Update plugins.trac templates

Can we please update the plugins.tracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. metaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. checkouts?

On svn1.ord, various meta checkouts are updated via svnup-meta-checkouts.sh, but this doesn’t occur on svn2.ord, as a result, plugins.trac.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ has the old WordPress.org headerHeader The header of your site is typically the first thing people will experience. The masthead or header art located across the top of your page is part of the look and feel of your website. It can influence a visitor’s opinion about your content and you/ your organization’s brand. It may also look different on different screen sizes. & Footer trac templates and now appears visually broken.

This should be as simple as running svnup-meta-checkouts.sh on svn2.. I don’t imagine it would cause any breakage, as the meta checkouts are in use on all other trac instances without issue.

Ref https://github.com/WordPress/wporg-mu-plugins/issues/326 and many others

#trac #svn #prio3

Spam on mailing lists

Occasionally the WordPress tracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. mailing lists (wp-metaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress., wp-trac, wp-svn) get a spam email slip through.

This one came through yesterday:
https://lists.wordpress.org/pipermail/wp-meta/2023-February/052414.html
Screenshot 2023 02 06 at 12 04 40 pm

After the recent email changes, can the rules for the trac-related mailing lists be tightened to only accept definite WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ emails?

#email #trac #prio3

MC Access for Peter Wilson

Can we get @peterwilsoncc access to MC for WP + PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. stats for his ongoing work with CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. and the Security team? (username matches @mention)

Release + Proxy access not required at this time.

Thanks!

cc @azaozz

#mc #prio3

Enable HTTP redirect endpoint on pd.w.org

Per https://meta.trac.wordpress.org/ticket/6673

On the Openverse team we recently observed that the CDN domain used by the photo directory, pd.w.org, does not redirect non-httpsHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information. traffic to https. In fact, it doesn’t handle non-https traffic at all.
…
As a best practice, these requests should be handled and redirected to their secure counterparts.

$ curl -I http://pd.w.org/
curl: (52) Empty reply from server

cc @coffee2code @zackkrida

#cdn #photos #prio3

trac nginx cache stuck in updating state

The nginx cache for https://core.trac.wordpress.org/ticket/54504 appears to be stuck in an updating state, with 2-day stale content being served.

This isn’t critical, but a sign of an nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. configuration change being needed I guess, or TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. is crashing on an unauthenticated request to that specific ticket consistently which seems unlikely.

$ curl -Is https://core.trac.wordpress.org/ticket/54504 | grep x-nc
x-nc: UPDATING

In the above example, Comments 94-96 are not visible in the cached response (ie. a logged out incognito request), but are for an authenticated user.

Unknown if this affects many URLs, low priority as it seems likely a rare occurence.

#trac #nginx #cache #prio3

Dedicated uploads CDN

Currently uploads on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ are served through ms-files.php, which uses the format of a https://{$HOST_PATH}/files/{$FILE} url.

For example: https://wordpress.org/files/2022/12/sotw-drawer-background.png or https://wordpress.org/showcase/files/2019/11/hodge-bank.jpg

For various reasons, including the desire for SVG uploads to be used within the WordPress Site Editor by designers, moving these to a CDN would be appreciated.

These can already be accessed via the s.w.org CDN like so (same file as above): https://s.w.org/wp-content/blogs.dir/1/files/2022/12/sotw-drawer-background.png – Not a pretty URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org, it works, but I’m unsure if we’d want to have SVG files on that hostname, even if only uploaded by trusted users and run through a SVG-sanitizer pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party?

As it can be accessed through that CDN, it means it can also be accessed directly without a CDN, through the the main wordpress.org hostname. Ideally, we’d want to remove that functionality / automatically redirect direct blogs.dir access, if we were to allow SVG uploads.

What’s the best option here?

  1. Use the existing CDN as mentioned above, Example: https://s.w.org/wp-content/blogs.dir/1/files/2022/12/sotw-drawer-background.png.
  2. Add a new CDN (eg, u.w.org) and use the BlogID in the URL (instead of a site hostname/path) to avoid the need for PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php., something like https://u.w.org/{$BLOG_ID}/files/{$FILE}. Example: https://u.w.org/1/files/2022/12/sotw-drawer-background.png

(Note: I’ve used {$BLOG_ID}/files/{$PATH} here instead of {$BLOG_ID}/{$PATH} simply for the future expansion when/if other uploads are served from it, such as the BuddyPress/bbPressbbPress Free, open source software built on top of WordPress for easily creating forums on sites. https://bbpress.org. uploads which are in a subdirectory, and to simplify the request)

And either way, an automatic redirect would be preferred for requests not from the CDN. ms-files.php requests can be handled from within WordPress.

rewrite blogs.dir/(.+) https://u.w.org/$1 permanent;
or
rewrite blogs.dir/(.+) https://s.w.org/wp-content/blogs.dir/$1 permanent;

The existing CORS headers from s.w.org would be needed on any new CDN.

Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *

#prio3 #cdn #uploads

FreeScout for WordCamp events

A proposal/idea was put forward from the WordCamp community for us to provide a shared open-source FreeScout instance, in addition to GSuite accounts, rather than every event which wishes to use it setting it up themselves.

Using HelpScout for these is not currently viable due to the cost of provisioning accounts for all events, although larger events may already budget for it themselves (Such as WCUS, WCAsia uses a self-hosted FreeScout instance).

Before any further investigation is put in from our side, I’d like input from Systems on whether this is something that we can provide on our infrastructure, if there are any security concerns, or if this is something we should look at hosting outside of the primary WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ infrastructure/domains.

Ideally, we’d probably want to host it on a wordcamp.org subdomain, but wordpress.net, or a new domain such as wordcamp-email.com wouldn’t be out of the question.
Authentication would likely be handled through WordPress.org/WordCamp.org, rather than duplicate accounts. We could potentially limit all access to the host with an authentication check that requires a WordCamp.org role, limiting any potential security aspects to those we trust to have WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. access.

FreeScout would require an often-run cron task (PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. CLICLI Command Line Interface. Terminal (Bash) in Mac, Command Prompt in Windows, or WP-CLI for WordPress.), php (with IMAP), and mysqlMySQL MySQL is a relational database management system. A database is a structured collection of data where content, configuration and other options are stored. https://www.mysql.com/..

Email ingestion would be similar to how SupportPress/SupportFlow used to work, the cron task uses IMAP to poll the accounts. This could become problematic if we have a lot of inboxes provisioned. It remains to be seen if this is viable with how Google Inboxes are configured as to how IMAP access works.
Email sending would either be direct from the host, via Google SMTP, or via WordPress.org SMTP.

Ongoing maintenance, such as software upgrades, would likely need to be handled by the WordCamp development team. Systems involvement would hopefully be minimal.

This isn’t intended on replacing our usage of HelpScout, unless it proved to be as stable and feature-complete, then that may be looked at later on.

#email #freescout #wordcamp-org #feedback #prio3

Sandbox for danielbachhuber Could I…

Sandbox for danielbachhuber

Could I get a sandbox again, for making changes to make.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org//cli (e.g. #6394)?

Thanks for the consideration!

#prio3

#sandbox, #sandboxes

Helpscout cannot email to @wordpress.org…

Helpscout cannot email to wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ from wordpress.org

Occasionally there’s the need for Helpscout inboxes, which are @wordpress.org inboxes to send emails to other @wordpress.org email addresses, these might be just CC’ing a given WordPress.org user, or forwarding an email to a different Helpscout instance.

Unfortunately, it appears that this is currently blocked by the WordPress.org SMTP servers. Can we allow HelpScout to send-as wordpress.org to WordPress.org?

The relevant part from the bounce is: (noting, I’ve replaced the inboxes for spam purposes, dpo is the sender, and recipient was security in this case)

Final-Recipient: rfc822;mailbox-here@wordpresss.org
Action: failed
Status: 5.7.1 (delivery not authorized)
Remote-MTA: dns;mail.wordpress.org (198.143.164.147)
Diagnostic-Code: smtp;554 5.7.1 <helpscout-inbox@wordpress.org>: Sender address rejected: Access denied
X-PowerMTA-BounceCategory: invalid-sender

The bounce email is available here: https://secure.helpscout.net/conversation/1966354976/301771 and stored in the private PasteBin as #184485 with ID of 2d0a5. (Alternatively, ask a Neso team member for a copy of the email if you’re unable to locate that and unable to locate the HS credentials)

#mail #helpscout #prio3

Grant dotorg trac access for Brandon Kraft

Following on from https://make.wordpress.org/systems/2022/04/11/commit-for-images-core-emoji-could-i/ can we please add kraftbj to the dotorg tracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. allowed users list?

Thanks in advance.

#trac #prio3