User:Victor Grousset - tuxayo/Ready to paste messages
Jump to navigation
Jump to search
QA
Works, makes sense, QA script happy, code looks good, passing QA :)
Partial QA (not sure enough on the functional side):
Rebase
Rebased. (compared the diffs with the rebased version of the conflicting commit and the original to double check that the rebase didn't introduce unwanted changes)
RMaint
Backported: Pushed to 21.05.x branch for the upcoming release (21.05.21)
Not backported to oldoldstable (21.05.x). Feel free to ask if it's needed. Nothing to document it seems, marking resolved.
Missing dependencies for 21.05.x, it shouldn't be affected, no backport.
Missing dependencies for 21.05.x, can't backport.
Enhancement, not backported to 21.05.x. It's likely that the new strings won't be translated for oldoldstable at this point of the cycle for all but the few most actively translated languages. So that might actually be a translation regression even for languages that are almost fully translated. All that is just guesswork though.
Can't backport to 21.05.x: can't solve a conflict. If there is an interest in having this backported, please submit a patch for 21.05.
It doesn't apply cleanly on 21.05.x and the conflict isn't simple to solve. If there is an interest in having this backported, feel free to submit a patch for 21.05.
Can't be backported to 21.05.x due to dependence on bug TODO. So if someone is interested in this bug being backported to 21.05.x, send help to bug TODO ^^
Can't backport to 21.05.x, the code doesn't seem to have that part here (TODO_TODO_TODO). Maybe the feature wasn't here, maybe it moved from another file If interested, feel free to investigate further.
Meetings
Moving on, if we forgot something, say it so we come back to it later.
Conflict: explanation of the diff3 conflictStyle
Clarification of the diff3 conflictStyle display: <<<<<<< HEAD # code from current 20.05.x ======= # code from upstream 20.11.x before the patch ||||||| parent of 123abc123abc # code from upstream 20.11.x after the patch >>>>>>> 123abc123abc
tl;dr it adds a middle conflict section that shows the code before the patch being applied/cherry-picked/merged. So for RMaint we can see what are the changes that are due from the different Koha versions and not the patch changes.
Asking for test plan
I would like to try to test this. But I need a test plan as I don't know well enough this part of Koha to improvise one. It can looks like this: 1. Step to prepare some stuff 2. Another step 3. Do something else that exposes the current issue 4. Apply the patch 5. Redo some of the above steps 6. See that the issue is gone
Security ticket
When the topic of trusting the librarians comes up
There are certainly pros to trust librarians. We have other fishes to fry about security anyway. But even though that's not enough. Their account can be compromised by - a dictionary of common passwords - a password leak from another website or service - password social engineering - fishing - a malware stealing the password Or just a malware doing the job directly with the user session cookie. And also a privilege escalation attack can have much more impact if it allows to reach data that is too much trusted afterwards. [...]