2018 Week 6 (Early February)
Summary of changes from February 2, 2018 to February 9, 2018.
Codebase | Repository | HEAD | Activity | |
---|---|---|---|---|
Phabricator | rP | rPc64aae052f | 67 commits | |
Arcanist | rARC | rARC34910942 | 1 commit | |
libphutil | rPHU | rPHUf91ef41 | 4 commits | |
Instances (SAAS) | rSAAS | rSAASa71d20f | 1 commit | |
Services (SAAS) | rSERVICES | rSERVICESedd96db | 0 commits | |
Core (SAAS) | rCORE | rCOREc937d90 | 1 commit | |
- These changes were promoted to stable.
General
[] Webhooks: Herald now supports formally defining webhooks. You can configure webhooks in "firehose" mode (so they receive all events) or use Herald rules to call them when certain conditions are met.
See User Guide: Webhooks for more detailed discussion.
Webhooks are likely a bit rough in this release and may not be able to cover all use cases yet. The older feed.http-hooks mechanism still works, but the intent is to replace it with webhooks in the future.
[] Mail Stamps: Mail now supports "mail stamps" to make it easier to use client rules to route or flag mail. Stamps are pieces of standardized metadata attached to mail in a machine-parseable format, like "FRAGILE" or "RETURN TO SENDER" might be stamped on a package.
By default, stamps are available in the X-Phabricator-Stamps header. You can also enable them in the mail body by changing the Settings โ Email Format โ Send Stamps setting. This may be useful if you use a client like Gmail which can not act on mail headers.
Stamps provide more comprehensive information about object and change state than was previously available, and you can now highlight important mail which has stamps like mention(@alice) or reviewer(@alice).
See T13069 for additional discussion and plans for this feature.
[] Mute: You can now Mute Notifications for any object which supports subscriptions. This action is available in the right-hand column under Subscribe. Muting notifications for an object stops you from receiving mail from that object, except for mail triggered by Send me an email rules in Herald.
This feature is "on probation" and may be removed in the future if it proves more confusing than useful.
See T13068 for some discussion.
[] Task Close Date: Maniphest now explicitly tracks a closed date (and closing actor) for tasks. This data will be built retroactively by a migration during the upgrade. This will take a little while if you have a lot of tasks (see "Migrations" below).
The Maniphest search UI can now order by close date and filter tasks closed between particular dates or closed by certain users. The maniphest.search API has similar support, and returns this data in result sets. This data is also now available via Export Data.
For closed tasks, the main task list view now shows a checkmark icon and the close date. For open tasks, the view retains the old behavior (no icon, modified date).
[] Require secure mail: Herald rules can now Require secure mail. You can use this action to prevent discussion of sensitive objects (like security bugfixes) from being transmitted via email.
To use this feature, you'll generally write a Herald rule like this:
Global Rule for Revisions
When:
[ Projects ][ include ][ Security Fix ]
Take actions:
[ Require secure mail ]
Users will still be notified that the corresponding object has been updated, but will have to follow a link in the mail to view details over HTTPS.
This may be useful if you use mailing lists with wide distributions or model sophisticated attackers as threats.
Note that this action is currently not stateful: the rule must keep matching every update to keep the object under wraps. This may change in the future. This flag may also support continuing to send mail content if GPG is configured in some future release.
See T13053 for some additional discussion.
Postmark Support: We now support Postmark as an outbound and inbound mailer.
Multiple Mailers: Phabricator now supports configuring multiple outbound mail pathways via cluster.mailers. In the future, this will also be the way that individual mailers are configured, although this change should not affect existing setups yet.
You can configure multiple mailers to improve delivery reliability: Phabricator will automatically fail over from the primary mailer to a backup if the primary mailer fails. You can also configure Phabricator to balance load across multiple SMTP servers.
See the updated Configuring Outbound Email documentation for more details. See T12677 for history and context.
Security
- If metamta.one-mail-per-recipient is disabled (this is not the default), the new "Require secure mail" action will leak the mail's recipient list in the "To" and "Cc" headers. This is probably what you'd expect (and is now mentioned in the documentation for the setting), but might be surprising.
Migrations
Migration | Risk | Duration | Notes |
---|---|---|---|
20180207.mail.01.task.sql | 2,020 ms | ||
20180207.mail.02.revision.sql | 1,603 ms | ||
20180207.mail.03.mock.sql | 76 ms | ||
20180208.maniphest.01.close.sql | 3,530 ms | ||
20180208.maniphest.02.populate.php | 116,080 ms | Backfills task close dates. | |
20180209.hook.01.hook.sql | 15 ms | ||
20180209.hook.02.hookxaction.sql | 19 ms | ||
20180209.hook.03.hookrequest.sql | 13 ms | ||
"Duration" is the duration for this install, and may not be representative.
Upgrading / Compatibility
- Phabricator now uses object PHIDs as the Thread-Topic for all objects. This may cause a one-time break in mail threading in some clients (likely, Outlook). See D19012 for some discussion and context, and let us know if this change negatively impacts your users. This header requires making tradeoffs in the context of the "Require secure mail" flag.
- Phabricator no longer sends email describing errors with inbound mail processing to unverified addresses (for example, typos with mail commands like !project). In some configurations, this may result in users no longer receiving an error message email when they previously would have. See T13066 for more details and discussion.
- The feed.http-hooks setting is still supported, but will eventually be deprecated and removed in favor of webhooks. If you rely on feed.http-hooks, begin looking at webhooks as an eventual replacement.
- All mailer configuration is still supported, but will eventually be deprecated and replaced with cluster.mailers. Consider evaluating a switch to cluster.mailers.
- When a user is removed from the recipient list for an object (for example, @alice removes @bailey as a reviewer on a revision), the change now takes effect after we send mail about it. Previously, the change took effect immediately, so @bailey would not be notified that she had been removed from the discussion in some cases.
- [] When you resign from a revision, you will no longer receive mail about that revision which is sent to packages or projects that you're a member of which are still reviewers or subscribers for the revision. You'll receive mail again if you later subscribe to the revision explicitly, or another user or a Herald rule subscribe you. This is impossible to explain simply but it should mostly do what you'd expect/want now.
- Creative display names like Hector "I Swear My Legal Second Middle Name is My Email Address In Quotes" "<hector@secret.bunker>" Hobgoblin-Jones should now be encoded more correctly in email addresses before being handed to mailers.
- [] File attachments in mail are now stored in the Files application instead of directly in mail message rows. This fixes an issue where attachments with non-UTF8 content could get stuck when trying to generate mail.
- Mail about pushes now includes an HTML body.
- Object references (like D123) now render as D123 <uri> in plain text email. This better preserves intent and makes the links clickable if the original text was something like See T123/T124.
Minor
- [] The exact scope of the --everything flags to arc unit and arc lint is now more clearly documented.
- [] We now attempt to setlocale() the main process to en_US.UTF-8 unconditionally. This fixes some issues with UTF8 arguments being passed to subprocesses in environments where the default locale is POSIX or similar. This is not an exhaustive fix for all locale issues, see T7339 and T5554 for discussion.
- The ๐ emoji can now be selected with :party:, :confetti:, or :celebration:, in addition to the existing :tada:.
- Fixed an issue where Herald rules that support only one repetition policy would fatal when created or saved.
- Under Git 2.16.0, the file path typeahead at the root of a repository should no longer fail.
- Fixed a bad link in the NUX view for Legalpad.
- bin/config set ... now supports a --stdin flag to make it easier to set complex JSON values. This may be particularly useful when configuring cluster.mailers.
- Phortune subscriptions which have autopay configured against a disabled payment method no longer charge the payment method in any circumstances.
- Herald now has a Acting user field. This is useful in some cases to ignore actions which you take when writing Herald rules that Send me an email.
- [] When viewing a repository URI, we no longer load and then immediately discard every other repository and URI. Wow! That's way faster!
- [] The filetree view in Differential and Diffusion is now more colorful and shows inline counts. This is a quick change to make the data available and some refinements are planned at some point, maybe.
- transaction.search can now be constrained by transaction PHIDs. This is probably primarily useful in conjuction with webhooks.
- [] Image macro names are no longer limited to latin characters. In particular, they can now be constructed purely from emoji.
- [] bin/almanac [un]trust-key now purges the SSH key cache.
Developer
- Improved handling of "class must implement all abstract methods" and some other similar include-time errors under PHP7.
- Added a bin/conduit call workflow to make it easier to debug certain issues with Conduit, particularly in a clustered environment.
The [] icon indicates a change backed by support mana.
- Last Author
- epriestley
- Last Edited
- Feb 10 2018, 1:16 AM