WordPress.org

Codex

Interested in functions, hooks, classes, or methods? Check out the new WordPress Code Reference!

IRC Meetups/2006/June/June14RawLog

[17:06] <photomatt> MarkJaquith: you have the first items on the agenda
[17:06] <photomatt> want to kick it off?
[17:06] <MarkJaquith> Sure.
[17:06] <undersigned> <meetup>
[17:07] <MarkJaquith> As a few of you know, I found a security issue in WP 2.0.3 ... last week Matt said something about July as a goal for 2.0.4, maybe late July, to fix the annoying Yes/No bugs.
[17:07] <MarkJaquith> Now that there is a security issue, are we going to move that up a bit?
[17:08] <photomatt> MarkJaquith: I'm not familiar with the issue, did you send an email to security@?
[17:08] <MarkJaquith> photomatt: I did. I've discussed with Ryan
[17:08] <rboren> I'm trying to remember though...
[17:08] <photomatt> I might have lost it, someone has been sending out tons of spam from @wordpress.org and I had a catchall
[17:08] <photomatt> which actually broke gmail
[17:09] <photomatt> something like 40k bounces and such in 2 days
[17:09] <MarkJaquith> I don't know if you want me discussing details in a public forum... it's a fairly nasty issue.
[17:09] <io_error> Great, another one?
[17:09] <rboren> Try security@ again.
[17:09] <MarkJaquith> rboren: send it again?
[17:09] <rboren> Yes, I can't find it either.
[17:10] <photomatt> MarkJaquith: or directly, to m@mullenweg.com
[17:10] <rboren> Ah, wait, I found it.
[17:10] <photomatt> we can definitely move the release up, realistically we're still looking at late-june or early july
[17:10] <rboren> So send it to Matt.
[17:10] <MarkJaquith> photomatt: just sent again tno securit@
[17:11] <photomatt> got it
[17:11] <photomatt> ah, damn. that's sloppy
[17:12] <photomatt> okay, we should probably start rounding up bug fixes
[17:12] <photomatt> I know a few more AYS catches have come down the line
[17:12] <MarkJaquith> that aren't in /branches/2.0/ ?
[17:12] <rboren> I think we've got them all in /2.0.
[17:13] <MarkJaquith> I think so too... all the ones in Trac at least.
[17:13] <photomatt> if the issue isn't made public, we could have the luxury of a longer beta
[17:13] <photomatt> which I'm sure no one would argue with
[17:13] <photomatt> beta on 19th and release the week of 26th?
[17:13] <gsnedders> thereby risking other people finding the bug
[17:13] <MarkJaquith> photomatt: no argument here.
[17:13] <gsnedders> but that seems soon enough
[17:13] <ringmaster> Libertus has offered to help test, although he couldn't make it to the meetup.
[17:14] <photomatt> okay
[17:14] <MarkJaquith> Libertus found the bug on his own, after only a minimal hint from me.
[17:14] <photomatt> well hopefully he will remain discrete until the release is out and people can upgrade
[17:14] <MarkJaquith> It was my impression that he will.
[17:15] <photomatt> luckily it's not a by-default vuln because of registration setting, but still serious
[17:15] <io_error> er, I have open registration.
[17:15] <fangel> people aware that there _is_ a hole could diff the beta from 2.0.3 and find in, hence having a weeks time of "exploit" time.. but that is minimal exposure I guess..
[17:15] <photomatt> okay, what bugs are left that need fixing?
[17:15] <rboren> It's been a bug forever.
[17:15] <MarkJaquith> fangel: I wouldn't fix it in beta until right before 2.0.4 release.
[17:16] <photomatt> yes, the beta testing would be mostly for the nonce fixes
[17:16] <rboren> We need to update milestones for bugs still on 2.0.3 milestone.
[17:16] <MarkJaquith> The security fix is small, obvious, simple... no need to give advance warning to evildoers
[17:17] <photomatt> good catch MarkJaquith
[17:17] <MarkJaquith> photomatt: I discovered it while sitting in church running WP code in my head :-)
[17:17] <fangel> hmm - shouldn't the point with the betas be to test the release.. keeping stuff from the beta but including them in the distro makes room for faulty distros.. at least offer a special "security-enhanced" beta to a set of 10-15 trusted testers so we are sure there arent any bugs in the fix..
[17:17] <photomatt> depends on the fix
[17:18] <photomatt> this is a very discrete change
[17:18] <photomatt> next up, wordpress trademark - ringmaster ?
[17:18] <ringmaster> As photomatt is already aware, a few of us are starting up a group podcast to benefit the WordPress community.
[17:18] <ringmaster> Something that we were unaware when we started (but seems logical after a bit of thought) was that WordPress is a trademark and that we shouldn't use it in domain names.
[17:18] <ringmaster> So my original intent was to ask permission to use the trademark for the spoken name of the podcast.
[17:19] <photomatt> is this the same group that emailed me earlier?
[17:19] <ringmaster> But we've already got that via email, yeah. Instead, I'll just take this opportunity to invite anyone who wants to suggest topics for discussion to forward them to me.
[17:19] <photomatt> I replied to that email this morning, I think
[17:19] <MarkJaquith> wordpresspodcast.org? yeah, Twidget said you gave him thumbs up on that
[17:19] <ringmaster> Soon we will have a toll-free # for call-ins for questions where I will be providing "answers". Or something.
[17:19] <ringmaster> Anyway, you're all invited to participate however you can, however we can fit you in.
[17:19] <MarkJaquith> ringmaster: fun!
[17:19] <photomatt> he said you'd use wp-podcast for the domain, and wordpress in the title
[17:19] <photomatt> sounds like a really cool idea
[17:20] <photomatt> looking forward to it
[17:20] <ringmaster> photomatt: He registered both on speculation before we knew any better, but we're only using wp-podcast.org
[17:20] <photomatt> okay, up next - theme view. undersigned ?
[17:20] <undersigned> yeah
[17:20] <undersigned> im actually laying my hands on the last small details on the site
[17:21] <undersigned> url to dev: http://themes.wordpress.net/dev/
[17:21] <photomatt> sweet, is the headline thing I sent you working out?
[17:21] <undersigned> functionality etc should be done
[17:21] <undersigned> yea
[17:21] <undersigned> just integrated it
[17:21] <photomatt> we should probably figure out a way to change the header logo
[17:21] <undersigned> have a small msie bug to fix in the design..
[17:21] <undersigned> yes
[17:21] <photomatt> mu.wordpress.org has the same prob, looks too much like wp.org
[17:22] <photomatt> I'll try to track down that font
[17:22] <undersigned> we could eventually make another colorscheme for it
[17:22] <mumbles> undersigned can you put rounded corners as a tag ?
[17:22] <undersigned> mumbles: good one, ill write it down
[17:23] <undersigned> the sorting is better now than last time
[17:23] <mumbles> :p
[17:23] <MarkJaquith> undersigned: get that category OR => AND thing figured out?
[17:23] <undersigned> its possible to choose between "ALL" or "ANY" - show themes with all selected tags, or any of the selected tags
[17:23] <undersigned> yea, at last, with a lot of help from Libertus
[17:23] <fangel> could you possibly do a "install theme from theme-viewer" trick from the admin-pane of wordpress so that it would fetch and install a theme.. that would rock..
[17:23] <MarkJaquith> :-)
[17:24] <undersigned> fangel: that, i am working with BigJibby on
[17:24] <undersigned> already working
[17:24] <fangel> cool
[17:24] <undersigned> download-script checks the style.css to see if the Template: header is set, and if it is, the folder being zipped will be named correctly
[17:24] <fangel> i recall reading something about it somewhere.. but didn't know if it had gotten to the right people and gotten picked up..
[17:24] <undersigned> otherwise the folder will be named like the sanitized theme title
[17:25] <undersigned> i will make a post in the forums with a call out for help to settle a little team who will tag the themes
[17:25] <fangel> undersigned: how do you chose a design from the admin-page to fetch and install?
[17:25] <undersigned> would like it to be a sticky
[17:26] <undersigned> fangel: find the theme on the theme viewer, get the themes ID (visible in the url on the themeviewer, and will be visible on the themes single pages as well), type in id and press "download" - something like that
[17:26] <undersigned> the plugin will also show the current most popular themes, and links to them on the viewer
[17:27] <stevecooley> undersigned, can you add left-sidebar and right-sidebar?
[17:27] <fangel> undersigned: okay.. could be cool if there where a "search online" from which matched the search-from on themes.wp.org, and returned the results in a single column with a "install" btn.. but the "find id and enter it" works too..
[17:27] <stevecooley> please?
[17:28] <undersigned> stevecooley: i already modified the code a bit to let it support the left sidebar properly.. its floated in a div now, on wp.org its positioned absolute
[17:28] <undersigned> argh
[17:28] <undersigned> as tags
[17:28] <undersigned> sure
[17:28] <MarkJaquith> undersigned: covered the issues you wanted to cover?
[17:28] <undersigned> fangel: would be neat, ill write that down too
[17:28] <stevecooley> undersgined, I'm just thinking of having a couple more tags, maybe I'm not understanding
[17:29] <undersigned> yea, i just need to know if you think tags are covered, and if its ok that i settle a small team to tag
[17:29] <undersigned> stevecooley: i just misunderstood..
[17:29] <stevecooley> oh, ok :)
[17:29] <undersigned> ill add them :)
[17:29] <stevecooley> awesome, thank you!
[17:29] <undersigned> np
[17:30] <undersigned> any other tags?
[17:30] <MarkJaquith> XHTML validation level
[17:30] <ringmaster> My XHTML validation level is 4.
[17:30] <stevecooley> that's almost the entire reason why I got involved in the past.. I wanted an easy way to find left sidebar themes
[17:30] <stevecooley> haha
[17:30] <undersigned> haha
[17:30] <MarkJaquith> X?HTML validation level ;-)
[17:30] <ringmaster> Transitional, Strict, etc.
[17:31] <ringmaster> CSS validation, too? These tags will be harder to research and apply.
[17:31] <undersigned> would be a pain to check all themes for validation, since the w3c validator doesn't understand the redirect on the test run blog
[17:31] <ringmaster> I installed a Firefox plugin for validation recently that does it on the client side.
[17:31] <MarkJaquith> undersigned: doh... so maybe forget about that... it's not a big deal.
[17:31] <ringmaster> ...might be handy for that.
[17:32] <undersigned> ringmaster: neat, might take a look at that
[17:32] <MarkJaquith> oh! "no images"
[17:32] <undersigned> ill write it down
[17:32] <undersigned> no images will be added
[17:32] <undersigned> thx
[17:33] <MarkJaquith> undersigned: maybe set up a little "suggest a tag" box.
[17:33] <ringmaster> There you go. "Suggest-a-tag"
[17:33] <undersigned> heh, there is a contact form .. :)
[17:33] <ringmaster> "Good Housekeeping Approved"
[17:33] <fangel> i'm off.. i've got work tomorrow.. which by now is a not so distant future..
[17:34] <undersigned> fangel: gnight
[17:34] <MarkJaquith> Using Profanity in WordPress source --Ringmaster
[17:34] * Quits: fangel ("Konversation terminated!"�)
[17:34] <ringmaster> I've been taking a weird amount of heat on my post about nonces. Did anyone know that "nonce" was a bad word in England before we started using it all over the place?
[17:34] <ringmaster> Knowing that, do we care enough now to change it? And if not, what do we say to people who get bent out of shape about it?
[17:34] <ringmaster> I've probably said more than my fair share on the topic, but I'm interested in hearing what others who are involved have to say about it.
[17:34] <rboren> It's an established industry term.
[17:34] <Podz> you ignore them.
[17:34] <photomatt> ringmaster: is that your final topic?
[17:34] <gsnedders> I didn't know it was a bad word.
[17:34] <gsnedders> (and I'm English!)
[17:34] <ringmaster> photomatt: For today.  ;)
[17:35] <io_error> Who cares. It's not like users are going to see it. :)
[17:35] <MarkJaquith> it's stupid. Tell them not to be such a spaz.
[17:35] <undersigned> ok, so my plans for the viewer: Add visible ID for themes on the single post view (with bigjibbys plugin in mind) - fix small MSIE bug - add these tags: rounded corners, left sidebar, right sidebar and no images
[17:35] <undersigned> when its done i will try to get some people to help with tagging
[17:35] <ringmaster> MarkJaquith: That's apparently not working. I think I'm going to take Podz's advice.
[17:36] <Podz> what does nonce stand for?
[17:36] <MarkJaquith> Nancy => nonce
[17:36] <Podz> No nce ?
[17:36] <ringmaster> number once.
[17:36] <MarkJaquith> I think... a pedophile or something
[17:36] <Podz> MarkJaquith - yep
[17:36] * Joins: mumbles-laptop
[17:36] <ringmaster> It's disturbing though, when I delete comments to the post, and then it's taken as additional censorship on top of the original offence.
[17:37] <photomatt> eh
[17:37] <Podz> I'm in the UK and I'm capable of using a word in two different ways. Ignore those that cannot
[17:37] <photomatt> nonce is a pretty standard tech word
[17:37] <mumbles-laptop> I agree with pods
[17:37] <mumbles-laptop> Podz
[17:37] * mumbles is now known as mumbles-bnc
[17:37] <photomatt> this is like when some gov. tried to restrict the use of "master" and "slave" when talking about IDE or something
[17:38] <MarkJaquith> photomatt: yeah... I think it was SF :-)
[17:38] <Podz> ooooohh.....bdsm :)
[17:38] <io_error> Podz: Not to mention six dozen words for idiot.
[17:38] <gsnedders> I don't see why they use that, but…
[17:38] <ringmaster> I'm in agreement with the general opinion here, just wanted to run it up the pole because it was an unusual and vehement response to something I saw as very benign.
[17:38] <MarkJaquith> nope, it was LA
[17:39] <Podz> ringmaster - I would say they had a problem. Not anyone else.
[17:39] <ringmaster> Good enough. Ok, I'm done.
[17:39] <photomatt> alrighty
[17:39] <photomatt> on that note :)
[17:39] <photomatt> anything else before we wrap up?
[17:40] <MarkJaquith> Post meetup homework: start tagging tickets for 2.0.4
[17:40] <io_error> I had something, but I forgot what it was.
[17:40] <gsnedders> what was your easily hacked password, photomatt?
[17:40] <MarkJaquith> And start running /branches/2.0/ if you can
[17:40] <gsnedders> I take it you've changed it, so you can say :)
[17:40] <skeltoac> Can I just say that this is the first time I've ever been on television?
[17:41] <gsnedders> skeltoac: when ywere you on TV?
[17:41] <gsnedders> *were
[17:41] <skeltoac> gsnedders: watch more old British comedy flicks
[17:41] * gsnedders has never found that comment funny…
[17:41] <undersigned> tags are added
[17:42] <skeltoac> gsnedders: you are obviously not a member of the Silly Party.
[17:43] <photomatt> gsnedders: can't say!
[17:43] <gsnedders> skeltoac: I'm obviously too young to be watching old comedy flicks :P
[17:43] <photomatt> and I have no clue how that comment on owen's site gave it away
[17:44] <ringmaster> photomatt: I found your SVN repo for DashPress before you sent the email based on your comment.
[17:44] <ringmaster> And it was in the repo source.
[17:44] <photomatt> OH
[17:44] * Quits: io_error ("Big Brother Loves You"�)
[17:44] <photomatt> dang
[17:44] <ringmaster> I didn't *say* antyhing, since I assumed you wouldn't be so foolish to do such a thing.
[17:44] <ringmaster> :)
[17:45] <photomatt> wait, which file?
[17:45] <ringmaster> It was used to get feeds from somewhere.
[17:45] <photomatt> aw funk
[17:45] <gsnedders> ah. so the normal way of things getting out. through source code.
[17:45] * gsnedders wonders how many passwords I've got through by doing that
[17:46] <photomatt> ah, there it is
[17:46] <photomatt> good, I knew he didn't guess it
[17:46] <photomatt> ex-girlfriend name
[17:46] <ringmaster> I did nothing with it, obviously.
[17:47] <ringmaster> There would be links to my site everywhere by now.  :)
[17:47] <photomatt> thanks
[17:47] <photomatt> you know the really awful thing
[17:47] <photomatt> is google was crawling my site when he made the change
[17:47] <photomatt> and the blogspot thing got me delisted
[17:47] <ringmaster> Ugh.
[17:47] <skeltoac> Time for a new business card!
[17:47] <photomatt> http://www.google.com/search?hl=en&q=matt
[17:47] <photomatt> I don't exist anymore
[17:48] <gsnedders> and neither do I :)
[17:48] * Quits: gsnedders
[17:48] <ringmaster> Consider yourself "ascended".
[17:48] <photomatt> ha
[17:48] <skeltoac> Matt transcends Google.
[17:48] <photomatt> now I gotta call in some favors
[17:48] <MarkJaquith> I'm sure that'll just be temporary.
[17:48] <ringmaster> Damn that Owen Wilson!
[17:49] * ringmaster shakes his fist in the air.
[17:49] <photomatt> and yes, get new business cards
[17:49] <MarkJaquith> Post an entry on it... that one guy who goes by "Google Guy" in his comments is always lurking, fixing things like that.
[17:49] <photomatt> google is a fickle mistress
[17:51] <photomatt> alrighty
[17:51] <undersigned> will anybody help figure out why borders in the sidebar is missing in msie?
[17:51] <photomatt> well maybe some good will come of it
[17:51] <photomatt> ringmaster: did you get a chance to poke around dashpress?
[17:51] <ringmaster> photomatt, I did finally get it running.
[17:51] <photomatt> any thoughts?
[17:52] <ringmaster> The list js needs some work. I couldn't figure out what your goal was with the Projects section, since it doesn't tie to the to-dos as far as I can tell.
[17:52] <PotterSys> dashpress= to-do list?
[17:52] <MarkJaquith> What's the goal here? Basecamp in GPL'd PHP?
[17:52] <photomatt> basically
[17:52] <photomatt> MarkJaquith: not really
[17:52] <photomatt> I use it as my homepage
[17:52] <photomatt> todos, goals, RSS, and scratchpad
[17:53] <photomatt> basically a personal portal
[17:53] <PotterSys> sounds cool...
[17:53] <ringmaster> Any thoughts on adding notes to individual to-dos?
[17:53] <stevecooley> ooh, that sounds useful
[17:53] <photomatt> ringmaster: projects is for things that don't have a specific next action
[17:53] <photomatt> but you don't want to forget about
[17:53] <photomatt> like I have "international forums" on my projects
[17:54] <ringmaster> Ok. I can see that.
[17:54] <photomatt> when I have something like that on my todo, it clutters things since it's a broad topic
[17:54] <photomatt> the multi-user parts of it haven't really been explored yet
[17:54] <photomatt> it'd be interesting to have parts shared and parts not
[17:54] <photomatt> like the quote thing is shared now
[17:55] <photomatt> I just took the repo down, sorry guys
[17:55] <photomatt> have to wipe my password from it :)
[17:55] <ringmaster> Testing the limits here: Would you think to push tasks to other folks?
[17:55] <photomatt> ringmaster: totally
[17:55] <photomatt> it's partly social though
[17:56] <photomatt> what's the nicest way to do that?
[17:56] <ringmaster> No idea.  :)
[17:56] <photomatt> a shared task could show up on more than one todo list
[17:56] <photomatt> and be checked off by either person
[17:56] <MarkJaquith> I gotta get some dinner, photomatt, rboren, etc... LMK if there are any outstanding issues we need to have fixed for 2.0.4 beta and I'll see if I can write the patches for them.
[17:56] <ringmaster> "Share with {dropdown} {checkmark}"?
[17:57] <undersigned> im off
[17:57] <photomatt> ringmaster: that'd work
[17:57] <photomatt> MarkJaquith: will do! thanks again
[17:57] <photomatt> </meetup>

Back to IRC Meetups