bacthanks gmb.  fwiw i had tried using person_logged_in and got other issues.  i'll have a look at your branch.12:23
bacgmb: my problem was i tried using person_logged_in and then passing the principal to create_initialized_view -- you must do both12:26
gary_posterbac, feature_flag issue is dealt with?  danilos has OCR today, so if you are close to working on the client branch, we should maybe plan for a handoff on danilos' current task, at least if he is not finished by his EoD12:37
danilosgary_poster, hi, I hope I'll get this done before our meeting even with OCR12:41
gary_postercool danilos, np then12:41
bacgary_poster: yes, i understand now how to get the tests working.  it is now a matter of replicating them across pillars12:43
gary_posterbac, awesome12:43
bacseveral hours work, at least12:43
gary_posterbac, is there anything that we can share?12:43
bacgary_poster: may be more trouble than worth12:43
gary_posterok bac.  Please keep it in mind in case you discover something that might change your mind12:44
bacwill do12:44
gmbbac: Glad I could help.12:59
gary_posterbenji, fwiw added another card to FW 2 that you can move to when done with your current bug13:16
gary_posterprobably should be fixed before merging13:16
gary_posterI might take it myself if I get to it13:16
gary_posterbac, benji, danilos, gmb, mumble/kanban in 213:28
gary_postersomeone, what is the easy way to get a url to an object in a differnt pillar than the one you are in now?  There must be an easy way, and I may even have known it at some point...13:29
gmbgary_poster: You mean a different rootsite? (e.g. code, bugs, answers, etc.)13:30
bacgary_poster: e.g.  return urlappend(canonical_url(self.context, rootsite='feeds'),13:31
gary_posterthanks, gmb, btw13:44
gary_posterfor answer :-)13:44
danilos"subscribe to bug mail" link on lp.dev/firefox has stopped working for me with latest accordionoverlay branch13:54
danilosis this known or not?13:54
gary_posterdanilos: you need to turn on feature flag.  one sec, will get detail...13:56
gary_posterbenji, I think that bug is just adding "escape" into a magic point within "render_filter_name" yeah?13:57
gary_posterdanilos ^13:57
benjigary_poster: yep; I bet http://developer.yahoo.com/yui/3/api/Escape.html will work13:57
gary_posterfoo.bar@canonical.com has privs13:58
danilosgary_poster, cool, thanks13:58
gary_posterdanilos, np13:58
gary_posterbenji, cool. I wonder what the diff between that and javascript escape is13:58
gary_posterbut anyway13:58
gary_posterrun with the YUI version :-)13:58
benjiactually, Gavin just noted on a related bug (740096) that using Y.Node instead of strings of HTML would fix/avoid this class of problem, so I'm going to try that13:59
gary_posterah cool14:00
gary_posterbug 74009614:01
gary_posteroh mup, you're never there when I want you14:01
benjixss vulnerability in new bug subscription overlay; https://bugs.launchpad.net/launchpad/+bug/74064014:01
benjioops, wrong one14:01
benjiwhen updating a code build recipe json returned isn't escaped; https://bugs.launchpad.net/launchpad/+bug/74009614:01
gary_posteryeah, thank you. https://launchpad.net/bugs/BUG_NUMBER is almost but not quite as fast as mup.14:03
benjiI have a Firefox bookmarklet that lets me type "bug NUMBER" and it takes me to the bug.14:06
gary_posterah, nicer14:13
gary_posterchrome really is noticeably faster for me though.  :-/ FF 4 is better but still there's an appreciable difference.14:14
gary_posteras an aside about FF :-)14:14
benjigary_poster: the XSS bug is a bit bigger than just description; it could come from any of the values (if we allow HTML-like values in those fields); should I just do description now and file another bug to determine the scope of the problem/fix the others?14:30
gary_posterbenji, fix that bug, land a branch so I can adjust my code to deal with the change :-P , and add a new card for the other fields and start on that.14:31
gary_posterno need for a bug IMO14:31
gary_posterlemme know when it is landed please14:31
bacgary_poster: got a sec?14:38
gary_postersure bac14:38
bacgary_poster: mumbe14:39
benjigary_poster: the XSS problem is even deeper than that, I believe this is really a bug in lazr.restful; investigating now.  I've tried to come up with a hacky solution but can't think of one.  On the other hand, the only change we should have to make to the branch is to use a newer lazr.restful once I fix this.14:46
gary_posterbenji, sounds scary in terms of backwards compatibility14:49
benjigary_poster: I take it back; the bug is definately in LP; I think I can have a fix shortly.14:49
gary_posterbac, this is interesting from LEP:14:49
gary_posterbdmurray: gary_poster: looking again I think bug supervisors can structurally subscribe to distro bugs if a bug supervisor is set14:49
gary_posterbdmurray: gary_poster: at least that is the way it was when I wrote it14:49
gary_postergary_poster: bdmurray, oh? I'm afraid I'm not even sure how bug supervisors fit into it14:49
gary_posterbdmurray: gary_poster: its only for distributions with bug supervisors set that structural subscriptions are restricted for and they are restricted to the members of the bug supervisor team14:49
gary_posterbac, so it seems that distributions do not generically enable this functionality, but it is enabled selectively for certain users14:50
gary_posterif you need more details we will probably have to turn to a bugs team expert14:51
bacgary_poster: then we may be in good shape, sort of14:51
gary_posterok cool14:51
bacthat explains why i don't see it on the bug page14:51
bacit'll take some finagling to get it to show up properly on the overview page under those conditions14:51
* gary_poster has landed two small branches to ~yellow. I'd like to make another small change, but that will wait for the XSS work.15:07
gary_posterbac, did you want me to help?15:30
bacgary_poster: i do.  sorry for the delay.15:30
gary_posterIf you are doing a punchlist item that is supposed to go into the mongo branch and therefore not go through the usual review/landing process, please feel free to use the new "completed punchlist items" column15:34
gary_posterI should have added that sooner; I forget how mutable the kanban board is15:34
benjiok, I need a consult; I must be doing something wrong with 740640.  What's happening is that the JSON representation of the bug filters is inserted into a script tag at the bottom of the page.  If the description contains </script><script>DO BAD THINGS</script> then bad things are done...15:34
gary_posterWe'll remove those as soon as we land the mongo branches15:34
benji...I expected wrapping the JSON in a CDATA and/or HTML comment would fix that, but it doesn't.15:35
gary_posterok, first thought15:35
benjiAn we can't just escape the whole string because that will lead to HTML-escaped data getting into the DB (not the right thing to do).15:35
gary_posterwe should disallow funky characters in the names15:36
gary_posterwe do that elsewhere AFAIK15:36
gary_posterand should do it here for simplicity15:36
gary_posterthat seems to solve the problem quickly and reasonably15:36
benjigary_poster: yeah, it's reasonable for the short term, but I feel bad leaving it this way in general; we're going to keep getting outselves into this situation and there seems to be a central place to fix it15:38
gary_posterI wonder if the policy is the right way to fix it thoug15:38
gary_posteryou bring up good concerns about escaping15:38
gary_posterI suppose you could say lazr.restful escapes on the way out and unescapes coming back in15:39
gary_posterbut that's going to be pretty hairy to incorporate is my guess15:39
gary_posterbecause nothing expexts the unescaping ATM15:39
gary_postereven if this were isolated to just the JS bits15:39
benjiright; I have a strong gut feeling that there is a right way to do this that won't affect existing code, but I don't know what it is right now15:40
gary_posterI don't see it either.  Other problematic variations:15:41
benjiregarding disallowing funky characters: it seems to me that we need to do that at PATCH time, not in the JS (otherwise people can use the web service directly to inject their XSS attack)15:42
gary_posterlazr.restful (or whatever machinery does this thing for the response cache) pukes if it gets a string that is not safe to put in the browser, unless there is some gesture to escape it.15:42
gary_posterdisallowing funky characters: this needs to be in the server15:42
gary_posterand then needs validation on the clientside of a similar sort to the thing that we need for tags15:43
gary_posterso I agree, the only thing in the JS is code to make the error friendly15:44
gary_posterdisallowing funky characters happens in the DB for tags, I've heard15:44
gary_posterGoing that deep is appropriate here too if there is precedence, in fact15:45
gary_posterAlso note that we only render to the page what the server gives us.  When we do a patch, the server gives us back the new representation, and that's what we render15:45
benjiHow much time pressure are we under for this fix?  I don't think adding a "be sure strings are browser-safe" to lazr.restful is the right thing to do, but don't know how long it will take to figure out the right thing.15:46
benjiyeah, doing tag-like, DB-level string safety checks might be the best short term thing we can do15:46
gary_posterbenji, yes.  This is what I'd like:15:47
gary_poster1) DB-level string safety checks15:47
gary_poster2)  JS-level friendliness about it all15:47
bacgary_poster: email sent15:48
bacwith tasks.  let me know if it doesn't make sense15:48
gary_poster3) A bug about the larger problem, if you like.  As I said, my current feeling is that the answer is to typically not allow XSS-type charecters in fields.  I suppose lazr.restful could try to enforce that, but I don't love it15:48
gary_posterbenji, done.15:48
gary_posterbac, thanks, will read.15:48
benjigary_poster: sounds good; I'll work on 1 and 2 now (well, and after lunch)15:49
gary_posterbenji, cool15:49
danilosbac, gary_poster: error handling being pushed right now15:58
danilosbac, gary_poster: and now done, it should be in ~yellow/launchpad/accordionoverlay15:59
bacdanilos: great16:02
gary_posterawesome danilos, thanks16:02
bacgary_poster: ping me before you tackle any of those items16:11
gary_posterbac, will do.  Branch is built now, and I'm wrapping something else up.  I might have questions for you in just a sec (though if you are going to lunch np)16:11
baceating in16:11
gary_poster(pushed another small branch)16:15
danilosgary_poster, I am looking into lowercase tags stuff, should I switch to something else to help out instead?16:16
gary_posterdanilos, you have about 1:45 left, yeah?16:17
gary_posteror just :45?16:17
danilosgary_poster, something like 1h, yeah, but all of tomorrow morning as well :)16:17
gary_posterdanilos, heh, sure.  weellll...benji, you around, by chance?16:18
danilosgary_poster, there are also small bits like "Unsubscribe" not showing any progress UI and things like that16:18
gary_posterdanilos, please add cards for stuff you see like that16:19
danilosgary_poster, right, I'll do that16:19
benjigary_poster: kinda ;)16:19
gary_posterbenji :-) is there anything danilos can do for your task, or should he and I find something else?16:19
benjigary_poster: well, now that we've identified a course of action, he could persue it; I haven't yet done much discovery on how the tag spellings are enforced16:20
gary_posterack benji.  I'll give danilos some options and I'll include that as one of 'em.  I'll let you know on the kanban board and here and stuff.  Thanks16:22
* benji returns to making patty melts.16:22
gary_posterSo, danilos, here are good cards16:23
gary_poster740640, FW 2.  Task is to enforce no-scary-XSS-characters in the DB, and figure out a pretty way to display that16:23
gary_posterThat fits in nicely with the tags one16:23
gary_posterbecause they are pretty similar16:23
gary_posterSo you could take those two16:24
gary_posterYou could take 739141 in Quick Jobs16:24
gary_posteryou could take one of the two bottom cards in FW 1:16:25
gary_posterTeam subscriptions should support a personal opt-out feature, exposed on edit page and unsub-in-anger page16:25
gmbgary_poster: r=me with a couple of tweaks.16:25
gmbIt was so hard to review I broke my arm.16:25
gary_posterI thought it was [gmb covers his ears in pain]16:25
gary_postergreat thanks gmb!16:25
gary_posterdanilos: last one: Structural subscription edit/delete page should also allow adds16:25
gmbI'm going to go and get a very large cup of tea now.16:26
danilosre 740640, "enforce no-scary-XSS-chars in the DB" means basically entire 740640?16:26
* gmb knows this was just a warm up for the client-side work.16:26
gary_postergmb, :-)16:26
gary_posterdanilos, I don't understand question.  740640 means minimally the DB stuff, and I'd like to include JS-prettification too (of a similar sort to the tag approach, whatever that will be).16:27
danilosgary_poster, right, so my question is: should I consider it a single task, or two separate tasks?16:29
gary_posterdanilos, ok.  up to you.  I won't consider it done (i.e., something we can forget about) until both aspects are done, but we can arrange that a variety of ways.16:30
danilosgary_poster, right, sounds good16:31
danilosbenji, so it's ok to take the card away from you? :)16:31
gary_postercool, danilos.  benji is mking patty melts, don't bother him, it's a dangerous operation. ;-)  He volunteered the idea, so I think it's alright16:31
danilosheh, ok16:32
* benji runs away from the melted cheese explosion.16:32
danilosgary_poster, oh, on the topic of JS prettification, I don't really see what needs doing if we just want to escape stuff so it works16:45
danilos(works == avoids XSS)16:45
gary_posterdanilos, here's the story.  it's just like with tags.  Let's say I want to make a name that has some unacceptable characters in it (e.g., "importance >= high")16:47
gary_postershould we communicate that nicely?16:47
gary_posteror will your new error handling be nice enough that everything will just work?  I suspect that the error communication might need work, but maybe not16:48
danilosgary_poster, so do we have a rule that some characters are unacceptable? in cases like this (XSS attack protection), that's best done with a white list, but white listing means we also stop people from using all alphabets of the world16:48
gary_posterdanilos, if I were doing it, I probably would have done it with a blacklist, excluding characters that are escaped for HTML.  I agree that a whitelist would be safer.  What do you think?16:50
danilosgary_poster, well, I wouldn't "exclude" anything, I'd just escape it where appropriate so it never gets executed; I agree that's the least safe of the options (iow, it's easiest to break it), but it does have the benefit of allowing people to have subscriptions named "<important>" if they want to, which would make it much easier to filter on than say just "important"16:52
danilosgary_poster, or, your example16:52
gary_posterdanilos, the problem is that the values are dumped into the page by lazr.restful with automation.  Changing that behavior is not something that I want to commission right now.16:54
gary_posterMoreover, we have multiple examples of precedence in LP for this exclusion pattern16:54
danilosgary_poster, oh, that does sound sucky...16:55
danilosgary_poster, and did you mean a precedent?16:56
gary_posteryeah danilos.  ...I actually don't know for sure if I can use precedence in that way :-P16:56
gary_posterI could have said "multiple precidents" I guess :-)16:57
danilosheh, yeah16:57
danilosoh, we've got Putin in Belgrade today, it was a mess getting around the city, half of the streets closed16:57
gary_posteroh, I bet16:57
danilosjust like it was 6 months ago when we had Hilary Clinton16:58
danilosit's especially nice since my office is right across the street from the national parliament16:58
gary_posterI guess it makes sense that she would get similar treatment16:58
gary_postersecretary of state is pretty high up16:59
gary_posterbut not as much as pres, of course16:59
danilosPutin is a prime minister now, I think16:59
danilosthough, not really sure what to do with the XSS stuff; so, basically, your suggestion is to *disallow* all HTML code and alert user of the fact?17:00
gary_posterjust like with tags17:00
bacgary_poster: https://bugs.launchpad.net/launchpad/+bug/41217817:03
_mup_Bug #412178: Link to subscribe to a project group's bugmail should be on the bugs facet <confusing-ui> <lp-bugs> <ui> <Launchpad itself:Triaged> < https://launchpad.net/bugs/412178 >17:03
gary_posterbac, so yay?17:04
bacgary_poster: there is discussion in the bug about where to put the link17:05
gary_posterah, k17:05
bacit is confusing b/c someone put it there anyway:  https://bugs.launchpad.net/bazaar17:05
bacit is in an odd place17:05
bacif i can make it work, i'll just keep it in the same odd place for now17:05
* benji looks at the board for another task.17:06
benjiOh, I was supposed to talk to Leonard again, I'll do that first.17:07
gary_posterbenji, ok, then see the list of things I offered to danilos17:07
gary_posterTeam subscriptions should support a personal opt-out feature, exposed on edit page and unsub-in-anger page is a good one, and...17:08
gary_posterStructural subscription edit/delete page should also allow adds17:08
gary_posterbac, putting it in a non-weird place is harder?  I.e., like the main page?17:09
gary_posterOr just needs more thinking?17:09
bacgary_poster: more thinking.  probably should just create an actions portlet like other pages17:09
bacbut, that's the kind of thing that would possibly give curtis fits -- hard to tell17:10
gary_posterbac, actions portlet seemed like a reasonable/"obvious" solution to me.  Maybe give Curtis the option, then?17:10
gary_posterwe are on team lead call right now17:10
gary_posterand he is leader17:11
bacgary_poster: if i can make it work in the current place i'd like to defer any redesign until all other pillars work17:11
gary_posterbac, ok, will defer to you.17:11
gary_posterbac, I tried to look at the tests; I didn't quite understand how to do them yet, but I only stared at them briefly.  I've had a lot of interruptions, and now I want to get the small changes to the server branch done and sent to ec2 (where I suspect there will be problems) after the team lead call before I restart trying to share the task with you.17:14
benjigary_poster: unless you have another preference, I'll pick 739141 back up17:35
gary_posterbenji, cool17:35
gary_postergmb, I don't understand your last comment, actually.  You want a newline somewhere around18:03
gary_poster601+            required=False))18:03
gary_poster602+    @call_with(subscribed_by=REQUEST_USER)18:03
gary_posterbut that kind of export annotation is all over the file without newlines18:03
gary_posterand they all are pertinent to the method that eventually shows up18:03
gary_posterso I'm not even quite sure which newline is pertinent.18:04
gary_poster(i.e., before the @call_with line or after)18:05
gary_posterI'm guessing before18:05
gary_posterI'm taking a late lunch.  Back in a abit18:09
bacgary_poster: here are the changes required to support project groups: http://pastebin.ubuntu.com/584427/18:31
baci've pushed them to  lp:~bac/launchpad/yellow-accordionoverlay18:31
gmbgary_poster: Ah, I've made the mistake of thinking that the @call_with is the start of a new decorator stack for a new method. So ignore that.18:44
=== Ursinha is now known as Ursinha-lunch
gary_postercool gmb thanks19:00
gary_posterhow much of that is boilerplate, bac?19:02
bacgary_poster: 68%19:03
bacproject group is oh so special19:03
bacjust like everything else19:03
bacgary_poster: we have a problem with some of the "hand constructed" links19:03
bacthey are wrapped as a <tr>.  i had to mark the <tr> as the menu link so that both the text and icon are clickable19:04
gary_posterAh I think I understand.19:04
bacbut in doing so, the js-action class is not being properly displayed as green19:04
gary_postercan we change in CSS safely, or not so much?19:04
baci haven't looked yet.19:05
bacgary_poster: i am going to work on productseries19:06
gary_posterbenji, I'd like to delegate to you :-P .  On the team lead call, in the context of anoter XSS problem, I mentioned the issues you unearthed about lazr.restful and XSS.  Francis asked me to write an email about the issues to start a conversation about the lazr.restful aspects of this.  (Other people may be bringing up XSS but with a different focus.)19:32
gary_posterI think you'd be a better person to write that email, to be sent to launchpad-dev.  Ideally it would be done before next Wednesday.  You up for that?  If so, I'll add a "quick job" card.19:32
benjigary_poster: yep, sounds good19:33
gary_postercool thank you19:33
benjiwith any luck my pending_notifications will have figured it out by then19:33
benjiheh; pending_notifications was supposed to be my subconscious; maybe that means something19:37
gary_posterbac, I am going to try distributionsourcepackage for lack of any better ideas19:50
=== Ursinha-lunch is now known as Ursinha
gary_posterbac, is there a reason why you did """def xsubscribe(self):" instead of deleting the subscribe method?20:18
gary_posterOr, when should I do that?20:18
bacgary_poster: debug issue. merge again20:18
gary_posterbac, ack thanks20:18
bacgary_poster: i've hit a snag testing product series20:22
bacit was done very similarly to the others.  but in the page template the feature flag is never set.  vexing.20:23
gary_posterbac, I'd help if I could.  If I get to the end of mine and you are still stuck I'll stare at it with you.20:27
gary_posterbac, I have three menus that I changed in the code to conditionally show the new add form, but I can only find two of them throught the UI.  Do you have any strategies to know what is being added where?20:40
bacgary_poster: three?  what are they?20:40
bacusually there is just an overview menu and a bugs menu20:40
gary_posterall three of them had "subscribe"20:41
gary_posterI guess I grep for the associated interfaces...20:41
gary_posterok maybe not20:42
bacgary_poster: congratulations.  it looks like you found a non-standard one too!20:43
bacgary_poster: a quick glance makes me think  DistributionSourcePackageActionMenu and Bugs are the two you want20:45
bacthe OverviewMenu one is a NavigationMenu not an ApplicationMenu20:46
gary_posterbac, I have no clue about this stuff, but OverviewMenu had "subscribe" in it too...20:46
bacnot that it means anything20:46
bacgary_poster: yeah, i see it20:47
gary_posterI don't know what the practical diff is between Nav menu and App menu20:47
bacgary_poster: but looking at https://launchpad.net/ubuntu/+source/live-boot i don't see anything to do with that menu20:47
gary_posterThis may be my first exposure to the menu system, in fact20:47
gary_posterother than believing that I've heard Curtis did it20:47
bacgary_poster: the one you aren't using is used for the links following "This package has"20:50
bacit should not have a subscribe link in it, i'll bet20:50
bacgary_poster: does tal:condition="python:" do shortcutting?20:51
baccan i do tal:condition="python: False and something_that_doesnot_exist"20:51
gary_posteryes, I am pretty sure so, bac20:51
baci would've thought so too20:51
gary_postercourse you should also be able to do20:51
gary_postershortcutting is not working?20:52
baci actually have another condition that i replaced with False for the example20:52
gary_posterbac, you said, "the one you aren't using is used for the links following "This package has"".  Teaching me to fish, how did you determine that?20:53
bacby looking at the links it defined and then scouring the page template20:53
gary_posterthe template or the rendered version?20:54
bacit is the one called view/overview.  the other's use is hidden behind the @@/global-actions20:54
bacit is WAY more confusing than is sane20:54
bacmenuing is so complicate that i can't ferret out the essential bits from the stuff there only to drive you crazy20:55
baci looked at the actual page template20:56
gary_posterso I should try removing subscribe entirely and see what happens, maybe from DistributionSourcePackageActionMenu?  No, that's the one that's used on the right of the main page.  Ah, no it isn't, I see, it is registered against the view, and that's the view/menu you were talking about in the template!21:03
gary_posterok...trying to understand where the overview is used now...21:03
gary_poster(So, yes, I think I should remove it from the ActionMenu, as you suggested initially)21:03
gary_posterexcept that doesn't make any sense!21:04
gary_posterthe template is using open_questions and new_bugs for view:menu21:05
gary_posteroh, which are available off of DistributionSourcePackageLinksMixin, which is in fact mixed in...21:05
gary_posterso maybe the entire links collection on DistributionSourcePackageActionMenu is a red herring?21:06
gary_postermaybe used by ../templates/distributionsourcepackage-portlet-pub-details.pt ?21:08
gary_posterI'm starting to think that all of the code on that menu class is a red herring21:09
gary_posterand the only thing it needs is the mixin and the interface declarations.  Going to try it21:10
gary_posternope, that removes it from the right hand side :-/21:12
bacgary_poster: :(21:21
bacsorry, i wasn't following along at home.  looks entertaining, though21:21
bacso in my tests, if i get a view and render it to html and then print the html, i always see:21:21
bac Features: {'malone.advanced-structural-subscriptions.enabled': None}21:22
bacregardless of the state of the feature flag i've set.21:22
baci find this highly disconcerting21:22
gary_posternp.  experimentation has proved that (1) DistributionSourcePackageActionMenu's subscribe menu option is the one that is rendered for the overview page; (2) deleting DistributionSourcePackageOverviewMenu's subscribe menu option does not break anything I can see;21:23
gary_poster(3) deleting *all* links from DistributionSourcePackageOverviewMenu's  does break things; and (4) I don't know what's going on.21:23
gary_posterI'm going to try remove the other links that don't appear to be used in DistributionSourcePackageOverviewMenu.21:23
gary_posterwell, on the bright side, for yours, you at least know that the feature flag is the problem, bac.  I'd suspect a rogue request replacing the one you think you are using...or Something Else.  Possibly alien in origin.21:24
bacEXCEPT, the tests behave as expected but for two21:24
bacso even though the state is printed as None in the summary, the value appears to be correct when evaluated21:25
bacfigure that one out21:25
* gary_poster whimpers21:26
baci wonder if that message is using the db feature flag value and not the one from the fixture?21:26
bachow could that be?21:26
bacit can't21:26
* bac tests anyway21:26
gary_posterk, 'caue I dunno21:26
gary_posterfor my mystery, I am changing DistributionSourcePackageOverviewMenu's links = ['subscribe', 'publishinghistory', 'edit', 'new_bugs', 'open_questions']  to links = ['new_bugs', 'open_questions'].  That doesn't appear to change a darn thing.  Then I only change two menus, as I'd expect.21:31
gary_posterand now for the tests...21:32
bacgary, could you fix distributionsourcepackage-index.pt21:33
bacit has malone.advanced-structural-subscriptions.enabled21:34
bacit has           <div class="package-details"21:34
bac               tal:attributes="id string:pub${pubid}-container" />21:34
bacwhich is invalid html markup21:34
bacdiv cannot be self-closing21:34
bacsafari just yelled at me21:34
gary_posterbac, if you have a second to glance over a diff, I will feel comfortable merging this.21:46
gary_posterI disabled two of the tests21:46
gary_posterBecause distribution source packages do not have owners AFAICT21:46
baclooks great gary21:47
bacer, gary_poster21:47
gary_postercool thanks bac21:47
gary_posterI am pinged by gary too21:47
gary_posterthanks, will merge21:48
bacgary_poster: are you merging to the yellow branch?21:48
gary_posteroh, right21:48
gary_posterthere's that21:48
gary_posterwhat do you want to do?21:48
bacgary_poster: why don't you push it and i'll merge into mine21:48
bacor we could make a new branch on ~yellow21:49
bacjust let me know21:49
gary_posterI suspect there will be a small conflict with your most recent changes; I'll merge that first21:49
gary_posterI'm happy either way21:49
gary_posterah, no, I was up-to-date21:50
bacgary_poster: you should check this out from david siegel.  it's a pretty nice reminder to get up and walk around21:51
bacit shows i haven't taken a break in 2h29m21:51
bacso, time for a lap around the yard21:51
gary_postercool, bac, thanks!  downloading21:51
gary_posterI pushed to lp:~yellow/launchpad/accordionoverlay-links bac21:53
gary_posterThen I did bzr pull --remember lp:~yellow/launchpad/accordionoverlay-links21:54
gary_posterso I'll pull from there from now on21:54
gary_posterbac, I'm sorry but I'm going to call it a day21:54
gary_posterI'll be ready to help out more tomorry morning21:55
gary_posterbye all21:55

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!