WordCamp.org Let’s Encrypt script isn’t…

WordCamp.org Let’s Encrypt script isn’t running, and hasn’t for several weeks. As mentioned here: https://wordpress.slack.com/archives/G02QCEMRY/p1586994663032600

Can we please see of a copy of the /tmp/letsencrypt-update.log file from production to diagnose.

cc @iandunn

WordCamp.org admin-ajax self-ddos

Yesterday there was an outage, which was caused by an admin-ajax infinite loopLoop The Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop.. The logs didn’t provide enough information to debug, though, so we’ll need to gather more information to start troubleshooting.

Possibly related to https://make.wordpress.org/systems/2020/01/16/wordcamp-org-slow-load-times/

x-ref archives/C204BD7PT/p1586640064085000

#prio1

lists.wordpress.org unsubscription email not configured

According to #5134-meta the mailing lists include unsubscribe headers similar to this, but they don’t resolve to accounts:
List-Unsubscribe: ,

wp-svn-request@lists.wordpress.org: host lists.wordpress.org[198.143.164.108]
    said: 550 5.1.1 : Recipient address
    rejected: User unknown in local recipient table (in reply to RCPT TO
    command)

#prio3

#5134-meta

Can we please add a…

Can we please add a GitGit Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. Most modern plugin and theme development is being done with this version control system. https://git-scm.com/. post-update hook on meta.git.wordpress.org to push to git@github.com:WordPress/wordpress.org.git?

There exists an existing configuration for this for the develop.git repo: https://make.wordpress.org/systems/2016/12/20/deploy-key-and-mirroring-for-github-repo/

Either add the key directly in https://github.com/WordPress/wordpress.org/settings/keys or let me know and I’ll add it.

#prio2

Re-evaluate the Chinese rate-limiting

Back in October some rate limiting was added for certain traffic from Chinese sources, can we re-evaluate that rate limiting? Is it still needed? Can it be relaxed?
I realise the blocking was added due to significant abuse at the time with little other options, I’m just hopeful that that’s no longer the case.

There’s been several complains over the last few months, and as it turns out, there’s now some Chinese clones/proxies of WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ to work around it.

Some relevant threads:

  • https://wordpress.org/support/topic/china-cannot-access-wordpress-org/
  • https://wordpress.org/support/topic/all-chinese-user-429-too-many-requests-unfair/
  • https://meta.trac.wordpress.org/ticket/5106
  • https://wordpress.org/search/429/?forums=1

#prio1

Clean up erroneous WordPress releases and branches

Over time, some erroneous WordPress releases or branches were accidentally created:

  • 5.4-RC3-47470. This should have been a nightly bump instead.
  • 4.9.8-beta1-43498. This too should have been a nightly bump.
  • 4.2.26 branch on git://develop.git.wordpress.org/ mirror. This should have been a tag instead, and is already deleted on CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. SVNSVN Apache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/., but still exists in the GitGit Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. Most modern plugin and theme development is being done with this version control system. https://git-scm.com/. mirror and shows up on GitHubGitHub GitHub is a website that offers online implementation of git repositories that can can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/.

Would it be possible to clean them up to avoid confusion?

#prio3

Build SVN access for SergeyBiryukov

When WordPress is in RCRelease Candidate A beta version of software with the potential to be a final product, which is ready to release unless significant bugs emerge. stage and a new version of Akismet is released, the svn:externals property has to be updated on the build repo (core.svn.wordpress.org).

For the upcoming WordPress 5.4 release this is already handled in https://core.trac.wordpress.org/ticket/49662#comment:2, so we’re good for now 🙂

Would it be possible for me (SergeyBiryukov) to get write access to core.svn.wordpress.org so I could help with these tasks in the future?

#prio3

dotorg repo access

Can @dufresnesteven please have access to dotorg.trac.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ and read-only access to the corresponding svn. He’s helping to open sourceOpen Source Open Source denotes software for which the original source code is made freely available and may be redistributed and modified. Open Source **must be** delivered via a licensing model, see GPL. some of the WP and bbPressbbPress Free, open source software built on top of WordPress for easily creating forums on sites. https://bbpress.org. plugins that are tucked away in the dotorg repo.

#prio2

Update svn1 node versions for Gutenberg

As per #4974-meta for future CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. builds the NodeJS/NPM versions will need bumping for proper GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ building. The PR won’t be merged prior to the svn build servers being updated.

Gutenberg now requires Node.js 12.x and npm > 6.9.x and the “build server” requires updating to accommodate this.
At the time of creating this ticket:
* the latest Node.js LTS release is 12.14.1 https://nodejs.org/en/
* the latest npm release is 6.13.6 https://blog.npmjs.org/
See also: https://github.com/WordPress/gutenberg/pull/19680

For any questions, you’ll need to follow up with someone more involved with Gutenberg development, see the above TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. ticket or Gutenberg PR.

#prio2

#4974-meta

WordCamp.org slow load times

I’ve been noticing intermittently slow load times for wordcamp.org lately, and others have reported it as well.

Most of the times things are normal, but when it happens the page takes 10-30 seconds to load. While it’s going on, it seems like any page I visit is slow (e.g., 2020.asia.wordcamp.org/wp-admin and also 2019.seattle.wordcamp.org/contact). Then it resolves itself after a minute or so.

I noticed it this morning around 7:40am Pacific.

Because all requests are affected, it doesn’t feel like a slow MYSQLMySQL MySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/. query. I’m wondering if it’s a DDoSDistributed Denial of Service A type of online attack where a large number of infected computers are used to overwhelm a target computer, to the point where it no longer has the resources to perform its normal job. Read more. that was automatically mitigated?

Do we have any logs that would give clues? I don’t see anything in the SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channels. Or do you have any other ideas?

#prio2