The Referenced Files section of this diff looks like someone is looking for a vulnerability. Any idea what’s happening here?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Nov 11 2023
Since this is for the timeline text maybe it should check for array and just say “multiple images” rather than grabbing the first.
Update per last comment
I am not sure about all these changes. In particular, the changes in PhabricatorSetupIssueUIExample.php and PhabricatorSetupIssueView.php probably warrant extra scrutiny.
- Update the resources map
Maybe I have to test this against PHP 8.1
Update config description
Before landing this change, I would like to know the right way to credit both the original author and my modifications with Arcanist (Q85).
Reword
Awesome thanks for adding details and clarification
Nov 10 2023
Impressing test plan :D Tested intensively. No nuclear implosions. Yuppie yeah! ✨
Note that I cannot see Task T15663
I'm not able to find #conduit in Matrix mozilla.org homeserver btw
(It needs to be quoted just in we.phorge.it since indeed we have a Tag called Conduit :D Sorry for that)
@valerio.bozzolan If you didn't get an answer, try asking in #conduit. I didn't realize that # needs to be quoted in Remarkup. 😢
@valerio.bozzolan Upstream removed code that enforces $always_visible when $file->getIsProfileImage() is true in PhabricatorFileQuery.php, but I'm afraid that this change may break other things, so I did not apply it here, but on the other hand kept the description of "Image will be Public".
Mention upstream commit
Nice! Thanks
Maybe we can mention the upstream commit, and we can amend to set their author information.
It would be great if Mozilla's team could join forces with Phorge. Would you (the core team) contact them in #conduit on chat.mozilla.org and mozilla.slack.com?
Fix lint warnings
I have reviewed it and made some comments. On a remotely related topic, TLS handshakes are expensive and persistent connections can reduce latency and server load by reusing TLS connections, so maybe we should make it configurable outside of cluster.databases as well.
I wonder if they are aware that Phorge exists and that we are open to contributions :)
I will keep this change in my production for a while:
In D25441#12816, @aklapper wrote:Where to find the test plan?
This seems reasonable to me. It only adds further information to logs. I suppose there are some paths that could result in showing exception on the client-side but including monogram doesn’t seem concerning/dangerous.
Nov 9 2023
If this is considered too dangerous to merge, I could first test this in downstream for a while.
- for CSS classes, it seems Phorge would use .collapsible-content instead of camel case
Follow review tips
In D25459#13138, @speck wrote:Would there be a bunch of these lying around?
Ah! Thanks! I was not aware that it was a common practice:
the prefix was added to have arcanist/phorge indication. So, if we use just $ it's better to remove it.
- Adjust message per code review suggestion