Welcome to the MetaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. Team!
The Meta team is responsible for maintaining and managing WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ websites. Our work is mostly done on the meta trac. If you see a bug, file a ticket!
These are the topics that we would like to discuss:
Join us exploring the community.wordpress.org Matrix server. We’ll walk you through how to join and test.
Look at a test-migrated Slack channel on the Matrix server.
Explore a test-setup of the Slack bridge together.
Discuss the next steps.
If you have topics you would like to add to the agenda, please share them in the comments below.
The next meeting will be on Thursday, June 15, 2023 10AM UTC. Also, @psrpinto and myself (@akirk) will attend WCEU and are happy to chat about Matrix there.
As promised in a previous post, 2FA for WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ accounts is now ready to test as an opt-in feature.
Note: this feature is for logging in to the WordPress.org web site itself; it does not affect your personal WordPress
If you’re familiar with 2FA and have an authenticator app such as Authy, Google Authenticator, or Keepass, then you can enable Two Factor auth on your account here:
Follow the Two-Factor Authentication link to get a QR code, and scan that using your preferred authenticator app.
Please make sure you save the Backup Codes! If you lose access to your authenticator app in the future you’ll need those to recover access to your WordPress.org account!
Questions
Is 2FA compulsory?
Not yet. In the near future we plan to begin requiring it for accounts with special access, core contributorsCore ContributorsCore contributors are those who have worked on a release of WordPress, by creating the functions or finding and patching bugs. These contributions are done through Trac. https://core.trac.wordpress.org., theme and pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party developers, and so on.
It will be optional for casual users’ accounts, subject to changes in best practices.
Does 2FA work with SubversionSVNApache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/.?
Not directly, since Subversion clients don’t support 2FA.
For WordPress coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. releases, 2FA has been in use for many years in the form of SSHSSHSecure SHell - a protocol for securely connecting to a remote system in addition to or in place of a password. keys protecting the release system.
For plugin and theme authors, the release management system will require a second factor before code commits are published in downloadable zip files. We’re also investigating other ways of requiring 2FA for code commits.
Does it support hardware keys/WebAuthn?
We do support hardware keys and other WebAuthn supported factors thanks to the WebAuthn Provider for Two Factor plugin. For now they must be configured through a wp.org admin interface via wp-admin/profile.php and we are working on adding a more user friendly interface (see issues #193 and #194). If you want to configure WebAuthn, log into one of the WordPress.org sites (wordpress.org, make.wordpress.org/*, etc), navigate Users -> Profile, scroll to the bottom of the page.
Can I use 2FA on my own WordPress site?
We’re using the Two Factor community plugin along with some customizations. Two Factor is open sourceOpen SourceOpen Source denotes software for which the original source code is made freely available and may be redistributed and modified. Open Source **must be** delivered via a licensing model, see GPL. and available for anyone to use right now. It’s completely free and stand-alone.
Update on the status of community.wordpress.org Matrix server
Tentative plan and challenges with using SSO with WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ to login to Matrix server
Update on the status of importing public SlackSlackSlack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. history into Matrix server
community.wordpress.org homeserver
The community.wordpress.org Matrix server (homeserver in Matrix lingo) is now available. However, we don’t recommend using the homeserver as of now, as we are still optimizing its configuration, namely in what concerns logging into the homeserver.
Also please note that it’s likely that we will wipe the homeserver and all data at any point, until we’re confident we have it configured correctly.
SSO with WordPress.org
The only available login method on the homeserver will be SSO (more specifically OpenID Connect, or OIDC) with WordPress.org. This means users log in to the homeserver with their WordPress.org account. Users will not be able to log in to the homeserver with a username/password, SSO will be the only method to log in.
SSO with wporg presents some challenges however, specifically in what concerns usernames, since WordPress usernames are not valid Matrix usernames. For example, WordPress allows uppercase letters and spaces in usernames, while Matrix does not.
Instead of using the WordPress username as the Matrix username, it was discussed to use the nicename, which appears to fulfill Matrix’s username requirements. @akirk@ashfame and @psrpinto will investigate the feasibility of using WordPress’s nicename as the Matrix username and report the results in the next Matrix meeting.
Importing public Slack history into Matrix server
@ashfame mentioned that imports for some public Slack channels have been tested and appear to work correctly, though thread support remains to be implemented. Messages are credited to the right Matrix account, so the user will find their Slack messages linked to their matrix account. Uploads and emojis (in messages and reactions) work as expected as well.
These will be some of the topics we would like to discuss:
Update on the status of community.wordpress.org Matrix server
Tentative plan and challenges with using SSO with WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ to login to Matrix server
Update on the status of importing public Slack history into Matrix server
If you have topics you would like to add to the agenda, please share them in the comments below.
The next meeting will be on Thursday, May 17, 2023 10AM UTC
MigrationMigrationMoving the code, database and media files for a website site from one server to another. Most typically done when changing hosting companies. of Messages from SlackSlackSlack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. to Matrix
The agenda was to discuss a tentative plan for migration from Slack to Matrix. We have identified a successful migration path which consists of moving over the messages in public channels to matrix rooms. All the messages in public channels would be available in their respective Matrix rooms from Day 1 of Matrix. All users would find themselves to be in the right Matrix rooms as per what Slack channels they have joined.
Private conversations (private channels and direct messages) are best handled by user themselves using a browser extension (Firefox / Chrome).
We would use SSO (OIDC) to use WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ account to login onto Matrix. The OpenID Connect Server plugin was built for this purpose.
During the duration of transition, both would be accessible and messages would be relayed from Slack to Matrix and vice-versa using the help of a bridge. As of now, it works by creating a Slack ghost account on Matrix side and we would be trying to make it possible to not need that and just post Slack side messages as messages from the respective Matrix account of those users. Matrix side messages are posted to Slack by a Slack app masquerading as the user, but not accredited to the actual Slack user.
Comment(s) on Agenda post
Alex Stine: When will a test instance be available? Important to start accessibilityAccessibilityAccessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both “direct access” (i.e. unassisted) and “indirect access” meaning compatibility with a person’s assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility) testing early.
Accessibility testing can start right away with a regular Matrix.org account on any room. There is also a WordPress related room – #wordpress:matrix.org. In this case, you would be using Matrix’s official client – Element.
Our embedded chat client Chatrix can also be tested, which is deployedDeployLaunching code from a local development environment to the production web server, so that it's available to visitors. on https://make.wordpress.org/meta/chat/ for Chatrix’s own room #chatrix:matrix.org
This would be our fifth community meeting and we would like to discuss a possible plan for Slack to Matrix migrationMigrationMoving the code, database and media files for a website site from one server to another. Most typically done when changing hosting companies..
Tentative plan for the future Matrix homeserver for Making WordPress:
For a transition period, Slack and Matrix would work in parallel, by means of a Slack bridge, which would send Slack messages to Matrix, and vice versa.
Past Slack history (public channels only) would be on Matrix from day one.
The homeserver URLURLA specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org would be community.wordpress.org.
Login will be done through SSO, with WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ account.
If you have any additions to the agenda, please share them in the comments.
Next meeting will be on Thursday, May 4, 2023 10AM UTC
