, @Legoktm wrote: > It's what we currently do for PHPCS and eslint (though we globally... [13:11:18] 10LibUp, 10phan: Teach LibUp how to migrate to new phan using ConfigBuilder - https://phabricator.wikimedia.org/T254571 (10Daimona) >>! In T254571#6713445, @Legoktm wrote: > @Daimona: is this ready to be implemented with the current version of mediawiki-phan-config? What's the minimum version that phan needs t... [13:13:41] 10phan-taint-check-plugin: taint-check could remove bad taint from keys when using implode/array_values - https://phabricator.wikimedia.org/T270942 (10Daimona) Yes, see https://gerrit.wikimedia.org/r/c/mediawiki/tools/phan/SecurityCheckPlugin/+/609803. That's an incomplete implementation, but at least it adds so... [13:14:06] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Exec8) >>! In T228745#6714... [13:14:22] 10phan-taint-check-plugin: taint check could interpret \Q and \E when processing for SecurityCheck-ReDoS - https://phabricator.wikimedia.org/T270943 (10Umherirrender) [13:15:12] (03PS3) 10Majavah: New sniff: `MissingElseBetweenBracketsSniff` [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/652397 (https://phabricator.wikimedia.org/T186939) [13:15:14] 10phan-taint-check-plugin: taint check could interpret \Q and \E when processing for SecurityCheck-ReDoS - https://phabricator.wikimedia.org/T270943 (10Umherirrender) [13:15:35] (03CR) 10Majavah: New sniff: `MissingElseBetweenBracketsSniff` (031 comment) [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/652397 (https://phabricator.wikimedia.org/T186939) (owner: 10Majavah) [13:16:29] 10phan-taint-check-plugin: taint check could interpret \Q and \E when processing for SecurityCheck-ReDoS - https://phabricator.wikimedia.org/T270943 (10Daimona) I think this cannot be reasonably implemented, aside from simple cases. We'd need to parse the regexp, and the additional complexity is probably not wor... [13:17:32] 10phan-taint-check-plugin, 10Patch-For-Review: taint-check could remove bad taint from keys when using implode/array_values - https://phabricator.wikimedia.org/T270942 (10Daimona) a:03Daimona [13:35:05] 10phan-taint-check-plugin, 10Patch-For-Review: taint-check 3.1.0 showing more issues from type SecurityCheck-OTHER - https://phabricator.wikimedia.org/T268920 (10Daimona) (FTR, the two issues with rawurlencode were fixed by hardcoding the function as removing path taint; the ones with $_FILES are going to be f... [13:37:16] 10Release-Engineering-Team (Deployment services), 10Release-Engineering-Team-TODO, 10incubator.wikimedia.org, 10I18n: Allow creating an independent "incubator wiki" instead of hosting all new wikis in one Incubator wiki with prefixes - https://phabricator.wikimedia.org/T228745 (10Amire80) >>! In T228745#67... [15:09:45] 10Gerrit, 10Upstream: Gitiles does not provide raw view of the file for copy-pasting (txt download is base64 encoded) - https://phabricator.wikimedia.org/T270903 (10hashar) Those JSON and TXT links at the bottom of the pages are for API consumption. They are not really meant to show the raw text. The feature r... [15:24:27] 10Gerrit, 10Release-Engineering-Team (Development services), 10Release-Engineering-Team-TODO (2021-01-01 to 2021-03-31 (Q3)): Upgrade Gerrit to 3.3 - https://phabricator.wikimedia.org/T262241 (10hashar) [15:24:29] 10Gerrit: Outgoing and recently closed reviews that have new comments should be marked as bold just as the incoming reviews - https://phabricator.wikimedia.org/T131968 (10hashar) [15:24:57] 10Gerrit: Outgoing and recently closed reviews that have new comments should be marked as bold just as the incoming reviews - https://phabricator.wikimedia.org/T131968 (10hashar) That is addressed by Gerrit 3.3 Attention Set feature described at http://gerrit-documentation.storage.googleapis.com/Documentation/3.... [15:38:46] 10phan-taint-check-plugin: taint check could interpret \Q and \E when processing for SecurityCheck-ReDoS - https://phabricator.wikimedia.org/T270943 (10Reedy) [17:04:30] 10LibUp, 10Patch-For-Review: Add support for MW branches to LibUp - https://phabricator.wikimedia.org/T236071 (10Umherirrender) Some extensions failing with on REL1_31: ` Running "stylelint:all" (stylelint) task Warning: Cannot find module 'stylelint' Use --force to continue. ` When doing all steps manually... [17:26:04] 10Continuous-Integration-Config, 10LibUp, 10Release-Engineering-Team (CI & Testing services), 10Release-Engineering-Team-TODO: LibraryUpgrader CI normalisation tasks, June/July 2019 - https://phabricator.wikimedia.org/T225325 (10Umherirrender) [17:30:07] 10phan-taint-check-plugin: taint-check does not support compact() - https://phabricator.wikimedia.org/T270927 (10Daimona) I think it might be doable, if the function gets special-cased. FTR, phan doesn't handle compact, either. [17:33:38] 10phan-taint-check-plugin: taint-check does not support compact() - https://phabricator.wikimedia.org/T270927 (10Umherirrender) There is a internal `CompactPlugin` For undeclard variables: https://github.com/phan/phan/commit/029b74ec6324685346146471d0b6513cdc769d3e For unused variable there is also a change: h... [17:42:30] 10phan-taint-check-plugin: taint-check does not support compact() - https://phabricator.wikimedia.org/T270927 (10Daimona) Didn't see that. I think that support is still incomplete though, at least for union types, see [[https://phan.github.io/demo/?code=%3C%3Fphp%0A%0Afunction+baz%28%29+%7B%0A++++%24foo+%3D+42%3... [19:16:55] 10LibUp: libup fails on npm audit fix not providing the actions key - https://phabricator.wikimedia.org/T269520 (10Umherirrender) [19:17:16] 10LibUp, 10Patch-For-Review: libup KeyError 'actions' in npm_audit_fix - https://phabricator.wikimedia.org/T228173 (10Umherirrender) [19:26:16] 10LibUp: libup sometimes cannot update to eslint-config-wikimedia because new errors not added to .eslintrc.json as warning - https://phabricator.wikimedia.org/T262450 (10Umherirrender) >>! In T262450#6713449, @Legoktm wrote: > How are we supposed to figure out which file it should be disabled in? Should we just... [19:27:06] 10LibUp, 10Documentation, 10Patch-For-Review: Document weight - https://phabricator.wikimedia.org/T270908 (10Legoktm) a:03Legoktm [19:29:17] 10LibUp: libraryupgrader web ui should mark libs also as "Wikimedia-deployed" - https://phabricator.wikimedia.org/T256635 (10Umherirrender) Looks fixed with https://gerrit.wikimedia.org/r/c/labs/libraryupgrader/+/652281 Is the column "Wikimedia-deployed" needed on https://libraryupgrader2.wmcloud.org/library_ta... [20:18:08] (03CR) 10Legoktm: [C: 03+2] Forbid compact() as opposite of forbidden extract() [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/652415 (owner: 10Umherirrender) [20:19:57] (03Merged) 10jenkins-bot: Forbid compact() as opposite of forbidden extract() [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/652415 (owner: 10Umherirrender) [20:33:16] 10LibUp, 10Patch-For-Review: Add support for MW branches to LibUp - https://phabricator.wikimedia.org/T236071 (10Legoktm) >>! In T236071#6714682, @Umherirrender wrote: > Some extensions failing with on REL1_31: > > ` > Running "stylelint:all" (stylelint) task > Warning: Cannot find module 'stylelint' Use --f... [21:03:00] 10LibUp, 10Documentation, 10Patch-For-Review: Document weight - https://phabricator.wikimedia.org/T270908 (10Reedy) 05Open→03Resolved p:05Triage→03Medium [21:07:42] (03CR) 10Umherirrender: [C: 03+1] Make use of PHPUnitTestTrait in more sniffs (032 comments) [tools/codesniffer] - 10https://gerrit.wikimedia.org/r/650189 (owner: 10DannyS712) [22:11:47] PROBLEM - Work requests waiting in Zuul Gearman server on contint2001 is CRITICAL: CRITICAL: 100.00% of data above the critical threshold [150.0] https://www.mediawiki.org/wiki/Continuous_integration/Zuul https://grafana.wikimedia.org/dashboard/db/zuul-gearman?panelId=10&fullscreen&orgId=1 [22:59:41] RECOVERY - Work requests waiting in Zuul Gearman server on contint2001 is OK: OK: Less than 100.00% above the threshold [90.0] https://www.mediawiki.org/wiki/Continuous_integration/Zuul https://grafana.wikimedia.org/dashboard/db/zuul-gearman?panelId=10&fullscreen&orgId=1 [23:20:05] legoktm: The proposed patch on https://libraryupgrader2.wmcloud.org/r/mediawiki/extensions/RSS?branch=REL1_31 looks good; ready to go live? [23:21:47] I'm waiting for it to finish going through everything just in case, but everything does look good so far [23:21:52] Ack. [23:21:59] Seriously nice work. [23:23:53] thanks :D [23:24:17] Also we're very close to enabling sec-check on MW itself. [23:24:34] Only three years' work. ;-) [23:24:54] So Happy New Year to all. [23:27:58] ^.^ [23:28:01] Happy New Year to you too! [23:37:01] happy new year [23:37:39] * James_F is on a mission to re-watch all the Bond films before they roll off Amazon Prime in ~32 hours' time. [23:37:49] 18 down, two and half to go. [23:37:56] Perfect code review films. [23:38:39] when I code review old code, It ends up being called deleting it and redoing it. [23:38:52] Ha. [23:38:58] Too often. :-( [23:39:33] that's though because old code on the projects I maintain normally means never got any code review or decent CI checks [23:39:57] * RhinosF1 enabled 3 more about 10 minutes ago on a github repo [23:40:20] Oh yeah, I was going to do the tox thing. [23:40:30] * RhinosF1 looks at git blame and gets an idea [23:41:01] (03PS5) 10Jforrester: jjb: Switch cumin jobs from tox to tox-buster image [integration/config] - 10https://gerrit.wikimedia.org/r/651293