Summary:
U2F/FIDO are open standards for inexpensive two-factor authentication hardware that are widely used for website authentication.
These keys are available since OpenSSH 8.2 (2020-02-14).
https://www.openssh.com/txt/release-8.2https://security.stackexchange.com/q/240991/260234
Ref Q96
Test Plan: Check the added keys. They exactly match the output of the command 'ssh -Q key'.
Reviewers: O1 Blessed Committers, antonia, avivey
Reviewed By: O1 Blessed Committers, antonia, avivey
Subscribers: avivey, tobiaswiese, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25508
Summary: Fixes T15698
Test Plan:
1. Uninstall Packages via `/applications/view/PhabricatorPackagesApplication/`
2. Go to `/diffusion/commit/`, expand the Query form, and see that `Packages` is not shown anymore
Reviewers: O1 Blessed Committers, 20after4
Reviewed By: O1 Blessed Committers, 20after4
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15698
Differential Revision: https://we.phorge.it/D25506
Summary:
Do not assume that all items under `/resources/builtin/projects/` are image files (some can be subdirectories). Only add PNG files to the map.
Could be nicer to use `is_file()` or `is_dir()` but we are dealing only with string representations of files and folders.
Closes T15696
Test Plan: Go to `/project/picture/1/` and click the `Choose Icon and Color...` button; check last icon shown under "Choose Icon".
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15696
Differential Revision: https://we.phorge.it/D25499
Summary: This typo appeared in the docs and I thought I'd fix it
Test Plan: See that the typo at src/applications/config/option/PhabricatorCoreConfigOptions.php is gone
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25496
Summary:
When given `$encoding` is invalid, catch the exception to show a proper error message and make the server logs provide more hints.
```
EXCEPTION: (RuntimeException) mb_convert_encoding(): Illegal character encoding specified at [<arcanist>/src/error/PhutilErrorHandler.php:261]
#0 <#2> PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<arcanist>/src/error/PhutilErrorHandler.php:261]
#1 <#2> mb_convert_encoding(string, string, string) called at [<phabricator>/src/applications/files/document/PhabricatorTextDocumentEngine.php:73]
```
Closes T15624
Test Plan: Open a URL which passes a bogus encoding value as parameter, like `/source/somerepository/browse/master/README.md?as=source&encode=TROLOLOL`
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15624
Differential Revision: https://we.phorge.it/D25418
Summary:
Capture Deprecation Warnings, collect them into cache, and show them as a Setup Issue for admins to see and report back to us.
This only captures a sample of the traces, so not to overwhelm users (and RAM. and us) with reports.
Requires D25388. Refs T15554.
Test Plan: Run some flows that are known to bring up Deprecation Warnings. See them as a Setup Issue! Click little triangles to see details.
Reviewers: O1 Blessed Committers, Matthew
Reviewed By: O1 Blessed Committers, Matthew
Subscribers: revi, Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15554
Differential Revision: https://we.phorge.it/D25440
Summary:
This is a follow-up to D25425, where these improvements to the CLI prompt markers were discussed.
Changes included in this revision:
- Build all prompts the same way
- Remove space after the prompt marker (add it via CSS instead)
- Add server path prefix
- Make the prompt unselectable
Test Plan:
- Visit any of the setup issue pages, e.g. <PHORGE_URL>/config/issue/auth.config-unlocked/ (after ensuring that the corresponding issue is present — in this case, by doing `./bin/auth unlock`)
- For example, Deactivate all PHP extensions to trigger each /config/issue/extension.gd/ etc.
- For example, update at least up to `dc10a7e69ea3` to see the database upgrade tip etc.
- Confirm that the command line prompts now include the path prefix
- Confirm that selecting the command via double-click (or click-and-drag) does not select the prompt
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Tags: #ux, #config
Differential Revision: https://we.phorge.it/D25466
Summary:
Metadata of Phame blog posts includes the 'updated' date of a blog post. Make them also include the original 'published' date.
Patch written by @20after4 from:
https://phabricator.wikimedia.org/rPHAB3de500bfc845759d6da82180df0adfc12f973463
Closes T15686
Test Plan:
* Go to the Atom feed of blog 1 at `/phame/blog/feed/1/` and look at this `<feed>`'s source
* Apply patch and do the same, see additional `<published>` entry just like the `<updated>`
* Edit the last blog post in blog 1, then check Atom feed and verify that the published and updated date stamp differ as expected
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, 20after4, Cigaryno
Maniphest Tasks: T15686
Differential Revision: https://we.phorge.it/D25490
Summary:
Replace call to undefined `renderHandleLink()` with `renderHandle()`.
Additionally, pass `head_key($new)` instead of `key($new)`. This might not be needed strictly speaking for this very issue but should not harm either as several images in a mock can be renamed at once.
```
EXCEPTION: (Error) Call to undefined method PholioImageSequenceTransaction::renderHandleLink() at [<phorge>/src/applications/pholio/xaction/PholioImageSequenceTransaction.php:32]
```
Closes T15680
Test Plan:
* Rename the title of an image in a Pholio mock.
* Go to `/feed/transactions/query/all/` which now renders instead of showing an error, and shows two entries:
* `user renamed an image (newname.jpg) from oldname.jpg to newname.jpg.` and `user updated an image's (newname.jpg) sequence.`
(However, separate T15679 will still show up in the error log after this change.)
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15680
Differential Revision: https://we.phorge.it/D25482
Summary:
While testing https://secure.phabricator.com/D21864 I ran into some issues getting mercurial HTTP access working. Using wireshark I confirmed that my local mercurial 6.4 was not including command arguments as HTTP headers but in the querystring.
I didn't dig too deep into understanding when/why this started happening. The protocol documents this in [[ https://repo.mercurial-scm.org/hg/file/tip/mercurial/helptext/internals/wireprotocol.txt | wireprotocol.txt ]].
>Command arguments can be sent multiple ways. The simplest is part of the URL query string using ``x-www-form-urlencoded`` encoding (see Python's ``urllib.urlencode()``. However, many servers impose length limitations on the URL. So this mechanism is typically only used if the server doesn't support other mechanisms.
Based on that either the mercurial on the server is really old (it's 6.1.1 tho) or maybe some other parsing/info passing in Phab's handling of the wire protocol is causing the client to downgrade the wire protocol support.
Cherry-picked from:
https://secure.phabricator.com/D21867https://secure.phabricator.com/rP0b6e758978a9691bd5ad25db4aa4c4301640a9a9
Test Plan: Host mercurial repo using HTTP, test push/pull.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25471
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.
Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.
```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/files/xaction/PhabricatorFileAltTextTransaction.php:59]
```
Closes T15678
Test Plan: Add and remove alt text on an image file; then go to `/feed/query/all/`
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15678
Differential Revision: https://we.phorge.it/D25481
Summary:
This commit removes ChatLog entirely. All of the application files are removed, and the migrations used are stubbed out. I stubbed the migrations as that allows for existing installs to make no changes, but new installs will not create the database.
Fixes T15126
Test Plan: Loaded up http://phorge.local/chatlog and confirmed the 404. Loaded up http://phorge.local/applications/view/PhabricatorChatLogApplication and confirmed the 404. Created a new database prefix and ran `bin/storage upgrade` against it, confirmed that the chatlog database was not created. Restored another prefix (an old one) and ran `bin/storage upgrade` and confirmed database was not deleted.
Reviewers: O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: avivey, tobiaswiese, valerio.bozzolan, Cigaryno
Maniphest Tasks: T15126
Differential Revision: https://we.phorge.it/D25480
Summary:
With PHP 8.1+ it is not possible to import a commit if the commiter field is not properly defined
Indeed, if the committer is not properly defined, strlen(null) is called, causing a deprecation warning, elevated to exception.
Using strlen() to check string validity is deprecated since PHP 8.1. Phorge adopts phutil_nonempty_string() as a replacement.
Fix T15629
Test Plan:
- Push a commit to an observed subversion repository
- Import it via the phorge/bin/repository reparse COMMIT_ID --importing
- The commit should be properly imported and available in Diffusion
Reviewers: O1 Blessed Committers, Sten, valerio.bozzolan
Reviewed By: O1 Blessed Committers, Sten, valerio.bozzolan
Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15629
Differential Revision: https://we.phorge.it/D25423
Summary:
With PHP 8.1+ it is not possible to view a commit if the author field is not properly defined
Indeed, if the commit author is not properly defined, strlen(null) is called, causing a deprecation warning, elevated to exception.
Using strlen() to check string validity is deprecated since PHP 8.1. Phorge adopts phutil_nonempty_string() as a replacement.
Fix T15628
Test Plan:
- Push a new commit on a subversion repository (since T15629 is not yet addressed)
- Visualize the commit
- You should not get a RuntimeException
Reviewers: O1 Blessed Committers, Sten, valerio.bozzolan
Reviewed By: O1 Blessed Committers, Sten, valerio.bozzolan
Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15628
Differential Revision: https://we.phorge.it/D25422
Summary:
This call prevents users to view a commit in subversion repositories
Indeed, if commiter and/or author field is not properly defined strlen is call with a NULL argument.
Using strlen to check string validity is deprecated since PHP 8.1, phorge adopts phutil_nonempty_string() as a replacement.
Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.
Fix T15610
Test Plan:
- Sign in (if needed)
- Open a diffusion SVN repository
- Open a commit without user name and or email
- You should be able to view the commit
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15610
Differential Revision: https://we.phorge.it/D25400
Summary:
Update the Application Detail view and List View to show a unified set of Badges (Deprecated, etc.), show PHIDs and Monograms on the Application Detail view, allow Applications to register Monograms.
Example of the page /applications/view/PhabricatorDiffusionApplication/:
{F393393}
T15568
Test Plan:
1. Visit /applications/ and see Deprecated badges etc.
2. Visit various Configure buttons from that list and see Monograms, Badges, PHIDs etc.
3. Enjoy screenshots in the comments of this Diff
Reviewers: O1 Blessed Committers, valerio.bozzolan, avivey, speck
Reviewed By: O1 Blessed Committers, valerio.bozzolan, avivey, speck
Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Cigaryno
Differential Revision: https://we.phorge.it/D25362
Summary:
Just a small set of replacements in locations that seem innocuous (user-facing messages, documentation, etc.)
Ref T15006
Test Plan:
Nothing should change in terms of behavior. The places where these changes were made should now say "phorge".
Example tests:
- Manage a single User and click on Delete User and see the popup
- Run a test email and check the output
./bin/mail send-test --to username
- Visit /maniphest/, shift+click on at least 1 Task, click on Bulk Edit Selected,
Continue, see the popup
- See the mentioned documentation with your big eyes. Eyes do not explode \o/
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15006
Differential Revision: https://we.phorge.it/D25473
Summary:
Phorge already sets `Disallow: /diffusion/` and `Disallow: /source/`.
Thus consequently also disallow accessing specific commits via `/r*`.
See https://secure.phabricator.com/T4610 for previous discussions.
Closes T15670
Test Plan:
Go to `/robots.txt` in the web browser.
Cross fingers that more webcrawlers abide by RFC 9309.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15670
Differential Revision: https://we.phorge.it/D25474
Summary:
Paste provides line anchor links in every single line of a paste.
If webcrawlers follow these links, they index the very same Paste again.
Thus disallow in robots.txt to reduce unneeded traffic and indexing time.
Closes T15662
Test Plan:
Go to `/robots.txt` in the web browser.
Cross fingers that more webcrawlers abide by RFC 9309.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15662
Differential Revision: https://we.phorge.it/D25461
Summary:
Premising that the `$old` and `$new` variables are 1-element arrays defined as PHID=>title,
this can cause `renderValue()` repeatedly fail when passing an array instead of its value.
Thus pass `head($old)` instead, to get the first value - that is the only one, even if you rename
multiple images (since this Transaction is about a single Mockup image).
Closes T15646
Test Plan:
* Have `phd` running
* Create a Pholio mockup with at least one image
Edit the Pholio mockup and:
1. rename the Titles of an image
2. rename a single Image
3. rename no image
No nuclear implosions. You still see a lovely Feed mentioning each rename.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15646
Differential Revision: https://we.phorge.it/D25441
Summary:
If the author and the committer are the same person, do not show them twice.
From:
UsernameFoo committed <commit hash>: <commit msg> (authored by UsernameFoo).
To:
UsernameFoo committed <commit hash>: <commit msg>
This only affects the feed.
| Before | After |
|-----------|-----------|
| {F342758} | {F342764} |
Closes T15528
Test Plan: Do some mixed commits and visit /feed/query/all/. No nuclear implosions.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15528
Differential Revision: https://we.phorge.it/D25421
Summary:
It's useless without SMS support and only exposed to the user themselves.
Closes T15486
Test Plan:
Before and after applying this patch,
* Try to access the list of your contact numbers at `/settings/panel/contact/`
* Try to access an existing, previously created contact number at `/auth/contact/1/`
* Try to add a contact number at `/auth/contact/edit/`
* Go to e.g. `/settings/panel/datetime` and check the "Authentication" section in the left sidebar for {nav icon=hashtag, name=Contact Numbers}
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15486
Differential Revision: https://we.phorge.it/D25452
Summary:
Let instance admins decide whether to allow PDFs to be viewable as a Web page. See <5ec132bf9e>.
MOZILLA: Instead of always allowing PDFs to be viewable in the web UI, [...]
This checks that the PDF mimetype is viewable according to the system
configuration.
Ref Q83.
Test Plan:
1. Set `files.viewable-mime-types` to exclude application/pdf.
2. Upload a pdf file.
3. See "No document engine can render the contents of this file." in web UI.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25464
Summary:
Inherit viewPolicy from original image in image transforms and warn about Profile transform making transformed images public. Details:
https://hackerone.com/reports/19840608358b435a9
Closes T15663
Test Plan:
1. Click {nav View Transforms} on an image file with restrictive view policy.
2. See (Image will be Public) warning on Profile transform.
3. Click on Workcard transform.
4. Go back to {nav View Transforms} page and visit the Workcard transformed file.
5. Check if its view policy matches the original file.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15663
Differential Revision: https://we.phorge.it/D25462
Signed-off-by: Zero King <l2dy@icloud.com>
Summary:
Make it possible not to allow anyone to edit Diffusion identities.
Make it possible not to allow anyone to view other users' email addresses.
Closes T15443
Test Plan:
* As an admin, go to `/applications/view/PhabricatorDiffusionApplication/` and see new policy "Can Edit and View Identities" set to "All Users" (as implicitly before)
* As an admin, go to `/applications/view/PhabricatorDiffusionApplication/` and change "Can Edit and View Identities" from "All Users" to "Administrators"
* As a non-admin, go to `/diffusion/identity/` and try to select the disabled "Create Identity" button; get an error message clicking it due to lack of permissions
* Given there is at least one identity defined, as a non-admin, go directly to `/diffusion/identity/view/1/` and get "You do not have permission to view this object."
* Given there is at least one identity defined, as a non-admin, go directly to `/diffusion/identity/edit/1/` and get "You do not have permission to view this object."
* As a non-admin, go directly to `/diffusion/identity/edit/form/default/` and get "You do not have permission to edit this object."
* As a non-admin, go directly to `/diffusion/identity/` and get "No Identities found." instead of seeing the existing identities listed.
* As an admin, go to `/diffusion/identity/` and still see the existing identities listed.
* As an admin, go to `/diffusion/identity/`, select "Create Identity" to go to `/diffusion/identity/edit/` and see the "Create Identity" page (though broken; see T15453)
* As an admin, go to `/diffusion/identity/view/1/` and still see the existing identity.
* As an admin, go to `/diffusion/identity/edit/1/` and successfully edit the existing identity.
Reviewers: O1 Blessed Committers, speck, valerio.bozzolan
Reviewed By: O1 Blessed Committers, speck, valerio.bozzolan
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15443
Differential Revision: https://we.phorge.it/D25450
Summary:
When throwing an exception related to output provided by `git cat-file`, include the repository monogram to allow potentially debugging in Git.
Closes T15661
Test Plan:
Unclear. Basically: "have a broken Git repository in Diffusion".
(However this patch changes a message only shown in case of an exception, so in the worst case we'd break the exception via an exception.)
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15661
Differential Revision: https://we.phorge.it/D25460
Summary:
The authentication setup check, available at <PHORGE_URL>/config/issue/auth.config-unlocked/,
contained a reference to Phabricator in the prompt of the command line hint to resolve the issue.
Similar checks only showed the prompt symbol, not the directory, so this one was changed to match.
Ref T15006
Test Plan:
- Run `./bin/auth unlock`
- Visit <PHORGE_URL>/config/issue/auth.config-unlocked/
- Notice that, with this patch, "phabricator" no longer appears in the prompt prefix
for the suggested fix command at the end of the page.
Reviewers: O1 Blessed Committers, valerio.bozzolan, speck
Reviewed By: O1 Blessed Committers, valerio.bozzolan, speck
Subscribers: avivey, tobiaswiese, Matthew, valerio.bozzolan, Cigaryno
Maniphest Tasks: T15006
Differential Revision: https://we.phorge.it/D25425
Summary:
This applies a suggestion initially proposed in
https://we.phorge.it/D25420#12264
Test Plan:
- Change your browser/system timezone to differ from your Phorge profile timezone
- Click the notice that Phorge shows at the bottom left about the timezone mismatch
- Confirm that the form text has been changed as per the diff in this revision
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: aklapper, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25458
Summary:
After this change you can lurk in public chats, and receive notifications, without crashing your planet.
Fix exception "Undefined index: PHID-USER-..." shown to newcomers when they are receiving messages
from a public Chat they are not members of.
Closes T15497
Test Plan:
- Have the Notification server (Aphlict) enabled and running.
https://we.phorge.it/book/phorge/article/notifications/
- Be user Alice and visit a Conpherence Room. Alice must be not a participant.
- Be user Bob and send a message in that Room.
Now Alice does not see a crash anymore, but the message from Bob.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15497
Differential Revision: https://we.phorge.it/D25408
Summary:
The "Query" class for Given Token is missing a "withIDs()" method.
`Call to undefined method PhabricatorTokenGivenQuery::withIDs() at [PhabricatorCursorPagedPolicyAwareQuery.php:120]`
Closes T15652
Test Plan: Go to the Token page and pass a URL parameter, such as `/token/given/?after=3`
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15652
Differential Revision: https://we.phorge.it/D25455
Summary: See Q81. Link to /diviner/find/ could not find the documentation because it was renamed to "Restarting Phorge".
Test Plan:
1. Uninstall optional PHP extension zip and restart Phorge
2. Vist /config/issue/ and click on a missing extension issue
3. Click on the documentation link to Restarting
Reviewers: O1 Blessed Committers, valerio.bozzolan, speck
Reviewed By: O1 Blessed Committers, valerio.bozzolan, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25459
Summary:
When there is a new timezone conflict, you will be able to ignore it with a checkbox.
Fix T15349
Preview:
{F343198}
Test Plan: Having a conflicting timezone, click the notification so the usual popup appears. There is a checkbox, leave it checked to ignore the current conflict, uncheck to manually resolve the conflict by selecting one of the available timezones.
Reviewers: O1 Blessed Committers, valerio.bozzolan, avivey
Reviewed By: O1 Blessed Committers, valerio.bozzolan, avivey
Subscribers: speck, waldyrious, avivey, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15349
Differential Revision: https://we.phorge.it/D25420
Summary:
When renaming a project to a slug already listed under Additional hashtags and explicitly also removing that to-become slug, accessing the project via the URL `/tag/projectname/` returned a 404 until someone added the current project name explicitly under "Additional hashtags" again.
In that case, do not remove the alternative hashtag to avoid the 404.
Closes T15636
Test Plan: See steps in https://we.phorge.it/T15636
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15636
Differential Revision: https://we.phorge.it/D25453
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.
Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.
```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/repository/storage/PhabricatorRepository.php:348]
```
Closes T15658
Test Plan: Create an empty new Git repository, go to its URIs management page.
Reviewers: O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15658
Differential Revision: https://we.phorge.it/D25454
Summary:
Left-over from rPa6b550ba0394284441ee55d11e276a05eb568ad9
Closes T15655
Test Plan: Carefully read the source code file to look out for another appearance; after hours of fruitless searching get slightly disappointed.
Reviewers: O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15655
Differential Revision: https://we.phorge.it/D25451
Summary:
It seems that, in an attempt to make ICS URI(s) editable, we broke the ability
to manually import ICS files. Whops.
The cause is, the URI needs to be put inside its dedicated import engine,
and not the general one.
Since the intention of T15137 was to be able to edit this field, we have done
that in the right way this time. So, you see the field, not just in creation mode.
Thanks to the kind aklapper for reporting.
Ref T15137
Closes T15619
Rollback 02a4f8b0c8
Test Plan:
- visit /calendar/import/ and:
- create/edit an ICS File Import (now works again)
- create/edit an ICS URI Import (still work)
- try looking at an "ICS Import page" as author (URI still visible)
- try looking at an "ICS Import page" without Edit permissions (URI still omitted correctly)
Reviewers: aklapper, O1 Blessed Committers, 20after4
Reviewed By: aklapper, O1 Blessed Committers, 20after4
Subscribers: 20after4, tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15619, T15137
Differential Revision: https://we.phorge.it/D25448
Summary:
Update PhabricatorAuthCSRFEngine.php such that it doesn't fall over when provided with a null CSRF token under PHP 8.1
Fixes T15654
Test Plan: Do a POST request to phorge.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15654
Differential Revision: https://we.phorge.it/D25449
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.
Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.
```
EXCEPTION: (RuntimeException) Undefined index: above at [<arcanist>/src/error/PhutilErrorHandler.php:251]
arcanist(), phorge()
#0 <#2> PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<phorge>/src/applications/macro/engine/PhabricatorMemeEngine.php:276]
```
Closes T15637
Test Plan:
Create a meme called "angrycat" from the /macro/ page, and try a comment like this, expecting no nuclear implosion:
{meme, src=angrycat, below=}
{meme, src=angrycat, above=}
{meme, src=angrycat, below=, above=}
{meme, src=angrycat, below= , above= }
{meme, src=angrycat, below=asd}
{meme, src=angrycat, above=asd}
{meme, src=angrycat, above=asd, below=dsa}
{meme, src=angrycat, above= asd , below= dsa }
Also carefully read the code with your big eyes, keeping in mind that strlen does not accept passing `null` in PHP 8, and looking at what we did in rPb4cfe56f03b44615ac9251aed8d74bf13b085051.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15637
Differential Revision: https://we.phorge.it/D25437
Summary:
After this change the first Tab ID is always selected, so we don't risk
to have no tabs opened by default under some corner cases.
This is vaguely better than the original logic that relied on the fact that
(0=="0") is true. Besides being a vaguely weird emoticon as well, now that
I look at it better.
Original logic:
https://we.phorge.it/source/phorge/browse/master/src/applications/dashboard/paneltype/PhabricatorDashboardTabsPanelType.php;c43618a3a8bb021936fad687f04cb1a95faa23e4$289
This fixes a regression that appeared in the cute Wikimedia Phabricator
(that now is really Wikimedia Phorge). Their homepage should be gorgeous again,
without blank space due to unopened silly tabs.
Closes T15651
Test Plan:
- Have a Tab Panel (/dashboard/panel/).
- Be sure that the first Tab is automatically selected (again?)
Reviewers: aklapper, O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15651
Differential Revision: https://we.phorge.it/D25447
Summary:
Fix the following error you may encounter in production:
Too few arguments to function DiffusionDiffQueryConduitAPIMethod::getDefaultParser(), 0 passed in /var/www/phorge/src/applications/diffusion/conduit/DiffusionDiffQueryConduitAPIMethod.php on line 156 and exactly 1 expected
It was caused by the lack of a new mandatory parameter in a method.
Closes T15649
Test Plan: Check with your big eyes that a ConduitAPIRequest is passed to getDefaultParser().
Reviewers: avivey, O1 Blessed Committers, speck
Reviewed By: O1 Blessed Committers, speck
Subscribers: speck, tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15649
Differential Revision: https://we.phorge.it/D25444
Summary:
After changing the I/O type of a Diffusion repository URI, the transaction history incorrectly shows a message which talks about changing the URI's Display type instead.
Closes T15648
Test Plan: Change the I/O type of a Diffusion repo URI and look at that URIs history.
Reviewers: O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15648
Differential Revision: https://we.phorge.it/D25443
Summary:
After this change, a new input field "Milestone Name" appears in the "Edit" menu of a Milestone:
| Before | After |
|-----------|-----------|
| {F314008} | {F314005} |
So you can quickly change the name of your Milestones, from a Workboard.
Before this change, from a Workboard, this was the way to rename a Milestone:
1. click on the Milestone name (yes, that is a link)
2. click on Manage
3. click on Edit Details
4. rename
5. Save
6. Manually visit again the Project's Workboard
After this change, from a Workboard, you just need to:
1. click on Milestone > Edit
2. click on Edit Column
3. rename
4. Save
Example usage:
{F314015}
This does not change the level of permissions needed: if you have not enough
permissions to see or edit a Milestone, you cannot access this feature indeed.
In short, this is just a frontend change, keeping current policies as-is.
Closes T15143
Test Plan:
Create a Project or use an existing editable one.
Create a Milestone called "Test Milestone". You can create Milestones visiting the Project's menu {nav icon=sitemap,name=Subprojects > icon=plus,name=Create next milestone}
Visit the Project's Workboard. Find the column "Test Milestone". Click the Edit button on a Milestone, and:
- try to save another name: it must work
- try to save an empty name: nice error message shown
- try to save both the score points and the name: it must work
- try to save "FOO" as Points: you still see the error message
Also:
- do the same for the Backlog column: it still works (name still allowed to be empty)
- do the same for a "normal" Column (not the Backlog): it still work (name still __not__ allowed to be empty)
Reviewers: O1 Blessed Committers, Cigaryno, 20after4, waldyrious
Reviewed By: O1 Blessed Committers, Cigaryno, 20after4, waldyrious
Subscribers: waldyrious, brennen, aklapper, 20after4, speck, tobiaswiese, Matthew, Cigaryno
Maniphest Tasks: T15143
Differential Revision: https://we.phorge.it/D25066
Summary:
Trying to view a Jira auth provider from https://my.phorge.site/auth/ results in strlen(): Passing null to parameter #1 ($string) of type string is deprecated
This change fixes it
Fixes T15634
Test Plan:
Go to https://my.phorge.site/auth/ and have a Jira already setup.
Click on Jira auth provider
Confirm the page is displayed and no error is generated.
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15634
Differential Revision: https://we.phorge.it/D25432
Summary:
Fix issue whereby clicking on a link in Diviner (eg https://my.phorge.site/diviner/find/?name=Differential_User_Guide&type=article&jump=1) results in a strlen(null) error under PHP 8.1
Fixes T15635
Test Plan:
* Go into the Diviner differential page /book/phorge/article/differential/
* Click on the link to Differential User Guide: Inline Comments
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15635
Differential Revision: https://we.phorge.it/D25433
Summary:
In the dashboard application (https://my.phorge.site/dashboard/), when creating panels, adding panels to tab panels, and viewing query panels, we get a variety of strlen(null) errors under PHP 8.1.
This fixes all the ones seen.
Fixes T15574
Test Plan: See T15574
Reviewers: O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15574
Differential Revision: https://we.phorge.it/D25367
Summary:
This broadens the typeahead datasource search for repos. Before this patch a repository named "Alligator Simulator" would not be found with the search string "simu...". This is patched with the ferret engine search and indexing features.
See T15583
Test Plan: Create repositories with titles with 2 or more words. Search for these repos with the global typeahead search. The search term should begin with the second/third/n-th word of the repo title.
Reviewers: O1 Blessed Committers, avivey
Reviewed By: O1 Blessed Committers, avivey
Subscribers: avivey, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T15583
Differential Revision: https://we.phorge.it/D25430
Summary:
If the user specifies a text encoding via the "View Options" dropdown, respect this choice.
Ref Q68.
Test Plan: Play with the Encoding button in the view
Reviewers: O1 Blessed Committers, valerio.bozzolan
Reviewed By: O1 Blessed Committers, valerio.bozzolan
Subscribers: tinloaf, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Differential Revision: https://we.phorge.it/D25360