[00:00:49] <MirahezeRelay>	 <.labster> Does anyone here know how to install MW1.45?  I have a copy of 1.39 and 1.43, but 1.45 just prints out two tracebacks and dies.
[00:04:17] <MirahezeRelay>	 <pskyechology> shouldn't be any different
[00:04:42] <MirahezeRelay>	 <pskyechology> having the context of your thread on the mw server i would make an uneducated guess that you didn't install vector and it's pissy about that
[00:05:13] <MirahezeRelay>	 <.labster> Nah, Vector is there, and eval.php can see it.
[00:06:45] <MirahezeRelay>	 <kockaadmiralac> Do you have the tracebacks
[00:07:21] <MirahezeRelay>	 <.labster> [1/6] ```Original exception: [0dee1aecdb560f0593bbbca1] /recipe/index.php/Main_Page TypeError: array_filter(): Argument #1 ($array) must be of type array, bool given
[00:07:21] <MirahezeRelay>	 <.labster> [2/6] Backtrace:
[00:07:21] <MirahezeRelay>	 <.labster> [3/6] from /var/lib/mediawiki145recipe/includes/skins/SkinFallback.php(36)
[00:07:22] <MirahezeRelay>	 <.labster> [4/6] #0 /var/lib/mediawiki145recipe/includes/skins/SkinFallback.php(36): array_filter()
[00:07:22] <MirahezeRelay>	 <.labster> [5/6] #1 /var/lib/mediawiki145recipe/includes/skins/SkinFallback.php(57): MediaWiki\Skin\SkinFallback->findInstalledSkins()```
[00:07:22] <MirahezeRelay>	 <.labster> [6/6] the important bit.  The second is just it being thrown again from the error page.
[00:07:59] <MirahezeRelay>	 <.labster> [1/17] And from eval.php:
[00:08:00] <MirahezeRelay>	 <.labster> [2/17] ```
[00:08:00] <MirahezeRelay>	 <.labster> [3/17] pi@raspberrypi ~/recipewiki> php maintenance/run eval
[00:08:00] <MirahezeRelay>	 <.labster> [4/17] >  print_r(scandir( $wgStyleDirectory ));
[00:08:01] <MirahezeRelay>	 <.labster> [5/17] Array
[00:08:01] <MirahezeRelay>	 <.labster> [6/17] (
[00:08:01] <MirahezeRelay>	 <.labster> [7/17]     [0] => .
[00:08:02] <MirahezeRelay>	 <.labster> [8/17]     [1] => ..
[00:08:02] <MirahezeRelay>	 <.labster> [9/17]     [2] => MinervaNeue
[00:08:02] <MirahezeRelay>	 <.labster> [10/17]     [3] => MonoBook
[00:08:03] <MirahezeRelay>	 <.labster> [11/17]     [4] => README
[00:08:03] <MirahezeRelay>	 <.labster> [12/17]     [5] => Timeless
[00:08:04] <MirahezeRelay>	 <.labster> [13/17]     [6] => Vector
[00:08:04] <MirahezeRelay>	 <.labster> [14/17] )
[00:08:05] <MirahezeRelay>	 <.labster> [15/17] >  print_r(is_file("$wgStyleDirectory/Vector/skin.json"));
[00:08:05] <MirahezeRelay>	 <.labster> [16/17] 1
[00:08:06] <MirahezeRelay>	 <.labster> [17/17] ```
[00:10:25] <MirahezeRelay>	 <.labster> I actually don't know how to access MediaWikiServices inside eval.php :/
[00:10:34] <MirahezeRelay>	 <abaddriverlol, replying to .labster> `MW::srv()`
[00:10:40] <MirahezeRelay>	 <abaddriverlol> Also I'd recommend using shell.php
[00:10:47] <MirahezeRelay>	 <abaddriverlol> which doesn't require print_r
[00:10:58] <MirahezeRelay>	 <.labster> but it does have other dependencies
[00:11:08] <MirahezeRelay>	 <abaddriverlol> the dev dependencies, yeah
[00:11:44] <MirahezeRelay>	 <abaddriverlol> does the user running PHP have permission to read the skins directory?
[00:12:17] <MirahezeRelay>	 <.labster> [1/10] everyone has permission:
[00:12:17] <MirahezeRelay>	 <.labster> [2/10] ```pi@raspberrypi ~/recipewiki> ls -al skins
[00:12:17] <MirahezeRelay>	 <.labster> [3/10] total 28
[00:12:17] <MirahezeRelay>	 <.labster> [4/10] drwx-wx-wx  6 pi pi 4096 Apr  3 13:27 ./
[00:12:18] <MirahezeRelay>	 <.labster> [5/10] drwx-wx-wx 15 pi pi 4096 Apr  4 16:51 ../
[00:12:18] <MirahezeRelay>	 <.labster> [6/10] drwx-wx-wx 11 pi pi 4096 Apr  3 13:27 MinervaNeue/
[00:12:18] <MirahezeRelay>	 <.labster> [7/10] drwx-wx-wx  7 pi pi 4096 Apr  3 13:27 MonoBook/
[00:12:19] <MirahezeRelay>	 <.labster> [8/10] -rw-rw-rw-  1 pi pi 1276 Dec 16 17:44 README
[00:12:19] <MirahezeRelay>	 <.labster> [9/10] drwx-wx-wx  6 pi pi 4096 Apr  3 13:27 Timeless/
[00:12:19] <MirahezeRelay>	 <.labster> [10/10] drwx-wx-wx  9 pi pi 4096 Apr  3 13:27 Vector/```
[00:12:20] <MirahezeRelay>	 <abaddriverlol> otherwise I don't see any obvious reason why scandir() would return false for wgStyleDirectory
[00:13:05] <MirahezeRelay>	 <abaddriverlol> can you print out the result of `scandir($wgStyleDirectory)`?
[00:13:09] <MirahezeRelay>	 <.labster> I think the false comes from the first array_filter?
[00:13:26] <MirahezeRelay>	 <abaddriverlol> <https://github.com/wikimedia/mediawiki/blob/REL1_45/includes/skins/SkinFallback.php#L36> which would be the result of scandir
[00:13:30] <MirahezeRelay>	 <.labster> I already did...
[00:13:35] <MirahezeRelay>	 <abaddriverlol> oh
[00:13:45] <MirahezeRelay>	 <abaddriverlol> must be an issue with the user
[00:13:52] <MirahezeRelay>	 <abaddriverlol> can you try running eval.php as the user running php/mw
[00:14:37] <MirahezeRelay>	 <abaddriverlol> also I think `drwx-wx-wx` means others cannot read?
[00:15:07] <MirahezeRelay>	 <abaddriverlol> as the third from last character is a `-` but should be `r`
[00:15:20] <MirahezeRelay>	 <abaddriverlol> generally the mediawiki folder should ideally be owned by the user running php I think
[00:15:24] <MirahezeRelay>	 <abaddriverlol> e.g. www-data
[00:15:40] <MirahezeRelay>	 <.labster> ugh that is correct
[00:15:55] <MirahezeRelay>	 <pskyechology> wx but no r is crazy
[00:16:18] <MirahezeRelay>	 <.labster> welcome to Trump's America.
[00:16:28] <MirahezeRelay>	 <pskyechology> https://cdn.discordapp.com/attachments/997495586179776555/1244901099857641512/ezgif-6-14681e0a8c.gif
[00:19:12] <MirahezeRelay>	 <originalauthority, replying to .labster> Eval.php ftw!!!
[00:19:52] <MirahezeRelay>	 <.labster> okay, changing permissions worked.  Got a new error about skins not being loaded... which why would you ship a default config with zero skins enabled smh?
[00:20:35] <MirahezeRelay>	 <pskyechology> oh the woe of having to do a sysadmin
[00:21:56] <MirahezeRelay>	 <originalauthority, replying to .labster> Web installer allows you to choose a skin, not sure why that wasn't carried over to install.php
[00:22:01] <MirahezeRelay>	 <.labster> I have always hated sysadmin stuff.  Please give me software that works so I can hack it to bits.
[00:22:44] <MirahezeRelay>	 <.labster> Anyway, fine now, thanks!
[00:25:22] <MirahezeRelay>	 <.labster, replying to abaddriverlol> I certainly couldn't read
[00:27:26] <MirahezeRelay>	 <pskyechology> had to doublecheck if you either know arcane linux file rights secrets or genuinely missed it
[00:35:54] <MirahezeRelay>	 <.labster> What do you mean "know"?  I know how to chmod 777 and pray.
[00:38:54] <MirahezeRelay>	 <.labster> [1/2] Okay now this thing is trolling me:
[00:38:54] <MirahezeRelay>	 <.labster> [2/2] > [c26e00c1c0f647159a83fb24] /recipe/index.php?title=Template:1/2&action=submit InvalidArgumentException: Invalid expiry value: 1 year
[00:54:56] <MirahezeRelay>	 <.labster> okay '1 year' is the default value for $wgWatchlistExpiryMaxDuration .... what is happening to code quality
[00:55:42] <Crystalite13>	 hey tech, other than CookieConsent, does anyone know any tech updates worth mentioning in Miraheze Monthly?
[00:56:31] <MirahezeRelay>	 <pskyechology> not yet
[00:56:41] <Crystalite13>	 k
[00:56:58] <Crystalite13>	 lmk if anything comes up
[01:21:43] <MirahezeRelay>	 <abaddriverlol> I think we should consider documenting a list of technical requirements for new extensions, e.g. since we plan to support temp accounts in the future, this should be considered before deploying a new extension (among the other things like MW version support, compatibility with various parts of our infra, etc)
[01:42:06] <MirahezeRelay>	 <abaddriverlol> (filed <https://issue-tracker.miraheze.org/T15189> to track this)
[04:37:59] <MirahezeRelay>	 <elisapoly, replying to pskyechology> I just noticed there's phab for mediawiki lol
[04:38:12] <MirahezeRelay>	 <elisapoly> and holy, there's lots of tasks there every single day
[04:43:26] <MirahezeRelay>	 <hihello_what_are_you_doing_here> Well, there is a lot of mediawiki users every single day
[06:40:06] <MirahezeRelay>	 <posix_memalign, replying to Crystalite13> There's the CSP update. I don't want to do anything else with it before we have a few days of no incidents. Hopefully the Anime Vanguards Wiki incident was a one-off thing and we won't see it again.
[06:41:08] <MirahezeRelay>	 <posix_memalign> That reminds me: Varnish should send a log entry somewhere if it ever uses the fallback CSP. That'll help as ascertain edge cases with configuartion issues.
[06:47:42] <MirahezeRelay>	 <whostacking> what happened with anime vanguards
[06:51:15] <MirahezeRelay>	 <posix_memalign> [1/6] Once we have a good CSP configuration, I'm thinking of the following partition of CSP domains:
[06:51:15] <MirahezeRelay>	 <posix_memalign> [2/6] 1. Very useful and should be available to all wikis (miraheze.org). These are always in the CSP.
[06:51:16] <MirahezeRelay>	 <posix_memalign> [3/6] 2. Could be useful globally (steam, reddit, imgur, discord, youtube, etc.). These are configurable on ManageWiki. We can have the most needed ones (e.g. required by extension or very widely used) enabled by default and other ones disabled by default. Bureaucrats can toggle these to modify the wiki's CSP.
[06:51:16] <MirahezeRelay>	 <posix_memalign> [4/6] 3. Wiki-specific domains. These go into `ContentSecurityPolicy.php` as per-wiki overrides and don't need to be in ManageWiki due to lack of interest.
[06:51:16] <MirahezeRelay>	 <posix_memalign> [5/6] Another challenge is notifying wikis. I'm thinking of adding a ResourceLoader module which simply sends a message with `console.log` so that wiki admins know what's going on when they try to debug. This is only necessary if we aggressively mark domains as disabled on ManageWiki in step 2. TBH a CSP notice in the console could just be there regardless of what we are doing so th
[06:51:17] <MirahezeRelay>	 <posix_memalign> [6/6] at people are less confused.
[06:51:50] <MirahezeRelay>	 <posix_memalign, replying to whostacking> https://discord.com/channels/407504499280707585/1006789349498699827/1489413855858659389
[06:57:17] <MirahezeRelay>	 <kockaadmiralac> There's a Phab task for allowlisting domains through gadget definitions but it didn't progress much yet <https://phabricator.wikimedia.org/T419934>
[06:58:21] <MirahezeRelay>	 <kockaadmiralac> Maybe that's a more useful mechanism than having it configured globally
[07:16:04] <MirahezeRelay>	 <posix_memalign> There is a mechanism for extensions to insert domains into the CSP, but I doubt if it's used much.
[07:21:37] <MirahezeRelay>	 <kockaadmiralac> CSP feels like an abandoned feature with their removal of nonce support and all
[07:27:36] <MirahezeRelay>	 <posix_memalign, replying to kockaadmiralac> [1/2] As long as the WMF still needs to insert a CSP I think we'll be fine.
[07:27:36] <MirahezeRelay>	 <posix_memalign, replying to kockaadmiralac> [2/2] The last resort would be to use a hook like onBeforePageDisplay to insert the CSP into the header of every request. That was my initial idea, though I went with MW's built-in configurations in the end.
[08:46:16] <MirahezeRelay>	 <ccxtwf> Now that per-wiki CSP is configured, will there be a change to how CSP reviews will be done?
[08:49:38] <MirahezeRelay>	 <posix_memalign, replying to ccxtwf> I think Rhonos already said somewhere that the answer is no. This change mainly affects extremely specific requests (e.g. there's a website for a game and my wiki wants to embed an iframe on it). Previously we don't want to accept these because they pollute the global CSP. Now they are a lot more viable.
[08:50:02] <MirahezeRelay>	 <posix_memalign> So bilibili will have to wait. The idea that has been floated alongside per-wiki CSP is a proxying service, but no one has taken it up in the tech team yet.
[08:50:43] <MirahezeRelay>	 <posix_memalign> I'd imagine proxying would help bilibili image requests.
[12:24:51] <MirahezeRelay>	 <thewwrnerdguy, replying to Crystalite13> @crystalite13 possibly the whole thing about no longer recommending SMW now we have Bucket
[16:58:47] <MirahezeRelay>	 <crystalite13, replying to thewwrnerdguy> Oh yeah, good idea
[19:23:41] <MirahezeRelay>	 <piggypig> STALINE13
[21:06:50] <MirahezeRelay>	 <rhinosf1, replying to ccxtwf> If there's any change, it'll be asking more questions not less
[21:08:07] <MirahezeRelay>	 <rhinosf1> New CSP entries need to be showing 1) why it can't be done through external data or an extension 2) why the resource can't be hosted with us or somebody already on the CSP 3) whether it's relevant to one wiki or all
[21:08:27] <MirahezeRelay>	 <rhinosf1> I expect they'll be more reviews of things staying on the CSP too
[22:42:03] <MirahezeRelay>	 <abaddriverlol> https://issue-tracker.miraheze.org/T15194 in case anybody has any opinions about this extension
[22:44:19] <MirahezeRelay>	 <abaddriverlol> Also if I could get a +1 from somebody to restrict LanguageSelector (pending undeployment in <https://issue-tracker.miraheze.org/T14657> once we figure out a replacement), that would be great; the sooner we do this, the easier it will be to replace it
[22:46:43] <MirahezeRelay>	 <pskyechology> don't we have an UniversalLanguageSelector
[22:46:52] <MirahezeRelay>	 <pskyechology> not a drop-in replacement but close enough
[22:46:54] <MirahezeRelay>	 <abaddriverlol, replying to abaddriverlol> Oh btw there are also two other proposed undeployments in <https://issue-tracker.miraheze.org/T15015> and <https://issue-tracker.miraheze.org/T14270>
[22:47:22] <MirahezeRelay>	 <abaddriverlol, replying to pskyechology> yes, per <https://issue-tracker.miraheze.org/T14657#293528> it could maybe replace languageselector
[22:48:39] <MirahezeRelay>	 <pskyechology> I think LS also had the issue of possibly caching foreign languages so I've no issue supporting its restriction
[22:49:12] <MirahezeRelay>	 <abaddriverlol> Okay
[22:49:25] <MirahezeRelay>	 <abaddriverlol> Do we want to point users to SR/RC or Phorge if they want to disable it themselves before we undeploy it?
[22:49:35] <MirahezeRelay>	 <abaddriverlol> Since they can't really do that if it's restricted
[22:50:03] <MirahezeRelay>	 <pskyechology> i would say SR/RC but we currently have a lot more tech capacity than steward capacity
[22:50:33] <MirahezeRelay>	 <pskyechology> like a lot lot lot more
[22:50:35] <MirahezeRelay>	 <abaddriverlol> yeah..
[22:50:43] <MirahezeRelay>	 <pixldev> :cryingpomni:
[22:51:41] <MirahezeRelay>	 <pskyechology> i've never really understood SR/RC being steward domain only when a lot of extensions are restricted for technical reasons rather than policy
[22:52:00] <MirahezeRelay>	 <abaddriverlol> yeah tbh SMW, Cargo and similar stuff should be managed by tech
[22:52:36] <MirahezeRelay>	 <abaddriverlol> also stuff like wgHAWelcomeWelcomeUsername or wgMaxCredits
[22:52:43] <MirahezeRelay>	 <pskyechology> great I get to write another RfWhatever
[22:52:54] <MirahezeRelay>	 <abaddriverlol> that would be cool
[22:53:33] <MirahezeRelay>	 <abaddriverlol, replying to abaddriverlol> I think I'll point users to phorge since that's easier
[22:54:04] <MirahezeRelay>	 <pskyechology> better use the limited steward resources elsewhere aye
[23:22:14] <MirahezeRelay>	 <pskyechology> yeehaw https://meta.miraheze.org/wiki/User:Skye/RCTech