We should abandon this revision as secure has already updated their pem - see https://lch.lcdevops.com/rLCARCANIST13d3a3c3b100979c34dda261fe21253e3571bc46
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jan 25 2022
- ran arc liberate
Dec 3 2021
Here is the commit that introduced this
Nov 23 2021
This looks pretty great! - I think T15030 is the general covering task for Extensions
Nov 17 2021
Oct 31 2021
I can confirm as well that I have never received an email from phorge / phabricator on my email which isn't "outlook.com" but is an office 365 email account
Oct 27 2021
This is what the README says - And maybe we should remove support for the default.pem altogether? (But, possibly leave support for custom.pem)
Oct 26 2021
Oct 25 2021
I would use arc diff
@Labricator Could you propose and submit a revision?
Oct 21 2021
I feel like this is a good change. I do not see any security vulnerabilities that could be introduced by this..
Oct 16 2021
In T15006#1429, @speck wrote:I can provide more information later this weekend but I think it would help if we set up a virtual meeting with anyone interested in helping to get this done.
Yes - I could have some availability - Normally evenings (US Central Time) -
Oct 15 2021
@speck What can I help with here? - Are we waiting on upstream for anything currently?
Oct 14 2021
Could you describe in more detail what this change is doing? - Because I am not familiar with celerity, I did read through https://secure.phabricator.com/book/phabdev/article/celerity/ for some background.
Oct 13 2021
@Leon95 - I think this revision will be approved with just including the webkit alternate -
In D25015#826, @speck wrote:I think that makes sense. Could you make a task to address this so we don’t lose track of it? Then let’s get this landed.
In D25023#827, @speck wrote:Because of security issues related to this I’d like to have a verification of this type of change since this inherently defines the trust used by arc.
Maybe 2 core members independently verify the these certificate changes? Is there an fast way to verify the individual certs changed here?
Things seem wildly inconsistent for this particular css string https://we.phorge.it/source/phorge/browse/master/?grep=user-select
In D25022#774, @bekay wrote:Then maybe just show the monogram when logged in.
I feel like we should move translation to a new revision, so we can move forward with this one.
I tested this revision on Edge just to make sure there were no negative side effects - No issues to report.
Oct 12 2021
Oct 11 2021
I am not seeing this behavior. (Using Edge)
Oct 6 2021
Oct 4 2021
Sep 30 2021
Sep 26 2021
In D25022#768, @speck wrote:Thinking about this a little more it could be intentional for these to not have monograms displayed in the page title. Tasks, Revisions, etc. are more meant to be directed to internal users of the system while Phame blog posts may also be directed to external users where a monogram might be more confusing. What do you think?
Sep 24 2021
Sep 23 2021
Referencing this "short" discussion that I remember from Discourse
Sep 22 2021
Is it possible to pick a branching off point?
Isn't Centos End of Life soon?
Sep 17 2021
The Herald rule should be project specific. If X happens then move task to Project->Column
Jul 26 2021
Jul 25 2021
Jul 7 2021
I think both solutions work well
Jun 29 2021
Jun 26 2021
There's also the point of users being used to arc land pushing code from their machine, so switching its behavior to delivering different code could have adverse UX.
diff breaks master after rebase
@speck A possible path forward here - We will end up with new revisions, but that is good!
Jun 25 2021
D25012 solves it, but I wonder if we should just exclude it from the "type": "text" linters
We could move this from the global exclude to just the specific linters (like the txt linter, etc.) - That would be a reasonable request
In T15021#564, @avivey wrote:There might be a way to explicitly define it as generated, which (used to) exclude it from lint.
In D25002#410, @avivey wrote:
Could we...
Jun 24 2021
What can I do to Help? -
A few final thoughts here as well
I second everything @speck says here.
Jun 23 2021
I feel we should revert this change from master and back into a revision
I have a lot of concerns about what is happening with these Harbormaster updates. I believe them to be good strategy, and should be welcomed, however..............
Jun 22 2021
T15011 discusses some of this...
Jun 21 2021
Jun 20 2021
In T15014#446, @speck wrote:I created Release Process in our internals wiki to start the documentation on what the release process would look like, based on some of those commented. As we flesh out the plan I’d like to update that.
One thing to consider are installs where the database is being queried outside of Phabricator - anyone doing data analytics or other tooling that interacts with the database directly would be affected by this change.
Jun 19 2021
In D25006#220, @deadalnix wrote:
My only concern here is that technically this introduces issues for any user install that already contains an untracked package support/aphlict/server/package-lock.json
hmm - I cannot land this revision?
Will need this accepted again by Blessed Committers
Updating revision
In D25004#152, @deadalnix wrote:Without package-lock.json, it is not possible to deploy a consistent set of dependencies resolution - they might change any time any one publishes a new package, which creates a lot of problems for reproducibility.
Test and Lint coverage?
In D25003#134, @speck wrote:@Ekubischta it looks like @chris added you - could you verify your email? I'm also thinking anyone in the "security" or "blessed" groups should turn on MFA as well.
Jun 18 2021
@speck @avivey Can you add me as a Blessed Committers ??
What happens if
Refs the discussion here T15011#386 and Aphlict
In T15011#390, @speck wrote:
The documentation for installing Aphlict instructs you to npm install ws in the support/aphlict/server/ folder but it looks since that documentation was written newer versions of node/npm will write out package-lock.json which the repository is not setup to ignore. We'll need to add that file to the .gitignore file I think.
This and D25001: T15006: Update .arcconfig to point to we.phorge.it are duplicates. I tried to land it this morning but ran into issues with the land process that I didn't have time to work out