Portland, OR 🇺🇸
Account created on 25 March 2006, over 19 years ago
#

Merge Requests

Recent comments

🇺🇸United States hestenet Portland, OR 🇺🇸

That's a fair enough point.

Still, while we should look at it, as with many things, we simply don't have the capacity to do it right now.

🇺🇸United States hestenet Portland, OR 🇺🇸

I'm willing to try to think through the potential issues there, sure - once we complete issue migration.

🇺🇸United States hestenet Portland, OR 🇺🇸

Can the DA advise just which command that exists poses a concern that
justifies blocking the endpoint?

No because the issue is not a known command, it is the fact that we don't have the capacity to thoroughly audit the risk profile of every aspect of the API, especially because they have made undocumented changes in the past in new releases.

I know everyone is tired of hearing 'because of capacity' but I'm sorry to say it's the truth.

Credit integration is almost resolved, which means issue migration will be on the table next, and after those two huge aspects of the long running GitLab project complete, we can get some capacity back and triage where to spend it next.

🇺🇸United States hestenet Portland, OR 🇺🇸

@balsama - A couple of clarifications:

The date that a comment is made is when the attribution was made by an individual (as volunteer, on behalf of employer, or on behalf of client(s) - but the credit does not actually get *granted* until the issue maintainer has selected who should receive the credit, and the issue is closed.

So typically the most accurate date of when credit was granted is status_last_changed, whenever status = [any of the closed statuses],

But maybe in your use case it was important/helpful to know when the attributions were made?

The issue with having date-per-attribution, is that the new system is designed for when we switchover to GitLab issues, and those won't have attributions per individual comment, instead contributors will be able to edit their attribution for the whole issue on the credit record.

🇺🇸United States hestenet Portland, OR 🇺🇸

Corrected survey is being sent! Thanks for the report

🇺🇸United States hestenet Portland, OR 🇺🇸

Granted @phenaproxima maintainer access and node ownership of the project page. From here he should be able to make any other necessary changes to the project.

🇺🇸United States hestenet Portland, OR 🇺🇸

Updated to be in a full width section below the other content.

🇺🇸United States hestenet Portland, OR 🇺🇸

hestenet created an issue.

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

I'm going to temporarily direct that CTA to: https://www.drupal.org/project/drupal/#project-releases

And then we can come back here and decide what the best destination for that CTA should be. (Maybe, as suggested in the summary, we can get the #anchor link to properly display the Core tab at the top).

🇺🇸United States hestenet Portland, OR 🇺🇸

Adjusting the issue title here to reflect that it is becoming the 'meta' issue for the shared hosting question in general - and start collecting related issues.

🇺🇸United States hestenet Portland, OR 🇺🇸

Merging back in a discussion from [#3528683#comment-16175309] which I think better belongs here...

As is clearly stated in the issue summary by @pameela, there are still a lot of unknowns here, but I think we can specify the ideal case:

We know we want:

  • to allow users to install, maintain, and update DrupalCMS with as minimal interaction with command line as possible
  • to move to a model where DrupalCMS is foundational, and site templates become the building blocks applied to kick-start specific use cases
  • to offer site templates that 'ship with'(whatever that will technically mean, not fully defined) with DrupalCMS
  • to have site templates be easily discoverable in the long term

We also want to avoid:

  • Leaving behind components in the codebase that are unused, but are still included as dependencies in composer.json because they can prevent site updates

There's some positive progress because recipe unpacking is done automatically as of 1.2.0, however, if unneeded dependencies are left behind they may still need to be composer remove such-and-such to clear the way for an update.

So, as @pameela has said, we still have the power to define what 'shipping with' site templates means on a technical level, in order to meet all these constraints, and still be transparent to the user

I think right now the issue that solves the unused-but-blocking dependencies but allows us to make a transparent installation process for the user is:

Are there other related issues we should gather here and/or create?

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

If one of the stated Drupal CMS goals is to limit the amount of command line interaction that site owners *have* to do then I do agree with @catch that it would be ideal to do a version of what @pameela is proposing in comment #3/#4.

The recipe unpacking process helps, but I share @catch's worry about DrupalCMS users getting 'stuck' when it comes time to update.

It sounds like the ongoing discussion for how best to solve this will continue in: 🌱 [META] Integrate site templates into Drupal CMS Active

🇺🇸United States hestenet Portland, OR 🇺🇸

Going to try moving this to the parent /project/ai and see if it can find the right home from there.

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

@mpotter - a staff engineer at GitLab chimed in about 11 months ago to say they didn't think it would be too difficult to add, but it seems to have stalled out from there.

I think it wouldn't hurt to leave a comment to +1

https://gitlab.com/gitlab-org/gitlab/-/issues/217206#note_1941172559

🇺🇸United States hestenet Portland, OR 🇺🇸

@bertboerland is correct that it is not necessarily 'fair use' to use any kind of trademark without permission of the organization. However, in many cases brands will implicitly allow this in the case of demonstrating integrations or support. The most common example is the use of logos/trademarks when showing if software can be hosted on a particular hosting provider, for example.

After some legal consultation and research - we were recommended that generally speaking most third party technology providers will allow and may even encourage use of a logo to indicate that integrations are available, so long as they are *not* made to appear official. With the extra text on this page we think this should be okay.

However, if we receive a request directly from any of these trademark holders we would absolutely comply with their wishes.

Furthermore - this page will likely be replaced with the new.d.o redesign anyway

I'm going to wont-fix this particular issue for the moment.

🇺🇸United States hestenet Portland, OR 🇺🇸

Comments #11 and #12 offer good suggestions about places to make things more visible.

And yes - GitLab does present the git terms of service when they need to accept that - but it's a good point that it can be quite a long time since the last time someone looked at it.

We can probably slightly update the language on: https://www.drupal.org/drupal-security-team/security-advisory-process-an... (or a related page) with a very simple statement about the security team's discretion to revoke based on the requirement for co-operation.

🇺🇸United States hestenet Portland, OR 🇺🇸

Added more specifics about case study weight

🇺🇸United States hestenet Portland, OR 🇺🇸

Assigning credit. Thank you for preparing the issue!

🇺🇸United States hestenet Portland, OR 🇺🇸

Assigning credit. Thank you for preparing the issue!

🇺🇸United States hestenet Portland, OR 🇺🇸

Assigning credit. Thank you for preparing the issue!

🇺🇸United States hestenet Portland, OR 🇺🇸

Assigning credit. Thank you for preparing the issue!

🇺🇸United States hestenet Portland, OR 🇺🇸

hestenet created an issue.

🇺🇸United States hestenet Portland, OR 🇺🇸

Thanks for gathering all these together @ressa.

This will be postponed until Planet Drupal is ported over to the new site (don't want to invest time on the old site) - and then we will need to do a review and triage of these issues to see which make sense for the majority of planet drupal users.

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

Could you provide draft changes in a Google doc or similar? I could give you direct edit access as well, I suppose, and we have revision history - I'd just like to be able to easily track what changes we're making. (Though, as you say, this page is pretty out of date).

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

This charter has been reviewed and accepted by the Drupal Association.

🇺🇸United States hestenet Portland, OR 🇺🇸

hestenet made their first commit to this issue’s fork.

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

I've gone ahead and upgraded @johnpicozzi to have administer maintainers as well so that he can add @murz to assist.

🇺🇸United States hestenet Portland, OR 🇺🇸
🇺🇸United States hestenet Portland, OR 🇺🇸

Explanation of how to publish recipes on d.o

🇺🇸United States hestenet Portland, OR 🇺🇸

Strengthening the escalation process for abuse.

🇺🇸United States hestenet Portland, OR 🇺🇸

fixing 'enrollment to community tier coming soon' to 'open now'

🇺🇸United States hestenet Portland, OR 🇺🇸

Adding trial requirements

🇺🇸United States hestenet Portland, OR 🇺🇸
Production build 0.71.5 2024