Upgrade Node/NPM on Build Server

Could Node please be upgraded to the latest LTS version (8.11.2), and NPM upgrade to 6.1.0?

#prio1

Update Trac to 1.0.16

There are a bunch of useful bits in more recent TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. 1.0 releases that we could use.

Also, the TracXMLRPC pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party had some compatibility issues with Trac 1.0, they were fixed in version 1.1.3, but there were also a handful of bug fixes in later versions, so upgrading that to 1.1.6 would be nice.

 

Symlink for new template file on meta.trac

[4621] adds a new template file for meta.trac.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ which, according to @nacin, needs to be symlinked.

Could someone do that please? Thanks!

#prio3

Kathryn Presner has notified us…

Kathryn Presner has notified us that she is not receiving some emails from Themes TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/.. I’ve been investigating this issue and found that the emails do get sent out, but they are sometimes broken – they are sometimes missing the ‘To’ headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes..
I’ve tried to find the root cause of this, but with no luck. Our trac install has plenty of custom modules, and a few local patches. One of them does modify the notification.py file, but i couldn’t locate any code that could cause this issue.
I’ve looked through the themes mailbox for automattic user, and found around ~1100 emails since 2014 that did not contain the To header (and were from themes trac), which is quite a big number as there’s not that many emails coming from themes trac.

Can somebody who has worked with customising / writing patches for wporg Trac have a look at this issue? I know @nacin did some, not sure who else.

An example comment for which the To header was missing is this one. I can find more if needed.

Example raw content of a broken email:

Return-Path: <noreply@wordpress.org>
X-Original-To: themes@automattic.com
Delivered-To: themes@automattic.com
Received: from localhost (localhost.localdomain [127.0.0.1])
        by smtp1.lax.automattic.com (Postfix) with ESMTP id 4D01C16C605A;
        Tue,  3 Jan 2017 20:25:43 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at wordpress.com
X-Spam-Flag: NO
X-Spam-Score: 0.072
X-Spam-Level:
X-Spam-Status: No, score=0.072 tagged_above=-999 required=5
        tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
        DKIM_VALID_AU=-0.1, MISSING_HEADERS=1.021,
        REPLYTO_WITHOUT_TO_CC=1.552, RP_MATCHES_RCVD=-0.5, SPF_PASS=-0.001]
        autolearn=no
Authentication-Results: smtp1.lax.automattic.com (amavisd-new);
        dkim=pass (1024-bit key) header.d=wordpress.org;
        domainkeys=pass (1024-bit key) header.from=noreply@wordpress.org
        header.d=wordpress.org
Received: from smtp1.lax.automattic.com ([127.0.0.1])
        by localhost (smtp1.lax.automattic.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id mji5gHMhfkVq; Tue,  3 Jan 2017 20:25:42 +0000 (UTC)
Received: from mail.wordpress.org (lb2.lax.wordpress.org [66.155.40.19])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by smtp1.lax.automattic.com (Postfix) with ESMTPS id D818016C6094
        for <themes@automattic.com>; Tue,  3 Jan 2017 20:25:42 +0000 (UTC)
Received: from mail.wordpress.org (localhost.localdomain [127.0.0.1])
        by mail.wordpress.org (Postfix) with ESMTP id BA70D214159;
        Tue,  3 Jan 2017 20:25:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=wordpress.org; h=
        mime-version:content-type:content-transfer-encoding:from:date
        :reply-to:subject:message-id:references:in-reply-to; s=wp1; bh=4
        RMdfkSspyf94FiOiv44TS+QOpY=; b=fsqVz4XlXzJl4vkCdss1hxBmnUmhe1PDr
        nUq22LBvQ06Wf8P7hg410wP3lj9lAseMa408lEIapTpr/RV2MeQu9FC5JPtrXQNV
        qtR0j6ziwKPBAKEO4T3ELRL0p5N6DuOv0Fi2XaJjhOh/1ZP8BuNyQURQ317wu1bB
        G+vuLirP18=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=wordpress.org; h=
        mime-version:content-type:content-transfer-encoding:from:date
        :reply-to:subject:message-id:references:in-reply-to; q=dns; s=
        wp1; b=aAJpRBd8dOO1D4a/Gj1/kPKkmz+VU71wx8qkx2xwxg6f10x4MjKgVStOF
        vUJvK4AYXWnOWJypHIFOsSCdLsOhllcocSZR0kvCvjlHod8mgppfIWM8qexOh2xV
        EW5qlb/Y66t51MCNSzPol8AjY1XCoYsSkczkk1zd6ScTR/DT9U=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
From: "WordPress Themes" <noreply@wordpress.org>
X-Trac-Version: 1.0.1
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 1.0.1, by Edgewall Software
X-Trac-Project: WordPress Themes
Date: Tue, 03 Jan 2017 20:25:13 -0000
Reply-To: theme-reviewers@lists.wordpress.org
X-URL: https://themes.trac.wordpress.org/
Subject: =?utf-8?b?UmU6IFtXb3JkUHJlc3MgVGhlbWVzXSAjMzQ0NzY6IFRIRU1FOiBS?=
 =?utf-8?b?ZWJhbGFuY2Ug4oCTIDEuMS4y?=
X-Trac-Ticket-URL: https://themes.trac.wordpress.org/ticket/34476#comment:7
Message-ID: <071.a6e2191aa2ba7a4f4c3caee661ef5a26@wordpress.org>
References: <056.00d47f9a37a313e887ad08a208d6a56a@wordpress.org>
X-Trac-Ticket-ID: 34476
In-Reply-To: <056.00d47f9a37a313e887ad08a208d6a56a@wordpress.org>

IzM0NDc2OiBUSEVNRTogUmViYWxhbmNlIOKAkyAxLjEuMgotLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tKy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpSZXBvcnRlcjogIGF1dG9tYXR0aWMgICAg
ICAgfCAgICAgICBPd25lcjogIGFjb3NtaW4KICAgIFR5cGU6ICB0aGVtZSAgICAgICAgICAgIHwg
ICAgICBTdGF0dXM6ICByZXZpZXdpbmcKUHJpb3JpdHk6ICBuZXcgdGhlbWUgICAgICAgIHwgIFJl
c29sdXRpb246CktleXdvcmRzOiAgdGhlbWUtcmViYWxhbmNlICB8Ci0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0rLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpDb21tZW50IChieSBncmFwcGxl
cnVscmljaCk6CgogQGthcm1hdG9zZWQgQ2FuIHlvdSBjaGVjayB0aGF0IGFuIHVwZGF0ZSBpcyB1
cGxvYWRlZCBub3cgdGhhdCBob2xpZGF5cyBhcmUKIG92ZXI/IFRoZXJlIGFyZSB0d28gb3RoZXIg
dGhlbWVzIHRoYXQgbmVlZCB1cGRhdGVzIHRvby4KCi0tClRpY2tldCBVUkw6IDxodHRwczovL3Ro
ZW1lcy50cmFjLndvcmRwcmVzcy5vcmcvdGlja2V0LzM0NDc2I2NvbW1lbnQ6Nz4KV29yZFByZXNz
IFRoZW1lcyA8aHR0cHM6Ly90aGVtZXMudHJhYy53b3JkcHJlc3Mub3JnLz4KV29yZFByZXNzLm9y
ZyBUaGVtZSBEaXJlY3RvcnkgUmV2aWV3cwo=

HTTPS Redirect for International Sites

Originally reported in #meta-1132.

There is currently no auto-redirect to HTTPS for our local sites like https://de.wordpress.org/. It had worked for a short time because of a change in WP (#27954) to redirect_canonical() but it got reverted later (#29708). In a chat with @nacin he proposed that this should be handled on our LBs.

We currently have ~145 local sites. Adding all subdomains to a redirect rule isn’t something we want I think. Can we force all subdomains to be HTTPSHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information.? AFAIK only api.w.org and planet.w.org would be an exception.

BuddyCamp.org DNS and nginx aliases, wildcard certificate

@camikaos and I would like to start creating sites for BuddyCamps on the WordCamp.org multisiteMultisite Multisite is a WordPress feature which allows users to create a network of sites on a single WordPress installation. Available since WordPress version 3.0, Multisite is a continuation of WPMU or WordPress Multiuser project. WordPress MultiUser project was discontinued and its features were included into WordPress core.https://codex.wordpress.org/Create_A_Network. installation, but using the buddycamp.org domain. The domain is already in MarkMonitor and Matt gave the ok to use it.

Could someone from systems/@nacin please setup aliases in DNSDNS DNS is an acronym for Domain Name System - how you assign a human readable address to a website’s exact numeric coded location (ie. wordpress.org uses the actual IP address 198.143.164.252). and nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/.?

We’ll also need a wildcard cert for buddycamp.org, since we’re ready to FORCE_SSL_ADMIN across all WordCamp.org sites.

Can johnbillion please be given a sandbox I…

Can johnbillion please be given a sandbox? I can set up commit access and such.

#sandbox

We’re going to be doing a HEAD request…

We’re going to be doing a HEAD request to https://api.wordpress.org/translations/core/1.0/?version=4.1 on the 4.1 about page, in JavaScript. While the heavy operations performed there are cached in memcache for 15 minutes, I think it may be prudent for us to (temporarily?) cache it at the load balancers to avoid being CPU-bound.

Suggestion: cache OPTIONS and HEAD requests to https://api.wordpress.org/translations/core/1.0/ for a period of time. A minute or 15 minutes is fine, but so is an hour.

#caching, #lb, #request

@nacin the new Training team would like to…

@nacin, the new Training team would like to use training@ in conjunction with SupportFlow. Could you please setup the address for them? Once it’s active I can setup SupportFlow.

xref https://make.wordpress.org/systems/2014/11/18/email-google-apps/
cc @liljimmi

#email

Email & Google Apps

We have a handful of @wordpress.org email addresses set up as forwards. For the teams that need an official email address and a supportpress/supportflow setup, we have been doing addresses on wordcamp.org (which has mailboxes) or setting up one-off gmail addresses to handle the mailbox, the owner of which might get lost over time. I talked to Barry at the team meetupMeetup All local/regional gatherings that are officially a part of the WordPress world but are not WordCamps are organized through https://www.meetup.com/. A meetup is typically a chance for local WordPress users to get together and share new ideas and seek help from one another. Searching for ‘WordPress’ on meetup.com will help you find options in your area. days at WCSF about this and he said we should put wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ on gmail for email. Matt said this was okay.

I’ve reclaimed the Foundation account for google apps for non-profits (a WC organizer had used the tax id to claim it without asking first, so we had to jump through some hoops). I’ve set up the account and gone through the steps with Ashish Shukla to have it recognize wordpress.org as the domain. The next step would be to modify the MX record to start routing email through the google apps account, but that gets complicated when it comes to ensuring no disruption to existing forwards, which is why Ashish and I were waiting for Barry to be available. When I spoke to Barry today, he said that @nacin is doing something around email too, so now he’s not super comfortable making changes at all lest we inadvertently step on each others’ toes.

@nacin: what is the thing you are doing with email, and does it preclude a shift to having actual mailboxes that are official? Let’s coordinate with whomever else is working on this to make sure everyone’s needs are met. I’m happy to share the google credentials with the appropriate people to get it going. We also get stuff like official hangouts the teams can use, calendar, etc. as part of the google apps account. If there’s a reason *not* to take Barry’s advice about using google apps/gmail for the team emails, I can remove wordpress.org from the google account (if so, please explain).

#email, #gmail