Hosting Meeting Notes: February 1, 2017

Here is the summary of Make Hosting’s third meeting in #hosting-community on Wednesday, February 1, 2017 at 1600 UTC (Slack archive).

Updates

“Best Practices” Documentation

  • Some documentation has been sent in from a few sources.
    • Keep it coming!
  • @voldemortensen will try to get a call for docs up ASAP on the Make Hosting site.

Promoting WordCamps

  • @calebb and @smaffulli are working on documentation outlining the available APIs for the Make Hosting site.
    • Should be posted in the next few days.

Distributed Unit Tests

  • This project is still in need of a lead.
    • You’d chat with folks interested in working on the various parts to organize. Everyone will pitch in, but this needs a champion if we’re going to move forward.
    • C’mon, people… Doesn’t anybody want to do this?
  • Update from @octalmage re: defining a method for reporting back to .org.
    • Looked into using a pre-built tool (Jenkins, gocd) but both required custom plugins.
    • Those tools are built to grab results vs. having the reports submitted and have good integration with tools like TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. and GitHubGitHub GitHub is a website that offers online implementation of git repositories that can can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/.
    • Building something on our own would be a huge task.
  • The OpenStack project has a system with similar scope (RefStack) but it might be too hard to generalize.
    • The approach is that a client runs the tests, gets an XML output and feeds that into the RefStack server. (Example test results)
  • The tests need to be run on the exact server setup that users are going to be on.
    • This way, things like the ImageMagick issue that recently affected a few hosts will be caught early.
  • There was a long discussion around potential methods that could be used.
    • @octalmage agreed to collect the thoughts around this conversation for a future Make Hosting post.

Security

  • @aaroncampbell posted a disclosure of an additional fix in 4.7.x regarding an Unauthenticated Privilege Escalation Vulnerability in a REST APIREST API The REST API is an acronym for the RESTful Application Program Interface (API) that uses HTTP requests to GET, PUT, POST and DELETE data. It is how the front end of an application (think “phone app” or “website”) can communicate with the data store (think “database” or “file system”) https://developer.wordpress.org/rest-api/. Endpoint.

Feedback

Miss this meeting? Want to pitch in on one of the initiatives above? Please feel free to drop into the comments and share your thoughts.

Next Meeting

Our next meeting will be in #hosting-community on Wednesday, February 8, 2017 at 1600 UTC. If you can make that work with your schedule, we’d love to have you. Hope to see even more of you next week! 😃

#notes, #weekly-hosting-chat