Google Search Console domain access + Postmaster tools

A few of us have access to Google Webmaster/Search tools for https://wordpress.org/ and https://wordpress.org/, but we do not have access for the entire wordpress.org domain which would grant us access to https?://*.wordpress.org/ (ie. what we have + subdomains).

Additionally, The marketing team would like access to Postmaster tools for the email deliverability data, which also requires domain verification.

I can see that there’s two existing Google domain authorisations (dig +short TXT wordpress.org) but I’ve been unable to locate whose Google accounts have access to that when asking around.

Can I please have access granted to the domain-level Search Tools / Postmaster tools so that I can provide access to those who need it?

In the event that systems do not have domain-level access, here’s some instructions to get it:
1. Grant my a8c account verification access and I’ll deal giving those who need it; add wordpress.org TXT google-site-verification=RLa_vaBBembqlBHv2iGePxw7Cw2nQhbYjKLX7HWpSks (I’ll add systems a8c account for future uses. If option 2 is taken, I’ll remove this auth attempt from my account)
or
2. Visit Postmaster tools, Add a domain, get the TXT record and add it. Grant my a8c google account access + plus that of @eidolonnight to Postmaster + Search Console (Full access please). Verifying the domain for postmaster tools will also grant search console verification.

#prio1 #email #google

Theme Directory changes

The WordPress.org theme directory will now be accepting direct SVN access for theme updates. This means there’s two changes we need made on the systems side.

Everything else will remain the same for now, we’ll continue to accept ZIP uploads and apply the same theme checks on import. Initial theme submissions will continue to be ZIP-upload only, only updates will be available through SVNSVN Apache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/..

Dynamic SVN Auth file

The SVN auth file will need updated, similar to plugins:

  • Create a copy of update-wp-pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party-auth.sh & setup the cron task for it.
  • SVN Auth file is available at https://wordpress.org/themes/wp-json/themes/v1/svn-auth
  • Use Authorization: BEARER $THEME_SVN_AUTH_BEARER_TOKEN as defined in secrets.php

The file is currently minimal and only outputting a few lines, but will be ~25k lines when it’s opened to theme authors.
This can be tested by editing wp-content/plugins/theme-directory/rest-api/class-internal.php to either bypass auth temporarily or to output all authorship rules.

pre-commit ruleset for SVN commits

In order to prevent having to rebuild a bunch of things that are reliant upon themes.svn, we’d like to add some pre-commit rules to force commits to be in a specified format, rather than mostly free-form as plugins.svn is.

Rules:

  • Are always in a /Theme-Slug/1.2.3/ folder
  • Is a newer version than currently live
  • Does not alter existing versions (treat them as tags)
  • The /1.2.3/ folder matches the style.css Version:1.2.3 headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes. value

I’ve put together some rules that work in my testing, but I’m unsure if there’s a different way you’d like to implement it. These were tested against my own SVN server mimicking svn.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ configuration.

#prio1, #svn, #themes

Create Openverse email address for Helpscout

The Openverse team wants an address openverse@wordpress.org to use with Helpscout.

I’ve created a mailbox within Helpscout for it. It seems that their connection setup has changed, and now in order to connect an email address on an external domain they send a verification code to that external email address.

I guess we can make this work by setting up a forward from openverse@wordpress.org to openverse@wordpress.helpscoutapp.com. Presumably that will let me see the verification code and complete the setup (though I can’t see what the next steps require until I get past the confirmation code). I’m open to suggestions for better ways to do it.

#prio1 #email

Email deliverability time problems

There’s reports that WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ emails are taking hours to arrive. It appears to affect account creation confirmation emails, tracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. emails, and even the WordPress.org mailing list archives (wp-trac for example).

Looking at the time between Account registration & email confirmation for signups, about 24hrs ago (2021-08-01 15:00:00 UTC) the average time between signup and confirmation increased from 6hrs.

I sent myself some test emails from my sandbox 2 hours ago (to gmail) and still haven’t received either of them.

SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. references:
https://wordpress.slack.com/archives/C02QB8GMM/p1627919021012400
https://wordpress.slack.com/archives/C02QB8GMM/p1627927041015000

#email #prio1

Codex DB Password update

After the recent DB password rotate, as mentioned in SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. the codex still hasn’t been updated.

See https://codex.wordpress.org/index.php?title=Special:UserLogin&returnto=Main+Page and for a non-cached error message: https://codex.wordpress.org/api.php?action=query&meta=siteinfo&siprop=general

#prio1

SMTP Listed on SORBS

198.143.164.147/32 has been flagged in sorbs, potentially resulting in some signup emails not being delivered:

Problem Entries, (listings will cause email problems.)
26 “Spam” entries [11:04:18 20 Jul 2021 GMT-04].
198.143.164.147 – 26 entries [11:04:18 20 Jul 2021 GMT-04].

Do we have monitoring of SBL’s or an account for processing of these unlisting requests?

#email #prio1

DB stats table repair – new-api-stats

Looks like db2.stats has some corrupt tables, looks like wp_versions and archival_wp_versions are affected.

This has caused WP version stats to cease to operate as expected: https://wordpress.org/about/stats/

I’ve put the stats scripts into maintenance mode to prevent it trying to write to these tables (while still processing autoupdate stats/etc), if I’m not around to do it myself, please execute UPDATE `rev2_ingestion_settings` SET `value` = '0' WHERE `key` = 'maintenance_mode'; afterwards to re-enable it, if possible.

#prio1

Patterns API: maybe cache/direct to proper upstreams

https://api.wordpress.org/patterns/1.0/ will start to receive increased GET API requests following Gutenberg PR 28800 being merged, and ultimately being used in WordPress 5.8.

I’m unsure what the request load will be to this endpoint, or how varied the requests will be at this stage, so just flagging this early for attention.

Currently this APIAPI An API or Application Programming Interface is a software intermediary that allows programs to interact with each other and share data in limited, clearly defined ways. endpoint is handled by the catchall API upstream pool, it might make sense to shift this into the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. or plugins/themes API pools.

The API currently assumes that it’ll be cached by nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. (which it’s not), and loads WordPress on every API request. No caching is included at present, other than standard WordPress object caching.
The API only accepts GET requests.

Requests to this endpoint will be all GET and potentially of high volume with similar cacheable responses:

  • GET https://api.wordpress.org/patterns/1.0/?pattern-keywords=11
  • GET https://api.wordpress.org/patterns/1.0/?pattern-categories=1234
  • GET https://api.wordpress.org/patterns/1.0/?search=gallery
  • GET https://api.wordpress.org/patterns/1.0/?pattern-keywords=11&search=gallery
  • GET https://api.wordpress.org/patterns/1.0/?pattern-categories=1234&search=instagram

cc @iandunn

#prio1

Repair translations table.

Occasionally we’ve been seeing PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. warnings that the translation table is crashed:

Table ‘translate_translations’ is marked as crashed and should be repaired

This seems to have been happening sporadically for the last year or so, while running a translation job however, I ran into this and tracked it down to a range of IDs which appear to be inaccessible:

SELECT * FROM translate_translations WHERE id BETWEEN 43611019 AND 43611031;

Those IDs are accessible, but the 10 between them are not.

Can something be done, even if it’s to repair the table and remove those records in the process.

#prio1

DNS hosting for gutenberg.run

Hi, I’m working w/ @aduth to transfer the gutenberg.run domain to the Foundation. MarkMonitor has initiated the transfer, can you please setup DNSDNS DNS is an acronym for Domain Name System - how you assign a human readable address to a website’s exact numeric coded location (ie. wordpress.org uses the actual IP address 198.143.164.252). hosting on our end, and update the nameservers w/ MM after the domain lands?

I think the only needed record is an A to 138.197.4.192, and the www CNAME.

#prio1 (since the old registrar is currently doing DNS hosting)

Thanks!