Enable CORS for core translation downloads

Currently CORS isn’t enabled for a URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org such as the below.


This appears to be because the translation CORS headers are set to builds/(plugins|themes) which doesn’t include coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. (which is in builds/core/$locale.zip

Can we have that (plugins|themes) expanded to (core|plugins|themes) in the wporg_downloads_cors_* maps please?

Reported via https://github.com/WordPress/wordpress-playground/issues/1206


#prio2 #translations #nginx #playground

Enable DKIM for WordCamp GSuite?

While looking at DKIM for 3rd-party tools, I noticed we don’t have it setup for GSuite emails.

Do we need to setup DKIM for those domains? Or is the default gsuite dkim setup enough?

Direct link: https://admin.google.com/ac/apps/gmail/authenticateemail
You can login using the ?secret_id=7194 secret.

Outgoing emails from GSuite currently show this in gmail receivers:

SPF:  PASS with IP
DKIM:   'PASS' with domain wordcamp-org.20230601.gappssmtp.com

While emails sent from WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. production show:

DKIM: 'PASS' with domain wordcamp.org

#prio2 #email #wordcamp

Rosetta commit permissions

Hi can I please have commit permissions for the Rosetta Dotorg repository? I need to commit a support theme switcher to mu-plugins, so that end users of the rosetta sites can preview the new support site theme and give feedback.
#prio2 #rosetta

Add WordCamp.org Sandbox and/or Super Admin

I currently have a w.org sandbox, but not a wordcamp.org one (or WC added to mine; not sure how it’s setup). In talking with @dufresnesteven about issues with Jetpack on wordcamp.org, it would be helpful to be able to dig in a bit more directly.

#prio2 #wordcamp

Delete 6.6 git branches

Today r57779-core accidentally created branches/6.6 when the intention was to create branches/6.5, this has been cleaned up in develop.svn and core.svn, but that doesn’t sync through to develop.git & core.git.

Thankfully it appears that the git sync has continued to operate without issues.

Could the following branch please be deleted from the git mirrors?

$ git remote -v
origin  git://develop.git.wordpress.org/ (fetch)
$ git branch -r | grep 6.6

$ git remote -v
origin  git://core.git.wordpress.org/ (fetch)
$ git branch -r | grep 6.6

The branch on Github should automatically be removed when it’s removed from the source repo.

FYI @davidbaumwald

#git #core #prio2

Clear poststatus.com cache in planet

As reported back in November, and today in #7440-meta, feed items from poststatus.com are not appearing on planet.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/, despite being configured.

It works on sandboxes when testing, and as such the only thing I can think of is that the poststatus.com feed cache on planet is broken somehow, preventing it from parsing it.

Can you please:
– backup the following cache file for investigation
rm cache/poststatus.com* on all web nodes
– See if the python cronjob has any related error outputs.

As of making this request, the string ‘Zips not uploading’ should appear in the title of an article on Feb 1st, it’s not currently there in production, but is on sandbox.

#prio2 #planet


Install Node.js 20.x on the build server

Could Node.js 20.x be installed on the build server? At the time of publishing this, the latest version is 20.10.0 paired with npm version 10.2.3.

18.x is now in Maintenance LTS (installed following this request). 20.x is now Active LTS until October 2024 when it will enter Maintenance LTS until April of 2026. While remaining on 18.x is fine, updating to the latest of 20.x is preferable because this will allow both CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. and GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ to use the latest version of Node.js, as well as completely skipping 18.x and eliminating the need for 16.x.

The current breakdown for WordPress versions to Node.js is as follows:

  • WP/Gutenberg trunk: Node.js 16.x with plans to upgrade to 18.x during the 6.5 cycle.
  • WP 6.4: Node.js 16.x.
  • WP <= 6.3: Node.js 14.x.

If 20.x is made available, WP trunk and the 6.4 branch can be upgraded to both use Node.js 20.x, essentially eliminating the need for both 16.x and 18.x on the build server from the perspective of Core and Gutenberg. I’ve confirmed that there are no changes to the built files after updating to 20.x as seen in the linked PR. Older branches of Core (6.3 and earlier) will remain on Node.js 14.x.


Sandbox request for learn.wordpress.org testing

I would like to request a Dotorg sandbox in order to test bug fixes and enhancements for learn.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/.

At the moment members of the WordPress training team do have a way to configure a local development environment for testing bug fixes and enhancements, but it doesn’t allow us to easily test those against as close to a copy of the live environment as possible.

This means we have to rely on someone who already has a sandbox to do a final test before we can merge any changes.

To achieve this, I’d like to request a sandbox that does not have svn commit access, meaning I would not be able to commit changes or trigger a deployment, but has write access to the files and folders relevant to learn.wordpress.org so that I could test code changes submitted as PRs on our GitHubGitHub GitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ repository.

The relevant files and folders are:

  • wp-content/mu-plugins/pub/locale-switcher.php
  • wp-content/mu-plugins/pub/class-validator.php
  • wp-content/mu-plugins/pub/locales.php
  • wp-content/plugins/sensei-pro
  • wp-content/plugins/wporg-learn
  • wp-content/themes/pub/wporg-learn-2020

A sandbox with this configuration will allow us to perform this final test within the training team, without needing to rely on folks from other teams. DeployingDeploy Launching code from a local development environment to the production web server, so that it's available to visitors. the changes would still require an additional check from a member of the MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. team who does have svn commit access. 

Please let me know if you have any questions about this request, or if you need anything from me.


Support svn `@revnum` URLs?

URLs similar to `https://develop.svn.wordpress.org/trunk@56994` have been used for a long time in auto-generated commit and merge messages (example).

I understand that URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org structure is used internally by SubversionSVN Apache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/. and perhaps some other tools; but the URLs don’t work in a browser or other httpHTTP HTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. client:

% curl -I 'https://develop.svn.wordpress.org/trunk@56994'
HTTP/2 404 
server: nginx
date: Mon, 20 Nov 2023 01:03:04 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding

Is it possible for nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. to handle those URLs so they actually work, without interfering with Subversion or other tools?

One option might be to 302 redirect from https://develop.svn.wordpress.org/trunk@56994 to https://develop.svn.wordpress.org/trunk/?p=56994 (that second form appears to work as expected).

I suggested using a different format when generating commit messages, but this won’t deal with historical logs, emails, etc.

Detailed discussion here: https://wordpress.slack.com/archives/C02QB8GMM/p1698160954813579


Email deliverability for wordcamp.org addresses

We’ve received a report of potential emails hitting spam/not delivered. Unfortunately the report is from last year event (Montclair 2022), but they had investigated and seem to believe that some records might be missing from the domains (DKIM & SPDIF). The email used was montclair@wordcamp.org which runs through Gmail.

Can someone investigate this, and potentially add the records if appropriate.


Slack conversation: https://wordpress.slack.com/archives/C08M59V3P/p1697029510590349