Grant dotorg trac access for Brandon Kraft

Following on from https://make.wordpress.org/systems/2022/04/11/commit-for-images-core-emoji-could-i/ can we please add kraftbj to the dotorg tracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. allowed users list?

Thanks in advance.

#trac #prio3

Enable sub-sites for developer.wordpress.org

The developer.wordpress.org host configuration doesn’t support sub-sites right now, this is due to nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. rules such as rewrite ^/(wp-(admin|includes)/.*) /wordpress/$1 break; rather than the sub-site variant of rewrite ^/([_0-9a-zA-Z-]+/)?(wp-(admin|includes)/.*) /wordpress/$2 break;.

While the existing developer.wordpress.org configuration could be updated to match that of the make.wordpress.org configuration, we can just combine them, serving both networks from the existing make.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ configuration, with the addition of the developer.wordpress.org domain name in the server_name field. There’s nothing special/unique in either configuration, other than generic WordPress MultisiteMultisite Multisite is a WordPress feature which allows users to create a network of sites on a single WordPress installation. Available since WordPress version 3.0, Multisite is a continuation of WPMU or WordPress Multiuser project. WordPress MultiUser project was discontinued and its features were included into WordPress core.https://codex.wordpress.org/Create_A_Network. rules.

A working sub-site configuration would return 200 for this request:

$ curl -sI https://developer.wordpress.org/testing-subsites/wp-includes/css/dashicons.min.css
HTTP/2 404
..

#prio3 #devhub #nginx

CORS headers for s.w.org

Would it be possible to enable CORS headers on s.w.org?
A number of CSSCSS CSS is an acronym for cascading style sheets. This is what controls the design or look and feel of a site./JS features require accessing images/svg/fonts via a fetch request, and currently they’ll be blocked due to a cross-origin request. That means we can’t serve svgs, fonts, and some CSS/JS files from the s.w.org CDN and instead use wordpress.org.

I assume these headers would suffice, which conveniently matches s0.wp.com‘s headers, so I assume would be safe for us to do.

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *

If we need to limit it to certain filetypes, images (.svg, .png, .jpg), fonts (.woff2 .woff, .ttf, .eot) and styles/scripts (.css, .js) would probably suffice, but I don’t think there’s any security requirement to do so given the contents of this CDN are static non-cookied non-modifying responses?

Existing cached assets should be fine to be left as-is without the headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes..

Let me know if there’s any questions or concerns.

#crossorigin #cdn #prio3

Disable Themes Trac browser for root index

As we do for Plugins Trac, can we redirect `https://themes.trac.wordpress.org/browser/?$` to wordpress.org/themes/ ?

Due to the number of themes, TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/./nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. 502’s (Apparently it previous crashed trac, unsure what it’s doing now other than timing out) and the upstream trac issue hasn’t been touched in years.

Diff, as per plugins.trac.wordpress.org.

--- trac.wordpress.org.conf  (revision xxxxxxx)
+++ trac.wordpress.org.conf (working copy)
@@ -341,0 +342,5 @@ server_name themes.trac.wordpress.org;
+   # Too many themes, page doesn't load.  Instead just crashes trac
+   location ~ ^/browser/?$ {
+       return 302 https://wordpress.org/themes/;
+   }
+

ref: https://meta.trac.wordpress.org/ticket/4861

#prio3

Remove bad plugins SVN tag

It looks like someone managed to create a svn tag with a character return in it over a year ago, unfortunately however this tag can’t be removed, and as a result, the tag list for the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party can’t be checked out without causing SVNSVN Apache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/. to go into a 100% cpu loopLoop The Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop..

It looks like the request is being denied by nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. prior to the request hitting ApacheApache Apache is the most widely used web server software. Developed and maintained by Apache Software Foundation. Apache is an Open Source software available for free., so if a systems team member could bypass nginx and execute svn rm https://plugins.svn.wordpress.org/blogger-to-wordpress-redirection/tags/2.2.6%0d/ that would be appreciated.

This tag will also cause problems for the plugin directory, as it uses the CLICLI Command Line Interface. Terminal (Bash) in Mac, Command Prompt in Windows, or WP-CLI for WordPress. SVN commands to interact with the plugin as well.

ref: https://wordpress.slack.com/archives/C02RQC6RW/p1609928527429400

#prio3

Sandbox out of disk space

Hi, I’m not able to run the ip2location update script, because I’m out of disk space. Part of the reason for that is I have 2gb of Xdebug trace.* files in my temp folder, but I can’t delete them because of permissions.

I’ve already run svn cleanup --include-externals on the main codebases.

A short term fix might be to just delete those files for me, but long term it’d be nice to be able to delete them myself.

Regardless of that, though, several of us frequently run out of space, so it feels like the margins are too tight. Increasing the allocation for everyone might solve the deeper problem?

#prio3

Can we please enable SSL for lists.wordpress.org?

Currently the domain isn’t accessible over SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server., and it’s not uncommon for links to be SSL’d or for browsers to force SSL.

ref: https://meta.trac.wordpress.org/ticket/629

#ssl #prio3

Force SSL for https://planet.wordpress.org/ Can…

Force SSL for https://planet.wordpress.org/

Can we please enable forced SSL for https://planet.wordpress.org/ now that all the sites are SSL’d? Looks like the $maybe_force_ssl map just needs updating.

ref https://meta.trac.wordpress.org/ticket/634

#ssl #prio3

Disable plugins.trac.wordpress.org ticketing

The ticketing system on plugins.trac.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ is currently enabled and is mostly unused, those who are creating tickets don’t get a response and it leads to a bad user experience for everyone.

Can we please disable ticket creation? It looks like the TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. Admin panels aren’t enabled, so I can’t do it myself, but I assume removing both TICKET_CREATE and TICKET_MODIFY from the authenticated user group should be enough.

#trac #prio3

lists.wordpress.org unsubscription email not configured

According to #5134-meta the mailing lists include unsubscribe headers similar to this, but they don’t resolve to accounts:
List-Unsubscribe: ,

wp-svn-request@lists.wordpress.org: host lists.wordpress.org[198.143.164.108]
    said: 550 5.1.1 : Recipient address
    rejected: User unknown in local recipient table (in reply to RCPT TO
    command)

#prio3

#5134-meta