[00:29:11] <gerrit-wm>	 New patchset: Stefan.petrea; "Fixed debianization." [analytics/udp-filters] (master) - https://gerrit.wikimedia.org/r/32137
[11:45:03] <gerrit-wm>	 New patchset: Hashar; ".gitreview file for WMF" [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32358
[11:45:03] <gerrit-wm>	 New patchset: Hashar; "gruntjs 0.3.17 (a70f61c)" [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32359
[11:45:03] <gerrit-wm>	 New patchset: Hashar; "node modules for gruntjs 0.3.17" [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32360
[11:48:10] <gerrit-wm>	 New patchset: Hashar; "node modules for gruntjs 0.3.17" [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32360
[11:48:11] <gerrit-wm>	 New patchset: Hashar; "gruntjs 0.3.17 (a70f61c)" [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32359
[11:48:37] <gerrit-wm>	 New review: Hashar; "Added Change-Id in commit message" [integration/gruntjs] (master); V: 0 C: 0;  - https://gerrit.wikimedia.org/r/32359
[11:49:40] <gerrit-wm>	 New review: Hashar; "Added Change-Id in commit message" [integration/gruntjs] (master); V: 0 C: 0;  - https://gerrit.wikimedia.org/r/32360
[11:55:16] <Krinkle>	 hashar: https://gerrit.wikimedia.org/r/#/c/32175/
[12:01:14] <gerrit-wm>	 Change merged: Krinkle; [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32358
[14:28:17] <Krinkle|detached>	 zeljkof: Zhjelko
[14:45:48] <sumanah>	 hi andre__ - how is your day going?
[14:46:19] <andre__>	 sumanah: busy but fine. up for a hangout?
[14:46:27] <sumanah>	 Sure!
[14:46:32] <sumanah>	 Invite me
[15:37:46] <gerrit-wm>	 Change merged: Krinkle; [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32359
[15:37:51] <gerrit-wm>	 Change merged: Krinkle; [integration/gruntjs] (master) - https://gerrit.wikimedia.org/r/32360
[19:00:41] <kaldari>	 ori-l, StevenW: I'm confused by the new account creation interface. Specifically I have no idea what the following are asking: "Reason", "Ignore the blacklist", "Ignore spoofing checks", "By e-email". What are those about?
[19:01:07] <Reedy>	 Reason and By e-mail is for when a user is creating another account
[19:01:19] <Reedy>	 It's used for people who can't d
[19:01:19] <Reedy>	 *can't complete captchas
[19:01:37] <Reedy>	 Reason is fairly obvious, by email sends them an email with the account details
[19:01:53] <Reedy>	 The 2 in the middle are for priveledge users..
[19:02:31] <kaldari>	 I still don't understand what "Reason" is. Like "Reason you're creating an account"?
[19:03:01] <Reedy>	 yeah
[19:03:13] <Reedy>	 "Per user request at foo page. User cannot complete captcha"
[19:03:20] <Reedy>	 enwiki for example has a request account service
[19:03:24] <Reedy>	 and we have "account creators"
[19:03:29] <kaldari>	 ah
[19:03:36] <Reedy>	 http://en.wikipedia.org/wiki/Wikipedia:Request_an_account/Guide
[19:04:02] <Amgine>	 another use case: closed wikis.
[19:04:55] <kaldari>	 It would be nice if we used better labels instead of mysterious hints :)
[19:05:22] <kaldari>	 Like "Send my account details by email" and "Reason for creating an account"
[19:05:47] <marktraceur>	 ^demon|lunch: I'm afraid your bouncing restarts are (still happening|happening again)
[19:05:47] <Amgine>	 s/better/ergonomic and translatable
[19:06:00] <^demon|lunch>	 marktraceur: I'm well aware.
[19:06:16] <marktraceur>	 ^demon|lunch: K, figured I'd let you know :)
[19:10:16] <Reedy>	 kaldari: we have a template for that
[19:10:20] <Reedy>	 kaldari: {{sofixit}}
[19:10:20] <Reedy>	 ;)
[19:17:33] <gerrit-wm>	 New patchset: Stefan.petrea; "Fixed debianization." [analytics/udp-filters] (master) - https://gerrit.wikimedia.org/r/32137
[19:20:06] <gerrit-wm>	 New review: Diederik; "Ok." [analytics/udp-filters] (master); V: 1 C: 2;  - https://gerrit.wikimedia.org/r/32137
[19:20:06] <gerrit-wm>	 Change merged: Diederik; [analytics/udp-filters] (master) - https://gerrit.wikimedia.org/r/32137
[19:20:27] <kaldari>	 Reedy: nevermind, S says the new experimental form is only for anonymous users for now.
[19:22:06] <kaldari>	 Reedy: and the old form doesn't have real estate for real labels for the admin features
[19:22:40] <kaldari>	 I thought those weird admin options were part of the new sign-in experiment :)
[19:30:33] <robla>	 argh....I could have sworn the notice about this: https://www.mediawiki.org/wiki/Meetings/2012-11-08
[20:29:11] <robla>	 https://www.mediawiki.org/wiki/Meetings/2012-11-08 starting in a couple of minutes
[20:29:21] <cndiv>	 Hi all, it's Chip. I'll be acting as your host for the about-to-begin tech talk hangout. Message me here for an invite.
[20:29:49] <marktraceur>	 cndiv: Hi Chip! A rare pleasure to have you 'round IRC.
[20:30:00] <andrewbogott>	 cndiv:  Will there also be a youtube streaming link?
[20:30:40] <cndiv>	 Yes, will be available in just a few moments
[20:30:43] <robla>	 plenty of room in the hangout right now
[20:31:03] <cndiv>	 happy to be here :-)
[20:31:04] <Krenair>	 cndiv: uh, hi.
[20:31:05] <Thehelpfulone>	 hi chip
[20:31:24] <robla>	 PM cndiv with your email address to invite
[20:32:08] <Thehelpfulone>	 cndiv, are you the only member of OIT now?
[20:32:33] <naderman>	 hey
[20:34:27] <Krenair>	 hi
[20:34:28] <cndiv>	 link to the stream is http://youtu.be/gsbssdKOtqc
[20:35:04] <cndiv>	 I am the only full-time OIT staff member at the moment, yes
[20:36:57] <Thehelpfulone>	 Thanks, you might want to spread that around to other channels now and in the future too cndiv such as #wikimedia-operations, #wikimedia-tech, #wikimedia-office
[20:37:37] <robla>	 send a private message to cndiv if you'd like to join the hangout as a participant
[20:44:22] <sumanah>	 mediawiki.org/wiki/Meetings/2012-11-08
[20:44:45] <sumanah>	 Speaker: http://www.naderman.de/  talking about http://getcomposer.org/
[20:45:10] <cndiv>	 we're off and running, enjoy everyone
[20:45:15] * chrismcmahon  watches the stream

[20:45:15] <sumanah>	 Thanks cndiv
[20:45:31] <marktraceur>	 sumanah: You can expect that I wouldn't be in the hangout, no....
[20:45:45] <Platonides>	 In what format is that video?
[20:45:46] <sumanah>	 marktraceur: I mean are you on the 6th floor, I didn't see you
[20:45:48] <marktraceur>	 But I'm around the channel, if you need something
[20:45:52] <marktraceur>	 sumanah: No, I'm not
[20:46:19] <sumanah>	 seems like Composer is relevant to the stuff we were discussing in email the other day
[20:46:23] <sumanah>	 about drawing from live repos
[20:46:42] <robla>	 ping me with questions in channel
[20:46:57] <marktraceur>	 sumanah: I think widgets will fulfill the requirements for that project, actually.
[20:47:01] <sumanah>	 oh ok
[20:47:05] <sumanah>	 oh right, I remember now
[20:47:09] <marktraceur>	 sumanah: It's just a matter of doing it :)
[20:47:52] <sumanah>	 https://packagist.org/
[20:47:56] <marktraceur>	 sumanah: One of those thousand weekend projects I have listed, I suppose.
[20:48:00] <sumanah>	 :)
[20:48:08] <sumanah>	 "Packagist is the main Composer repository. It aggregates all sorts of PHP packages that are installable with Composer."
[20:48:38] <sumanah>	 mailing list discussion about Composer: http://www.gossamer-threads.com/lists/wiki/wikitech/307466
[20:48:43] <Platonides>	 robla, is "how to hear the stream?" a valid question?
[20:49:10] <cndiv>	 the http://youtu.be/gsbssdKOtqc link is working fine for me
[20:49:18] <sumanah>	 Platonides: can you hear http://youtu.be/gsbssdKOtqc ?
[20:49:33] <Krenair>	 works for me
[20:49:50] <Platonides>	 "Currently the browser doesn't recognise any of the available video formats"
[20:49:54] <Platonides>	 both in firefox and chromium
[20:50:04] <Platonides>	 trying to directly connect vlc fails, too
[20:50:19] <Platonides>	 seems to be in a loop connecting, disconnecting, reconnecting
[20:50:35] <sumanah>	 Question from Gabriel: how does it integrate with distributions?
[20:54:14] <Platonides>	 looking at http://getcomposer.org, I miss a way to state a dependency as "any version from 1.2.3 onwards"
[20:55:04] <sumanah>	 you say ">= 1.2.3"
[20:55:15] <sumanah>	 Platonides: can you hear now?
[20:55:23] <sumanah>	 You often say "1.*" says naderman
[20:55:45] <Platonides>	 yes, 1.* is documented quite well
[20:55:55] <Platonides>	 but I didn't see a mention to >= anywhere
[20:56:17] <Platonides>	 and you may want to go accross versions
[20:56:34] <Platonides>	 or 1.1.2 is buggy, but 1.1.3 is fine
[20:56:42] <Platonides>	 1.1.* wouldn't help you there :P
[20:57:41] <Platonides>	 at what minute are you?
[20:58:04] <sumanah>	 Platonides: not sure - I think it started about 10-15 min ago?
[20:58:12] <sumanah>	 naderman: ^
[20:59:10] <Platonides>	 I found a workaround
[21:00:15] <Platonides>	 and now it failed :(
[21:01:11] <Platonides>	 main access error: connection failed: Network is unreachable
[21:01:12] <Platonides>	 access_http access error: cannot connect to r1---sn-p5qlsn7l.c.youtube.com:80
[21:01:28] <Platonides>	 but the file grows :S
[21:04:08] <sumanah>	 "Twig"?
[21:04:25] <sumanah>	 http://twig.sensiolabs.org/
[21:05:44] <sumanah>	 thedj: thedj[work] - did we manage to get you to watch the stream? :)
[21:05:59] <sumanah>	 Fundraising's Matt Walker tells us they're working on integrating Twig into some of their forms
[21:06:46] <sumanah>	 Symfony: http://symfony.com/
[21:08:15] <sumanah>	  https://packagist.org/search/?q=symfony
[21:09:03] <sumanah>	 https://github.com/symfony/symfony
[21:09:48] <sumanah>	 Dantman: are you watching the stream? I imagine you'd want to be in on this discussion
[21:10:03] <Dantman>	 Stream?
[21:10:03] <sumanah>	 we can't hear the person talking
[21:10:19] <sumanah>	 Dantman: https://www.youtube.com/watch?v=gsbssdKOtqc as part of the Composer discussion https://www.mediawiki.org/wiki/Meetings/2012-11-08
[21:10:44] <sumanah>	 ok, we can hear Gabriel & S
[21:12:08] <cndiv>	 can you still hear rob talking?
[21:12:11] <cndiv>	 sounds fine for me
[21:12:26] <sumanah>	 yes, we can hear - it was just for 5 seconds
[21:13:06] <Platonides>	 who's the other guy in the blue sofa?
[21:13:17] <cndiv>	 S Page
[21:13:39] <Platonides>	 ah
[21:13:47] <Platonides>	 I didn't know him
[21:20:31] <StevenW>	 csteipp: what are the chances of bumping up the required pswd length on the cluster?
[21:20:59] <StevenW>	 (we're working on account creation productization now, so are talking about issues like this)
[21:21:03] <csteipp>	 Hey StevenW: I love the idea, I just hate that it will lock out accounts that don't match it.
[21:21:17] <StevenW>	 It would force a password reset? Or just lock them out?
[21:21:38] <csteipp>	 A couple volunteers started working on a branch that would prompt for a reset... I'm hoping to get that merged in this month.
[21:21:41] <csteipp>	 Or next
[21:21:48] <StevenW>	 Awesome
[21:21:51] <csteipp>	 It's on my top 3 things I would like to fix :)
[21:21:53] <thedj>	 sumanah: that was a good question.
[21:21:53] <Dantman>	 I didn't really have any objection to using composer to use libraries in core and extensions.
[21:22:03] * thedj  joined 5 mins ago.

[21:22:11] <StevenW>	 csteipp: Let me know if you want help socializing the change.
[21:22:11] <sumanah>	 Thanks thedj :)
[21:22:30] <StevenW>	 (with users)
[21:22:53] <Dantman>	 ...my issue was that from what I examined of composer it would be just about useless as something we'd use to package up and install extensions
[21:22:59] <Platonides>	 StevenW, I don't think anyone should be using (ina a sensible way) a password of less than 5 characters
[21:23:00] <csteipp>	 Oh, Dantman is here. Dantman, I would love to get your or tyler's password branch merged this month... I'll ping you about it after I finish wikivoyage.
[21:23:14] <Dantman>	 Oh... right, that
[21:23:15] <StevenW>	 Platonides: agreed. Relevant reading: http://stackoverflow.com/questions/549/the-definitive-guide-to-forms-based-website-authentication
[21:23:16] <Platonides>	 we could do some statistics, though
[21:23:24] <sumanah>	 naderman: robla: see Dantman's question/concern above
[21:23:39] <Dantman>	 csteipp: There was only one unfinished bit in that I have some stuff lying about for
[21:23:39] <Platonides>	 although it would need to take time, given that people may be only logging in once a month
[21:24:08] <robla>	 Dantman: why is that?
[21:24:15] <csteipp>	 Dantman: Yep, I pulled your github branch, that was most of it, right?
[21:24:46] <Dantman>	 csteipp: The remainder was layered stuff I had some stuff lying around... I can show you that in a bit.
[21:25:04] <Dantman>	 robla: I detailed that on wikitech
[21:25:14] <csteipp>	 Dantman: No rush... I'll find you next week
[21:26:13] <sumanah>	 and the namespace question now from Matt
[21:27:51] <thedj>	 good stuff !
[21:28:04] <thedj>	 even though i only caught a bit.
[21:28:08] <sumanah>	 OK! See you all next week, on video anyway :)
[21:28:16] <sumanah>	 naderman: thanks for joining us
[21:28:37] <naderman>	 thanks for thinking about working with other communities ;-)
[21:28:50] <sumanah>	 thanks for putting this together, robla
[21:36:36] <Platonides>	 StevenW, that's a very good link
[21:37:15] <StevenW>	 Yeah lots of interesting stuff
[21:38:40] <Platonides>	 I like that it links to a page for calculating password strength
[21:38:57] <Platonides>	 we had a draft strengh-meter time ago
[21:39:18] <Platonides>	 I also took some notes for calculating it, but never finish that
[21:40:47] <Platonides>	 mediawiki is not bad, although the throttling could be improved
[21:40:54] <Platonides>	 (I think it's just per-IP)
[21:41:22] <Platonides>	 I'd also like to have the throttling available as a library, but may that's asking too much
[21:52:25] <Dantman>	 *sigh* now I have thought of MediaWiki bugs rather than work...
[21:53:43] <Dantman>	 ..that, and cleaning up this coffee table
[21:57:06] <Platonides>	 "Calculate the number of bits of entropy in a password using a good algorithm and then apply a minimum threshold. (And get rid of the silly password meter.)"
[21:57:08] <Platonides>	 I disagree
[21:57:27] <Platonides>	 the user should have feedback that it is a weak password if we are going to then reject it serverside
[21:59:23] <Platonides>	 specially given that the rules are sometimes quite stupid
[21:59:56] <Platonides>	 "I provided a 100 character password and it was rejected, what is it expecting me to do"???
[22:00:33] <Platonides>	 (sorry, you should have also included a symbol...)
[22:00:59] <spagewmf>	 Platonides, Extension:SignupAPI implemented a password strength indicator, code says "Password strength logic adapted from MaxSem"
[22:01:14] <spagewmf>	 E3 considered it for ACUX (the "account creation user experience improvement experiment"), but since the minimal password is 1 character, it seemed silly ;-)
[22:01:45] <spagewmf>	 Platonides, I'm not sure what your're referring to in "I'd like to have the throttling available as a library".  Tyler Romeo/Parent5446 has https://gerrit.wikimedia.org/r/#/c/27021/ "Added throttling to HTMLForm", review away.
[22:01:54] <spagewmf>	 (apologies if you've seen this already, I got disconnected)
[22:02:32] <Platonides>	 no, I hadn't seen it
[22:03:28] <Platonides>	 tip: you can use the channel log to find out what really reached the channel or what other people said when you thought you were still connected
[22:04:42] <spagewmf>	 I did, but I assume the channel log filters out any mean things people said about me :)
[22:06:24] <spagewmf>	 were we to implement password strength, it would be good to have a client-side library agreeing with server-side.  Though I guess we could have an api to validate password that returns a password strength, similar to the username validation API that's in the experiment.
[22:06:55] <Platonides>	 I think it should be implemented both in javascript and in php
[22:07:27] <Platonides>	 the idea of sending a password incrementally on the background for checking is quite bad IMHO
[22:08:51] <Dantman>	 sumanah: Btw, what context was Twig mentioned in?
[22:09:33] <sumanah>	 naderman: ^
[22:09:40] * sumanah  lets Nils answer Dantman 

[22:10:24] * sumanah  would probably get it wrong.

[22:12:43] <Dantman>	 Oh well, I'm heading out to the store
[22:19:21] <Platonides>	 we would definitely want some data acquisition about current password usage before disabling a lot of passwords
[22:40:41] <naderman>	 Dantman: templates were brought up as something that is commonly reimplemented in many php projects
[22:40:56] <naderman>	 Dantman: and then twig came up as something that a few projects are replacing their custom template engines with
[22:40:59] <naderman>	 e.g. drupal
[23:13:54] <Dantman>	 It's a shame I can't just fix half these small bugs I see instead of just adding myself to the CC
[23:14:09] <marktraceur>	 Dantman: Why can't you?
[23:14:18] <Dantman>	 No time
[23:15:05] <marktraceur>	 Dantman: Sorry to hear it
[23:16:31] <Dantman>	 I've got three things that I could be doing... but only enough time to do 2.5. 1: Code for work. 2: Various interesting big MW projects. 3: Fix small bugs I come across and review code.
[23:16:39] <Dantman>	 ...sorry, I mean 1.5
[23:17:25] <Dantman>	 1 absolutely has to be done. And when it comes to that remaining .5 sadly 2 is much more enticing than 3.
[23:21:08] <robla>	 TimStarling: anomie and I had a brief conversation earlier today about the template sandbox stuff
[23:21:22] <TimStarling>	 ah, good
[23:21:40] <robla>	 I think that aspect I was able to explain pretty well
[23:22:04] <robla>	 we also talked about the Lua debugger side of things, and thats where I did much more handwaving  ;-)
[23:22:33] <anomie>	 "There's a Lua debugger! And we want to integrate it somehow!" ;)
[23:22:50] <TimStarling>	 well, have a look at how it works already, on edit pages
[23:23:23] <TimStarling>	 https://test2.wikipedia.org/wiki/Module:Mw?action=edit
[23:23:38] <TimStarling>	 there's a frameset below the save buttons labelled "debug console"
[23:24:15] <TimStarling>	 try: =p.url.full('foo','bar')
[23:25:10] <TimStarling>	 its main limitation is that it doesn't give you a frame object, so you can't use it to test most functions that are called with #invoke
[23:25:31] <robla>	 ah, right....I forgot that you demo'd that bit for me already.  cool!  so, anomie might actually be close to having a demoware template sandbox working
[23:25:58] <TimStarling>	 using ParserOptions::setTemplateCallback()?
[23:26:25] <anomie>	 Yes, actually
[23:26:39] <TimStarling>	 sounds good
[23:29:34] <Dantman>	 Is that template sandbox going to support multiple templates at once?
[23:31:15] <TimStarling>	 the idea I had it mind was that for every template, it would first check some prefix (say User:Cite test/<template name>), then if that did not exist, it would use the normal template
[23:31:35] <TimStarling>	 so you would be able to test sets of templates that way
[23:31:49] <AaronSchulz>	 and turn it into one git commit? :)
[23:33:57] <Dantman>	 Oh... so just .5/3 instead of 1/3 of why I tried experimenting with an extension that replaces the normal template structure with one where multiple WikiText blobs, potentially Lua, documentation, and css are contained within a single page.
[23:40:09] <robla>	 TimStarling: just saw the demo.  that's what anomie implemented (as an extension).  He's looking for a place to submit it for review now.
[23:40:42] <TimStarling>	 it should go in the Scribunto extension
[23:43:19] <gerrit-wm>	 New patchset: Hashar; "bring in grunt 0.3.17 as a submodule" [integration/jenkins] (master) - https://gerrit.wikimedia.org/r/32475
[23:45:11] <robla>	 TimStarling: other than a desire not to have a lot of tiny special use extensions, is there any reason to lump it in with Scribunto?  I.e. is there any scripting specific functionality this should have?
[23:46:22] <TimStarling>	 hmm, I guess if it is not specific to lua it can go in a new extension
[23:46:33] <TimStarling>	 with a hook for any lua-specific stuff, to be implemented in scribunto
[23:50:37] <sumanah>	 TimStarling: robla: are any of us going to the Lua summit nov 29-30 in Virginia? http://www.lua.org/wshop12.html
[23:51:31] <robla>	 Lua summit?   :)
[23:51:49] <TimStarling>	 anomie: what do you want the extension to be called?
[23:51:55] <robla>	 I think ^demon|busy and anomie would be really, really obvious choices
[23:52:10] <anomie>	 TimStarling- I've called it "TemplateSandbox" for the moment. Easy enough to rename.
[23:52:29] <ori-l>	 kaldari: got a sec?
[23:52:36] <kaldari>	 sure
[23:52:37] <sumanah>	 (I emailed wikitext-l about it in June)
[23:56:49] <TimStarling>	 anomie: I created it
[23:57:35] <anomie>	 TimStarling- Nifty, thanks