What was the original rationale behind shipping a certificate bundle with Arcanist? It may be better to rely on the system certificate bundle instead (that also tends to have certificates from, for example, internal company issuers as well).

A perfect example of "hard to see" things in dark mode

Definitely a good idea for anyone who wants to run Phorge in EU/UK or work with EU/UK contributors. Though it really is only necessary for the signup page - individual repositories really only have to worry about CLAs (if relevant).

Adding for refs https://discourse.phabricator-community.org/t/arc-blind-trusting-domains-and-cert-errors/4980/4

I would use arc diff

I’d definitely try, but it depends if we are using GitHub or command line git.

@Labricator Could you propose and submit a revision?

Any progress on this? Consensus?

Wouldn't this be a subtask of Legal? If admin has access to shell and/or PII, then this would be something for legal stuff.

I'd definitely recommend this change. Although I am not the best with legal mumbo jumbo, this would definitely be a must-have.

A member of Trusted Contributors will land it for you.

@speck thanks, how do I land the change?

@speck I can’t get you added as you aren’t currently authenticated with NickServ.

Thank you for going through to make these all consistent!

Thanks for setting this up. I would like to be a group contact for the room.

Thank you for submitting this change!

I feel like this is a good change. I do not see any security vulnerabilities that could be introduced by this..

In T15035#1445, @MacFan4000 wrote:

So, I sent a community registration ticket back in July,and never heard back. They say they have a backlog. I think though it would be easier if we do a project registration and have it be done by somebody who can verify that they represent Phorge. (either through a file on the web root or else DNS)

Great, thanks for the info.

For the record we are up to 22 user in the channel currently.

So, I sent a community registration ticket back in July,and never heard back. They say they have a backlog. I think though it would be easier if we do a project registration and have it be done by somebody who can verify that they represent Phorge. (either through a file on the web root or else DNS)

@io for GitHub we have a task (T15046)

Hi all,

For the rest, I think they can be created on an as-needed basis.

In T15006#1429, @speck wrote:

I can provide more information later this weekend but I think it would help if we set up a virtual meeting with anyone interested in helping to get this done.

In T15006#1429, @speck wrote:

I can provide more information later this weekend but I think it would help if we set up a virtual meeting with anyone interested in helping to get this done.

• update celerity map

• update celerity map

No Problem. Lets drop the other Flags then.

• Use css flag for webkit

Also this Vagrant pattern should work first-run with vagrant up: https://we.phorge.it/T15027#852

In T15006#1429, @speck wrote:

I can provide more information later this weekend but I think it would help if we set up a virtual meeting with anyone interested in helping to get this done.

Yes - I could have some availability - Normally evenings (US Central Time) -

I can provide more information later this weekend but I think it would help if we set up a virtual meeting with anyone interested in helping to get this done.

@speck What can I help with here? - Are we waiting on upstream for anything currently?

Since it matches the other user select that’s setup in this file this is fine but it could just be the standard + WebKit one

• Add browser-specific css flags

The effort to rebrand Phabricator is going to result in changes to a lot of text which would likely invalidate a large number of translation entries.

At my company we have a similar situation however our management system is something we also actively develop. We solved this problem by configuring a web hook to hit an endpoint for the activities we are interested in having people track. The endpoint receives the transactions, pulls some additional info, and creates time-tracked activities for them in an aggregated list. Employees review the list and update time for each activity. It works pretty well and is not limited to activities from Phab allowing other systems to post activity to report, and for employees it’s nice because we can present the activity they’ve done and only require they estimate time spent as all other context is linked up.

Could you describe in more detail what this change is doing? - Because I am not familiar with celerity, I did read through https://secure.phabricator.com/book/phabdev/article/celerity/ for some background.

Thanks!

@Leon95 - I think this revision will be approved with just including the webkit alternate -

In D25015#826, @speck wrote:

I think that makes sense. Could you make a task to address this so we don’t lose track of it? Then let’s get this landed.

In D25023#827, @speck wrote:

Because of security issues related to this I’d like to have a verification of this type of change since this inherently defines the trust used by arc.

Maybe 2 core members independently verify the these certificate changes? Is there an fast way to verify the individual certs changed here?

Because of security issues related to this I’d like to have a verification of this type of change since this inherently defines the trust used by arc.

I think that makes sense. Could you make a task to address this so we don’t lose track of it? Then let’s get this landed.

Ah interesting. Could we follow the information you found and just include the WebKit one for now. I’m not as concerned with consistency after your findings. I appreciate that you investigated!

A friend of mine is able to reproduce this error on an updated Fedora 34 as well.

Things seem wildly inconsistent for this particular css string https://we.phorge.it/source/phorge/browse/master/?grep=user-select

It seems like only the WebKit variant may still be necessary. What do you think about updating both areas to just have the WebKit version in addition to the standard?

In D25022#774, @bekay wrote:

Then maybe just show the monogram when logged in.

I feel like we should move translation to a new revision, so we can move forward with this one.

I tested this revision on Edge just to make sure there were no negative side effects - No issues to report.

Let’s update to include the same set of user-select cross-browser as the blame info

I tried on Firefox on mac and there are tabs included

Happens with Firefox on Windows too. Chome and Edge are not including tabs, but when selecting from bottom to top and ending the selection while hovering a line number, one tab gets copied. This is also prevented with this patch.

l got this behaviour using Firefox on a Linux system. I have no Windows at Hand Right now, but will check it tomorow with different browsers.

I am not seeing this behavior. (Using Edge)

Oh my, sorry for the noise; my search-foo didn't find that.

This is a duplicate of T15051 and potentially solved with D25023

I'm down to do a https://meet.jit.si/ with someone else who is also down for this idea as well as the idea of translatable generic confirm() and alert() dialogs that can trivially go from pht() in PHP to JavaScript. Anyone?