Phorge

PublicGeneral discussions about Phorge. For long and complex questions, you may want to use Ponder.

• Join Room

Quick revision for review: D25904: Update XHPast for Windows binary to 7.1.6

The secure.phabricator.com server is out of storage: I can't go to the Welcome page on Phriction or even the changelog. Also when going to a large commit, only some files load and I get the error mkdir(): No space left on device.

Well we are not phabricator.com but phorge.it, so wrong place :)

Who wants to discuss the policy for contributing to prototype applications?: T16007

Is there a way to either re-active a revoked SSH key or delete it permanently so it can be re-added?

Can't be activated via the UI or any script, but if you have access to the db directly you can edit the row and flip the "is active" bit.
And you can probably delete it completely using bin/remove destroy by its phid.

yes, I do have access to the DB

If you have Developer Mode enabled and can see the page of the object, it's under the "Advanced/Developer -> view Hovercard"

If you have the key number, you can find its phid using conduit auth.querypublickeys

or you could provide public key to the same method in the keys field.

yeah, I have full admin access (and SSH access) to the phorge instance.
I enabled developer mode. But I don't know how to get to the SSH key in the web UI anymore (it doesn't show up under my account's "SSH Public Keys" as I revoked it previously.

You can put the user's phid under objectPHID field, I think that should find it too.

May a Blessed Roots (probably @avivey) configure inbound email (T15036#19958) if possible?

@avivey thanks, I was able to remove the previously revoked SSH key by using the developer mode and bin/remove destroy

i can't edit https://we.phorge.it/w/changelog/next_up/ but it has T15988 in the patch column and D25865 in the task column.. could someone please fix that?

Thanks taavi. 3 more remaining tips until you get "auto-"promoted as "blessed communicator" I guess \o/ lol

All - I am attempting to land my revision D25898 but am getting an error. When running arc land, it asks me for my credentials, after entering them I get fatal: unable to access 'https://we.phorge.it/source/phorge.git/': The requested URL returned error: 403 any ideas?

You probably cloned by HTTPs instead of SSH. If you like it you need a VCS password. Visit this:
https://we.phorge.it/source/phorge/
Clone → https://we.phorge.it → Manage Password (second URL)

Would anyone know where in the DB Phorge stores the relation between the name of a custom Maniphest field and its indexKey/fieldIndex? I'm too stupid to find it... TIA.

There is really no post on Security Announcements. Would this blog actually be useful for security advisories and urgent stable releases (ie. when a severe security issue has discovered and patched)?

Short answer I think yes.
If the real answer if if a content is missing, I don't know. Maybe T15965 can be considered a security issue and I should write a note about it?

Could a Blessed Roots either archive or destroy {PHID-DSHB-j5xxh7r6x7nnejk5lco6}? Or it could be reused as a useful dashboard once unlocked?
Unlock: `./bin/policy unlock PHID-DSHB-j5xxh7r6x7nnejk5lco6
Destroy: `./bin/remove destroy PHID-DSHB-j5xxh7r6x7nnejk5lco6

I've archived and hid it, thanks.

Should the Phabricator changelog be copied over here? As of March 2025, the secure.phabricator.com server has a storage problem so not only accessing repository files and viewing commits has became almost impossible, but also the Welcome and Changelog wiki documents won't load.

Dear Admins please approve the contact https://we.phorge.it/p/AndrewTavis/ who verified their non-spam lovely intentions with me in private :3 :3

Approved

arc lint is giving me the following exception, on both PowerShell and Git Bash:

Some linters failed:
    - Exception: Definition of class ' */
      final' in file 'filesystem/Filesystem.php' duplicates prior definition in file 'filesystem/FileFinder.php'. You can not declare the same symbol twice.

What to do? Note that I manually compiled XHPAST on my Arcanist copy using MINGW32.

Would someone accept https://we.phorge.it/D25873 so we can get rid of a known regression in git master? TIA!

Can someone further review {D25926)?

Welcome aboard to @xtex who is the fastest fix lander of all time

hi! i haven't been missing much here?

@Juest what task or ques3ion?

chat system weirdness when its resized in tablet-mobile-small screen size

@Juest I think you mentioned that sometimes it works, others it is as broken as you shown in Z1#3226. But what are you talking about? The members sidebar or the room topic, or something else?

the whole chat canvas

I think it's somewhat normal, but on an actual tablet, switching between portrait and landscape modes is where the true annoyance comes and the page has to be refreshed.

Does Nuance actually work? And what was it's actual purpose?

In my understanding Nuance is a support desk queue system, a bit into the direction of VTRS/Znuny. In contrast to a Q&A forum like Ponder and a ticket system like Maniphest (here we go with nuances :D ). I have no clue if there were plans to allow funneling an item in a queue into a task in a project or such though. Now someone feel free to correct me please :)

interesting, maybe we could investigate that bug with the viewport resizing

@avivey do you have time to change the outbound email address to we.phorge.it?

I'll try to do that today.

I gave it a try, and I couldn't get it to work.
I'm pretty sure I fixed it back to the way it was.
We also should be having an ip6 address in the dns now.

No wonder why I got a weird MySQL error.

but mail address has changed, yay <3 Congrats!

No, I reverted the change because it wasn't working correctly.
I think I'll try it on a different machine first to figure out the details.

Is it okay to use the root user for MySQL when installing Phorge? Or I should create a MySQL user for the Phorge databases?

For the bin/storage upgrade, you need to practically be root - need permissions to create DBs etc.
For the normal phorge execution, you might want to have a less-capable user to reduce chance of accidental damage. But you'll need to provide this user read access to all the things.

I like to create a minimal MySQL user with full access to prefix phabricator like - https://stackoverflow.com/a/54812658/3451846

Hey folks, just to make sure we aren’t insane in our check, deleting Maniphest comments is an Administrator hard coded exclusive right, right? We were trying to look into making an acl to let non admins delete comments and disable accounts, the latter works, former seems to not be possible.

I believe yes as I haven't heard of a policy that controls who can delete comments. But what do you mean by "we" (which instance)?

Apologies, https://issue-tracker.miraheze.org. Not something concrete we’re going to do, just an idea @RhinosF1 thought of when bouncing ideas.

Not quite sure on how to implement this as Comments doesn't look to be an application.

Here's the code for it: https://we.phorge.it/source/phorge/browse/master/src/applications/transactions/editor/PhabricatorApplicationTransactionCommentEditor.php$166-173
Admins bypass this security check, and then there's a CAN_EDIT test for the transaction object (comments are not real objects, but part of a transaction object).

"Transactions" is an app, but it doesn't currently expose any policies.

Is there any configuration for changing the prefix of Maniphest tasks? For example, on WMGMC Issue Tracker, we want to use WT-nnnnn (or other prefixes) to distinguish with tasks on Wikimedia Phabricator.

No, there's no such configuration.
You could maybe make some code changes to force the prefix to be something else, but it would be quite involved.

okay~

Speaking of task IDs, how to bump the number (as done on this install from T1 to T15000, but for good reasons)?

I think in this way https://stackoverflow.com/a/1485685/3451846

Could this be reviewed to make Phorge work better with PHP 8.4: D25887: Remove use of deprecated E_STRICT PHP constant

You know what, I though I was installing PHP 8.3 on my test environment (Ubuntu 24.04) until I read the install log (as I first ran sudo apt-add-repository ppa:ondrej/php and typed php in the install command instead of php8.3).

One thing worth knowing if you don't look at PHP deprecation notices: Everything you see on deprecation RfC pages for PHP 8.x releases on the PHP wiki will be removed in PHP 9.

Yeah php on Ubuntu (and Debian) is just a metapackage for ensuring serverside PHP is installed in some form on your system, and of course 8.3 is the version supported by 24.04; ondrej's PPA, since its purpose is to let one install a wide range of PHP versions, doesn't bother overriding that metapackage. I believe it's Ubuntu 25.04 "plucky" that 8.4 will make it in for. (Meanwhie Debian stable is on 8.2.)

When I installed Aphlict, npm shown me a high security vulnerability warning, so I ran npm audit fix. Do you also get such warning?

Hard to say without clear steps to reproduce (commands) or a link to docs which you followed and output what the warning is about etc

I can tell you that I installed Node.js via audio apt install npm. When I ran npm install at the Aphlict Server path (phorge/support/aphlict/server) and that the high security vulnerability warning included a link to a security advisory on GitHub.

Could someone add the removal of the PHP 7.0.x check (D25948) to Next Up?

Done thanks

I don't know why, but destroying a Nuance object I created using bin/remove destroy PHID-NUAS-leddm7whpzwt4p5faynq yields the exception Object "PHID-NUAS-leddm7whpzwt4p5faynq" can not be destroyed (it does not implement PhabricatorDestructibleInterface)..

Looking at the PHID, that's a NuanceSource. As per the error message, that doesn't implement PhabricatorDestructibleInterface - which is required for destroying objects using bin/remove destroy.