I think the following change to src/applications/herald/controller/HeraldRuleController.php line 672 (as of 185c28f307e4) should provide an immediate improvement to at least indicate that they are different rules:

Shouldn't there be something in the Changelog about this change?

This makes it rather annoying to create a new observed repository, as you first need to set all 6 (if both https and ssh access are configured) default URIs to read only before adding the URI to Observe.

Since the History is now dumbed down and separated from the Technical details on the Graph view, it might be more useful to filter out merge commits from the History view. Perhaps they can be replaced by a small "Merged to <branch>" link at the bottom of the box for the last non-merge commit that was part of the merge.

+1 for bringing this back.

It doesn't try to run evil.exe until I edit the cell (the csv version, and the modified xlsx I saved myself try to start on opening).

Actually, Excel 2016 is vulnerable. The test case is incomplete. The cell needs to be =cmd|'/C evil.exe'!A0 to trigger the issue.
By modifying the value in both the xlsx and csv files, I was able to blindly click yes on lots of warning prompts and start calc.exe. But I am not sure that modifying the value in the xlsx file is giving the same result as the export would (something may have been stripped off in the meantime...)

It seems an up to date patched Excel 2016 is not vulnerable.

Saving this file as csv also doesn't trigger the bug in Excel 2016 - on reopening, Excel misdetects the format as SYLK, warns about the extension not matching, then warns that an error occured during loading, and finally when you agree to continue loading as "a different format", it opens without running calc.exe or prompting to update cells.

I should also mention that phabricator.allow-email-users is false on this install. Another option to avoid backscatter spam could be to limit the error messages to registered users (maybe even regardless of that setting).

Version is stable, updated about 2 hours ago.

You seem to be only considering Mac editors, where URLs seem to be a fairly standard way of launching editors that is documented in the editor's own documentation.

I updated the summary to hopefully make the problem description more clear, and to add an additional problem which I encountered on one vendor's custom made bug tracker, where their search was returning URLs that were only temporarily valid in the session that the search was done in.

It's my fault - I edited the comment to add that link (probably based on
the same search you did) in parallel with your reply.

Unfortunately "W. Europe Standard Time" is just one of the many unnecessarily verbose timezone names that Microsoft uses. I also had "Singapore Standard Time" and "Russian Time" (which I presume refers to Moscow, rather than any of the other dozen or so timezones in Russia) in my calendar for this week.

ICS import does not seem to parse VTIMEZONE entries in the ICS file. This is perhaps related to the Zimbra issues above, though in my case I am importing from outlook.office365.com. The ics contents include:

Shortname is already used for the shortname.git portion of the URI. Would it be out of the question to allow a separate path to be configured, perhaps also including nested directories?

On second thoughts, the flexibility of a Herald rule may already be better for me, as I want to filter out Merge Commits from auditing (at least when they are merged by an Owner), since the individual commits that are merged already have their own audit.

Yes, that would also solve the problem for me, and would probably be an easier option for new users.

As an alternative to Luke081515.2's request for an option, I just filed T11118. This would also allow an easy return to the old behaviour of always triggering audits, regardless of who the author is.

If a package is defined with multiple owners (or a group ownership), it is a reasonable expectation that even when an owner commits a change, other owners will review that change. This is how owners has worked up until the T10939 changes recently.

AFAIK, it is still the only way to this. I added some bits to it to automatically populate email and name when registering, for the case where authentication is done against an ActiveDirectory instance via kerberos and LDAP, which I published at https://github.com/make-all/libphremoteuser

It seems the change from setting the result to FAIL to throwing an exception in the case where the server does not return 200 is skipping some code after the call that was overriding the result to WAITING in the case where a build was set to wait for result. Probably this was a bug in the case where the result was already set to fail.

Although the return code check against exactly 200 has always been there, integration with jenkins was working as expected before rPd735c7adf2d5897d3ae08f3aba12774030c0d3b1

Not just for Australia/Melbourne, for anyone who prefers Big-Endian or Little-Endian date format to the obscure Middle-Endian format used in the US.

It seems in rP2bc9dec85f038c99788eb2a2c23de0285441505d that you forgot about Calendar List view.

This extension will help with the mapping of old vcs aliases: https://github.com/make-all/libphalias

Likewise, we're using them for milestones. But really, what I think we want is calendars tied to projects, countdowns just seemed like the best alternative.