Page MenuHomePhorge
Feed All Stories

Apr 25 2022

20after4 created T15096: Discuss Arcanist as a barrier to adoption of Phorge and how to address the underlying issues..
Apr 25 2022, 07:39 · Phorge General/Unknown, Arcanist
hof updated hof.
Apr 25 2022, 07:09

Apr 24 2022

20after4 awarded D25034: support language highlighting for GFM-style code blocks a Mountain of Wealth token.
Apr 24 2022, 18:50
20after4 added Q11: upgrade phabricator to phorge (Answer 3).
Apr 24 2022, 18:45
20after4 added a task to D25037: Hide the "hidden" fields on custom form previews: T15081: Figure out if there are patches from Wikimedia's fork that are desirable to upstream in Phorge.
Apr 24 2022, 18:39
20after4 added a task to D25038: Add Status, sequence and isDefault to the conduit api results for column.search: T15081: Figure out if there are patches from Wikimedia's fork that are desirable to upstream in Phorge.
Apr 24 2022, 18:39
20after4 added revisions to T15081: Figure out if there are patches from Wikimedia's fork that are desirable to upstream in Phorge: D25038: Add Status, sequence and isDefault to the conduit api results for column.search, D25037: Hide the "hidden" fields on custom form previews.
Apr 24 2022, 18:39 · Phorge Upstream
20after4 updated the diff for D25038: Add Status, sequence and isDefault to the conduit api results for column.search.

Fix line length

Apr 24 2022, 18:36
20after4 retitled D25038: Add Status, sequence and isDefault to the conduit api results for column.search from Add column sequence to the conduit api results for column.search to Add Status, sequence and isDefault to the conduit api results for column.search.
Apr 24 2022, 18:34
20after4 updated the diff for D25038: Add Status, sequence and isDefault to the conduit api results for column.search.

celerity map

Apr 24 2022, 18:30
20after4 requested review of D25038: Add Status, sequence and isDefault to the conduit api results for column.search.
Apr 24 2022, 18:29
20after4 requested review of D25037: Hide the "hidden" fields on custom form previews.
Apr 24 2022, 18:19
20after4 added a comment to T15048: Allow awarding Tokens to individual Comments.

Does anyone else feel that this is not a good idea? Seems like the consensus here is that it's at least acceptable if not desirable to have.

Apr 24 2022, 17:58 · Tokens
20after4 added a comment to T15048: Allow awarding Tokens to individual Comments.

I did a bit of digging through the source code and it looks like tokens are implemented in an incredibly generic way, such that it wouldn't be at all difficult to add tokens to comments. I think the hardest part will be integrating it with the UI.

Apr 24 2022, 17:55 · Tokens
20after4 added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
In T15090#2141, @avivey wrote:

@avivey Would it make sense to add a public announcement to Diviner or Phiction? Or perhaps we use Phame for this use case (Create a "Security Incidents" blog)? I always think of a task as an actionable item, whereas we would want this to exist forever.

Yes, probably. "Announcements"-style thing

Apr 24 2022, 17:51 · Phorge General/Unknown, Restricted Project
20after4 created T15095: Setup an announcements blog with Phame.
Apr 24 2022, 17:51 · Phorge Upstream

Apr 22 2022

Bezalel updated Bezalel.
Apr 22 2022, 12:50
jmeador added a comment to April 19, 2022.

@speck Would it be totally unreasonable to instead do:

Apr 22 2022, 03:06 · Governance

Apr 20 2022

Matthew added a comment to T15026: Create a migration guide to move from Phabricator to Phorge.

As of right now, we have made no changes to the database and other "internals" - our work has been focused on rebranding as "Phabricator" is a trademarked name. For this reason, a rough migration path would be to check out the master branch of rP, copy the config directory from Phabricator to Phorge, and then point Phorge to your Phabricator database. I have tested it myself locally and it appears to work, however; if you have any issues feel free to ask a question on Ponder here and we can get back to you!

Apr 20 2022, 13:47 · Phorge
dcog added a comment to April 19, 2022.

translations,The rebranding approach of changing the pht() keys will invalidate a lot of existing translations. Investigate if there are ways to avoid this.

Apr 20 2022, 13:47 · Governance
speck edited the content of April 19, 2022.
Apr 20 2022, 13:06 · Governance
Higgs added a comment to T15026: Create a migration guide to move from Phabricator to Phorge.

We are now at a decision point where we either install Phorge from Scratch or migrate Phabricator to Phorge.

Apr 20 2022, 09:57 · Phorge
javier closed Q11: upgrade phabricator to phorge as resolved.
Apr 20 2022, 08:26
javier added Q11: upgrade phabricator to phorge (Answer 2).
Apr 20 2022, 08:26
speck added a comment to April 19, 2022.

There is quite a bit of text that is setup like this:

pht(
  'blah blah blah %s blah blah'.
  'blah blah Phabricator blah %s'.
  'blah blah.',
  $var1,
  $var2);
Apr 20 2022, 02:54 · Governance
dcog added a comment to T15094: Catch up the master branch to upstream.

Created {D25036}

Apr 20 2022, 02:04 · Trusted Contributors, Phorge
dcog created T15094: Catch up the master branch to upstream.
Apr 20 2022, 01:41 · Trusted Contributors, Phorge

Apr 19 2022

Matthew changed the visibility for Q11: upgrade phabricator to phorge.
Apr 19 2022, 22:45
Matthew changed the Default View Policy policy for application Ponder from All Users to Public (No Login Required).
Apr 19 2022, 22:45
Matthew added Q11: upgrade phabricator to phorge (Answer 1).
Apr 19 2022, 22:39
chris merged T15093: 502 Bad Gateway error when attempting to view repo info into T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
Apr 19 2022, 22:32 · Phorge General/Unknown, Restricted Project
chris merged task T15093: 502 Bad Gateway error when attempting to view repo info into T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
Apr 19 2022, 22:32 · Upstream General/Unknown
chris added a comment to T15093: 502 Bad Gateway error when attempting to view repo info.

This is a direct result of T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation - confirmed in the Nginx error logs:

STDERR
fatal: unsafe repository ('/var/repo/1' is owned by someone else)
To add an exception for this directory, call:
Apr 19 2022, 22:32 · Upstream General/Unknown
dcog added a comment to April 19, 2022.

As I started to thinking about the script to process the pht() files, it hit me that converting something something like:

Apr 19 2022, 21:58 · Governance
dcog added a comment to April 19, 2022.

FYI, it seemed that the issue with the wiki preview loading may be been related to tagging names... if the tags are removed, the preview loads

Apr 19 2022, 21:43 · Governance
Matthew added a project to T15092: Automatic deploy onto we.phorge.it: Upstream General/Unknown.
Apr 19 2022, 21:35 · Upstream General/Unknown
dtf added a comment to May 3, 2022.

Nice one, thanks @Matthew!

Apr 19 2022, 21:27
dtf edited the content of May 3, 2022.
Apr 19 2022, 21:26
dtf added a comment to T15093: 502 Bad Gateway error when attempting to view repo info.

Hmm, possibly depending on how it's hosted? What I saw when that CVE was announced on a local instance and on secure. was like the below screenshot, where the repo page was still visible but file structure and recent commits were b0rked:

Apr 19 2022, 21:23 · Upstream General/Unknown
Matthew added a member for Trusted Contributors: luca.itro.
Apr 19 2022, 21:03
Matthew edited projects for T15093: 502 Bad Gateway error when attempting to view repo info, added: Upstream General/Unknown; removed Diffusion.

Related to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation perhaps? Revisions are stored in the database that's why they're viewable, but the main repository page requires a call to git.

Apr 19 2022, 21:00 · Upstream General/Unknown
Matthew added a comment to May 3, 2022.

@dtf I've added you to the Trusted Contributors project, so you should be able to edit the page now.

Apr 19 2022, 20:58
Matthew added a member for Trusted Contributors: dtf.
Apr 19 2022, 20:57
dtf added a comment to May 3, 2022.

(I am unable to edit the document directly, would someone with the right permissions mind adding this to the agenda please?)

Apr 19 2022, 20:30
dtf added a project to T15093: 502 Bad Gateway error when attempting to view repo info: Diffusion.
Apr 19 2022, 20:08 · Upstream General/Unknown
dtf created T15093: 502 Bad Gateway error when attempting to view repo info.
Apr 19 2022, 20:07 · Upstream General/Unknown
Matthew created an object: May 3, 2022.
Apr 19 2022, 20:04
Matthew edited the content of Planning Meetings.
Apr 19 2022, 20:03
Matthew edited the content of April 19, 2022.
Apr 19 2022, 20:02 · Governance
dtf updated dtf.
Apr 19 2022, 19:39
speck updated the task description for T15092: Automatic deploy onto we.phorge.it.
Apr 19 2022, 19:31 · Upstream General/Unknown
speck created T15092: Automatic deploy onto we.phorge.it.
Apr 19 2022, 19:29 · Upstream General/Unknown
Matthew edited the content of April 19, 2022.
Apr 19 2022, 19:04 · Governance
javier updated the question details for Q11: upgrade phabricator to phorge.
Apr 19 2022, 13:56
javier updated Q11: upgrade phabricator to phorge from upgrade phabricator to forge to upgrade phabricator to phorge.
Apr 19 2022, 10:40
javier asked Q11: upgrade phabricator to phorge.
Apr 19 2022, 10:40

Apr 18 2022

avivey added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
Apr 18 2022, 19:00 · Phorge General/Unknown, Restricted Project

Apr 16 2022

golyalpha added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.

apparently, Ubuntu maintainers have backported a patch for the older version of git in 20.04 LTS, downgrading to version 1:2.25.1-1ubuntu3 seems to be a temporary workaround, losing the following patches:

I don't think having people downgrade is a good idea. I think we should probably cherry-pick Evan's fix from upstream into the phorge codebase.

Apr 16 2022, 04:58 · Phorge General/Unknown, Restricted Project

Apr 15 2022

Matthew added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.

apparently, Ubuntu maintainers have backported a patch for the older version of git in 20.04 LTS, downgrading to version 1:2.25.1-1ubuntu3 seems to be a temporary workaround, losing the following patches:

Apr 15 2022, 23:40 · Phorge General/Unknown, Restricted Project
golyalpha added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.

ahh, I was wondering why my Phorge install suddenly broke - seems to be the case here too

Apr 15 2022, 19:38 · Phorge General/Unknown, Restricted Project

Apr 14 2022

Matthew added a project to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation: Phorge General/Unknown.

We need to cherry-pick and import the changes Evan made into the Phorge repository as well...

Apr 14 2022, 13:45 · Phorge General/Unknown, Restricted Project
toilet_bowl_singapore updated toilet_bowl_singapore.
Apr 14 2022, 05:03

Apr 13 2022

avivey shifted T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation from the Restricted Space space to the S1 Public space.
Apr 13 2022, 18:10 · Phorge General/Unknown, Restricted Project
avivey changed the visibility for T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
Apr 13 2022, 18:10 · Phorge General/Unknown, Restricted Project
avivey added a comment to T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.

err, I was trying to put it out as a Security PSA, so I clicked "Create security task" which I guess is the opposite of a PSA...

Apr 13 2022, 18:09 · Phorge General/Unknown, Restricted Project
avivey created T15090: CVE-2022-24765 - Multi-user Git Privilege Escalation.
Apr 13 2022, 18:07 · Phorge General/Unknown, Restricted Project

Apr 11 2022

20after4 added a comment to T15084: Discussion: Maniphest vs Ponder for user support.

I'm setting the "Moderate" policy on Ponder to Trusted Contributors and I'll add a link to Ponder from the default home page.

Apr 11 2022, 17:17 · Phorge Upstream
20after4 changed the Moderate Policy policy for application Ponder from Administrators to Trusted Contributors (Project).
Apr 11 2022, 17:16
20after4 awarded T15084: Discussion: Maniphest vs Ponder for user support a Mountain of Wealth token.
Apr 11 2022, 17:15 · Phorge Upstream

Apr 9 2022

dcog added a comment to April 5, 2022.

Some initial findings on Rector...

Apr 9 2022, 19:43 · Governance

Apr 6 2022

20after4 awarded April 5, 2022 a Mountain of Wealth token.
Apr 6 2022, 16:59 · Governance

Apr 5 2022

Matthew created an object: April 19, 2022.
Apr 5 2022, 20:00 · Governance
Matthew edited the content of Planning Meetings.
Apr 5 2022, 19:58
Matthew added a comment to T15012: Update Diviner documentation to reference Phorge.

As discussed in {E2}, we might add temporary banners to Diviner to state that we are rebranding. This would allow some time for us to handle the code rebrand and address the underlying Diviner issues before we edit everything twice.

Apr 5 2022, 19:56 · Phorge
Matthew assigned T15084: Discussion: Maniphest vs Ponder for user support to 20after4.

As discussed in {E2}, we will be implementing this to control spam for now. If this doesn't work, we will revisit this discussion.

Apr 5 2022, 19:53 · Phorge Upstream
Matthew edited the content of April 5, 2022.
Apr 5 2022, 19:52 · Governance
avivey changed the join policy for Trusted Contributors.
Apr 5 2022, 19:45
Matthew triaged T15088: Allow for Diviner books to live in their own Repo as Wishlist priority.
Apr 5 2022, 19:00 · Harbormaster, Diviner
Matthew added a comment to T15012: Update Diviner documentation to reference Phorge.

I will note that also the tech docs aren’t fully generated since there should be docs for most of the phorge/phabricator classes. Also the arcanist docs aren’t generated at all.

Apr 5 2022, 18:57 · Phorge
Matthew created an object: April 5, 2022.
Apr 5 2022, 18:46 · Governance
Matthew edited the content of Planning Meetings.
Apr 5 2022, 18:41

Apr 4 2022

Matthew renamed T15087: [removed] from Can Cash App Be Hacked If You Are A New User Who Is Using The Low Security Feature? to [removed].
Apr 4 2022, 18:11
golyalpha added a comment to T15059: Phabricator doesn't email @outlook.com addresses.

Alright, I've just went through a similar process - they apparently have changed their process a little but there still is a form to fill out: https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0&wfname=capsub&productkey=edfsmsbl3 (you need a Microsoft Account to fill it out, but they'll contact you on the contact email you give in the form)

Apr 4 2022, 10:06 · Phorge
golyalpha closed T15087: [removed] as Invalid.

Obviously spam.

Apr 4 2022, 09:58
miler7425 created T15087: [removed].
Apr 4 2022, 06:21

Apr 3 2022

golyalpha created T15086: Support Inbound Mail over IMAP.
Apr 3 2022, 18:17 · Mail

Apr 2 2022

alinaparker186 updated alinaparker186.
Apr 2 2022, 13:00
canvas_supplier_singapore updated canvas_supplier_singapore.
Apr 2 2022, 10:41

Apr 1 2022

golyalpha added a comment to T15082: Consider allowing milestone columns to be ordered arbitrarily on workboards.

Reordering milestones is convenient when you want to treat milestones as workflow steps rather than sequential numerical versions.

Apr 1 2022, 05:40 · Projects

Mar 31 2022

20after4 added a comment to T15082: Consider allowing milestone columns to be ordered arbitrarily on workboards.

epriestley was very much against this idea but wikimedia's users loved it.

Do we have epristley's reasoning as to why he was against this? Might help in deciding about including this patch in Phorge.

Mar 31 2022, 23:55 · Projects
bird_control updated bird_control.
Mar 31 2022, 09:27

Mar 30 2022

Matthew closed D25035: Hide the blurb of a user when that user is disabled.
Mar 30 2022, 15:17
Matthew committed rP7d4357683a31: Hide the blurb of a user when that user is disabled (authored by Matthew).
Hide the blurb of a user when that user is disabled
Mar 30 2022, 15:17
Matthew renamed T15085: [removed] from Can Cash App Be Hacked If Someone Compromise The Password? to [removed].
Mar 30 2022, 15:10
Matthew closed T15085: [removed] as Spite.
Mar 30 2022, 15:10
dinhickup updated dinhickup.
Mar 30 2022, 06:09
dinhickup created T15085: [removed].
Mar 30 2022, 06:07
mrbk25 updated mrbk25.
Mar 30 2022, 04:43
mrbk25 updated mrbk25.
Mar 30 2022, 04:43
mrbk25 updated mrbk25.
Mar 30 2022, 04:42