PHP Meeting Recap – October 15th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • We discussed how the php-error.php drop-in in WSOD protection and the 500.php in the PWA feature plugin would relate to each other and how work could potentially be deduplicated/harmonised.
  • The php-error.php drop-in in WSOD protection is used server-side when a fatal error was caught. As it could be triggered by a theme or before the theming functionality has actually been loaded, it cannot be styled through a theme. It is “always-on”, though, and catch fatal errors very early on in the bootstrapping process.
  • The 500.php template from the PWA feature plugin is displayed by client-side code when the request made by the service worker returns a HTTP 500 status code. To achieve this, an offline cache is built through the service worker, and the site is requested to do a server-side rendering of the 500.php once so that it can be cached for the case where it is needed. Because of this, it can be styled through the theme, as the request to actually render is is a normal “render a page template” request. It requires for the service worker to have been installed previously and the server to have successfully rendered the page template once so that it can be cached. This means that there scenarios where this mechanism is not yet available.
  • There is an error query variable that would be a good fit to reuse for the 500 and offline mechanisms of the PWA feature plugin, but this would first require a change in WordPress Core as this query variable is currently being unset. There is already a Trac ticket to change this. For now, the PWA feature plugin uses a custom query variable wp_error_template instead.
  • Currentl functionality already should work as-is to always catch fatal errors on the server side and display the php-error.php drop-in, and if the service worker is active and the 500.php has already been cached, it will be used to progressively enhance the php-error.php drop-in to style it according to the current theme.
  • @westonruter suggested a change to make this more reliable and explicit by adding header information to the WSOD screen along the lines of X-WP-WSOD: true.
  • We should also add some token to the rendered page, as the headers might already have been sent in some scenarios, like a special form of HTML comment.
  • @joyously has added that for diagnosing errors, having access to even half of a HTML page can help, so cleaning everything out might further obfuscate the nature of errors.
  • @flixos90 argued that the php-error.php might not even be needed, with PWA as a later option in the future.

Next week’s meeting

  • Next meeting will take place on Monday, October 22nd, 2018 at 15:00 UTC in #core-php.
  • Agenda: Discuss current roadmap and priorities.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy, #summary

PHP Meeting Recap – October 8th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • We started discussing how themes should be approached in terms of the WSOD protection (see the Trac ticket / GitHub PR).
  • We noticed that, when the active theme is deleted, the frontend will simply show a blank screen, so there are no critical implications of what happens when no theme can be initialized. What needs to happen is therefore to just flag the theme as paused so that it isn’t loaded, with no further handling being necessary.
  • A Resume button for themes should be added to the Appearance admin screen, similar like there is one for plugins, displayed to those that have the resume_theme capability, which should map to the existing switch_themes.
  • An observation was made along the lines that the default PHP error output also renders with the frontend message that something broke. While path disclosure is a problem, such messages should never display on production sites that are set up with something like the ini_set( 'display_errors', 0 ) directive. WordPress does not take care of setting this itself, which can be discussed in a ticket, but is not related to our WSOD protection efforts.

Next week’s meeting

  • Next meeting will take place on Monday, October 15th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Discuss how the php-error.php template from the WSOD protection project and related efforts made in the PWA feature plugin can be implemented in a coherent way. @westonruter had highlighted that there were similarities, but also differences, and a common solution should be found.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy

Dev Chat Summary: October 10 (5.0 Week 2)

This post summarizes the dev chat meeting from October 10th (agenda, Slack archive).

5.0 planning

  • See @pento’s WordPress 5.0 for Contributors and Committers post:
    • “If you’re an experienced contributor or committer who has time available during the WordPress 5.0 release cycle, and want to be able to make meaningful contributions towards making WordPress 5.0 awesome” … “Please reply to this post with information about your availability, what components of WordPress you have experience in, and (if you haven’t got involved with Gutenberg yet) what you feel has been getting in the way.”
    • In that post are some direct actions you can take to help contribute to 5.0, otherwise please review and comment if you’ll be around during the 5.0 release cycle… thanks!
  • Also see review @pento‘s 5.0 commit/branch details if you plan to contribute during the 5.0 release cycle
  • @pento: if you have time to help, please review tickets in the 5.0 milestone to determine whether to keep it in 5.0 (Gutenberg-related), or move to 5.0.1 (other bug fix) or 5.1 (other feature)
  • @kadamwhiterequest for help testing Lazily Evaluate Translation Strings (#41305) with input requested by the end of this working week to help remove the blocker to further Gutenberg localization work
  • Plans for an updated readme.html to be committed with contributions open until RC
  • @chanthaboune: collecting blocker items and dates across team reps, will post listing to Make/Core, if you have items to add to the listing please ping @chanthaboune directly
    • @matt: 5.0 baseline and goal is 4.9.8 + Gutenberg, thus a lot of things that may have been considered blockers in past major releases are probably going to be reclassified as “nice to have”
  • @matveb: last JS package included in the Gutenberg 4.0 RC, on track and could be ready for end of the week

Updates from focus leads and component maintainers

General announcements

  • See @matt‘s post for details on the Gutenberg Phase 2 Leads, @alexislloyd (design and product) and @youknowriad (technical)
    • Phase 2 is about thinking outside the box, namely the post and page box, to allow Gutenberg to handle entire-site layouts. We will replace widgets with blocks, so any block will be able to be used in any registered “sidebar” for legacy themes, and we will upgrade “menus” to a navigation block.
    • Phases 3 and 4 of Gutenberg at WordCamp US in December.
  • @audrasjb: a11y team reorganizing, will discuss during next week’s meeting
  • @chanthaboune: as teams identify new/updated team reps, please follow notes on team rep orientation

Next meeting

The next meeting will take place on October 17, 2018 at 20:00 UTC in the #core Slack channel. Please feel free to drop in with any updates or questions. If you have items to discuss but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#5-0, #a11y, #core, #core-editor, #core-js, #core-media, #core-php, #core-restapi, #dev-chat, #gutenberg, #summary, #team-reps

PHP Meeting Recap – October 1st

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • After last week’s meeting, we briefly continued discussing whether we should move forward with a hardcoded approach for the Update PHP page. While it is currently a regular WordPress page, we confirmed that decision, with the most important reason being its better trackability for string changes, and thus better handling for translators. In addition, the hardcoded approach should be quicker to develop because it does not involve dynamic content such as Gutenberg blocks.
  • It was decided that #3789 should be repurposed for that. @flixos90 said he would be up for it and will work on a first meta patch soon.
  • We then discussed the WSOD protection, particularly recent comments made on its ticket #44458.
    • We decided that the is_protected_endpoint() result should be filterable, however only for adding further endpoints. It should not be possible to alter the protected core endpoints.
    • The php-error.php drop-in should be responsible for outputting the HTTP status header and rendering HTML markup to the page. With this functionality being limited to a template, it is in line with the existing db-error.php. More importantly, with this approach sites that use the drop-in will still get the benefits of detecting multiple errors in one go by using redirects.
    • The function is_ssl() is always loaded when it would be needed by the new code (since it is part of wp-includes/load.php), so there is no need to think about what to do when it is not available.
  • @flixos90 confirmed that the multisite team would review the existing code the same week. This feedback has since been posted on the ticket. As of now, most of this feedback is already implemented on the latest patch. Please see the ticket for an explanation of the changes including screenshots, and the underlying GitHub pull-request for a better overview of the code.
Network Admin UI for the (manually) broken "Hello Dolly" plugin
Network Admin UI for the (manually) broken “Hello Dolly” plugin. Network administrators see information about the sites affected and can resume execution for the entire network, essentially force-resuming the plugin for every site.

Next week’s meeting

  • Next meeting will take place on Monday, October 8th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Review the latest patch, gather feedback and ideas, particularly in regards to multisite support and theme support, the latter of which is yet to be added.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy

PHP Meeting Recap – September 24th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

Update PHP Page

We first discussed the current implementation of the dynamic block we want to include at the top of the “Update PHP” page.

  • @nerrad had already implemented a Gutenberg block to provide this functionality. It has multiple fields in its sidebar to allow adapting the text to display.
  • @dd32 suggested looking into a hardcoded PHP template instead, to reuse Glotpress functionality for the translation workflow. Otherwise, it is very difficult for translators to know when strings had been updated. Also, this would ideally go into the theme for the Support subsite, instead of a plugin, to isolate the changes to this subsite only.
  • We mostly agreed that internationalization is easier with a hardcoded approach where the strings to localize are found in the code. @sergey pointed out that this is how all the content is done on the main wordpress.org site and linked to an example.
  • The approach to take would be to create a page wporg-support/page-update-php.php and hardcode the content into that.
  • This discussion showed that we wasted a lot of time (@nerrad invested up to 10 hours into the first iteration of the plugin), because the actual requirements were never mentioned before starting. We should think about how we can avoid situations like this in the future, making sure we don’t invest time in “non-options”.

WSOD Protection

We then moved on to discuss progress on #44458 – Catch WSODs and provide a means for recovery for end users.

  • The current implementation is missing logic for themes and might not yet work correctly on multisite installations.
  • @flixos90 will mention the ticket during the multisite meeting to look at what would be necessary for making it work with multisites.
  • For themes, @afragen quickly tested what would happen when no theme at all would be loaded. The login screen and the admin backend do not seem to be affected.
  • For skipping to load a theme that throws errors, we can add an additional condition in the bootstrap code where WP decides whether to load the functions.php file or not.

Next week’s meeting

  • Next meeting will take place on Monday, October 1st, 2018 at 15:00 UTC in #core-php.
  • Agenda:
    • Discuss hardcoded approach to “Update PHP” page.
    • Collect feedback on multisite approach for WSOD protection.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core, #core-php, #php, #servehappy, #summary

Dev Chat Summary: September 12, 2018 (4.9.9 week 5)

This post summarizes the weekly dev chat meeting held Wednesday, September 12, 2018 at 20:00 UTC. Agenda | Slack archive


4.9.9 Planning

We have a Road Map and she is gorgeous. Thank you @antpb and @schlessera for putting it together. Here’s a summary:

Suggested Timeline

We will reassess these dates after the three-week mark:

  • Beta : Monday October 22, 2018
  • Release Candidate : Monday October 29, 2018
  • Release Date : Monday November 5, 2018

Key Focuses

If you’re interested in helping out with these topics, hit up these Slack channels:

*Not real but should be.

Bug Scrubs

  • The plan is to run them weekly in the #core Slack channel across multiple timezones. Schedule 👏 Coming 👏 Soon 👏

Focus Lead and Component Maintainer Updates

Notes and Summary Posts

Additional Updates/Requests

  • From PHP Servehappy: More testers are needed for the WSOD protection on real-life, complex sites to reveal edge cases. A “complex site” is basically any site running locally with random plugins and random code.

If you’re thinking about get all up in these Focus and Component Maintainer teams, try attending a chat. Here’s the comprehensive list.


Open Floor

Tickets

Anyone can submit a ticket for the Open Floor. Send your submission to @jeffpaul or moi (@whitneyyadrich), or comment on the agenda for that week’s chat.

  • #12563: New action on body open – Submitted via @welcher. Will be discussed in the #themereview meeting.
  • #32326: Improve Support for Structured Data – This one pairs nicely with the ticket above, so the conversation should be happening in the #themereview room and scheduled chat.
  • #25280: wp_localize_script unexpectedly converts numbers to strings – Submitted via @adamsilverstein and Ivan Kristianto. Lots of words about code were had in the chat, and then the conversation was moved to the ticket itself.

General Announcements

Dev Chat Schedule

@psykro published his proposal for a second <dev chat> and it’s open for your comments. I’m sure we’ll touch on this during tomorrow’s dev chat, too. 

As always, anyone is welcome to join <dev chat> every Wednesday at 20:00 UTC. As I said in the chat, to sorta quote the late, great Notorious B.I.G.

I’m goin’ go call my WP crew
You go call your WP crew
We can rendezvous in <dev chat> tomorrow around two (or Wednesday at 20:00 UTC)

#summary, #4-9-9, #core, #dev-chat

PHP Meeting Recap – August 20th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • We continued reviewing the content of the Update PHP page, which is available in this Google document.
  • We specifically looked at the closing section that acts as a summary, wondering whether it could be highlighted more or whether it is even needed. In the end it was decided to keep it as it is, as web readers typically expect a conclusion to occur at the end of a resource. Furthermore it leaves them with a positive attitude about their (future) achievement.
  • There were two comments about redundancy of paragraphs describing what would be the topic of the respective next section, since they are followed by a heading telling the same thing. However, as linking paragraphs they improve the reading flow and therefore should remain present.
  • A couple of minor wording improvements were discussed and applied.
  • It was agreed that the only outstanding change is the removal of all the hosting-specific tutorial links. They should be replaced with a single link to an external resource containing those links, similar how it is in the current live version of the page. A long list of links would distract readers, furthermore a single external resource allows for more flexibility on how this is managed. For now, the single link should point to the hosting-specific tutorials list in the Servehappy resources repository. Once this change is present, the content of the Google document can go live, replacing the current Update PHP page content.
  • Before the meeting, at WordCamp Brighton, a new idea of coming up with a documentation pattern and distributing it to hosts in order to get them provide guides on how to update PHP on their environment was discussed. The idea was appreciated by everyone. While an involved task, it will iterate on the already present crowd-sourced resources repository.
  • It would make sense to use GitHub Pages for such a repository. Pointing to a repository directly would easily confuse non-technical users, and a simple website fetching the content from GitHub Markdown files would improve that greatly.
  • A consideration is the URL to use for that. GitHub Pages URLs for organization repositories contain both the organization name and the repository name, so for the servehappy resources directory, it would be WordPress.github.io/servehappy-resources, which is not very obvious for what it contains. A repository named update-php or update-php-resources would be a better alternative. Alternatively, a custom domain could be used. This needs to be carefully evaluated.

Next week’s meeting

  • Next meeting will take place on Monday, August 27th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Further discuss the approach for streamlining hosts’ PHP update tutorials and using GitHub Pages (or possible alternatives) for those resources.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy, #summary

PHP Meeting Recap – August 13th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • The content of the Update PHP page was further discussed. There is a Google document available where @alexdenning has been working on revised copy. It is open for comments if you have suggestions.
  • As a reminder, the goal is to shorten the copy by removing unnecessary technical details and thus more positively encouraging the user to update. At the same time, we must not omit that there may be issues and, most importantly, we have to educate about the prerequisite steps necessary to roll back in case a problem occurs that cannot be fixed quickly.
  • As most problems actually need technical assistance to solve, we should not go into too much detail there, but point out that they might want to get help from a developer in such a case. However, basic suggestions as finding a replacement plugin in case a plugin is incompatible should remain, as we still want to encourage users who would be unable or unwilling to hire a third person.
  • At the same time, with the improvements being made in #44458 we can actively encourage the update because, even in case of errors, the site owner will still be able to log in to the site to provide short-term fixes at least.
  • Over the course of the meeting, we made a couple comments on the document with the items we discussed. Please refer to the Google doc linked above for details.
  • We also briefly picked up discussion on visual assets for the page. While that should preferably happen after the copy is in place, it doesn’t hurt thinking about it already, especially since some pieces might be relatively independent of what the final copy will be like. These are ideas we have been considering:
    • Timeline of PHP versions and their end of lifes (dynamic including the passed PHP version, or not)
    • Graphic of the relation between server, PHP, website, WordPress (possibly also including plugins and themes)

Next week’s meeting

  • Next meeting will take place on Monday, August 20th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Further discuss the Update PHP page copy and visual assets to use.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy, #summary

PHP Meeting Recap – July 30th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

  • It was discussed which types of errors and exceptions to handle in scope of the sandbox mode (see #44458).
  • @schlessera presented a document in which he had prepared comprehensive resources and his suggestions for what to handle.
  • The approach was mostly agreed on, with the addition that the E_USER_ERROR type should also be covered, since many plugins make use of it, some of which are among the most popular ones.
  • The following PHP errors should be treated:
    • E_PARSE
    • E_ERROR
    • E_RECOVERABLE_ERROR
    • E_USER_ERROR
  • Regarding exceptions, only the base Exception and the PHP7 Error exception classes need to be treated, basically as a catch-all.
  • It is not necessary to wrap the try-catch statement catching Error into a PHP7 version check clause, since catch statements do not trigger autoloading since PHP 5.1, so there won’t be an issue on PHP versions below 7.
  • The following exceptions should be caught:
    • Exception
    • Error
  • Something to consider and test with the implementation is whether the shutdown handler plays well with other shutdown handlers possibly registered by plugins.
  • In addition to implementing treatment of the above errors and exceptions, an important item is how to handle multiple broken plugins: In the latest patch, when an error is detected and the plugin is paused, the next request might simply do the same thing if another plugin causes a problem. In case many plugins are affected, this presents a significant UX issue.
  • Therefore a mechanism is needed that detects multiple issues in one go without requiring further user interaction. Redirects and/or AJAX requests are ideas that could be used to accomplish that. @schlessera is going to continue working on that.
  • Due to the project becoming increasingly big, it was decided to proceed work through a pull request against a WordPress fork, to have a better overview of the incremental code changes. GitHub should only be used for the implementation while discussion can stay on Trac. A pull request has been opened for that purpose to which the latest patch has been ported over. Note: In order to test the code, it is only necessary to append a .diff extension to the PR.

Next week’s meeting

  • Next meeting will take place on Monday, August 6th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Continue discussion on avoiding WSODs in PHP.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #php, #servehappy, #summary

PHP Meeting Recap – July 23th

This recap is a summary of our previous PHP meeting. It highlights the ideas and decisions which came up during that meeting, both as a means of documenting and to provide a quick overview for those who were unable to attend.

You can find this meeting’s chat log here.

Chat Summary

Update PHP Page

We first discussed the “Update PHP” page content/layout.

@AlexDenning confirmed that work is being done on the page by @Jayman and him. He’ll send updates as they happen.

WSOD Protection

We then moved on to discuss progress on #44458 – Catch WSODs and provide a means for recovery for end users.

  • We collected thoughts about reframing the project from “Servehappy” to “Health Check Project”. This led to a lot of questions about what further changes this would allow that wouldn’t be covered by the “Servehappy” name. We could come up with a few examples, like:
    • helping people update their plugins & themes
    • keeping Core up-to-date
    • keeping MySQL up-to-date
    • organizing “Update Bars” at WordCamps & meetups
  • Then we discussed timing and whether we’re on track for 5.0. Basically, our changes can be merged/backported as soon as possible with the caveat that the following requirements need to be met first:
    • the “Update PHP” page needs to be reworked
    • the WSOD protection needs to be in place
  • We discussed the types of errors that the WSOD protection catches. The current proof-of-concept only catches PHP parse errors, but we can certainly catch other types of errors, provided we know without fail how to deal with them. @schlessera will set up a document to examine the possible errors and determine which ones to catch.
    We cannot simply catch all fatals unconditionally, as we wouldn’t know what to filter from load to make the site work again.
  • @flixos90 has created tickets to port the “Requires PHP:” header tag to themes: #44592 & #meta3718.

Post-Meeting

Link to the document discussing the different types of PHP errors to catch: https://www.notion.so/brightnucleus/WP-Sandbox-88738b62e9e947a7aeb8271d958a5497

Next week’s meeting

  • Next meeting will take place on Monday, July 30th, 2018 at 15:00 UTC in #core-php.
  • Agenda: Continue discussion on the avoiding WSODs in PHP.
  • If you have suggestions about this but cannot make the meeting, please leave a comment on this post so that we can take them into account.

#core-php, #meta3718, #php, #servehappy, #summary