Reported in https://hackerone.com/reports/319275 which I’m closing as N/A since this has no security impact in this case. Still, it would be nice to block access there if only so we don’t get more reports.
In our previous sandboxes, @iandunn and I were given access to
mysql and related commands on our sandboxes so we could run a database update script. It appears that access did not carry over to the new sandboxes. Can we get it restored?
Transactional emails coming from the WordCamp.org web server are getting dinged on their SpamAssassin score for not having correct Reverse DNS DNS is an acronym for Domain Name System - how you assign a human readable address to a website’s exact numeric coded location (ie. wordpress.org uses the actual IP address 18.104.22.168)..
Presumably, the PTR should point to wordcamp.org instead of wordpress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/. This is the SpamAssassin rule message:
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.8 is almost 20% of the default spam threshold of
5, which gives us a lot less of a buffer, and we believe it’s contributing to ongoing reports of messages being flagged as spam.
Could we get the PTR record amended to address this issue?
Deploys were initially working after they were setup, but the past few days it it looks like they’ve stopped working, or are only partially working. The script still reports that it finished successfully, but the effects of commits are not showing up anymore.
It used to take about a minute to finish, but now it finished almost immediately, so I wonder if part of it is dying early or something. If I
svn up on my sandbox, the commits are there; it’s just production that doesn’t have them.
Here’s two examples:
Browse to https://central.wordcamp.org/wp-admin/post.php?post=3044783&action=edit&classic-editor, look at the
Contact Information metabox A post metabox is a draggable box shown on the post editing screen. Its purpose is to allow the user to select or enter information in addition to the main post content. This information should be related to the post in some way.. If the commit is applied, you’ll see
* at the end of most of the input fields.
This is setup as an
plugins/wordcamp-reports. We’ve never had problems using GitHub GitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ as an external before.
Browse to https://central.wordcamp.org/wp-admin/index.php?page=wordcamp-reports&report=ticket-revenue, you should see a
field instead of the field
Hi, it doesn’t look like
wkhtmltopdf has all of its dependencies on the new server:
> wkhtmltopdf -d 300 -T ’10’ -R ’10’ -B ’10’ -L ’10’ ‘/tmp/wcdocs_5a831fa5c3b96/sponsorship-agreement.pdf.html HTML is an acronym for Hyper Text Markup Language. It is a markup language that is used in the development of web pages and websites.’ ‘/tmp/wcdocs_5a831fa5c3b96/sponsorship-agreement.pdf’
wkhtmltopdf: error while loading shared libraries: libXrender.so.1: cannot open shared object file: No such file or directory
With the new sandbox setup, we no longer have direct access to the error logs on production, which will make it difficult to learn about and reproduce errors in order to fix them.
I have a couple ideas about potential solutions, but I’d like to know if Systems has any thoughts or preferences.
1) Pipe errors into Slack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/., the same way that w.org does. This would require setting up object caching (to rate limit the API An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. hits, per Slack’s ToS). IIRC, @kovshenin looked into this a few years ago, and determined that there was a non-trivial amount of code that would need to be refactored in order to make it work. Konstantin, do you remember the details there?
2) Setup a cron job on production to parse the raw error log on disk, reduce it to the relevant/limited entries, and push those to Slack.
3) Setup a cron job on production to copy the raw error logs from production to sandboxes every ~60 seconds. They’d need a different name than the sandbox error logs, so that we could have both.
@coreymckrill and I could write any scripts that are necessary, etc.
Do you see any problems with any of those, or have any other ideas or suggestions?
This is a low priority, but it’d be helpful to announce wordcamp.org deployments in Slack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/., like we do with wordpress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/.
I added support for it to
deployed.php in [dotorg13900], and tested the necessary changes to the deploy Launching code from a local development environment to the production web server, so that it's available to visitors. script in
~/deploy-wordcamp-tmp.sh on my sandbox.
Someone from Systems will need to commit/deploy those to the actual script, though.
Hello, can you please setup proxy access for @nao and @chantalc? As polyglots mentors they’ll be helping out with managing rosetta sites and need access to the global.wordpress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ network.
For @nao you can use her a8c key, for @chantalc:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwrC2ENYnWN3DKyMLRMjx2frHCAx5An+CDHQHPE7fdJux8F4pW7ACkioLBDK7gLRIf2OsszlN7ERMth8QiIP5hytKQJg+qoBUy4rSsvfMZx096EcybHP6yPc9BhvQJsEIy+PFFXeT9btcKHDpdBLrv6oiSo+WyW3YzBefuZoCygHXQwIYauNohsZKJkYX3g1PU4CyLny9TBFHPeizv9Endoreye5YJvGkPnsePGc14Ght8pmeGS/V1R6KCJ5r4AbEpZv1Wu6uPMEyKmKuNXj/Ur42qK6bN+Wb/L1HTcqENSsnbzR/bcRpU/tYOfzJYr/gMPlkLp7HEsiVh9oP6j5/98iywzQ8DNotnj2Hsv7DfS7EvvlMCI1Ih8l3MIzBfKFUEMlbQXrIsk4Y5vV9PP4NguYZReGo2kf7aDh5J9W36Oc43KIdmLectHjakrcMoHuFWA/d8xlhI2IQrequZjnrsLqY9YTCoSQ2zuDFHTRt/vaXDV/TvdCdIbTU0DIgsxHa/HEwp2PdcBopeL9MMU0mOAWfONtj1KjZ4iOzpsSz0K72iGxs6Di2WqS0TI7Yg3lkYPgkg3PVkey7HJ9PeKeJ3BxomNlkfU8EUMOPfWNUnAfK8Ou/AatqZSWr/9nvBNimEEaRqblRkdE4lgClOahrNuJBlZlv3y0xlPdg/o3Bycw== firstname.lastname@example.org