/srv/irclogs.ubuntu.com/2012/04/02/#launchpad-dev.txt

wallyworld_there's a lot of memcache errors00:00
wgrantIndeed.00:02
wgrantFortunately the access logs are free of such silliness.00:02
wgrantThe 9138 librarian.logs are a nice touch, though.00:03
lifelesswgrant: phew00:03
lifelesswallyworld_: ^00:03
lifelessthanks for lookig guys00:03
wallyworld_the chances would have been very small given no-one knew about the page anyway00:04
lifelesswallyworld_: yes. Sadly we have journos that follow us stealthily looking for things like this.00:06
lifelessjournos and others, but the journos we eventually find out about ;)00:06
wallyworld_do they work for news corp or something?00:07
wallyworld_i suppose they tap our phones also00:07
wgrantNah, they're too busy pirating Foxtel and Austar, aren't they? :)00:08
lifelesswallyworld_: I detect skepticsm.00:08
lifelesswhich is fine, I don't care if you're skeptical or not. Just as long as you *are* paranoid. :>00:09
wallyworld_lifeless: none intended. poor attempt at humour00:09
lifelesswallyworld_: kk00:09
wgranthttp://morecss.org/00:14
wallyworld_wgrant: bug 933839. to me that means revoke all direct grants (pillar and artifact) for team members as well as the team. whereas what it does now is just revoke the team but leaves any member's direct access in place. agree?00:14
_mup_Bug #933839: Share nothing with a user or team <disclosure> <job> <Launchpad itself:Triaged> < https://launchpad.net/bugs/933839 >00:14
wgrantwallyworld_: Nobody knows how that UI looks, AFAIK00:14
wgrantIt can't be implicit.00:15
wgrantI may have missed some mockups, though.00:15
wallyworld_wgrant: there would be a new radio button otpion00:15
wallyworld_atm there is "All" "Some" "Nothing" and there would be "Nothing (revoke team)"00:15
wallyworld_i'm just checking i understand the Nothing (revoke team) behavour00:16
wgrantAll | Some | Nothing (except not really) | Nothing (yarly)?00:16
wgrantRight.00:16
wgrantIt needs to remove explicit APGs and AAGs for the team, and any APGs or AAGs where the grantee participates in the team.00:17
wgrantThis is pretty handy.00:17
wallyworld_yes, that matches my understanding00:17
wgrant'cause it means that I, as a random outside observer, can get everyone's access revoked :)00:17
wallyworld_how? you need to be a project owner to do it00:18
* wgrant creates a team and subscribes it to a project's private bug.00:18
* wgrant quietly adds the project team to that team.00:19
wgrant$projectowner says "wtf is this team doing in my sharing view, you should have nothing"00:19
wallyworld_it would only be direct team members afaiui00:19
wgrantProject team no longer has any privileges :(00:19
wallyworld_so if it's only direct team members that wouldn't work00:20
wgrantBut considering only direct team members puts it in conflict with literally everything else that deals with teams in Launchpad.00:20
wallyworld_perhaps, but it's the only sane way to do it00:21
lifelessWait, why would it remove transitively?00:21
wallyworld_it wouldn't, that's what i'm saying00:21
lifelessrephrase, why would it remove more than the grants that mention that team|person directly ?00:22
wgrantlifeless: The design calls for a way to revoke a team's access and access held by any of the team's members/participants.00:22
lifelesswhy does it want to do that ?00:22
wallyworld_s/design/requirements00:22
wgrantI do not know.00:22
lifelesswallyworld_: can you point me at the LEP ?00:22
wallyworld_just a sec, i find it00:23
lifelessI suspect its an overgeneralisation from one of the oem scripts00:23
wallyworld_https://dev.launchpad.net/LEP/ManagingDisclosure00:23
lifelessso, Constraints and Requirements/must/4 is the thing00:24
lifelessits got some nuance in there00:24
wgrantIt doesn't explicitly say that it requires this.00:24
wallyworld_the mockups and screenshots they were based on did00:25
wgrantIt is the private team requirement, however.00:25
lifelesswgrant: sorry, where is that ?00:26
wgrantlifeless: Requirements/must/4 is the reason the private team expansion is done.00:26
wgrantIt's probably also the reason transitive revocation is done, but it doesn't explicitly require that.00:27
lifelesswgrant: the private team expansion does not follow from 4 as I read it. Can you help me understand ?00:27
wgrant"If the user has access via a team, the view must explain how to remove either the user or the team to unshare. "00:27
wallyworld_i think item #1 explains why private team expansion is required00:28
wgrantThat implies that there is a way to see the user who is only participating in sharing by being a member of a team.00:28
wgrantAh, true.00:28
wallyworld_a project owner must see who has access00:28
lifelesswgrant: (4) - you can enter a userid and see their teams; this is quite different to expanding the teams.00:28
wgrantlifeless: The leakage implications are only vaguely dissimilar.00:29
lifelesswgrant: there is room to mitigate on one side, not on the other. I agree it has serious complications though.00:29
wallyworld_so i won't start this today - we can discuss tomorrow at the standup00:30
lifelesson (1), when I reviewed the LEP I read that as 'person', not as implying every concrete user.00:31
wgrant1. A lists of all the users with all or some things shared.00:31
wgrantThe view must also show exactly how the user has access, for example: directly or via a team00:31
lifelessquoting the LEP doesn't help much.00:31
wgrantThat pretty clearly implies that it must be transitive.00:32
lifelessyes; its also a major problem00:32
wgrantCertainly.00:32
wallyworld_lifeless: wgrant: whenever the team has discussed this, we've said that if a private team is granted access to a project via a policy, they are putting themselves in a position where their info has a right to be known to the project owner/drivers and so long as they are warned....00:40
wallyworld_we've already done this for subscribing private teams to bugs for example in the current access model00:41
wgrantwallyworld_: The only previous disclosure was LimitedView00:41
wgrantThis is effectively full View00:42
wgrantIt's not warned about, and is in many cases far worse.00:42
wallyworld_not warned about yet00:42
wgrantAnd we need to remove bug-retargetting and multi-pillar bugs.00:42
wallyworld_and it's only to project owner/drivers00:42
wgrantThe latter of which was vetoed.00:42
wallyworld_and as a project owner, i have a right not to have people spy on my project00:42
wgrantRight,.00:43
lifelesswallyworld_: you need to reconcile that with 'as a private team owner, I have a right not to disclosure the membership of my team'00:43
wallyworld_lifeless: well, if you want to see someone else's project, then you must be prepared to tell them who is lookiing00:43
wallyworld_so if a private team is granted access to *my* project, i have every right ti see who they are00:44
lifelesswallyworld_: thats true; but is it the team or the members that are looking ?00:44
wallyworld_both00:44
wallyworld_as a member of a team with access, i have access also00:44
wallyworld_if that's not acceptable, then don't subscribe your private team to a public project00:45
wgrantSo00:45
wgrantThat argument would potentially hold water if Launchpad wasn't crap.00:46
wgrantBut, as I went into slightly with mpt earlier, bugs are too unowned for that to work.00:46
wgrantThis whole thing would be far easier if Launchpad wasn't gratuitously different from every other bugtracker in history :(00:46
lifelesswallyworld_: that approach cuts both ways: if you don't trust the admins of ~private-team, don't grant access to ~private-team to your project.00:46
wallyworld_that's true00:47
lifelesswallyworld_: Mitigating both those risks results in a system where you get limited view in both directions :00:47
lifeless - access grants grant reflexive limitedview on the team (and only that)00:47
wallyworld_sounds like there's slight disagreement here when we've already embarked on an approved design :-(00:47
lifelessif one wants to be sure that ~someteam is managed well, you can talk to its owner, which limitedview lets you see - and that has to be transitive (clearly)00:48
lifelesswell, I say clearly; I think it is.00:48
wallyworld_i think so00:49
lifelessyou can walk up until you get a person you know.00:49
StevenKwallyworld_: We missed one call in terms of the privacy banner, but I have that working.01:39
wallyworld_StevenK: excellent!01:39
wallyworld_StevenK: so you are now a yui guru :-)01:40
StevenKwallyworld_: One thing I can't work out is on initial page load, clicking the link the overlay doesn't have a value set, but if I choose a value and then click the link again, it does.01:40
wallyworld_StevenK: the current value needs to be passed into the choicesource constructor01:41
wallyworld_so check the value: xxxx bit01:41
StevenKwallyworld_: value: information_type.value,01:41
wallyworld_and you've logged that just to be sure it is correct?01:42
StevenKNot as yet ...01:42
wallyworld_take a quick look just to be sure01:43
StevenKinformation_type.value is undef. That would explain it.01:44
wallyworld_StevenK: the value should be USERDATA etc, not 2, 3, 4 etc01:44
StevenKAnd doing it again involves the same object and it keeps track of what was selected.01:45
StevenKwallyworld_: So I'm getting a hold of the element correctly, but how can I return what it is currently showing? .value was my guess, and it's obviously wrong.01:47
wallyworld_StevenK: you are trying to read the dom value that is not set yet01:48
wallyworld_you need to seed the initial value from the model01:48
wallyworld_ie the json request cache01:48
StevenKAh.01:48
StevenKBack to the Python01:48
StevenKwallyworld_: You have it backwards. It needs to be 3, not EMBARGOEDSECURITY.02:03
wallyworld_StevenK: in the sharing table widget, it does need to be USERDATA etc. i guess we are using slightly different data models02:04
StevenKNow I'm happy enough with the JS.02:05
StevenKNow to stab Zope's form handling.02:05
wallyworld_it would be nice to be consistent though02:05
lifelessStevenK: is today auditor day?02:06
StevenKlifeless: I was still deciding if I was going to do something on it, what did you have in mind?02:06
lifelessjust touching base to make sure you're not blocked02:07
StevenKNot blocked, just feeling that the light at the end of the tunnel is an oncoming train.02:07
StevenKwgrant: How can I debug why information_type doesn't show up in +filebug, assuming that I've ripped out security_related everywhere I saw it in the browser code.02:13
StevenKlifeless: "Overwhelmed" would be a nicer way to say it.02:35
lifelessStevenK: w.r.t. auditor ?02:36
StevenKlifeless: For both auditor and this disclosure work -- but the difference between the two is I have a clear direction, a clear goal and the steps in terms of the current disclosure work.02:38
lifelessStevenK: well, if you want those things for auditor, I'd be happy to help make them up.02:39
StevenKlifeless: I think that will help. :-)02:40
lifelessI'm available whenever you like to do that then.02:40
StevenKlifeless: After lunch?02:40
lifelessI don't know what that means, but sure :)02:40
StevenKlifeless: 12:40 here, I'll be having lunch for ~30 at 1pm.02:41
StevenKRead as 'in a little bit over an hour'02:41
nigelblifeless doesn't have lunch? lunchless?02:42
StevenKHaha02:42
StevenKmealless02:42
mwhudsoni bet lifeless can charge from usb02:43
nigelbhaha02:43
StevenKI'm not sure I want to know where his charging indicator is.02:43
nigelbtmi02:44
lifelessStevenK: col02:49
lifeless*cool*02:49
wgrantwallyworld_, jcsackett: Bug #97124103:27
_mup_Bug #971241: Sharing details page breaks when an inaccessible bug is shown <disclosure> <Launchpad itself:Triaged> < https://launchpad.net/bugs/971241 >03:28
wallyworld_hmm. one could argue that a pillar driver should be able to see bugs filed against it03:29
wgrantMost certainly not.03:29
wgrantOwner perhaps.03:29
wgrantBut there is no justification for drivers to.03:29
wallyworld_why not drivers?03:30
wgrant(even owner is debatable)03:30
wallyworld_i don't agree owner should be debatable03:30
wallyworld_if i own a prject, i have a right to see what bugs are filed against it03:30
wgrantwallyworld_: Because being someone who manages blueprint priorities shouldn't permit me to see embargoed security bugs.03:30
lifelesswgrant: careful of cause and effect03:31
wallyworld_but what if that info is required to help manage the priorities03:31
lifelesswgrant: ITYM 'Being someone who manages blueprint priorities does not imply seeing embargoed security bugs.'03:31
wgrantlifeless: Perhaps.03:31
lifelesswallyworld_: then you will have the ability to see those bugs separately.03:31
lifelesswallyworld_: e.g. via a grant to see them.03:31
wgrantNow, the owner can always grant themselves access. But I think having the separation is useful for large projects.03:32
lifelesswallyworld_: our job is to provide solid primitives that let folk drive the system.03:32
wallyworld_so the sharing details page should just filter out bugs without view access i guess03:32
lifeless(vs preconcluding particular detailed answers). We're writing a fine grained rules toolkit here.03:32
wgrantwallyworld_: It probably needs to say that they exist.03:32
wgrantBut it can't say what they are.03:33
lifelessit sounds like a case of limitedview03:33
wgrantLimitedView considered harmful.03:33
lifelesssame as duplicate-on-private; see the thing exists but no details.03:33
wgrantIndeed.03:33
lifelesswhy do you say limitedview considered harmful ?03:33
wallyworld_i'm not familiar with the implementation details of the sharing details page as i didn't write it, i'd have to look03:33
wgrantlifeless: Well03:34
wgrantlifeless: In a lot of cases it's difficult to do sensibly.03:34
wgrantIn some cases it works well.03:35
wgrantBut it's not the answer to everything :)03:35
wgrantAnyway.03:35
wgrantDrivers seeing them unconditionally is not open for debate. They must not.03:36
wgrantOwners I suspect can't always see them either, but that is more arguable.03:36
wgrant(eg. it's much easier to audit leaks if the owner has to explicitly add themselves in a logged fashion before they can see the embargoed security stuff)03:37
wallyworld_i feel sorry for drivers trying to managing priorities in the absence of all required information eg there could be a really important embargoed security bug filed they don't even know about03:38
wallyworld_i guess if the had limited view and knew the bug number they could ask03:38
lifelesswhat does the 'sharing details page' do ?03:40
wallyworld_show the artifacts (bugs and branches) a person can see03:40
wallyworld_for a pillar03:40
wgrantlifeless: https://qastaging.launchpad.net/launchpad/+sharingdetails/wgrant03:40
lifelessk03:40
wgrantwallyworld_: The Ubuntu drivers are not privy to the security bugs.03:41
wgrantwallyworld_: The security team manages the security bugs.03:41
wgrantFrom end to end.03:41
wallyworld_ok03:41
lifelesswallyworld_: so remember the user story: for proprietary projects (the focus), drivers could be either a) granted access to all proprietary bugs or b) granted access to all proprietary+security bugs03:42
lifelesswallyworld_: thats a project policy decision, not ours.03:42
wallyworld_true03:42
lifelesswallyworld_: in this case, given that anyone can check +sharingdetails, the first iteration probably should just elide inaccessible bugs.03:42
lifelesswallyworld_: (which it would have by default if the stock bug access query constraints were used)03:43
wallyworld_and branches03:43
lifelessindeed03:43
wallyworld_lifeless: it wouldn't use the stock bug access queries because it would be done of the flattened table03:43
wallyworld_off03:43
lifelesswe can look at adding limitedview onto this in the future, but it will run into the same complexity-performance things we have today.03:43
wgrantwallyworld_: I would use the same queries.03:44
wgrants/I/It/03:44
wgrantJust with an additional constraint to say "wgrant has access"03:44
wallyworld_looking at the code, it uses findArtifactsByGrantee03:45
wgrantSure03:45
wallyworld_so right now it queries directly off the flattened table03:46
wgrantFrom that it could grab a list of bug IDs03:46
wgrantAnd feed them into bug search.03:46
wallyworld_agreed, just saying what it dies now03:46
* wallyworld_ has to go and get a haircut03:52
StevenKlifeless: Skynet?03:57
StevenKwgrant: Did you miss my earlier question?04:08
wgrantStevenK: Indeed. Do you have a branch?04:09
StevenKwgrant: Locally. I can paste a diff, but it's 4 files changed, 103 insertions(+), 284 deletions(-)04:09
wgrantdiffme04:10
lifelessStevenK: yup04:10
StevenKwgrant: http://pastebin.ubuntu.com/911045/04:11
wgrantStevenK: That's quite the obese diff you have there.04:12
StevenKI told you!04:12
wgrantAlso, --syntax=diff :)04:12
lifelessStevenK: waiting for you to come online04:12
StevenKlifeless: I have been for the last ten minutes.04:13
lifelessStevenK: bah04:13
StevenKIn fact, I was starting Skype when I queried you with Skynet04:13
lifelessskype fail fail fail04:13
lifelesspkill -9 skype04:13
StevenKlifeless: Book a flight to Sydney? It might be quicker and simpler.04:13
lifelessfoad04:14
lifelessthough I may come over mid april04:14
nigelbStevenK: heh04:14
wgrantStevenK: What does not working?04:14
wgrantI see the field fine.04:14
StevenKwgrant: The information type doesn't show up in Bug:+filebug04:15
wgrantOh04:15
wgrantOn filebug04:15
wgrantI see04:15
wgrantStevenK: Works better when the template doesn't refer to security_realted04:19
wgrantsecurity_related04:19
StevenKwgrant: Which template? I didn't see that.04:20
wgrantStevenK: The filebug template? :)04:20
wgrantlib/lp/bugs/templates/bugtarget-filebug-guidelines.pt04:20
StevenKRight. I was looking at the filebug.pt I think.04:21
bigjoolswallyworld_: which hair?04:21
wgrantStevenK: Also, numeric enum values have no place outside the DB access layer.04:22
wgrantBut it looks like you might be using one here in the JS.04:22
wgrantHard to tell.04:22
StevenKwgrant: Where am I using them?04:22
wgrant+            var information_type_by_value = {};04:22
wgrantBut it seems to be by name, not value.04:22
wgrantSo it's just a lie, and not wrong.04:22
* jtv hopes wgrant's mother didn't hear that04:22
jtvlifeless: I just ran into a funny one with oopstools' date-dir repo.  Hope I filed it in the right place: bug 97125504:23
_mup_Bug #971255: Crash in _findHighestSerialFilename <Python OOPS Date-dir repository:New> < https://launchpad.net/bugs/971255 >04:23
StevenKwgrant: I get the number back, I need to map it back.04:23
wgrantStevenK: Whatever is returning the number is a horrible person.04:23
wgrantAnd a bug.04:23
lifelessjtv: thats probably the right place, though that method indicates you're using the old naming scheme which is awful04:23
jtvlifeless: I don't think we made a conscious choice to do that — isn't this the default?04:24
jtvlifeless: also, we happen to have other log files in the directory.  Their names happen to have dots in them, but not something to rely on.04:26
lifelessjtv: I've commented on the bug; happy to discuss more here, or there, or both as appropriate.04:31
jtvlifeless: thanks for the fast response.  I just summarized your message on there as well.04:31
jtvlifeless: where do I find out how we constrain our repository object?04:32
jtvSorry, constrict.04:32
jtvNo idea what it means actually.  :)04:32
lifelessconstruct04:38
lifelessjtv: ^ sorry, ELOCAL for a minute there04:38
jtvSure.04:38
* wgrant shreds BeautifulSoup04:38
jtvlifeless: We pass it an error dir and an instance id.04:38
lifelessdon't pass an instance id04:39
lifelesspydoc oops_datedir_repo -04:39
lifeless     |      :param instance_id: If None, OOPS file names are named after the OOPS04:39
lifeless     |          id which is generated by hashing the serialized OOPS (without the04:39
lifeless     |          id field). Otherwise OOPS file names and ids are created by04:39
lifeless     |          allocating file names through a UniqueFileAllocator.04:39
lifeless     |          UniqueFileAllocator has significant performance and concurrency04:39
lifeless     |          limits and hash based naming is recommended.04:39
lifeless(easier to have it here to reference)04:39
wgrantjelmer: Can bug #296153 be closed now?04:40
_mup_Bug #296153: does not mirror bzr branches over ftp <lp-code> <qa-ok> <Launchpad itself:Fix Committed by jelmer> < https://launchpad.net/bugs/296153 >04:40
jtvlifeless: thanks!  I guess they'll still have timings in them to order them by time?04:40
lifelessjtv: if you have the default hooks installed there is a timestamper in there,yes.04:41
jtvIs there anything I need to do to make sure we have the default hooks installed?04:41
wgrant(the filenames don't, though)04:41
lifelessjtv: I urge you to make an oops/ subdir or something though, because oops isn't designed to have other stuff in the repository, and you may well encounter other bugs like this. The robustness that is there is to deal with oops-managed temporary files, for instance.04:42
jtvI see.  Oh well.  Thanks for the quick help!04:42
lifelessjtv: (defaulthooks) - they are default :) You have to take action to remove them.04:43
jtvOK04:43
jtvLaziness is the most reliable safety mechanism.04:43
lifelessjtv: so based on this, I'm going to close the bug (or do you want to retarget it to maas)?04:44
jtvWait — it still shouldn't crash just because we passed a non-recommended option, right?04:45
lifelessthe only way it can get crud like this in place is if you combine its own storage area with other content04:45
lifelessits not designed to do that, adding code to handle it would just be cruft, unless we want to design it to handle htat.04:46
jtvBut the problem content was generated by the datedir repo.  The other crud was incidental.04:46
lifelessjtv: 'directory' in that call should be a date-named subdirectory04:47
lifelessjtv: not the explicit path you passed in.04:47
jtvI wonder why it wasn't.04:47
jtvOh wait, it was!04:47
jtvSo it was purely the datedir repo that broke itself.04:47
lifelessjtv: one possibility is that you're constructing a datedirepository without an instance id somewhere else04:47
lifeless(perhaps an earlier version on your own machine)04:48
lifelessthat would write oopses with hashed names04:48
lifeless(but in the subdirectory)04:48
jtvYup!  Found it.04:48
lifelessjtv: whats the actual name it is choking on ?04:48
lifelessjtv: again though, this isn't a supported config, I don't see value in trying to handle it04:48
jtvI don't know what name it was choking on… give me a minute to set things up for breaking again.04:48
lifelessokidoki04:49
jtvWe only found out that this was not a supported config by asking you.04:49
lifelessif it is an interaction between the deprecated naming system and the new, that can be fixed I think by deleting the old style logic04:50
lifelesswe shouldn't need it anywhere now, it was purely for migrationary purposes.04:50
lifelessand this bug would indeed be evidence that we need to do that.04:51
jtvMissed a step.  Back to step 1.  :/04:53
StevenKwgrant: Right, that sorted that out. But the default is "(no value)" rather than Public.05:00
wgrantStevenK: Indeed, you'll need to change the default.05:01
wgrantAnd ensure that the interface forbids None.05:01
StevenK    information_type = EnumCol(05:01
StevenK        enum=InformationType, notNull=True, default=InformationType.PUBLIC)05:01
wgrantThat's no interface, that's a column.05:02
StevenKDoh05:03
jtvlifeless: gah.  Can't reproduce.  I have no way of telling what file was breaking it earlier.05:04
jtvAh no, maybe I need to start pserv.05:04
jtvlifeless: having trouble reproducing the problem, because pserv seems to disappear every time I start it.  This needs more investigation.  But what may be happening is that one process (which constructs its datedir repo without an instance id) oopses out and then another tries to log an oops to a repo on the same directory but with an instance id.05:11
lifeless yes, that would make sense to me05:17
lifelessI think we should remove the old code at this point05:17
lifelessthe only reason to keep it was un-upgraded analysis consoles05:17
lifelessof which there are none that will be migrating to the new codebase now; (u1 are upgraded, isd are experimenting with sentry)05:17
jtvMeanwhile, I don't think the filenames are timestamped.  :-(05:17
lifelessjtv: the metadata is inside it05:18
lifelessjtv: you can also capture the oopses directly, either by subscribing to them via rabbit, or using a test specific publisher.05:18
lifelessjtv: (depending on your test environment)05:18
jtvMy rabbit wasn't running earlier.05:19
lifeless(and you may not have a rabbit publisher setup either, but you can do so pretty easily)05:19
lifelessthere is a rabbit-oops-fixture in the LP code base that can probably be pulled into oops-amqp (with an optional dep on fixtures)05:20
jtvWhat kind of usage would I get out of catching them that way?05:20
lifelessyou avoid the ten sorts of mess that happen by going and looking on disk after the fact05:20
jtvFor now I think it'd be good to minimize rabbit dependencies, given the recurring shutdown problems.05:20
lifelessI have to go cook05:21
jtvDon't let me stop you; I know what to fix.  Thanks again.05:21
lifelessbut if you want a minimal replacement, you can use repo.republish() to pickup all the oopses that are in a datedir repository and throw them at another publisher05:22
lifelessso05:22
lifelessmake a new repo object05:22
lifelessoopses = []05:22
lifelessrepo.publishers.append(oopses.append)05:22
lifelessrepo.republish()05:22
lifeless# make assertions about the oopses in 'oopses' here05:23
* lifeless will be back later05:23
wgrantwallyworld_, StevenK: https://code.launchpad.net/~wgrant/launchpad/wbr-is-void/+merge/100357 is pretty simple if someone has a sec.05:59
wallyworld_i can look06:00
wallyworld_wgrant: i always thought it was simply <wbr>06:04
wgrantwallyworld_: In HTML, yes.06:04
wgrantwallyworld_: But that's not well-formed XML, and lots of people parse us as XML.06:04
wgrant<wbr /> is well-formed XML, XHTML and HTML5.06:05
wgrantAnd it's valid HTML5 and XHTML5.06:05
wgrant<wbr></wbr> is only well-formed XML and XHTML, not well-formed HTML, and not valid in any of them.06:05
StevenKwgrant: Except that BeautifulSoup doesn't think so?06:06
wallyworld_ok06:06
wgrantYeah, BeautifulSoup has an outdated hardcoded list of void elements.06:06
wallyworld_so do any tests fail that use BeautifulSoup?06:06
wgrantEvery other element it assumes the end tag is missing if it's self-closing.06:06
wgrantwallyworld_: Just the one. I replace it with <wbr></wbr> before passing it into BeautifulSoup.06:07
wgrantSearch for BeautifulSoup to find the test.06:07
lifelessthat seems like an odd behaviour06:07
wallyworld_wgrant: can you please add an XXX then06:07
wgrantlifeless: It's designed to deal with tag soup.06:07
wgrantlifeless: So it's sort of justified.06:08
wgrantIf a non-void element doesn't have an end tag, it should probably assume the end tag is just missing.06:08
StevenKwallyworld_: It isn't really an XXX.06:08
wgrantStevenK: It is.06:08
lifelesswgrant: <foo /> ... </foo> - where would that ever make sense ?06:08
wgrantlifeless: I don't think HTML knows about <foo />06:09
wgrantDoes it?06:09
wgrantI'm pretty sure that's just an XML thing.06:09
wgrantRegularly used in HTML to make a polyglot document.06:10
wallyworld_wgrant: is the space before the /> required? my eyes prefer <wbr/>06:10
wgrantBut only on void elements, because otherwise the parser cries.06:10
lifelesswgrant: it does for foreign elements06:10
lifelesshttp://www.w3.org/TR/html5/syntax.html06:10
wgrantlifeless: That's for HTML5.06:10
wgrantWhich is a bit more sensible.06:10
wgrantBut let's see.06:11
wgrantwgrant@lplucid:~/launchpad/lp-branches/wbr-is-void$ bzr grep '[^ ]/>' | wc -l06:11
wgrant1062306:11
wgrantwgrant@lplucid:~/launchpad/lp-branches/wbr-is-void$ bzr grep ' />' | wc -l06:11
wgrant1109506:11
wgrantwallyworld_: ^^ I win06:11
wgrant(either is OK)06:11
wallyworld_hmmm.06:11
wgrant(but mine is perferred by almost 5%! incontrovertible evidence that mine is superior)06:11
wgrantlifeless: Ah06:12
wgrantlifeless: Foreign elements are MathML and SVG (ie. XML formats forced against their will into an HTML document), so don't apply here.06:12
lifelesswgrant: also in html 5 <wbr/> isn't ok; but the parser-recovery rules handle it06:12
wgrantlifeless: The validator is fine with it. Are you sure it doesn't parse it as an invalid valueless attribute and ignore it?06:13
lifelesswgrant: which validator ?06:14
wgrantlifeless: validator.w3c.org in HTML5 mode.06:14
wgrantWhich is still somewhat experimental, but still.06:14
wgrant"Then, if the element is one of the void elements, or if the element is a foreign element, then there may be a single U+002F SOLIDUS character (/). This character has no effect on void elements, but on foreign elements it marks the start tag as self-closing."06:14
wgrantSo /> is valid in HTML506:15
lifelessah, void is special cased06:15
wgrantYep06:15
wgrantConfusing enough.06:15
lifelessso this comes back to beautifulsoup - it *should* special case voids06:15
lifelessand all others should have end tags06:15
wgrantNo, old SGML-subset HTML should die already,.06:15
wgrantEverybody should just use XML because XML doesn't suck as much.06:16
lifelessthe validator is special casing voids06:16
wgrantYeah06:16
lifelessother self closed elements will generate 'Self-closing syntax (/>) used on a non-void HTML element. Ignoring the slash and treating as a start tag.' from the validator06:16
StevenKlifeless: It does special case voids: [16:06] < wgrant> Yeah, BeautifulSoup has an outdated hardcoded list of void elements.06:16
wgrantBut the relevant BeautifulSoup is the embedded one in mechanize or zope.testbrowser (not to be confused with the other embedded BeautifulSoups in our tree), so I didn't really want to mutilate it.06:16
lifelessStevenK: I know it *does*, the question was *should it*06:16
StevenKAnd then you said it should. And it does.06:17
wgrantI see no problem with that.06:17
lifelessStevenK: and the answer is, a) yes it should and b) the standard says to ignore the self-closing and look for an end tag.06:17
wgrantWe were arguing the correctness.06:17
wgrantIt is correct.06:17
lifelessand its fallback is correct as well, which was the bit I started querying.06:17
lifelessso I've cleared up a bit of fuzz in my head, which is good, and we know that the right fix is updating the void list in bs06:18
wgrantYeah06:18
lifelesshttp://tiffanybbrown.com/2011/03/23/html5-does-not-allow-self-closing-tags/ is a cite for this btw06:18
wgrantHTML5 seems to have that exception just to cope with this sort of case.06:18
wgrantI wish WHATWG had just disregarded IE, specced out XHTML5, and left HTML4.01 as the last horror. :/06:20
wgrantI guess in 2015 people can start using XHTML :)06:22
wgrant15 YEARS LATER06:22
wgrantwallyworld_: Thanks.06:22
wallyworld_np06:22
lifelessdidn't you hear, browsers are agile now.06:24
wgrantAnyway06:25
wgrantThis is the last large-scale validity issue. :)06:25
StevenKlifeless: Except for Safari and IE.06:25
wgrantSafari's not that terrible.06:26
StevenKAnd who knows what the truck Opera are doing.06:26
wgrantOpera is fine.06:26
wgrantBetter than Safari, even.06:26
StevenKI was conflating agile with 'make a release every two days' purely to troll.06:26
StevenKWhat are they at now, Chrome 25.2?06:27
* micahg just uploaded Chromium 18.0.1025.14206:34
lifelessusing 4 numtets is cheating06:43
bigjoolsI've lost track of where to download a stable one these days06:44
lifelessdidn't you hear, they are all stable :>06:45
nigelbsurely, you mean unstable :)06:46
micahgbigjools: we've been pretty good about pushing stable versions out save for the last two06:50
bigjoolsmicahg: pushing where? :)06:51
micahgto the archive06:51
bigjoolsnice one06:51
micahg18 should be in -proposed later today06:51
wgrantStevenK, wallyworld_: If you're still around, could you look at https://code.launchpad.net/~wgrant/launchpad/bugtaskflat-garbo/+merge/100363?07:20
StevenKwgrant: r=me07:46
wgrantStevenK: Thanks.07:55
czajkowskialoha07:59
adeuringgood morning08:04
=== bigjools-afk is now known as bigjools
cjwatsonI'm working on API extensions to make it possible to turn queue into a launchpadlib script.  The wart is overriding individual binaries in a queue entry; PackageUpload currently only has an overrideBinaries method which overrides all of them, and queue traverses through queue_item.builds[i].build.binarypackages[j].override() to override individual binaries.  Would it be better to add an overrideBinary method to ...10:49
cjwatson... PackageUpload that would allow overriding one at a time, or to expose all the objects down to BPR.override and expect clients to traverse that directly?10:49
cjwatsonHmm, even just writing that I think I might have convinced myself that a new PackageUpload.overrideBinary method would be better than all that object traversal ...10:50
wgrantcjwatson: I'd expose overrideBinaries({name: overrides, ...})x10:52
wgrantcjwatson: With the slight awkwardness that there are multiple overrides, but I guess that could be a dict.10:53
cjwatsonHmm.  The client would be pretty unmanageable if the overrides were all different.  How about I just allow passing in a list of names?10:54
cjwatson(I'll also need to expose something on PackageUpload that lets you get the list of binarypackagenames in a build upload.10:54
cjwatson)10:54
cjwatsonThe interface I'm trying to replace is typically used as something like "queue override -c universe binary foo bar baz"10:54
wgrantThat would work too, but I'm trying to minimise the number of requests.10:56
wgrantAlthough I guess RTT for you isn't too bad :)10:56
wgrantFrom here, every request counts.10:56
cjwatsonI think in practice hardly anyone would use it as -c universe binary foo bar baz -x editors blah spong, and the CLI looks distinctly unwieldy at that point10:59
wgrantYeah11:00
cjwatsonEven that example is ambiguous and if you start trying to make it unambiguous you end up with something like find(1) :-)11:00
cjwatsonYou're right that there's clearly no need for YA method though.11:00
wgrantLaunchpad unwieldy and ambiguous? Surely you jest.11:00
cjwatsonCall me a fool for aspiring to something higher :-)11:01
wgrantSo, yeah, overrideBinaries([bpn], component?, section?, priority?) sounds reasonable.11:01
cjwatsonRight.11:01
cjwatsonLet me see what I can do, then.  (This is sort of back-burner for me but I'm trying to get stuff done before I get redirected to something else.)11:02
wgrantIt's pretty simple :)11:02
cjwatsonI've got the source override API working already.11:03
wgrantGreat.11:03
wgrantWhat about permissions?11:03
cjwatsonControlled by queue-admin ArchivePermissions.11:04
wgrantExcellent.11:04
cjwatsonIf you're overriding between two components you need queue admin on both.11:04
wgrantPerfect.11:04
cjwatsonMost of that was there already for the web UI.11:04
wgrantYeah, but pretty much every large export of Soyuz stuff in the past has had obvious gaping holes.11:05
wgrantSo this would be a nice first.11:05
cjwatsonMy tests are mostly about permissions at the moment.11:05
wgrant:)11:06
wgrantOh good11:17
wgrantThis is marvellous.11:17
wgrantTruly marvellous.11:17
wgrantIt seems that feeds are produced using BeautifulSoup11:17
wgrantwhhhhhy11:17
wgrantSo our legal HTML gets mangled unreadable, I suppose.11:18
stubBecause this was from the dark ages when it was the sanest way of generating the xml-like files that could only be validated using a form running on Mark Pilgrim's web site?11:19
wgrant            # Unqualified hrefs must be qualified using the original subdomain11:20
wgrant            # or they will try be served from http://feeds.launchpad.net,11:20
wgrant            # which will not work.11:20
wgrantIt uses BeautifulSoup to do that :(11:20
wgrantNot quite sure what's wrong with teaching canonical_url to do that...11:20
wgrantAnyway, looks like I am monkeypatching BeautifulSoup :(11:21
StevenKwgrant: I think we should solve it another way, and just destroy feeds.12:00
=== benji changed the topic of #launchpad-dev to: http://dev.launchpad.net/ | On call reviewer: benji | Firefighting: - | Critical bugtasks: 4*10
=== almaisan-away is now known as al-maisan
deryckMorning, all.13:06
abentleyderyck: morning.13:06
abentleyadeuring: After discussing queues and routing keys with Celery's main author on Friday, I think we should switch to using queues explicitly.13:07
abentleyadeuring: Celery is unlikely to support routing keys the way it supports queues in the near future.13:07
adeuringabentley: sshall talk about it after the standup?13:07
abentleyadeuring: Sure.13:08
czajkowskigmb: ello13:10
gmbczajkowski: Wotcher13:10
czajkowskigmb: care to give a talk during UAD week?  https://wiki.ubuntu.com/UbuntuAppDeveloperWeek/13:11
abentleyczajkowski: I figured out the national holiday issue.  I accidentally had Christmas holidays ending Feb 26.  I've asked dragnob to delete/correct it.13:11
gmbczajkowski: What topic are you thinking about? Development using the LP API?13:12
czajkowskigmb: aye13:12
czajkowskigmb: could be handy as I want to do  ablog series on low bugs to get people involved13:13
czajkowskiabentley: see I wasn't going crazy :)13:13
gmbczajkowski: Okay. Let me have a think, see if I can come up with anything that would fit well.13:13
czajkowskigmb: thanks13:13
abentleyczajkowski: Yeah, but where's the evidence you weren't already crazy :-)13:13
czajkowskiabentley: good counter argument!13:14
czajkowskican't fault you there13:14
StevenKczajkowski: So you want to fix bugs and blog about it, or what are you thinking?13:21
czajkowskiStevenK: i sent a mail to lp-dev there on friday13:24
czajkowskipeople to suggest a low bug13:24
czajkowskithen to try and get people to work on those in the community13:24
nigelbRemember to ask that folks contrubting to LP need to sig the contributor agreement.13:25
nigelb*sign13:25
czajkowskiand conversation dead :(13:35
=== al-maisan is now known as almaisan-away
rick_hderyck: ping, so just to be sure, we want the notification to go out when someone adds an email/gpg key, and we want that timed when the initial request goes out, not when it's accepted/verified right?15:00
deryckrick_h, yeah, that sounds right to me.15:00
rick_h14237215:01
deryckrick_h, was that number for me?15:02
rick_hderyck: no, it's this stupid yubikey. I keep finding ways to bump it15:03
rick_hsorry, I keep trying different usb ports, but all are too handy it appears15:04
deryckrick_h, no worries :)15:14
abentleyadeuring: I've tested CELERY_CREATE_MISSING_QUEUES, and it works as advertised.  Here's my current config: http://pastebin.ubuntu.com/911604/15:30
adeuringabentley: cool15:30
=== deryck is now known as deryck[lunch]
=== matsubara is now known as matsubara-lunch
=== deryck[lunch] is now known as deryck
=== Ursinha` is now known as Ursinha
=== Ursinha is now known as Guest60849
=== Guest60849 is now known as Ursula___
=== Ursula___ is now known as Ursinha
reedhi thedac, we didn't make a copy of http://people.canonical.com/~dames/openstack.mbox.tar.gz in time :( Should I file the request again?18:06
thedacreed: hi, I will get that to you again18:08
reedthanks thedac, I apologize for the extra work18:09
thedacreed: I have placed that at the same URL18:13
reedthedac, thank you very mych18:16
thedacno problem18:16
rick_hderyck: ping, have a sec?18:20
deryckrick_h, otp.  ping when off.18:25
rick_hderyck: k18:26
=== matsubara-lunch is now known as matsubara
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
ayanis there a Go implementaiton of the launchpad api?18:41
rick_hayan: looks like: http://blog.launchpad.net/api/launchpad-is-go18:44
deryckrick_h, hey, what's up?18:45
rick_hderyck: want to chat on this before I put up for mp if you don't mind18:45
deryckrick_h, sure.  hangout?18:45
rick_hyes please the go-deryck url?18:45
deryckyeah18:46
lifelessmorning19:09
abentleylifeless: morning.19:10
abentleylifeless: How would you feel if all Jobs ran under that same db userid, e.g. launchpad_main?19:10
lifelessI would worry - some of our jobs have access to privileged data and that would increase the surface area that security breaches can happen within.19:16
lifelessOTOH there is a healthy (but very high latency) discussion taking place on the dev list about whether our multiple db users is worth it19:17
lifelessthat said, for situations where one can do 'dbuser(foo)', the degree of security we gain is minimal, its only when a db user is /not/ available that security is really increased.19:18
lifelessfinally, we do get reasonably significant benefits on reporting db *load* by user, which I'd be sad to lose19:19
jelmer'morning lifeless, abentley19:19
abentleyjelmer: morning.19:19
lifelesshi jelmer19:19
abentleylifeless: Okay.  Getting rid of 'em as we move to Celery would simplify it some, but not dramatically.19:21
rick_hderyck: so no current messages when ssh keys are added/removed. Are we thinking we want both?19:32
deryckrick_h, yeah, a user should be notified of both.19:33
rick_hderyck: ok, will do.19:33
deryckcool, thanks19:33
bachi flacoste19:55
* deryck heads back home20:02
lifelessflacoste: hey there20:05
=== popey_ is now known as popey
=== benji changed the topic of #launchpad-dev to: http://dev.launchpad.net/ | On call reviewer: - | Firefighting: - | Critical bugtasks: 4*10
=== matsubara is now known as matsubara-afk
lifelessfun shiny of the day: create trigger ... where NEW.col is distinct from OLD.col22:57
lifelesss/where/when/ :)22:57
wgrantlifeless: Yeah, but only in 9.123:01
wgrantThat almost made me wait.23:01

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!