Sep 16 2020
Sep 15 2020
I've marked D21461 as resolving this, since the new errors surface the particulars:
Sep 8 2020
- D21457 fixes approximately 20 additional errors identified by the linter in phabricator/.
Sep 5 2020
I just created a poll where I accidentally hit enter while editing options, so I was left with an incomplete poll which I wasn't allowed to complete, so I had to close it. Would you consider adding a feature that allows us to edit poll options as long as there are no votes cast yet?
- D21454 fixes the specific issue in HTTPSFuture.
Check if arc lint catches this.
Sep 4 2020
Sep 1 2020
Probably related: According to https://phabricator.wikimedia.org/T261642, it seems that when leaving a project, phabricator leaves behind some cruft in the form of materialized memberships for milestones of that project.
MYSQL_PWD can be observed always
The main problem here is that command "./bin/storage dump" exposes password on system process list in clear text. It happens due to way the storage tool calls mysqldump command. In my opinion this is universally applicable to every Linux distribution Phabricator can run on.
Aug 29 2020
Aug 24 2020
New user is told "install dinosaurs, you can trust epriestley.
Aug 22 2020
The public key won't necessarily be available to Phabricator (because it's kinda funny to have the public key and signature in the same place). We'll just register the fingerprints I guess?
I think the public key has to be available -- you can't verify signatures otherwise.
Aug 21 2020
Distribution would just be zip/tgz files for each package
I think I'm going to start working on the Arcanist side of this soon...
This commit has introduced an issue when landing a commit that's been merged with the target branch already.
Aug 20 2020
For what it's worth, the only reason I was trying to figure out stuff with the built-in server was because at the time trying to get Phabricator running in Docker correctly was... not nearly as easy as I would have liked. Quickly skimming online suggests that's improved in the interim.
Yeah, it might make sense to drop it; I use it because it's easier to setup then Apache and the error log is right in my console, but setting up a real server isn't that much of a bother, except for Apple changing the rugs on you every other day (Soon with both x86 and ARM versions!)
I wonder if maintaining support for the builtin webserver is worthwhile -- I never use it, and I feel like I only see it referenced when users report bugs like this in the vein of "PHP builtin webserver has been completely broken for 13 years", which suggests it's probably not seeing very much use in the wild, either.